Bulletin (SB19-364)

Vulnerability Summary for the Week of December 23, 2019

The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High: vulnerabilities with a CVSS base score of 7.0–10.0
  • Medium: vulnerabilities with a CVSS base score of 4.0–6.9
  • Low: vulnerabilities with a CVSS base score of 0.0–3.9

Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.

 

The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

High Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
handlebars -- handlebars Versions of handlebars prior to 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Object's __proto__ and __defineGetter__ properties, which may allow an attacker to execute arbitrary code through crafted payloads. 2019-12-20 7.5 CVE-2019-19919
MISC
Back to top

 

Medium Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
huawei -- elle-al00b_smart_phones Huawei smart phones with earlier versions than ELLE-AL00B 9.1.0.222(C00E220R2P1) have a buffer overflow vulnerability. An attacker may intercept and tamper with the packet in the local area network (LAN) to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal. 2019-12-23 5.8 CVE-2019-5276
CONFIRM
huawei -- p30_smartphones Huawei Share function in P30 9.1.0.193(C00E190R2P1) smartphone has an improper access control vulnerability. The function incorrectly controls certain access messages, attackers can simulate a sender to steal P2P network information. Successful exploit may cause information leakage. 2019-12-23 5 CVE-2019-5265
CONFIRM
huawei -- p30_smartphones Huawei Share function in P30 9.1.0.193(C00E190R2P1) smartphone has an insufficient input validation vulnerability. Attackers can exploit this vulnerability by sending crafted packets to the affected device. Successful exploit may cause the function will be disabled. 2019-12-23 5 CVE-2019-5266
CONFIRM
ibm -- cognos_analytics IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 159356. 2019-12-20 4.3 CVE-2019-4231
XF
CONFIRM
ibm -- cognos_business_intelligence IBM Cognos Business Intelligence 10.2.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 153179. 2019-12-20 6.8 CVE-2018-1934
XF
CONFIRM
ibm -- financial_transaction_manager IBM Financial Transaction Manager 3.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 172706. 2019-12-20 4.3 CVE-2019-4736
XF
CONFIRM
ibm -- financial_transaction_manager IBM Financial Transaction Manager 3.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 172877. 2019-12-20 4.3 CVE-2019-4742
XF
CONFIRM
ibm -- financial_transaction_manager IBM Financial Transaction Manager 3.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 172880. 2019-12-20 4.3 CVE-2019-4743
XF
CONFIRM
ibm -- financial_transaction_manager IBM Financial Transaction Manager 3.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 172882. 2019-12-20 4.3 CVE-2019-4744
XF
CONFIRM
lout -- lout Lout 3.40 has a buffer overflow in the StringQuotedWord() function in z39.c. 2019-12-20 6.8 CVE-2019-19917
MISC
lout -- lout Lout 3.40 has a heap-based buffer overflow in the srcnext() function in z02.c. 2019-12-20 6.8 CVE-2019-19918
MISC
Back to top

 

Low Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
huawei -- oceanstor_sns3096 Huawei OceanStor SNS3096 V100R002C01 have an information disclosure vulnerability. Attackers with low privilege can exploit this vulnerability by performing some specific operations. Successful exploit of this vulnerability can cause some information disclosure. 2019-12-23 2.1 CVE-2019-5267
CONFIRM
ibm -- cognos_analytics IBM Cognos Analytics 11.0 and 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 166204. 2019-12-20 3.5 CVE-2019-4555
XF
CONFIRM
Back to top

 

Severity Not Yet Assigned

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
abcprintf -- upload-image-with-ajax Due to a logic error in the code, upload-image-with-ajax v1.0 allows arbitrary files to be uploaded to the web root allowing code execution. 2019-12-23 not yet calculated CVE-2019-8293
MLIST
MISC
alcatel-lucent_enterprise -- omnivista_4760_and_8770_devices An issue was discovered on Alcatel-Lucent OmniVista 4760 devices, and 8770 devices before 4.1.2. An incorrect web server configuration allows a remote unauthenticated attacker to retrieve the content of its own session files. Every session file contains the administrative LDAP credentials encoded in a reversible format. Sessions are stored in /sessions/sess_<sessionid>. 2019-12-27 not yet calculated CVE-2019-20047
MISC
MISC
MISC
MISC
alcatel-lucent_enterprise -- omnivista_4760_devices An issue was discovered on Alcatel-Lucent OmniVista 4760 devices. A remote unauthenticated attacker can chain a directory traversal (which helps to bypass authentication) with an insecure file upload to achieve Remote Code Execution as SYSTEM. The directory traversal is in the __construct() whereas the insecure file upload is in SetSkinImages(). 2019-12-27 not yet calculated CVE-2019-20049
MISC
MISC
MISC
MISC
alcatel-lucent_enterprise -- omnivista_8770_devices An issue was discovered on Alcatel-Lucent OmniVista 8770 devices before 4.1.2. An authenticated remote attacker, with elevated privileges in the Web Directory component on port 389, may upload a PHP file to achieve Remote Code Execution as SYSTEM. 2019-12-27 not yet calculated CVE-2019-20048
MISC
MISC
MISC
MISC
apache -- tomcat When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker could perform a session fixation attack. The window was considered too narrow for an exploit to be practical but, erring on the side of caution, this issue has been treated as a security vulnerability. 2019-12-23 not yet calculated CVE-2019-17563
CONFIRM
BUGTRAQ
DEBIAN
apache -- tomcat When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0.97 is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack to capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and gain complete control over the Tomcat instance. 2019-12-23 not yet calculated CVE-2019-12418
CONFIRM
BUGTRAQ
DEBIAN
appleple -- a-blog_cms a-blog cms versions prior to Ver.2.10.23 (Ver.2.10.x), Ver.2.9.26 (Ver.2.9.x), and Ver.2.8.64 (Ver.2.8.x) allows arbitrary scripts to be executed in the context of the application due to unspecified vectors. 2019-12-26 not yet calculated CVE-2019-6034
MISC
MISC
appleple -- a-blog_cms Cross-site scripting vulnerability in a-blog cms versions prior to Ver.2.10.23 (Ver.2.10.x), Ver.2.9.26 (Ver.2.9.x), and Ver.2.8.64 (Ver.2.8.x) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2019-12-26 not yet calculated CVE-2019-6033
MISC
MISC
archery -- archery In Archery before 1.3, inserting an XSS payload into a project name (either by creating a new project or editing an existing one) will result in stored XSS on the vulnerability-scan scheduling page. 2019-12-26 not yet calculated CVE-2019-20008
MISC
MISC
MISC
artica -- pandora_fms Pandora FMS 7.x suffers from remote code execution vulnerability. With an authenticated user who can modify the alert system, it is possible to define and execute Commands in the context of the Application. 2019-12-26 not yet calculated CVE-2019-19681
MISC
avtech -- avn801_dvr AVTECH AVN801 DVR has a security bypass via the administration login captcha 2019-12-27 not yet calculated CVE-2013-4982
MISC
MISC
MISC
belkin -- f5d8236-4_wireless_router An authentication bypass exists in the web management interface in Belkin F5D8236-4 v2. 2019-12-26 not yet calculated CVE-2013-3085
MISC
belkin -- n900_router Belkin N900 router (F9K1104v1) contains an Authentication Bypass using "Javascript debugging". 2019-12-26 not yet calculated CVE-2013-3088
MISC
MISC
