Vulnerability Summary for the Week of September 30, 2019
Released
Oct 07, 2019
Document ID
SB19-280
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
High Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| adobe -- coldfusion | ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Command Injection via Vulnerable component vulnerability. Successful exploitation could lead to Arbitrary code execution in the context of the current user. | 2019-09-27 | 10.0 | CVE-2019-8073 CONFIRM |
| adobe -- coldfusion | ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Path Traversal vulnerability. Successful exploitation could lead to Access Control Bypass in the context of the current user. | 2019-09-27 | 10.0 | CVE-2019-8074 CONFIRM |
| corsair -- link | The "CLink4Service" service is installed with Corsair Link 4.9.7.35 with insecure permissions by default. This allows unprivileged users to take control of the service and execute commands in the context of NT AUTHORITY\SYSTEM, leading to total system takeover, a similar issue to CVE-2018-12441. | 2019-09-27 | 7.2 | CVE-2018-19592 MISC MISC |
| dlink -- dhp-1565_firmware | Unauthenticated remote code execution occurs in D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565. The issue occurs when the attacker sends an arbitrary input to a "PingTest" device common gateway interface that could lead to common injection. An attacker who successfully triggers the command injection could achieve full system compromise. | 2019-09-27 | 10.0 | CVE-2019-16920 MISC |
| exim -- exim | Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command. | 2019-09-27 | 7.5 | CVE-2019-16928 MLIST MLIST MLIST MLIST MISC MISC MISC FEDORA FEDORA BUGTRAQ UBUNTU DEBIAN |
| google -- android | In the Bluetooth stack, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113575306 | 2019-09-27 | 7.2 | CVE-2019-9259 MISC |
| google -- android | In sensorservice, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-119501435 | 2019-09-27 | 7.2 | CVE-2019-9266 MISC |
| google -- android | In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112663384 | 2019-09-27 | 7.5 | CVE-2019-9301 MISC |
| google -- android | In libstagefright, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-128431761 | 2019-09-27 | 7.1 | CVE-2019-9348 MISC |
| google -- android | In libstagefright, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-124330204 | 2019-09-27 | 7.1 | CVE-2019-9349 MISC |
| google -- android | In Bluetooth, there is a possible deserialization error due to missing string validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-109838537 | 2019-09-27 | 7.5 | CVE-2019-9365 MISC |
| google -- android | In libvpx, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-132783254 | 2019-09-27 | 7.1 | CVE-2019-9371 MISC |
| google -- android | In libskia, there is a possible crash due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-132782448 | 2019-09-27 | 7.1 | CVE-2019-9372 MISC |
| google -- android | In libstagefright, there is a possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-124329638 | 2019-09-27 | 7.1 | CVE-2019-9379 MISC |
| google -- android | In LockPatternUtils, there is a possible escalation of privilege due to an improper permissions check. This could lead to local bypass of the Lockguard with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120568007 | 2019-09-27 | 7.2 | CVE-2019-9384 MISC |
| google -- android | In libstagefright, there is a possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111450210 | 2019-09-27 | 7.1 | CVE-2019-9418 MISC |
| google -- android | In libttspico, there is a possible OOB write due to a heap buffer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-79593569 | 2019-09-27 | 7.5 | CVE-2019-9459 MISC |
| govicture -- pc530_firmware | Victure PC530 devices allow unauthenticated TELNET access as root. | 2019-10-01 | 10.0 | CVE-2019-15940 MISC MISC |
| idcos -- cloudboot | CloudBoot through 2019-03-08 allows SQL Injection via a crafted Status field in JSON data to the api/osinstall/v1/device/getNumByStatus URI. | 2019-09-30 | 7.5 | CVE-2019-16999 MISC |
| ilch -- ilch_cms | Ilch 2.1.22 allows remote code execution because php is listed under "Allowed files" on the index.php/admin/media/settings/index page. | 2019-09-30 | 9.0 | CVE-2019-17046 MISC |
| jetbrains -- ktor | JetBrains Ktor framework before 1.2.0-rc does not sanitize the username provided by the user for the LDAP protocol, leading to command injection. | 2019-10-02 | 7.5 | CVE-2019-12736 CONFIRM |
| jetbrains -- teamcity | An issue was discovered in JetBrains TeamCity 2018.2.4. A TeamCity Project administrator could execute any command on the server machine. The issue was fixed in TeamCity 2018.2.5 and 2019.1. | 2019-10-02 | 9.0 | CVE-2019-15036 CONFIRM |
| linux -- linux_kernel | In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when register_netdev() fails to register sitn->fb_tunnel_dev, which may cause denial of service, aka CID-07f12b26e21a. | 2019-09-30 | 7.8 | CVE-2019-16994 MISC MISC |
| linux -- linux_kernel | In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d. | 2019-09-30 | 7.8 | CVE-2019-16995 MISC MISC MISC |
| mozilla -- firefox | Mozilla developers and community members reported memory safety bugs present in Firefox 68. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 69. | 2019-09-27 | 7.5 | CVE-2019-11734 MISC CONFIRM |
| mozilla -- firefox | Mozilla developers and community members reported memory safety bugs present in Firefox 68 and Firefox ESR 68. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1. | 2019-09-27 | 7.5 | CVE-2019-11735 SUSE SUSE MISC CONFIRM CONFIRM |
| mozilla -- firefox | Mozilla developers and community members reported memory safety bugs present in Firefox 68, Firefox ESR 68, and Firefox 60.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1. | 2019-09-27 | 7.5 | CVE-2019-11740 SUSE SUSE SUSE SUSE MISC CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| mozilla -- firefox | It is possible to delete an IndexedDB key value and subsequently try to extract it during conversion. This results in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1. | 2019-09-27 | 9.3 | CVE-2019-11752 SUSE SUSE SUSE SUSE MISC CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| plataformatec -- simple_form | Plataformatec Simple Form has Incorrect Access Control in file_method? in lib/simple_form/form_builder.rb, because a user-supplied string is invoked as a method call. | 2019-09-30 | 7.5 | CVE-2019-16676 CONFIRM MISC MISC |
| qualcomm -- ipq4019_firmware | Improper validation of read and write index of tx and rx fifo`s before using for data copy from fifo can lead to out-of-bound access. in Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, QCS405, SD 665, SD 675, SD 730, SD 855 | 2019-09-30 | 7.2 | CVE-2019-10499 CONFIRM |
| qualcomm -- ipq8074_firmware | Possible buffer overflow issue due to lack of length check when parsing the extended cap IE header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574, QCA6574AU, QCA6584, QCA8081, QCA9379, QCS404, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, SXR1130 | 2019-09-30 | 10.0 | CVE-2019-10539 CONFIRM |
| qualcomm -- ipq8074_firmware | Buffer overflow in WLAN NAN function due to lack of check of count value received in NAN availability attribute in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, MSM8996AU, QCA6174A, QCA6574AU, QCA8081, QCA9377, QCA9379, QCS404, QCS405, QCS605, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SXR1130 | 2019-09-30 | 10.0 | CVE-2019-10540 CONFIRM |
| qualcomm -- mdm9205_firmware | Usage of hard-coded magic number for calculating heap guard bytes can allow users to corrupt heap blocks without heap algorithm knowledge in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9655, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130 | 2019-09-30 | 10.0 | CVE-2019-2294 CONFIRM |
| qualcomm -- mdm9206_firmware | Possible null-pointer dereference can occur while parsing avi clip during copy in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W, MSM8996AU, QCA6574AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20 | 2019-09-30 | 7.8 | CVE-2019-10489 CONFIRM |
| qualcomm -- mdm9607_firmware | Boot image not getting verified by AVB in Snapdragon Auto, Snapdragon Mobile, Snapdragon Wearables in MDM9607, MSM8909W, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 820, SD 820A, SDM439 | 2019-09-30 | 7.2 | CVE-2019-10492 CONFIRM |
| qualcomm -- mdm9650_firmware | Classic buffer overflow vulnerability while playing the specific video whose Decode picture buffer size is more than 16 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130 | 2019-09-30 | 10.0 | CVE-2019-2252 CONFIRM |
| qualcomm -- msm8909w_firmware | Device record of the pairing device used after free during ACL disconnection in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCA6574AU, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016 | 2019-09-30 | 10.0 | CVE-2019-10509 CONFIRM |
| qualcomm -- msm8909w_firmware | Lack of check of address range received from firmware response allows modem to respond arbitrary pages into its address range which can compromise HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM660, SDX20, SDX24 | 2019-09-30 | 10.0 | CVE-2019-10538 CONFIRM |
| qualcomm -- qcs405_firmware | BT process died and BT toggled due to null pointer dereference when invalid vendor pass through command sent from remote in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music in QCS405, QCS605, SD 636, SD 675, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM630, SDM660 | 2019-09-30 | 8.5 | CVE-2019-10510 CONFIRM |
| rsyslog -- rsyslog | contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bounds access because the level length is mishandled. | 2019-09-30 | 7.5 | CVE-2019-17040 MISC |
| salesagility -- suitecrm | SuiteCRM 7.11.x and 7.10.x before 7.11.8 and 7.10.20 is vulnerable to vertical privilege escalation. | 2019-10-02 | 7.5 | CVE-2019-14454 CONFIRM CONFIRM |
| tcpdump -- tcpdump | The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print(). | 2019-10-03 | 7.5 | CVE-2018-14468 MISC CONFIRM |
| tcpdump -- tcpdump | The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file(). | 2019-10-03 | 7.5 | CVE-2018-14879 MISC CONFIRM |
| tcpdump -- tcpdump | The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr(). | 2019-10-03 | 7.5 | CVE-2018-14880 MISC CONFIRM |
| tcpdump -- tcpdump | The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART). | 2019-10-03 | 7.5 | CVE-2018-14881 MISC CONFIRM |
| tcpdump -- tcpdump | The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. | 2019-10-03 | 7.5 | CVE-2018-14882 MISC CONFIRM |
| tcpdump -- tcpdump | The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield. | 2019-10-03 | 7.5 | CVE-2018-16227 MISC CONFIRM |
| tcpdump -- tcpdump | The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix(). | 2019-10-03 | 7.5 | CVE-2018-16228 MISC CONFIRM |
| tcpdump -- tcpdump | The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option(). | 2019-10-03 | 7.5 | CVE-2018-16229 MISC CONFIRM |
| tcpdump -- tcpdump | The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI). | 2019-10-03 | 7.5 | CVE-2018-16230 MISC CONFIRM |
| tcpdump -- tcpdump | The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN. | 2019-10-03 | 7.5 | CVE-2018-16451 MISC CONFIRM |
| tcpdump -- tcpdump | lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. | 2019-10-03 | 7.5 | CVE-2019-15166 MISC CONFIRM |
| umbraco -- umbraco | In Umbraco 7.3.8, there is SQL Injection in the backoffice/PageWApprove/PageWApproveApi/GetInpectSearch method via the nodeName parameter. | 2019-10-02 | 7.5 | CVE-2019-13957 MISC MISC |
Medium Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| adobe -- coldfusion | ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Security bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user. | 2019-09-27 | 5.0 | CVE-2019-8072 CONFIRM |
| adobe -- flash_player | Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user. | 2019-09-27 | 5.0 | CVE-2019-8075 CONFIRM |
| dell -- emc_integrated_data_protection_appliance_firmware | Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a password storage vulnerability in the ACM component. A remote authenticated malicious user with root privileges may potentially use a support tool to decrypt encrypted passwords stored locally on the system to use it to access other components using the privileges of the compromised user. | 2019-09-27 | 4.0 | CVE-2019-3736 CONFIRM |
| dell -- emc_integrated_data_protection_appliance_firmware | Dell EMC Integrated Data Protection Appliance versions prior to 2.3 do not limit the number of authentication attempts to the ACM API. An authenticated remote user may exploit this vulnerability to launch a brute-force authentication attack in order to gain access to the system. | 2019-09-27 | 6.5 | CVE-2019-3746 CONFIRM |
| ebrigade -- ebrigade | eBrigade before 5.0 has evenement_ical.php evenement SQL Injection. | 2019-09-30 | 6.5 | CVE-2019-16743 MISC MISC |
| ebrigade -- ebrigade | eBrigade before 5.0 has evenements.php cid SQL Injection. | 2019-09-30 | 6.5 | CVE-2019-16744 MISC MISC |
| ebrigade -- ebrigade | eBrigade before 5.0 has evenement_choice.php chxCal SQL Injection. | 2019-09-30 | 6.5 | CVE-2019-16745 MISC MISC |
| emlog -- emlog | emlog through 6.0.0beta allows remote authenticated users to delete arbitrary files via admin/template.php?action=del&tpl=../ directory traversal. | 2019-10-01 | 5.5 | CVE-2019-17073 MISC |
| esafenet -- cdg | CDG through 2017-01-01 allows downloadDocument.jsp?command=download&pathAndName= directory traversal. | 2019-09-30 | 5.0 | CVE-2017-18636 MISC |
| evernote -- evernote | Evernote before 7.13 GA on macOS allows code execution because the com.apple.quarantine attribute is not used for attachment files, as demonstrated by a one-click attack involving a drag-and-drop operation on a crafted Terminal file. | 2019-09-30 | 6.8 | CVE-2019-17051 MISC MISC |
| flower_project -- flower | Flower 0.9.3 has XSS via the name parameter in an @app.task call. | 2019-09-27 | 4.3 | CVE-2019-16925 MISC |
| flower_project -- flower | Flower 0.9.3 has XSS via a crafted worker name. | 2019-09-27 | 4.3 | CVE-2019-16926 MISC |
| foxitsoftware -- foxit_reader | Foxit Reader 9.6.0.25114 and earlier has two unique RecursiveCall bugs involving 3 functions exhausting available stack memory because of Uncontrolled Recursion in the V8 JavaScript engine (issue 1 of 2). | 2019-09-30 | 5.0 | CVE-2019-13123 CONFIRM |
| foxitsoftware -- foxit_reader | Foxit Reader 9.6.0.25114 and earlier has two unique RecursiveCall bugs involving 3 functions exhausting available stack memory because of Uncontrolled Recursion in the V8 JavaScript engine (issue 2 of 2). | 2019-09-30 | 5.0 | CVE-2019-13124 CONFIRM |
| gfi -- kerio_control | A DOM based XSS in GFI Kerio Control v9.3.0 allows embedding of malicious code and manipulating the login page to send back a victim's cleartext credentials to an attacker via a login/?reason=failure&NTLM= URI. | 2019-09-30 | 4.3 | CVE-2019-16414 MISC MISC MISC MISC |
| glyphandcog -- xpdf | Xpdf 4.01.01 has an out-of-bounds write in the vertProfile part of the TextPage::findGaps function in TextOutputDev.cc, a different vulnerability than CVE-2019-9877. | 2019-09-27 | 4.3 | CVE-2019-16927 MISC |
| golang -- go | Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. | 2019-09-30 | 5.0 | CVE-2019-16276 CONFIRM MISC |
| google -- android | In Platform, there is a possible bypass of user interaction requirements due to missing permission checks. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-73884967 | 2019-09-27 | 4.6 | CVE-2018-9425 MISC |
| google -- android | In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113164693 | 2019-09-27 | 6.8 | CVE-2019-2055 MISC |
| google -- android | In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118386824 | 2019-09-27 | 6.8 | CVE-2019-2059 MISC |
| google -- android | In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112709994 | 2019-09-27 | 4.3 | CVE-2019-2060 MISC |
| google -- android | In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112610994 | 2019-09-27 | 6.8 | CVE-2019-2061 MISC |
| google -- android | In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117660045 | 2019-09-27 | 6.8 | CVE-2019-2062 MISC |
| google -- android | In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in the media server with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116019594 | 2019-09-27 | 6.8 | CVE-2019-2063 MISC |
| google -- android | In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116469592 | 2019-09-27 | 6.8 | CVE-2019-2064 MISC |
| google -- android | In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118143575 | 2019-09-27 | 6.8 | CVE-2019-2065 MISC |
| google -- android | In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117100617 | 2019-09-27 | 6.8 | CVE-2019-2066 MISC |
| google -- android | In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116114402 | 2019-09-27 | 6.8 | CVE-2019-2067 MISC |
| google -- android | In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117099943 | 2019-09-27 | 6.8 | CVE-2019-2068 MISC |
| google -- android | In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117832864 | 2019-09-27 | 6.8 | CVE-2019-2069 MISC |
| google -- android | In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117883804 | 2019-09-27 | 6.8 | CVE-2019-2070 MISC |
