Vulnerability Summary for the Week of November 18, 2019
Released
Nov 25, 2019
Document ID
SB19-329
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
High Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| 3s-smart_software_solutions -- codesys_web_server | CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overflow. | 2019-11-20 | 7.5 | CVE-2019-18858 MISC MISC |
| apache -- solr | The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLE_REMOTE_JMX_OPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX monitoring will be enabled and exposed on RMI_PORT (default=18983), without any authentication. If this port is opened for inbound traffic in your firewall, then anyone with network access to your Solr nodes will be able to access JMX, which may in turn allow them to upload malicious code for execution on the Solr server. | 2019-11-18 | 7.5 | CVE-2019-12409 MLIST |
| chicken -- chicken | Buffer overflow in CHICKEN 4.9.0 and 4.9.0.1 may allow remote attackers to execute arbitrary code via the 'select' function. | 2019-11-22 | 7.5 | CVE-2014-6310 MISC MISC CONFIRM MISC |
| clamav -- clamav | ClamAV before 0.97.7 has buffer overflow in the libclamav component | 2019-11-15 | 7.5 | CVE-2013-7088 MISC MISC MISC MISC MISC |
| clamav -- clamav | ClamAV before 0.97.7 has WWPack corrupt heap memory | 2019-11-15 | 7.5 | CVE-2013-7087 MISC MISC MISC MISC MISC |
| cobbler -- cobbler | cobbler has local privilege escalation via the use of insecure location for PYTHON_EGG_CACHE | 2019-11-19 | 7.2 | CVE-2011-4954 MISC MISC MISC MISC MISC |
| cyrus -- imap | Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived over the same connection. | 2019-11-15 | 7.5 | CVE-2019-18928 MISC MISC |
| dolibarr -- dolibarr | SQL injection vulnerability in Dolibarr ERP/CRM 3.3.1 allows remote attackers to execute arbitrary SQL commands via the 'pays' parameter in fiche.php. | 2019-11-20 | 7.5 | CVE-2013-2091 MISC MISC CONFIRM MISC |
| dolibarr -- dolibarr | Dolibarr ERP/CRM 3.3.1 does not properly validate user input in viewimage.php and barcode.lib.php which allows remote attackers to execute arbitrary commands. | 2019-11-20 | 10 | CVE-2013-2093 MISC MISC CONFIRM MISC |
| druby -- druby | Distributed Ruby (aka DRuby) 1.8 mishandles instance_eval. | 2019-11-18 | 7.5 | CVE-2011-5331 MISC |
| druby -- druby | Distributed Ruby (aka DRuby) 1.8 mishandles the sending of syscalls. | 2019-11-18 | 7.5 | CVE-2011-5330 MISC |
| eclipse -- jetty | Jetty 6.x through 6.1.22 suffers from an escape sequence injection vulnerability from an attack vector by means of: 1) "Cookie Dump Servlet" and 2) Http Content-Length header. 1) A POST request to the form at "/test/cookie/" with the "Age" parameter set to a string throws a "java.lang.NumberFormatException" which reflects binary characters including ESC. These characters could be used to execute arbitrary commands or buffer dumps in the terminal. 2) The attack vector in 1) can be exploited by requesting a page using an HTTP request "Content-Length" header set to a consonant string (string including only letters). | 2019-11-15 | 7.5 | CVE-2009-5047 MISC MISC MLIST |
| google -- chrome | Unspecified vulnerabilities in Google Chrome before 54.0.2840.59. | 2019-11-20 | 10 | CVE-2016-5194 CONFIRM |
| google -- chrome | Unspecified vulnerabilities in Google Chrome before 55.0.2883.75. | 2019-11-20 | 10 | CVE-2016-9652 CONFIRM |
| hhvm -- hhvm | hhvm before 3.12.11 has a use-after-free in the serialize_memoize_param() and ResourceBundle::__construct() functions. | 2019-11-19 | 7.5 | CVE-2016-1000006 MISC MISC MISC |
| ibm -- security_identity_manager | IBM Security Identity Manager 6.0.0 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 166456. | 2019-11-20 | 9.3 | CVE-2019-4561 XF CONFIRM |
| iobroker -- iobroker.admin | iobroker.admin before 3.6.12 allows attacker to include file contents from outside the `/log/file1/` directory. | 2019-11-20 | 7.5 | CVE-2019-10765 MISC MISC |
| ktsuss -- ktsuss | ktsuss versions 1.4 and prior spawns the GTK interface to run as root. This can allow a local attacker to escalate privileges to root and use the "GTK_MODULES" environment variable to possibly execute arbitrary code. | 2019-11-19 | 7.2 | CVE-2011-2922 MISC MISC MISC MISC MISC MISC MISC |
| ktsuss -- ktsuss | ktsuss versions 1.4 and prior has the uid set to root and does not drop privileges prior to executing user specified commands, which can result in command execution with root privileges. | 2019-11-19 | 10 | CVE-2011-2921 MISC MISC MISC |
| limnoria_and_supybot -- limnoria_and_supybot | Eval injection in the Math plugin of Limnoria (before 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands. | 2019-11-16 | 7.5 | CVE-2019-19010 MISC MISC FEDORA FEDORA FEDORA |
| linux -- linux_kernel | Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering iwl_pcie_init_fw_sec() or dma_alloc_coherent() failures, aka CID-0f4f199443fa. | 2019-11-18 | 7.8 | CVE-2019-19059 MISC |
| linux -- linux_kernel | A memory leak in the rsi_send_beacon() function in drivers/net/wireless/rsi/rsi_91x_mgmt.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering rsi_prepare_beacon() failures, aka CID-d563131ef23c. | 2019-11-18 | 7.8 | CVE-2019-19071 MISC |
| linux -- linux_kernel | Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e. | 2019-11-18 | 7.8 | CVE-2019-19057 MISC |
| linux -- linux_kernel | A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering alloc_page() failures, aka CID-b4b814fec1a5. | 2019-11-18 | 7.8 | CVE-2019-19058 MISC |
| linux -- linux_kernel | A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-96c5c6e6a5b6. | 2019-11-18 | 7.8 | CVE-2019-19072 MISC |
| linux -- linux_kernel
| A memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering ca8210_get_platform_data() failures, aka CID-6402939ec86e. | 2019-11-18 | 7.8 | CVE-2019-19075 MISC MISC |
| linux -- linux_kernel | A memory leak in the mlx5_fw_fatal_reporter_dump() function in drivers/net/ethernet/mellanox/mlx5/core/health.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mlx5_crdump_collect() failures, aka CID-c7ed6d0183d5. | 2019-11-18 | 7.8 | CVE-2019-19047 MISC MISC |
| linux -- linux_kernel | A memory leak in the nfp_abm_u32_knode_replace() function in drivers/net/ethernet/netronome/nfp/abm/cls.c in the Linux kernel before 5.3.6 allows attackers to cause a denial of service (memory consumption), aka CID-78beef629fd9. | 2019-11-18 | 7.8 | CVE-2019-19076 MISC MISC |
| linux -- linux_kernel | Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113. | 2019-11-18 | 7.8 | CVE-2019-19063 MISC |
| linux -- linux_kernel | A memory leak in the crypto_reportstat() function in drivers/virt/vboxguest/vboxguest_utils.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering copy_form_user() failures, aka CID-e0b0cb938864. | 2019-11-18 | 7.8 | CVE-2019-19048 MISC MISC |
| linux -- linux_kernel | Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, the dce100_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, the dcn20_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn20/dcn20_resource.c, the dce120_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, and the dce80_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce80/dce80_resource.c, aka CID-055e547478a1. | 2019-11-18 | 7.8 | CVE-2019-19083 MISC MISC |
| linux -- linux_kernel | A memory leak in the mlx5_fpga_conn_create_cq() function in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mlx5_vector2eqn() failures, aka CID-c8c2a057fdc7. | 2019-11-18 | 7.8 | CVE-2019-19045 MISC MISC |
| linux -- linux_kernel | A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4. | 2019-11-18 | 7.8 | CVE-2019-19074 MISC |
| linux -- linux_kernel | A memory leak in the i40e_setup_macvlans() function in drivers/net/ethernet/intel/i40e/i40e_main.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering i40e_setup_channel() failures, aka CID-27d461333459. | 2019-11-18 | 7.8 | CVE-2019-19043 MISC |
| linux -- linux_kernel | A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_reportstat_alg() failures, aka CID-c03b04dcdba1. | 2019-11-18 | 7.8 | CVE-2019-19050 MISC |
| linux -- linux_kernel | A memory leak in the i2400m_op_rfkill_sw_toggle() function in drivers/net/wimax/i2400m/op-rfkill.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-6f3ef5c25cc7. | 2019-11-18 | 7.8 | CVE-2019-19051 MISC MISC |
| linux -- linux_kernel | Two memory leaks in the v3d_submit_cl_ioctl() function in drivers/gpu/drm/v3d/v3d_gem.c in the Linux kernel before 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering kcalloc() or v3d_job_init() failures, aka CID-29cd13cfd762. | 2019-11-18 | 7.8 | CVE-2019-19044 MISC MISC |
| linux -- linux_kernel | A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering rhashtable_init() failures, aka CID-34b3be18a04e. | 2019-11-18 | 7.8 | CVE-2019-19065 MISC MISC |
| linux -- linux_kernel | A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486. | 2019-11-18 | 7.8 | CVE-2019-19052 MISC MISC |
| linux -- linux_kernel | A memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy to udata failures, aka CID-4a9d46a9fe14. | 2019-11-18 | 7.8 | CVE-2019-19077 MISC |
| linux -- linux_kernel | A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-db8fd2cde932. | 2019-11-18 | 7.8 | CVE-2019-19056 MISC |
| linux -- linux_kernel | A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b. | 2019-11-18 | 7.8 | CVE-2019-19054 MISC |
| linux -- linux_kernel | A memory leak in the nfp_flower_spawn_vnic_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allows attackers to cause a denial of service (memory consumption), aka CID-8ce39eb5a67a. | 2019-11-18 | 7.8 | CVE-2019-19081 MISC MISC |
| linux -- linux_kernel | A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy_from_iter_full() failures, aka CID-bbe692e349e2. | 2019-11-18 | 7.8 | CVE-2019-19053 MISC |
| linux -- linux_kernel | A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-a2cdd07488e6. | 2019-11-18 | 7.8 | CVE-2019-19068 MISC |
| linux -- linux_kernel | A memory leak in the bfad_im_get_stats() function in drivers/scsi/bfa/bfad_attr.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering bfa_port_get_stats() failures, aka CID-0e62395da2bd. | 2019-11-18 | 7.8 | CVE-2019-19066 MISC |
| linux -- linux_kernel | Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures. This affects the htc_config_pipe_credits() function, the htc_setup_complete() function, and the htc_connect_service() function, aka CID-853acf7caf10. | 2019-11-18 | 7.8 | CVE-2019-19073 MISC |
| linux -- linux_kernel | A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-9c0530e898f3. | 2019-11-18 | 7.8 | CVE-2019-19061 MISC MISC |
| linux -- linux_kernel | A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042. | 2019-11-18 | 7.8 | CVE-2019-19062 MISC |
| linux -- linux_kernel | A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41. | 2019-11-18 | 7.8 | CVE-2019-19060 MISC MISC |
| linux -- linux_kernel | Memory leaks in *create_resource_pool() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption). This affects the dce120_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, the dce100_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, and the dce112_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, aka CID-104c307147ad. | 2019-11-18 | 7.8 | CVE-2019-19082 MISC |
| linux -- linux_kernel | A memory leak in the ath10k_usb_hif_tx_sg() function in drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-b8d17e7d93d2. | 2019-11-18 | 7.8 | CVE-2019-19078 MISC |