bullguard -- premium_protection The malware scan function in BullGuard Premium Protection 20.0.371.8 has a TOCTOU issue that enables a symbolic link attack, allowing privileged files to be deleted. 2019-12-26 not yet calculated CVE-2019-20000
MISC
check_point -- endpoint_security_client_for_windows A denial of service vulnerability was reported in Check Point Endpoint Security Client for Windows before E82.10, that could allow service log file to be written to non-standard locations. 2019-12-23 not yet calculated CVE-2019-8463
CONFIRM
citrix -- application_delivery_controller_and_gateway An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal. 2019-12-27 not yet calculated CVE-2019-19781
CONFIRM
crushftp -- crushftp CrushFTP through 8.3.0 is vulnerable to credentials theft via URL redirection. 2019-12-26 not yet calculated CVE-2018-18288
MISC
MISC
cybozu -- cybozu_office Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.3 allows remote authenticated attackers to alter arbitrary files via the 'Customapp' function. 2019-12-26 not yet calculated CVE-2019-6022
MISC
MISC
cybozu -- cybozu_office Cybozu Office 10.0.0 to 10.8.3 allows remote authenticated attackers to bypass access restriction which may result in obtaining data without access privileges via the application 'Address'. 2019-12-26 not yet calculated CVE-2019-6023
MISC
MISC
d-link -- dba-1510P_firmware DBA-1510P firmware 1.70b009 and earlier allows authenticated attackers to execute arbitrary OS commands via Command Line Interface (CLI). 2019-12-26 not yet calculated CVE-2019-6013
MISC
MISC
d-link -- dba-1510P_firmware DBA-1510P firmware 1.70b009 and earlier allows an attacker to execute arbitrary OS commands via Web User Interface. 2019-12-26 not yet calculated CVE-2019-6014
MISC
MISC
d-link -- dir-601_b1_devices D-Link DIR-601 B1 2.00NA devices have CSRF because no anti-CSRF token is implemented. A remote attacker could exploit this in conjunction with CVE-2019-16327 to enable remote router management and device compromise. NOTE: this is an end-of-life product. 2019-12-26 not yet calculated CVE-2019-16326
MISC
d-link -- dir-601_devices D-Link DIR-601 B1 2.00NA devices are vulnerable to authentication bypass. They do not check for authentication at the server side and rely on client-side validation, which is bypassable. NOTE: this is an end-of-life product. 2019-12-26 not yet calculated CVE-2019-16327
MISC
d-link -- dwr-113_wifi_router Cross-site request forgery (CSRF) vulnerability in D-Link DWR-113 (Rev. Ax) with firmware before 2.03b02 allows remote attackers to hijack the authentication of administrators for requests that change the admin password via unspecified vectors. 2019-12-27 not yet calculated CVE-2014-3136
XF
MISC
BID
debian -- debian-edu-config Debian-edu-config all versions < 2.11.10, a set of configuration files used for Debian Edu, and debian-lan-config < 0.26, configured too permissive ACLs for the Kerberos admin server, which allowed password changes for other Kerberos user principals. 2019-12-23 not yet calculated CVE-2019-3467
MISC
CONFIRM
MLIST
BUGTRAQ
BUGTRAQ
CONFIRM
DEBIAN
DEBIAN
electronic_arts -- karotz_api Karotz API 12.07.19.00: Session Token Information Disclosure 2019-12-27 not yet calculated CVE-2013-4868
MISC
MISC
MISC
electronic_arts -- karotz_smart_rabbit Electronic Arts Karotz Smart Rabbit 12.07.19.00 allows Python module hijacking 2019-12-27 not yet calculated CVE-2013-4867
MISC
MISC
equinox -- control_expert Equinox Control Expert all versions, is vulnerable to an SQL injection attack, which may allow an attacker to remotely execute arbitrary code. 2019-12-23 not yet calculated CVE-2019-18234
MISC
ezxml -- ezxml An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing a crafted XML file, performs incorrect memory handling, leading to a heap-based buffer over-read while running strchr() starting with a pointer after a '\0' character (where the processing of a string was finished). 2019-12-26 not yet calculated CVE-2019-20005
MISC
ezxml -- ezxml An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_char_content puts a pointer to the internal address of a larger block as xml->txt. This is later deallocated (using free), leading to a segmentation fault. 2019-12-26 not yet calculated CVE-2019-20006
MISC
ezxml -- ezxml
 
An issue was discovered in ezXML 0.8.2 through 0.8.6. The function ezxml_str2utf8, while parsing a crafted XML file, performs zero-length reallocation in ezxml.c, leading to returning a NULL pointer (in some compilers). After this, the function ezxml_parse_str does not check whether the s variable is not NULL in ezxml.c, leading to a NULL pointer dereference and crash (segmentation fault). 2019-12-26 not yet calculated CVE-2019-20007
MISC
f5 -- big-ip On BIG-IP versions 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5, while processing traffic through a standard virtual server that targets a FastL4 virtual server (VIP on VIP), hardware appliances may stop responding. 2019-12-23 not yet calculated CVE-2019-6680
CONFIRM
f5 -- big-ip On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, the Traffic Management Microkernel (TMM) might stop responding after the total number of diameter connections and pending messages on a single virtual server has reached 32K. 2019-12-23 not yet calculated CVE-2019-6686
CONFIRM
f5 -- big-ip On BIG-IP versions 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.5, under certain conditions when using custom TCP congestion control settings in a TCP profile, TMM stops processing traffic when processed by an iRule. 2019-12-23 not yet calculated CVE-2019-6677
CONFIRM
f5 -- big-ip On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, users with access to edit iRules are able to create iRules which can lead to an elevation of privilege, configuration modification, and arbitrary system command execution. 2019-12-23 not yet calculated CVE-2019-6685
CONFIRM
f5 -- big-ip On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.5, a memory leak in Multicast Forwarding Cache (MFC) handling in tmrouted. 2019-12-23 not yet calculated CVE-2019-6681
CONFIRM
f5 -- big-ip On BIG-IP versions 15.0.0-15.0.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, the TMM process may restart when the packet filter feature is enabled. 2019-12-23 not yet calculated CVE-2019-6678
CONFIRM
f5 -- big-ip On BIG-IP versions 15.0.0-15.0.1, 14.1.0.2-14.1.2.2, 14.0.0.5-14.0.1, 13.1.1.5-13.1.3.1, 12.1.4.1-12.1.5, 11.6.4-11.6.5, and 11.5.9-11.5.10, the access controls implemented by scp.whitelist and scp.blacklist are not properly enforced for paths that are symlinks. This allows authenticated users with SCP access to overwrite certain configuration files that would otherwise be restricted. 2019-12-23 not yet calculated CVE-2019-6679
CONFIRM
f5 -- big-ip_and_big-iq On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5 and BIG-IQ versions 6.0.0-6.1.0 and 5.2.0-5.4.0, a user is able to obtain the secret that was being used to encrypt a BIG-IP UCS backup file while sending SNMP query to the BIG-IP or BIG-IQ system, however the user can not access to the UCS files. 2019-12-23 not yet calculated CVE-2019-6688
CONFIRM
f5 -- big-ip_apm On versions 15.0.0-15.0.1.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, the BIG-IP APM system logs the client-session-id when a per-session policy is attached to the virtual server with debug logging enabled. 2019-12-23 not yet calculated CVE-2019-19150
CONFIRM
