CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2019-8904
https://notcve.org/view.php?id=CVE-2019-8904
do_bid_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printf and file_vprintf. do_bid_note en readelf.c en libmagic.a en la versión 5.35 de file tiene una sobrelectura de búfer basada en pila. • http://www.securityfocus.com/bid/107130 https://bugs.astron.com/view.php?id=62 https://usn.ubuntu.com/3911-1 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-20618
https://notcve.org/view.php?id=CVE-2018-20618
ok-file-formats through 2018-10-16 has a heap-based buffer over-read in the ok_mo_decode2 function in ok_mo.c. ok-file-formats hasta el 16/10/2018 tiene una sobrelectura de búfer basado en memoria dinámica (heap) en la función ok_mo_decode2 en ok_wav.c. • https://github.com/brackeen/ok-file-formats/issues/6 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-20617
https://notcve.org/view.php?id=CVE-2018-20617
ok-file-formats through 2018-10-16 has a heap-based buffer overflow in the ok_csv_decode2 function in ok_csv.c. ok-file-formats hasta el 16/10/2018 tiene un desbordamiento de búfer basado en memoria dinámica (heap) en la función ok_csv_decode2 en ok_wav.c. • https://github.com/brackeen/ok-file-formats/issues/5 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-20616
https://notcve.org/view.php?id=CVE-2018-20616
ok-file-formats through 2018-10-16 has a heap-based buffer overflow in the ok_wav_decode_ms_adpcm_data function in ok_wav.c. ok-file-formats hasta el 16/10/2018 tiene un desbordamiento de búfer basado en memoria dinámica (heap) en la función ok_wav_decode_ms_adpcm_data en ok_wav.c. • https://github.com/brackeen/ok-file-formats/issues/4 • CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2018-19041 – Media File Manager <= 1.4.2 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2018-19041
The Media File Manager plugin 1.4.2 for WordPress allows XSS via the dir parameter of an mrelocator_getdir action to the wp-admin/admin-ajax.php URI. El plugin Media File Manager 1.4.2 para WordPress permite Cross-Site Scripting (XSS) en el parámetro dir de una acción mrelocator_getdir en el URI wp-admin/admin-ajax.php. • https://www.exploit-db.com/exploits/45809 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •