Bulletin (SB19-329)

Vulnerability Summary for the Week of November 18, 2019

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0

  • Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9

  • Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

 

High Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
3s-smart_software_solutions -- codesys_web_server
 
CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overflow. 2019-11-20 7.5 CVE-2019-18858
MISC
MISC
apache -- solr The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLE_REMOTE_JMX_OPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX monitoring will be enabled and exposed on RMI_PORT (default=18983), without any authentication. If this port is opened for inbound traffic in your firewall, then anyone with network access to your Solr nodes will be able to access JMX, which may in turn allow them to upload malicious code for execution on the Solr server. 2019-11-18 7.5 CVE-2019-12409
MLIST
chicken -- chicken
 
Buffer overflow in CHICKEN 4.9.0 and 4.9.0.1 may allow remote attackers to execute arbitrary code via the 'select' function. 2019-11-22 7.5 CVE-2014-6310
MISC
MISC
CONFIRM
MISC
clamav -- clamav
 
ClamAV before 0.97.7 has buffer overflow in the libclamav component 2019-11-15 7.5 CVE-2013-7088
MISC
MISC
MISC
MISC
MISC
clamav -- clamav
 
ClamAV before 0.97.7 has WWPack corrupt heap memory 2019-11-15 7.5 CVE-2013-7087
MISC
MISC
MISC
MISC
MISC
cobbler -- cobbler
 
cobbler has local privilege escalation via the use of insecure location for PYTHON_EGG_CACHE 2019-11-19 7.2 CVE-2011-4954
MISC
MISC
MISC
MISC
MISC
cyrus -- imap
 
Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived over the same connection. 2019-11-15 7.5 CVE-2019-18928
MISC
MISC
dolibarr -- dolibarr
 
SQL injection vulnerability in Dolibarr ERP/CRM 3.3.1 allows remote attackers to execute arbitrary SQL commands via the 'pays' parameter in fiche.php. 2019-11-20 7.5 CVE-2013-2091
MISC
MISC
CONFIRM
MISC
dolibarr -- dolibarr
 
Dolibarr ERP/CRM 3.3.1 does not properly validate user input in viewimage.php and barcode.lib.php which allows remote attackers to execute arbitrary commands. 2019-11-20 10 CVE-2013-2093
MISC
MISC
CONFIRM
MISC
druby -- druby
 
Distributed Ruby (aka DRuby) 1.8 mishandles instance_eval. 2019-11-18 7.5 CVE-2011-5331
MISC
druby -- druby
 
Distributed Ruby (aka DRuby) 1.8 mishandles the sending of syscalls. 2019-11-18 7.5 CVE-2011-5330
MISC
eclipse -- jetty Jetty 6.x through 6.1.22 suffers from an escape sequence injection vulnerability from an attack vector by means of: 1) "Cookie Dump Servlet" and 2) Http Content-Length header. 1) A POST request to the form at "/test/cookie/" with the "Age" parameter set to a string throws a "java.lang.NumberFormatException" which reflects binary characters including ESC. These characters could be used to execute arbitrary commands or buffer dumps in the terminal. 2) The attack vector in 1) can be exploited by requesting a page using an HTTP request "Content-Length" header set to a consonant string (string including only letters). 2019-11-15 7.5 CVE-2009-5047
MISC
MISC
MLIST
google -- chrome Unspecified vulnerabilities in Google Chrome before 54.0.2840.59. 2019-11-20 10 CVE-2016-5194
CONFIRM
google -- chrome Unspecified vulnerabilities in Google Chrome before 55.0.2883.75. 2019-11-20 10 CVE-2016-9652
CONFIRM
hhvm -- hhvm
 
hhvm before 3.12.11 has a use-after-free in the serialize_memoize_param() and ResourceBundle::__construct() functions. 2019-11-19 7.5 CVE-2016-1000006
MISC
MISC
MISC
ibm -- security_identity_manager
 
IBM Security Identity Manager 6.0.0 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 166456. 2019-11-20 9.3 CVE-2019-4561
XF
CONFIRM
iobroker -- iobroker.admin
 
iobroker.admin before 3.6.12 allows attacker to include file contents from outside the `/log/file1/` directory. 2019-11-20 7.5 CVE-2019-10765
MISC
MISC
ktsuss -- ktsuss ktsuss versions 1.4 and prior spawns the GTK interface to run as root. This can allow a local attacker to escalate privileges to root and use the "GTK_MODULES" environment variable to possibly execute arbitrary code. 2019-11-19 7.2 CVE-2011-2922
MISC
MISC
MISC
MISC
MISC
MISC
MISC
ktsuss -- ktsuss
 
ktsuss versions 1.4 and prior has the uid set to root and does not drop privileges prior to executing user specified commands, which can result in command execution with root privileges. 2019-11-19 10 CVE-2011-2921
MISC
MISC
MISC
limnoria_and_supybot -- limnoria_and_supybot
 
Eval injection in the Math plugin of Limnoria (before 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands. 2019-11-16 7.5 CVE-2019-19010
MISC
MISC
FEDORA
FEDORA
FEDORA
linux -- linux_kernel Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering iwl_pcie_init_fw_sec() or dma_alloc_coherent() failures, aka CID-0f4f199443fa. 2019-11-18 7.8 CVE-2019-19059
MISC
linux -- linux_kernel A memory leak in the rsi_send_beacon() function in drivers/net/wireless/rsi/rsi_91x_mgmt.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering rsi_prepare_beacon() failures, aka CID-d563131ef23c. 2019-11-18 7.8 CVE-2019-19071
MISC
linux -- linux_kernel Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e. 2019-11-18 7.8 CVE-2019-19057
MISC
linux -- linux_kernel A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering alloc_page() failures, aka CID-b4b814fec1a5. 2019-11-18 7.8 CVE-2019-19058
MISC
linux -- linux_kernel A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-96c5c6e6a5b6. 2019-11-18 7.8 CVE-2019-19072
MISC
linux -- linux_kernel

 
A memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering ca8210_get_platform_data() failures, aka CID-6402939ec86e. 2019-11-18 7.8 CVE-2019-19075
MISC
MISC
linux -- linux_kernel
 
A memory leak in the mlx5_fw_fatal_reporter_dump() function in drivers/net/ethernet/mellanox/mlx5/core/health.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mlx5_crdump_collect() failures, aka CID-c7ed6d0183d5. 2019-11-18 7.8 CVE-2019-19047
MISC
MISC
linux -- linux_kernel
 
A memory leak in the nfp_abm_u32_knode_replace() function in drivers/net/ethernet/netronome/nfp/abm/cls.c in the Linux kernel before 5.3.6 allows attackers to cause a denial of service (memory consumption), aka CID-78beef629fd9. 2019-11-18 7.8 CVE-2019-19076
MISC
MISC
linux -- linux_kernel
 
Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113. 2019-11-18 7.8 CVE-2019-19063
MISC
linux -- linux_kernel
 
A memory leak in the crypto_reportstat() function in drivers/virt/vboxguest/vboxguest_utils.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering copy_form_user() failures, aka CID-e0b0cb938864. 2019-11-18 7.8 CVE-2019-19048
MISC
MISC
linux -- linux_kernel
 
Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, the dce100_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, the dcn20_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn20/dcn20_resource.c, the dce120_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, and the dce80_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce80/dce80_resource.c, aka CID-055e547478a1. 2019-11-18 7.8 CVE-2019-19083
MISC
MISC
linux -- linux_kernel
 
A memory leak in the mlx5_fpga_conn_create_cq() function in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mlx5_vector2eqn() failures, aka CID-c8c2a057fdc7. 2019-11-18 7.8 CVE-2019-19045
MISC
MISC
linux -- linux_kernel
 
A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4. 2019-11-18 7.8 CVE-2019-19074
MISC
linux -- linux_kernel
 
A memory leak in the i40e_setup_macvlans() function in drivers/net/ethernet/intel/i40e/i40e_main.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering i40e_setup_channel() failures, aka CID-27d461333459. 2019-11-18 7.8 CVE-2019-19043
MISC
linux -- linux_kernel
 
A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_reportstat_alg() failures, aka CID-c03b04dcdba1. 2019-11-18 7.8 CVE-2019-19050
MISC
linux -- linux_kernel
 
A memory leak in the i2400m_op_rfkill_sw_toggle() function in drivers/net/wimax/i2400m/op-rfkill.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-6f3ef5c25cc7. 2019-11-18 7.8 CVE-2019-19051
MISC
MISC
linux -- linux_kernel
 
Two memory leaks in the v3d_submit_cl_ioctl() function in drivers/gpu/drm/v3d/v3d_gem.c in the Linux kernel before 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering kcalloc() or v3d_job_init() failures, aka CID-29cd13cfd762. 2019-11-18 7.8 CVE-2019-19044
MISC
MISC
linux -- linux_kernel
 
A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering rhashtable_init() failures, aka CID-34b3be18a04e. 2019-11-18 7.8 CVE-2019-19065
MISC
MISC
linux -- linux_kernel
 
A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486. 2019-11-18 7.8 CVE-2019-19052
MISC
MISC
linux -- linux_kernel
 
A memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy to udata failures, aka CID-4a9d46a9fe14. 2019-11-18 7.8 CVE-2019-19077
MISC
linux -- linux_kernel
 
A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-db8fd2cde932. 2019-11-18 7.8 CVE-2019-19056
MISC
linux -- linux_kernel
 
A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b. 2019-11-18 7.8 CVE-2019-19054
MISC
linux -- linux_kernel
 
A memory leak in the nfp_flower_spawn_vnic_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allows attackers to cause a denial of service (memory consumption), aka CID-8ce39eb5a67a. 2019-11-18 7.8 CVE-2019-19081
MISC
MISC
linux -- linux_kernel
 
A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy_from_iter_full() failures, aka CID-bbe692e349e2. 2019-11-18 7.8 CVE-2019-19053
MISC
linux -- linux_kernel
 
A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-a2cdd07488e6. 2019-11-18 7.8 CVE-2019-19068
MISC
linux -- linux_kernel
 
A memory leak in the bfad_im_get_stats() function in drivers/scsi/bfa/bfad_attr.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering bfa_port_get_stats() failures, aka CID-0e62395da2bd. 2019-11-18 7.8 CVE-2019-19066
MISC
linux -- linux_kernel
 
Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures. This affects the htc_config_pipe_credits() function, the htc_setup_complete() function, and the htc_connect_service() function, aka CID-853acf7caf10. 2019-11-18 7.8 CVE-2019-19073
MISC
linux -- linux_kernel
 
A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-9c0530e898f3. 2019-11-18 7.8 CVE-2019-19061
MISC
MISC
linux -- linux_kernel
 
A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042. 2019-11-18 7.8 CVE-2019-19062
MISC
linux -- linux_kernel
 
A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41. 2019-11-18 7.8 CVE-2019-19060
MISC
MISC
linux -- linux_kernel
 
Memory leaks in *create_resource_pool() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption). This affects the dce120_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, the dce100_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, and the dce112_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, aka CID-104c307147ad. 2019-11-18 7.8 CVE-2019-19082
MISC
linux -- linux_kernel
 