f5 -- big-ip_asm On versions 15.0.0-15.0.1.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, the BIG-IP ASM system may consume excessive resources when processing certain types of HTTP responses from the origin web server. This vulnerability is only known to affect resource-constrained systems in which the security policy is configured with response-side features, such as Data Guard or response-side learning. 2019-12-23 not yet calculated CVE-2019-6682
CONFIRM
f5 -- big-ip_asm On versions 15.0.0-15.0.1.1, the BIG-IP ASM Cloud Security Services profile uses a built-in verification mechanism that fails to properly authenticate the X.509 certificate of remote endpoints. 2019-12-23 not yet calculated CVE-2019-6687
CONFIRM
f5 -- big-ip_virtual_clustered_multiprocessing On versions 15.0.0-15.0.1.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, under certain conditions, a multi-bladed BIG-IP Virtual Clustered Multiprocessing (vCMP) may drop broadcast packets when they are rebroadcast to the vCMP guest secondary blades. An attacker can leverage the fragmented broadcast IP packets to perform any type of fragmentation-based attack. 2019-12-23 not yet calculated CVE-2019-6684
CONFIRM
f5 -- big-ip_virtual_edition On versions 15.0.0-15.0.1, 14.0.0-14.1.2.2, and 13.1.0-13.1.3.1, TMM may restart on BIG-IP Virtual Edition (VE) when using virtio direct descriptors and packets 2 KB or larger. 2019-12-23 not yet calculated CVE-2019-6676
CONFIRM
f5 -- big-ip_virtual_servers On versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, BIG-IP virtual servers with Loose Initiation enabled on a FastL4 profile may be subject to excessive flow usage under undisclosed conditions. 2019-12-23 not yet calculated CVE-2019-6683
CONFIRM
f5 -- multiple_products On BIG-IP versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, BIG-IQ versions 7.0.0, 6.0.0-6.1.0, and 5.0.0-5.4.0, iWorkflow version 2.3.0, and Enterprise Manager version 3.1.1, authenticated users granted TMOS Shell (tmsh) privileges are able access objects on the file system which would normally be disallowed by tmsh restrictions. This allows for authenticated, low privileged attackers to access objects on the file system which would not normally be allowed. 2019-12-23 not yet calculated CVE-2019-19151
CONFIRM
fermax -- outdoor_panel An access control weakness in the DTMF tone receiver of Fermax Outdoor Panel allows physical attackers to inject a Dual-Tone-Multi-Frequency (DTMF) tone to invoke an access grant that would allow physical access to a restricted floor/level. By design, only a residential unit owner may allow such an access grant. However, due to incorrect access control, an attacker could inject it via the speaker unit to perform an access grant to gain unauthorized access, as demonstrated by a loud DTMF tone representing '1' and a long '#' (697 Hz and 1209 Hz, followed by 941 Hz and 1477 Hz). 2019-12-24 not yet calculated CVE-2017-16778
MISC
forcepoint -- ngfw_security_management_center Forcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12 or 6.7.1 have a rare issue that in specific circumstances can corrupt the internal configuration database. When the database is corrupted, the SMC might produce an incorrect IPsec configuration for the Forcepoint Next Generation Firewall (NGFW), possibly resulting in settings that are weaker than expected. All SMC versions lower than 6.5.12 or 6.7.1 are vulnerable. 2019-12-23 not yet calculated CVE-2019-6147
CONFIRM
forum_software -- reviewboard ReviewBoard 1.6.17 allows code execution by attaching PHP scripts to review request 2019-12-27 not yet calculated CVE-2013-4796
MISC
MISC
gitlab -- community_and_enterprise_edition An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control (issue 2 of 6). 2019-12-26 not yet calculated CVE-2018-20492
MISC
MISC
gnome -- libxml2 xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs. 2019-12-24 not yet calculated CVE-2019-19956
MISC
MLIST
gnu -- libredwg An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decode_R13_R2000 in decode.c. 2019-12-27 not yet calculated CVE-2019-20011
MISC
MISC
gnu -- libredwg An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c. 2019-12-27 not yet calculated CVE-2019-20014
MISC
MISC
MISC
gnu -- libredwg An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_HATCH_private in dwg.spec. 2019-12-27 not yet calculated CVE-2019-20012
MISC
MISC
gnu -- libredwg An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_SPLINE_private in dwg.spec. 2019-12-27 not yet calculated CVE-2019-20009
MISC
MISC
MISC
gnu -- libredwg An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolve_objectref_vector in decode.c. 2019-12-27 not yet calculated CVE-2019-20010
MISC
MISC
gnu -- libredwg An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_LWPOLYLINE_private in dwg.spec. 2019-12-27 not yet calculated CVE-2019-20015
MISC
MISC
gnu -- libredwg An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode_3dsolid in dwg.spec. 2019-12-27 not yet calculated CVE-2019-20013
MISC
MISC
MISC
graphicsmagick -- graphicsmagick In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c. 2019-12-24 not yet calculated CVE-2019-19953
MISC
MISC
graphicsmagick -- graphicsmagick In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c. 2019-12-24 not yet calculated CVE-2019-19951
MISC
MISC
graphicsmagick -- graphicsmagick In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c. 2019-12-24 not yet calculated CVE-2019-19950
MISC
MISC
halo -- halo Halo before 1.2.0-beta.1 allows Server Side Template Injection (SSTI) because TemplateClassResolver.SAFER_RESOLVER is not used in the FreeMarker configuration. 2019-12-26 not yet calculated CVE-2019-19999
MISC
MISC
MISC
hikvision -- ds-2cd7153-e_ip_camera Hikvision DS-2CD7153-E IP Camera has Privilege Escalation 2019-12-27 not yet calculated CVE-2013-4975
MISC
MISC
MISC
hikvision -- ds-2cd7153-e_ip_camera Hikvision DS-2CD7153-E IP Camera has security bypass via hardcoded credentials 2019-12-27 not yet calculated CVE-2013-4976
MISC
MISC
MISC
huawei -- m5_lite_10 M5 lite 10 with versions of 8.0.0.182(C00) have an insufficient input validation vulnerability. Due to the input validation logic is incorrect, an attacker can exploit this vulnerability to modify the memory of the device by doing a series of operations. Successful exploit may lead to malicious code execution. 2019-12-26 not yet calculated CVE-2019-19398
CONFIRM
huawei -- usg9500_devices USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in an infinite loop, an attacker may exploit the vulnerability via a malicious certificate to perform a denial of service attack on the affected products. 2019-12-26 not yet calculated CVE-2019-5274
CONFIRM
huawei -- usg9500_devices USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in a heap buffer overflow when decoding a certificate, an attacker may exploit the vulnerability by a malicious certificate to perform a denial of service attack on the affected products. 2019-12-26 not yet calculated CVE-2019-5275
CONFIRM
huawei -- usg9500_devices USG9500 with versions of V500R001C30;V500R001C60 have a missing integrity checking vulnerability. The software of the affected products does not check the integrity which may allow an attacker with high privilege to make malicious modifications without detection. 2019-12-26 not yet calculated CVE-2019-5272
CONFIRM
huawei -- usg9500_devices USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in a large heap buffer overrun error, an attacker may exploit the vulnerability by a malicious certificate, resulting a denial of service on the affected products. 2019-12-26 not yet calculated CVE-2019-5273
CONFIRM
imagemagick -- imagemagick In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c. 2019-12-24 not yet calculated CVE-2019-19948
MISC
MLIST
