Archive for the ‘NIST’ Category

CVE-2019-10016

GForge Advanced Server 6.4.4 allows XSS via the commonsearch.php words parameter, as demonstrated by a snippet/search/?words= substring.
Source: NIST
CVE-2019-10016

CVE-2019-10021

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nComps.
Source: NIST
CVE-2019-10021

CVE-2019-10020

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for x Bresenham parameters.
Source: NIST
CVE-2019-10020

CVE-2019-10026

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec in Function.cc for the psOpRoll case.
Source: NIST
CVE-2019-10026

CVE-2019-10027

PHPCMS 9.6.x through 9.6.3 has XSS via the mailbox (aka E-mail) field on the personal information screen.
Source: NIST
CVE-2019-10027

CVE-2019-10024

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for y Bresenham parameters.
Source: NIST
CVE-2019-10024

CVE-2019-10018

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case.
Source: NIST
CVE-2019-10018

CVE-2019-10022

An issue was discovered in Xpdf 4.01.01. There is a NULL pointer dereference in the function Gfx::opSetExtGState in Gfx.cc.
Source: NIST
CVE-2019-10022

CVE-2019-10025

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nBits.
Source: NIST
CVE-2019-10025

CVE-2019-10019

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PSOutputDev::checkPageSlice at PSOutputDev.cc for nStripes.
Source: NIST
CVE-2019-10019