Vulnerability Summary for the Week of December 23, 2019

Released
Dec 30, 2019
Document ID
SB19-364

The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High: vulnerabilities with a CVSS base score of 7.0–10.0
  • Medium: vulnerabilities with a CVSS base score of 4.0–6.9
  • Low: vulnerabilities with a CVSS base score of 0.0–3.9

Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis. 

 

The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

High Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
handlebars -- handlebarsVersions of handlebars prior to 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Object's __proto__ and __defineGetter__ properties, which may allow an attacker to execute arbitrary code through crafted payloads.2019-12-207.5CVE-2019-19919
MISC

Back to top

 

Medium Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
huawei -- elle-al00b_smart_phonesHuawei smart phones with earlier versions than ELLE-AL00B 9.1.0.222(C00E220R2P1) have a buffer overflow vulnerability. An attacker may intercept and tamper with the packet in the local area network (LAN) to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal.2019-12-235.8CVE-2019-5276
CONFIRM
huawei -- p30_smartphonesHuawei Share function in P30 9.1.0.193(C00E190R2P1) smartphone has an improper access control vulnerability. The function incorrectly controls certain access messages, attackers can simulate a sender to steal P2P network information. Successful exploit may cause information leakage.2019-12-235CVE-2019-5265
CONFIRM
huawei -- p30_smartphonesHuawei Share function in P30 9.1.0.193(C00E190R2P1) smartphone has an insufficient input validation vulnerability. Attackers can exploit this vulnerability by sending crafted packets to the affected device. Successful exploit may cause the function will be disabled.2019-12-235CVE-2019-5266
CONFIRM
ibm -- cognos_analyticsIBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 159356.2019-12-204.3CVE-2019-4231
XF
CONFIRM
ibm -- cognos_business_intelligenceIBM Cognos Business Intelligence 10.2.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 153179.2019-12-206.8CVE-2018-1934
XF
CONFIRM
ibm -- financial_transaction_managerIBM Financial Transaction Manager 3.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 172706.2019-12-204.3CVE-2019-4736
XF
CONFIRM
ibm -- financial_transaction_managerIBM Financial Transaction Manager 3.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 172877.2019-12-204.3CVE-2019-4742
XF
CONFIRM
ibm -- financial_transaction_managerIBM Financial Transaction Manager 3.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 172880.2019-12-204.3CVE-2019-4743
XF
CONFIRM
ibm -- financial_transaction_managerIBM Financial Transaction Manager 3.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 172882.2019-12-204.3CVE-2019-4744
XF
CONFIRM
lout -- loutLout 3.40 has a buffer overflow in the StringQuotedWord() function in z39.c.2019-12-206.8CVE-2019-19917
MISC
lout -- loutLout 3.40 has a heap-based buffer overflow in the srcnext() function in z02.c.2019-12-206.8CVE-2019-19918
MISC

Back to top

 

Low Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
huawei -- oceanstor_sns3096Huawei OceanStor SNS3096 V100R002C01 have an information disclosure vulnerability. Attackers with low privilege can exploit this vulnerability by performing some specific operations. Successful exploit of this vulnerability can cause some information disclosure.2019-12-232.1CVE-2019-5267
CONFIRM
ibm -- cognos_analyticsIBM Cognos Analytics 11.0 and 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 166204.2019-12-203.5CVE-2019-4555
XF
CONFIRM

Back to top

 

