CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
2301 CVE-2019-17212 787 Overflow 2019-11-05 2020-08-24
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflows were discovered in the CoAP library in Arm Mbed OS 5.14.0. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse() parses CoAP input linearly using a while loop. Once an option is parsed in a loop, the current point (*packet_data_pptr) is increased correspondingly. The pointer is restricted by the size of the received buffer, as well as by the 0xFF delimiter byte. Inside each while loop, the check of the value of *packet_data_pptr is not strictly enforced. More specifically, inside a loop, *packet_data_pptr could be increased and then dereferenced without checking. Moreover, there are many other functions in the format of sn_coap_parser_****() that do not check whether the pointer is within the bounds of the allocated buffer. All of these lead to heap-based or stack-based buffer overflows, depending on how the CoAP packet buffer is allocated.
2302 CVE-2019-17211 190 Overflow 2019-11-05 2019-11-13
10.0
None Remote Low Not required Complete Complete Complete
An integer overflow was discovered in the CoAP library in Arm Mbed OS 5.14.0. The function sn_coap_builder_calc_needed_packet_data_size_2() is used to calculate the required memory for the CoAP message from the sn_coap_hdr_s data structure. Both returned_byte_count and src_coap_msg_ptr->payload_len are of type uint16_t. When added together, the result returned_byte_count can wrap around the maximum uint16_t value. As a result, insufficient buffer space is allocated for the corresponding CoAP message.
2303 CVE-2019-17186 20 Exec Code 2019-10-08 2021-07-21
9.0
None Remote Low ??? Complete Complete Complete
/var/WEB-GUI/cgi-bin/telnet.cgi on FiberHome HG2201T 1.00.M5007_JS_201804 devices allows pre-authentication remote code execution.
2304 CVE-2019-17181 120 Overflow 2019-10-28 2019-11-01
10.0
None Remote Low Not required Complete Complete Complete
A remote SEH buffer overflow has been discovered in IntraSrv 1.0 (2007-06-03). An attacker may send a crafted HTTP GET or HEAD request that can result in a compromise of the hosting system.
2305 CVE-2019-17147 120 Exec Code 2020-01-07 2020-01-14
9.3
None Remote Medium Not required Complete Complete Complete
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-LINK TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 80 by default. When parsing the Host request header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length static buffer. An attacker can leverage this vulnerability to execute code in the context of the admin user. Was ZDI-CAN-8457.
2306 CVE-2019-17146 306 Exec Code 2020-01-07 2021-10-29
10.0
None Remote Low Not required Complete Complete Complete
This vulnerability allows remote attackers to execute arbitrary code on affected installations of D-Link DCS-960L v1.07.102. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HNAP service, which listens on TCP port 80 by default. When parsing the SOAPAction request header, the process does not properly validate the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the admin user. Was ZDI-CAN-8458.
2307 CVE-2019-17124 276 2019-10-09 2019-10-15
10.0
None Remote Low Not required Complete Complete Complete
Kramer VIAware 2.5.0719.1034 has Incorrect Access Control.
2308 CVE-2019-17102 367 Exec Code 2020-01-27 2020-02-03
9.3
None Remote Medium Not required Complete Complete Complete
An exploitable command execution vulnerability exists in the recovery partition of Bitdefender BOX 2, version 2.0.1.91. The API method `/api/update_setup` does not perform firmware signature checks atomically, leading to an exploitable race condition (TOCTTOU) that allows arbitrary execution of system commands. This issue affects: Bitdefender Bitdefender BOX 2 versions prior to 2.1.47.36.
2309 CVE-2019-17096 78 2020-01-27 2020-01-31
9.3
None Remote Medium Not required Complete Complete Complete
A OS Command Injection vulnerability in the bootstrap stage of Bitdefender BOX 2 allows the manipulation of the `get_image_url()` function in special circumstances to inject a system command.
2310 CVE-2019-17095 78 Exec Code 2020-01-27 2020-02-01
10.0
None Remote Low Not required Complete Complete Complete
A command injection vulnerability has been discovered in the bootstrap stage of Bitdefender BOX 2, versions 2.1.47.42 and 2.1.53.45. The API method `/api/download_image` unsafely handles the production firmware URL supplied by remote servers, leading to arbitrary execution of system commands. In order to exploit the condition, an unauthenticated attacker should impersonate a infrastructure server to trigger this vulnerability.
2311 CVE-2019-17059 78 Exec Code 2019-10-11 2020-08-24
10.0
None Remote Low Not required Complete Complete Complete
A shell injection vulnerability on the Sophos Cyberoam firewall appliance with CyberoamOS before 10.6.6 MR-6 allows remote attackers to execute arbitrary commands via the Web Admin and SSL VPN consoles.