A memory leak in the ath10k_usb_hif_tx_sg() function in drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-b8d17e7d93d2. 2019-11-18 7.8 CVE-2019-19078
MISC
linux -- linux_kernel
 
A memory leak in the qrtr_tun_write_iter() function in net/qrtr/tun.c in the Linux kernel before 5.3 allows attackers to cause a denial of service (memory consumption), aka CID-a21b7f0cff19. 2019-11-18 7.8 CVE-2019-19079
MISC
MISC
linux -- linux_kernel
 
Four memory leaks in the nfp_flower_spawn_phy_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allow attackers to cause a denial of service (memory consumption), aka CID-8572cea1461a. 2019-11-18 7.8 CVE-2019-19080
MISC
MISC
linux -- linux_kernel
 
A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc/fastrpc.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering dma_get_sgtable() failures, aka CID-fc739a058d99. 2019-11-18 7.8 CVE-2019-19069
MISC
MISC
nvidia -- nvflash_and_nvuflash_tool_and_gpumodeswitch_tool
 
NVIDIA NVFlash, NVUFlash Tool prior to v5.588.0 and GPUModeSwitch Tool prior to 2019-11, NVIDIA kernel mode driver (nvflash.sys, nvflsh32.sys, and nvflsh64.sys) contains a vulnerability in which authenticated users with administrative privileges can gain access to device memory and registers of other devices not managed by NVIDIA, which may lead to escalation of privileges, information disclosure, or denial of service. 2019-11-18 7.2 CVE-2019-5688
MISC
oniguruma -- oniguruma
 
An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a denial-of-service or information disclosure, or possibly have unspecified other impact, via a crafted regular expression. 2019-11-17 7.5 CVE-2019-19012
MISC
MISC
MISC
phicomm -- k2_psg1218_routers
 
/usr/lib/lua/luci/controller/admin/autoupgrade.lua on PHICOMM K2(PSG1218) V22.5.9.163 devices allows remote authenticated users to execute any command via shell metacharacters in the cgi-bin/luci autoUpTime parameter. 2019-11-18 9 CVE-2019-19117
MISC
pimcore -- pimcore
 
Pimcore before 6.2.2 lacks an Access Denied outcome for a certain scenario of an incorrect recipient ID of a notification. 2019-11-15 7.5 CVE-2019-18981
MISC
MISC
pixie -- pixie
 
Pixie versions 1.0.x before 1.0.3, and 2.0.x before 2.0.2 allow SQL Injection in the limit() function due to improper sanitization. 2019-11-19 7.5 CVE-2019-10766
MISC
postgresql -- postgresql
 
The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified impact via unknown vectors, as demonstrated by an out-of-memory error. 2019-11-20 7.5 CVE-2015-3166
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
postgresql-common -- postgresql-common
 
The pg_ctlcluster script in postgresql-common in versions prior to 210 didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation. 2019-11-20 7.2 CVE-2019-3466
MISC
raritan -- commandcenter_secure_gateway
 
An XML external entity (XXE) vulnerability in CommandCenterWebServices/.*?wsdl in Raritan CommandCenter Secure Gateway before 8.0.0 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. 2019-11-18 7.5 CVE-2018-20687
MISC
FULLDISC
sandline -- centraleyezer
 
Sandline Centraleyezer (On Premises) allows unrestricted File Upload with a dangerous type, because the feature of adding ".jpg" to any uploaded filename is not enforced on the server side. 2019-11-18 7.5 CVE-2019-12271
MISC
MISC
smarty -- smarty The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smarty_internal_compile_private_special_variable.php file. 2019-11-20 7.5 CVE-2011-1028
MISC
MISC
MISC
statusnet -- statusnet
 
Unspecified vulnerability in statusnet through 2010 due to the way addslashes are used in SQL string escapes.. 2019-11-20 7.5 CVE-2010-4660
MISC
MISC
symantec -- endpoint_protection Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. 2019-11-15 7.2 CVE-2019-18372
MISC
symantec -- endpoint_protection
 
Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual to execute code without a resident proper digital signature. 2019-11-15 7.2 CVE-2019-12758
MISC
MISC
symantec -- endpoint_protection_manager_and_mail_security_for_ms_exchange
 
Symantec Endpoint Protection Manager (SEPM) and Symantec Mail Security for MS Exchange (SMSMSE), prior to versions 14.2 RU2 and 7.5.x respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. 2019-11-15 7.2 CVE-2019-12759
MISC
tematres -- tematres
 
TemaTres 3.0 allows remote unprivileged users to create an administrator account 2019-11-15 7.5 CVE-2019-14345
MISC
MISC
MISC
MISC
xorus -- lpar2rrd_and_stor2rrd
 
An issue was discovered in Xorux Lpar2RRD 6.11 and Stor2RRD 2.61, as distributed in Xorux 2.41. They do not correctly verify the integrity of an upgrade package before processing it. As a result, official upgrade packages can be modified to inject an arbitrary Bash script that will be executed by the underlying system. It is possible to achieve this by modifying the values in the files.SUM file (which are used for integrity control) and injecting malicious code into the upgrade.sh file. 2019-11-17 9 CVE-2019-19041
MISC
Back to top

 

Medium Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
apache -- atlas
 
Apache Atlas versions 0.8.3 and 1.1.0 were found vulnerable to Stored Cross-Site Scripting in the search functionality 2019-11-18 4.3 CVE-2019-10070
MLIST
apache -- nifi The XMLFileLookupService in NiFi versions 1.3.0 to 1.9.2 allowed trusted users to inadvertently configure a potentially malicious XML file. The XML file has the ability to make external calls to services (via XXE) and reveal information such as the versions of Java, Jersey, and Apache that the NiFI instance uses. 2019-11-19 4 CVE-2019-10080
CONFIRM
apache -- nifi
 
When using an authentication mechanism other than PKI, when the user clicks Log Out in NiFi versions 1.0.0 to 1.9.2, NiFi invalidates the authentication token on the client side but not on the server side. This permits the user's client-side token to be used for up to 12 hours after logging out to make API requests to NiFi. 2019-11-19 6.5 CVE-2019-12421
CONFIRM
apache -- shiro
 
Apache Shiro before 1.4.2, when using the default "remember me" configuration, cookies could be susceptible to a padding attack. 2019-11-18 5 CVE-2019-12422
MLIST
artifex -- ghostscript
 
A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges within the Ghostscript and access files outside of restricted areas or execute commands. 2019-11-15 6.8 CVE-2019-14869
SUSE
SUSE
MLIST
CONFIRM
CONFIRM
CONFIRM
FEDORA
FEDORA
FEDORA
BUGTRAQ
clamav -- clamav
 
ClamAV before 0.97.7: dbg_printhex possible information leak 2019-11-15 5 CVE-2013-7089
MISC
MISC
MISC
MISC
cobbler -- cobbler
 
cobbler: Web interface lacks CSRF protection when using Django framework 2019-11-19 6.8 CVE-2011-4952
MISC
MISC
MISC
MISC
code42 -- code42 Code42 server through 7.0.2 for Windows has an Untrusted Search Path. In certain situations, a non-administrative attacker on the local server could create or modify a dynamic-link library (DLL). The Code42 service could then load it at runtime, and potentially execute arbitrary code at an elevated privilege on the local server. 2019-11-19 6.9 CVE-2019-16861
CONFIRM
MISC
code42 -- code42
 
Code42 app through version 7.0.2 for Windows has an Untrusted Search Path. In certain situations, a non-administrative attacker on the local machine could create or modify a dynamic-link library (DLL). The Code42 service could then load it at runtime, and potentially execute arbitrary code at an elevated privilege on the local machine. 2019-11-19 6.9 CVE-2019-16860
MISC
CONFIRM
comodo_security_solutions -- comodo_internet_security
 
An issue was discovered in signmgr.dll 6.5.0.819 in Comodo Internet Security through 12.0. A DLL Preloading vulnerability allows an attacker to implant an unsigned DLL named iLog.dll in a partially unprotected product directory. This DLL is then loaded into a high-privileged service before the binary signature validation logic is loaded, and might bypass some of the self-defense mechanisms. 2019-11-18 4.4 CVE-2019-18215
MISC
MISC
MISC
dolibarr -- dolibarr Cross-site Scripting (XSS) in Dolibarr ERP/CRM 3.3.1 allows remote attackers to inject arbitrary web script or HTML in functions.lib.php. 2019-11-20 4.3 CVE-2013-2092
MISC
CONFIRM
MISC
f5 -- big-ip
 
On BIG-IP 13.1.0-13.1.1.4, sensitive information is logged into the local log files and/or remote logging targets when restjavad processes an invalid request. Users with access to the log files would be able to view that data. 2019-11-15 4 CVE-2019-6662
MISC
f5 -- big-ip
 
On version 14.0.0-14.1.0.1, BIG-IP virtual servers with TLSv1.3 enabled may experience a denial of service due to undisclosed incoming messages. 2019-11-15 5 CVE-2019-6659
MISC
f5 -- big-ip
 
On BIG-IP 15.0.0 and 14.1.0-14.1.0.6, under certain conditions, network protections on the management port do not follow current best practices. 2019-11-15 5 CVE-2019-6664
MISC
f5 -- big-ip
 
On BIG-IP 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.1, undisclosed HTTP requests may consume excessive amounts of systems resources which may lead to a denial of service. 2019-11-15 5 CVE-2019-6660
MISC
f5 -- big-ip_and_iworkflow_and_enterprise_manager
 
The BIG-IP 15.0.0-15.0.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5.1, BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1 configuration utility is vulnerable to Anti DNS Pinning (DNS Rebinding) attack. 2019-11-15 4.3 CVE-2019-6663
MISC
f5 -- big-ip_apm When the BIG-IP APM 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.4.1, or 11.5.1-11.6.5 system processes certain requests, the APD/APMD daemon may consume excessive resources. 2019-11-15 5 CVE-2019-6661
MISC
falconpl -- falconpl
 
Falconpl before 0.9.6.9-git20120606 misuses the libcurl API which may allow remote attackers to interfere with security checks. 2019-11-19 5 CVE-2012-6070
MISC
MISC
MISC
MISC
firegpg -- iceweasel-firegpg
 
A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling. 2019-11-18 4.6 CVE-2008-7273
MISC
MISC
MISC
footy_tipping_software -- afl_web_edition
 
Footy Tipping Software AFL Web Edition 2019 allows XSS. 2019-11-18 4.3 CVE-2019-17057
MISC
footy_tipping_software -- afl_web_edition
 
Footy Tipping Software AFL Web Edition 2019 allows arbitrary file upload and resultant remote code execution because a whitelist can be bypassed by an Administrator who uploads a crafted upload.dat file. 2019-11-18 6.5 CVE-2019-17058
MISC
fortiguard -- fortios_and_forticlient_for_windows_and_forticlient_for_mac Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge of the key to eavesdrop on and modify information (URL/SPAM services in FortiOS 5.6, and URL/SPAM/AV services in FortiOS 6.0.; URL rating in FortiClient) sent and received from Fortiguard severs by decrypting these messages. 2019-11-21 4.3 CVE-2018-9195
CONFIRM
gael -- q-pulse Cross-site scripting (XSS) vulnerability in ui/common/managedlistdialog.aspx in Gael Q-Pulse 0.6 and earlier. 2019-11-22 4.3 CVE-2014-1238
MISC
gamera_project -- gamera
 
Gamera before 3.4.1 insecurely creates temporary files. 2019-11-21 5 CVE-2014-1937
MISC
MISC
MISC
gnu -- serveez
 
GNU Serveez through 0.2.2 has an Information Leak. An attacker may send an HTTP POST request to the /cgi-bin/reader URI. The attacker must include a Content-length header with a large positive value that, when represented in 32 bit binary, evaluates to a negative number. The problem exists in the http_cgi_write function under http-cgi.c; however, exploitation might show svz_envblock_add in libserveez/passthrough.c as the location of the heap-based buffer over-read. 2019-11-20 5 CVE-2019-16200
MISC
gnupg_project -- gnupg
 
The keyring DB in GnuPG before 2.1.2 does not properly handle invalid packets, which allows remote attackers to cause a denial of service (invalid read and use-after-free) via a crafted keyring file. 2019-11-20 4.3 CVE-2015-1606
MISC
MISC
MISC
MISC
MISC
MISC
gnupg_project -- gnupg
 
kbx/keybox-search.c in GnuPG before 1.4.19, 2.0.x before 2.0.27, and 2.1.x before 2.1.2 does not properly handle bitwise left-shifts, which allows remote attackers to cause a denial of service (invalid read operation) via a crafted keyring file, related to sign extensions and "memcpy with overlapping ranges." 2019-11-20 4.3 CVE-2015-1607
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
horms_solutions -- perdition
 
Perdition before 2.2 may have weak security when handling outbound connections, caused by an error in the STARTTLS IMAP and POP server. ssl_outgoing_ciphers not being applied to STARTTLS connections 2019-11-15 4.3 CVE-2013-4584
MISC
MISC
MISC
MISC
MISC
ibm -- maximo_asset_management
 
IBM Maximo Asset Management 7.6, 7.6.1, and 7.6.1.1 could allow an authenticated user to delete a record that they should not normally be able to. IBM X-Force ID: 165586. 2019-11-20 5.5 CVE-2019-4530
XF
CONFIRM
ibm -- smartcloud_analytics IBM SmartCloud Analytics 1.3.1 through 1.3.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 159186. 2019-11-22 4.3 CVE-2019-4215
XF
CONFIRM
ibm -- smartcloud_analytics
 
IBM SmartCloud Analytics 1.3.1 through 1.3.5 does not set the secure attribute on authorization tokens or session cookies. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 159185. 2019-11-22 4.3 CVE-2019-4214
XF
CONFIRM
ibm -- smartcloud_analytics
 
IBM SmartCloud Analytics 1.3.1 through 1.3.5 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. IBM X-Force ID: 159187. 2019-11-22 4.9 CVE-2019-4216
XF
CONFIRM
iterm2 -- iterm2
 
iTerm2 through 3.3.6 has potentially insufficient documentation about the presence of search history in com.googlecode.iterm2.plist, which might allow remote attackers to obtain sensitive information, as demonstrated by searching for the NoSyncSearchHistory string in .plist files within public Git repositories. 2019-11-17 5 CVE-2019-19022
MISC
jenkins -- jenkins Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers with read access and HTTP access to Jenkins master to insert data and execute arbitrary code. 2019-11-18 6.5 CVE-2012-4438
MISC
CONFIRM
MISC
MISC
jenkins -- jenkins Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML in the CI game plugin. 2019-11-18 4.3 CVE-2012-4441
MISC
MISC
MISC
jenkins -- jenkins Missing permission checks in various API endpoints in Jenkins Google Compute Engine Plugin 4.1.1 and earlier allow attackers with Overall/Read permission to obtain limited information about the plugin configuration and environment. 2019-11-21 4 CVE-2019-16547
MLIST
CONFIRM
jenkins -- jenkins
 
Jenkins QMetry for JIRA - Test Management Plugin 1.12 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. 2019-11-21 4 CVE-2019-16544
MLIST
CONFIRM
jenkins -- jenkins
 
Jenkins QMetry for JIRA - Test Management Plugin transmits credentials in its configuration in plain text as part of job configuration forms, potentially resulting in their exposure. 2019-11-21 4 CVE-2019-16545
MLIST
CONFIRM
jenkins -- jenkins
 
A cross-site request forgery vulnerability in Jenkins Google Compute Engine Plugin 4.1.1 and earlier in ComputeEngineCloud#doProvision could be used to provision new agents. 2019-11-21 6.8 CVE-2019-16548
MLIST
CONFIRM
jenkins -- jenkins
 
A path traversal vulnerability in Jenkins Support Core Plugin 2.63 and earlier allows attackers with Overall/Read permission to delete arbitrary files on the Jenkins master. 2019-11-21 5.5 CVE-2019-16540
MLIST
CONFIRM
jenkins -- jenkins
 
A missing permission check in Jenkins Support Core Plugin 2.63 and earlier allows attackers with Overall/Read permission to delete support bundles. 2019-11-21 5.5 CVE-2019-16539
MLIST
CONFIRM
jenkins -- jenkins
 
Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML in the Violations plugin. 2019-11-18 4.3 CVE-2012-4440
MISC
MISC
MISC
jenkins -- jenkins
 
Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL that points to Jenkins. 2019-11-18 4.3 CVE-2012-4439
MISC
CONFIRM
MISC
MISC
jenkins -- jenkins
 
Jenkins Google Compute Engine Plugin 4.1.1 and earlier does not verify SSH host keys when connecting agents created by the plugin, enabling man-in-the-middle attacks. 2019-11-21 4.3 CVE-2019-16546
MLIST
CONFIRM
jhead_project -- jhead jhead 3.03 is affected by: heap-based buffer over-read. The impact is: Denial of service. The component is: ReadJpegSections and process_SOFn in jpgfile.c. The attack vector is: Open a specially crafted JPEG file. 2019-11-17 4.3 CVE-2019-19035
MISC
kairosdb -- kairosdb
 
KairosDB through 1.2.2 has XSS in view.html because of showErrorMessage in js/graph.js, as demonstrated by view.html?q= with a '"sampling":{"value":"<script>' substring. 2019-11-17 4.3 CVE-2019-19040
MISC
lenovo -- customer_engagement_service
 
A potential vulnerability in the discontinued Customer Engagement Service (CCSDK) software version 2.0.21.1 may allow local privilege escalation. 2019-11-20 4.6 CVE-2019-6184
MISC
lenovo -- lenovopaper
 
A potential vulnerability in the discontinued LenovoPaper software version 1.0.0.22 may allow local privilege escalation. 2019-11-20 4.6 CVE-2019-6191
MISC
lenovo -- system_interface_foundation
 
A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an administrative user to load an unsigned DLL. 2019-11-20 4.4 CVE-2019-6189
MISC
lenovo -- system_interface_foundation
 
A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an authenticated user to execute code as another user. 2019-11-20 6.5 CVE-2019-6186
MISC
lenovo -- thinkpad A potential vulnerability reported in ThinkPad USB-C Dock Firmware version 3.7.2 may allow a denial of service. 2019-11-20 5 CVE-2019-6176
MISC
lenovo -- xclarity_controller
 
A stored CSV Injection vulnerability was reported in Lenovo XClarity Controller (XCC) that could allow an administrative or other appropriately permissioned user to store malformed data in certain XCC server informational fields, that could result in crafted formulas being stored in an exported CSV file. The crafted formula is not executed on XCC itself and has no effect on the server. 2019-11-20 4 CVE-2019-6187
MISC
linux -- linux_kernel
 
ext4_empty_dir in fs/ext4/namei.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because ext4_read_dirblock(inode,0,DIRENT_HTREE) can be zero. 2019-11-21 4.3 CVE-2019-19037
MISC
linux -- linux_kernel
 
btrfs_root_node in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because rcu_dereference(root->node) can be zero. 2019-11-21 4.3 CVE-2019-19036
MISC
ltworf -- weborf
 
Weborf before 0.12.5 is affected by a Denial of Service (DOS) due to malformed fields in HTTP. 2019-11-20 5 CVE-2011-0529
MISC
MISC
mailbird -- mailbird Multiple cross-site scripting (XSS) vulnerabilities in Mailbird before 2.7.5.0 r allow remote attackers to execute arbitrary JavaScript in a privileged context via a crafted HTML mail message. This vulnerability is distinct from CVE-2015-4657. 2019-11-18 4.3 CVE-2019-15054
MISC
CONFIRM
mediawiki -- mediawiki
 
MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information. 2019-11-20 5 CVE-2013-1817
MISC
MISC
MISC
MISC
MISC
MISC
mediawiki -- mediawiki
 
MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request. 2019-11-20 5 CVE-2013-1816
MISC
MISC
BID
MISC
MISC
MISC
mediawiki -- mediawiki
 
An issue was discovered in the AbuseFilter extension through 1.34 for MediaWiki. Once a specific abuse filter has (accidentally or otherwise) been made public, its previous versions can be exposed, thus potentially disclosing private or sensitive information within the filter's definition. 2019-11-15 5 CVE-2019-18987
MISC
MISC
MISC
micro_focus -- operations_agent XXE attack vulnerability on Micro Focus Operations Agent, affected version 12.0, 12.01, 12.02, 12.03, 12.04, 12.05, 12.06, 12.10, 12.11. The vulnerability could be exploited to do an XXE attack on Operations Agent. 2019-11-18 4 CVE-2019-17085
CONFIRM

miniupnp -- ngiflib

MiniUPnP ngiflib 0.4 has a NULL pointer dereference in GifIndexToTrueColor in ngiflib.c via a file that lacks a palette. 2019-11-17 5 CVE-2019-19011
MISC
mono -- mono
 
mono 2.10.x ASP.NET Web Form Hash collision DoS 2019-11-21 5 CVE-2012-3543
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
mpack -- mpack
 
mpack 1.6 has information disclosure via eavesdropping on mails sent by other users 2019-11-19 5 CVE-2011-4919
MISC
MISC
MISC
norton -- app_lock Norton App Lock, prior to 1.4.0.503, may be susceptible to a bypass exploit. In this type of circumstance, the exploit can allow the user to circumvent the app to prevent it from locking other apps on the device, thereby allowing the individual to gain access. 2019-11-18 4.4 CVE-2019-18373
CONFIRM
nss -- nss
 
Null pointer dereference vulnerability exists in K11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime in NSS before 3.26, which causes the TLS/SSL server using NSS to crash. 2019-11-15 5 CVE-2016-5285
MISC
MISC
MISC
MISC
MISC
MISC
MISC
octopus_deploy -- octopus_deploy In Octopus Deploy 3.3.0 through 2019.10.4, an authenticated user with PackagePush permission to upload packages could upload a maliciously crafted package, triggering an exception that exposes underlying operating system details. 2019-11-18 4 CVE-2019-19084
MISC
openfind -- mail2000
 
