Export limit exceeded: 366468 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (366468 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-9178 | 1 Gitlab | 1 Gitlab | 2024-11-21 | N/A |
| An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Information Exposure (issue 4 of 5). | ||||
| CVE-2019-9176 | 1 Gitlab | 1 Gitlab | 2024-11-21 | N/A |
| An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows CSRF. | ||||
| CVE-2019-9175 | 1 Gitlab | 1 Gitlab | 2024-11-21 | N/A |
| An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Information Exposure (issue 3 of 5). | ||||
| CVE-2019-9174 | 1 Gitlab | 1 Gitlab | 2024-11-21 | N/A |
| An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows SSRF. | ||||
| CVE-2019-9172 | 1 Gitlab | 1 Gitlab | 2024-11-21 | N/A |
| An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Information Exposure (issue 2 of 5). | ||||
| CVE-2019-9171 | 1 Gitlab | 1 Gitlab | 2024-11-21 | N/A |
| An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Information Exposure (issue 1 of 5). | ||||
| CVE-2019-9170 | 1 Gitlab | 1 Gitlab | 2024-11-21 | N/A |
| An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control. | ||||
| CVE-2019-9169 | 5 Canonical, Gnu, Mcafee and 2 more | 7 Ubuntu Linux, Glibc, Web Gateway and 4 more | 2024-11-21 | 9.8 Critical |
| In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match. | ||||
| CVE-2019-9168 | 1 Woocommerce | 1 Woocommerce | 2024-11-21 | N/A |
| WooCommerce before 3.5.5 allows XSS via a Photoswipe caption. | ||||
| CVE-2019-9167 | 1 Nagios | 1 Nagios Xi | 2024-11-21 | 6.1 Medium |
| Cross-site scripting (XSS) vulnerability in Nagios XI before 5.5.11 allows attackers to inject arbitrary web script or HTML via the xiwindow parameter. | ||||
| CVE-2019-9166 | 1 Nagios | 1 Nagios Xi | 2024-11-21 | 7.8 High |
| Privilege escalation in Nagios XI before 5.5.11 allows local attackers to elevate privileges to root via write access to config.inc.php and import_xiconfig.php. | ||||
| CVE-2019-9165 | 1 Nagios | 1 Nagios Xi | 2024-11-21 | 9.8 Critical |
| SQL injection vulnerability in Nagios XI before 5.5.11 allows attackers to execute arbitrary SQL commands via the API when using fusekeys and malicious user id. | ||||
| CVE-2019-9164 | 1 Nagios | 1 Nagios Xi | 2024-11-21 | 8.8 High |
| Command injection in Nagios XI before 5.5.11 allows an authenticated users to execute arbitrary remote commands via a new autodiscovery job. | ||||
| CVE-2019-9163 | 1 Marchnetworks | 1 Command Client | 2024-11-21 | 9.8 Critical |
| The connection initiation process in March Networks Command Client before 2.7.2 allows remote attackers to execute arbitrary code via crafted XAML objects. | ||||
| CVE-2019-9162 | 3 Canonical, Linux, Netapp | 7 Ubuntu Linux, Linux Kernel, Cn1610 and 4 more | 2024-11-21 | 7.8 High |
| In the Linux kernel before 4.20.12, net/ipv4/netfilter/nf_nat_snmp_basic_main.c in the SNMP NAT module has insufficient ASN.1 length checks (aka an array index error), making out-of-bounds read and write operations possible, leading to an OOPS or local privilege escalation. This affects snmp_version and snmp_helper. | ||||
| CVE-2019-9161 | 1 Xinruidz | 2 Sundray Wan Controller, Sundray Wan Controller Firmware | 2024-11-21 | N/A |
| WAC on the Sangfor Sundray WLAN Controller version 3.7.4.2 and earlier has a Remote Code Execution issue allowing remote attackers to achieve full access to the system, because shell metacharacters in the nginx_webconsole.php Cookie header can be used to read an etc/config/wac/wns_cfg_admin_detail.xml file containing the admin password. (The password for root is the WebUI admin password concatenated with a static string.) | ||||
| CVE-2019-9160 | 1 Xinruidz | 2 Sundray Wan Controller, Sundray Wan Controller Firmware | 2024-11-21 | N/A |
| WAC on the Sangfor Sundray WLAN Controller version 3.7.4.2 and earlier has a backdoor account allowing a remote attacker to login to the system via SSH (on TCP port 22345) and escalate to root (because the password for root is the WebUI admin password concatenated with a static string). | ||||
| CVE-2019-9158 | 1 Gemalto | 1 Ezio Ds3 Server | 2024-11-21 | N/A |
| Gemalto DS3 Authentication Server 2.6.1-SP01 has Broken Access Control. | ||||
| CVE-2019-9157 | 1 Gemalto | 1 Ezio Ds3 Server | 2024-11-21 | N/A |
| Gemalto DS3 Authentication Server 2.6.1-SP01 allows Local File Disclosure. | ||||
| CVE-2019-9156 | 1 Gemalto | 1 Ezio Ds3 Server | 2024-11-21 | N/A |
| Gemalto DS3 Authentication Server 2.6.1-SP01 allows OS Command Injection. | ||||