imagemagick -- imagemagick In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to ReadOneMNGImage. 2019-12-24 not yet calculated CVE-2019-19952
MISC
imagemagick -- imagemagick In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare. 2019-12-24 not yet calculated CVE-2019-19949
MISC
MLIST
information-technology_promotion_agency -- stamp_workbench_installer Untrusted search path vulnerability in STAMP Workbench installer all versions allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. 2019-12-26 not yet calculated CVE-2019-6019
MISC
MISC
insteon -- insteon_hub INSTEON Hub 2242-222 lacks Web and API authentication 2019-12-27 not yet calculated CVE-2013-4859
MISC
MISC
intelbras -- iwr_3000n_devices A CSRF issue was discovered on Intelbras IWR 3000N 1.8.7 devices, leading to complete control of the router, as demonstrated by v1/system/user. 2019-12-26 not yet calculated CVE-2019-19995
MISC
intelbras -- iwr_3000n_devices An issue was discovered on Intelbras IWR 3000N 1.8.7 devices. A malformed login request allows remote attackers to cause a denial of service (reboot), as demonstrated by JSON misparsing of the \""} string to v1/system/login. 2019-12-26 not yet calculated CVE-2019-19996
MISC
jetbrains -- ktor_framework JetBrains Ktor framework before version 1.2.6 was vulnerable to HTTP Response Splitting. 2019-12-26 not yet calculated CVE-2019-19389
MISC
MISC
joomla! -- joomla! Xorbin Analog Flash Clock 1.0 extension for Joomia has XSS 2019-12-27 not yet calculated CVE-2013-4692
MISC
MISC
MISC
k7_computing -- ultimate_security In K7 Ultimate Security 16.0.0117, the module K7BKCExt.dll (aka the backup module) improperly validates the administrative privileges of the user, allowing an arbitrary file write via a symbolic link attack with file restoration functionality. 2019-12-27 not yet calculated CVE-2019-16896
MISC
MISC
kinza -- kinza_for_windows Cross-site scripting vulnerability in KINZA for Windows version 5.9.2 and earlier and for Mac version 5.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via RSS reader. 2019-12-26 not yet calculated CVE-2019-6031
MISC
MISC
libesmtp -- libesmtp libESMTP through 1.0.6 mishandles domain copying into a fixed-size buffer in ntlm_build_type_2 in ntlm/ntlmstruct.c, as demonstrated by a stack-based buffer over-read. 2019-12-26 not yet calculated CVE-2019-19977
MISC
MISC
MISC
libiec61850 -- libiec61850 In libIEC61850 1.4.0, MmsValue_newOctetString in mms/iso_mms/common/mms_value.c has an integer signedness error that can lead to an attempted excessive memory allocation. 2019-12-23 not yet calculated CVE-2019-19930
MISC
libiec61850 -- libiec61850 In libIEC61850 1.4.0, BerDecoder_decodeUint32 in mms/asn1/ber_decode.c has an out-of-bounds read, related to intLen and bufPos. 2019-12-23 not yet calculated CVE-2019-19944
MISC
libiec61850 -- libiec61850 In libIEC61850 1.4.0, MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c has a heap-based buffer overflow. 2019-12-23 not yet calculated CVE-2019-19931
MISC
libiec61850 -- libiec61850 In libIEC61850 1.4.0, StringUtils_createStringFromBuffer in common/string_utilities.c has an integer signedness issue that could lead to an attempted excessive memory allocation and denial of service. 2019-12-24 not yet calculated CVE-2019-19958
MISC
libiec61850 -- libiec61850 In libIEC61850 1.4.0, getNumberOfElements in mms/iso_mms/server/mms_access_result.c has an out-of-bounds read vulnerability, related to bufPos and elementLength. 2019-12-24 not yet calculated CVE-2019-19957
MISC
libsixel_project -- libsixel A memory leak was discovered in image_buffer_resize in fromsixel.c in libsixel 1.8.4. 2019-12-27 not yet calculated CVE-2019-20023
MISC
libsixel_project -- libsixel A heap-based buffer overflow was discovered in image_buffer_resize in fromsixel.c in libsixel before 1.8.4. 2019-12-27 not yet calculated CVE-2019-20024
MISC
libsixel_project -- libsixel An invalid memory address dereference was discovered in load_pnm in frompnm.c in libsixel before 1.8.3. 2019-12-27 not yet calculated CVE-2019-20022
MISC
linux -- linux_kernel In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655. 2019-12-25 not yet calculated CVE-2019-19966
MISC
MISC
linux -- linux_kernel In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5. 2019-12-25 not yet calculated CVE-2019-19965
MISC
linux -- linux_kernel In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c. 2019-12-24 not yet calculated CVE-2019-19947
MLIST
MISC
linux -- linux_kernel In the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka CID-23da9588037e. 2019-12-28 not yet calculated CVE-2019-20054
MISC
MISC
MISC
MISC
linux -- linux_kernel An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to different denial-of-service scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already existing clients in other nearby APs of the same wireless infrastructure. An attacker can forge Authentication and Association Request packets to trigger this vulnerability. 2019-12-23 not yet calculated CVE-2019-5108
MISC
linux -- linux_kernel kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1. (In other words, although this slice expiration would typically be seen with benign workloads, it is possible that an attacker could calculate how many stray requests are required to force an entire Kubernetes cluster into a low-performance state caused by slice expiration, and ensure that a DDoS attack sent that number of stray requests. An attack does not affect the stability of the kernel; it only causes mismanagement of application execution.) 2019-12-22 not yet calculated CVE-2019-19922
MISC
MISC
MISC
MISC
MISC
livefyre -- livecomments Cross-site scripting (XSS) vulnerability in Livefyre LiveComments 3.0 allows remote attackers to inject arbitrary web script or HTML via the name of an uploaded picture. 2019-12-27 not yet calculated CVE-2014-6420
MISC
XF
magnolia_international -- magnolia_cms Magnolia CMS before 4.5.9 has multiple access bypass vulnerabilities 2019-12-27 not yet calculated CVE-2013-4621
MISC
MISC
malwarebytes -- adwcleaner An Untrusted Search Path vulnerability in Malwarebytes AdwCleaner before 8.0.1 could cause arbitrary code execution with SYSTEM privileges when a malicious DLL library is loaded by the product. 2019-12-23 not yet calculated CVE-2019-19929
MISC
MISC
MISC
mongo-express -- mongo-express mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method. A misuse of the `vm` dependency to perform `exec` commands in a non-safe environment. 2019-12-24 not yet calculated CVE-2019-10758
MISC
motex -- multiple_products Privilege escalation vulnerability in Multiple MOTEX products (LanScope Cat client program (MR) and LanScope Cat client program (MR)LanScope Cat detection agent (DA) prior to Ver.9.2.1.0, LanScope Cat server monitoring agent (SA, SAE) prior to Ver.9.2.2.0, LanScope An prior to Ver 2.7.7.0 (LanScope An 2 series), and LanScope An prior to Ver 3.0.8.1 (LanScope An 3 series)) allow authenticated attackers to obtain unauthorized privileges and execute arbitrary code. 2019-12-26 not yet calculated CVE-2019-6026
MISC
MISC
movable_type -- multiple_products Open redirect vulnerability in Movable Type series Movable Type 7 r.4602 (7.1.3) and earlier (Movable Type 7), Movable Type 6.5.0 and 6.5.1 (Movable Type 6.5), Movable Type 6.3.9 and earlier (Movable Type 6.3.x, 6.2.x, 6.1.x, 6.0.x), Movable Type Advanced 7 r.4602 (7.1.3) and earlier (Movable Type 7), Movable Type Advanced 6.5.0 and 6.5.1 (Movable Type 6.5), Movable Type Advanced 6.3.9 and earlier (Movable Type 6.3.x, 6.2.x, 6.1.x, 6.0.x), Movable Type Premium 1.24 and earlier (Movable Type Premium), and Movable Type Premium (Advanced Edition) 1.24 and earlier (Movable Type Premium) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL. 2019-12-26 not yet calculated CVE-2019-6025