The "/cgi-bin/go" page in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code via ACTION parameter without authentication. The code can executed for any user accessing the page. This vulnerability affects many mail system of governments, organizations, companies and universities. 2019-11-20 4.3 CVE-2019-15071
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
MISC
CONFIRM
CONFIRM
openfind -- mail2000
 
An Open Redirect vulnerability for all browsers in MAIL2000 through version 6.0 and 7.0, which will redirect to a malicious site without authentication. This vulnerability affects many mail system of governments, organizations, companies and universities. 2019-11-20 5.8 CVE-2019-15073
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
openfind -- mail2000
 
The login feature in "/cgi-bin/portal" in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code via any parameter. This vulnerability affects many mail system of governments, organizations, companies and universities. 2019-11-20 4.3 CVE-2019-15072
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
openwrt_project -- openwrt An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1. When connecting to a remote server, the server's SSL certificate is checked but no action is taken when the certificate is invalid. An attacker could exploit this behavior by performing a man-in-the-middle attack, providing any certificate, leading to the theft of all the data sent by the client during the first request. 2019-11-18 4.3 CVE-2019-5102
MISC
openwrt_project -- openwrt
 
An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1. When connecting to a remote server, the server's SSL certificate is checked but no action is taken when the certificate is invalid. An attacker could exploit this behavior by performing a man-in-the-middle attack, providing any certificate, leading to the theft of all the data sent by the client during the first request. After an SSL connection is initialized via _ustream_ssl_init, and after any data (e.g. the client's HTTP request) is written to the stream using ustream_printf, the code eventually enters the function __ustream_ssl_poll, which is used to dispatch the read/write events 2019-11-18 4.3 CVE-2019-5101
MISC
org.codehaus.jackson -- jackson-mapper-asl
 
A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but in different classes. 2019-11-18 5 CVE-2019-10172
CONFIRM
pam_shield -- pam_shield
 
pam_shield before 0.9.4: Default configuration does not perform protective action 2019-11-21 5 CVE-2012-2350
MISC
MISC
MISC
phusion -- passenger
 
RubyGems passenger 4.0.0 betas 1 and 2 allows remote attackers to delete arbitrary files during the startup process. 2019-11-19 6.4 CVE-2012-6135
MISC
CONFIRM
MISC
MISC
BID
pimcore -- pimcore pimcore/pimcore before 6.3.0 is vulnerable to SQL Injection. An attacker with limited privileges (classes permission) can achieve a SQL injection that can lead in data leakage. The vulnerability can be exploited via 'id', 'storeId', 'pageSize' and 'tables' parameters, using a payload for trigger a time based or error based sql injection. 2019-11-18 4 CVE-2019-10763
MISC
pimcore -- pimcore bundles/AdminBundle/Controller/Admin/EmailController.php in Pimcore before 6.3.0 allows script execution in the Email Log preview window because of the lack of a Content-Security-Policy header. 2019-11-15 4.3 CVE-2019-18982
MISC
MISC
pimcore -- pimcore Pimcore before 6.2.2 lacks brute force protection for the 2FA token. 2019-11-15 5 CVE-2019-18985
MISC
MISC
pimcore -- pimcore
 
Pimcore before 6.2.2 allow attackers to brute-force (guess) valid usernames by using the 'forgot password' functionality as it returns distinct messages for invalid password and non-existing users. 2019-11-15 5 CVE-2019-18986
MISC
MISC
piwik -- piwik Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This is a different vulnerability than CVE-2013-0193 and CVE-2013-0195. 2019-11-20 4.3 CVE-2013-0194
MISC
CONFIRM
MISC
piwik -- piwik
 
Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This is a different vulnerability than CVE-2013-0194 and CVE-2013-0195. 2019-11-20 4.3 CVE-2013-0193
MISC
CONFIRM
MISC
piwik -- piwik
 
Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This is a different vulnerability than CVE-2013-0193 and CVE-2013-0194. 2019-11-20 4.3 CVE-2013-0195
MISC
CONFIRM
MISC
postgresql -- postgresql
 
contrib/pgcrypto in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 uses different error responses when an incorrect key is used, which makes it easier for attackers to obtain the key via a brute force attack. 2019-11-20 5 CVE-2015-3167
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
qualcomm -- multiple_products Buffer over-read can occur in fast message handler due to improper input validation while processing a message from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8096AU, MSM8996AU, MSM8998, QCN7605, QCS405, QCS605, SDA660, SDM636, SDM660, SDX20, SDX24 2019-11-21 4.6 CVE-2019-10563
CONFIRM
qualcomm -- multiple_products
 
Buffer overflow can occur in wlan module if supported rates or extended rates element length is greater than max rate set length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8996AU, Nicobar, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA845, SDM670, SDM710, SDM845, SDX20, SM6150, SM8150, SM8250, SXR2130 2019-11-21 4.6 CVE-2019-10566
CONFIRM
red_hat -- openshift
 
OpenShift: Install script has temporary file creation vulnerability which can result in arbitrary code execution 2019-11-15 4.6 CVE-2014-0023
MISC
MISC
redmine -- redmine
 
A SQL injection vulnerability in Redmine through 3.2.9 and 3.3.x before 3.3.10 allows Redmine users to access protected information via a crafted object query. 2019-11-21 4 CVE-2019-18890
MISC
MISC
MISC
sandline -- centraleyezer Sandline Centraleyezer (On Premises) allows Unrestricted File Upload leading to Stored XSS. An HTML page running a script could be uploaded to the server. When a victim tries to download a CISO Report template, the script is loaded. 2019-11-18 4.3 CVE-2019-12311
MISC
MISC
sandline -- centraleyezer Sandline Centraleyezer (On Premises) allows Stored XSS using HTML entities in the name field of the Category section. 2019-11-18 4.3 CVE-2019-12299
MISC
MISC
schneider_electric -- modicon_controllers
 
A CWE-200: Information Exposure vulnerability exists in Modicon Controllers (M340 CPUs, M340 communication modules, Premium CPUs, Premium communication modules, Quantum CPUs, Quantum communication modules - see security notification for specific versions), which could cause the disclosure of FTP hardcoded credentials when using the Web server of the controller on an unsecure network. 2019-11-20 5 CVE-2019-6852
CONFIRM
MISC
simpleledger -- slp-validate
 
A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the slp-validate@1.0.0 npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. All versions >1.0.0 have been patched. 2019-11-15 4.9 CVE-2019-16761
MISC
CONFIRM
simpleledger -- slpjs
 
A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the slpjs npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. Affected users can upgrade to any version >= 0.21.4. 2019-11-15 4.9 CVE-2019-16762
MISC
CONFIRM
simplito -- elliptic-php
 
In elliptic-php versions priot to 1.0.6, Timing attacks might be possible which can result in practical recovery of the long-term private key generated by the library under certain conditions. Leakage of a bit-length of the scalar during scalar multiplication is possible on an elliptic curve which might allow practical recovery of the long-term private key. 2019-11-18 5.8 CVE-2019-10764
MISC
MISC
statusnet -- statusnet
 
Cross-site scripting (XSS) vulnerability in statusnet through 2010 in error message contents. 2019-11-20 4.3 CVE-2010-4659
MISC
MISC
MISC
symantec -- endpoint_protection_manager
 
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU1, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. 2019-11-15 4.6 CVE-2018-18368
MISC
tematres -- tematres
 
TemaTres 3.0 has stored XSS via the value parameter to the vocab/admin.php?vocabulario_id=list URI. 2019-11-15 4.3 CVE-2019-14343
MISC
MISC
MISC
MISC
MISC
tiki_wiki -- cms_groupware Multiple cross-site scripting vulnerabilities in Tiki 7.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the path info to (1) tiki-admin_system.php, (2) tiki-pagehistory.php, (3) tiki-removepage.php, or (4) tiki-rename_page.php. 2019-11-20 4.3 CVE-2011-4455
MISC
tiki_wiki -- cms_groupware Multiple cross-site scripting vulnerabilities in Tiki 8.0 RC1 and earlier allow remote attackers to inject arbitrary web script or HTML via the path info to (1) tiki-remind_password.php, (2) tiki-index.php, (3) tiki-login_scr.php, or (4) tiki-index. 2019-11-20 4.3 CVE-2011-4454
MISC
tog-pegasus -- tog-pegasus
 
tog-Pegasus has a package hash collision DoS vulnerability 2019-11-19 5 CVE-2011-4967
MISC
MISC
MISC
MISC
MISC
tryton -- trytond
 
trytond 2.4: ModelView.button fails to validate authorization 2019-11-21 5 CVE-2012-2238
MISC
MISC
MISC
MISC
MISC
tuned -- tuned
 
tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitrary processes. 2019-11-20 4.9 CVE-2012-6136
CONFIRM
MISC
vmware -- workstation_and_fusion
 
VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain a denial-of-service vulnerability in the RPC handler. Successful exploitation of this issue may allow attackers with normal user privileges to create a denial-of-service condition on their own VM. 2019-11-20 4 CVE-2019-5542
CONFIRM
wordpress -- wordpress
 
The Social Photo Gallery plugin 1.0 for WordPress allows Remote Code Execution by creating an album and attaching a malicious PHP file in the cover photo album, because the file extension is not checked. 2019-11-18 4.6 CVE-2019-14467
MISC
FULLDISC
MISC
MISC
zte -- c520v21_smart_camera_devices authentication issues vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can automatically obtain access to web services from the authorized browser of the same computer and perform operations. 2019-11-18 6.4 CVE-2019-3424
CONFIRM
zte -- c520v21_smart_camera_devices
 
permission and access control vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can construct a URL for directory traversal and access to other unauthorized files or resources. 2019-11-18 5 CVE-2019-3423
CONFIRM
Back to top

 

