Security Vulnerabilities - CVEs Published In August 2019
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.
CVSS Score
9.8
EPSS Score
0.275
Published
2019-08-26
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.
CVSS Score
9.8
EPSS Score
0.275
Published
2019-08-26
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution.
CVSS Score
8.8
EPSS Score
0.209
Published
2019-08-26
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak.
CVSS Score
6.5
EPSS Score
0.034
Published
2019-08-26
cgi-cpn/xcoding/prontus_videocut.cgi in AltaVoz Prontus (aka ProntusCMS) through 12.0.3.0 has "Improper Neutralization of Special Elements used in an OS Command," allowing attackers to execute OS commands via an HTTP GET parameter.
CVSS Score
9.8
EPSS Score
0.012
Published
2019-08-26
Discourse 2.3.2 sends the CSRF token in the query string.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-08-26
XENFCoreSharp before 2019-07-16 allows SQL injection in web/verify.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2019-08-26
An issue was discovered in the ammonia crate before 2.1.0 for Rust. There is uncontrolled recursion during HTML DOM tree serialization.
CVSS Score
7.5
EPSS Score
0.004
Published
2019-08-26
An issue was discovered in the slice-deque crate before 0.2.0 for Rust. There is memory corruption in certain allocation cases.
CVSS Score
9.8
EPSS Score
0.004
Published
2019-08-26
An issue was discovered in the protobuf crate before 2.6.0 for Rust. Attackers can exhaust all memory via Vec::reserve calls.
CVSS Score
7.5
EPSS Score
0.031
Published
2019-08-26