Severity Not Yet Assigned

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
abcprintf -- upload-image-with-ajaxDue to a logic error in the code, upload-image-with-ajax v1.0 allows arbitrary files to be uploaded to the web root allowing code execution.2019-12-23not yet calculatedCVE-2019-8293
MLIST
MISC
alcatel-lucent_enterprise -- omnivista_4760_and_8770_devicesAn issue was discovered on Alcatel-Lucent OmniVista 4760 devices, and 8770 devices before 4.1.2. An incorrect web server configuration allows a remote unauthenticated attacker to retrieve the content of its own session files. Every session file contains the administrative LDAP credentials encoded in a reversible format. Sessions are stored in /sessions/sess_<sessionid>.2019-12-27not yet calculatedCVE-2019-20047
MISC
MISC
MISC
MISC
alcatel-lucent_enterprise -- omnivista_4760_devicesAn issue was discovered on Alcatel-Lucent OmniVista 4760 devices. A remote unauthenticated attacker can chain a directory traversal (which helps to bypass authentication) with an insecure file upload to achieve Remote Code Execution as SYSTEM. The directory traversal is in the __construct() whereas the insecure file upload is in SetSkinImages().2019-12-27not yet calculatedCVE-2019-20049
MISC
MISC
MISC
MISC
alcatel-lucent_enterprise -- omnivista_8770_devicesAn issue was discovered on Alcatel-Lucent OmniVista 8770 devices before 4.1.2. An authenticated remote attacker, with elevated privileges in the Web Directory component on port 389, may upload a PHP file to achieve Remote Code Execution as SYSTEM.2019-12-27not yet calculatedCVE-2019-20048
MISC
MISC
MISC
MISC
apache -- tomcatWhen using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker could perform a session fixation attack. The window was considered too narrow for an exploit to be practical but, erring on the side of caution, this issue has been treated as a security vulnerability.2019-12-23not yet calculatedCVE-2019-17563
CONFIRM
BUGTRAQ
DEBIAN
apache -- tomcatWhen Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0.97 is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack to capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and gain complete control over the Tomcat instance.2019-12-23not yet calculatedCVE-2019-12418
CONFIRM
BUGTRAQ
DEBIAN
appleple -- a-blog_cmsa-blog cms versions prior to Ver.2.10.23 (Ver.2.10.x), Ver.2.9.26 (Ver.2.9.x), and Ver.2.8.64 (Ver.2.8.x) allows arbitrary scripts to be executed in the context of the application due to unspecified vectors.2019-12-26not yet calculatedCVE-2019-6034
MISC
MISC
appleple -- a-blog_cmsCross-site scripting vulnerability in a-blog cms versions prior to Ver.2.10.23 (Ver.2.10.x), Ver.2.9.26 (Ver.2.9.x), and Ver.2.8.64 (Ver.2.8.x) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.2019-12-26not yet calculatedCVE-2019-6033
MISC
MISC
archery -- archeryIn Archery before 1.3, inserting an XSS payload into a project name (either by creating a new project or editing an existing one) will result in stored XSS on the vulnerability-scan scheduling page.2019-12-26not yet calculatedCVE-2019-20008
MISC
MISC
MISC
artica -- pandora_fmsPandora FMS 7.x suffers from remote code execution vulnerability. With an authenticated user who can modify the alert system, it is possible to define and execute Commands in the context of the Application.2019-12-26not yet calculatedCVE-2019-19681
MISC
avtech -- avn801_dvrAVTECH AVN801 DVR has a security bypass via the administration login captcha2019-12-27not yet calculatedCVE-2013-4982
MISC
MISC
MISC
belkin -- f5d8236-4_wireless_routerAn authentication bypass exists in the web management interface in Belkin F5D8236-4 v2.2019-12-26not yet calculatedCVE-2013-3085
MISC
belkin -- n900_routerBelkin N900 router (F9K1104v1) contains an Authentication Bypass using "Javascript debugging".2019-12-26not yet calculatedCVE-2013-3088
MISC
MISC
bullguard -- premium_protectionThe malware scan function in BullGuard Premium Protection 20.0.371.8 has a TOCTOU issue that enables a symbolic link attack, allowing privileged files to be deleted.2019-12-26not yet calculatedCVE-2019-20000
MISC
check_point -- endpoint_security_client_for_windowsA denial of service vulnerability was reported in Check Point Endpoint Security Client for Windows before E82.10, that could allow service log file to be written to non-standard locations.2019-12-23not yet calculatedCVE-2019-8463
CONFIRM
citrix -- application_delivery_controller_and_gatewayAn issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.2019-12-27not yet calculatedCVE-2019-19781
CONFIRM
crushftp -- crushftpCrushFTP through 8.3.0 is vulnerable to credentials theft via URL redirection.2019-12-26not yet calculatedCVE-2018-18288
MISC
MISC
cybozu -- cybozu_officeDirectory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.3 allows remote authenticated attackers to alter arbitrary files via the 'Customapp' function.2019-12-26not yet calculatedCVE-2019-6022
MISC
MISC
cybozu -- cybozu_officeCybozu Office 10.0.0 to 10.8.3 allows remote authenticated attackers to bypass access restriction which may result in obtaining data without access privileges via the application 'Address'.2019-12-26not yet calculatedCVE-2019-6023
MISC
MISC
d-link -- dba-1510P_firmwareDBA-1510P firmware 1.70b009 and earlier allows authenticated attackers to execute arbitrary OS commands via Command Line Interface (CLI).2019-12-26not yet calculatedCVE-2019-6013
MISC
MISC
d-link -- dba-1510P_firmwareDBA-1510P firmware 1.70b009 and earlier allows an attacker to execute arbitrary OS commands via Web User Interface.2019-12-26not yet calculatedCVE-2019-6014
MISC
MISC
d-link -- dir-601_b1_devicesD-Link DIR-601 B1 2.00NA devices have CSRF because no anti-CSRF token is implemented. A remote attacker could exploit this in conjunction with CVE-2019-16327 to enable remote router management and device compromise. NOTE: this is an end-of-life product.2019-12-26not yet calculatedCVE-2019-16326
MISC
d-link -- dir-601_devicesD-Link DIR-601 B1 2.00NA devices are vulnerable to authentication bypass. They do not check for authentication at the server side and rely on client-side validation, which is bypassable. NOTE: this is an end-of-life product.2019-12-26not yet calculatedCVE-2019-16327
MISC
d-link -- dwr-113_wifi_routerCross-site request forgery (CSRF) vulnerability in D-Link DWR-113 (Rev. Ax) with firmware before 2.03b02 allows remote attackers to hijack the authentication of administrators for requests that change the admin password via unspecified vectors.2019-12-27not yet calculatedCVE-2014-3136
XF
MISC
BID
debian -- debian-edu-configDebian-edu-config all versions < 2.11.10, a set of configuration files used for Debian Edu, and debian-lan-config < 0.26, configured too permissive ACLs for the Kerberos admin server, which allowed password changes for other Kerberos user principals.2019-12-23not yet calculatedCVE-2019-3467
MISC
CONFIRM
MLIST
BUGTRAQ
BUGTRAQ
CONFIRM
DEBIAN
DEBIAN
electronic_arts -- karotz_apiKarotz API 12.07.19.00: Session Token Information Disclosure2019-12-27not yet calculatedCVE-2013-4868
MISC
MISC
MISC
electronic_arts -- karotz_smart_rabbitElectronic Arts Karotz Smart Rabbit 12.07.19.00 allows Python module hijacking2019-12-27not yet calculatedCVE-2013-4867
MISC
MISC
equinox -- control_expertEquinox Control Expert all versions, is vulnerable to an SQL injection attack, which may allow an attacker to remotely execute arbitrary code.2019-12-23not yet calculatedCVE-2019-18234
MISC
ezxml -- ezxmlAn issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing a crafted XML file, performs incorrect memory handling, leading to a heap-based buffer over-read while running strchr() starting with a pointer after a '\0' character (where the processing of a string was finished).2019-12-26not yet calculatedCVE-2019-20005
MISC
ezxml -- ezxmlAn issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_char_content puts a pointer to the internal address of a larger block as xml->txt. This is later deallocated (using free), leading to a segmentation fault.2019-12-26not yet calculatedCVE-2019-20006
MISC
ezxml -- ezxml
 
