Vulnerability Summary for the Week of December 16, 2019

Released
Dec 23, 2019
Document ID
SB19-357

The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High: vulnerabilities with a CVSS base score of 7.0–10.0
  • Medium: vulnerabilities with a CVSS base score of 4.0–6.9
  • Low: vulnerabilities with a CVSS base score of 0.0–3.9

Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis. 

The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

 

High Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
advantech -- diaganywhere_serverIn Advantech DiagAnywhere Server, Versions 3.07.11 and prior, multiple stack-based buffer overflow vulnerabilities exist in the file transfer service listening on the TCP port. Successful exploitation could allow an unauthenticated attacker to execute arbitrary code with the privileges of the user running DiagAnywhere Server.2019-12-177.5CVE-2019-18257
MISC
apple -- icloud_for_windowsA race condition existed during the installation of iTunes for Windows. This was addressed with improved state handling. This issue is fixed in iCloud for Windows 7.11. Running the iTunes installer in an untrusted directory may result in arbitrary code execution.2019-12-187.6CVE-2019-6232
MISC
apple -- icloud_for_windows
 
A race condition existed during the installation of iCloud for Windows. This was addressed with improved state handling. This issue is fixed in iCloud for Windows 7.11. Running the iCloud installer in an untrusted directory may result in arbitrary code execution.2019-12-187.6CVE-2019-6236
MISC
apple -- macos_catalinaA validation issue was addressed with improved logic. This issue is fixed in macOS Catalina 10.15.1. A malicious application may be able to gain root privileges.2019-12-189.3CVE-2019-8802
MISC
apple -- macos_catalina
 
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15. An application may be able to execute arbitrary code with kernel privileges.2019-12-187.2CVE-2019-8748
MISC
apple -- macos_catalina
 
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15. An application may be able to execute arbitrary code with kernel privileges.2019-12-189.3CVE-2019-8781
MISC
apple -- macos_catalina
 
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15. An application may be able to execute arbitrary code with system privileges.2019-12-187.2CVE-2019-8758
MISC
apple -- macos_catalina
 
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1. An application may be able to execute arbitrary code with system privileges.2019-12-189.3CVE-2019-8807
MISC
apple -- macos_catalina_and_tvos
 
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15, tvOS 13. An application may be able to execute arbitrary code with kernel privileges.2019-12-187.2CVE-2019-8717
MISC
apple -- macos_mojaveA memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6. An application may be able to execute arbitrary code with kernel privileges.2019-12-189.3CVE-2019-8694
MISC
apple -- macos_mojaveA logic issue was addressed with improved restrictions. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with kernel privileges.2019-12-189.3CVE-2019-8590
MISC
apple -- macos_mojaveA memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6. An application may be able to execute arbitrary code with system privileges.2019-12-189.3CVE-2019-8695
MISC
apple -- macos_mojaveThis issue was addressed with improved checks. This issue is fixed in macOS Mojave 10.14.4. A local user may be able to execute arbitrary shell commands.2019-12-187.2CVE-2019-8513
MISC
apple -- macos_mojaveA memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with system privileges.2019-12-189.3CVE-2019-8629
MISC
apple -- macos_mojave
 
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with system privileges.2019-12-187.2CVE-2019-8635
MISC
apple -- macos_mojave
 
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Mojave 10.14.6. A remote attacker may be able to cause arbitrary code execution.2019-12-187.5CVE-2019-8661
MISC
apple -- macos_mojave
 
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6. An application may be able to execute arbitrary code with system privileges.2019-12-187.2CVE-2019-8697
MISC
apple -- macos_mojave
 
A buffer overflow was addressed with improved size validation. This issue is fixed in macOS Mojave 10.14.4. A malicious application may be able to execute arbitrary code with kernel privileges.2019-12-189.3CVE-2019-8555
MISC
apple -- macos_mojave
 
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with system privileges.2019-12-187.2CVE-2019-8616
MISC
apple -- macos_mojave
 
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with system privileges.2019-12-187.2CVE-2019-8604
MISC
apple -- macos_mojave
 
A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Mojave 10.14.4. Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges.2019-12-187.2CVE-2019-8508
MISC
apple -- macos_mojave
 
A race condition was addressed with additional validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A malicious application may be able to gain root privileges.2019-12-187.6CVE-2019-8565
MISC
MISC
apple -- macos_mojave
 
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Mojave 10.14.4. An application may be able to gain elevated privileges.2019-12-187.2CVE-2019-8526
MISC
apple -- multiple_productsA memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A maliciously crafted SQL query may lead to arbitrary code execution.2019-12-187.5CVE-2019-8600
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsA type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. An application may be able to cause unexpected system termination or write kernel memory.2019-12-188.8CVE-2019-8591
MISC
MISC
MISC
MISC
apple -- multiple_productsA memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. An application may be able to execute arbitrary code with system privileges.2019-12-189.3CVE-2019-8593
MISC
MISC
MISC
apple -- multiple_productsMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-189.3CVE-2019-8814
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-189.3CVE-2019-8676
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-189.3CVE-2019-8815
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-189.3CVE-2019-8688
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-189.3CVE-2019-8669
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-189.3CVE-2019-8684
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-189.3CVE-2019-8689
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-189.3CVE-2019-8816
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. A remote attacker may be able to cause arbitrary code execution.2019-12-187.5CVE-2019-8613
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-189.3CVE-2019-8685
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. An application may be able to execute arbitrary code with system privileges.2019-12-189.3CVE-2019-8574
MISC
MISC
MISC
MISC
apple -- multiple_products
 
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. A remote attacker may be able to cause arbitrary code execution.2019-12-187.5CVE-2019-8648
MISC
MISC
MISC
MISC
apple -- multiple_products
 
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A malicious application may be able to execute arbitrary code with system privileges.2019-12-189.3CVE-2019-8605
MISC
MISC
MISC
MISC
apple -- multiple_products
 
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.4, tvOS 12.4, watchOS 5.3. A remote attacker may be able to cause arbitrary code execution.2019-12-187.5CVE-2019-8647
MISC
MISC
MISC
apple -- multiple_products
 
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.2019-12-187.5CVE-2019-8641
MISC
MISC
MISC
MISC
apple -- multiple_products
 
This issue was addressed with improved checks. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. An attacker may be able to trigger a use-after-free in an application deserializing an untrusted NSDictionary.2019-12-187.5CVE-2019-8662
MISC
MISC
MISC
MISC
apple -- multiple_products
 
An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. A malicious application may be able to gain root privileges.2019-12-189.3CVE-2019-8637
MISC
MISC
MISC
apple -- multiple_products
 
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.2019-12-187.5CVE-2019-8660
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-189.3CVE-2019-8672
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- watchosA memory corruption vulnerability was addressed with improved locking. This issue is fixed in watchOS 6.1. An application may be able to execute arbitrary code with kernel privileges.2019-12-189.3CVE-2019-8747
MISC
apple -- watchos_and_icloud_for_windows
 
Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Multiple issues in libxslt.2019-12-187.5CVE-2019-8750
MISC
MISC
apple -- xcode
 
Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege.2019-12-189.3CVE-2019-8723
MISC
apple -- xcode
 
Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege.2019-12-189.3CVE-2019-8724
MISC
elog -- elogELOG 3.1.4-57bea22 and below can be used as an HTTP GET request proxy when unauthenticated remote attackers send crafted HTTP POST requests.2019-12-177.5CVE-2019-3996
MISC
envoy_proxy -- envoyAn issue was discovered in Envoy 1.12.0. An untrusted remote client may send an HTTP header (such as Host) with whitespace after the header content. Envoy will treat "header-value " as a different string from "header-value" so for example with the Host header "example.com " one could bypass "example.com" matchers.2019-12-137.5CVE-2019-18802
MISC
MISC
MISC
MISC
envoy_proxy -- envoyAn issue was discovered in Envoy 1.12.0. An untrusted remote client may send HTTP/2 requests that write to the heap outside of the request buffers when the upstream is HTTP/1. This may be used to corrupt nearby heap contents (leading to a query-of-death scenario) or may be used to bypass Envoy's access control mechanisms such as path based routing. An attacker can also modify requests from other users that happen to be proximal temporally and spatially.2019-12-137.5CVE-2019-18801
MISC
MISC
MISC
CONFIRM
MISC
fontforge -- libspiro
 
Libspiro through 20190731 has a stack-based buffer overflow in the spiro_to_bpath0() function in spiro.c.2019-12-177.5CVE-2019-19847
MISC
google -- tensorflowIn TensorFlow before 1.15, a heap buffer overflow in UnsortedSegmentSum can be produced when the Index template argument is int32. In this case data_size and num_segments fields are truncated from int64 to int32 and can produce negative numbers, resulting in accessing out of bounds heap memory. This is unlikely to be exploitable and was detected and fixed internally in TensorFlow 1.15 and 2.0.2019-12-167.5CVE-2019-16778
MISC
MISC
CONFIRM
joomla -- joomla!class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-2019-19576.2019-12-177.5CVE-2019-19634
MISC
MISC
MISC
joomla -- joomla!In Joomla! before 3.9.14, the lack of validation of configuration parameters used in SQL queries caused various SQL injection vectors.2019-12-187.5CVE-2019-19846
MISC
labf -- aceaxe_plusThe FTP client in AceaXe Plus 1.0 allows a buffer overflow via a long EHLO response from an FTP server.2019-12-1310CVE-2019-19782
MISC
MISC
linux -- linux_kernelIn the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause a NULL pointer dereference in f2fs_recover_fsync_data in fs/f2fs/recovery.c. This is related to F2FS_P_SB in fs/f2fs/f2fs.h.2019-12-177.1CVE-2019-19815
MISC
MISC
linux -- linux_kernel
 
In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.2019-12-179.3CVE-2019-19814
MISC
linux -- linux_kernel
 
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image and performing some operations can cause slab-out-of-bounds write access in __btrfs_map_block in fs/btrfs/volumes.c, because a value of 1 for the number of data stripes is mishandled.2019-12-179.3CVE-2019-19816
MISC
linux -- linux_kernel
 
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. This is related to mutex_can_spin_on_owner in kernel/locking/mutex.c, __btrfs_qgroup_free_meta in fs/btrfs/qgroup.c, and btrfs_insert_delayed_items in fs/btrfs/delayed-inode.c.2019-12-179.3CVE-2019-19813
MISC
petwant_and_skymee -- pf-103_and_petalk_aiThe processCommandSetMac() function of libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user.2019-12-1310CVE-2019-16737
MISC
petwant_and_skymee -- pf-103_and_petalk_aiprocessCommandSetUid() in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user.2019-12-1310CVE-2019-16733
MISC
petwant_and_skymee -- pf-103_and_petalk_ai
 
Unencrypted HTTP communications for firmware upgrades in Petalk AI and PF-103 allow man-in-the-middle attackers to run arbitrary code as the root user.2019-12-139.3CVE-2019-16732
MISC
petwant_and_skymee -- pf-103_and_petalk_ai
 
A stack-based buffer overflow in processCommandUploadLog in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to cause denial of service or run arbitrary code as the root user.2019-12-1310CVE-2019-16735
MISC
petwant_and_skymee -- pf-103_and_petalk_ai
 
processCommandUpgrade() in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user.2019-12-1310CVE-2019-16730
MISC
MISC
petwant_and_skymee -- pf-103_and_petalk_ai
 
The processCommandUploadLog() function of libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user.2019-12-1310CVE-2019-17364
MISC
petwant_and_skymee -- pf-103_and_petalk_ai
 
A stack-based buffer overflow in processCommandUploadSnapshot in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to cause denial of service or run arbitrary code as the root user.2019-12-1310CVE-2019-16736
MISC
petwant_and_skymee -- pf-103_and_petalk_ai
 
Use of default credentials for the TELNET server in Petwant PF-103 firmware 4.3.2.50 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user.2019-12-1310CVE-2019-16734
MISC
puppet -- mcollective
 
mcollective has a default password set at install2019-12-137.5CVE-2014-0175
MISC
MISC
MISC
python-requests-kerberos -- python-requests-kerberos
 
python-requests-Kerberos through 0.5 does not handle mutual authentication2019-12-157.5CVE-2014-8650
MISC
MISC
MISC
MISC
qualcomm -- multiple_snapdragon_productsOut of boundary access is possible as there is no validation of data accessed against the received size of the packet in case of malicious firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS405, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR21302019-12-187.5CVE-2019-10614
CONFIRM
qualcomm -- multiple_snapdragon_productsBuffer overwrite can occur in IEEE80211 header filling function due to lack of range check of array index received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, IPQ8074, MDM9607, MDM9650, MSM8909, MSM8939, QCN7605, SDA660, SDM630, SDM636, SDM660, SDX20, SDX242019-12-187.2CVE-2019-10605
CONFIRM
qualcomm -- multiple_snapdragon_productsInteger overflow to buffer overflow due to lack of validation of event arguments received from firmware. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, MDM9607, MSM8917, MSM8920, MSM8937, MSM8940, QCN7605, QCS405, QCS605, SDA845, SDM660, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SXR11302019-12-187.2CVE-2019-2304
CONFIRM
qualcomm -- multiple_snapdragon_productsOut of bound access can occur while processing firmware event due to lack of validation of WMI message received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MSM8996AU, Nicobar, QCA6574AU, QCN7605, QCS405, SDM630, SDM636, SDM660, SDM845, SM6150, SM7150, SM81502019-12-187.2CVE-2019-10601
CONFIRM
qualcomm -- multiple_snapdragon_products
 
When a fake broadcast/multicast 11w rmf without mmie received, since no proper length check in wma_process_bip, buffer overflow will happen in both cds_is_mmie_valid and qdf_nbuf_trim_tail in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8937, MSM8996AU, MSM8998, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS605, SDM630, SDM636, SDM660, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR11302019-12-187.2CVE-2018-11980
CONFIRM
qualcomm -- multiple_snapdragon_products
 
Out of bound write can happen in WMI firmware event handler due to lack of validation of data received from WLAN firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCA9980, QCN7605, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SXR11302019-12-187.2CVE-2019-10480
CONFIRM
qualcomm -- multiple_snapdragon_products
 
Device memory may get corrupted because of buffer overflow/underflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8016, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SM6150, SM7150, SXR11302019-12-1810CVE-2019-2242
CONFIRM
qualcomm -- multiple_snapdragon_products
 
Improper Access Control for RPU write access from secure processor in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8017, APQ8053, APQ8098, IPQ8074, MDM9150, MDM9650, MDM9655, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998, Nicobar, QCA8081, QCN7605, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX55, SM6150, SM7150, SM8150, SXR11302019-12-187.2CVE-2019-2274
CONFIRM
qualcomm -- multiple_snapdragon_products
 
Out of bounds memcpy can occur by providing the embedded NULL character string and length greater than the actual string length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8996, MSM8996AU, QCA4531, QCA8081, QCA9531, QCA9558, QCA9886, QCA9980, QCN7605, QCS605, SDA660, SDX20, SDX24, SDX55, SM8150, SXR11302019-12-187.2CVE-2019-10607
CONFIRM
qualcomm -- multiple_snapdragon_products
 
Out of bound access can occur while processing peer info in IBSS connection mode due to lack of upper bounds check to ensure that for loop further will not cause an overflow in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8096AU, MDM9607, MSM8996AU, QCA6574AU, QCN7605, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR11302019-12-187.2CVE-2019-10598
CONFIRM
qualcomm -- multiple_snapdragon_products
 
Possible buffer overwrite in message handler due to lack of validation of tid value calculated from packets received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8064, APQ8096AU, IPQ4019, IPQ8064, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909, MSM8909W, MSM8939, MSM8996AU, QCA4531, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCA9558, QCA9880, QCA9886, QCA9980, SDA660, SDM630, SDM636, SDM660, SDX20, SDX242019-12-187.2CVE-2019-10595
CONFIRM
qualcomm -- multiple_snapdragon_products
 
Use of local variable as argument to netlink CB callback goes out of it scope when callback triggered lead to invalid stack memory in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCA8081, QCS405, QCS605, QM215, SA6155P, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR21302019-12-187.2CVE-2019-10600
CONFIRM
red_hat -- edeploy
 
eDeploy has tmp file race condition flaws2019-12-159.3CVE-2014-3701
REDHAT
MISC
MISC
red_hat -- edeploy
 
eDeploy has RCE via cPickle deserialization of untrusted data2019-12-157.5CVE-2014-3699
REDHAT
MISC
MISC
xfig -- fig2devread_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write.2019-12-157.5CVE-2019-19797
MISC

Back to top

 

Medium Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
apache -- incubator_superset
 
In Apache Incubator Superset before 0.31 user could query database metadata information from a database he has no access to, by using a specially crafted complex query.2019-12-165CVE-2019-12413
MISC
apache -- incubator_superset
 
In Apache Incubator Superset before 0.32, a user can view database names that he has no access to on a dropdown list in SQLLab2019-12-165CVE-2019-12414
MISC
apple -- ios
 
A logic issue was addressed with improved state management. This issue is fixed in iOS 13. Visiting a malicious website may lead to address bar spoofing.2019-12-184.3CVE-2019-8727
MISC
apple -- ios
 
A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in iOS 12.2. A device may be passively tracked by its WiFi MAC address.2019-12-185CVE-2019-8567
MISC
apple -- ios
 
A permissions issue existed in which execute permission was incorrectly granted. This issue was addressed with improved permission validation. This issue is fixed in iOS 13. Processing a maliciously crafted file may disclose user information.2019-12-184.3CVE-2019-8731
MISC
apple -- ios
 
A logic issue existed with the display of notification previews. This issue was addressed with improved validation. This issue is fixed in iOS 13. Notification previews may show on Bluetooth accessories even when previews are disabled.2019-12-185CVE-2019-8711
MISC
apple -- ios
 
An access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 12.3. A sandboxed process may be able to circumvent sandbox restrictions.2019-12-186.8CVE-2019-8617
MISC
apple -- ios
 