| google -- android | In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117216549 | 2019-09-27 | 6.8 | CVE-2019-2071 MISC |
| google -- android | In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116117112 | 2019-09-27 | 6.8 | CVE-2019-2072 MISC |
| google -- android | In libxaac there is a possible out of bounds write to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117100484 | 2019-09-27 | 6.8 | CVE-2019-2073 MISC |
| google -- android | In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116617847 | 2019-09-27 | 6.8 | CVE-2019-2074 MISC |
| google -- android | In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115908308 | 2019-09-27 | 6.8 | CVE-2019-2075 MISC |
| google -- android | In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115907334 | 2019-09-27 | 6.8 | CVE-2019-2076 MISC |
| google -- android | In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-114745929 | 2019-09-27 | 6.8 | CVE-2019-2077 MISC |
| google -- android | In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-114749542 | 2019-09-27 | 6.8 | CVE-2019-2078 MISC |
| google -- android | In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115509210 | 2019-09-27 | 4.3 | CVE-2019-2079 MISC |
| google -- android | In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118619159 | 2019-09-27 | 6.8 | CVE-2019-2080 MISC |
| google -- android | In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116473261 | 2019-09-27 | 6.8 | CVE-2019-2081 MISC |
| google -- android | In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117495103 | 2019-09-27 | 6.8 | CVE-2019-2082 MISC |
| google -- android | In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117495362 | 2019-09-27 | 6.8 | CVE-2019-2083 MISC |
| google -- android | In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117494734 | 2019-09-27 | 6.8 | CVE-2019-2084 MISC |
| google -- android | In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117496180 | 2019-09-27 | 6.8 | CVE-2019-2085 MISC |
| google -- android | In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-114735603 | 2019-09-27 | 6.8 | CVE-2019-2086 MISC |
| google -- android | In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118149009 | 2019-09-27 | 6.8 | CVE-2019-2087 MISC |
| google -- android | In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118494320 | 2019-09-27 | 4.3 | CVE-2019-2138 MISC |
| google -- android | In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117610049 | 2019-09-27 | 4.3 | CVE-2019-2139 MISC |
| google -- android | In libxaac, there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112705708 | 2019-09-27 | 4.3 | CVE-2019-2140 MISC |
| google -- android | In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112705155 | 2019-09-27 | 6.8 | CVE-2019-2141 MISC |
| google -- android | In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112768568 | 2019-09-27 | 4.3 | CVE-2019-2142 MISC |
| google -- android | In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-114746174 | 2019-09-27 | 4.3 | CVE-2019-2143 MISC |
| google -- android | In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112856493 | 2019-09-27 | 4.3 | CVE-2019-2144 MISC |
| google -- android | In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112858430 | 2019-09-27 | 4.3 | CVE-2019-2145 MISC |
| google -- android | In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112859714 | 2019-09-27 | 4.3 | CVE-2019-2146 MISC |
| google -- android | In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116474108 | 2019-09-27 | 4.3 | CVE-2019-2147 MISC |
| google -- android | In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113508105 | 2019-09-27 | 4.3 | CVE-2019-2148 MISC |
| google -- android | In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113262406 | 2019-09-27 | 4.3 | CVE-2019-2149 MISC |
| google -- android | In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117935831 | 2019-09-27 | 4.3 | CVE-2019-2150 MISC |
| google -- android | In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117495174 | 2019-09-27 | 4.3 | CVE-2019-2151 MISC |
| google -- android | In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118145923 | 2019-09-27 | 4.3 | CVE-2019-2152 MISC |
| google -- android | In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112611181 | 2019-09-27 | 4.3 | CVE-2019-2153 MISC |
| google -- android | In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117610057 | 2019-09-27 | 4.3 | CVE-2019-2154 MISC |
| google -- android | In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117655547 | 2019-09-27 | 4.3 | CVE-2019-2155 MISC |
| google -- android | In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112552816 | 2019-09-27 | 4.3 | CVE-2019-2156 MISC |
| google -- android | In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112611363 | 2019-09-27 | 4.3 | CVE-2019-2157 MISC |
| google -- android | In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118766492 | 2019-09-27 | 4.3 | CVE-2019-2158 MISC |
| google -- android | In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112707186 | 2019-09-27 | 6.8 | CVE-2019-2159 MISC |
| google -- android | In libxaac there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112715795 | 2019-09-27 | 4.3 | CVE-2019-2160 MISC |
| google -- android | In libxaac there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112553431 | 2019-09-27 | 4.3 | CVE-2019-2161 MISC |
| google -- android | In libxaac there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112713720 | 2019-09-27 | 4.3 | CVE-2019-2162 MISC |
| google -- android | In libxaac there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118138797 | 2019-09-27 | 4.3 | CVE-2019-2163 MISC |
| google -- android | In libxaac there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113263695 | 2019-09-27 | 4.3 | CVE-2019-2164 MISC |
| google -- android | In libxaac there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112712154 | 2019-09-27 | 4.3 | CVE-2019-2165 MISC |
| google -- android | In libxaac there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117661478 | 2019-09-27 | 4.3 | CVE-2019-2166 MISC |
| google -- android | In libxaac there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118615501 | 2019-09-27 | 4.3 | CVE-2019-2167 MISC |
| google -- android | In libxaac there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118492594 | 2019-09-27 | 4.3 | CVE-2019-2168 MISC |
| google -- android | In libxaac there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118492282 | 2019-09-27 | 4.3 | CVE-2019-2169 MISC |
| google -- android | In libxaac there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118615735 | 2019-09-27 | 4.3 | CVE-2019-2170 MISC |
| google -- android | In libxaac there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113035224 | 2019-09-27 | 4.3 | CVE-2019-2172 MISC |
| google -- android | In the Easel driver, there is possible memory corruption due to race conditions. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-112309571 | 2019-09-27 | 6.9 | CVE-2019-2188 MISC |
| google -- android | In the Easel driver, there is possible memory corruption due to race conditions. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-112312381 | 2019-09-27 | 6.9 | CVE-2019-2189 MISC |
| google -- android | In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-122675483 | 2019-09-27 | 5.0 | CVE-2019-9232 MISC |
| google -- android | In wpa_supplicant_8, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-122529021 | 2019-09-27 | 5.0 | CVE-2019-9233 MISC |
| google -- android | In wpa_supplicant_8, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-122465453 | 2019-09-27 | 5.0 | CVE-2019-9234 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-121325979 | 2019-09-27 | 4.3 | CVE-2019-9237 MISC |
| google -- android | In the NFC stack, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-121267042 | 2019-09-27 | 6.9 | CVE-2019-9238 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-121036603 | 2019-09-27 | 5.0 | CVE-2019-9241 MISC |
| google -- android | In AAC Codec, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120426166 | 2019-09-27 | 4.3 | CVE-2019-9247 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120276962 | 2019-09-27 | 5.0 | CVE-2019-9250 MISC |
| google -- android | In libavc there is a possible out of bounds read due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-73339042 | 2019-09-27 | 4.3 | CVE-2019-9252 MISC |
| google -- android | In KeyStore, there is a possible storage of symmetric keys in the TEE instead of the strongbox due to a missing strongbox flag. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-109769728 | 2019-09-27 | 4.9 | CVE-2019-9253 MISC |
| google -- android | In libmediaextractor there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111921829 | 2019-09-27 | 6.8 | CVE-2019-9256 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113572342 | 2019-09-27 | 4.6 | CVE-2019-9257 MISC |
| google -- android | In wifilogd, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113655028 | 2019-09-27 | 4.6 | CVE-2019-9258 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113495295 | 2019-09-27 | 5.0 | CVE-2019-9260 MISC |
| google -- android | In libxaac there is a possible out of bounds read due to missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116774214 | 2019-09-27 | 4.3 | CVE-2019-9261 MISC |
| google -- android | In MPEG4Extractor, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution in the media extractor with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111792351 | 2019-09-27 | 6.8 | CVE-2019-9262 MISC |
| google -- android | In libxaac there is a possible out of bounds read due to missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116774502 | 2019-09-27 | 4.3 | CVE-2019-9264 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-37994606 | 2019-09-27 | 5.0 | CVE-2019-9265 MISC |
| google -- android | In System Settings, there is a possible permissions bypass due to a cached Linux user ID. This could lead to a local permissions bypass with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-36899497 | 2019-09-27 | 4.4 | CVE-2019-9269 MISC |
| google -- android | In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112537774 | 2019-09-27 | 6.8 | CVE-2019-9278 MISC |
| google -- android | In the wifi hotspot service, there is a possible denial of service due to a null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-110476382 | 2019-09-27 | 5.0 | CVE-2019-9279 MISC |
| google -- android | In GoogleContactsSyncAdapter, there is a possible path traversal due to improper input sanitization. This could lead to a bypass of user interaction requirements with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-32748076 | 2019-09-27 | 5.0 | CVE-2019-9281 MISC |
| google -- android | In skia, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113211371 | 2019-09-27 | 4.3 | CVE-2019-9282 MISC |
| google -- android | In AAC Codec, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112663564 | 2019-09-27 | 4.3 | CVE-2019-9283 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure, with no additional privileges required. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111850706 | 2019-09-27 | 5.0 | CVE-2019-9284 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111215315 | 2019-09-27 | 5.0 | CVE-2019-9285 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111213909 | 2019-09-27 | 5.0 | CVE-2019-9286 MISC |
| google -- android | In libhidcommand_jni, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the USB service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111363077 | 2019-09-27 | 4.6 | CVE-2019-9288 MISC |
| google -- android | In tzdata there is possible memory corruption due to a mismatch between allocation and deallocation functions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113039724 | 2019-09-27 | 4.6 | CVE-2019-9290 MISC |
| google -- android | In Bluetooth, there is a possible remote code execution due to an improper memory allocation. This could lead to remote code execution in Bluetooth with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112159179 | 2019-09-27 | 6.8 | CVE-2019-9291 MISC |
| google -- android | In libstagefright, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117661116 | 2019-09-27 | 4.3 | CVE-2019-9293 MISC |
| google -- android | In libstagefright, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111764444 | 2019-09-27 | 4.3 | CVE-2019-9294 MISC |
| google -- android | In com.android.apps.tag, there is a possible bypass of user interaction requirements due to a missing permission check. This could lead to a to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-36885811 | 2019-09-27 | 4.6 | CVE-2019-9295 MISC |
| google -- android | In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112890242 | 2019-09-27 | 6.8 | CVE-2019-9297 MISC |
| google -- android | In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112892194 | 2019-09-27 | 6.8 | CVE-2019-9298 MISC |
| google -- android | In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112663886 | 2019-09-27 | 6.8 | CVE-2019-9299 MISC |
| google -- android | In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112661610 | 2019-09-27 | 6.8 | CVE-2019-9300 MISC |
| google -- android | In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112661356 | 2019-09-27 | 6.8 | CVE-2019-9302 MISC |
| google -- android | In libFDK, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112661057 | 2019-09-27 | 6.8 | CVE-2019-9303 MISC |
| google -- android | In libMpegTPDec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112662270 | 2019-09-27 | 6.8 | CVE-2019-9304 MISC |
| google -- android | In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112661835 | 2019-09-27 | 6.8 | CVE-2019-9305 MISC |
| google -- android | In libMpegTPDec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112661348 | 2019-09-27 | 6.8 | CVE-2019-9306 MISC |
| google -- android | In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112661893 | 2019-09-27 | 6.8 | CVE-2019-9307 MISC |
| google -- android | In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112661742 | 2019-09-27 | 6.8 | CVE-2019-9308 MISC |
| google -- android | In NFC, there is a possible out of bounds write due to a missing bounds check. This could lead to a to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117985575 | 2019-09-27 | 4.4 | CVE-2019-9309 MISC |
| google -- android | In libFDK, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112891546 | 2019-09-27 | 6.8 | CVE-2019-9310 MISC |
| google -- android | In Bluetooth, there is a possible crash due to an integer overflow. This could lead to remote denial of service on incoming calls with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-79431031 | 2019-09-27 | 5.0 | CVE-2019-9311 MISC |
| google -- android | In libstagefright, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112005441 | 2019-09-27 | 4.3 | CVE-2019-9313 MISC |
| google -- android | In libavc, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112329563 | 2019-09-27 | 4.3 | CVE-2019-9314 MISC |
| google -- android | In libhevc, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112326216 | 2019-09-27 | 4.3 | CVE-2019-9315 MISC |
| google -- android | In libstagefright, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112052432 | 2019-09-27 | 4.3 | CVE-2019-9316 MISC |
| google -- android | In libstagefright, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112052258 | 2019-09-27 | 4.3 | CVE-2019-9317 MISC |
| google -- android | In libhevc, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111764725 | 2019-09-27 | 4.3 | CVE-2019-9318 MISC |
| google -- android | In libavc, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111762100 | 2019-09-27 | 4.3 | CVE-2019-9319 MISC |
| google -- android | In libavc, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111761624 | 2019-09-27 | 4.3 | CVE-2019-9320 MISC |
| google -- android | In libavc, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111208713 | 2019-09-27 | 4.3 | CVE-2019-9321 MISC |
| google -- android | In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111128067 | 2019-09-27 | 4.3 | CVE-2019-9322 MISC |
| google -- android | In the Wallpaper Manager service, there is a possible information disclosure due to a missing permission check. Any application can access wallpaper image with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-30770233 | 2019-09-27 | 5.0 | CVE-2019-9323 MISC |
| google -- android | In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112001302 | 2019-09-27 | 4.3 | CVE-2019-9325 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111215173 | 2019-09-27 | 5.0 | CVE-2019-9326 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112050583 | 2019-09-27 | 5.0 | CVE-2019-9327 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure, with no additional privileges required. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111895000 | 2019-09-27 | 5.0 | CVE-2019-9328 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to uninitialized data. This could lead to remote information disclosure, with no additional privileges required. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112917952 | 2019-09-27 | 5.0 | CVE-2019-9329 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111214739 | 2019-09-27 | 5.0 | CVE-2019-9330 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112272279 | 2019-09-27 | 5.0 | CVE-2019-9331 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-78286500 | 2019-09-27 | 5.0 | CVE-2019-9332 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-109753657 | 2019-09-27 | 5.0 | CVE-2019-9333 MISC |