An issue was discovered in ezXML 0.8.2 through 0.8.6. The function ezxml_str2utf8, while parsing a crafted XML file, performs zero-length reallocation in ezxml.c, leading to returning a NULL pointer (in some compilers). After this, the function ezxml_parse_str does not check whether the s variable is not NULL in ezxml.c, leading to a NULL pointer dereference and crash (segmentation fault).2019-12-26not yet calculatedCVE-2019-20007
MISC
f5 -- big-ipOn BIG-IP versions 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5, while processing traffic through a standard virtual server that targets a FastL4 virtual server (VIP on VIP), hardware appliances may stop responding.2019-12-23not yet calculatedCVE-2019-6680
CONFIRM
f5 -- big-ipOn BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, the Traffic Management Microkernel (TMM) might stop responding after the total number of diameter connections and pending messages on a single virtual server has reached 32K.2019-12-23not yet calculatedCVE-2019-6686
CONFIRM
f5 -- big-ipOn BIG-IP versions 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.5, under certain conditions when using custom TCP congestion control settings in a TCP profile, TMM stops processing traffic when processed by an iRule.2019-12-23not yet calculatedCVE-2019-6677
CONFIRM
f5 -- big-ipOn BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, users with access to edit iRules are able to create iRules which can lead to an elevation of privilege, configuration modification, and arbitrary system command execution.2019-12-23not yet calculatedCVE-2019-6685
CONFIRM
f5 -- big-ipOn BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.5, a memory leak in Multicast Forwarding Cache (MFC) handling in tmrouted.2019-12-23not yet calculatedCVE-2019-6681
CONFIRM
f5 -- big-ipOn BIG-IP versions 15.0.0-15.0.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, the TMM process may restart when the packet filter feature is enabled.2019-12-23not yet calculatedCVE-2019-6678
CONFIRM
f5 -- big-ipOn BIG-IP versions 15.0.0-15.0.1, 14.1.0.2-14.1.2.2, 14.0.0.5-14.0.1, 13.1.1.5-13.1.3.1, 12.1.4.1-12.1.5, 11.6.4-11.6.5, and 11.5.9-11.5.10, the access controls implemented by scp.whitelist and scp.blacklist are not properly enforced for paths that are symlinks. This allows authenticated users with SCP access to overwrite certain configuration files that would otherwise be restricted.2019-12-23not yet calculatedCVE-2019-6679
CONFIRM
f5 -- big-ip_and_big-iqOn BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5 and BIG-IQ versions 6.0.0-6.1.0 and 5.2.0-5.4.0, a user is able to obtain the secret that was being used to encrypt a BIG-IP UCS backup file while sending SNMP query to the BIG-IP or BIG-IQ system, however the user can not access to the UCS files.2019-12-23not yet calculatedCVE-2019-6688
CONFIRM
f5 -- big-ip_apmOn versions 15.0.0-15.0.1.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, the BIG-IP APM system logs the client-session-id when a per-session policy is attached to the virtual server with debug logging enabled.2019-12-23not yet calculatedCVE-2019-19150
CONFIRM
f5 -- big-ip_asmOn versions 15.0.0-15.0.1.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, the BIG-IP ASM system may consume excessive resources when processing certain types of HTTP responses from the origin web server. This vulnerability is only known to affect resource-constrained systems in which the security policy is configured with response-side features, such as Data Guard or response-side learning.2019-12-23not yet calculatedCVE-2019-6682
CONFIRM
f5 -- big-ip_asmOn versions 15.0.0-15.0.1.1, the BIG-IP ASM Cloud Security Services profile uses a built-in verification mechanism that fails to properly authenticate the X.509 certificate of remote endpoints.2019-12-23not yet calculatedCVE-2019-6687
CONFIRM
f5 -- big-ip_virtual_clustered_multiprocessingOn versions 15.0.0-15.0.1.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, under certain conditions, a multi-bladed BIG-IP Virtual Clustered Multiprocessing (vCMP) may drop broadcast packets when they are rebroadcast to the vCMP guest secondary blades. An attacker can leverage the fragmented broadcast IP packets to perform any type of fragmentation-based attack.2019-12-23not yet calculatedCVE-2019-6684
CONFIRM
f5 -- big-ip_virtual_editionOn versions 15.0.0-15.0.1, 14.0.0-14.1.2.2, and 13.1.0-13.1.3.1, TMM may restart on BIG-IP Virtual Edition (VE) when using virtio direct descriptors and packets 2 KB or larger.2019-12-23not yet calculatedCVE-2019-6676
CONFIRM
f5 -- big-ip_virtual_serversOn versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, BIG-IP virtual servers with Loose Initiation enabled on a FastL4 profile may be subject to excessive flow usage under undisclosed conditions.2019-12-23not yet calculatedCVE-2019-6683
CONFIRM
f5 -- multiple_productsOn BIG-IP versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, BIG-IQ versions 7.0.0, 6.0.0-6.1.0, and 5.0.0-5.4.0, iWorkflow version 2.3.0, and Enterprise Manager version 3.1.1, authenticated users granted TMOS Shell (tmsh) privileges are able access objects on the file system which would normally be disallowed by tmsh restrictions. This allows for authenticated, low privileged attackers to access objects on the file system which would not normally be allowed.2019-12-23not yet calculatedCVE-2019-19151
CONFIRM
fermax -- outdoor_panelAn access control weakness in the DTMF tone receiver of Fermax Outdoor Panel allows physical attackers to inject a Dual-Tone-Multi-Frequency (DTMF) tone to invoke an access grant that would allow physical access to a restricted floor/level. By design, only a residential unit owner may allow such an access grant. However, due to incorrect access control, an attacker could inject it via the speaker unit to perform an access grant to gain unauthorized access, as demonstrated by a loud DTMF tone representing '1' and a long '#' (697 Hz and 1209 Hz, followed by 941 Hz and 1477 Hz).2019-12-24not yet calculatedCVE-2017-16778
MISC
forcepoint -- ngfw_security_management_centerForcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12 or 6.7.1 have a rare issue that in specific circumstances can corrupt the internal configuration database. When the database is corrupted, the SMC might produce an incorrect IPsec configuration for the Forcepoint Next Generation Firewall (NGFW), possibly resulting in settings that are weaker than expected. All SMC versions lower than 6.5.12 or 6.7.1 are vulnerable.2019-12-23not yet calculatedCVE-2019-6147
CONFIRM
forum_software -- reviewboardReviewBoard 1.6.17 allows code execution by attaching PHP scripts to review request2019-12-27not yet calculatedCVE-2013-4796
MISC
MISC
gitlab -- community_and_enterprise_editionAn issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control (issue 2 of 6).2019-12-26not yet calculatedCVE-2018-20492
MISC
MISC
gnome -- libxml2xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.2019-12-24not yet calculatedCVE-2019-19956
MISC
MLIST
gnu -- libredwgAn issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decode_R13_R2000 in decode.c.2019-12-27not yet calculatedCVE-2019-20011
MISC
MISC
gnu -- libredwgAn issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c.2019-12-27not yet calculatedCVE-2019-20014
MISC
MISC
MISC
gnu -- libredwgAn issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_HATCH_private in dwg.spec.2019-12-27not yet calculatedCVE-2019-20012
MISC
MISC
gnu -- libredwgAn issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_SPLINE_private in dwg.spec.2019-12-27not yet calculatedCVE-2019-20009
MISC
MISC
MISC
gnu -- libredwgAn issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolve_objectref_vector in decode.c.2019-12-27not yet calculatedCVE-2019-20010
MISC
MISC
gnu -- libredwgAn issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_LWPOLYLINE_private in dwg.spec.2019-12-27not yet calculatedCVE-2019-20015
MISC
MISC
gnu -- libredwgAn issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode_3dsolid in dwg.spec.2019-12-27not yet calculatedCVE-2019-20013