MISC
MISC
netcommons -- netcommons Cross-site scripting vulnerability in NetCommons 3.2.2 and earlier (NetCommons3.x) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2019-12-26 not yet calculated CVE-2019-6018
MISC
MISC
nippon_television_network_corporation -- ntv_news24_app The NTV News24 prior to Ver.3.0.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. 2019-12-26 not yet calculated CVE-2019-6032
MISC
MISC
nvidia -- geforce_experience NVIDIA GeForce Experience, all versions prior to 3.20.2, contains a vulnerability when GameStream is enabled in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges. 2019-12-24 not yet calculated CVE-2019-5702
CONFIRM
open_dynamics -- collabtive Collabtive 1.0 has incorrect access control 2019-12-27 not yet calculated CVE-2013-5027
MISC
open_tftp_server_mt -- open_tftp_server_mt Stack-based overflow vulnerability in the logMess function in Open TFTP Server MT 1.65 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via a long TFTP error packet, a different vulnerability than CVE-2018-10387 and CVE-2019-12568. 2019-12-23 not yet calculated CVE-2019-12567
MISC
open_tftp_server_sp -- open_tftp_server_sp Stack-based overflow vulnerability in the logMess function in Open TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via a long TFTP error packet, a different vulnerability than CVE-2018-10387 and CVE-2019-12567. 2019-12-23 not yet calculated CVE-2019-12568
MISC
openjdk -- openjdk An information disclosure flaw was found in the way the Java Virtual Machine (JVM) implementation of Java SE 7 as provided by OpenJDK 7 incorrectly initialized integer arrays after memory allocation (in certain circumstances they had nonzero elements right after the allocation). A remote attacker could use this flaw to obtain potentially sensitive information. 2019-12-26 not yet calculated CVE-2012-4420
MISC
MISC
MISC
MISC
MISC
MISC
MISC
orchestra_technologies -- c1_cms An issue was discovered in Orckestra C1 CMS through 6.6. The EntityTokenSerializer class in Composite.dll is prone to unvalidated deserialization of wrapped BinaryFormatter payloads, leading to arbitrary remote code execution for any low-privilege user. 2019-12-23 not yet calculated CVE-2019-18211
MISC
palo_alto_networks -- pan-os Improper restriction of communications to Log Forwarding Card (LFC) on PA-7000 Series devices with second-generation Switch Management Card (SMC) may allow an attacker with network access to the LFC to gain root access to PAN-OS. This issue affects PAN-OS 9.0 versions prior to 9.0.5-h3 on PA-7080 and PA-7050 devices with an LFC installed and configured. This issue does not affect PA-7000 Series deployments using the first-generation SMC and the Log Processing Card (LPC). This issue does not affect any other PA series devices. This issue does not affect devices without an LFC. This issue does not affect PAN-OS 8.1 or prior releases. This issue only affected a very limited number of customers and we undertook individual outreach to help them upgrade. At the time of publication, all identified customers have upgraded SW or content and are not impacted. 2019-12-20 not yet calculated CVE-2019-17440
CONFIRM
pax-linux -- pax-linux A locally locally exploitable DOS vulnerability was found in pax-linux versions 2.6.32.33-test79.patch, 2.6.38-test3.patch, and 2.6.37.4-test14.patch. A bad bounds check in arch_get_unmapped_area_topdown triggered by programs doing an mmap after a MAP_GROWSDOWN mmap will create an infinite loop condition without releasing the VM semaphore eventually leading to a system crash. 2019-12-26 not yet calculated CVE-2011-1474
MISC
MISC
php -- php In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access. 2019-12-23 not yet calculated CVE-2019-11045
MISC
MLIST
php -- php When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. 2019-12-23 not yet calculated CVE-2019-11047
MISC
MLIST
php -- php In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP bcmath extension functions on some systems, including Windows, can be tricked into reading beyond the allocated space by supplying it with string containing characters that are identified as numeric by the OS but aren't ASCII numbers. This can read to disclosure of the content of some memory locations. 2019-12-23 not yet calculated CVE-2019-11046
MISC
MLIST
php -- php In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 on Windows, PHP link() function accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access. 2019-12-23 not yet calculated CVE-2019-11044
MISC
php -- php In PHP versions 7.3.x below 7.3.13 and 7.4.0 on Windows, when supplying custom headers to mail() function, due to mistake introduced in commit 78f4b4a2dcf92ddbccea1bb95f8390a18ac3342e, if the header is supplied in lowercase, this can result in double-freeing certain memory locations. 2019-12-23 not yet calculated CVE-2019-11049
MISC
php -- php When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. 2019-12-23 not yet calculated CVE-2019-11050
MISC
MLIST
powercms -- powercms Open redirect vulnerability in PowerCMS 5.12 and earlier (PowerCMS 5.x), 4.42 and earlier (PowerCMS 4.x), and 3.293 and earlier (PowerCMS 3.x) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL. 2019-12-26 not yet calculated CVE-2019-6020
MISC
MISC
pylons_project -- waitress In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests containing special whitespace characters in the Transfer-Encoding header would get parsed by Waitress as being a chunked request, but a front-end server would use the Content-Length instead as the Transfer-Encoding header is considered invalid due to containing invalid characters. If a front-end server does HTTP pipelining to a backend Waitress server this could lead to HTTP request splitting which may lead to potential cache poisoning or unexpected information disclosure. This issue is fixed in Waitress 1.4.1 through more strict HTTP field validation. 2019-12-26 not yet calculated CVE-2019-16789
MISC
CONFIRM
MISC
rakuten -- rakuma_app_for_android_and_ios Rakuma App for Android version 7.15.0 and earlier, and for iOS version 7.16.4 and earlier allows an attacker to bypass authentication and obtain the user's authentication information via a malicious application created by the third party. 2019-12-26 not yet calculated CVE-2019-6024
MISC
MISC
MISC
ratbox -- ircd_ratbox ircd-ratbox 3.0.9 mishandles the MONITOR command which allows remote attackers to cause a denial of service (system out-of-memory event). 2019-12-26 not yet calculated CVE-2015-5290
MISC
MISC
red_hat -- ceph_storage A flaw was found in Red Hat Ceph Storage version 3 in the way the Ceph RADOS Gateway daemon handles S3 requests. An authenticated attacker can abuse this flaw by causing a remote denial of service by sending a specially crafted HTTP Content-Length header to the Ceph RADOS Gateway server. 2019-12-23 not yet calculated CVE-2019-19337
CONFIRM
red_hat -- networkmanager In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in AdHoc mode, it created an open/insecure network. 2019-12-26 not yet calculated CVE-2012-2736
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
reliable_controls -- mach-prowebcom/sys Reliable Controls MACH-ProWebCom/Sys, all versions prior to 2.15 (Firmware versions prior to 8.26.4), may allow attacker to execute commands on behalf of the user when an authenticated user clicks on a malicious link. 2019-12-24 not yet calculated CVE-2019-18249
MISC