| google -- android | In libhevc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112859934 | 2019-09-27 | 4.3 | CVE-2019-9334 MISC |
| google -- android | In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112328051 | 2019-09-27 | 4.3 | CVE-2019-9335 MISC |
| google -- android | In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112326322 | 2019-09-27 | 4.3 | CVE-2019-9336 MISC |
| google -- android | In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112204376 | 2019-09-27 | 4.3 | CVE-2019-9337 MISC |
| google -- android | In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111762686 | 2019-09-27 | 4.3 | CVE-2019-9338 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111214770 | 2019-09-27 | 5.0 | CVE-2019-9341 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111214470 | 2019-09-27 | 5.0 | CVE-2019-9342 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112050983 | 2019-09-27 | 5.0 | CVE-2019-9343 MISC |
| google -- android | In libstagefright, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-128433933 | 2019-09-27 | 6.8 | CVE-2019-9346 MISC |
| google -- android | In Keymaster, there is a possible EoP due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-129562815 | 2019-09-27 | 4.6 | CVE-2019-9350 MISC |
| google -- android | In libstagefright, there is a possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-124253062 | 2019-09-27 | 4.3 | CVE-2019-9352 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-123024201 | 2019-09-27 | 4.3 | CVE-2019-9353 MISC |
| google -- android | In NFC server, there's a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118148142 | 2019-09-27 | 4.3 | CVE-2019-9354 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115903122 | 2019-09-27 | 5.0 | CVE-2019-9355 MISC |
| google -- android | In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112662995 | 2019-09-27 | 6.8 | CVE-2019-9357 MISC |
| google -- android | In NFC, there is a possible out of bounds write due to a missing bounds check. This could lead to a to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120156401 | 2019-09-27 | 4.4 | CVE-2019-9358 MISC |
| google -- android | In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111407302 | 2019-09-27 | 4.3 | CVE-2019-9359 MISC |
| google -- android | In the TEE, there's a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120610663 | 2019-09-27 | 4.9 | CVE-2019-9360 MISC |
| google -- android | In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111762807 | 2019-09-27 | 4.3 | CVE-2019-9361 MISC |
| google -- android | In libSACdec, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120426980 | 2019-09-27 | 4.3 | CVE-2019-9362 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-123584306 | 2019-09-27 | 6.8 | CVE-2019-9363 MISC |
| google -- android | In libSBRdec there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112052062 | 2019-09-27 | 4.3 | CVE-2019-9366 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112106425 | 2019-09-27 | 5.0 | CVE-2019-9367 MISC |
| google -- android | In sonivox, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-133880046 | 2019-09-27 | 4.3 | CVE-2019-9370 MISC |
| google -- android | In CompanionDeviceManager, there is a possible bypass of user interaction requirements due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-129476618 | 2019-09-27 | 4.6 | CVE-2019-9374 MISC |
| google -- android | In hostapd, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-129344244 | 2019-09-27 | 6.9 | CVE-2019-9375 MISC |
| google -- android | In the Accounts package, there is a possible crash due to improper input validation. This could lead to permanent local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-129287265 | 2019-09-27 | 4.9 | CVE-2019-9376 MISC |
| google -- android | In the Activity Manager service, there is a possible permission bypass due to incorrect permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-124539196 | 2019-09-27 | 4.6 | CVE-2019-9378 MISC |
| google -- android | In the settings UI, there is a possible spoofing vulnerability due to a missing permission check. This could lead to a user mistakenly changing permission settings with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-123700098 | 2019-09-27 | 4.3 | CVE-2019-9380 MISC |
| google -- android | In netd, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-122677612 | 2019-09-27 | 5.0 | CVE-2019-9381 MISC |
| google -- android | In libeffects, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120874654 | 2019-09-27 | 6.8 | CVE-2019-9382 MISC |
| google -- android | In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120452956 | 2019-09-27 | 4.3 | CVE-2019-9385 MISC |
| google -- android | In NFC server, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-122361874 | 2019-09-27 | 6.9 | CVE-2019-9386 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117569833 | 2019-09-27 | 5.0 | CVE-2019-9387 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117567437 | 2019-09-27 | 5.0 | CVE-2019-9388 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117567058 | 2019-09-27 | 5.0 | CVE-2019-9389 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117551475 | 2019-09-27 | 5.0 | CVE-2019-9390 MISC |
| google -- android | In libxaac, there is a possible out of bounds read due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111050781 | 2019-09-27 | 4.3 | CVE-2019-9391 MISC |
| google -- android | In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116357965 | 2019-09-27 | 5.0 | CVE-2019-9393 MISC |
| google -- android | In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116351796 | 2019-09-27 | 5.0 | CVE-2019-9394 MISC |
| google -- android | In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116267405 | 2019-09-27 | 5.0 | CVE-2019-9395 MISC |
| google -- android | In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115747155 | 2019-09-27 | 5.0 | CVE-2019-9396 MISC |
| google -- android | In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115747410 | 2019-09-27 | 5.0 | CVE-2019-9397 MISC |
| google -- android | In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115745406 | 2019-09-27 | 5.0 | CVE-2019-9398 MISC |
| google -- android | The Print Service is susceptible to man in the middle attacks due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115635664 | 2019-09-27 | 4.3 | CVE-2019-9399 MISC |
| google -- android | In Bluetooth, there is a possible null pointer dereference due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115509589 | 2019-09-27 | 5.0 | CVE-2019-9400 MISC |
| google -- android | In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115375248 | 2019-09-27 | 5.0 | CVE-2019-9401 MISC |
| google -- android | In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115372550 | 2019-09-27 | 5.0 | CVE-2019-9402 MISC |
| google -- android | In cn-cbor, there is a possible out of bounds read due to improper casting. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113512324 | 2019-09-27 | 4.3 | CVE-2019-9403 MISC |
| google -- android | In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112923309 | 2019-09-27 | 5.0 | CVE-2019-9404 MISC |
| google -- android | In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112890225 | 2019-09-27 | 6.8 | CVE-2019-9405 MISC |
| google -- android | In libhevc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112552517 | 2019-09-27 | 4.3 | CVE-2019-9406 MISC |
| google -- android | In notification management of the service manager, there is a possible permissions bypass. This could lead to local escalation of privilege by preventing user notification, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112434609 | 2019-09-27 | 4.6 | CVE-2019-9407 MISC |
| google -- android | In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112380157 | 2019-09-27 | 4.3 | CVE-2019-9408 MISC |
| google -- android | In libhevc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112272091 | 2019-09-27 | 4.3 | CVE-2019-9409 MISC |
| google -- android | In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112204443 | 2019-09-27 | 4.3 | CVE-2019-9410 MISC |
| google -- android | In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112204845 | 2019-09-27 | 4.3 | CVE-2019-9411 MISC |
| google -- android | In libSBRdec there is a possible out of bounds read due to incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112006096 | 2019-09-27 | 4.3 | CVE-2019-9412 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111935831 | 2019-09-27 | 5.0 | CVE-2019-9413 MISC |
| google -- android | In wpa_supplicant, there is a possible man in the middle vulnerability due to improper input validation of the basicConstraints field of intermediary certificates. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111893041 | 2019-09-27 | 4.3 | CVE-2019-9414 MISC |
| google -- android | In libstagefright there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111805098 | 2019-09-27 | 4.3 | CVE-2019-9415 MISC |
| google -- android | In libstagefright there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111804142 | 2019-09-27 | 4.3 | CVE-2019-9416 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111407544 | 2019-09-27 | 5.0 | CVE-2019-9419 MISC |
| google -- android | In libhevc, there is a possible out of bounds read due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111272481 | 2019-09-27 | 4.3 | CVE-2019-9420 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111214766 | 2019-09-27 | 5.0 | CVE-2019-9422 MISC |
| google -- android | In opencv calls that use libpng, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges required. User interaction is not required for exploitation. Product: AndroidVersions: Android-10Android ID: A-110986616 | 2019-09-27 | 4.6 | CVE-2019-9423 MISC |
| google -- android | In the Screen Lock, there is a possible information disclosure due to an unusual root cause. In certain circumstances, the setting to hide the unlock pattern can be ignored. Product: AndroidVersions: Android-10Android ID: A-110941092 | 2019-09-27 | 4.3 | CVE-2019-9424 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-110846194 | 2019-09-27 | 5.0 | CVE-2019-9425 MISC |
| google -- android | In the Framework, it is possible to set up BROWSEABLE intents to take over certain URLs. This could lead to remote information disclosure of sensitive URLs with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-110150807 | 2019-09-27 | 4.3 | CVE-2019-9428 MISC |
| google -- android | In profman, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-110035108 | 2019-09-27 | 4.6 | CVE-2019-9429 MISC |
| google -- android | In Bluetooth, there is a possible null pointer dereference due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-109838296 | 2019-09-27 | 5.0 | CVE-2019-9430 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure with heap information written to the log with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-109755179 | 2019-09-27 | 4.0 | CVE-2019-9431 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure in the Bluetooth server with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-80546108 | 2019-09-27 | 5.0 | CVE-2019-9432 MISC |
| google -- android | In libvpx, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-80479354 | 2019-09-27 | 4.3 | CVE-2019-9433 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with heap information written to the log with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-80432895 | 2019-09-27 | 4.0 | CVE-2019-9434 MISC |
| google -- android | In mediaserver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-62535446 | 2019-09-27 | 4.6 | CVE-2019-9460 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-91544774 | 2019-09-27 | 5.0 | CVE-2019-9462 MISC |
| google -- android | In Platform, there is a possible bypass of user interaction requirements due to background app interception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113584607 | 2019-09-27 | 4.4 | CVE-2019-9463 MISC |
| ibm -- daeja_viewone | IBM Daeja ViewONE Virtual 5.0 through 5.0.6 could expose internal parameters to ViewONE clients that could be used in further attacks against the system. IBM X-Force ID: 159521. | 2019-10-01 | 5.0 | CVE-2019-4246 XF CONFIRM |
| ibm -- security_directory_server | IBM Security Directory Server 6.4.0 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 165178. | 2019-10-02 | 5.0 | CVE-2019-4520 XF CONFIRM |
| ibm -- security_directory_server | IBM Security Directory Server 6.4.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 165660. | 2019-10-02 | 5.8 | CVE-2019-4538 XF CONFIRM |
| ibm -- security_directory_server | IBM Security Directory Server 6.4.0 does not properly neutralize special elements that are used in XML, allowing attackers to modify the syntax, content, or commands of the XML before it is processed by an end system. IBM X-Force ID: 165812. | 2019-10-02 | 5.5 | CVE-2019-4539 XF CONFIRM |
| ibm -- security_directory_server | IBM Security Directory Server 6.4.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 165815. | 2019-10-02 | 4.3 | CVE-2019-4542 XF CONFIRM |
| ibm -- security_directory_server | IBM Security Directory Server 6.4.0 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 165951. | 2019-10-02 | 5.0 | CVE-2019-4549 XF CONFIRM |
| ibm -- security_guardium | IBM Security Guardium 9.0, 9.5, and 10.6 are vulnerable to a privilege escalation which could allow an authenticated user to change the accessmgr password. IBM X-Force ID: 162768. | 2019-10-03 | 6.5 | CVE-2019-4422 XF CONFIRM |
| ibm -- sterling_file_gateway | IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 displays sensitive information in HTTP requests which could be used in further attacks against the system. IBM X-Force ID: 160503. | 2019-09-30 | 5.0 | CVE-2019-4280 XF CONFIRM |
| ibm -- sterling_file_gateway | IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 162769. | 2019-09-30 | 5.0 | CVE-2019-4423 XF CONFIRM |
| ibm -- websphere_application_server | IBM WebSphere Application Server - Liberty could allow a remote attacker to bypass security restrictions caused by improper session validation. IBM X-Force ID: 160950. | 2019-09-30 | 6.5 | CVE-2019-4304 XF CONFIRM |
| ibm -- websphere_application_server | IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information caused by the improper setting of a cookie. IBM X-Force ID: 160951. | 2019-09-30 | 5.0 | CVE-2019-4305 XF CONFIRM |
| ibm -- websphere_application_server | IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and Liberty could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. IBM X-Force ID: 163177. | 2019-10-03 | 5.0 | CVE-2019-4441 XF CONFIRM |
| ibm -- websphere_extreme_scale | IBM WebSphere eXtreme Scale 8.6 Admin Console could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 158102. | 2019-09-30 | 5.8 | CVE-2019-4109 XF CONFIRM |
| jenkins -- ldap_email | Jenkins LDAP Email Plugin transmits configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure. | 2019-10-01 | 5.0 | CVE-2019-10434 MLIST CONFIRM |
| jenkins -- sourcegear_vault | Jenkins SourceGear Vault Plugin transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure. | 2019-10-01 | 5.0 | CVE-2019-10435 MLIST CONFIRM |
| jetbrains -- teamcity | An issue was discovered in JetBrains TeamCity 2018.2.4. It had several XSS vulnerabilities on the settings pages. The issues were fixed in TeamCity 2019.1. | 2019-10-02 | 4.3 | CVE-2019-15037 CONFIRM |
| jetbrains -- teamcity | An issue was discovered in JetBrains TeamCity 2018.2.4. It had a possible remote code execution issue. This was fixed in TeamCity 2018.2.5 and 2019.1. | 2019-10-01 | 6.8 | CVE-2019-15039 CONFIRM |
| jetbrains -- youtrack | JetBrains YouTrack versions before 2019.1.52584 had a possible XSS in the issue titles. | 2019-10-01 | 4.3 | CVE-2019-14952 CONFIRM |
| jetbrains -- youtrack | JetBrains YouTrack versions before 2019.2.53938 had a possible XSS through issue attachments when using the Firefox browser. | 2019-10-01 | 4.3 | CVE-2019-14953 MISC |
| jetbrains -- youtrack | JetBrains YouTrack before 2019.2.53938 was using incorrect settings, allowing a user without necessary permissions to get other project names. | 2019-10-02 | 4.0 | CVE-2019-14956 CONFIRM |
| jetbrains -- youtrack | JetBrains YouTrack versions before 2019.1 had a CSRF vulnerability on the settings page. | 2019-10-02 | 6.8 | CVE-2019-15040 MISC |
| jetbrains -- youtrack | In JetBrains YouTrack through 2019.2.56594, stored XSS was found on the issue page. | 2019-10-02 | 4.3 | CVE-2019-16171 MISC |
| libreoffice -- libreoffice | LibreOffice documents can contain macros. The execution of those macros is controlled by the document security settings, typically execution of macros are blocked by default. A URL decoding flaw existed in how the urls to the macros within the document were processed and categorized, resulting in the possibility to construct a document where macro execution bypassed the security settings. The documents were correctly detected as containing macros, and prompted the user to their existence within the documents, but macros within the document were subsequently not controlled by the security settings allowing arbitrary macro execution This issue affects: LibreOffice 6.2 series versions prior to 6.2.7; LibreOffice 6.3 series versions prior to 6.3.1. | 2019-09-27 | 6.8 | CVE-2019-9853 MLIST CONFIRM |