MISC
MISC
MISC
graphicsmagick -- graphicsmagickIn GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c.2019-12-24not yet calculatedCVE-2019-19953
MISC
MISC
graphicsmagick -- graphicsmagickIn GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c.2019-12-24not yet calculatedCVE-2019-19951
MISC
MISC
graphicsmagick -- graphicsmagickIn GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c.2019-12-24not yet calculatedCVE-2019-19950
MISC
MISC
halo -- haloHalo before 1.2.0-beta.1 allows Server Side Template Injection (SSTI) because TemplateClassResolver.SAFER_RESOLVER is not used in the FreeMarker configuration.2019-12-26not yet calculatedCVE-2019-19999
MISC
MISC
MISC
hikvision -- ds-2cd7153-e_ip_cameraHikvision DS-2CD7153-E IP Camera has Privilege Escalation2019-12-27not yet calculatedCVE-2013-4975
MISC
MISC
MISC
hikvision -- ds-2cd7153-e_ip_cameraHikvision DS-2CD7153-E IP Camera has security bypass via hardcoded credentials2019-12-27not yet calculatedCVE-2013-4976
MISC
MISC
MISC
huawei -- m5_lite_10M5 lite 10 with versions of 8.0.0.182(C00) have an insufficient input validation vulnerability. Due to the input validation logic is incorrect, an attacker can exploit this vulnerability to modify the memory of the device by doing a series of operations. Successful exploit may lead to malicious code execution.2019-12-26not yet calculatedCVE-2019-19398
CONFIRM
huawei -- usg9500_devicesUSG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in an infinite loop, an attacker may exploit the vulnerability via a malicious certificate to perform a denial of service attack on the affected products.2019-12-26not yet calculatedCVE-2019-5274
CONFIRM
huawei -- usg9500_devicesUSG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in a heap buffer overflow when decoding a certificate, an attacker may exploit the vulnerability by a malicious certificate to perform a denial of service attack on the affected products.2019-12-26not yet calculatedCVE-2019-5275
CONFIRM
huawei -- usg9500_devicesUSG9500 with versions of V500R001C30;V500R001C60 have a missing integrity checking vulnerability. The software of the affected products does not check the integrity which may allow an attacker with high privilege to make malicious modifications without detection.2019-12-26not yet calculatedCVE-2019-5272
CONFIRM
huawei -- usg9500_devicesUSG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in a large heap buffer overrun error, an attacker may exploit the vulnerability by a malicious certificate, resulting a denial of service on the affected products.2019-12-26not yet calculatedCVE-2019-5273
CONFIRM
imagemagick -- imagemagickIn ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.2019-12-24not yet calculatedCVE-2019-19948
MISC
MLIST
imagemagick -- imagemagickIn ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to ReadOneMNGImage.2019-12-24not yet calculatedCVE-2019-19952
MISC
imagemagick -- imagemagickIn ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.2019-12-24not yet calculatedCVE-2019-19949
MISC
MLIST
information-technology_promotion_agency -- stamp_workbench_installerUntrusted search path vulnerability in STAMP Workbench installer all versions allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.2019-12-26not yet calculatedCVE-2019-6019
MISC
MISC
insteon -- insteon_hubINSTEON Hub 2242-222 lacks Web and API authentication2019-12-27not yet calculatedCVE-2013-4859
MISC
MISC
intelbras -- iwr_3000n_devicesA CSRF issue was discovered on Intelbras IWR 3000N 1.8.7 devices, leading to complete control of the router, as demonstrated by v1/system/user.2019-12-26not yet calculatedCVE-2019-19995
MISC
intelbras -- iwr_3000n_devicesAn issue was discovered on Intelbras IWR 3000N 1.8.7 devices. A malformed login request allows remote attackers to cause a denial of service (reboot), as demonstrated by JSON misparsing of the \""} string to v1/system/login.2019-12-26not yet calculatedCVE-2019-19996
MISC
jetbrains -- ktor_frameworkJetBrains Ktor framework before version 1.2.6 was vulnerable to HTTP Response Splitting.2019-12-26not yet calculatedCVE-2019-19389
MISC
MISC
joomla! -- joomla!Xorbin Analog Flash Clock 1.0 extension for Joomia has XSS2019-12-27not yet calculatedCVE-2013-4692
MISC
MISC
MISC
k7_computing -- ultimate_securityIn K7 Ultimate Security 16.0.0117, the module K7BKCExt.dll (aka the backup module) improperly validates the administrative privileges of the user, allowing an arbitrary file write via a symbolic link attack with file restoration functionality.2019-12-27not yet calculatedCVE-2019-16896
MISC
MISC
kinza -- kinza_for_windowsCross-site scripting vulnerability in KINZA for Windows version 5.9.2 and earlier and for Mac version 5.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via RSS reader.2019-12-26not yet calculatedCVE-2019-6031
MISC
MISC
libesmtp -- libesmtplibESMTP through 1.0.6 mishandles domain copying into a fixed-size buffer in ntlm_build_type_2 in ntlm/ntlmstruct.c, as demonstrated by a stack-based buffer over-read.2019-12-26not yet calculatedCVE-2019-19977
MISC
MISC
MISC
libiec61850 -- libiec61850In libIEC61850 1.4.0, MmsValue_newOctetString in mms/iso_mms/common/mms_value.c has an integer signedness error that can lead to an attempted excessive memory allocation.2019-12-23not yet calculatedCVE-2019-19930
MISC
libiec61850 -- libiec61850In libIEC61850 1.4.0, BerDecoder_decodeUint32 in mms/asn1/ber_decode.c has an out-of-bounds read, related to intLen and bufPos.2019-12-23not yet calculatedCVE-2019-19944
MISC
libiec61850 -- libiec61850In libIEC61850 1.4.0, MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c has a heap-based buffer overflow.2019-12-23not yet calculatedCVE-2019-19931
MISC
libiec61850 -- libiec61850In libIEC61850 1.4.0, StringUtils_createStringFromBuffer in common/string_utilities.c has an integer signedness issue that could lead to an attempted excessive memory allocation and denial of service.2019-12-24not yet calculatedCVE-2019-19958
MISC
libiec61850 -- libiec61850In libIEC61850 1.4.0, getNumberOfElements in mms/iso_mms/server/mms_access_result.c has an out-of-bounds read vulnerability, related to bufPos and elementLength.2019-12-24not yet calculatedCVE-2019-19957
MISC
libsixel_project -- libsixelA memory leak was discovered in image_buffer_resize in fromsixel.c in libsixel 1.8.4.2019-12-27not yet calculatedCVE-2019-20023
MISC
libsixel_project -- libsixelA heap-based buffer overflow was discovered in image_buffer_resize in fromsixel.c in libsixel before 1.8.4.2019-12-27not yet calculatedCVE-2019-20024
MISC
libsixel_project -- libsixelAn invalid memory address dereference was discovered in load_pnm in frompnm.c in libsixel before 1.8.3.2019-12-27not yet calculatedCVE-2019-20022
MISC
linux -- linux_kernelIn the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655.2019-12-25not yet calculatedCVE-2019-19966
MISC
MISC
linux -- linux_kernelIn the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5.2019-12-25not yet calculatedCVE-2019-19965
MISC
linux -- linux_kernelIn the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c.2019-12-24not yet calculatedCVE-2019-19947
MLIST
MISC
linux -- linux_kernelIn the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka CID-23da9588037e.2019-12-28not yet calculatedCVE-2019-20054
MISC
MISC
MISC
MISC
linux -- linux_kernelAn exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to different denial-of-service scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already existing clients in other nearby APs of the same wireless infrastructure. An attacker can forge Authentication and Association Request packets to trigger this vulnerability.2019-12-23not yet calculatedCVE-2019-5108
MISC
linux -- linux_kernelkernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1. (In other words, although this slice expiration would typically be seen with benign workloads, it is possible that an attacker could calculate how many stray requests are required to force an entire Kubernetes cluster into a low-performance state caused by slice expiration, and ensure that a DDoS attack sent that number of stray requests. An attack does not affect the stability of the kernel; it only causes mismanagement of application execution.)2019-12-22not yet calculatedCVE-2019-19922