A permissions issue existed in the handling of motion and orientation data. This issue was addressed with improved restrictions. This issue is fixed in iOS 12.2. A website may be able to access sensor information without user consent.2019-12-184.3CVE-2019-8554
MISC
apple -- ios_and_macos_mojave
 
This issue was addressed with improved checks. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6. A remote attacker may be able to leak memory.2019-12-185CVE-2019-8663
MISC
MISC
apple -- ios_and_safari
 
A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13. Processing maliciously crafted web content may lead to universal cross site scripting.2019-12-184.3CVE-2019-8674
MISC
MISC
apple -- ios_and_tvos
 
A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue is fixed in iOS 12.4, tvOS 12.4. A malicious application may be able to restrict access to websites.2019-12-184.3CVE-2019-8698
MISC
MISC
apple -- ios_and_watchos
 
A denial of service issue was addressed with improved validation. This issue is fixed in iOS 12.4, watchOS 5.3. A remote attacker may cause an unexpected application termination.2019-12-185CVE-2019-8665
MISC
MISC
apple -- ios_and_watchos
 
An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, watchOS 5.2.1. Processing a maliciously crafted message may lead to a denial of service.2019-12-184.3CVE-2019-8626
MISC
MISC
apple -- macos_catalina
 
"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items.2019-12-185CVE-2019-8768
MISC
apple -- macos_catalina
 
The issue was addressed with improved permissions logic. This issue is fixed in macOS Catalina 10.15. A malicious application may be able to access recent documents.2019-12-184.3CVE-2019-8770
MISC
apple -- macos_catalina
 
An issue existed in the handling of links in encrypted PDFs. This issue was addressed by adding a confirmation prompt. This issue is fixed in macOS Catalina 10.15. An attacker may be able to exfiltrate the contents of an encrypted PDF.2019-12-185CVE-2019-8772
MISC
apple -- macos_catalina_and_tvos
 
A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15, tvOS 13. Processing a maliciously crafted movie may result in the disclosure of process memory.2019-12-184.3CVE-2019-8705
MISC
apple -- macos_mojave
 
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.6. The encryption status of a Time Machine backup may be incorrect.2019-12-185CVE-2019-8667
MISC
apple -- macos_mojave
 
This issue was addressed with improved handling of file metadata. This issue is fixed in macOS Mojave 10.14.4. A malicious application may bypass Gatekeeper checks.2019-12-184.6CVE-2019-6239
MISC
MISC
apple -- macos_mojave
 
A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.5. An application may be able to read restricted memory.2019-12-186.8CVE-2019-8603
MISC
apple -- macos_mojave
 
An authentication issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.5. A user may be unexpectedly logged in to another user?s account.2019-12-186.5CVE-2019-8634
MISC
apple -- macos_mojave
 
A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.4. A malicious application may be able to elevate privileges.2019-12-186.8CVE-2019-8561
MISC
apple -- macos_mojave
 
A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.6. An application may be able to read restricted memory.2019-12-184.3CVE-2019-8693
MISC
apple -- macos_mojave
 
This issue was addressed with improved checks. This issue is fixed in macOS Mojave 10.14.5. A malicious application may bypass Gatekeeper checks.2019-12-184.3CVE-2019-8589
MISC
apple -- macos_mojave_and_safari
 
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.6, Safari 12.1.2. Visiting a malicious website may lead to address bar spoofing.2019-12-184.3CVE-2019-8670
MISC
MISC
apple -- multiple_products
 
A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting.2019-12-184.3CVE-2019-8690
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. A remote attacker may be able to leak memory.2019-12-185CVE-2019-8787
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8822
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8821
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8820
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8819
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8812
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8678
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A local user may be able to cause unexpected system termination or read kernel memory.2019-12-186.6CVE-2019-8576
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.1 and iPadOS 13.1, tvOS 13, Safari 13.0.1, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8763
MISC
MISC
MISC
apple -- multiple_products
 
A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting.2019-12-184.3CVE-2019-8625
MISC
MISC
MISC
apple -- multiple_products
 
An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A malicious application may be able to read restricted memory.2019-12-184.3CVE-2019-8598
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-184.3CVE-2019-8597
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
A logic issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting.2019-12-184.3CVE-2019-8658
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8735
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8595
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8596
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8563
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8686
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting.2019-12-184.3CVE-2019-8649
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8811
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. A remote attacker may be able to leak memory.2019-12-185CVE-2019-8646
MISC
MISC
MISC
MISC
apple -- multiple_products
 
A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. A device may be passively tracked by its WiFi MAC address.2019-12-185CVE-2019-8620
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8609
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8594
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8687
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A malicious application may be able to read restricted memory.2019-12-184.3CVE-2019-8560
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8823
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. Parsing a maliciously crafted office document may lead to an unexpected application termination or arbitrary code execution.2019-12-186.8CVE-2019-8657
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8586
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-184.3CVE-2019-8615
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8584
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8673
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows. A sandboxed process may be able to circumvent sandbox restrictions.2019-12-186.8CVE-2019-8562
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8608
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8559
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8558
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8556
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2. Clicking a malicious SMS link may lead to arbitrary code execution.2019-12-186.8CVE-2019-8553
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8571
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to universal cross site scripting.2019-12-184.3CVE-2019-8813
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting.2019-12-184.3CVE-2019-8719
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8601
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8622
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8681
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8623
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8677
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8611
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
An input validation issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. An application may be able to gain elevated privileges.2019-12-186.8CVE-2019-8577
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8683
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8610
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8680
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8628
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8644
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. Processing a maliciously crafted movie file may lead to arbitrary code execution.2019-12-186.8CVE-2019-8585
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8671
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8679
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_products
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8666
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- safari
 
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 13.0.1. Visiting a malicious website may lead to user interface spoofing.2019-12-184.3CVE-2019-8654
MISC
apple -- safari
 
The issue was addressed with improved handling of service worker lifetime. This issue is fixed in Safari 13.0.1. Service workers may leak private browsing history.2019-12-185CVE-2019-8725
MISC
apple -- watchos
 
This issue was addressed with improved checks. This issue is fixed in watchOS 5.3. Users removed from an iMessage conversation may still be able to alter state.2019-12-185CVE-2019-8659
MISC
apple -- watchos
 
An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 5.3. A remote attacker may be able to leak memory.2019-12-185CVE-2019-8624
MISC
apple -- watchos
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8765
MISC
apple -- watchos
 
A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to universal cross site scripting.2019-12-184.3CVE-2019-8764
MISC
apple -- watchos
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8743
MISC
apple -- watchos_and_icloud_for_windows
 
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-186.8CVE-2019-8766
MISC
MISC
atlassian -- jira
 
The WorkflowResource class removeStatus method in Jira before version 7.13.12, from version 8.0.0 before version 8.4.3, and from version 8.5.0 before version 8.5.2 allows authenticated remote attackers who do not have project administration access to remove a configured issue status from a project via a missing authorisation check.2019-12-184CVE-2019-15013
MISC
atlassian -- multiple_products
 
An issue was discovered in the SAML Single Sign On (SSO) plugin for several Atlassian products affecting versions 3.1.0 through 3.2.2 for Jira and Confluence, versions 2.4.0 through 3.0.3 for Bitbucket, and versions 2.4.0 through 2.5.2 for Bamboo. It allows locally disabled users to reactivate their accounts just by browsing the affected Jira/Confluence/Bitbucket/Bamboo instance, even when the applicable configuration option of the plugin has been disabled ("Reactivate inactive users"). Exploiting this vulnerability requires an attacker to be authorized by the identity provider and requires that the plugin's configuration option "User Update Method" have the "Update from SAML Attributes" value.2019-12-136CVE-2019-13347
MISC
MISC
centos-webpanel -- centos_web_panel
 
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.864 allows an attacker to get a victim's session file name from /home/[USERNAME]/tmp/session/sess_xxxxxx, and the victim's token value from /usr/local/cwpsrv/logs/access_log, then use them to gain access to the victim's password (for the OS and phpMyAdmin) via an attacker account. This is different from CVE-2019-14782.2019-12-174CVE-2019-15235
MISC
MISC
centos-webpanel -- centos_web_panel
 
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.856 through 0.9.8.864 allows an attacker to get a victim's session file name from the /tmp directory, and the victim's token value from /usr/local/cwpsrv/logs/access_log, then use them to make a request to extract the victim's password (for the OS and phpMyAdmin) via an attacker account.2019-12-174CVE-2019-14782
MISC
MISC
contao -- contao
 
Contao 4.8.4 and 4.8.5 has Improper Encoding or Escaping of Output. It is possible to inject insert tags into the login module which will be replaced when the page is rendered.2019-12-175CVE-2019-19714
MISC
CONFIRM
contao -- contao
 
Contao 4.0 through 4.8.5 allows PHP local file inclusion. A back end user with access to the form generator can upload arbitrary files and execute them on the server.2019-12-176.5CVE-2019-19745
MISC
CONFIRM
coredns -- coredns
 
The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries.2019-12-134.3CVE-2019-19794
MISC
CONFIRM
MISC
MISC
MISC
docker -- docker_engine_and_cs_docker_engine
 
Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 does not properly validate and extract the manifest object from its JSON representation during a pull, which allows attackers to inject new attributes in a JSON object and bypass pull-by-digest validation.2019-12-175CVE-2014-8179
MISC
MISC
MISC
MISC
MISC
CONFIRM
dovecot -- dovecot
 
In Dovecot before 2.3.9.2, an attacker can crash a push-notification driver with a crafted email when push notifications are used, because of a NULL Pointer Dereference. The email must use a group address as either the sender or the recipient.2019-12-135CVE-2019-19722
CONFIRM
CONFIRM
CONFIRM
CONFIRM
duplicity -- duplicity
 
duplicity 0.6.24 has improper verification of SSL certificates2019-12-135CVE-2014-3495
MISC
MISC
MISC
MISC
elog -- elog
 
ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can recover a user's password hash by sending a crafted HTTP POST request.2019-12-175CVE-2019-3993
MISC
elog -- elog
 
ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a use after free. A remote unauthenticated attacker can crash the ELOG server by sending multiple HTTP POST requests which causes the ELOG function retrieve_url() to use a freed variable.2019-12-175CVE-2019-3994
MISC
elog -- elog
 
ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a NULL pointer dereference. A remote unauthenticated attacker can crash the ELOG server by sending a crafted HTTP GET request.2019-12-175CVE-2019-3995
MISC
elog-- elog
 
ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can access the server's configuration file by sending an HTTP GET request. Amongst the configuration data, the attacker may gain access to valid admin usernames and, in older versions of ELOG, passwords.2019-12-175CVE-2019-3992
MISC
envoy_proxy -- envoy
 
An issue was discovered in Envoy 1.12.0. Upon receipt of a malformed HTTP request without a Host header, it sends an internally generated "Invalid request" response. This internally generated response is dispatched through the configured encoder filter chain before being sent to the client. An encoder filter that invokes route manager APIs that access a request's Host header causes a NULL pointer dereference, resulting in abnormal termination of the Envoy process.2019-12-135CVE-2019-18838
MISC
MISC
CONFIRM
MISC
huawei -- campusinsight
 
There is an out-of-bounds read vulnerability in the Advanced Packages feature of the Gauss100 OLTP database in CampusInsight before V100R019C00SPC200. Attackers who gain the specific permission can use this vulnerability by sending elaborate SQL statements to the database. Successful exploit of this vulnerability may cause the database to crash.2019-12-134CVE-2019-5278
MISC
huawei -- cloudengine
 
CloudEngine 12800 has a DoS vulnerability. An attacker of a neighboring device sends a large number of specific packets. As a result, a memory leak occurs after the device uses the specific packet. As a result, the attacker can exploit this vulnerability to cause DoS attacks on the target device.2019-12-136.1CVE-2019-5248
MISC
huawei -- cloudusm-eua_product
 
Huawei CloudUSM-EUA V600R006C10;V600R019C00 have an information leak vulnerability. Due to improper configuration, the attacker may cause information leak by successful exploitation.2019-12-135CVE-2019-5277
MISC
huawei -- mate_20_pro_smartphones
 
Mate 20 Pro smartphones with versions earlier than 9.1.0.135(C00E133R3P1) have an improper authorization vulnerability. The software does not properly restrict certain operation of certain privilege, the attacker could trick the user into installing a malicious application before the user turns on student mode function. Successful exploit could allow the attacker to bypass the limit of student mode function.2019-12-136.8CVE-2019-5250
MISC
huawei -- multiple_products
 
There is a weak algorithm vulnerability in some Huawei products. The affected products use weak algorithms by default. Attackers may exploit the vulnerability to cause information leaks.2019-12-135CVE-2019-19397
MISC
huawei -- multiple_products
 
Some Huawei products have an insufficient verification of data authenticity vulnerability. A remote, unauthenticated attacker has to intercept specific packets between two devices, modify the packets, and send the modified packets to the peer device. Due to insufficient verification of some fields in the packets, an attacker may exploit the vulnerability to cause the target device to be abnormal.2019-12-134.3CVE-2019-5291
MISC
huawei -- multiple_products
 
Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal.2019-12-135CVE-2019-5254
MISC
huawei -- multiple_smartphones
 
There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure.2019-12-134.3CVE-2019-5251
MISC
huawei -- s5700_and_s6700_devices
 
Huawei S5700 and S6700 have a DoS security vulnerability. Attackers with certain permissions perform specific operations on affected devices. Because the pointer in the program is not processed properly, the vulnerability can be exploited to cause the device to be abnormal.2019-12-134CVE-2019-5290
MISC
huawei -- y9_2019_and_honor_view_20_smartphones
 
Huawei smartphones HUAWEI Y9 2019 and Honor View 20 have a denial of service vulnerability. Due to insufficient input validation of specific value when parsing the messages, an attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices to exploit this vulnerability. Successful exploit may cause an infinite loop and the device to reboot.2019-12-136.1CVE-2019-5260
MISC
ibm -- api_connect
 
IBM API Connect 2018.4.1.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 168510.2019-12-185CVE-2019-4609
XF
CONFIRM
ibm -- financial_transaction_manager
 
IBM Financial Transaction Manager 3.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 172882.2019-12-204.3CVE-2019-4744
XF
CONFIRM
ibm -- financial_transaction_manager
 
IBM Financial Transaction Manager 3.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 172880.2019-12-204.3CVE-2019-4743
XF
CONFIRM
ibm -- mq_and_mq_appliance
 
IBM MQ and IBM MQ Appliance 9.1 CD, 9.1 LTS, 9.0 LTS, and 8.0 is vulnerable to a denial of service attack caused by channels processing poorly formatted messages. IBM X-Force ID: 166357.2019-12-164CVE-2019-4560
XF
CONFIRM
imagemagick -- imagemagick
 
imagemagick 6.8.9.6 has remote DOS via infinite loop2019-12-154.3CVE-2014-8561
MISC
MISC
MISC
MISC
MISC
intel -- control_center-i
 
Unquoted service path in Control Center-I version 2.1.0.0 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access.2019-12-164.6CVE-2019-14599
MISC
jenkins -- jenkins
 
A missing permission check in Jenkins Alauda DevOps Pipeline Plugin 2.3.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.2019-12-174CVE-2019-16574
MLIST
CONFIRM
jenkins -- jenkins
 
A cross-site request forgery vulnerability in Jenkins Team Concert Plugin 1.3.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.2019-12-176.8CVE-2019-16565
MLIST
CONFIRM
jenkins -- jenkins
 
A missing permission check in Jenkins Team Concert Plugin 1.3.0 and earlier in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins.2019-12-174CVE-2019-16567
MLIST
CONFIRM
jenkins -- jenkins
 
A missing permission check in Jenkins RapidDeploy Plugin 4.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server.2019-12-174CVE-2019-16571
MLIST
CONFIRM
jenkins -- jenkins
 
Jenkins WebSphere Deployer Plugin 1.6.1 and earlier allows users with Overall/Read access to disable SSL/TLS certificate and hostname validation for the entire Jenkins master JVM.2019-12-175.5CVE-2019-16561
MLIST
CONFIRM
jenkins -- jenkins
 
A cross-site request forgery vulnerability in Jenkins Alauda DevOps Pipeline Plugin 2.3.2 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.2019-12-176.8CVE-2019-16573
MLIST
CONFIRM
jenkins -- jenkins
 
Jenkins SCTMExecutor Plugin 2.2 and earlier transmits previously configured service credentials in plain text as part of the global configuration, as well as individual jobs' configurations.2019-12-175CVE-2019-16568
MLIST
CONFIRM
jenkins -- jenkins
 
A cross-site request forgery vulnerability in Jenkins Mantis Plugin 0.26 and earlier allows attackers to connect to an attacker-specified web server using attacker-specified credentials.2019-12-174.3CVE-2019-16569
MLIST
CONFIRM
jenkins -- jenkins
 
A missing permission check in Jenkins Alauda Kubernetes Suport Plugin 2.3.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing the Kubernetes service account token or credentials stored in Jenkins.2019-12-174CVE-2019-16576
MLIST
CONFIRM
jenkins -- jenkins
 
A cross-site request forgery vulnerability in Jenkins Alauda Kubernetes Suport Plugin 2.3.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing the Kubernetes service account token or credentials stored in Jenkins.2019-12-176.8CVE-2019-16575
MLIST
CONFIRM
jenkins -- jenkins
 
A missing permission check in Jenkins Team Concert Plugin 1.3.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.2019-12-174CVE-2019-16566
MLIST
CONFIRM
jenkins -- jenkins
 
A cross-site request forgery vulnerability in Jenkins RapidDeploy Plugin 4.1 and earlier allows attackers to connect to an attacker-specified web server.2019-12-176.8CVE-2019-16570
MLIST
CONFIRM
jersey -- jersey
 
jersey: XXE via parameter entities not disabled by the jersey SAX parser2019-12-155CVE-2014-3643
REDHAT
MISC
joomla -- joomla!
 
