| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The mobi_reconstruct_parts function in parse_rawml.c in Libmobi 0.3 allows remote attackers to cause information disclosure (read access violation) via a crafted mobi file. |
| The mobi_decompress_huffman_internal function in compression.c in Libmobi 0.3 allows remote attackers to cause information disclosure (read access violation) via a crafted mobi file. |
| The transferFrom function of a smart contract implementation for DimonCoin (FUD), an Ethereum ERC20 token, allows attackers to steal assets (e.g., transfer all victims' balances into their account) because certain computations involving _value are incorrect. |
| Splunk through 7.0.1 allows information disclosure by appending __raw/services/server/info/server-info?output_mode=json to a query, as demonstrated by discovering a license key. |
| An issue was discovered in CppCMS before 1.2.1. There is a denial of service in the JSON parser module. |
| In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths. |
| In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet-ieee1905.c by making a certain correction to string handling. |
| An issue was discovered in Joomla! Core before 3.8.8. Inadequate checks allowed users to see the names of tags that were either unpublished or published with restricted view permission. |
| An issue was discovered in Joomla! Core before 3.8.8. The web install application would autofill password fields after either a form validation error or navigating to a previous install step, and display the plaintext password for the administrator account at the confirmation screen. |
| An issue was discovered in com_fields in Joomla! Core before 3.8.8. Inadequate filtering allows users authorised to create custom fields to manipulate the filtering options and inject an unvalidated option. |
| The UPnP HTTP server on Sonos wireless speaker products allow unauthorized access via a DNS rebinding attack. This can result in remote device control and privileged device and network information to be exfiltrated by an attacker. |
| The Local HTTP API in Radio Thermostat CT50 and CT80 1.04.84 and below products allows unauthorized access via a DNS rebinding attack. This can result in remote device temperature control, as demonstrated by a tstat t_heat request that accesses a device purchased in the Spring of 2018, and sets a home's target temperature to 95 degrees Fahrenheit. This vulnerability might be described as an addendum to CVE-2013-4860. |
| The External Control API in Roku and Roku TV products allow unauthorized access via a DNS Rebind attack. This can result in remote device control and privileged device and network information to be exfiltrated by an attacker. |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check of input received from userspace before copying into buffer can lead to potential array overflow in WLAN. |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, WLAN handler indication from the firmware gets the information for 4 access categories. While processing this information only the first 3 AC information is copied due to the improper conditional logic used to compare with the max number of categories. |
| In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016, incorrect control flow implementation in Video while checking buffer sufficiency. |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing user-space there is no size validation of the NAT entry input. If the user input size of the NAT entry is greater than the max allowed size, memory exhaustion will occur. |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, when flashing image using FastbootLib if size is not divisible by block size, information leak occurs. |
| In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper input validation can lead to an improper access to already freed up dci client entries while closing dci client. |
| In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. With a crafted .gitmodules file, a malicious project can execute an arbitrary script on a machine that runs "git clone --recurse-submodules" because submodule "names" are obtained from this file, and then appended to $GIT_DIR/modules, leading to directory traversal with "../" in a name. Finally, post-checkout hooks from a submodule are executed, bypassing the intended design in which hooks are not obtained from a remote server. |
