Search

Expected end of text, found '.' (at char 15), (line:1, col:16)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (354387 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2019-17320 1 Netsarang 1 Xftp 2024-11-21 9.8 Critical
NetSarang XFTP Client 6.0149 and earlier version contains a buffer overflow vulnerability caused by improper boundary checks when copying file name from an attacker controlled FTP server. That leads attacker to execute arbitrary code by sending a crafted filename.
CVE-2019-17319 1 Sugarcrm 1 Sugarcrm 2024-11-21 8.8 High
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Emails module by a Regular user.
CVE-2019-17318 1 Sugarcrm 1 Sugarcrm 2024-11-21 8.8 High
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Inbox module by a Regular user.
CVE-2019-17317 1 Sugarcrm 1 Sugarcrm 2024-11-21 7.2 High
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the UpgradeWizard module by an Admin user.
CVE-2019-17316 1 Sugarcrm 1 Sugarcrm 2024-11-21 8.8 High
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the Import module by a Regular user.
CVE-2019-17315 1 Sugarcrm 1 Sugarcrm 2024-11-21 7.2 High
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the Administration module by an Admin user.
CVE-2019-17314 1 Sugarcrm 1 Sugarcrm 2024-11-21 7.2 High
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the Configurator module by an Admin user.
CVE-2019-17313 1 Sugarcrm 1 Sugarcrm 2024-11-21 8.8 High
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the Studio module by a Developer user.
CVE-2019-17312 1 Sugarcrm 1 Sugarcrm 2024-11-21 8.8 High
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the file function by a Regular user.
CVE-2019-17311 1 Sugarcrm 1 Sugarcrm 2024-11-21 8.8 High
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the attachment function by a Regular user.
CVE-2019-17310 1 Sugarcrm 1 Sugarcrm 2024-11-21 7.2 High
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Campaigns module by an Admin user.
CVE-2019-17309 1 Sugarcrm 1 Sugarcrm 2024-11-21 7.2 High
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the EmailMan module by an Admin user.
CVE-2019-17308 1 Sugarcrm 1 Sugarcrm 2024-11-21 8.8 High
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Emails module by a Regular user.
CVE-2019-17307 1 Sugarcrm 1 Sugarcrm 2024-11-21 7.2 High
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Tracker module by an Admin user.
CVE-2019-17306 1 Sugarcrm 1 Sugarcrm 2024-11-21 7.2 High
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Configurator module by an Admin user.
CVE-2019-17305 1 Sugarcrm 1 Sugarcrm 2024-11-21 8.8 High
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Regular user.
CVE-2019-17304 1 Sugarcrm 1 Sugarcrm 2024-11-21 7.2 High
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by an Admin user.
CVE-2019-17303 1 Sugarcrm 1 Sugarcrm 2024-11-21 8.8 High
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Developer user.
CVE-2019-17302 1 Sugarcrm 1 Sugarcrm 2024-11-21 8.8 High
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the ModuleBuilder module by a Developer user.
CVE-2019-17301 1 Sugarcrm 1 Sugarcrm 2024-11-21 7.2 High
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the ModuleBuilder module by an Admin user.