In Joomla! before 3.9.14, a missing access check in framework files could lead to a path disclosure.2019-12-185CVE-2019-19845
MISC
knot-resolver -- knot-resolver
 
knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for each such uncached message. For example, a few thousand A records can be squashed into one DNS message (limit is 64kB).2019-12-165CVE-2019-19331
CONFIRM
MISC
libsixel_project -- libsixel
 
stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has a heap-based buffer over-read in stbi__load_main.2019-12-136.8CVE-2019-19777
MISC
libsixel_project -- libsixel
 
An issue was discovered in libsixel 1.8.2. There is a heap-based buffer over-read in the function load_sixel at loader.c.2019-12-136.8CVE-2019-19778
MISC
linux -- linux_kernel
 
In the Linux kernel before 5.3.11, sound/core/timer.c has a use-after-free caused by erroneous code refactoring, aka CID-e7af6307a8a5. This is related to snd_timer_open and snd_timer_close_locked. The timeri variable was originally intended to be for a newly created timer instance, but was used for a different purpose after refactoring.2019-12-154.9CVE-2019-19807
MISC
MISC
MISC
linux -- linux_kernel
 
In the Linux kernel before 5.4.2, the io_uring feature leads to requests that inadvertently have UID 0 and full capabilities, aka CID-181e448d8709. This is related to fs/io-wq.c, fs/io_uring.c, and net/socket.c. For example, an attacker can bypass intended restrictions on adding an IPv4 address to the loopback interface. This occurs because IORING_OP_SENDMSG operations, although requested in the context of an unprivileged user, are sometimes performed by a kernel worker thread without considering that context.2019-12-174.6CVE-2019-19241
MISC
MISC
MISC
MISC
lout -- lout
 
Lout 3.40 has a heap-based buffer overflow in the srcnext() function in z02.c.2019-12-206.8CVE-2019-19918
MISC
lout -- lout
 
Lout 3.40 has a buffer overflow in the StringQuotedWord() function in z39.c.2019-12-206.8CVE-2019-19917
MISC
mahara -- mahara
 
Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.4.x before 1.4.3 and 1.5.x before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) javascript innerHTML as used when generating login forms, (2) links or (3) resources URLs, and (4) the Display name in a user profile.2019-12-174.3CVE-2012-2237
MISC
MISC
MISC
MISC
MISC
micro_focus -- arcsight_logger
 
Cross-Site Request Forgery vulnerability in all Micro Focus ArcSight Logger affecting all product versions below version 7.0. The vulnerability could be exploited to perform CSRF attack.2019-12-176.8CVE-2019-11657
MISC
nitro -- nitro_free_pdf_reader
 
The JBIG2Decode library in npdf.dll in Nitro Free PDF Reader 12.0.0.112 has a CAPPDAnnotHandlerUtils::PDAnnotHandlerDestroyData2+0xa08a Out-of-Bounds Read via crafted Unicode content.2019-12-164.3CVE-2019-19818
MISC
MISC
npm -- cli
 
Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It fails to prevent access to folders outside of the intended node_modules folder through the bin field. A properly constructed entry in the package.json bin field would allow a package publisher to modify and/or gain access to arbitrary files on a user?s system when the package is installed. This behavior is still possible through install scripts. This vulnerability bypasses a user using the --ignore-scripts install option.2019-12-135.5CVE-2019-16776
MISC
CONFIRM
npm -- cli
 
Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It is possible for packages to create symlinks to files outside of thenode_modules folder through the bin field upon installation. A properly constructed entry in the package.json bin field would allow a package publisher to create a symlink pointing to arbitrary files on a user?s system when the package is installed. This behavior is still possible through install scripts. This vulnerability bypasses a user using the --ignore-scripts install option.2019-12-134CVE-2019-16775
MISC
CONFIRM
npm -- cli
 
Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For example, if a package was installed globally and created a serve binary, any subsequent installs of packages that also create a serve binary would overwrite the previous serve binary. This behavior is still allowed in local installations and also through install scripts. This vulnerability bypasses a user using the --ignore-scripts install option.2019-12-135.5CVE-2019-16777
MISC
CONFIRM
owncloud -- owncloud
 
Cross-site scripting (XSS) vulnerability in ownCloud 4.5.5, 4.0.10, and earlier allows remote attackers to inject arbitrary web script or HTML via the action parameter to core/ajax/sharing.php.2019-12-174.3CVE-2013-0202
MISC
MISC
pen -- pen
 
Pen 0.18.0 has Insecure Temporary File Creation vulnerabilities2019-12-134.6CVE-2014-2387
MISC
MISC
MISC
MISC
MISC
MISC
MISC
petwant_and_skymee -- pf-103_and_petalk_aiThe udpServerSys service in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to initiate firmware upgrades and alter device settings.2019-12-135CVE-2019-16731
MISC
puppet -- puppet_agent
 
Previous versions of Puppet Agent didn't verify the peer in the SSL connection prior to downloading the CRL. This issue is resolved in Puppet Agent 6.4.0.2019-12-165CVE-2018-11751
MISC
qpid-cpp -- qpid-cpp
 
qpid-cpp: ACL policies only loaded if the acl-file option specified enabling DoS by consuming all available file descriptors2019-12-135CVE-2014-0212
MISC
MISC
MISC
qualcomm -- multiple_snapdragon_products
 
Possibility of out of bound access in debug queue, if packet size field is corrupted in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS405, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR21302019-12-184.6CVE-2019-10584
CONFIRM
red_hat -- cloudforms_management_engine
 
CFME: CSRF protection vulnerability via permissive check of the referrer header2019-12-136.8CVE-2014-0197
MISC
MISC
red_hat -- jboss_keycloak
 
JBoss KeyCloak: Open redirect vulnerability via failure to validate the redirect URL.2019-12-155.8CVE-2014-3652
MISC
MISC
samurai -- samurai
 
samurai 0.7 has a heap-based buffer overflow in canonpath in util.c via a crafted build file.2019-12-136.8CVE-2019-19795
MISC
sap -- treasury_and_risk_management
 
Transaction Management in SAP Treasury and Risk Management (corrected in S4CORE versions 1.01, 1.02, 1.03, 1.04 and EA-FINSERV versions 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.2019-12-176.5CVE-2019-0383
MISC
CONFIRM
sap -- treasury_and_risk_management
 
Transaction Management in SAP Treasury and Risk Management (corrected in S4CORE versions 1.01, 1.02, 1.03, 1.04 and EA-FINSERV versions 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0) does not perform necessary authorization checks for functionalities that require user identity.2019-12-176.5CVE-2019-0384
MISC
CONFIRM
solarwinds -- serv-u_ftp_server
 
A CSV injection vulnerability exists in the web UI of SolarWinds Serv-U FTP Server v15.1.7.2019-12-164CVE-2019-13181
MISC
FULLDISC
MISC
sonicwall -- sma100_devices
 
Vulnerability in SonicWall SMA100 allow unauthenticated user to gain read-only access to unauthorized resources. This vulnerablity impacted SMA100 version 9.0.0.3 and earlier.2019-12-175CVE-2019-7481
CONFIRM
spip -- spip
 
_core_/plugins/medias in SPIP 3.2.x before 3.2.7 allows remote authenticated authors to inject content into the database.2019-12-174CVE-2019-19830
MISC
MISC
DEBIAN
MISC
sqlite -- sqlite
 
exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.2019-12-185CVE-2019-19880
MISC
suphp -- suphp
 
suPHP before 0.7.2 source-highlighting feature allows security bypass which could lead to arbitrary code execution2019-12-134.4CVE-2014-1867
MISC
MISC
MISC
MISC
tematres -- tematres
 
TemaTres 3.0 has reflected XSS via the replace_string or search_string parameter to the vocab/admin.php?doAdmin=bulkReplace URI.2019-12-134.3CVE-2019-14344
MISC
MISC
tibco -- spotfire_analytics_platform_for_aws_marketplace_and_spotfire_server
 
The Spotfire library component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains a vulnerability that theoretically allows an attacker to perform a reflected cross-site scripting (XSS) attack. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace: version 10.6.0 and TIBCO Spotfire Server: versions 7.11.7 and below, versions 7.12.0, 7.13.0, 7.14.0, 10.0.0, 10.0.1, 10.1.0, 10.2.0, 10.2.1, 10.3.0, 10.3.1, 10.3.2, 10.3.3, and 10.3.4, versions 10.4.0, 10.5.0, and 10.6.0.2019-12-174.3CVE-2019-17337
MISC
MISC
typo3 -- typo3
 
An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. Because escaping of user-submitted content is mishandled, the class QueryGenerator is vulnerable to SQL injection. Exploitation requires having the system extension ext:lowlevel installed, and a valid backend user who has administrator privileges.2019-12-176.5CVE-2019-19850
MISC
MISC
veracrypt -- veracrypt
 
VeraCrypt 1.24 allows Local Privilege Escalation during execution of VeraCryptExpander.exe.2019-12-134.6CVE-2019-19501
MISC
MISC
wordpress -- wordpress
 
The quiz-master-next (aka Quiz And Survey Master) plugin before 6.3.5 for WordPress is affected by: Cross Site Scripting (XSS). The impact is: Allows an attacker to execute arbitrary HTML and JavaScript code via the from or till parameter (and/or the quiz_id parameter). The component is: admin/quiz-options-page.php. The attack vector is: When the Administrator is logged in, a reflected XSS may execute upon a click on a malicious URL.2019-12-134.3CVE-2019-17599
MISC
MISC
MISC
MISC
yabasic -- yabasic
 
Yabasic 2.86.2 has a heap-based buffer overflow in myformat in function.c via a crafted BASIC source file.2019-12-136.8CVE-2019-19796
MISC
zend_framework -- zend_framework
 
ZF2014-03 has a potential cross site scripting vector in multiple view helpers2019-12-154.3CVE-2014-4913
MISC
MISC
MISC
MISC
MISC
zulip -- zulip_server
 
The image thumbnailing handler in Zulip Server versions 1.9.0 to before 2.0.8 allowed an open redirect that was visible to logged-in users.2019-12-185.8CVE-2019-19775
CONFIRM
CONFIRM

Back to top

 

Low Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
altn -- mdaemon_email_serverMDaemon Email Server 17.5.1 allows XSS via the filename of an attachment to an email message.2019-12-173.5CVE-2019-19497
MISC
MISC
apple -- iosA logic issue was addressed with improved restrictions. This issue is fixed in iOS 12.3. A person with physical access to an iOS device may be able to see the email address used for iTunes.2019-12-182.1CVE-2019-8599
MISC
apple -- ios
 
The issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 13. A person with physical access to an iOS device may be able to access contacts from the lock screen.2019-12-182.1CVE-2019-8742
MISC
apple -- ios_and_watchos
 
The issue was addressed with improved UI handling. This issue is fixed in iOS 12.4, watchOS 5.3. A user may inadvertently complete an in-app purchase while on the lock screen.2019-12-182.1CVE-2019-8682
MISC
MISC
apple -- macos_mojaveMultiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.4. Processing malicious data may lead to unexpected application termination.2019-12-182.1CVE-2019-8507
MISC
apple -- macos_mojaveA validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.6. An application may be able to read restricted memory.2019-12-182.1CVE-2019-8691
MISC
apple -- macos_mojave
 
An access issue was addressed with improved memory management. This issue is fixed in macOS Mojave 10.14.4. A local user may be able to view a user?s locked notes.2019-12-182.1CVE-2019-8537
MISC
apple -- macos_mojave
 
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Mojave 10.14.4. A malicious application may be able to read restricted memory.2019-12-182.1CVE-2019-8520
MISC
apple -- macos_mojave
 
A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.6. An application may be able to read restricted memory.2019-12-182.1CVE-2019-8692
MISC
apple -- multiple_products
 
A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A local user may be able to modify protected parts of the file system.2019-12-182.1CVE-2019-8568
MISC
MISC
MISC
MISC
apple -- multiple_products
 
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout.2019-12-182.1CVE-2019-8510
MISC
MISC
MISC
MISC
apple -- multiple_products
 
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout.2019-12-182.1CVE-2019-6207
MISC
MISC
MISC
MISC
apple -- tvos
 
An authentication issue was addressed with improved state management. This issue is fixed in tvOS 13. A local user may be able to leak sensitive user information.2019-12-182.1CVE-2019-8704
MISC
MISC
hammer_cli_foreman_gem_for_ruby_on_rails -- hammer_cli_foreman_gem_for_ruby_on_railsrubygem-hammer_cli_foreman: File /etc/hammer/cli.modules.d/foreman.yml world readable2019-12-132.1CVE-2014-0241
MISC
MISC
ibm -- api_connect
 
IBM API Connect 2018.1 through 2018.4.1.7 Developer Portal's user registration page does not disable password autocomplete. An attacker with access to the browser instance and local system credentials can steal the credentials used for registration. IBM X-Force ID: 163453.2019-12-162.1CVE-2019-4444
XF
CONFIRM
ibm -- case_builder_and_case_managerThe Case Builder component shipped with 18.0.0.1 through 19.0.0.2 and IBM Case Manager 5.1.1 through 5.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 162772.2019-12-133.5CVE-2019-4426
XF
CONFIRM
CONFIRM
jenkins -- jenkinsJenkins buildgraph-view Plugin 1.8 and earlier does not escape the description of builds shown in its view, resulting in a stored XSS vulnerability exploitable by users able to change build descriptions.2019-12-173.5CVE-2019-16562
MLIST
CONFIRM
jenkins -- jenkinsJenkins Weibo Plugin 1.0.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.2019-12-172.1CVE-2019-16572
MLIST
CONFIRM
jenkins -- jenkinsJenkins Pipeline Aggregator View Plugin 1.8 and earlier does not escape information shown on its view, resulting in a stored XSS vulnerability exploitable by attackers able to affects view content such as job display name or pipeline stage names.2019-12-173.5CVE-2019-16564
MLIST
CONFIRM
jenkins -- jenkinsJenkins Mission Control Plugin 0.9.16 and earlier does not escape job display names and build names shown on its view, resulting in a stored XSS vulnerability exploitable by attackers able to change these properties.2019-12-173.5CVE-2019-16563
MLIST
CONFIRM
red_hat -- cloudforms_management_engineCFME (CloudForms Management Engine) 5: RHN account information is logged to top_output.log during registration2019-12-152.1CVE-2014-3536
MISC
MISC
solarwinds -- serv-u_ftp_serverA stored cross-site scripting (XSS) vulnerability exists in the web UI of SolarWinds Serv-U FTP Server 15.1.7.2019-12-163.5CVE-2019-13182
MISC
FULLDISC
MISC

Back to top

 