| metinfo -- metinfo | In Metinfo 7.0.0beta, a SQL Injection was discovered in app/system/product/admin/product_admin.class.php via the admin/?n=product&c=product_admin&a=dopara&app_type=shop id parameter. | 2019-09-30 | 6.5 | CVE-2019-16996 MISC |
| metinfo -- metinfo | In Metinfo 7.0.0beta, a SQL Injection was discovered in app/system/language/admin/language_general.class.php via the admin/?n=language&c=language_general&a=doExportPack appno parameter. | 2019-09-30 | 6.5 | CVE-2019-16997 MISC |
| mozilla -- firefox | When a master password is set, it is required to be entered again before stored passwords can be accessed in the 'Saved Logins' dialog. It was found that locally stored passwords can be copied to the clipboard thorough the 'copy password' context menu item without re-entering the master password if the master password had been previously entered in the same session, allowing for potential theft of stored passwords. This vulnerability affects Firefox < 68.0.2 and Firefox ESR < 68.0.2. | 2019-09-27 | 5.0 | CVE-2019-11733 SUSE SUSE MISC CONFIRM |
| mozilla -- firefox | The Mozilla Maintenance Service does not guard against files being hardlinked to another file in the updates directory, allowing for the replacement of local files, including the Maintenance Service executable, which is run with privileged access. Additionally, there was a race condition during checks for junctions and symbolic links by the Maintenance Service, allowing for potential local file and directory manipulation to be undetected in some circumstances. This allows for potential privilege escalation by a user with unprivileged local access. <br>*Note: These attacks requires local system access and only affects Windows. Other operating systems are not affected.*. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1. | 2019-09-27 | 4.4 | CVE-2019-11736 SUSE SUSE MISC MISC CONFIRM CONFIRM |
| mozilla -- firefox | If a wildcard ('*') is specified for the host in Content Security Policy (CSP) directives, any port or path restriction of the directive will be ignored, leading to CSP directives not being properly applied to content. This vulnerability affects Firefox < 69. | 2019-09-27 | 5.0 | CVE-2019-11737 MISC CONFIRM |
| mozilla -- firefox | If a Content Security Policy (CSP) directive is defined that uses a hash-based source that takes the empty string as input, execution of any javascript: URIs will be allowed. This could allow for malicious JavaScript content to be run, bypassing CSP permissions. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1. | 2019-09-27 | 6.8 | CVE-2019-11738 SUSE SUSE MISC CONFIRM CONFIRM |
| mozilla -- firefox | A compromised sandboxed content process can perform a Universal Cross-site Scripting (UXSS) attack on content from any site it can cause to be loaded in the same process. Because addons.mozilla.org and accounts.firefox.com have close ties to the Firefox product, malicious manipulation of these sites within the browser can potentially be used to modify a user's Firefox configuration. These two sites will now be isolated into their own process and not allowed to be loaded in a standard content process. This vulnerability affects Firefox < 69. | 2019-09-27 | 4.3 | CVE-2019-11741 MISC CONFIRM |
| mozilla -- firefox | A same-origin policy violation occurs allowing the theft of cross-origin images through a combination of SVG filters and a <canvas> element due to an error in how same-origin policy is applied to cached image content. The resulting same-origin policy violation could allow for data theft. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1. | 2019-09-27 | 4.3 | CVE-2019-11742 SUSE SUSE SUSE SUSE MISC CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| mozilla -- firefox | Navigation events were not fully adhering to the W3C's "Navigation-Timing Level 2" draft specification in some instances for the unload event, which restricts access to detailed timing attributes to only be same-origin. This resulted in potential cross-origin information exposure of history through timing side-channel attacks. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1. | 2019-09-27 | 4.3 | CVE-2019-11743 SUSE SUSE SUSE SUSE MISC MISC CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| mozilla -- firefox | Some HTML elements, such as <title> and <textarea>, can contain literal angle brackets without treating them as markup. It is possible to pass a literal closing tag to .innerHTML on these elements, and subsequent content after that will be parsed as if it were outside the tag. This can lead to XSS if a site does not filter user input as strictly for these elements as it does for other elements. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1. | 2019-09-27 | 4.3 | CVE-2019-11744 SUSE SUSE SUSE SUSE MISC CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| mozilla -- firefox | A use-after-free vulnerability can occur while manipulating video elements if the body is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1. | 2019-09-27 | 6.8 | CVE-2019-11746 SUSE SUSE SUSE SUSE MISC CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| mozilla -- firefox | The "Forget about this site" feature in the History pane is intended to remove all saved user data that indicates a user has visited a site. This includes removing any HTTP Strict Transport Security (HSTS) settings received from sites that use it. Due to a bug, sites on the pre-load list also have their HSTS setting removed. On the next visit to that site if the user specifies an http: URL rather than secure https: they will not be protected by the pre-loaded HSTS setting. After that visit the site's HSTS setting will be restored. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1. | 2019-09-27 | 4.3 | CVE-2019-11747 SUSE SUSE MISC CONFIRM CONFIRM |
| mozilla -- firefox | WebRTC in Firefox will honor persisted permissions given to sites for access to microphone and camera resources even when in a third-party context. In light of recent high profile vulnerabilities in other software, a decision was made to no longer persist these permissions. This avoids the possibility of trusted WebRTC resources being invisibly embedded in web content and abusing permissions previously given by users. Users will now be prompted for permissions on each use. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1. | 2019-09-27 | 4.3 | CVE-2019-11748 SUSE SUSE MISC CONFIRM CONFIRM |
| mozilla -- firefox | A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without triggering a user prompt or notification. This allows for the potential fingerprinting of users. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1. | 2019-09-27 | 4.3 | CVE-2019-11749 SUSE SUSE MISC CONFIRM CONFIRM |
| mozilla -- firefox | A type confusion vulnerability exists in Spidermonkey, which results in a non-exploitable crash. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1. | 2019-09-27 | 4.3 | CVE-2019-11750 SUSE SUSE MISC CONFIRM CONFIRM |
| mozilla -- firefox | Logging-related command line parameters are not properly sanitized when Firefox is launched by another program, such as when a user clicks on malicious links in a chat application. This can be used to write a log file to an arbitrary location such as the Windows 'Startup' folder. <br>*Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1. | 2019-09-27 | 6.8 | CVE-2019-11751 SUSE SUSE MISC CONFIRM CONFIRM |
| mozilla -- firefox | The Firefox installer allows Firefox to be installed to a custom user writable location, leaving it unprotected from manipulation by unprivileged users or malware. If the Mozilla Maintenance Service is manipulated to update this unprotected location and the updated maintenance service in the unprotected location has been altered, the altered maintenance service can run with elevated privileges during the update process due to a lack of integrity checks. This allows for privilege escalation if the executable has been replaced locally. <br>*Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.*. This vulnerability affects Firefox < 69, Firefox ESR < 60.9, and Firefox ESR < 68.1. | 2019-09-27 | 4.6 | CVE-2019-11753 SUSE SUSE MISC CONFIRM CONFIRM CONFIRM |
| mozilla -- firefox | When the pointer lock is enabled by a website though requestPointerLock(), no user notification is given. This could allow a malicious website to hijack the mouse pointer and confuse users. This vulnerability affects Firefox < 69.0.1. | 2019-09-27 | 4.3 | CVE-2019-11754 MISC CONFIRM |
| mozilla -- thunderbird | Encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird < 68.1 and Thunderbird < 60.9. | 2019-09-27 | 4.3 | CVE-2019-11739 SUSE SUSE MISC CONFIRM CONFIRM |
| mozilla -- thunderbird | A crafted S/MIME message consisting of an inner encryption layer and an outer SignedData layer was shown as having a valid digital signature, although the signer might have had no access to the contents of the encrypted message, and might have stripped a different signature from the encrypted message. Previous versions had only suppressed showing a digital signature for messages with an outer multipart/signed layer. This vulnerability affects Thunderbird < 68.1.1. | 2019-09-27 | 5.0 | CVE-2019-11755 SUSE SUSE MISC CONFIRM |
| netdisco -- netdisco | Insufficient sanitization during device search in Netdisco 2.042010 allows for reflected XSS via manipulation of a URL parameter. | 2019-09-30 | 4.3 | CVE-2019-15810 MISC MISC |
| netgear -- srx5308_firmware | NETGEAR SRX5308 4.3.5-3 devices allow SQL Injection, as exploited in the wild in September 2019 to add a new user account. | 2019-09-30 | 5.0 | CVE-2019-17049 MISC |
| nsa -- ghidra | NSA Ghidra through 9.0.4, when experimental mode is enabled, allows arbitrary code execution if the Read XML Files feature of Bit Patterns Explorer is used with a modified XML document. This occurs in Features/BytePatterns/src/main/java/ghidra/bitpatterns/info/FileBitPatternInfoReader.java. An attack could start with an XML document that was originally created by DumpFunctionPatternInfoScript but then directly modified by an attacker (for example, to make a java.lang.Runtime.exec call). | 2019-09-28 | 6.8 | CVE-2019-16941 MISC MISC MISC MISC MISC MISC |
| online_store_system_project -- online_store_system | Vulnerability in Online Store v1.0, The registration form requirements for the member email format can be bypassed by posting directly to sent_register.php allowing special characters to be included and an XSS payload to be injected. | 2019-10-01 | 4.3 | CVE-2019-8290 MLIST MISC MISC |
| phpbb -- phpbb | In phpBB before 3.1.7-PL1, includes/acp/acp_bbcodes.php has improper verification of a CSRF token on the BBCode page in the Administration Control Panel. An actual CSRF attack is possible if an attacker also manages to retrieve the session id of a reauthenticated administrator prior to targeting them. | 2019-09-30 | 6.8 | CVE-2019-16993 MISC MLIST MISC MISC |
| python -- python | The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server. | 2019-09-27 | 4.3 | CVE-2019-16935 MISC MISC MISC MISC |
| qualcomm -- mdm9150_firmware | Use after free issue occurs If another instance of open for voice_svc node has been called from application without closing the previous one. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24 | 2019-09-30 | 4.6 | CVE-2019-10497 CONFIRM |
| qualcomm -- mdm9150_firmware | Buffer overflow scenario if the client sends more than 5 io_vec requests to the server in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24 | 2019-09-30 | 4.6 | CVE-2019-10498 CONFIRM |
| qualcomm -- mdm9150_firmware | Possible use after free issue due to improper input validation in volume listener library in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24 | 2019-09-30 | 4.6 | CVE-2019-10501 CONFIRM |
| qualcomm -- mdm9150_firmware | Lack of check of extscan change results received from firmware can lead to an out of buffer read in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS605, SD 210/SD 212/SD 205, SD 425, SD 430, SD 600, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24 | 2019-09-30 | 4.6 | CVE-2019-10507 CONFIRM |
| qualcomm -- mdm9150_firmware | Lack of input validation for data received from user space can lead to OOB access in WLAN in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 425, SD 430, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 650/52, SD 820A, SDX20 | 2019-09-30 | 4.6 | CVE-2019-10508 CONFIRM |
| qualcomm -- mdm9150_firmware | Buffer overflow due to improper validation of buffer size while IPA driver processing to perform read operation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24 | 2019-09-30 | 4.6 | CVE-2019-2333 CONFIRM |
| qualcomm -- mdm9150_firmware | Buffer overflow when the audio buffer size provided by user is larger than the maximum allowable audio buffer size. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24 | 2019-09-30 | 4.6 | CVE-2019-2341 CONFIRM |
| qualcomm -- mdm9206_firmware | While processing QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY vendor command, driver does not validate the data obtained from the user space which could be invalid and thus leads to an undesired behaviour in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS605, SD 600, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM630, SDM660, SDX24 | 2019-09-30 | 4.6 | CVE-2019-10506 CONFIRM |
| qualcomm -- msm8909w_firmware | Possible use-after-free issue due to a race condition while calling camera ioctl concurrently in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / SD 850, SD 855, SDM439, SDX24 | 2019-09-30 | 4.4 | CVE-2019-2284 CONFIRM |
| salesagility -- suitecrm | SuiteCRM 7.10.x and 7.11.x before 7.10.20 and 7.11.8 has XSS. | 2019-09-30 | 4.3 | CVE-2019-14752 CONFIRM CONFIRM |
| salesagility -- suitecrm | SuiteCRM 7.10.x before 7.10.20 and 7.11.x before 7.11.8 allows unintended public exposure of files. | 2019-09-27 | 5.0 | CVE-2019-16922 MISC |
| tcpdump -- tcpdump | The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion. | 2019-10-03 | 5.0 | CVE-2018-16452 MISC CONFIRM |
| thecontrolgroup -- voyager | An issue was discovered in the Voyager package through 1.2.7 for Laravel. An attacker with admin privileges and Compass access can read or delete arbitrary files, such as the .env file. NOTE: a software maintainer has suggested a solution in which Compass is switched off in a production environment. | 2019-09-30 | 6.5 | CVE-2019-17050 MISC |
| themeisle -- visualizer | A blind SSRF vulnerability exists in the Visualizer plugin before 3.3.1 for WordPress via wp-json/visualizer/v1/upload-data. | 2019-09-30 | 5.8 | CVE-2019-16932 MISC MISC MISC |
| whatsapp -- whatsapp | An integer overflow in WhatsApp media parsing libraries allows a remote attacker to perform an out-of-bounds write on the heap via specially-crafted EXIF tags in WEBP images. This issue affects WhatsApp for Android before version 2.19.143 and WhatsApp for iOS before version 2.19.100. | 2019-09-27 | 6.8 | CVE-2019-11927 CONFIRM |
| z.cash -- zcash | Zcashd in Zcash before 2.0.7-3 allows discovery of the IP address of a full node that owns a shielded address, related to mishandling of exceptions during deserialization of note plaintexts. This affects anyone who has disclosed their zaddr to a third party. | 2019-09-28 | 5.0 | CVE-2019-16930 MISC MISC MISC MISC |
Low Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| dell -- emc_integrated_data_protection_appliance_firmware | Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a stored cross-site scripting vulnerability. A remote malicious ACM admin user may potentially exploit this vulnerability to store malicious HTML or JavaScript code in Cloud DR add-on specific field. When victim users access the page through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application. | 2019-09-27 | 3.5 | CVE-2019-3747 CONFIRM |
| dolibarr -- dolibarr | Dolibarr 9.0.5 has stored XSS vulnerability via a User Group Description section to card.php. A user with the "Create/modify other users, groups and permissions" privilege can inject script and can also achieve privilege escalation. | 2019-09-27 | 3.5 | CVE-2019-16685 MISC |
| dolibarr -- dolibarr | Dolibarr 9.0.5 has stored XSS in a User Note section to note.php. A user with no privileges can inject script to attack the admin. | 2019-09-27 | 3.5 | CVE-2019-16686 MISC |
| dolibarr -- dolibarr | Dolibarr 9.0.5 has stored XSS in a User Profile in a Signature section to card.php. A user with the "Create/modify other users, groups and permissions" privilege can inject script and can also achieve privilege escalation. | 2019-09-27 | 3.5 | CVE-2019-16687 MISC |
| dolibarr -- dolibarr | Dolibarr 9.0.5 has stored XSS in an Email Template section to mails_templates.php. A user with no privileges can inject script to attack the admin. (This stored XSS can affect all types of user privilege from Admin to users with no permissions.) | 2019-09-27 | 3.5 | CVE-2019-16688 MISC |
| google -- android | In WiFi, the RSSI value and SSID information is broadcast as part of android.net.wifi.RSSI_CHANGE and android.net.wifi.STATE_CHANGE intents. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111698366 | 2019-09-27 | 2.1 | CVE-2018-9581 MISC |