| linux -- linux_kernel | A memory leak in the qrtr_tun_write_iter() function in net/qrtr/tun.c in the Linux kernel before 5.3 allows attackers to cause a denial of service (memory consumption), aka CID-a21b7f0cff19. | 2019-11-18 | 7.8 | CVE-2019-19079 MISC MISC |
| linux -- linux_kernel | Four memory leaks in the nfp_flower_spawn_phy_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allow attackers to cause a denial of service (memory consumption), aka CID-8572cea1461a. | 2019-11-18 | 7.8 | CVE-2019-19080 MISC MISC |
| linux -- linux_kernel | A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc/fastrpc.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering dma_get_sgtable() failures, aka CID-fc739a058d99. | 2019-11-18 | 7.8 | CVE-2019-19069 MISC MISC |
| nvidia -- nvflash_and_nvuflash_tool_and_gpumodeswitch_tool | NVIDIA NVFlash, NVUFlash Tool prior to v5.588.0 and GPUModeSwitch Tool prior to 2019-11, NVIDIA kernel mode driver (nvflash.sys, nvflsh32.sys, and nvflsh64.sys) contains a vulnerability in which authenticated users with administrative privileges can gain access to device memory and registers of other devices not managed by NVIDIA, which may lead to escalation of privileges, information disclosure, or denial of service. | 2019-11-18 | 7.2 | CVE-2019-5688 MISC |
| oniguruma -- oniguruma | An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a denial-of-service or information disclosure, or possibly have unspecified other impact, via a crafted regular expression. | 2019-11-17 | 7.5 | CVE-2019-19012 MISC MISC MISC |
| phicomm -- k2_psg1218_routers | /usr/lib/lua/luci/controller/admin/autoupgrade.lua on PHICOMM K2(PSG1218) V22.5.9.163 devices allows remote authenticated users to execute any command via shell metacharacters in the cgi-bin/luci autoUpTime parameter. | 2019-11-18 | 9 | CVE-2019-19117 MISC |
| pimcore -- pimcore | Pimcore before 6.2.2 lacks an Access Denied outcome for a certain scenario of an incorrect recipient ID of a notification. | 2019-11-15 | 7.5 | CVE-2019-18981 MISC MISC |
| pixie -- pixie | Pixie versions 1.0.x before 1.0.3, and 2.0.x before 2.0.2 allow SQL Injection in the limit() function due to improper sanitization. | 2019-11-19 | 7.5 | CVE-2019-10766 MISC |
| postgresql -- postgresql | The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified impact via unknown vectors, as demonstrated by an out-of-memory error. | 2019-11-20 | 7.5 | CVE-2015-3166 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
| postgresql-common -- postgresql-common | The pg_ctlcluster script in postgresql-common in versions prior to 210 didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation. | 2019-11-20 | 7.2 | CVE-2019-3466 MISC |
| raritan -- commandcenter_secure_gateway | An XML external entity (XXE) vulnerability in CommandCenterWebServices/.*?wsdl in Raritan CommandCenter Secure Gateway before 8.0.0 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. | 2019-11-18 | 7.5 | CVE-2018-20687 MISC FULLDISC |
| sandline -- centraleyezer | Sandline Centraleyezer (On Premises) allows unrestricted File Upload with a dangerous type, because the feature of adding ".jpg" to any uploaded filename is not enforced on the server side. | 2019-11-18 | 7.5 | CVE-2019-12271 MISC MISC |
| smarty -- smarty | The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smarty_internal_compile_private_special_variable.php file. | 2019-11-20 | 7.5 | CVE-2011-1028 MISC MISC MISC |
| statusnet -- statusnet | Unspecified vulnerability in statusnet through 2010 due to the way addslashes are used in SQL string escapes.. | 2019-11-20 | 7.5 | CVE-2010-4660 MISC MISC |
| symantec -- endpoint_protection | Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | 2019-11-15 | 7.2 | CVE-2019-18372 MISC |
| symantec -- endpoint_protection | Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual to execute code without a resident proper digital signature. | 2019-11-15 | 7.2 | CVE-2019-12758 MISC MISC |
| symantec -- endpoint_protection_manager_and_mail_security_for_ms_exchange | Symantec Endpoint Protection Manager (SEPM) and Symantec Mail Security for MS Exchange (SMSMSE), prior to versions 14.2 RU2 and 7.5.x respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | 2019-11-15 | 7.2 | CVE-2019-12759 MISC |
| tematres -- tematres | TemaTres 3.0 allows remote unprivileged users to create an administrator account | 2019-11-15 | 7.5 | CVE-2019-14345 MISC MISC MISC MISC |
| xorus -- lpar2rrd_and_stor2rrd | An issue was discovered in Xorux Lpar2RRD 6.11 and Stor2RRD 2.61, as distributed in Xorux 2.41. They do not correctly verify the integrity of an upgrade package before processing it. As a result, official upgrade packages can be modified to inject an arbitrary Bash script that will be executed by the underlying system. It is possible to achieve this by modifying the values in the files.SUM file (which are used for integrity control) and injecting malicious code into the upgrade.sh file. | 2019-11-17 | 9 | CVE-2019-19041 MISC |
Medium Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| apache -- atlas | Apache Atlas versions 0.8.3 and 1.1.0 were found vulnerable to Stored Cross-Site Scripting in the search functionality | 2019-11-18 | 4.3 | CVE-2019-10070 MLIST |
| apache -- nifi | The XMLFileLookupService in NiFi versions 1.3.0 to 1.9.2 allowed trusted users to inadvertently configure a potentially malicious XML file. The XML file has the ability to make external calls to services (via XXE) and reveal information such as the versions of Java, Jersey, and Apache that the NiFI instance uses. | 2019-11-19 | 4 | CVE-2019-10080 CONFIRM |
| apache -- nifi | When using an authentication mechanism other than PKI, when the user clicks Log Out in NiFi versions 1.0.0 to 1.9.2, NiFi invalidates the authentication token on the client side but not on the server side. This permits the user's client-side token to be used for up to 12 hours after logging out to make API requests to NiFi. | 2019-11-19 | 6.5 | CVE-2019-12421 CONFIRM |
| apache -- shiro | Apache Shiro before 1.4.2, when using the default "remember me" configuration, cookies could be susceptible to a padding attack. | 2019-11-18 | 5 | CVE-2019-12422 MLIST |
| artifex -- ghostscript | A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges within the Ghostscript and access files outside of restricted areas or execute commands. | 2019-11-15 | 6.8 | CVE-2019-14869 SUSE SUSE MLIST CONFIRM CONFIRM CONFIRM FEDORA FEDORA FEDORA BUGTRAQ |
| clamav -- clamav | ClamAV before 0.97.7: dbg_printhex possible information leak | 2019-11-15 | 5 | CVE-2013-7089 MISC MISC MISC MISC |
| cobbler -- cobbler | cobbler: Web interface lacks CSRF protection when using Django framework | 2019-11-19 | 6.8 | CVE-2011-4952 MISC MISC MISC MISC |
| code42 -- code42 | Code42 server through 7.0.2 for Windows has an Untrusted Search Path. In certain situations, a non-administrative attacker on the local server could create or modify a dynamic-link library (DLL). The Code42 service could then load it at runtime, and potentially execute arbitrary code at an elevated privilege on the local server. | 2019-11-19 | 6.9 | CVE-2019-16861 CONFIRM MISC |
| code42 -- code42 | Code42 app through version 7.0.2 for Windows has an Untrusted Search Path. In certain situations, a non-administrative attacker on the local machine could create or modify a dynamic-link library (DLL). The Code42 service could then load it at runtime, and potentially execute arbitrary code at an elevated privilege on the local machine. | 2019-11-19 | 6.9 | CVE-2019-16860 MISC CONFIRM |
| comodo_security_solutions -- comodo_internet_security | An issue was discovered in signmgr.dll 6.5.0.819 in Comodo Internet Security through 12.0. A DLL Preloading vulnerability allows an attacker to implant an unsigned DLL named iLog.dll in a partially unprotected product directory. This DLL is then loaded into a high-privileged service before the binary signature validation logic is loaded, and might bypass some of the self-defense mechanisms. | 2019-11-18 | 4.4 | CVE-2019-18215 MISC MISC MISC |
| dolibarr -- dolibarr | Cross-site Scripting (XSS) in Dolibarr ERP/CRM 3.3.1 allows remote attackers to inject arbitrary web script or HTML in functions.lib.php. | 2019-11-20 | 4.3 | CVE-2013-2092 MISC CONFIRM MISC |
| f5 -- big-ip | On BIG-IP 13.1.0-13.1.1.4, sensitive information is logged into the local log files and/or remote logging targets when restjavad processes an invalid request. Users with access to the log files would be able to view that data. | 2019-11-15 | 4 | CVE-2019-6662 MISC |
| f5 -- big-ip | On version 14.0.0-14.1.0.1, BIG-IP virtual servers with TLSv1.3 enabled may experience a denial of service due to undisclosed incoming messages. | 2019-11-15 | 5 | CVE-2019-6659 MISC |
| f5 -- big-ip | On BIG-IP 15.0.0 and 14.1.0-14.1.0.6, under certain conditions, network protections on the management port do not follow current best practices. | 2019-11-15 | 5 | CVE-2019-6664 MISC |
| f5 -- big-ip | On BIG-IP 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.1, undisclosed HTTP requests may consume excessive amounts of systems resources which may lead to a denial of service. | 2019-11-15 | 5 | CVE-2019-6660 MISC |
| f5 -- big-ip_and_iworkflow_and_enterprise_manager | The BIG-IP 15.0.0-15.0.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5.1, BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1 configuration utility is vulnerable to Anti DNS Pinning (DNS Rebinding) attack. | 2019-11-15 | 4.3 | CVE-2019-6663 MISC |
| f5 -- big-ip_apm | When the BIG-IP APM 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.4.1, or 11.5.1-11.6.5 system processes certain requests, the APD/APMD daemon may consume excessive resources. | 2019-11-15 | 5 | CVE-2019-6661 MISC |
| falconpl -- falconpl | Falconpl before 0.9.6.9-git20120606 misuses the libcurl API which may allow remote attackers to interfere with security checks. | 2019-11-19 | 5 | CVE-2012-6070 MISC MISC MISC MISC |
| firegpg -- iceweasel-firegpg | A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling. | 2019-11-18 | 4.6 | CVE-2008-7273 MISC MISC MISC |
| footy_tipping_software -- afl_web_edition | Footy Tipping Software AFL Web Edition 2019 allows XSS. | 2019-11-18 | 4.3 | CVE-2019-17057 MISC |
| footy_tipping_software -- afl_web_edition | Footy Tipping Software AFL Web Edition 2019 allows arbitrary file upload and resultant remote code execution because a whitelist can be bypassed by an Administrator who uploads a crafted upload.dat file. | 2019-11-18 | 6.5 | CVE-2019-17058 MISC |
| fortiguard -- fortios_and_forticlient_for_windows_and_forticlient_for_mac | Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge of the key to eavesdrop on and modify information (URL/SPAM services in FortiOS 5.6, and URL/SPAM/AV services in FortiOS 6.0.; URL rating in FortiClient) sent and received from Fortiguard severs by decrypting these messages. | 2019-11-21 | 4.3 | CVE-2018-9195 CONFIRM |
| gael -- q-pulse | Cross-site scripting (XSS) vulnerability in ui/common/managedlistdialog.aspx in Gael Q-Pulse 0.6 and earlier. | 2019-11-22 | 4.3 | CVE-2014-1238 MISC |
| gamera_project -- gamera | Gamera before 3.4.1 insecurely creates temporary files. | 2019-11-21 | 5 | CVE-2014-1937 MISC MISC MISC |
| gnu -- serveez | GNU Serveez through 0.2.2 has an Information Leak. An attacker may send an HTTP POST request to the /cgi-bin/reader URI. The attacker must include a Content-length header with a large positive value that, when represented in 32 bit binary, evaluates to a negative number. The problem exists in the http_cgi_write function under http-cgi.c; however, exploitation might show svz_envblock_add in libserveez/passthrough.c as the location of the heap-based buffer over-read. | 2019-11-20 | 5 | CVE-2019-16200 MISC |
