Quantcast
Channel: CISA All NCAS Products
Viewing all 2670 articles
Browse latest View live

Holiday Shopping, Phishing, and Malware Scams

November 8, 2019, 9:03 am
$
0
0
Original release date: November 8, 2019

As this holiday season approaches, the Cybersecurity and Infrastructure Security Agency (CISA) encourages users to be aware of potential holiday scams and malicious cyber campaigns, particularly when browsing or shopping online. Cyber actors may send emails and ecards containing malicious links or attachments infected with malware or may send spoofed emails requesting support for fraudulent charities or causes.

CISA encourages users to remain vigilant and take the following precautions:

This product is provided subject to this Notification and this Privacy & Use policy.

Search

Vulnerability Summary for the Week of November 4, 2019

November 11, 2019, 7:51 am
$
0
0
Original release date: November 11, 2019 | Last revised: November 12, 2019

The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

High Vulnerabilities

Primary
Vendor -- Product		DescriptionPublishedCVSS ScoreSource & Patch Info
apache -- strutsApache Struts before 2.3.1.2 allows remote attackers to bypass security protections in the ParameterInterceptor class and execute arbitrary commands.2019-11-017.5CVE-2011-3923
MISC
EXPLOIT-DB
BID
MISC
MISC
XF
MISC
aruba_networks -- clearpass_policy_managerAruba ClearPass Policy Manager before 6.5.7 and 6.6.x before 6.6.2 allows attackers to obtain database credentials.2019-11-0610CVE-2016-4401
CONFIRM
clamav -- clamavThere is a possible heap overflow in libclamav/fsg.c before 0.100.0.2019-11-067.5CVE-2007-0899
MISC
computing_for_good -- basic_laboratory_information_systemComputing For Good's Basic Laboratory Information System (also known as C4G BLIS) version 3.4 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may change the password of any administrator-level user.2019-11-067.5CVE-2019-5617
MISC
computing_for_good -- basic_laboratory_information_system
 		Computing For Good's Basic Laboratory Information System (also known as C4G BLIS) version 3.5 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may alter several facets of a user account, including promoting any user to an administrator.2019-11-067.5CVE-2019-5644
MISC
cryptocat_project -- cryptocatCryptocat before 2.0.22 has Arbitrary Code Execution on Firefox Conversation Overview2019-11-047.5CVE-2013-2259
MISC
MISC
MISC
cryptocat_project -- cryptocatCryptocat before 2.0.22 has Remote Script Injection due to improperly sanitizing user input2019-11-047.5CVE-2013-4103
MISC
MISC
MISC
MISC
MISC
gri -- grigri before 2.12.18 generates temporary files in an insecure way.2019-11-087.5CVE-2008-7291
MISC
isl_internet_sicherheitslösungen -- arp_guardA SQL injection vulnerability in a /login/forgot1 POST request in ARP-GUARD 4.0.0-5 allows unauthenticated remote attackers to execute arbitrary SQL commands via the user_id parameter.2019-11-047.5CVE-2019-18663
MISC
linux -- linux_kernelA memory leak in the sof_dfsentry_write() function in sound/soc/sof/debug.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-c0a333d842ef.2019-11-077.8CVE-2019-18812
MISC
linux -- linux_kernelA vulnerability exists in kernel/time/clocksource.c in the Linux kernel before 2.6.33 where on non-GENERIC_TIME systems (GENERIC_TIME=n), accessing /sys/devices/system/clocksource/clocksource0/current_clocksource results in an OOPS.2019-11-077.8CVE-2010-2243
MISC
CONFIRM
MISC
MLIST
linux -- linux_kernelAn issue was discovered in the Linux kernel through 5.3.9. There is a use-after-free when aa_label_parse() fails in aa_audit_rule_init() in security/apparmor/audit.c.2019-11-077.5CVE-2019-18814
MISC
linux -- linux_kernelA memory leak in the dwc3_pci_probe() function in drivers/usb/dwc3/dwc3-pci.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering platform_device_add_properties() failures, aka CID-9bbfceea12a8.2019-11-077.8CVE-2019-18813
MISC
linux -- linux_kernelAn issue was discovered in the Linux kernel 4.4.x before 4.4.195. There is a NULL pointer dereference in rds_tcp_kill_sock() in net/rds/tcp.c that will cause denial of service, aka CID-91573ae4aed0.2019-11-047.8CVE-2019-18680
MISC
MISC
MISC
MISC
linux -- linux_kernelAn issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact, aka CID-19fad20d15a6.2019-11-077.5CVE-2019-18805
MISC
MISC
linux -- linux_kernelA memory leak in the komeda_wb_connector_add() function in drivers/gpu/drm/arm/display/komeda/komeda_wb_connector.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering drm_writeback_connector_init() failures, aka CID-a0ecd6fdbf5d.2019-11-077.8CVE-2019-18810
MISC
MISC
linux -- linux_kernelA memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-2289adbfa559.2019-11-077.8CVE-2019-18809
MISC
linux -- linux_kernelA memory leak in the sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering sof_get_ctrl_copy_params() failures, aka CID-45c1380358b1.2019-11-077.8CVE-2019-18811
MISC
linux-vserver -- linux-vserverlinux vserver 2.6 before 2.6.17 suffers from privilege escalation in remount code.2019-11-0610CVE-2006-4243
MISC
magento -- magentoA remote code execution vulnerability exists in Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An unauthenticated user can insert a malicious payload through PageBuilder template methods.2019-11-067.5CVE-2019-8144
MISC
magento -- magentoA remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with system data manipulation privileges can execute aribitrary code through arbitrary file deletion and OS command injection.2019-11-069CVE-2019-8159
MISC
magento -- magentoAn insecure component vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. Magento 2 codebase leveraged outdated versions of JS libraries (Bootstrap, jquery, Knockout) with known security vulnerabilities.2019-11-057.5CVE-2019-8121
MISC
magento -- magentoAn insecure component vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. Magento 2 codebase leveraged outdated versions of HTTP specification abstraction implemented in symphony component.2019-11-067.5CVE-2019-8136
MISC
magento -- magentoAn XPath entity injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An attacker can craft a GET request to page cache block rendering module that gets passed to XML data processing engine without validation. The crafted key/value GET request data allows an attacker to limited access to underlying XML data.2019-11-067.5CVE-2019-8158
MISC
magento -- magentoA remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. Dependency injection through Symphony framework allows service identifiers to be derived from user controlled data, which can lead to remote code execution.2019-11-067.5CVE-2019-8135
MISC
minidlna -- minidlnaMiniDLNA has heap-based buffer overflow2019-11-017.5CVE-2013-2739
MISC
MISC
minidlna -- minidlnaminidlna has SQL Injection that may allow retrieval of arbitrary files2019-11-017.5CVE-2013-2738
MISC
MISC
MISC
MISC
nvu -- nvuNvu 0.99+1.0pre uses an old copy of Mozilla XPCOM which can result in multiple security issues.2019-11-057.5CVE-2005-2354
MISC
MISC
MISC
php-gettext -- php-gettextThe plural form formula in ngettext family of calls in php-gettext before 1.0.12 allows remote attackers to execute arbitrary code.2019-11-047.5CVE-2015-8980
SUSE
MLIST
MLIST
BID
CONFIRM
CONFIRM
CONFIRM
portainer -- portainerPortainer before 1.22.1 has Incorrect Access Control (issue 1 of 4).2019-11-079CVE-2019-16872
MISC
python_sofware_foundation_and_beanbag -- djblets_and_review_boardAn eval() vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests.2019-11-047.5CVE-2013-4409
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
qualcomm -- multiple_productsUse after free issue in kernel while accessing freed mdlog session info and its attributes after closing the session in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 675, SD 730, SD 820, SD 820A, SD 835, SD 855, SDA660, SDM630, SDM660, SDX20, SDX242019-11-067.5CVE-2019-10528
CONFIRM
qualcomm -- multiple_productsOut of bound access due to improper validation of array index cause the index table entry to get corrupt in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W, MSM8996AU, QCA6574AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX202019-11-0610CVE-2019-10533
CONFIRM
qualcomm -- multiple_productsOut of bound access while processing a non-standard IE measurement request with length crossing past the size of frame in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS405, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX242019-11-067.5CVE-2019-10505
CONFIRM
qualcomm -- multiple_productsWhile playing the clip which is nonstandard buffer overflow can occur while parsing in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W, MSM8996AU, QCA6574AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX202019-11-067.5CVE-2019-10522
CONFIRM
qualcomm -- multiple_productsWhile processing vendor command which contains corrupted channel count, an integer overflow occurs and finally will lead to heap overflow. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8976, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA845, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM81502019-11-067.5CVE-2019-2302
CONFIRM
qualcomm -- multiple_productsBuffer over-read may occur when downloading a corrupted firmware file that has chunk length in header which doesn`t match the contents in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9615, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 845 / SD 850, SDX202019-11-067.5CVE-2019-10542
CONFIRM
qualcomm -- multiple_productsDouble free issue can happen when sensor power settings is freed by some thread while another thread try to access. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, QCN7605, QCS405, QCS605, SDM845, SDX24, SXR11302019-11-067.5CVE-2019-10565
CONFIRM
qualcomm -- multiple_productsDereference on uninitialized buffer can happen when parsing FLV clip with corrupted codec specific data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W, MSM8996AU, QCA6574AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 600, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX202019-11-0610CVE-2019-10541
CONFIRM
qualcomm -- multiple_productsNull-pointer dereference can occur while accessing the super index entry when it is not been allocated in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W, MSM8996AU, QCA6574AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX202019-11-0610CVE-2019-10534
CONFIRM
qualcomm -- multiple_productsIncorrect reading of system image resulting in buffer overflow when size of system image is increased in Snapdragon Auto, Snapdragon Mobile, Snapdragon Wearables in MDM9607, MSM8909W, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SDM4392019-11-0610CVE-2019-10531
CONFIRM
qualcomm -- multiple_productsPossible use after free issue due to race condition while attempting to mark the entry pages as dirty using function set_page_dirty() in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX242019-11-069.3CVE-2019-10529
CONFIRM
qualcomm -- multiple_productsKernel can do a memory read from arbitrary address passed by user during execution of a syscall in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9205, MDM9650, QCA8081, QCS605, SD 427, SD 435, SD 450, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR11302019-11-0610CVE-2019-2249
CONFIRM
qualcomm -- multiple_productsImproper validation of read and write index of tx and rx fifo`s before calculating pointer can lead to out-of-bound access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX242019-11-0610CVE-2019-2283
CONFIRM
qualcomm -- multiple_productsImproper validation of array index causes OOB write and then leads to memory corruption in MMCP in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR11302019-11-0610CVE-2019-2258
CONFIRM
qualcomm -- multiple_productsThread start can cause invalid memory writes to arbitrary memory location since the argument is passed by user to kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9205, MDM9640, MSM8996AU, QCA6574, QCS605, Qualcomm 215, SD 425, SD 427, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016, SXR11302019-11-067.2CVE-2019-2246
CONFIRM
qualcomm -- multiple_productsWhen ADSP is compromised, the audio port index that`s returned from ADSP might be out of the valid range and leads to out of boundary access in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 845 / SD 850, SD 855, SDX20, SDX242019-11-0610CVE-2019-2324
CONFIRM
qualcomm -- multiple_productsOut of boundary access due to token received from ADSP and is used without validation as an index into the array in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX242019-11-0610CVE-2019-2325
CONFIRM
qualcomm -- multiple_productsOut of bound write issue is observed while giving information about properties that have been set so far for playing video in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR11302019-11-0610CVE-2019-2285
CONFIRM
qualcomm -- multiple_productsMemory corruption while accessing the memory as payload size is not validated before access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX242019-11-0610CVE-2019-2332
CONFIRM
qualcomm -- multiple_productsLack of check to ensure crypto engine data passed by user is initialized can result in bus error in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX242019-11-0610CVE-2019-2323
CONFIRM
qualcomm -- multiple_productsPossible Integer overflow because of subtracting two integers without checking if the result would overflow or not in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX242019-11-0610CVE-2019-2331
CONFIRM
quest -- kace_systems_management_appliance_server_centerQuest KACE Systems Management Appliance Server Center version 9.1.317 is vulnerable to SQL injection. The affected file is software_library.php and affected parameters are order[0][column] and order[0][dir].2019-11-067.5CVE-2019-12918
MISC
MISC
rbot -- rbotRbot Reaction plugin allows command execution2019-11-067.5CVE-2010-2446
MISC
MISC
red_hat -- openshiftcartridges/openshift-origin-cartridge-mongodb-2.2/info/bin/dump.sh in OpenShift does not properly create files in /tmp.2019-11-017.5CVE-2013-0165
MISC
s9y -- serendipityCross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code in the image manager.2019-11-057.5CVE-2011-1134
CONFIRM
DEBIAN
SECTRACK
MISC
salesagility -- suitecrmSuiteCRM 7.10.x versions prior to 7.10.21 and 7.11.x versions prior to 7.11.9 allow SQL Injection.2019-11-067.5CVE-2019-18784
MISC
MISC
shadow_and_sudo -- shadow_and_sudoThere is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process.2019-11-047.2CVE-2005-4890
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
sonatype  -- nexus_repository_managerThere is an OS Command Injection in Nexus Repository Manager <= 2.14.14 (bypass CVE-2019-5475) that could allow an attacker a Remote Code Execution (RCE). All instances using CommandLineExecutor.java with user-supplied data is vulnerable, such as the Yum Configuration Capability.2019-11-019CVE-2019-15588
MISC
CONFIRM
twiki -- twikiTWiki allows arbitrary shell command execution via the Include function2019-11-017.5CVE-2005-3056
DEBIAN
MISC
CONFIRM
twiki -- twikiTWiki before 5.1.4 allows remote attackers to execute arbitrary shell commands by sending a crafted '%MAKETEXT{}%' parameter value containing Perl backtick characters.2019-11-0710CVE-2013-1751
MISC
MISC
CONFIRM
typo3 -- typo3TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 is open to a session fixation attack which allows remote attackers to hijack a victim's session.2019-11-059.4CVE-2010-3671
MISC
MISC
CONFIRM
typo3 -- typo3TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to bypass authentication mechanisms in the backend through a crafted request.2019-11-067.5CVE-2011-4628
MISC
CONFIRM
xlockmore -- xlockmorexlockmore 5.13 and 5.22 segfaults when using libpam-opensc and returns the underlying xsession. This allows unauthorized users access to the X session.2019-11-067.5CVE-2006-0061
MISC
MISC
MISC
xlockmore -- xlockmorexlockmore 5.13 allows potential xlock bypass when FVWM switches to the same virtual desktop as a new Gaim window.2019-11-067.5CVE-2006-0062
MISC
MISC
youphptube -- youphptubeAn issue was discovered in YouPHPTube through 7.7. User input passed through the live_stream_code POST parameter to /plugin/LiveChat/getChat.json.php is not properly sanitized (in getFromChat in plugin/LiveChat/Objects/LiveChatObj.php) before being used to construct a SQL query. This can be exploited by malicious users to, e.g., read sensitive data from the database through in-band SQL Injection attacks. Successful exploitation of this vulnerability requires the Live Chat plugin to be enabled.2019-11-027.5CVE-2019-18662
MISC
Back to top

 

Medium Vulnerabilities

Primary
Vendor -- Product		DescriptionPublishedCVSS ScoreSource & Patch Info
360 -- multiple_routersA command injection vulnerability exists when the authorized user passes crafted parameter to background process in the router. This affects 360 router series products (360 Safe Router P0,P1,P2,P3,P4), the affected version is V2.0.61.58897.2019-11-046.5CVE-2018-19031
MISC
alqo -- alqoalqo through 4.1 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk.2019-11-055CVE-2018-19161
MISC
MISC
amazon_web_services -- freertos+fatReal Time Engineers FreeRTOS+FAT 160919a has a use after free. The function FF_Close() is defined in ff_file.c. The file handler pxFile is freed by ffconfigFREE, which (by default) is a macro definition of vPortFree(), but it is reused to flush modified file content from the cache to disk by the function FF_FlushCache().2019-11-045CVE-2019-18178
MISC
atlassian -- jiraAn issue was discovered in the Infosysta "In-App & Desktop Notifications" app before 1.6.14_J8 for Jira. It is possible to obtain a list of all Jira projects (with authentication as a Jira user, but without authorization for specific projects) via the plugins/servlet/nfj/NotificationSettings URI.2019-11-014CVE-2019-16909
MISC
MISC
atlassian -- jiraAn issue was discovered in the Infosysta "In-App & Desktop Notifications" app before 1.6.14_J8 for Jira. It is possible to obtain a list of all Jira projects without authentication/authorization via the plugins/servlet/nfj/ProjectFilter?searchQuery= URI.2019-11-015CVE-2019-16908
MISC
MISC
avast -- antivirusA Cross Site Scripting (XSS) issue exists in Avast AntiVirus (Free, Internet Security, and Premiere Edition) 19.3.2369 build 19.3.4241.440 in the Network Notification Popup, allowing an attacker to execute JavaScript code via an SSID Name.2019-11-014.3CVE-2019-18653
MISC
MISC
avg_technologies -- antivirusA Cross Site Scripting (XSS) issue exists in AVG AntiVirus (Internet Security Edition) 19.3.3084 build 19.3.4241.440 in the Network Notification Popup, allowing an attacker to execute JavaScript code via an SSID Name.2019-11-014.3CVE-2019-18654
MISC
MISC
broadcom -- brocade_sannavA vulnerability, in The ReportsTrustManager class of Brocade SANnav versions before v2.0, could allow an attacker to perform a man-in-the-middle attack against Secure Sockets Layer(SSL)connections.2019-11-085.8CVE-2019-16209
CONFIRM
broadcom -- brocade_sannavBrocade SANnav versions before v2.0 use a hard-coded password, which could allow local authenticated attackers to access a back-end database and gain privileges.2019-11-084.6CVE-2019-16207
CONFIRM
centurylink -- technicolor_c2000t_and_c2100t_modemsTechnicolor C2000T and C2100T uses hard-coded cryptographic keys.2019-11-064.3CVE-2015-7276
MISC
MISC
cisco -- enterprise_chat_and_emailA vulnerability in the HTTP API of Cisco Enterprise Chat and Email could allow an unauthenticated, remote attacker to download files attached through chat sessions. The vulnerability is due to insufficient authentication mechanisms on the file download function of the API. An attacker could exploit this vulnerability by sending a crafted request to the API. A successful exploit could allow the attacker to download files that other users attach through the chat feature. This vulnerability affects versions prior to 12.0(1)ES1.2019-11-054.3CVE-2019-1877
CISCO
cisco -- multiple_productsA vulnerability in the stream reassembly component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper reassembly of traffic streams. An attacker could exploit this vulnerability by sending crafted streams through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems that would otherwise be blocked.2019-11-055CVE-2019-1978
CISCO
cisco -- multiple_productsA vulnerability in the protocol detection component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper detection of the initial use of a protocol on a nonstandard port. An attacker could exploit this vulnerability by sending traffic on a nonstandard port for the protocol in use through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems that would otherwise be blocked. Once the initial protocol flow on the nonstandard port is detected, future flows on the nonstandard port will be successfully detected and handled as configured by the applied policy.2019-11-055CVE-2019-1980
CISCO
cisco -- multiple_productsA vulnerability in the normalization functionality of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to insufficient normalization of a text-based payload. An attacker could exploit this vulnerability by sending traffic that contains specifically obfuscated payloads through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious payloads to protected systems that would otherwise be blocked.2019-11-055CVE-2019-1981
CISCO
cisco -- multiple_productsA vulnerability in the HTTP traffic filtering component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper handling of HTTP requests, including those communicated over a secure HTTPS connection, that contain maliciously crafted headers. An attacker could exploit this vulnerability by sending malicious requests to an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems, allowing attackers to deliver malicious content that would otherwise be blocked.2019-11-055CVE-2019-1982
CISCO
cisco -- telepresence_advanced_media_gatewayA vulnerability in the web application of Cisco TelePresence Advanced Media Gateway could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the lack of input validation in the web application. An attacker could exploit this vulnerability by sending a crafted authenticated HTTP request to the device. An exploit could allow the attacker to stop services on an affected device. The device may become inoperable and results in a denial of service (DoS) condition.2019-11-056.8CVE-2019-15966
CISCO
clamav -- clamavClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system.2019-11-055CVE-2019-12625
MISC
clamav -- clamavClamAV versions prior to 0.101.2 are susceptible to a denial of service (DoS) vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result of inadequate bound-checking.2019-11-055CVE-2019-1789
MISC
cloakcoin -- cloakcoinCloakCoin through 2.2.2.0 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk.2019-11-055CVE-2018-19167
MISC
MISC
computing_for_good -- basic_laboratory_information_systemComputing For Good's Basic Laboratory Information System (also known as C4G BLIS) version 3.5 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may enumerate the user names and facility names in use on a particular installation.2019-11-065CVE-2019-5643
MISC
cryptocat_project -- cryptocatCryptocat before 2.0.22: cryptocat.js handlePresence() has cross site scripting2019-11-054.3CVE-2013-4107
MISC
MISC
MISC
MISC
cryptocat_project -- cryptocatCryptocat before 2.0.22 has Remote Denial of Service via username2019-11-045CVE-2013-4100
MISC
MISC
MISC
MISC
cryptocat_project -- cryptocatCryptocat before 2.0.22 has Multiparty Encryption Scheme Information Disclosure2019-11-045CVE-2013-4105
MISC
MISC
MISC
cryptocat_project -- cryptocatCryptocat before 2.0.22 Link Markup Decorator HTML Handling Weakness2019-11-045CVE-2013-4101
MISC
MISC
MISC
cryptocat_project -- cryptocatCryptocat has an Unspecified Chat Participant User List Disclosure2019-11-055CVE-2013-4110
MISC
MISC
MISC
MISC
cryptocat_project -- cryptocatCryptocat strophe.js before 2.0.22 has information disclosure2019-11-045CVE-2013-2262
MISC
MISC
MISC
MISC
cryptocat_project -- cryptocatCryptocat before 2.0.22 strophe.js Math.random() Random Number Generator Weakness2019-11-046.4CVE-2013-4102
MISC
MISC
MISC
MISC
cryptocat_project -- cryptocatCryptocat before 2.0.22: Cryptocat.random() Function Array Key has Entropy Weakness2019-11-045CVE-2013-2260
MISC
MISC
MISC
MISC
cryptocat_project -- cryptocatCryptocat before 2.0.22 Chrome Extension 'img/keygen.gif' has Information Disclosure2019-11-045CVE-2013-2261
MISC
MISC
MISC
cryptocat_project -- cryptocatCryptocat before 2.0.22 has weak encryption in the Socialist Millionnaire Protocol2019-11-045CVE-2013-4104
MISC
MISC
MISC
MISC
cryptocat_project -- cryptocatCryptocat before 2.0.22 has Nickname User Impersonation2019-11-045CVE-2013-2258
MISC
MISC
MISC
cryptocat_project -- cryptocat
 		Cryptocat before 2.0.42 has Group Chat ECC Private Key Generation Brute Force Weakness2019-11-045CVE-2013-2257
MISC
MISC
MISC
diamond -- diamondDiamond through 3.0.1.2 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk.2019-11-055CVE-2018-19160
MISC
MISC
divi_project -- diviDivi through 4.0.5 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk.2019-11-055CVE-2018-19162
MISC
MISC
djvulibre -- djvulibreDjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU::filter_fv at IW44EncodeCodec.cpp.2019-11-075CVE-2019-18804
MISC
MLIST
MISC
eclipse -- jettyCookie Dump Servlet stored XSS vulnerability in jetty though 6.1.20.2019-11-064.3CVE-2009-5048
MISC
MISC
MLIST
eclipse -- jettyWebApp JSP Snoop page XSS in jetty though 6.1.21.2019-11-064.3CVE-2009-5049
MISC
MISC
MLIST
emercoin -- emercoinemercoin through 0.7 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service. The attacker sends invalid headers/blocks. The attack requires no stake and can fill the victim's disk and RAM.2019-11-055CVE-2018-19152
MISC
MISC
f5 -- big-ipOn BIG-IP AFM 15.0.0-15.0.1, 14.0.0-14.1.2, 13.1.0-13.1.3.1, and 12.1.0-12.1.5, a vulnerability in the AFM configuration utility may allow any authenticated BIG-IP user to run an SQL injection attack.2019-11-014CVE-2019-6658
CONFIRM
f5 -- big-ipOn BIG-IP 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, a reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Traffic Management User Interface (TMUI), also known as the BIG-IP Configuration utility.2019-11-014.3CVE-2019-6657
CONFIRM
fastweb -- fastgateFastweb FASTGate 1.0.1b devices allow partial authentication bypass by changing a certain check_pwd return value from 0 to 1. An attack does not achieve administrative control of a device; however, the attacker can view all of the web pages of the administration console.2019-11-025CVE-2019-18661
MISC
MISC
federal_communications_commission -- wireless_emergency_alertsThe Wireless Emergency Alerts (WEA) protocol allows remote attackers to spoof a Presidential Alert because cryptographic authentication is not used, as demonstrated by MessageIdentifier 4370 in LTE System Information Block 12 (aka SIB12). NOTE: testing inside an RF-isolated shield box suggested that all LTE phones are affected by design (e.g., use of Android versus iOS does not matter); testing in an open RF environment is, of course, contraindicated.2019-11-025CVE-2019-18659
MISC
forcepoint -- email_securityIt has been reported that XSS is possible in Forcepoint Email Security, versions 8.5 and 8.5.3. It is strongly recommended that you apply the relevant hotfix in order to remediate this issue.2019-11-054.3CVE-2019-6142
CONFIRM
foswiki -- foswikiFoswiki before 1.1.8 contains a code injection vulnerability in the MAKETEXT macro.2019-11-016.8CVE-2013-1666
CONFIRM
MISC
MISC
MISC
freebsd -- nsdFreeBSD NSD before 3.2.13 allows remote attackers to crash a NSD child server process (SIGSEGV) and cause a denial of service in the NSD server.2019-11-014.3CVE-2012-2979
MISC
CONFIRM
MISC
glpi_project -- glpiGLPI 0.83.7 has Local File Inclusion in common.tabs.php.2019-11-015CVE-2013-2227
MISC
MISC
MISC
MISC
MISC
gnome -- evinceevince is missing a check on number of pages which can lead to a segmentation fault2019-11-014.3CVE-2013-3718
MISC
MISC
MISC
MISC
gnu -- glibcslim has NULL pointer dereference when using crypt() method from glibc 2.172019-11-045CVE-2013-4412
MISC
MISC
MISC
MISC
MISC
MISC
gnuboard -- gnuboard5GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "board tail contents" parameter, aka the adm/board_form_update.php bo_content_tail parameter.2019-11-074.3CVE-2018-18674
MISC
MISC
MISC
gource -- gourceGource through 0.26 logs to a predictable file name (/tmp/gource-$UID.tmp), enabling attackers to overwrite an arbitrary file via a symlink attack.2019-11-075.5CVE-2010-2449
CONFIRM
MISC
BID
gs-gpl -- gs-gplI race condition in Temp files was found in gs-gpl before 8.56 addons scripts.2019-11-016.8CVE-2005-2352
MISC
MISC
horde -- groupware_webmail_editionMultiple CSRF issues in Horde Groupware Webmail Edition 5.1.2 and earlier in basic.php.2019-11-054.3CVE-2013-6275
MISC
MISC
MISC
MISC
MISC
MISC
MISC
htmlcoin -- htmlcoinHTMLCOIN through 2.12 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service. The attacker sends invalid headers/blocks. The attack requires no stake and can fill the victim's disk and RAM.2019-11-055CVE-2018-19154
MISC
MISC
icoutils -- icoutilsThe extract_group_icon_cursor_resource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.2019-11-046.8CVE-2017-5332
SUSE
SUSE
SUSE
REDHAT
DEBIAN
MLIST
BID
UBUNTU
CONFIRM
CONFIRM
icoutils -- icoutilsInteger overflow in the check_offset function in b/wrestool/fileread.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.2019-11-044.6CVE-2017-5331
SUSE
SUSE
SUSE
DEBIAN
MLIST
BID
UBUNTU
CONFIRM
icoutils -- icoutilsInteger overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) or execute arbitrary code via a crafted executable file.2019-11-046.8CVE-2017-5333
SUSE
SUSE
SUSE
REDHAT
DEBIAN
MLIST
BID
UBUNTU
CONFIRM
CONFIRM
internet_systems_consortium -- bindThere had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. All releases of dhcpd from ISC contain copies of this, and other, BIND libraries in combinations that have been tested prior to release and are known to not present issues like this. Some third-party packagers of ISC software have modified the dhcpd source, BIND source, or version matchup in ways that create the crash potential. Based on reports available to ISC, the crash probability is large and no analysis has been done on how, or even if, the probability can be manipulated by an attacker. Affects: Builds of dhcpd versions prior to version 4.4.1 when using BIND versions 9.11.2 or later, or BIND versions with specific bug fixes backported to them. ISC does not have access to comprehensive version lists for all repackagings of dhcpd that are vulnerable. In particular, builds from other vendors may also be affected. Operators are advised to consult their vendor documentation.2019-11-015CVE-2019-6470
CONFIRM
REDHAT
CONFIRM
CONFIRM
CONFIRM
investintech -- able2extract_professionalAn exploitable memory corruption vulnerability exists in Investintech Able2Extract Professional 4.0.7 x64. A specially crafted JPEG file can cause an out-of-bounds memory write, allowing an attacker to execute arbitrary code on the victim machine. An attacker could exploit a vulnerability by providing the user with a specially crafted JPEG file.2019-11-056.8CVE-2019-5089
MISC
investintech -- able2extract_professionalAn exploitable memory corruption vulnerability exists in Investintech Able2Extract Professional 14.0.7 x64. A specially crafted BMP file can cause an out-of-bounds memory write, allowing a potential attacker to execute arbitrary code on the victim machine. Can trigger this vulnerability by sending the user a specially crafted BMP file.2019-11-056.8CVE-2019-5088
MISC
joomla! -- joomla!An issue was discovered in Joomla! before 3.9.13. A missing access check in the phputf8 mapping files could lead to a path disclosure.2019-11-065CVE-2019-18674
MISC
joomla! -- joomla!An issue was discovered in Joomla! before 3.9.13. A missing token check in com_template causes a CSRF vulnerability.2019-11-066.8CVE-2019-18650
MISC
konversation -- konversationkonversation before 1.2.3 allows attackers to cause a denial of service.2019-11-065CVE-2009-5050
MISC
MISC
MLIST
kubernetes -- kube-state-metricsA security issue was discovered in the kube-state-metrics versions v1.7.0 and v1.7.1. An experimental feature was added to the v1.7.0 release that enabled annotations to be exposed as metrics. By default, the kube-state-metrics metrics only expose metadata about Secrets. However, a combination of the default `kubectl` behavior and this new feature can cause the entire secret content to end up in metric labels thus inadvertently exposing the secret content in metrics. This feature has been reverted and released as the v1.7.2 release. If you are running the v1.7.0 or v1.7.1 release, please upgrade to the v1.7.2 release as soon as possible.2019-11-054CVE-2019-10223
CONFIRM
MISC
lead_technologies -- leadtoolsAn exploitable heap overflow vulnerability exists in the JPEG2000 parsing functionality of LEADTOOLS 20. A specially crafted J2K image file can cause an out of bounds write of a heap buffer, potentially resulting in code execution. An attack can specially craft a J2K image to trigger this vulnerability.2019-11-066.8CVE-2019-5125
MISC
lead_technologies -- leadtoolsAn exploitable heap out-of-bounds write vulnerability exists in the TIF-parsing functionality of LEADTOOLS 20. A specially crafted TIF image can cause an offset beyond the bounds of a heap allocation to be written, potentially resulting in code execution. An attacker can specially craft a TIF image to trigger this vulnerability.2019-11-066.8CVE-2019-5084
MISC
lead_technologies -- leadtoolsAn exploitable integer overflow vulnerability exists in the BMP header parsing functionality of LEADTOOLS 20. A specially crafted BMP image file can cause an integer overflow, potentially resulting in code execution. An attacker can specially craft a BMP image to trigger this vulnerability.2019-11-066.8CVE-2019-5100
MISC
lead_technologies -- leadtoolsAn exploitable integer underflow vulnerability exists in the CMP-parsing functionality of LEADTOOLS 20. A specially crafted CMP image file can cause an integer underflow, potentially resulting in code execution. An attacker can specially craft a CMP image to trigger this vulnerability.2019-11-066.8CVE-2019-5099
MISC
linux -- linux_kernelTwo memory leaks in the sja1105_static_config_upload() function in drivers/net/dsa/sja1105/sja1105_spi.c in the Linux kernel before 5.3.5 allow attackers to cause a denial of service (memory consumption) by triggering static_config_buf_prepare_for_upload() or sja1105_inhibit_tx() failures, aka CID-68501df92d11.2019-11-075CVE-2019-18807
MISC
MISC
linux -- linux_kernelovirt-engine 3.2 running on Linux kernel 3.1 and newer creates certain files world-writeable due to an upstream kernel change which impacted how python's os.chmod() works when passed a mode of '-1'.2019-11-014.6CVE-2013-4367
MISC
MISC
linux -- linux_kernelA memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.2019-11-075CVE-2019-18808
MISC
linux -- linux_kernelAn issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem). These issues are caused by wrong mutex locking in vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and the corresponding kthreads. At least one of these race conditions leads to a use-after-free.2019-11-046.9CVE-2019-18683
MLIST
MISC
MISC
luxcore -- luxcoinlux through 5.2.2 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk.2019-11-055CVE-2018-19159
MISC
MISC
magento -- magentoA remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with admin privileges to manipulate shippment settings can execute arbitrary code through server-side request forgery due to unsafe handling of a carrier gateway.2019-11-066.5CVE-2019-8151
MISC
magento -- magentoA SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with access to email templates can send malicious SQL queries and obtain access to sensitive information stored in the database.2019-11-064CVE-2019-8143
MISC
magento -- magentoInsecure authentication and session management vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An unauthenticated user can leverage a guest session id value following a successful login to gain access to customer account index page.2019-11-055CVE-2019-8116
MISC
magento -- magentoMagento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1 uses cryptographically weak random number generator to brute-force the confirmation code for customer registration.2019-11-055CVE-2019-8113
MISC
magento -- magentoA security bypass vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An unauthenticated user can bypass the email confirmation mechanism via GET request that captures relevant account data obtained from the POST response related to new user creation.2019-11-055CVE-2019-8112
MISC
magento -- magentoA SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with privileges to an account with Newsletter Template editing permission could exfiltrate the Admin login data, and reset their password, effectively performing a privilege escalation.2019-11-056.5CVE-2019-8127
MISC
magento -- magentoA SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. A user with store manipulation privileges can execute arbitrary SQL queries by getting access to the database connection through group instance in email templates.2019-11-066.5CVE-2019-8130
MISC
magento -- magentoIn Magento to 1.9.4.3 and Magento prior to 1.14.4.3, an authenticated user with administrative privileges for editing attribute sets can execute arbitrary code through custom layout modification.2019-11-066.5CVE-2019-8231
MISC
magento -- magentoMagento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 uses weak cryptographic function to store the failed login attempts for customer accounts.2019-11-055CVE-2019-8118
MISC
magento -- magentoAn insufficient logging and monitoring vulnerability exists in Magento 1 prior to 1.9.4.3 and 1.14.4.3, Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. The logging feature required for effective monitoring did not contain sufficent data to effectively track configuration changes.2019-11-055CVE-2019-8123
MISC
magento -- magentoA SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. A user with marketing privileges can execute arbitrary SQL queries in the database when accessing email template variables.2019-11-066.5CVE-2019-8134
MISC
magento -- magentoA remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with privileges to manipulate CMS section of the website can trigger remote code execution via custom layout update.2019-11-066.5CVE-2019-8137
MISC
magento -- magentoIn Magentoprior to 1.9.4.3, and Magento prior to 1.14.4.3, an authenticated user with administrative privileges to edit configuration settings can execute arbitrary code through a crafted support/output path.2019-11-066.5CVE-2019-8230
MISC
magento -- magentoIn Magento prior to 1.9.4.3, and Magento prior to 1.14.4.3, an authenticated user with administrative privileges to edit product attributes can execute arbitrary code through crafted layout updates.2019-11-066.5CVE-2019-8229
MISC
magento -- magentoA server-side request forgery (SSRF) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with admin privileges to modify store configurations can manipulate the connector api endpoint to enable remote code execution.2019-11-066.5CVE-2019-8156
MISC
magento -- magentoIn Magento prior to 1.9.4.3, Magento prior to 1.14.4.3, Magento 2.2 prior to 2.2.10, and Magento 2.3 prior to 2.3.3 or 2.3.2-p1, an authenticated user with administrative privileges for the import feature can execute arbitrary code through a race condition that allows webserver configuration file modification.2019-11-066CVE-2019-8232
MISC
magento -- magentoA remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can craft a malicious CSRF payload that can result in arbitrary command execution.2019-11-056CVE-2019-8109
MISC
magento -- magentoA remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with privileges to manipulate layouts and images can insert a malicious payload into the page layout.2019-11-066.5CVE-2019-8150
MISC
magento -- magentoIn Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1, an unauthenticated user can inject arbitrary JavaScript code as a result of the sanitization engine ignoring HTML comments.2019-11-064.3CVE-2019-8233
MISC
magento -- magentoA mitigation bypass to prevent cross-site scripting (XSS) exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. Successful exploitation of this vulnerability would result in an attacker being able to bypass the `escapeURL()` function and execute a malicious XSS payload.2019-11-064.3CVE-2019-8153
MISC
magento -- magentoA remote code execution vulnerability exists in Magento 1 prior to 1.9.4.3 and 1.14.4.3. An authenticated admin user with privileges to access product attributes can leverage layout updates to trigger remote code execution.2019-11-056.5CVE-2019-8091
MISC
magento -- magentoAn unrestricted file upload vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated admin user can manipulate the Synchronization feature in the Media File Storage of the database to transform uploaded JPEG file into a PHP file.2019-11-064CVE-2019-8140
MISC
magento -- magentoA security bypass vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. A user with privileges to generate sitemaps can bypass configuration that restricts directory access. The bypass allows overwrite of a subset of configuration files which can lead to denial of service.2019-11-064CVE-2019-8133
MISC
magento -- magentoAn XML entity injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated admin user can craft document type definition for an XML representing XML layout. The crafted document type definition and XML layout allow processing of external entities which can lead to information disclosure.2019-11-054CVE-2019-8126
MISC
magento -- magentoInsecure authentication and session management vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can manipulate session validation setting for a storefront that leads to insecure authentication and session management.2019-11-054CVE-2019-8108
MISC
magento -- magentoAn insufficient logging and monitoring vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. Failure to track admin actions related to design configuration could lead to repudiation attacks.2019-11-055CVE-2019-8124
MISC
magento -- magentoAn arbitrary file deletion vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. An authenticated users can manipulate the design layout update feature.2019-11-055.5CVE-2019-8090
MISC
magento -- magentoMagento prior to 1.9.4.3 and prior to 1.14.4.3 included a user's CSRF token in the URL of a GET request. This could be exploited by an attacker with access to network traffic to perform unauthorized actions.2019-11-065CVE-2019-8155
MISC
magento -- magentoA remote code execution vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. An authenticated user with administrative privileges (system level import) can execute arbitrary code through a Phar deserialization vulnerability in the import functionality.2019-11-066.5CVE-2019-8141
MISC
magento -- magentoAn arbitrary file deletion vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with export data transfer privileges can craft a request to perform arbitrary file deletion.2019-11-055.5CVE-2019-8107
MISC
magento -- magentoA remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can leverage plugin functionality related to email templates to manipulate the interceptor class in a way that allows an attacker to execute arbitrary code.2019-11-056.5CVE-2019-8111
MISC
magento -- magentoA remote code execution vulnerability exists in Magento 1 prior to 1.9.4.3 and 1.14.4.3, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with admin privileges to import features can execute arbitrary code via crafted configuration archive file upload.2019-11-056.5CVE-2019-8114
MISC
magento -- magentoA remote code execution vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. An authenticated user with privileges to create products can craft custom layout update and use import product functionality to enable remote code execution.2019-11-056.5CVE-2019-8122
MISC
magento -- magentoA remote code execution vulnerability exists in Magento 1 prior to 1.9.x and 1.14.x. An authenticated admin user can modify configuration parameters via crafted support configuration. The modification can lead to remote code execution.2019-11-056.5CVE-2019-8125
MISC
magento -- magento
 		A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can leverage email templates hierarchy to manipulate the interceptor class in a way that allows an attacker to execute arbitrary code.2019-11-056.5CVE-2019-8110
MISC
magento -- magento
 		An arbitrary file access vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can leverage file upload controller for downloadable products to read/delete an arbitary files.2019-11-056.5CVE-2019-8093
MISC
magento -- magento
 		A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. An authenticated admin user with import product privileges can delete files through bulk product import and inject code into XSLT file. The combination of these manipulations can lead to remote code execution.2019-11-056.5CVE-2019-8119
MISC
mantisbt -- mantisbtAn access control issue in MantisBT before 1.2.13 allows users with "Reporter" permissions to change any issue to "New".2019-11-074CVE-2013-1811
MISC
MISC
MISC
CONFIRM
MISC
miniupnpd -- miniupnpdMiniUPnPd has information disclosure use of snprintf()2019-11-015CVE-2013-2600
MISC
MISC
MISC
MISC
MISC
mondo -- mondoMondo 2.24 has insecure handling of temporary files.2019-11-076.4CVE-2007-3915
MISC
navcoin -- navcoinnavcoin through 4.3.0 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service. The attacker sends invalid headers/blocks. The attack requires no stake and can fill the victim's disk and RAM.2019-11-055CVE-2018-19155
MISC
MISC
neblio -- neblioneblio through 1.5.1 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk.2019-11-055CVE-2018-19165
MISC
MISC
nicehash -- minerAn issue was discovered in NiceHash Miner before 2.0.3.0. A missing rate limit while adding a wallet via Email address allows remote attackers to submit a large number of email addresses to identify valid ones. By exploiting this vulnerability with CVE-2019-6122 (Username Enumeration) an adversary can enumerate a large number of valid users' Email addresses.2019-11-065CVE-2019-6120
MISC
MISC
nicehash -- minerA Username Enumeration via Error Message issue was discovered in NiceHash Miner before 2.0.3.0 because an "EMAIL DOES NOT EXIST" error message occurs whenever a submitted email address is incorrect, but there is a different error message for invalid credentials with a correct email address.2019-11-064.3CVE-2019-6122
MISC
MISC
nicehash -- minerAn issue was discovered in NiceHash Miner before 2.0.3.0. Missing Authorization allows an adversary to can gain access to a miner's information about such as his recent payments, unclaimed Balance, Old Balance (at the time of December 2017 breach) , Projected payout, Mining stats like profitability, Efficiency, Number of workers, etc.. A valid Email address is required in order to retrieve this Information.2019-11-064.3CVE-2019-6121
MISC
MISC
nokogiri_gem_for_ruby_on_rails -- nokogiri_gem_for_ruby_on_railsNokogiri gem 1.5.x has Denial of Service via infinite loop when parsing XML documents2019-11-054.3CVE-2013-6460
MISC
MISC
MISC
MISC
MISC
MISC
MISC
nokogiri_gem_for_ruby_on_rails -- nokogiri_gem_for_ruby_on_railsNokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits2019-11-054.3CVE-2013-6461
MISC
MISC
MISC
MISC
MISC
MISC
oetiker+partner -- smokepingCross-site scripting (XSS) vulnerability in SmokePing 2.6.9 in the start and end time fields.2019-11-014.3CVE-2013-4168
MISC
MISC
MISC
MISC
MISC
MISC
one_identity -- cloud_access_managerOne Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows CSRF for logout requests.2019-11-044.3CVE-2019-13497
MISC
CONFIRM
one_identity -- cloud_access_managerOne Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows OTP bypass via vectors involving a man in the middle, the One Identity Defender product, and replacing a failed SAML response with a successful SAML response.2019-11-044.3CVE-2019-13496
MISC
CONFIRM
open_build_service -- open_build_serviceOpen Build Service before version 0.165.4 diddn't validate TLS certificates for HTTPS connections with the osc client binary2019-11-056.8CVE-2019-3685
CONFIRM
openstack -- keystone_and_computeHTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates.2019-11-014.3CVE-2013-2255
MISC
MISC
MISC
MISC
MISC
MISC
MISC
openttd -- openttdOpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server.2019-11-074CVE-2012-0049
CONFIRM
MISC
MISC
MISC
MISC
oxid -- multiple_productsAn issue was discovered in OXID eShop 6.x before 6.0.6 and 6.1.x before 6.1.5, OXID eShop Enterprise Edition Version 5.2.x-5.3.x, OXID eShop Professional Edition Version 4.9.x-4.10.x and OXID eShop Community Edition Version: 4.9.x-4.10.x. By using a specially crafted URL, users with administrative rights could unintentionally grant unauthorized users access to the admin panel via session fixation.2019-11-056.8CVE-2019-17062
MISC
pagure -- pagurePagure: XSS possible in file attachment endpoint2019-11-064.3CVE-2016-1000037
MISC
MISC
MISC
MISC
particl -- particlparticl through 0.17 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service. The attacker sends invalid headers/blocks. The attack requires no stake and can fill the victim's disk and RAM.2019-11-055CVE-2018-19153
MISC
MISC
peercoin -- peercoinpeercoin through 0.6.4 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk.2019-11-055CVE-2018-19166
MISC
MISC
pfsense -- pfsense/usr/local/www/freeradius_view_config.php in the freeradius3 package before 0.15.7_3 for pfSense on FreeBSD allows a user with an XSS payload as password or username to execute arbitrary javascript code on a victim browser.2019-11-024.3CVE-2019-18667
MISC
phantomjs -- phantomjsPhantomJS through 2.1.1 has an arbitrary file read vulnerability, as demonstrated by an XMLHttpRequest for a file:// URI. The vulnerability exists in the page.open() function of the webpage module, which loads a specified URL and calls a given callback. An attacker can supply a specially crafted HTML file, as user input, that allows reading arbitrary files on the filesystem. For example, if page.render() is the function callback, this generates a PDF or an image of the targeted file. NOTE: this product is no longer developed.2019-11-055CVE-2019-17221
MISC
phore -- phorePhore through 1.3.3.1 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk.2019-11-055CVE-2018-19157
MISC
MISC
pivx -- pivxPIVX through 3.1.03 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk.2019-11-055CVE-2018-19156
MISC
MISC
popojicms -- popojicmspo-admin/route.php?mod=post&act=edit in PopojiCMS 2.0.1 allows post[1][content]= stored XSS.2019-11-074.3CVE-2019-18816
MISC
popojicms -- popojicmsPopojiCMS 2.0.1 allows refer= Open Redirection.2019-11-075.8CVE-2019-18815
MISC
portainer -- portainerPortainer before 1.22.1 has Incorrect Access Control (issue 4 of 4).2019-11-076.5CVE-2019-16877
MISC
portainer -- portainerPortainer before 1.22.1 allows Directory Traversal.2019-11-075CVE-2019-16876
MISC
portainer -- portainerPortainer before 1.22.1 has Incorrect Access Control (issue 2 of 4).2019-11-074CVE-2019-16874
MISC
progress -- sitefinity_cmsProgress Sitefinity CMS before 10.1 allows XSS via /Pages Parameter : Page Title, /Content/News Parameter : News Title, /Content/List Parameter : List Title, /Content/Documents/LibraryDocuments/incident-request-attachments Parameter : Document Title, /Content/Images/LibraryImages/newsimages Parameter : Image Title, /Content/links Parameter : Link Title, /Content/links Parameter : Link Title, or /Content/Videos/LibraryVideos/default-video-library Parameter : Video Title.2019-11-064.3CVE-2017-18639
MISC
qualcomm -- multiple_productsLack of check for a negative value returned for get_clk is wrongly interpreted as valid pointer and lead to use after free in clk driver in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX242019-11-064.6CVE-2019-10524
CONFIRM
qualcomm -- multiple_productsFirmware not able to send EXT scan response to host within 1 sec due to resource consumption issue in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 665, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_20162019-11-065CVE-2019-10504
CONFIRM
qualcomm -- multiple_productsDCI client which might be preemptively freed up might be accessed for transferring packets leading to kernel error in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX242019-11-064.9CVE-2019-10515
CONFIRM
qualcomm -- multiple_productsNull pointer dereference can occur while parsing invalid chunks while playing the nonstandard clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCA6574AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX202019-11-065CVE-2019-10488
CONFIRM
qualcomm -- multiple_productsPossible stack overflow when an index equal to io buffer size is accessed in camera module in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / SD 850, SD 855, SDM439, SDX242019-11-064.6CVE-2019-10502
CONFIRM
MISC
qualcomm -- multiple_productsADSP can be compromised since it`s a general-purpose CPU processing untrusted data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX242019-11-064.6CVE-2019-10491
CONFIRM
qualcomm -- multiple_productsPayload size is not checked before using it as array index in audio in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, SXR11302019-11-064.6CVE-2019-10512
CONFIRM
qualcomm -- multiple_productsLack of checking a variable received from driver and populating in Firmware data structure leads to buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR11302019-11-064.6CVE-2019-10496
CONFIRM
qualcomm -- multiple_productsArbitrary buffer write issue while processing sequence header during HEVC or AVC encoding. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR11302019-11-064.6CVE-2019-10495
CONFIRM
quest -- kace_systems_management_appliance_server_centerQuest KACE Systems Management Appliance Server Center 9.1.317 is vulnerable to SQL injection. An authenticated user has the ability to execute arbitrary commands against the database. The affected component is /userui/ticket_list.php, and affected parameters are order[0][column] and order[0][dir].2019-11-066.5CVE-2019-13076
MISC
MISC
quest -- kace_systems_management_appliance_server_centerQuest KACE Systems Management Appliance Server Center 9.1.317 has an XSS vulnerability (via the sam_detail_titled.php SAM_TYPE parameter) that allows an attacker to create a malicious link in order to attack authenticated users.2019-11-064.3CVE-2019-13077
MISC
MISC
quest -- kace_systems_management_appliance_server_centerA reflected XSS vulnerability exists in Quest KACE Systems Management Appliance Server Center 9.1.317 affecting the userui/software_library.php component via the PATH_INFO.2019-11-064.3CVE-2019-12917
MISC
MISC
quest -- kace_systems_management_appliance_server_centerQuest KACE Systems Management Appliance Server Center 9.1.317 is vulnerable to SQL injection. An authenticated user has the ability to execute arbitrary commands against the database. The affected component is /common/user_profile.php. The affected parameter is sort_column.2019-11-066.5CVE-2019-13078
MISC
MISC
quest -- kace_systems_management_appliance_server_center
 		Quest KACE Systems Management Appliance Server Center 9.1.317 is vulnerable to SQL injection. An authenticated user has the ability to execute arbitrary commands against the database. The affected component is /adminui/history_log.php. The affected parameter is TYPE_NAME.2019-11-066.5CVE-2019-13079
MISC
MISC
red_hat -- cloud_forms_management_engineMultiple cross-site scripting (XSS) vulnerabilities in ManageIQ EVM allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.2019-11-014.3CVE-2013-0186
CONFIRM
MISC
red_hat -- directory_server_8_and_389_directory_serverThe _ger_parse_control function in Red Hat Directory Server 8 and the 389 Directory Server allows attackers to cause a denial of service (NULL pointer dereference) via a crafted search query.2019-11-055CVE-2010-2222
MISC
MISC
red_hat -- jboss_aerogearJBoss AeroGear has reflected XSS via the password field2019-11-044.3CVE-2014-3649
MISC
MISC
reddcoin -- reddcoinreddcoin through 2.1.0.5 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk.2019-11-055CVE-2018-19164
MISC
MISC
s9y -- serendipityCross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code in plugins/ExtendedFileManager/manager.php and plugins/ImageManager/manager.php.2019-11-054.3CVE-2011-1135
CONFIRM
DEBIAN
SECTRACK
MISC
s9y -- serendipityCross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code via plugins/ExtendedFileManager/backend.php.2019-11-054.3CVE-2011-1133
CONFIRM
DEBIAN
SECTRACK
MISC
samba -- sambaA flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x before 4.10.10. An attacker can crash AD DC LDAP server via dirsync resulting in denial of service. Privilege escalation is not possible with this issue.2019-11-064CVE-2019-14847
SUSE
CONFIRM
MISC
sap -- sap_hana_databaseSAP HANA Database, versions 1.0, 2.0, allows an unauthorized attacker to send a malformed connection request, which crashes the indexserver of an SAP HANA instance, leading to Denial of Service2019-11-045CVE-2019-0350
MISC
MISC
sass -- libsassLibSass 3.6.1 has uncontrolled recursion in Sass::Eval::operator()(Sass::Binary_Expression*) in eval.cpp.2019-11-064.3CVE-2019-18797
MISC
sass -- libsassLibSass before 3.6.3 allows a heap-based buffer over-read in Sass::weaveParents in ast_sel_weave.cpp.2019-11-064.3CVE-2019-18798
MISC
sass -- libsassLibSass before 3.6.3 allows a NULL pointer dereference in Sass::Parser::parseCompoundSelector in parser_selectors.cpp.2019-11-064.3CVE-2019-18799
MISC
scipy -- scipyThe scipy.weave component in SciPy before 0.12.1 creates insecure temporary directories.2019-11-044.6CVE-2013-4251
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
secudos -- domosThe Log module in SECUDOS DOMOS before 5.6 allows local file inclusion.2019-11-025CVE-2019-18665
MISC
MISC
MISC
sourceforge -- archivemailarchivemail 0.6.2 uses temporary files insecurely leading to a possible race condition.2019-11-066.8CVE-2006-4245
MISC
MISC
stratisx_project -- stratisxstratisX through 2.0.0.5 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk.2019-11-055CVE-2018-19163
MISC
MISC
symantec -- sonar_componentThe Symantec SONAR component, prior to 12.0.2, may be susceptible to a tamper protection bypass vulnerability which could potentially allow an attacker to circumvent the existing tamper protection in use on the resident system.2019-11-014.1CVE-2019-12752
CONFIRM
symfony -- symfonyphp-symfony2-Validator has loss of information during serialization2019-11-014.9CVE-2013-4751
MISC
MISC
MISC
MISC
MISC
MISC
typo3 -- typo3TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows Information Disclosure on the backend.2019-11-064CVE-2011-4627
MISC
CONFIRM
typo3 -- typo3TYPO3 before 4.5.4 allows Information Disclosure in the backend.2019-11-064CVE-2011-4900
MISC
CONFIRM
typo3 -- typo3TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Header Injection in the secure download feature jumpurl.2019-11-045CVE-2010-3668
MISC
MISC
CONFIRM
typo3 -- typo3TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Spam Abuse in the native form content element.2019-11-045CVE-2010-3667
MISC
MISC
CONFIRM
typo3 -- typo3TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 contains insecure randomness in the uniqid function.2019-11-045CVE-2010-3666
MISC
MISC
CONFIRM
typo3 -- typo3TYPO3 before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS and Open Redirection in the frontend login box.2019-11-044.9CVE-2010-3669
MISC
MISC
CONFIRM
typo3 -- typo3TYPO3 before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows information disclosure in the mail header of the HTML mailing API.2019-11-055CVE-2010-3673
MISC
MISC
CONFIRM
typo3 -- typo3TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to extract arbitrary information from the TYPO3 database.2019-11-064CVE-2011-4901
MISC
CONFIRM
typo3 -- typo3TYPO3 before 4.4.9 and 4.5.x before 4.5.4 does not apply proper access control on ExtDirect calls which allows remote attackers to retrieve ExtDirect endpoint services.2019-11-064CVE-2011-4904
MISC
CONFIRM
typo3 -- typo3TYPO3 before 4.4.1 allows XSS in the frontend search box.2019-11-054.3CVE-2010-3674
MISC
MISC
CONFIRM
typo3 -- typo3TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 contains an insecure default value of the variable fileDenyPattern which could allow remote attackers to execute arbitrary code on the backend.2019-11-046.5CVE-2010-3663
MISC
MISC
CONFIRM
typo3 -- typo3TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to delete arbitrary files on the webserver.2019-11-065.5CVE-2011-4902
MISC
CONFIRM
typo3 -- typo3Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the RemoveXSS function.2019-11-064.3CVE-2011-4903
MISC
CONFIRM
typo3 -- typo3TYPO3 before 4.3.4 and 4.4.x before 4.4.1 contains insecure randomness during generation of a hash with the "forgot password" function.2019-11-055.8CVE-2010-3670
MISC
MISC
CONFIRM
typo3 -- typo3Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the "JSwindow" property of the typolink function.2019-11-064.3CVE-2011-4626
MISC
CONFIRM
typo3 -- typo3TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows SQL Injection on the backend.2019-11-046.5CVE-2010-3662
MISC
MISC
CONFIRM
typo3 -- typo3TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Open Redirection on the backend.2019-11-015.8CVE-2010-3661
MISC
MISC
CONFIRM
typo3 -- typo3TYPO3 before 4.3.4 and 4.4.x before 4.4.1 allows XSS in the textarea view helper in an extbase extension.2019-11-054.3CVE-2010-3672
MISC
MISC
CONFIRM
typo3 -- typo3TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Information Disclosure on the backend.2019-11-044CVE-2010-3664
MISC
MISC
CONFIRM
viewvc -- viewvcviewvc 1.0.3 allows improper access control to files in a repository when using the "forbidden" configuration option.2019-11-074.3CVE-2007-5743
MISC
MISC
websieve -- websieveCross-site scripting (XSS) vulnerability in websieve v0.62 allows remote attackers to inject arbitrary web script or HTML code in the web user interface.2019-11-014.3CVE-2005-2350
MISC
MISC
wordpress -- wordpressAn issue was discovered in the Currency Switcher addon before 2.11.2 for WooCommerce if a user provides a currency that was not added by the administrator. In this case, even though the currency does not exist, it will be selected, but a price amount will fall back to the default currency. This means that if an attacker provides a currency that does not exist and is worth less than this default, the attacker can eventually purchase an item for a significantly cheaper price.2019-11-024CVE-2019-18668
MISC
MISC
MISC
wordpress -- wordpressDirectory traversal vulnerability in the ajaxinit function in wpmarketplace/libs/cart.php in the WP Marketplace plugin before 2.4.1 for WordPress allows remote authenticated users to download arbitrary files via a .. (dot dot) in the file parameter.2019-11-064CVE-2014-9014
MISC
MISC
wordpress -- wordpressThe ajaxinit function in wpmarketplace/libs/cart.php in the WP Marketplace plugin 2.4.0 for WordPress allows remote authenticated users to create arbitrary users and gain admin privileges via a request to wpmp_pp_ajax_call with an execution target of wp_insert_user.2019-11-066.5CVE-2014-9013
MISC
wordpress -- wordpressAn issue was discovered in the MailPoet Newsletters (aka wysija-newsletters) plugin before 2.8.2 for WordPress. The plugin is vulnerable to SPAM attacks.2019-11-065CVE-2018-20853
CONFIRM
zoho_manageengine -- adselfservice_plusZoho ManageEngine ADSelfService Plus 5.x through 5803 has CSRF on the users' profile information page. Users who are attacked with this vulnerability will be forced to modify their enrolled information, such as email and mobile phone, unintentionally. Attackers could use the reset password function and control the system to send the authentication code back to the channel that the attackers own.2019-11-066.8CVE-2019-18411
MISC
Back to top