| google -- android | In LG's LAF component, there is a possible leak of information in a protected disk partition due to a missing bounds check. This could lead to local information disclosure via USB with User execution privileges needed. User interaction is not required for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-68771598 | 2019-09-27 | 2.1 | CVE-2019-2190 MISC |
| google -- android | In LG's LAF component, there is a possible leak of information in a protected disk partition due to a missing bounds check. This could lead to local information disclosure via USB with User execution privileges needed. User interaction is not required for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-68770980 | 2019-09-27 | 2.1 | CVE-2019-2191 MISC |
| google -- android | In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-122323053 | 2019-09-27 | 1.9 | CVE-2019-9235 MISC |
| google -- android | In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-122322613 | 2019-09-27 | 1.9 | CVE-2019-9236 MISC |
| google -- android | In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-121263487 | 2019-09-27 | 1.9 | CVE-2019-9239 MISC |
| google -- android | In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-121150966 | 2019-09-27 | 1.9 | CVE-2019-9240 MISC |
| google -- android | In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-121035878 | 2019-09-27 | 1.9 | CVE-2019-9242 MISC |
| google -- android | In wpa_supplicant_8, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120905706 | 2019-09-27 | 2.1 | CVE-2019-9243 MISC |
| google -- android | In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120865977 | 2019-09-27 | 1.9 | CVE-2019-9244 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120255805 | 2019-09-27 | 2.1 | CVE-2019-9249 MISC |
| google -- android | In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120274615 | 2019-09-27 | 1.9 | CVE-2019-9251 MISC |
| google -- android | In libstagefright, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the media server with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-77474014 | 2019-09-27 | 2.1 | CVE-2019-9268 MISC |
| google -- android | In WiFi, there is a possible leak of WiFi state due to a permissions bypass. This could lead to a local information disclosure which could be used to determine device location with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-11596047 | 2019-09-27 | 2.1 | CVE-2019-9272 MISC |
| google -- android | In the proc filesystem, there is a possible information disclosure due to log information disclosure. This could lead to local disclosure of app and browser activity with User execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-68016944 | 2019-09-27 | 2.1 | CVE-2019-9277 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-78287084 | 2019-09-27 | 2.1 | CVE-2019-9287 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-79883824 | 2019-09-27 | 2.1 | CVE-2019-9289 MISC |
| google -- android | In the Activity Manager service, there is a possible information disclosure due to a confused deputy. This could lead to local disclosure of current foreground process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115384617 | 2019-09-27 | 2.1 | CVE-2019-9292 MISC |
| google -- android | In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112162089 | 2019-09-27 | 1.9 | CVE-2019-9296 MISC |
| google -- android | In NFC server, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120845341 | 2019-09-27 | 1.9 | CVE-2019-9344 MISC |
| google -- android | In the m4v_h263 codec, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-109891727 | 2019-09-27 | 2.1 | CVE-2019-9347 MISC |
| google -- android | In SyncStatusObserver, there is a possible bypass for operating system protections that isolate user profiles from each other due to a missing permission check. This could lead to local limited information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-128599864 | 2019-09-27 | 2.1 | CVE-2019-9351 MISC |
| google -- android | In AudioService, there is a possible trigger of background user audio due to a permissions bypass. This could lead to local information disclosure by playing the background user's audio with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-73364631 | 2019-09-27 | 2.1 | CVE-2019-9364 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-79883568 | 2019-09-27 | 2.1 | CVE-2019-9368 MISC |
| google -- android | In Bluetooth, there is a use of uninitialized variable. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-79995407 | 2019-09-27 | 2.1 | CVE-2019-9369 MISC |
| google -- android | In JobStore, there is a mismatched serialization/deserialization for the "battery-not-low" job attribute. This could lead to a local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-130173029 | 2019-09-27 | 2.1 | CVE-2019-9373 MISC |
| google -- android | In NFC server, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120843827 | 2019-09-27 | 1.9 | CVE-2019-9383 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111450079 | 2019-09-27 | 2.1 | CVE-2019-9417 MISC |
| google -- android | In libandroidfw, there is a possible OOB read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111215250 | 2019-09-27 | 1.9 | CVE-2019-9421 MISC |
| google -- android | In Bluetooth, there is a possible information disclosure due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-110166350 | 2019-09-27 | 2.1 | CVE-2019-9427 MISC |
| google -- android | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-80146682 | 2019-09-27 | 2.1 | CVE-2019-9435 MISC |
| google -- android | In the Package Manager service, there is a possible information disclosure due to a confused deputy. This could lead to local disclosure of information about installed packages for other users with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-77821568 | 2019-09-27 | 2.1 | CVE-2019-9438 MISC |
| google -- android | In AOSP Email, there is a possible information disclosure due to a confused deputy. This could lead to local disclosure of the Email app's protected files with User execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-37637796 | 2019-09-27 | 2.1 | CVE-2019-9440 MISC |
| ibm -- jazz_reporting_service | IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 164115. | 2019-10-01 | 3.5 | CVE-2019-4494 XF CONFIRM |
| ibm -- jazz_reporting_service | IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 164116. | 2019-10-01 | 3.5 | CVE-2019-4495 XF CONFIRM |
| ibm -- jazz_reporting_service | IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 164118. | 2019-10-01 | 3.5 | CVE-2019-4497 XF CONFIRM |
| ibm -- websphere_extreme_scale | IBM WebSphere eXtreme Scale 8.6 Admin Console is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 158099. | 2019-09-30 | 3.5 | CVE-2019-4106 XF CONFIRM |
| ibm -- websphere_extreme_scale | IBM WebSphere eXtreme Scale 8.6 Admin Console allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 158105. | 2019-09-30 | 2.1 | CVE-2019-4112 XF CONFIRM |
| ibm -- websphere_extreme_scale | IBM WebSphere eXtreme Scale 8.6 Admin API is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 158113. | 2019-09-30 | 3.5 | CVE-2019-4115 XF CONFIRM |
| ilch -- ilch_cms | Ilch 2.1.22 allows stored XSS via the title, text, or email id to the Jobs Tab. | 2019-09-30 | 3.5 | CVE-2019-17045 MISC |
| jenkins -- dingding | Jenkins Dingding[??] Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | 2019-10-01 | 2.1 | CVE-2019-10433 MLIST CONFIRM MISC |
| jenkins -- html_publisher | Jenkins HTML Publisher Plugin 1.20 and earlier did not escape the project and build display names in the HTML report frame, resulting in a cross-site scripting vulnerability exploitable by users able to change those. | 2019-10-01 | 3.5 | CVE-2019-10432 MLIST CONFIRM |
| nuvending -- nulock | The Nulock application 1.5.0 for mobile devices sends a cleartext password over Bluetooth, which allows remote attackers (after sniffing the network) to take control of the lock. | 2019-09-27 | 3.3 | CVE-2019-16924 MISC |
| online_store_system_project -- online_store_system | Vulnerability in Online Store v1.0, Stored XSS in user_view.php where adidas_member_user variable is not sanitized. | 2019-10-01 | 3.5 | CVE-2019-8288 MLIST MISC MISC |
| online_store_system_project -- online_store_system | Vulnerability in Online Store v1.0, stored XSS in admin/user_view.php adidas_member_email variable | 2019-10-01 | 3.5 | CVE-2019-8289 MLIST MISC MISC |
| xoops -- xoops | An issue was discovered in the image-manager in Xoops 2.5.10. When the breadcrumb showing the category name is hovered over while editing any image, a JavaScript payload executes. | 2019-09-30 | 3.5 | CVE-2019-16683 MISC MISC MISC |
| xoops -- xoops | An issue was discovered in the image-manager in Xoops 2.5.10. When any image with a JavaScript payload as its name is hovered over in the list or in the Edit page, the payload executes. | 2019-09-30 | 3.5 | CVE-2019-16684 MISC MISC MISC |
Severity Not Yet Assigned
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| abcprintf -- online_store_system | Online Store System v1.0 delete_file.php doesn't check to see if a user has administrative rights nor does it check for path traversal. | 2019-10-01 | not yet calculated | CVE-2019-8291 MLIST MISC MISC |
| abcprintf -- online_store_system | Online Store System v1.0 delete_product.php doesn't check to see if a user authtenticated or has administrative rights allowing arbitrary product deletion. | 2019-10-01 | not yet calculated | CVE-2019-8292 MLIST MISC MISC |
| apache -- hadoop | In Apache Hadoop 3.1.0 to 3.1.1, 3.0.0-alpha1 to 3.0.3, 2.9.0 to 2.9.1, and 2.0.0-alpha to 2.8.4, the user/group information can be corrupted across storing in fsimage and reading back from fsimage. | 2019-10-04 | not yet calculated | CVE-2018-11768 MISC MLIST MLIST MLIST MLIST |
| apache -- mina | Handling of the close_notify SSL/TLS message does not lead to a connection closure, leading the server to retain the socket opened and to have the client potentially receive clear text messages afterward. Mitigation: 2.0.20 users should migrate to 2.0.21, 2.1.0 users should migrate to 2.1.1. This issue affects: Apache MINA. | 2019-10-01 | not yet calculated | CVE-2019-0231 MISC |
| athena -- multiple_products | wolfSSL and wolfCrypt 4.0.0 and earlier (when configured without --enable-fpecc, --enable-sp, or --enable-sp-math) contain a timing side channel in ECDSA signature generation. This allows a local attacker, able to precisely measure the duration of signature operations, to infer information about the nonces used and potentially mount a lattice attack to recover the private key used. The issue occurs because ecc.c scalar multiplication might leak the bit length. | 2019-10-03 | not yet calculated | CVE-2019-13628 MLIST MISC MISC MISC |
| atlassian -- bitbucket_butor_portal | Butor Portal before 1.0.27 is affected by a Path Traversal vulnerability leading to a pre-authentication arbitrary file download. Effectively, a remote anonymous user can download any file on servers running Butor Portal. WhiteLabelingServlet is responsible for this vulnerability. It does not properly sanitize user input on the theme t parameter before reusing it in a path. This path is then used without validation to fetch a file and return its raw content to the user via the /wl?t=../../...&h= substring followed by a filename. | 2019-10-02 | not yet calculated | CVE-2019-13343 MISC CONFIRM MISC CONFIRM MISC |
| ca_technologies -- ca_network_flow_analysis | CA Network Flow Analysis 9.x and 10.0.x have a default credential vulnerability that can allow a remote attacker to execute arbitrary commands and compromise system security. | 2019-10-02 | not yet calculated | CVE-2019-13658 MISC FULLDISC BUGTRAQ MISC |
| check_point -- r80.30_security_gateway | In a rare scenario, Check Point R80.30 Security Gateway before JHF Take 50 managed by Check Point R80.30 Management crashes with a unique configuration of enhanced logging. | 2019-10-02 | not yet calculated | CVE-2019-8462 MISC MISC |
| cisco -- prime_infrastructure | A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information. | 2019-10-02 | not yet calculated | CVE-2019-12713 CISCO |
| cisco -- adaptive_security_appliance_and_firepower_threat_defense_software | A vulnerability in the Session Initiation Protocol (SIP) inspection module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper parsing of SIP messages. An attacker could exploit this vulnerability by sending a malicious SIP packet through an affected device. A successful exploit could allow the attacker to trigger an integer underflow, causing the software to try to read unmapped memory and resulting in a crash. | 2019-10-02 | not yet calculated | CVE-2019-12678 CISCO |
| cisco -- adaptive_security_appliance_and_firepower_threat_defense_software | A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information. | 2019-10-02 | not yet calculated | CVE-2019-12695 CISCO |
| cisco -- adaptive_security_appliance_and_firepower_threat_defense_software | A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load for a specific WebVPN HTTP page request. An attacker could exploit this vulnerability by sending multiple WebVPN HTTP page load requests for a specific URL. A successful exploit could allow the attacker to increase CPU load on the device, resulting in a denial of service (DoS) condition, which could cause traffic to be delayed through the device. | 2019-10-02 | not yet calculated | CVE-2019-12698 CISCO |
| cisco -- adaptive_security_appliance_and_firepower_threat_defense_software | A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software improperly parses certain options in OSPF link-state advertisement (LSA) type 11 packets. An attacker could exploit this vulnerability by sending a crafted LSA type 11 OSPF packet to an affected device. A successful exploit could allow the attacker to cause a reload of the affected device, resulting in a DoS condition for client traffic that is traversing the device. | 2019-10-02 | not yet calculated | CVE-2019-12676 CISCO |
cisco -- adaptive_security_appliance_and_firepower_threat_defense_software | A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper management of system memory. An attacker could exploit this vulnerability by sending malicious IKEv1 traffic to an affected device. The attacker does not need valid credentials to authenticate the VPN session, nor does the attacker's source address need to match a peer statement in the crypto map applied to the ingress interface of the affected device. An exploit could allow the attacker to exhaust system memory resources, leading to a reload of an affected device. | 2019-10-02 | not yet calculated | CVE-2019-15256 CISCO |
| cisco -- adaptive_security_appliance_and_firepower_threat_defense_software | A vulnerability in the FTP inspection engine of Cisco Adaptive Security (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of FTP data. An attacker could exploit this vulnerability by sending malicious FTP traffic through an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device. | 2019-10-02 | not yet calculated | CVE-2019-12673 CISCO |
| cisco -- adaptive_security_appliance_software | A vulnerability in the Secure Sockets Layer (SSL) VPN feature of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition that prevents the creation of new SSL/Transport Layer Security (TLS) connections to an affected device. The vulnerability is due to incorrect handling of Base64-encoded strings. An attacker could exploit this vulnerability by opening many SSL VPN sessions to an affected device. The attacker would need to have valid user credentials on the affected device to exploit this vulnerability. A successful exploit could allow the attacker to overwrite a special system memory location, which will eventually result in memory allocation errors for new SSL/TLS sessions to the device, preventing successful establishment of these sessions. A reload of the device is required to recover from this condition. Established SSL/TLS connections to the device and SSL/TLS connections through the device are not affected. Note: Although this vulnerability is in the SSL VPN feature, successful exploitation of this vulnerability would affect all new SSL/TLS sessions to the device, including management sessions. | 2019-10-02 | not yet calculated | CVE-2019-12677 CISCO |
| cisco -- adaptive_security_appliance_software | A vulnerability in the Secure Copy (SCP) feature of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to the use of an incorrect data type for a length variable. An attacker could exploit this vulnerability by initiating the transfer of a large file to an affected device via SCP. To exploit this vulnerability, the attacker would need to have valid privilege level 15 credentials on the affected device. A successful exploit could allow the attacker to cause the length variable to roll over, which could cause the affected device to crash. | 2019-10-02 | not yet calculated | CVE-2019-12693 CISCO |
| cisco -- email_security_appliance | A vulnerability in the Sender Policy Framework (SPF) functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the configured user filters on an affected device. The vulnerability exists because the affected software insufficiently validates certain incoming SPF messages. An attacker could exploit this vulnerability by sending a custom SPF packet to an affected device. A successful exploit could allow the attacker to bypass the configured header filters, which could allow malicious content to pass through the device. | 2019-10-02 | not yet calculated | CVE-2019-12706 CISCO |