Severity Not Yet Assigned

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
3s-smart -- multiple_codesys_products3S-Smart CODESYS SP Realtime NT before V2.3.7.28, CODESYS Runtime Toolkit 32 bit full before V2.4.7.54, and CODESYS PLCWinNT before V2.4.7.54 allow a NULL pointer dereference.2019-12-20not yet calculatedCVE-2019-19789
CONFIRM
MISC
abb -- pb610_panel_builder_600The HMISimulator component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier fails to validate the content-length field for HTTP requests, exposing HMISimulator to denial of service via crafted HTTP requests manipulating the content-length setting.2019-12-18not yet calculatedCVE-2019-18995
MISC
abb -- pb610_panel_builder_600The HMISimulator component of ABB PB610 Panel Builder 600 uses the readFile/writeFile interface to manipulate the work file. Path configuration in PB610 HMISimulator versions 2.8.0.424 and earlier potentially allows access to files outside of the working directory, thus potentially supporting unauthorized file access.2019-12-18not yet calculatedCVE-2019-18997
MISC
abb -- pb610_panel_builder_600Due to a lack of file length check, the HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier crashes when trying to load an empty *.JPR application file. An attacker with access to the file system might be able to cause application malfunction such as denial of service.2019-12-18not yet calculatedCVE-2019-18994
MISC
abb -- pb610_panel_builder_600Path settings in HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier accept DLLs outside of the program directory, potentially allowing an attacker with access to the local file system the execution of code in the application?s context.2019-12-18not yet calculatedCVE-2019-18996
MISC
acer -- quick_accessIn the Quick Access Service (QAAdminAgent.exe) in Acer Quick Access V2.01.3000 through 2.01.3027 and V3.00.3000 through V3.00.3008, a REGULAR user can load an arbitrary unsigned DLL into the signed service's process, which is running as NT AUTHORITY\SYSTEM. This is a DLL Hijacking vulnerability (including search order hijacking, which searches for the missing DLL in the PATH environment variable), which is caused by an uncontrolled search path element for nvapi.dll, atiadlxx.dll, or atiadlxy.dll.2019-12-17not yet calculatedCVE-2019-18670
MISC
CONFIRM
adobe -- coldfusionColdFusion versions Update 6 and earlier have an insecure inherited permissions of default installation directory vulnerability. Successful exploitation could lead to privilege escalation.2019-12-19not yet calculatedCVE-2019-8256
CONFIRM
adobe -- acrobat_and_readerAdobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .2019-12-19not yet calculatedCVE-2019-16448
CONFIRM
adobe -- acrobat_and_readerAdobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .2019-12-19not yet calculatedCVE-2019-16457
CONFIRM
adobe -- acrobat_and_readerAdobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .2019-12-19not yet calculatedCVE-2019-16464
CONFIRM
adobe -- acrobat_and_readerAdobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have a security bypass vulnerability. Successful exploitation could lead to arbitrary code execution.2019-12-19not yet calculatedCVE-2019-16453
CONFIRM
adobe -- acrobat_and_readerAdobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .2019-12-19not yet calculatedCVE-2019-16452
CONFIRM
adobe -- acrobat_and_readerAdobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .2019-12-19not yet calculatedCVE-2019-16449
CONFIRM
adobe -- acrobat_and_readerAdobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .2019-12-19not yet calculatedCVE-2019-16465
CONFIRM
adobe -- acrobat_and_readerAdobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have a binary planting (default folder privilege escalation) vulnerability. Successful exploitation could lead to privilege escalation.2019-12-19not yet calculatedCVE-2019-16444
CONFIRM
adobe -- acrobat_and_readerAdobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .2019-12-19not yet calculatedCVE-2019-16445
CONFIRM
adobe -- acrobat_and_readerAdobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .2019-12-19not yet calculatedCVE-2019-16456
CONFIRM
adobe -- acrobat_and_readerAdobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .2019-12-19not yet calculatedCVE-2019-16451
CONFIRM
adobe -- acrobat_and_readerAdobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .2019-12-19not yet calculatedCVE-2019-16450
CONFIRM
adobe -- acrobat_and_readerAdobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .2019-12-19not yet calculatedCVE-2019-16463
CONFIRM
adobe -- acrobat_and_readerAdobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .2019-12-19not yet calculatedCVE-2019-16459
CONFIRM
adobe -- acrobat_and_readerAdobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .2019-12-19not yet calculatedCVE-2019-16461
CONFIRM
adobe -- acrobat_and_readerAdobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .2019-12-19not yet calculatedCVE-2019-16455
CONFIRM
adobe -- acrobat_and_readerAdobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .2019-12-19not yet calculatedCVE-2019-16454
CONFIRM
adobe -- acrobat_and_readerAdobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .2019-12-19not yet calculatedCVE-2019-16458
CONFIRM
adobe -- acrobat_and_readerAdobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution .2019-12-19not yet calculatedCVE-2019-16462
CONFIRM
adobe -- acrobat_and_readerAdobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .2019-12-19not yet calculatedCVE-2019-16446
CONFIRM
adobe -- acrobat_and_readerAdobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .2019-12-19not yet calculatedCVE-2019-16460
CONFIRM
adobe -- bracketsBrackets versions 1.14 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.2019-12-19not yet calculatedCVE-2019-8255
CONFIRM
adobe -- photoshop_ccAdobe Photoshop CC versions before 20.0.8 and 21.0.x before 21.0.2 have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.2019-12-19not yet calculatedCVE-2019-8253
CONFIRM
adobe -- photoshop_ccAdobe Photoshop CC versions before 20.0.8 and 21.0.x before 21.0.2 have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.2019-12-19not yet calculatedCVE-2019-8254
CONFIRM
apache -- http_serverA Path traversal exists in http_server which allows an attacker to read arbitrary system files.2019-12-18not yet calculatedCVE-2019-15600
MISC
apache -- log4jIncluded in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17.2019-12-20not yet calculatedCVE-2019-17571
CONFIRM
apache -- xerces-cThe Apache Xerces-C 3.0.0 to 3.2.2 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via the DOM using a standard parser feature, or via SAX using the XERCES_DISABLE_DTD environment variable.2019-12-18not yet calculatedCVE-2018-1311
CONFIRM
apple -- macos_catalinaA validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue is fixed in macOS Catalina 10.15.1. An application may be able to execute arbitrary code with system privileges.2019-12-18not yet calculatedCVE-2019-8805
MISC
apple -- macos_catalinaA validation issue was addressed with improved input sanitization. This issue is fixed in macOS Catalina 10.15.1. An application may be able to read restricted memory.2019-12-18not yet calculatedCVE-2019-8817
MISC
apple -- macos_catalinaA memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15. An application may be able to execute arbitrary code with system privileges.2019-12-18not yet calculatedCVE-2019-8701
MISC
apple -- icloud_for_windowsMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-18not yet calculatedCVE-2019-8710
MISC
apple -- iosA logic issue existed in the handling of answering phone calls. The issue was addressed with improved state management. This issue is fixed in iOS 12.4. The initiator of a phone call may be able to cause the recipient to answer a simultaneous Walkie-Talkie connection.2019-12-18not yet calculatedCVE-2019-8699
MISC
apple -- iosThe issue was addressed with improved UI handling. This issue is fixed in iOS 12.3. The lock screen may show a locked icon after unlocking.2019-12-18not yet calculatedCVE-2019-8630
MISC
apple -- iosThis issue was addressed with improved checks. This issue is fixed in iOS 12.2. Processing a maliciously crafted mail message may lead to S/MIME signature spoofing.2019-12-18not yet calculatedCVE-2019-7284
MISC
apple -- iosA consistency issue was addressed with improved state handling. This issue is fixed in iOS 12.2. A website may be able to access the microphone without the microphone use indicator being shown.2019-12-18not yet calculatedCVE-2019-6222
MISC
apple -- iosAn API issue existed in the handling of microphone data. This issue was addressed with improved validation. This issue is fixed in iOS 12.2. A malicious application may be able to access the microphone without indication to the user.2019-12-18not yet calculatedCVE-2019-8566
MISC
apple -- iosA memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4. An application may be able to execute arbitrary code with kernel privileges.2019-12-18not yet calculatedCVE-2019-7287
MISC
apple -- iosThis issue was addressed with improved transparency. This issue is fixed in iOS 12.2. A user may authorize an enterprise administrator to remotely wipe their device without appropriate disclosure.2019-12-18not yet calculatedCVE-2019-8512
MISC
apple -- iosThis issue was addressed by improving Face ID machine learning models. This issue is fixed in iOS 13. A 3D model constructed to look like the enrolled user may authenticate via Face ID.2019-12-18not yet calculatedCVE-2019-8760
MISC
apple -- ios_and_ipadosA logic issue applied the incorrect restrictions. This issue was addressed by updating the logic to apply the correct restrictions. This issue is fixed in iOS 13.1.1 and iPadOS 13.1.1. Third party app extensions may not receive the correct sandbox restrictions.2019-12-18not yet calculatedCVE-2019-8779
MISC
apple -- ios_and_ipadosThe issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 13.1 and iPadOS 13.1. A person with physical access to an iOS device may be able to access contacts from the lock screen.2019-12-18not yet calculatedCVE-2019-8775
MISC
MISC
apple -- ios_and_ipadosA consistency issue existed in deciding when to show the screen recording indicator. The issue was resolved with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2. A local user may be able to record the screen without a visible screen recording indicator.2019-12-18not yet calculatedCVE-2019-8793
MISC
apple -- ios_and_ipadosAn inconsistency in Wi-Fi network configuration settings was addressed. This issue is fixed in iOS 13.2 and iPadOS 13.2. An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup.2019-12-18not yet calculatedCVE-2019-8804
MISC
apple -- ios_and_ipados_and_macos_catalinaAn issue existed in the drawing of web page elements. The issue was addressed with improved logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history.2019-12-18not yet calculatedCVE-2019-8769
MISC
apple -- ios_and_ipados_and_macos_catalinaAn issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1. Improper URL processing may lead to data exfiltration.2019-12-18not yet calculatedCVE-2019-8788
MISC
MISC
apple -- ios_and_ipados_and_macos_catalinaA validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1. Parsing a maliciously crafted iBooks file may lead to disclosure of user information.2019-12-18not yet calculatedCVE-2019-8789
MISC
MISC
apple -- ios_and_ipados_and_tvosA memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2. An application may be able to execute arbitrary code with system privileges.2019-12-18not yet calculatedCVE-2019-8795
MISC
MISC
apple -- ios_and_macos_mojaveThis issue was addressed with improved checks. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A malicious application may be able to overwrite arbitrary files.2019-12-18not yet calculatedCVE-2019-8521
MISC
MISC
apple -- ios_and_macos_mojaveA memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A local user may be able to read kernel memory.2019-12-18not yet calculatedCVE-2019-8504
MISC
MISC
apple -- ios_and_macos_mojaveA memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. An application may be able to execute arbitrary code with kernel privileges.2019-12-18not yet calculatedCVE-2019-8529
MISC
MISC
apple -- ios_and_macos_mojaveA memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4, macOS Mojave 10.14.3 Supplemental Update. An application may be able to gain elevated privileges.2019-12-18not yet calculatedCVE-2019-7286
MISC
MISC
MISC
MISC
apple -- ios_and_macos_mojave_and_tvosAn access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A local user may be able to view sensitive user information.2019-12-18not yet calculatedCVE-2019-8546
MISC
MISC
MISC
apple -- ios_and_macos_mojave_and_tvosThis issue was addressed with improved checks. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2. A malicious application may be able to overwrite arbitrary files.2019-12-18not yet calculatedCVE-2019-8530
MISC
MISC
MISC
apple -- ios_and_macos_mojave_and_watchosA buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A malicious application may be able to elevate privileges.2019-12-18not yet calculatedCVE-2019-8511
MISC
MISC
MISC
apple -- ios_and_macos_mojave_and_watchosAn issue existed in the pausing of FaceTime video. The issue was resolved with improved logic. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A user?s video may not be paused in a FaceTime call if they exit the FaceTime app while the call is ringing.2019-12-18not yet calculatedCVE-2019-8550
MISC
MISC
MISC
apple -- ios_and_safariA logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, Safari 12.1. Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting.2019-12-18not yet calculatedCVE-2019-8505
MISC
MISC
apple -- ios_and_safariA logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, Safari 12.1. Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting.2019-12-18not yet calculatedCVE-2019-6204
MISC
MISC
apple -- ios_and_watchosA privacy issue existed in motion sensor calibration. This issue was addressed with improved motion sensor processing. This issue is fixed in iOS 12.2, watchOS 5.2. A malicious app may be able to track users between installs.2019-12-18not yet calculatedCVE-2019-8541
MISC
MISC
apple -- macos_catalinaA logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15. A malicious application may be able to determine kernel memory layout.2019-12-18not yet calculatedCVE-2019-8755
MISC
apple -- macos_catalinaA race condition existed when reading and writing user preferences. This was addressed with improved state handling. This issue is fixed in macOS Catalina 10.15. The "Share Mac Analytics" setting may not be disabled when a user deselects the switch to share analytics.2019-12-18not yet calculatedCVE-2019-8757
MISC
apple -- macos_catalinaThe contents of locked notes sometimes appeared in search results. This issue was addressed with improved data cleanup. This issue is fixed in macOS Catalina 10.15. A local user may be able to view a user?s locked notes.2019-12-18not yet calculatedCVE-2019-8730
MISC
apple -- macos_catalina_and_itunes_for_windowsA dynamic library loading issue existed in iTunes setup. This was addressed with improved path searching. This issue is fixed in macOS Catalina 10.15.1, iTunes for Windows 12.10.2. Running the iTunes installer in an untrusted directory may result in arbitrary code execution.2019-12-18not yet calculatedCVE-2019-8801
MISC
MISC
apple -- macos_mojaveA lock handling issue was addressed with improved lock handling. This issue is fixed in macOS Mojave 10.14.4. A Mac may not lock when disconnecting from an external monitor.2019-12-18not yet calculatedCVE-2019-8533
MISC
apple -- macos_mojaveA logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4. An encrypted volume may be unmounted and remounted by a different user without prompting for the password.2019-12-18not yet calculatedCVE-2019-8522
MISC
apple -- macos_mojaveAn out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Mojave 10.14.4. An application may be able to read restricted memory.2019-12-18not yet calculatedCVE-2019-8519
MISC
apple -- macos_mojaveA validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Mojave 10.14.5. A local user may be able to load unsigned kernel extensions.2019-12-18not yet calculatedCVE-2019-8606
MISC
apple -- multiple_productsA memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout.2019-12-18not yet calculatedCVE-2019-8540
MISC
MISC
MISC
MISC
apple -- multiple_productsMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-18not yet calculatedCVE-2019-8619
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsA validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted string may lead to a denial of service.2019-12-18not yet calculatedCVE-2019-8516
MISC
MISC
MISC
MISC
apple -- multiple_productsAn API issue existed in the handling of dictation requests. This issue was addressed with improved validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to initiate a Dictation request without user authorization.2019-12-18not yet calculatedCVE-2019-8502
MISC
MISC
MISC
MISC
apple -- multiple_productsA buffer overflow was addressed with improved size validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.2019-12-18not yet calculatedCVE-2019-8527
MISC
MISC
MISC
MISC
apple -- multiple_productsAn out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted font may result in the disclosure of process memory.2019-12-18not yet calculatedCVE-2019-8517
MISC
MISC
MISC
MISC
apple -- multiple_productsA logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. An application may be able to gain elevated privileges.2019-12-18not yet calculatedCVE-2019-8514
MISC
MISC
MISC
MISC
apple -- multiple_productsA memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A local user may be able to cause unexpected system termination or read kernel memory.2019-12-18not yet calculatedCVE-2019-8545
MISC
MISC
MISC
MISC
apple -- multiple_productsMultiple input validation issues existed in MIG generated code. These issues were addressed with improved validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to execute arbitrary code with system privileges.2019-12-18not yet calculatedCVE-2019-8549
MISC
MISC
MISC
MISC
apple -- multiple_productsA memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A local user may be able to read kernel memory.2019-12-18not yet calculatedCVE-2019-7293
MISC
MISC
MISC
MISC
apple -- multiple_productsA buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15, tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing a maliciously crafted text file may lead to arbitrary code execution.2019-12-18not yet calculatedCVE-2019-8745
MISC
MISC
MISC
MISC
apple -- multiple_productsA memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-18not yet calculatedCVE-2019-8535
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsA memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-18not yet calculatedCVE-2019-8544
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsA logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to universal cross site scripting.2019-12-18not yet calculatedCVE-2019-8551
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsA buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious application may be able to elevate privileges.2019-12-18not yet calculatedCVE-2019-8542
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-18not yet calculatedCVE-2019-8726
MISC
MISC
MISC
apple -- multiple_productsA memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-18not yet calculatedCVE-2019-8536
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-18not yet calculatedCVE-2019-8523
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-18not yet calculatedCVE-2019-8782
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsA memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with kernel privileges.2019-12-18not yet calculatedCVE-2019-8786
MISC
MISC
MISC
MISC
apple -- multiple_productsA memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to elevate privileges.2019-12-18not yet calculatedCVE-2019-8552
MISC
MISC
MISC
MISC
apple -- multiple_productsA cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information.2019-12-18not yet calculatedCVE-2019-8515
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-18not yet calculatedCVE-2019-6201
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsA memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A malicious application may be able to elevate privileges.2019-12-18not yet calculatedCVE-2019-8602