| gnupg_project -- gnupg | The keyring DB in GnuPG before 2.1.2 does not properly handle invalid packets, which allows remote attackers to cause a denial of service (invalid read and use-after-free) via a crafted keyring file. | 2019-11-20 | 4.3 | CVE-2015-1606 MISC MISC MISC MISC MISC MISC |
| gnupg_project -- gnupg | kbx/keybox-search.c in GnuPG before 1.4.19, 2.0.x before 2.0.27, and 2.1.x before 2.1.2 does not properly handle bitwise left-shifts, which allows remote attackers to cause a denial of service (invalid read operation) via a crafted keyring file, related to sign extensions and "memcpy with overlapping ranges." | 2019-11-20 | 4.3 | CVE-2015-1607 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
| horms_solutions -- perdition | Perdition before 2.2 may have weak security when handling outbound connections, caused by an error in the STARTTLS IMAP and POP server. ssl_outgoing_ciphers not being applied to STARTTLS connections | 2019-11-15 | 4.3 | CVE-2013-4584 MISC MISC MISC MISC MISC |
| ibm -- maximo_asset_management | IBM Maximo Asset Management 7.6, 7.6.1, and 7.6.1.1 could allow an authenticated user to delete a record that they should not normally be able to. IBM X-Force ID: 165586. | 2019-11-20 | 5.5 | CVE-2019-4530 XF CONFIRM |
| ibm -- smartcloud_analytics | IBM SmartCloud Analytics 1.3.1 through 1.3.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 159186. | 2019-11-22 | 4.3 | CVE-2019-4215 XF CONFIRM |
| ibm -- smartcloud_analytics | IBM SmartCloud Analytics 1.3.1 through 1.3.5 does not set the secure attribute on authorization tokens or session cookies. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 159185. | 2019-11-22 | 4.3 | CVE-2019-4214 XF CONFIRM |
| ibm -- smartcloud_analytics | IBM SmartCloud Analytics 1.3.1 through 1.3.5 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. IBM X-Force ID: 159187. | 2019-11-22 | 4.9 | CVE-2019-4216 XF CONFIRM |
| iterm2 -- iterm2 | iTerm2 through 3.3.6 has potentially insufficient documentation about the presence of search history in com.googlecode.iterm2.plist, which might allow remote attackers to obtain sensitive information, as demonstrated by searching for the NoSyncSearchHistory string in .plist files within public Git repositories. | 2019-11-17 | 5 | CVE-2019-19022 MISC |
| jenkins -- jenkins | Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers with read access and HTTP access to Jenkins master to insert data and execute arbitrary code. | 2019-11-18 | 6.5 | CVE-2012-4438 MISC CONFIRM MISC MISC |
| jenkins -- jenkins | Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML in the CI game plugin. | 2019-11-18 | 4.3 | CVE-2012-4441 MISC MISC MISC |
| jenkins -- jenkins | Missing permission checks in various API endpoints in Jenkins Google Compute Engine Plugin 4.1.1 and earlier allow attackers with Overall/Read permission to obtain limited information about the plugin configuration and environment. | 2019-11-21 | 4 | CVE-2019-16547 MLIST CONFIRM |
| jenkins -- jenkins | Jenkins QMetry for JIRA - Test Management Plugin 1.12 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | 2019-11-21 | 4 | CVE-2019-16544 MLIST CONFIRM |
| jenkins -- jenkins | Jenkins QMetry for JIRA - Test Management Plugin transmits credentials in its configuration in plain text as part of job configuration forms, potentially resulting in their exposure. | 2019-11-21 | 4 | CVE-2019-16545 MLIST CONFIRM |
| jenkins -- jenkins | A cross-site request forgery vulnerability in Jenkins Google Compute Engine Plugin 4.1.1 and earlier in ComputeEngineCloud#doProvision could be used to provision new agents. | 2019-11-21 | 6.8 | CVE-2019-16548 MLIST CONFIRM |
| jenkins -- jenkins | A path traversal vulnerability in Jenkins Support Core Plugin 2.63 and earlier allows attackers with Overall/Read permission to delete arbitrary files on the Jenkins master. | 2019-11-21 | 5.5 | CVE-2019-16540 MLIST CONFIRM |
| jenkins -- jenkins | A missing permission check in Jenkins Support Core Plugin 2.63 and earlier allows attackers with Overall/Read permission to delete support bundles. | 2019-11-21 | 5.5 | CVE-2019-16539 MLIST CONFIRM |
| jenkins -- jenkins | Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML in the Violations plugin. | 2019-11-18 | 4.3 | CVE-2012-4440 MISC MISC MISC |
| jenkins -- jenkins | Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL that points to Jenkins. | 2019-11-18 | 4.3 | CVE-2012-4439 MISC CONFIRM MISC MISC |
| jenkins -- jenkins | Jenkins Google Compute Engine Plugin 4.1.1 and earlier does not verify SSH host keys when connecting agents created by the plugin, enabling man-in-the-middle attacks. | 2019-11-21 | 4.3 | CVE-2019-16546 MLIST CONFIRM |
| jhead_project -- jhead | jhead 3.03 is affected by: heap-based buffer over-read. The impact is: Denial of service. The component is: ReadJpegSections and process_SOFn in jpgfile.c. The attack vector is: Open a specially crafted JPEG file. | 2019-11-17 | 4.3 | CVE-2019-19035 MISC |
| kairosdb -- kairosdb | KairosDB through 1.2.2 has XSS in view.html because of showErrorMessage in js/graph.js, as demonstrated by view.html?q= with a '"sampling":{"value":"<script>' substring. | 2019-11-17 | 4.3 | CVE-2019-19040 MISC |
| lenovo -- customer_engagement_service | A potential vulnerability in the discontinued Customer Engagement Service (CCSDK) software version 2.0.21.1 may allow local privilege escalation. | 2019-11-20 | 4.6 | CVE-2019-6184 MISC |
| lenovo -- lenovopaper | A potential vulnerability in the discontinued LenovoPaper software version 1.0.0.22 may allow local privilege escalation. | 2019-11-20 | 4.6 | CVE-2019-6191 MISC |
| lenovo -- system_interface_foundation | A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an administrative user to load an unsigned DLL. | 2019-11-20 | 4.4 | CVE-2019-6189 MISC |
| lenovo -- system_interface_foundation | A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an authenticated user to execute code as another user. | 2019-11-20 | 6.5 | CVE-2019-6186 MISC |
| lenovo -- thinkpad | A potential vulnerability reported in ThinkPad USB-C Dock Firmware version 3.7.2 may allow a denial of service. | 2019-11-20 | 5 | CVE-2019-6176 MISC |
| lenovo -- xclarity_controller | A stored CSV Injection vulnerability was reported in Lenovo XClarity Controller (XCC) that could allow an administrative or other appropriately permissioned user to store malformed data in certain XCC server informational fields, that could result in crafted formulas being stored in an exported CSV file. The crafted formula is not executed on XCC itself and has no effect on the server. | 2019-11-20 | 4 | CVE-2019-6187 MISC |
| linux -- linux_kernel | ext4_empty_dir in fs/ext4/namei.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because ext4_read_dirblock(inode,0,DIRENT_HTREE) can be zero. | 2019-11-21 | 4.3 | CVE-2019-19037 MISC |
| linux -- linux_kernel | btrfs_root_node in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because rcu_dereference(root->node) can be zero. | 2019-11-21 | 4.3 | CVE-2019-19036 MISC |
| ltworf -- weborf | Weborf before 0.12.5 is affected by a Denial of Service (DOS) due to malformed fields in HTTP. | 2019-11-20 | 5 | CVE-2011-0529 MISC MISC |
| mailbird -- mailbird | Multiple cross-site scripting (XSS) vulnerabilities in Mailbird before 2.7.5.0 r allow remote attackers to execute arbitrary JavaScript in a privileged context via a crafted HTML mail message. This vulnerability is distinct from CVE-2015-4657. | 2019-11-18 | 4.3 | CVE-2019-15054 MISC CONFIRM |
| mediawiki -- mediawiki | MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information. | 2019-11-20 | 5 | CVE-2013-1817 MISC MISC MISC MISC MISC MISC |
| mediawiki -- mediawiki | MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request. | 2019-11-20 | 5 | CVE-2013-1816 MISC MISC BID MISC MISC MISC |
| mediawiki -- mediawiki | An issue was discovered in the AbuseFilter extension through 1.34 for MediaWiki. Once a specific abuse filter has (accidentally or otherwise) been made public, its previous versions can be exposed, thus potentially disclosing private or sensitive information within the filter's definition. | 2019-11-15 | 5 | CVE-2019-18987 MISC MISC MISC |
| micro_focus -- operations_agent | XXE attack vulnerability on Micro Focus Operations Agent, affected version 12.0, 12.01, 12.02, 12.03, 12.04, 12.05, 12.06, 12.10, 12.11. The vulnerability could be exploited to do an XXE attack on Operations Agent. | 2019-11-18 | 4 | CVE-2019-17085 CONFIRM |
miniupnp -- ngiflib | MiniUPnP ngiflib 0.4 has a NULL pointer dereference in GifIndexToTrueColor in ngiflib.c via a file that lacks a palette. | 2019-11-17 | 5 | CVE-2019-19011 MISC |
| mono -- mono | mono 2.10.x ASP.NET Web Form Hash collision DoS | 2019-11-21 | 5 | CVE-2012-3543 MISC MISC MISC MISC MISC MISC MISC MISC |
| mpack -- mpack | mpack 1.6 has information disclosure via eavesdropping on mails sent by other users | 2019-11-19 | 5 | CVE-2011-4919 MISC MISC MISC |
| norton -- app_lock | Norton App Lock, prior to 1.4.0.503, may be susceptible to a bypass exploit. In this type of circumstance, the exploit can allow the user to circumvent the app to prevent it from locking other apps on the device, thereby allowing the individual to gain access. | 2019-11-18 | 4.4 | CVE-2019-18373 CONFIRM |
| nss -- nss | Null pointer dereference vulnerability exists in K11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime in NSS before 3.26, which causes the TLS/SSL server using NSS to crash. | 2019-11-15 | 5 | CVE-2016-5285 MISC MISC MISC MISC MISC MISC MISC |
| octopus_deploy -- octopus_deploy | In Octopus Deploy 3.3.0 through 2019.10.4, an authenticated user with PackagePush permission to upload packages could upload a maliciously crafted package, triggering an exception that exposes underlying operating system details. | 2019-11-18 | 4 | CVE-2019-19084 MISC |
| openfind -- mail2000 | The "/cgi-bin/go" page in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code via ACTION parameter without authentication. The code can executed for any user accessing the page. This vulnerability affects many mail system of governments, organizations, companies and universities. | 2019-11-20 | 4.3 | CVE-2019-15071 CONFIRM CONFIRM CONFIRM CONFIRM MISC MISC CONFIRM CONFIRM |
| openfind -- mail2000 | An Open Redirect vulnerability for all browsers in MAIL2000 through version 6.0 and 7.0, which will redirect to a malicious site without authentication. This vulnerability affects many mail system of governments, organizations, companies and universities. | 2019-11-20 | 5.8 | CVE-2019-15073 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| openfind -- mail2000 | The login feature in "/cgi-bin/portal" in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code via any parameter. This vulnerability affects many mail system of governments, organizations, companies and universities. | 2019-11-20 | 4.3 | CVE-2019-15072 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| openwrt_project -- openwrt | An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1. When connecting to a remote server, the server's SSL certificate is checked but no action is taken when the certificate is invalid. An attacker could exploit this behavior by performing a man-in-the-middle attack, providing any certificate, leading to the theft of all the data sent by the client during the first request. | 2019-11-18 | 4.3 | CVE-2019-5102 MISC |