Low Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
ibm -- smartcloud_analytics IBM SmartCloud Analytics 1.3.1 through 1.3.5 allows unauthorized disclosure of information like accessing solrconfig.xml and could allow an attacker to perform disruptive administrator tasks. IBM X-Force ID: 159517. 2019-11-22 3.6 CVE-2019-4243
XF
CONFIRM
linux -- linux_kernel __btrfs_free_extent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfs_print_leaf in a certain ENOENT case, which allows local users to obtain potentially sensitive information about register values via the dmesg program. 2019-11-21 1.9 CVE-2019-19039
MISC
node-cookie-signature -- node-cookie-signature Node-cookie-signature before 1.0.6 is affected by a timing attack due to the type of comparison used. 2019-11-19 3.5 CVE-2016-1000236
MISC
MISC
MISC
MISC
MISC
MISC
octopus_deploy -- octopus_server A persistent cross-site scripting (XSS) vulnerability in Octopus Server 3.4.0 through 2019.10.5 allows remote authenticated attackers to inject arbitrary web script or HTML. 2019-11-18 3.5 CVE-2019-19085
MISC
pidgin -- pidgin Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain sensitive information via a dbus session monitor. 2019-11-20 2.1 CVE-2012-1257
MISC
MISC
python_rply -- python_rply python-rply before 0.7.4 insecurely creates temporary files. 2019-11-21 2.1
MISC
MISC
MISC
qtnx -- qtnx qtnx 0.9 stores non-custom SSH keys in a world-readable configuration file. If a user has a world-readable or world-executable home directory, another local system user could obtain the private key used to connect to remote NX sessions. 2019-11-15 2.1 CVE-2011-2916
MISC
MISC
MISC
suckless -- surf surf: cookie jar has read access from other local user 2019-11-19 2.1 CVE-2012-0842
MISC
MISC
MISC
MISC
MISC
MISC
MISC
symantec -- endpoint_protection Symantec Endpoint Protection (SEP), prior to 14.2 RU2 may be susceptible to a password protection bypass vulnerability whereby the secondary layer of password protection could by bypassed for individuals with local administrator rights. 2019-11-15 2.1 CVE-2019-12756
MISC
trusted_boot_project -- trusted_boot A Security Bypass Vulnerability exists in TBOOT before 1.8.2 in the boot loader module when measuring commandline parameters. 2019-11-18 2.1 CVE-2014-5118
MISC
MISC
MISC
MISC
uzbl -- uzbl uzbl: Information disclosure via world-readable cookies storage file 2019-11-19 2.1 CVE-2012-0843
MISC
MISC
MISC
MISC
MISC

zikula_software_foundation -- zikula_application_framework

Zikula 1.3.0 build #3168 and probably prior has XSS flaw due to improper sanitization of the 'themename' parameter by setting default, modifying and deleting themes. A remote attacker with Zikula administrator privilege could use this flaw to execute arbitrary HTML or web script code in the context of the affected website. 2019-11-19 3.5 CVE-2011-3352
MISC
MISC
MISC
Back to top

 