 

Low Vulnerabilities

Primary
Vendor -- Product		DescriptionPublishedCVSS ScoreSource & Patch Info
archos -- safe-t_devicesOn Archos Safe-T devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might be able to leverage this behavior to recover confidential secrets such as the PIN and BIP39 mnemonic. In other words, the side channel is relevant only if the attacker has enough control over the device's USB connection to make power-consumption measurements at a time when secret data is displayed. The side channel is not relevant in other circumstances, such as a stolen device that is not currently displaying secret data.2019-11-021.9CVE-2019-14358
MISC
broadcom -- brocade_sannavBrocade SANnav versions before v2.0, logs plain text database connection password while triggering support save.2019-11-082.1CVE-2019-16210
CONFIRM
dovecot -- dovecotA postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files.2019-11-052.1CVE-2016-4983
MISC
MISC
MISC
eximious -- logo_designerEximious Logo Designer 3.82 has a User Mode Write AV starting at ExiCustomPathLib!ExiCustomPathLib::CGradientColorsProfile::BuildGradientColorsTable+0x0000000000000053.2019-11-071.9CVE-2019-18821
MISC
eximious -- logo_designerEximious Logo Designer 3.82 has Heap Corruption starting at ntdll!RtlpNtMakeTemporaryKey+0x0000000000001a78.2019-11-072.1CVE-2019-18820
MISC
eximious -- logo_designerEximious Logo Designer 3.82 has a User Mode Write AV starting at ExiVectorRender!StrokeText_Blend+0x00000000000003a7.2019-11-072.1CVE-2019-18819
MISC
horde -- groupware_webmail_editionHorde Groupware Web mail 5.1.2 has CSRF with requests to change permissions2019-11-052.6CVE-2013-6365
MISC
MISC
MISC
MISC
MISC
MISC
hyundai -- pay_kasse_hk-1000_devicesOn Hyundai Pay Kasse HK-1000 devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might be able to leverage this behavior to recover confidential secrets such as the PIN and BIP39 mnemonic. In other words, the side channel is relevant only if the attacker has enough control over the device's USB connection to make power-consumption measurements at a time when secret data is displayed. The side channel is not relevant in other circumstances, such as a stolen device that is not currently displaying secret data.2019-11-021.9CVE-2019-14360
MISC
jitbit -- asp_.net_forumA cross-site scripting (XSS) vulnerability in Jitbit .NET Forum (aka ASP.NET forum) 8.3.8 allows remote attackers to inject arbitrary web script or HTML via the gravatar URL parameter.2019-11-013.5CVE-2019-18636
MISC
MISC
lightbend -- play_frameworkAn issue was discovered in Lightbend Play Framework 2.5.x through 2.6.23. When configured to make requests using an authenticated HTTP proxy, play-ws may sometimes, typically under high load, when connecting to a target host using https, expose the proxy credentials to the target host.2019-11-053.5CVE-2019-17598
MISC
CONFIRM
linux -- linux_kernelIn the Linux kernel through 5.3.8, f->fmt.sdr.reserved is uninitialized in rcar_drif_g_fmt_sdr_cap in drivers/media/platform/rcar_drif.c, which could cause a memory disclosure problem.2019-11-062.1CVE-2019-18786
MISC
linux -- linux_kernelA memory leak in the ql_alloc_large_buffers() function in drivers/net/ethernet/qlogic/qla3xxx.c in the Linux kernel before 5.3.5 allows local users to cause a denial of service (memory consumption) by triggering pci_dma_mapping_error() failures, aka CID-1acb8f2a7a9f.2019-11-072.1CVE-2019-18806
MISC
MISC
magento -- magentoA stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can execute arbitrary JavaScript code by providing arbitrary API endpoint that will not be chcecked by sale pickup event.2019-11-063.5CVE-2019-8138
MISC
magento -- magentoin Magento prior to 1.9.4.3 and Magento prior to 1.14.4.3, an authenticated user with limited administrative privileges can inject arbitrary JavaScript code into transactional email page when creating a new email template or editing existing email template.2019-11-063.5CVE-2019-8228
MISC
magento -- magentoIn Magento prior to 1.9.4.3 and Magento prior to 1.14.4.3, an authenticated user with limited administrative privileges can inject arbitrary JavaScript code via import / export functionality when creating profile action XML.2019-11-063.5CVE-2019-8227
MISC
magento -- magentoA stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can manipulate downloadable link and cause an invocation of error handling that acceses user input without sanitization.2019-11-063.5CVE-2019-8157
MISC
magento -- magentoA stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can inject arbitrary JavaScript code into the attribute set name when listing the products.2019-11-063.5CVE-2019-8145
MISC
magento -- magentoA stored cross-site scripting (XSS) vulnerability exists in Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated admin user can inject arbitrary JavaScript code when creating a content page via page builder.2019-11-063.5CVE-2019-8148
MISC
magento -- magentoA stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can inject arbitrary JavaScript code via customer attribute label.2019-11-063.5CVE-2019-8147
MISC
magento -- magentoA stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can inject arbitrary JavaScript code when adding a new customer attribute for stores.2019-11-063.5CVE-2019-8146
MISC
magento -- magentoA stored cross-site scripting (XSS) vulnerability exists in in Magento 1 prior to 1.9.4.3 and 1.14.4.3, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with access to the wysiwyg editor can abuse the blockDirective() function and inject malicious javascript in the cache of the admin dashboard.2019-11-063.5CVE-2019-8152
MISC
magento -- magentoA stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can exploit it by injecting malicious Javascript into the name of main website.2019-11-063.5CVE-2019-8128
MISC
magento -- magentoA stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can inject arbitrary JavaScript code via title of an order when configuring sales payment methods for a store.2019-11-063.5CVE-2019-8142
MISC
magento -- magentoA stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can craft malicious payload in the template Name field for Email template in the "Design Configuration" dashboard.2019-11-063.5CVE-2019-8132
MISC
magento -- magentoA stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can exploit it by injecting an embedded expression into a translation.2019-11-063.5CVE-2019-8129
MISC
magento -- magentoA stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can inject arbitrary JavaScript code into code field of an inventory source.2019-11-063.5CVE-2019-8131
MISC
magento -- magentoA stored cross-site scripting (XSS) vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. An authenticated user can inject arbitrary Javascript code by manipulating section of a POST request related to customer's email address.2019-11-053.5CVE-2019-8120
MISC
magento -- magentoA stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticates user can inject arbitrary JavaScript code via product view id specification.2019-11-053.5CVE-2019-8117
MISC
magento -- magentoA reflected cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated admin user can inject arbitrary JavaScript code when adding an image for during simple product creation.2019-11-053.5CVE-2019-8115
MISC
magento -- magentoA reflected cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can inject arbitrary JavaScript code via email template preview.2019-11-053.5CVE-2019-8092
MISC
magento -- magentoA stored cross-site scripting (XSS) vulnerability exists in Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can inject arbitrary Javascript code into the dynamic block when invoking page builder on a product.2019-11-063.5CVE-2019-8139
MISC
multiple_vendors -- bind_and_nsd_and_knot_name_serversCache Poisoning issue exists in DNS Response Rate Limiting.2019-11-052.6CVE-2013-5661
MISC
MISC
MISC
oracle -- mysqlMySQL-GUI-tools (mysql-administrator) leaks passwords into process list after with launch of mysql text console2019-11-062.1CVE-2010-4178
MISC
MISC
MISC
MISC
portainer -- portainerPortainer before 1.22.1 has XSS (issue 2 of 2).2019-11-073.5CVE-2019-16878
MISC
portainer -- portainerPortainer before 1.22.1 has XSS (issue 1 of 2).2019-11-073.5CVE-2019-16873
MISC
qualcomm -- multiple_productsWhile deserializing any key blob during key operations, buffer overflow could occur exposing partial key information if any key operations are invoked(Depends on CVE-2018-13907) in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS404, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR11302019-11-062.1CVE-2019-2275
CONFIRM
quest -- kace_systems_management_appliance_server_centerQuest KACE Systems Management Appliance Server Center 9.1.317 has an XSS vulnerability (via an SVG image and HTML file) that allows an authenticated user to execute arbitrary JavaScript in an administrator's browser.2019-11-063.5CVE-2019-13080
MISC
MISC
quest -- kace_systems_management_appliance_server_centerQuest KACE Systems Management Appliance Server Center 9.1.317 has an XSS vulnerability (via the title field in the /common/ticket_associated_tickets.php service desk ticket functionality) that allows an authenticated user to execute arbitrary JavaScript in a service desk user's browser.2019-11-063.5CVE-2019-13081
MISC
MISC
red_hat -- enterprise_linux_7_and_mrg-2The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SG_IO buffer, which may leaking sensitive information to userspace.2019-11-062.1CVE-2014-8181
MISC
red_hat -- virtual_desktop_server_managerInsecure temporary file vulnerability in RedHat vsdm 4.9.6.2019-11-042.1CVE-2013-4280
MISC
MISC
MISC
red_hat -- cloudformsCloudForms stores user passwords in recoverable format2019-11-042.1CVE-2013-4423
MISC
MISC
red_hat -- update_infrastructureRHUI (Red Hat Update Infrastructure) 2.1.3 has world readable PKI entitlement certificates2019-11-042.1CVE-2013-4518
MISC
MISC
redislabs -- redisInsecure temporary file vulnerability in Redis 2.6 related to /tmp/redis.ds.2019-11-013.6CVE-2013-0180
MLIST
MISC
redislabs -- redisInsecure temporary file vulnerability in Redis before 2.6 related to /tmp/redis-%p.vm.2019-11-013.6CVE-2013-0178
MISC
MISC
MISC
MISC
MISC
MISC
rhq -- mongo_db_drift_serverAn insecurity temporary file vulnerability exists in RHQ Mongo DB Drift Server through 2013-09-25 when unpacking zipped files.2019-11-043.6CVE-2013-4374
MISC
MISC
secudos -- domosThe Log module in SECUDOS DOMOS before 5.6 allows XSS.2019-11-023.5CVE-2019-18664
MISC
MISC
shift_cryptosecurity -- bitbox02On SHIFT BitBox02 devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might be able to leverage this behavior to recover confidential secrets such as the PIN and BIP39 mnemonic. Note: BIP39 secrets are not displayed by default on this device. The side channel is relevant only if the attacker has enough control over the device's USB connection to make power-consumption measurements at a time when secret data is displayed. The side channel is not relevant in other circumstances, such as a stolen device that is not currently displaying secret data.2019-11-021.9CVE-2019-18673
MISC
typo3 -- typo3Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the tcemain flash message.2019-11-063.5CVE-2011-4632
MISC
CONFIRM
typo3 -- typo3Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the system extension recycler.2019-11-063.5CVE-2011-4631
MISC
CONFIRM
typo3 -- typo3Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the browse_links wizard.2019-11-063.5CVE-2011-4630
MISC
CONFIRM
typo3 -- typo3Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the admin panel.2019-11-063.5CVE-2011-4629
MISC
CONFIRM
typo3 -- typo3TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS on the Extension Manager.2019-11-043.5CVE-2010-3665
MISC
MISC
CONFIRM
typo3 -- typo3TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS on the backend.2019-11-013.5CVE-2010-3660
MISC
MISC
CONFIRM
Back to top

 

Severity Not Yet Assigned

Primary
Vendor -- Product		DescriptionPublishedCVSS ScoreSource & Patch Info
alsa_project -- alsa-utilsalsa-utils 1.0.19 and later versions allows local users to overwrite arbitrary files via a symlink attack via the /usr/bin/alsa-info and /usr/bin/alsa-info.sh scripts.2019-11-09not yet calculatedCVE-2009-0035
MISC
MISC
MISC
apache -- arrowWhile investigating UBSAN errors in https://github.com/apache/arrow/pull/5365 it was discovered Apache Arrow versions 0.12.0 to 0.14.1, left memory Array data uninitialized when reading RLE null data from parquet. This affected the C++, Python, Ruby and R implementations. The uninitialized memory could potentially be shared if are transmitted over the wire (for instance with Flight) or persisted in the streaming IPC and file formats.2019-11-08not yet calculatedCVE-2019-12410
MLIST
MLIST
MLIST
apache -- arrowIt was discovered that the C++ implementation (which underlies the R, Python and Ruby implementations) of Apache Arrow 0.14.0 to 0.14.1 had a uninitialized memory bug when building arrays with null values in some cases. This can lead to uninitialized memory being unintentionally shared if Arrow Arrays are transmitted over the wire (for instance with Flight) or persisted in the streaming IPC and file formats.2019-11-08not yet calculatedCVE-2019-12408
CONFIRM
MLIST
apache -- cxfApache CXF before 3.3.4 and 3.2.11 does not restrict the number of message attachments present in a given message. This leaves open the possibility of a denial of service type attack, where a malicious user crafts a message containing a very large number of message attachments. From the 3.3.4 and 3.2.11 releases, a default limit of 50 message attachments is enforced. This is configurable via the message property "attachment-max-count".2019-11-06not yet calculatedCVE-2019-12406
CONFIRM
apache -- cxfApache CXF before 3.3.4 and 3.2.11 provides all of the components that are required to build a fully fledged OpenId Connect service. There is a vulnerability in the access token services, where it does not validate that the authenticated principal is equal to that of the supplied clientId parameter in the request. If a malicious client was able to somehow steal an authorization code issued to another client, then they could exploit this vulnerability to obtain an access token for the other client.2019-11-06not yet calculatedCVE-2019-12419
CONFIRM
apache -- impalaIn Apache Impala 2.7.0 to 3.2.0, an authenticated user with access to the IDs of active Impala queries or sessions can interact with those sessions or queries via a specially-constructed request and thereby potentially bypass authorization and audit mechanisms. Session and query IDs are unique and random, but have not been documented or consistently treated as sensitive secrets. Therefore they may be exposed in logs or interfaces. They were also not generated with a cryptographically secure random number generator, so are vulnerable to random number generator attacks that predict future IDs based on past IDs. Impala deployments with Apache Sentry or Apache Ranger authorization enabled may be vulnerable to privilege escalation if an authenticated attacker is able to hijack a session or query from another authenticated user with privileges not assigned to the attacker. Impala deployments with audit logging enabled may be vulnerable to incorrect audit logging as a user could undertake actions that were logged under the name of a different authenticated user. Constructing an attack requires a high degree of technical sophistication and access to the Impala system as an authenticated user.2019-11-05not yet calculatedCVE-2019-10084
MLIST
CONFIRM
apache -- qpid-cppqpid-cpp 1.0 crashes when a large message is sent and the Digest-MD5 mechanism with a security layer is in use .2019-11-09not yet calculatedCVE-2009-5004
MISC
MISC
MISC
MISC
arm -- mbed_osA denial-of-service issue was discovered in the MQTT library in Arm Mbed OS 2017-11-02. The function readMQTTLenString() is called by the function MQTTDeserialize_publish() to get the length and content of the MQTT topic name. In the function readMQTTLenString(), mqttstring->lenstring.len is a part of user input, which can be manipulated. An attacker can simply change it to a larger value to invalidate the if statement so that the statements inside the if statement are skipped, letting the value of mqttstring->lenstring.data default to zero. Later, curn is accessed, which points to mqttstring->lenstring.data. On an Arm Cortex-M chip, the value at address 0x0 is actually the initialization value for the MSP register. It is highly dependent on the actual firmware. Therefore, the behavior of the program is unpredictable from this time on.2019-11-04not yet calculatedCVE-2019-17210
CONFIRM
arm -- mbed_os
 		An integer overflow was discovered in the CoAP library in Arm Mbed OS 5.14.0. The function sn_coap_builder_calc_needed_packet_data_size_2() is used to calculate the required memory for the CoAP message from the sn_coap_hdr_s data structure. Both returned_byte_count and src_coap_msg_ptr->payload_len are of type uint16_t. When added together, the result returned_byte_count can wrap around the maximum uint16_t value. As a result, insufficient buffer space is allocated for the corresponding CoAP message.2019-11-05not yet calculatedCVE-2019-17211
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
arm -- mbed_os
 		Buffer overflows were discovered in the CoAP library in Arm Mbed OS 5.14.0. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse() parses CoAP input linearly using a while loop. Once an option is parsed in a loop, the current point (*packet_data_pptr) is increased correspondingly. The pointer is restricted by the size of the received buffer, as well as by the 0xFF delimiter byte. Inside each while loop, the check of the value of *packet_data_pptr is not strictly enforced. More specifically, inside a loop, *packet_data_pptr could be increased and then dereferenced without checking. Moreover, there are many other functions in the format of sn_coap_parser_****() that do not check whether the pointer is within the bounds of the allocated buffer. All of these lead to heap-based or stack-based buffer overflows, depending on how the CoAP packet buffer is allocated.2019-11-05not yet calculatedCVE-2019-17212
MISC
MISC
MISC
MISC
MISC
MISC
MISC
atlassian -- jira_service_desk_server_and_service_desk_data_centerThe Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before 3.9.17, from 3.10.0 before 3.16.10, from 4.0.0 before 4.2.6, from 4.3.0 before 4.3.5, from 4.4.0 before 4.4.3, and from 4.5.0 before 4.5.1 allows remote attackers with portal access to view arbitrary issues in Jira Service Desk projects via a path traversal vulnerability. Note that when the 'Anyone can email the service desk or raise a request in the portal' setting is enabled, an attacker can grant themselves portal access, allowing them to exploit the vulnerability.2019-11-07not yet calculatedCVE-2019-15004
MISC
MISC
BUGTRAQ
atlassian -- jira_service_desk_server_and_service_desk_data_centerThe Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before 3.9.17, from 3.10.0 before 3.16.10, from 4.0.0 before 4.2.6, from 4.3.0 before 4.3.5, from 4.4.0 before 4.4.3, and from 4.5.0 before 4.5.1 allows remote attackers with portal access to view arbitrary issues in Jira Service Desk projects via authorization bypass. Note that when the 'Anyone can email the service desk or raise a request in the portal' setting is enabled, an attacker can grant themselves portal access, allowing them to exploit the vulnerability.2019-11-07not yet calculatedCVE-2019-15003
MISC
MISC
BUGTRAQ

atlassian -- multiple_products

The Atlassian Troubleshooting and Support Tools plugin prior to version 1.17.2 allows an unprivileged user to initiate periodic log scans and send the results to a user-specified email address due to a missing authorization check. The email message may contain configuration information about the application that the plugin is installed into. A vulnerable version of the plugin is included with Bitbucket Server / Data Center before 6.6.0, Confluence Server / Data Center before 7.0.1, Jira Server / Data Center before 8.3.2, Crowd / Crowd Data Center before 3.6.0, Fisheye before 4.7.2, Crucible before 4.7.2, and Bamboo before 6.10.2.2019-11-08not yet calculatedCVE-2019-15005
MISC
broadcom -- brocade_sannavA vulnerability, in Brocade SANnav versions before v2.0, could allow remote attackers to brute-force a valid session ID. The vulnerability is due to an insufficiently random session ID for several post-authentication actions in the SANnav portal.2019-11-08not yet calculatedCVE-2019-16205
CONFIRM
broadcom -- brocade_sannavPassword-based encryption (PBE) algorithm, of Brocade SANnav versions before v2.0, has a weakness in generating cryptographic keys that may allow an attacker to decrypt passwords used with several services (Radius, TACAS, etc.).2019-11-08not yet calculatedCVE-2019-16208
CONFIRM
broadcom -- brocade_sannav
 		The authentication mechanism, in Brocade SANnav versions before v2.0, logs plaintext account credentials at the ?trace? and the 'debug' logging level; which could allow a local authenticated attacker to access sensitive information.2019-11-08not yet calculatedCVE-2019-16206
CONFIRM

centrify -- authentication_service_and_privilege_elevation_service

The Windows component of Centrify Authentication and Privilege Elevation Services 3.4.0, 3.4.1, 3.4.2, 3.4.3, 3.5.0, 3.5.1 (18.8), 3.5.2 (18.11), and 3.6.0 (19.6) does not properly handle an unspecified exception during use of partially trusted assemblies to serialize input data, which allows attackers to execute arbitrary code inside the Centrify process via (1) a crafted application that makes a pipe connection to the process and sends malicious serialized data or (2) a crafted Microsoft Management Console snap-in control file.2019-11-05not yet calculatedCVE-2019-18631
CONFIRM
ceph -- cephA flaw was found in the Ceph RGW configuration with Beast as the front end handling client requests. An unauthenticated attacker could crash the Ceph RGW server by sending valid HTTP headers and terminating the connection, resulting in a remote denial of service for Ceph RGW clients.2019-11-08not yet calculatedCVE-2019-10222
CONFIRM
MISC
cisco-- fxos_and_nx-os_softwareA vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to view sensitive system files that should be restricted. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to incomplete role-based access control (RBAC) verification. An attacker could exploit this vulnerability by authenticating to the device and issuing a specific CLI diagnostic command with crafted user-input parameters. An exploit could allow the attacker to perform an arbitrary read of a file on the device, and the file may contain sensitive information. The attacker needs valid device credentials to exploit this vulnerability.2019-11-05not yet calculatedCVE-2019-1734
CISCO
clamav -- clamavclamav 0.91.2 suffers from a floating point exception when using ScanOLE2.2019-11-07not yet calculatedCVE-2007-6745
MISC
MISC
MISC
cross-origin_resource_sharing -- cross-origin_resource_sharingIt was found that the Syndesis configuration for Cross-Origin Resource Sharing was set to allow all origins. An attacker could use this lack of protection to conduct phishing attacks and further access unauthorized information.2019-11-08not yet calculatedCVE-2019-14860
CONFIRM
dell_emc -- idrac8Dell EMC iDRAC8 versions prior to 2.70.70.70 and iDRAC9 versions prior to 3.36.36.36 contain an improper authorization vulnerability. A remote authenticated malicious iDRAC user with low privileges may potentially exploit this vulnerability to obtain sensitive information such as password hashes.2019-11-07not yet calculatedCVE-2019-3764
CONFIRM
drupal -- drupalDrupal 6.x before 6.16 uses a user-supplied value in output during site installation which could allow an attacker to craft a URL and perform a cross-site scripting attack.2019-11-07not yet calculatedCVE-2010-2250
MISC
CONFIRM
MLIST
drupal -- drupaldrupal6 version 6.16 has open redirection2019-11-06not yet calculatedCVE-2010-2471
MISC
MISC
MISC
CONFIRM
MLIST
drupal -- drupalLocale module and dependent contributed modules in Drupal 6.x before 6.16 and 5.x before version 5.22 do not sanitize the display of language codes, native and English language names properly which could allow an attacker to perform a cross-site scripting (XSS) attack. This vulnerability is mitigated by the fact that an attacker must have a role with the 'administer languages' permission.2019-11-07not yet calculatedCVE-2010-2472
MISC
CONFIRM
MLIST
drupal -- drupalDrupal 6.x before 6.16 and 5.x before version 5.22 does not properly block users under certain circumstances. A user with an open session that was blocked could maintain their session on the Drupal site despite being blocked.2019-11-07not yet calculatedCVE-2010-2473
MISC
CONFIRM
MLIST
dtc-xen -- dtc-xendtc-xen 0.5.x before 0.5.4 suffers from a race condition where an attacker could potentially get a bash access as xenXX user on the dom0, and then access a potentially reuse an already opened VPS console.2019-11-09not yet calculatedCVE-2009-4011
MISC
MISC
MISC
eclipse -- jettyDump Servlet information leak in jetty before 6.1.22.2019-11-06not yet calculatedCVE-2009-5045
MISC
MISC
MLIST
eclipse -- jettyJSP Dump and Session Dump Servlet XSS in jetty before 6.1.22.2019-11-06not yet calculatedCVE-2009-5046
MISC
MISC
MLIST
energycap -- energycapEscalation of privileges in EnergyCAP 7 through 7.5.6 allows an attacker to access data. If an unauthenticated user clicks on a link on the public dashboard, the resource opens in EnergyCAP with access rights matching the user who created the dashboard.2019-11-08not yet calculatedCVE-2019-18623
CONFIRM
CONFIRM
eyecomms -- eyecmsA mass assignment vulnerability in eyecomms eyeCMS through 2019-10-15 allows any candidate to take over another candidate's account (by also exploiting CVE-2019-17604) via a modified candidate id and an additional password parameter. The outcome is that the password of this other candidate is changed.2019-11-07not yet calculatedCVE-2019-17605
MISC
MISC
eyecomms -- eyecmsAn Insecure Direct Object Reference (IDOR) vulnerability in eyecomms eyeCMS through 2019-10-15 allows any candidate to change other candidates' personal information (first name, last name, email, CV, phone number, and all other personal information) by changing the value of the candidate id (the id parameter).2019-11-07not yet calculatedCVE-2019-17604
MISC
MISC
firegpg -- firegpgFireGPG before 0.6 handle user?s passphrase and decrypted cleartext insecurely by writing pre-encrypted cleartext and the user's passphrase to disk which may result in the compromise of secure communication or a users?s private key.2019-11-08not yet calculatedCVE-2008-7272
MISC
MISC
MISC
gambas -- gambasGambas before 3.4.0 allows remote attackers to move or manipulate directory contents or perform symlink attacks due to the creation of insecure temporary directories.2019-11-07not yet calculatedCVE-2013-1809
MISC
MISC
MISC
MISC
MISC
CONFIRM
gdm3 -- gdm3gdm3 3.14.2 and possibly later has an information leak before screen lock2019-11-05not yet calculatedCVE-2016-1000002
MISC
MISC
MISC
MISC
gitolite -- gitolitegitolite before 1.4.1 does not filter src/ or hooks/ from path names.2019-11-07not yet calculatedCVE-2010-2447
CONFIRM
CONFIRM
CONFIRM
MISC
MLIST
google -- chromeUse after free vulnerability in documentloader in WebKit in Google Chrome before Blink M13 in DocumentWriter::replaceDocument function.2019-11-07not yet calculatedCVE-2011-2353
MISC
MISC
MISC
MISC
google -- chromeIncorrect handling of timer information in Timer.cpp in WebKit in Google Chrome before Blink M13.2019-11-07not yet calculatedCVE-2011-2807
MISC
MISC
google -- chromeWebKit in Google Chrome before Blink M11 contains a bad cast to RenderBlock when anonymous blocks are renderblocks.2019-11-05not yet calculatedCVE-2011-1460
MISC
MISC
MISC
google -- chromeA wrong type is used for a return value from strlen in WebKit in Google Chrome before Blink M12 on 64-bit platforms.2019-11-07not yet calculatedCVE-2011-2337
MISC
MISC
MISC
google -- chromeThe WebKit::WebPluginContainerImpl::handleEvent function in Google Chrome before Blink M11 allows an attacker to cause a denial of service (crash) via the htmlpluginelement.cpp plugin.2019-11-05not yet calculatedCVE-2011-1459
MISC
MISC
MISC
google -- chromeAn Integer Overflow exists in WebKit in Google Chrome before Blink M11 in the macOS WebCore::GraphicsContext::fillRect function.2019-11-06not yet calculatedCVE-2011-1298
MISC
MISC
MISC
google -- chromeAn issue exists in WebKit in Google Chrome before Blink M12. when clearing lists in AnimationControllerPrivate that signal when a hardware animation starts.2019-11-07not yet calculatedCVE-2011-2336
MISC
MISC
MISC
google -- chrome
 		A stale layout root is set as an input element in WebKit in Google Chrome before Blink M13 when a child of a keygen with autofocus is accessed.2019-11-06not yet calculatedCVE-2011-2808
MISC
MISC
MISC
MISC
MISC
MISC
MISC
hibernate -- hibernate_validatorA vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.2019-11-08not yet calculatedCVE-2019-10219
CONFIRM
horde -- groupware_webmail_editionHorde Groupware Webmail Edition has CSRF and XSS when saving search as a virtual address book2019-11-05not yet calculatedCVE-2013-6364
MISC
MISC
MISC
MISC
MISC
MISC
hp -- inkjet_prinitersFor the printers listed a maliciously crafted print file might cause certain HP Inkjet printers to assert. Under certain circumstances, the printer produces a core dump to a local device.2019-11-07not yet calculatedCVE-2019-6337
MISC
hp -- multiple_productsA potential security vulnerability has been identified in multiple HP products and versions which involves possible execution of arbitrary code during boot services that can result in elevation of privilege. The EFI_BOOT_SERVICES structure might be overwritten by an attacker to execute arbitrary SMM (System Management Mode) code. A list of affected products and versions are available in https://support.hp.com/rs-en/document/c06456250.2019-11-05not yet calculatedCVE-2019-16284
CONFIRM
hpe -- nimble_storage_systemsPotential security vulnerabilities have been identified with HPE Nimble Storage systems in multi array group configurations. The vulnerabilities could be remotely exploited by an attacker to gain elevated privileges or disclose information the array. Affected products and versions include: Nimble Storage Hybrid Flash Arrays - 5.1.2.0 and older, 5.0.7.0 and older, 4.5.4.0 and older, and 3.9.1.0 and older Nimble Storage All Flash Arrays - 5.1.2.0 and older, 5.0.7.0 and older, 4.5.4.0 and older, and 3.9.1.0 and older Nimble Storage Secondary Flash Arrays - 5.1.2.0 and older, 5.0.7.0 and older, 4.5.4.0 and older, and 3.9.1.0 and older2019-11-07not yet calculatedCVE-2019-11996
CONFIRM
ibm -- cognos_analyticsIBM Cognos Analytics 11.0 and 11.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or cause the web server to make HTTP requests to arbitrary domains. IBM X-Force ID: 147369.2019-11-09not yet calculatedCVE-2018-1721
XF
CONFIRM
ibm -- cognos_analyticsIBM Cognos Analytics 11.0 and 11.1 could reveal sensitive information to an authenticated user that could be used in future attacks against the system. IBM X-Force ID: 161271.2019-11-09not yet calculatedCVE-2019-4334
XF
CONFIRM
ibm -- cognos_analyticsIBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 170881.2019-11-09not yet calculatedCVE-2019-4645
XF
CONFIRM
ibm -- cognos_controllerIBM Cognos Controller stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 162659.2019-11-09not yet calculatedCVE-2019-4412
XF
CONFIRM
ibm -- cognos_controllerIBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 could allow an authenticated user to obtain sensitive information due to easy to guess session identifier names. IBM X-Force ID: 162658.2019-11-09not yet calculatedCVE-2019-4411
XF
CONFIRM
ibm -- iIBM i 7.2, 7.3, and 7.4 for i is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 163492.2019-11-09not yet calculatedCVE-2019-4450
XF
CONFIRM
ibm -- qradarIBM QRadar 7.3.0 to 7.3.2 Patch 4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 163618.2019-11-09not yet calculatedCVE-2019-4454
XF
CONFIRM
ibm -- qradarIBM QRadar 7.3.0 to 7.3.2 Patch 4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 167239.2019-11-09not yet calculatedCVE-2019-4581
XF
CONFIRM
ibm -- qradarIBM QRadar Advisor 1.0.0 through 2.4.0 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 166205.2019-11-09not yet calculatedCVE-2019-4556
XF
CONFIRM
ibm -- qradarIBM QRadar 7.3.0 to 7.3.2 Patch 4 is vulnerable to incorrect authorization in some components which could allow an authenticated user to obtain sensitive information. IBM X-Force ID: 164430.2019-11-09not yet calculatedCVE-2019-4509
XF
CONFIRM
ibm -- qradarIBM QRadar 7.3.0 to 7.3.2 Patch 4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 163779.2019-11-09not yet calculatedCVE-2019-4470
XF
CONFIRM
intelbras -- wrn_150_devicesAn issue was discovered on Intelbras WRN 150 1.0.17 devices. There is stored XSS in the Service Name tab of the WAN configuration screen, leading to a denial of service (inability to change the configuration).2019-11-07not yet calculatedCVE-2019-17222
MISC
ldap-git-backup -- ldap-git-backupldap-git-backup before 1.0.4 exposes password hashes due to incorrect directory permissions.2019-11-07not yet calculatedCVE-2013-1425
CONFIRM
MISC
MISC
liboping -- libopingliboping 1.3.2 allows users reading arbitrary files upon the local system.2019-11-09not yet calculatedCVE-2009-3614
MISC
MISC
lintian -- lintianLintian before 2.5.12 allows remote attackers to gather information about the "host" system using crafted symlinks.2019-11-07not yet calculatedCVE-2013-1429
MISC
MISC
MISC
MISC
linux -- linux_kernelIn Linux 2.6 before 2.6.23, the TRACE_IRQS_ON function in iret_exc calls a C function without ensuring that the segments are set properly. The kernel's %fs needs to be restored before the call in TRACE_IRQS_ON and before enabling interrupts, so that "current" references work. Without this, "current" used in the window between iret_exc and the middle of error_code where %fs is reset, would crash.2019-11-07not yet calculatedCVE-2007-3732
MISC
MISC
MISC
magento -- magentoInsecure authentication and session management vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An unauthenticated user can append arbitrary session id that will not be invalidated by subsequent authentication.2019-11-06not yet calculatedCVE-2019-8149
MISC
magento -- magentoA remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with privileges to modify product catalogs can trigger PHP file inclusion through a crafted XML file that specifies product design update.2019-11-06not yet calculatedCVE-2019-8154
MISC
mahara -- maharaCross-site Scripting (XSS) in Mahara before 1.5.9 and 1.6.x before 1.6.4 allows remote attackers to inject arbitrary web script or HTML via the TinyMCE editor.2019-11-07not yet calculatedCVE-2013-1426
CONFIRM
CONFIRM
MISC
makepasswd -- makepasswdmakepasswd 1.10 default settings generate insecure passwords2019-11-06not yet calculatedCVE-2010-2247
MISC
MISC
mantisbt -- mantisbtMantisBT 1.2.x before 1.2.2 insecurely handles attachments and MIME types. Arbitrary inline attachment rendering could lead to cross-domain scripting or other browser attacks.2019-11-09not yet calculatedCVE-2009-2802
CONFIRM
CONFIRM
MISC
matrix -- synapseMatrix Synapse before 1.5.0 mishandles signature checking on some federation APIs. Events sent over /send_join, /send_leave, and /invite may not be correctly signed, or may not come from the expected servers.2019-11-08not yet calculatedCVE-2019-18835
MISC
MISC
medtronic -- valleylab_exchange_client_serverMedtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform (VLFT10GEN) software version 4.0.0 and below, and Valleylab FX8 Energy Platform (VLFX8GEN) software version 1.1.0 and below use the descrypt algorithm for OS password hashing. While interactive, network-based logons are disabled, and attackers can use the other vulnerabilities within this report to obtain local shell access and access these hashes.2019-11-08not yet calculatedCVE-2019-13539
MISC
medtronic -- valleylab_exchange_client_serverMedtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform (VLFT10GEN) software version 4.0.0 and below, and Valleylab FX8 Energy Platform (VLFX8GEN) software version 1.1.0 and below use multiple sets of hard-coded credentials. If discovered, they can be used to read files on the device.2019-11-08not yet calculatedCVE-2019-13543
MISC
medtronic -- valleylab_ft10_energy_platformIn Medtronic Valleylab FT10 Energy Platform (VLFT10GEN) version 2.1.0 and lower and version 2.0.3 and lower, and Valleylab LS10 Energy Platform (VLLS10GEN?not available in the United States) version 1.20.2 and lower, the RFID security mechanism used for authentication between the FT10/LS10 Energy Platform and instruments can be bypassed, allowing for inauthentic instruments to connect to the generator.2019-11-08not yet calculatedCVE-2019-13531
MISC
medtronic -- valleylab_ft10_energy_platformIn Medtronic Valleylab FT10 Energy Platform (VLFT10GEN) version 2.1.0 and lower and version 2.0.3 and lower, and Valleylab LS10 Energy Platform (VLLS10GEN?not available in the United States) version 1.20.2 and lower, the RFID security mechanism does not apply read protection, allowing for full read access of the RFID security mechanism data.2019-11-08not yet calculatedCVE-2019-13535
MISC
mesa_3d -- mesa_3d_graphics_libraryAn exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability.2019-11-05not yet calculatedCVE-2019-5068
MISC
mod_ruid2 -- mod_ruid2mod_ruid2 before 0.9.8 improperly handles file descriptors which allows remote attackers to bypass security using a CGI script to break out of the chroot.2019-11-08not yet calculatedCVE-2013-1889
MISC
MISC
MISC
CONFIRM
monkeyd -- monkeydThe web server Monkeyd produces a world-readable log (/var/log/monkeyd/master.log) on gentoo.2019-11-07not yet calculatedCVE-2013-1771
MISC
MISC
nvidia -- geforce_experienceNVIDIA GeForce Experience, all versions prior to 3.20.1, contains a vulnerability when GameStream is enabled in which an attacker with local system access can load the Intel graphics driver DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service, information disclosure, or escalation of privileges through code execution.2019-11-09not yet calculatedCVE-2019-5701
CONFIRM
nvidia -- geforce_experienceNVIDIA GeForce Experience, all versions prior to 3.20.1, contains a vulnerability in the Downloader component in which a user with local system access can craft input that may allow malicious files to be downloaded and saved. This behavior may lead to code execution, denial of service, or information disclosure.2019-11-09not yet calculatedCVE-2019-5689
CONFIRM
nvidia -- virtual_gpu_managerNVIDIA Virtual GPU Manager, all versions, contains a vulnerability in which it may grant a guest access to memory that it does not own, which may lead to information disclosure or denial of service.2019-11-09not yet calculatedCVE-2019-5697
CONFIRM
nvidia -- virtual_gpu_managerNVIDIA Virtual GPU Manager, all versions, contains a vulnerability in which the provision of an incorrectly sized buffer by a guest VM leads to GPU out-of-bound access, which may lead to a denial of service.2019-11-09not yet calculatedCVE-2019-5696
CONFIRM
nvidia -- virtual_gpu_managerNVIDIA Virtual GPU Manager, all versions, contains a vulnerability in the vGPU plugin, in which an input index value is incorrectly validated, which may lead to denial of service.2019-11-09not yet calculatedCVE-2019-5698
CONFIRM
nvidia -- windows_gpu_display_driverNVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) in which the program accesses or uses a pointer that has not been initialized, which may lead to denial of service.2019-11-09not yet calculatedCVE-2019-5693
CONFIRM
nvidia -- windows_gpu_display_driverNVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the size of an input buffer is not validated, which may lead to denial of service or escalation of privileges.2019-11-09not yet calculatedCVE-2019-5690
CONFIRM
nvidia -- windows_gpu_display_driverNVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the product uses untrusted input when calculating or using an array index, which may lead to escalation of privileges or denial of service.2019-11-09not yet calculatedCVE-2019-5692
CONFIRM
nvidia -- windows_gpu_display_driverNVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in NVIDIA Control Panel in which it incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution. The attacker requires local system access.2019-11-09not yet calculatedCVE-2019-5694
MISC
nvidia -- windows_gpu_display_driver
 		NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which a NULL pointer is dereferenced, which may lead to denial of service or escalation of privileges.2019-11-09not yet calculatedCVE-2019-5691
CONFIRM
openstack -- mistralAn information-exposure vulnerability was discovered where openstack-mistral's undercloud log files containing clear-text information were made world readable. A malicious system user could exploit this flaw to access sensitive user information.2019-11-08not yet calculatedCVE-2019-3866
CONFIRM
patriot -- viper_rgbThe MsIo64.sys and MsIo32.sys drivers in Patriot Viper RGB before 1.1 allow local users (including low integrity processes) to read and write to arbitrary memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, by mapping \Device\PhysicalMemory into the calling process via ZwOpenSection and ZwMapViewOfSection.2019-11-09not yet calculatedCVE-2019-18845
MISC
philips -- tasy_emrIn Tasy EMR, Tasy WebPortal Versions 3.02.1757 and prior, there is an information exposure vulnerability which may allow a remote attacker to access system and configuration information.2019-11-08not yet calculatedCVE-2019-13557
MISC
phpoffice -- phpspreadsheetPHPOffice PhpSpreadsheet before 1.8.0 has an XXE issue. The XmlScanner decodes the sheet1.xml from an .xlsx to utf-8 if something else than UTF-8 is declared in the header. This was a security measurement to prevent CVE-2018-19277 but the fix is not sufficient. By double-encoding the the xml payload to utf-7 it is possible to bypass the check for the string ?<!ENTITY? and thus allowing for an xml external entity processing (XXE) attack.2019-11-07not yet calculatedCVE-2019-12331
CONFIRM
MISC
python_packaging_authority -- python_package_installerThe mirroring support (-M, --use-mirrors) in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks.2019-11-05not yet calculatedCVE-2013-5123
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
rapid7 -- metasploit_proRapid7 Metasploit Pro version 4.16.0-2019081901 and prior suffers from an instance of CWE-732, wherein the unique server.key is written to the file system during installation with world-readable permissions. This can allow other users of the same system where Metasploit Pro is installed to intercept otherwise private communications to the Metasploit Pro web interface.2019-11-06not yet calculatedCVE-2019-5642
CONFIRM
red_hat -- 389_directory_serverA flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes.2019-11-08not yet calculatedCVE-2019-14824
CONFIRM
red_hat -- enterprise_linux_5frysk packages through 2008-08-05 as shipped in Red Hat Enterprise Linux 5 are built with an insecure RPATH set in the ELF header of multiple binaries in /usr/bin/f* (e.g. fcore, fcatch, fstack, fstep, ...) shipped in the package. A local attacker can exploit this vulnerability by running arbitrary code as another user.2019-11-07not yet calculatedCVE-2008-3278
MISC
MISC
MISC
red_hat -- jboss_operations_networkIn JON 2.1.x before 2.1.2 SP1, users can obtain unauthorized security information about private resources managed by JBoss ON.2019-11-08not yet calculatedCVE-2008-5083
MISC
MISC
red_hat -- tunedtuned before 2.x allows local users to kill running processes due to insecure permissions with tuned's ktune service.2019-11-08not yet calculatedCVE-2013-1820
MISC
MISC
MISC
red_hat -- virtualization_managerIn RHEV-M VDC 2.2.0, it was found that the SSL certificate was not verified when using the client-side Red Hat Enterprise Virtualization Manager interface (a Windows Presentation Foundation (WPF) XAML browser application) to connect to the Red Hat Enterprise Virtualization Manager. An attacker on the local network could use this flaw to conduct a man-in-the-middle attack, tricking the user into thinking they are viewing the Red Hat Enterprise Virtualization Manager when the content is actually attacker-controlled, or modifying actions a user requested Red Hat Enterprise Virtualization Manager to perform.2019-11-09not yet calculatedCVE-2009-3552
MISC
MISC
BUGTRAQ
samba -- sambaA flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for password complexity. This configuration can fail to verify password complexity when non-ASCII characters are used in the password, which could lead to weak passwords being set for samba users, making it vulnerable to dictionary attacks.2019-11-06not yet calculatedCVE-2019-14833
SUSE
CONFIRM
MISC
samba -- sambaA flaw was found in the samba client, all samba versions before samba 4.11.2, 4.10.10 and 4.9.15, where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB network pathnames. An attacker could use this vulnerability to create files outside of the current working directory using the privileges of the client user.2019-11-06not yet calculatedCVE-2019-10218
SUSE
CONFIRM
MISC
samsung -- multiple_productsSamsung Galaxy S8 plus (Android version: 8.0.0, Build Number: R16NW.G955USQU5CRG3, Baseband Vendor: Qualcomm Snapdragon 835, Baseband: G955USQU5CRG3), Samsung Galaxy S3 (Android version: 4.3, Build Number: JSS15J.I9300XXUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: I9300XXUGNA8), and Samsung Galaxy Note 2 (Android version: 4.3, Build Number: JSS15J.I9300XUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: N7100DDUFND1) devices allow injection of AT+CIMI and AT+CGSN over Bluetooth, leaking sensitive information such as IMSI, IMEI, call status, call setup stage, internet service status, signal strength, current roaming status, battery level, and call held status.2019-11-06not yet calculatedCVE-2019-16401
MISC
samsung -- multiple_productsSamsung Galaxy S8 plus (Android version: 8.0.0, Build Number: R16NW.G955USQU5CRG3, Baseband Vendor: Qualcomm Snapdragon 835, Baseband: G955USQU5CRG3), Samsung Galaxy S3 (Android version: 4.3, Build Number: JSS15J.I9300XXUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: I9300XXUGNA8), and Samsung Galaxy Note 2 (Android version: 4.3, Build Number: JSS15J.I9300XUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: N7100DDUFND1) devices allow attackers to send AT commands over Bluetooth, resulting in several Denial of Service (DoS) attacks.2019-11-06not yet calculatedCVE-2019-16400
MISC
shibboleth -- shibboleth_service_providerThe keygen.sh script in Shibboleth SP 2.0 (located in /usr/local/etc/shibboleth by default) uses OpenSSL to create a DES private key which is placed in sp-key.pm. It relies on the root umask (default 22) instead of chmoding the resulting file itself, so the generated private key is world readable by default.2019-11-07not yet calculatedCVE-2010-2450
MISC
MISC
CONFIRM
simplesamlphp -- simplesamlphpRob Richards XmlSecLibs, all versions prior to v3.0.3, as used for example by SimpleSAMLphp, performed incorrect validation of cryptographic signatures in XML messages, allowing an authenticated attacker to impersonate others or elevate privileges by creating a crafted XML message.2019-11-07not yet calculatedCVE-2019-3465
MISC
MLIST
BUGTRAQ
MISC
DEBIAN
simplesamlphp -- simplesamlphpsimplesamlphp before 1.6.3 (squeeze) and before 1.8.2 (sid) incorrectly handles XML encryption which could allow remote attackers to decrypt or forge messages.2019-11-06not yet calculatedCVE-2011-4625
MISC
MISC
strapi -- strapistrapi before 3.0.0-beta.17.5 mishandles password resets within packages/strapi-admin/controllers/Auth.js and packages/strapi-plugin-users-permissions/controllers/Auth.js.2019-11-07not yet calculatedCVE-2019-18818
MISC
MISC
MISC
syscp -- syscpsyscp 1.4.2.1 allows attackers to add arbitrary paths via the documentroot of a domain by appending a colon to it and setting the open basedir path to use that domain documentroot.2019-11-07not yet calculatedCVE-2010-2476
MISC
MISC
MLIST
tahoe-lafs -- tahoe-lafsTahoe-LAFS 1.9.0 fails to ensure integrity which allows remote attackers to corrupt mutable files or directories upon retrieval.2019-11-07not yet calculatedCVE-2012-0051
MISC
MISC
MISC
MISC
MISC
CONFIRM

termpkg -- termpkg

termpkg 3.3 suffers from buffer overflow.2019-11-06not yet calculatedCVE-2006-3100
MISC
MISC
tmaxsoft -- jeusJEUS 7 Fix#0~5 and JEUS 8Fix#0~1 versions contains a directory traversal vulnerability caused by improper input parameter check when uploading installation file in administration web page. That leads remote attacker to execute arbitrary code via uploaded file.2019-11-08not yet calculatedCVE-2019-17327
MISC
veritas -- multiple_productsAn arbitrary command injection vulnerability in the Cluster Server component of Veritas InfoScale allows an unauthenticated remote attacker to execute arbitrary commands as root or administrator. These Veritas products are affected: Access 7.4.2 and earlier, Access Appliance 7.4.2 and earlier, Flex Appliance 1.2 and earlier, InfoScale 7.3.1 and earlier, InfoScale between 7.4.0 and 7.4.1, Veritas Cluster Server (VCS) 6.2.1 and earlier on Linux/UNIX, Veritas Cluster Server (VCS) 6.1 and earlier on Windows, Storage Foundation HA (SFHA) 6.2.1 and earlier on Linux/UNIX, and Storage Foundation HA (SFHA) 6.1 and earlier on Windows.2019-11-05not yet calculatedCVE-2019-18780
MISC
MISC
MISC
MISC
viber -- viberViber through 11.7.0.5 allows a remote attacker who can capture a victim's internet traffic to steal their Viber account, because not all Viber protocol traffic is encrypted. TCP data packet 9 on port 4244 from the victim's device contains cleartext information such as the device model and OS version, IMSI, and 16 bytes of udid in a binary format, which is located at approximately offset 0x40 of this packet. Then, the attacker installs Viber on his device, initiates the registration process for any phone number, but doesn't enter a pin from SMS. Instead, he closes Viber. Next, the attacker rewrites his udid with the victim's udid, modifying the viber_udid file, which is located in the Viber preferences folder. (The udid is stored in a hexadecimal format.) Finally, the attacker starts Viber again and enters the pin from SMS.2019-11-06not yet calculatedCVE-2019-18800
MISC
wolfssl -- wolfsslIn wolfSSL 4.1.0 through 4.2.0c, there are missing sanity checks of memory accesses in parsing ASN.1 certificate data while handshaking. Specifically, there is a one-byte heap-based buffer overflow inside the DecodedCert structure in GetName in wolfcrypt/src/asn.c because the domain name location index is mishandled. Because a pointer is overwritten, there is an invalid free.2019-11-09not yet calculatedCVE-2019-18840
MISC
wordpress -- wordpressA CSV injection in the codepress-admin-columns (aka Admin Columns) plugin 3.4.6 for WordPress allows malicious users to gain remote control of other computers. By choosing formula code as his first or last name, an attacker can create a user with a name that contains malicious code. Other users might download this data as a CSV file and corrupt their PC by opening it in a tool such as Microsoft Excel. The attacker could gain remote access to the user's PC.2019-11-08not yet calculatedCVE-2019-17661
MISC
zte -- mf910s_routerSecurity researcher Shen Ying from the Sec Consult Security Lab reported an information disclosure vulnerability in MF910S product to ZTE PSIRT in October 2019. Through the analysis of related product team, the information disclosure vulnerability is confirmed. The MF910S product's one-click upgrade tool can obtain the Telnet remote login password in the reverse way. If Telnet is opened, the attacker can remotely log in to the device through the cracked password, resulting in information leakage. The MF910S was end of service on October 23, 2019, ZTE recommends users to choose new products for the purpose of better security.2019-11-07not yet calculatedCVE-2019-3422
CONFIRM
zte -- zxupn-9000eThe 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by the input validation vulnerability. An attacker could exploit this vulnerability for unauthorized operations.2019-11-08not yet calculatedCVE-2019-3426
CONFIRM
zte -- zxupn-9000eThe 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by vulnerability of permission and access control. An attacker could exploit this vulnerability to directly reset or change passwords of other accounts.2019-11-08not yet calculatedCVE-2019-3425
CONFIRM
Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

Microsoft Releases November 2019 Security Updates

November 12, 2019, 10:58 am
$
0
0
Original release date: November 12, 2019

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s November 2019 Security Update Summary and Deployment Information and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Intel Releases Security Updates

November 12, 2019, 11:00 am
$
0
0
Original release date: November 12, 2019 | Last revised: November 13, 2019

Intel has released security updates to address vulnerabilities in multiple products. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Intel advisories and apply the necessary updates:

For updates addressing medium severity vulnerabilities, see the Intel technology blog.

This product is provided subject to this Notification and this Privacy & Use policy.

Adobe Releases Security Updates

November 12, 2019, 11:05 am
$
0
0
Original release date: November 12, 2019

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

VMware Releases Security Updates

November 12, 2019, 1:09 pm
$
0
0
Original release date: November 12, 2019

VMware has released security updates to address vulnerabilities in ESXi, Workstation, and Fusion. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisories VMSA-2019-0020 and VMSA-2019-0021 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

NCSC-NZ Releases Annual Cyber Threat Report

November 14, 2019, 8:01 am
$
0
0
Original release date: November 14, 2019

The New Zealand National Cyber Security Centre (NCSC-NZ) has released their annual report detailing cyber threats and incidents affecting New Zealand from July 2018 to June 2019. During this period, NCSC-NZ recorded an increase in the severity of cybersecurity incidents—particularly from state-sponsored threat actors. NCSC-NZ provides enhanced cybersecurity services to New Zealand Government and organizations of national significance against cybersecurity threats.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators to review the NCSC Cyber Threat Report for more information.

This product is provided subject to this Notification and this Privacy & Use policy.

Reminder: Malware Can Exploit Improper Configurations

November 15, 2019, 9:19 am
$
0
0
Original release date: November 15, 2019

Protect yourself from unwanted—and potentially harmful—files or programs by adhering to vendor-recommended configurations for hardware and software. Doing so in addition to maintaining regular patch maintenance, will help give your systems and networks the best security possible.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following tips and guidance:

This product is provided subject to this Notification and this Privacy & Use policy.