remise -- payment_module REMISE Payment Module (2.11, 2.12 and 2.13) version 3.0.12 and earlier allow remote attackers to [Disclosed_Information_type] via unspecified vectors. 2019-12-26 not yet calculated CVE-2019-6017
MISC
MISC
remise -- payment_module Cross-site scripting vulnerability in REMISE Payment Module (2.11, 2.12 and 2.13) version 3.0.12 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2019-12-26 not yet calculated CVE-2019-6016
MISC
MISC
ricoh -- library_information_management_system_limedio Open redirect vulnerability in Library Information Management System LIMEDIO all versions allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL. 2019-12-26 not yet calculated CVE-2019-6021
MISC
MISC
ruby_gem_features_for_ruby_on_rails -- ruby_gem_features_for_ruby_on_rails File injection vulnerability in Ruby gem Features 0.3.0 allows remote attackers to inject malicious html in the /tmp directory. 2019-12-26 not yet calculated CVE-2013-4318
MISC
MISC
sa-exim -- sa-exim sa-exim 4.2.1 allows attackers to execute arbitrary code if they can write a .cf file or a rule. This occurs because Greylisting.pm relies on eval (rather than direct parsing and/or use of the taint feature). This issue is similar to CVE-2018-11805. 2019-12-22 not yet calculated CVE-2019-19920
MISC
MISC
MISC
samsung -- galaxy_s3/s4_smartphones Samsung Galaxy S3/S4 exposes an unprotected component allowing an unprivileged app to send arbitrary SMS texts to arbitrary destinations without permission. 2019-12-27 not yet calculated CVE-2013-4764
MISC
MISC
samsung -- galaxy_s3/s4_smartphones Samsung Galaxy S3/S4 exposes an unprotected component allowing arbitrary SMS text messages without requesting permission. 2019-12-27 not yet calculated CVE-2013-4763
MISC
MISC
sencha_labs -- connect Sencha Labs Connect has XSS with connect.methodOverride() 2019-12-27 not yet calculated CVE-2013-4691
MISC
senkas -- kolibri Buffer overflow in Senkas Kolibri 2.0 allows remote attackers to execute arbitrary code via a long URI in a POST request. 2019-12-27 not yet calculated CVE-2014-5289
MISC
BID
XF
signal -- signal_desktop_on_windows Signal Desktop before 1.29.1 on Windows allows local users to gain privileges by creating a Trojan horse %SYSTEMDRIVE%\node_modules\.bin\wmic.exe file. 2019-12-24 not yet calculated CVE-2019-19954
MISC
MISC
sonicwall -- email_security_appliance A vulnerability in SonicWall Email Security appliance allow an unauthenticated user to perform remote code execution. This vulnerability affected Email Security Appliance version 10.0.2 and earlier. 2019-12-23 not yet calculated CVE-2019-7489
CONFIRM
sonicwall -- email_security_appliance Weak default password cause vulnerability in SonicWall Email Security appliance which leads to attacker gain access to appliance database. This vulnerability affected Email Security Appliance version 10.0.2 and earlier. 2019-12-23 not yet calculated CVE-2019-7488
CONFIRM
spbas_-- business_automation_software SPBAS Business Automation Software 2012 has CSRF. 2019-12-27 not yet calculated CVE-2013-4665
MISC
MISC
spbas_-- business_automation_software SPBAS Business Automation Software 2012 has XSS. 2019-12-27 not yet calculated CVE-2013-4664
MISC
MISC
MISC
sqlite -- sqlite multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880. 2019-12-23 not yet calculated CVE-2019-19926
MISC
sqlitte -- sqlite flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results). 2019-12-24 not yet calculated CVE-2019-19923
MISC
sqlitte -- sqlite zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive. 2019-12-24 not yet calculated CVE-2019-19925
MISC
sqlitte -- sqlite SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling. 2019-12-24 not yet calculated CVE-2019-19924
MISC
static_http_server -- static_http_server Static HTTP Server 1.0 has a Local Overflow 2019-12-27 not yet calculated CVE-2013-4743
MISC
MISC
symonics -- libmysofa libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate this issue. 2019-12-27 not yet calculated CVE-2019-20016
MISC
MISC
MISC
system_security_services_daemon -- system_security_services_daemon A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context. 2019-12-26 not yet calculated CVE-2012-3462
MISC
MISC
MISC
tbeu -- matio A stack-based buffer over-read was discovered in ReadNextCell in mat5.c in matio 1.5.17. 2019-12-27 not yet calculated CVE-2019-20018
MISC
tbeu -- matio A memory leak was discovered in Mat_VarCalloc in mat.c in matio 1.5.17 because SafeMulDims does not consider the rank==0 case. 2019-12-27 not yet calculated CVE-2019-20052
MISC
tbeu -- matio A stack-based buffer over-read was discovered in ReadNextStructField in mat5.c in matio 1.5.17. 2019-12-27 not yet calculated CVE-2019-20020
MISC
tbeu -- matio A stack-based buffer over-read was discovered in Mat_VarReadNextInfo5 in mat5.c in matio 1.5.17. 2019-12-27 not yet calculated CVE-2019-20017
MISC
tbeu -- matio An attempted excessive memory allocation was discovered in Mat_VarRead5 in mat5.c in matio 1.5.17. 2019-12-27 not yet calculated CVE-2019-20019
MISC
tenable -- nessus Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would potentially impact other admins (Tenable IDs 5218 and 5269). 2019-12-27 not yet calculated CVE-2016-1000029
MISC
MISC
MISC
tenable -- nessus Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would only potentially impact other admins. (Tenable ID 5198). 2019-12-27 not yet calculated CVE-2016-1000028
MISC
MISC
CONFIRM
tftp_server_mt -- tftp_server_mt Format string vulnerability in the logMess function in TFTP Server MT 1.65 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet. 2019-12-23 not yet calculated CVE-2018-10389
MISC
tftp_server_sp -- tftp_server_sp Heap-based overflow vulnerability in TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or possibly execute arbitrary code via a long TFTP error packet, a different vulnerability than CVE-2008-2161. 2019-12-23 not yet calculated CVE-2018-10387
MISC
tftp_server_sp -- tftp_server_sp Format string vulnerability in the logMess function in TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet. 2019-12-23 not yet calculated CVE-2018-10388
MISC
thttpd -- thttpd thttpd 2007 has buffer underflow. 2019-12-27 not yet calculated CVE-2007-0158
MISC
tigervnc -- tigervnc TigerVNC version prior to 1.10.1 is vulnerable to stack buffer overflow, which could be triggered from CMsgReader::readSetCursor. This vulnerability occurs due to insufficient sanitization of PixelFormat. Since remote attacker can choose offset from start of the buffer to start writing his values, exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity. 2019-12-26 not yet calculated CVE-2019-15695
MISC
MISC
MLIST
tigervnc -- tigervnc TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which occurs in TightDecoder::FilterGradient. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity. 2019-12-26 not yet calculated CVE-2019-15693
MISC
MISC
MLIST
tigervnc -- tigervnc TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow. Vulnerability could be triggered from CopyRectDecoder due to incorrect value checks. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity. 2019-12-26 not yet calculated CVE-2019-15692
MISC
MISC
MLIST
tigervnc -- tigervnc TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which could be triggered from DecodeManager::decodeRect. Vulnerability occurs due to the signdness error in processing MemOutStream. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity. 2019-12-26 not yet calculated CVE-2019-15694
MISC
MISC
MLIST