Severity Not Yet Assigned

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
9base -- 9base 9base 1:6-6 and 1:6-7 insecurely creates temporary files which results in predictable filenames. 2019-11-21 not yet calculated CVE-2014-1935
MISC
MISC
MISC
ace -- ace generate_doygen.pl in ace before 6.2.7+dfsg-2 creates predictable file names in the /tmp directory which allows attackers to gain elevated privileges. 2019-11-22 not yet calculated CVE-2014-6311
MISC
MISC
MISC
MISC
angularjs -- angularjs In AngularJS before 1.7.9 the function `merge()` could be tricked into adding or modifying properties of `Object.prototype` using a `__proto__` payload. 2019-11-19 not yet calculated CVE-2019-10768
MISC
apache -- nifi When updating a Process Group via the API in NiFi versions 1.3.0 to 1.9.2, the response to the request includes all of its contents (at the top most level, not recursively). The response included details about processors and controller services which the user may not have had read access to. 2019-11-19 not yet calculated CVE-2019-10083
CONFIRM
apple -- iphone_3gs Apple iPhone 3GS bootrom malloc implementation returns a non-NULL pointer when unable to allocate memory, aka 'alloc8'. An attacker with physical access to the device can install arbitrary firmware. 2019-11-22 not yet calculated CVE-2019-9536
MISC
MISC
asus -- rt-ac66u_firmware Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to execute arbitrary code by providing a long string to the blocking.asp page via a GET or POST request. Vulnerable parameters are flag, mac, and cat_id. 2019-11-21 not yet calculated CVE-2018-8879
MISC
MISC
beckhoff -- twincat_runtime When Beckhoff TwinCAT is configured to use the Profinet driver, a denial of service of the controller could be reached by sending a malformed UDP packet to the device. 2019-11-21 not yet calculated CVE-2019-5637
MISC
CONFIRM
beckhoff -- twincat_runtime When a Beckhoff TwinCAT Runtime receives a malformed UDP packet, the ADS Discovery Service shuts down. Note that the TwinCAT devices are still performing as normal. 2019-11-21 not yet calculated CVE-2019-5636
MISC
CONFIRM
belkin -- linksys_velop_devices Belkin Linksys Velop 1.1.8.192419 devices allows remote attackers to discover the recovery key via a direct request for the /sysinfo_json.cgi URI. 2019-11-21 not yet calculated CVE-2019-16340
MISC
MISC
MISC
blackboard -- blackboard_learn The bb-auth-provider-cas authentication module within Blackboard Learn 2018-07-02 is susceptible to HTTP host header spoofing during Central Authentication Service (CAS) service ticket validation, enabling a phishing attack from the CAS server login page. 2019-11-18 not yet calculated CVE-2018-13257
MISC
centreon -- web Centreon Web 19.04.4 has weak permissions within the OVA (aka VMware virtual machine) and OVF (aka VirtualBox virtual machine) files, allowing attackers to gain privileges via a Trojan horse Centreon-autodisco executable file that is launched by cron. 2019-11-21 not yet calculated CVE-2019-16406
MISC
MISC
centreon -- web Centreon Web 19.04.4 allows Remote Code Execution by an administrator who can modify Macro Expression location settings. 2019-11-21 not yet calculated CVE-2019-16405
MISC
MISC
MISC
chyrp -- chyrp Multiple cross-site scripting (XSS) vulnerabilities in Chyrp before 2.1.2 and before 2.5 Beta 2 allow remote attackers to inject arbitrary web script or HTML via the (1) content parameter to includes/ajax.php or (2) body parameter to includes/error.php. 2019-11-21 not yet calculated CVE-2012-1001
MISC
MISC
MISC
MISC
MISC
MISC
cloud_foundry_foundation -- cloud_foundry_routing Cloud Foundry Routing, all versions before 0.193.0, does not properly validate nonce input. A remote unauthorized malicious user could forge a route service request using an invalid nonce that will cause the Gorouter to crash. 2019-11-19 not yet calculated CVE-2019-11289
CONFIRM
cog -- galaxy_client_service An exploitable local privilege escalation vulnerability exists in the GalaxyClientService installed by GOG Galaxy. Due to Improper Access Control, an attacker can send unauthenticated local TCP packets to the service to gain SYSTEM privileges in Windows system where GOG Galaxy software is installed. All GOG Galaxy versions before 1.2.60 and all corresponding versions of GOG Galaxy 2.0 Beta are affected. 2019-11-21 not yet calculated CVE-2019-15511
MISC
MISC
cumin -- cumin cumin: At installation postgresql database user created without password 2019-11-21 not yet calculated CVE-2012-3460
MISC
MISC
d-link -- dsl-6740u_gateway Multiple cross-site request forgery (CSRF) vulnerabilities in the D-Link DSL-6740U gateway (Rev. H1) allow remote attackers to hijack the authentication of administrators for requests that change administrator credentials or enable remote management services to (1) Custom Services in Port Forwarding, (2) Port Triggering Entries, (3) URL Filters in Parental Control, (4) Print Server settings, (5) QoS Queue Setup, or (6) QoS Classification Entries. 2019-11-22 not yet calculated CVE-2013-6811
MISC
MISC
drupal -- drupal A cross-site request forgery (CSRF) vulnerability in the Activity module 6.x-1.x for Drupal. 2019-11-22 not yet calculated CVE-2012-2079
MISC
MISC
drupal -- drupal Cross-site scripting vulnerability (XSS) in the Quick Tabs module 6.x-2.x before 6.x-2.1, 6.x-3.x before 6.x-3.1, and 7.x-3.x before 7.x-3.3 for Drupal. 2019-11-21 not yet calculated CVE-2012-1637
MISC
MISC
drupal -- drupal Cross-site scripting (XSS) vulnerability in the Activity module 6.x-1.x for Drupal. 2019-11-21 not yet calculated CVE-2012-2078
MISC
MISC
e-deploy -- e-deploy eDeploy through at least 2014-10-14 has remote code execution due to eval() of untrusted data 2019-11-21 not yet calculated CVE-2014-3700
MISC
MISC
embedthis -- goahead Embedthis GoAhead before 5.0.1 mishandles redirected HTTP requests with a large Host header. The GoAhead WebsRedirect uses a static host buffer that has a limited length and can overflow. This can cause a copy of the Host header to fail, leaving that buffer uninitialized, which may leak uninitialized data in a response. 2019-11-22 not yet calculated CVE-2019-19240
MISC
MISC
MISC
eracent -- epa_agent An issue was discovered in Eracent EPA Agent through 10.2.26. The agent executable, when installed for non-root operations (scanning), can be used to start external programs with elevated permissions because of an Untrusted Search Path. 2019-11-22 not yet calculated CVE-2019-17446
CONFIRM
eracent -- multiple_linux_agents An issue was discovered in Eracent EDA, EPA, EPM, EUA, FLW, and SUM Agent through 10.2.26. The agent executable, when installed for non-root operations (scanning), can be forced to copy files from the filesystem to other locations via Symbolic Link Following. 2019-11-22 not yet calculated CVE-2019-17445
CONFIRM
exis-ti -- contexis Cross-site scripting (XSS) vulnerability in the photo gallery model in Exis Contexis before 2.0 allows remote attackers to inject arbitrary web script or HTML via the image parameter in a detail action. 2019-11-22 not yet calculated CVE-2013-6239
MISC
MISC
MISC
flashcanvas -- flashcanvas Open redirect in proxy.php in FlashCanvas before 1.6 allows remote attackers to redirect users to arbitrary web sites and conduct cross-site scripting (XSS) attacks via the HTTP Referer header. 2019-11-22 not yet calculated CVE-2013-6880
MISC
MISC
MISC
MISC
fortinet -- forticlient_for_mac An Improper Neutralization of Special Elements used in a Command vulnerability in one of FortiClient for Mac OS root processes, may allow a local user of the system on which FortiClient is running to execute unauthorized code as root by bypassing a security check. 2019-11-21 not yet calculated CVE-2019-17650
CONFIRM
fortinet -- forticlient_for_mac A clear text storage of sensitive information vulnerability in FortiClient for Mac may allow a local attacker to read sensitive information logged in the console window when the user connects to an SSL VPN Gateway. 2019-11-21 not yet calculated CVE-2019-15704
CONFIRM
fortinet -- fortios Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key. The aforementioned sensitive data includes users' passwords (except the administrator's password), private keys' passphrases and High Availability password (when set). 2019-11-21 not yet calculated CVE-2019-6693
CONFIRM
gitlab -- gitlab GitLab 12.2.3 contains a security vulnerability that allows a user to affect the availability of the service through a Denial of Service attack in Issue Comments. 2019-11-22 not yet calculated CVE-2019-15593
MISC
gnu -- c_library On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program. 2019-11-19 not yet calculated CVE-2019-19126
MISC
gnu -- gnusound gnusound 0.7.5 has format string issue 2019-11-19 not yet calculated CVE-2012-0824
MISC
MISC
MISC
MISC
hotkeyp -- hotkeyp HotkeyP through 4.9 r96 allows privilege escalation in the privilege function in Commands.cpp. 2019-11-21 not yet calculated CVE-2019-18349
MISC
MISC
MISC
hp -- thinpro The VPN software within HP ThinPro does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with root privileges. 2019-11-22 not yet calculated CVE-2019-18909
CONFIRM
hp -- thinpro The Citrix Receiver wrapper function does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with local user privileges. 2019-11-22 not yet calculated CVE-2019-18910
CONFIRM
hp -- thinpro An attacker may be able to bypass the OS application filter meant to restrict applications that can be executed by changing browser preferences to launch a separate process that in turn can execute arbitrary commands. 2019-11-22 not yet calculated CVE-2019-16286
CONFIRM
hp -- thinpro An attacker may be able to leverage the application filter bypass vulnerability to gain privileged access to create a file on the local file system whose presence puts the device in Administrative Mode, which will allow the attacker to executed commands with elevated privileges. 2019-11-22 not yet calculated CVE-2019-16287
CONFIRM
hp -- thinpro If a local user has been configured and logged in, an unauthenticated attacker with physical access may be able to extract sensitive information onto a local drive. 2019-11-22 not yet calculated CVE-2019-16285
CONFIRM
ibm -- tivoli_netcool_impact IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.16 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 166719. 2019-11-22 not yet calculated CVE-2019-4569
XF
CONFIRM
ibm -- tivoli_netcool_impact IBM Tivoli Netcool Impact 7.1.0 through 7.1.0.16 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 166720. 2019-11-22 not yet calculated CVE-2019-4570
XF
CONFIRM
ikiwiki -- ikiwiki Cross-site scripting (XSS) vulnerability in templates/openid-selector.tmpl in ikiwiki before 3.20150329 allows remote attackers to inject arbitrary web script or HTML via the openid_identifier parameter in a verify action to ikiwiki.cgi. 2019-11-21 not yet calculated CVE-2015-2793
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
iobroker -- iobroker.js-controller An attacker can include file contents from outside the `/adapter/xxx/` directory, where `xxx` is the name of an existent adapter like "admin". It is exploited using the administrative web panel with a request for an adapter file. **Note:** The attacker has to be logged in if the authentication is enabled (by default isn't enabled). 2019-11-21 not yet calculated CVE-2019-10767
MISC
jalios -- jcms Jalios JCMS 10 allows attackers to access any part of the website and the WebDAV server with administrative privileges via a backdoor account, by using any username and the hardcoded dev password. 2019-11-21 not yet calculated CVE-2019-19033
MISC
MISC
MISC
jenkins -- jenkins Jenkins Anchore Container Image Scanner Plugin 1.0.19 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. 2019-11-21 not yet calculated CVE-2019-16542
MLIST
CONFIRM
jenkins -- jenkins Jenkins Spira Importer Plugin 3.2.2 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. 2019-11-21 not yet calculated CVE-2019-16543
MLIST
CONFIRM
jenkins -- jenkins Jenkins JIRA Plugin 3.0.10 and earlier does not declare the correct (folder) scope for per-folder Jira site definitions, allowing users to select and use credentials with System scope. 2019-11-21 not yet calculated CVE-2019-16541
MLIST
CONFIRM
jenkins -- jenkins A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.67 and earlier related to the handling of default parameter expressions in closures allowed attackers to execute arbitrary code in sandboxed scripts. 2019-11-21 not yet calculated CVE-2019-16538
MLIST
CONFIRM
joomla! -- joomla! The Mijosoft MijoSearch component 2.0.1 and earlier for Joomla! allows remote attackers to obtain sensitive information via a request to component/mijosearch/search, which reveals the installation path in an error message. 2019-11-22 not yet calculated CVE-2013-6879
MISC
joomla! -- joomla! Cross-site scripting (XSS) vulnerability in the Mijosoft MijoSearch component 2.0.4 and earlier for Joomla! allows remote attackers to inject arbitrary web script or HTML via the query parameter to component/mijosearch/search. 2019-11-22 not yet calculated CVE-2013-6878
MISC
kyrol_security_labs -- kyrol_internet_security IOCTL Handling in the kyrld.sys driver in Kyrol Internet Security 9.0.6.9 allows an attacker to achieve privilege escalation, denial-of-service, and code execution via usermode because 0x9C402401 using METHOD_NEITHER results in a read primitive. 2019-11-21 not yet calculated CVE-2019-19197
MISC
MISC
lexmark -- services_monitor In Lexmark Services Monitor 2.27.4.0.39 (running on TCP port 2070), a remote attacker can use a directory traversal technique using /../../../ or ..%2F..%2F..%2F to obtain local files on the host operating system. 2019-11-21 not yet calculated CVE-2019-16758
MISC
MISC
libarchive -- libarchive In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call. For example, bsdtar crashes via a crafted archive. 2019-11-21 not yet calculated CVE-2019-19221
MISC
MISC
lightdm -- lightdm lightdm before 0.9.6 writes in .dmrc and Xauthority files using root permissions while the files are in user controlled folders. A local user can overwrite root-owned files via a symlink, which can allow possible privilege escalation. 2019-11-19 not yet calculated CVE-2011-3349
MISC
MISC
MISC
MISC
MISC
MISC
linux_foundation -- foomatic-rip_filter foomatic-rip filter, all versions, used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter. 2019-11-19 not yet calculated CVE-2011-2923
MISC
MISC
MISC
MISC
linux_foundation -- foomatic-rip_filter foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter. 2019-11-19 not yet calculated CVE-2011-2924
MISC
MISC
MISC
MISC
MISC
MISC
linux -- linux_kernel In the AppleTalk subsystem in the Linux kernel before 5.1, there is a potential NULL pointer dereference because register_snap_client may return NULL. This will lead to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c, as demonstrated by unregister_snap_client, aka CID-9804501fa122. 2019-11-22 not yet calculated CVE-2019-19227
MISC
MISC
loftek -- nexus_543_ip_camera The Loftek Nexus 543 IP Camera allows remote attackers to obtain (1) IP addresses via a request to get_realip.cgi or (2) firmware versions (ui and system), timestamp, serial number, p2p port number, and wifi status via a request to get_status.cgi. 2019-11-21 not yet calculated CVE-2013-3314
MISC
MISC
MISC
loftek -- nexus_543_ip_camera Directory traversal vulnerability in the Loftek Nexus 543 IP Camera allows remote attackers to read arbitrary files via a .. (dot dot) in the URL of an HTTP GET request. 2019-11-21 not yet calculated CVE-2013-3311
MISC
MISC
MISC
loftek -- nexus_543_ip_camera The Loftek Nexus 543 IP Camera stores passwords in cleartext, which allows remote attackers to obtain sensitive information via an HTTP GET request to check_users.cgi. NOTE: cleartext passwords can also be obtained from proc/kcore when leveraging the directory traversal vulnerability in CVE-2013-3311. 2019-11-21 not yet calculated CVE-2013-3313
MISC
MISC
MISC
loftek -- nexus_543_ip_camera Multiple cross-site request forgery (CSRF) vulnerabilities in the Loftek Nexus 543 IP Camera allow remote attackers to hijack the authentication of unspecified victims for requests that change (1) passwords or (2) firewall configuration, as demonstrated by a request to set_users.cgi. 2019-11-21 not yet calculated CVE-2013-3312
MISC
MISC
masqmail -- masqmail masqmail 0.2.21 through 0.2.30 improperly calls seteuid() in src/log.c and src/masqmail.c that results in improper privilege dropping. 2019-11-19 not yet calculated CVE-2011-3350
MISC
MISC
MISC
mcafee -- client_proxy Authentication Bypass vulnerability in the Microsoft Windows client in McAfee Client Proxy (MCP) prior to 3.0.0 allows local user to bypass scanning of web traffic and gain access to blocked sites for a short period of time via generating an authorization key on the client which should only be generated by the network administrator. 2019-11-22 not yet calculated CVE-2019-3654
MISC
myphpadmin -- myphpadmin An issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack through the designer feature. 2019-11-22 not yet calculated CVE-2019-18622
CONFIRM
naver -- vaccine nsGreen.dll in Naver Vaccine 2.1.4 allows remote attackers to overwrite arbitary files via directory traversal sequences in a filename within nsz archive. 2019-11-22 not yet calculated CVE-2019-13157
CONFIRM
netapp -- ontap_select_deploy ONTAP Select Deploy administration utility versions 2.11.2 through 2.12.2 are susceptible to a code injection vulnerability which when successfully exploited could allow an unauthenticated remote attacker to enable and use a privileged user account. 2019-11-21 not yet calculated CVE-2019-5509
CONFIRM
netapp -- ontap_select_deploy All versions of ONTAP Select Deploy administration utility are susceptible to a vulnerability which when successfully exploited could allow an administrative user to escalate their privileges. 2019-11-21 not yet calculated CVE-2019-17272
CONFIRM
newbee-mall -- newbee-mall main/resources/mapper/NewBeeMallGoodsMapper.xml in newbee-mall (aka New Bee) before 2019-10-23 allows search?goodsCategoryId=&keyword= SQL Injection. 2019-11-18 not yet calculated CVE-2019-19113
MISC
nginx -- nginx nginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle attack (MITM) 2019-11-19 not yet calculated CVE-2011-4968
MISC
MISC
MISC
MISC
MISC
MISC
MISC
nitro_software -- nitro_pro Nitro Pro before 13.2 creates a debug.log file in the directory where a .pdf file is located, if the .pdf document was produced by an OCR operation on the JPEG output of a scanner. Reportedly, this can have a security risk if debug.log is later edited and then executed. 2019-11-21 not yet calculated CVE-2019-18958
MISC
nlnet_labs -- unbound Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in the configuration. 2019-11-19 not yet calculated CVE-2019-18934
MLIST
MISC
MISC
CONFIRM
nsslglobal_technologies -- satlink_vsat_modem_unit_devices The web interface for NSSLGlobal SatLink VSAT Modem Unit (VMU) devices before 18.1.0 doesn't properly sanitize input for error messages, leading to the ability to inject client-side code. 2019-11-22 not yet calculated CVE-2019-15652
MISC
MISC
nusphere -- nusoap nuSOAP before 0.7.3-5 does not properly check the hostname of a cert. 2019-11-19 not yet calculated CVE-2012-6071
MISC
MISC
MISC
MISC
oniguruma -- oniguruma An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read. 2019-11-21 not yet calculated CVE-2019-19203
MISC
MISC
oniguruma -- oniguruma An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch_range_quantifier) in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read. 2019-11-21 not yet calculated CVE-2019-19204
MISC
MISC
openshift-origin-note_gem_for_ruby_on_rails -- openshift-origin-note_gem_for_ruby_on_rails Ruby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and cron.weekly. 2019-11-21 not yet calculated CVE-2014-0084
MISC
openstack -- designate Designate does not enforce the DNS protocol limit concerning record set sizes 2019-11-22 not yet calculated CVE-2015-5694
MISC
MISC
MISC
MISC
ovirt -- ovirt oVirt users with MANIPULATE_STORAGE_DOMAIN permissions can attach a storage domain to any data-center 2019-11-22 not yet calculated CVE-2015-1780
MISC
MISC
owncloud -- owncloud Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.5, 4.0.10, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) unspecified parameters to apps/calendar/ajax/event/new.php or (2) url parameter to apps/bookmarks/ajax/addBookmark.php. 2019-11-22 not yet calculated CVE-2013-0203
MISC
MISC
pagekit -- pagekit A CSRF vulnerability in Pagekit 1.0.17 allows an attacker to upload an arbitrary file by removing the CSRF token from a request. 2019-11-22 not yet calculated CVE-2019-19013
MISC
pannellum -- pannellum In Pannellum from 2.5.0 through 2.5.4 URLs were not sanitized for data URIs (or vbscript:), allowing for potential XSS attacks. Such an attack would require a user to click on a hot spot to execute and would require an attacker-provided configuration. The most plausible potential attack would be if pannellum.htm was hosted on a domain that shared cookies with the targeted site's user authentication; an &lt;iframe&gt; could then be embedded on the attacker's site using pannellum.htm from the targeted site, which would allow the attacker to potentially access information from the targeted site as the authenticated user (or worse if the targeted site did not have adequate CSRF protections) if the user clicked on a hot spot in the attacker's embedded panorama viewer. This was patched in version 2.5.5. 2019-11-22 not yet calculated CVE-2019-16763
MISC
CONFIRM
pivotal -- rabbitmq_and_rabbitmq_for_pcf Pivotal RabbitMQ, 3.7 versions prior to v3.7.20 and 3.8 version prior to v3.8.1, and RabbitMQ for PCF, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain two endpoints, federation and shovel, which do not properly sanitize user input. A remote authenticated malicious user with administrative access could craft a cross site scripting attack via the vhost or node name fields that could grant access to virtual hosts and policy management information. 2019-11-22 not yet calculated CVE-2019-11291
CONFIRM
pivotal -- rabbitmq_and_rabbitmq_for_pivotal_platform Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. The "X-Reason" HTTP Header can be leveraged to insert a malicious Erlang format string that will expand and consume the heap, resulting in the server crashing. 2019-11-23 not yet calculated CVE-2019-11287
CONFIRM
plex -- media_server Plex Media Server 1.18.2.2029-36236cc4c allows remote attackers to bypass intended access control because X-Plex-Token is mishandled, and can be retrieved from Tautulli. 2019-11-18 not yet calculated CVE-2018-21031
MISC
MISC
plow -- plow plow has local buffer overflow vulnerability 2019-11-22 not yet calculated CVE-2012-3407
MISC
MISC
MISC
posh -- posh_portal Multiple cross-site scripting (XSS) vulnerabilities in POSH (aka Posh portal or Portaneo) 3.0 through 3.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) error parameter to /includes/plugins/mobile/scripts/login.php or (2) id parameter to portal/openrssarticle.php 2019-11-22 not yet calculated CVE-2014-2214
MISC
MISC
posh -- posh_portal Open redirect vulnerability in the password reset functionality in POSH 3.0 through 3.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to portal/scr_sendmd5.php. 2019-11-22 not yet calculated CVE-2014-2213
MISC
MISC
MISC
postfixadmin -- postfixadmin PostfixAdmin 2.3.4 has multiple XSS vulnerabilities 2019-11-22 not yet calculated CVE-2012-0812
MISC
MISC
MISC
MISC
MISC
MISC
MISC
powerdns -- authoritative_server PowerDNS Authoritative daemon , all versions pdns 4.1.x before pdns 4.1.10, exiting when encountering a serial between 2^31 and 2^32-1 while trying to notify a slave leads to DoS. 2019-11-22 not yet calculated CVE-2019-10203
CONFIRM
pyxml -- pyxml PyXML: Hash table collisions CPU usage Denial of Service 2019-11-22 not yet calculated CVE-2012-0877
MISC
MISC
MISC
MISC
MISC
qualcomm -- ips Integer overflow to buffer overflow vulnerability in PostScript image handling code used by the PostScript- and PDF-compatible interpreters due to incorrect buffer size calculation. in PostScript and PDF printers that use IPS versions prior to 2019.2 in PostScript and PDF printers that use IPS versions prior to 2019.2 2019-11-21 not yet calculated CVE-2019-10627
CONFIRM
qualcomm -- multiple_products Use after free issue in Xtra daemon shutdown due to static object instance getting freed from a multiple places in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCS605, SDA660, SDA845, SDM450, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR2130 2019-11-21 not yet calculated CVE-2019-10490
CONFIRM
qualcomm -- multiple_products Non Secure Kernel can cause Trustzone to do an arbitrary memory read which will result into DOS in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8017, APQ8053, APQ8096, APQ8096AU, IPQ8074, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, QCA8081, QM215, SDM429, SDM439, SDM450, SDM632, Snapdragon_High_Med_2016 2019-11-21 not yet calculated CVE-2019-2318
CONFIRM
qualcomm -- multiple_products Race condition due to the lack of resource lock which will be concurrently modified in the memcpy statement leads to out of bound access in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8939, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150 2019-11-21 not yet calculated CVE-2019-10486
CONFIRM
qualcomm -- multiple_products Lack of integrity check allows MODEM to accept any NAS messages which can result into authentication bypass of NAS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130 2019-11-21 not yet calculated CVE-2019-2289
CONFIRM
qualcomm -- multiple_products While invoking the API to copy from fd or local buffer to the secure buffer, Parameters being populated are from non secure environment. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, QCS404, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, Snapdragon_High_Med_2016, SXR1130, SXR2130 2019-11-21 not yet calculated CVE-2019-2315
CONFIRM
qualcomm -- multiple_products Improper validation for loop variable received from firmware can lead to out of bound access in WLAN function while iterating through loop in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8096AU, APQ8098, MDM9640, MSM8996AU, MSM8998, QCA6574AU, QCN7605, QCS405, QCS605, SDA845, SDM845, SDX20 2019-11-21 not yet calculated CVE-2019-10535
CONFIRM
qualcomm -- multiple_products Out-of-bounds access can occur in camera driver due to improper validation of array index in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, QCN7605, SDA660, SDM450, SDM630, SDM636, SDM660, SDX20 2019-11-21 not yet calculated CVE-2019-10503
CONFIRM
qualcomm -- multiple_products Possible OOB read issue in P2P action frames while handling WLAN management frame in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8996AU, MSM8998, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS405, QCS605, SDA660, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150 2019-11-21 not yet calculated CVE-2019-2268
CONFIRM
qualcomm -- multiple_products Possible double free issue in kernel while handling the camera sensor and its sub modules power sequence in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MDM9206, MDM9207C, MDM9607, MSM8909, MSM8909W, Nicobar, QCA9980, QCS405, QCS605, SDM845, SDX24, SM7150, SM8150 2019-11-21 not yet calculated CVE-2019-2266
CONFIRM
qualcomm -- multiple_products Subsequent use of the CBO listener may result in further memory corruption due to use after free issue. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, SDX55, SM6150, SM7150, SM8150, SXR2130 2019-11-21 not yet calculated CVE-2019-2336
CONFIRM
qualcomm -- multiple_products Buffer overflow can occur while processing non-standard NAN message from user space. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA660, SDA845, SDM636, SDM660, SDM845, SDX20, SDX24, SM8150 2019-11-21 not yet calculated CVE-2019-2297
CONFIRM
qualcomm -- multiple_products Out of bound access due to lack of check of whiltelist array size while reading the image elf segments. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, QCS605, SDA845, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130 2019-11-21 not yet calculated CVE-2019-2339
CONFIRM
qualcomm -- multiple_products Use after free issue in cleanup routine due to missing pointer sanitization for a failed start of a trusted application. in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, QCS605, SDA845, SDM670, SDM710, SDM845, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130 2019-11-21 not yet calculated CVE-2019-2329
CONFIRM
qualcomm -- multiple_products If a bitmap file is loaded from any un-authenticated source, there is a possibility that the bitmap can potentially cause stack buffer overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8016, APQ8096AU, APQ8098, MDM9205, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, SA6155P, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 2019-11-21 not yet calculated CVE-2019-2251
CONFIRM
qualcomm -- multiple_products Out-of-bounds memory access in Qurt kernel function when using the identifier to access Qurt kernel buffer to retrieve thread data. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8976, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX55, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130 2019-11-21 not yet calculated CVE-2018-13916
CONFIRM
qualcomm -- multiple_products Information disclosure due to lack of address range check done on the SysDBG buffers in SDI code. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, MDM9205, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998, Nicobar, QCS404, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, Snapdragon_High_Med_2016, SXR1130 2019-11-21 not yet calculated CVE-2019-2295
CONFIRM
qualcomm -- multiple_products Buffer over read can happen while parsing downlink session management OTA messages if network sends un-intended values in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130 2019-11-21 not yet calculated CVE-2019-2271
CONFIRM
qualcomm -- multiple_products SNDCP module may access array out side its boundary when it receives malformed XID message. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130 2019-11-21 not yet calculated CVE-2019-2303
CONFIRM
qualcomm -- multiple_products
 