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-18not yet calculatedCVE-2019-8518
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-18not yet calculatedCVE-2019-8783
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsA logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious website may be able to execute scripts in the context of another website.2019-12-18not yet calculatedCVE-2019-8503
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsAn out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may result in the disclosure of process memory.2019-12-18not yet calculatedCVE-2019-8607
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-18not yet calculatedCVE-2019-8808
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsA memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with system privileges.2019-12-18not yet calculatedCVE-2019-8785
MISC
MISC
MISC
MISC
apple -- multiple_productsAn authentication issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. A local attacker may be able to login to the account of a previously logged in user without valid credentials..2019-12-18not yet calculatedCVE-2019-8803
MISC
MISC
MISC
MISC
apple -- multiple_productsMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-18not yet calculatedCVE-2019-8583
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsA use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-18not yet calculatedCVE-2019-7285
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-18not yet calculatedCVE-2019-8707
MISC
MISC
MISC
apple -- multiple_productsA type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-18not yet calculatedCVE-2019-8506
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-18not yet calculatedCVE-2019-6237
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsA memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with system privileges.2019-12-18not yet calculatedCVE-2019-8798
MISC
MISC
MISC
MISC
apple -- multiple_productsA validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may result in the disclosure of process memory.2019-12-18not yet calculatedCVE-2019-7292
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-18not yet calculatedCVE-2019-8524
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-18not yet calculatedCVE-2019-8733
MISC
MISC
MISC
apple -- multiple_productsMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.2019-12-18not yet calculatedCVE-2019-8587
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsA validation issue was addressed with improved input sanitization. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to read restricted memory.2019-12-18not yet calculatedCVE-2019-8794
MISC
MISC
MISC
MISC
apple -- multiple_productsA memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with system privileges.2019-12-18not yet calculatedCVE-2019-8797
MISC
MISC
MISC
MISC
apple -- multiple_productsA memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. An application may be able to execute arbitrary code with system privileges.2019-12-18not yet calculatedCVE-2019-8784
MISC
MISC
MISC
MISC
MISC
apple -- shazam_andriod_app_and_shazam_ios_appAn injection issue was addressed with improved validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to arbitrary javascript code execution.2019-12-18not yet calculatedCVE-2019-8792
MISC
MISC
apple -- shazam_andriod_app_and_shazam_ios_appAn issue existed in the parsing of URL schemes. This issue was addressed with improved URL validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to an open redirect.2019-12-18not yet calculatedCVE-2019-8791
MISC
MISC
apple -- shortcuts_for_iosAn access issue was addressed with additional sandbox restrictions. This issue is fixed in Shortcuts 2.1.3 for iOS. A sandboxed process may be able to circumvent sandbox restrictions.2019-12-18not yet calculatedCVE-2019-7290
MISC
apple -- shortcuts_for_iosA parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in Shortcuts 2.1.3 for iOS. A local user may be able to view senstive user information.2019-12-18not yet calculatedCVE-2019-7289
MISC
apple -- swift-nio-sslThe issue was addressed by signaling that an executable stack is not required. This issue is fixed in SwiftNIO SSL 2.4.1. A SwiftNIO application using TLS may be able to execute arbitrary code.2019-12-18not yet calculatedCVE-2019-8849
MISC
apple -- texture_for_ios_and_texture_for_androidSome analytics data was sent using HTTP rather than HTTPS. This was addressed by no longer sending this analytics data. This issue is fixed in Texture 5.11.10 for iOS, Texture 4.22.0.4 for Android. An attacker in a privileged network position may be able to intercept analytics data.2019-12-18not yet calculatedCVE-2019-8632
MISC
MISC
apple -- watchosAn issue existed where partially entered passcodes may not clear when the device went to sleep. This issue was addressed by clearing the passcode when a locked device sleeps. This issue is fixed in watchOS 5.2. A partially entered passcode may not clear when the device goes to sleep.2019-12-18not yet calculatedCVE-2019-8548
MISC
apple -- xcodeMultiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege.2019-12-18not yet calculatedCVE-2019-8721
MISC
apple -- xcodeMultiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege.2019-12-18not yet calculatedCVE-2019-8722
MISC
apple -- xcodeA memory corruption issue was addressed with improved validation. This issue is fixed in Xcode 11.2. Processing a maliciously crafted file may lead to arbitrary code execution.2019-12-18not yet calculatedCVE-2019-8806
MISC
apple -- xcodeA memory corruption issue was addressed with improved state management. This issue is fixed in Xcode 11.0. Processing a maliciously crafted file may lead to arbitrary code execution.2019-12-18not yet calculatedCVE-2019-8738
MISC
apple -- xcodeA memory corruption issue was addressed with improved state management. This issue is fixed in Xcode 11.0. Processing a maliciously crafted file may lead to arbitrary code execution.2019-12-18not yet calculatedCVE-2019-8739
MISC
apple -- xcodeA memory corruption issue was addressed with improved validation. This issue is fixed in Xcode 11.2. Processing a maliciously crafted file may lead to arbitrary code execution.2019-12-18not yet calculatedCVE-2019-8800
MISC
aristia -- cloudvision_portalIn CloudVision Portal all releases in the 2018.1 and 2018.2 Code train allows users with read-only permissions to bypass permissions for restricted functionality via CVP API calls through the Configlet Builder modules. This vulnerability can potentially enable authenticated users with read-only access to take actions that are otherwise restricted in the GUI.2019-12-19not yet calculatedCVE-2019-18181
CONFIRM
aristia -- cloudvision_portalIn CloudVision Portal (CVP) for all releases in the 2018.2 Train, under certain conditions, the application logs user passwords in plain text for certain API calls, potentially leading to user password exposure. This only affects CVP environments where: 1. Devices have enable mode passwords which are different from the user's login password, OR 2. There are configlet builders that use the Device class and specify username and password explicitly Application logs are not accessible or visible from the CVP GUI. Application logs can only be read by authorized users with privileged access to the VM hosting the CVP application.2019-12-19not yet calculatedCVE-2019-18615
CONFIRM
asus -- atk_package_for_windows_10_notebook_pcsAsLdrSrv.exe in ASUS ATK Package before V1.0.0061 (for Windows 10 notebook PCs) could lead to unsigned code execution with no additional execution. The user must put an application at a particular path, with a particular file name.2019-12-18not yet calculatedCVE-2019-19235
MISC
CONFIRM
MISC
asus -- hg100_and_ws-101_and_ts-101_devicesAn issue was discovered on ASUS HG100 1.05.12, WS-101 1.05.12, and TS-101 1.05.12 devices using ZigBee PRO. Attackers can utilize the "discover ZigBee network procedure" to perform a denial of service attack.2019-12-20not yet calculatedCVE-2019-15910
MISC
asus -- hg100_and_ws-101_and_ts-101_devicesAn issue was discovered on ASUS HG100 1.05.12, WS-101 1.05.12, and TS-101 1.05.12 devices using ZigBee PRO. Attackers can use the ZigBee trust center rejoin procedure to perform a denial of service attack.2019-12-20not yet calculatedCVE-2019-15912
MISC
MISC
asus -- hg100_and_ws-101_and_ts-101_devicesAn issue was discovered on ASUS HG100 1.05.12, WS-101 1.05.12, and TS-101 1.05.12 devices using ZigBee PRO. Because of insecure key transport in ZigBee communication, attackers can obtain sensitive information, cause a denial of service attack, take over smart home devices, and tamper with messages.2019-12-20not yet calculatedCVE-2019-15911
MISC
atlassian -- bitbucket_kopano_group_coreHrAddFBBlock in libfreebusy/freebusyutil.cpp in Kopano Groupware Core before 8.7.7 allows out-of-bounds access, as demonstrated by mishandling of an array copy during parsing of ICal data.2019-12-19not yet calculatedCVE-2019-19907
MISC
MISC
atlassian -- confluence_server_and_confluence_data_centerThere was a man-in-the-middle (MITM) vulnerability present in the Confluence Previews plugin in Confluence Server and Confluence Data Center. This plugin was used to facilitate communication with the Atlassian Companion application. The Confluence Previews plugin in Confluence Server and Confluence Data Center communicated with the Companion application via the atlassian-domain-for-localhost-connections-only.com domain name, the DNS A record of which points at 127.0.0.1. Additionally, a signed certificate for the domain was publicly distributed with the Companion application. An attacker in the position to control DNS resolution of their victim could carry out a man-in-the-middle (MITM) attack between Confluence Server (or Confluence Data Center) and the atlassian-domain-for-localhost-connections-only.com domain intended to be used with the Companion application. This certificate has been revoked, however, usage of the atlassian-domain-for-localhost-connections-only.com domain name was still present in Confluence Server and Confluence Data Center. An attacker could perform the described attack by denying their victim access to certificate revocation information, and carry out a man-in-the-middle (MITM) attack to observe files being edited using the Companion application and/or modify them, and access some limited user information.2019-12-19not yet calculatedCVE-2019-15006
MISC
MISC
MISC
BUGTRAQ
MISC
atlassian -- crowdVarious resources in the Crowd Demo application of Atlassian Crowd before version 3.1.1 allow remote attackers to modify add, modify and delete users & groups via a Cross-site request forgery (CSRF) vulnerability. Please be aware that the Demo application is not enabled by default.2019-12-17not yet calculatedCVE-2017-18107
MISC
atlassian -- jira_application_linksThe ListEntityLinksServlet resource in Application Links before version 5.0.12, from version 5.1.0 before version 5.2.11, from version 5.3.0 before version 5.3.7, from version 5.4.0 before 5.4.13, and from version 6.0.0 before 6.0.5 disclosed application link information to non-admin users via a missing permissions check.2019-12-17not yet calculatedCVE-2019-15011
MISC
backdrop -- backdrop_cmsAn issue was discovered in Backdrop CMS 1.14.x before 1.14.2. It doesn't sufficiently filter output when displaying file type descriptions created by administrators. An attacker could potentially craft a specialized description, then have an administrator execute scripting when viewing the list of file types, aka XSS. This vulnerability is mitigated by the fact that an attacker must have a role with the "Administer file types" permission.2019-12-19not yet calculatedCVE-2019-19903
MISC
backdrop -- backdrop_cmsAn issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14.x before 1.14.2. It doesn't sufficiently filter output when displaying content type names in the content creation interface. An attacker could potentially craft a specialized content type name, then have an editor execute scripting when creating content, aka XSS. This vulnerability is mitigated by the fact that an attacker must have a role with the "Administer content types" permission.2019-12-19not yet calculatedCVE-2019-19900
MISC
backdrop -- backdrop_cmsAn issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14.x before 1.14.2. It doesn't sufficiently filter output when displaying certain block descriptions created by administrators. An attacker could potentially craft a specialized description, then have an administrator execute scripting when configuring a layout, aka XSS. This issue is mitigated by the fact that the attacker would be required to have the permission to create custom blocks, which is typically an administrative task.2019-12-19not yet calculatedCVE-2019-19901
MISC
backdrop -- backdrop_cmsAn issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14.x before 1.14.2. It allows the upload of entire-site configuration archives through the user interface or command line. It does not sufficiently check uploaded archives for invalid data, allowing non-configuration scripts to potentially be uploaded to the server. This issue is mitigated by the fact that the attacker would be required to have the "Synchronize, import, and export configuration" permission, a permission that only trusted administrators should be given. Other measures in the product prevent the execution of PHP scripts, so another server-side scripting language must be accessible on the server to execute code.2019-12-19not yet calculatedCVE-2019-19902
MISC
barco -- clickshare_button_r9861500d01_devicesBarco ClickShare Button R9861500D01 devices before 1.9.0 allow OS Command Injection. The embedded 'dongle_bridge' program used to expose the functionalities of the ClickShare Button to a USB host, is vulnerable to OS command injection vulnerabilities. These vulnerabilities could lead to code execution on the ClickShare Button with the privileges of the user 'nobody'.2019-12-16not yet calculatedCVE-2019-18830
MISC
MISC
MISC
MISC
MISC
MISC
barco -- clickshare_button_r9861500d01_devicesBarco ClickShare Button R9861500D01 devices before 1.9.0 have Improper Following of a Certificate's Chain of Trust. The embedded 'dongle_bridge' program used to expose the functionalities of the ClickShare Button to a USB host, does not properly validate the whole certificate chain.2019-12-16not yet calculatedCVE-2019-18826
MISC
barco -- clickshare_button_r9861500d01_devicesOn Barco ClickShare Button R9861500D01 devices (before firmware version 1.9.0) JTAG access is disabled after ROM code execution. This means that JTAG access is possible when the system is running code from ROM before handing control over to embedded firmware.2019-12-16not yet calculatedCVE-2019-18827
MISC
MISC
MISC
MISC
MISC
MISC
barco -- clickshare_button_r9861500d01_devicesBarco ClickShare Button R9861500D01 devices before 1.9.0 have Insufficiently Protected Credentials. The root account (present for access via debug interfaces, which are by default not enabled on production devices) of the embedded Linux on the ClickShare Button is using a weak password.2019-12-16not yet calculatedCVE-2019-18828
MISC
MISC
MISC
MISC
MISC
MISC
barco -- clickshare_button_r9861500d01_devicesBarco ClickShare Button R9861500D01 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Button implements encryption at rest which uses a one-time programmable (OTP) AES encryption key. This key is shared across all ClickShare Buttons of model R9861500D01.2019-12-17not yet calculatedCVE-2019-18832
MISC
MISC
barco -- clickshare_button_r9861500d01_devicesBarco ClickShare Button R9861500D01 devices before 1.9.0 have Missing Support for Integrity Check. The ClickShare Button does not verify the integrity of the mutable content on the UBIFS partition before being used.2019-12-17not yet calculatedCVE-2019-18824
MISC
MISC
barco -- clickshare_button_r9861500d01_devicesBarco ClickShare Button R9861500D01 devices before 1.9.0 allow Information exposure (issue 2 of 2).. The encryption key of the media content which is shared between a ClickShare Button and a ClickShare Base Unit is randomly generated for each new session and communicated over a TLS connection. An attacker who is able to perform a Man-in-the-Middle attack between the TLS connection, is able to obtain the encryption key.2019-12-17not yet calculatedCVE-2019-18833
MISC
MISC
barco -- clickshare_button_r9861500d01_devicesBarco ClickShare Button R9861500D01 devices before 1.9.0 allow Information Exposure. The encrypted ClickShare Button firmware contains the private key of a test device-certificate.2019-12-16not yet calculatedCVE-2019-18831
MISC
MISC
MISC
MISC
MISC
MISC
barco -- clickshare_button_r9861500d1_devicesBarco ClickShare Button R9861500D01 devices before 1.9.0 have Missing Support for Integrity Check. The Barco signed 'Clickshare_For_Windows.exe' binary on the ClickShare Button (R9861500D01) loads a number of DLL files dynamically without verifying their integrity.2019-12-17not yet calculatedCVE-2019-18829
MISC
MISC
barco -- clickshare_huddle_cs-100_devicesBarco ClickShare Huddle CS-100 devices before 1.9.0 and CSE-200 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Base Unit implements encryption at rest using encryption keys which are shared across all ClickShare Base Units of models CS-100 & CSE-200.2019-12-17not yet calculatedCVE-2019-18825
MISC
MISC
beckhoff -- embedded_windows_plcs_and_twincat_on_windows_engineering_stationsBeckhoff Embedded Windows PLCs through 3.1.4024.0, and Beckhoff Twincat on Windows Engineering stations, allow an attacker to achieve Remote Code Execution (as SYSTEM) via the Beckhoff ADS protocol.2019-12-19not yet calculatedCVE-2019-16871
CONFIRM
MISC
broadcom -- ca_client_automation_agent_for_windowsAn insecure file access vulnerability exists in CA Client Automation 14.0, 14.1, 14.2, and 14.3 Agent for Windows that can allow a local attacker to gain escalated privileges.2019-12-20not yet calculatedCVE-2019-19231
CONFIRM
cloud_foundry_foundation -- cloud_controller_apiCloud Foundry Cloud Controller API (CAPI), version 1.88.0, allows space developers to list all global service brokers, including service broker URLs and GUIDs, which should only be accessible to admins.2019-12-19not yet calculatedCVE-2019-11294
CONFIRM
contao -- contaoContao 4.0 through 4.8.5 has Insecure Permissions. Back end users can manipulate the details view URL to show pages and articles that have not been enabled for them.2019-12-17not yet calculatedCVE-2019-19712
MISC
CONFIRM
cups -- cupscups (Common Unix Printing System) 'Listen localhost:631' option not honored correctly which could provide unauthorized access to the system2019-12-20not yet calculatedCVE-2012-6094
MISC
MISC
REDHAT
MISC
MISC
MISC
MISC
cyrus -- imapAn issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8. If sieve script uploading is allowed (3.x) or certain non-default sieve options are enabled (2.x), a user with a mail account on the service can use a sieve script containing a fileinto directive to create any mailbox with administrator privileges, because of folder mishandling in autosieve_createfolder() in imap/lmtp_sieve.c.2019-12-16not yet calculatedCVE-2019-19783
BUGTRAQ
MISC
MISC
DEBIAN
cyrus -- saslcyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.2019-12-19not yet calculatedCVE-2019-19906
MISC
MLIST
DEBIAN
MISC
d-link -- dir-615_devicesOn D-Link DIR-615 devices, the User Account Configuration page is vulnerable to blind XSS via the name field.2019-12-18not yet calculatedCVE-2019-19742
MISC
MISC
MISC
MISC
MISC
MISC
d-link -- dir-615_devicesOn D-Link DIR-615 devices, a normal user is able to create a root(admin) user from the D-Link portal.2019-12-16not yet calculatedCVE-2019-19743
FULLDISC
MISC
MISC
MISC
MISC
dell -- rsa_identity_governance_and_lifecycle_and_rsa_via_lifecycle_and_governanceThe RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance products prior to 7.1.1 P03 contain a Session Fixation vulnerability. An authenticated malicious local user could potentially exploit this vulnerability as the session token is exposed as part of the URL. A remote attacker can gain access to victim?s session and perform arbitrary actions with privileges of the user within the compromised session.2019-12-18not yet calculatedCVE-2019-18573
MISC