2312 CVE-2019-17046 434 Exec Code 2019-09-30 2019-10-04
9.0
None Remote Low ??? Complete Complete Complete
Ilch 2.1.22 allows remote code execution because php is listed under "Allowed files" on the index.php/admin/media/settings/index page.
2313 CVE-2019-17006 345 Overflow 2020-10-22 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.
2314 CVE-2019-16965 78 Exec Code 2019-10-21 2020-08-24
9.0
None Remote Low ??? Complete Complete Complete
resources/cmd.php in FusionPBX up to 4.5.7 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated administrative attackers to execute any commands on the host as www-data.
2315 CVE-2019-16964 78 Exec Code 2019-10-21 2020-08-24
9.0
None Remote Low ??? Complete Complete Complete
app/call_centers/cmd.php in the Call Center Queue Module in FusionPBX up to 4.5.7 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated attackers (with at least the permission call_center_queue_add or call_center_queue_edit) to execute any commands on the host as www-data.
2316 CVE-2019-16920 78 Exec Code 2019-09-27 2019-10-10
10.0
None Remote Low Not required Complete Complete Complete
Unauthenticated remote code execution occurs in D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565. The issue occurs when the attacker sends an arbitrary input to a "PingTest" device common gateway interface that could lead to common injection. An attacker who successfully triggers the command injection could achieve full system compromise. Later, it was independently found that these are also affected: DIR-855L, DAP-1533, DIR-862L, DIR-615, DIR-835, and DIR-825.
2317 CVE-2019-16872 2019-11-07 2020-08-24
9.0
None Remote Low ??? Complete Complete Complete
Portainer before 1.22.1 has Incorrect Access Control (issue 1 of 4).
2318 CVE-2019-16871 20 Exec Code 2019-12-19 2021-07-21
9.3
None Remote Medium Not required Complete Complete Complete
Beckhoff Embedded Windows PLCs through 3.1.4024.0, and Beckhoff Twincat on Windows Engineering stations, allow an attacker to achieve Remote Code Execution (as SYSTEM) via the Beckhoff ADS protocol.
2319 CVE-2019-16767 2019-11-29 2020-10-16
9.0
None Remote Low ??? Complete Complete Complete
The admin sys mode is now conditional and dedicated for the special case. By default, since ezmaster@5.2.11 no instance (container) is launched with advanced capabilities (not launched as root)
2320 CVE-2019-16737 78 Exec Code 2019-12-13 2019-12-18
10.0
None Remote Low Not required Complete Complete Complete
The processCommandSetMac() function of libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user.
2321 CVE-2019-16736 787 DoS Overflow 2019-12-13 2019-12-18
10.0
None Remote Low Not required Complete Complete Complete
A stack-based buffer overflow in processCommandUploadSnapshot in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to cause denial of service or run arbitrary code as the root user.
2322 CVE-2019-16735 787 DoS Overflow 2019-12-13 2019-12-18
10.0
None Remote Low Not required Complete Complete Complete
A stack-based buffer overflow in processCommandUploadLog in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to cause denial of service or run arbitrary code as the root user.
2323 CVE-2019-16734 798 Exec Code 2019-12-13 2019-12-18
10.0
None Remote Low Not required Complete Complete Complete
Use of default credentials for the TELNET server in Petwant PF-103 firmware 4.3.2.50 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user.
2324 CVE-2019-16733 78 Exec Code 2019-12-13 2019-12-18
10.0
None Remote Low Not required Complete Complete Complete
processCommandSetUid() in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user.
2325 CVE-2019-16732 347 2019-12-13 2021-07-21
9.3
None Remote Medium Not required Complete Complete Complete
Unencrypted HTTP communications for firmware upgrades in Petalk AI and PF-103 allow man-in-the-middle attackers to run arbitrary code as the root user.
2326 CVE-2019-16730 20 Exec Code 2019-12-13 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
processCommandUpgrade() in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user.
2327 CVE-2019-16701 78 2019-09-25 2019-09-25
9.0
None Remote Low ??? Complete Complete Complete
pfSense through 2.3.4 through 2.4.4-p3 allows Remote Code Injection via a methodCall XML document with a pfsense.exec_php call containing shell metacharacters in a parameter value.
2328 CVE-2019-16663 78 Exec Code 2019-10-28 2019-10-29
9.0
None Remote Low ??? Complete Complete Complete
An issue was discovered in rConfig 3.9.2. An attacker can directly execute system commands by sending a GET request to search.crud.php because the catCommand parameter is passed to the exec function without filtering, which can lead to command execution.
2329 CVE-2019-16662 78 Exec Code 2019-10-28 2019-10-29
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered in rConfig 3.9.2. An attacker can directly execute system commands by sending a GET request to ajaxServerSettingsChk.php because the rootUname parameter is passed to the exec function without filtering, which can lead to command execution.