MISC
MISC
MISC
MISC
MISC
livefyre -- livecommentsCross-site scripting (XSS) vulnerability in Livefyre LiveComments 3.0 allows remote attackers to inject arbitrary web script or HTML via the name of an uploaded picture.2019-12-27not yet calculatedCVE-2014-6420
MISC
XF
magnolia_international -- magnolia_cmsMagnolia CMS before 4.5.9 has multiple access bypass vulnerabilities2019-12-27not yet calculatedCVE-2013-4621
MISC
MISC
malwarebytes -- adwcleanerAn Untrusted Search Path vulnerability in Malwarebytes AdwCleaner before 8.0.1 could cause arbitrary code execution with SYSTEM privileges when a malicious DLL library is loaded by the product.2019-12-23not yet calculatedCVE-2019-19929
MISC
MISC
MISC
mongo-express -- mongo-expressmongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method. A misuse of the `vm` dependency to perform `exec` commands in a non-safe environment.2019-12-24not yet calculatedCVE-2019-10758
MISC
motex -- multiple_productsPrivilege escalation vulnerability in Multiple MOTEX products (LanScope Cat client program (MR) and LanScope Cat client program (MR)LanScope Cat detection agent (DA) prior to Ver.9.2.1.0, LanScope Cat server monitoring agent (SA, SAE) prior to Ver.9.2.2.0, LanScope An prior to Ver 2.7.7.0 (LanScope An 2 series), and LanScope An prior to Ver 3.0.8.1 (LanScope An 3 series)) allow authenticated attackers to obtain unauthorized privileges and execute arbitrary code.2019-12-26not yet calculatedCVE-2019-6026
MISC
MISC
movable_type -- multiple_productsOpen redirect vulnerability in Movable Type series Movable Type 7 r.4602 (7.1.3) and earlier (Movable Type 7), Movable Type 6.5.0 and 6.5.1 (Movable Type 6.5), Movable Type 6.3.9 and earlier (Movable Type 6.3.x, 6.2.x, 6.1.x, 6.0.x), Movable Type Advanced 7 r.4602 (7.1.3) and earlier (Movable Type 7), Movable Type Advanced 6.5.0 and 6.5.1 (Movable Type 6.5), Movable Type Advanced 6.3.9 and earlier (Movable Type 6.3.x, 6.2.x, 6.1.x, 6.0.x), Movable Type Premium 1.24 and earlier (Movable Type Premium), and Movable Type Premium (Advanced Edition) 1.24 and earlier (Movable Type Premium) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL.2019-12-26not yet calculatedCVE-2019-6025
MISC
MISC
netcommons -- netcommonsCross-site scripting vulnerability in NetCommons 3.2.2 and earlier (NetCommons3.x) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.2019-12-26not yet calculatedCVE-2019-6018
MISC
MISC
nippon_television_network_corporation -- ntv_news24_appThe NTV News24 prior to Ver.3.0.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.2019-12-26not yet calculatedCVE-2019-6032
MISC
MISC
nvidia -- geforce_experienceNVIDIA GeForce Experience, all versions prior to 3.20.2, contains a vulnerability when GameStream is enabled in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges.2019-12-24not yet calculatedCVE-2019-5702
CONFIRM
open_dynamics -- collabtiveCollabtive 1.0 has incorrect access control2019-12-27not yet calculatedCVE-2013-5027
MISC
open_tftp_server_mt -- open_tftp_server_mtStack-based overflow vulnerability in the logMess function in Open TFTP Server MT 1.65 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via a long TFTP error packet, a different vulnerability than CVE-2018-10387 and CVE-2019-12568.2019-12-23not yet calculatedCVE-2019-12567
MISC
open_tftp_server_sp -- open_tftp_server_spStack-based overflow vulnerability in the logMess function in Open TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via a long TFTP error packet, a different vulnerability than CVE-2018-10387 and CVE-2019-12567.2019-12-23not yet calculatedCVE-2019-12568
MISC
openjdk -- openjdkAn information disclosure flaw was found in the way the Java Virtual Machine (JVM) implementation of Java SE 7 as provided by OpenJDK 7 incorrectly initialized integer arrays after memory allocation (in certain circumstances they had nonzero elements right after the allocation). A remote attacker could use this flaw to obtain potentially sensitive information.2019-12-26not yet calculatedCVE-2012-4420
MISC
MISC
MISC
MISC
MISC
MISC
MISC
orchestra_technologies -- c1_cmsAn issue was discovered in Orckestra C1 CMS through 6.6. The EntityTokenSerializer class in Composite.dll is prone to unvalidated deserialization of wrapped BinaryFormatter payloads, leading to arbitrary remote code execution for any low-privilege user.2019-12-23not yet calculatedCVE-2019-18211
MISC
palo_alto_networks -- pan-osImproper restriction of communications to Log Forwarding Card (LFC) on PA-7000 Series devices with second-generation Switch Management Card (SMC) may allow an attacker with network access to the LFC to gain root access to PAN-OS. This issue affects PAN-OS 9.0 versions prior to 9.0.5-h3 on PA-7080 and PA-7050 devices with an LFC installed and configured. This issue does not affect PA-7000 Series deployments using the first-generation SMC and the Log Processing Card (LPC). This issue does not affect any other PA series devices. This issue does not affect devices without an LFC. This issue does not affect PAN-OS 8.1 or prior releases. This issue only affected a very limited number of customers and we undertook individual outreach to help them upgrade. At the time of publication, all identified customers have upgraded SW or content and are not impacted.2019-12-20not yet calculatedCVE-2019-17440
CONFIRM
pax-linux -- pax-linuxA locally locally exploitable DOS vulnerability was found in pax-linux versions 2.6.32.33-test79.patch, 2.6.38-test3.patch, and 2.6.37.4-test14.patch. A bad bounds check in arch_get_unmapped_area_topdown triggered by programs doing an mmap after a MAP_GROWSDOWN mmap will create an infinite loop condition without releasing the VM semaphore eventually leading to a system crash.2019-12-26not yet calculatedCVE-2011-1474
MISC
MISC
php -- phpIn PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access.2019-12-23not yet calculatedCVE-2019-11045
MISC
MLIST
php -- phpWhen PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.2019-12-23not yet calculatedCVE-2019-11047
MISC
MLIST
php -- phpIn PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP bcmath extension functions on some systems, including Windows, can be tricked into reading beyond the allocated space by supplying it with string containing characters that are identified as numeric by the OS but aren't ASCII numbers. This can read to disclosure of the content of some memory locations.2019-12-23not yet calculatedCVE-2019-11046
MISC
MLIST
php -- phpIn PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 on Windows, PHP link() function accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access.2019-12-23not yet calculatedCVE-2019-11044
MISC
php -- phpIn PHP versions 7.3.x below 7.3.13 and 7.4.0 on Windows, when supplying custom headers to mail() function, due to mistake introduced in commit 78f4b4a2dcf92ddbccea1bb95f8390a18ac3342e, if the header is supplied in lowercase, this can result in double-freeing certain memory locations.2019-12-23not yet calculatedCVE-2019-11049
MISC
php -- phpWhen PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.2019-12-23not yet calculatedCVE-2019-11050
MISC
MLIST
powercms -- powercmsOpen redirect vulnerability in PowerCMS 5.12 and earlier (PowerCMS 5.x), 4.42 and earlier (PowerCMS 4.x), and 3.293 and earlier (PowerCMS 3.x) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL.2019-12-26not yet calculatedCVE-2019-6020
MISC
MISC
pylons_project -- waitressIn Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests containing special whitespace characters in the Transfer-Encoding header would get parsed by Waitress as being a chunked request, but a front-end server would use the Content-Length instead as the Transfer-Encoding header is considered invalid due to containing invalid characters. If a front-end server does HTTP pipelining to a backend Waitress server this could lead to HTTP request splitting which may lead to potential cache poisoning or unexpected information disclosure. This issue is fixed in Waitress 1.4.1 through more strict HTTP field validation.2019-12-26not yet calculatedCVE-2019-16789