dell -- rsa_identity_governance_and_lifecycle_and_rsa_via_lifecycle_and_governanceThe RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance products prior to 7.1.1 P03 contain a reflected cross-site scripting vulnerability in the My Access Live module [MAL]. An authenticated malicious local user could potentially exploit this vulnerability by sending crafted URL with scripts. When victim users access the module through their browsers, the malicious code gets injected and executed by the web browser in the context of the vulnerable web application.2019-12-18not yet calculatedCVE-2019-18571
MISC
dell -- rsa_identity_governance_and_lifecycle_and_rsa_via_lifecycle_and_governanceThe RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance products prior to 7.1.1 P03 contain an Improper Authentication vulnerability. A Java JMX agent running on the remote host is configured with plain text password authentication. An unauthenticated remote attacker can connect to the JMX agent and monitor and manage the Java application.2019-12-18not yet calculatedCVE-2019-18572
MISC
dell -- xps_13_2-in-1_biosSettings for the Dell XPS 13 2-in-1 (7390) BIOS versions prior to 1.1.3 contain a configuration vulnerability. The BIOS configuration for the "Enable Thunderbolt (and PCIe behind TBT) pre-boot modules" setting is enabled by default. A local unauthenticated attacker with physical access to a user's system can obtain read or write access to main memory via a DMA attack during platform boot.2019-12-16not yet calculatedCVE-2019-18579
MISC
divisa_it -- proxia_suite_and_sparkspace_and_proxia_phrDivisa Proxia Suite 9 < 9.12.16, 9.11.19, 9.10.26, 9.9.8, 9.8.43 and 9.7.10, 10.0 < 10.0.32, and 10.1 < 10.1.5, SparkSpace 1.0 < 1.0.30, 1.1 < 1.1.2, and 1.2 < 1.2.4, and Proxia PHR 1.0 < 1.0.30 and 1.1 < 1.1.2 allows remote code execution via untrusted Java deserialization. The proxia-error cookie is insecurely deserialized in every request (GET or POST). Thus, an unauthenticated attacker can easily craft a seria1.0lized payload in order to execute arbitrary code via the prepareError function in the com.divisait.dv2ee.controller.MVCControllerServlet class of the dv2eemvc.jar component. allows remote code execution via untrusted Java deserialization. The proxia-error cookie is insecurely deserialized in every request (GET or POST). Thus, an unauthenticated attacker can easily craft a serialized payload in order to execute arbitrary code via the prepareError function in the com.divisait.dv2ee.controller.MVCControllerServlet class of the dv2eemvc.jar component. Affected products include Proxia Premium Edition 2017 and Sparkspace.2019-12-17not yet calculatedCVE-2019-18956
MISC
django -- djangoDjango before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of Unicode characters) would allow an attacker to be sent a password reset token for the matched user account. (One mitigation in the new releases is to send password reset tokens only to the registered user email address.)2019-12-18not yet calculatedCVE-2019-19844
MISC
MISC
UBUNTU
CONFIRM
docker -- docker_engine_and_cs_docker_engineDocker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 do not use a globally unique identifier to store image layers, which makes it easier for attackers to poison the image cache via a crafted image in pull or push commands.2019-12-17not yet calculatedCVE-2014-8178
MISC
MISC
MISC
MISC
CONFIRM
drupal -- drupalThe Views Dynamic Fields module through 7.x-1.0-alpha4 for Drupal makes insecure unserialize calls in handlers/views_handler_filter_dynamic_fields.inc, as demonstrated by PHP object injection, involving a field_names object and an Archive_Tar object, for file deletion. Code execution might also be possible.2019-12-16not yet calculatedCVE-2019-19826
MISC
eclipse -- cheFor Eclipse Che versions 6.16 to 7.3.0, with both authentication and TLS disabled, visiting a malicious web site could trigger the start of an arbitrary Che workspace. Che with no authentication and no TLS is not usually deployed on a public network but is often used for local installations (e.g. on personal laptops). In that case, even if the Che API is not exposed externally, some javascript running in the local browser is able to send requests to it.2019-12-19not yet calculatedCVE-2019-17633
CONFIRM
ecryptfs -- ecrpytfs-utilsecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev which creates a possible privilege escalation2019-12-20not yet calculatedCVE-2012-3409
MISC
MISC
MISC
REDHAT
MISC
MISC
elastic -- kibanaKibana versions before 6.8.6 and 7.5.1 contain a cross site scripting (XSS) flaw in the coordinate and region map visualizations. An attacker with the ability to create coordinate map visualizations could create a malicious visualization. If another Kibana user views that visualization or a dashboard containing the visualization it could execute JavaScript in the victim?s browser.2019-12-18not yet calculatedCVE-2019-7621
MISC
MISC
excon_gem_for_ruby_on_rails -- excon_gem_for_ruby_on_railsIn RubyGem excon before 0.71.0, there was a race condition around persistent connections, where a connection which is interrupted (such as by a timeout) would leave data on the socket. Subsequent requests would then read this data, returning content from the previous response. The race condition window appears to be short, and it would be difficult to purposefully exploit this.2019-12-16not yet calculatedCVE-2019-16779
MISC
CONFIRM
ffjpeg -- ffjpegbitstr_tell at bitstr.c in ffjpeg through 2019-08-21 has a NULL pointer dereference related to jfif_encode.2019-12-18not yet calculatedCVE-2019-19887
MISC
ffjpeg -- ffjpegjfif_decode in jfif.c in ffjpeg through 2019-08-21 has a divide-by-zero error.2019-12-18not yet calculatedCVE-2019-19888
MISC
ge -- s2020/s2020g_fast_switch_61850An issue was found in GE S2020/S2020G Fast Switch 61850, S2020/S2020G Fast Switch 61850 Versions 07A03 and prior. An attacker can inject arbitrary Javascript in a specially crafted HTTP request that may be reflected back in the HTTP response. The device is also vulnerable to a stored cross-site scripting vulnerability that may allow session hijacking, disclosure of sensitive data, cross-site request forgery (CSRF) attacks, and remote code execution.2019-12-18not yet calculatedCVE-2019-18267
MISC
git_project -- gitAn issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. Recursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones.2019-12-18not yet calculatedCVE-2019-1387
REDHAT
CONFIRM
gitlab -- gitlabAn IDOR vulnerability exists in GitLab <v12.1.2, <v12.0.4, and <v11.11.6 that allowed uploading files from project archive to replace other users files potentially allowing an attacker to replace project binaries or other uploaded assets.2019-12-18not yet calculatedCVE-2019-5469
MISC
MISC
gitlab -- gitlab_community_and_enterprise_editionsA command injection exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12 that allowed an attacker to inject commands via the API through the blobs scope.2019-12-18not yet calculatedCVE-2019-15575
MISC
gitlab -- gitlab_community_and_enterprise_editionsAn information disclosure vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12 that allowed an attacker to view private system notes from a GraphQL endpoint.2019-12-18not yet calculatedCVE-2019-15576
MISC
gitlab -- gitlab_community_and_enterprise_editionsAn information disclosure vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12 that allowed project milestones to be disclosed via groups browsing.2019-12-18not yet calculatedCVE-2019-15577
MISC
gitlab -- gitlab_community_and_enterprise_editionsA authentication bypass vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.10 in the Salesforce login integration that could be used by an attacker to create an account that bypassed domain restrictions and email verification requirements.2019-12-18not yet calculatedCVE-2019-5486
MISC
gitlab -- enterprise_editionAn improper access control vulnerability exists in Gitlab EE <v12.3.3, <v12.2.7, & <v12.1.13 that allowed the group search feature with Elasticsearch to return private code, merge requests and commits.2019-12-18not yet calculatedCVE-2019-5487
MISC
gitlab -- gitlabA denial of service exists in gitlab <v12.3.2, <v12.2.6, and <v12.1.10 that would let an attacker bypass input validation in markdown fields take down the affected page.2019-12-20not yet calculatedCVE-2019-15584
MISC
gitlab -- gitlabAn improper access control vulnerability exists in GitLab <12.3.3 that allows an attacker to obtain container and dependency scanning reports through the merge request widget even though public pipelines were disabled.2019-12-18not yet calculatedCVE-2019-15591
MISC
gitlab -- gitlabAn information exposure vulnerability exists in gitlab.com <v12.3.2, <v12.2.6, and <v12.1.10 when using the blocking merge request feature, it was possible for an unauthenticated user to see the head pipeline data of a public project even though pipeline visibility was restricted.2019-12-18not yet calculatedCVE-2019-15580
MISC
gitlab -- gitlabAn improper access control vulnerability exists in Gitlab <v12.3.2, <v12.2.6, <v12.1.12 which would allow a blocked user would be able to use GIT clone and pull if he had obtained a CI/CD token before.2019-12-18not yet calculatedCVE-2019-15589
MISC
gnome -- gnome-keyringgnome-keyring does not discard stored secrets when using gnome_keyring_lock_all_sync function2019-12-20not yet calculatedCVE-2012-6111
MISC
REDHAT
MISC
MISC
gnutls -- gnutlsGnuTLS incorrectly validates the first byte of padding in CBC modes2019-12-20not yet calculatedCVE-2015-8313
MISC
MISC
MISC
MISC
MISC
MISC
MISC
handlebars -- handlebarsVersions of handlebars prior to 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Object's __proto__ and __defineGetter__ properties, which may allow an attacker to execute arbitrary code through crafted payloads.2019-12-20not yet calculatedCVE-2019-19919
MISC
hcl_software -- hcl_appscan_sourceHCL AppScan Source 9.0.3.13 and earlier is susceptible to cross-site scripting (XSS) attacks by allowing users to embed arbitrary JavaScript code in the Web UI.2019-12-18not yet calculatedCVE-2019-4388
CONFIRM
hpe -- universal_internet_of_things_platformSecurity vulnerabilities in HPE UIoT version 1.2.4.2 could allow unauthorized remote access and access to sensitive data. HPE has addressed this issue in HPE UIoT: For customers with release UIoT 1.2.4.2 fixes are made available with 1.2.4.2 RP3 HF1. For customers with release older than 1.2.4.2, such as 1.2.4.1, 1.2.4.0, the resolution will be to upgrade to 1.2.4.2 RP3 HF1 Customers are requested to upgrade to the updated versions or contact HPE support for further assistance.2019-12-18not yet calculatedCVE-2019-11995
MISC
huawei -- multiple_productsThere is an information leakage vulnerability on some Huawei products(AR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600). An attacker with low permissions can view some high-privilege information by running specific commands.Successful exploit could cause an information disclosure condition.2019-12-16not yet calculatedCVE-2019-5259
MISC
humax -- wireless_voice_gateway_hgb10r-2_devicesAn issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160817_1855 devices. Admin credentials are sent over cleartext HTTP.2019-12-18not yet calculatedCVE-2019-19890
MISC
humax -- wireless_voice_gateway_hgb10r-2_devicesAn issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160817_1855 devices. The attacker can discover admin credentials in the backup file, aka backupsettings.conf.2019-12-18not yet calculatedCVE-2019-19889
MISC
ibm -- cognos_analyticsIBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 159356.2019-12-20not yet calculatedCVE-2019-4231
XF
CONFIRM
ibm -- cognos_analyticsIBM Cognos Analytics 11.0 and 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 166204.2019-12-20not yet calculatedCVE-2019-4555
XF
CONFIRM
ibm -- cognos_business_intelligenceIBM Cognos Business Intelligence 10.2.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 153179.2019-12-20not yet calculatedCVE-2018-1934
XF
CONFIRM
ibm -- financial_transaction_managerIBM Financial Transaction Manager 3.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 172877.2019-12-20not yet calculatedCVE-2019-4742
XF
CONFIRM
ibm -- financial_transaction_managerIBM Financial Transaction Manager 3.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 172706.2019-12-20not yet calculatedCVE-2019-4736
XF
CONFIRM
ibm -- planning_analyticsIBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting. IBM X-Force ID: 172094.2019-12-18not yet calculatedCVE-2019-4716
XF
CONFIRM
intel -- active_management_technologyInsufficient input validation in subsystem for Intel(R) AMT before version 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.2019-12-18not yet calculatedCVE-2019-11086
MISC
intel -- active_management_technologyLogic issue in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via network access.2019-12-18not yet calculatedCVE-2019-11131
MISC
intel -- active_management_technologyInsufficient input validation in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.2019-12-18not yet calculatedCVE-2019-11088
MISC
intel -- active_management_technologyInsufficient input validation in the subsystem for Intel(R) AMT before version 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via network access.2019-12-18not yet calculatedCVE-2019-11107
MISC
intel -- active_management_technologyInsufficient input validation in the subsystem for Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable information disclosure via network access.2019-12-18not yet calculatedCVE-2019-0166
MISC
intel -- active_management_technologyInsufficient input validation in the subsystem for Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable information disclosure via physical access.2019-12-18not yet calculatedCVE-2019-11100
MISC
intel -- active_management_technologyCross site scripting in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow a privileged user to potentially enable escalation of privilege via network access.2019-12-18not yet calculatedCVE-2019-11132
MISC
intel -- active_management_technologyInsufficient input validation in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access.2019-12-18not yet calculatedCVE-2019-0131
MISC
intel -- converged_security_and_management_engineInsufficient input validation in subsystem for Intel(R) CSME before versions 12.0.45 and 13.0.10 may allow a privileged user to potentially enable escalation of privilege via local access.2019-12-18not yet calculatedCVE-2019-11108
MISC
intel -- converged_security_and_management_engineLogic issue in subsystem for Intel(R) CSME before versions 12.0.45, 13.0.10 and 14.0.10 may allow a privileged user to potentially enable escalation of privilege and information disclosure via local access.2019-12-18not yet calculatedCVE-2019-11105
MISC
intel -- converged_security_and_management_engineInsufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access.2019-12-18not yet calculatedCVE-2019-11103
MISC
intel -- converged_security_and_management_engineInsufficient Input validation in the subsystem for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow a privileged user to potentially enable denial of service via local access.2019-12-18not yet calculatedCVE-2019-0165
MISC
intel -- converged_security_and_management_engine_and_trusted_execution_engineAuthentication bypass in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege via local access.2019-12-18not yet calculatedCVE-2019-11110
MISC
intel -- converged_security_and_management_engine_and_trusted_execution_engineHeap overflow in subsystem in Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an unauthenticated user to potentially enable escalation of privileges, information disclosure or denial of service via adjacent access.2019-12-18not yet calculatedCVE-2019-0169
MISC
intel -- converged_security_and_management_engine_and_trusted_execution_engineInsufficient input validation in Intel(R) DAL software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.2019-12-18not yet calculatedCVE-2019-11102
MISC
intel -- converged_security_and_management_engine_and_trusted_execution_engineInsufficient input validation in MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access.2019-12-18not yet calculatedCVE-2019-11104
MISC
intel -- converged_security_and_management_engine_and_trusted_execution_engineInsufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.2019-12-18not yet calculatedCVE-2019-11101
MISC
intel -- converged_security_and_management_engine_and_trusted_execution_engineInsufficient session validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege via local access.2019-12-18not yet calculatedCVE-2019-11106
MISC
intel -- converged_security_and_management_engine_and_trusted_execution_engineInsufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45 and 13.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.2019-12-18not yet calculatedCVE-2019-0168
MISC
intel -- converged_security_and_management_engine_and_trusted_execution_engineInsufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege, information disclosure or denial of service via local access.2019-12-18not yet calculatedCVE-2019-11087
MISC
intel -- dynamic_platform_and_thermal_frameworkImproper permissions in the Intel(R) Dynamic Platform and Thermal Framework v8.3.10208.5643 and before may allow an authenticated user to potentially execute code at an elevated level of privilege.2019-12-16not yet calculatedCVE-2019-0134
MISC
intel -- ethernet_i218_adapter_driver_for_windows_10Insufficient memory protection for Intel(R) Ethernet I218 Adapter driver for Windows* 10 before version 24.1 may allow an authenticated user to potentially enable information disclosure via local access.2019-12-16not yet calculatedCVE-2019-11096
MISC
intel -- fpga_sdk_for_opencl(tm)_pro_editionImproper conditions check in the Linux kernel driver for the Intel(R) FPGA SDK for OpenCL(TM) Pro Edition before version 19.4 may allow an authenticated user to potentially enable denial of service via local access.2019-12-16not yet calculatedCVE-2019-11165
MISC
intel -- management_engine_consumer_driver_for_windowsImproper directory permissions in the installer for Intel(R) Management Engine Consumer Driver for Windows before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45,13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access.2019-12-18not yet calculatedCVE-2019-11097
MISC
intel -- multiple_processorsImproper conditions check in voltage settings for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege and/or information disclosure via local access.2019-12-16not yet calculatedCVE-2019-11157
CONFIRM
CONFIRM
MISC
intel -- multiple_processorsImproper conditions check in multiple Intel? Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via local access.2019-12-16not yet calculatedCVE-2019-14607
CONFIRM
MISC
intel -- multiple_productsCryptographic timing conditions in the subsystem for Intel(R) PTT before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0 and 14.0.10; Intel(R) TXE 3.1.70 and 4.0.20; Intel(R) SPS before versions SPS_E5_04.01.04.305.0, SPS_SoC-X_04.00.04.108.0, SPS_SoC-A_04.00.04.191.0, SPS_E3_04.01.04.086.0, SPS_E3_04.08.04.047.0 may allow an unauthenticated user to potentially enable information disclosure via network access.2019-12-18not yet calculatedCVE-2019-11090
MISC
intel -- multiple_productsInsufficient access control in hardware abstraction driver for MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0, 14.0.10; TXEInfo software for Intel(R) TXE before versions 3.1.70 and 4.0.20; INTEL-SA-00086 Detection Tool version 1.2.7.0 or before; INTEL-SA-00125 Detection Tool version 1.0.45.0 or before may allow an authenticated user to potentially enable escalation of privilege via local access.2019-12-18not yet calculatedCVE-2019-11147
MISC
intel -- network_adaptersInsufficient memory protection in the Linux Administrative Tools for Intel(R) Network Adapters before version 24.3 may allow an authenticated user to potentially enable escalation of privilege via local access.2019-12-16not yet calculatedCVE-2019-0159
MISC
intel -- nucOut of bounds write in firmware for Intel(R) NUC(R) may allow a privileged user to potentially enable escalation of privilege via local access.2019-12-16not yet calculatedCVE-2019-14612
MISC
intel -- nucImproper input validation in firmware for Intel(R) NUC(R) may allow a privileged user to potentially enable escalation of privilege via local access.2019-12-16not yet calculatedCVE-2019-14609
MISC
intel -- nucImproper access control in firmware for Intel(R) NUC(R) may allow an authenticated user to potentially enable escalation of privilege via local access.2019-12-16not yet calculatedCVE-2019-14610