| cisco -- firepower_management_center_software | Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could exploit these vulnerabilities by sending crafted SQL queries to an affected device. A successful exploit could allow the attacker to view information that they are not authorized to view, make changes to the system that they are not authorized to make, and execute commands within the underlying operating system that may affect the availability of the device. | 2019-10-02 | not yet calculated | CVE-2019-12681 CISCO |
| cisco -- firepower_management_center_software | A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to inject arbitrary commands that are executed with the privileges of the root user of the underlying operating system. The vulnerability is due to insufficient validation of user-supplied input to the web UI. An attacker could exploit this vulnerability by submitting crafted input in the web UI. A successful exploit could allow an attacker to execute arbitrary commands on the device with full root privileges. | 2019-10-02 | not yet calculated | CVE-2019-12690 CISCO |
| cisco -- firepower_management_center_software | A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to execute arbitrary commands within the affected device. | 2019-10-02 | not yet calculated | CVE-2019-12687 CISCO |
| cisco -- firepower_management_center_software | A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to execute arbitrary commands within the affected device. | 2019-10-02 | not yet calculated | CVE-2019-12688 CISCO |
| cisco -- firepower_management_center_software | A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system of an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending malicious commands to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device. | 2019-10-02 | not yet calculated | CVE-2019-12689 CISCO |
| cisco -- firepower_management_center_software | Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could exploit these vulnerabilities by sending crafted SQL queries to an affected device. A successful exploit could allow the attacker to view information that they are not authorized to view, make changes to the system that they are not authorized to make, and execute commands within the underlying operating system that may affect the availability of the device. | 2019-10-02 | not yet calculated | CVE-2019-12683 CISCO |
| cisco -- firepower_management_center_software | Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could exploit these vulnerabilities by sending crafted SQL queries to an affected device. A successful exploit could allow the attacker to view information that they are not authorized to view, make changes to the system that they are not authorized to make, and execute commands within the underlying operating system that may affect the availability of the device. | 2019-10-02 | not yet calculated | CVE-2019-12686 CISCO |
| cisco -- firepower_management_center_software | A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an affected device. The vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to bypass Cisco FMC Software security restrictions and gain access to the underlying filesystem of the affected device. | 2019-10-02 | not yet calculated | CVE-2019-12691 CISCO |
| cisco -- firepower_management_center_software | Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could exploit these vulnerabilities by sending crafted SQL queries to an affected device. A successful exploit could allow the attacker to view information that they are not authorized to view, make changes to the system that they are not authorized to make, and execute commands within the underlying operating system that may affect the availability of the device. | 2019-10-02 | not yet calculated | CVE-2019-12679 CISCO |
| cisco -- firepower_management_center_software | Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could exploit these vulnerabilities by sending crafted SQL queries to an affected device. A successful exploit could allow the attacker to view information that they are not authorized to view, make changes to the system that they are not authorized to make, and execute commands within the underlying operating system that may affect the availability of the device. | 2019-10-02 | not yet calculated | CVE-2019-12680 CISCO |
| cisco -- firepower_management_center_software | Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could exploit these vulnerabilities by sending crafted SQL queries to an affected device. A successful exploit could allow the attacker to view information that they are not authorized to view, make changes to the system that they are not authorized to make, and execute commands within the underlying operating system that may affect the availability of the device. | 2019-10-02 | not yet calculated | CVE-2019-12684 CISCO |
| cisco -- firepower_management_center_software | Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could exploit these vulnerabilities by sending crafted SQL queries to an affected device. A successful exploit could allow the attacker to view information that they are not authorized to view, make changes to the system that they are not authorized to make, and execute commands within the underlying operating system that may affect the availability of the device. | 2019-10-02 | not yet calculated | CVE-2019-12685 CISCO |
| cisco -- firepower_management_center_software | A vulnerability in the file and malware inspection feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass the file and malware inspection policies on an affected system. The vulnerability exists because the affected software insufficiently validates incoming traffic. An attacker could exploit this vulnerability by sending a crafted HTTP request through an affected device. A successful exploit could allow the attacker to bypass the file and malware inspection policies and send malicious traffic through the affected device. | 2019-10-02 | not yet calculated | CVE-2019-12701 CISCO |
| cisco -- firepower_management_center_software | Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could exploit these vulnerabilities by sending crafted SQL queries to an affected device. A successful exploit could allow the attacker to view information that they are not authorized to view, make changes to the system that they are not authorized to make, and execute commands within the underlying operating system that may affect the availability of the device. | 2019-10-02 | not yet calculated | CVE-2019-12682 CISCO |
| cisco -- firepower_system_software_detection_engine | Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory. | 2019-10-02 | not yet calculated | CVE-2019-12696 CISCO |
| cisco -- firepower_system_software_detection_engine | Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory. | 2019-10-02 | not yet calculated | CVE-2019-12697 CISCO |
| cisco -- firepower_threat_defense_and_firepower_management_center_and _fxos_software | A vulnerability in the configuration of the Pluggable Authentication Module (PAM) used in Cisco Firepower Threat Defense (FTD) Software, Cisco Firepower Management Center (FMC) Software, and Cisco FXOS Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper resource management in the context of user session management. An attacker could exploit this vulnerability by connecting to an affected system and performing many simultaneous successful Secure Shell (SSH) logins. A successful exploit could allow the attacker to exhaust system resources and cause the device to reload, resulting in a DoS condition. To exploit this vulnerability, the attacker needs valid user credentials on the system. | 2019-10-02 | not yet calculated | CVE-2019-12700 CISCO |
| cisco -- firepower_threat_defense_software | Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances. | 2019-10-02 | not yet calculated | CVE-2019-12675 CISCO |
| cisco -- firepower_threat_defense_software | Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances. | 2019-10-02 | not yet calculated | CVE-2019-12674 CISCO |
| cisco -- firepower_threat_defense_software | A vulnerability in the command line interface (CLI) of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker with administrative privileges to execute commands on the underlying operating system with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by executing a specific CLI command that includes crafted arguments. A successful exploit could allow the attacker to execute commands on the underlying OS with root privileges. | 2019-10-02 | not yet calculated | CVE-2019-12694 CISCO |
| cisco -- fxos_and_firepower_threat_defense_software | Multiple vulnerabilities in the CLI of Cisco FXOS Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute commands on the underlying operating system (OS) with root privileges. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by including crafted arguments to specific CLI commands. A successful exploit could allow the attacker to execute commands on the underlying OS with root privileges. | 2019-10-02 | not yet calculated | CVE-2019-12699 CISCO |
| cisco -- ic3000_industrial_compute_gateway | A vulnerability in the web-based management interface of Cisco IC3000 Industrial Compute Gateway could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software improperly manages system resources. An attacker could exploit this vulnerability by opening a large number of simultaneous sessions on the web-based management interface of an affected device. A successful exploit could allow the attacker to cause a DoS condition of the web-based management interface, preventing normal management operations. | 2019-10-02 | not yet calculated | CVE-2019-12714 CISCO |
| cisco -- identity_services_engine | A vulnerability in the web-based guest portal of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplied input that is processed by the web-based management interface. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive browser-based information. | 2019-10-02 | not yet calculated | CVE-2019-12631 CISCO |
| cisco -- multiple_products | A vulnerability in the web-based interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition (SME), Cisco Unified Communications Manager IM and Presence (Unified CM IM&P) Service, and Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections by the affected software. An attacker could exploit this vulnerability by persuading a targeted user to click a malicious link. A successful exploit could allow the attacker to send arbitrary requests that could change the password of a targeted user. An attacker could then take unauthorized actions on behalf of the targeted user. | 2019-10-02 | not yet calculated | CVE-2019-1915 CISCO |
| cisco -- multiple_unified_communications_products | A vulnerability in the web-based interface of multiple Cisco Unified Communications products could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of the affected software. The vulnerability is due to insufficient validation of user-supplied input by the web-based interface of the affected software. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information. | 2019-10-02 | not yet calculated | CVE-2019-12707 CISCO |
| cisco -- prime_infrastructure | A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerability is due to insufficient validation of user-supplied input in multiple sections of the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information. | 2019-10-02 | not yet calculated | CVE-2019-12712 CISCO |
| cisco -- security_manager | A vulnerability in the Java deserialization function used by Cisco Security Manager could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An attacker could exploit this vulnerability by sending a malicious serialized Java object to a specific listener on an affected system. A successful exploit could allow the attacker to execute arbitrary commands on the device with the privileges of casuser. | 2019-10-02 | not yet calculated | CVE-2019-12630 CISCO |
| cisco -- unified_communications_manager_and_unified_communications_ manager_session_management_edition | A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of the affected software. The vulnerability is due to insufficient validation of user-supplied input by the web-based interface of the affected software. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information. | 2019-10-02 | not yet calculated | CVE-2019-12715 CISCO |
| cisco -- unified_communications_manager_and_unified_communications_ manager_session_management_edition | A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) could allow an authenticated, remote attacker to impact the confidentiality of an affected system by executing arbitrary SQL queries. The vulnerability exists because the affected software improperly validates user-supplied input in SQL queries. An attacker could exploit this vulnerability by sending crafted requests that contain malicious SQL statements to the affected application. A successful exploit could allow the attacker to determine the presence of certain values in the database, impacting the confidentiality of the system. | 2019-10-02 | not yet calculated | CVE-2019-12710 CISCO |
| cisco -- unified_communications_manager_and_unified_communications_ manager_session_management_edition | A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) could allow an unauthenticated, remote attacker to bypass security restrictions. The vulnerability is due to improper handling of malformed HTTP methods. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected system. A successful exploit could allow the attacker to gain unauthorized access to the system. | 2019-10-02 | not yet calculated | CVE-2019-15272 CISCO |
| cisco -- unified_communications_manager_and_unified_communications_ manager_session_management_edition | A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due to insufficient validation of user-supplied input by the web-based interface of the affected software. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information. | 2019-10-02 | not yet calculated | CVE-2019-12716 CISCO |
| cisco -- unified_communications_manager_and_unified_communications_ manager_session_management_edition | A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) could allow an unauthenticated, remote attacker to access sensitive information or cause a denial of service (DoS) condition. The vulnerability is due to improper restrictions on XML entities. An attacker could exploit this vulnerability by sending malicious requests to an affected system that contain references in XML entities. A successful exploit could allow the attacker to retrieve files from the local system, resulting in the disclosure of sensitive information, or cause the application to consume available resources, resulting in a DoS condition. | 2019-10-02 | not yet calculated | CVE-2019-12711 CISCO |
| cisco -- unified_contact_center_express_software | A vulnerability in Cisco Unified Contact Center Express (UCCX) Software could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. The vulnerability is due to insufficient input validation of some parameters that are passed to the web server of the affected system. An attacker could exploit this vulnerability by convincing a user to follow a malicious link or by intercepting a user request on an affected device. A successful exploit could allow the attacker to perform cross-site scripting attacks, web cache poisoning, access sensitive browser-based information, and similar exploits. | 2019-10-02 | not yet calculated | CVE-2019-15259 CISCO |
| codehaus -- codehaus | A series of deserialization vulnerabilities have been discovered in Codehaus 1.9.x implemented in EAP 7. This CVE fixes CVE-2017-17485, CVE-2017-7525, CVE-2017-15095, CVE-2018-5968, CVE-2018-7489, CVE-2018-1000873, CVE-2019-12086 reported for FasterXML jackson-databind by implementing a whitelist approach that will mitigate these vulnerabilities and future ones alike. | 2019-10-01 | not yet calculated | CVE-2019-10202 CONFIRM |
| compal -- ch7465lg_devices | Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorrect Access Control because of Improper Input Validation. The attacker can send a maliciously modified POST (HTTP) request containing shell commands, which will be executed on the device, to an backend API endpoint of the cable modem. | 2019-10-02 | not yet calculated | CVE-2019-13025 MISC |
| dayrui -- xunruicms | An issue was discovered in XunRuiCMS 4.3.1. There is a stored XSS in the module_category area. | 2019-10-01 | not yet calculated | CVE-2019-17074 MISC |
| dell_emc -- elastic_cloud_storage | Dell EMC ECS versions prior to 3.4.0.0 contain an improper restriction of excessive authentication attempts vulnerability. An unauthenticated remote attacker may potentially perform a password brute-force attack to gain access to the targeted accounts. | 2019-09-27 | not yet calculated | CVE-2019-3766 CONFIRM |
| eclipse -- mojarra_for_eclipse_and_mojarra_javaserver_faces | faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used in Mojarra for Eclipse EE4J before 2.3.10 and Mojarra JavaServer Faces before 2.2.20, allows Reflected XSS because a client window field is mishandled. | 2019-10-02 | not yet calculated | CVE-2019-17091 MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC |
| elastic -- code | A local file disclosure flaw was found in Elastic Code versions 7.3.0, 7.3.1, and 7.3.2. If a malicious code repository is imported into Code it is possible to read arbitrary files from the local filesystem of the Kibana instance running Code with the permission of the Kibana system user. | 2019-10-01 | not yet calculated | CVE-2019-7618 MISC MISC |
| enterprisedt -- completeftp_server | EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable to information exposure in the Bootstrap.log file. This allows an attacker to obtain the administrator password hash. | 2019-10-02 | not yet calculated | CVE-2019-16116 MISC MISC |
| facebook_open_source -- hhvm | Insufficient boundary checks when formatting numbers in number_format allows read/write access to out-of-bounds memory, potentially leading to remote code execution. This issue affects HHVM versions prior to 3.30.10, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.18.2, and versions 4.19.0, 4.19.1, 4.20.0, 4.20.1, 4.20.2, 4.21.0, 4.22.0, 4.23.0. | 2019-10-02 | not yet calculated | CVE-2019-11929 CONFIRM CONFIRM CONFIRM |
| facebook -- whatsapp_for_android | A double free vulnerability in the DDGifSlurp function in decoding.c in libpl_droidsonroids_gif before 1.2.15, as used in WhatsApp for Android before 2.19.244, allows remote attackers to execute arbitrary code or cause a denial of service. | 2019-10-03 | not yet calculated | CVE-2019-11932 CONFIRM |
| fasterxml -- jackson-databind | A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling. | 2019-10-01 | not yet calculated | CVE-2019-16942 MISC MISC MLIST MISC DEBIAN |
| fasterxml -- jackson-databind | A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling. | 2019-10-01 | not yet calculated | CVE-2019-16943 MISC MLIST MISC DEBIAN |
| fecmall -- fecmall | An unrestricted file upload vulnerability was discovered in catalog/productinfo/imageupload in Fecshop FecMall 2.3.4. An attacker can bypass a front-end restriction and upload PHP code to the webserver, by providing image data and the image/jpeg content type, with a .php extension. This occurs because the code relies on the getimagesize function. | 2019-10-04 | not yet calculated | CVE-2019-17188 MISC |
| fon_wireless -- multiple_routers | FON2601E-SE, FON2601E-RE, FON2601E-FSW-S, and FON2601E-FSW-B with firmware versions 1.1.7 and earlier contain an issue where they may behave as open resolvers. If this vulnerability is exploited, FON routers may be leveraged for DNS amplification attacks to some other entities. | 2019-10-04 | not yet calculated | CVE-2019-6015 MISC MISC |
| foxit_software -- foxit_reader | This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the removeField method. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8656. | 2019-10-04 | not yet calculated | CVE-2019-13315 MISC MISC |
| foxit_software -- foxit_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the exportValues method within a AcroForm. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8491. | 2019-10-04 | not yet calculated | CVE-2019-6775 MISC MISC |
| foxit_software -- foxit_pdf_reader | An exploitable memory corruption vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader, version 9.4.1.16828. A specially crafted PDF document can trigger an out-of-memory condition which isn't handled properly, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. | 2019-10-02 | not yet calculated | CVE-2019-5031 MISC |
| foxit_software -- foxit_phantompdf | This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Calculate actions. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8759. | 2019-10-04 | not yet calculated | CVE-2019-13317 MISC MISC |
| foxit_software -- foxit_phantompdf | This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Calculate actions. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8757. | 2019-10-04 | not yet calculated | CVE-2019-13316 MISC MISC |
| foxit_software -- foxit_phantompdf | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the removeField method when processing watermarks within AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-8801. | 2019-10-04 | not yet calculated | CVE-2019-6776 MISC MISC |
| foxit_software -- foxit_photo_studio | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.909. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of TIFF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8782. | 2019-10-03 | not yet calculated | CVE-2019-13324 MISC MISC |
| foxit_software -- foxit_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8814. | 2019-10-04 | not yet calculated | CVE-2019-13320 MISC MISC |
| foxit_software -- foxit_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of TIF files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8695. | 2019-10-03 | not yet calculated | CVE-2019-13329 MISC MISC |
| foxit_software -- foxit_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of fields within Acroform objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8864. | 2019-10-03 | not yet calculated | CVE-2019-13326 MISC MISC |
| foxit_software -- foxit_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of XFA forms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8669. | 2019-10-04 | not yet calculated | CVE-2019-13319 MISC MISC |
| foxit_software -- foxit_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of fields within Acroform objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8913. | 2019-10-03 | not yet calculated | CVE-2019-13328 MISC MISC |
| foxit_software -- foxit_reader | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of the util.printf Javascript method. The application processes the %p parameter in the format string, allowing heap addresses to be returned to the script. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-8544. | 2019-10-04 | not yet calculated | CVE-2019-13318 MISC MISC |
| foxit_software -- foxit_reader | Foxit Reader before 9.7 allows an Access Violation and crash if insufficient memory exists. | 2019-10-04 | not yet calculated | CVE-2019-17183 MISC |
| foxit_software -- foxit_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of templates in XFA forms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9149. | 2019-10-03 | not yet calculated | CVE-2019-13332 MISC MISC |
| foxit_software -- foxit_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the deleteItemAt method when processing AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8295. | 2019-10-04 | not yet calculated | CVE-2019-6774 MISC MISC |
| foxit_software -- foxit_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of JPG files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8742. | 2019-10-03 | not yet calculated | CVE-2019-13330 MISC MISC |
| foxit_software -- foxit_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of fields within Acroform objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8888. | 2019-10-03 | not yet calculated | CVE-2019-13327 MISC MISC |
| foxit_software -- foxit_reader | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8838. | 2019-10-03 | not yet calculated | CVE-2019-13331 MISC MISC |
| foxit_software -- foxit_studio_photo | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.909. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of EPS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8922. | 2019-10-03 | not yet calculated | CVE-2019-13325 MISC MISC |
| foxit_software -- foxit_studio_photo | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.909. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of TIF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8783. | 2019-10-03 | not yet calculated | CVE-2019-13323 MISC MISC |
| freerdp -- freerdp | HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through 2019-09-28, as used in WinPR in FreeRDP and other products, has a memory leak because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value. | 2019-10-04 | not yet calculated | CVE-2019-17178 MISC MISC |
| freerdp -- freerdp | libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0.0-rc4 has memory leaks because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value. | 2019-10-04 | not yet calculated | CVE-2019-17177 MISC MISC |
| frost_ming -- redis_wrapper | Uncontrolled deserialization of a pickled object in models.py in Frost Ming rediswrapper (aka Redis Wrapper) before 0.3.0 allows attackers to execute arbitrary scripts. | 2019-10-05 | not yet calculated | CVE-2019-17206 MISC MISC MISC |
| google -- chrome_os | The Imagination Technologies driver for Chrome OS before R74-11895.B, R75 before R75-12105.B, and R76 before R76-12208.0.0 allows attackers to trigger an Integer Overflow and gain privileges via a malicious application. This occurs because of intentional access for the GPU process to /dev/dri/card1 and the PowerVR ioctl handler, as demonstrated by PVRSRVBridgeSyncPrimOpCreate. | 2019-10-01 | not yet calculated | CVE-2019-16508 MISC |
| google -- signal_private_messenger_application_for_android | The Signal Private Messenger application before 4.47.7 for Android allows a caller to force a call to be answered, without callee user interaction, via a connect message. The existence of the call is noticeable to the callee; however, the audio channel may be open before the callee can block eavesdropping. | 2019-10-04 | not yet calculated | CVE-2019-17191 MISC MISC MISC |
| ibm -- mq | IBM MQ 8.0.0.4 - 8.0.0.12, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.0 - 9.1.2 AMQP Listeners could allow an unauthorized user to conduct a session fixation attack due to clients not being disconnected as they should. IBM X-Force ID: 159352. | 2019-10-04 | not yet calculated | CVE-2019-4227 XF CONFIRM |
| ibm -- security_key_lifecycle_manager | IBM Security Key Lifecycle Manager 2.6, 2.7, 3.0, and 3.0.1 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 165136. | 2019-10-04 | not yet calculated | CVE-2019-4514 XF CONFIRM |
| ibm -- security_key_lifecycle_manager | IBM Security Key Lifecycle Manager 2.6, 2.7, 3.0, and 3.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | 2019-10-04 | not yet calculated | CVE-2019-4564 XF CONFIRM |
| jenkins -- jenkins | A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.64 and earlier related to the handling of default parameter expressions in constructors allowed attackers to execute arbitrary code in sandboxed scripts. | 2019-10-01 | not yet calculated | CVE-2019-10431 MLIST CONFIRM |
| jetbrains -- hub | In JetBrains Hub versions earlier than 2018.4.11436, there was no option to force a user to change the password and no password expiration policy was implemented. | 2019-10-01 | not yet calculated | CVE-2019-14955 MISC |
| jetbrains -- intellij_idea | JetBrains IntelliJ IDEA before 2019.2 was resolving the markdown plantuml artifact download link via a cleartext http connection. | 2019-10-01 | not yet calculated | CVE-2019-14954 CONFIRM |
| jetbrains -- ktor_framework | UserHashedTableAuth in JetBrains Ktor framework before 1.2.0-rc uses a One-Way Hash with a Predictable Salt for storing user credentials. | 2019-10-02 | not yet calculated | CVE-2019-12737 CONFIRM |
| jetbrains -- pycharm | JetBrains PyCharm before 2019.2 was allocating a buffer of unknown size for one of the connection processes. In a very specific situation, it could lead to a remote invocation of an OOM error message because of Uncontrolled Memory Allocation. | 2019-10-02 | not yet calculated | CVE-2019-14958 CONFIRM |
| jetbrains -- resharper | JetBrains ReSharper installers for versions before 2019.2 had a DLL Hijacking vulnerability. | 2019-10-02 | not yet calculated | CVE-2019-16407 MISC |
| jetbrains -- rider | JetBrains Rider before 2019.1.2 was using an unsigned JetBrains.Rider.Unity.Editor.Plugin.Repacked.dll file. | 2019-10-01 | not yet calculated | CVE-2019-14960 MISC |
| jetbrains -- teamcity | An issue was discovered in JetBrains TeamCity 2018.2.4. A TeamCity Project administrator could get access to potentially confidential server-level data. The issue was fixed in TeamCity 2018.2.5 and 2019.1. | 2019-10-01 | not yet calculated | CVE-2019-15035 MISC |
| jetbrains -- teamcity | An issue was discovered in JetBrains TeamCity 2018.2.4. The TeamCity server was not using some security-related HTTP headers. The issue was fixed in TeamCity 2019.1. | 2019-10-01 | not yet calculated | CVE-2019-15038 MISC |
| jetbrains -- teamcity | In JetBrains TeamCity versions before 2018.2.5 and UpSource versions before 2018.2 build 1293, improper validation of user input for one of the fields could lead to Command Injection. | 2019-10-02 | not yet calculated | CVE-2019-12157 MISC |
| jetbrains -- teamcity | An issue was discovered in JetBrains TeamCity 2018.2.4. It had no SSL certificate validation for some external https connections. This was fixed in TeamCity 2019.1. | 2019-10-01 | not yet calculated | CVE-2019-15042 MISC |
| jetbrains -- teamcity | Server metadata could be exposed because one of the error messages reflected the whole response back to the client in JetBrains TeamCity versions before 2018.2.5 and UpSource versions before 2018.2 build 1293. | 2019-10-02 | not yet calculated | CVE-2019-12156 CONFIRM |
| jetbrains -- toolbox | JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection. | 2019-10-02 | not yet calculated | CVE-2019-14959 CONFIRM |
| jetbrains -- upsource | JetBrains Upsource before 2019.1.1412 was not properly escaping HTML tags in a code block comments, leading to XSS. | 2019-10-01 | not yet calculated | CVE-2019-14961 MISC |
| jetbrains -- vim_plugin | The JetBrains Vim plugin before version 0.52 was storing individual project data in the global vim_settings.xml file. This xml file could be synchronized to a publicly accessible GitHub repository. | 2019-10-01 | not yet calculated | CVE-2019-14957 CONFIRM |
| jetbrains -- youtrack | JetBrains YouTrack versions before 2019.1.52545 allowed unbounded URL whitelisting because of Inclusion of Functionality from an Untrusted Control Sphere. | 2019-10-01 | not yet calculated | CVE-2019-15041 MISC |
| joyplus -- joyplus-cms | joyplus-cms 1.6.0 allows manager/admin_pic.php?rootpath= absolute path traversal. | 2019-10-04 | not yet calculated | CVE-2019-17175 MISC |
| keybase -- keybase_for_ios | The Keybase app 2.13.2 for iOS provides potentially insufficient notice that it is employing a user's private key to sign a certain cryptocurrency attestation (that an address at keybase.io can be used for Stellar payments to the user), which might be incompatible with a user's personal position on the semantics of an attestation. | 2019-09-29 | not yet calculated | CVE-2019-16992 MISC MISC |
| kslabs -- ksweb | KSLabs KSWEB 3.93 allows ../ directory traversal, as demonstrated by the hostFile parameter. | 2019-10-03 | not yet calculated | CVE-2019-16198 MISC |
| kslabs -- ksweb_for_android | The KSLABS KSWEB (aka ru.kslabs.ksweb) application 3.93 for Android allows authenticated remote code execution via a POST request to the AJAX handler with the configFile parameter set to the arbitrary file to be written to (and the config_text parameter set to the content of the file to be created). This can be a PHP file that is written to in the public web directory and subsequently executed. The attacker must have network connectivity to the PHP server that is running on the Android device. | 2019-10-03 | not yet calculated | CVE-2019-15766 MISC MISC |
| kubernetes -- kube-state-metrics | A security issue was discovered in kube-state-metrics 1.7.x before 1.7.2. An experimental feature was added to v1.7.0 and v1.7.1 that enabled annotations to be exposed as metrics. By default, kube-state-metrics metrics only expose metadata about Secrets. However, a combination of the default kubectl behavior and this new feature can cause the entire secret content to end up in metric labels, thus inadvertently exposing the secret content in metrics. | 2019-10-03 | not yet calculated | CVE-2019-17110 MISC |
| libopenmpt -- libopenmpt | In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_InstrumentName and ModPlug_SampleName in libopenmpt_modplug.c do not restrict the lengths of libmodplug output-buffer strings in the C API, leading to a buffer overflow. | 2019-10-03 | not yet calculated | CVE-2019-17113 MISC MISC MISC MISC |
| liferay -- portal_community _edition | Liferay Portal CE 6.2.5 allows remote command execution because of deserialization of a JSON payload. | 2019-10-04 | not yet calculated | CVE-2019-16891 MISC MISC MISC |
| linux_mint -- mintinstall | mintinstall (aka Software Manager) 7.9.9 for Linux Mint allows code execution if a REVIEWS_CACHE file is controlled by an attacker, because an unpickle occurs. This is resolved in 8.0.0 and backports. | 2019-10-02 | not yet calculated | CVE-2019-17080 MISC MISC MISC MISC |
| linux -- linux_kernel | atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c. | 2019-10-01 | not yet calculated | CVE-2019-17054 MISC MISC |
| linux -- linux_kernel | An issue was discovered in write_tpt_entry in drivers/infiniband/hw/cxgb4/mem.c in the Linux kernel through 5.3.2. The cxgb4 driver is directly calling dma_map_single (a DMA function) from a stack variable. This could allow an attacker to trigger a Denial of Service, exploitable if this driver is used on an architecture for which this stack/DMA interaction has security relevance. | 2019-10-01 | not yet calculated | CVE-2019-17075 MISC |