tigervnc -- tigervnc TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack memory in ZRLEDecoder. If decoding routine would throw an exception, ZRLEDecoder may try to access stack variable, which has been already freed during the process of stack unwinding. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity. 2019-12-26 not yet calculated CVE-2019-15691
MISC
MISC
MLIST
toshiba -- configfree_utility Multiple stack-based buffer overflows in CFProfile.exe in Toshiba ConfigFree Utility 8.0.38 allow user-assisted attackers to execute arbitrary code. 2019-12-27 not yet calculated CVE-2012-4980
BID
XF
trend_micro -- antivirus_for_mac A privilege escalation vulnerability in Trend Micro Antivirus for Mac 2019 (v9.0.1379 and below) could potentially allow an attacker to create a symbolic link to a target file and modify it. 2019-12-24 not yet calculated CVE-2019-19695
N/A
upc -- connect_box_eurodocsis_voice_gateway_devices The Administration page on Connect Box EuroDOCSIS 3.0 Voice Gateway CH7465LG-NCIP-6.12.18.25-2p6-NOSH devices accepts a cleartext password in a POST request on port 80, as demonstrated by the Password field to the xml/setter.xml URI. 2019-12-25 not yet calculated CVE-2019-19967
MISC
upx -- upx A heap-based buffer over-read was discovered in canUnpack in p_mach.cpp in UPX 3.95 via a crafted Mach-O file. 2019-12-27 not yet calculated CVE-2019-20021
MISC
upx -- upx A floating-point exception was discovered in PackLinuxElf::elf_hash in p_lx_elf.cpp in UPX 3.95. The vulnerability causes an application crash, which leads to denial of service. 2019-12-27 not yet calculated CVE-2019-20051
MISC
upx -- upx An invalid memory address dereference was discovered in the canUnpack function in p_mach.cpp in UPX 3.95 via a crafted Mach-O file. 2019-12-27 not yet calculated CVE-2019-20053
MISC
virglrenderer_project -- virglrenderer An out-of-bounds read in the vrend_blit_need_swizzle function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_BLIT commands. 2019-12-23 not yet calculated CVE-2019-18390
REDHAT
MISC
MISC
MISC
virglrenderer_project -- virglrenderer A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service, or QEMU guest-to-host escape and code execution, via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands. 2019-12-23 not yet calculated CVE-2019-18389
REDHAT
MISC
MISC
MISC
virglrenderer_project -- virglrenderer A NULL pointer dereference in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via malformed commands. 2019-12-23 not yet calculated CVE-2019-18388
REDHAT
MISC
MISC
MISC
virglrenderer_project -- virglrenderer A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands. 2019-12-23 not yet calculated CVE-2019-18391
REDHAT
MISC
MISC
MISC
vivotek -- multiple_ip_cameras Multiple Vivotek IP Cameras remote authentication bypass that could allow access to the video stream 2019-12-27 not yet calculated CVE-2013-4985
MISC
MISC
MISC
vmware -- workstation_and_horizon_view_agent VMware Workstation (15.x prior to 15.5.1) and Horizon View Agent (7.10.x prior to 7.10.1 and 7.5.x prior to 7.5.4) contain a DLL hijacking vulnerability due to insecure loading of a DLL by Cortado Thinprint. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to administrator on a Windows machine where Workstation or View Agent is installed. 2019-12-23 not yet calculated CVE-2019-5539
CONFIRM
wecon -- plc_editor Multiple buffer overflow vulnerabilities exist when the PLC Editor Version 1.3.5_20190129 processes project files. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application. 2019-12-23 not yet calculated CVE-2019-18236
MISC
winamp -- winamp Winamp 5.63: Invalid Pointer Dereference leading to Arbitrary Code Execution 2019-12-27 not yet calculated CVE-2013-4695
MISC
MISC
wolfssl -- wolfssl An issue was discovered in wolfSSL before 4.3.0 in a non-default configuration where DSA is enabled. DSA signing uses the BEEA algorithm during modular inversion of the nonce, leading to a side-channel attack against the nonce. 2019-12-25 not yet calculated CVE-2019-19963
MISC
MISC
wolfssl -- wolfssl In wolfSSL before 4.3.0, wc_ecc_mulmod_ex does not properly resist side-channel attacks. 2019-12-25 not yet calculated CVE-2019-19960
MISC
MISC
wolfssl -- wolfssl wolfSSL before 4.3.0 mishandles calls to wc_SignatureGenerateHash, leading to fault injection in RSA cryptography. 2019-12-25 not yet calculated CVE-2019-19962
MISC
MISC
wordpress -- wordpress In WordPress before 5.3.1, authenticated users with lower privileges (like contributors) can inject JavaScript code in the block editor, which is executed within the dashboard. It can lead to an admin opening the affected post in the editor leading to XSS. 2019-12-26 not yet calculated CVE-2019-16781
CONFIRM
MISC
MISC
MISC
wordpress -- wordpress The ListingPro theme before v2.0.14.2 for WordPress has Reflected XSS via the What field on the homepage. 2019-12-26 not yet calculated CVE-2019-19540
MISC
wordpress -- wordpress The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed for CSRF to be exploited on all plugin settings. 2019-12-26 not yet calculated CVE-2019-19981
MISC
MISC
wordpress -- wordpress Cross-site scripting vulnerability in Custom Body Class 0.6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2019-12-26 not yet calculated CVE-2019-6029
MISC
MISC
wordpress -- wordpress Cross-site request forgery (CSRF) vulnerability in Custom Body Class 0.6.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. 2019-12-26 not yet calculated CVE-2019-6030
MISC
MISC
wordpress -- wordpress Multiple cross-site scripting (XSS) vulnerabilities in test-plugin.php in the Swipe Checkout for WP e-Commerce plugin 3.1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) api_key, (2) payment_page_url, (3) merchant_id, (4) api_url, or (5) currency parameter. 2019-12-27 not yet calculated CVE-2014-4559
MISC
wordpress -- wordpress The ListingPro theme before v2.0.14.2 for WordPress has Persistent XSS via the Good For field on the new listing submit page. 2019-12-26 not yet calculated CVE-2019-19542
MISC
wordpress -- wordpress Cross-site scripting (XSS) vulnerability in test-plugin.php in the Swipe Checkout for WooCommerce plugin 2.7.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the api_url parameter. 2019-12-27 not yet calculated CVE-2014-4558
MISC
wordpress -- wordpress The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a privilege bypass flaw that allowed authenticated users (Subscriber or greater access) to send test emails from the administrative dashboard on behalf of an administrator. This occurs because the plugin registers a wp_ajax function to send_test_email. 2019-12-26 not yet calculated CVE-2019-19980
MISC
MISC
wordpress -- wordpress WordPress users with lower privileges (like contributors) can inject JavaScript code in the block editor using a specific payload, which is executed within the dashboard. This can lead to XSS if an admin opens the post in the editor. Execution of this attack does require an authenticated user. This has been patched in WordPress 5.3.1, along with all the previous WordPress versions from 3.7 to 5.3 via a minor release. Automatic updates are enabled by default for minor releases and we strongly recommend that you keep them enabled. 2019-12-26 not yet calculated CVE-2019-16780
MISC
CONFIRM
MISC
MISC
MISC
wordpress -- wordpress SQL injection vulnerability in the wpDataTables Lite Version 2.0.11 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. 2019-12-26 not yet calculated CVE-2019-6012
MISC
MISC
wordpress -- wordpress Cross-site scripting (XSS) vulnerability in the Movies plugin 0.6 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php. 2019-12-27 not yet calculated CVE-2014-4539
MISC