Search

Vulnerability Summary for the Week of November 11, 2019

November 18, 2019, 12:45 am
$
0
0
Original release date: November 18, 2019

The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

  

High Vulnerabilities

Primary
Vendor -- Product		DescriptionPublishedCVSS ScoreSource & Patch Info
au_optronics -- sunveillance_monitoring_system
 		An issue was discovered in Picture_Manage_mvc.aspx in AUO SunVeillance Monitoring System before v1.1.9e. There is an incorrect access control vulnerability that can allow an unauthenticated user to upload files via a modified authority parameter.2019-11-127.5CVE-2019-12719
MISC
MISC
belkin -- n900_db_wireless_routerSymlink Traversal vulnerability in Belkin N900 due to misconfiguration in the SMB service.2019-11-137.8CVE-2013-4655
MISC
MISC
MISC
broadcom -- wi-fi_driver
 		In the Broadcom Wi-Fi driver, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-1303751822019-11-137.5CVE-2019-9466
MISC
chartkick_gem_for_ruby_on_rails -- chartkick_gem_for_ruby_on_railsChartkick.js 3.1.0 through 3.1.3, as used in the Chartkick gem before 3.3.0 for Ruby, allows prototype pollution.2019-11-117.5CVE-2019-18841
MISC
MISC
MISC
CONFIRM
MISC
MISC
d-link -- multiple_routers
 		Certain D-Link devices have a hardcoded Alphanetworks user account with TELNET access because of /etc/config/image_sign or /etc/alpha_config/image_sign. This affects DIR-600 B1 V2.01 for WW, DIR-890L A1 v1.03, DIR-615 J1 v100 (for DCN), DIR-645 A1 v1.03, DIR-815 A1 v1.01, DIR-823 A1 v1.01, and DIR-842 C1 v3.00.2019-11-1110CVE-2019-18852
MISC
elgg_foundation -- elgg
 		Elgg through 1.7.10 has a SQL injection vulnerability2019-11-127.5CVE-2011-2936
REDHAT
MISC
DEBIAN
energycap -- energycap
 		Escalation of privileges in EnergyCAP 7 through 7.5.6 allows an attacker to access data. If an unauthenticated user clicks on a link on the public dashboard, the resource opens in EnergyCAP with access rights matching the user who created the dashboard.2019-11-087.5CVE-2019-18623
CONFIRM
CONFIRM
enghouse_interactive -- web_chat
 		An SSRF issue was discovered in Enghouse Web Chat 6.1.300.31. In any POST request, one can replace the port number at WebServiceLocation=http://localhost:8085/UCWebServices/ with a range of ports to determine what is visible on the internal network (as opposed to what general web traffic would see on the product's host). The response from open ports is different than from closed ports. The product does not allow one to change the protocol: anything except http(s) will throw an error; however, it is the type of error that allows one to determine if a port is open or not.2019-11-137.5CVE-2019-16948
MISC
fudforum -- fudforum
 		FUDForum 3.0.9 is vulnerable to Stored XSS via the User-Agent HTTP header. This may result in remote code execution. An attacker can use a user account to fully compromise the system via a GET request. When the admin visits user information under "User Manager" in the control panel, the payload will execute. This will allow for PHP files to be written to the web root, and for code to execute on the remote server. The problem is in admsession.php and admuser.php.2019-11-128.5CVE-2019-18873
MISC
MISC
fudforum -- fudforum
 		FUDForum 3.0.9 is vulnerable to Stored XSS via the nlogin parameter. This may result in remote code execution. An attacker can use a user account to fully compromise the system using a POST request. When the admin visits the user information, the payload will execute. This will allow for PHP files to be written to the web root, and for code to execute on the remote server.2019-11-138.5CVE-2019-18839
MISC
MISC
gnome -- gdk-pixbuf
 		gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing decompression tables due to an input validation flaw2019-11-127.5CVE-2011-2897
MISC
MISC
MISC
google -- android

 		In createProjectionMapForQuery of TvProvider.java, there is possible SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-1352696692019-11-137.8CVE-2019-2211
MISC
google -- android
 		In rw_i93_sm_set_read_only of rw_i93.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-1391885792019-11-139.3CVE-2019-2206
MISC
google -- android
 		In nfa_hci_handle_admin_gate_rsp of nfa_hci_act.cc, there is a possible out of bound write due to missing bounds checks. This could lead to local escalation of privilege with system execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-1245243152019-11-137.2CVE-2019-2207
MISC
google -- android
 		In tokenize of sqlite3_android.cpp, there is a possible attacker controlled INSERT statement due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-1391861932019-11-137.2CVE-2019-2195
MISC
google -- android
 		In okToConnect of HidHostService.java, there is a possible permission bypass due to an incorrect state check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-797038322019-11-1310CVE-2019-2036
MISC
google -- android
 		In FindSharedFunctionInfo of objects.cc, there is a possible out of bounds read due to a mistake in AST traversal. This could lead to remote code execution in the pacprocessor with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9Android ID: A-1384422952019-11-1310CVE-2019-2204
MISC
google -- android
 		In ProxyResolverV8::SetPacScript of proxy_resolver_v8.cc, there is a possible memory corruption due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-1398062162019-11-1310CVE-2019-2205
MISC
google -- android
 		In getUserCount and getCount of UserSwitcherController.java, there is possible new user creation due to a logic error. This could lead to local escalation of privilege for an attacker who has physical access to the device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-1404865292019-11-137.2CVE-2019-2233
MISC
google -- android
 		In binder_transaction of binder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-136210786References: Upstream kernel2019-11-137.2CVE-2019-2214
MISC
google -- android
 		In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-1373707772019-11-137.2CVE-2019-2203
MISC
google -- android
 		In load_logging_config of qmi_vs_service.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-1391484422019-11-137.2CVE-2019-2210
MISC
google -- android
 		In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-1372833762019-11-137.2CVE-2019-2202
MISC
google -- android
 		In createSessionInternal of PackageInstallerService.java, there is a possible permissions bypass. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-1386506652019-11-137.2CVE-2019-2199
MISC
google -- android
 		In WelcomeActivity.java and related files, there is a possible permissions bypass due to a partially provisioned Device Policy Client. This could lead to local escalation of privilege, leaving an Admin app installed with no indication to the user, with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-1322610642019-11-137.2CVE-2019-2193
MISC
google -- android
 		In the Bootloader, there is a possible kernel command injection due to missing command sanitization. This could lead to a local elevation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-803169102019-11-137.2CVE-2019-9467
MISC
google -- android
 		In call of SliceProvider.java, there is a possible permissions bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-1384415552019-11-137.2CVE-2019-2192
MISC
google -- android
 		There is a possible out of bounds read in v8 JIT code due to a bug in code generation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9Android ID: A-1384419192019-11-137.8CVE-2019-2208
MISC
google -- android
 		In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-1205513382019-11-139.3CVE-2019-2201
MISC
UBUNTU
helm -- helmIn Helm 2.x before 2.15.2, commands that deal with loading a chart as a directory or packaging a chart provide an opportunity for a maliciously designed chart to include sensitive content such as /etc/passwd, or to execute a denial of service (DoS) via a special file such as /dev/urandom, via symlinks. No version of Tiller is known to be impacted. This is a client-only issue.2019-11-127.5CVE-2019-18658
MISC
lenovo -- multiple_thinkpadsA potential vulnerability in some Lenovo ThinkPads may allow an attacker to execute arbitrary code under SMM under certain circumstances.2019-11-127.5CVE-2019-6170
MISC
lenovo -- multiple_thinkpads
 		A potential vulnerability in the SMI callback function in some Lenovo ThinkPad models may allow arbitrary code execution2019-11-127.5CVE-2019-6172
MISC
libpoe-component-irc-perl -- libpoe-component-irc-perl
 		libpoe-component-irc-perl before v6.32 does not remove carriage returns and line feeds. This can be used to execute arbitrary IRC commands by passing an argument such as "some text\rQUIT" to the 'privmsg' handler, which would cause the client to disconnect from the server.2019-11-127.5CVE-2010-3438
MISC
MISC
MISC
matrix-org -- synapse
 		Matrix Synapse before 1.5.0 mishandles signature checking on some federation APIs. Events sent over /send_join, /send_leave, and /invite may not be correctly signed, or may not come from the expected servers.2019-11-087.5CVE-2019-18835
MISC
MISC

medtronic -- valleylab_exchange_client_and_valleylab_ft10_and_fx8_energy_platform

Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform (VLFT10GEN) software version 4.0.0 and below, and Valleylab FX8 Energy Platform (VLFX8GEN) software version 1.1.0 and below use the descrypt algorithm for OS password hashing. While interactive, network-based logons are disabled, and attackers can use the other vulnerabilities within this report to obtain local shell access and access these hashes.2019-11-087.2CVE-2019-13539
MISC
microsoft -- chakracore_and_edgeA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1428, CVE-2019-1429.2019-11-127.6CVE-2019-1427
MISC
microsoft -- chakracore_and_edge
 		A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1427, CVE-2019-1429.2019-11-127.6CVE-2019-1428
MISC
microsoft -- chakracore_and_edge
 		A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1427, CVE-2019-1428, CVE-2019-1429.2019-11-127.6CVE-2019-1426
MISC
microsoft -- exchange_server_2013_and_2016_and_2019
 		A remote code execution vulnerability exists in Microsoft Exchange through the deserialization of metadata via PowerShell, aka 'Microsoft Exchange Remote Code Execution Vulnerability'.2019-11-127.5CVE-2019-1373
MISC
microsoft -- internet_explorer_9_and_10_and_11
 		A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1427, CVE-2019-1428.2019-11-127.6CVE-2019-1429
MISC
microsoft -- internet_explorer_9_and_10_and_11
 		A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'.2019-11-127.6CVE-2019-1390
MISC
microsoft -- multiple_productsAn elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges, aka 'Windows Certificate Dialog Elevation of Privilege Vulnerability'.2019-11-127.2CVE-2019-1388
MISC
MISC
microsoft -- multiple_products

 		A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0721.2019-11-129CVE-2019-0719
MISC
microsoft -- multiple_products
 		An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1407, CVE-2019-1433, CVE-2019-1437, CVE-2019-1438.2019-11-127.2CVE-2019-1435
MISC
microsoft -- multiple_products
 		A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'.2019-11-129.3CVE-2019-1406
MISC
microsoft -- multiple_products
 		A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1389, CVE-2019-1398.2019-11-127.7CVE-2019-1397
MISC
microsoft -- multiple_products
 		An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'.2019-11-127.2CVE-2019-1392
MISC
microsoft -- multiple_products
 		A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1397, CVE-2019-1398.2019-11-127.7CVE-2019-1389
MISC
microsoft -- multiple_products
 		An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1393, CVE-2019-1395, CVE-2019-1396, CVE-2019-1408, CVE-2019-1434.2019-11-127.2CVE-2019-1394
MISC
MISC
microsoft -- multiple_products
 		An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1393, CVE-2019-1394, CVE-2019-1396, CVE-2019-1408, CVE-2019-1434.2019-11-127.2CVE-2019-1395
MISC
MISC
microsoft -- multiple_products
 		An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1393, CVE-2019-1394, CVE-2019-1395, CVE-2019-1396, CVE-2019-1408.2019-11-127.2CVE-2019-1434
MISC
microsoft -- multiple_products
 		An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1393, CVE-2019-1394, CVE-2019-1395, CVE-2019-1408, CVE-2019-1434.2019-11-127.2CVE-2019-1396
MISC
MISC
microsoft -- multiple_products
 		An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1407, CVE-2019-1435, CVE-2019-1437, CVE-2019-1438.2019-11-127.2CVE-2019-1433
MISC
microsoft -- multiple_products
 		An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1393, CVE-2019-1394, CVE-2019-1395, CVE-2019-1396, CVE-2019-1434.2019-11-127.2CVE-2019-1408
MISC
MISC
microsoft -- multiple_products
 		An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1407, CVE-2019-1433, CVE-2019-1435, CVE-2019-1437.2019-11-127.2CVE-2019-1438
MISC
microsoft -- multiple_products
 		An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1433, CVE-2019-1435, CVE-2019-1437, CVE-2019-1438.2019-11-127.2CVE-2019-1407
MISC
microsoft -- multiple_products
 		An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly allows COM object creation, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'.2019-11-127.2CVE-2019-1405
MISC
microsoft -- multiple_products
 		A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.2019-11-129.3CVE-2019-1448
MISC
microsoft -- multiple_products
 		An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1394, CVE-2019-1395, CVE-2019-1396, CVE-2019-1408, CVE-2019-1434.2019-11-127.2CVE-2019-1393
MISC
MISC
microsoft -- office_2019_and_office_365_proplus
 		A security feature bypass vulnerability exists in the way that Office Click-to-Run (C2R) components handle a specially crafted file, which could lead to a standard user, any AppContainer sandbox, and Office LPAC Protected View to escalate privileges to SYSTEM.To exploit this bug, an attacker would have to run a specially crafted file, aka 'Microsoft Office ClickToRun Security Feature Bypass Vulnerability'.2019-11-1210CVE-2019-1449
MISC
microsoft -- windows_10_and_windows_serverA remote code execution vulnerability exists when Windows Media Foundation improperly parses specially crafted QuickTime media files.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'Microsoft Windows Media Foundation Remote Code Execution Vulnerability'.2019-11-129.3CVE-2019-1430
MISC
microsoft -- windows_10_and_windows_server_2019_and_windows_server
 		An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1407, CVE-2019-1433, CVE-2019-1435, CVE-2019-1438.2019-11-127.2CVE-2019-1437
MISC
microsoft -- windows_10_and_windows_server_2019_and_windows_server
 		A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0719.2019-11-129CVE-2019-0721
MISC
microsoft -- windows_10_and_windows_server_2019_and_windows_server
 		A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1389, CVE-2019-1397.2019-11-127.7CVE-2019-1398
MISC
microsoft -- windows_7_and_windows_server_2008A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Win32k Graphics Remote Code Execution Vulnerability'.2019-11-129.3CVE-2019-1441
MISC
MISC
nvidia -- windows_gpu_display_driver
 		NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the product uses untrusted input when calculating or using an array index, which may lead to escalation of privileges or denial of service.2019-11-097.2CVE-2019-5692
CONFIRM
nvidia -- windows_gpu_display_driver
 		NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which a NULL pointer is dereferenced, which may lead to denial of service or escalation of privileges.2019-11-097.2CVE-2019-5691
CONFIRM
nvidia -- windows_gpu_display_driver
 		NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the size of an input buffer is not validated, which may lead to denial of service or escalation of privileges.2019-11-097.2CVE-2019-5690
CONFIRM
offlineimap -- offlineimap
 		offlineimap before 6.3.4 added support for SSL server certificate validation but it is still possible to use SSL v2 protocol, which is a flawed protocol with multiple security deficiencies.2019-11-137.5CVE-2010-4533
MISC
MISC
MISC
MISC
MISC
sibsoft -- xfilesharingSibSoft Xfilesharing through 2.5.1 allows cgi-bin/up.cgi arbitrary file upload. This can be combined with CVE-2019-18951 to achieve remote code execution via a .html file, containing short codes, that is served over HTTP.2019-11-137.5CVE-2019-18952
MISC
MISC
systematic -- iris_webforms
 		Systematic IRIS WebForms 5.4 and its functionalities can be accessed and used without any form of authentication.2019-11-127.5CVE-2019-18925
MISC
untangle -- ng_firewall
 		The Untangle NG firewall 14.2.0 is vulnerable to an authenticated command injection when logged in as an admin user.2019-11-149CVE-2019-18647
MISC
western_digital -- my_cloud_ex2_ultra_firmwareWestern Digital My Cloud EX2 Ultra firmware 2.31.195 allows a Buffer Overflow with Extended Instruction Pointer (EIP) control via crafted GET/POST parameters.2019-11-139CVE-2019-18931
MISC
MISC
western_digital -- my_cloud_ex2_ultra_firmware
 		Western Digital My Cloud EX2 Ultra firmware 2.31.183 allows web users (including guest accounts) to remotely execute arbitrary code via a download_mgr.cgi stack-based buffer overflow.2019-11-139CVE-2019-18929
MISC
MISC
western_digital -- my_cloud_ex2_ultra_firmware
 		Western Digital My Cloud EX2 Ultra firmware 2.31.183 allows web users (including guest account) to remotely execute arbitrary code via a stack-based buffer overflow. There is no size verification logic in one of functions in libscheddl.so, and download_mgr.cgi makes it possible to enter large-sized f_idx inputs.2019-11-139CVE-2019-18930
MISC
MISC
wordpress -- wordpress
 		A CSV injection in the codepress-admin-columns (aka Admin Columns) plugin 3.4.6 for WordPress allows malicious users to gain remote control of other computers. By choosing formula code as his first or last name, an attacker can create a user with a name that contains malicious code. Other users might download this data as a CSV file and corrupt their PC by opening it in a tool such as Microsoft Excel. The attacker could gain remote access to the user's PC.2019-11-089CVE-2019-17661
MISC
zte -- zxupn-9000e
 		The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by the input validation vulnerability. An attacker could exploit this vulnerability for unauthorized operations.2019-11-087.5CVE-2019-3426
CONFIRM
zte -- zxupn-9000e
 		The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by vulnerability of permission and access control. An attacker could exploit this vulnerability to directly reset or change passwords of other accounts.2019-11-087.5CVE-2019-3425
CONFIRM
Back to top

 

Medium Vulnerabilities

Primary
Vendor -- Product		DescriptionPublishedCVSS ScoreSource & Patch Info
alien-arena -- alien-arena
 		It is possible to cause a DoS condition by causing the server to crash in alien-arena 7.33 by supplying various invalid parameters to the download command.2019-11-124CVE-2010-3439
MISC
MISC
MISC
MISC
apache -- arrow
 		It was discovered that the C++ implementation (which underlies the R, Python and Ruby implementations) of Apache Arrow 0.14.0 to 0.14.1 had a uninitialized memory bug when building arrays with null values in some cases. This can lead to uninitialized memory being unintentionally shared if Arrow Arrays are transmitted over the wire (for instance with Flight) or persisted in the streaming IPC and file formats.2019-11-085CVE-2019-12408
CONFIRM
MLIST
apache -- arrow
 		While investigating UBSAN errors in https://github.com/apache/arrow/pull/5365 it was discovered Apache Arrow versions 0.12.0 to 0.14.1, left memory Array data uninitialized when reading RLE null data from parquet. This affected the C++, Python, Ruby and R implementations. The uninitialized memory could potentially be shared if are transmitted over the wire (for instance with Flight) or persisted in the streaming IPC and file formats.2019-11-085CVE-2019-12410
MLIST
MLIST
MLIST
atlassian -- troubleshooting_and_support_toolThe Atlassian Troubleshooting and Support Tools plugin prior to version 1.17.2 allows an unprivileged user to initiate periodic log scans and send the results to a user-specified email address due to a missing authorization check. The email message may contain configuration information about the application that the plugin is installed into. A vulnerable version of the plugin is included with Bitbucket Server / Data Center before 6.6.0, Confluence Server / Data Center before 7.0.1, Jira Server / Data Center before 8.3.2, Crowd / Crowd Data Center before 3.6.0, Fisheye before 4.7.2, Crucible before 4.7.2, and Bamboo before 6.10.2.2019-11-084CVE-2019-15005
MISC
MISC
atoptool -- atop
 		atop: symlink attack possible due to insecure tempfile handling2019-11-124.6CVE-2011-3618
REDHAT
MISC
DEBIAN
au_optronics -- sunveillance_monitoring_system
 		AUO SunVeillance Monitoring System before v1.1.9e is vulnerable to mvc_send_mail.aspx (MailAdd parameter) SQL Injection. An Attacker can carry a SQL Injection payload to the server, allowing the attacker to read privileged data. This also affects the picture_manage_mvc.aspx plant_no parameter, the swapdl_mvc.aspx plant_no parameter, and the account_management.aspx Text_Postal_Code and Text_Dis_Code parameters.2019-11-125CVE-2019-12720
MISC
MISC
bitweaver -- bitweaver
 		Multiple cross-site scripting (XSS) vulnerabilities in Bitweaver 2.8.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the path info to (1) stats/index.php or (2) newsletters/edition.php or the (3) username parameter to users/remind_password.php, (4) days parameter to stats/index.php, (5) login parameter to users/register.php, or (6) highlight parameter.2019-11-134.3CVE-2012-5193
EXPLOIT-DB
MISC
broadcom -- brocade_sannav
 		A vulnerability, in Brocade SANnav versions before v2.0, could allow remote attackers to brute-force a valid session ID. The vulnerability is due to an insufficiently random session ID for several post-authentication actions in the SANnav portal.2019-11-084.3CVE-2019-16205
CONFIRM
broadcom -- brocade_sannav
 		Password-based encryption (PBE) algorithm, of Brocade SANnav versions before v2.0, has a weakness in generating cryptographic keys that may allow an attacker to decrypt passwords used with several services (Radius, TACAS, etc.).2019-11-085CVE-2019-16208
CONFIRM
ceph -- rgw_server
 		A flaw was found in the Ceph RGW configuration with Beast as the front end handling client requests. An unauthenticated attacker could crash the Ceph RGW server by sending valid HTTP headers and terminating the connection, resulting in a remote denial of service for Ceph RGW clients.2019-11-085CVE-2019-10222
CONFIRM
MISC
cross-origin_resource_sharing -- cross-origin_resource_sharingIt was found that the Syndesis configuration for Cross-Origin Resource Sharing was set to allow all origins. An attacker could use this lack of protection to conduct phishing attacks and further access unauthorized information.2019-11-084.3CVE-2019-14860
REDHAT
CONFIRM
drupal -- drupal
 		A Denial Of Service vulnerability exists in the SVG Sanitizer module through 8.x-1.0-alpha1 for Drupal because access to external resources with an SVG use element is mishandled.2019-11-115CVE-2019-18856
MISC
MISC
dtc-xen -- dtc-xen
 		dtc-xen 0.5.x before 0.5.4 suffers from a race condition where an attacker could potentially get a bash access as xenXX user on the dom0, and then access a potentially reuse an already opened VPS console.2019-11-096.8CVE-2009-4011
MISC
MISC
MISC
elgg_foundation -- elgg
 		Elgg through 1.7.10 has XSS2019-11-124.3CVE-2011-2935
REDHAT
MISC
DEBIAN
enghouse_interactive -- web_chatA remote file include (RFI) issue was discovered in Enghouse Web Chat 6.2.284.34. One can replace the localhost attribute with one's own domain name. When the product calls this domain after the POST request is sent, it retrieves an attacker's data and displays it. Also worth mentioning is the amount of information sent in the request from this product to the attacker: it reveals information the public should not have. This includes pathnames and internal ip addresses.2019-11-135CVE-2019-16951
MISC
enghouse_interactive -- web_chat
 		An XSS issue was discovered in Enghouse Web Chat 6.1.300.31 and 6.2.284.34. The QueueName parameter of a GET request allows for insertion of user-supplied JavaScript.2019-11-134.3CVE-2019-16950
MISC
enghouse_interactive -- web_chat
 		An issue was discovered in Enghouse Web Chat 6.1.300.31 and 6.2.284.34. A user is allowed to send an archive of their chat log to an email address specified at the beginning of the chat (where the user enters in their name and e-mail address). This POST request can be modified to change the message as well as the end recipient of the message. The e-mail address will have the same domain name and user as the product allotted. This can be used in phishing campaigns against users on the same domain.2019-11-134CVE-2019-16949
MISC
envoy_proxy -- envoy
 		Envoy 1.12.0 allows a remote denial of service because of resource loops, as demonstrated by a single idle TCP connection being able to keep a worker thread in an infinite busy loop when continue_on_listener_filters_timeout is used."2019-11-115CVE-2019-18836
MISC
CONFIRM
MISC
MISC
ettercap_project -- ettercap
 		An unchecked sscanf() call in ettercap 0.7.3 allows an insecure temporary settings file to overflow a static-sized buffer on the stack.2019-11-126.8CVE-2010-3844
MISC
MISC
MISC
firegpg -- firegpgFireGPG before 0.6 handle user?s passphrase and decrypted cleartext insecurely by writing pre-encrypted cleartext and the user's passphrase to disk which may result in the compromise of secure communication or a users?s private key.2019-11-085CVE-2008-7272
MISC
MISC
MISC
gargoyle-free -- gargoyle-free
 		If LD_LIBRARY_PATH is undefined in gargoyle-free before 2009-08-25, the variable will point to the current directory. This can allow a local user to trick another user into running gargoyle in a directory with a cracked libgarglk.so and gain access to the user's account.2019-11-124.4CVE-2010-3359
MISC
gnu -- mailutilsmaidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode.2019-11-114.6CVE-2019-18862
MISC
google -- androidIn Download Provider, there is possible SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-1352691432019-11-134.9CVE-2019-2196
MISC
google -- android
 		In binder_free_transaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-133758011References: Upstream kernel2019-11-136.9CVE-2019-2213
MISC
google -- android
 		In poisson_distribution of random, there is an out of bounds read. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-1396904882019-11-134.9CVE-2019-2212
MISC
google -- android
 		In BTA_DmPinReply of bta_dm_api.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-1392876052019-11-134.9CVE-2019-2209
MISC
google -- android
 		In Download Provider, there is a possible SQL injection vulnerability. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-1352701032019-11-134.9CVE-2019-2198
MISC
google -- chrome
 		Use after free vulnerability exists in WebKit in Google Chrome before Blink M12 in RenderLayerwhen removing elements with reflections.2019-11-124.3CVE-2011-2334
MISC
MISC
google -- chrome
 		WebKit in Google Chrome before Blink M11 and M12 does not properly handle counter nodes, which allows remote attackers to cause a denial of service (memory corruption).2019-11-124.3CVE-2011-1802
MISC
MISC
google -- chrome
 		An issue exists in third_party/WebKit/Source/WebCore/svg/animation/SVGSMILElement.h in WebKit in Google Chrome before Blink M11 and M12 when trying to access a removed smil element.2019-11-124.3CVE-2011-1803
MISC
MISC
google -- chrome
 		A double-free vulnerability exists in WebKit in Google Chrome before Blink M12 in the WebCore::CSSSelector function.2019-11-125CVE-2011-2335
MISC
MISC
hibernate -- hibernate_validator
 		A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.2019-11-084.3CVE-2019-10219
CONFIRM
hitachi -- command_suite
 		A vulnerability in Hitachi Command Suite 7.x and 8.x before 8.6.5-00 allows an unauthenticated remote user to read internal information.2019-11-125CVE-2018-21026
MISC
CONFIRM
huawei -- multiple_productsGauss100 OLTP database in ManageOne with versions of 6.5.0 have an out-of-bounds read vulnerability due to the insufficient checks of the specific packet length. Attackers can construct invalid packets to attack the active and standby communication channels. Successful exploit of this vulnerability could allow the attacker to crash the database on the standby node.2019-11-135CVE-2019-5289
MISC
huawei -- multiple_products
 		There is an out of bound read vulnerability in some Huawei products. A remote, unauthenticated attacker may send a corrupt or crafted message to the affected products. Due to a buffer read overflow error when parsing the message, successful exploit may cause some service to be abnormal.2019-11-135CVE-2019-5294
MISC
huawei -- multiple_products
 		Some Huawei products have a memory leak vulnerability when handling some messages. A remote attacker with operation privilege could exploit the vulnerability by sending specific messages continuously. Successful exploit may cause some service to be abnormal.2019-11-134CVE-2019-5293
MISC
huawei -- multiple_smartphones

 		Smartphones with software of ELLE-AL00B 9.1.0.109(C00E106R1P21), 9.1.0.113(C00E110R1P21), 9.1.0.125(C00E120R1P21), 9.1.0.135(C00E130R1P21), 9.1.0.153(C00E150R1P21), 9.1.0.155(C00E150R1P21), 9.1.0.162(C00E160R2P1) have an insufficient verification vulnerability. The system does not verify certain parameters sufficiently, an attacker should connect to the phone and gain high privilege to launch the attack. Successful exploit could cause DOS or malicious code execution.2019-11-134.6CVE-2019-5246
MISC
huawei -- multiple_smartphones
 		Huawei smartphones with versions earlier than Taurus-AL00B 10.0.0.41(SP2C00E41R3P2) have an improper authentication vulnerability. Successful exploitation may cause the attacker to access specific components.2019-11-136.8CVE-2019-5233
MISC
huawei -- multiple_smartphones
 		Bastet module of some Huawei smartphones with Versions earlier than Emily-AL00A 9.0.0.182(C00E82R1P21), Versions earlier than Emily-TL00B 9.0.0.182(C01E82R1P21), Versions earlier than Emily-L09C 9.0.0.203(C432E7R1P11), Versions earlier than Emily-L29C 9.0.0.203(C432E7R1P11), Versions earlier than Emily-L29C 9.0.0.202(C185E2R1P12) have a double free vulnerability. An attacker tricks the user into installing a malicious application, which frees on the same memory address twice. Successful exploit could result in malicious code execution.2019-11-136.8CVE-2019-5282
MISC
huawei -- multiple_smartphones
 		Certain detection module of P30, P30 Pro, Honor V20 smartphone whith Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12), Versions earlier than Princeton-AL10B 9.1.0.233(C00E233R4P3) have a race condition vulnerability. The system does not lock certain function properly, when the function is called by multiple processes could cause out of bound write. An attacker tricks the user into installing a malicious application, successful exploit could cause malicious code execution.2019-11-126.8CVE-2019-5228
MISC
huawei -- p20_pro_and_p20_and_mate_rs_smartphones
 		P20 Pro, P20, Mate RS smartphones with versions earlier than Charlotte-AL00A 9.1.0.321(C00E320R1P1T8), versions earlier than Emily-AL00A 9.1.0.321(C00E320R1P1T8), versions earlier than NEO-AL00D NEO-AL00 9.1.0.321(C786E320R1P1T8) have an improper validation vulnerability. The system does not perform a properly validation of certain input models, an attacker could trick the user to install a malicious application then craft a malformed model, successful exploit could allow the attacker to get and tamper certain output data information.2019-11-134.3CVE-2019-5230
MISC
huawei -- p30_smartphones
 		P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1) have an insufficient verification vulnerability. The system does not verify certain parameters sufficiently, an attacker should connect to the phone and gain high privilege to launch the attack, successful exploit could cause malicious code execution.2019-11-124.6CVE-2019-5229
MISC
ibm -- cognos_analyticsIBM Cognos Analytics 11.0 and 11.1 could reveal sensitive information to an authenticated user that could be used in future attacks against the system. IBM X-Force ID: 161271.2019-11-094CVE-2019-4334
XF
CONFIRM
ibm -- cognos_analyticsIBM Cognos Analytics 11.0 and 11.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or cause the web server to make HTTP requests to arbitrary domains. IBM X-Force ID: 147369.2019-11-096.5CVE-2018-1721
XF
CONFIRM
ibm -- cognos_analyticsIBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 170881.2019-11-094.3CVE-2019-4645
XF
CONFIRM
ibm -- cognos_controller
 		IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 could allow an authenticated user to obtain sensitive information due to easy to guess session identifier names. IBM X-Force ID: 162658.2019-11-094CVE-2019-4411
XF
CONFIRM
ibm -- cognos_controller
 		IBM Cognos Controller stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 162659.2019-11-095CVE-2019-4412
XF
CONFIRM
ibm -- iIBM i 7.2, 7.3, and 7.4 for i is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 163492.2019-11-094.3CVE-2019-4450
XF
CONFIRM
ibm -- qradar
 		IBM QRadar 7.3.0 to 7.3.2 Patch 4 is vulnerable to incorrect authorization in some components which could allow an authenticated user to obtain sensitive information. IBM X-Force ID: 164430.2019-11-094CVE-2019-4509
XF
CONFIRM
ibm -- qradar
 		IBM QRadar 7.3.0 to 7.3.2 Patch 4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 167239.2019-11-094.3CVE-2019-4581
XF
CONFIRM
ibm -- qradar_advisor
 		IBM QRadar Advisor 1.0.0 through 2.4.0 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 166205.2019-11-094CVE-2019-4556
XF
CONFIRM
imagemagick -- imagemagick
 		ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because XML_PARSE_HUGE is not properly restricted in coders/svg.c, related to SVG and libxml2.2019-11-114.3CVE-2019-18853
MISC
MISC
istio -- istio
 		Istio 1.3.x before 1.3.5 allows Denial of Service because continue_on_listener_filters_timeout is set to True, a related issue to CVE-2019-18836.2019-11-125CVE-2019-18817
MISC
MISC
json-jwt_gem_for_ruby_on_rails -- json-jwt_gem_for_ruby_on_rails
 		The json-jwt gem before 1.11.0 for Ruby lacks an element count during the splitting of a JWE string.2019-11-125CVE-2019-18848
MISC
MISC
lavalite -- cms
 		XSS exists in Lavalite CMS 5.7 via the admin/profile name or designation field.2019-11-134.3CVE-2019-18883
MISC
MISC
mantisbt-- mantisbt
 		MantisBT 1.2.x before 1.2.2 insecurely handles attachments and MIME types. Arbitrary inline attachment rendering could lead to cross-domain scripting or other browser attacks.2019-11-094.3CVE-2009-2802
CONFIRM
CONFIRM
MISC
mcafee -- advanced_threat_defenseInformation Disclosure vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attackers to gain access to hashed credentials via carefully constructed POST request extracting incorrectly recorded data from log files.2019-11-134CVE-2019-3649
MISC
mcafee -- advanced_threat_defense
 		Information Disclosure vulnerability in McAfee Advanced Threat Defense (ATD prior to 4.8 allows remote authenticated attackers to gain access to ePO as an administrator via using the atduser credentials, which were too permissive.2019-11-136.5CVE-2019-3651
MISC
mcafee -- advanced_threat_defense
 		Improper Neutralization of HTTP requests in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attacker to execute commands on the server remotely via carefully constructed HTTP requests.2019-11-136.5CVE-2019-3660
CONFIRM
mcafee -- advanced_threat_defense
 		Information Disclosure vulnerability in McAfee Advanced Threat Defense (ATD prior to 4.8 allows remote authenticated attackers to gain access to the atduser credentials via carefully constructed GET request extracting insecurely information stored in the database.2019-11-134CVE-2019-3650
MISC
mcafee -- advanced_threat_defense
 		Path Traversal: '/absolute/pathname/here' vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attacker to gain unintended access to files on the system via carefully constructed HTTP requests.2019-11-144CVE-2019-3662
MISC
mcafee -- advanced_threat_defense
 		Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attacker to execute database commands via carefully constructed time based payloads.2019-11-146.5CVE-2019-3661
MISC

medtronic -- valleylab_exchange_client_and_valleylab_ft10_and__fx8_energy_platform

Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform (VLFT10GEN) software version 4.0.0 and below, and Valleylab FX8 Energy Platform (VLFX8GEN) software version 1.1.0 and below use multiple sets of hard-coded credentials. If discovered, they can be used to read files on the device.2019-11-085CVE-2019-13543
MISC
microsoft -- azure_stack
 		A spoofing vulnerability exists when Azure Stack fails to validate certain requests, aka 'Azure Stack Spoofing Vulnerability'.2019-11-125CVE-2019-1234
MISC
microsoft -- edge
 		A security feature bypass vulnerability exists when Microsoft Edge improperly handles extension requests and fails to request host permission for all_urls, aka 'Microsoft Edge Security Feature Bypass Vulnerability'.2019-11-124.3CVE-2019-1413
MISC

microsoft -- microsoft_office_2016_for_mac_and_microsoft_office_2019_for_mac

A security feature bypass vulnerability exists in Microsoft Office software by not enforcing macro settings on an Excel document, aka 'Microsoft Office Excel Security Feature Bypass'.2019-11-126.8CVE-2019-1457
MISC
microsoft -- multiple_productsAn information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1411.2019-11-124.3CVE-2019-1432
MISC
MISC
microsoft -- multiple_productsA denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. This CVE ID is unique from CVE-2018-12207.2019-11-124.9CVE-2019-1391
MISC
microsoft -- multiple_productsAn information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1432.2019-11-124.3CVE-2019-1411
MISC
MISC
microsoft -- multiple_productsA remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts, aka 'OpenType Font Parsing Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1456.2019-11-126.8CVE-2019-1419
MISC
MISC
microsoft -- multiple_productsA denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0712, CVE-2019-1309, CVE-2019-1310.2019-11-125.5CVE-2019-1399
MISC
microsoft -- multiple_products
 		A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-1309, CVE-2019-1310, CVE-2019-1399.2019-11-126.8CVE-2019-0712
MISC
microsoft -- multiple_products
 		A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls, aka 'Microsoft splwow64 Elevation of Privilege Vulnerability'.2019-11-124.6CVE-2019-1380
MISC
MISC
microsoft -- multiple_products
 		A security feature bypass vulnerability exists when Windows Netlogon improperly handles a secure communications channel, aka 'NetLogon Security Feature Bypass Vulnerability'.2019-11-126.8CVE-2019-1424
MISC
microsoft -- multiple_products
 		An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.2019-11-124.3CVE-2019-1446
MISC
microsoft -- multiple_products
 		A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages.To exploit this vulnerability, an attacker could send a specially crafted authentication request, aka 'Microsoft Windows Security Feature Bypass Vulnerability'.2019-11-126.5CVE-2019-1384
MISC
microsoft -- multiple_products
 		An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'.2019-11-124.3CVE-2019-1439
MISC
microsoft -- multiple_products
 		An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka 'Windows Data Sharing Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1379, CVE-2019-1417.2019-11-124.6CVE-2019-1383
MISC
microsoft -- multiple_products
 		An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka 'Windows Data Sharing Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1379, CVE-2019-1383.2019-11-124.6CVE-2019-1417
MISC
microsoft -- multiple_products
 		An elevation of privilege vulnerability exists in the way that the dssvc.dll handles file creation allowing for a file overwrite or creation in a secured location, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1422, CVE-2019-1423.2019-11-124.6CVE-2019-1420
MISC
microsoft -- multiple_products
 		An elevation of privilege vulnerability exists in the way that the iphlpsvc.dll handles file creation allowing for a file overwrite, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1420, CVE-2019-1423.2019-11-124.6CVE-2019-1422
MISC
MISC
microsoft -- multiple_products
 		A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts, aka 'OpenType Font Parsing Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1419.2019-11-126.8CVE-2019-1456
MISC
MISC
microsoft -- multiple_products
 		An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory, aka 'Windows Error Reporting Information Disclosure Vulnerability'.2019-11-124.3CVE-2019-1374
MISC
microsoft -- multiple_products
 		An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka 'Windows Installer Elevation of Privilege Vulnerability'.2019-11-124.6CVE-2019-1415
MISC
microsoft -- multiple_sharepoint_products
 		An information disclosure vulnerability exists in Microsoft SharePoint when an attacker uploads a specially crafted file to the SharePoint Server.An authenticated attacker who successfully exploited this vulnerability could potentially leverage SharePoint functionality to obtain SMB hashes.The security update addresses the vulnerability by correcting how SharePoint checks file content., aka 'Microsoft SharePoint Information Disclosure Vulnerability'.2019-11-124CVE-2019-1443
MISC
microsoft -- office_online_server
 		A spoofing vulnerability exists when Office Online does not validate origin in cross-origin communications handlers correctly, aka 'Microsoft Office Online Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-1447.2019-11-125.8CVE-2019-1445
MISC
microsoft -- office_online_server
 		A spoofing vulnerability exists when Office Online does not validate origin in cross-origin communications handlers correctly, aka 'Microsoft Office Online Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-1445.2019-11-125.8CVE-2019-1447
MISC
microsoft -- sharepoint_server_2019
 		A security feature bypass vulnerability exists when Microsoft Office does not validate URLs.An attacker could send a victim a specially crafted file, which could trick the victim into entering credentials, aka 'Microsoft Office Security Feature Bypass Vulnerability'.2019-11-124.3CVE-2019-1442
MISC
microsoft -- windows_10_and_windows_server
 		An elevation of privilege vulnerability exists in the way that the StartTileData.dll handles file creation in protected locations, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1420, CVE-2019-1422.2019-11-124.6CVE-2019-1423
MISC
MISC
microsoft -- windows_10_and_windows_server_2019
 		An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka 'Windows Data Sharing Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1383, CVE-2019-1417.2019-11-124.6CVE-2019-1379
MISC
microsoft -- windows_10_and_windows_server_2019_and_windows_server
 		An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles IPv6 flowlabel filled in packets, aka 'Windows TCP/IP Information Disclosure Vulnerability'.2019-11-125CVE-2019-1324
MISC
microsoft -- windows_10_and_windows_server_2019_and_windows_server
 		An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges.The security update addresses the vulnerability by correcting how AppX Deployment Extensions manages privileges., aka 'Windows AppX Deployment Extensions Elevation of Privilege Vulnerability'.2019-11-126.1CVE-2019-1385
MISC
MISC
microsoft -- windows_10_and_windows_server_2019_and_windows_server
 		A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0712, CVE-2019-1310, CVE-2019-1399.2019-11-126.8CVE-2019-1309
MISC
microsoft -- windows_10_and_windows_server_2019_and_windows_server
 		An elevation of privilege vulnerability exists due to a race condition in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'.2019-11-124.4CVE-2019-1416
MISC
microsoft -- windows_10_and_windows_server_2019_and_windows_server
 		A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0712, CVE-2019-1309, CVE-2019-1399.2019-11-126.8CVE-2019-1310
MISC
microstrategy -- microstrategy
 		Microstrategy Library in MicroStrategy before 2019 before 11.1.3 has reflected XSS.2019-11-144.3CVE-2019-18957
MISC
FULLDISC
MISC
mitel -- micollab_and_mivoice_business_express_versions
 		A vulnerability in the web conference chat component of MiCollab, versions 7.3 PR6 (7.3.0.601) and earlier, and 8.0 (8.0.0.40) through 8.0 SP2 FP2 (8.0.2.202), and MiVoice Business Express versions 7.3 PR3 (7.3.1.302) and earlier, and 8.0 (8.0.0.40) through 8.0 SP2 FP1 (8.0.2.202), could allow creation of unauthorized chat sessions, due to insufficient access controls. A successful exploit could allow execution of arbitrary commands.2019-11-125CVE-2018-18819
MISC
CONFIRM
mod_ruid2 -- mod_ruid2
 		mod_ruid2 before 0.9.8 improperly handles file descriptors which allows remote attackers to bypass security using a CGI script to break out of the chroot.2019-11-085CVE-2013-1889
MISC
MISC
MISC
CONFIRM
moodle -- moodleMoodle before 2.2.2: Overview report allows users to see hidden courses2019-11-144CVE-2012-1159
MISC
MISC
MISC
MISC
MISC
MISC
MISC
CONFIRM
MISC
moodle -- moodle
 		Moodle before 2.2.2 has an external enrolment plugin context check issue where capability checks are not thorough2019-11-145CVE-2012-1170
MISC
MISC
MISC
MISC
MISC
MISC
MISC
CONFIRM
MISC
moodle -- moodle
 		Moodle before 2.2.2: Course information leak via hidden courses being displayed in tag search results2019-11-144CVE-2012-1161
MISC
MISC
MISC
MISC
MISC
MISC
MISC
CONFIRM
MISC
nvidia -- geforce_experienceNVIDIA GeForce Experience, all versions prior to 3.20.1, contains a vulnerability in the Downloader component in which a user with local system access can craft input that may allow malicious files to be downloaded and saved. This behavior may lead to code execution, denial of service, or information disclosure.2019-11-094.6CVE-2019-5689
CONFIRM
nvidia -- geforce_experience
 		NVIDIA GeForce Experience, all versions prior to 3.20.1, contains a vulnerability when GameStream is enabled in which an attacker with local system access can load the Intel graphics driver DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service, information disclosure, or escalation of privileges through code execution.2019-11-094.4CVE-2019-5701
CONFIRM
nvidia -- geforce_experience_and_windows_gpu_display_driver
 		NVIDIA GeForce Experience (prior to 3.20.1) and Windows GPU Display Driver (all versions) contains a vulnerability in the local service provider component in which an attacker with local system and privileged access can incorrectly load Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution.2019-11-124.4CVE-2019-5695
CONFIRM
CONFIRM
nvidia -- windows_gpu_display_driverNVIDIA Windows GPU Display Driver, R390 driver version, contains a vulnerability in NVIDIA Control Panel in which it incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution. The attacker requires local system access.2019-11-094.4CVE-2019-5694
MISC
nvidia -- windows_gpu_display_driver
 		NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) in which the program accesses or uses a pointer that has not been initialized, which may lead to denial of service.2019-11-094.9CVE-2019-5693
CONFIRM
offlineimap -- offlineimap
 		offlineimap before 6.3.2 does not check for SSL server certificate validation when "ssl = yes" option is specified which can allow man-in-the-middle attacks.2019-11-134.3CVE-2010-4532
MISC
MISC
MISC
MISC
MISC
openstack -- keystone
 		OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space2019-11-125CVE-2012-1572
MISC
MISC
pediapress -- mwlib
 		mwlib 0.13 through 0.13.4 has a denial of service vulnerability when parsing #iferror magic functions2019-11-125CVE-2012-1109
MISC
MISC
MISC
philips -- tasy_emrIn Tasy EMR, Tasy WebPortal Versions 3.02.1757 and prior, there is an information exposure vulnerability which may allow a remote attacker to access system and configuration information.2019-11-085CVE-2019-13557
MISC
phoenix -- winflash_and_winflash32_drivers
 		In Phoenix SCT WinFlash 1.1.12.0 through 1.5.74.0, the included drivers could be used by a malicious Windows application to gain elevated privileges. Adverse impacts are limited to the Windows environment and there is no known direct impact to the UEFI firmware. This was fixed in late June 2019.2019-11-136.8CVE-2019-18279
MISC
MISC
CONFIRM
phpbb -- phpbb
 		phpbb 3.0.x-3.0.6 has an XSS vulnerability via the [flash] BB tag.2019-11-144.3CVE-2011-0544
MISC
MISC
pixelpost -- pixelpost
 		Cross-site request forgery (CSRF) vulnerability in pixelpost 1.7.3 could allow remote attackers to change the admin password.2019-11-126.8CVE-2010-3305
MISC
MISC
EXPLOIT-DB
MLIST
plesk -- parallels_plesk_panelParallels Plesk Panel 9.5 allows XSS in target/locales/tr-TR/help/index.htm? via the "fileName" parameter.2019-11-134.3CVE-2019-18793
MISC
psutil -- psutil
 		psutil (aka python-psutil) through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object.2019-11-125CVE-2019-18874
MISC
qpid-cpp -- qpid-cpp
 		qpid-cpp 1.0 crashes when a large message is sent and the Digest-MD5 mechanism with a security layer is in use .2019-11-094CVE-2009-5004
MISC
MISC
MISC
MISC
red_hat -- hornetq_rest
 		HornetQ REST is vulnerable to XML External Entity due to insecure configuration of RestEasy2019-11-124.3CVE-2014-3599
MISC
MISC
red_hat -- jboss_brms
 		JBoss BRMS before 5.1.0 has a XSS vulnerability via asset=UUID parameter.2019-11-124.3CVE-2010-3857
MISC
MISC
MISC
red_hat -- jboss_keycloak
 		JBoss KeyCloak is vulnerable to soft token deletion via CSRF2019-11-134.3CVE-2014-3655
MISC
MISC
MISC
red_hat -- jboss_operations_network
 		In JON 2.1.x before 2.1.2 SP1, users can obtain unauthorized security information about private resources managed by JBoss ON.2019-11-084CVE-2008-5083
MISC
MISC
red_hat -- tuned
 		tuned before 2.x allows local users to kill running processes due to insecure permissions with tuned's ktune service.2019-11-084.7CVE-2013-1820
MISC
MISC
MISC
red_hat -- vdsm_and_vdsclient
 		vdsm and vdsclient does not validate certficate hostname from another vdsm which could facilitate a man-in-the-middle attack2019-11-134.3CVE-2014-8167
MISC
REDHAT
red_hat -- openshift_origin
 		OpenShift Origin: Improperly validated team names could allow stored XSS attacks2019-11-134.3CVE-2014-3592
MISC
MISC
ruby_on_rails -- ruby_on_rails
 		The encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to padding oracle attacks.2019-11-124.3CVE-2010-3299
MISC
MLIST
MISC
MISC
sap -- businessobjects_business_intelligence_platformSAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), corrected in versions 4.1 and 4.2, does not sufficiently validate an XML document accepted from an untrusted source. An attacker can craft a message that contains malicious elements that will not be correctly filtered by Web Intelligence HTML interface in some specific workflows.2019-11-135.5CVE-2019-0396
MISC
MISC
sap -- data_hub
 		Under certain conditions SAP Data Hub (corrected in DH_Foundation version 2) allows an attacker to access information which would otherwise be restricted. Connection details that are maintained in Connection Manager are visible to users.2019-11-134CVE-2019-0390
MISC
MISC
sap -- netweaver_application_server_javaAn administrator of SAP NetWeaver Application Server Java (J2EE-Framework), (corrected in versions 7.1, 7.2, 7.3, 7.31, 7.4, 7.5), may change privileges for all or some functions in Java Server, and enable users to execute functions, they are not allowed to execute otherwise.2019-11-136.5CVE-2019-0389
MISC
MISC
sap -- netweaver_as_java
 		Under certain conditions SAP NetWeaver AS Java (corrected in 7.10, 7.20, 7.30, 7.31, 7.40, 7.50) allows an attacker to access information which would otherwise be restricted.2019-11-134CVE-2019-0391
MISC
MISC
sap -- quality_managementAn SQL Injection vulnerability in SAP Quality Management (corrected in S4CORE versions 1.0, 1.01, 1.02, 1.03) allows an attacker to carry out targeted database queries that can read individual fields of historical inspection results.2019-11-134CVE-2019-0393
MISC
MISC
sibsoft -- xfilesharing
 		SibSoft Xfilesharing through 2.5.1 allows op=page&tmpl=../ directory traversal to read arbitrary files.2019-11-135CVE-2019-18951
MISC
MISC
slack-chat -- slack-chat
 		Slack-Chat through 1.5.5 leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack (channels, members, etc.).2019-11-125CVE-2019-14367
MISC
MISC
status -- satusnet
 		statusnet before 0.9.9 has XSS2019-11-124.3CVE-2011-3370
REDHAT
MISC
DEBIAN
svg-sanitizer -- svg-sanitizer
 		darylldoyle svg-sanitizer before 0.12.0 mishandles script and data values in attributes, as demonstrated by unexpected whitespace such as in the javascript&#9;:alert substring.2019-11-115CVE-2019-18857
MISC
MISC
systematic -- iris_standards_management
 		Systematic IRIS Standards Management (ISM) v2.1 SP1 89 is vulnerable to unauthenticated reflected Cross Site Scripting (XSS). A user input (related to dialog information) is reflected directly in the web page, allowing a malicious user to conduct a Cross Site Scripting attack against users of the application.2019-11-124.3CVE-2019-18926
MISC
systematic -- iris_webforms
 		Systematic IRIS WebForms 5.4 is vulnerable to directory traversal. By manipulating variables that reference files with ../ (and variations), it is possible to list all the directories and check if a particular file exists.2019-11-125CVE-2019-18924
MISC
tibco -- ebx
 		The Web server component of TIBCO Software Inc.'s TIBCO EBX contains multiple vulnerabilities that theoretically allow authenticated users to perform stored cross-site scripting (XSS) attacks, and unauthenticated users to perform reflected cross-site scripting attacks. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions up to and including 5.8.1.fixR, versions 5.9.3, 5.9.4, 5.9.5, and 5.9.6.2019-11-124.3CVE-2019-17330
MISC
MISC
tibco -- ebx
 		The Digital Asset Manager Web Interface component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions up to and including 3.20.13, versions 4.1.0, 4.2.0, 4.2.1, and 4.2.2.2019-11-124.3CVE-2019-17332
MISC
MISC
tmaxsoft -- jeus
 		JEUS 7 Fix#0~5 and JEUS 8Fix#0~1 versions contains a directory traversal vulnerability caused by improper input parameter check when uploading installation file in administration web page. That leads remote attacker to execute arbitrary code via uploaded file.2019-11-086.5CVE-2019-17327
MISC
tnef -- tnef
 		In tnef before 1.4.18, an attacker may be able to write to the victim's .ssh/authorized_keys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a heap-based buffer over-read involving strdup.2019-11-114.3CVE-2019-18849
MISC
MISC
trilex_labs -- letodms
 		letodms has multiple XSS issues: Reflected XSS in Login Page, Stored XSS in Document Owner/User name, Stored XSS in Calendar2019-11-134.3CVE-2012-4384
MISC
DEBIAN
trilex_labs -- letodms
 		letodms 3.3.6 has CSRF via change password2019-11-134.3CVE-2012-4385
MISC
DEBIAN
MISC
twisted_matrix_labs -- twisted
 		Python Twisted 14.0 trustRoot is not respected in HTTP client2019-11-125CVE-2014-7143
MISC
MISC
MISC
MISC
untangle -- ng_firewall
 		The Untangle NG firewall 14.2.0 is vulnerable to authenticated inline-query SQL injection within the timeDataDynamicColumn parameter when logged in as an admin user.2019-11-146.5CVE-2019-18646
MISC
wolfssl -- wolfssl
 		In wolfSSL 4.1.0 through 4.2.0c, there are missing sanity checks of memory accesses in parsing ASN.1 certificate data while handshaking. Specifically, there is a one-byte heap-based buffer overflow inside the DecodedCert structure in GetName in wolfcrypt/src/asn.c because the domain name location index is mishandled. Because a pointer is overwritten, there is an invalid free.2019-11-095CVE-2019-18840
MISC
wordpress -- wordpressA Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for WordPress, related to unlimited recursion for a '<use ... xlink:href="https://www.us-cert.gov#identifier">' substring.2019-11-115CVE-2019-18854
MISC
MISC
MISC
MISC
wordpress -- wordpress
 		A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for WordPress, related to potentially unwanted elements or attributes.2019-11-115CVE-2019-18855
MISC
MISC
MISC
MISC
wordpress -- wordpress
 		includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress is vulnerable to stored XSS.2019-11-124.3CVE-2019-17236
MISC
MISC
wordpress -- wordpress
 		includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows unauthenticated arbitrary file deletion.2019-11-126.4CVE-2019-17234
MISC
MISC
wordpress -- wordpress
 		includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows information disclosure.2019-11-125CVE-2019-17235
MISC
MISC
wordpress -- wordpress
 		includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows CSRF.2019-11-126.8CVE-2019-17237
MISC
MISC
wordpress -- wordpress
 		WP SlackSync plugin through 1.8.5 for WordPress leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack (channels, members, etc.).2019-11-125CVE-2019-14366
MISC
wordpress -- wordpress
 		The Intercom plugin through 1.2.1 for WordPress leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack (channels, members, etc.).2019-11-125CVE-2019-14365
MISC
wso2 -- identity_serverWSO2 IS as Key Manager 5.7.0 allows unauthenticated reflected XSS in the dashboard user profile.2019-11-124.3CVE-2019-18881
MISC
wso2 -- identity_server
 		WSO2 IS as Key Manager 5.7.0 allows stored XSS in download-userinfo.jag because Content-Type is mishandled.2019-11-124.3CVE-2019-18882
MISC
znc -- znc
 		NULL pointer dereference vulnerability in ZNC before 0.092 caused by traffic stats when there are unauthenticated connections.2019-11-125CVE-2010-2488
MISC
MISC
MISC
CONFIRM
zyxel -- p-1302-t10d_devicesZyXEL P-1302-T10D v3 devices with firmware version 2.00(ABBX.3) and earlier do not properly enforce access control and could allow an unauthorized user to access certain pages that require admin privileges.2019-11-124CVE-2019-15815
CONFIRM
Back to top

 