| linux -- linux_kernel | llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176. | 2019-10-01 | not yet calculated | CVE-2019-17056 MISC MISC |
| linux -- linux_kernel | ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7. | 2019-10-01 | not yet calculated | CVE-2019-17053 MISC MISC |
| linux -- linux_kernel | base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21. | 2019-10-01 | not yet calculated | CVE-2019-17055 MISC MISC |
| linux -- linux_kernel | ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768. | 2019-10-01 | not yet calculated | CVE-2019-17052 MISC MISC |
| linux -- linux_kernel | In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow. | 2019-10-04 | not yet calculated | CVE-2019-17133 MISC |
| matrixssl -- matrixssl | MatrixSSL 4.2.1 and earlier contains a timing side channel in ECDSA signature generation. This allows a local or a remote attacker, able to measure the duration of hundreds to thousands of signing operations, to compute the private key used. The issue occurs because crypto/pubkey/ecc_math.c scalar multiplication leaks the bit length of the scalar. | 2019-10-03 | not yet calculated | CVE-2019-13629 MLIST MISC MISC MISC |
| micro_focus -- arcsight_logger | Unrestricted file upload vulnerability in Micro Focus ArcSight Logger, version 6.7.0 and later. This vulnerability could allow Unrestricted Upload of File with Dangerous type. | 2019-10-04 | not yet calculated | CVE-2019-11655 MISC |
| micro_focus -- arcsight_logger | Stored XSS vulnerability in Micro Focus ArcSight Logger, affects versions prior to Logger 6.7.1 HotFix 6.7.1.8262.0. This vulnerability could allow Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). | 2019-10-04 | not yet calculated | CVE-2019-11656 MISC |
| micro_focus -- enterprise_developer_and_enterprise_server | Reflected XSS on Micro Focus Enterprise Developer and Enterprise Server, all versions prior to version 3.0 Patch Update 20, version 4.0 Patch Update 12, and version 5.0 Patch Update 2. The vulnerability could be exploited to redirect a user to a malicious page or forge certain types of web requests. | 2019-10-02 | not yet calculated | CVE-2019-11651 MISC |
| multiple_vendors -- multiple_products | Smart cards from the Athena SCS manufacturer, based on the Atmel Toolbox 00.03.11.05 and the AT90SC chip, contain a timing side channel in ECDSA signature generation. This allows a local attacker, able to measure the duration of hundreds to thousands of signing operations, to compute the private key used. The issue occurs because the Atmel Toolbox 00.03.11.05 contains two versions of ECDSA signature functions, described as fast and secure, but the affected cards chose to use the fast version, which leaks the bit length of the random nonce via timing. This affects Athena IDProtect 010b.0352.0005, Athena IDProtect 010e.1245.0002, Athena IDProtect 0106.0130.0401, Athena IDProtect 010e.1245.0002, Valid S/A IDflex V 010b.0352.0005, SafeNet eToken 4300 010e.1245.0002, TecSec Armored Card 010e.0264.0001, and TecSec Armored Card 108.0264.0001. | 2019-10-03 | not yet calculated | CVE-2019-15809 MLIST MISC MISC MISC MISC MISC |
| nlnet_labs -- unbound | Unbound before 1.9.4 accesses uninitialized memory, which allows remote attackers to trigger a crash via a crafted NOTIFY query. The source IP address of the query must match an access-control rule. | 2019-10-03 | not yet calculated | CVE-2019-16866 MISC MISC |
| openemr -- openemr | XSS in library/custom_template/add_template.php in OpenEMR through 5.0.2 allows a malicious user to execute code in the context of a victim's browser via a crafted list_id query parameter. | 2019-10-04 | not yet calculated | CVE-2019-17179 MISC |
| openemr -- openemr | OpenEMR through 5.0.2 has SQL Injection in the Lifestyle demographic filter criteria in library/clinical_rules.php that affects library/patient.inc. | 2019-10-05 | not yet calculated | CVE-2019-17197 MISC MISC |
| pillow -- pillow | An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very large amounts of memory or take an extremely long period of time to process the image. | 2019-10-04 | not yet calculated | CVE-2019-16865 MISC |
| pivotal -- application_manager | Pivotal Application Manager, versions 666.0.x prior to 666.0.36, versions 667.0.x prior to 667.0.22, versions 668.0.x prior to 668.0.21, versions 669.0.x prior to 669.0.13, and versions 670.0.x prior to 670.0.7, contain a vulnerability where a remote authenticated user can create an app with a name such that a csv program can interpret into a formula and gets executed. The malicious user can possibly gain access to a usage report that requires a higher privilege. | 2019-10-01 | not yet calculated | CVE-2019-11275 CONFIRM |
| project_redcap -- redcap | REDCap before 9.3.4 has XSS on the Customize & Manage Locking/E-signatures page via Lock Record Custom Text values. | 2019-10-03 | not yet calculated | CVE-2019-17121 MISC |
| putty -- putty | PuTTY before 0.73 mishandles the "bracketed paste mode" protection mechanism, which may allow a session to be affected by malicious clipboard content. | 2019-10-01 | not yet calculated | CVE-2019-17068 MISC |
| putty -- putty | PuTTY before 0.73 on Windows improperly opens port-forwarding listening sockets, which allows attackers to listen on the same port to steal an incoming connection. | 2019-10-01 | not yet calculated | CVE-2019-17067 MISC |
| putty -- putty | PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1_MSG_DISCONNECT message. | 2019-10-01 | not yet calculated | CVE-2019-17069 MISC |
| red_hat -- jboss_operations_network | It was found that the fix for CVE-2014-0114 had been reverted in JBoss Operations Network 3 (JON). This flaw allows attackers to manipulate ClassLoader properties on a vulnerable server. Exploits that have been published rely on ClassLoader properties that are exposed such as those in JON 3. Additional information can be found in the Red Hat Knowledgebase article: https://access.redhat.com/site/solutions/869353. Note that while multiple products released patches for the original CVE-2014-0114 flaw, the reversion described by this CVE-2019-3834 flaw only occurred in JON 3. | 2019-10-03 | not yet calculated | CVE-2019-3834 CONFIRM |
| rpyc -- rpyc | In RPyC 4.1.x through 4.1.1, a remote attacker can dynamically modify object attributes to construct a remote procedure call that executes code for an RPyC service with default configuration settings. | 2019-10-03 | not yet calculated | CVE-2019-16328 MISC MISC |
| rsa -- bsafe_crypto-c_micro_edition | RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 (in 4.0.x) and versions prior to 4.1.3.3 (in 4.1.x), and RSA Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) versions prior to 4.1.6.1 (in 4.1.x) and versions prior to 4.3.3 (4.2.x and 4.3.x) are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure. | 2019-09-30 | not yet calculated | CVE-2019-3732 MISC |
| rsa -- bsafe_crypto-c_micro_edition | RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.4 (in 4.0.x) and 4.1.4 (in 4.1.x) and RSA BSAFE Micro Edition Suite versions prior to 4.0.13 (in 4.0.x) and prior to 4.4 (in 4.1.x, 4.2.x, 4.3.x) are vulnerable to a Buffer Over-read vulnerability when processing DSA signature. A malicious remote user could potentially exploit this vulnerability to cause a crash in the library of the affected system. | 2019-09-30 | not yet calculated | CVE-2019-3728 MISC |
| rsa -- bsafe_crypto-c_micro_edition | RSA BSAFE Crypto-C Micro Edition, all versions prior to 4.1.4, is vulnerable to three (3) different Improper Clearing of Heap Memory Before Release vulnerability, also known as 'Heap Inspection vulnerability'. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure. | 2019-09-30 | not yet calculated | CVE-2019-3733 MISC |
| rsa -- bsafe_crypto-c_micro_edition | RSA BSAFE Crypto-C Micro Edition versions prior to 4.1.4 and RSA Micro Edition Suite versions prior to 4.4 are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure. | 2019-09-30 | not yet calculated | CVE-2019-3731 MISC |
| rsa -- bsafe_micro_edition_suite | RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and prior to 4.4 (in 4.2.x and 4.3.x), are vulnerable to an Information Exposure Through an Error Message vulnerability, also known as a ?padding oracle attack vulnerability?. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure. | 2019-09-30 | not yet calculated | CVE-2019-3730 MISC |
| rsa -- bsafe_micro_edition_suite | RSA BSAFE Micro Edition Suite versions prior to 4.4 (in 4.0.x, 4.1.x, 4.2.x and 4.3.x) are vulnerable to a Heap-based Buffer Overflow vulnerability when parsing ECDSA signature. A malicious user with adjacent network access could potentially exploit this vulnerability to cause a crash in the library of the affected system. | 2019-09-30 | not yet calculated | CVE-2019-3729 MISC |
| rust -- rust | Cargo prior to Rust 1.26.0 may download the wrong dependency if your package.toml file uses the `package` configuration key. Usage of the `package` key to rename dependencies in `Cargo.toml` is ignored in Rust 1.25.0 and prior. When Rust 1.25.0 and prior is used Cargo may download the wrong dependency, which could be squatted on crates.io to be a malicious package. This not only affects manifests that you write locally yourself, but also manifests published to crates.io. Rust 1.0.0 through Rust 1.25.0 is affected by this advisory because Cargo will ignore the `package` key in manifests. Rust 1.26.0 through Rust 1.30.0 are not affected and typically will emit an error because the `package` key is unstable. Rust 1.31.0 and after are not affected because Cargo understands the `package` key. Users of the affected versions are strongly encouraged to update their compiler to the latest available one. Preventing this issue from happening requires updating your compiler to be either Rust 1.26.0 or newer. There will be no point release for Rust versions prior to 1.26.0. Users of Rust 1.19.0 to Rust 1.25.0 can instead apply linked patches to mitigate the issue. | 2019-09-30 | not yet calculated | CVE-2019-16760 MISC CONFIRM MISC |
| salesagility -- suitecrm | SalesAgility SuiteCRM 7.10.x 7.10.19 and 7.11.x before and 7.11.7 has SSRF. | 2019-10-02 | not yet calculated | CVE-2019-13335 CONFIRM CONFIRM CONFIRM |
| snowtide -- pdfxstream | In Snowtide PDFxStream before 3.7.1 (for Java), a crafted PDF file can trigger an extremely long running computation because of page-tree mishandling. | 2019-10-01 | not yet calculated | CVE-2019-17063 MISC |
| tcpdump.org -- libpcap | sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory. | 2019-10-03 | not yet calculated | CVE-2019-15165 CONFIRM CONFIRM CONFIRM CONFIRM |
| tcpdump.org -- libpcap | rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request. | 2019-10-03 | not yet calculated | CVE-2019-15161 CONFIRM CONFIRM CONFIRM |
| tcpdump.org -- libpcap | rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames. | 2019-10-03 | not yet calculated | CVE-2019-15162 CONFIRM CONFIRM CONFIRM |
| tcpdump.org -- libpcap | rpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service (NULL pointer dereference and daemon crash) if a crypt() call fails. | 2019-10-03 | not yet calculated | CVE-2019-15163 CONFIRM CONFIRM CONFIRM |
| tcpdump.org -- libpcap | rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source. | 2019-10-03 | not yet calculated | CVE-2019-15164 CONFIRM CONFIRM CONFIRM |
| tcpdump.org -- tcpdump | The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2(). | 2019-10-03 | not yet calculated | CVE-2018-14470 MISC CONFIRM |
| tcpdump.org -- tcpdump | The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion. | 2019-10-03 | not yet calculated | CVE-2018-16300 MISC CONFIRM |
| tcpdump.org -- tcpdump | The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert(). | 2019-10-03 | not yet calculated | CVE-2018-14466 MISC CONFIRM |
| tcpdump.org -- tcpdump | The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP). | 2019-10-03 | not yet calculated | CVE-2018-14467 MISC CONFIRM |
| tcpdump.org -- tcpdump | The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print(). | 2019-10-03 | not yet calculated | CVE-2018-14463 MISC CONFIRM |
| tcpdump.org -- tcpdump | libpcap before 1.9.1, as used in tcpdump before 4.9.3, has a buffer overflow and/or over-read because of errors in pcapng reading. | 2019-10-03 | not yet calculated | CVE-2018-16301 MISC CONFIRM |
| tcpdump.org -- tcpdump | The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs(). | 2019-10-03 | not yet calculated | CVE-2018-14464 MISC CONFIRM |
| tcpdump.org -- tcpdump | tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2). | 2019-10-03 | not yet calculated | CVE-2018-10105 CONFIRM |
| tcpdump.org -- tcpdump | The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print(). | 2019-10-03 | not yet calculated | CVE-2018-14462 MISC CONFIRM |
| tcpdump.org -- tcpdump | The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print(). | 2019-10-03 | not yet calculated | CVE-2018-14461 MISC CONFIRM |
| tcpdump.org -- tcpdump | The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). | 2019-10-03 | not yet calculated | CVE-2018-14465 MISC CONFIRM |
| tcpdump.org -- tcpdump | The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print(). | 2019-10-03 | not yet calculated | CVE-2018-14469 MISC CONFIRM |
| tcpdump.org -- tcpdump | tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2). | 2019-10-03 | not yet calculated | CVE-2018-10103 CONFIRM |
| teampass -- teampass | TeamPass 2.1.27.36 allows Stored XSS at the Search page by setting a crafted password for an item in any folder. | 2019-10-05 | not yet calculated | CVE-2019-17203 MISC |
| teampass -- teampass | TeamPass 2.1.27.36 allows Stored XSS by setting a crafted Knowledge Base label and adding any available item. | 2019-10-05 | not yet calculated | CVE-2019-17204 MISC |
| teampass -- teampass | TeamPass 2.1.27.36 allows Stored XSS by placing a payload in the username field during a login attempt. When an administrator looks at the log of failed logins, the XSS payload will be executed. | 2019-10-05 | not yet calculated | CVE-2019-17205 MISC |
| undertow -- undertow | A flaw was found in, all under 2.0.20, in the Undertow DEBUG log for io.undertow.request.security. If enabled, an attacker could abuse this flaw to obtain the user's credentials from the log files. | 2019-10-02 | not yet calculated | CVE-2019-10212 CONFIRM |
| valve -- steam_client_for_windows | Valve Steam Client before 2019-09-12 allows placing or appending partially controlled filesystem content, as demonstrated by file modifications on Windows in the context of NT AUTHORITY\SYSTEM. This could lead to denial of service, elevation of privilege, or unspecified other impact. | 2019-10-04 | not yet calculated | CVE-2019-17180 MISC MISC MISC MISC |
| vbulletin -- vbulletin | vBulletin through 5.5.4 mishandles external URLs within the /core/vb/vurl.php file and the /core/vb/vurl directories. | 2019-10-04 | not yet calculated | CVE-2019-17130 MISC |
| vbulletin -- vbulletin | vBulletin before 5.5.4 allows clickjacking. | 2019-10-04 | not yet calculated | CVE-2019-17131 MISC |
| vbulletin -- vbulletin | vBulletin through 5.5.4 mishandles custom avatars. | 2019-10-04 | not yet calculated | CVE-2019-17132 MISC |
| western_digital -- ssd_dashboard_and_sandisk_ssd_dashboard | Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 have Incorrect Access Control. The ?generate reports? archive is protected with a hard-coded password. An application update that addresses the protection of archive encryption is available. | 2019-09-30 | not yet calculated | CVE-2019-13466 MISC CONFIRM |
western_digital -- ssd_dashboard_and_sandisk_ssd_dashboard_applications
| Description: Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 applications are potentially vulnerable to man-in-the-middle attacks when the applications download resources from the Dashboard web service. This vulnerability may allow an attacker to substitute downloaded resources with arbitrary files. | 2019-09-30 | not yet calculated | CVE-2019-13467 MISC CONFIRM |
| wordpress -- wordpress | A stored XSS vulnerability in the Visualizer plugin 3.3.0 for WordPress allows an unauthenticated attacker to execute arbitrary JavaScript when an admin or other privileged user edits the chart via the admin dashboard. This occurs because classes/Visualizer/Gutenberg/Block.php registers wp-json/visualizer/v1/update-chart with no access control, and classes/Visualizer/Render/Page/Data.php lacks output sanitization. | 2019-10-03 | not yet calculated | CVE-2019-16931 MISC MISC MISC |
| wpo_foundation -- webpagetest | www/getfile.php in WPO WebPageTest 19.04 on Windows allows Directory Traversal (for reading arbitrary files) because of an unanchored regular expression, as demonstrated by the a.jpg\.. substring. | 2019-10-05 | not yet calculated | CVE-2019-17199 MISC |
| xerox -- multiple_atlalink_printers | Xerox AtlaLink B8045/B8055/B8065/B8075/B8090 C8030/C8035/C8045/C8055/C8070 printers with software before 101.00x.089.22600 allow an attacker to gain privileges. | 2019-10-04 | not yet calculated | CVE-2019-17184 MISC |
| xpdf -- xpdf | Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog.pageLabels is initialized too late in the Catalog constructor. | 2019-10-01 | not yet calculated | CVE-2019-17064 MISC MISC |
Please share your thoughts
We recently updated our anonymous product survey; we’d welcome your feedback.