CVSS: 6.5EPSS: 0%CPEs: 45EXPL: 0CVE-2019-6187
https://notcve.org/view.php?id=CVE-2019-6187
20 Nov 2019 — A stored CSV Injection vulnerability was reported in Lenovo XClarity Controller (XCC) that could allow an administrative or other appropriately permissioned user to store malformed data in certain XCC server informational fields, that could result in crafted formulas being stored in an exported CSV file. The crafted formula is not executed on XCC itself and has no effect on the server. Se reportó una vulnerabilidad de inyección CSV almacenada en Lenovo XClarity Controller (XCC) lo que podría permitir a un u... • https://support.lenovo.com/solutions/LEN-29118 • CWE-1236: Improper Neutralization of Formula Elements in a CSV File •
CVSS: 9.8EPSS: 1%CPEs: 67EXPL: 0CVE-2017-17833 – openslp: Heap memory corruption in slpd/slpd_process.c allows denial of service or potentially code execution
https://notcve.org/view.php?id=CVE-2017-17833
23 Apr 2018 — OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability. Las versiones de OpenSLP en las secuencias de código 1.0.2 y 1.1.0 tienen un problema de corrupción de memoria relacionada con la memoria dinámica (heap), que puede manifestarse como una vulnerabilidad de denegación de servicio (DoS) o de ejecución remota de código. A use-after-free flaw in OpenSLP 1.x and 2.x baselines wa... • http://support.lenovo.com/us/en/solutions/LEN-18247 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free •