wordpress -- wordpress Cross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slashbox.php in the Ebay Feeds for WordPress plugin 1.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the rss_url parameter. 2019-12-27 not yet calculated CVE-2014-4525
MISC
CONFIRM
wordpress -- wordpress The ListingPro theme before v2.0.14.2 for WordPress has Persistent XSS via the Best Day/Night field on the new listing submit page. 2019-12-26 not yet calculated CVE-2019-19541
MISC
wordpress -- wordpress Multiple cross-site scripting (XSS) vulnerabilities in tests/notAuto_test_ContactService_pauseCampaign.php in the Infusionsoft Gravity Forms plugin before 1.5.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) go, (2) contactId, or (3) campaignId parameter. 2019-12-27 not yet calculated CVE-2014-4536
MISC
CONFIRM
wordpress -- wordpress Cross-site scripting (XSS) vulnerability in the Easy Career Openings plugin 0.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. 2019-12-27 not yet calculated CVE-2014-4523
MISC
wordpress -- wordpress Cross-site scripting (XSS) vulnerability in rss.class/scripts/magpie_debug.php in the WP-Planet plugin 0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the url parameter. 2019-12-27 not yet calculated CVE-2014-4592
MISC
wordpress -- wordpress Cross-site scripting (XSS) vulnerability in tinymce/popup.php in the Ruven Toolkit plugin 1.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the popup parameter. 2019-12-27 not yet calculated CVE-2014-4548
MISC
wordpress -- wordpress The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed for unauthenticated option creation. In order to exploit this vulnerability, an attacker would need to send a /wp-admin/admin-post.php?es_skip=1&option_name= request. 2019-12-26 not yet calculated CVE-2019-19982
MISC
MISC
wordpress -- wordpress Cross-site scripting (XSS) vulnerability in comments/videowhisper2/r_logout.php in the Video Comments Webcam Recorder plugin 1.55, as downloaded before 20140116 for WordPress allows remote attackers to inject arbitrary web script or HTML via the message parameter. 2019-12-27 not yet calculated CVE-2014-4567
MISC
CONFIRM
wordpress -- wordpress Cross-site scripting (XSS) vulnerability in the Conversador plugin 2.61 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the 'page' parameter. 2019-12-27 not yet calculated CVE-2014-4519
MISC
wordpress -- wordpress wp_kses_bad_protocol in wp-includes/kses.php in WordPress before 5.3.1 mishandles the HTML5 colon named entity, allowing attackers to bypass input sanitization, as demonstrated by the javascript&colon; substring. 2019-12-27 not yet calculated CVE-2019-20041
MISC
MISC
wordpress -- wordpress The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed unauthenticated file download with user information disclosure. 2019-12-26 not yet calculated CVE-2019-19985
MISC
MISC
wordpress -- wordpress WordPress Xorbin Digital Flash Clock 1.0 has XSS 2019-12-27 not yet calculated CVE-2013-4693
MISC
wordpress -- wordpress Cross-site scripting vulnerability in wpDataTables Lite Version 2.0.11 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2019-12-26 not yet calculated CVE-2019-6011
MISC
MISC
wordpress -- wordpress Cross-site scripting (XSS) vulnerability in preview-shortcode-external.php in the Shortcode Ninja plugin 1.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the shortcode parameter. 2019-12-27 not yet calculated CVE-2014-4550
MISC
wordpress -- wordpress WordPress before 5.3.1 allowed an unauthenticated user to make a post sticky through the REST API because of missing access control in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php. 2019-12-27 not yet calculated CVE-2019-20043
MISC
MISC
MISC
MISC
wordpress -- wordpress WordPress W3 Super Cache Plugin before 1.3.2 contains a PHP code-execution vulnerability which could allow remote attackers to inject arbitrary code. This issue exists because of an incomplete fix for CVE-2013-2009. 2019-12-26 not yet calculated CVE-2013-2011
MISC
MISC
MISC
MISC
wordpress -- wordpress The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed users with edit_post capabilities to manage plugin settings and email campaigns. 2019-12-26 not yet calculated CVE-2019-19984
MISC
MISC
wordpress -- wordpress A flaw in the WordPress plugin, WP Maintenance before 5.0.6, allowed attackers to enable a vulnerable site's maintenance mode and inject malicious code affecting site visitors. There was CSRF with resultant XSS. 2019-12-26 not yet calculated CVE-2019-19979
MISC
MISC
wordpress -- wordpress Cross-site request forgery (CSRF) vulnerability in WP Spell Check 7.1.9 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. 2019-12-26 not yet calculated CVE-2019-6027
MISC
MISC
wordpress -- wordpress WordPress before 5.3.1 allowed an attacker to create a cross-site scripting attack (XSS) in well crafted links, because of an insufficient protection mechanism in wp_targeted_link_rel in wp-includes/formatting.php. 2019-12-27 not yet calculated CVE-2019-20042
MISC
MISC
MISC
MISC
MISC
wordpress -- wordpress Cross-site scripting (XSS) vulnerability in the Import Legacy Media plugin 0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php. 2019-12-27 not yet calculated CVE-2014-4535
MISC
wordpress -- wordpress Cross-site scripting (XSS) vulnerability in the Podcast Channels plugin 0.20 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the Filename parameter to getid3/demos/demo.write.php. 2019-12-27 not yet calculated CVE-2014-4544
MISC
wordpress -- wordpress In the WordPress plugin, Fast Velocity Minify before 2.7.7, the full web root path to the running WordPress application can be discovered. In order to exploit this vulnerability, FVM Debug Mode needs to be enabled and an admin-ajax request needs to call the fastvelocity_min_files action. 2019-12-26 not yet calculated CVE-2019-19983
MISC
MISC
xiuno -- bbs Xiuno BBS 4.0 allows XXE via plugin/xn_wechat_public/route/token.php. 2019-12-26 not yet calculated CVE-2019-19998
MISC
yahoo -- athenz Open redirect vulnerability in Athenz v1.8.24 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted page. 2019-12-26 not yet calculated CVE-2019-6035
MISC
MISC
MISC
yokogawa -- multiple_products_for_windows An unquoted search path vulnerability in Multiple Yokogawa products for Windows (Exaopc (R1.01.00 ? R3.77.00), Exaplog (R1.10.00 ? R3.40.00), Exaquantum (R1.10.00 ? R3.02.00 and R3.15.00), Exaquantum/Batch (R1.01.00 ? R2.50.40), Exasmoc (all revisions), Exarqe (all revisions), GA10 (R1.01.01 ? R3.05.01), and InsightSuiteAE (R1.01.00 ? R1.06.00)) allow local users to gain privileges via a Trojan horse executable file and execute arbitrary code with eleveted privileges. 2019-12-26 not yet calculated CVE-2019-6008
MISC
MISC
zte -- zxcloud_goldendata_vap All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have an information disclosure vulnerability. Attackers could use this vulnerability to collect data information and damage the system. 2019-12-23 not yet calculated CVE-2019-3430
CONFIRM
zte -- zxcloud_goldendata_vap All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have encryption problems vulnerability. Attackers could sniff unencrypted account and password through the network for front-end system access. 2019-12-23 not yet calculated CVE-2019-3431
CONFIRM
zte -- zxcloud_goldendata_vap All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have a file reading vulnerability. Attackers could obtain log file information without authorization, causing the disclosure of sensitive information. 2019-12-23 not yet calculated CVE-2019-3429
CONFIRM
Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No