| openwrt_project -- openwrt | An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1. When connecting to a remote server, the server's SSL certificate is checked but no action is taken when the certificate is invalid. An attacker could exploit this behavior by performing a man-in-the-middle attack, providing any certificate, leading to the theft of all the data sent by the client during the first request. After an SSL connection is initialized via _ustream_ssl_init, and after any data (e.g. the client's HTTP request) is written to the stream using ustream_printf, the code eventually enters the function __ustream_ssl_poll, which is used to dispatch the read/write events | 2019-11-18 | 4.3 | CVE-2019-5101 MISC |
| org.codehaus.jackson -- jackson-mapper-asl | A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but in different classes. | 2019-11-18 | 5 | CVE-2019-10172 CONFIRM |
| pam_shield -- pam_shield | pam_shield before 0.9.4: Default configuration does not perform protective action | 2019-11-21 | 5 | CVE-2012-2350 MISC MISC MISC |
| phusion -- passenger | RubyGems passenger 4.0.0 betas 1 and 2 allows remote attackers to delete arbitrary files during the startup process. | 2019-11-19 | 6.4 | CVE-2012-6135 MISC CONFIRM MISC MISC BID |
| pimcore -- pimcore | pimcore/pimcore before 6.3.0 is vulnerable to SQL Injection. An attacker with limited privileges (classes permission) can achieve a SQL injection that can lead in data leakage. The vulnerability can be exploited via 'id', 'storeId', 'pageSize' and 'tables' parameters, using a payload for trigger a time based or error based sql injection. | 2019-11-18 | 4 | CVE-2019-10763 MISC |
| pimcore -- pimcore | bundles/AdminBundle/Controller/Admin/EmailController.php in Pimcore before 6.3.0 allows script execution in the Email Log preview window because of the lack of a Content-Security-Policy header. | 2019-11-15 | 4.3 | CVE-2019-18982 MISC MISC |
| pimcore -- pimcore | Pimcore before 6.2.2 lacks brute force protection for the 2FA token. | 2019-11-15 | 5 | CVE-2019-18985 MISC MISC |
| pimcore -- pimcore | Pimcore before 6.2.2 allow attackers to brute-force (guess) valid usernames by using the 'forgot password' functionality as it returns distinct messages for invalid password and non-existing users. | 2019-11-15 | 5 | CVE-2019-18986 MISC MISC |
| piwik -- piwik | Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This is a different vulnerability than CVE-2013-0193 and CVE-2013-0195. | 2019-11-20 | 4.3 | CVE-2013-0194 MISC CONFIRM MISC |
| piwik -- piwik | Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This is a different vulnerability than CVE-2013-0194 and CVE-2013-0195. | 2019-11-20 | 4.3 | CVE-2013-0193 MISC CONFIRM MISC |
| piwik -- piwik | Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This is a different vulnerability than CVE-2013-0193 and CVE-2013-0194. | 2019-11-20 | 4.3 | CVE-2013-0195 MISC CONFIRM MISC |
| postgresql -- postgresql | contrib/pgcrypto in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 uses different error responses when an incorrect key is used, which makes it easier for attackers to obtain the key via a brute force attack. | 2019-11-20 | 5 | CVE-2015-3167 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
| qualcomm -- multiple_products | Buffer over-read can occur in fast message handler due to improper input validation while processing a message from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8096AU, MSM8996AU, MSM8998, QCN7605, QCS405, QCS605, SDA660, SDM636, SDM660, SDX20, SDX24 | 2019-11-21 | 4.6 | CVE-2019-10563 CONFIRM |
| qualcomm -- multiple_products | Buffer overflow can occur in wlan module if supported rates or extended rates element length is greater than max rate set length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8996AU, Nicobar, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA845, SDM670, SDM710, SDM845, SDX20, SM6150, SM8150, SM8250, SXR2130 | 2019-11-21 | 4.6 | CVE-2019-10566 CONFIRM |
| red_hat -- openshift | OpenShift: Install script has temporary file creation vulnerability which can result in arbitrary code execution | 2019-11-15 | 4.6 | CVE-2014-0023 MISC MISC |
| redmine -- redmine | A SQL injection vulnerability in Redmine through 3.2.9 and 3.3.x before 3.3.10 allows Redmine users to access protected information via a crafted object query. | 2019-11-21 | 4 | CVE-2019-18890 MISC MISC MISC |
| sandline -- centraleyezer | Sandline Centraleyezer (On Premises) allows Unrestricted File Upload leading to Stored XSS. An HTML page running a script could be uploaded to the server. When a victim tries to download a CISO Report template, the script is loaded. | 2019-11-18 | 4.3 | CVE-2019-12311 MISC MISC |
| sandline -- centraleyezer | Sandline Centraleyezer (On Premises) allows Stored XSS using HTML entities in the name field of the Category section. | 2019-11-18 | 4.3 | CVE-2019-12299 MISC MISC |
| schneider_electric -- modicon_controllers | A CWE-200: Information Exposure vulnerability exists in Modicon Controllers (M340 CPUs, M340 communication modules, Premium CPUs, Premium communication modules, Quantum CPUs, Quantum communication modules - see security notification for specific versions), which could cause the disclosure of FTP hardcoded credentials when using the Web server of the controller on an unsecure network. | 2019-11-20 | 5 | CVE-2019-6852 CONFIRM MISC |
| simpleledger -- slp-validate | A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the slp-validate@1.0.0 npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. All versions >1.0.0 have been patched. | 2019-11-15 | 4.9 | CVE-2019-16761 MISC CONFIRM |
| simpleledger -- slpjs | A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the slpjs npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. Affected users can upgrade to any version >= 0.21.4. | 2019-11-15 | 4.9 | CVE-2019-16762 MISC CONFIRM |
| simplito -- elliptic-php | In elliptic-php versions priot to 1.0.6, Timing attacks might be possible which can result in practical recovery of the long-term private key generated by the library under certain conditions. Leakage of a bit-length of the scalar during scalar multiplication is possible on an elliptic curve which might allow practical recovery of the long-term private key. | 2019-11-18 | 5.8 | CVE-2019-10764 MISC MISC |
| statusnet -- statusnet | Cross-site scripting (XSS) vulnerability in statusnet through 2010 in error message contents. | 2019-11-20 | 4.3 | CVE-2010-4659 MISC MISC MISC |
| symantec -- endpoint_protection_manager | Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU1, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | 2019-11-15 | 4.6 | CVE-2018-18368 MISC |
| tematres -- tematres | TemaTres 3.0 has stored XSS via the value parameter to the vocab/admin.php?vocabulario_id=list URI. | 2019-11-15 | 4.3 | CVE-2019-14343 MISC MISC MISC MISC MISC |
| tiki_wiki -- cms_groupware | Multiple cross-site scripting vulnerabilities in Tiki 7.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the path info to (1) tiki-admin_system.php, (2) tiki-pagehistory.php, (3) tiki-removepage.php, or (4) tiki-rename_page.php. | 2019-11-20 | 4.3 | CVE-2011-4455 MISC |
| tiki_wiki -- cms_groupware | Multiple cross-site scripting vulnerabilities in Tiki 8.0 RC1 and earlier allow remote attackers to inject arbitrary web script or HTML via the path info to (1) tiki-remind_password.php, (2) tiki-index.php, (3) tiki-login_scr.php, or (4) tiki-index. | 2019-11-20 | 4.3 | CVE-2011-4454 MISC |
| tog-pegasus -- tog-pegasus | tog-Pegasus has a package hash collision DoS vulnerability | 2019-11-19 | 5 | CVE-2011-4967 MISC MISC MISC MISC MISC |
| tryton -- trytond | trytond 2.4: ModelView.button fails to validate authorization | 2019-11-21 | 5 | CVE-2012-2238 MISC MISC MISC MISC MISC |
| tuned -- tuned | tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitrary processes. | 2019-11-20 | 4.9 | CVE-2012-6136 CONFIRM MISC |
| vmware -- workstation_and_fusion | VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain a denial-of-service vulnerability in the RPC handler. Successful exploitation of this issue may allow attackers with normal user privileges to create a denial-of-service condition on their own VM. | 2019-11-20 | 4 | CVE-2019-5542 CONFIRM |
| wordpress -- wordpress | The Social Photo Gallery plugin 1.0 for WordPress allows Remote Code Execution by creating an album and attaching a malicious PHP file in the cover photo album, because the file extension is not checked. | 2019-11-18 | 4.6 | CVE-2019-14467 MISC FULLDISC MISC MISC |
| zte -- c520v21_smart_camera_devices | authentication issues vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can automatically obtain access to web services from the authorized browser of the same computer and perform operations. | 2019-11-18 | 6.4 | CVE-2019-3424 CONFIRM |
| zte -- c520v21_smart_camera_devices | permission and access control vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can construct a URL for directory traversal and access to other unauthorized files or resources. | 2019-11-18 | 5 | CVE-2019-3423 CONFIRM |
Low Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| ibm -- smartcloud_analytics | IBM SmartCloud Analytics 1.3.1 through 1.3.5 allows unauthorized disclosure of information like accessing solrconfig.xml and could allow an attacker to perform disruptive administrator tasks. IBM X-Force ID: 159517. | 2019-11-22 | 3.6 | CVE-2019-4243 XF CONFIRM |
| linux -- linux_kernel | __btrfs_free_extent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfs_print_leaf in a certain ENOENT case, which allows local users to obtain potentially sensitive information about register values via the dmesg program. | 2019-11-21 | 1.9 | CVE-2019-19039 MISC |
| node-cookie-signature -- node-cookie-signature | Node-cookie-signature before 1.0.6 is affected by a timing attack due to the type of comparison used. | 2019-11-19 | 3.5 | CVE-2016-1000236 MISC MISC MISC MISC MISC MISC |
| octopus_deploy -- octopus_server | A persistent cross-site scripting (XSS) vulnerability in Octopus Server 3.4.0 through 2019.10.5 allows remote authenticated attackers to inject arbitrary web script or HTML. | 2019-11-18 | 3.5 | CVE-2019-19085 MISC |
| pidgin -- pidgin | Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain sensitive information via a dbus session monitor. | 2019-11-20 | 2.1 | CVE-2012-1257 MISC MISC |
| python_rply -- python_rply | python-rply before 0.7.4 insecurely creates temporary files. | 2019-11-21 | 2.1 | MISC MISC MISC |
| qtnx -- qtnx | qtnx 0.9 stores non-custom SSH keys in a world-readable configuration file. If a user has a world-readable or world-executable home directory, another local system user could obtain the private key used to connect to remote NX sessions. | 2019-11-15 | 2.1 | CVE-2011-2916 MISC MISC MISC |
| suckless -- surf | surf: cookie jar has read access from other local user | 2019-11-19 | 2.1 | CVE-2012-0842 MISC MISC MISC MISC MISC MISC MISC |
| symantec -- endpoint_protection | Symantec Endpoint Protection (SEP), prior to 14.2 RU2 may be susceptible to a password protection bypass vulnerability whereby the secondary layer of password protection could by bypassed for individuals with local administrator rights. | 2019-11-15 | 2.1 | CVE-2019-12756 MISC |
| trusted_boot_project -- trusted_boot | A Security Bypass Vulnerability exists in TBOOT before 1.8.2 in the boot loader module when measuring commandline parameters. | 2019-11-18 | 2.1 | CVE-2014-5118 MISC MISC MISC MISC |
| uzbl -- uzbl | uzbl: Information disclosure via world-readable cookies storage file | 2019-11-19 | 2.1 | CVE-2012-0843 MISC MISC MISC MISC MISC |