Low Vulnerabilities

Primary
Vendor -- Product		DescriptionPublishedCVSS ScoreSource & Patch Info
alsa-utils -- alsa-utils
 		alsa-utils 1.0.19 and later versions allows local users to overwrite arbitrary files via a symlink attack via the /usr/bin/alsa-info and /usr/bin/alsa-info.sh scripts.2019-11-093.6CVE-2009-0035
MISC
MISC
MISC
babiloo -- babiloo
 		babiloo 2.0.9 before 2.0.11 creates temporary files with predictable names when downloading and unpacking dictionary files, allowing a local attacker to overwrite arbitrary files.2019-11-123.3CVE-2010-3440
MISC
MISC
MISC
broadcom -- brocade_sannav
 		The authentication mechanism, in Brocade SANnav versions before v2.0, logs plaintext account credentials at the ?trace? and the 'debug' logging level; which could allow a local authenticated attacker to access sensitive information.2019-11-082.1CVE-2019-16206
CONFIRM
google -- android
 		In processPhonebookAccess of CachedBluetoothDevice.java, there is a possible permission bypass due to an insecure default value. This could lead to local information disclosure of the user's contact list with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-1385294412019-11-132.1CVE-2019-2197
MISC
huawei -- honor_10_and_honor_8a_and_y6_smartphones
 		Honor 10 Lite, Honor 8A, Huawei Y6 mobile phones with the versions before 9.1.0.217(C00E215R3P1), the versions before 9.1.0.205(C00E97R1P9), the versions before 9.1.0.205(C00E97R2P2) have an information leak vulnerability. Due to improper function error records of some module, an attacker with the access permission may exploit the vulnerability to obtain some information.2019-11-132.1CVE-2019-5292
MISC
huawei -- honor_play_smartphonesHonor play smartphones with versions earlier than Cornell-AL00A 9.1.0.321(C00E320R1P1T8) have an insufficient authentication vulnerability. The system has a logic judge error under certain scenario. Successful exploit could allow the attacker to modify the alarm clock settings after a serious of uncommon operations without unlock the screen lock.2019-11-121.9CVE-2019-5213
MISC
huawei -- p30_smartphones
 		P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.186(C00E180R2P1) have an improper authorization vulnerability. The software incorrectly performs an authorization check when a user attempts to perform certain action. Successful exploit could allow the attacker to update a crafted package.2019-11-132.1CVE-2019-5231
MISC
huawei -- p30_smartphones
 		An information-exposure vulnerability was discovered where openstack-mistral's undercloud log files containing clear-text information were made world readable. A malicious system user could exploit this flaw to access sensitive user information.2019-11-082.1CVE-2019-3866
CONFIRM
ibm -- qradar
 		IBM QRadar 7.3.0 to 7.3.2 Patch 4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 163618.2019-11-093.5CVE-2019-4454
XF
CONFIRM
ibm -- qradar
 		IBM QRadar 7.3.0 to 7.3.2 Patch 4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 163779.2019-11-093.5CVE-2019-4470
XF
CONFIRM
ibm -- spectrum_protect_plusIBM Spectrum Protect Plus 10.1.0 through 10.1.4 uses insecure file permissions on restored files and directories in Windows which could allow a local user to obtain sensitive information or perform unauthorized actions. IBM X-Force ID: 170963.2019-11-123.6CVE-2019-4652
XF
CONFIRM
liboping -- liboping
 		liboping 1.3.2 allows users reading arbitrary files upon the local system.2019-11-092.1CVE-2009-3614
MISC
MISC
mailscanner -- mailscanner
 		The update{_bad,}_phishing_sites scripts in mailscanner 4.79.11-2 downloads files and trusts them without using encryption (e.g., https) or digital signature checking which could allow an attacker to replace certain configuration files (e.g., phishing whitelist) via dns/packet spoofing.2019-11-122.1CVE-2010-3292
MISC
MISC
MISC
MLIST
mailscanner -- mailscanner
 		mailscanner before 4.79.11-2.1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files. NOTE: this issue exists because of an incomplete fix for CVE-2008-5313.2019-11-123.3CVE-2010-3095
MISC
MISC
MISC
MLIST
mcafee -- advanced_threat_defense
 		Unprotected Storage of Credentials vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows local attacker to gain access to the root password via accessing sensitive files on the system.2019-11-142.1CVE-2019-3663
MISC
mcafee -- threat_intelligence_exchange_server
 		Abuse of Authorization vulnerability in APIs exposed by TIE server in McAfee Threat Intelligence Exchange Server (TIE Server) 3.0.0 allows remote authenticated users to modify stored reputation data via specially crafted messages.2019-11-133.5CVE-2019-3641
CONFIRM
medtronic -- valleylab_ft10_energy_platform_and_ls10_energy_platform
 		In Medtronic Valleylab FT10 Energy Platform (VLFT10GEN) version 2.1.0 and lower and version 2.0.3 and lower, and Valleylab LS10 Energy Platform (VLLS10GEN?not available in the United States) version 1.20.2 and lower, the RFID security mechanism used for authentication between the FT10/LS10 Energy Platform and instruments can be bypassed, allowing for inauthentic instruments to connect to the generator.2019-11-082.1CVE-2019-13531
MISC
medtronic -- valleylab_ft10_energy_platform_and_valleylab_ls10_energy_platform
 		In Medtronic Valleylab FT10 Energy Platform (VLFT10GEN) version 2.1.0 and lower and version 2.0.3 and lower, and Valleylab LS10 Energy Platform (VLLS10GEN?not available in the United States) version 1.20.2 and lower, the RFID security mechanism does not apply read protection, allowing for full read access of the RFID security mechanism data.2019-11-082.1CVE-2019-13535
MISC
microsoft -- multiple_productsAn information disclosure vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka 'Microsoft Office Information Disclosure Vulnerability'.2019-11-122.1CVE-2019-1402
MISC
microsoft -- multiple_products
 		An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules Installer Service Information Disclosure Vulnerability'.2019-11-122.1CVE-2019-1418
MISC
microsoft -- multiple_products
 		An information disclosure vulnerability exists when the Windows Remote Procedure Call (RPC) runtime improperly initializes objects in memory, aka 'Windows Remote Procedure Call Information Disclosure Vulnerability'.2019-11-122.1CVE-2019-1409
MISC
microsoft -- multiple_products
 		An information disclosure vulnerability exists when the Windows Servicing Stack allows access to unprivileged file locations, aka 'Microsoft Windows Information Disclosure Vulnerability'.2019-11-122.1CVE-2019-1381
MISC
microsoft -- multiple_products
 		An elevation of privilege vulnerability exists when ActiveX Installer service may allow access to files without proper authentication, aka 'Microsoft ActiveX Installer Service Elevation of Privilege Vulnerability'.2019-11-122.1CVE-2019-1382
MISC
microsoft -- multiple_products
 		An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1440.2019-11-122.1CVE-2019-1436
MISC
microsoft -- multiple_products
 		An information disclosure vulnerability exists in Windows Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory, aka 'OpenType Font Driver Information Disclosure Vulnerability'.2019-11-122.1CVE-2019-1412
MISC
MISC
microsoft -- open_enclave_sdk
 		An information disclosure vulnerability exists when affected Open Enclave SDK versions improperly handle objects in memory, aka 'Open Enclave SDK Information Disclosure Vulnerability'.2019-11-122.1CVE-2019-1370
MISC

microsoft -- windows_10_and_windows_server_2019_and_windows_server

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1436.2019-11-122.1CVE-2019-1440
MISC
mysql-gui-tools -- mysql-gui-tools
 		mysql-gui-tools (mysql-query-browser and mysql-admin) before 5.0r14+openSUSE-2.3 exposes the password of a user connected to the MySQL server in clear text form via the list of running processes.2019-11-122.1CVE-2010-4177
MISC
MISC
MISC
MISC
MISC
MISC
netgear -- wnr3500u_and_wnr3500lCross-site scripting (XSS) vulnerability in NETGEAR WNR3500U and WNR3500L.2019-11-133.5CVE-2013-3517
MISC
MISC
nvidia -- virtual_gpu_manager
 		NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in the vGPU plugin, in which an input index value is incorrectly validated, which may lead to denial of service.2019-11-092.1CVE-2019-5698
CONFIRM
nvidia -- virtual_gpu_manager
 		NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in which the provision of an incorrectly sized buffer by a guest VM leads to GPU out-of-bound access, which may lead to a denial of service.2019-11-092.1CVE-2019-5696
CONFIRM
nvidia -- virtual_gpu_manager
 		NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in which it may grant a guest access to memory that it does not own, which may lead to information disclosure or denial of service.2019-11-093.6CVE-2019-5697
CONFIRM
pacemaker -- pacemaker
 		Pacemaker before 1.1.6 configure script creates temporary files insecurely2019-11-123.3CVE-2011-5271
MISC
MISC
MISC
MISC
patriot -- viper_rgb
 		The MsIo64.sys and MsIo32.sys drivers in Patriot Viper RGB before 1.1 allow local users (including low integrity processes) to read and write to arbitrary memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, by mapping \Device\PhysicalMemory into the calling process via ZwOpenSection and ZwMapViewOfSection.2019-11-093.6CVE-2019-18845
MISC
red_hat -- 389_directory_serverA flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes.2019-11-083.5CVE-2019-14824
CONFIRM
red_hat -- enterprise_virtualization_manager
 		In RHEV-M VDC 2.2.0, it was found that the SSL certificate was not verified when using the client-side Red Hat Enterprise Virtualization Manager interface (a Windows Presentation Foundation (WPF) XAML browser application) to connect to the Red Hat Enterprise Virtualization Manager. An attacker on the local network could use this flaw to conduct a man-in-the-middle attack, tricking the user into thinking they are viewing the Red Hat Enterprise Virtualization Manager when the content is actually attacker-controlled, or modifying actions a user requested Red Hat Enterprise Virtualization Manager to perform.2019-11-092.9CVE-2009-3552
MISC
MISC
BUGTRAQ
sap -- businessobjects_business_intelligence_platform
 		A Cross-Site Scripting vulnerability exists in SAP BusinessObjects Business Intelligence Platform (Web Intelligence-Publication related pages); corrected in version 4.2. Privileges are required in order to exploit this vulnerability.2019-11-133.5CVE-2019-0382
MISC
MISC
sap -- enable_now
 		SAP Enable Now, before version 1908, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.2019-11-133.5CVE-2019-0385
MISC
MISC
technicolor -- tc7300_router
 		An XSS vulnerability on Technicolor TC7300 STFA.51.20 devices allows remote attackers to inject arbitrary web script via the "Connected Clients" field to /wlanAccess.asp. An intranet host can use a crafted hostname to exploit this.2019-11-133.5CVE-2019-17524
MISC
MISC
technicolor -- tc7300_router
 		An XSS vulnerability on Technicolor TC7300 STFA.51.20 devices allows remote attackers to inject arbitrary web script via the FileName parameter to /FTPDiag.asp.2019-11-133.5CVE-2019-17523
MISC
MISC
tibco -- ebx
 		The Data Exchange Web Interface component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions up to and including 3.20.13, version 4.1.0.2019-11-123.5CVE-2019-17331
MISC
MISC
untangle -- ng_firewall
 		When logged in as an admin user, the Title input field (under Reports) within Untangle NG firewall 14.2.0 is vulnerable to stored XSS.2019-11-143.5CVE-2019-18649
MISC
untangle -- ng_firewall
 		When logged in as an admin user, the Untangle NG firewall 14.2.0 is vulnerable to reflected XSS at multiple places and specific user input fields.2019-11-143.5CVE-2019-18648
MISC
Back to top

 

Severity Not Yet Assigned

Primary
Vendor -- Product		DescriptionPublishedCVSS ScoreSource & Patch Info
3xlogic-- infinias_access_control
 		A cross-site request forgery (CSRF) vulnerability in 3xLogic Infinias Access Control through 6.6.9586.0 allows remote attackers to execute malicious and unauthorized actions (e.g., delete application users) by sending a crafted HTML document to a user that the website trusts. The user needs to have an active privileged session.2019-11-14not yet calculatedCVE-2019-18651
MISC
actiontec -- mi424wr-gen3i_routerUnspecified Cross-site scripting (XSS) vulnerability in the Verizon FIOS Actiontec MI424WR-GEN3I router.2019-11-13not yet calculatedCVE-2013-3097
MISC
MISC
MISC
MISC
adobe -- animate_ccAdobe Animate CC versions 19.2.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.2019-11-14not yet calculatedCVE-2019-7960
CONFIRM
adobe -- bridge_ccAdobe Bridge CC versions 9.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to information disclosure.2019-11-14not yet calculatedCVE-2019-8239
CONFIRM
adobe -- bridge_ccAdobe Bridge CC versions 9.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to information disclosure.2019-11-14not yet calculatedCVE-2019-8240
CONFIRM
adobe -- illustrator_ccAdobe Illustrator CC versions 23.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution .2019-11-14not yet calculatedCVE-2019-8248
CONFIRM
adobe -- illustrator_ccAdobe Illustrator CC versions 23.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.2019-11-14not yet calculatedCVE-2019-7962
CONFIRM
adobe -- illustrator_ccAdobe Illustrator CC versions 23.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution .2019-11-14not yet calculatedCVE-2019-8247
CONFIRM
adobe -- media_encoderAdobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2019-11-14not yet calculatedCVE-2019-8242
CONFIRM
MISC
adobe -- media_encoderAdobe Media Encoder versions 13.1 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .2019-11-14not yet calculatedCVE-2019-8246
CONFIRM
adobe -- media_encoderAdobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2019-11-14not yet calculatedCVE-2019-8241
CONFIRM
MISC
adobe -- media_encoderAdobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2019-11-14not yet calculatedCVE-2019-8244
CONFIRM
MISC
adobe -- media_encoderAdobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2019-11-14not yet calculatedCVE-2019-8243
CONFIRM
MISC
advan -- i6a_android_deviceThe Advan i6A Android device with a build fingerprint of ADVAN/i6A/i6A:8.1.0/O11019/1523602705:userdebug/test-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15357
MISC
allview -- x5_android_deviceThe Allview X5 Android device with a build fingerprint of ALLVIEW/X5_Soul_Mini/X5_Soul_Mini:8.1.0/O11019/1522468763:userdebug/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15383
MISC
archos -- core_101_android_deviceThe Archos Core 101 Android device with a build fingerprint of archos/MTKAC101CR3G_ARCHOS/ac101cr3g:7.0/NRD90M/20180611.034442:user/release-keys contains a pre-installed app with a package name of com.roco.autogen app (versionCode=1, versionName=1) that allows any app co-located on the device to programmatically disable and enable Wi-Fi without the corresponding access permission through an exported interface.2019-11-14not yet calculatedCVE-2019-15387
MISC
artifex -- ghostscriptA flaw was found in all versions of ghostscript 9.x before 9.28, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges within the Ghostscript and access files outside of restricted areas or execute commands.2019-11-15not yet calculatedCVE-2019-14869
MLIST
CONFIRM
CONFIRM
CONFIRM
FEDORA
asus -- asus_a002_2_android_deviceThe Asus ASUS_A002_2 Android device with a build fingerprint of asus/WW_ASUS_A002_2/ASUS_A002_2:7.0/NRD90M/14.1610.1802.18-20180321:user/release-keys contains a pre-installed app with a package name of com.asus.loguploaderproxy app (versionCode=1570000020, versionName=7.0.0.4_170901) that allows other pre-installed apps to perform command execution via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15402
MISC
asus -- asus_a002_android_deviceThe Asus ASUS_A002 Android device with a build fingerprint of asus/WW_ASUS_A002/ASUS_A002:7.0/NRD90M/14.1600.1805.51-20180626:user/release-keys contains a pre-installed app with a package name of com.asus.loguploaderproxy app (versionCode=1570000020, versionName=7.0.0.4_170901) that allows other pre-installed apps to perform command execution via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15401
MISC
asus -- asus_x00K_1_android_deviceThe Asus ASUS_X00K_1 Android device with a build fingerprint of asus/CN_X00K/ASUS_X00K_1:7.0/NRD90M/CN_X00K-14.01.1711.27-20180420:user/release-keys contains a pre-installed app with a package name of com.asus.loguploaderproxy app (versionCode=1570000015, versionName=7.0.0.3_161222) that allows other pre-installed apps to perform command execution via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15405
MISC
asus -- asus_x00k_1_android_deviceThe Asus ASUS_X00K_1 Android device with a build fingerprint of asus/CN_X00K/ASUS_X00K_1:7.0/NRD90M/CN_X00K-14.01.1711.27-20180420:user/release-keys contains a pre-installed app with a package name of com.lovelyfont.defcontainer app (versionCode=5, versionName=5.0.1) that allows unauthorized command execution via a confused deputy attack. This capability can be accessed by any app co-located on the device.2019-11-14not yet calculatedCVE-2019-15418
MISC
asus -- asus_x00ld_3_android_deviceThe Asus ASUS_X00LD_3 Android device with a build fingerprint of asus/WW_Phone/ASUS_X00LD_3:7.1.1/NMF26F/14.0400.1806.203-20180720:user/release-keys contains a pre-installed app with a package name of com.asus.loguploaderproxy app (versionCode=1570000020, versionName=7.0.0.4_170901) that allows other pre-installed apps to perform command execution via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15406
MISC
asus -- asus_x015_1_android_deviceThe Asus ASUS_X015_1 Android device with a build fingerprint of asus/CN_X015/ASUS_X015_1:7.0/NRD90M/CN_X015-14.00.1709.35-20171215:user/release-keys contains a pre-installed app with a package name of com.asus.loguploaderproxy app (versionCode=1570000015, versionName=7.0.0.3_161222) that allows other pre-installed apps to perform command execution via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15407
MISC
asus -- zenfone_3_laser_android_deviceThe Asus ZenFone 3 Laser Android device with a build fingerprint of asus/WW_msm8937/msm8937:7.1.1/NMF26F/WW_32.40.106.114_20180928:user/release-keys contains a pre-installed app with a package name of com.asus.loguploaderproxy app (versionCode=1570000020, versionName=7.0.0.4_170901) that allows other pre-installed apps to perform command execution via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15411
MISC
asus -- zenfone_3_ultra_android_deviceThe Asus ZenFone 3 Ultra Android device with a build fingerprint of asus/WW_Phone/ASUS_A001:7.0/NRD90M/14.1010.1804.75-20180612:user/release-keys contains a pre-installed app with a package name of com.asus.loguploaderproxy app (versionCode=1570000020, versionName=7.0.0.4_170901) that allows other pre-installed apps to perform command execution via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15400
MISC
asus -- zenfone_3_ultra_android_deviceThe Asus ZenFone 3 Ultra Android device with a build fingerprint of asus/WW_Phone/ASUS_A001:7.0/NRD90M/14.1010.1804.75-20180612:user/release-keys contains a pre-installed app with a package name of com.asus.splendidcommandagent app (versionCode=1510200105, versionName=1.2.0.21_180605) that allows other pre-installed apps to perform command execution via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15413
MISC
asus -- zenfone_3s_max_android_deviceThe Asus ZenFone 3s Max Android device with a build fingerprint of asus/IN_X00G/ASUS_X00G_1:7.0/NRD90M/IN_X00G-14.02.1807.33-20180706:user/release-keys contains a pre-installed app with a package name of com.asus.loguploaderproxy app (versionCode=1570000020, versionName=7.0.0.4_170901) that allows other pre-installed apps to perform command execution via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15403
MISC
asus -- zenfone_4_selfie_android_deviceThe Asus ZenFone 4 Selfie Android device with a build fingerprint of asus/WW_Z01M/ASUS_Z01M_1:7.1.1/NMF26F/WW_71.50.395.57_20180913:user/release-keys contains a pre-installed app with a package name of com.asus.loguploaderproxy app (versionCode=1570000020, versionName=7.0.0.4_170901) that allows other pre-installed apps to perform command execution via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15412
MISC
asus -- zenfone_5_lite_android_deviceThe Asus ZenFone 5 Lite Android device with a build fingerprint of asus/WW_Phone/ASUS_X017D_1:7.1.1/NMF26F/14.0400.1810.061-20181107:user/release-keys contains a pre-installed app with a package name of com.asus.loguploaderproxy app (versionCode=1570000020, versionName=7.0.0.4_170901) that allows other pre-installed apps to perform command execution via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15408
MISC
asus -- zenfone_5q_android_deviceThe Asus ZenFone 5Q Android device with a build fingerprint of asus/WW_Phone/ASUS_X017D_2:7.1.1/NGI77B/14.0400.1809.059-20181016:user/release-keys contains a pre-installed app with a package name of com.asus.loguploaderproxy app (versionCode=1570000020, versionName=7.0.0.4_170901) that allows other pre-installed apps to perform command execution via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15409
MISC
asus -- zenfone_ar_android_deviceThe Asus ZenFone AR Android device with a build fingerprint of asus/WW_ASUS_A002/ASUS_A002:7.0/NRD90M/14.1600.1805.51-20180626:user/release-keys contains a pre-installed app with a package name of com.asus.splendidcommandagent app (versionCode=1510200105, versionName=1.2.0.21_180605) that allows other pre-installed apps to perform command execution via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15414
MISC
asus -- zenfone_max_4_android_deviceThe Asus ZenFone Max 4 Android device with a build fingerprint of asus/WW_Phone/ASUS_X00HD_4:7.1.1/NMF26F/14.2016.1712.367-20171225:user/release-keys contains a pre-installed app with a package name of com.asus.loguploaderproxy app (versionCode=1570000020, versionName=7.0.0.4_170901) that allows other pre-installed apps to perform command execution via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15404
MISC
asus -- asus_x015_1_android_deviceThe Asus ASUS_X015_1 Android device with a build fingerprint of asus/CN_X015/ASUS_X015_1:7.0/NRD90M/CN_X015-14.00.1709.35-20171215:user/release-keys contains a pre-installed app with a package name of com.lovelyfont.defcontainer app (versionCode=5, versionName=5.0.1) that allows unauthorized command execution via a confused deputy attack. This capability can be accessed by any app co-located on the device.2019-11-14not yet calculatedCVE-2019-15419
MISC
asus -- rt-ac66u_and_n56u_wireless_routersSymlink Traversal vulnerability in ASUS RT-AC66U and RT-N56U due to misconfiguration in the SMB service.2019-11-13not yet calculatedCVE-2013-4656
MISC
MISC
MISC
asus -- zenfone_3_android_deviceThe Asus ZenFone 3 Android device with a build fingerprint of asus/WW_Phone/ASUS_Z012D:7.0/NRD90M/14.2020.1708.56-20170719:user/release-keys contains a pre-installed app with a package name of com.asus.loguploaderproxy app (versionCode=1570000015, versionName=7.0.0.3_161222) that allows other pre-installed apps to perform command execution via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15396
MISC
asus -- zenfone_3s_max_android_deviceThe Asus ZenFone 3s Max Android device with a build fingerprint of asus/IN_X00G/ASUS_X00G_1:7.0/NRD90M/IN_X00G-14.02.1807.33-20180706:user/release-keys contains a pre-installed app with a package name of com.asus.loguploaderproxy app (versionCode=1570000015, versionName=7.0.0.3_161222) that allows other pre-installed apps to perform command execution via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15395
MISC
asus -- zenfone_4_selfie_android_deviceThe Asus ZenFone 4 Selfie Android device with a build fingerprint of asus/WW_Z01M/ASUS_Z01M_1:7.1.1/NMF26F/WW_user_11.40.208.77_20170922:user/release-keys contains a pre-installed app with a package name of com.asus.loguploaderproxy app (versionCode=1570000015, versionName=7.0.0.3_161222) that allows other pre-installed apps to perform command execution via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15398
MISC
asus -- zenfone_4_selfie_android_deviceThe Asus ZenFone 4 Selfie Android device with a build fingerprint of asus/WW_Phone/ASUS_X00LD_1:8.1.0/OPM1.171019.011/15.0400.1809.405-0:user/release-keys contains a pre-installed app with a package name of com.log.logservice app (versionCode=1, versionName=1) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15391
MISC
asus -- zenfone_4_selfie_android_deviceThe Asus ZenFone 4 Selfie Android device with a build fingerprint of Android/sdm660_64/sdm660_64:8.1.0/OPM1/14.2016.1802.247-20180419:user/release-keys contains a pre-installed app with a package name of com.log.logservice app (versionCode=1, versionName=1) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15392
MISC
asus -- zenfone_5_selfie_android_deviceThe Asus ZenFone 5 Selfie Android device with a build fingerprint of asus/WW_Phone/ASUS_X017D_1:7.1.1/NMF26F/14.0400.1810.061-20181107:user/release-keys contains a pre-installed app with a package name of com.asus.atd.smmitest app (versionCode=1, versionName=1) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device.2019-11-14not yet calculatedCVE-2019-15394
MISC
asus -- zenfone_5q_android_deviceThe Asus ZenFone 5Q Android device with a build fingerprint of asus/WW_Phone/ASUS_X017D_2:7.1.1/NGI77B/14.0400.1809.059-20181016:user/release-keys contains a pre-installed app with a package name of com.asus.loguploaderproxy app (versionCode=1570000020, versionName=7.0.0.4_170901) that allows other pre-installed apps to perform command execution via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15399
MISC
asus -- zenfone_5q_android_deviceThe Asus ZenFone 5Q Android device with a build fingerprint of asus/WW_Phone/ASUS_X017D_2:7.1.1/NGI77B/14.0400.1809.059-20181016:user/release-keys contains a pre-installed app with a package name of com.asus.loguploaderproxy app (versionCode=1570000020, versionName=7.0.0.4_170901) that allows other pre-installed apps to perform command execution via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15410
MISC
asus -- zenfone_live_android_deviceThe Asus ZenFone Live Android device with a build fingerprint of asus/WW_Phone/ASUS_X00LD_3:7.1.1/NMF26F/14.0400.1806.203-20180720:user/release-keys contains a pre-installed app with a package name of com.asus.atd.smmitest app (versionCode=1, versionName=1) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device.2019-11-14not yet calculatedCVE-2019-15393
MISC
asus -- zenfone_max_4_android_deviceThe Asus ZenFone Max 4 Android device with a build fingerprint of asus/WW_Phone/ASUS_X00HD_4:7.1.1/NMF26F/14.2016.1803.373-20180308:user/release-keys contains a pre-installed app with a package name of com.asus.loguploaderproxy app (versionCode=1570000020, versionName=7.0.0.4_170901) that allows other pre-installed apps to perform command execution via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15397
MISC
ax25-tools -- ax25-toolsThe AX.25 daemon (ax25d) in ax25-tools before 0.0.8-13 does not check the return value of a setuid call. The setuid call is responsible for dropping privileges but if the call fails the daemon would continue to run with root privileges which can allow possible privilege escalation.2019-11-15not yet calculatedCVE-2011-2910
MISC
MISC
MISC
blackview -- bv7000_pro_android_deviceThe Blackview BV7000_Pro Android device with a build fingerprint of Blackview/BV7000_Pro/BV7000_Pro:7.0/NRD90M/1493011204:user/release-keys contains a pre-installed app with a package name of com.mediatek.factorymode app (versionCode=1, versionName=1) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device.2019-11-14not yet calculatedCVE-2019-15421
MISC
blackview -- bv9000pro-f_android_deviceThe Blackview BV9000Pro-F Android device with a build fingerprint of Blackview/BV9000Pro-F/BV9000Pro-F:7.1.1/N4F26M/1514363110:user/release-keys contains a pre-installed app with a package name of com.mediatek.factorymode app (versionCode=1, versionName=1) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device.2019-11-14not yet calculatedCVE-2019-15420
MISC
blade -- shadowThe network protocol of Blade Shadow though 2.13.3 allows remote attackers to take control of a Shadow instance and execute arbitrary code by only knowing the victim's IP address, because packet data can be injected into the unencrypted UDP packet stream.2019-11-14not yet calculatedCVE-2019-16110
MISC
bluboo -- bluboo_s1_android_deviceThe Bluboo Bluboo_S1 Android device with a build fingerprint of BLUBOO/Bluboo_S1/Bluboo_S1:7.0/NRD90M/1495809471:user/release-keys contains a pre-installed app with a package name of com.mediatek.factorymode app (versionCode=1, versionName=1) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device.2019-11-14not yet calculatedCVE-2019-15423
MISC
bluboo -- d3_pro_android_deviceThe Bluboo D3 Pro Android device with a build fingerprint of BLUBOO/Bluboo_D2_Pro/Bluboo_D2_Pro:7.0/NRD90M/1510370501:user/release-keys contains a pre-installed app with a package name of com.qiku.cleaner app (versionCode=2, versionName=2.0.0_VER_32516508295515) that allows other pre-installed apps to perform system properties modification via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15430
MISC
bq_mobile -- 5515l_android_deviceThe BQ 5515L Android device with a build fingerprint of BQru/BQru-5515L/BQru-5515L:8.1.0/O11019/20180409.195525:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15381
MISC
cactus-- go-camoInsufficient content type validation of proxied resources in go-camo before 2.1.1 allows a remote attacker to serve arbitrary content from go-camo's origin.2019-11-13not yet calculatedCVE-2019-18923
MISC
CONFIRM
cherry -- flare_s7_android_deviceThe Cherry Flare S7 Android device with a build fingerprint of Cherry_Mobile/Flare_S7_Deluxe/Flare_S7_Deluxe:8.1.0/O11019/1533920920:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15377
MISC
chrony -- chronyChrony before 1.29.1 has traffic amplification in cmdmon protocol2019-11-15not yet calculatedCVE-2014-0021
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
clamav -- clamavClamAV before 0.97.7 has WWPack corrupt heap memory2019-11-15not yet calculatedCVE-2013-7087
MISC
MISC
MISC
MISC
MISC
clamav -- clamavClamAV before 0.97.7 has buffer overflow in the libclamav component2019-11-15not yet calculatedCVE-2013-7088
MISC
MISC
MISC
MISC
MISC
clamav -- clamavClamAV before 0.97.7: dbg_printhex possible information leak2019-11-15not yet calculatedCVE-2013-7089
MISC
MISC
MISC
MISC
consolekit -- consolekitIn ConsoleKit before 0.4.2, an intended security policy restriction bypass was found. This flaw allows an authenticated system user to escalate their privileges by initiating a remote VNC session.2019-11-13not yet calculatedCVE-2010-4664
MISC
MISC
MISC
coolpad -- 1851_android_deviceThe Coolpad 1851 Android device with a build fingerprint of Coolpad/android/android:8.1.0/O11019/1534834761:userdebug/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.1.13). This app contains an exported service named com.lovelyfont.manager.FontCoverService that allows any app co-located on the device to supply arbitrary commands to be executed as the system user. This app cannot be disabled by the user and the attack can be performed by a zero-permission app. In addition to the local attack surface, its accompanying app with a package name of com.ekesoo.lovelyhifonts makes network requests using HTTP and an attacker can perform a Man-in-the-Middle (MITM) attack on the connection to inject a command in a network response that will be executed as the system user by the com.lovelyfont.defcontainer app. Executing commands as the system user can allow a third-party app to video record the user's screen, factory reset the device, obtain the user's notifications, read the logcat logs, inject events in the Graphical User Interface (GUI), and obtains the user's text messages, and more. Executing commands as the system user can allow a third-party app to factory reset the device, obtain the user's notifications, read the logcat logs, inject events in the GUI, change the default Input Method Editor (IME) (e.g., keyboard) with one contained within the attacking app that contains keylogging functionality, and obtains the user's text messages, and more.2019-11-14not yet calculatedCVE-2019-15388
MISC
coolpad -- 1851_android_deviceThe Coolpad 1851 Android device with a build fingerprint of Coolpad/android/android:8.1.0/O11019/1534834761:userdebug/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15368
MISC
coolpad -- 1851_android_deviceThe Coolpad 1851 Android device with a build fingerprint of Coolpad/android/android:8.1.0/O11019/1534834761:userdebug/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15352
MISC
coolpad -- n3c_android_deviceThe Coolpad N3C Android device with a build fingerprint of Coolpad/N3C/N3C:8.1.0/O11019/1538236809:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15353
MISC
crun -- crun
 		An issue was discovered in crun before 0.10.5. With a crafted image, it doesn't correctly check whether a target is a symlink, resulting in access to files outside of the container. This occurs in libcrun/linux.c and libcrun/chroot_realpath.c.2019-11-13not yet calculatedCVE-2019-18837
MISC
CONFIRM
MISC
MISC
cryptocat_project -- cryptocatAn unspecified cross-site scripting (XSS) vulnerability exists in Cryptocat Message Handling 1.1.165.2019-11-14not yet calculatedCVE-2013-4109
MISC
MISC
MISC
MISC
cryptocat_project -- cryptocatA Cross-site scripting (XSS) vulnerability exists in Conversation Overview Nickname in Cryptocat before 2.0.22.2019-11-14not yet calculatedCVE-2013-4106
MISC
MISC
MISC
MISC
cryptocat_project -- cryptocatMultiple unspecified vulnerabilities in Cryptocat Project Cryptocat 2.0.18 have unknown impact and attack vectors.2019-11-14not yet calculatedCVE-2013-4108
MISC
MISC
cubot -- nova_android_deviceThe Cubot Nova Android device with a build fingerprint of CUBOT/CUBOT_NOVA/CUBOT_NOVA:8.1.0/O11019/1527060122:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15382
MISC
cyrus -- imapCyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived over the same connection.2019-11-15not yet calculatedCVE-2019-18928
MISC
MISC
data_plane_development_kit -- data_plane_development_kitA flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhost_user socket, can send specially crafted VRING_SET_NUM messages, resulting in a memory leak including file descriptors. This flaw could lead to a denial of service condition.2019-11-14not yet calculatedCVE-2019-14818
MISC
CONFIRM
dexp -- bl250_android_deviceThe Dexp BL250 Android device with a build fingerprint of DEXP/BL250/BL250:8.1.0/O11019/1530858027:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15364
MISC
dexp -- z250_android_deviceThe Dexp Z250 Android device with a build fingerprint of DEXP/Z250/Z250:8.1.0/O11019/1531130719:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15358
MISC
doogee -- bl5000_android_deviceThe Doogee BL5000 Android device with a build fingerprint of DOOGEE/BL5000/BL5000:7.0/NRD90M/1497072355:user/release-keys contains a pre-installed app with a package name of com.mediatek.factorymode app (versionCode=1, versionName=1) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device.2019-11-14not yet calculatedCVE-2019-15424
MISC
doogee -- mix_android_deviceThe Doogee Mix Android device with a build fingerprint of DOOGEE/MIX/MIX:7.0/NRD90M/1495809471:user/release-keys contains a pre-installed app with a package name of com.mediatek.factorymode app (versionCode=1, versionName=1) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device.2019-11-14not yet calculatedCVE-2019-15422
MISC
drupal -- drupalCross-site scripting (XSS) vulnerability in the zen_breadcrumb function in template.php in the Zen theme 6.x-1.x, 7.x-3.x before 7.x-3.2, and 7.x-5.x before 7.x-5.4 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via the breadcrumb separator field.2019-11-13not yet calculatedCVE-2013-4275
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
drupal -- drupalhook_file_download in the CKEditor module 7.x-1.4 for Drupal does not properly restrict access to private files, which allows remote attackers to read private files via a direct request.2019-11-13not yet calculatedCVE-2011-4972
MISC
MISC
MISC
drupal -- drupalAn access bypass issue was found in Drupal 7.x before version 7.5. If a Drupal site has the ability to attach File upload fields to any entity type in the system or has the ability to point individual File upload fields to the private file directory in comments, and the parent node is denied access, non-privileged users can still download the file attached to the comment if they know or guess its direct URL.2019-11-15not yet calculatedCVE-2011-2726
MISC
MISC
MISC
MISC
MISC
CONFIRM
eclipse -- jettyJetty 6.x before 6.1.22 suffers from an escape sequence injection vulnerability from two different vectors: 1) "Cookie Dump Servlet" and 2) Http Content-Length header. 1) A POST request to the form at "/test/cookie/" with the "Age" parameter set to a string throws a "java.lang.NumberFormatException" which reflects binary characters including ESC. These characters could be used to execute arbitrary commands or buffer dumps in the terminal. 2) The same attack in 1) can be exploited by requesting a page using an HTTP request "Content-Length" header set to a letteral string.2019-11-15not yet calculatedCVE-2009-5047
MISC
MISC
MLIST
edgewall_software -- tracTrac 0.11.6 does not properly check workflow permissions before modifying a ticket. This can be exploited by an attacker to change the status and resolution of tickets without having proper permissions.2019-11-13not yet calculatedCVE-2010-5108
MISC
MISC
MISC
elephone -- a4_android_deviceThe Elephone A4 Android device with a build fingerprint of Elephone/A4/A4:8.1.0/O11019/20180530.143559:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15384
MISC
eq-3 -- homematic_ccu2_and_ccu3_deviceseQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the Script Parser AddOn through 1.8 installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the exec.cgi script, which executes TCL script content from an HTTP POST request.2019-11-14not yet calculatedCVE-2019-18937
MISC
eq-3 -- homematic_ccu2_and_ccu3_deviceseQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the E-Mail AddOn through 1.6.8.c installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the save.cgi script for payload upload and the testtcl.cgi script for its execution.2019-11-14not yet calculatedCVE-2019-18938
MISC
eq-3 -- homematic_ccu2_and_ccu3_deviceseQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the HM-Print AddOn through 1.2a installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the exec.cgi and exec1.cgi scripts, which execute TCL script content from an HTTP POST request.2019-11-14not yet calculatedCVE-2019-18939
MISC
espressif -- esp32An issue was discovered in the Espressif ESP32 mask ROM code 2016-06-08 0 through 2. Lack of anti-glitch mitigations in the first stage bootloader of the ESP32 chip allows an attacker (with physical access to the device) to read the contents of read-protected eFuses, such as flash encryption and secure boot keys, by injecting a glitch into the power supply of the chip shortly after reset.2019-11-14not yet calculatedCVE-2019-17391
CONFIRM
evercross -- u50a_android_deviceThe Evercoss U50A Android device with a build fingerprint of EVERCOSS/U50A./EVERCOSS:7.0/NRD90M/1499911028:eng/test-keys contains a pre-installed app with a package name of com.qiku.cleaner app (versionCode=2, versionName=2.0_VER_2017.04.21_17:55:55) that allows other pre-installed apps to perform system properties modification via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15431
MISC
evercross -- u6_android_deviceThe Evercoss U6 Android device with a build fingerprint of EVERCOSS/U6/U6:7.0/NRD90M/1504236704:user/release-keys contains a pre-installed app with a package name of com.qiku.cleaner app (versionCode=2, versionName=2.0.0_VER_32516486284094) that allows other pre-installed apps to perform system properties modification via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15432
MISC
exhibitor_web_ui -- exhibitor_web_uiAn exploitable command injection vulnerability exists in the Config editor of the Exhibitor Web UI versions 1.0.9 to 1.7.1. Arbitrary shell commands surrounded by backticks or $() can be inserted into the editor and will be executed by the Exhibitor process when it launches ZooKeeper. An attacker can execute any command as the user running the Exhibitor process.2019-11-13not yet calculatedCVE-2019-5029
MISC
f5 -- big-ipOn BIG-IP 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.1, undisclosed HTTP requests may consume excessive amounts of systems resources which may lead to a denial of service.2019-11-15not yet calculatedCVE-2019-6660
MISC
f5 -- big-ipOn version 14.0.0-14.1.0.1, BIG-IP virtual servers with TLSv1.3 enabled may experience a denial of service due to undisclosed incoming messages.2019-11-15not yet calculatedCVE-2019-6659
MISC
f5 -- big-ipOn BIG-IP 15.0.0 and 14.1.0-14.1.0.6, under certain conditions, network protections on the management port do not follow current best practices.2019-11-15not yet calculatedCVE-2019-6664
MISC
f5 -- big-ipOn BIG-IP 13.1.0-13.1.1.4, sensitive information is logged into the local log files and/or remote logging targets when restjavad processes an invalid request. Users with access to the log files would be able to view that data.2019-11-15not yet calculatedCVE-2019-6662
MISC
f5 -- big-ip_apmWhen the BIG-IP APM 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.4.1, or 11.5.1-11.6.5 system processes certain requests, the APD/APMD daemon may consume excessive resources.2019-11-15not yet calculatedCVE-2019-6661
MISC
f5 -- mutilple_productsThe BIG-IP 15.0.0-15.0.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5.1, BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1 configuration utility is vulnerable to Anti DNS Pinning (DNS Rebinding) attack.2019-11-15not yet calculatedCVE-2019-6663
MISC
facebook -- whatsappA stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS or RCE. This affects Android versions prior to 2.19.274, iOS versions prior to 2.19.100, Enterprise Client versions prior to 2.25.3, Business for Android versions prior to 2.19.104 and Business for iOS versions prior to 2.19.100.2019-11-14not yet calculatedCVE-2019-11931
CONFIRM
fly -- photo_pro_android_deviceThe Fly Photo Pro Android device with a build fingerprint of Fly/PhotoPro/Photo_Pro:8.1.0/O11019/1528117003:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15380
MISC
fuji_electric -- v-serverIn Fuji Electric V-Server 4.0.6 and prior, several heap-based buffer overflows have been identified, which may allow an attacker to remotely execute arbitrary code.2019-11-13not yet calculatedCVE-2019-18240
MISC
gksu-polkit -- gksu-polkitIn gksu-polkit before 0.0.3, the source file for xauth may contain arbitrary commands that may allow an attacker to overtake an administrator X11 session.2019-11-15not yet calculatedCVE-2011-0703
MISC
MISC
gnu -- fribidiA buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allows an attacker to cause a denial of service or possibly execute arbitrary code by delivering crafted text content to a user, when this content is then rendered by an application that uses FriBidi for text layout calculations. Examples include any GNOME or GTK+ based application that uses Pango for text layout, as this internally uses FriBidi for bidirectional text layout. For example, the attacker can construct a crafted text file to be opened in GEdit, or a crafted IRC message to be viewed in HexChat.2019-11-13not yet calculatedCVE-2019-18397
CONFIRM
MISC
MISC
MISC
haier -- a6_android_deviceThe Haier A6 Android device with a build fingerprint of Haier/A6/A6:8.1.0/O11019/1534219877:userdebug/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15359
MISC
haier -- a6_android_deviceThe Haier A6 Android device with a build fingerprint of Haier/A6/A6:8.1.0/O11019/1534219877:userdebug/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.1.13). This app contains an exported service named com.lovelyfont.manager.FontCoverService that allows any app co-located on the device to supply arbitrary commands to be executed as the system user. This app cannot be disabled by the user and the attack can be performed by a zero-permission app. In addition to the local attack surface, its accompanying app with a package name of com.ekesoo.lovelyhifonts makes network requests using HTTP and an attacker can perform a Man-in-the-Middle (MITM) attack on the connection to inject a command in a network response that will be executed as the system user by the com.lovelyfont.defcontainer app. Executing commands as the system user can allow a third-party app to video record the user's screen, factory reset the device, obtain the user's notifications, read the logcat logs, inject events in the Graphical User Interface (GUI), and obtains the user's text messages, and more. Executing commands as the system user can allow a third-party app to factory reset the device, obtain the user's notifications, read the logcat logs, inject events in the GUI, change the default Input Method Editor (IME) (e.g., keyboard) with one contained within the attacking app that contains keylogging functionality, and obtains the user's text messages, and more.2019-11-14not yet calculatedCVE-2019-15389
MISC
haier -- g8_android_deviceThe Haier G8 Android device with a build fingerprint of Haier/HM-G559-FL/G8:8.1.0/O11019/1522294799:user/release-keys contains a pre-installed app with a package name of com.qiku.service.container app (versionCode=5, versionName=1.03.00_VER_32525983298984) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15390
MISC
haier -- g8_android_deviceThe Haier G8 Android device with a build fingerprint of Haier/HM-G559-FL/G8:8.1.0/O11019/1522294799:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15375
MISC
haier -- g8_android_deviceThe Haier G8 Android device with a build fingerprint of Haier/HM-G559-FL/G8:8.1.0/O11019/1526527761:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15370
MISC
haier -- p10_android_deviceThe Haier P10 Android device with a build fingerprint of Haier/P10/P10:8.1.0/O11019/1532662449:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15367
MISC
hisense -- f17_android_deviceThe Hisense F17 Android device with a build fingerprint of Hisense/F17_4G/HS6739MT:8.1.0/O11019/Hisense_F17_4G_00_S01:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15372
MISC
hisense -- u965_android_deviceThe Hisense U965 Android device with a build fingerprint of Hisense/U965_4G_10/HS6739MT:8.1.0/O11019/Hisense_U965_4G_10_S01:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15360
MISC
hitachi -- command_suiteA vulnerability in Hitachi Command Suite 7.x and 8.x before 8.7.0-00 allows an unauthenticated remote user to trigger a denial of service (DoS) condition because of Uncontrolled Resource Consumption.2019-11-12not yet calculatedCVE-2019-17360
MISC
CONFIRM
huawei -- p30_smartphonesP30 smart phones with versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1) have an integer overflow vulnerability due to insufficient check on specific parameters. An attacker tricks the user into installing a malicious application, obtains the root permission and constructs specific parameters to the camera program to exploit this vulnerability. Successful exploit could cause the program to break down or allow for arbitrary code execution.2019-11-13not yet calculatedCVE-2019-5288
MISC
huawei -- p30_smartphones
 		P30 smart phones with versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1) have an integer overflow vulnerability due to insufficient check on specific parameters. An attacker tricks the user into installing a malicious application, obtains the root permission and constructs specific parameters to the camera program to exploit this vulnerability. Successful exploit could cause the program to break down or allow for arbitrary code execution.2019-11-13not yet calculatedCVE-2019-5287
MISC
huawei-- harry-al00c_smartphonesSome Huawei smart phones with versions earlier than Harry-AL00C 9.1.0.206(C00E205R3P1) have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal.2019-11-12not yet calculatedCVE-2017-17224
CONFIRM
MISC
huawei -- emily-l29c_smartphonesHuawei smart phones Emily-L29C with Versions earlier than 9.1.0.311(C10E2R1P13T8), Versions earlier than 9.1.0.311(C461E2R1P11T8), Versions earlier than 9.1.0.316(C635E2R1P11T8), Versions earlier than 9.1.0.311(C185E2R1P12T8), Versions earlier than 9.1.0.311(C605E2R1P12T8), Versions earlier than 9.1.0.311(C636E7R1P13T8) have an information leakage vulnerability. An attacker tricks the user into installing a malicious application, which can copy specific files to the sdcard, resulting in information leakage.2019-11-13not yet calculatedCVE-2019-5279
MISC
infinix -- note_5_android_deviceThe Infinix Note 5 Android device with a build fingerprint of Infinix/H633B/Infinix-X604_sprout:8.1.0/O11019/L-IN-180206V64:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15385
MISC
infinix -- note_5_android_deviceThe Infinix Note 5 Android device with a build fingerprint of Infinix/H633IJL/Infinix-X604_sprout:8.1.0/O11019/IJL-180531V181:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15366
MISC
infinix -- note_5_android_deviceThe Infinix Note 5 Android device with a build fingerprint of Infinix/H632C/Infinix-X605_sprout:8.1.0/O11019/CE-180914V59:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15361
MISC
intel -- multiple_processorsTSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.2019-11-14not yet calculatedCVE-2019-11135
CONFIRM
MISC
intel -- nuvoton_consumer_infrared_driverImproper permissions in the installer for the Nuvoton* CIR Driver versions 1.02.1002 and before may allow an authenticated user to potentially enable escalation of privilege via local access.2019-11-14not yet calculatedCVE-2019-14602
MISC
intel -- baseboard_management_controller_firmwareInsufficient access control in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure via network access.2019-11-14not yet calculatedCVE-2019-11174
MISC
intel -- baseboard_management_controller_firmwareInsufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an authenticated user to potentially enable information disclosure via network access.2019-11-14not yet calculatedCVE-2019-11179
MISC
intel -- baseboard_management_controller_firmwareMemory corruption in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access.2019-11-14not yet calculatedCVE-2019-11182
MISC
intel -- baseboard_management_controller_firmwareAuthentication bypass in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, escalation of privilege and/or denial of service via local access.2019-11-14not yet calculatedCVE-2019-11170
MISC
intel -- baseboard_management_controller_firmwareStack overflow in Intel(R) Baseboard Management Controller firmware may allow an authenticated user to potentially enable information disclosure and/or denial of service via network access.2019-11-14not yet calculatedCVE-2019-11178
MISC
intel -- baseboard_management_controller_firmwareInsufficient session validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via local access.2019-11-14not yet calculatedCVE-2019-11173
MISC
intel -- baseboard_management_controller_firmwareOut of bound read in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure via network access.2019-11-14not yet calculatedCVE-2019-11172
MISC
intel -- baseboard_management_controller_firmwareInsufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access.2019-11-14not yet calculatedCVE-2019-11180
MISC
intel -- baseboard_management_controller_firmwareUnhandled exception in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access.2019-11-14not yet calculatedCVE-2019-11177
MISC
intel -- baseboard_management_controller_firmwareInsufficient session validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via network access.2019-11-14not yet calculatedCVE-2019-11168
CONFIRM
MISC
intel -- baseboard_management_controller_firmwareHeap corruption in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, escalation of privilege and/or denial of service via network access.2019-11-14not yet calculatedCVE-2019-11171
MISC
intel -- baseboard_management_controller_firmwareOut of bound read in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable escalation of privilege via network access.2019-11-14not yet calculatedCVE-2019-11181
MISC
intel -- baseboard_management_controller_firmwareInsufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access.2019-11-14not yet calculatedCVE-2019-11175
MISC
intel -- core_processors_and_xeon_processorsInsufficient memory protection in Intel(R) TXT for certain Intel(R) Core Processors and Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.2019-11-14not yet calculatedCVE-2019-0151
MISC
intel -- ethernet_700_series_controllersInsufficient access control in ilp60x64.sys driver for Intel(R) Ethernet 700 Series Controllers before version 1.33.0.0 may allow a privileged user to potentially enable escalation of privilege via local access.2019-11-14not yet calculatedCVE-2019-0142
MISC
intel -- ethernet_700_series_controllersResource leak in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 2.8.43 may allow an authenticated user to potentially enable a denial of service via local access.2019-11-14not yet calculatedCVE-2019-0146
MISC
intel -- ethernet_700_series_controllersBuffer overflow in firmware for Intel(R) Ethernet 700 Series Controllers before version 7.0 may allow an unauthenticated user to potentially enable an escalation of privilege via an adjacent access.2019-11-14not yet calculatedCVE-2019-0140
MISC
intel -- ethernet_700_series_controllersInsufficient access control in firmware for Intel(R) Ethernet 700 Series Controllers before version 7.0 may allow a privileged user to potentially enable an escalation of privilege, denial of service, or information disclosure via local access.2019-11-14not yet calculatedCVE-2019-0139
MISC
intel -- ethernet_700_series_controllersBuffer overflow in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable an escalation of privilege via local access.2019-11-14not yet calculatedCVE-2019-0145
MISC
intel -- ethernet_700_series_controllersUnhandled exception in firmware for Intel(R) Ethernet 700 Series Controllers before version 7.0 may allow an authenticated user to potentially enable a denial of service via local access.2019-11-14not yet calculatedCVE-2019-0144
MISC
intel -- ethernet_700_series_controllersUnhandled exception in Kernel-mode drivers for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access.2019-11-14not yet calculatedCVE-2019-0143
MISC
intel -- ethernet_700_series_controllersResource leak in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access.2019-11-14not yet calculatedCVE-2019-0148
MISC
intel -- ethernet_700_series_controllersInsufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access.2019-11-14not yet calculatedCVE-2019-0147
MISC
intel -- ethernet_700_series_controllersInsufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 2.8.43 may allow an authenticated user to potentially enable a denial of service via local access.2019-11-14not yet calculatedCVE-2019-0149
MISC
intel -- ethernet_700_series_controllersInsufficient access control in firmware Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow a privileged user to potentially enable a denial of service via local access.2019-11-14not yet calculatedCVE-2019-0150
MISC
intel -- graphics_driverPointer corruption in the Unified Shader Compiler in Intel(R) Graphics Drivers before 10.18.14.5074 (aka 15.36.x.5074) may allow an authenticated user to potentially enable escalation of privilege via local access.2019-11-14not yet calculatedCVE-2019-11111
MISC
intel -- graphics_driverInsufficient input validation in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6519 may allow an authenticated user to potentially enable denial of service via local access.2019-11-14not yet calculatedCVE-2019-11089
MISC
intel -- graphics_driverImproper access control in the API for the Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable information disclosure via local access.2019-11-14not yet calculatedCVE-2019-14590
MISC
intel -- graphics_driverOut of bounds read in a subsystem for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access.2019-11-14not yet calculatedCVE-2019-14574
MISC
intel -- graphics_driverImproper input validation in the API for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access.2019-11-14not yet calculatedCVE-2019-14591
MISC
intel -- graphics_driverBuffer overflow in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6618 (DCH) or 21.20.x.5077 (aka15.45.5077) may allow a privileged user to potentially enable information disclosure via local access.2019-11-14not yet calculatedCVE-2019-11113
MISC
intel -- graphics_driverMemory corruption in Kernel Mode Driver in Intel(R) Graphics Driver before 26.20.100.6813 (DCH) or 26.20.100.6812 may allow an authenticated user to potentially enable escalation of privilege via local access.2019-11-14not yet calculatedCVE-2019-11112
MISC
intel -- multiple_core_and_xeon_processorsInsufficient access control in protected memory subsystem for Intel(R) SGX for 6th, 7th, 8th, 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Xeon(R) Processor E3-1500 v5, v6 Families; Intel(R) Xeon(R) E-2100 & E-2200 Processor Families with Intel(R) Processor Graphics may allow a privileged user to potentially enable information disclosure via local access.2019-11-14not yet calculatedCVE-2019-0117
MISC
intel -- multiple_core_and_xeon_processorsInsufficient access control in protected memory subsystem for SMM for 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor families; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 families; Intel(R) Xeon(R) E-2100 and E-2200 Processor families with Intel(R) Processor Graphics may allow a privileged user to potentially enable information disclosure via local access.2019-11-14not yet calculatedCVE-2019-0185
MISC
intel -- multiple_core_and_xeon_processorsInsufficient memory protection in Intel(R) 6th Generation Core Processors and greater, supporting TXT, may allow a privileged user to potentially enable escalation of privilege via local access.2019-11-14not yet calculatedCVE-2019-0124
MISC
intel -- multiple_core_and_xeon_processorsInsufficient memory protection in Intel(R) 6th Generation Core Processors and greater, supporting SGX, may allow a privileged user to potentially enable escalation of privilege via local access.2019-11-14not yet calculatedCVE-2019-0123
MISC
intel -- multiple_core_and_xeon_processorsInsufficient access control in protected memory subsystem for Intel(R) TXT for 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 Families; Intel(R) Xeon(R) E-2100 and E-2200 Processor Families with Intel(R) Processor Graphics and Intel(R) TXT may allow a privileged user to potentially enable information disclosure via local access.2019-11-14not yet calculatedCVE-2019-0184
MISC
intel -- multiple_processorsImproper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.2019-11-14not yet calculatedCVE-2018-12207
MISC
intel -- multiple_processorsInsufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families; Intel(R) Graphics Driver for Windows before 26.20.100.6813 (DCH) or 26.20.100.6812 and before 21.20.x.5077 (aka15.45.5077), i915 Linux Driver for Intel(R) Processor Graphics before versions 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 may allow an authenticated user to potentially enable escalation of privilege via local access.2019-11-14not yet calculatedCVE-2019-0155
REDHAT
REDHAT
REDHAT
MISC
intel -- multiple_processorsInsufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 and E-2100 Processor Families may allow an authenticated user to potentially enable denial of service via local access.2019-11-14not yet calculatedCVE-2019-0154
MISC
intel -- multiple_xeon_processorsInsufficient access control in system firmware for Intel(R) Xeon(R) Scalable Processors, 2nd Generation Intel(R) Xeon(R) Scalable Processors and Intel(R) Xeon(R) Processors D Family may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.2019-11-14not yet calculatedCVE-2019-11136
MISC
intel -- proset/wireless_wifi_softwareMemory corruption issues in Intel(R) PROSet/Wireless WiFi Software extension DLL before version 21.40 may allow an authenticated user to potentially enable escalation of privilege, information disclosure and a denial of service via local access.2019-11-14not yet calculatedCVE-2019-11153
MISC
intel -- proset/wireless_wifi_softwareImproper directory permissions in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may allow an authenticated user to potentially enable denial of service and information disclosure via local access.2019-11-14not yet calculatedCVE-2019-11155
MISC
intel -- proset/wireless_wifi_softwareImproper directory permissions in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may allow an authenticated user to potentially enable denial of service and information disclosure via local access.2019-11-14not yet calculatedCVE-2019-11154
MISC
intel -- proset/wireless_wifi_softwareLogic errors in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may allow an authenticated user to potentially enable escalation of privilege, denial of service, and information disclosure via local access.2019-11-14not yet calculatedCVE-2019-11156
MISC
intel -- software_guard_extensions_sdkInsufficient initialization in Intel(R) SGX SDK Windows versions 2.4.100.51291 and earlier, and Linux versions 2.6.100.51363 and earlier, may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local access.2019-11-14not yet calculatedCVE-2019-14565
MISC
intel -- software_guard_extensions_sdkInsufficient input validation in Intel(R) SGX SDK multiple Linux and Windows versions may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local access.2019-11-14not yet calculatedCVE-2019-14566
MISC
intel -- wifi_driversMemory corruption issues in Intel(R) WIFI Drivers before version 21.40 may allow a privileged user to potentially enable escalation of privilege, denial of service, and information disclosure via local access.2019-11-14not yet calculatedCVE-2019-11151
MISC
intel -- wifi_driversMemory corruption issues in Intel(R) WIFI Drivers before version 21.40 may allow a privileged user to potentially enable escalation of privilege, denial of service, and information disclosure via adjacent access.2019-11-14not yet calculatedCVE-2019-11152
MISC
intel -- xeon_processorsInsufficient memory protection in System Management Mode (SMM) and Intel(R) TXT for certain Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.2019-11-14not yet calculatedCVE-2019-0152
MISC
intel -- xeon_processors_and_atom_processorsInsufficient input validation in system firmware for Intel(R) Xeon(R) Scalable Processors, Intel(R) Xeon(R) Processors D Family, Intel(R) Xeon(R) Processors E5 v4 Family, Intel(R) Xeon(R) Processors E7 v4 Family and Intel(R) Atom(R) processor C Series may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.2019-11-14not yet calculatedCVE-2019-11137
MISC
intel -- xeon_scalable_processorsImproper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access.2019-11-14not yet calculatedCVE-2019-11139
MISC
joomla! -- joomla!views/upload.php in the ProJoom Smart Flash Header (NovaSFH) component 3.0.2 and earlier for Joomla! allows remote attackers to upload and execute arbitrary files via a crafted (1) dest parameter and (2) arbitrary extension in the Filename parameter.2019-11-13not yet calculatedCVE-2014-1214
MISC
MISC
kata -- m4s_android_deviceThe Kata M4s Android device with a build fingerprint of alps/full_hct6750_66_n/hct6750_66_n:7.0/NRD90M/1495624556:user/test-keys contains a pre-installed app with a package name of com.mediatek.factorymode app (versionCode=1, versionName=1) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device.2019-11-14not yet calculatedCVE-2019-15425
MISC
klibc -- klibcIn klibc 1.5.20 and 1.5.21, the DHCP options written by ipconfig to /tmp/net-$DEVICE.conf are not properly escaped. This may allow a remote attacker to send a specially crafted DHCP reply which could execute arbitrary code with the privileges of any process which sources DHCP options.2019-11-14not yet calculatedCVE-2011-1930
MISC
MISC
MISC
MISC
MISC
lava -- flair_z1_android_deviceThe Lava Flair Z1 Android device with a build fingerprint of LAVA/Z1/Z1:8.1.0/O11019/1536680131:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15356
MISC
lava -- flair_z1_android_deviceThe Lava Flair Z1 Android device with a build fingerprint of LAVA/Z1/Z1:8.1.0/O11019/1536680131:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app (versionCode=400, versionName=v4.0.27) that allows any app co-located on the device to programmatically disable and enable Wi-Fi without the corresponding access permission through an exported interface.2019-11-14not yet calculatedCVE-2019-15333
MISC
lava -- iris_88_go_android_deviceThe Lava Iris 88 Go Android device with a build fingerprint of LAVA/iris88_go/iris88_go:8.1.0/O11019/1538188945:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15362
MISC
lava -- iris_88_go_android_deviceThe Lava Iris 88 Go Android device with a build fingerprint of LAVA/iris88_go/iris88_go:8.1.0/O11019/1538188945:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app (versionCode=400, versionName=v4.0.27) that allows any app co-located on the device to programmatically disable and enable Wi-Fi without the corresponding access permission through an exported interface.2019-11-14not yet calculatedCVE-2019-15334
MISC
lava -- iris_88_lite_android_deviceThe Lava Iris 88 Lite Android device with a build fingerprint of LAVA/iris88_lite/iris88_lite:8.1.0/O11019/1536323070:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15374
MISC
lava -- iris_88_lite_android_deviceThe Lava Iris 88 Lite Android device with a build fingerprint of LAVA/iris88_lite/iris88_lite:8.1.0/O11019/1536323070:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app (versionCode=400, versionName=v4.0.27) that allows any app co-located on the device to programmatically disable and enable Wi-Fi without the corresponding access permission through an exported interface.2019-11-14not yet calculatedCVE-2019-15338
MISC
lava -- z60s_android_deviceThe Lava Z60s Android device with a build fingerprint of LAVA/Z60s/Z60s:8.1.0/O11019/1530331229:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15386
MISC
lava -- z60s_android_deviceThe Lava Z60s Android device with a build fingerprint of LAVA/Z60s/Z60s:8.1.0/O11019/1530331229:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app (versionCode=400, versionName=v4.0.27) that allows any app co-located on the device to programmatically disable and enable Wi-Fi without the corresponding access permission through an exported interface.2019-11-14not yet calculatedCVE-2019-15339
MISC
lava -- z61_android_deviceThe Lava Z61 Android device with a build fingerprint of LAVA/Z61_2GB/Z61_2GB:8.1.0/O11019/1533889281:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app (versionCode=400, versionName=v4.0.27) that allows any app co-located on the device to programmatically disable and enable Wi-Fi without the corresponding access permission through an exported interface.2019-11-14not yet calculatedCVE-2019-15332
MISC
lava -- z61_turbo_android_deviceThe Lava Z61 Turbo Android device with a build fingerprint of LAVA/Z61_Turbo/Z61_Turbo:8.1.0/O11019/1536917928:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15369
MISC
lava -- z61_turbo_android_deviceThe Lava Z61 Turbo Android device with a build fingerprint of LAVA/Z61_Turbo/Z61_Turbo:8.1.0/O11019/1536917928:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app (versionCode=400, versionName=v4.0.31) that allows any app co-located on the device to programmatically disable and enable Wi-Fi without the corresponding access permission through an exported interface.2019-11-14not yet calculatedCVE-2019-15336
MISC
lava -- z81_android_deviceThe Lava Z81 Android device with a build fingerprint of LAVA/Z81/Z81:8.1.0/O11019/1532317309:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app (versionCode=400, versionName=v4.0.31) that allows any app co-located on the device to programmatically disable and enable Wi-Fi without the corresponding access permission through an exported interface.2019-11-14not yet calculatedCVE-2019-15337
MISC
lava -- z92_android_deviceThe Lava Z92 Android device with a build fingerprint of LAVA/Z92/Z92:8.1.0/O11019/1535088037:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app (versionCode=400, versionName=v4.0.27) that allows any app co-located on the device to programmatically disable and enable Wi-Fi without the corresponding access permission through an exported interface.2019-11-14not yet calculatedCVE-2019-15335
MISC
lava -- z92_android_deviceThe Lava Z92 Android device with a build fingerprint of LAVA/Z92/Z92:8.1.0/O11019/1535088037:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15365
MISC
leagoo -- power_5_android_deviceThe Leagoo Power 5 Android device with a build fingerprint of LEAGOO/Power_5/Power_5:8.1.0/O11019/1532686195:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15363
MISC
lenovo -- thinkpad_t460pThe BIOS tamper detection mechanism was not triggered in Lenovo ThinkPad T460p, BIOS versions up to R07ET90W, and T470p, BIOS versions up to R0FET50W, which may allow for unauthorized access.2019-11-12not yet calculatedCVE-2019-6188
MISC
limnoria -- limnoriaEval injection in the Math plugin of Limnoria (before 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands.2019-11-16not yet calculatedCVE-2019-19010
MISC
MISC
linux -- linux_kernelfs/btrfs/volumes.c in the Linux kernel before 5.1 allows a btrfs_verify_dev_extents NULL pointer dereference via a crafted btrfs image because fs_devices->devices is mishandled within find_device, aka CID-09ba3bc9dd15.2019-11-14not yet calculatedCVE-2019-18885
MISC
MISC
MISC
marvell -- 88w8688_wi-fi_firmwareAn issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A stack overflow could lead to denial of service or arbitrary code execution.2019-11-15not yet calculatedCVE-2019-13582
CONFIRM
marvell -- 88w8688_wi-fi_firmwareAn issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A heap-based buffer overflow allows remote attackers to cause a denial of service or execute arbitrary code via malformed Wi-Fi packets.2019-11-15not yet calculatedCVE-2019-13581
CONFIRM
mcafee -- data_loss_preventionUnprotected Transport of Credentials in ePO extension in McAfee Data Loss Prevention 11.x prior to 11.4.0 allows remote attackers with access to the network to collect login details to the LDAP server via the ePO extension not using a secure connection when testing LDAP connectivity.2019-11-14not yet calculatedCVE-2019-3640
CONFIRM
mcafee -- total_protectionA Privilege Escalation vulnerability in the Microsoft Windows client in McAfee Total Protection 16.0.R22 and earlier allows administrators to execute arbitrary code via carefully placing malicious files in specific locations protected by administrator permission.2019-11-13not yet calculatedCVE-2019-3648
CONFIRM
mediawiki -- mediawikiAn issue was discovered in the AbuseFilter extension through 1.34 for MediaWiki. Once a specific abuse filter has (accidentally or otherwise) been made public, its previous versions can be exposed, thus potentially disclosing private or sensitive information within the filter's definition.2019-11-15not yet calculatedCVE-2019-18987
MISC
MISC
MISC
microsoft -- visual_studio_2017_and_2019An elevation of privilege vulnerability exists when Visual Studio fails to properly validate hardlinks while extracting archived files, aka 'Visual Studio Elevation of Privilege Vulnerability'.2019-11-12not yet calculatedCVE-2019-1425
MISC
mitsubishi_electric -- multiple_productsIn Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial number 21081 and prior, Q04/06/13/26UDPVCPU: serial number 21081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 21081 and prior, MELSEC-L Series L02/06/26CPU, L26CPU-BT: serial number 21101 and prior, L02/06/26CPU-P, L26CPU-PBT: serial number 21101 and prior, and L02/06/26CPU-CM, L26CPU-BT-CM: serial number 21101 and prior, a remote attacker can cause the FTP service to enter a denial-of-service condition dependent on the timing at which a remote attacker connects to the FTP server on the above CPU modules.2019-11-13not yet calculatedCVE-2019-13555
MISC
moodle -- moodleMoodle before 2.2.2 has Personal information disclosure, when administrative setting users name display is set to first name only full names are shown in page breadcrumbs.2019-11-14not yet calculatedCVE-2012-1169
MISC
MISC
MISC
MISC
MISC
MISC
MISC
CONFIRM
MISC
moodle -- moodleMoodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified.2019-11-14not yet calculatedCVE-2012-1168
MISC
MISC
MISC
MISC
MISC
MISC
MISC
CONFIRM
MISC
moodle -- moodleMoodle before 2.2.2 has a course information leak in gradebook where users are able to see hidden grade items in export2019-11-14not yet calculatedCVE-2012-1158
MISC
MISC
MISC
MISC
MISC
MISC
MISC
CONFIRM
MISC
moodle -- moodleMoodle before 2.2.2 has a default repository capabilities issue where all repositories are viewable by all users by default2019-11-14not yet calculatedCVE-2012-1157
MISC
MISC
MISC
MISC
MISC
MISC
MISC
CONFIRM
MISC
moodle -- moodleMoodle before 2.2.2 has users' private files included in course backups2019-11-14not yet calculatedCVE-2012-1156
MISC
MISC
MISC
MISC
MISC
MISC
MISC
CONFIRM
MISC
moodle -- moodleMoodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to2019-11-14not yet calculatedCVE-2012-1155
MISC
MISC
MISC
MISC
MISC
MISC
MISC
CONFIRM
MISC
moodle -- moodleMoodle before 2.2.2 has a permission issue in Forum Subscriptions where unenrolled users can subscribe/unsubscribe via mod/forum/index.php2019-11-14not yet calculatedCVE-2012-1160
MISC
MISC
MISC
MISC
MISC
MISC
MISC
CONFIRM
MISC
netease -- pomeloPomelo v2.2.5 allows external control of critical state data. A malicious user input can corrupt arbitrary methods and attributes in template/game-server/app/servers/connector/handler/entryHandler.js because certain internal attributes can be overwritten via a conflicting name. Hence, a malicious attacker can manipulate internal attributes by adding additional attributes to user input.2019-11-14not yet calculatedCVE-2019-18954
MISC
MISC
netgear -- wndr4700_centria_firmwareA Symlink Traversal vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34.2019-11-14not yet calculatedCVE-2013-3073
CONFIRM
MISC
MISC
MISC
MISC
MISC
netgear -- wndr4700_centria_firmwareAn Authentication Bypass vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34 in http://<router_ip>/apply.cgi?/hdd_usr_setup.htm that when visited by any user, authenticated or not, causes the router to no longer require a password to access the web administration portal.2019-11-14not yet calculatedCVE-2013-3072
CONFIRM
MISC
MISC
MISC
netgear -- wndr4700_firmwareAn Information Disclosure vulnerability exists in Netgear WNDR4700 running firmware 1.0.0.34 in the management web interface, which discloses the PSK of the wireless LAN.2019-11-14not yet calculatedCVE-2013-3070
CONFIRM
MISC
MISC
MISC
MISC
netgear -- wnr3500u_and_wnr3500l_routersNETGEAR WNR3500U and WNR3500L routers uses form tokens abased solely on router's current date and time, which allows attackers to guess the CSRF tokens.2019-11-13not yet calculatedCVE-2013-3516
MISC
MISC
MISC
netgear -- wnr3500u_and_wnr3500l_wireless_routersSymlink Traversal vulnerability in NETGEAR WNR3500U and WNR3500L due to misconfiguration in the SMB service.2019-11-13not yet calculatedCVE-2013-4657
MISC
nss -- nss
 		Null pointer dereference vulnerability exists in K11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime in NSS before 3.26, which causes the TLS/SSL server using NSS to crash.2019-11-15not yet calculatedCVE-2016-5285
MISC
MISC
MISC
MISC
MISC
MISC
MISC
panasonic -- eluga_i9_android_deviceThe Panasonic ELUGA_I9 Android device with a build fingerprint of Panasonic/ELUGA_I9/ELUGA_I9:7.0/NRD90M/1501740649:user/release-keys contains a pre-installed app with a package name of com.ovvi.modem app (versionCode=1, versionName=1) that allows unauthorized attacker-controlled at command via a confused deputy attack. This capability can be accessed by any app co-located on the device.2019-11-14not yet calculatedCVE-2019-15429
MISC
panasonic -- eluga_ray_530_android_deviceThe Panasonic Eluga Ray 530 Android device with a build fingerprint of Panasonic/ELUGA_Ray_530/ELUGA_Ray_530:8.1.0/O11019/1531828974:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15376
MISC
panasonic -- eluga_ray_600_android_deviceThe Panasonic Eluga Ray 600 Android device with a build fingerprint of Panasonic/ELUGA_Ray_600/ELUGA_Ray_600:8.1.0/O11019/1532692680:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15378
MISC
perdition -- perditionPerdition before 2.2 may have weak security when handling outbound connections, caused by an error in the STARTTLS IMAP and POP server. ssl_outgoing_ciphers not being applied to STARTTLS connections2019-11-15not yet calculatedCVE-2013-4584
MISC
MISC
MISC
MISC
MISC
php -- phpPHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output.2019-11-13not yet calculatedCVE-2010-4657
MISC
MISC
MISC
MISC
pimcore -- pimcorePimcore before 6.2.2 lacks an Access Denied outcome for a certain scenario of an incorrect recipient ID of a notification.2019-11-15not yet calculatedCVE-2019-18981
MISC
MISC
pimcore -- pimcorebundles/AdminBundle/Controller/Admin/EmailController.php in Pimcore before 6.3.0 allows script execution in the Email Log preview window because of the lack of a Content-Security-Policy header.2019-11-15not yet calculatedCVE-2019-18982
MISC
MISC
pimcore -- pimcorePimcore before 6.2.2 lacks brute force protection for the 2FA token.2019-11-15not yet calculatedCVE-2019-18985
MISC
MISC
pimcore -- pimcorePimcore before 6.2.2 allow attackers to brute-force (guess) valid usernames by using the 'forgot password' functionality as it returns distinct messages for invalid password and non-existing users.2019-11-15not yet calculatedCVE-2019-18986
MISC
MISC
pithos -- pithospithos before 0.3.5 allows overwrite of arbitrary files via symlinks.2019-11-13not yet calculatedCVE-2010-4817
MISC
MISC
MISC
MISC
MISC
poppler -- popplerAn integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts.2019-11-13not yet calculatedCVE-2010-4653
MISC
MISC
MISC
MISC
MISC
poppler -- popplerpoppler before 0.16.3 has malformed commands that may cause corruption of the internal stack.2019-11-13not yet calculatedCVE-2010-4654
MISC
MISC
MISC
MISC
project_acrn -- acrn_hypervisor
 		The Device Model in ACRN before 2019w25.5-140000p relies on assert calls in devicemodel/hw/pci/core.c and devicemodel/include/pci_core.h (instead of other mechanisms for propagating error information or diagnostic information), which might allow attackers to cause a denial of service (assertion failure) within pci core.2019-11-13not yet calculatedCVE-2019-18844
MISC
MISC
MISC
MISC
MISC
qtnx -- qtnxqtnx 0.9 stores non-custom SSH keys in a world-readable configuration file. If a user has a world-readable or world-executable home directory, another local system user could obtain the private key used to connect to remote NX sessions.2019-11-15not yet calculatedCVE-2011-2916
MISC
MISC
MISC
rack_cors_gem_for_ruby_on_rails -- rack_cors_gem_for_ruby_on_railsAn issue was discovered in the rack-cors (aka Rack CORS Middleware) gem before 1.0.4 for Ruby. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format.2019-11-14not yet calculatedCVE-2019-18978
MISC
MISC
red_hat -- openshiftOpenShift: Install script has temporary file creation vulnerability which can result in arbitrary code execution2019-11-15not yet calculatedCVE-2014-0023
MISC
MISC
rise -- ultimate_project_managerindex.php/team_members/add_team_member in RISE Ultimate Project Manager 2.3 has CSRF for adding authorized users.2019-11-13not yet calculatedCVE-2019-18884
MISC
MISC
rsyslog -- rsyslogA memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled. A local attacker could use this flaw to cause a denial of the rsyslogd daemon service by crashing the service via a sequence of repeated log messages sent within short periods of time.2019-11-14not yet calculatedCVE-2011-1488
MISC
MISC
MISC
MISC
rsyslog -- rsyslogA memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset.2019-11-14not yet calculatedCVE-2011-1489
MISC
MISC
MISC
MISC
rsyslog -- rsyslogA memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset2019-11-14not yet calculatedCVE-2011-1490
MISC
MISC
MISC
MISC
samsung -- a3_android_deviceThe Samsung A3 Android device with a build fingerprint of samsung/a3y17ltedx/a3y17lte:8.0.0/R16NW/A320YDXU4CSB3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15433
MISC
samsung -- a5_android_deviceThe Samsung A5 Android device with a build fingerprint of samsung/a5y17ltexx/a5y17lte:8.0.0/R16NW/A520FXXS8CSC5:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15434
MISC
samsung -- a7_android_deviceThe Samsung A7 Android device with a build fingerprint of samsung/a7y17ltexx/a7y17lte:8.0.0/R16NW/A720FXXU7CSC2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15435
MISC
samsung -- a8+_android_deviceThe Samsung A8+ Android device with a build fingerprint of samsung/jackpot2ltexx/jackpot2lte:8.0.0/R16NW/A730FXXS4BSC2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15436
MISC
samsung -- j3_android_deviceThe Samsung J3 Android device with a build fingerprint of samsung/j3y17ltedx/j3y17lte:8.0.0/R16NW/J330GDXS3BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=6010000, versionName=6.1.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15452
MISC
samsung -- j3_android_device
 		The Samsung J3 Android device with a build fingerprint of samsung/j3y17ltedx/j3y17lte:8.0.0/R16NW/J330GDXS3BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=6010000, versionName=6.1.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15451
MISC
samsung -- j3popeltecan_android_deviceThe Samsung j3popeltecan Android device with a build fingerprint of samsung/j3popeltevl/j3popeltecan:8.1.0/M1AJQ/J327WVLS3BSA2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15450
MISC
samsung -- j4_android_deviceThe Samsung J4 Android device with a build fingerprint of samsung/j4lteub/j4lte:8.0.0/R16NW/J400MUBS2ASC2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15453
MISC
samsung -- j4_android_deviceThe Samsung J4 Android device with a build fingerprint of samsung/j4lteub/j4lte:8.0.0/R16NW/J400MUBU2ARL4:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15454
MISC
samsung -- j5_android_deviceThe Samsung J5 Android device with a build fingerprint of samsung/j5y17ltexx/j5y17lte:8.1.0/M1AJQ/J530FXXU3BRL1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15455
MISC
samsung -- j5_android_deviceThe Samsung J5 Android device with a build fingerprint of samsung/on5xeltedx/on5xelte:8.0.0/R16NW/G570YDXU2CRL1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=6010000, versionName=6.1.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15440
MISC
samsung -- j6_android_deviceThe Samsung J6 Android device with a build fingerprint of samsung/j6ltexx/j6lte:8.0.0/R16NW/J600FNXXU3ASC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15456
MISC
samsung -- j6_android_deviceThe Samsung J6 Android device with a build fingerprint of samsung/j6ltexx/j6lte:8.0.0/R16NW/J600FNXXU3ASC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15457
MISC
samsung -- j7_android_deviceThe Samsung S7 Android device with a build fingerprint of samsung/heroltexx/herolte:8.0.0/R16NW/G930FXXS4ESC3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15445
MISC
samsung -- j7_android_deviceThe Samsung S7 Android device with a build fingerprint of samsung/heroltexx/herolte:8.0.0/R16NW/G930FXXU3ESAC:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15446
MISC
samsung -- j7_android_deviceThe Samsung S7 Android device with a build fingerprint of samsung/heroltexx/herolte:8.0.0/R16NW/G930FXXS4ESC3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15444
MISC
samsung -- j7_duo_android_deviceThe Samsung J7 Duo Android device with a build fingerprint of samsung/j7duolteub/j7duolte:8.0.0/R16NW/J720MUBS3ASB2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15462
MISC
samsung -- j7_edge_android_deviceThe Samsung S7 Edge Android device with a build fingerprint of samsung/hero2ltexx/hero2lte:8.0.0/R16NW/G935FXXS4ESC3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15448
MISC
samsung -- j7_edge_android_deviceThe Samsung S7 Edge Android device with a build fingerprint of samsung/hero2ltexx/hero2lte:8.0.0/R16NW/G935FXXS4ESC3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15447
MISC
samsung -- j7_max_android_deviceThe Samsung J7 Max Android device with a build fingerprint of samsung/j7maxlteins/j7maxlte:8.1.0/M1AJQ/G615FXXU2BSB1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15443
MISC
samsung -- j7_neo_android_deviceThe Samsung J7 Neo Android device with a build fingerprint of samsung/j7velteub/j7velte:8.1.0/M1AJQ/J701MUBS6BSB3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15459
MISC
samsung -- j7_neo_android_deviceThe Samsung J7 Neo Android device with a build fingerprint of samsung/j7veltedx/j7velte:8.1.0/M1AJQ/J701FXVS6BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15460
MISC
samsung -- j7_neo_android_deviceThe Samsung J7 Neo Android device with a build fingerprint of samsung/j7veltedx/j7velte:8.1.0/M1AJQ/J701FXXS6BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15458
MISC
samsung -- j7_neo_android_deviceThe Samsung J7 Neo Android device with a build fingerprint of samsung/j7velteub/j7velte:8.1.0/M1AJQ/J701MUBS6BSB4:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15461
MISC
samsung -- j7_on7xeltelgt_android_deviceThe Samsung on7xeltelgt Android device with a build fingerprint of samsung/on7xeltelgt/on7xeltelgt:8.1.0/M1AJQ/G610LKLU2CSB1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15441
MISC
samsung -- j7_on7xelteskt_android_deviceThe Samsung on7xelteskt Android device with a build fingerprint of samsung/on7xelteskt/on7xelteskt:8.1.0/M1AJQ/G610SKSU2CSB1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15442
MISC
samsung -- j7_pro_android_deviceThe Samsung J7 Pro Android device with a build fingerprint of samsung/j7y17lteub/j7y17lte:8.1.0/M1AJQ/J730GUBS6BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15464
MISC
samsung -- j7_pro_android_deviceThe Samsung J7 Pro Android device with a build fingerprint of samsung/j7y17lteubm/j7y17lte:8.1.0/M1AJQ/J730GMUBS6BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15465
MISC
samsung -- j7popeltemtr_android_deviceThe Samsung j7popeltemtr Android device with a build fingerprint of samsung/j7popeltemtr/j7popeltemtr:8.1.0/M1AJQ/J727T1UVS5BSC2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15463
MISC
samsung -- s7_edge_android_deviceThe Samsung S7 Edge Android device with a build fingerprint of samsung/hero2ltexx/hero2lte:8.0.0/R16NW/G935FXXS4ESC3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15449
MISC
samsung -- xcover4_android_deviceThe Samsung XCover4 Android device with a build fingerprint of samsung/xcover4ltedo/xcover4lte:8.1.0/M1AJQ/G390YDXU2BSA1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15438
MISC
samsung -- xcover4_android_deviceThe Samsung XCover4 Android device with a build fingerprint of samsung/xcover4ltedo/xcover4lte:8.1.0/M1AJQ/G390YDXU2BSA1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15439
MISC
samsung -- xcover4_android_deviceThe Samsung XCover4 Android device with a build fingerprint of samsung/xcover4ltexx/xcover4lte:8.1.0/M1AJQ/G390FXXU3BSA2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15437
MISC
sap -- erp_sales_and_s4hana_salesOrder processing in SAP ERP Sales (corrected in SAP_APPL 6.0, 6.02, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18) and S4HANA Sales (corrected in S4CORE 1.0, 1.01, 1.02, 1.03, 1.04) does not execute the required authorization checks for an authenticated user, which can result in an escalation of privileges.2019-11-13not yet calculatedCVE-2019-0386
MISC
MISC
sap -- ui5_and_ui_700SAP UI5 HTTP Handler (corrected in SAP_UI versions 7.5, 7.51, 7.52, 7.53, 7.54 and SAP UI_700 version 2.0) allows an attacker to manipulate content due to insufficient URL validation.2019-11-13not yet calculatedCVE-2019-0388
MISC
MISC
sas -- xml_mapperSAS XML Mapper 9.45 has an XML External Entity (XXE) vulnerability that can be leveraged by malicious attackers in multiple ways. Examples are Local File Reading, Out Of Band File Exfiltration, Server Side Request Forgery, and/or Potential Denial of Service attacks. This vulnerability also affects the XMLV2 LIBNAME engine when the AUTOMAP option is used.2019-11-14not yet calculatedCVE-2019-14678
MISC
MISC
scanguard -- scanguardScanguard through 2019-11-12 on Windows has Insecure Permissions for the installation directory, leading to privilege escalation via a Trojan horse executable file.2019-11-14not yet calculatedCVE-2019-18895
MISC
FULLDISC
MISC
MISC
signify -- philips_taolight_smart_wi-fi_wiz_connected_led_bulb
 		On Signify Philips Taolight Smart Wi-Fi Wiz Connected LED Bulb 9290022656 devices, an unprotected API lets remote users control the bulb's operation. Anyone can turn the bulb on or off, or change its color or brightness remotely. There is no authentication or encryption to use the control API. The only requirement is that the attacker have network access to the bulb.2019-11-14not yet calculatedCVE-2019-18980
MISC

