Vulmon
Recent Vulnerabilities
Discussions
Trends
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
Recent vulnerabilities and exploits
5
CVSSv2
CVE-2018-11813
libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF....
Ijg
Libjpeg
3 Github repositories available
4.3
CVSSv2
CVE-2018-11214
An issue was discovered in libjpeg 9a. The get_text_rgb_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file....
Ijg
Libjpeg
Canonical
Ubuntu Linux
Debian
Debian Linux
3 Github repositories available
4.3
CVSSv2
CVE-2018-11213
An issue was discovered in libjpeg 9a. The get_text_gray_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file....
Ijg
Libjpeg
Canonical
Ubuntu Linux
Debian
Debian Linux
3 Github repositories available
4.3
CVSSv2
CVE-2018-11212
An issue was discovered in libjpeg 9a. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file....
Ijg
Libjpeg
Netapp
Oncommand Unified Manager
Oncommand Workflow Automation
Snapmanager
Oracle
Jdk
Jre
Redhat
Satellite
Enterprise Linux Desktop
Enterprise Linux Server
Enterprise Linux Workstation
Canonical
Ubuntu Linux
Debian
Debian Linux
Opensuse
Leap
3 Github repositories available
10
CVSSv2
CVE-2019-10842
Arbitrary code execution (via backdoor code) was discovered in bootstrap-sass 3.2.0.3, when downloaded from rubygems.org. An unauthenticated attacker can craft the ___cfduid cookie value with base64 arbitrary code to be executed via eval(), which can be leveraged to execute...
Getbootstrap
Bootstrap-sass
1 Github repository available
NA
CVE-2019-16026
A vulnerability in the implementation of the Stream Control Transmission Protocol (SCTP) on Cisco Mobility Management Entity (MME) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an eNodeB that is connected to an affected device....
NA
CVE-2019-16024
A vulnerability in the web-based management interface of Cisco Crosswork Change Automation could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The vulnerability...
NA
CVE-2019-15278
A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to bypass authorization and access sensitive information related to the device. The vulnerability exists because the software fails to sanitize URLs before it...
NA
CVE-2019-16008
A vulnerability in the web-based GUI of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of an affected system. The...
NA
CVE-2019-16005
A vulnerability in the web-based management interface of Cisco Webex Video Mesh could allow an authenticated, remote attacker to execute arbitrary commands on the affected system. The vulnerability is due to improper validation of user-supplied input by the web-based management...
1 Article available
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2019-16024
CVE-2019-19781
CVE-2020-0609
CVE-2019-5146
validation
CSRF
XPath injection
CVE-2019-20423
CVE-2019-20430
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »
Vulmon