zikula_software_foundation -- zikula_application_framework | Zikula 1.3.0 build #3168 and probably prior has XSS flaw due to improper sanitization of the 'themename' parameter by setting default, modifying and deleting themes. A remote attacker with Zikula administrator privilege could use this flaw to execute arbitrary HTML or web script code in the context of the affected website. | 2019-11-19 | 3.5 | CVE-2011-3352 MISC MISC MISC |
Severity Not Yet Assigned
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| 9base -- 9base | 9base 1:6-6 and 1:6-7 insecurely creates temporary files which results in predictable filenames. | 2019-11-21 | not yet calculated | CVE-2014-1935 MISC MISC MISC |
| ace -- ace | generate_doygen.pl in ace before 6.2.7+dfsg-2 creates predictable file names in the /tmp directory which allows attackers to gain elevated privileges. | 2019-11-22 | not yet calculated | CVE-2014-6311 MISC MISC MISC MISC |
| angularjs -- angularjs | In AngularJS before 1.7.9 the function `merge()` could be tricked into adding or modifying properties of `Object.prototype` using a `__proto__` payload. | 2019-11-19 | not yet calculated | CVE-2019-10768 MISC |
| apache -- nifi | When updating a Process Group via the API in NiFi versions 1.3.0 to 1.9.2, the response to the request includes all of its contents (at the top most level, not recursively). The response included details about processors and controller services which the user may not have had read access to. | 2019-11-19 | not yet calculated | CVE-2019-10083 CONFIRM |
| apple -- iphone_3gs | Apple iPhone 3GS bootrom malloc implementation returns a non-NULL pointer when unable to allocate memory, aka 'alloc8'. An attacker with physical access to the device can install arbitrary firmware. | 2019-11-22 | not yet calculated | CVE-2019-9536 MISC MISC |
| asus -- rt-ac66u_firmware | Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to execute arbitrary code by providing a long string to the blocking.asp page via a GET or POST request. Vulnerable parameters are flag, mac, and cat_id. | 2019-11-21 | not yet calculated | CVE-2018-8879 MISC MISC |
| beckhoff -- twincat_runtime | When Beckhoff TwinCAT is configured to use the Profinet driver, a denial of service of the controller could be reached by sending a malformed UDP packet to the device. | 2019-11-21 | not yet calculated | CVE-2019-5637 MISC CONFIRM |
| beckhoff -- twincat_runtime | When a Beckhoff TwinCAT Runtime receives a malformed UDP packet, the ADS Discovery Service shuts down. Note that the TwinCAT devices are still performing as normal. | 2019-11-21 | not yet calculated | CVE-2019-5636 MISC CONFIRM |
| belkin -- linksys_velop_devices | Belkin Linksys Velop 1.1.8.192419 devices allows remote attackers to discover the recovery key via a direct request for the /sysinfo_json.cgi URI. | 2019-11-21 | not yet calculated | CVE-2019-16340 MISC MISC MISC |
| blackboard -- blackboard_learn | The bb-auth-provider-cas authentication module within Blackboard Learn 2018-07-02 is susceptible to HTTP host header spoofing during Central Authentication Service (CAS) service ticket validation, enabling a phishing attack from the CAS server login page. | 2019-11-18 | not yet calculated | CVE-2018-13257 MISC |
| centreon -- web | Centreon Web 19.04.4 has weak permissions within the OVA (aka VMware virtual machine) and OVF (aka VirtualBox virtual machine) files, allowing attackers to gain privileges via a Trojan horse Centreon-autodisco executable file that is launched by cron. | 2019-11-21 | not yet calculated | CVE-2019-16406 MISC MISC |
| centreon -- web | Centreon Web 19.04.4 allows Remote Code Execution by an administrator who can modify Macro Expression location settings. | 2019-11-21 | not yet calculated | CVE-2019-16405 MISC MISC MISC |
| chyrp -- chyrp | Multiple cross-site scripting (XSS) vulnerabilities in Chyrp before 2.1.2 and before 2.5 Beta 2 allow remote attackers to inject arbitrary web script or HTML via the (1) content parameter to includes/ajax.php or (2) body parameter to includes/error.php. | 2019-11-21 | not yet calculated | CVE-2012-1001 MISC MISC MISC MISC MISC MISC |
| cloud_foundry_foundation -- cloud_foundry_routing | Cloud Foundry Routing, all versions before 0.193.0, does not properly validate nonce input. A remote unauthorized malicious user could forge a route service request using an invalid nonce that will cause the Gorouter to crash. | 2019-11-19 | not yet calculated | CVE-2019-11289 CONFIRM |
| cog -- galaxy_client_service | An exploitable local privilege escalation vulnerability exists in the GalaxyClientService installed by GOG Galaxy. Due to Improper Access Control, an attacker can send unauthenticated local TCP packets to the service to gain SYSTEM privileges in Windows system where GOG Galaxy software is installed. All GOG Galaxy versions before 1.2.60 and all corresponding versions of GOG Galaxy 2.0 Beta are affected. | 2019-11-21 | not yet calculated | CVE-2019-15511 MISC MISC |
| cumin -- cumin | cumin: At installation postgresql database user created without password | 2019-11-21 | not yet calculated | CVE-2012-3460 MISC MISC |
| d-link -- dsl-6740u_gateway | Multiple cross-site request forgery (CSRF) vulnerabilities in the D-Link DSL-6740U gateway (Rev. H1) allow remote attackers to hijack the authentication of administrators for requests that change administrator credentials or enable remote management services to (1) Custom Services in Port Forwarding, (2) Port Triggering Entries, (3) URL Filters in Parental Control, (4) Print Server settings, (5) QoS Queue Setup, or (6) QoS Classification Entries. | 2019-11-22 | not yet calculated | CVE-2013-6811 MISC MISC |
| drupal -- drupal | A cross-site request forgery (CSRF) vulnerability in the Activity module 6.x-1.x for Drupal. | 2019-11-22 | not yet calculated | CVE-2012-2079 MISC MISC |
| drupal -- drupal | Cross-site scripting vulnerability (XSS) in the Quick Tabs module 6.x-2.x before 6.x-2.1, 6.x-3.x before 6.x-3.1, and 7.x-3.x before 7.x-3.3 for Drupal. | 2019-11-21 | not yet calculated | CVE-2012-1637 MISC MISC |
| drupal -- drupal | Cross-site scripting (XSS) vulnerability in the Activity module 6.x-1.x for Drupal. | 2019-11-21 | not yet calculated | CVE-2012-2078 MISC MISC |
| e-deploy -- e-deploy | eDeploy through at least 2014-10-14 has remote code execution due to eval() of untrusted data | 2019-11-21 | not yet calculated | CVE-2014-3700 MISC MISC |
| embedthis -- goahead | Embedthis GoAhead before 5.0.1 mishandles redirected HTTP requests with a large Host header. The GoAhead WebsRedirect uses a static host buffer that has a limited length and can overflow. This can cause a copy of the Host header to fail, leaving that buffer uninitialized, which may leak uninitialized data in a response. | 2019-11-22 | not yet calculated | CVE-2019-19240 MISC MISC MISC |
| eracent -- epa_agent | An issue was discovered in Eracent EPA Agent through 10.2.26. The agent executable, when installed for non-root operations (scanning), can be used to start external programs with elevated permissions because of an Untrusted Search Path. | 2019-11-22 | not yet calculated | CVE-2019-17446 CONFIRM |
| eracent -- multiple_linux_agents | An issue was discovered in Eracent EDA, EPA, EPM, EUA, FLW, and SUM Agent through 10.2.26. The agent executable, when installed for non-root operations (scanning), can be forced to copy files from the filesystem to other locations via Symbolic Link Following. | 2019-11-22 | not yet calculated | CVE-2019-17445 CONFIRM |
| exis-ti -- contexis | Cross-site scripting (XSS) vulnerability in the photo gallery model in Exis Contexis before 2.0 allows remote attackers to inject arbitrary web script or HTML via the image parameter in a detail action. | 2019-11-22 | not yet calculated | CVE-2013-6239 MISC MISC MISC |
| flashcanvas -- flashcanvas | Open redirect in proxy.php in FlashCanvas before 1.6 allows remote attackers to redirect users to arbitrary web sites and conduct cross-site scripting (XSS) attacks via the HTTP Referer header. | 2019-11-22 | not yet calculated | CVE-2013-6880 MISC MISC MISC MISC |
| fortinet -- forticlient_for_mac | An Improper Neutralization of Special Elements used in a Command vulnerability in one of FortiClient for Mac OS root processes, may allow a local user of the system on which FortiClient is running to execute unauthorized code as root by bypassing a security check. | 2019-11-21 | not yet calculated | CVE-2019-17650 CONFIRM |
| fortinet -- forticlient_for_mac | A clear text storage of sensitive information vulnerability in FortiClient for Mac may allow a local attacker to read sensitive information logged in the console window when the user connects to an SSL VPN Gateway. | 2019-11-21 | not yet calculated | CVE-2019-15704 CONFIRM |
| fortinet -- fortios | Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key. The aforementioned sensitive data includes users' passwords (except the administrator's password), private keys' passphrases and High Availability password (when set). | 2019-11-21 | not yet calculated | CVE-2019-6693 CONFIRM |
| gitlab -- gitlab | GitLab 12.2.3 contains a security vulnerability that allows a user to affect the availability of the service through a Denial of Service attack in Issue Comments. | 2019-11-22 | not yet calculated | CVE-2019-15593 MISC |
| gnu -- c_library | On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program. | 2019-11-19 | not yet calculated | CVE-2019-19126 MISC |
| gnu -- gnusound | gnusound 0.7.5 has format string issue | 2019-11-19 | not yet calculated | CVE-2012-0824 MISC MISC MISC MISC |
| hotkeyp -- hotkeyp | HotkeyP through 4.9 r96 allows privilege escalation in the privilege function in Commands.cpp. | 2019-11-21 | not yet calculated | CVE-2019-18349 MISC MISC MISC |
| hp -- thinpro | The VPN software within HP ThinPro does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with root privileges. | 2019-11-22 | not yet calculated | CVE-2019-18909 CONFIRM |
| hp -- thinpro | The Citrix Receiver wrapper function does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with local user privileges. | 2019-11-22 | not yet calculated | CVE-2019-18910 CONFIRM |
| hp -- thinpro | An attacker may be able to bypass the OS application filter meant to restrict applications that can be executed by changing browser preferences to launch a separate process that in turn can execute arbitrary commands. | 2019-11-22 | not yet calculated | CVE-2019-16286 CONFIRM |
| hp -- thinpro | An attacker may be able to leverage the application filter bypass vulnerability to gain privileged access to create a file on the local file system whose presence puts the device in Administrative Mode, which will allow the attacker to executed commands with elevated privileges. | 2019-11-22 | not yet calculated | CVE-2019-16287 CONFIRM |
| hp -- thinpro | If a local user has been configured and logged in, an unauthenticated attacker with physical access may be able to extract sensitive information onto a local drive. | 2019-11-22 | not yet calculated | CVE-2019-16285 CONFIRM |
| ibm -- tivoli_netcool_impact | IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.16 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 166719. | 2019-11-22 | not yet calculated | CVE-2019-4569 XF CONFIRM |
| ibm -- tivoli_netcool_impact | IBM Tivoli Netcool Impact 7.1.0 through 7.1.0.16 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 166720. | 2019-11-22 | not yet calculated | CVE-2019-4570 XF CONFIRM |
