Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

cve-2019-2725 vulnerabilities and exploits

(subscribe to this query)

5
CVSSv2
CVE-2019-5739
Keep-alive HTTP and HTTPS connections can remain open and inactive for up to 2 minutes in Node.js 6.16.0 and earlier. Node.js 8.0.0 introduced a dedicated server.keepAliveTimeout which defaults to 5 seconds. The behavior in Node.js 6.16.0 and earlier is a potential Denial of...
Nodejs Node.jsOpensuse Leap 42.3
7.2
CVSSv2
CVE-2019-5519
VMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600-201903001), Workstation (15.x before 15.0.4, 14.x before 14.1.7), Fusion (11.x before 11.0.3, 10.x before 10.1.6) contain a Time-of-check Time-of-use (TOCTOU) vulnerability in the virtual...
Vmware FusionVmware WorkstationVmware Esxi 6.0Vmware Esxi 6.5Vmware Esxi 6.7
9.3
CVSSv2
CVE-2019-5736
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new...
Docker DockerLinuxfoundation RuncLinuxfoundation Runc 1.0.0Redhat Container Development Kit 3.7Redhat Openshift 3.4Redhat Openshift 3.5Redhat Openshift 3.6Redhat Openshift 3.7Redhat Enterprise Linux 8.0Redhat Enterprise Linux Server 7.0Google Kubernetes Engine -Linuxcontainers LxcHp Onesphere -Netapp Hci Management Node -Netapp Solidfire -Apache MesosOpensuse Backports Sle 15.0Opensuse Leap 15.0Opensuse Leap 15.1Opensuse Leap 42.3Mesosphere Kubernetes EngineMesosphere Dc\\/osFedoraproject Fedora 29Fedoraproject Fedora 30Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 18.10Canonical Ubuntu Linux 19.04Microfocus Service Management Automation 2018.02Microfocus Service Management Automation 2018.05Microfocus Service Management Automation 2018.08Microfocus Service Management Automation 2018.11
4.3
CVSSv2
CVE-2019-6465
Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview...
Isc BindIsc Bind 9.9.3Isc Bind 9.10.8Isc Bind 9.11.5Isc Bind 9.12.3Redhat Enterprise Linux 8.0
5
CVSSv2
CVE-2017-10271
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with...
Oracle Weblogic Server 10.3.6.0.0Oracle Weblogic Server 12.1.3.0.0Oracle Weblogic Server 12.2.1.1.0Oracle Weblogic Server 12.2.1.2.0
5.5
CVSSv2
CVE-2018-2725
Vulnerability in the Oracle Financial Services Hedge Management and IFRS Valuations component of Oracle Financial Services Applications (subcomponent: User Interface). The supported version that is affected is 8.0.x. Easily exploitable vulnerability allows low privileged...
Oracle Financial Services Hedge Management And Ifrs Valuations 8.0.5
7.5
CVSSv2
CVE-2007-2725
The DB Software Laboratory DeWizardX (DEWizardAX.ocx) ActiveX control allows remote attackers to overwrite arbitrary files via the SaveToFile function....
Db Soft Lab Dewizardx
10
CVSSv2
CVE-2013-2725
Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720,...
Adobe Acrobat Reader 9.0Adobe Acrobat Reader 9.1Adobe Acrobat Reader 9.1.1Adobe Acrobat Reader 9.1.2Adobe Acrobat Reader 9.1.3Adobe Acrobat Reader 9.2Adobe Acrobat Reader 9.3Adobe Acrobat Reader 9.3.1Adobe Acrobat Reader 9.3.2Adobe Acrobat Reader 9.3.3Adobe Acrobat Reader 9.3.4Adobe Acrobat Reader 9.4Adobe Acrobat Reader 9.4.1Adobe Acrobat Reader 9.4.2Adobe Acrobat Reader 9.4.3Adobe Acrobat Reader 9.4.4Adobe Acrobat Reader 9.4.5Adobe Acrobat Reader 9.4.6Adobe Acrobat Reader 9.4.7Adobe Acrobat Reader 9.5Adobe Acrobat Reader 9.5.1Adobe Acrobat Reader 9.5.2Adobe Acrobat Reader 9.5.3Adobe Acrobat Reader 9.5.4Adobe Acrobat Reader 10.0Adobe Acrobat Reader 10.0.1Adobe Acrobat Reader 10.0.2Adobe Acrobat Reader 10.0.3Adobe Acrobat Reader 10.1Adobe Acrobat Reader 10.1.1Adobe Acrobat Reader 10.1.2Adobe Acrobat Reader 10.1.3Adobe Acrobat Reader 10.1.4Adobe Acrobat Reader 10.1.5Adobe Acrobat Reader 10.1.6Adobe Acrobat Reader 11.0Adobe Acrobat Reader 11.0.1Adobe Acrobat Reader 11.0.2Adobe Acrobat 9.0Adobe Acrobat 9.1Adobe Acrobat 9.1.1Adobe Acrobat 9.1.2Adobe Acrobat 9.1.3Adobe Acrobat 9.2Adobe Acrobat 9.3Adobe Acrobat 9.3.1Adobe Acrobat 9.3.2Adobe Acrobat 9.3.3Adobe Acrobat 9.3.4Adobe Acrobat 9.4Adobe Acrobat 9.4.1Adobe Acrobat 9.4.2Adobe Acrobat 9.4.3Adobe Acrobat 9.4.4Adobe Acrobat 9.4.5Adobe Acrobat 9.4.6Adobe Acrobat 9.4.7Adobe Acrobat 9.5Adobe Acrobat 9.5.1Adobe Acrobat 9.5.2Adobe Acrobat 9.5.3Adobe Acrobat 9.5.4Adobe Acrobat 10.0Adobe Acrobat 10.0.1Adobe Acrobat 10.0.2Adobe Acrobat 10.0.3Adobe Acrobat 10.1Adobe Acrobat 10.1.1Adobe Acrobat 10.1.2Adobe Acrobat 10.1.3Adobe Acrobat 10.1.4Adobe Acrobat 10.1.5Adobe Acrobat 10.1.6Adobe Acrobat 11.0Adobe Acrobat 11.0.1Adobe Acrobat 11.0.2
NA
CVE-2016-2725
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none....
2.1
CVSSv2
CVE-2005-2725
The inputtrap utility in QNX RTOS 6.1.0, 6.3, and possibly earlier versions does not properly check permissions when the -t flag is specified, which allows local users to read arbitrary files....
Qnx Rtos 6.1.0Qnx Rtos 6.3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middleCVE-2021-20661CVE-2020-4953CVE-2018-19518CVE-2021-27645CVE-2021-3156CVE-2021-26684deserializationwireless