2330 CVE-2019-16647 428 2019-10-29 2019-11-05
9.0
None Remote Low ??? Complete Complete Complete
Unquoted Search Path in Maxthon 5.1.0 to 5.2.7 Browser for Windows.
2331 CVE-2019-16530 434 Exec Code 2019-10-21 2019-10-22
9.0
None Remote Low ??? Complete Complete Complete
Sonatype Nexus Repository Manager 2.x before 2.14.15 and 3.x before 3.19, and IQ Server before 72, has remote code execution.
2332 CVE-2019-16508 190 Overflow +Priv 2019-10-01 2019-10-08
9.3
None Remote Medium Not required Complete Complete Complete
The Imagination Technologies driver for Chrome OS before R74-11895.B, R75 before R75-12105.B, and R76 before R76-12208.0.0 allows attackers to trigger an Integer Overflow and gain privileges via a malicious application. This occurs because of intentional access for the GPU process to /dev/dri/card1 and the PowerVR ioctl handler, as demonstrated by PVRSRVBridgeSyncPrimOpCreate.
2333 CVE-2019-16464 416 Exec Code 2019-12-19 2021-09-08
10.0
None Remote Low Not required Complete Complete Complete
Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
2334 CVE-2019-16463 119 Exec Code Overflow 2019-12-19 2021-09-08
10.0
None Remote Low Not required Complete Complete Complete
Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .
2335 CVE-2019-16462 Exec Code 2019-12-19 2021-09-08
10.0
None Remote Low Not required Complete Complete Complete
Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution .
2336 CVE-2019-16460 119 Exec Code Overflow 2019-12-19 2021-09-08
10.0
None Remote Low Not required Complete Complete Complete
Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .
2337 CVE-2019-16459 416 Exec Code 2019-12-19 2021-09-08
10.0
None Remote Low Not required Complete Complete Complete
Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
2338 CVE-2019-16455 119 Exec Code Overflow 2019-12-19 2021-09-08
10.0
None Remote Low Not required Complete Complete Complete
Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .
2339 CVE-2019-16454 787 Exec Code 2019-12-19 2021-09-08
10.0
None Remote Low Not required Complete Complete Complete
Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .
2340 CVE-2019-16453 Exec Code Bypass 2019-12-19 2021-09-08
10.0
None Remote Low Not required Complete Complete Complete
Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have a security bypass vulnerability. Successful exploitation could lead to arbitrary code execution.
2341 CVE-2019-16452 416 Exec Code 2019-12-19 2021-09-08
10.0
None Remote Low Not required Complete Complete Complete
Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
2342 CVE-2019-16451 787 Exec Code Overflow 2019-12-19 2021-11-22
10.0
None Remote Low Not required Complete Complete Complete
Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .
2343 CVE-2019-16450 787 Exec Code 2019-12-19 2021-09-08
10.0
None Remote Low Not required Complete Complete Complete
Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .
2344 CVE-2019-16448 416 Exec Code 2019-12-19 2021-09-08
10.0
None Remote Low Not required Complete Complete Complete
Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
2345 CVE-2019-16446 119 Exec Code Overflow 2019-12-19 2021-09-08
10.0
None Remote Low Not required Complete Complete Complete
Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .
2346 CVE-2019-16445 416 Exec Code 2019-12-19 2021-09-08
10.0
None Remote Low Not required Complete Complete Complete
Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
2347 CVE-2019-16405 20 Exec Code 2019-11-21 2021-07-21
9.0
None Remote Low ??? Complete Complete Complete
Centreon Web before 2.8.30, 18.10.x before 18.10.8, 19.04.x before 19.04.5 and 19.10.x before 19.10.2 allows Remote Code Execution by an administrator who can modify Macro Expression location settings. CVE-2019-16405 and CVE-2019-17501 are similar to one another and may be the same.
2348 CVE-2019-16284 Exec Code 2019-11-05 2020-08-24
9.0
None Remote Low ??? Complete Complete Complete
A potential security vulnerability has been identified in multiple HP products and versions which involves possible execution of arbitrary code during boot services that can result in elevation of privilege. The EFI_BOOT_SERVICES structure might be overwritten by an attacker to execute arbitrary SMM (System Management Mode) code. A list of affected products and versions are available in https://support.hp.com/rs-en/document/c06456250.
2349 CVE-2019-16273 Exec Code 2020-01-06 2020-08-24
10.0
None Remote Low Not required Complete Complete Complete
DTEN D5 and D7 before 1.3.4 devices allow unauthenticated root shell access through Android Debug Bridge (adb), leading to arbitrary code execution and system administration. Also, this provides a covert ability to capture screen data from the Zoom Client on Windows by executing commands on the Android OS.
2350 CVE-2019-16213 78 Exec Code 2020-06-25 2020-07-01
9.0
None Remote Low ??? Complete Complete Complete
Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted string, an attacker could modify the device name of an attached PLC adapter to inject and execute arbitrary commands on the system with root privileges.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.