MISC
intel -- nucInteger overflow in firmware for Intel(R) NUC(R) may allow a privileged user to potentially enable escalation of privilege via local access.2019-12-16not yet calculatedCVE-2019-14611
MISC
intel -- nucImproper buffer restrictions in firmware for Intel(R) NUC(R) may allow an authenticated user to potentially enable escalation of privilege via local access.2019-12-16not yet calculatedCVE-2019-14608
MISC
intel -- quartus_prime_pro_editionNull pointer dereference in the FPGA kernel driver for Intel(R) Quartus(R) Prime Pro Edition before version 19.3 may allow an authenticated user to potentially enable denial of service via local access.2019-12-16not yet calculatedCVE-2019-14604
MISC
intel -- quartus_prime_pro_editionImproper permissions in the installer for the License Server software for Intel? Quartus? Prime Pro Edition before version 19.3 may allow an authenticated user to potentially enable escalation of privilege via local access.2019-12-16not yet calculatedCVE-2019-14603
MISC
intel -- rapid_storage_technologyImproper permissions in the executable for Intel(R) RST before version 17.7.0.1006 may allow an authenticated user to potentially enable escalation of privilege via local access.2019-12-16not yet calculatedCVE-2019-14568
MISC
intel -- scs_platform_discovery_utilityImproper permissions in the installer for the Intel(R) SCS Platform Discovery Utility, all versions, may allow an authenticated user to potentially enable escalation of privilege via local attack.2019-12-16not yet calculatedCVE-2019-14605
MISC
intel -- server_platform_servicesLogic issue in the subsystem for Intel(R) SPS before versions SPS_E5_04.01.04.275.0, SPS_SoC-X_04.00.04.100.0 and SPS_SoC-A_04.00.04.191.0 may allow a privileged user to potentially enable denial of service via local access.2019-12-18not yet calculatedCVE-2019-11109
MISC
ivanti -- workspace_controlIn Ivanti Workspace Control before 10.3.180.0. a locally authenticated user with low privileges can bypass Managed Application Security by leveraging an unspecified attack vector in Workspace Preferences, when it is enabled. As a result, the attacker can start applications that should be blocked.2019-12-17not yet calculatedCVE-2019-19675
CONFIRM
jenkins -- jenkinsJenkins Rundeck Plugin 3.6.5 and earlier stores credentials unencrypted in its global configuration file and in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.2019-12-17not yet calculatedCVE-2019-16556
MLIST
CONFIRM
jenkins -- jenkinsA missing permission check in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier allows attackers with Overall/Read permission to have Jenkins evaluate a computationally expensive regular expression.2019-12-17not yet calculatedCVE-2019-16554
MLIST
CONFIRM
jenkins -- jenkinsJenkins Spira Importer Plugin 3.2.3 and earlier disables SSL/TLS certificate validation for the Jenkins master JVM.2019-12-17not yet calculatedCVE-2019-16558
MLIST
CONFIRM
jenkins -- jenkinsA missing permission check in Jenkins WebSphere Deployer Plugin 1.6.1 and earlier allows attackers with Overall/Read permission to perform connection tests and determine whether files with an attacker-specified path exist on the Jenkins master file system.2019-12-17not yet calculatedCVE-2019-16559
MLIST
CONFIRM
jenkins -- jenkinsA cross-site request forgery vulnerability in Jenkins Gerrit Trigger Plugin 2.30.1 and earlier allows attackers to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials.2019-12-17not yet calculatedCVE-2019-16551
MLIST
CONFIRM
jenkins -- jenkinsA cross-site request forgery vulnerability in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier allows attackers to have Jenkins evaluate a computationally expensive regular expression.2019-12-17not yet calculatedCVE-2019-16553
MLIST
CONFIRM
jenkins -- jenkinsA cross-site request forgery vulnerability in Jenkins WebSphere Deployer Plugin 1.6.1 and earlier allows attackers to perform connection tests and determine whether files with an attacker-specified path exist on the Jenkins master file system.2019-12-17not yet calculatedCVE-2019-16560
MLIST
CONFIRM
jenkins -- jenkinsA cross-site request forgery vulnerability in a connection test form method in Jenkins Maven Release Plugin 0.16.1 and earlier allows attackers to have Jenkins connect to an attacker specified web server and parse XML documents.2019-12-17not yet calculatedCVE-2019-16550
MLIST
CONFIRM
jenkins -- jenkinsA missing permission check in Jenkins Gerrit Trigger Plugin 2.30.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials, or determine the existence of a file with a given path on the Jenkins master.2019-12-17not yet calculatedCVE-2019-16552
MLIST
CONFIRM
jenkins -- jenkinsJenkins Maven Release Plugin 0.16.1 and earlier does not configure the XML parser to prevent XML external entity (XXE) attacks, allowing man-in-the-middle attackers to have Jenkins parse crafted XML documents.2019-12-17not yet calculatedCVE-2019-16549
MLIST
CONFIRM
jenkins -- jenkinsA user-supplied regular expression in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier was processed in a way that wasn't interruptible, allowing attackers to have Jenkins evaluate a regular expression without the ability to interrupt this process.2019-12-17not yet calculatedCVE-2019-16555
MLIST
CONFIRM
jenkins -- jenkinsJenkins Redgate SQL Change Automation Plugin 2.0.3 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.2019-12-17not yet calculatedCVE-2019-16557
MLIST
CONFIRM
joomla! -- joomla!dataForDepandantField in models/custormfields.php in the JS JOBS FREE extension before 1.2.7 for Joomla! allows SQL Injection via the index.php?option=com_jsjobs&task=customfields.getfieldtitlebyfieldandfieldfo child parameter.2019-12-19not yet calculatedCVE-2019-17527
MISC
lansweeper -- lansweeperThe web console in Lansweeper 7.2.105.2 has XSS via the URL path. Product vulnerability has been fixed and disclosed within changelog as of 02 Dec 2019.2019-12-19not yet calculatedCVE-2019-18955
CONFIRM
libreoffice_and_apache -- libreoffice_and_openofficeLibreOffice and OpenOffice automatically open embedded content2019-12-20not yet calculatedCVE-2012-5639
MISC
REDHAT
MISC
MISC
maxum_development_corporation -- rumpus_ftp_web_file_managerA Reflected Cross Site Scripting was discovered in the Login page of Rumpus FTP Web File Manager 8.2.9.1. An attacker can exploit it by sending a crafted link to end users and can execute arbitrary Javascripts2019-12-16not yet calculatedCVE-2019-19368
MISC
MISC
MISC
mediawiki -- mediawikiThe MinervaNeue Skin in MediaWiki from 2019-11-05 to 2019-12-13 (1.35 and/or 1.34) mishandles certain HTML attributes, as demonstrated by IMG onmouseover= (impact is XSS) and IMG src=http (impact is disclosing the client's IP address). This can occur within a talk page topical header that is viewed within a mobile (MobileFrontend) context.2019-12-19not yet calculatedCVE-2019-19910
MISC
MISC
midori -- midori_browserIn Midori Browser 0.5.11 (on Windows 10), Content Security Policy (CSP) is not applied correctly to all parts of multipart content sent with the multipart/x-mixed-replace MIME type. This could result in script running where CSP should have blocked it, allowing for cross-site scripting (XSS) and other attacks when the product renders the content as HTML. Remediating this would also need to consider the polyglot case, e.g., a file that is a valid GIF image and also valid JavaScript.2019-12-20not yet calculatedCVE-2019-19916
MISC
MISC
MISC
myphpchat-plus -- myphpchat-plusphpMyChat-Plus 1.98 is vulnerable to reflected XSS via JavaScript injection into the password reset URL. In the URL, the pmc_username parameter to pass_reset.php is vulnerable.2019-12-20not yet calculatedCVE-2019-19908
MISC
MISC
MISC
nalpeiron -- nalpeiron_licensing_serviceNLSSRV32.EXE in Nalpeiron Licensing Service 7.3.4.0, as used with Nitro PDF and other products, allows Elevation of Privilege via the \\.\mailslot\nlsX86ccMailslot mailslot.2019-12-17not yet calculatedCVE-2019-19315
MISC
nathack -- nathackIn NatHack between 3.6.0 and 3.6.3, a buffer overflow issue exists when reading very long lines from a NetHack configuration file (usually named .nethackrc). This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to upload their own configuration files. All users are urged to upgrade to NetHack 3.6.4 as soon as possible.2019-12-20not yet calculatedCVE-2019-16787
MISC
CONFIRM
MISC
negotiator -- negotiatornegotiator before 0.6.1 is vulnerable to a regular expression DoS2019-12-20not yet calculatedCVE-2016-1000022
MISC
MISC
MISC
MISC
MISC
MISC
nethack -- nethackNetHack before 3.6.4 is prone to a buffer overflow vulnerability when reading very long lines from configuration files. This affects systems that have NetHack installed suid/sgid, and shared systems that allow users to upload their own configuration files.2019-12-19not yet calculatedCVE-2019-19905
MISC
MISC
MISC
CONFIRM
MISC
neuvector -- neuvectorNeuVector 3.1 when configured to allow authentication via Active Directory, does not enforce non-empty passwords which allows an attacker with access to the Neuvector portal to authenticate as any valid LDAP user by providing a valid username and an empty password (provided that the active directory server has not been configured to reject empty passwords).2019-12-20not yet calculatedCVE-2019-19747
MISC
MISC
node-df -- node-dfA code injection exists in node-df v0.1.4 that can allow an attacker to remote code execution by unsanitized input.2019-12-18not yet calculatedCVE-2019-15597
MISC
odoo -- community_and_enterpriseImproper access control in the computed fields system of the framework of Odoo Community 13.0 and Odoo Enterprise 13.0 allows remote authenticated attackers to access sensitive information via crafted RPC requests, which could lead to privilege escalation.2019-12-19not yet calculatedCVE-2019-11780
MISC
omron -- cj_and_cs_series_programmable_logic_controllersIn Omron PLC CJ series, all versions, and Omron PLC CS series, all versions, the software properly checks for the existence of a lock, but the lock can be externally controlled or influenced by an actor that is outside of the intended sphere of control.2019-12-16not yet calculatedCVE-2019-18269
MISC
omron -- cj_and_cs_series_programmable_logic_controllersIn Omron PLC CJ series, all versions, and Omron PLC CS series, all versions, an attacker could monitor traffic between the PLC and the controller and replay requests that could result in the opening and closing of industrial valves.2019-12-16not yet calculatedCVE-2019-13533
MISC
omron -- cj_and_cs_series_programmable_logic_controllersIn Omron PLC CJ series, all versions and Omron PLC CS series, all versions, an attacker could spoof arbitrary messages or execute commands.2019-12-16not yet calculatedCVE-2019-18259
MISC
omron -- cj_and_nj_series_programmable_logic_controllersIn Omron PLC CS series, all versions, Omron PLC CJ series, all versions, and Omron PLC NJ series, all versions, the software does not implement sufficient measures to prevent multiple failed authentication attempts within in a short time frame, making it more susceptible to brute force attacks.2019-12-16not yet calculatedCVE-2019-18261
MISC
opera -- opera_for_androidOpera for Android before 54.0.2669.49432 is vulnerable to a sandboxed cross-origin iframe bypass attack. By using a service working inside a sandboxed iframe it is possible to bypass the normal sandboxing attributes. This allows an attacker to make forced redirections without any user interaction from a third-party context.2019-12-18not yet calculatedCVE-2019-19788
MISC
palo_alto_networks -- pan-osImproper restriction of communications to Log Forwarding Card (LFC) on PA-7000 Series devices with second-generation Switch Management Card (SMC) may allow an attacker with network access to the LFC to gain root access to PAN-OS. This issue affects PAN-OS 9.0 versions prior to 9.0.5-h3 on PA-7080 and PA-7050 devices with an LFC installed and configured. This issue does not affect PA-7000 Series deployments using the first-generation SMC and the Log Processing Card (LPC). This issue does not affect any other PA series devices. This issue does not affect devices without an LFC. This issue does not affect PAN-OS 8.1 or prior releases. This issue only affects a very limited number of customers and we undertook individual outreach to help them upgrade. At the time of publication, all identified customers have upgraded SW or content and are not impacted.2019-12-20not yet calculatedCVE-2019-17440
CONFIRM
pebble_templates -- pebble_templatesPebble Templates 3.1.2 allows attackers to bypass a protection mechanism (intended to block access to instances of java.lang.Class) because getClass is accessible via the public static java.lang.Class java.lang.Class.forName(java.lang.Module,java.lang.String) signature.2019-12-19not yet calculatedCVE-2019-19899
MISC
phillips -- multiple_routersAn issue was found in Philips Veradius Unity, Pulsera, and Endura Dual WAN Router, Veradius Unity (718132) with wireless option (shipped between 2016-August 2018), Veradius Unity (718132) with ViewForum option (shipped between 2016-August 2018), Pulsera (718095) and Endura (718075) with wireless option (shipped between 26-June-2017 through 07-August 2018), Pulsera (718095) and Endura (718075) with ViewForum option (shipped between 26-June-2017 through 07-August 2018). The router software uses an encryption scheme that is not strong enough for the level of protection required.2019-12-20not yet calculatedCVE-2019-18263
MISC
plex -- media_serverThe Camera Upload functionality in Plex Media Server through 1.18.2.2029 allows remote authenticated users to write files anywhere the user account running the Plex Media Server has permissions. This allows remote code execution via a variety of methods, such as (on a default Ubuntu installation) creating a .ssh folder in the plex user's home directory via directory traversal, uploading an SSH authorized_keys file there, and logging into the host as the Plex user via SSH.2019-12-19not yet calculatedCVE-2019-19141
MISC
pronestor -- pronestor_plannerAn issue was discovered in the Outlook add-in in Pronestor Planner before 8.1.77. There is local privilege escalation in the Health Monitor service because PronestorHealthMonitor.exe access control is mishandled, aka PNB-2359.2019-12-18not yet calculatedCVE-2019-17390
MISC
MISC
public_knowledge_project -- pkp-libAn issue was discovered in Public Knowledge Project (PKP) pkp-lib before 3.1.2-2, as used in Open Journal Systems (OJS) before 3.1.2-2. Code injection can occur in the OJS report generator if an authenticated Journal Manager user visits a crafted URL, because unserialize is used.2019-12-19not yet calculatedCVE-2019-19909
MISC
MISC
MISC
pylons_project -- waitressWaitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separated list, with the inner-most encoding first, followed by any further transfer codings, ending with chunked. Requests sent with: "Transfer-Encoding: gzip, chunked" would incorrectly get ignored, and the request would use a Content-Length header instead to determine the body size of the HTTP message. This could allow for Waitress to treat a single request as multiple requests in the case of HTTP pipelining. This issue is fixed in Waitress 1.4.0.2019-12-20not yet calculatedCVE-2019-16786
MISC
MISC
CONFIRM
pylons_project -- waitressWaitress through version 1.3.1 implemented a "MAY" part of the RFC7230 which states: "Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize a single LF as a line terminator and ignore any preceding CR." Unfortunately if a front-end server does not parse header fields with an LF the same way as it does those with a CRLF it can lead to the front-end and the back-end server parsing the same HTTP message in two different ways. This can lead to a potential for HTTP request smuggling/splitting whereby Waitress may see two requests while the front-end server only sees a single HTTP message. This issue is fixed in Waitress 1.4.0.2019-12-20not yet calculatedCVE-2019-16785
MISC
MISC
CONFIRM
qualcomm -- multiple_snapdragon_productsMultiple read overflows in MM while decoding service accept,service reject,attach reject and MT detach in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR11302019-12-18not yet calculatedCVE-2019-10516
CONFIRM
qualcomm -- multiple_snapdragon_productsMemory is being freed up twice when two concurrent threads are executing in parallel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8996AU, QCS405, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR21302019-12-18not yet calculatedCVE-2019-10517
CONFIRM
qualcomm -- multiple_snapdragon_productsImproper length check on source buffer to handle userspace data received can lead to out-of-bound access in diag handlers in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, QCN7605, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR21302019-12-18not yet calculatedCVE-2019-10544
CONFIRM
qualcomm -- multiple_snapdragon_productsOut-of-bound read in the wireless driver in the Linux kernel due to lack of check of buffer length. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDX20, SDX55, SXR11302019-12-18not yet calculatedCVE-2019-10557
CONFIRM
qualcomm -- multiple_snapdragon_productsPotential double free scenario if driver receives another DIAG_EVENT_LOG_SUPPORTED event from firmware as the pointer is not set to NULL on first call in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6174A, QCA6574AU, QCA8081, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA660, SDA845, SDM450, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR21302019-12-18not yet calculatedCVE-2019-10536
CONFIRM
qualcomm -- multiple_snapdragon_productsUse after free of a pointer in iWLAN scenario during netmgr state transition to CONNECT in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, QCA6574AU, QCS405, QCS605, SDA660, SDA845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR21302019-12-18not yet calculatedCVE-2019-10518
CONFIRM
qualcomm -- multiple_snapdragon_productsBuffer overflow during SIB read when network configures complete sib list along with first and last segment of other SIB in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR11302019-12-18not yet calculatedCVE-2019-10525
CONFIRM
qualcomm -- multiple_snapdragon_productsImproper validation of event buffer extracted from FW response can lead to integer overflow, which will allow to pass the length check and eventually will lead to buffer overwrite when event data is copied to context buffer in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, Nicobar, QCA6574AU, QCN7605, QCS405, QCS605, SDM660, SDM845, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR21302019-12-18not yet calculatedCVE-2019-10537
CONFIRM
qualcomm -- multiple_snapdragon_productsDue to the use of non-time-constant comparison functions there is issue in timing side channels which can be used as a potential side channel for SUI corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCS404, QCS405, QCS605, QM215, SA6155P, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR21302019-12-18not yet calculatedCVE-2019-10482
CONFIRM
qualcomm -- multiple_snapdragon_productsOut of bound access occurs while handling the WMI FW event due to lack of check of buffer argument which comes directly from the WLAN FW in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9607, MSM8996AU, QCA6574AU, QCA8081, QCN7605, SDX55, SM6150, SM7150, SM81502019-12-18not yet calculatedCVE-2019-10481
CONFIRM
qualcomm -- multiple_snapdragon_productsBuffer over read can happen while parsing SMS OTA messages at transport layer if network sends un-intended values in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR11302019-12-18not yet calculatedCVE-2019-10487
CONFIRM
qualcomm -- multiple_snapdragon_productsPossibility of Null pointer access if the SPDM commands are executed in the non-standard way in Trustzone in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ8074, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCS404, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR21302019-12-18not yet calculatedCVE-2019-10513
CONFIRM
qualcomm -- multiple_snapdragon_productsPossible OOB issue in EEPROM due to lack of check while accessing memory map array at the time of reading operation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, MSM8909W, MSM8917, MSM8953, Nicobar, QCS405, QCS605, QM215, SA6155P, SDA845, SDM429, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR21302019-12-18not yet calculatedCVE-2019-10564
CONFIRM
