Recent vulnerabilities and exploits

7.5
CVSSv2
CVE-2012-4438

Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers with read access and HTTP access to Jenkins master to insert data and execute arbitrary code....

NA
CVE-2019-10763

pimcore/pimcore before 6.3.0 is vulnerable to SQL Injection. An attacker with limited privileges (classes permission) can achieve a SQL injection that can lead in data leakage. The vulnerability can be exploited via 'id', 'storeId', 'pageSize' and...

NA
CVE-2019-18215

An issue was discovered in signmgr.dll 6.5.0.819 in Comodo Internet Security through 12.0. A DLL Preloading vulnerability allows an attacker to implant an unsigned DLL named iLog.dll in a partially unprotected product directory. This DLL is then loaded into a high-privileged...

NA
CVE-2019-12299

Sandline Centraleyezer (On Premises) allows Stored XSS using HTML entities in the name field of the Category section....

NA
CVE-2019-12311

Sandline Centraleyezer (On Premises) allows Unrestricted File Upload leading to Stored XSS. An HTML page running a script could be uploaded to the server. When a victim tries to download a CISO Report template, the script is loaded....

NA
CVE-2011-5331

Distributed Ruby (aka DRuby) 1.8 mishandles instance_eval....

NA
CVE-2011-5330

Distributed Ruby (aka DRuby) 1.8 mishandles the sending of syscalls....

NA
CVE-2019-5688

NVIDIA NVFlash, NVUFlash Tool prior to v5.588.0 and GPUModeSwitch Tool prior to 2019-11, NVIDIA kernel mode driver (nvflash.sys, nvflsh32.sys, and nvflsh64.sys) contains a vulnerability in which authenticated users with administrative privileges can gain access to device memory...

NA
CVE-2018-21031

Plex Media Server 1.18.2.2029-36236cc4c allows remote attackers to bypass intended access control because X-Plex-Token is mishandled, and can be retrieved from Tautulli....

NA
CVE-2019-10172

A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but in different classes....