Security Vulnerabilities - CVEs Published In August 2019
An issue was discovered in the smallvec crate before 0.6.10 for Rust. There is memory corruption for certain grow attempts with less than the current capacity.
CVSS Score
9.8
EPSS Score
0.004
Published
2019-08-26
Observational Health Data Sciences and Informatics (OHDSI) WebAPI before 2.7.2 allows SQL injection in FeatureExtractionService.java.
CVSS Score
9.8
EPSS Score
0.004
Published
2019-08-26
The Compassion Switzerland addons 10.01.4 for Odoo allow SQL injection in models/partner_compassion.py.
CVSS Score
9.8
EPSS Score
0.003
Published
2019-08-26
The ICOMMKT connector before 1.0.7 for PrestaShop allows SQL injection in icommktconnector.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2019-08-26
The Alfresco application before 1.8.7 for Android allows SQL injection in HistorySearchProvider.java.
CVSS Score
9.8
EPSS Score
0.003
Published
2019-08-26
OpenForis Arena before 2019-05-07 allows SQL injection in the sorting feature.
CVSS Score
9.8
EPSS Score
0.003
Published
2019-08-26
idseq-web before 2019-07-01 in Infectious Disease Sequencing Platform IDseq allows SQL injection via tax_levels.
CVSS Score
9.8
EPSS Score
0.003
Published
2019-08-26
HM Courts & Tribunals ccd-data-store-api before 2019-06-10 allows SQL injection, related to SearchQueryFactoryOperation.java and SortDirection.java.
CVSS Score
9.8
EPSS Score
0.003
Published
2019-08-26
BEdita through 4.0.0-RC2 allows SQL injection during a save operation for a relation with parameters.
CVSS Score
9.8
EPSS Score
0.003
Published
2019-08-26
The WEB control panel before 2019-04-30 for ClonOS allows SQL injection in clonos.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2019-08-26