MISC
CONFIRM
MISC
rakuten -- rakuma_app_for_android_and_iosRakuma App for Android version 7.15.0 and earlier, and for iOS version 7.16.4 and earlier allows an attacker to bypass authentication and obtain the user's authentication information via a malicious application created by the third party.2019-12-26not yet calculatedCVE-2019-6024
MISC
MISC
MISC
ratbox -- ircd_ratboxircd-ratbox 3.0.9 mishandles the MONITOR command which allows remote attackers to cause a denial of service (system out-of-memory event).2019-12-26not yet calculatedCVE-2015-5290
MISC
MISC
red_hat -- ceph_storageA flaw was found in Red Hat Ceph Storage version 3 in the way the Ceph RADOS Gateway daemon handles S3 requests. An authenticated attacker can abuse this flaw by causing a remote denial of service by sending a specially crafted HTTP Content-Length header to the Ceph RADOS Gateway server.2019-12-23not yet calculatedCVE-2019-19337
CONFIRM
red_hat -- networkmanagerIn NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in AdHoc mode, it created an open/insecure network.2019-12-26not yet calculatedCVE-2012-2736
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
reliable_controls -- mach-prowebcom/sysReliable Controls MACH-ProWebCom/Sys, all versions prior to 2.15 (Firmware versions prior to 8.26.4), may allow attacker to execute commands on behalf of the user when an authenticated user clicks on a malicious link.2019-12-24not yet calculatedCVE-2019-18249
MISC
remise -- payment_moduleREMISE Payment Module (2.11, 2.12 and 2.13) version 3.0.12 and earlier allow remote attackers to [Disclosed_Information_type] via unspecified vectors.2019-12-26not yet calculatedCVE-2019-6017
MISC
MISC
remise -- payment_moduleCross-site scripting vulnerability in REMISE Payment Module (2.11, 2.12 and 2.13) version 3.0.12 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.2019-12-26not yet calculatedCVE-2019-6016
MISC
MISC
ricoh -- library_information_management_system_limedioOpen redirect vulnerability in Library Information Management System LIMEDIO all versions allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL.2019-12-26not yet calculatedCVE-2019-6021
MISC
MISC
ruby_gem_features_for_ruby_on_rails -- ruby_gem_features_for_ruby_on_railsFile injection vulnerability in Ruby gem Features 0.3.0 allows remote attackers to inject malicious html in the /tmp directory.2019-12-26not yet calculatedCVE-2013-4318
MISC
MISC
sa-exim -- sa-eximsa-exim 4.2.1 allows attackers to execute arbitrary code if they can write a .cf file or a rule. This occurs because Greylisting.pm relies on eval (rather than direct parsing and/or use of the taint feature). This issue is similar to CVE-2018-11805.2019-12-22not yet calculatedCVE-2019-19920
MISC
MISC
MISC
samsung -- galaxy_s3/s4_smartphonesSamsung Galaxy S3/S4 exposes an unprotected component allowing an unprivileged app to send arbitrary SMS texts to arbitrary destinations without permission.2019-12-27not yet calculatedCVE-2013-4764
MISC
MISC
samsung -- galaxy_s3/s4_smartphonesSamsung Galaxy S3/S4 exposes an unprotected component allowing arbitrary SMS text messages without requesting permission.2019-12-27not yet calculatedCVE-2013-4763
MISC
MISC
sencha_labs -- connectSencha Labs Connect has XSS with connect.methodOverride()2019-12-27not yet calculatedCVE-2013-4691
MISC
senkas -- kolibriBuffer overflow in Senkas Kolibri 2.0 allows remote attackers to execute arbitrary code via a long URI in a POST request.2019-12-27not yet calculatedCVE-2014-5289
MISC
BID
XF
signal -- signal_desktop_on_windowsSignal Desktop before 1.29.1 on Windows allows local users to gain privileges by creating a Trojan horse %SYSTEMDRIVE%\node_modules\.bin\wmic.exe file.2019-12-24not yet calculatedCVE-2019-19954
MISC
MISC
sonicwall -- email_security_applianceA vulnerability in SonicWall Email Security appliance allow an unauthenticated user to perform remote code execution. This vulnerability affected Email Security Appliance version 10.0.2 and earlier.2019-12-23not yet calculatedCVE-2019-7489
CONFIRM
sonicwall -- email_security_applianceWeak default password cause vulnerability in SonicWall Email Security appliance which leads to attacker gain access to appliance database. This vulnerability affected Email Security Appliance version 10.0.2 and earlier.2019-12-23not yet calculatedCVE-2019-7488
CONFIRM
spbas_-- business_automation_softwareSPBAS Business Automation Software 2012 has CSRF.2019-12-27not yet calculatedCVE-2013-4665
MISC
MISC
spbas_-- business_automation_softwareSPBAS Business Automation Software 2012 has XSS.2019-12-27not yet calculatedCVE-2013-4664
MISC
MISC
MISC
sqlite -- sqlitemultiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880.2019-12-23not yet calculatedCVE-2019-19926
MISC
sqlitte -- sqliteflattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).2019-12-24not yet calculatedCVE-2019-19923
MISC
sqlitte -- sqlitezipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.2019-12-24not yet calculatedCVE-2019-19925
MISC
sqlitte -- sqliteSQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling.2019-12-24not yet calculatedCVE-2019-19924
MISC
static_http_server -- static_http_serverStatic HTTP Server 1.0 has a Local Overflow2019-12-27not yet calculatedCVE-2013-4743
MISC
MISC
symonics -- libmysofalibmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate this issue.2019-12-27not yet calculatedCVE-2019-20016
MISC
MISC
MISC
system_security_services_daemon -- system_security_services_daemonA flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context.2019-12-26not yet calculatedCVE-2012-3462
MISC
MISC
MISC
tbeu -- matioA stack-based buffer over-read was discovered in ReadNextCell in mat5.c in matio 1.5.17.2019-12-27not yet calculatedCVE-2019-20018
MISC
tbeu -- matioA memory leak was discovered in Mat_VarCalloc in mat.c in matio 1.5.17 because SafeMulDims does not consider the rank==0 case.2019-12-27not yet calculatedCVE-2019-20052
MISC
tbeu -- matioA stack-based buffer over-read was discovered in ReadNextStructField in mat5.c in matio 1.5.17.2019-12-27not yet calculatedCVE-2019-20020
MISC
tbeu -- matioA stack-based buffer over-read was discovered in Mat_VarReadNextInfo5 in mat5.c in matio 1.5.17.2019-12-27not yet calculatedCVE-2019-20017
MISC
tbeu -- matioAn attempted excessive memory allocation was discovered in Mat_VarRead5 in mat5.c in matio 1.5.17.2019-12-27not yet calculatedCVE-2019-20019
MISC
tenable -- nessusTenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would potentially impact other admins (Tenable IDs 5218 and 5269).2019-12-27not yet calculatedCVE-2016-1000029
MISC
MISC
MISC
tenable -- nessusTenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would only potentially impact other admins. (Tenable ID 5198).2019-12-27not yet calculatedCVE-2016-1000028
MISC
MISC
CONFIRM
tftp_server_mt -- tftp_server_mtFormat string vulnerability in the logMess function in TFTP Server MT 1.65 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet.2019-12-23not yet calculatedCVE-2018-10389
MISC
tftp_server_sp -- tftp_server_spHeap-based overflow vulnerability in TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or possibly execute arbitrary code via a long TFTP error packet, a different vulnerability than CVE-2008-2161.2019-12-23not yet calculatedCVE-2018-10387
MISC
tftp_server_sp -- tftp_server_spFormat string vulnerability in the logMess function in TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet.2019-12-23not yet calculatedCVE-2018-10388
MISC
thttpd -- thttpdthttpd 2007 has buffer underflow.2019-12-27not yet calculatedCVE-2007-0158
MISC
tigervnc -- tigervncTigerVNC version prior to 1.10.1 is vulnerable to stack buffer overflow, which could be triggered from CMsgReader::readSetCursor. This vulnerability occurs due to insufficient sanitization of PixelFormat. Since remote attacker can choose offset from start of the buffer to start writing his values, exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.2019-12-26not yet calculatedCVE-2019-15695