While processing Attach Reject message, Valid exit condition is not met resulting into an infinite loop in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130 2019-11-21 not yet calculated CVE-2019-2335
CONFIRM
qualcomm -- qca6174_9377 Low privilege users can access service configuration which contains registry data that admins uses to create or delete entries in the registry in QCA6174_9377.WIN.1.0 in QCA6174_9377 2019-11-21 not yet calculated CVE-2019-10617
CONFIRM
rconfig -- rconfig rConfig 3.9.2 allows devices.php?searchColumn= SQL injection. 2019-11-21 not yet calculated CVE-2019-19207
MISC
rc -- rc rc before 1.7.1-5 insecurely creates temporary files. 2019-11-21 not yet calculated CVE-2014-1936
MISC
MISC
MISC
red_hat -- ansible-playbook_-k_and_ansible_cli_tools ansible-playbook -k and ansible cli tools, all versions 2.8.x before 2.8.4, all 2.7.x before 2.7.13 and all 2.6.x before 2.6.19, prompt passwords by expanding them from templates as they could contain special characters. Passwords should be wrapped to prevent templates trigger and exposing them. 2019-11-22 not yet calculated CVE-2019-10206
CONFIRM
red_hat -- clouldforms cloudforms version, cloudforms 5.8 and cloudforms 5.9, is vulnerable to a cross-site-scripting. A flaw was found in CloudForms's v2v infrastructure mapping delete feature. A stored cross-site scripting due to improper sanitization of user input in Name field. 2019-11-22 not yet calculated CVE-2018-10854
CONFIRM
red_hat -- redhat-upgrade-tool redhat-upgrade-tool: Does not check GPG signatures when upgrading versions 2019-11-22 not yet calculated CVE-2014-3585
REDHAT
REDHAT
ros -- ros_comm An issue was discovered in the ROS communications-related packages (aka ros_comm or ros-melodic-ros-comm) through 1.14.3. A buffer overflow allows attackers to cause a denial of service and possibly execute arbitrary code via an IP address with a long hostname. 2019-11-22 not yet calculated CVE-2019-13566
MISC
MISC
MISC
ruby_net-ldap_gem_for_ruby_on_rails -- ruby_net-ldap_gem_for_ruby_on_rails The Ruby net-ldap gem before 0.16.2 uses a weak salt when generating SSHA passwords. 2019-11-21 not yet calculated CVE-2014-0083
MISC
MISC
CONFIRM
MISC
sangoma -- asterisk_and_certified_asterisk An issue was discovered in manager.c in Sangoma Asterisk through 13.x, 16.x, 17.x and Certified Asterisk 13.21 through 13.21-cert4. A remote authenticated Asterisk Manager Interface (AMI) user without system authorization could use a specially crafted Originate AMI request to execute arbitrary system commands. 2019-11-22 not yet calculated CVE-2019-18610
MISC
MISC
sangoma -- asterisk_and_certified_asterisk An issue was discovered in channels/chan_sip.c in Sangoma Asterisk 13.x, 16.x, and 17.x, and Certified Asterisk 13.21, because of an incomplete fix for CVE-2019-18351. A SIP request can be sent to Asterisk that can change a SIP peer's IP address. A REGISTER does not need to occur, and calls can be hijacked as a result. The only thing that needs to be known is the peer's name; authentication details such as passwords do not need to be known. This vulnerability is only exploitable when the nat option is set to the default, or auto_force_rport. 2019-11-22 not yet calculated CVE-2019-18790
MISC
MISC
sangoma -- asterisk_and_certified_asterisk An issue was discovered in res_pjsip_t38.c in Sangoma Asterisk through 13.x and Certified Asterisk through 13.21-x. If it receives a re-invite initiating T.38 faxing and has a port of 0 and no c line in the SDP, a NULL pointer dereference and crash will occur. This is different from CVE-2019-18940. 2019-11-22 not yet calculated CVE-2019-18976
CONFIRM
MISC
MISC
MISC
MISC
sangoma -- freepbx Sangoma FreePBX 115.0.16.26 and below, 14.0.13.11 and below, 13.0.197.13 and below have Incorrect Access Control. 2019-11-21 not yet calculated CVE-2019-19006
MISC
MISC
CONFIRM
MISC
schneider_electric -- andover_continuum_devices A CWE-79: Failure to Preserve Web Page Structure vulnerability exists in Andover Continuum (models 9680, 5740 and 5720, bCX4040, bCX9640, 9900, 9940, 9924 and 9702) , which could enable a successful Cross-site Scripting (XSS attack) when using the products web server. 2019-11-20 not yet calculated CVE-2019-6853
CONFIRM
shibboleth -- shibboleth_service_provider Shibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file that calls chown on files in a directory controlled by the service user (the shibd account) after installation. This allows the user to escalate to root by pointing symlinks to files such as /etc/shadow. 2019-11-21 not yet calculated CVE-2019-19191
MISC
MISC
slackbuilds -- slackware Slackware 13.1, 13.37, 14.0 and 14.1 contain world-writable permissions on the iodbctest and iodbctestw programs within the libiodbc package, which could allow local users to use RPATH information to execute arbitrary code with root privileges. 2019-11-21 not yet calculated CVE-2013-7172
MISC
MISC
MISC
MISC
slackbuilds -- slackware_and_slackware_llvm Slackware 14.0 and 14.1, and Slackware LLVM 3.0-i486-2 and 3.3-i486-2, contain world-writable permissions on the /tmp directory which could allow remote attackers to execute arbitrary code with root privileges. 2019-11-21 not yet calculated CVE-2013-7171
MISC
MISC
MISC
MISC
sniffit -- sniffit sniffit 0.3.7 and prior: A configuration file can be leveraged to execute code as root 2019-11-19 not yet calculated CVE-2014-5439
MISC
MISC
spagobi -- spagobi Unrestricted file upload vulnerability in the Worksheet designer in SpagoBI before 4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory, aka "XSS File Upload." 2019-11-22 not yet calculated CVE-2013-6234
MISC
MISC
MISC