simpleledger -- slp-validate

A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the slp-validate@1.0.0 npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. All versions >1.0.0 have been patched.2019-11-15not yet calculatedCVE-2019-16761
MISC
CONFIRM
simpleledger -- slp-validate
 		A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the slpjs npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. Affected users can upgrade to any version >= 0.21.4.2019-11-15not yet calculatedCVE-2019-16762
MISC
CONFIRM
snowhaze -- snowhaze
 		SnowHaze before 2.6.6 is sometimes too late to honor a per-site JavaScript blocking setting, which leads to unintended JavaScript execution via a chain of webpage redirections targeted to the user's browser configuration.2019-11-14not yet calculatedCVE-2019-18949
MISC
soft112 -- file_sharing_wizardFile Sharing Wizard version 1.5.0 build 2008 is affected by a Structured Exception Handler based buffer overflow vulnerability. An unauthenticated attacker is able to perform remote command execution and obtain a command shell by sending a HTTP GET request including the malicious payload in the URL. A similar issue to CVE-2019-17415, CVE-2019-16724, and CVE-2010-2331.2019-11-12not yet calculatedCVE-2019-18655
MISC
sony -- keyaki_kddi_android_deviceThe Sony keyaki_kddi Android device with a build fingerprint of Sony/keyaki_kddi/keyaki_kddi:7.1.1/TONE3-3.0.0-KDDI-170517-0326/1:user/dev-keys contains a pre-installed app with a package name of com.kddi.android.packageinstaller app (versionCode=70008, versionName=08.10.03) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.2019-11-14not yet calculatedCVE-2019-15416
MISC
sony -- xperia_touch_android_deviceThe Sony Xperia Touch Android device with a build fingerprint of Sony/blanc_windy/blanc_windy:7.0/LOIRE-SMART-BLANC-1.0.0-170530-0834/1:user/dev-keys contains a pre-installed app with a package name of com.sonymobile.android.maintenancetool.testmic app (versionCode=24, versionName=7.0) that allows unauthorized microphone audio recording via a confused deputy attack. This capability can be accessed by any app co-located on the device. This app allows a third-party app to use its open interface to record audio to external storage.2019-11-14not yet calculatedCVE-2019-15743
MISC
sony -- xperia_xzs_android_deviceThe Sony Xperia Xperia XZs Android device with a build fingerprint of Sony/keyaki_softbank/keyaki_softbank:7.1.1/TONE3-3.0.0-SOFTBANK-170517-0323/1:user/dev-keys contains a pre-installed app with a package name of jp.softbank.mb.tdrl app (versionCode=1413005, versionName=1.3.0) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device.2019-11-14not yet calculatedCVE-2019-15744
MISC
stmicroelectronics -- st33phf2espi_tpm_devicesSTMicroelectronics ST33TPHF2ESPI TPM devices before 2019-09-12 allow attackers to extract the ECDSA private key via a side-channel timing attack because ECDSA scalar multiplication is mishandled, aka TPM-FAIL.2019-11-14not yet calculatedCVE-2019-16863
MISC
CONFIRM
symantec -- endpoint_protectionSymantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.2019-11-15not yet calculatedCVE-2019-18372
MISC
symantec -- endpoint_protectionSymantec Endpoint Protection (SEP), prior to 14.2 RU2 may be susceptible to a password protection bypass vulnerability whereby the secondary layer of password protection could by bypassed for individuals with local administrator rights.2019-11-15not yet calculatedCVE-2019-12756
MISC
symantec -- endpoint_protectionSymantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual to execute code without a resident proper digital signature.2019-11-15not yet calculatedCVE-2019-12758
MISC
symantec -- endpoint_protection_and_endpoint_protection_small_business_editionSymantec Endpoint Protection (SEP), prior to 14.2 RU2 & 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to 12.1 RU6 MP10d (12.1.7510.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.2019-11-15not yet calculatedCVE-2019-12757
MISC
symantec -- endpoint_protection_managerSymantec Endpoint Protection Manager (SEPM), prior to 14.2 RU1, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.2019-11-15not yet calculatedCVE-2018-18368
MISC

symantec -- endpoint_protection_manager_and_mail_security_for_ms_exchange

Symantec Endpoint Protection Manager (SEPM) and Symantec Mail Security for MS Exchange (SMSMSE), prior to versions 14.2 RU2 and 7.5.x respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.2019-11-15not yet calculatedCVE-2019-12759
MISC
symphony -- g100_android_deviceThe Symphony G100 Android device with a build fingerprint of Symphony/G100/G100:8.1.0/O11019/1530618779:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15371
MISC
symphony -- i95_lite_android_deviceThe Symphony i95 Lite Android device with a build fingerprint of LAVA/iris88_lite/iris88_lite:8.1.0/O11019/1536323070:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15373
MISC
tecno -- camon_android_deviceThe Tecno Camon Android device with a build fingerprint of TECNO/H622/TECNO-ID5b:8.1.0/O11019/G-180829V31:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.0.11). This app contains an exported service named com.lovelyfont.manager.service.FunctionService that allows any app co-located on the device to supply the file path to a Dalvik Executable (DEX) file which it will dynamically load within its own process and execute in with its own system privileges. This app cannot be disabled by the user and the attack can be performed by a zero-permission app. Executing commands as the system user can allow a third-party app to video record the user's screen, factory reset the device, obtain the user's notifications, read the logcat logs, inject events in the Graphical User Interface (GUI), and obtains the user's text messages, and more. Executing code as the system user can allow a third-party app to factory reset the device, obtain the user's Wi-Fi passwords, obtain the user's notifications, read the logcat logs, inject events in the GUI, change the default Input Method Editor (IME) (e.g., keyboard) with one contained within the attacking app that contains keylogging functionality, and obtains the user's text messages, and more.2019-11-14not yet calculatedCVE-2019-15350
MISC
tecno -- camon_android_deviceThe Tecno Camon Android device with a build fingerprint of TECNO/H612/TECNO-ID5a:8.1.0/O11019/F-180828V106:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.0.11). This app contains an exported service named com.lovelyfont.manager.FontCoverService that allows any app co-located on the device to supply arbitrary commands via shell script to be executed as the system user that are triggered by writing an attacker-selected message to the logcat log. This app cannot be disabled by the user and the attack can be performed by a zero-permission app. Executing commands as the system user can allow a third-party app to video record the user's screen, factory reset the device, obtain the user's notifications, read the logcat logs, inject events in the Graphical User Interface (GUI), and obtains the user's text messages, and more. Executing commands as the system user can allow a third-party app to factory reset the device, obtain the user's notifications, read the logcat logs, inject events in the GUI, change the default Input Method Editor (IME) (e.g., keyboard) with one contained within the attacking app that contains keylogging functionality, and obtains the user's text messages, and more.2019-11-14not yet calculatedCVE-2019-15348
MISC
tecno -- camon_android_deviceThe Tecno Camon Android device with a build fingerprint of TECNO/H622/TECNO-ID5b:8.1.0/O11019/G-180829V31:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.0.11). This app contains an exported service named com.lovelyfont.manager.FontCoverService that allows any app co-located on the device to supply arbitrary commands via shell script to be executed as the system user that are triggered by writing an attacker-selected message to the logcat log. This app cannot be disabled by the user and the attack can be performed by a zero-permission app. Executing commands as the system user can allow a third-party app to video record the user's screen, factory reset the device, obtain the user's notifications, read the logcat logs, inject events in the Graphical User Interface (GUI), and obtains the user's text messages, and more. Executing commands as the system user can allow a third-party app to factory reset the device, obtain the user's notifications, read the logcat logs, inject events in the GUI, change the default Input Method Editor (IME) (e.g., keyboard) with one contained within the attacking app that contains keylogging functionality, and obtains the user's text messages, and more.2019-11-14not yet calculatedCVE-2019-15351
MISC
tecno -- camon_android_deviceThe Tecno Camon Android device with a build fingerprint of TECNO/H612/TECNO-ID5a:8.1.0/O11019/F-180828V106:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.0.11). This app contains an exported service named com.lovelyfont.manager.service.FunctionService that allows any app co-located on the device to supply the file path to a Dalvik Executable (DEX) file which it will dynamically load within its own process and execute in with its own system privileges. This app cannot be disabled by the user and the attack can be performed by a zero-permission app. Executing commands as the system user can allow a third-party app to video record the user's screen, factory reset the device, obtain the user's notifications, read the logcat logs, inject events in the Graphical User Interface (GUI), and obtains the user's text messages, and more. Executing code as the system user can allow a third-party app to factory reset the device, obtain the user's Wi-Fi passwords, obtain the user's notifications, read the logcat logs, inject events in the GUI, change the default Input Method Editor (IME) (e.g., keyboard) with one contained within the attacking app that contains keylogging functionality, and obtains the user's text messages, and more.2019-11-14not yet calculatedCVE-2019-15349
MISC
tecno -- camon_iair_2_plus_android_deviceThe Tecno Camon iAir 2 Plus Android device with a build fingerprint of TECNO/H622/TECNO-ID3k:8.1.0/O11019/E-180914V83:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.0.11). This app contains an exported service named com.lovelyfont.manager.FontCoverService that allows any app co-located on the device to supply arbitrary commands via shell script to be executed as the system user that are triggered by writing an attacker-selected message to the logcat log. This app cannot be disabled by the user and the attack can be performed by a zero-permission app. Executing commands as the system user can allow a third-party app to video record the user's screen, factory reset the device, obtain the user's notifications, read the logcat logs, inject events in the Graphical User Interface (GUI), and obtains the user's text messages, and more. Executing commands as the system user can allow a third-party app to factory reset the device, obtain the user's notifications, read the logcat logs, inject events in the GUI, change the default Input Method Editor (IME) (e.g., keyboard) with one contained within the attacking app that contains keylogging functionality, and obtains the user's text messages, and more.2019-11-14not yet calculatedCVE-2019-15342
MISC
tecno -- camon_iair_2_plus_android_deviceThe Tecno Camon iAir 2 Plus Android device with a build fingerprint of TECNO/H622/TECNO-ID3k:8.1.0/O11019/E-180914V83:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.0.11). This app contains an exported service named com.lovelyfont.manager.service.FunctionService that allows any app co-located on the device to supply the file path to a Dalvik Executable (DEX) file which it will dynamically load within its own process and execute in with its own system privileges. This app cannot be disabled by the user and the attack can be performed by a zero-permission app. Executing commands as the system user can allow a third-party app to video record the user's screen, factory reset the device, obtain the user's notifications, read the logcat logs, inject events in the Graphical User Interface (GUI), and obtains the user's text messages, and more. Executing code as the system user can allow a third-party app to factory reset the device, obtain the user's Wi-Fi passwords, obtain the user's notifications, read the logcat logs, inject events in the GUI, change the default Input Method Editor (IME) (e.g., keyboard) with one contained within the attacking app that contains keylogging functionality, and obtains the user's text messages, and more.2019-11-14not yet calculatedCVE-2019-15341
MISC
tecno -- camon_iclick_2_android_deviceThe Tecno Camon iClick 2 Android device with a build fingerprint of TECNO/H622/TECNO-ID6:8.1.0/O11019/F-180824V116:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.0.11). This app contains an exported service named com.lovelyfont.manager.service.FunctionService that allows any app co-located on the device to supply the file path to a Dalvik Executable (DEX) file which it will dynamically load within its own process and execute in with its own system privileges. This app cannot be disabled by the user and the attack can be performed by a zero-permission app. Executing commands as the system user can allow a third-party app to video record the user's screen, factory reset the device, obtain the user's notifications, read the logcat logs, inject events in the Graphical User Interface (GUI), and obtains the user's text messages, and more. Executing code as the system user can allow a third-party app to factory reset the device, obtain the user's Wi-Fi passwords, obtain the user's notifications, read the logcat logs, inject events in the GUI, change the default Input Method Editor (IME) (e.g., keyboard) with one contained within the attacking app that contains keylogging functionality, and obtains the user's text messages, and more.2019-11-14not yet calculatedCVE-2019-15346
MISC
tecno -- camon_iclick_2_android_deviceThe Tecno Camon iClick 2 Android device with a build fingerprint of TECNO/H622/TECNO-ID6:8.1.0/O11019/F-180824V116:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.0.11). This app contains an exported service named com.lovelyfont.manager.FontCoverService that allows any app co-located on the device to supply arbitrary commands via shell script to be executed as the system user that are triggered by writing an attacker-selected message to the logcat log. This app cannot be disabled by the user and the attack can be performed by a zero-permission app. Executing commands as the system user can allow a third-party app to video record the user's screen, factory reset the device, obtain the user's notifications, read the logcat logs, inject events in the Graphical User Interface (GUI), and obtains the user's text messages, and more. Executing commands as the system user can allow a third-party app to factory reset the device, obtain the user's notifications, read the logcat logs, inject events in the GUI, change the default Input Method Editor (IME) (e.g., keyboard) with one contained within the attacking app that contains keylogging functionality, and obtains the user's text messages, and more.2019-11-14not yet calculatedCVE-2019-15347
MISC
tecno -- camon_iclick_android_deviceThe Tecno Camon iClick Android device with a build fingerprint of TECNO/H633/TECNO-IN6:8.1.0/O11019/A-180409V96:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.0.8). This app contains an exported service named com.lovelyfont.manager.service.FunctionService that allows any app co-located on the device to supply the file path to a Dalvik Executable (DEX) file which it will dynamically load within its own process and execute in with its own system privileges. This app cannot be disabled by the user and the attack can be performed by a zero-permission app. Executing commands as the system user can allow a third-party app to video record the user's screen, factory reset the device, obtain the user's notifications, read the logcat logs, inject events in the Graphical User Interface (GUI), and obtains the user's text messages, and more. Executing code as the system user can allow a third-party app to factory reset the device, obtain the user's Wi-Fi passwords, obtain the user's notifications, read the logcat logs, inject events in the GUI, change the default Input Method Editor (IME) (e.g., keyboard) with one contained within the attacking app that contains keylogging functionality, and obtains the user's text messages, and more.2019-11-14not yet calculatedCVE-2019-15345
MISC
tecno -- camon_iclick_android_deviceThe Tecno Camon iClick Android device with a build fingerprint of TECNO/H633/TECNO-IN6:8.1.0/O11019/A-180409V96:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15355
MISC
tecno -- camon_iclick_android_deviceThe Tecno Camon iClick Android device with a build fingerprint of TECNO/H633/TECNO-IN6:8.1.0/O11019/A-180409V96:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.0.8). This app contains an exported service named com.lovelyfont.manager.FontCoverService that allows any app co-located on the device to supply arbitrary commands via shell script to be executed as the system user that are triggered by writing an attacker-selected message to the logcat log. This app cannot be disabled by the user and the attack can be performed by a zero-permission app. Executing commands as the system user can allow a third-party app to video record the user's screen, factory reset the device, obtain the user's notifications, read the logcat logs, inject events in the Graphical User Interface (GUI), and obtains the user's text messages, and more. Executing commands as the system user can allow a third-party app to factory reset the device, obtain the user's notifications, read the logcat logs, inject events in the GUI, change the default Input Method Editor (IME) (e.g., keyboard) with one contained within the attacking app that contains keylogging functionality, and obtains the user's text messages, and more.2019-11-14not yet calculatedCVE-2019-15343
MISC
tecno -- camon_iclick_android_deviceThe Tecno Camon iClick Android device with a build fingerprint of TECNO/H633/TECNO-IN6:8.1.0/O11019/A-180409V96:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.0.8). This app contains an exported service named com.lovelyfont.manager.FontCoverService that allows any app co-located on the device to supply arbitrary commands to be executed as the system user. This app cannot be disabled by the user and the attack can be performed by a zero-permission app. In addition to the local attack surface, its accompanying app with a package name of com.ekesoo.lovelyhifonts makes network requests using HTTP and an attacker can perform a Man-in-the-Middle (MITM) attack on the connection to inject a command in a network response that will be executed as the system user by the com.lovelyfont.defcontainer app. Executing commands as the system user can allow a third-party app to video record the user's screen, factory reset the device, obtain the user's notifications, read the logcat logs, inject events in the Graphical User Interface (GUI), and obtains the user's text messages, and more. Executing commands as the system user can allow a third-party app to factory reset the device, obtain the user's notifications, read the logcat logs, inject events in the GUI, change the default Input Method Editor (IME) (e.g., keyboard) with one contained within the attacking app that contains keylogging functionality, and obtains the user's text messages, and more.2019-11-14not yet calculatedCVE-2019-15344
MISC
tecno -- spark_pro_android_deviceThe Tecno Spark Pro Android device with a build fingerprint of TECNO/H3722/TECNO-K8:7.0/NRD90M/K8-H3722ABCDE-N-171229V96:user/release-keys contains a pre-installed app with a package name of com.lovelyfont.defcontainer app (versionCode=7, versionName=7.0.5) that allows unauthorized dynamic code loading via a confused deputy attack. This capability can be accessed by any app co-located on the device.2019-11-14not yet calculatedCVE-2019-15417
MISC
tematres -- tematresTemaTres 3.0 has stored XSS via the value parameter to the vocab/admin.php?vocabulario_id=list URI.2019-11-15not yet calculatedCVE-2019-14343
MISC
MISC
MISC
MISC
tematres -- tematresTemaTres 3.0 allows remote unprivileged users to create an administrator account2019-11-15not yet calculatedCVE-2019-14345
MISC
MISC
MISC
MISC
tesseract -- tesseractIn tesseract 2.03 and 2.04, an attacker can rewrite an arbitrary user file by guessing the PID and creating a link to the user's file.2019-11-14not yet calculatedCVE-2011-1136
MISC
MISC
MISC
texas_instruments -- cc256x_and_wl18xx_dual_mode_bluetooth_controller_devicesTexas Instruments CC256x and WL18xx dual-mode Bluetooth controller devices, when LE scan mode is used, allow remote attackers to trigger a buffer overflow via a malformed Bluetooth Low Energy advertising packet, to cause a denial of service or potentially execute arbitrary code. This affects CC256xC-BT-SP 1.2, CC256xB-BT-SP 1.8, and WL18xx-BT-SP 4.4.2019-11-13not yet calculatedCVE-2019-15948
MISC
MISC
thunar -- thunarThunar 1.2 through 1.2.1 could crash when copy and pasting a file name with % format characters due to a format string error.2019-11-14not yet calculatedCVE-2011-1588
MISC
MISC
MISC
MISC
tp-link -- tl-wdr4300_and_tl-1043nd_wireless_routersSymlink Traversal vulnerability in TP-LINK TL-WDR4300 and TL-1043ND..2019-11-13not yet calculatedCVE-2013-4654
MISC
MISC
MISC
trendnet -- tew-691gr_and_tew-692gr_wireless_routersUndocumented TELNET service in TRENDnet TEW-691GR and TEW-692GR when a web page named backdoor contains an HTML parameter of password and a value of j78G?DFdg_24Mhw3.2019-11-13not yet calculatedCVE-2013-3367
MISC
MISC
MISC
trendnet -- tew-812dru_wireless_routerUndocumented TELNET service in TRENDnet TEW-812DRU when a web page named backdoor contains an HTML parameter of password and a value of j78G?DFdg_24Mhw3.2019-11-13not yet calculatedCVE-2013-3366
MISC
MISC
MISC
udisks -- udisksudisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules.2019-11-13not yet calculatedCVE-2010-4661
MISC
MISC
MISC
MISC
ulefone -- armor_5_android_deviceThe Ulefone Armor 5 Android device with a build fingerprint of Ulefone/Ulefone_Armor_5/Ulefone_Armor_5:8.1.0/O11019/1528806701:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15354
MISC
unixodbc -- unixodbcThe SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string.2019-11-14not yet calculatedCVE-2011-1145
MISC
MISC
MISC
MISC
v86d -- v86dv86d before 0.1.10 do not verify if received netlink messages are sent by the kernel. This could allow unprivileged users to manipulate the video mode and potentially other consequences.2019-11-14not yet calculatedCVE-2011-1070
MISC
MISC
MISC
walton -- primo_g3_android_deviceThe Walton Primo G3 Android device with a build fingerprint of WALTON/Primo_GM3/Primo_GM3:8.1.0/O11019/1522737198:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.2019-11-14not yet calculatedCVE-2019-15379
MISC
wordpress -- wordpressThe Blog2Social plugin before 5.9.0 for WordPress is affected by: Cross Site Scripting (XSS). The impact is: Allows an attacker to execute arbitrary HTML and JavaScript code via the b2s_id parameter. The component is: views/b2s/post.calendar.php. The attack vector is: When the Administrator is logged in, a reflected XSS may execute upon a click on a malicious URL.2019-11-13not yet calculatedCVE-2019-17550
MISC
MISC
MISC
MISC
wordpress -- wordpressThe CleanTalk cleantalk-spam-protect plugin before 5.127.4 for WordPress is affected by: Cross Site Scripting (XSS). The impact is: Allows an attacker to execute arbitrary HTML and JavaScript code via the from or till parameter. The component is: inc/cleantalk-users.php and inc/cleantalk-comments.php. The attack vector is: When the Administrator is logged in, a reflected XSS may execute upon a click on a malicious URL.2019-11-13not yet calculatedCVE-2019-17515
MISC
MISC
MISC
xiaomi -- redmi_5_android_deviceThe Xiaomi Redmi 5 Android device with a build fingerprint of xiaomi/vince/vince:7.1.2/N2G47H/V9.5.4.0.NEGMIFA:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app (versionCode=1, versionName=QL1711_201803291645) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device.2019-11-14not yet calculatedCVE-2019-15415
MISC
xiaomi -- 5s_plus_android_deviceThe Xiaomi 5S Plus Android device with a build fingerprint of Xiaomi/natrium/natrium:6.0.1/MXB48T/7.1.5:user/release-keys contains a pre-installed app with a package name of com.miui.powerkeeper app (versionCode=40000, versionName=4.0.00) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device.2019-11-14not yet calculatedCVE-2019-15426
MISC
xiaomi -- cepheus_android_deviceThe Xiaomi Cepheus Android device with a build fingerprint of Xiaomi/cepheus/cepheus:9/PKQ1.181121.001/V10.2.6.0.PFAMIXM:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app (versionCode=28, versionName=9) that allows unauthorized microphone audio recording via a confused deputy attack. This capability can be accessed by any app co-located on the device. This app allows a third-party app to use its open interface to record telephone calls to external storage.2019-11-14not yet calculatedCVE-2019-15474
MISC
xiaomi -- mi_a2_lite_android_deviceThe Xiaomi Mi A2 Lite Android device with a build fingerprint of xiaomi/jasmine/jasmine_sprout:9/PKQ1.180904.001/V10.0.2.0.PDIMIFJ:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app (versionCode=28, versionName=9) that allows unauthorized microphone audio recording via a confused deputy attack. This capability can be accessed by any app co-located on the device. This app allows a third-party app to use its open interface to record telephone calls to external storage.2019-11-14not yet calculatedCVE-2019-15473
MISC
xiaomi -- mi_a2_lite_android_deviceThe Xiaomi Mi A2 Lite Android device with a build fingerprint of xiaomi/daisy/daisy_sprout:9/PKQ1.180917.001/V10.0.3.0.PDLMIXM:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app (versionCode=1, versionName=QL1715_201812071953) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device.2019-11-14not yet calculatedCVE-2019-15468
MISC
xiaomi -- mi_a2_lite_android_deviceThe Xiaomi Mi A2 Lite Android device with a build fingerprint of xiaomi/daisy/daisy_sprout:9/PKQ1.180917.001/V10.0.3.0.PDLMIXM:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app (versionCode=28, versionName=9) that allows unauthorized microphone audio recording via a confused deputy attack. This capability can be accessed by any app co-located on the device. This app allows a third-party app to use its open interface to record telephone calls to external storage.2019-11-14not yet calculatedCVE-2019-15472
MISC
xiaomi -- mi_a3_android_deviceThe Xiaomi Mi A3 Android device with a build fingerprint of xiaomi/onc_eea/onc:9/PKQ1.181021.001/V10.2.8.0.PFLEUXM:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app (versionCode=28, versionName=9) that allows unauthorized microphone audio recording via a confused deputy attack. This capability can be accessed by any app co-located on the device. This app allows a third-party app to use its open interface to record telephone calls to external storage.2019-11-14not yet calculatedCVE-2019-15475
MISC
xiaomi -- mi_mix_2s_android_deviceThe Xiaomi Mi Mix 2S Android device with a build fingerprint of Xiaomi/polaris/polaris:8.0.0/OPR1.170623.032/V9.5.19.0.ODGMIFA:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app (versionCode=1, versionName=A2060_201801032053) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device.2019-11-14not yet calculatedCVE-2019-15467
MISC
xiaomi -- mi_mix_2s_android_deviceThe Xiaomi Mi Mix 2S Android device with a build fingerprint of Xiaomi/polaris/polaris:8.0.0/OPR1.170623.032/V9.5.19.0.ODGMIFA:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app (versionCode=27, versionName=8.1.0) that allows other pre-installed apps to perform microphone audio recording via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that export their capabilities to other pre-installed app. This app allows a third-party app to use its open interface to record telephone calls to external storage.2019-11-14not yet calculatedCVE-2019-15471
MISC
xiaomi -- mi_mix_android_deviceThe Xiaomi Mi Mix Android device with a build fingerprint of Xiaomi/lithium/lithium:6.0.1/MXB48T/7.1.5:user/release-keys contains a pre-installed app with a package name of com.miui.powerkeeper app (versionCode=40000, versionName=4.0.00) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device.2019-11-14not yet calculatedCVE-2019-15427
MISC
xiaomi -- mi_note_2_android_deviceThe Xiaomi Mi Note 2 Android device with a build fingerprint of Xiaomi/scorpio/scorpio:6.0.1/MXB48T/7.1.5:user/release-keys contains a pre-installed app with a package name of com.miui.powerkeeper app (versionCode=40000, versionName=4.0.00) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device.2019-11-14not yet calculatedCVE-2019-15428
MISC
xiaomi -- mi_pad_4_android_deviceThe Xiaomi Mi Pad 4 Android device with a build fingerprint of Xiaomi/clover/clover:8.1.0/OPM1.171019.019/V9.6.26.0.ODJCNFD:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app (versionCode=27, versionName=8.1.0) that allows other pre-installed apps to perform microphone audio recording via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that export their capabilities to other pre-installed app. This app allows a third-party app to use its open interface to record telephone calls to external storage.2019-11-14not yet calculatedCVE-2019-15469
MISC
xiaomi -- redmi_6_pro_android_deviceThe Xiaomi Redmi 6 Pro Android device with a build fingerprint of xiaomi/sakura_india/sakura_india:8.1.0/OPM1.171019.019/V10.2.6.0.ODMMIXM:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app (versionCode=1, versionName=QL1715_201812191721) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device.2019-11-14not yet calculatedCVE-2019-15466
MISC
xiaomi -- redmi_6_pro_android_deviceThe Xiaomi Redmi 6 Pro Android device with a build fingerprint of xiaomi/sakura_india/sakura_india:8.1.0/OPM1.171019.019/V9.6.4.0.ODMMIFD:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app (versionCode=1, versionName=QL1715_201805292006) that allows any app co-located on the device to programmatically disable and enable Wi-Fi, Bluetooth, and GPS without the corresponding access permission through an exported interface.2019-11-14not yet calculatedCVE-2019-15340
MISC
xiaomi -- redmi_note_6_pro_android_deviceThe Xiaomi Redmi Note 6 Pro Android device with a build fingerprint of xiaomi/tulip/tulip:8.1.0/OPM1.171019.011/V10.2.2.0.OEKMIXM:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app (versionCode=27, versionName=8.1.0) that allows other pre-installed apps to perform microphone audio recording via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that export their capabilities to other pre-installed app. This app allows a third-party app to use its open interface to record telephone calls to external storage.2019-11-14not yet calculatedCVE-2019-15470
MISC
zte -- zxhn_h108nThe version V2.5.0_EG1T5_TED of ZTE ZXHN H108N product are impacted by an information leak vulnerability. An attacker could exploit the vulnerability to obtain sensitive information and perform unauthorized operations.2019-11-13not yet calculatedCVE-2019-3420
MISC
zyxel -- gs1900_devicesAn issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. Due to lack of input validation in the cmd_sys_traceroute_exec(), cmd_sys_arp_clear(), and cmd_sys_ping_exec() functions in the libclicmd.so library contained in the firmware, an attacker could leverage these functions to call system() and execute arbitrary commands on the switches. (Note that these functions are currently not called in this version of the firmware, however an attacker could use other vulnerabilities to finally use these vulnerabilities to gain code execution.)2019-11-14not yet calculatedCVE-2019-15800
MISC
CONFIRM
zyxel -- gs1900_devicesAn issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. The firmware hashes and encrypts passwords using a hardcoded cryptographic key in sal_util_str_encrypt() in libsal.so.0.0. The parameters (salt, IV, and key data) are used to encrypt and decrypt all passwords using AES256 in CBC mode. With the parameters known, all previously encrypted passwords can be decrypted. This includes the passwords that are part of configuration backups or otherwise embedded as part of the firmware.2019-11-14not yet calculatedCVE-2019-15802
MISC
CONFIRM
zyxel -- gs1900_devicesAn issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. Through an undocumented sequence of keypresses, undocumented functionality is triggered. A diagnostics shell is triggered via CTRL-ALT-t, which prompts for the password returned by fds_sys_passDebugPasswd_ret(). The firmware contains access control checks that determine if remote users are allowed to access this functionality. The function that performs this check (fds_sys_remoteDebugEnable_ret in libfds.so) always return TRUE with no actual checks performed. The diagnostics menu allows for reading/writing arbitrary registers and various other configuration parameters which are believed to be related to the network interface chips.2019-11-14not yet calculatedCVE-2019-15803
MISC
CONFIRM
zyxel -- gs1900_devicesAn issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. By sending a signal to the CLI process, undocumented functionality is triggered. Specifically, a menu can be triggered by sending the SIGQUIT signal to the CLI application (e.g., through CTRL+\ via SSH). The access control check for this menu does work and prohibits accessing the menu, which contains "Password recovery for specific user" options. The menu is believed to be accessible using a serial console.2019-11-14not yet calculatedCVE-2019-15804
MISC
CONFIRM
zyxel -- gs1900_devicesAn issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. The firmware image contains encrypted passwords that are used to authenticate users wishing to access a diagnostics or password-recovery menu. Using the hardcoded cryptographic key found elsewhere in the firmware, these passwords can be decrypted. This is related to fds_sys_passDebugPasswd_ret() and fds_sys_passRecoveryPasswd_ret() in libfds.so.0.0.2019-11-14not yet calculatedCVE-2019-15801
MISC
CONFIRM
zyxel -- gs1900_devicesAn issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. User accounts created through the web interface of the device, when given non-admin level privileges, have the same level of privileged access as administrators when connecting to the device via SSH (while their permissions via the web interface are in fact restricted). This allows normal users to obtain the administrative password by running the tech-support command via the CLI: this contains the encrypted passwords for all users on the device. As these passwords are encrypted using well-known and static parameters, they can be decrypted and the original passwords (including the administrator password) can be obtained.2019-11-14not yet calculatedCVE-2019-15799
MISC
MISC
CONFIRM
Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

Google Releases Security Updates for Chrome

November 19, 2019, 7:36 am
$
0
0
Original release date: November 19, 2019

Google has released Chrome 78.0.3904.108 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

National Tax Security Awareness Week is December 2–6

November 19, 2019, 7:59 am
$
0
0
Original release date: November 19, 2019

The Internal Revenue Service (IRS) has released an article announcing that National Tax Security Awareness Week will be held December 2–6. The annual recognition event will feature a series of resources and tips to help taxpayers and tax professionals protect their data and identities against identity theft.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages taxpayers, businesses, and tax professionals to review CISA’s Tip on Preventing and Responding to Identity Theft and IRS’s article on National Tax Security Awareness Week for details about new resources and the more than 25 tax security events being held across the country throughout the awareness week.

This product is provided subject to this Notification and this Privacy & Use policy.

FTC Provides Tips on Safeguarding Data Before Upgrading Mobile Phones

November 19, 2019, 8:07 am
$
0
0
Original release date: November 19, 2019

The Federal Trade Commission (FTC) has released an article with tips on how to protect personal information before trading in a mobile phone for a newer model. FTC recommends the following four steps to safeguard these devices:

  • Back up data.
  • Remove SIM and SD cards.
  • Erase personal information.
  • Verify deletion of personal information.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages consumers to review the FTC article for additional resources on how to perform each of the suggested steps and see CISA’s Tip on Proper Disposal of Electronic Devices for more information.

This product is provided subject to this Notification and this Privacy & Use policy.

NSA Releases Cyber Advisory: Managing Risk from Transport Layer Security Inspection

November 19, 2019, 11:14 am
$
0
0
Original release date: November 19, 2019

The National Security Agency (NSA) has released a Cyber Advisory that addresses managing risk from Transport Layer Security Inspection (TLSI). This short, informative document defines TLSI (a security process that allows incoming traffic to be decrypted, inspected, and re-encrypted), explains some risks and associated challenges, and discusses mitigations.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the NSA Cyber Advisory and apply the information, as appropriate. See CISA’s Alert on risks associated with HTTPS inspection.

