GForge Advanced Server 6.4.4 allows XSS via the commonsearch.php words parameter, as demonstrated by a snippet/search/?words= substring. Source: NIST CVE-2019-10016
Category: NIST
CVE-2019-10026
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec in Function.cc for the psOpRoll case. Source: NIST CVE-2019-10026
CVE-2019-10027
PHPCMS 9.6.x through 9.6.3 has XSS via the mailbox (aka E-mail) field on the personal information screen. Source: NIST CVE-2019-10027
CVE-2019-10024
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for y Bresenham parameters. Source: NIST CVE-2019-10024
CVE-2019-10018
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case. Source: NIST CVE-2019-10018
CVE-2019-10022
An issue was discovered in Xpdf 4.01.01. There is a NULL pointer dereference in the function Gfx::opSetExtGState in Gfx.cc. Source: NIST CVE-2019-10022
CVE-2019-10025
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nBits. Source: NIST CVE-2019-10025
CVE-2019-10019
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PSOutputDev::checkPageSlice at PSOutputDev.cc for nStripes. Source: NIST CVE-2019-10019
CVE-2019-10023
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpMod case. Source: NIST CVE-2019-10023
CVE-2019-10021
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nComps. Source: NIST CVE-2019-10021