symfony -- symfony

An issue was discovered in Symfony before 4.2.12 and 4.3.x before 4.3.8. The VarExport component incorrectly escapes strings, allowing some specially crafted ones to escalate to execution of arbitrary PHP code. This is related to symfony/var-exporter. 2019-11-21 not yet calculated CVE-2019-11325
CONFIRM
MISC
CONFIRM
CONFIRM
symfony -- symfony An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. If an application passes unvalidated user input as the file for which MIME type validation should occur, then arbitrary arguments are passed to the underlying file command. This is related to symfony/http-foundation (and symfony/mime in 4.3.x). 2019-11-21 not yet calculated CVE-2019-18888
CONFIRM
FEDORA
FEDORA
FEDORA
CONFIRM
CONFIRM
symfony -- symfony An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. The UriSigner was subject to timing attacks. This is related to symfony/http-kernel. 2019-11-21 not yet calculated CVE-2019-18887
CONFIRM
FEDORA
FEDORA
FEDORA
CONFIRM
CONFIRM
symfony -- symfony An issue was discovered in Symfony 4.2.0 to 4.2.11 and 4.3.0 to 4.3.7. The ability to enumerate users was possible due to different handling depending on whether the user existed when making unauthorized attempts to use the switch users functionality. This is related to symfony/security. 2019-11-21 not yet calculated CVE-2019-18886
MISC
CONFIRM
MISC
symfony -- symfony An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache. 2019-11-21 not yet calculated CVE-2019-18889
CONFIRM
FEDORA
CONFIRM
CONFIRM
synametrics_technologies -- synaman_and_syncrify_and_syntail Multiple cross-site request forgery (CSRF) vulnerabilities in Synametrics Technologies SynaMan before 3.5 Build 1451, Syncrify before 3.7 Build 856, and SynTail before 1.5 Build 567 2019-11-21 not yet calculated CVE-2015-3140
CONFIRM
CONFIRM
CONFIRM
tenda -- ac9_router_ac1200_smart_dual_band_gigabit_wifi_router An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route (AC9V1.0 Firmware V15.03.05.16multiTRU). A specially crafted HTTP POST request can cause a command injection in the DNS1 post parameters, resulting in code execution. An attacker can send HTTP POST request with command to trigger this vulnerability. 2019-11-21 not yet calculated CVE-2019-5071
MISC
tenda -- ac9_router_ac1200_smart_dual_band_gigabit_wifi_router An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route (AC9V1.0 Firmware V15.03.05.16multiTRU). A specially crafted HTTP POST request can cause a command injection in the DNS2 post parameters, resulting in code execution. An attacker can send HTTP POST request with command to trigger this vulnerability. 2019-11-21 not yet calculated CVE-2019-5072
MISC
videolan -- libbluray libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when expanding JAR files 2019-11-22 not yet calculated CVE-2015-7810
MISC
MISC
MISC
MISC
MISC
vmware -- workstation_and_fusion VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain an information disclosure vulnerability in vmnetdhcp. Successful exploitation of this issue may allow an attacker on a guest VM to disclose sensitive information by leaking memory from the host process. 2019-11-20 not yet calculated CVE-2019-5540
CONFIRM
vmware -- workstation_and_fusion VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain an out-of-bounds write vulnerability in the e1000e virtual network adapter. Successful exploitation of this issue may lead to code execution on the host from the guest or may allow attackers to create a denial-of-service condition on their own VM. 2019-11-20 not yet calculated CVE-2019-5541
CONFIRM
vtiger -- vtiger_crm In Vtiger 7.x before 7.2.0, the My Preferences saving functionality allows a user without administrative privileges to change his own role by adding roleid=H2 to a POST request. 2019-11-21 not yet calculated CVE-2019-19202
MISC
w3edge -- w3_total_cache W3 Total Cache before 0.9.2.5 allows remote attackers to retrieve password hash information due to insecure storage of database cache files. 2019-11-22 not yet calculated CVE-2012-6077
MISC
MISC
MISC
MISC
CONFIRM
w3edge -- w3_total_cache W3 Total Cache before 0.9.2.5 exposes sensitive cached database information which allows remote attackers to download this information via their hash keys. 2019-11-22 not yet calculated CVE-2012-6079
MISC
MISC
MISC
CONFIRM
w3edge -- w3_total_cache W3 Total Cache before 0.9.2.5 generates hash keys insecurely which allows remote attackers to predict the values of the hashes. 2019-11-22 not yet calculated CVE-2012-6078
MISC
MISC
MISC
CONFIRM
wolfssl -- wolfssl wolfssl before 3.2.0 does not properly issue certificates for a server's hostname. 2019-11-21 not yet calculated CVE-2014-2901
MISC
MISC
wolfssl -- wolfssl wolfssl before 3.2.0 has a server certificate that is not properly authorized for server authentication. 2019-11-21 not yet calculated CVE-2014-2904
MISC
MISC
MISC
wolfssl -- wolfssl wolfssl before 3.2.0 does not properly authorize CA certificate for signing other certificates. 2019-11-21 not yet calculated CVE-2014-2902
MISC
MISC
MISC
xcfa -- xcfa xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary files. 2019-11-21 not yet calculated CVE-2014-5254
MISC
MISC
MISC
MISC
MISC
xcfa -- xcfa xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary files. Note: A different vulnerability than CVE-2014-5254. 2019-11-21 not yet calculated CVE-2014-5255
MISC
MISC
MISC
MISC
MISC
MISC
xcftools -- xcftools An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools, version 1.0.7. An integer overflow can occur while walking through tiles that could be exploited to corrupt memory and execute arbitrary code. In order to trigger this vulnerability, a victim would need to open a specially crafted XCF file. 2019-11-21 not yet calculated CVE-2019-5086
MISC
MISC
xcftools -- xcftools An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools 1.0.7. An integer overflow can occur while calculating the row's allocation size, that could be exploited to corrupt memory and eventually execute arbitrary code. In order to trigger this vulnerability, a victim would need to open a specially crafted XCF file. 2019-11-21 not yet calculated CVE-2019-5087
MISC
MISC
xlockmore -- xlockmore xlockmore before 5.43 'dclock' security bypass vulnerability 2019-11-21 not yet calculated CVE-2012-4524
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
zhone -- znid_2426a The web administrative portal in Zhone zNID 2426A before S3.0.501 allows remote authenticated users to bypass intended access restrictions via a modified server response, related to an insecure direct object reference. 2019-11-21 not yet calculated CVE-2014-8356
MISC
MISC
MISC
zoho_manageengine -- opmanager_and_firewall_analyzer Incorrect file permissions on the packaged Nipper executable file in Zoho ManageEngine OpManager 12.4.072 and Firewall Analyzer 12.4.072 allow local users to elevate privileges to root by overwriting this file with a malicious payload. 2019-11-21 not yet calculated CVE-2019-17421
MISC
MISC
zte -- xscdn_iamweb The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a code injection vulnerability. An attacker could exploit the vulnerability to inject malicious code into the management page, resulting in users? information leakage. 2019-11-22 not yet calculated CVE-2019-3427
CONFIRM
zte -- zxcdn_iamweb The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a configuration error vulnerability. An attacker could directly access the management portal in HTTP, resulting in users? information leakage. 2019-11-22 not yet calculated CVE-2019-3428
CONFIRM
zulip -- zulip_server In Zulip Server versions from 1.7.0 to before 2.0.7, a bug in the new user signup process meant that users who registered their account using social authentication (e.g., GitHub or Google SSO) in an organization that also allows password authentication could have their personal API key stolen by an unprivileged attacker, allowing nearly full access to the user's account. 2019-11-21 not yet calculated CVE-2019-18933
CONFIRM
MISC
Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No