This product is provided subject to this Notification and this Privacy & Use policy.

Microsoft Releases Outlook for Android Security Update

November 21, 2019, 7:47 am
$
0
0
Original release date: November 21, 2019

Microsoft has released an update to address a vulnerability in Outlook for Android. An attacker could exploit this vulnerability to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Microsoft Security Advisory and apply the necessary update.

This product is provided subject to this Notification and this Privacy & Use policy.

ISC Releases Security Advisory for BIND

November 21, 2019, 7:54 am
$
0
0
Original release date: November 21, 2019

The Internet Systems Consortium (ISC) has released a security advisory that addresses a vulnerability affecting multiple versions of ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit this vulnerability to cause a denial-of-service condition.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the ISC advisory for more information and to apply the necessary updates and workarounds.

This product is provided subject to this Notification and this Privacy & Use policy.

Search

Securing Portable Electronic Devices During Travel

November 22, 2019, 7:57 am
$
0
0
Original release date: November 22, 2019

Holiday travelers often use portable electronic devices (PEDs) because they offer a range of conveniences, for example, enabling the traveler to order gifts on-the-go, access to online banking, or download boarding passes. However, these devices are vulnerable to cyberattack or theft, resulting in exposure of personal information.

With the holiday season approaching, the Cybersecurity and Infrastructure Security Agency (CISA) reminds users to be mindful of the security risks associated with traveling with PEDs. CISA encourages travelers to take the following steps to protect their personal information:

  • Avoid using public Wi-Fi networks to conduct personal business. Open Wi-Fi networks at places such as airports present an opportunity for attackers to intercept sensitive information.
  • Turn off Bluetooth when not in use. Cyber criminals have the capability to pair with your device's open Bluetooth connection and steal personal information.
  • Be cautious when charging. Avoid connecting your device to any computer or charging station that you do not control, such as a charging station at an airport terminal.
  • Remember physical security. Do not leave your device unattended in public or easily accessible areas.

Check out CISA’s Tips on Holiday Traveling with Personal Internet-Enabled Devices and Cybersecurity for Electronic Devices for more information and tips.

 

This product is provided subject to this Notification and this Privacy & Use policy.

Vulnerability Summary for the Week of November 18, 2019

November 25, 2019, 3:22 am
$
0
0
Original release date: November 25, 2019

The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

 

High Vulnerabilities

Primary
Vendor -- Product		DescriptionPublishedCVSS ScoreSource & Patch Info
3s-smart_software_solutions -- codesys_web_server
 		CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overflow.2019-11-207.5CVE-2019-18858
MISC
MISC
apache -- solrThe 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLE_REMOTE_JMX_OPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX monitoring will be enabled and exposed on RMI_PORT (default=18983), without any authentication. If this port is opened for inbound traffic in your firewall, then anyone with network access to your Solr nodes will be able to access JMX, which may in turn allow them to upload malicious code for execution on the Solr server.2019-11-187.5CVE-2019-12409
MLIST
chicken -- chicken
 		Buffer overflow in CHICKEN 4.9.0 and 4.9.0.1 may allow remote attackers to execute arbitrary code via the 'select' function.2019-11-227.5CVE-2014-6310
MISC
MISC
CONFIRM
MISC
clamav -- clamav
 		ClamAV before 0.97.7 has buffer overflow in the libclamav component2019-11-157.5CVE-2013-7088
MISC
MISC
MISC
MISC
MISC
clamav -- clamav
 		ClamAV before 0.97.7 has WWPack corrupt heap memory2019-11-157.5CVE-2013-7087
MISC
MISC
MISC
MISC
MISC
cobbler -- cobbler
 		cobbler has local privilege escalation via the use of insecure location for PYTHON_EGG_CACHE2019-11-197.2CVE-2011-4954
MISC
MISC
MISC
MISC
MISC
cyrus -- imap
 		Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived over the same connection.2019-11-157.5CVE-2019-18928
MISC
MISC
dolibarr -- dolibarr
 		SQL injection vulnerability in Dolibarr ERP/CRM 3.3.1 allows remote attackers to execute arbitrary SQL commands via the 'pays' parameter in fiche.php.2019-11-207.5CVE-2013-2091
MISC
MISC
CONFIRM
MISC
dolibarr -- dolibarr
 		Dolibarr ERP/CRM 3.3.1 does not properly validate user input in viewimage.php and barcode.lib.php which allows remote attackers to execute arbitrary commands.2019-11-2010CVE-2013-2093
MISC
MISC
CONFIRM
MISC
druby -- druby
 		Distributed Ruby (aka DRuby) 1.8 mishandles instance_eval.2019-11-187.5CVE-2011-5331
MISC
druby -- druby
 		Distributed Ruby (aka DRuby) 1.8 mishandles the sending of syscalls.2019-11-187.5CVE-2011-5330
MISC
eclipse -- jettyJetty 6.x through 6.1.22 suffers from an escape sequence injection vulnerability from an attack vector by means of: 1) "Cookie Dump Servlet" and 2) Http Content-Length header. 1) A POST request to the form at "/test/cookie/" with the "Age" parameter set to a string throws a "java.lang.NumberFormatException" which reflects binary characters including ESC. These characters could be used to execute arbitrary commands or buffer dumps in the terminal. 2) The attack vector in 1) can be exploited by requesting a page using an HTTP request "Content-Length" header set to a consonant string (string including only letters).2019-11-157.5CVE-2009-5047
MISC
MISC
MLIST
google -- chromeUnspecified vulnerabilities in Google Chrome before 54.0.2840.59.2019-11-2010CVE-2016-5194
CONFIRM
google -- chromeUnspecified vulnerabilities in Google Chrome before 55.0.2883.75.2019-11-2010CVE-2016-9652
CONFIRM
hhvm -- hhvm
 		hhvm before 3.12.11 has a use-after-free in the serialize_memoize_param() and ResourceBundle::__construct() functions.2019-11-197.5CVE-2016-1000006
MISC
MISC
MISC
ibm -- security_identity_manager
 		IBM Security Identity Manager 6.0.0 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 166456.2019-11-209.3CVE-2019-4561
XF
CONFIRM
iobroker -- iobroker.admin
 		iobroker.admin before 3.6.12 allows attacker to include file contents from outside the `/log/file1/` directory.2019-11-207.5CVE-2019-10765
MISC
MISC
ktsuss -- ktsussktsuss versions 1.4 and prior spawns the GTK interface to run as root. This can allow a local attacker to escalate privileges to root and use the "GTK_MODULES" environment variable to possibly execute arbitrary code.2019-11-197.2CVE-2011-2922
MISC
MISC
MISC
MISC
MISC
MISC
MISC
ktsuss -- ktsuss
 		ktsuss versions 1.4 and prior has the uid set to root and does not drop privileges prior to executing user specified commands, which can result in command execution with root privileges.2019-11-1910CVE-2011-2921
MISC
MISC
MISC
limnoria_and_supybot -- limnoria_and_supybot
 		Eval injection in the Math plugin of Limnoria (before 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands.2019-11-167.5CVE-2019-19010
MISC
MISC
FEDORA
FEDORA
FEDORA
linux -- linux_kernelMultiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering iwl_pcie_init_fw_sec() or dma_alloc_coherent() failures, aka CID-0f4f199443fa.2019-11-187.8CVE-2019-19059
MISC
linux -- linux_kernelA memory leak in the rsi_send_beacon() function in drivers/net/wireless/rsi/rsi_91x_mgmt.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering rsi_prepare_beacon() failures, aka CID-d563131ef23c.2019-11-187.8CVE-2019-19071
MISC
linux -- linux_kernelTwo memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e.2019-11-187.8CVE-2019-19057
MISC
linux -- linux_kernelA memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering alloc_page() failures, aka CID-b4b814fec1a5.2019-11-187.8CVE-2019-19058
MISC
linux -- linux_kernelA memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-96c5c6e6a5b6.2019-11-187.8CVE-2019-19072
MISC
linux -- linux_kernel

 		A memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering ca8210_get_platform_data() failures, aka CID-6402939ec86e.2019-11-187.8CVE-2019-19075
MISC
MISC
linux -- linux_kernel
 		A memory leak in the mlx5_fw_fatal_reporter_dump() function in drivers/net/ethernet/mellanox/mlx5/core/health.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mlx5_crdump_collect() failures, aka CID-c7ed6d0183d5.2019-11-187.8CVE-2019-19047
MISC
MISC
linux -- linux_kernel
 		A memory leak in the nfp_abm_u32_knode_replace() function in drivers/net/ethernet/netronome/nfp/abm/cls.c in the Linux kernel before 5.3.6 allows attackers to cause a denial of service (memory consumption), aka CID-78beef629fd9.2019-11-187.8CVE-2019-19076
MISC
MISC
linux -- linux_kernel
 		Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113.2019-11-187.8CVE-2019-19063
MISC
linux -- linux_kernel
 		A memory leak in the crypto_reportstat() function in drivers/virt/vboxguest/vboxguest_utils.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering copy_form_user() failures, aka CID-e0b0cb938864.2019-11-187.8CVE-2019-19048
MISC
MISC
linux -- linux_kernel
 		Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, the dce100_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, the dcn20_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn20/dcn20_resource.c, the dce120_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, and the dce80_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce80/dce80_resource.c, aka CID-055e547478a1.2019-11-187.8CVE-2019-19083
MISC
MISC
linux -- linux_kernel
 		A memory leak in the mlx5_fpga_conn_create_cq() function in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mlx5_vector2eqn() failures, aka CID-c8c2a057fdc7.2019-11-187.8CVE-2019-19045
MISC
MISC
linux -- linux_kernel
 		A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4.2019-11-187.8CVE-2019-19074
MISC
linux -- linux_kernel
 		A memory leak in the i40e_setup_macvlans() function in drivers/net/ethernet/intel/i40e/i40e_main.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering i40e_setup_channel() failures, aka CID-27d461333459.2019-11-187.8CVE-2019-19043
MISC
linux -- linux_kernel
 		A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_reportstat_alg() failures, aka CID-c03b04dcdba1.2019-11-187.8CVE-2019-19050
MISC
linux -- linux_kernel
 		A memory leak in the i2400m_op_rfkill_sw_toggle() function in drivers/net/wimax/i2400m/op-rfkill.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-6f3ef5c25cc7.2019-11-187.8CVE-2019-19051
MISC
MISC
linux -- linux_kernel
 		Two memory leaks in the v3d_submit_cl_ioctl() function in drivers/gpu/drm/v3d/v3d_gem.c in the Linux kernel before 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering kcalloc() or v3d_job_init() failures, aka CID-29cd13cfd762.2019-11-187.8CVE-2019-19044
MISC
MISC
linux -- linux_kernel
 		A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering rhashtable_init() failures, aka CID-34b3be18a04e.2019-11-187.8CVE-2019-19065
MISC
MISC
linux -- linux_kernel
 		A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486.2019-11-187.8CVE-2019-19052
MISC
MISC
linux -- linux_kernel
 		A memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy to udata failures, aka CID-4a9d46a9fe14.2019-11-187.8CVE-2019-19077
MISC
linux -- linux_kernel
 		A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-db8fd2cde932.2019-11-187.8CVE-2019-19056
MISC
linux -- linux_kernel
 		A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b.2019-11-187.8CVE-2019-19054
MISC
linux -- linux_kernel
 		A memory leak in the nfp_flower_spawn_vnic_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allows attackers to cause a denial of service (memory consumption), aka CID-8ce39eb5a67a.2019-11-187.8CVE-2019-19081
MISC
MISC
linux -- linux_kernel
 		A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy_from_iter_full() failures, aka CID-bbe692e349e2.2019-11-187.8CVE-2019-19053
MISC
linux -- linux_kernel
 		A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-a2cdd07488e6.2019-11-187.8CVE-2019-19068
MISC
linux -- linux_kernel
 		A memory leak in the bfad_im_get_stats() function in drivers/scsi/bfa/bfad_attr.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering bfa_port_get_stats() failures, aka CID-0e62395da2bd.2019-11-187.8CVE-2019-19066
MISC
linux -- linux_kernel
 		Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures. This affects the htc_config_pipe_credits() function, the htc_setup_complete() function, and the htc_connect_service() function, aka CID-853acf7caf10.2019-11-187.8CVE-2019-19073
MISC
linux -- linux_kernel
 		A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-9c0530e898f3.2019-11-187.8CVE-2019-19061
MISC
MISC
linux -- linux_kernel
 		A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042.2019-11-187.8CVE-2019-19062
MISC
linux -- linux_kernel
 		A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41.2019-11-187.8CVE-2019-19060
MISC
MISC
linux -- linux_kernel
 		Memory leaks in *create_resource_pool() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption). This affects the dce120_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, the dce100_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, and the dce112_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, aka CID-104c307147ad.2019-11-187.8CVE-2019-19082
MISC
linux -- linux_kernel
 		A memory leak in the ath10k_usb_hif_tx_sg() function in drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-b8d17e7d93d2.2019-11-187.8CVE-2019-19078
MISC
linux -- linux_kernel
 		A memory leak in the qrtr_tun_write_iter() function in net/qrtr/tun.c in the Linux kernel before 5.3 allows attackers to cause a denial of service (memory consumption), aka CID-a21b7f0cff19.2019-11-187.8CVE-2019-19079
MISC
MISC
linux -- linux_kernel
 		Four memory leaks in the nfp_flower_spawn_phy_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allow attackers to cause a denial of service (memory consumption), aka CID-8572cea1461a.2019-11-187.8CVE-2019-19080
MISC
MISC
linux -- linux_kernel
 		A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc/fastrpc.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering dma_get_sgtable() failures, aka CID-fc739a058d99.2019-11-187.8CVE-2019-19069
MISC
MISC
nvidia -- nvflash_and_nvuflash_tool_and_gpumodeswitch_tool
 		NVIDIA NVFlash, NVUFlash Tool prior to v5.588.0 and GPUModeSwitch Tool prior to 2019-11, NVIDIA kernel mode driver (nvflash.sys, nvflsh32.sys, and nvflsh64.sys) contains a vulnerability in which authenticated users with administrative privileges can gain access to device memory and registers of other devices not managed by NVIDIA, which may lead to escalation of privileges, information disclosure, or denial of service.2019-11-187.2CVE-2019-5688
MISC
oniguruma -- oniguruma
 		An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a denial-of-service or information disclosure, or possibly have unspecified other impact, via a crafted regular expression.2019-11-177.5CVE-2019-19012
MISC
MISC
MISC
phicomm -- k2_psg1218_routers
 		/usr/lib/lua/luci/controller/admin/autoupgrade.lua on PHICOMM K2(PSG1218) V22.5.9.163 devices allows remote authenticated users to execute any command via shell metacharacters in the cgi-bin/luci autoUpTime parameter.2019-11-189CVE-2019-19117
MISC
pimcore -- pimcore
 		Pimcore before 6.2.2 lacks an Access Denied outcome for a certain scenario of an incorrect recipient ID of a notification.2019-11-157.5CVE-2019-18981
MISC
MISC
pixie -- pixie
 		Pixie versions 1.0.x before 1.0.3, and 2.0.x before 2.0.2 allow SQL Injection in the limit() function due to improper sanitization.2019-11-197.5CVE-2019-10766
MISC
postgresql -- postgresql
 		The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified impact via unknown vectors, as demonstrated by an out-of-memory error.2019-11-207.5CVE-2015-3166
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
postgresql-common -- postgresql-common
 		The pg_ctlcluster script in postgresql-common in versions prior to 210 didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation.2019-11-207.2CVE-2019-3466
MISC
raritan -- commandcenter_secure_gateway
 		An XML external entity (XXE) vulnerability in CommandCenterWebServices/.*?wsdl in Raritan CommandCenter Secure Gateway before 8.0.0 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.2019-11-187.5CVE-2018-20687
MISC
FULLDISC
sandline -- centraleyezer
 		Sandline Centraleyezer (On Premises) allows unrestricted File Upload with a dangerous type, because the feature of adding ".jpg" to any uploaded filename is not enforced on the server side.2019-11-187.5CVE-2019-12271
MISC
MISC
smarty -- smartyThe $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smarty_internal_compile_private_special_variable.php file.2019-11-207.5CVE-2011-1028
MISC
MISC
MISC
statusnet -- statusnet
 		Unspecified vulnerability in statusnet through 2010 due to the way addslashes are used in SQL string escapes..2019-11-207.5CVE-2010-4660
MISC
MISC
symantec -- endpoint_protectionSymantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.2019-11-157.2CVE-2019-18372
MISC
symantec -- endpoint_protection
 		Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual to execute code without a resident proper digital signature.2019-11-157.2CVE-2019-12758
MISC
MISC
symantec -- endpoint_protection_manager_and_mail_security_for_ms_exchange
 		Symantec Endpoint Protection Manager (SEPM) and Symantec Mail Security for MS Exchange (SMSMSE), prior to versions 14.2 RU2 and 7.5.x respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.2019-11-157.2CVE-2019-12759
MISC
tematres -- tematres
 		TemaTres 3.0 allows remote unprivileged users to create an administrator account2019-11-157.5CVE-2019-14345
MISC
MISC
MISC
MISC
xorus -- lpar2rrd_and_stor2rrd
 		An issue was discovered in Xorux Lpar2RRD 6.11 and Stor2RRD 2.61, as distributed in Xorux 2.41. They do not correctly verify the integrity of an upgrade package before processing it. As a result, official upgrade packages can be modified to inject an arbitrary Bash script that will be executed by the underlying system. It is possible to achieve this by modifying the values in the files.SUM file (which are used for integrity control) and injecting malicious code into the upgrade.sh file.2019-11-179CVE-2019-19041
MISC
Back to top

 

Medium Vulnerabilities

Primary
Vendor -- Product		DescriptionPublishedCVSS ScoreSource & Patch Info
apache -- atlas
 		Apache Atlas versions 0.8.3 and 1.1.0 were found vulnerable to Stored Cross-Site Scripting in the search functionality2019-11-184.3CVE-2019-10070
MLIST
apache -- nifiThe XMLFileLookupService in NiFi versions 1.3.0 to 1.9.2 allowed trusted users to inadvertently configure a potentially malicious XML file. The XML file has the ability to make external calls to services (via XXE) and reveal information such as the versions of Java, Jersey, and Apache that the NiFI instance uses.2019-11-194CVE-2019-10080
CONFIRM
apache -- nifi
 		When using an authentication mechanism other than PKI, when the user clicks Log Out in NiFi versions 1.0.0 to 1.9.2, NiFi invalidates the authentication token on the client side but not on the server side. This permits the user's client-side token to be used for up to 12 hours after logging out to make API requests to NiFi.2019-11-196.5CVE-2019-12421
CONFIRM
apache -- shiro
 		Apache Shiro before 1.4.2, when using the default "remember me" configuration, cookies could be susceptible to a padding attack.2019-11-185CVE-2019-12422
MLIST
artifex -- ghostscript
 		A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges within the Ghostscript and access files outside of restricted areas or execute commands.2019-11-156.8CVE-2019-14869
SUSE
SUSE
MLIST
CONFIRM
CONFIRM
CONFIRM
FEDORA
FEDORA
FEDORA
BUGTRAQ
clamav -- clamav
 		ClamAV before 0.97.7: dbg_printhex possible information leak2019-11-155CVE-2013-7089
MISC
MISC
MISC
MISC
cobbler -- cobbler
 		cobbler: Web interface lacks CSRF protection when using Django framework2019-11-196.8CVE-2011-4952
MISC
MISC
MISC
MISC
code42 -- code42Code42 server through 7.0.2 for Windows has an Untrusted Search Path. In certain situations, a non-administrative attacker on the local server could create or modify a dynamic-link library (DLL). The Code42 service could then load it at runtime, and potentially execute arbitrary code at an elevated privilege on the local server.2019-11-196.9CVE-2019-16861
CONFIRM
MISC
code42 -- code42
 		Code42 app through version 7.0.2 for Windows has an Untrusted Search Path. In certain situations, a non-administrative attacker on the local machine could create or modify a dynamic-link library (DLL). The Code42 service could then load it at runtime, and potentially execute arbitrary code at an elevated privilege on the local machine.2019-11-196.9CVE-2019-16860
MISC
CONFIRM
comodo_security_solutions -- comodo_internet_security
 		An issue was discovered in signmgr.dll 6.5.0.819 in Comodo Internet Security through 12.0. A DLL Preloading vulnerability allows an attacker to implant an unsigned DLL named iLog.dll in a partially unprotected product directory. This DLL is then loaded into a high-privileged service before the binary signature validation logic is loaded, and might bypass some of the self-defense mechanisms.2019-11-184.4CVE-2019-18215
MISC
MISC
MISC
dolibarr -- dolibarrCross-site Scripting (XSS) in Dolibarr ERP/CRM 3.3.1 allows remote attackers to inject arbitrary web script or HTML in functions.lib.php.2019-11-204.3CVE-2013-2092
MISC
CONFIRM
MISC
f5 -- big-ip
 		On BIG-IP 13.1.0-13.1.1.4, sensitive information is logged into the local log files and/or remote logging targets when restjavad processes an invalid request. Users with access to the log files would be able to view that data.2019-11-154CVE-2019-6662
MISC
f5 -- big-ip
 		On version 14.0.0-14.1.0.1, BIG-IP virtual servers with TLSv1.3 enabled may experience a denial of service due to undisclosed incoming messages.2019-11-155CVE-2019-6659
MISC
f5 -- big-ip
 		On BIG-IP 15.0.0 and 14.1.0-14.1.0.6, under certain conditions, network protections on the management port do not follow current best practices.2019-11-155CVE-2019-6664
MISC
f5 -- big-ip
 		On BIG-IP 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.1, undisclosed HTTP requests may consume excessive amounts of systems resources which may lead to a denial of service.2019-11-155CVE-2019-6660
MISC
f5 -- big-ip_and_iworkflow_and_enterprise_manager
 		The BIG-IP 15.0.0-15.0.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5.1, BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1 configuration utility is vulnerable to Anti DNS Pinning (DNS Rebinding) attack.2019-11-154.3CVE-2019-6663
MISC
f5 -- big-ip_apmWhen the BIG-IP APM 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.4.1, or 11.5.1-11.6.5 system processes certain requests, the APD/APMD daemon may consume excessive resources.2019-11-155CVE-2019-6661
MISC
falconpl -- falconpl
 		Falconpl before 0.9.6.9-git20120606 misuses the libcurl API which may allow remote attackers to interfere with security checks.2019-11-195CVE-2012-6070
MISC
MISC
MISC
MISC
firegpg -- iceweasel-firegpg
 		A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling.2019-11-184.6CVE-2008-7273
MISC
MISC
MISC
footy_tipping_software -- afl_web_edition
 		Footy Tipping Software AFL Web Edition 2019 allows XSS.2019-11-184.3CVE-2019-17057
MISC
footy_tipping_software -- afl_web_edition
 		Footy Tipping Software AFL Web Edition 2019 allows arbitrary file upload and resultant remote code execution because a whitelist can be bypassed by an Administrator who uploads a crafted upload.dat file.2019-11-186.5CVE-2019-17058
MISC
fortiguard -- fortios_and_forticlient_for_windows_and_forticlient_for_macUse of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge of the key to eavesdrop on and modify information (URL/SPAM services in FortiOS 5.6, and URL/SPAM/AV services in FortiOS 6.0.; URL rating in FortiClient) sent and received from Fortiguard severs by decrypting these messages.2019-11-214.3CVE-2018-9195
CONFIRM
gael -- q-pulseCross-site scripting (XSS) vulnerability in ui/common/managedlistdialog.aspx in Gael Q-Pulse 0.6 and earlier.2019-11-224.3CVE-2014-1238
MISC
gamera_project -- gamera
 		Gamera before 3.4.1 insecurely creates temporary files.2019-11-215CVE-2014-1937
MISC
MISC
MISC
gnu -- serveez
 		GNU Serveez through 0.2.2 has an Information Leak. An attacker may send an HTTP POST request to the /cgi-bin/reader URI. The attacker must include a Content-length header with a large positive value that, when represented in 32 bit binary, evaluates to a negative number. The problem exists in the http_cgi_write function under http-cgi.c; however, exploitation might show svz_envblock_add in libserveez/passthrough.c as the location of the heap-based buffer over-read.2019-11-205CVE-2019-16200
MISC
gnupg_project -- gnupg
 		The keyring DB in GnuPG before 2.1.2 does not properly handle invalid packets, which allows remote attackers to cause a denial of service (invalid read and use-after-free) via a crafted keyring file.2019-11-204.3CVE-2015-1606
MISC
MISC
MISC
MISC
MISC
MISC
gnupg_project -- gnupg
 		kbx/keybox-search.c in GnuPG before 1.4.19, 2.0.x before 2.0.27, and 2.1.x before 2.1.2 does not properly handle bitwise left-shifts, which allows remote attackers to cause a denial of service (invalid read operation) via a crafted keyring file, related to sign extensions and "memcpy with overlapping ranges."2019-11-204.3CVE-2015-1607
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
horms_solutions -- perdition
 		Perdition before 2.2 may have weak security when handling outbound connections, caused by an error in the STARTTLS IMAP and POP server. ssl_outgoing_ciphers not being applied to STARTTLS connections2019-11-154.3CVE-2013-4584
MISC
MISC
MISC
MISC
MISC
ibm -- maximo_asset_management
 		IBM Maximo Asset Management 7.6, 7.6.1, and 7.6.1.1 could allow an authenticated user to delete a record that they should not normally be able to. IBM X-Force ID: 165586.2019-11-205.5CVE-2019-4530
XF
CONFIRM
ibm -- smartcloud_analyticsIBM SmartCloud Analytics 1.3.1 through 1.3.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 159186.2019-11-224.3CVE-2019-4215
XF
CONFIRM
ibm -- smartcloud_analytics
 		IBM SmartCloud Analytics 1.3.1 through 1.3.5 does not set the secure attribute on authorization tokens or session cookies. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 159185.2019-11-224.3CVE-2019-4214
XF
CONFIRM
ibm -- smartcloud_analytics
 		IBM SmartCloud Analytics 1.3.1 through 1.3.5 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. IBM X-Force ID: 159187.2019-11-224.9CVE-2019-4216
XF
CONFIRM
iterm2 -- iterm2
 		iTerm2 through 3.3.6 has potentially insufficient documentation about the presence of search history in com.googlecode.iterm2.plist, which might allow remote attackers to obtain sensitive information, as demonstrated by searching for the NoSyncSearchHistory string in .plist files within public Git repositories.2019-11-175CVE-2019-19022
MISC
jenkins -- jenkinsJenkins main before 1.482 and LTS before 1.466.2 allows remote attackers with read access and HTTP access to Jenkins master to insert data and execute arbitrary code.2019-11-186.5CVE-2012-4438
MISC
CONFIRM
MISC
MISC
jenkins -- jenkinsCross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML in the CI game plugin.2019-11-184.3CVE-2012-4441
MISC
MISC
MISC
jenkins -- jenkinsMissing permission checks in various API endpoints in Jenkins Google Compute Engine Plugin 4.1.1 and earlier allow attackers with Overall/Read permission to obtain limited information about the plugin configuration and environment.2019-11-214CVE-2019-16547
MLIST
CONFIRM
jenkins -- jenkins
 		Jenkins QMetry for JIRA - Test Management Plugin 1.12 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.2019-11-214CVE-2019-16544
MLIST
CONFIRM
jenkins -- jenkins
 		Jenkins QMetry for JIRA - Test Management Plugin transmits credentials in its configuration in plain text as part of job configuration forms, potentially resulting in their exposure.2019-11-214CVE-2019-16545
MLIST
CONFIRM
jenkins -- jenkins
 		A cross-site request forgery vulnerability in Jenkins Google Compute Engine Plugin 4.1.1 and earlier in ComputeEngineCloud#doProvision could be used to provision new agents.2019-11-216.8CVE-2019-16548
MLIST
CONFIRM
jenkins -- jenkins
 		A path traversal vulnerability in Jenkins Support Core Plugin 2.63 and earlier allows attackers with Overall/Read permission to delete arbitrary files on the Jenkins master.2019-11-215.5CVE-2019-16540
MLIST
CONFIRM
jenkins -- jenkins
 		A missing permission check in Jenkins Support Core Plugin 2.63 and earlier allows attackers with Overall/Read permission to delete support bundles.2019-11-215.5CVE-2019-16539
MLIST
CONFIRM
jenkins -- jenkins
 		Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML in the Violations plugin.2019-11-184.3CVE-2012-4440
MISC
MISC
MISC
jenkins -- jenkins
 		Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL that points to Jenkins.2019-11-184.3CVE-2012-4439
MISC
CONFIRM
MISC
MISC
jenkins -- jenkins
 		Jenkins Google Compute Engine Plugin 4.1.1 and earlier does not verify SSH host keys when connecting agents created by the plugin, enabling man-in-the-middle attacks.2019-11-214.3CVE-2019-16546
MLIST
CONFIRM
jhead_project -- jheadjhead 3.03 is affected by: heap-based buffer over-read. The impact is: Denial of service. The component is: ReadJpegSections and process_SOFn in jpgfile.c. The attack vector is: Open a specially crafted JPEG file.2019-11-174.3CVE-2019-19035
MISC
kairosdb -- kairosdb
 		KairosDB through 1.2.2 has XSS in view.html because of showErrorMessage in js/graph.js, as demonstrated by view.html?q= with a '"sampling":{"value":"<script>' substring.2019-11-174.3CVE-2019-19040
MISC
lenovo -- customer_engagement_service
 		A potential vulnerability in the discontinued Customer Engagement Service (CCSDK) software version 2.0.21.1 may allow local privilege escalation.2019-11-204.6CVE-2019-6184
MISC
lenovo -- lenovopaper
 		A potential vulnerability in the discontinued LenovoPaper software version 1.0.0.22 may allow local privilege escalation.2019-11-204.6CVE-2019-6191
MISC
lenovo -- system_interface_foundation
 		A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an administrative user to load an unsigned DLL.2019-11-204.4CVE-2019-6189
MISC
lenovo -- system_interface_foundation
 		A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an authenticated user to execute code as another user.2019-11-206.5CVE-2019-6186
MISC
lenovo -- thinkpadA potential vulnerability reported in ThinkPad USB-C Dock Firmware version 3.7.2 may allow a denial of service.2019-11-205CVE-2019-6176
MISC
lenovo -- xclarity_controller
 		A stored CSV Injection vulnerability was reported in Lenovo XClarity Controller (XCC) that could allow an administrative or other appropriately permissioned user to store malformed data in certain XCC server informational fields, that could result in crafted formulas being stored in an exported CSV file. The crafted formula is not executed on XCC itself and has no effect on the server.2019-11-204CVE-2019-6187
MISC
linux -- linux_kernel
 		ext4_empty_dir in fs/ext4/namei.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because ext4_read_dirblock(inode,0,DIRENT_HTREE) can be zero.2019-11-214.3CVE-2019-19037
MISC
linux -- linux_kernel
 		btrfs_root_node in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because rcu_dereference(root->node) can be zero.2019-11-214.3CVE-2019-19036
MISC
ltworf -- weborf
 		Weborf before 0.12.5 is affected by a Denial of Service (DOS) due to malformed fields in HTTP.2019-11-205CVE-2011-0529
MISC
MISC
mailbird -- mailbirdMultiple cross-site scripting (XSS) vulnerabilities in Mailbird before 2.7.5.0 r allow remote attackers to execute arbitrary JavaScript in a privileged context via a crafted HTML mail message. This vulnerability is distinct from CVE-2015-4657.2019-11-184.3CVE-2019-15054
MISC
CONFIRM
mediawiki -- mediawiki
 		MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information.2019-11-205CVE-2013-1817
MISC
MISC
MISC
MISC
MISC
MISC
mediawiki -- mediawiki
 		MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request.2019-11-205CVE-2013-1816
MISC
MISC
BID
MISC
MISC
MISC
mediawiki -- mediawiki
 		An issue was discovered in the AbuseFilter extension through 1.34 for MediaWiki. Once a specific abuse filter has (accidentally or otherwise) been made public, its previous versions can be exposed, thus potentially disclosing private or sensitive information within the filter's definition.2019-11-155CVE-2019-18987
MISC
MISC
MISC
micro_focus -- operations_agentXXE attack vulnerability on Micro Focus Operations Agent, affected version 12.0, 12.01, 12.02, 12.03, 12.04, 12.05, 12.06, 12.10, 12.11. The vulnerability could be exploited to do an XXE attack on Operations Agent.2019-11-184CVE-2019-17085
CONFIRM

miniupnp -- ngiflib

MiniUPnP ngiflib 0.4 has a NULL pointer dereference in GifIndexToTrueColor in ngiflib.c via a file that lacks a palette.2019-11-175CVE-2019-19011
MISC
mono -- mono
 		mono 2.10.x ASP.NET Web Form Hash collision DoS2019-11-215CVE-2012-3543
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
mpack -- mpack
 		mpack 1.6 has information disclosure via eavesdropping on mails sent by other users2019-11-195CVE-2011-4919
MISC
MISC
MISC
norton -- app_lockNorton App Lock, prior to 1.4.0.503, may be susceptible to a bypass exploit. In this type of circumstance, the exploit can allow the user to circumvent the app to prevent it from locking other apps on the device, thereby allowing the individual to gain access.2019-11-184.4CVE-2019-18373
CONFIRM
nss -- nss
 		Null pointer dereference vulnerability exists in K11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime in NSS before 3.26, which causes the TLS/SSL server using NSS to crash.2019-11-155CVE-2016-5285
MISC
MISC
MISC
MISC
MISC
MISC
MISC
octopus_deploy -- octopus_deployIn Octopus Deploy 3.3.0 through 2019.10.4, an authenticated user with PackagePush permission to upload packages could upload a maliciously crafted package, triggering an exception that exposes underlying operating system details.2019-11-184CVE-2019-19084
MISC
openfind -- mail2000
 		The "/cgi-bin/go" page in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code via ACTION parameter without authentication. The code can executed for any user accessing the page. This vulnerability affects many mail system of governments, organizations, companies and universities.2019-11-204.3CVE-2019-15071
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
MISC
CONFIRM
CONFIRM
openfind -- mail2000
 		An Open Redirect vulnerability for all browsers in MAIL2000 through version 6.0 and 7.0, which will redirect to a malicious site without authentication. This vulnerability affects many mail system of governments, organizations, companies and universities.2019-11-205.8CVE-2019-15073
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
openfind -- mail2000
 		The login feature in "/cgi-bin/portal" in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code via any parameter. This vulnerability affects many mail system of governments, organizations, companies and universities.2019-11-204.3CVE-2019-15072
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
openwrt_project -- openwrtAn exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1. When connecting to a remote server, the server's SSL certificate is checked but no action is taken when the certificate is invalid. An attacker could exploit this behavior by performing a man-in-the-middle attack, providing any certificate, leading to the theft of all the data sent by the client during the first request.2019-11-184.3CVE-2019-5102
MISC
openwrt_project -- openwrt
 		An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1. When connecting to a remote server, the server's SSL certificate is checked but no action is taken when the certificate is invalid. An attacker could exploit this behavior by performing a man-in-the-middle attack, providing any certificate, leading to the theft of all the data sent by the client during the first request. After an SSL connection is initialized via _ustream_ssl_init, and after any data (e.g. the client's HTTP request) is written to the stream using ustream_printf, the code eventually enters the function __ustream_ssl_poll, which is used to dispatch the read/write events2019-11-184.3CVE-2019-5101
MISC
org.codehaus.jackson -- jackson-mapper-asl
 		A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but in different classes.2019-11-185CVE-2019-10172
CONFIRM
pam_shield -- pam_shield
 		pam_shield before 0.9.4: Default configuration does not perform protective action2019-11-215CVE-2012-2350
MISC
MISC
MISC
phusion -- passenger
 		RubyGems passenger 4.0.0 betas 1 and 2 allows remote attackers to delete arbitrary files during the startup process.2019-11-196.4CVE-2012-6135
MISC
CONFIRM
MISC
MISC
BID
pimcore -- pimcorepimcore/pimcore before 6.3.0 is vulnerable to SQL Injection. An attacker with limited privileges (classes permission) can achieve a SQL injection that can lead in data leakage. The vulnerability can be exploited via 'id', 'storeId', 'pageSize' and 'tables' parameters, using a payload for trigger a time based or error based sql injection.2019-11-184CVE-2019-10763
MISC
pimcore -- pimcorebundles/AdminBundle/Controller/Admin/EmailController.php in Pimcore before 6.3.0 allows script execution in the Email Log preview window because of the lack of a Content-Security-Policy header.2019-11-154.3CVE-2019-18982
MISC
MISC
pimcore -- pimcorePimcore before 6.2.2 lacks brute force protection for the 2FA token.2019-11-155CVE-2019-18985
MISC
MISC
pimcore -- pimcore
 		Pimcore before 6.2.2 allow attackers to brute-force (guess) valid usernames by using the 'forgot password' functionality as it returns distinct messages for invalid password and non-existing users.2019-11-155CVE-2019-18986
MISC
MISC
piwik -- piwikCross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This is a different vulnerability than CVE-2013-0193 and CVE-2013-0195.2019-11-204.3CVE-2013-0194
MISC
CONFIRM
MISC
piwik -- piwik
 		Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This is a different vulnerability than CVE-2013-0194 and CVE-2013-0195.2019-11-204.3CVE-2013-0193
MISC
CONFIRM
MISC
piwik -- piwik
 		Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This is a different vulnerability than CVE-2013-0193 and CVE-2013-0194.2019-11-204.3CVE-2013-0195
MISC
CONFIRM
MISC
postgresql -- postgresql
 		contrib/pgcrypto in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 uses different error responses when an incorrect key is used, which makes it easier for attackers to obtain the key via a brute force attack.2019-11-205CVE-2015-3167
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
qualcomm -- multiple_productsBuffer over-read can occur in fast message handler due to improper input validation while processing a message from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8096AU, MSM8996AU, MSM8998, QCN7605, QCS405, QCS605, SDA660, SDM636, SDM660, SDX20, SDX242019-11-214.6CVE-2019-10563
CONFIRM
qualcomm -- multiple_products
 		Buffer overflow can occur in wlan module if supported rates or extended rates element length is greater than max rate set length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8996AU, Nicobar, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA845, SDM670, SDM710, SDM845, SDX20, SM6150, SM8150, SM8250, SXR21302019-11-214.6CVE-2019-10566
CONFIRM
red_hat -- openshift
 		OpenShift: Install script has temporary file creation vulnerability which can result in arbitrary code execution2019-11-154.6CVE-2014-0023
MISC
MISC
redmine -- redmine
 		A SQL injection vulnerability in Redmine through 3.2.9 and 3.3.x before 3.3.10 allows Redmine users to access protected information via a crafted object query.2019-11-214CVE-2019-18890
MISC
MISC
MISC
sandline -- centraleyezerSandline Centraleyezer (On Premises) allows Unrestricted File Upload leading to Stored XSS. An HTML page running a script could be uploaded to the server. When a victim tries to download a CISO Report template, the script is loaded.2019-11-184.3CVE-2019-12311
MISC
MISC
sandline -- centraleyezerSandline Centraleyezer (On Premises) allows Stored XSS using HTML entities in the name field of the Category section.2019-11-184.3CVE-2019-12299
MISC
MISC
schneider_electric -- modicon_controllers
 		A CWE-200: Information Exposure vulnerability exists in Modicon Controllers (M340 CPUs, M340 communication modules, Premium CPUs, Premium communication modules, Quantum CPUs, Quantum communication modules - see security notification for specific versions), which could cause the disclosure of FTP hardcoded credentials when using the Web server of the controller on an unsecure network.2019-11-205CVE-2019-6852
CONFIRM
MISC
simpleledger -- slp-validate
 		A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the slp-validate@1.0.0 npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. All versions >1.0.0 have been patched.2019-11-154.9CVE-2019-16761
MISC
CONFIRM
simpleledger -- slpjs
 		A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the slpjs npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. Affected users can upgrade to any version >= 0.21.4.2019-11-154.9CVE-2019-16762
MISC
CONFIRM
simplito -- elliptic-php
 		In elliptic-php versions priot to 1.0.6, Timing attacks might be possible which can result in practical recovery of the long-term private key generated by the library under certain conditions. Leakage of a bit-length of the scalar during scalar multiplication is possible on an elliptic curve which might allow practical recovery of the long-term private key.2019-11-185.8CVE-2019-10764
MISC
MISC
statusnet -- statusnet
 		Cross-site scripting (XSS) vulnerability in statusnet through 2010 in error message contents.2019-11-204.3CVE-2010-4659
MISC
MISC
MISC
symantec -- endpoint_protection_manager
 		Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU1, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.2019-11-154.6CVE-2018-18368
MISC
tematres -- tematres
 		TemaTres 3.0 has stored XSS via the value parameter to the vocab/admin.php?vocabulario_id=list URI.2019-11-154.3CVE-2019-14343
MISC
MISC
MISC
MISC
MISC
tiki_wiki -- cms_groupwareMultiple cross-site scripting vulnerabilities in Tiki 7.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the path info to (1) tiki-admin_system.php, (2) tiki-pagehistory.php, (3) tiki-removepage.php, or (4) tiki-rename_page.php.2019-11-204.3CVE-2011-4455
MISC
tiki_wiki -- cms_groupwareMultiple cross-site scripting vulnerabilities in Tiki 8.0 RC1 and earlier allow remote attackers to inject arbitrary web script or HTML via the path info to (1) tiki-remind_password.php, (2) tiki-index.php, (3) tiki-login_scr.php, or (4) tiki-index.2019-11-204.3CVE-2011-4454
MISC
tog-pegasus -- tog-pegasus
 		tog-Pegasus has a package hash collision DoS vulnerability2019-11-195CVE-2011-4967
MISC
MISC
MISC
MISC
MISC
tryton -- trytond
 		trytond 2.4: ModelView.button fails to validate authorization2019-11-215CVE-2012-2238
MISC
MISC
MISC
MISC
MISC
tuned -- tuned
 		tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitrary processes.2019-11-204.9CVE-2012-6136
CONFIRM
MISC
vmware -- workstation_and_fusion
 		VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain a denial-of-service vulnerability in the RPC handler. Successful exploitation of this issue may allow attackers with normal user privileges to create a denial-of-service condition on their own VM.2019-11-204CVE-2019-5542
CONFIRM
wordpress -- wordpress
 		The Social Photo Gallery plugin 1.0 for WordPress allows Remote Code Execution by creating an album and attaching a malicious PHP file in the cover photo album, because the file extension is not checked.2019-11-184.6CVE-2019-14467
MISC
FULLDISC
MISC
MISC
zte -- c520v21_smart_camera_devicesauthentication issues vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can automatically obtain access to web services from the authorized browser of the same computer and perform operations.2019-11-186.4CVE-2019-3424
CONFIRM
zte -- c520v21_smart_camera_devices
 		permission and access control vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can construct a URL for directory traversal and access to other unauthorized files or resources.2019-11-185CVE-2019-3423
CONFIRM
Back to top

 

Low Vulnerabilities

Primary
Vendor -- Product		DescriptionPublishedCVSS ScoreSource & Patch Info
ibm -- smartcloud_analyticsIBM SmartCloud Analytics 1.3.1 through 1.3.5 allows unauthorized disclosure of information like accessing solrconfig.xml and could allow an attacker to perform disruptive administrator tasks. IBM X-Force ID: 159517.2019-11-223.6CVE-2019-4243
XF
CONFIRM
linux -- linux_kernel__btrfs_free_extent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfs_print_leaf in a certain ENOENT case, which allows local users to obtain potentially sensitive information about register values via the dmesg program.2019-11-211.9CVE-2019-19039
MISC
node-cookie-signature -- node-cookie-signatureNode-cookie-signature before 1.0.6 is affected by a timing attack due to the type of comparison used.2019-11-193.5CVE-2016-1000236
MISC
MISC
MISC
MISC
MISC
MISC
octopus_deploy -- octopus_serverA persistent cross-site scripting (XSS) vulnerability in Octopus Server 3.4.0 through 2019.10.5 allows remote authenticated attackers to inject arbitrary web script or HTML.2019-11-183.5CVE-2019-19085
MISC
pidgin -- pidginPidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain sensitive information via a dbus session monitor.2019-11-202.1CVE-2012-1257
MISC
MISC
python_rply -- python_rplypython-rply before 0.7.4 insecurely creates temporary files.2019-11-212.1
MISC
MISC
MISC
qtnx -- qtnxqtnx 0.9 stores non-custom SSH keys in a world-readable configuration file. If a user has a world-readable or world-executable home directory, another local system user could obtain the private key used to connect to remote NX sessions.2019-11-152.1CVE-2011-2916
MISC
MISC
MISC
suckless -- surfsurf: cookie jar has read access from other local user2019-11-192.1CVE-2012-0842
MISC
MISC
MISC
MISC
MISC
MISC
MISC
symantec -- endpoint_protectionSymantec Endpoint Protection (SEP), prior to 14.2 RU2 may be susceptible to a password protection bypass vulnerability whereby the secondary layer of password protection could by bypassed for individuals with local administrator rights.2019-11-152.1CVE-2019-12756
MISC
trusted_boot_project -- trusted_bootA Security Bypass Vulnerability exists in TBOOT before 1.8.2 in the boot loader module when measuring commandline parameters.2019-11-182.1CVE-2014-5118
MISC
MISC
MISC
MISC
uzbl -- uzbluzbl: Information disclosure via world-readable cookies storage file2019-11-192.1CVE-2012-0843
MISC
MISC
MISC
MISC
MISC

zikula_software_foundation -- zikula_application_framework

Zikula 1.3.0 build #3168 and probably prior has XSS flaw due to improper sanitization of the 'themename' parameter by setting default, modifying and deleting themes. A remote attacker with Zikula administrator privilege could use this flaw to execute arbitrary HTML or web script code in the context of the affected website.2019-11-193.5CVE-2011-3352
MISC
MISC
MISC
Back to top

 