MISC
MISC
MLIST
tigervnc -- tigervncTigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which occurs in TightDecoder::FilterGradient. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.2019-12-26not yet calculatedCVE-2019-15693
MISC
MISC
MLIST
tigervnc -- tigervncTigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow. Vulnerability could be triggered from CopyRectDecoder due to incorrect value checks. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.2019-12-26not yet calculatedCVE-2019-15692
MISC
MISC
MLIST
tigervnc -- tigervncTigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which could be triggered from DecodeManager::decodeRect. Vulnerability occurs due to the signdness error in processing MemOutStream. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.2019-12-26not yet calculatedCVE-2019-15694
MISC
MISC
MLIST
tigervnc -- tigervncTigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack memory in ZRLEDecoder. If decoding routine would throw an exception, ZRLEDecoder may try to access stack variable, which has been already freed during the process of stack unwinding. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.2019-12-26not yet calculatedCVE-2019-15691
MISC
MISC
MLIST
toshiba -- configfree_utilityMultiple stack-based buffer overflows in CFProfile.exe in Toshiba ConfigFree Utility 8.0.38 allow user-assisted attackers to execute arbitrary code.2019-12-27not yet calculatedCVE-2012-4980
BID
XF
trend_micro -- antivirus_for_macA privilege escalation vulnerability in Trend Micro Antivirus for Mac 2019 (v9.0.1379 and below) could potentially allow an attacker to create a symbolic link to a target file and modify it.2019-12-24not yet calculatedCVE-2019-19695
N/A
upc -- connect_box_eurodocsis_voice_gateway_devicesThe Administration page on Connect Box EuroDOCSIS 3.0 Voice Gateway CH7465LG-NCIP-6.12.18.25-2p6-NOSH devices accepts a cleartext password in a POST request on port 80, as demonstrated by the Password field to the xml/setter.xml URI.2019-12-25not yet calculatedCVE-2019-19967
MISC
upx -- upxA heap-based buffer over-read was discovered in canUnpack in p_mach.cpp in UPX 3.95 via a crafted Mach-O file.2019-12-27not yet calculatedCVE-2019-20021
MISC
upx -- upxA floating-point exception was discovered in PackLinuxElf::elf_hash in p_lx_elf.cpp in UPX 3.95. The vulnerability causes an application crash, which leads to denial of service.2019-12-27not yet calculatedCVE-2019-20051
MISC
upx -- upxAn invalid memory address dereference was discovered in the canUnpack function in p_mach.cpp in UPX 3.95 via a crafted Mach-O file.2019-12-27not yet calculatedCVE-2019-20053
MISC
virglrenderer_project -- virglrendererAn out-of-bounds read in the vrend_blit_need_swizzle function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_BLIT commands.2019-12-23not yet calculatedCVE-2019-18390
REDHAT
MISC
MISC
MISC
virglrenderer_project -- virglrendererA heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service, or QEMU guest-to-host escape and code execution, via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands.2019-12-23not yet calculatedCVE-2019-18389
REDHAT
MISC
MISC
MISC
virglrenderer_project -- virglrendererA NULL pointer dereference in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via malformed commands.2019-12-23not yet calculatedCVE-2019-18388
REDHAT
MISC
MISC
MISC
virglrenderer_project -- virglrendererA heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands.2019-12-23not yet calculatedCVE-2019-18391
REDHAT
MISC
MISC
MISC
vivotek -- multiple_ip_camerasMultiple Vivotek IP Cameras remote authentication bypass that could allow access to the video stream2019-12-27not yet calculatedCVE-2013-4985
MISC
MISC
MISC
vmware -- workstation_and_horizon_view_agentVMware Workstation (15.x prior to 15.5.1) and Horizon View Agent (7.10.x prior to 7.10.1 and 7.5.x prior to 7.5.4) contain a DLL hijacking vulnerability due to insecure loading of a DLL by Cortado Thinprint. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to administrator on a Windows machine where Workstation or View Agent is installed.2019-12-23not yet calculatedCVE-2019-5539
CONFIRM
wecon -- plc_editorMultiple buffer overflow vulnerabilities exist when the PLC Editor Version 1.3.5_20190129 processes project files. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.2019-12-23not yet calculatedCVE-2019-18236
MISC
winamp -- winampWinamp 5.63: Invalid Pointer Dereference leading to Arbitrary Code Execution2019-12-27not yet calculatedCVE-2013-4695
MISC
MISC
wolfssl -- wolfsslAn issue was discovered in wolfSSL before 4.3.0 in a non-default configuration where DSA is enabled. DSA signing uses the BEEA algorithm during modular inversion of the nonce, leading to a side-channel attack against the nonce.2019-12-25not yet calculatedCVE-2019-19963
MISC
MISC
wolfssl -- wolfsslIn wolfSSL before 4.3.0, wc_ecc_mulmod_ex does not properly resist side-channel attacks.2019-12-25not yet calculatedCVE-2019-19960
MISC
MISC
wolfssl -- wolfsslwolfSSL before 4.3.0 mishandles calls to wc_SignatureGenerateHash, leading to fault injection in RSA cryptography.2019-12-25not yet calculatedCVE-2019-19962
MISC
MISC
wordpress -- wordpressIn WordPress before 5.3.1, authenticated users with lower privileges (like contributors) can inject JavaScript code in the block editor, which is executed within the dashboard. It can lead to an admin opening the affected post in the editor leading to XSS.2019-12-26not yet calculatedCVE-2019-16781
CONFIRM
MISC
MISC
MISC
wordpress -- wordpressThe ListingPro theme before v2.0.14.2 for WordPress has Reflected XSS via the What field on the homepage.2019-12-26not yet calculatedCVE-2019-19540
MISC
wordpress -- wordpressThe WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed for CSRF to be exploited on all plugin settings.2019-12-26not yet calculatedCVE-2019-19981
MISC
MISC
wordpress -- wordpressCross-site scripting vulnerability in Custom Body Class 0.6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.2019-12-26not yet calculatedCVE-2019-6029
MISC
MISC
wordpress -- wordpressCross-site request forgery (CSRF) vulnerability in Custom Body Class 0.6.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.2019-12-26not yet calculatedCVE-2019-6030
MISC
MISC
wordpress -- wordpressMultiple cross-site scripting (XSS) vulnerabilities in test-plugin.php in the Swipe Checkout for WP e-Commerce plugin 3.1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) api_key, (2) payment_page_url, (3) merchant_id, (4) api_url, or (5) currency parameter.2019-12-27not yet calculatedCVE-2014-4559
MISC
wordpress -- wordpressThe ListingPro theme before v2.0.14.2 for WordPress has Persistent XSS via the Good For field on the new listing submit page.2019-12-26not yet calculatedCVE-2019-19542
MISC
wordpress -- wordpressCross-site scripting (XSS) vulnerability in test-plugin.php in the Swipe Checkout for WooCommerce plugin 2.7.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the api_url parameter.2019-12-27not yet calculatedCVE-2014-4558
MISC
wordpress -- wordpressThe WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a privilege bypass flaw that allowed authenticated users (Subscriber or greater access) to send test emails from the administrative dashboard on behalf of an administrator. This occurs because the plugin registers a wp_ajax function to send_test_email.2019-12-26not yet calculatedCVE-2019-19980
MISC
MISC
wordpress -- wordpressWordPress users with lower privileges (like contributors) can inject JavaScript code in the block editor using a specific payload, which is executed within the dashboard. This can lead to XSS if an admin opens the post in the editor. Execution of this attack does require an authenticated user. This has been patched in WordPress 5.3.1, along with all the previous WordPress versions from 3.7 to 5.3 via a minor release. Automatic updates are enabled by default for minor releases and we strongly recommend that you keep them enabled.2019-12-26not yet calculatedCVE-2019-16780