qualcomm -- multiple_snapdragon_productsWhile processing MT Secondary PDP request, Buffer overflow will happen due to incorrect calculation of buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR11302019-12-18not yet calculatedCVE-2019-10500
CONFIRM
qualcomm -- multiple_snapdragon_productsImproper check in video driver while processing data from video firmware can lead to integer overflow and then buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR11302019-12-18not yet calculatedCVE-2019-10572
CONFIRM
rack_gem_for_ruby_on_rails -- rack_gem_for_ruby_on_railsThere's a possible information leak / session hijack vulnerability in Rack (RubyGem rack). This vulnerability is patched in versions 1.6.12 and 2.0.8. Attackers may be able to find and hijack sessions by using timing attacks targeting the session id. Session ids are usually stored and indexed in a database that uses some kind of scheme for speeding up lookups of that session id. By carefully measuring the amount of time it takes to look up a session, an attacker may be able to find a valid session id and hijack the session. The session id itself may be generated randomly, but the way the session is indexed by the backing store does not use a secure comparison.2019-12-18not yet calculatedCVE-2019-16782
MLIST
MLIST
MLIST
CONFIRM
CONFIRM
red_hat -- ansible_towerA flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.4, when /websocket is requested and the password contains the '#' character. This request would cause a socket error in RabbitMQ when parsing the password and an HTTP error code 500 and partial password disclose will occur in plaintext. An attacker could easily guess some predictable passwords or brute force the password.2019-12-19not yet calculatedCVE-2019-19342
CONFIRM
red_hat -- ansible_towerA flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.3, where enabling RabbitMQ manager by setting it with '-e rabbitmq_enable_manager=true' exposes the RabbitMQ management interface publicly, as expected. If the default admin user is still active, an attacker could guess the password and gain access to the system.2019-12-19not yet calculatedCVE-2019-19340
CONFIRM
red_hat -- ansible_towerA flaw was found in Ansible Tower, versions 3.6.x before 3.6.2, where files in '/var/backup/tower' are left world-readable. These files include both the SECRET_KEY and the database backup. Any user with access to the Tower server, and knowledge of when a backup is run, could retrieve every credential stored in Tower. Access to data is the highest threat with this vulnerability.2019-12-19not yet calculatedCVE-2019-19341
CONFIRM
red_hat -- jboss_application_server_7An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation, A threat gets reused from the thread pool that still retains the security context from the process last used, which lets a local user obtain elevated privileges.2019-12-18not yet calculatedCVE-2012-2312
MISC
MISC
MISC
roxy_fileman -- roxy_filemanRoxy Fileman 1.4.5 for .NET is vulnerable to path traversal. A remote attacker can write uploaded files to arbitrary locations via the RENAMEFILE action. This can be leveraged for code execution by uploading a specially crafted Windows shortcut file and writing the file to the Startup folder (because an incomplete blacklist of file extensions allows Windows shortcut files to be uploaded).2019-12-16not yet calculatedCVE-2019-19731
MISC
MISC
shadowsocks -- shadowsocks-libevAn exploitable information disclosure vulnerability exists in the network packet handling functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher, a specially crafted set of network packets can cause an outbound connection from the server, resulting in information disclosure. An attacker can send arbitrary packets to trigger this vulnerability.2019-12-18not yet calculatedCVE-2019-5152
MISC
shadow -- shadowshadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).2019-12-18not yet calculatedCVE-2019-19882
MISC
MISC
MISC
MISC
MISC
simplifile -- recordfusionIn Simplifile RecordFusion through 2019-11-25, the logs and hist parameters allow remote attackers to access local files via a logger/logs?/../ or logger/hist?/../ URI.2019-12-17not yet calculatedCVE-2019-19264
MISC
solarwinds -- serv-u_ftp_serverA cross-site scripting (XSS) vulnerability exists in SolarWinds Serv-U FTP Server 15.1.7 in the email parameter, a different vulnerability than CVE-2018-19934 and CVE-2019-13182.2019-12-18not yet calculatedCVE-2019-19829
MISC
sonicos -- ssl_vpn_nacagentInstallation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path in quotes, so if a malicious binary by an attacker within the parent path could allow code execution.2019-12-19not yet calculatedCVE-2019-7487
CONFIRM
sonicwall -- sma100_devicesCode injection in SonicWall SMA100 allows an authenticated user to execute arbitrary code in viewcacert CGI script. This vulnerability impacted SMA100 version 9.0.0.4 and earlier.2019-12-19not yet calculatedCVE-2019-7486
CONFIRM
sonicwall -- sma100_devicesBuffer overflow in SonicWall SMA100 allows an authenticated user to execute arbitrary code in DEARegister CGI script. This vulnerability impacted SMA100 version 9.0.0.3 and earlier.2019-12-19not yet calculatedCVE-2019-7485
CONFIRM
sonicwall -- sma100_devicesIn SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server.2019-12-19not yet calculatedCVE-2019-7483
CONFIRM
sonicwall -- sma100_devicesAuthenticated SQL Injection in SonicWall SMA100 allow user to gain read-only access to unauthorized resources using viewcacert CGI script. This vulnerability impacted SMA100 version 9.0.0.3 and earlier.2019-12-19not yet calculatedCVE-2019-7484
CONFIRM
sonicwall -- sma100_devicesStack-based buffer overflow in SonicWall SMA100 allows an unauthenticated user to execute arbitrary code in function libSys.so. This vulnerability impacted SMA100 version 9.0.0.3 and earlier.2019-12-19not yet calculatedCVE-2019-7482
CONFIRM
statics_server -- statics_serverA path traversal in statics-server exists in all version that allows an attacker to perform a path traversal when a symlink is used within the working directory.2019-12-18not yet calculatedCVE-2019-15596
MISC
sudo -- sudoIn Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user.2019-12-19not yet calculatedCVE-2019-19232
CONFIRM
MISC
sudo -- sudoIn Sudo through 1.8.29, the fact that a user has been blocked (e.g., by using the ! character in the shadow file instead of a password hash) is not considered, allowing an attacker (who has access to a Runas ALL sudoer account) to impersonate any blocked user.2019-12-19not yet calculatedCVE-2019-19234
CONFIRM
MISC
swagger -- swagger_uiswagger-ui has XSS in key names2019-12-20not yet calculatedCVE-2016-1000229
MISC
MISC
MISC
MISC
sylabs -- singularityInsecure permissions (777) are set on $HOME/.singularity when it is newly created by Singularity (version from 3.3.0 to 3.5.1), which could lead to an information leak, and malicious redirection of operations performed against Sylabs cloud services.2019-12-18not yet calculatedCVE-2019-19724
CONFIRM
talend -- restlet_frameworkAn XML eXternal Entity (XXE) issue exists in Restlet 1.1.10 in an endpoint using XML transport, which lets a remote attacker obtain sensitive information.2019-12-18not yet calculatedCVE-2012-2656
MISC
MISC
MISC
MISC
MISC
tautulli -- tautulliIn Tautulli 2.1.9, CSRF in the /shutdown URI allows an attacker to shut down the remote media server. (Also, anonymous access can be achieved in applications that do not have a user login area).2019-12-18not yet calculatedCVE-2019-19833
MISC
MISC
tibco -- multiple_tibco_spotfire_productsThe Visualizations component of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Deployment Kit, TIBCO Spotfire Desktop, and TIBCO Spotfire Desktop Language Packs contains a vulnerability that theoretically allows an attacker with permission to write DXP files to the Spotfire library to remotely execute code of their choice on the user account of other users who access the affected system. This attack is a risk only when the attacker has write access to a network file system shared with the affected system. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analyst: versions 7.11.1 and below, versions 7.12.0, 7.13.0, 7.14.0, 10.0.0, 10.1.0, 10.2.0, 10.3.0, 10.3.1, and 10.3.2, versions 10.4.0, 10.5.0, and 10.6.0, TIBCO Spotfire Analytics Platform for AWS Marketplace: version 10.6.0, TIBCO Spotfire Deployment Kit: versions 7.11.1 and below, TIBCO Spotfire Desktop: versions 7.11.1 and below, versions 7.12.0, 7.13.0, 7.14.0, 10.0.0, 10.1.0, 10.2.0, 10.3.0, 10.3.1, and 10.3.2, versions 10.4.0, 10.5.0, and 10.6.0, and TIBCO Spotfire Desktop Language Packs: versions 7.11.1 and below.2019-12-17not yet calculatedCVE-2019-17334
MISC
MISC
tibco -- spotfire_analytics_platform_for_aws_marketplace_and_spotfire_serverThe Data access layer component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains multiple vulnerabilities that theoretically allow an attacker access to data cached from a data source, or a portion of a data source, that the attacker should not have access to. The attacker would need privileges to save a Spotfire file to the library. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace: version 10.6.0 and TIBCO Spotfire Server: versions 7.11.7 and below, versions 7.12.0, 7.13.0, 7.14.0, 10.0.0, 10.0.1, 10.1.0, 10.2.0, 10.2.1, 10.3.0, 10.3.1, 10.3.2, 10.3.3, and 10.3.4, versions 10.4.0, 10.5.0, and 10.6.0.2019-12-17not yet calculatedCVE-2019-17335
MISC
MISC
tibco -- spotfire_analytics_platform_for_aws_marketplace_and_spotfire_serverThe Data access layer component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains multiple vulnerabilities that theoretically allow an attacker access to information that can lead to obtaining credentials used to access Spotfire data sources. The attacker would need privileges to save a Spotfire file to the library, and only applies in a situation where NTLM credentials, or a credentials profile is in use. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace: version 10.6.0 and TIBCO Spotfire Server: versions 7.11.7 and below, versions 7.12.0, 7.13.0, 7.14.0, 10.0.0, 10.0.1, 10.1.0, 10.2.0, 10.2.1, 10.3.0, 10.3.1, 10.3.2, 10.3.3, and 10.3.4, versions 10.4.0, 10.5.0, and 10.6.0.2019-12-17not yet calculatedCVE-2019-17336
MISC
MISC
tree-kill -- tree-killA Code Injection exists in treekill on Windows which allows a remote code execution when an attacker is able to control the input into the command.2019-12-18not yet calculatedCVE-2019-15598
MISC
tree-kill -- tree-killA Code Injection exists in tree-kill on Windows which allows a remote code execution when an attacker is able to control the input into the command.2019-12-18not yet calculatedCVE-2019-15599
MISC
trend_micro -- apex_oneTrend Micro Apex One (2019) is affected by a cross-site scripting (XSS) vulnerability on the product console. Note that the Japanese version of the product is NOT affected.2019-12-20not yet calculatedCVE-2019-19692
MISC
trend_micro -- apex_one_and_officescan_xgA vulnerability in Trend Micro Apex One and OfficeScan XG could allow an attacker to expose a masked credential key by manipulating page elements using development tools. Note that the attacker must already have admin/root privileges on the product console to exploit this vulnerability.2019-12-20not yet calculatedCVE-2019-19691
MISC
trend_micro -- deep_securityA privilege escalation vulnerability in the Trend Micro Deep Security as a Service Quick Setup cloud formation template could allow an authenticated entity with certain unrestricted AWS execution privileges to escalate to full privileges within the target AWS account.2019-12-16not yet calculatedCVE-2019-18191
N/A
trend_micro -- housecall_for_home_networksA privilege escalation vulnerability in Trend Micro HouseCall for Home Networks (versions below 5.3.0.1063) could be exploited allowing an attacker to place a malicious DLL file into the application directory and elevate privileges.2019-12-18not yet calculatedCVE-2019-19688
MISC
trend_micro -- housecall_for_home_networksTrend Micro HouseCall for Home Networks (versions below 5.3.0.1063) could be exploited via a DLL Hijack related to a vulnerability on the packer that the program uses.2019-12-18not yet calculatedCVE-2019-19689
MISC
trend_micro -- security_2020The Trend Micro Security 2020 consumer family of products contains a vulnerability that could allow a local attacker to disclose sensitive information or to create a denial-of-service condition on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.2019-12-20not yet calculatedCVE-2019-19693
MISC
MISC
trend_micro -- mobile_security_for_android Trend Micro Mobile Security for Android (Consumer) versions 10.3.1 and below on Android 8.0+ has an issue in which an attacker could bypass the product's App Password Protection feature.2019-12-18not yet calculatedCVE-2019-19690
MISC
trendnet -- tew-651br_and_tew-652brp_and_tew-652bru_devicesAn issue was discovered on TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices. OS command injection occurs through the get_set.ccp lanHostCfg_HostName_1.1.1.0.0 parameter.2019-12-18not yet calculatedCVE-2019-11399
MISC
MISC
trendnet -- tew-651br_and_tew-652brp_and_tew-652bru_devicesAn issue was discovered on TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices. A buffer overflow occurs through the get_set.ccp ccp_act parameter.2019-12-18not yet calculatedCVE-2019-11400
MISC
MISC
typo3 -- typo3An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. It has been discovered that the extraction of manually uploaded ZIP archives in Extension Manager is vulnerable to directory traversal. Admin privileges are required in order to exploit this vulnerability. (In v9 LTS and later, System Maintainer privileges are also required.)2019-12-17not yet calculatedCVE-2019-19848
MISC
MISC
typo3 -- typo3An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. It has been discovered that the classes QueryGenerator and QueryView are vulnerable to insecure deserialization. One exploitable scenario requires having the system extension ext:lowlevel (Backend Module: DB Check) installed, with a valid backend user who has administrator privileges. The other exploitable scenario requires having the system extension ext:sys_action installed, with a valid backend user who has limited privileges.2019-12-17not yet calculatedCVE-2019-19849
MISC
MISC
vmware -- vcenterA security vulnerability in HPE OneView for VMware vCenter 9.5 could be exploited remotely to allow Cross-Site Scripting.2019-12-18not yet calculatedCVE-2019-11992
MISC
wago -- pfc100_and_pfc200_devicesAn exploitable denial of service vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). A specially crafted set of packets can cause a denial of service, resulting in the device entering an error state where it ceases all network communications. An attacker can send unauthenticated packets to trigger this vulnerability.2019-12-18not yet calculatedCVE-2019-5078
MISC
wago -- pfc100_and_pfc200_devicesAn exploitable heap buffer overflow vulnerability exists in the iocheckd service ''I/O-Chec'' functionality of WAGO PFC 200 Firmware version 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). A specially crafted set of packets can cause a heap buffer overflow, potentially resulting in code execution. An attacker can send unauthenticated packets to trigger this vulnerability.2019-12-18not yet calculatedCVE-2019-5081
MISC
MISC
wago -- pfc100_and_pfc200_devicesAn exploitable information exposure vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). A specially crafted set of packets can cause an external tool to fail, resulting in uninitialized stack data to be copied to the response packet buffer. An attacker can send unauthenticated packets to trigger this vulnerability.2019-12-18not yet calculatedCVE-2019-5073
MISC
wago -- pfc100_and_pfc200_devicesAn exploitable stack buffer overflow vulnerability exists in the command line utility getcouplerdetails of WAGO PFC200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). A specially crafted set of packets sent to the iocheckd service "I/O-Check" can cause a stack buffer overflow in the sub-process getcouplerdetails, resulting in code execution. An attacker can send unauthenticated packets to trigger this vulnerability.2019-12-18not yet calculatedCVE-2019-5075
MISC
wago -- pfc100_and_pfc200_devicesAn exploitable stack buffer overflow vulnerability exists in the iocheckd service ''I/O-Check'' functionality of WAGO PFC200 Firmware version 03.01.07(13), WAGO PFC200 Firmware version 03.00.39(12) and WAGO PFC100 Firmware version 03.00.39(12). A specially crafted set of packets can cause a stack buffer overflow, resulting in code execution. An attacker can send unauthenticated packets to trigger this vulnerability.2019-12-18not yet calculatedCVE-2019-5074
CONFIRM
wago -- pfc100_and_pfc200_devicesAn exploitable denial-of-service vulnerability exists in the iocheckd service ??I/O-Chec?? functionality of WAGO PFC 200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC 100 Firmware version 03.00.39(12). A specially crafted set of packets can cause a denial of service, resulting in the device entering an error state where it ceases all network communications. An attacker can send unauthenticated packets to trigger this vulnerability.2019-12-18not yet calculatedCVE-2019-5077
MISC
wago -- pfc100_and_pfc200_devicesAn exploitable denial-of-service vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC 200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). A single packet can cause a denial of service and weaken credentials resulting in the default documented credentials being applied to the device. An attacker can send an unauthenticated packet to trigger this vulnerability.2019-12-18not yet calculatedCVE-2019-5080
MISC
wago -- pfc100_and_pfc200_devicesAn exploitable heap buffer overflow vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). A specially crafted set of packets can cause a heap buffer overflow, potentially resulting in code execution. An attacker can send unauthenticated packets to trigger this vulnerability.2019-12-18not yet calculatedCVE-2019-5079
MISC
wordpress -- wordpressThe "301 Redirects - Easy Redirect Manager" plugin before 2.45 for WordPress allows users (with subscriber or greater access) to modify, delete, or inject redirect rules, and exploit XSS, with the /admin-ajax.php?action=eps_redirect_save and /admin-ajax.php?action=eps_redirect_delete actions. This could result in a loss of site availability, malicious redirects, and user infections. This could also be exploited via CSRF.2019-12-19not yet calculatedCVE-2019-19915
MISC
MISC
xerox -- altalink_c8035_printersXerox AltaLink C8035 printers allow CSRF. A request to add users is made in the Device User Database form field to the xerox.set URI. (The frmUserName value must have a unique name.)2019-12-18not yet calculatedCVE-2019-19832
MISC
xiaomi-- multiple_devicesAn issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDCGQ01LM, RTCGQ01LM 5.5.48 devices. Because of insecure key transport in ZigBee communication, attackers can obtain sensitive information, cause a denial of service attack, take over smart home devices, and tamper with messages.2019-12-20not yet calculatedCVE-2019-15913
MISC
xiaomi -- multiple_devicesAn issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDCGQ01LM, RTCGQ01LM 5.5.48 devices. Attackers can utilize the "discover ZigBee network procedure" to perform a denial of service attack.2019-12-20not yet calculatedCVE-2019-15915
MISC
xiaomi -- multiple_devicesAn issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDCGQ01LM, RTCGQ01LM 5.5.48 devices. Attackers can use the ZigBee trust center rejoin procedure to perform a denial of service attack.2019-12-20not yet calculatedCVE-2019-15914
MISC
MISC
yarn -- yarnIn Yarn before 1.21.1, the package install functionality can be abused to generate arbitrary symlinks on the host filesystem by using specially crafted "bin" keys. Existing files could be overwritten depending on the current user permission set.2019-12-16not yet calculatedCVE-2019-10773
MISC
MISC
CONFIRM
MISC
zoho_manageengine -- adselfservice_plusAn open redirect vulnerability was discovered in Zoho ManageEngine ADSelfService Plus 5.x before 5809 that allows attackers to force users who click on a crafted link to be sent to a specified external site.2019-12-18not yet calculatedCVE-2019-18781
CONFIRM
MISC

Back to top

Please share your thoughts

We recently updated our anonymous product survey; we’d welcome your feedback.