Severity Not Yet Assigned

Primary
Vendor -- Product		DescriptionPublishedCVSS ScoreSource & Patch Info
9base -- 9base9base 1:6-6 and 1:6-7 insecurely creates temporary files which results in predictable filenames.2019-11-21not yet calculatedCVE-2014-1935
MISC
MISC
MISC
ace -- acegenerate_doygen.pl in ace before 6.2.7+dfsg-2 creates predictable file names in the /tmp directory which allows attackers to gain elevated privileges.2019-11-22not yet calculatedCVE-2014-6311
MISC
MISC
MISC
MISC
angularjs -- angularjsIn AngularJS before 1.7.9 the function `merge()` could be tricked into adding or modifying properties of `Object.prototype` using a `__proto__` payload.2019-11-19not yet calculatedCVE-2019-10768
MISC
apache -- nifiWhen updating a Process Group via the API in NiFi versions 1.3.0 to 1.9.2, the response to the request includes all of its contents (at the top most level, not recursively). The response included details about processors and controller services which the user may not have had read access to.2019-11-19not yet calculatedCVE-2019-10083
CONFIRM
apple -- iphone_3gsApple iPhone 3GS bootrom malloc implementation returns a non-NULL pointer when unable to allocate memory, aka 'alloc8'. An attacker with physical access to the device can install arbitrary firmware.2019-11-22not yet calculatedCVE-2019-9536
MISC
MISC
asus -- rt-ac66u_firmwareStack-based buffer overflow in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to execute arbitrary code by providing a long string to the blocking.asp page via a GET or POST request. Vulnerable parameters are flag, mac, and cat_id.2019-11-21not yet calculatedCVE-2018-8879
MISC
MISC
beckhoff -- twincat_runtimeWhen Beckhoff TwinCAT is configured to use the Profinet driver, a denial of service of the controller could be reached by sending a malformed UDP packet to the device.2019-11-21not yet calculatedCVE-2019-5637
MISC
CONFIRM
beckhoff -- twincat_runtimeWhen a Beckhoff TwinCAT Runtime receives a malformed UDP packet, the ADS Discovery Service shuts down. Note that the TwinCAT devices are still performing as normal.2019-11-21not yet calculatedCVE-2019-5636
MISC
CONFIRM
belkin -- linksys_velop_devicesBelkin Linksys Velop 1.1.8.192419 devices allows remote attackers to discover the recovery key via a direct request for the /sysinfo_json.cgi URI.2019-11-21not yet calculatedCVE-2019-16340
MISC
MISC
MISC
blackboard -- blackboard_learnThe bb-auth-provider-cas authentication module within Blackboard Learn 2018-07-02 is susceptible to HTTP host header spoofing during Central Authentication Service (CAS) service ticket validation, enabling a phishing attack from the CAS server login page.2019-11-18not yet calculatedCVE-2018-13257
MISC
centreon -- webCentreon Web 19.04.4 has weak permissions within the OVA (aka VMware virtual machine) and OVF (aka VirtualBox virtual machine) files, allowing attackers to gain privileges via a Trojan horse Centreon-autodisco executable file that is launched by cron.2019-11-21not yet calculatedCVE-2019-16406
MISC
MISC
centreon -- webCentreon Web 19.04.4 allows Remote Code Execution by an administrator who can modify Macro Expression location settings.2019-11-21not yet calculatedCVE-2019-16405
MISC
MISC
MISC
chyrp -- chyrpMultiple cross-site scripting (XSS) vulnerabilities in Chyrp before 2.1.2 and before 2.5 Beta 2 allow remote attackers to inject arbitrary web script or HTML via the (1) content parameter to includes/ajax.php or (2) body parameter to includes/error.php.2019-11-21not yet calculatedCVE-2012-1001
MISC
MISC
MISC
MISC
MISC
MISC
cloud_foundry_foundation -- cloud_foundry_routingCloud Foundry Routing, all versions before 0.193.0, does not properly validate nonce input. A remote unauthorized malicious user could forge a route service request using an invalid nonce that will cause the Gorouter to crash.2019-11-19not yet calculatedCVE-2019-11289
CONFIRM
cog -- galaxy_client_serviceAn exploitable local privilege escalation vulnerability exists in the GalaxyClientService installed by GOG Galaxy. Due to Improper Access Control, an attacker can send unauthenticated local TCP packets to the service to gain SYSTEM privileges in Windows system where GOG Galaxy software is installed. All GOG Galaxy versions before 1.2.60 and all corresponding versions of GOG Galaxy 2.0 Beta are affected.2019-11-21not yet calculatedCVE-2019-15511
MISC
MISC
cumin -- cumincumin: At installation postgresql database user created without password2019-11-21not yet calculatedCVE-2012-3460
MISC
MISC
d-link -- dsl-6740u_gatewayMultiple cross-site request forgery (CSRF) vulnerabilities in the D-Link DSL-6740U gateway (Rev. H1) allow remote attackers to hijack the authentication of administrators for requests that change administrator credentials or enable remote management services to (1) Custom Services in Port Forwarding, (2) Port Triggering Entries, (3) URL Filters in Parental Control, (4) Print Server settings, (5) QoS Queue Setup, or (6) QoS Classification Entries.2019-11-22not yet calculatedCVE-2013-6811
MISC
MISC
drupal -- drupalA cross-site request forgery (CSRF) vulnerability in the Activity module 6.x-1.x for Drupal.2019-11-22not yet calculatedCVE-2012-2079
MISC
MISC
drupal -- drupalCross-site scripting vulnerability (XSS) in the Quick Tabs module 6.x-2.x before 6.x-2.1, 6.x-3.x before 6.x-3.1, and 7.x-3.x before 7.x-3.3 for Drupal.2019-11-21not yet calculatedCVE-2012-1637
MISC
MISC
drupal -- drupalCross-site scripting (XSS) vulnerability in the Activity module 6.x-1.x for Drupal.2019-11-21not yet calculatedCVE-2012-2078
MISC
MISC
e-deploy -- e-deployeDeploy through at least 2014-10-14 has remote code execution due to eval() of untrusted data2019-11-21not yet calculatedCVE-2014-3700
MISC
MISC
embedthis -- goaheadEmbedthis GoAhead before 5.0.1 mishandles redirected HTTP requests with a large Host header. The GoAhead WebsRedirect uses a static host buffer that has a limited length and can overflow. This can cause a copy of the Host header to fail, leaving that buffer uninitialized, which may leak uninitialized data in a response.2019-11-22not yet calculatedCVE-2019-19240
MISC
MISC
MISC
eracent -- epa_agentAn issue was discovered in Eracent EPA Agent through 10.2.26. The agent executable, when installed for non-root operations (scanning), can be used to start external programs with elevated permissions because of an Untrusted Search Path.2019-11-22not yet calculatedCVE-2019-17446
CONFIRM
eracent -- multiple_linux_agentsAn issue was discovered in Eracent EDA, EPA, EPM, EUA, FLW, and SUM Agent through 10.2.26. The agent executable, when installed for non-root operations (scanning), can be forced to copy files from the filesystem to other locations via Symbolic Link Following.2019-11-22not yet calculatedCVE-2019-17445
CONFIRM
exis-ti -- contexisCross-site scripting (XSS) vulnerability in the photo gallery model in Exis Contexis before 2.0 allows remote attackers to inject arbitrary web script or HTML via the image parameter in a detail action.2019-11-22not yet calculatedCVE-2013-6239
MISC
MISC
MISC
flashcanvas -- flashcanvasOpen redirect in proxy.php in FlashCanvas before 1.6 allows remote attackers to redirect users to arbitrary web sites and conduct cross-site scripting (XSS) attacks via the HTTP Referer header.2019-11-22not yet calculatedCVE-2013-6880
MISC
MISC
MISC
MISC
fortinet -- forticlient_for_macAn Improper Neutralization of Special Elements used in a Command vulnerability in one of FortiClient for Mac OS root processes, may allow a local user of the system on which FortiClient is running to execute unauthorized code as root by bypassing a security check.2019-11-21not yet calculatedCVE-2019-17650
CONFIRM
fortinet -- forticlient_for_macA clear text storage of sensitive information vulnerability in FortiClient for Mac may allow a local attacker to read sensitive information logged in the console window when the user connects to an SSL VPN Gateway.2019-11-21not yet calculatedCVE-2019-15704
CONFIRM
fortinet -- fortiosUse of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key. The aforementioned sensitive data includes users' passwords (except the administrator's password), private keys' passphrases and High Availability password (when set).2019-11-21not yet calculatedCVE-2019-6693
CONFIRM
gitlab -- gitlabGitLab 12.2.3 contains a security vulnerability that allows a user to affect the availability of the service through a Denial of Service attack in Issue Comments.2019-11-22not yet calculatedCVE-2019-15593
MISC
gnu -- c_libraryOn the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.2019-11-19not yet calculatedCVE-2019-19126
MISC
gnu -- gnusoundgnusound 0.7.5 has format string issue2019-11-19not yet calculatedCVE-2012-0824
MISC
MISC
MISC
MISC
hotkeyp -- hotkeypHotkeyP through 4.9 r96 allows privilege escalation in the privilege function in Commands.cpp.2019-11-21not yet calculatedCVE-2019-18349
MISC
MISC
MISC
hp -- thinproThe VPN software within HP ThinPro does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with root privileges.2019-11-22not yet calculatedCVE-2019-18909
CONFIRM
hp -- thinproThe Citrix Receiver wrapper function does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with local user privileges.2019-11-22not yet calculatedCVE-2019-18910
CONFIRM
hp -- thinproAn attacker may be able to bypass the OS application filter meant to restrict applications that can be executed by changing browser preferences to launch a separate process that in turn can execute arbitrary commands.2019-11-22not yet calculatedCVE-2019-16286
CONFIRM
hp -- thinproAn attacker may be able to leverage the application filter bypass vulnerability to gain privileged access to create a file on the local file system whose presence puts the device in Administrative Mode, which will allow the attacker to executed commands with elevated privileges.2019-11-22not yet calculatedCVE-2019-16287
CONFIRM
hp -- thinproIf a local user has been configured and logged in, an unauthenticated attacker with physical access may be able to extract sensitive information onto a local drive.2019-11-22not yet calculatedCVE-2019-16285
CONFIRM
ibm -- tivoli_netcool_impactIBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.16 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 166719.2019-11-22not yet calculatedCVE-2019-4569
XF
CONFIRM
ibm -- tivoli_netcool_impactIBM Tivoli Netcool Impact 7.1.0 through 7.1.0.16 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 166720.2019-11-22not yet calculatedCVE-2019-4570
XF
CONFIRM
ikiwiki -- ikiwikiCross-site scripting (XSS) vulnerability in templates/openid-selector.tmpl in ikiwiki before 3.20150329 allows remote attackers to inject arbitrary web script or HTML via the openid_identifier parameter in a verify action to ikiwiki.cgi.2019-11-21not yet calculatedCVE-2015-2793
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
iobroker -- iobroker.js-controllerAn attacker can include file contents from outside the `/adapter/xxx/` directory, where `xxx` is the name of an existent adapter like "admin". It is exploited using the administrative web panel with a request for an adapter file. **Note:** The attacker has to be logged in if the authentication is enabled (by default isn't enabled).2019-11-21not yet calculatedCVE-2019-10767
MISC
jalios -- jcmsJalios JCMS 10 allows attackers to access any part of the website and the WebDAV server with administrative privileges via a backdoor account, by using any username and the hardcoded dev password.2019-11-21not yet calculatedCVE-2019-19033
MISC
MISC
MISC
jenkins -- jenkinsJenkins Anchore Container Image Scanner Plugin 1.0.19 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.2019-11-21not yet calculatedCVE-2019-16542
MLIST
CONFIRM
jenkins -- jenkinsJenkins Spira Importer Plugin 3.2.2 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.2019-11-21not yet calculatedCVE-2019-16543
MLIST
CONFIRM
jenkins -- jenkinsJenkins JIRA Plugin 3.0.10 and earlier does not declare the correct (folder) scope for per-folder Jira site definitions, allowing users to select and use credentials with System scope.2019-11-21not yet calculatedCVE-2019-16541
MLIST
CONFIRM
jenkins -- jenkinsA sandbox bypass vulnerability in Jenkins Script Security Plugin 1.67 and earlier related to the handling of default parameter expressions in closures allowed attackers to execute arbitrary code in sandboxed scripts.2019-11-21not yet calculatedCVE-2019-16538
MLIST
CONFIRM
joomla! -- joomla!The Mijosoft MijoSearch component 2.0.1 and earlier for Joomla! allows remote attackers to obtain sensitive information via a request to component/mijosearch/search, which reveals the installation path in an error message.2019-11-22not yet calculatedCVE-2013-6879
MISC
joomla! -- joomla!Cross-site scripting (XSS) vulnerability in the Mijosoft MijoSearch component 2.0.4 and earlier for Joomla! allows remote attackers to inject arbitrary web script or HTML via the query parameter to component/mijosearch/search.2019-11-22not yet calculatedCVE-2013-6878
MISC
kyrol_security_labs -- kyrol_internet_securityIOCTL Handling in the kyrld.sys driver in Kyrol Internet Security 9.0.6.9 allows an attacker to achieve privilege escalation, denial-of-service, and code execution via usermode because 0x9C402401 using METHOD_NEITHER results in a read primitive.2019-11-21not yet calculatedCVE-2019-19197
MISC
MISC
lexmark -- services_monitorIn Lexmark Services Monitor 2.27.4.0.39 (running on TCP port 2070), a remote attacker can use a directory traversal technique using /../../../ or ..%2F..%2F..%2F to obtain local files on the host operating system.2019-11-21not yet calculatedCVE-2019-16758
MISC
MISC
libarchive -- libarchiveIn Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call. For example, bsdtar crashes via a crafted archive.2019-11-21not yet calculatedCVE-2019-19221
MISC
MISC
lightdm -- lightdmlightdm before 0.9.6 writes in .dmrc and Xauthority files using root permissions while the files are in user controlled folders. A local user can overwrite root-owned files via a symlink, which can allow possible privilege escalation.2019-11-19not yet calculatedCVE-2011-3349
MISC
MISC
MISC
MISC
MISC
MISC
linux_foundation -- foomatic-rip_filterfoomatic-rip filter, all versions, used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter.2019-11-19not yet calculatedCVE-2011-2923
MISC
MISC
MISC
MISC
linux_foundation -- foomatic-rip_filterfoomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter.2019-11-19not yet calculatedCVE-2011-2924
MISC
MISC
MISC
MISC
MISC
MISC
linux -- linux_kernelIn the AppleTalk subsystem in the Linux kernel before 5.1, there is a potential NULL pointer dereference because register_snap_client may return NULL. This will lead to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c, as demonstrated by unregister_snap_client, aka CID-9804501fa122.2019-11-22not yet calculatedCVE-2019-19227
MISC
MISC
loftek -- nexus_543_ip_cameraThe Loftek Nexus 543 IP Camera allows remote attackers to obtain (1) IP addresses via a request to get_realip.cgi or (2) firmware versions (ui and system), timestamp, serial number, p2p port number, and wifi status via a request to get_status.cgi.2019-11-21not yet calculatedCVE-2013-3314
MISC
MISC
MISC
loftek -- nexus_543_ip_cameraDirectory traversal vulnerability in the Loftek Nexus 543 IP Camera allows remote attackers to read arbitrary files via a .. (dot dot) in the URL of an HTTP GET request.2019-11-21not yet calculatedCVE-2013-3311
MISC
MISC
MISC
loftek -- nexus_543_ip_cameraThe Loftek Nexus 543 IP Camera stores passwords in cleartext, which allows remote attackers to obtain sensitive information via an HTTP GET request to check_users.cgi. NOTE: cleartext passwords can also be obtained from proc/kcore when leveraging the directory traversal vulnerability in CVE-2013-3311.2019-11-21not yet calculatedCVE-2013-3313
MISC
MISC
MISC
loftek -- nexus_543_ip_cameraMultiple cross-site request forgery (CSRF) vulnerabilities in the Loftek Nexus 543 IP Camera allow remote attackers to hijack the authentication of unspecified victims for requests that change (1) passwords or (2) firewall configuration, as demonstrated by a request to set_users.cgi.2019-11-21not yet calculatedCVE-2013-3312
MISC
MISC
masqmail -- masqmailmasqmail 0.2.21 through 0.2.30 improperly calls seteuid() in src/log.c and src/masqmail.c that results in improper privilege dropping.2019-11-19not yet calculatedCVE-2011-3350
MISC
MISC
MISC
mcafee -- client_proxyAuthentication Bypass vulnerability in the Microsoft Windows client in McAfee Client Proxy (MCP) prior to 3.0.0 allows local user to bypass scanning of web traffic and gain access to blocked sites for a short period of time via generating an authorization key on the client which should only be generated by the network administrator.2019-11-22not yet calculatedCVE-2019-3654
MISC
myphpadmin -- myphpadminAn issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack through the designer feature.2019-11-22not yet calculatedCVE-2019-18622
CONFIRM
naver -- vaccinensGreen.dll in Naver Vaccine 2.1.4 allows remote attackers to overwrite arbitary files via directory traversal sequences in a filename within nsz archive.2019-11-22not yet calculatedCVE-2019-13157
CONFIRM
netapp -- ontap_select_deployONTAP Select Deploy administration utility versions 2.11.2 through 2.12.2 are susceptible to a code injection vulnerability which when successfully exploited could allow an unauthenticated remote attacker to enable and use a privileged user account.2019-11-21not yet calculatedCVE-2019-5509
CONFIRM
netapp -- ontap_select_deployAll versions of ONTAP Select Deploy administration utility are susceptible to a vulnerability which when successfully exploited could allow an administrative user to escalate their privileges.2019-11-21not yet calculatedCVE-2019-17272
CONFIRM
newbee-mall -- newbee-mallmain/resources/mapper/NewBeeMallGoodsMapper.xml in newbee-mall (aka New Bee) before 2019-10-23 allows search?goodsCategoryId=&keyword= SQL Injection.2019-11-18not yet calculatedCVE-2019-19113
MISC
nginx -- nginxnginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle attack (MITM)2019-11-19not yet calculatedCVE-2011-4968
MISC
MISC
MISC
MISC
MISC
MISC
MISC
nitro_software -- nitro_proNitro Pro before 13.2 creates a debug.log file in the directory where a .pdf file is located, if the .pdf document was produced by an OCR operation on the JPEG output of a scanner. Reportedly, this can have a security risk if debug.log is later edited and then executed.2019-11-21not yet calculatedCVE-2019-18958
MISC
nlnet_labs -- unboundUnbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in the configuration.2019-11-19not yet calculatedCVE-2019-18934
MLIST
MISC
MISC
CONFIRM
nsslglobal_technologies -- satlink_vsat_modem_unit_devicesThe web interface for NSSLGlobal SatLink VSAT Modem Unit (VMU) devices before 18.1.0 doesn't properly sanitize input for error messages, leading to the ability to inject client-side code.2019-11-22not yet calculatedCVE-2019-15652
MISC
MISC
nusphere -- nusoapnuSOAP before 0.7.3-5 does not properly check the hostname of a cert.2019-11-19not yet calculatedCVE-2012-6071
MISC
MISC
MISC
MISC
oniguruma -- onigurumaAn issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read.2019-11-21not yet calculatedCVE-2019-19203
MISC
MISC
oniguruma -- onigurumaAn issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch_range_quantifier) in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read.2019-11-21not yet calculatedCVE-2019-19204
MISC
MISC
openshift-origin-note_gem_for_ruby_on_rails -- openshift-origin-note_gem_for_ruby_on_railsRuby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and cron.weekly.2019-11-21not yet calculatedCVE-2014-0084
MISC
openstack -- designateDesignate does not enforce the DNS protocol limit concerning record set sizes2019-11-22not yet calculatedCVE-2015-5694
MISC
MISC
MISC
MISC
ovirt -- ovirtoVirt users with MANIPULATE_STORAGE_DOMAIN permissions can attach a storage domain to any data-center2019-11-22not yet calculatedCVE-2015-1780
MISC
MISC
owncloud -- owncloudMultiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.5, 4.0.10, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) unspecified parameters to apps/calendar/ajax/event/new.php or (2) url parameter to apps/bookmarks/ajax/addBookmark.php.2019-11-22not yet calculatedCVE-2013-0203
MISC
MISC
pagekit -- pagekitA CSRF vulnerability in Pagekit 1.0.17 allows an attacker to upload an arbitrary file by removing the CSRF token from a request.2019-11-22not yet calculatedCVE-2019-19013
MISC
pannellum -- pannellumIn Pannellum from 2.5.0 through 2.5.4 URLs were not sanitized for data URIs (or vbscript:), allowing for potential XSS attacks. Such an attack would require a user to click on a hot spot to execute and would require an attacker-provided configuration. The most plausible potential attack would be if pannellum.htm was hosted on a domain that shared cookies with the targeted site's user authentication; an &lt;iframe&gt; could then be embedded on the attacker's site using pannellum.htm from the targeted site, which would allow the attacker to potentially access information from the targeted site as the authenticated user (or worse if the targeted site did not have adequate CSRF protections) if the user clicked on a hot spot in the attacker's embedded panorama viewer. This was patched in version 2.5.5.2019-11-22not yet calculatedCVE-2019-16763
MISC
CONFIRM
pivotal -- rabbitmq_and_rabbitmq_for_pcfPivotal RabbitMQ, 3.7 versions prior to v3.7.20 and 3.8 version prior to v3.8.1, and RabbitMQ for PCF, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain two endpoints, federation and shovel, which do not properly sanitize user input. A remote authenticated malicious user with administrative access could craft a cross site scripting attack via the vhost or node name fields that could grant access to virtual hosts and policy management information.2019-11-22not yet calculatedCVE-2019-11291
CONFIRM
pivotal -- rabbitmq_and_rabbitmq_for_pivotal_platformPivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. The "X-Reason" HTTP Header can be leveraged to insert a malicious Erlang format string that will expand and consume the heap, resulting in the server crashing.2019-11-23not yet calculatedCVE-2019-11287
CONFIRM
plex -- media_serverPlex Media Server 1.18.2.2029-36236cc4c allows remote attackers to bypass intended access control because X-Plex-Token is mishandled, and can be retrieved from Tautulli.2019-11-18not yet calculatedCVE-2018-21031
MISC
MISC
plow -- plowplow has local buffer overflow vulnerability2019-11-22not yet calculatedCVE-2012-3407
MISC
MISC
MISC
posh -- posh_portalMultiple cross-site scripting (XSS) vulnerabilities in POSH (aka Posh portal or Portaneo) 3.0 through 3.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) error parameter to /includes/plugins/mobile/scripts/login.php or (2) id parameter to portal/openrssarticle.php2019-11-22not yet calculatedCVE-2014-2214
MISC
MISC
posh -- posh_portalOpen redirect vulnerability in the password reset functionality in POSH 3.0 through 3.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to portal/scr_sendmd5.php.2019-11-22not yet calculatedCVE-2014-2213
MISC
MISC
MISC
postfixadmin -- postfixadminPostfixAdmin 2.3.4 has multiple XSS vulnerabilities2019-11-22not yet calculatedCVE-2012-0812
MISC
MISC
MISC
MISC
MISC
MISC
MISC
powerdns -- authoritative_serverPowerDNS Authoritative daemon , all versions pdns 4.1.x before pdns 4.1.10, exiting when encountering a serial between 2^31 and 2^32-1 while trying to notify a slave leads to DoS.2019-11-22not yet calculatedCVE-2019-10203
CONFIRM
pyxml -- pyxmlPyXML: Hash table collisions CPU usage Denial of Service2019-11-22not yet calculatedCVE-2012-0877
MISC
MISC
MISC
MISC
MISC
qualcomm -- ipsInteger overflow to buffer overflow vulnerability in PostScript image handling code used by the PostScript- and PDF-compatible interpreters due to incorrect buffer size calculation. in PostScript and PDF printers that use IPS versions prior to 2019.2 in PostScript and PDF printers that use IPS versions prior to 2019.22019-11-21not yet calculatedCVE-2019-10627
CONFIRM
qualcomm -- multiple_productsUse after free issue in Xtra daemon shutdown due to static object instance getting freed from a multiple places in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCS605, SDA660, SDA845, SDM450, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR21302019-11-21not yet calculatedCVE-2019-10490
CONFIRM
qualcomm -- multiple_productsNon Secure Kernel can cause Trustzone to do an arbitrary memory read which will result into DOS in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8017, APQ8053, APQ8096, APQ8096AU, IPQ8074, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, QCA8081, QM215, SDM429, SDM439, SDM450, SDM632, Snapdragon_High_Med_20162019-11-21not yet calculatedCVE-2019-2318
CONFIRM
qualcomm -- multiple_productsRace condition due to the lack of resource lock which will be concurrently modified in the memcpy statement leads to out of bound access in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8939, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM81502019-11-21not yet calculatedCVE-2019-10486
CONFIRM
qualcomm -- multiple_productsLack of integrity check allows MODEM to accept any NAS messages which can result into authentication bypass of NAS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR21302019-11-21not yet calculatedCVE-2019-2289
CONFIRM
qualcomm -- multiple_productsWhile invoking the API to copy from fd or local buffer to the secure buffer, Parameters being populated are from non secure environment. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, QCS404, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, Snapdragon_High_Med_2016, SXR1130, SXR21302019-11-21not yet calculatedCVE-2019-2315
CONFIRM
qualcomm -- multiple_productsImproper validation for loop variable received from firmware can lead to out of bound access in WLAN function while iterating through loop in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8096AU, APQ8098, MDM9640, MSM8996AU, MSM8998, QCA6574AU, QCN7605, QCS405, QCS605, SDA845, SDM845, SDX202019-11-21not yet calculatedCVE-2019-10535
CONFIRM
qualcomm -- multiple_productsOut-of-bounds access can occur in camera driver due to improper validation of array index in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, QCN7605, SDA660, SDM450, SDM630, SDM636, SDM660, SDX202019-11-21not yet calculatedCVE-2019-10503
CONFIRM
qualcomm -- multiple_productsPossible OOB read issue in P2P action frames while handling WLAN management frame in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8996AU, MSM8998, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS405, QCS605, SDA660, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM61502019-11-21not yet calculatedCVE-2019-2268
CONFIRM
qualcomm -- multiple_productsPossible double free issue in kernel while handling the camera sensor and its sub modules power sequence in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MDM9206, MDM9207C, MDM9607, MSM8909, MSM8909W, Nicobar, QCA9980, QCS405, QCS605, SDM845, SDX24, SM7150, SM81502019-11-21not yet calculatedCVE-2019-2266
CONFIRM
qualcomm -- multiple_productsSubsequent use of the CBO listener may result in further memory corruption due to use after free issue. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, SDX55, SM6150, SM7150, SM8150, SXR21302019-11-21not yet calculatedCVE-2019-2336
CONFIRM
qualcomm -- multiple_productsBuffer overflow can occur while processing non-standard NAN message from user space. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA660, SDA845, SDM636, SDM660, SDM845, SDX20, SDX24, SM81502019-11-21not yet calculatedCVE-2019-2297
CONFIRM
qualcomm -- multiple_productsOut of bound access due to lack of check of whiltelist array size while reading the image elf segments. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, QCS605, SDA845, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR21302019-11-21not yet calculatedCVE-2019-2339
CONFIRM
qualcomm -- multiple_productsUse after free issue in cleanup routine due to missing pointer sanitization for a failed start of a trusted application. in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, QCS605, SDA845, SDM670, SDM710, SDM845, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR21302019-11-21not yet calculatedCVE-2019-2329
CONFIRM
qualcomm -- multiple_productsIf a bitmap file is loaded from any un-authenticated source, there is a possibility that the bitmap can potentially cause stack buffer overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8016, APQ8096AU, APQ8098, MDM9205, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, SA6155P, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR21302019-11-21not yet calculatedCVE-2019-2251
CONFIRM
qualcomm -- multiple_productsOut-of-bounds memory access in Qurt kernel function when using the identifier to access Qurt kernel buffer to retrieve thread data. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8976, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX55, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR21302019-11-21not yet calculatedCVE-2018-13916
CONFIRM
qualcomm -- multiple_productsInformation disclosure due to lack of address range check done on the SysDBG buffers in SDI code. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, MDM9205, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998, Nicobar, QCS404, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, Snapdragon_High_Med_2016, SXR11302019-11-21not yet calculatedCVE-2019-2295
CONFIRM
qualcomm -- multiple_productsBuffer over read can happen while parsing downlink session management OTA messages if network sends un-intended values in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR21302019-11-21not yet calculatedCVE-2019-2271
CONFIRM
qualcomm -- multiple_productsSNDCP module may access array out side its boundary when it receives malformed XID message. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR21302019-11-21not yet calculatedCVE-2019-2303
CONFIRM
qualcomm -- multiple_products
 		While processing Attach Reject message, Valid exit condition is not met resulting into an infinite loop in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR21302019-11-21not yet calculatedCVE-2019-2335
CONFIRM
qualcomm -- qca6174_9377Low privilege users can access service configuration which contains registry data that admins uses to create or delete entries in the registry in QCA6174_9377.WIN.1.0 in QCA6174_93772019-11-21not yet calculatedCVE-2019-10617
CONFIRM
rconfig -- rconfigrConfig 3.9.2 allows devices.php?searchColumn= SQL injection.2019-11-21not yet calculatedCVE-2019-19207
MISC
rc -- rcrc before 1.7.1-5 insecurely creates temporary files.2019-11-21not yet calculatedCVE-2014-1936
MISC
MISC
MISC
red_hat -- ansible-playbook_-k_and_ansible_cli_toolsansible-playbook -k and ansible cli tools, all versions 2.8.x before 2.8.4, all 2.7.x before 2.7.13 and all 2.6.x before 2.6.19, prompt passwords by expanding them from templates as they could contain special characters. Passwords should be wrapped to prevent templates trigger and exposing them.2019-11-22not yet calculatedCVE-2019-10206
CONFIRM
red_hat -- clouldformscloudforms version, cloudforms 5.8 and cloudforms 5.9, is vulnerable to a cross-site-scripting. A flaw was found in CloudForms's v2v infrastructure mapping delete feature. A stored cross-site scripting due to improper sanitization of user input in Name field.2019-11-22not yet calculatedCVE-2018-10854
CONFIRM
red_hat -- redhat-upgrade-toolredhat-upgrade-tool: Does not check GPG signatures when upgrading versions2019-11-22not yet calculatedCVE-2014-3585
REDHAT
REDHAT
ros -- ros_commAn issue was discovered in the ROS communications-related packages (aka ros_comm or ros-melodic-ros-comm) through 1.14.3. A buffer overflow allows attackers to cause a denial of service and possibly execute arbitrary code via an IP address with a long hostname.2019-11-22not yet calculatedCVE-2019-13566
MISC
MISC
MISC
ruby_net-ldap_gem_for_ruby_on_rails -- ruby_net-ldap_gem_for_ruby_on_railsThe Ruby net-ldap gem before 0.16.2 uses a weak salt when generating SSHA passwords.2019-11-21not yet calculatedCVE-2014-0083
MISC
MISC
CONFIRM
MISC
sangoma -- asterisk_and_certified_asteriskAn issue was discovered in manager.c in Sangoma Asterisk through 13.x, 16.x, 17.x and Certified Asterisk 13.21 through 13.21-cert4. A remote authenticated Asterisk Manager Interface (AMI) user without system authorization could use a specially crafted Originate AMI request to execute arbitrary system commands.2019-11-22not yet calculatedCVE-2019-18610
MISC
MISC
sangoma -- asterisk_and_certified_asteriskAn issue was discovered in channels/chan_sip.c in Sangoma Asterisk 13.x, 16.x, and 17.x, and Certified Asterisk 13.21, because of an incomplete fix for CVE-2019-18351. A SIP request can be sent to Asterisk that can change a SIP peer's IP address. A REGISTER does not need to occur, and calls can be hijacked as a result. The only thing that needs to be known is the peer's name; authentication details such as passwords do not need to be known. This vulnerability is only exploitable when the nat option is set to the default, or auto_force_rport.2019-11-22not yet calculatedCVE-2019-18790
MISC
MISC
sangoma -- asterisk_and_certified_asteriskAn issue was discovered in res_pjsip_t38.c in Sangoma Asterisk through 13.x and Certified Asterisk through 13.21-x. If it receives a re-invite initiating T.38 faxing and has a port of 0 and no c line in the SDP, a NULL pointer dereference and crash will occur. This is different from CVE-2019-18940.2019-11-22not yet calculatedCVE-2019-18976
CONFIRM
MISC
MISC
MISC
MISC
sangoma -- freepbxSangoma FreePBX 115.0.16.26 and below, 14.0.13.11 and below, 13.0.197.13 and below have Incorrect Access Control.2019-11-21not yet calculatedCVE-2019-19006
MISC
MISC
CONFIRM
MISC
schneider_electric -- andover_continuum_devicesA CWE-79: Failure to Preserve Web Page Structure vulnerability exists in Andover Continuum (models 9680, 5740 and 5720, bCX4040, bCX9640, 9900, 9940, 9924 and 9702) , which could enable a successful Cross-site Scripting (XSS attack) when using the products web server.2019-11-20not yet calculatedCVE-2019-6853
CONFIRM
shibboleth -- shibboleth_service_providerShibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file that calls chown on files in a directory controlled by the service user (the shibd account) after installation. This allows the user to escalate to root by pointing symlinks to files such as /etc/shadow.2019-11-21not yet calculatedCVE-2019-19191
MISC
MISC
slackbuilds -- slackwareSlackware 13.1, 13.37, 14.0 and 14.1 contain world-writable permissions on the iodbctest and iodbctestw programs within the libiodbc package, which could allow local users to use RPATH information to execute arbitrary code with root privileges.2019-11-21not yet calculatedCVE-2013-7172
MISC
MISC
MISC
MISC
slackbuilds -- slackware_and_slackware_llvmSlackware 14.0 and 14.1, and Slackware LLVM 3.0-i486-2 and 3.3-i486-2, contain world-writable permissions on the /tmp directory which could allow remote attackers to execute arbitrary code with root privileges.2019-11-21not yet calculatedCVE-2013-7171
MISC
MISC
MISC
MISC
sniffit -- sniffitsniffit 0.3.7 and prior: A configuration file can be leveraged to execute code as root2019-11-19not yet calculatedCVE-2014-5439
MISC
MISC
spagobi -- spagobiUnrestricted file upload vulnerability in the Worksheet designer in SpagoBI before 4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory, aka "XSS File Upload."2019-11-22not yet calculatedCVE-2013-6234
MISC
MISC
MISC

symfony -- symfony

An issue was discovered in Symfony before 4.2.12 and 4.3.x before 4.3.8. The VarExport component incorrectly escapes strings, allowing some specially crafted ones to escalate to execution of arbitrary PHP code. This is related to symfony/var-exporter.2019-11-21not yet calculatedCVE-2019-11325
CONFIRM
MISC
CONFIRM
CONFIRM
symfony -- symfonyAn issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. If an application passes unvalidated user input as the file for which MIME type validation should occur, then arbitrary arguments are passed to the underlying file command. This is related to symfony/http-foundation (and symfony/mime in 4.3.x).2019-11-21not yet calculatedCVE-2019-18888
CONFIRM
FEDORA
FEDORA
FEDORA
CONFIRM
CONFIRM
symfony -- symfonyAn issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. The UriSigner was subject to timing attacks. This is related to symfony/http-kernel.2019-11-21not yet calculatedCVE-2019-18887
CONFIRM
FEDORA
FEDORA
FEDORA
CONFIRM
CONFIRM
symfony -- symfonyAn issue was discovered in Symfony 4.2.0 to 4.2.11 and 4.3.0 to 4.3.7. The ability to enumerate users was possible due to different handling depending on whether the user existed when making unauthorized attempts to use the switch users functionality. This is related to symfony/security.2019-11-21not yet calculatedCVE-2019-18886
MISC
CONFIRM
MISC
symfony -- symfonyAn issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache.2019-11-21not yet calculatedCVE-2019-18889
CONFIRM
FEDORA
CONFIRM
CONFIRM
synametrics_technologies -- synaman_and_syncrify_and_syntailMultiple cross-site request forgery (CSRF) vulnerabilities in Synametrics Technologies SynaMan before 3.5 Build 1451, Syncrify before 3.7 Build 856, and SynTail before 1.5 Build 5672019-11-21not yet calculatedCVE-2015-3140
CONFIRM
CONFIRM
CONFIRM
tenda -- ac9_router_ac1200_smart_dual_band_gigabit_wifi_routerAn exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route (AC9V1.0 Firmware V15.03.05.16multiTRU). A specially crafted HTTP POST request can cause a command injection in the DNS1 post parameters, resulting in code execution. An attacker can send HTTP POST request with command to trigger this vulnerability.2019-11-21not yet calculatedCVE-2019-5071
MISC
tenda -- ac9_router_ac1200_smart_dual_band_gigabit_wifi_routerAn exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route (AC9V1.0 Firmware V15.03.05.16multiTRU). A specially crafted HTTP POST request can cause a command injection in the DNS2 post parameters, resulting in code execution. An attacker can send HTTP POST request with command to trigger this vulnerability.2019-11-21not yet calculatedCVE-2019-5072
MISC
videolan -- libbluraylibbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when expanding JAR files2019-11-22not yet calculatedCVE-2015-7810
MISC
MISC
MISC
MISC
MISC
vmware -- workstation_and_fusionVMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain an information disclosure vulnerability in vmnetdhcp. Successful exploitation of this issue may allow an attacker on a guest VM to disclose sensitive information by leaking memory from the host process.2019-11-20not yet calculatedCVE-2019-5540
CONFIRM
vmware -- workstation_and_fusionVMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain an out-of-bounds write vulnerability in the e1000e virtual network adapter. Successful exploitation of this issue may lead to code execution on the host from the guest or may allow attackers to create a denial-of-service condition on their own VM.2019-11-20not yet calculatedCVE-2019-5541
CONFIRM
vtiger -- vtiger_crmIn Vtiger 7.x before 7.2.0, the My Preferences saving functionality allows a user without administrative privileges to change his own role by adding roleid=H2 to a POST request.2019-11-21not yet calculatedCVE-2019-19202
MISC
w3edge -- w3_total_cacheW3 Total Cache before 0.9.2.5 allows remote attackers to retrieve password hash information due to insecure storage of database cache files.2019-11-22not yet calculatedCVE-2012-6077
MISC
MISC
MISC
MISC
CONFIRM
w3edge -- w3_total_cacheW3 Total Cache before 0.9.2.5 exposes sensitive cached database information which allows remote attackers to download this information via their hash keys.2019-11-22not yet calculatedCVE-2012-6079
MISC
MISC
MISC
CONFIRM
w3edge -- w3_total_cacheW3 Total Cache before 0.9.2.5 generates hash keys insecurely which allows remote attackers to predict the values of the hashes.2019-11-22not yet calculatedCVE-2012-6078
MISC
MISC
MISC
CONFIRM
wolfssl -- wolfsslwolfssl before 3.2.0 does not properly issue certificates for a server's hostname.2019-11-21not yet calculatedCVE-2014-2901
MISC
MISC
wolfssl -- wolfsslwolfssl before 3.2.0 has a server certificate that is not properly authorized for server authentication.2019-11-21not yet calculatedCVE-2014-2904
MISC
MISC
MISC
wolfssl -- wolfsslwolfssl before 3.2.0 does not properly authorize CA certificate for signing other certificates.2019-11-21not yet calculatedCVE-2014-2902
MISC
MISC
MISC
xcfa -- xcfaxcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary files.2019-11-21not yet calculatedCVE-2014-5254
MISC
MISC
MISC
MISC
MISC
xcfa -- xcfaxcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary files. Note: A different vulnerability than CVE-2014-5254.2019-11-21not yet calculatedCVE-2014-5255
MISC
MISC
MISC
MISC
MISC
MISC
xcftools -- xcftoolsAn exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools, version 1.0.7. An integer overflow can occur while walking through tiles that could be exploited to corrupt memory and execute arbitrary code. In order to trigger this vulnerability, a victim would need to open a specially crafted XCF file.2019-11-21not yet calculatedCVE-2019-5086
MISC
MISC
xcftools -- xcftoolsAn exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools 1.0.7. An integer overflow can occur while calculating the row's allocation size, that could be exploited to corrupt memory and eventually execute arbitrary code. In order to trigger this vulnerability, a victim would need to open a specially crafted XCF file.2019-11-21not yet calculatedCVE-2019-5087
MISC
MISC
xlockmore -- xlockmorexlockmore before 5.43 'dclock' security bypass vulnerability2019-11-21not yet calculatedCVE-2012-4524
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
zhone -- znid_2426aThe web administrative portal in Zhone zNID 2426A before S3.0.501 allows remote authenticated users to bypass intended access restrictions via a modified server response, related to an insecure direct object reference.2019-11-21not yet calculatedCVE-2014-8356
MISC
MISC
MISC
zoho_manageengine -- opmanager_and_firewall_analyzerIncorrect file permissions on the packaged Nipper executable file in Zoho ManageEngine OpManager 12.4.072 and Firewall Analyzer 12.4.072 allow local users to elevate privileges to root by overwriting this file with a malicious payload.2019-11-21not yet calculatedCVE-2019-17421
MISC
MISC
zte -- xscdn_iamwebThe version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a code injection vulnerability. An attacker could exploit the vulnerability to inject malicious code into the management page, resulting in users? information leakage.2019-11-22not yet calculatedCVE-2019-3427
CONFIRM
zte -- zxcdn_iamwebThe version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a configuration error vulnerability. An attacker could directly access the management portal in HTTP, resulting in users? information leakage.2019-11-22not yet calculatedCVE-2019-3428
CONFIRM
zulip -- zulip_serverIn Zulip Server versions from 1.7.0 to before 2.0.7, a bug in the new user signup process meant that users who registered their account using social authentication (e.g., GitHub or Google SSO) in an organization that also allows password authentication could have their personal API key stolen by an unprivileged attacker, allowing nearly full access to the user's account.2019-11-21not yet calculatedCVE-2019-18933
CONFIRM
MISC
Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

Black Friday Shopping: Protect Your Identity

November 27, 2019, 7:46 am
$
0
0
Original release date: November 27, 2019

Black Friday is one of the most lucrative shopping days of the year for retailers in brick-and-mortar shops and online, but shoppers aren't the only ones looking for deals. Malicious people may be able to obtain personal information (such as credit card numbers, phone numbers, account numbers, and addresses) by stealing your wallet, overhearing a phone conversation, rummaging through your trash (a practice known as dumpster diving), or picking up a receipt at a restaurant that has your account number on it. If a thief has enough information, he or she may be able to impersonate you to purchase items, open new accounts, or apply for loans.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages holiday shoppers to take the following identity theft precautions:

  • Take advantage of security features. Passwords and other security features add layers of protection if used appropriately. (See Choosing and Protecting Passwords.)
  • Check privacy policies. Take precautions when providing information, and make sure to check published privacy policies to see how a company will use or distribute your information. (See Protecting Your Privacy.)
  • Check your statements. Keep a record of your purchases and copies of confirmation pages, and compare them to your bank statements. If there is a discrepancy, report it immediately.
  • Be careful what information you publicize. Attackers may be able to piece together information from a variety of sources. Avoid posting personal data in public forums. (See Staying Safe on Social Networking Sites.)

This product is provided subject to this Notification and this Privacy & Use policy.

Caller Poses as CISA Rep in Extortion Scam

November 29, 2019, 4:07 pm
$
0
0
Original release date: November 29, 2019

The Cybersecurity and Infrastructure Security Agency (CISA) is aware of a phone scam where a caller pretends to be a CISA representative. The scammer claims to have knowledge of the potential victim’s questionable behavior and attempts to extort money.

If you receive a threatening call from someone claiming to be a CISA representative, CISA recommends the following actions:

  • Do not respond or try to contact the caller.
  • Do not pay the caller.
  • Contact your local FBI field office to file a report.

This product is provided subject to this Notification and this Privacy & Use policy.

Vulnerability Summary for the Week of November 25, 2019

December 2, 2019, 3:39 am
$
0
0
Original release date: December 2, 2019

The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

 

High Vulnerabilities

Primary
Vendor -- Product		DescriptionPublishedCVSS ScoreSource & Patch Info
chicken -- chicken
 		Buffer overflow in CHICKEN 4.9.0 and 4.9.0.1 may allow remote attackers to execute arbitrary code via the 'select' function.2019-11-227.5CVE-2014-6310
MISC
MISC
CONFIRM
MISC
google -- chrome
 		Out of bounds memory access in JavaScript in Google Chrome prior to 75.0.3770.142 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-257.5CVE-2019-5866
MISC
MISC
red_hat -- redhat-upgrade-tool
 		redhat-upgrade-tool: Does not check GPG signatures when upgrading versions2019-11-2210CVE-2014-3585
REDHAT
REDHAT
Back to top

 

Medium Vulnerabilities

Primary
Vendor -- Product		DescriptionPublishedCVSS ScoreSource & Patch Info
gael -- q-pulseCross-site scripting (XSS) vulnerability in ui/common/managedlistdialog.aspx in Gael Q-Pulse 0.6 and earlier.2019-11-224.3CVE-2014-1238
MISC
gitlab -- gitlab_community_and_enterprise_edition

 		An issue was discovered in GitLab Community and Enterprise Edition before 12.4. It has Incorrect Access Control.2019-11-264CVE-2019-18448
MISC
MISC
gitlab -- gitlab_community_and_enterprise_edition

 		An issue was discovered in GitLab Community and Enterprise Edition before 12.4. It has Insecure Permissions.2019-11-264CVE-2019-18447
MISC
MISC
gitlab -- gitlab_community_and_enterprise_edition

 		An issue was discovered in GitLab Community and Enterprise Edition through 12.4. It has Insecure Permissions (issue 2 of 4).2019-11-264CVE-2019-18458
MISC
MISC
gitlab -- gitlab_community_and_enterprise_edition

 		An issue was discovered in GitLab Community and Enterprise Edition 11.3 through 12.4 when moving an issue to a public project from a private one. It has Insecure Permissions.2019-11-265CVE-2019-18452
MISC
MISC
gitlab -- gitlab_community_and_enterprise_edition

 		An issue was discovered in GitLab Community and Enterprise Edition 11.6 through 12.4 in the add comments via email feature. It has Insecure Permissions.2019-11-264CVE-2019-18453
MISC
MISC
gitlab -- gitlab_community_and_enterprise_edition

 		An issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the Project labels feature. It has Insecure Permissions.2019-11-264CVE-2019-18450
MISC
MISC
gitlab -- gitlab_community_and_enterprise_edition
 		An issue was discovered in GitLab Community and Enterprise Edition 8.15 through 12.4 in the Comments Search feature provided by the Elasticsearch integration. It has Incorrect Access Control.2019-11-265CVE-2019-18460
MISC
MISC
gitlab -- gitlab_community_and_enterprise_edition
 		An issue was discovered in GitLab Community and Enterprise Edition 11.8 through 12.4 when handling Security tokens.. It has Insecure Permissions.2019-11-266.5CVE-2019-18457
MISC
MISC
gitlab -- gitlab_community_and_enterprise_edition
 		An issue was discovered in GitLab Community and Enterprise Edition 10.7.4 through 12.4 in the InternalRedirect filtering feature. It has an Open Redirect.2019-11-265.8CVE-2019-18451
MISC
MISC
gitlab -- gitlab_community_and_enterprise_edition
 		An issue was discovered in GitLab Community and Enterprise Edition 10.5 through 12.4 in link validation for RDoc wiki pages feature. It has XSS.2019-11-264.3CVE-2019-18454
MISC
MISC
gitlab -- gitlab_community_and_enterprise_edition
 		An issue was discovered in GitLab Community and Enterprise Edition 8.15 through 12.4. It has Insecure Permissions (issue 1 of 2).2019-11-265.5CVE-2019-18446
CONFIRM
MISC
gitlab -- gitlab_community_and_enterprise_edition
 		An issue was discovered in GitLab Community and Enterprise Edition 11 through 12.4 when building Nested GraphQL queries. It has a large or infinite loop.2019-11-265CVE-2019-18455
MISC
MISC
google -- chromeInsufficient policy enforcement in the Omnibox in Google Chrome on Android prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.2019-11-254.3CVE-2019-13703
MISC
MISC
google -- chromeInsufficient policy enforcement in reader mode in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass site isolation via a crafted HTML page.2019-11-256.8CVE-2019-13692
MISC
MISC
google -- chromeInsufficient validation of untrusted input in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download restrictions via a crafted HTML page.2019-11-254.3CVE-2019-13710
MISC
MISC
google -- chrome

 		Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.2019-11-255CVE-2019-13711
MISC
MISC
google -- chrome
 		Use after free in WebAudio in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-5851
MISC
MISC
google -- chrome
 		Use after free in PDFium in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-13721
MISC
MISC
google -- chrome
 		Use after free in media in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-13699
MISC
MISC
google -- chrome
 		Out of bounds memory access in the gamepad API in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-13700
MISC
MISC
google -- chrome
 		Inappropriate implementation in installer in Google Chrome on Windows prior to 78.0.3904.70 allowed a local attacker to perform privilege escalation via a crafted executable.2019-11-256.8CVE-2019-13702
MISC
MISC
google -- chrome
 		Out of bounds memory access in PDFium in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.2019-11-256.8CVE-2019-13706
MISC
MISC
google -- chrome
 		Use after free in WebAudio in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-13720
MISC
MISC
google -- chrome
 		Use after free in IndexedDB in Google Chrome prior to 77.0.3865.120 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.2019-11-256.8CVE-2019-13693
MISC
MISC
google -- chrome
 		Out of bounds memory access in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-13724
MISC
MISC
google -- chrome
 		Use after free in offline mode in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.2019-11-256.8CVE-2019-5850
MISC
MISC
google -- chrome
 		Use after free in media in Google Chrome on Android prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-5876
MISC
MISC
google -- chrome
 		Inappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-5853
MISC
MISC
google -- chrome
 		Incorrect implementation in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.2019-11-254.3CVE-2019-13701
MISC
MISC
google -- chrome
 		Use after free in sharing view in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-13685
MISC
MISC
google -- chrome
 		Use after free in WebRTC in Google Chrome prior to 77.0.3865.120 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-13694
MISC
MISC
google -- chrome
 		Insufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.2019-11-254.3CVE-2019-13683
MISC
MISC
google -- chrome
 		Use after free in JavaScript in Google Chrome prior to 77.0.3865.120 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-13696
MISC
MISC
google -- chrome
 		Use after free in V8 in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-5878
MISC
MISC
google -- chrome
 		Insufficient validation of untrusted input in navigation in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.2019-11-254.3CVE-2019-13691
MISC
MISC
google -- chrome
 		Use after free in media in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.2019-11-256.8CVE-2019-5870
MISC
MISC
google -- chrome
 		Use after free in offline mode in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-13686
MISC
MISC
google -- chrome
 		Integer overflow in PDFium in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.2019-11-256.8CVE-2019-5854
MISC
MISC
google -- chrome
 		Out of bounds memory access in JavaScript in Google Chrome prior to 73.0.3683.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-13698
MISC
MISC
google -- chrome
 		Incorrect font handling in autofill in Google Chrome prior to 75.0.3770.142 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.2019-11-254.3CVE-2019-5848
MISC
MISC
google -- chrome
 		Insufficient policy enforcement in performance APIs in Google Chrome prior to 77.0.3865.120 allowed a remote attacker to leak cross-origin data via a crafted HTML page.2019-11-254.3CVE-2019-13697
MISC
MISC
google -- chrome
 		Use after free in PDFium in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.2019-11-254.3CVE-2019-5860
MISC
MISC
google -- chrome
 		Insufficient policy enforcement in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download restrictions via a crafted HTML page.2019-11-254.3CVE-2019-13709
MISC
MISC
google -- chrome
 		Use after free in audio in Google Chrome on Android prior to 77.0.3865.120 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-13695
MISC
MISC
google -- chrome
 		Inappropriate implementation in navigation in Google Chrome on iOS prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.2019-11-254.3CVE-2019-13708
MISC
MISC
google -- chrome
 		Insufficient validation of untrusted input in Color Enhancer extension in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to inject CSS into an HTML page via a crafted URL.2019-11-254.3CVE-2019-13714
MISC
MISC
google -- chrome
 		Insufficient validation of untrusted input in intents in Google Chrome on Android prior to 78.0.3904.70 allowed a local attacker to leak files via a crafted application.2019-11-254.3CVE-2019-13707
MISC
MISC
google -- chrome
 		Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.2019-11-254.3CVE-2019-13715
MISC
MISC
google -- chrome
 		Insufficient policy enforcement in extensions in Google Chrome prior to 78.0.3904.70 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension.2019-11-254.3CVE-2019-13705
MISC
MISC
google -- chrome
 		Out of bounds read in Skia in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.2019-11-255.8CVE-2019-5849
MISC
MISC
google -- chrome
 		Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page.2019-11-254.3CVE-2019-13717
MISC
MISC
google -- chrome
 		Insufficient policy enforcement in service workers in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.2019-11-254.3CVE-2019-13716
MISC
MISC
google -- chrome
 		Insufficient policy enforcement in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass content security policy via a crafted HTML page.2019-11-254.3CVE-2019-13704
MISC
MISC
google -- chrome
 		Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page.2019-11-254.3CVE-2019-13719
MISC
MISC
google -- chrome
 		Insufficient data validation in Omnibox in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.2019-11-254.3CVE-2019-13718
MISC
MISC
google -- chrome
 		Use after free in Blink in Google Chrome prior to 76.0.3809.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-254.3CVE-2019-5869
MISC
MISC
google -- chrome
 		Inappropriate implementation in JavaScript in Google Chrome prior to 75.0.3770.142 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-254.3CVE-2019-5847
MISC
MISC
google -- chrome
 		Inappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.2019-11-254.3CVE-2019-5852
MISC
MISC
google -- chrome
 		Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.2019-11-254.3CVE-2019-13713
MISC
MISC
google -- chrome
 		Use after free in PDFium in Google Chrome prior to 76.0.3809.100 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.2019-11-254.3CVE-2019-5868
MISC
MISC
google -- chrome
 		Use after free in Blink in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-13687
MISC
MISC
google -- chrome
 		Use after free in Mojo in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-254.3CVE-2019-5872
MISC
MISC
google -- chrome
 		Use after free in Blink in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-13688
MISC
MISC
google -- chrome
 		Use after free in Blink in Google Chrome prior to 75.0.3770.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-254.3CVE-2019-5842
MISC
MISC
ibm -- smartcloud_analyticsIBM SmartCloud Analytics 1.3.1 through 1.3.5 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. IBM X-Force ID: 159187.2019-11-224.9CVE-2019-4216
XF
CONFIRM
ibm -- smartcloud_analytics
 		IBM SmartCloud Analytics 1.3.1 through 1.3.5 does not set the secure attribute on authorization tokens or session cookies. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 159185.2019-11-224.3CVE-2019-4214
XF
CONFIRM
ibm -- smartcloud_analytics
 		IBM SmartCloud Analytics 1.3.1 through 1.3.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 159186.2019-11-224.3CVE-2019-4215
XF
CONFIRM
openstack -- designateDesignate does not enforce the DNS protocol limit concerning record set sizes2019-11-224CVE-2015-5694
MISC
MISC
MISC
MISC
ovirt -- ovirtoVirt users with MANIPULATE_STORAGE_DOMAIN permissions can attach a storage domain to any data-center2019-11-224CVE-2015-1780
MISC
MISC
pagekit -- pagekitA CSRF vulnerability in Pagekit 1.0.17 allows an attacker to upload an arbitrary file by removing the CSRF token from a request.2019-11-226.8CVE-2019-19013
MISC
plow -- plow
 		plow has local buffer overflow vulnerability2019-11-224.6CVE-2012-3407
MISC
MISC
MISC
postfixadmin -- postfixadmin
 		PostfixAdmin 2.3.4 has multiple XSS vulnerabilities2019-11-224.3CVE-2012-0812
MISC
MISC
MISC
MISC
MISC
MISC
MISC
zte -- zxcdn_iamwebThe version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a code injection vulnerability. An attacker could exploit the vulnerability to inject malicious code into the management page, resulting in users? information leakage.2019-11-226.5CVE-2019-3427
CONFIRM
Back to top

 

Low Vulnerabilities

Primary
Vendor -- Product		DescriptionPublishedCVSS ScoreSource & Patch Info
google -- chrome
 		Inappropriate implementation in JavaScript in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page.2019-11-252.6CVE-2019-13684
MISC
MISC
ibm -- smartcloud_analytics
 		IBM SmartCloud Analytics 1.3.1 through 1.3.5 allows unauthorized disclosure of information like accessing solrconfig.xml and could allow an attacker to perform disruptive administrator tasks. IBM X-Force ID: 159517.2019-11-223.6CVE-2019-4243
XF
CONFIRM
videolan -- libbluray
 		libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when expanding JAR files2019-11-223.3CVE-2015-7810
MISC
MISC
MISC
MISC
MISC
Back to top

 