| ikiwiki -- ikiwiki | Cross-site scripting (XSS) vulnerability in templates/openid-selector.tmpl in ikiwiki before 3.20150329 allows remote attackers to inject arbitrary web script or HTML via the openid_identifier parameter in a verify action to ikiwiki.cgi. | 2019-11-21 | not yet calculated | CVE-2015-2793 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
| iobroker -- iobroker.js-controller | An attacker can include file contents from outside the `/adapter/xxx/` directory, where `xxx` is the name of an existent adapter like "admin". It is exploited using the administrative web panel with a request for an adapter file. **Note:** The attacker has to be logged in if the authentication is enabled (by default isn't enabled). | 2019-11-21 | not yet calculated | CVE-2019-10767 MISC |
| jalios -- jcms | Jalios JCMS 10 allows attackers to access any part of the website and the WebDAV server with administrative privileges via a backdoor account, by using any username and the hardcoded dev password. | 2019-11-21 | not yet calculated | CVE-2019-19033 MISC MISC MISC |
| jenkins -- jenkins | Jenkins Anchore Container Image Scanner Plugin 1.0.19 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | 2019-11-21 | not yet calculated | CVE-2019-16542 MLIST CONFIRM |
| jenkins -- jenkins | Jenkins Spira Importer Plugin 3.2.2 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | 2019-11-21 | not yet calculated | CVE-2019-16543 MLIST CONFIRM |
| jenkins -- jenkins | Jenkins JIRA Plugin 3.0.10 and earlier does not declare the correct (folder) scope for per-folder Jira site definitions, allowing users to select and use credentials with System scope. | 2019-11-21 | not yet calculated | CVE-2019-16541 MLIST CONFIRM |
| jenkins -- jenkins | A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.67 and earlier related to the handling of default parameter expressions in closures allowed attackers to execute arbitrary code in sandboxed scripts. | 2019-11-21 | not yet calculated | CVE-2019-16538 MLIST CONFIRM |
| joomla! -- joomla! | The Mijosoft MijoSearch component 2.0.1 and earlier for Joomla! allows remote attackers to obtain sensitive information via a request to component/mijosearch/search, which reveals the installation path in an error message. | 2019-11-22 | not yet calculated | CVE-2013-6879 MISC |
| joomla! -- joomla! | Cross-site scripting (XSS) vulnerability in the Mijosoft MijoSearch component 2.0.4 and earlier for Joomla! allows remote attackers to inject arbitrary web script or HTML via the query parameter to component/mijosearch/search. | 2019-11-22 | not yet calculated | CVE-2013-6878 MISC |
| kyrol_security_labs -- kyrol_internet_security | IOCTL Handling in the kyrld.sys driver in Kyrol Internet Security 9.0.6.9 allows an attacker to achieve privilege escalation, denial-of-service, and code execution via usermode because 0x9C402401 using METHOD_NEITHER results in a read primitive. | 2019-11-21 | not yet calculated | CVE-2019-19197 MISC MISC |
| lexmark -- services_monitor | In Lexmark Services Monitor 2.27.4.0.39 (running on TCP port 2070), a remote attacker can use a directory traversal technique using /../../../ or ..%2F..%2F..%2F to obtain local files on the host operating system. | 2019-11-21 | not yet calculated | CVE-2019-16758 MISC MISC |
| libarchive -- libarchive | In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call. For example, bsdtar crashes via a crafted archive. | 2019-11-21 | not yet calculated | CVE-2019-19221 MISC MISC |
| lightdm -- lightdm | lightdm before 0.9.6 writes in .dmrc and Xauthority files using root permissions while the files are in user controlled folders. A local user can overwrite root-owned files via a symlink, which can allow possible privilege escalation. | 2019-11-19 | not yet calculated | CVE-2011-3349 MISC MISC MISC MISC MISC MISC |
| linux_foundation -- foomatic-rip_filter | foomatic-rip filter, all versions, used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter. | 2019-11-19 | not yet calculated | CVE-2011-2923 MISC MISC MISC MISC |
| linux_foundation -- foomatic-rip_filter | foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter. | 2019-11-19 | not yet calculated | CVE-2011-2924 MISC MISC MISC MISC MISC MISC |
| linux -- linux_kernel | In the AppleTalk subsystem in the Linux kernel before 5.1, there is a potential NULL pointer dereference because register_snap_client may return NULL. This will lead to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c, as demonstrated by unregister_snap_client, aka CID-9804501fa122. | 2019-11-22 | not yet calculated | CVE-2019-19227 MISC MISC |
| loftek -- nexus_543_ip_camera | The Loftek Nexus 543 IP Camera allows remote attackers to obtain (1) IP addresses via a request to get_realip.cgi or (2) firmware versions (ui and system), timestamp, serial number, p2p port number, and wifi status via a request to get_status.cgi. | 2019-11-21 | not yet calculated | CVE-2013-3314 MISC MISC MISC |
| loftek -- nexus_543_ip_camera | Directory traversal vulnerability in the Loftek Nexus 543 IP Camera allows remote attackers to read arbitrary files via a .. (dot dot) in the URL of an HTTP GET request. | 2019-11-21 | not yet calculated | CVE-2013-3311 MISC MISC MISC |
| loftek -- nexus_543_ip_camera | The Loftek Nexus 543 IP Camera stores passwords in cleartext, which allows remote attackers to obtain sensitive information via an HTTP GET request to check_users.cgi. NOTE: cleartext passwords can also be obtained from proc/kcore when leveraging the directory traversal vulnerability in CVE-2013-3311. | 2019-11-21 | not yet calculated | CVE-2013-3313 MISC MISC MISC |
| loftek -- nexus_543_ip_camera | Multiple cross-site request forgery (CSRF) vulnerabilities in the Loftek Nexus 543 IP Camera allow remote attackers to hijack the authentication of unspecified victims for requests that change (1) passwords or (2) firewall configuration, as demonstrated by a request to set_users.cgi. | 2019-11-21 | not yet calculated | CVE-2013-3312 MISC MISC |
| masqmail -- masqmail | masqmail 0.2.21 through 0.2.30 improperly calls seteuid() in src/log.c and src/masqmail.c that results in improper privilege dropping. | 2019-11-19 | not yet calculated | CVE-2011-3350 MISC MISC MISC |
| mcafee -- client_proxy | Authentication Bypass vulnerability in the Microsoft Windows client in McAfee Client Proxy (MCP) prior to 3.0.0 allows local user to bypass scanning of web traffic and gain access to blocked sites for a short period of time via generating an authorization key on the client which should only be generated by the network administrator. | 2019-11-22 | not yet calculated | CVE-2019-3654 MISC |
| myphpadmin -- myphpadmin | An issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack through the designer feature. | 2019-11-22 | not yet calculated | CVE-2019-18622 CONFIRM |
| naver -- vaccine | nsGreen.dll in Naver Vaccine 2.1.4 allows remote attackers to overwrite arbitary files via directory traversal sequences in a filename within nsz archive. | 2019-11-22 | not yet calculated | CVE-2019-13157 CONFIRM |
| netapp -- ontap_select_deploy | ONTAP Select Deploy administration utility versions 2.11.2 through 2.12.2 are susceptible to a code injection vulnerability which when successfully exploited could allow an unauthenticated remote attacker to enable and use a privileged user account. | 2019-11-21 | not yet calculated | CVE-2019-5509 CONFIRM |
| netapp -- ontap_select_deploy | All versions of ONTAP Select Deploy administration utility are susceptible to a vulnerability which when successfully exploited could allow an administrative user to escalate their privileges. | 2019-11-21 | not yet calculated | CVE-2019-17272 CONFIRM |
| newbee-mall -- newbee-mall | main/resources/mapper/NewBeeMallGoodsMapper.xml in newbee-mall (aka New Bee) before 2019-10-23 allows search?goodsCategoryId=&keyword= SQL Injection. | 2019-11-18 | not yet calculated | CVE-2019-19113 MISC |
| nginx -- nginx | nginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle attack (MITM) | 2019-11-19 | not yet calculated | CVE-2011-4968 MISC MISC MISC MISC MISC MISC MISC |
| nitro_software -- nitro_pro | Nitro Pro before 13.2 creates a debug.log file in the directory where a .pdf file is located, if the .pdf document was produced by an OCR operation on the JPEG output of a scanner. Reportedly, this can have a security risk if debug.log is later edited and then executed. | 2019-11-21 | not yet calculated | CVE-2019-18958 MISC |
| nlnet_labs -- unbound | Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in the configuration. | 2019-11-19 | not yet calculated | CVE-2019-18934 MLIST MISC MISC CONFIRM |
| nsslglobal_technologies -- satlink_vsat_modem_unit_devices | The web interface for NSSLGlobal SatLink VSAT Modem Unit (VMU) devices before 18.1.0 doesn't properly sanitize input for error messages, leading to the ability to inject client-side code. | 2019-11-22 | not yet calculated | CVE-2019-15652 MISC MISC |
| nusphere -- nusoap | nuSOAP before 0.7.3-5 does not properly check the hostname of a cert. | 2019-11-19 | not yet calculated | CVE-2012-6071 MISC MISC MISC MISC |
| oniguruma -- oniguruma | An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read. | 2019-11-21 | not yet calculated | CVE-2019-19203 MISC MISC |
| oniguruma -- oniguruma | An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch_range_quantifier) in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read. | 2019-11-21 | not yet calculated | CVE-2019-19204 MISC MISC |
| openshift-origin-note_gem_for_ruby_on_rails -- openshift-origin-note_gem_for_ruby_on_rails | Ruby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and cron.weekly. | 2019-11-21 | not yet calculated | CVE-2014-0084 MISC |
| openstack -- designate | Designate does not enforce the DNS protocol limit concerning record set sizes | 2019-11-22 | not yet calculated | CVE-2015-5694 MISC MISC MISC MISC |
| ovirt -- ovirt | oVirt users with MANIPULATE_STORAGE_DOMAIN permissions can attach a storage domain to any data-center | 2019-11-22 | not yet calculated | CVE-2015-1780 MISC MISC |
| owncloud -- owncloud | Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.5, 4.0.10, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) unspecified parameters to apps/calendar/ajax/event/new.php or (2) url parameter to apps/bookmarks/ajax/addBookmark.php. | 2019-11-22 | not yet calculated | CVE-2013-0203 MISC MISC |
| pagekit -- pagekit | A CSRF vulnerability in Pagekit 1.0.17 allows an attacker to upload an arbitrary file by removing the CSRF token from a request. | 2019-11-22 | not yet calculated | CVE-2019-19013 MISC |
| pannellum -- pannellum | In Pannellum from 2.5.0 through 2.5.4 URLs were not sanitized for data URIs (or vbscript:), allowing for potential XSS attacks. Such an attack would require a user to click on a hot spot to execute and would require an attacker-provided configuration. The most plausible potential attack would be if pannellum.htm was hosted on a domain that shared cookies with the targeted site's user authentication; an <iframe> could then be embedded on the attacker's site using pannellum.htm from the targeted site, which would allow the attacker to potentially access information from the targeted site as the authenticated user (or worse if the targeted site did not have adequate CSRF protections) if the user clicked on a hot spot in the attacker's embedded panorama viewer. This was patched in version 2.5.5. | 2019-11-22 | not yet calculated | CVE-2019-16763 MISC CONFIRM |