MISC
CONFIRM
MISC
MISC
MISC
wordpress -- wordpressSQL injection vulnerability in the wpDataTables Lite Version 2.0.11 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.2019-12-26not yet calculatedCVE-2019-6012
MISC
MISC
wordpress -- wordpressCross-site scripting (XSS) vulnerability in the Movies plugin 0.6 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php.2019-12-27not yet calculatedCVE-2014-4539
MISC
wordpress -- wordpressCross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slashbox.php in the Ebay Feeds for WordPress plugin 1.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the rss_url parameter.2019-12-27not yet calculatedCVE-2014-4525
MISC
CONFIRM
wordpress -- wordpressThe ListingPro theme before v2.0.14.2 for WordPress has Persistent XSS via the Best Day/Night field on the new listing submit page.2019-12-26not yet calculatedCVE-2019-19541
MISC
wordpress -- wordpressMultiple cross-site scripting (XSS) vulnerabilities in tests/notAuto_test_ContactService_pauseCampaign.php in the Infusionsoft Gravity Forms plugin before 1.5.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) go, (2) contactId, or (3) campaignId parameter.2019-12-27not yet calculatedCVE-2014-4536
MISC
CONFIRM
wordpress -- wordpressCross-site scripting (XSS) vulnerability in the Easy Career Openings plugin 0.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.2019-12-27not yet calculatedCVE-2014-4523
MISC
wordpress -- wordpressCross-site scripting (XSS) vulnerability in rss.class/scripts/magpie_debug.php in the WP-Planet plugin 0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the url parameter.2019-12-27not yet calculatedCVE-2014-4592
MISC
wordpress -- wordpressCross-site scripting (XSS) vulnerability in tinymce/popup.php in the Ruven Toolkit plugin 1.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the popup parameter.2019-12-27not yet calculatedCVE-2014-4548
MISC
wordpress -- wordpressThe WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed for unauthenticated option creation. In order to exploit this vulnerability, an attacker would need to send a /wp-admin/admin-post.php?es_skip=1&option_name= request.2019-12-26not yet calculatedCVE-2019-19982
MISC
MISC
wordpress -- wordpressCross-site scripting (XSS) vulnerability in comments/videowhisper2/r_logout.php in the Video Comments Webcam Recorder plugin 1.55, as downloaded before 20140116 for WordPress allows remote attackers to inject arbitrary web script or HTML via the message parameter.2019-12-27not yet calculatedCVE-2014-4567
MISC
CONFIRM
wordpress -- wordpressCross-site scripting (XSS) vulnerability in the Conversador plugin 2.61 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the 'page' parameter.2019-12-27not yet calculatedCVE-2014-4519
MISC
wordpress -- wordpresswp_kses_bad_protocol in wp-includes/kses.php in WordPress before 5.3.1 mishandles the HTML5 colon named entity, allowing attackers to bypass input sanitization, as demonstrated by the javascript&colon; substring.2019-12-27not yet calculatedCVE-2019-20041
MISC
MISC
wordpress -- wordpressThe WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed unauthenticated file download with user information disclosure.2019-12-26not yet calculatedCVE-2019-19985
MISC
MISC
wordpress -- wordpressWordPress Xorbin Digital Flash Clock 1.0 has XSS2019-12-27not yet calculatedCVE-2013-4693
MISC
wordpress -- wordpressCross-site scripting vulnerability in wpDataTables Lite Version 2.0.11 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.2019-12-26not yet calculatedCVE-2019-6011
MISC
MISC
wordpress -- wordpressCross-site scripting (XSS) vulnerability in preview-shortcode-external.php in the Shortcode Ninja plugin 1.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the shortcode parameter.2019-12-27not yet calculatedCVE-2014-4550
MISC
wordpress -- wordpressWordPress before 5.3.1 allowed an unauthenticated user to make a post sticky through the REST API because of missing access control in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php.2019-12-27not yet calculatedCVE-2019-20043
MISC
MISC
MISC
MISC
wordpress -- wordpressWordPress W3 Super Cache Plugin before 1.3.2 contains a PHP code-execution vulnerability which could allow remote attackers to inject arbitrary code. This issue exists because of an incomplete fix for CVE-2013-2009.2019-12-26not yet calculatedCVE-2013-2011
MISC
MISC
MISC
MISC
wordpress -- wordpressThe WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed users with edit_post capabilities to manage plugin settings and email campaigns.2019-12-26not yet calculatedCVE-2019-19984
MISC
MISC
wordpress -- wordpressA flaw in the WordPress plugin, WP Maintenance before 5.0.6, allowed attackers to enable a vulnerable site's maintenance mode and inject malicious code affecting site visitors. There was CSRF with resultant XSS.2019-12-26not yet calculatedCVE-2019-19979
MISC
MISC
wordpress -- wordpressCross-site request forgery (CSRF) vulnerability in WP Spell Check 7.1.9 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.2019-12-26not yet calculatedCVE-2019-6027
MISC
MISC
wordpress -- wordpressWordPress before 5.3.1 allowed an attacker to create a cross-site scripting attack (XSS) in well crafted links, because of an insufficient protection mechanism in wp_targeted_link_rel in wp-includes/formatting.php.2019-12-27not yet calculatedCVE-2019-20042
MISC
MISC
MISC
MISC
MISC
wordpress -- wordpressCross-site scripting (XSS) vulnerability in the Import Legacy Media plugin 0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php.2019-12-27not yet calculatedCVE-2014-4535
MISC
wordpress -- wordpressCross-site scripting (XSS) vulnerability in the Podcast Channels plugin 0.20 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the Filename parameter to getid3/demos/demo.write.php.2019-12-27not yet calculatedCVE-2014-4544
MISC
wordpress -- wordpressIn the WordPress plugin, Fast Velocity Minify before 2.7.7, the full web root path to the running WordPress application can be discovered. In order to exploit this vulnerability, FVM Debug Mode needs to be enabled and an admin-ajax request needs to call the fastvelocity_min_files action.2019-12-26not yet calculatedCVE-2019-19983
MISC
MISC
xiuno -- bbsXiuno BBS 4.0 allows XXE via plugin/xn_wechat_public/route/token.php.2019-12-26not yet calculatedCVE-2019-19998
MISC
yahoo -- athenzOpen redirect vulnerability in Athenz v1.8.24 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted page.2019-12-26not yet calculatedCVE-2019-6035
MISC
MISC
MISC
yokogawa -- multiple_products_for_windowsAn unquoted search path vulnerability in Multiple Yokogawa products for Windows (Exaopc (R1.01.00 ? R3.77.00), Exaplog (R1.10.00 ? R3.40.00), Exaquantum (R1.10.00 ? R3.02.00 and R3.15.00), Exaquantum/Batch (R1.01.00 ? R2.50.40), Exasmoc (all revisions), Exarqe (all revisions), GA10 (R1.01.01 ? R3.05.01), and InsightSuiteAE (R1.01.00 ? R1.06.00)) allow local users to gain privileges via a Trojan horse executable file and execute arbitrary code with eleveted privileges.2019-12-26not yet calculatedCVE-2019-6008
MISC
MISC
zte -- zxcloud_goldendata_vapAll versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have an information disclosure vulnerability. Attackers could use this vulnerability to collect data information and damage the system.2019-12-23not yet calculatedCVE-2019-3430
CONFIRM
zte -- zxcloud_goldendata_vapAll versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have encryption problems vulnerability. Attackers could sniff unencrypted account and password through the network for front-end system access.2019-12-23not yet calculatedCVE-2019-3431
CONFIRM
zte -- zxcloud_goldendata_vapAll versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have a file reading vulnerability. Attackers could obtain log file information without authorization, causing the disclosure of sensitive information.2019-12-23not yet calculatedCVE-2019-3429
CONFIRM

Back to top

Please share your thoughts

We recently updated our anonymous product survey; we’d welcome your feedback.