| pivotal -- rabbitmq_and_rabbitmq_for_pcf | Pivotal RabbitMQ, 3.7 versions prior to v3.7.20 and 3.8 version prior to v3.8.1, and RabbitMQ for PCF, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain two endpoints, federation and shovel, which do not properly sanitize user input. A remote authenticated malicious user with administrative access could craft a cross site scripting attack via the vhost or node name fields that could grant access to virtual hosts and policy management information. | 2019-11-22 | not yet calculated | CVE-2019-11291 CONFIRM |
| pivotal -- rabbitmq_and_rabbitmq_for_pivotal_platform | Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. The "X-Reason" HTTP Header can be leveraged to insert a malicious Erlang format string that will expand and consume the heap, resulting in the server crashing. | 2019-11-23 | not yet calculated | CVE-2019-11287 CONFIRM |
| plex -- media_server | Plex Media Server 1.18.2.2029-36236cc4c allows remote attackers to bypass intended access control because X-Plex-Token is mishandled, and can be retrieved from Tautulli. | 2019-11-18 | not yet calculated | CVE-2018-21031 MISC MISC |
| plow -- plow | plow has local buffer overflow vulnerability | 2019-11-22 | not yet calculated | CVE-2012-3407 MISC MISC MISC |
| posh -- posh_portal | Multiple cross-site scripting (XSS) vulnerabilities in POSH (aka Posh portal or Portaneo) 3.0 through 3.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) error parameter to /includes/plugins/mobile/scripts/login.php or (2) id parameter to portal/openrssarticle.php | 2019-11-22 | not yet calculated | CVE-2014-2214 MISC MISC |
| posh -- posh_portal | Open redirect vulnerability in the password reset functionality in POSH 3.0 through 3.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to portal/scr_sendmd5.php. | 2019-11-22 | not yet calculated | CVE-2014-2213 MISC MISC MISC |
| postfixadmin -- postfixadmin | PostfixAdmin 2.3.4 has multiple XSS vulnerabilities | 2019-11-22 | not yet calculated | CVE-2012-0812 MISC MISC MISC MISC MISC MISC MISC |
| powerdns -- authoritative_server | PowerDNS Authoritative daemon , all versions pdns 4.1.x before pdns 4.1.10, exiting when encountering a serial between 2^31 and 2^32-1 while trying to notify a slave leads to DoS. | 2019-11-22 | not yet calculated | CVE-2019-10203 CONFIRM |
| pyxml -- pyxml | PyXML: Hash table collisions CPU usage Denial of Service | 2019-11-22 | not yet calculated | CVE-2012-0877 MISC MISC MISC MISC MISC |
| qualcomm -- ips | Integer overflow to buffer overflow vulnerability in PostScript image handling code used by the PostScript- and PDF-compatible interpreters due to incorrect buffer size calculation. in PostScript and PDF printers that use IPS versions prior to 2019.2 in PostScript and PDF printers that use IPS versions prior to 2019.2 | 2019-11-21 | not yet calculated | CVE-2019-10627 CONFIRM |
| qualcomm -- multiple_products | Use after free issue in Xtra daemon shutdown due to static object instance getting freed from a multiple places in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCS605, SDA660, SDA845, SDM450, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR2130 | 2019-11-21 | not yet calculated | CVE-2019-10490 CONFIRM |
| qualcomm -- multiple_products | Non Secure Kernel can cause Trustzone to do an arbitrary memory read which will result into DOS in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8017, APQ8053, APQ8096, APQ8096AU, IPQ8074, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, QCA8081, QM215, SDM429, SDM439, SDM450, SDM632, Snapdragon_High_Med_2016 | 2019-11-21 | not yet calculated | CVE-2019-2318 CONFIRM |
| qualcomm -- multiple_products | Race condition due to the lack of resource lock which will be concurrently modified in the memcpy statement leads to out of bound access in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8939, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150 | 2019-11-21 | not yet calculated | CVE-2019-10486 CONFIRM |
| qualcomm -- multiple_products | Lack of integrity check allows MODEM to accept any NAS messages which can result into authentication bypass of NAS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130 | 2019-11-21 | not yet calculated | CVE-2019-2289 CONFIRM |
| qualcomm -- multiple_products | While invoking the API to copy from fd or local buffer to the secure buffer, Parameters being populated are from non secure environment. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, QCS404, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, Snapdragon_High_Med_2016, SXR1130, SXR2130 | 2019-11-21 | not yet calculated | CVE-2019-2315 CONFIRM |
| qualcomm -- multiple_products | Improper validation for loop variable received from firmware can lead to out of bound access in WLAN function while iterating through loop in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8096AU, APQ8098, MDM9640, MSM8996AU, MSM8998, QCA6574AU, QCN7605, QCS405, QCS605, SDA845, SDM845, SDX20 | 2019-11-21 | not yet calculated | CVE-2019-10535 CONFIRM |
| qualcomm -- multiple_products | Out-of-bounds access can occur in camera driver due to improper validation of array index in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, QCN7605, SDA660, SDM450, SDM630, SDM636, SDM660, SDX20 | 2019-11-21 | not yet calculated | CVE-2019-10503 CONFIRM |
| qualcomm -- multiple_products | Possible OOB read issue in P2P action frames while handling WLAN management frame in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8996AU, MSM8998, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS405, QCS605, SDA660, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150 | 2019-11-21 | not yet calculated | CVE-2019-2268 CONFIRM |
| qualcomm -- multiple_products | Possible double free issue in kernel while handling the camera sensor and its sub modules power sequence in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MDM9206, MDM9207C, MDM9607, MSM8909, MSM8909W, Nicobar, QCA9980, QCS405, QCS605, SDM845, SDX24, SM7150, SM8150 | 2019-11-21 | not yet calculated | CVE-2019-2266 CONFIRM |
| qualcomm -- multiple_products | Subsequent use of the CBO listener may result in further memory corruption due to use after free issue. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, SDX55, SM6150, SM7150, SM8150, SXR2130 | 2019-11-21 | not yet calculated | CVE-2019-2336 CONFIRM |
| qualcomm -- multiple_products | Buffer overflow can occur while processing non-standard NAN message from user space. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA660, SDA845, SDM636, SDM660, SDM845, SDX20, SDX24, SM8150 | 2019-11-21 | not yet calculated | CVE-2019-2297 CONFIRM |
| qualcomm -- multiple_products | Out of bound access due to lack of check of whiltelist array size while reading the image elf segments. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, QCS605, SDA845, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130 | 2019-11-21 | not yet calculated | CVE-2019-2339 CONFIRM |
| qualcomm -- multiple_products | Use after free issue in cleanup routine due to missing pointer sanitization for a failed start of a trusted application. in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, QCS605, SDA845, SDM670, SDM710, SDM845, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130 | 2019-11-21 | not yet calculated | CVE-2019-2329 CONFIRM |
| qualcomm -- multiple_products | If a bitmap file is loaded from any un-authenticated source, there is a possibility that the bitmap can potentially cause stack buffer overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8016, APQ8096AU, APQ8098, MDM9205, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, SA6155P, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 | 2019-11-21 | not yet calculated | CVE-2019-2251 CONFIRM |
| qualcomm -- multiple_products | Out-of-bounds memory access in Qurt kernel function when using the identifier to access Qurt kernel buffer to retrieve thread data. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8976, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX55, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130 | 2019-11-21 | not yet calculated | CVE-2018-13916 CONFIRM |
| qualcomm -- multiple_products | Information disclosure due to lack of address range check done on the SysDBG buffers in SDI code. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, MDM9205, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998, Nicobar, QCS404, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, Snapdragon_High_Med_2016, SXR1130 | 2019-11-21 | not yet calculated | CVE-2019-2295 CONFIRM |
| qualcomm -- multiple_products | Buffer over read can happen while parsing downlink session management OTA messages if network sends un-intended values in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130 | 2019-11-21 | not yet calculated | CVE-2019-2271 CONFIRM |
| qualcomm -- multiple_products | SNDCP module may access array out side its boundary when it receives malformed XID message. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130 | 2019-11-21 | not yet calculated | CVE-2019-2303 CONFIRM |
| qualcomm -- multiple_products | While processing Attach Reject message, Valid exit condition is not met resulting into an infinite loop in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130 | 2019-11-21 | not yet calculated | CVE-2019-2335 CONFIRM |
| qualcomm -- qca6174_9377 | Low privilege users can access service configuration which contains registry data that admins uses to create or delete entries in the registry in QCA6174_9377.WIN.1.0 in QCA6174_9377 | 2019-11-21 | not yet calculated | CVE-2019-10617 CONFIRM |
| rconfig -- rconfig | rConfig 3.9.2 allows devices.php?searchColumn= SQL injection. | 2019-11-21 | not yet calculated | CVE-2019-19207 MISC |
| rc -- rc | rc before 1.7.1-5 insecurely creates temporary files. | 2019-11-21 | not yet calculated | CVE-2014-1936 MISC MISC MISC |
| red_hat -- ansible-playbook_-k_and_ansible_cli_tools | ansible-playbook -k and ansible cli tools, all versions 2.8.x before 2.8.4, all 2.7.x before 2.7.13 and all 2.6.x before 2.6.19, prompt passwords by expanding them from templates as they could contain special characters. Passwords should be wrapped to prevent templates trigger and exposing them. | 2019-11-22 | not yet calculated | CVE-2019-10206 CONFIRM |
| red_hat -- clouldforms | cloudforms version, cloudforms 5.8 and cloudforms 5.9, is vulnerable to a cross-site-scripting. A flaw was found in CloudForms's v2v infrastructure mapping delete feature. A stored cross-site scripting due to improper sanitization of user input in Name field. | 2019-11-22 | not yet calculated | CVE-2018-10854 CONFIRM |
| red_hat -- redhat-upgrade-tool | redhat-upgrade-tool: Does not check GPG signatures when upgrading versions | 2019-11-22 | not yet calculated | CVE-2014-3585 REDHAT REDHAT |
| ros -- ros_comm | An issue was discovered in the ROS communications-related packages (aka ros_comm or ros-melodic-ros-comm) through 1.14.3. A buffer overflow allows attackers to cause a denial of service and possibly execute arbitrary code via an IP address with a long hostname. | 2019-11-22 | not yet calculated | CVE-2019-13566 MISC MISC MISC |
| ruby_net-ldap_gem_for_ruby_on_rails -- ruby_net-ldap_gem_for_ruby_on_rails | The Ruby net-ldap gem before 0.16.2 uses a weak salt when generating SSHA passwords. | 2019-11-21 | not yet calculated | CVE-2014-0083 MISC MISC CONFIRM MISC |
| sangoma -- asterisk_and_certified_asterisk | An issue was discovered in manager.c in Sangoma Asterisk through 13.x, 16.x, 17.x and Certified Asterisk 13.21 through 13.21-cert4. A remote authenticated Asterisk Manager Interface (AMI) user without system authorization could use a specially crafted Originate AMI request to execute arbitrary system commands. | 2019-11-22 | not yet calculated | CVE-2019-18610 MISC MISC |
| sangoma -- asterisk_and_certified_asterisk | An issue was discovered in channels/chan_sip.c in Sangoma Asterisk 13.x, 16.x, and 17.x, and Certified Asterisk 13.21, because of an incomplete fix for CVE-2019-18351. A SIP request can be sent to Asterisk that can change a SIP peer's IP address. A REGISTER does not need to occur, and calls can be hijacked as a result. The only thing that needs to be known is the peer's name; authentication details such as passwords do not need to be known. This vulnerability is only exploitable when the nat option is set to the default, or auto_force_rport. | 2019-11-22 | not yet calculated | CVE-2019-18790 MISC MISC |
| sangoma -- asterisk_and_certified_asterisk | An issue was discovered in res_pjsip_t38.c in Sangoma Asterisk through 13.x and Certified Asterisk through 13.21-x. If it receives a re-invite initiating T.38 faxing and has a port of 0 and no c line in the SDP, a NULL pointer dereference and crash will occur. This is different from CVE-2019-18940. | 2019-11-22 | not yet calculated | CVE-2019-18976 CONFIRM MISC MISC MISC MISC |
| sangoma -- freepbx | Sangoma FreePBX 115.0.16.26 and below, 14.0.13.11 and below, 13.0.197.13 and below have Incorrect Access Control. | 2019-11-21 | not yet calculated | CVE-2019-19006 MISC MISC CONFIRM MISC |
| schneider_electric -- andover_continuum_devices | A CWE-79: Failure to Preserve Web Page Structure vulnerability exists in Andover Continuum (models 9680, 5740 and 5720, bCX4040, bCX9640, 9900, 9940, 9924 and 9702) , which could enable a successful Cross-site Scripting (XSS attack) when using the products web server. | 2019-11-20 | not yet calculated | CVE-2019-6853 CONFIRM |
| shibboleth -- shibboleth_service_provider | Shibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file that calls chown on files in a directory controlled by the service user (the shibd account) after installation. This allows the user to escalate to root by pointing symlinks to files such as /etc/shadow. | 2019-11-21 | not yet calculated | CVE-2019-19191 MISC MISC |
| slackbuilds -- slackware | Slackware 13.1, 13.37, 14.0 and 14.1 contain world-writable permissions on the iodbctest and iodbctestw programs within the libiodbc package, which could allow local users to use RPATH information to execute arbitrary code with root privileges. | 2019-11-21 | not yet calculated | CVE-2013-7172 MISC MISC MISC MISC |
| slackbuilds -- slackware_and_slackware_llvm | Slackware 14.0 and 14.1, and Slackware LLVM 3.0-i486-2 and 3.3-i486-2, contain world-writable permissions on the /tmp directory which could allow remote attackers to execute arbitrary code with root privileges. | 2019-11-21 | not yet calculated | CVE-2013-7171 MISC MISC MISC MISC |
| sniffit -- sniffit | sniffit 0.3.7 and prior: A configuration file can be leveraged to execute code as root | 2019-11-19 | not yet calculated | CVE-2014-5439 MISC MISC |
| spagobi -- spagobi | Unrestricted file upload vulnerability in the Worksheet designer in SpagoBI before 4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory, aka "XSS File Upload." | 2019-11-22 | not yet calculated | CVE-2013-6234 MISC MISC MISC |
symfony -- symfony | An issue was discovered in Symfony before 4.2.12 and 4.3.x before 4.3.8. The VarExport component incorrectly escapes strings, allowing some specially crafted ones to escalate to execution of arbitrary PHP code. This is related to symfony/var-exporter. | 2019-11-21 | not yet calculated | CVE-2019-11325 CONFIRM MISC CONFIRM CONFIRM |
| symfony -- symfony | An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. If an application passes unvalidated user input as the file for which MIME type validation should occur, then arbitrary arguments are passed to the underlying file command. This is related to symfony/http-foundation (and symfony/mime in 4.3.x). | 2019-11-21 | not yet calculated | CVE-2019-18888 CONFIRM FEDORA FEDORA FEDORA CONFIRM CONFIRM |
| symfony -- symfony | An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. The UriSigner was subject to timing attacks. This is related to symfony/http-kernel. | 2019-11-21 | not yet calculated | CVE-2019-18887 CONFIRM FEDORA FEDORA FEDORA CONFIRM CONFIRM |
| symfony -- symfony | An issue was discovered in Symfony 4.2.0 to 4.2.11 and 4.3.0 to 4.3.7. The ability to enumerate users was possible due to different handling depending on whether the user existed when making unauthorized attempts to use the switch users functionality. This is related to symfony/security. | 2019-11-21 | not yet calculated | CVE-2019-18886 MISC CONFIRM MISC |
| symfony -- symfony | An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache. | 2019-11-21 | not yet calculated | CVE-2019-18889 CONFIRM FEDORA CONFIRM CONFIRM |
| synametrics_technologies -- synaman_and_syncrify_and_syntail | Multiple cross-site request forgery (CSRF) vulnerabilities in Synametrics Technologies SynaMan before 3.5 Build 1451, Syncrify before 3.7 Build 856, and SynTail before 1.5 Build 567 | 2019-11-21 | not yet calculated | CVE-2015-3140 CONFIRM CONFIRM CONFIRM |
| tenda -- ac9_router_ac1200_smart_dual_band_gigabit_wifi_router | An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route (AC9V1.0 Firmware V15.03.05.16multiTRU). A specially crafted HTTP POST request can cause a command injection in the DNS1 post parameters, resulting in code execution. An attacker can send HTTP POST request with command to trigger this vulnerability. | 2019-11-21 | not yet calculated | CVE-2019-5071 MISC |
| tenda -- ac9_router_ac1200_smart_dual_band_gigabit_wifi_router | An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route (AC9V1.0 Firmware V15.03.05.16multiTRU). A specially crafted HTTP POST request can cause a command injection in the DNS2 post parameters, resulting in code execution. An attacker can send HTTP POST request with command to trigger this vulnerability. | 2019-11-21 | not yet calculated | CVE-2019-5072 MISC |
| videolan -- libbluray | libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when expanding JAR files | 2019-11-22 | not yet calculated | CVE-2015-7810 MISC MISC MISC MISC MISC |
| vmware -- workstation_and_fusion | VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain an information disclosure vulnerability in vmnetdhcp. Successful exploitation of this issue may allow an attacker on a guest VM to disclose sensitive information by leaking memory from the host process. | 2019-11-20 | not yet calculated | CVE-2019-5540 CONFIRM |
| vmware -- workstation_and_fusion | VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain an out-of-bounds write vulnerability in the e1000e virtual network adapter. Successful exploitation of this issue may lead to code execution on the host from the guest or may allow attackers to create a denial-of-service condition on their own VM. | 2019-11-20 | not yet calculated | CVE-2019-5541 CONFIRM |
| vtiger -- vtiger_crm | In Vtiger 7.x before 7.2.0, the My Preferences saving functionality allows a user without administrative privileges to change his own role by adding roleid=H2 to a POST request. | 2019-11-21 | not yet calculated | CVE-2019-19202 MISC |
| w3edge -- w3_total_cache | W3 Total Cache before 0.9.2.5 allows remote attackers to retrieve password hash information due to insecure storage of database cache files. | 2019-11-22 | not yet calculated | CVE-2012-6077 MISC MISC MISC MISC CONFIRM |
| w3edge -- w3_total_cache | W3 Total Cache before 0.9.2.5 exposes sensitive cached database information which allows remote attackers to download this information via their hash keys. | 2019-11-22 | not yet calculated | CVE-2012-6079 MISC MISC MISC CONFIRM |
| w3edge -- w3_total_cache | W3 Total Cache before 0.9.2.5 generates hash keys insecurely which allows remote attackers to predict the values of the hashes. | 2019-11-22 | not yet calculated | CVE-2012-6078 MISC MISC MISC CONFIRM |
| wolfssl -- wolfssl | wolfssl before 3.2.0 does not properly issue certificates for a server's hostname. | 2019-11-21 | not yet calculated | CVE-2014-2901 MISC MISC |
| wolfssl -- wolfssl | wolfssl before 3.2.0 has a server certificate that is not properly authorized for server authentication. | 2019-11-21 | not yet calculated | CVE-2014-2904 MISC MISC MISC |
| wolfssl -- wolfssl | wolfssl before 3.2.0 does not properly authorize CA certificate for signing other certificates. | 2019-11-21 | not yet calculated | CVE-2014-2902 MISC MISC MISC |
| xcfa -- xcfa | xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary files. | 2019-11-21 | not yet calculated | CVE-2014-5254 MISC MISC MISC MISC MISC |
| xcfa -- xcfa | xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary files. Note: A different vulnerability than CVE-2014-5254. | 2019-11-21 | not yet calculated | CVE-2014-5255 MISC MISC MISC MISC MISC MISC |
| xcftools -- xcftools | An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools, version 1.0.7. An integer overflow can occur while walking through tiles that could be exploited to corrupt memory and execute arbitrary code. In order to trigger this vulnerability, a victim would need to open a specially crafted XCF file. | 2019-11-21 | not yet calculated | CVE-2019-5086 MISC MISC |
| xcftools -- xcftools | An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools 1.0.7. An integer overflow can occur while calculating the row's allocation size, that could be exploited to corrupt memory and eventually execute arbitrary code. In order to trigger this vulnerability, a victim would need to open a specially crafted XCF file. | 2019-11-21 | not yet calculated | CVE-2019-5087 MISC MISC |
| xlockmore -- xlockmore | xlockmore before 5.43 'dclock' security bypass vulnerability | 2019-11-21 | not yet calculated | CVE-2012-4524 MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC |
| zhone -- znid_2426a | The web administrative portal in Zhone zNID 2426A before S3.0.501 allows remote authenticated users to bypass intended access restrictions via a modified server response, related to an insecure direct object reference. | 2019-11-21 | not yet calculated | CVE-2014-8356 MISC MISC MISC |
| zoho_manageengine -- opmanager_and_firewall_analyzer | Incorrect file permissions on the packaged Nipper executable file in Zoho ManageEngine OpManager 12.4.072 and Firewall Analyzer 12.4.072 allow local users to elevate privileges to root by overwriting this file with a malicious payload. | 2019-11-21 | not yet calculated | CVE-2019-17421 MISC MISC |
| zte -- xscdn_iamweb | The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a code injection vulnerability. An attacker could exploit the vulnerability to inject malicious code into the management page, resulting in users? information leakage. | 2019-11-22 | not yet calculated | CVE-2019-3427 CONFIRM |
| zte -- zxcdn_iamweb | The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a configuration error vulnerability. An attacker could directly access the management portal in HTTP, resulting in users? information leakage. | 2019-11-22 | not yet calculated | CVE-2019-3428 CONFIRM |
| zulip -- zulip_server | In Zulip Server versions from 1.7.0 to before 2.0.7, a bug in the new user signup process meant that users who registered their account using social authentication (e.g., GitHub or Google SSO) in an organization that also allows password authentication could have their personal API key stolen by an unprivileged attacker, allowing nearly full access to the user's account. | 2019-11-21 | not yet calculated | CVE-2019-18933 CONFIRM MISC |
Please share your thoughts
We recently updated our anonymous product survey; we’d welcome your feedback.