Severity Not Yet Assigned

Primary
Vendor -- Product		DescriptionPublishedCVSS ScoreSource & Patch Info
abb -- power_generation_information_manager_and_plant_connectIn all versions of ABB Power Generation Information Manager (PGIM) and Plant Connect, the affected product is vulnerable to authentication bypass, which may allow an attacker to remotely bypass authentication and extract credentials from the affected device.2019-11-26not yet calculatedCVE-2019-18250
MISC
abb -- relion_670_series_intelligent_electronic_devicesAn attacker could use specially crafted paths in a specific request to read or delete files from Relion 670 Series (versions 1p1r26, 1.2.3.17, 2.0.0.10, RES670 2.0.0.4, 2.1.0.1, and prior) outside the intended directory.2019-11-27not yet calculatedCVE-2019-18253
MISC
abb -- relion_670_series_intelligent_electronic_devicesAn attacker may use a specially crafted message to force Relion 650 series (versions 1.3.0.5 and prior) or Relion 670 series (versions 1.2.3.18, 2.0.0.11, 2.1.0.1 and prior) to reboot, which could cause a denial of service.2019-11-27not yet calculatedCVE-2019-18247
MISC
accountservice -- accountserviceAn issue exists AccountService 0.6.37 in the user_change_password_authorized_cb() function in user.c which could let a local users obtain encrypted passwords.2019-11-27not yet calculatedCVE-2012-6655
MISC
MISC
MISC
MISC
MISC
MISC
ace -- acegenerate_doygen.pl in ace before 6.2.7+dfsg-2 creates predictable file names in the /tmp directory which allows attackers to gain elevated privileges.2019-11-22not yet calculatedCVE-2014-6311
MISC
MISC
MISC
MISC
afterlogic -- webmail_pro_and_auroraAfterlogic WebMail Pro 8.3.11, and WebMail in Afterlogic Aurora 8.3.11, allows Remote Stored XSS via an attachment name.2019-11-26not yet calculatedCVE-2019-19129
MISC
MISC
apache -- ofbizThe /webtools/control/xmlrpc endpoint in OFBiz XML-RPC event handler is exposed to External Entity Injection by passing DOCTYPE declarations with executable payloads that discloses the contents of files in the filesystem. In addition, it can also be used to probe for open network ports, and figure out from returned error messages whether a file exists or not. This affects OFBiz 16.11.01 to 16.11.04.2019-11-26not yet calculatedCVE-2011-3600
CONFIRM
MISC
MISC
MISC
MISC
apache -- openofficeOpenOffice.org v3.3 allows execution of arbitrary code with the privileges of the user running the OpenOffice.org suite tools.2019-11-27not yet calculatedCVE-2011-2177
MISC
MISC
MISC
MLIST
apple -- iphone_3gsApple iPhone 3GS bootrom malloc implementation returns a non-NULL pointer when unable to allocate memory, aka 'alloc8'. An attacker with physical access to the device can install arbitrary firmware.2019-11-22not yet calculatedCVE-2019-9536
MISC
MISC
apt -- aptIt was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.2019-11-26not yet calculatedCVE-2011-3374
MISC
MISC
MISC
MISC
MISC
artifex -- ghostscriptA flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.2019-11-27not yet calculatedCVE-2019-14812
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
artifex -- ghostscriptIt was found that the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas.2019-11-27not yet calculatedCVE-2019-10216
CONFIRM
best_practical_solutions -- jifty::dbiSQL injection vulnerability in Jifty::DBI before 0.68.2019-11-26not yet calculatedCVE-2011-1933
MLIST
MISC
MISC
CONFIRM
MLIST
MISC
centreon -- centreonCentreon before 2.8.30, 18.x before 18.10.8, and 19.x before 19.04.5 allows XSS via myAccount alias and name fields.2019-11-26not yet calculatedCVE-2019-16195
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
centreon -- centreon_webA problem was found in Centreon Web through 19.04.3. An authenticated command injection is present in the page include/configuration/configObject/traps-mibs/formMibs.php. This page is called from the Centreon administration interface. This is the mibs management feature that contains a file filing form. At the time of submission of a file, the mnftr parameter is sent to the page and is not filtered properly. This allows one to inject Linux commands directly.2019-11-27not yet calculatedCVE-2019-15298
MISC
MISC
MISC
centreon -- centreon_webA problem was found in Centreon Web through 19.04.3. An authenticated SQL injection is present in the page include/Administration/parameters/ldap/xml/ldap_host.php. The arId parameter is not properly filtered before being passed to the SQL query.2019-11-27not yet calculatedCVE-2019-15300
MISC
MISC
MISC
MISC
MISC
MISC
cesanta -- mongooseAn integer overflow in parse_mqtt in mongoose.c in Cesanta Mongoose 6.16 allows an attacker to achieve remote DoS (infinite loop), or possibly cause an out-of-bounds write, by sending a crafted MQTT protocol packet.2019-11-26not yet calculatedCVE-2019-19307
MISC
cisco -- small_business_rv_series_routersA vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an unauthenticated, remote attacker to view information displayed in the web-based management interface. The vulnerability is due to improper authorization of HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface of an affected device. A successful exploit could allow the attacker to view information displayed in the web-based management interface without authentication.2019-11-26not yet calculatedCVE-2019-15990
CISCO
cisco -- dna_spaces_connectorA vulnerability in the web UI of Cisco DNA Spaces: Connector could allow an authenticated, remote attacker to execute arbitrary SQL queries. The vulnerability exists because the web UI does not properly validate user-supplied input. An attacker could exploit this vulnerability by entering malicious SQL statements in an affected field in the web UI. A successful exploit could allow the attacker to remove the SQL database, which would require the reinstallation of the Connector VM.2019-11-26not yet calculatedCVE-2019-15995
CISCO
cisco -- dna_spaces_connectorA vulnerability in Cisco DNA Spaces: Connector could allow an authenticated, local attacker to perform a command injection attack and execute arbitrary commands on the underlying operating system as root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command. An attacker could exploit this vulnerability by including malicious input during the execution of the affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system as root.2019-11-26not yet calculatedCVE-2019-15997
CISCO
cisco -- dna_spaces_connectorA vulnerability in Cisco DNA Spaces: Connector could allow an authenticated, local attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root. The vulnerability is due to insufficient restrictions during the execution of an affected CLI command. An attacker could exploit this vulnerability by leveraging the insufficient restrictions to modify sensitive files. A successful exploit could allow the attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root.2019-11-26not yet calculatedCVE-2019-15996
CISCO
cisco -- email_security_applianceA vulnerability in the MP3 detection engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured content filters on the device. The vulnerability is due to improper validation of certain MP3 file types. An attacker could exploit this vulnerability by sending a crafted MP3 file through the targeted device. A successful exploit could allow the attacker to bypass configured content filters that would normally drop the email.2019-11-26not yet calculatedCVE-2019-15971
CISCO
cisco -- email_security_applianceA vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. The vulnerability is due to insufficient input validation of URLs. An attacker could exploit this vulnerability by crafting the URL in a particular way. A successful exploit could allow the attacker to bypass the URL reputation filters that are configured for the affected device, which could allow malicious URLs to pass through the device.2019-11-26not yet calculatedCVE-2019-15988
CISCO
cisco -- industrial_network_directorA vulnerability in the web-based management interface of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected application. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected application. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.2019-11-26not yet calculatedCVE-2019-15973
CISCO
cisco -- ios_xr_softwareA vulnerability in the access-control logic of the NETCONF over Secure Shell (SSH) of Cisco IOS XR Software may allow connections despite an access control list (ACL) that is configured to deny access to the NETCONF over SSH of an affected device. The vulnerability is due to a missing check in the NETCONF over SSH access control list (ACL). An attacker could exploit this vulnerability by connecting to an affected device using NETCONF over SSH. A successful exploit could allow the attacker to connect to the device on the NETCONF port. Valid credentials are required to access the device. This vulnerability does not affect connections to the default SSH process on the device.2019-11-26not yet calculatedCVE-2019-15998
CISCO
cisco -- multiple_productsA vulnerability in web interface of the Cisco Webex Event Center, Cisco Webex Meeting Center, Cisco Webex Support Center, and Cisco Webex Training Center could allow an unauthenticated, remote attacker to guess account usernames. The vulnerability is due to missing CAPTCHA protection in certain URLs. An attacker could exploit this vulnerability by sending a crafted request to the web interface. A successful exploit could allow the attacker to know if a given username is valid and find the real name of the user.2019-11-26not yet calculatedCVE-2019-15987
CISCO
cisco -- multiple_productsA vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE), Cisco TelePresence Codec (TC), and Cisco RoomOS Software could allow an authenticated, remote attacker to escalate privileges to an unrestricted user of the restricted shell. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including specific arguments when opening an SSH connection to an affected device. A successful exploit could allow the attacker to gain unrestricted user access to the restricted shell of an affected device.2019-11-26not yet calculatedCVE-2019-15288
CISCO
cisco -- prime_infrastructure_and_evolved_programmable_network_managerA vulnerability in the REST API of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network Manager (EPNM) could allow an unauthenticated remote attacker to execute arbitrary code with root privileges on the underlying operating system. The vulnerability is due to insufficient input validation during the initial High Availability (HA) configuration and registration process of an affected device. An attacker could exploit this vulnerability by uploading a malicious file during the HA registration period. A successful exploit could allow the attacker to execute arbitrary code with root-level privileges on the underlying operating system. Note: This vulnerability can only be exploited during the HA registration period. See the Details section for more information.2019-11-26not yet calculatedCVE-2019-15958
CISCO
cisco -- sd-wan_solutionA vulnerability in the vManage web-based UI (web UI) of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web UI on an affected instance of vManage. An attacker could exploit this vulnerability by persuading a user to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user.2019-11-26not yet calculatedCVE-2019-16002
CISCO
cisco -- small_business_rv_series_routersA vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an authenticated, remote attacker to execute arbitrary commands with root privileges. The attacker must have either a valid credential or an active session token. The vulnerability is due to lack of input validation of the HTTP payload. An attacker could exploit this vulnerability by sending a malicious HTTP request to the web-based management interface of the targeted device. A successful exploit could allow the attacker to execute commands with root privileges.2019-11-26not yet calculatedCVE-2019-15271
CISCO
cisco -- stealthwatch_enterpriseA vulnerability in the web-based management interface of Cisco Stealthwatch Enterprise could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.2019-11-26not yet calculatedCVE-2019-15994
CISCO
cisco -- telepresence_collaboration_endpoint_and_roomos_softwareA vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS Software could allow an authenticated, local attacker to enable audio recording without notifying users. The vulnerability is due to the presence of unnecessary debug commands. An attacker could exploit this vulnerability by gaining unrestricted access to the restricted shell and using the specific debug commands. A successful exploit could allow the attacker to enable the microphone of an affected device to record audio without notifying users.2019-11-26not yet calculatedCVE-2019-15967
CISCO
cisco -- unified_communications_domain_managerA vulnerability in the web-based management interface of Cisco Unified Communications Domain Manager (Unified CDM) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.2019-11-26not yet calculatedCVE-2019-15968
CISCO
cisco -- unified_communications_managerA vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management interface improperly validates SQL values. An attacker could exploit this vulnerability by authenticating to the application and sending malicious requests to an affected system. A successful exploit could allow the attacker to modify values on or return values from the underlying database.2019-11-26not yet calculatedCVE-2019-15972
CISCO
cisco -- unity_expressA vulnerability in the CLI of Cisco Unity Express could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. To exploit this vulnerability, an attacker would need valid administrator credentials. The vulnerability is due to improper input validation for certain CLI commands that are executed on a vulnerable system. An attacker could exploit this vulnerability by logging in to the system and sending crafted CLI commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root.2019-11-26not yet calculatedCVE-2019-15986
CISCO
cisco -- web_security_applianceA vulnerability in the web management interface of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform an unauthorized system reset on an affected device. The vulnerability is due to improper authorization controls for a specific URL in the web management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could have a twofold impact: the attacker could either change the administrator password, gaining privileged access, or reset the network configuration details, causing a denial of service (DoS) condition. In both scenarios, manual intervention is required to restore normal operations.2019-11-26not yet calculatedCVE-2019-15956
CISCO
cisco -- webex_meetingsA vulnerability in the Webex Network Recording Admin page of Cisco Webex Meetings could allow an authenticated, remote attacker to elevate privileges in the context of the affected page. To exploit this vulnerability, the attacker must be logged in as a low-level administrator. The vulnerability is due to insufficient access control validation. An attacker could exploit this vulnerability by submitting a crafted URL request to gain privileged access in the context of the affected page. A successful exploit could allow the attacker to elevate privileges in the Webex Recording Admin page, which could allow them to view or delete recordings that they would not normally be able to access.2019-11-26not yet calculatedCVE-2019-15960
CISCO
cisco -- webex_network_recording_player_and_webex_player_for_microsoft_windowsMultiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist due to insufficient validation of certain elements with a Webex recording stored in either the Advanced Recording Format (ARF) or the Webex Recording Format (WRF). An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user.2019-11-26not yet calculatedCVE-2019-15284
CISCO
cisco -- webex_recording_player_and_webex_player_for_microsoft_windowsMultiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist due to insufficient validation of certain elements with a Webex recording stored in either the Advanced Recording Format (ARF) or the Webex Recording Format (WRF). An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user.2019-11-26not yet calculatedCVE-2019-15286
CISCO
cisco -- webex_teamsA vulnerability in the loading mechanism of specific dynamic link libraries in Cisco Webex Teams for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The vulnerability is due to insufficient validation of the resources loaded by the application at run time. An attacker could exploit this vulnerability by crafting a malicious DLL file and placing it in a specific location on the targeted system. The malicious DLL file would execute when the vulnerable application is launched. A successful exploit could allow the attacker to execute arbitrary code on the target machine with the privileges of another user account.2019-11-26not yet calculatedCVE-2019-16001
CISCO
cisco -- wireless_lan_controller_softwareA vulnerability in the web interface of Cisco Wireless LAN Controller Software could allow a low-privileged, authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists due to a failure of the HTTP parsing engine to handle specially crafted URLs. An attacker could exploit this vulnerability by authenticating with low privileges to an affected controller and submitting the crafted URL to the web interface of the affected device. Conversely, an unauthenticated attacker could exploit this vulnerability by persuading a user of the web interface to click the crafted URL. A successful exploit could allow the attacker to cause an unexpected restart of the device, resulting in a DoS condition.2019-11-26not yet calculatedCVE-2019-15276
CISCO
claws_mail -- claws_mailClaws Mail vCalendar plugin: credentials exposed on interface2019-11-25not yet calculatedCVE-2012-5527
MISC
MISC
MISC
MISC
MISC
cloud-init -- cloud-initAn privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data.2019-11-25not yet calculatedCVE-2012-6639
MISC
MISC
MISC
MISC
MISC
MISC
cloud_foundry -- uaaCloud Foundry UAA Release, versions prior to v74.8.0, logs all query parameters to tomcat’s access file. If the query parameters are used to provide authentication, ie. credentials, then they will be logged as well.2019-11-26not yet calculatedCVE-2019-11290
CONFIRM
cloudera -- cloudera_data_science_workbenchAn issue was discovered in Cloudera Data Science Workbench (CDSW) 1.4.0 through 1.4.2. Authenticated users can bypass project permission checks and gain read-write access to any project folder.2019-11-26not yet calculatedCVE-2018-20090
CONFIRM
cloudera -- cloudera_hueIn Cloudera Hue, there is privilege escalation by a read-only user when CDH 5.x brefore 5.4.9 is used.2019-11-26not yet calculatedCVE-2015-7831
MISC
cloudera -- cloudera_managerCloudera Manager 5.8.x before 5.8.5, 5.9.x before 5.9.2, and 5.10.x before 5.10.1 allows a read-only Cloudera Manager user to discover the usernames of other users and elevate the privileges of those users.2019-11-26not yet calculatedCVE-2017-7399
CONFIRM
cloudera -- cloudera_managerMultiple cross-site scripting (XSS) vulnerabilities in the Cloudera Manager UI before 5.4.3 allow remote authenticated users to inject arbitrary web script or HTML using unspecified vectors.2019-11-26not yet calculatedCVE-2015-4457
MISC
cloudera -- cloudera_managerThere is Sensitive Information in Cloudera Manager before 5.4.6 Diagnostic Support Bundles.2019-11-26not yet calculatedCVE-2015-6495
MISC
cloudera -- cloudera_managerCloudera Manager 5.x before 5.7.1 places Sensitive Data in cleartext Readable Files.2019-11-26not yet calculatedCVE-2016-3192
MISC
cloudera -- cloudera_managerAn issue was discovered in Cloudera Manager 5.x before 5.16.2, 6.0.x before 6.0.2, and 6.1.x before 6.1.1. Malicious impala queries can result in Cross Site Scripting (XSS) when viewed within this product.2019-11-26not yet calculatedCVE-2019-14449
CONFIRM
cloudera -- hueAn issue was discovered in Cloudera Hue 6.0.0 through 6.1.0. When using one of following authentication backends: LdapBackend, PamBackend, SpnegoDjangoBackend, RemoteUserDjangoBackend, SAML2Backend, OpenIDBackend, or OAuthBackend, external users are created with superuser privileges.2019-11-26not yet calculatedCVE-2019-7319
CONFIRM
CONFIRM
cloudera -- managerCloudera Manager 5.7.x before 5.7.6, 5.8.x before 5.8.4, and 5.9.x before 5.9.1 allows XSS in the help search feature.2019-11-26not yet calculatedCVE-2016-9271
CONFIRM
cloudera -- cloudera_distribution_hadoopCloudera CDH before 5.6.1 allows authorization bypass via direct internal API calls.2019-11-26not yet calculatedCVE-2016-3131
MISC
cloudera -- cloudera_distribution_hadoopIn Cloudera CDH before 5.7.1, Impala REVOKE ALL ON SERVER commands do not revoke all privileges.2019-11-26not yet calculatedCVE-2016-4572
MISC
cloudera -- cloudera_distribution_hadoopCloudera CDH before 5.9 has Potentially Sensitive Information in Diagnostic Support Bundles.2019-11-26not yet calculatedCVE-2016-5724
MISC
cloudera -- cloudera_distribution_hadoopCloudera CDH has Insecure Permissions because ALL cannot be revoked.This affects 5.x through 5.15.1 and 6.x through 6.0.1.2019-11-26not yet calculatedCVE-2018-17860
CONFIRM
CONFIRM
cloudera -- cloudera_distribution_hadoopCloudera Search in CDH before 5.7.0 allows unauthorized document access because Solr Queries by document id can bypass Sentry document-level security via the RealTimeGetHandler.2019-11-26not yet calculatedCVE-2016-6353
MISC
cmsms -- cmsmsThe news module in CMSMS before 1.9.4.3 allows remote attackers to corrupt new articles.2019-11-26not yet calculatedCVE-2011-4310
CONFIRM
creston -- dmc-stro_devicesCrestron DMC-STRO 1.0 devices allow remote command execution as root via shell metacharacters to the ping function.2019-11-27not yet calculatedCVE-2019-18184
MISC
MISC
MISC
cri-o -- cri-oA flaw was found in cri-o, as a result of all pod-related processes being placed in the same memory cgroup. This can result in container management (conmon) processes being killed if a workload process triggers an out-of-memory (OOM) condition for the cgroup. An attacker could abuse this flaw to get host network access on an cri-o host.2019-11-25not yet calculatedCVE-2019-14891
CONFIRM
csrf_magic -- csrf_magicThe csrf_callback function in the CSRF Magic library through 2016-03-27 is vulnerable to CSRF protection bypass as it allows one to tamper with the csrf token values. A remote attacker can exploit this by crafting a malicious page and dispersing it to a victim via social engineering, enticing them to click the link. Once the user/victim clicks the "try again" button, the attacker can take over the account and perform unintended actions on the victim's behalf.2019-11-26not yet calculatedCVE-2019-17590
MISC
d-link -- dsl-6740u_gatewayMultiple cross-site request forgery (CSRF) vulnerabilities in the D-Link DSL-6740U gateway (Rev. H1) allow remote attackers to hijack the authentication of administrators for requests that change administrator credentials or enable remote management services to (1) Custom Services in Port Forwarding, (2) Port Triggering Entries, (3) URL Filters in Parental Control, (4) Print Server settings, (5) QoS Queue Setup, or (6) QoS Classification Entries.2019-11-22not yet calculatedCVE-2013-6811
MISC
MISC
d4_software -- querytreeControllers/InvitationsController.cs in QueryTree before 3.0.99-beta mishandles invitations.2019-11-25not yet calculatedCVE-2019-19249
MISC
MISC
dell_emc -- storage_monitoring_reportingDell EMC Storage Monitoring and Reporting version 4.3.1 contains a Java RMI Deserialization of Untrusted Data vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by sending a crafted RMI request to execute arbitrary code on the target host.2019-11-26not yet calculatedCVE-2019-18580
MISC
dhclient -- dhclientAn issue was discovered in dhclient 4.3.1-6 due to an embedded path variable.2019-11-27not yet calculatedCVE-2012-2248
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
dhcpv6 -- dscpv6The DHCPv6 client (dhcp6c) as used in the dhcpv6 project through 2011-07-25 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message.2019-11-27not yet calculatedCVE-2011-2717
MISC
MISC
MISC
MLIST
dirmngr -- dirmngrdirmngr before 2.1.0 improperly handles certain system calls, which allows remote attackers to cause a denial of service (DOS) via a specially-crafted certificate.2019-11-27not yet calculatedCVE-2011-2207
MISC
MISC
MISC
MISC
MLIST
dolibarr -- dolibarrDolibarr CRM/ERP 10.0.3 allows viewimage.php?file= Stored XSS due to JavaScript execution in an SVG image for a profile picture.2019-11-26not yet calculatedCVE-2019-19206
MISC
MISC
drupal -- drupalA cross-site request forgery (CSRF) vulnerability in the Activity module 6.x-1.x for Drupal.2019-11-22not yet calculatedCVE-2012-2079
MISC
MISC
drupal -- drupalDrupal Views Builk Operations (VBO) module 6.x-1.0 through 6.x-1.10 does not properly escape the vocabulary help when the vocabulary has had user tagging enabled and the "Modify node taxonomy terms" action is used. A remote attacker could provide a specially-crafted URL that could lead to cross-site scripting (XSS) attack.2019-11-25not yet calculatedCVE-2011-3373
MISC
MISC
MISC
MISC
eclipse -- jettyIn Eclipse Jetty versions 9.4.21.v20190926, 9.4.22.v20191022, and 9.4.23.v20191118, the generation of default unhandled Error response content (in text/html and text/json Content-Type) does not escape Exception messages in stacktraces included in error output.2019-11-25not yet calculatedCVE-2019-17632
CONFIRM
embedthis -- goaheadEmbedthis GoAhead before 5.0.1 mishandles redirected HTTP requests with a large Host header. The GoAhead WebsRedirect uses a static host buffer that has a limited length and can overflow. This can cause a copy of the Host header to fail, leaving that buffer uninitialized, which may leak uninitialized data in a response.2019-11-22not yet calculatedCVE-2019-19240
MISC
MISC
MISC
eracent -- multiple_linux_agentsAn issue was discovered in Eracent EDA, EPA, EPM, EUA, FLW, and SUM Agent through 10.2.26. The agent executable, when installed for non-root operations (scanning), can be forced to copy files from the filesystem to other locations via Symbolic Link Following.2019-11-22not yet calculatedCVE-2019-17445
CONFIRM
eracent -- epa_agentAn issue was discovered in Eracent EPA Agent through 10.2.26. The agent executable, when installed for non-root operations (scanning), can be used to start external programs with elevated permissions because of an Untrusted Search Path.2019-11-22not yet calculatedCVE-2019-17446
CONFIRM
evolution-data-server3 -- evolution-data-server3evolution-data-server3 3.0.3 through 3.2.1 used insecure (non-SSL) connection when attempting to store sent email messages into the Sent folder, when the Sent folder was located on the remote server. An attacker could use this flaw to obtain login credentials of the victim.2019-11-25not yet calculatedCVE-2011-3355
MISC
MISC
MISC
MISC
MISC
exis -- contexisCross-site scripting (XSS) vulnerability in the photo gallery model in Exis Contexis before 2.0 allows remote attackers to inject arbitrary web script or HTML via the image parameter in a detail action.2019-11-22not yet calculatedCVE-2013-6239
MISC
MISC
MISC
f5 -- big-ipOn BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5, vCMP hypervisors are incorrectly exposing the plaintext unit key for their vCMP guests on the filesystem.2019-11-27not yet calculatedCVE-2019-6670
CONFIRM
f5 -- big-ipOn versions 15.0.0-15.0.1 and 14.0.0-14.1.2, when the BIG-IP is configured in HTTP/2 Full Proxy mode, specifically crafted requests may cause a disruption of service provided by the Traffic Management Microkernel (TMM).2019-11-27not yet calculatedCVE-2019-6673
CONFIRM
f5 -- big-ipOn BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5.1, undisclosed traffic flow may cause TMM to restart under some circumstances.2019-11-27not yet calculatedCVE-2019-6669
CONFIRM
f5 -- big-ipOn BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.1.0-13.1.1.5, 12.1.0-12.1.4.1, and 11.5.1-11.6.5, under certain conditions, TMM may consume excessive resources when processing traffic for a Virtual Server with the FIX (Financial Information eXchange) profile applied.2019-11-27not yet calculatedCVE-2019-6667
CONFIRM
f5 -- big-ipOn BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, under certain conditions tmm may leak memory when processing packet fragments, leading to resource starvation.2019-11-27not yet calculatedCVE-2019-6671
CONFIRM
f5 -- big-ipOn BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, and 13.1.0-13.1.1.4, the TMM process may produce a core file when an upstream server or cache sends the BIG-IP an invalid age header value.2019-11-27not yet calculatedCVE-2019-6666
CONFIRM
f5 -- big-ip_afmOn BIG-IP AFM 15.0.0-15.0.1, 14.0.0-14.1.2, and 13.1.0-13.1.3.1, when bad-actor detection is configured on a wildcard virtual server on platforms with hardware-based sPVA, the performance of the BIG-IP AFM system is degraded.2019-11-27not yet calculatedCVE-2019-6672
CONFIRM
f5 -- big-ip_apmThe BIG-IP APM Edge Client for macOS bundled with BIG-IP APM 15.0.0-15.0.1, 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.1.0-13.1.1.5, 12.1.0-12.1.5, and 11.5.1-11.6.5 may allow unprivileged users to access files owned by root.2019-11-27not yet calculatedCVE-2019-6668
CONFIRM
f5 -- hotfix-big-ipBIG-IP configurations using Active Directory, LDAP, or Client Certificate LDAP for management authentication with multiple servers are exposed to a vulnerability which allows an authentication bypass. This can result in a complete compromise of the system. This issue only impacts specific engineering hotfixes using the aforementioned authentication configuration. NOTE: This vulnerability does not affect any of the BIG-IP major, minor or maintenance releases you obtained from downloads.f5.com. The affected Engineering Hotfix builds are as follows: Hotfix-BIGIP-14.1.0.3.0.79.6-ENG.iso, Hotfix-BIGIP-14.1.0.3.0.97.6-ENG.iso, Hotfix-BIGIP-14.1.0.3.0.99.6-ENG.iso, Hotfix-BIGIP-14.1.0.5.0.15.5-ENG.iso, Hotfix-BIGIP-14.1.0.5.0.36.5-ENG.iso, Hotfix-BIGIP-14.1.0.5.0.40.5-ENG.iso, Hotfix-BIGIP-14.1.0.6.0.11.9-ENG.iso, Hotfix-BIGIP-14.1.0.6.0.14.9-ENG.iso, Hotfix-BIGIP-14.1.0.6.0.68.9-ENG.iso, Hotfix-BIGIP-14.1.0.6.0.70.9-ENG.iso, Hotfix-BIGIP-14.1.2.0.11.37-ENG.iso, Hotfix-BIGIP-14.1.2.0.18.37-ENG.iso, Hotfix-BIGIP-14.1.2.0.32.37-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.46.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.14.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.16.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.34.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.97.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.99.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.105.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.111.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.115.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.122.4-ENG.iso, Hotfix-BIGIP-15.0.1.0.33.11-ENG.iso, Hotfix-BIGIP-15.0.1.0.48.11-ENG.iso2019-11-26not yet calculatedCVE-2019-6675
CONFIRM
CONFIRM
f5 -- multiple_productsOn BIG-IP ASM 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, BIG-IQ 6.0.0 and 5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, an attacker with access to the device communication between the BIG-IP ASM Central Policy Builder and the BIG-IQ/Enterprise Manager/F5 iWorkflow will be able to set up the proxy the same way and intercept the traffic.2019-11-27not yet calculatedCVE-2019-6665
CONFIRM
f5 -- ssl_orchestratorOn F5 SSL Orchestrator 15.0.0-15.0.1 and 14.0.0-14.1.2, TMM may crash when processing SSLO data in a service-chaining configuration.2019-11-27not yet calculatedCVE-2019-6674
CONFIRM
fastweb -- askey_rtv1907vw_devicesAn issue was discovered on Fastweb Askey RTV1907VW 0.00.81_FW_200_Askey 2018-10-02 18:08:18 devices. By using the usb_remove service through an HTTP request, it is possible to inject and execute a command between two & characters in the mount parameter.2019-11-26not yet calculatedCVE-2019-12489
MISC
EXPLOIT-DB
flashcanvas -- flashcanvasOpen redirect in proxy.php in FlashCanvas before 1.6 allows remote attackers to redirect users to arbitrary web sites and conduct cross-site scripting (XSS) attacks via the HTTP Referer header.2019-11-22not yet calculatedCVE-2013-6880
MISC
MISC
MISC
MISC
fortinet -- fortiosAn Improper Input Validation vulnerability in the SSL VPN portal of FortiOS versions 6.2.1 and below, and 6.0.6 and below may allow an unauthenticated remote attacker to crash the SSL VPN service by sending a crafted POST request.2019-11-27not yet calculatedCVE-2019-15705
CONFIRM
frams'_fast_file_exchange -- frams'_fast_file_exchangeThe addto parameter to fup in Frams' Fast File EXchange (F*EX, aka fex) before fex-2014053 allows remote attackers to conduct cross-site scripting (XSS) attacks2019-11-27not yet calculatedCVE-2014-3875
MISC
MISC
MISC
MISC
MISC
freebsd -- freebsdInformation Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. A signedness error in the IEEE80211_IOC_CHANINFO ioctl allows a local unprivileged user to cause the kernel to copy large amounts of kernel memory back to the user, disclosing potentially sensitive information.2019-11-27not yet calculatedCVE-2011-2480
MISC
MISC
MISC
MISC
MLIST
freeipa -- freeipaipa 3.0 does not properly check server identity before sending credential containing cookies2019-11-25not yet calculatedCVE-2012-5631
MISC
MISC
MISC
MISC
freeipa -- freeipaA flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way that FreeIPA's batch processing API logged operations. This included passing user passwords in clear text on FreeIPA masters. Batch processing of commands with passwords as arguments or options is not performed by default in FreeIPA but is possible by third-party components. An attacker having access to system logs on FreeIPA masters could use this flaw to produce log file content with passwords exposed.2019-11-27not yet calculatedCVE-2019-10195
CONFIRM
MISC
MISC
MISC
freeipa -- freeipaA flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way the internal function ber_scanf() was used in some components of the IPA server, which parsed kerberos key data. An unauthenticated attacker who could trigger parsing of the krb principal key could cause the IPA server to crash or in some conditions, cause arbitrary code to be executed on the server hosting the IPA server.2019-11-27not yet calculatedCVE-2019-14867
CONFIRM
MISC
MISC
MISC
fusionpbx -- fusionpbxA cross-site scripting (XSS) vulnerability in app/fax/fax_files.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter.2019-11-27not yet calculatedCVE-2019-19367
MISC
MISC
fusionpbx -- fusionpbxA cross-site scripting (XSS) vulnerability in app/xml_cdr/xml_cdr_search.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter.2019-11-27not yet calculatedCVE-2019-19366
MISC
MISC
gitlab -- gitlabGitLab 12.2.3 contains a security vulnerability that allows a user to affect the availability of the service through a Denial of Service attack in Issue Comments.2019-11-22not yet calculatedCVE-2019-15593
MISC
gitlab -- gitlab_community_and_enterprise_editionAn issue was discovered in GitLab Community and Enterprise Edition through 12.4. It has Insecure Permissions (issue 4 of 4).2019-11-26not yet calculatedCVE-2019-18463
MISC
MISC
gitlab -- gitlab_community_and_enterprise_editionAn issue was discovered in GitLab Community and Enterprise Edition 11.3 to 12.3 in the protected environments feature. It has Insecure Permissions (issue 3 of 4).2019-11-26not yet calculatedCVE-2019-18459
MISC
MISC
gitlab -- gitlab_community_and_enterprise_editionAn issue was discovered in GitLab Community and Enterprise Edition 11.3 through 12.3 when a sub group epic is added to a public group. It has Incorrect Access Control.2019-11-26not yet calculatedCVE-2019-18461
MISC
MISC
gitlab -- gitlab_community_and_enterprise_editionAn issue was discovered in GitLab Community and Enterprise Edition 11.3 through 12.4. It has Insecure Permissions.2019-11-26not yet calculatedCVE-2019-18462
MISC
MISC
gitlab -- gitlab_community_and_enterprise_editionAn issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the autocomplete feature. It has Insecure Permissions (issue 2 of 2).2019-11-26not yet calculatedCVE-2019-18449
MISC
MISC
gitlab -- gitlab_community_and_enterprise_editionAn issue was discovered in GitLab Community and Enterprise Edition 8.17 through 12.4 in the Search feature provided by Elasticsearch integration.. It has Insecure Permissions (issue 1 of 4).2019-11-26not yet calculatedCVE-2019-18456
MISC
MISC
gksu-polkit -- gksu-polkitgksu-polkit: permissive PolicyKit policy configuration file allows privilege escalation2019-11-25not yet calculatedCVE-2012-5617
MISC
MISC
MISC
MISC
MISC
MISC
MISC
gnome -- gnome-font-viewerIn text_to_glyphs in sushi-font-widget.c in gnome-font-viewer 3.34.0, there is a NULL pointer dereference while parsing a TTF font file that lacks a name section (due to a g_strconcat call that returns NULL).2019-11-27not yet calculatedCVE-2019-19308
MISC
CONFIRM
gnome -- gnome-system-loggnome-system-log polkit policy allows arbitrary files on the system to be read2019-11-25not yet calculatedCVE-2012-5535
MISC
MISC
MISC
MISC
MISC
gnu -- patchA Directory Traversal vulnerability exists in the GNU patch before 2.7.4. A remote attacker can write to arbitrary files via a symlink attack in a patch file. NOTE: this issue exists because of an incomplete fix for CVE-2015-1196.2019-11-25not yet calculatedCVE-2015-1396
MISC
MISC
MISC
MISC
google -- chromeInsufficient policy enforcement in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13664
MISC
MISC
google -- chromeInsufficient data validation in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13673
MISC
MISC
google -- chromeInsufficient policy enforcement in site isolation in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass site isolation via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13677
MISC
MISC
google -- chromeIDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.2019-11-25not yet calculatedCVE-2019-13674
MISC
MISC
google -- chromeUI spoofing in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof notifications via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13661
MISC
MISC
google -- chromeIDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.2019-11-25not yet calculatedCVE-2019-13663
MISC
MISC
google -- chromeInsufficient policy enforcement in external protocol handling in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass same origin policy via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13682
MISC
MISC
google -- chromeInformation leak in storage in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13666
MISC
MISC
google -- chromeInsufficient data validation in extensions in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to disable extensions via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13675
MISC
MISC
google -- chromeInsufficient data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass download restrictions via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13681
MISC
MISC
google -- chromeInsufficient data validation in JavaScript in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13670
MISC
MISC
google -- chromeInappropriate implementation in TLS in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof client IP address to websites via crafted TLS connections.2019-11-25not yet calculatedCVE-2019-13680
MISC
MISC
google -- chromeInsufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13668
MISC
MISC
google -- chromeInappropriate implementation in Omnibox in Google Chrome on iOS prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13667
MISC
MISC
google -- chromeUI spoofing in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof security UI via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13671
MISC
MISC
google -- chromeIncorrect data validation in navigation in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13669
MISC
MISC
google -- chromeInsufficient filtering in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass multiple file download protection via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13665
MISC
MISC
google -- chromeInsufficient policy enforcement in PDFium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to show print dialogs via a crafted PDF file.2019-11-25not yet calculatedCVE-2019-13679
MISC
MISC
google -- chromeInsufficient policy enforcement in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13676
MISC
MISC
google -- chromeUI spoofing in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof notifications via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13660
MISC
MISC
google -- chromeUse after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13723
MISC
MISC
google -- chromeIncorrect data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13678
MISC
MISC
google -- chromeInsufficient policy enforcement in navigations in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13662
MISC
MISC
google -- chromeIDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.2019-11-25not yet calculatedCVE-2019-13659
MISC
MISC
google -- chromeOut of bounds read in JavaScript in Google Chrome prior to 76.0.3809.100 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5867
MISC
MISC
google -- chromeKaspersky Protection extension for web browser Google Chrome prior to 30.112.62.0 was vulnerable to unauthorized access to its features remotely that could lead to removing other installed extensions.2019-11-25not yet calculatedCVE-2019-15684
CONFIRM
google -- chromeInsufficient filtering in URI schemes in Google Chrome on Windows prior to 77.0.3865.75 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5874
MISC
MISC
google -- chromeInsufficient policy validation in navigation in Google Chrome on iOS prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5873
MISC
MISC
google -- chromeHeap buffer overflow in Skia in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5871
MISC
MISC
google -- chromeOut of bounds memory access in JavaScript in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5877
MISC
MISC
google -- chromeOut of bounds read in SwiftShader in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5881
MISC
MISC
google -- chromeInsufficient policy enforcement in storage in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5856
MISC
MISC
google -- chromeInsufficient data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5875
MISC
MISC
google -- chromeInsufficient filtering in URI schemes in Google Chrome on Windows prior to 76.0.3809.87 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5859
MISC
MISC
google -- chromeInsufficient policy enforcement in navigations in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5865
MISC
MISC
google -- chromeInsufficient data validation in AppCache in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5862
MISC
MISC
google -- chromeUse after free in IndexedDB in Google Chrome prior to 73.0.3683.86 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5826
MISC
MISC
google -- chromeInsufficient data validation in Blink in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to bypass anti-clickjacking policy via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5861
MISC
MISC
google -- chromeInteger overflow in PDFium in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.2019-11-25not yet calculatedCVE-2019-5855
MISC
MISC
google -- chromeInsufficient data validation in CORS in Google Chrome prior to 76.0.3809.87 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension.2019-11-25not yet calculatedCVE-2019-5864
MISC
MISC
google -- chromeInappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5857
MISC
MISC
google -- chromeOut of bounds write in JavaScript in Google Chrome prior to 73.0.3683.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5825
MISC
MISC
google -- chromeIncorrect security UI in MacOS services integration in Google Chrome on OS X prior to 76.0.3809.87 allowed a local attacker to execute arbitrary code via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5858
MISC
MISC
google -- chromeInsufficient policy enforcement in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5880
MISC
MISC
google -- chromeInsufficient policy enforcement in extensions in Google Chrome prior to 77.0.3865.75 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension.2019-11-25not yet calculatedCVE-2019-5879
MISC
MISC
haproxy -- haproxyThe HTTP/2 implementation in HAProxy before 2.0.10 mishandles headers, as demonstrated by carriage return (CR, ASCII 0xd), line feed (LF, ASCII 0xa), and the zero character (NUL, ASCII 0x0), aka Intermediary Encapsulation Attacks.2019-11-27not yet calculatedCVE-2019-19330
MISC
MISC
MISC
MISC
hardlink -- hardlinkHardlink before 0.1.2 operates on full file system objects path names which can allow a local attacker to use this flaw to conduct symlink attacks.2019-11-26not yet calculatedCVE-2011-3632
MISC
MISC
MISC
MISC
MISC
MISC
hardlink -- hardlinkHardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. A remote attacker could provide a specially-crafted directory tree, and trick the local user into consolidating it, leading to hardlink executable crash, or, potentially arbitrary code execution with the privileges of the user running the hardlink executable.2019-11-26not yet calculatedCVE-2011-3630
MISC
MISC
MISC
MISC
MISC
hardlink -- hardlinkHardlink before 0.1.2 has multiple integer overflows leading to heap-based buffer overflows because of the way string lengths concatenation is done in the calculation of the required memory space to be used. A remote attacker could provide a specially-crafted directory tree and trick the local user into consolidating it, leading to hardlink executable crash or potentially arbitrary code execution with user privileges.2019-11-26not yet calculatedCVE-2011-3631
MISC
MISC
MISC
MISC
hp -- thinproThe VPN software within HP ThinPro does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with root privileges.2019-11-22not yet calculatedCVE-2019-18909
CONFIRM
hp -- thinproIf a local user has been configured and logged in, an unauthenticated attacker with physical access may be able to extract sensitive information onto a local drive.2019-11-22not yet calculatedCVE-2019-16285
CONFIRM
hp -- thinproAn attacker may be able to leverage the application filter bypass vulnerability to gain privileged access to create a file on the local file system whose presence puts the device in Administrative Mode, which will allow the attacker to executed commands with elevated privileges.2019-11-22not yet calculatedCVE-2019-16287
CONFIRM
hp -- thinproAn attacker may be able to bypass the OS application filter meant to restrict applications that can be executed by changing browser preferences to launch a separate process that in turn can execute arbitrary commands.2019-11-22not yet calculatedCVE-2019-16286
CONFIRM
hp -- thinproThe Citrix Receiver wrapper function does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with local user privileges.2019-11-22not yet calculatedCVE-2019-18910
CONFIRM
ibm -- spectrum_protect_backup-archive_clientIBM Spectrum Protect Backup-Archive Client 7.1 and 8.1 may be vulnerable to a denial of service attack due to a timing issue between client and server TCP/IP communications. IBM X-Force ID: 162477.2019-11-25not yet calculatedCVE-2019-4406
XF
CONFIRM
ibm -- spectrum_protect_backup-archive_client_and_spectrum_protect_for_virtual_enviromentsIBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments 7.1 and 8.1 creates directories/files in the CIT sub directory that are read/writable by everyone. IBM X-Force ID: 155551.2019-11-25not yet calculatedCVE-2018-2025
XF
CONFIRM
ibm -- sterling_b2b_integrator_standard_editionIBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.2.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 162715.2019-11-26not yet calculatedCVE-2019-4387
XF
CONFIRM
ibm -- tivoli_netcool_impactIBM Tivoli Netcool Impact 7.1.0 through 7.1.0.16 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 166720.2019-11-22not yet calculatedCVE-2019-4570
XF
CONFIRM
ibm -- tivoli_netcool_impactIBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.16 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 166719.2019-11-22not yet calculatedCVE-2019-4569
XF
CONFIRM
ibus -- ibusA flaw was discovered in ibus that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrokes of a victim user who is using the graphical interface, change the input method engine, or modify other input related configurations of the victim user.2019-11-25not yet calculatedCVE-2019-14822
CONFIRM
infinispan -- infinispanA vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan's privileges. The attacker can use reflection to introduce new, malicious behavior into the application.2019-11-25not yet calculatedCVE-2019-10174
CONFIRM
internet_systems_consortium -- bindWith pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resources than the server has been provisioned to handle. When a TCP connection with a large number of pipelined queries is closed, the load on the server releasing these multiple resources can cause it to become unresponsive, even for queries that can be answered authoritatively or from cache. (This is most likely to be perceived as an intermittent server problem).2019-11-26not yet calculatedCVE-2019-6477
CONFIRM
iobroker.web -- iobroker.webCharacters in the GET url path are not properly escaped and can be reflected in the server response.2019-11-25not yet calculatedCVE-2019-10771
MISC
joomla! -- joomla!Cross-site scripting (XSS) vulnerability in the Mijosoft MijoSearch component 2.0.4 and earlier for Joomla! allows remote attackers to inject arbitrary web script or HTML via the query parameter to component/mijosearch/search.2019-11-22not yet calculatedCVE-2013-6878
MISC
joomla! -- joomla!The Mijosoft MijoSearch component 2.0.1 and earlier for Joomla! allows remote attackers to obtain sensitive information via a request to component/mijosearch/search, which reveals the installation path in an error message.2019-11-22not yet calculatedCVE-2013-6879
MISC
kaspersky -- multiple_productsKaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component did not adequately inform the user about the threat of redirecting to an untrusted site. Bypass.2019-11-26not yet calculatedCVE-2019-15688
CONFIRM
kaspersky -- multiple_productsKaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component allowed an attacker remotely disable such product's security features as private browsing and anti-banner. Bypass.2019-11-26not yet calculatedCVE-2019-15685
CONFIRM
kaspersky -- multiple_productsKaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component was vulnerable to remote disclosure of various information about the user's system (like Windows version and version of the product, host unique ID). Information Disclosure.2019-11-26not yet calculatedCVE-2019-15687
CONFIRM
kaspersky -- multiple_productsKaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component allowed an attacker remotely disable various anti-virus protection features. DoS, Bypass.2019-11-26not yet calculatedCVE-2019-15686
CONFIRM
katello -- katelloA cleartext password storage issue was discovered in Katello, versions 3.x.x.x before katello 3.12.0.9. Registry credentials used during container image discovery were inadvertently logged without being masked. This flaw could expose the registry credentials to other privileged users.2019-11-25not yet calculatedCVE-2019-14825
CONFIRM
libnbd -- libnbdStructured reply is a feature of the newstyle NBD protocol allowing the server to send a reply in chunks. A bounds check which was supposed to test for chunk offsets smaller than the beginning of the request did not work because of signed/unsigned confusion. If one of these chunks contains a negative offset then data under control of the server is written to memory before the read buffer supplied by the client. If the read buffer is located on the stack then this allows the stack return address from nbd_pread() to be trivially modified, allowing arbitrary code execution under the control of the server. If the buffer is located on the heap then other memory objects before the buffer can be overwritten, which again would usually lead to arbitrary code execution.2019-11-26not yet calculatedCVE-2019-14842
CONFIRM
MISC
libuser -- libuserlibuser has information disclosure when moving user's home directory2019-11-25not yet calculatedCVE-2012-5644
MISC
REDHAT
MISC
MISC
libuser -- libuserlibuser 0.56 and 0.57 has a TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees.2019-11-25not yet calculatedCVE-2012-5630
FEDORA
REDHAT
MISC
MISC
MISC
lilo -- lilolilo-uuid-diskid causes lilo.conf to be world-readable in lilo 23.1.2019-11-26not yet calculatedCVE-2011-1934
MISC
CONFIRM
MLIST
MISC
linux -- linux_kernelkernel is vulnerable to a None2019-11-25not yet calculatedCVE-2019-14815
CONFIRM
linux -- linux_kernelIn the AppleTalk subsystem in the Linux kernel before 5.1, there is a potential NULL pointer dereference because register_snap_client may return NULL. This will lead to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c, as demonstrated by unregister_snap_client, aka CID-9804501fa122.2019-11-22not yet calculatedCVE-2019-19227
MISC
MISC
linux -- linux_kernelLinux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.2019-11-27not yet calculatedCVE-2019-10220
CONFIRM
linux -- linux_kernelIn the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer,2019-11-28not yet calculatedCVE-2019-19318
MISC
linux -- linux_kernelA vulnerability was found in marvell wifi chip driver in Linux kernel. There is a heap-based buffer overflow in lbs_ibss_join_existing function in drivers/net/wireless/marvell/libertas/cfg.c allows remote attackers to cause a denial of service(system crash) or possibly execute arbitrary code. When STA connects to AP, lbs_ibss_join_existing function will be called for STA.2019-11-27not yet calculatedCVE-2019-14896
CONFIRM
linux -- linux_kernelvcs_write in drivers/tty/vt/vc_screen.c in the Linux kernel through 5.3.13 does not prevent write access to vcsu devices, aka CID-0c9acb1af77a.2019-11-25not yet calculatedCVE-2019-19252
MISC
MISC
linux -- linux_kernelThe Linux kernel through 5.3.13 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c.2019-11-27not yet calculatedCVE-2019-18660
MISC
MISC
linux -- linux_kernelIn the Linux kernel 5.0.21, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a memset call.2019-11-27not yet calculatedCVE-2019-19319
MISC
linux -- linux_kernelA flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash.2019-11-25not yet calculatedCVE-2019-10207
CONFIRM
linux -- linux_kernelThe Linux kernel through 5.3.13 has a start_offset+size Integer Overflow in cpia2_remap_buffer in drivers/media/usb/cpia2/cpia2_core.c because cpia2 has its own mmap implementation. This allows local users (with /dev/video0 access) to obtain read and write permissions on kernel physical pages, which can possibly result in a privilege escalation.2019-11-25not yet calculatedCVE-2019-18675
MISC
MISC
mcafee -- client_proxyAuthentication Bypass vulnerability in the Microsoft Windows client in McAfee Client Proxy (MCP) prior to 3.0.0 allows local user to bypass scanning of web traffic and gain access to blocked sites for a short period of time via generating an authorization key on the client which should only be generated by the network administrator.2019-11-22not yet calculatedCVE-2019-3654
MISC
mersive -- solsticeInsufficient validation of user-supplied input for the Solstice Pod networking configuration enables authenticated attackers to execute arbitrary commands as root.2019-11-27not yet calculatedCVE-2017-12945
MISC
MISC
microsoft -- visual_studio_codeIf an attacker can get a user to open a specially prepared directory tree as a workspace in Visual Studio Code with the CodeQL extension active, arbitrary code of the attacker's choosing may be executed on the user's behalf. This is fixed in version 1.0.1 of the extension. Users should upgrade to this version using Visual Studio Code Marketplace's upgrade mechanism. After upgrading, the codeQL.cli.executablePath setting can only be set in the per-user settings, and not in the per-workspace settings. More information about VS Code settings can be found here.2019-11-25not yet calculatedCVE-2019-16765
MISC
MISC
CONFIRM
naver -- vaccinensGreen.dll in Naver Vaccine 2.1.4 allows remote attackers to overwrite arbitary files via directory traversal sequences in a filename within nsz archive.2019-11-22not yet calculatedCVE-2019-13157
CONFIRM
nokia -- impactNokia IMPACT < 18A: allows full path disclosure2019-11-25not yet calculatedCVE-2019-17404
MISC
MISC
nokia -- impactNokia IMPACT < 18A: An unrestricted File Upload vulnerability was found that may lead to Remote Code Execution.2019-11-25not yet calculatedCVE-2019-17403
MISC
MISC
nokia -- impactNokia IMPACT < 18A has path traversal that may lead to RCE if chained with CVE-2019-17432019-11-25not yet calculatedCVE-2019-17406
MISC
MISC
nokia -- impactNokia IMPACT < 18A: has Reflected self XSS2019-11-25not yet calculatedCVE-2019-17405
MISC
MISC
nsslglobal_technologies -- satlink_vsat_modem_unit_devicesThe web interface for NSSLGlobal SatLink VSAT Modem Unit (VMU) devices before 18.1.0 doesn't properly sanitize input for error messages, leading to the ability to inject client-side code.2019-11-22not yet calculatedCVE-2019-15652
MISC
MISC
omron -- cx-supervisorIn Omron CX-Supervisor, Versions 3.5 (12) and prior, Omron CX-Supervisor ships with Teamviewer Version 5.0.8703 QS. This version of Teamviewer is vulnerable to an obsolete function vulnerability requiring user interaction to exploit.2019-11-26not yet calculatedCVE-2019-18251
MISC
oniguruma -- onigurumaOniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c.2019-11-25not yet calculatedCVE-2019-19246
MISC
MISC
opendnssec -- opendnssecopendnssec misuses libcurl API2019-11-25not yet calculatedCVE-2012-5582
MISC
MISC
MISC
MISC
openstack -- novaOpenStack Nova before 2012.1 allows someone with access to an EC2_ACCESS_KEY (equivalent to a username) to obtain the EC2_SECRET_KEY (equivalent to a password). Exposing the EC2_ACCESS_KEY via http or tools that allow man-in-the-middle over https could allow an attacker to easily obtain the EC2_SECRET_KEY. An attacker could also presumably brute force values for EC2_ACCESS_KEY.2019-11-26not yet calculatedCVE-2011-4076
MISC
MISC
MISC
MISC
MISC
opentrade -- opentradeOpenTrade before 2019-11-23 allows SQL injection, related to server/modules/api/v1.js and server/utils.js.2019-11-25not yet calculatedCVE-2019-19250
MISC
openvas -- openvasopenvas-scanner before 2011-09-11 creates a temporary file insecurely when generating OVAL system characteristics document with the ovaldi integrated tool enabled. A local attacker could use this flaw to conduct symlink attacks to overwrite arbitrary files on the system.2019-11-25not yet calculatedCVE-2011-3351
MISC
MISC
MISC
MISC
otrs -- help_desk_and_itsm_and_faqAn Access Bypass issue exists in OTRS Help Desk before 3.2.4, 3.1.14, and 3.0.19, OTRS ITSM before 3.2.3, 3.1.8, and 3.0.7, and FAQ before 2.2.3, 2.1.4, and 2.0.8. Access rights by the object linking mechanism is not verified2019-11-27not yet calculatedCVE-2013-2625
MISC
MISC
MISC
MISC
MISC
owncloud -- owncloudMultiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.5, 4.0.10, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) unspecified parameters to apps/calendar/ajax/event/new.php or (2) url parameter to apps/bookmarks/ajax/addBookmark.php.2019-11-22not yet calculatedCVE-2013-0203
MISC
MISC
packagekit -- packagekitPackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of arbitrary code.2019-11-27not yet calculatedCVE-2011-2515
MISC
MISC
MISC
BID
pannellum -- pannellumIn Pannellum from 2.5.0 through 2.5.4 URLs were not sanitized for data URIs (or vbscript:), allowing for potential XSS attacks. Such an attack would require a user to click on a hot spot to execute and would require an attacker-provided configuration. The most plausible potential attack would be if pannellum.htm was hosted on a domain that shared cookies with the targeted site's user authentication; an &lt;iframe&gt; could then be embedded on the attacker's site using pannellum.htm from the targeted site, which would allow the attacker to potentially access information from the targeted site as the authenticated user (or worse if the targeted site did not have adequate CSRF protections) if the user clicked on a hot spot in the attacker's embedded panorama viewer. This was patched in version 2.5.5.2019-11-22not yet calculatedCVE-2019-16763
MISC
CONFIRM
pega -- pega_platformPEGA Platform 8.3.0 is vulnerable to Information disclosure via a direct prweb/sso/random_token/!STANDARD?pyStream=MyAlerts request to get Audit Log information while using a low-privilege account.2019-11-26not yet calculatedCVE-2019-16388
MISC
pega -- pega_platformPEGA Platform 7.x and 8.x is vulnerable to Information disclosure via a direct prweb/sso/random_token/!STANDARD?pyActivity=GetWebInfo&target=popup&pzHarnessID=random_harness_id request to get database schema information while using a low-privilege account.2019-11-26not yet calculatedCVE-2019-16386
MISC
pega -- pega_platformPEGA Platform 8.3.0 is vulnerable to a direct prweb/sso/random_token/!STANDARD?pyActivity=Data-Admin-DB-Name.DBSchema_ListDatabases request while using a low-privilege account. (This can perform actions and retrieve data that only an administrator should have access to.)2019-11-26not yet calculatedCVE-2019-16387
MISC
philips -- intellibridge_ec40_and_ec80_devicesIn Philips IntelliBridge EC40 and EC80, IntelliBridge EC40 Hub all versions, and IntelliBridge EC80 Hub all versions, the SSH server running on the affected products is configured to allow weak ciphers. This could enable an unauthorized attacker with access to the network to capture and replay the session and gain unauthorized access to the EC40/80 hub.2019-11-26not yet calculatedCVE-2019-18241
MISC
phpldapadmin -- phpldapadminA local file inclusion flaw was found in the way the phpLDAPadmin before 0.9.8 processed certain values of the "Accept-Language" HTTP header. A remote attacker could use this flaw to cause a denial of service via specially-crafted request.2019-11-26not yet calculatedCVE-2011-4082
MISC
MISC
MISC
phpldapadmin -- phpldapadminAn issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack through the designer feature.2019-11-22not yet calculatedCVE-2019-18622
CONFIRM
pivotal -- rabbitmq_and_rabbitmq_for_pcfPivotal RabbitMQ, 3.7 versions prior to v3.7.20 and 3.8 version prior to v3.8.1, and RabbitMQ for PCF, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain two endpoints, federation and shovel, which do not properly sanitize user input. A remote authenticated malicious user with administrative access could craft a cross site scripting attack via the vhost or node name fields that could grant access to virtual hosts and policy management information.2019-11-22not yet calculatedCVE-2019-11291
CONFIRM
pivotal -- rabbitmq_and_rabbitmq_for_pivotal_platformPivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. The "X-Reason" HTTP Header can be leveraged to insert a malicious Erlang format string that will expand and consume the heap, resulting in the server crashing.2019-11-23not yet calculatedCVE-2019-11287
CONFIRM
polipo -- polipoPolipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT request.2019-11-26not yet calculatedCVE-2011-3596
MISC
MISC
MISC
MISC
posh -- posh_portalMultiple cross-site scripting (XSS) vulnerabilities in POSH (aka Posh portal or Portaneo) 3.0 through 3.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) error parameter to /includes/plugins/mobile/scripts/login.php or (2) id parameter to portal/openrssarticle.php2019-11-22not yet calculatedCVE-2014-2214
MISC
MISC
posh -- posh_portalOpen redirect vulnerability in the password reset functionality in POSH 3.0 through 3.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to portal/scr_sendmd5.php.2019-11-22not yet calculatedCVE-2014-2213
MISC
MISC
MISC
pow_assent -- pow_assentThe use of `String.to_atom/1` in PowAssent is susceptible to denial of service attacks. In `PowAssent.Phoenix.AuthorizationController` a value is fetched from the user provided params, and `String.to_atom/1` is used to convert the binary value to an atom so it can be used to fetch the provider configuration value. This is unsafe as it is user provided data, and can be used to fill up the whole atom table of ~1M which will cause the app to crash.2019-11-25not yet calculatedCVE-2019-16764
MISC
MISC
CONFIRM
MISC
powerdns -- powerdnsPowerDNS Authoritative daemon , pdns versions 4.0.x before 4.0.9, 4.1.x before 4.1.11, exiting when encountering a serial between 2^31 and 2^32-1 while trying to notify a slave leads to DoS.2019-11-22not yet calculatedCVE-2019-10203
CONFIRM
CONFIRM
proftpd -- proftpdAn issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. Failure to check for the appropriate field of a CRL entry (checking twice for subject, rather than once for subject and once for issuer) prevents some valid CRLs from being taken into account, and can allow clients whose certificates have been revoked to proceed with a connection to the server.2019-11-26not yet calculatedCVE-2019-19270
MISC
proftpd -- proftpdAn issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. A wrong iteration variable, used when checking a client certificate against CRL entries (installed by a system administrator), can cause some CRL entries to be ignored, and can allow clients whose certificates have been revoked to proceed with a connection to the server.2019-11-26not yet calculatedCVE-2019-19271
MISC
proftpd -- proftpdAn issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. Direct dereference of a NULL pointer (a variable initialized to NULL) leads to a crash when validating the certificate of a client connecting to the server in a TLS client/server mutual-authentication setup.2019-11-26not yet calculatedCVE-2019-19272
MISC
progress -- sitefinityProgress Sitefinity 12.1 has a Weak Password Recovery Mechanism for a Forgotten Password because the HTTP Host header is mishandled.2019-11-26not yet calculatedCVE-2019-17392
MISC
python-ecdsa -- python-ecdsaAn error-handling flaw was found in python-ecdsa. During signature decoding, malformed DER signatures could raise unexpected exceptions (or no exceptions at all), which could lead to a denial of service.2019-11-26not yet calculatedCVE-2019-14853
CONFIRM
MISC
python -- pythontyped_ast 1.3.0 and 1.3.1 has a handle_keywordonly_args out-of-bounds read. An attacker with the ability to cause a Python interpreter to parse Python source (but not necessarily execute it) may be able to crash the interpreter process. This could be a concern, for example, in a web-based service that parses (but does not execute) Python code. (This issue also affected certain Python 3.8.0-alpha prereleases.)2019-11-26not yet calculatedCVE-2019-19274
MISC
MISC
MISC
MISC
MISC
python -- pythonThe CGIHandler class in Python before 2.7.12 does not protect against the HTTP_PROXY variable name clash in a CGI script, which could allow a remote attacker to redirect HTTP requests.2019-11-27not yet calculatedCVE-2016-1000110
MISC
MISC
MISC
MISC
python -- pythonPython keyring has insecure permissions on new databases allowing world-readable files to be created2019-11-25not yet calculatedCVE-2012-5578
MISC
REDHAT
MISC
MISC
MISC
DEBIAN
python -- pythontyped_ast 1.3.0 and 1.3.1 has an ast_for_arguments out-of-bounds read. An attacker with the ability to cause a Python interpreter to parse Python source (but not necessarily execute it) may be able to crash the interpreter process. This could be a concern, for example, in a web-based service that parses (but does not execute) Python code. (This issue also affected certain Python 3.8.0-alpha prereleases.)2019-11-26not yet calculatedCVE-2019-19275
MISC
MISC
MISC
MISC
MISC
pyxml -- pyxmlPyXML: Hash table collisions CPU usage Denial of Service2019-11-22not yet calculatedCVE-2012-0877
MISC
MISC
MISC
MISC
MISC
quagga -- quaggaquagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal2019-11-25not yet calculatedCVE-2012-5521
MISC
MISC
MISC
MISC
MISC
MISC
MISC
red_hat -- ansible-playbook_-k_and_ansible_cli_toolsansible-playbook -k and ansible cli tools, all versions 2.8.x before 2.8.4, all 2.7.x before 2.7.13 and all 2.6.x before 2.6.19, prompt passwords by expanding them from templates as they could contain special characters. Passwords should be wrapped to prevent templates trigger and exposing them.2019-11-22not yet calculatedCVE-2019-10206
CONFIRM
red_hat -- openshift_container_platformOpenShift Container Platform, versions 4.1 and 4.2, does not sanitize secret data written to pod logs when the log level in a given operator is set to Debug or higher. A low privileged user could read pod logs to discover secret material if the log level has already been modified in an operator by a privileged user.2019-11-25not yet calculatedCVE-2019-10213
CONFIRM
red_hat -- 389_directory_serverA flaw has been found in 389-ds-base versions 1.4.x.x before 1.4.1.3. When executed in verbose mode, the dscreate and dsconf commands may display sensitive information, such as the Directory Manager password. An attacker, able to see the screen or record the terminal standard error output, could use this flaw to gain sensitive information.2019-11-25not yet calculatedCVE-2019-10224
CONFIRM
MISC
red_hat -- ansibleA flaw was found in ansible 2.8.0 before 2.8.4. Fields managing sensitive data should be set as such by no_log feature. Some of these fields in GCP modules are not set properly. service_account_contents() which is common class for all gcp modules is not setting no_log to True. Any sensitive data managed by that function would be leak as an output when running ansible playbooks.2019-11-25not yet calculatedCVE-2019-10217
CONFIRM
CONFIRM
CONFIRM
red_hat -- ansibleansible before versions 2.8.6, 2.7.14, 2.6.20 is vulnerable to a None2019-11-26not yet calculatedCVE-2019-14856
CONFIRM
red_hat -- ansible_towerAn attacker with low privilege could retrieve usernames and passwords credentials from the new RHSM saved in plain text into the database at '/api/v2/config' when applying the Ansible Tower license.2019-11-26not yet calculatedCVE-2019-14890
CONFIRM
red_hat -- cloudformscloudforms version, cloudforms 5.8 and cloudforms 5.9, is vulnerable to a cross-site-scripting. A flaw was found in CloudForms's v2v infrastructure mapping delete feature. A stored cross-site scripting due to improper sanitization of user input in Name field.2019-11-22not yet calculatedCVE-2018-10854
CONFIRM
red_hat -- enterprise_linux_and_openshift_container_platformThe containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launch a MiTM attack and steal login credentials or bearer tokens.2019-11-25not yet calculatedCVE-2019-10214
CONFIRM
red_hat -- jboss_application_server_7A CSRF issue was found in JBoss Application Server 7 before 7.1.0. JBoss did not properly restrict access to the management console information (for example via the "Access-Control-Allow-Origin" HTTP access control flag). This can lead to unauthorized information leak if a user with admin privileges visits a specially-crafted web page provided by a remote attacker.2019-11-26not yet calculatedCVE-2011-3609
MISC
MISC
MISC
MISC
red_hat -- jboss_application_server_7A DOM based cross-site scripting flaw was found in the JBoss Application Server 7 before 7.1.0 Beta 1 administration console. A remote attacker could provide a specially-crafted web page and trick the valid JBoss AS user, with the administrator privilege, to visit it, which would lead into the DOM environment modification and arbitrary HTML or web script execution.2019-11-26not yet calculatedCVE-2011-3606
MISC
MISC
MISC
ros -- ros_comm_and_ ros-melodic-ros-commAn issue was discovered in the ROS communications-related packages (aka ros_comm or ros-melodic-ros-comm) through 1.14.3. A buffer overflow allows attackers to cause a denial of service and possibly execute arbitrary code via an IP address with a long hostname.2019-11-22not yet calculatedCVE-2019-13566
MISC
MISC
MISC
ruby -- rubyVarious methods in WEBrick::HTTPRequest in Ruby 1.9.2 and 1.8.7 and earlier do not validate the X-Forwarded-For, X-Forwarded-Host and X-Forwarded-Server headers in requests, which might allow remote attackers to inject arbitrary text into log files or bypass intended address parsing via a crafted header.2019-11-26not yet calculatedCVE-2011-3624
MISC
MISC
MISC
ruby -- rubyWEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Service cause by looping/backtracking. A victim must expose a WEBrick server that uses DigestAuth to the Internet or a untrusted network.2019-11-26not yet calculatedCVE-2019-16201
MISC
MISC
ruby -- rubyThe OpenSSL extension of Ruby (Git trunk) versions after 2011-09-01 up to 2011-11-03 always generated an exponent value of '1' to be used for private RSA key generation. A remote attacker could use this flaw to bypass or corrupt integrity of services, depending on strong private RSA keys generation mechanism.2019-11-26not yet calculatedCVE-2011-4121
MISC
MISC
MISC
MISC
ruby -- rubyRuby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows HTTP Response Splitting. If a program using WEBrick inserts untrusted input into the response header, an attacker can exploit it to insert a newline character to split a header, and inject malicious content to deceive clients. NOTE: this issue exists because of an incomplete fix for CVE-2017-17742, which addressed the CRLF vector, but did not address an isolated CR or an isolated LF.2019-11-26not yet calculatedCVE-2019-16254
MISC
MISC
CONFIRM
CONFIRM
CONFIRM
CONFIRM
ruby -- rubyRuby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions.2019-11-26not yet calculatedCVE-2019-15845
MISC
MLIST
UBUNTU
ruby -- ruby
 		Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the "command" argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. An attacker can exploit this to call an arbitrary Ruby method.2019-11-26not yet calculatedCVE-2019-16255
MISC
MISC
CONFIRM
CONFIRM
CONFIRM
CONFIRM
sangoma -- asterisk_and_certified_asteriskAn issue was discovered in manager.c in Sangoma Asterisk through 13.x, 16.x, 17.x and Certified Asterisk 13.21 through 13.21-cert4. A remote authenticated Asterisk Manager Interface (AMI) user without system authorization could use a specially crafted Originate AMI request to execute arbitrary system commands.2019-11-22not yet calculatedCVE-2019-18610
MISC
MISC
sangoma -- asterisk_and_certified_asteriskAn issue was discovered in res_pjsip_t38.c in Sangoma Asterisk through 13.x and Certified Asterisk through 13.21-x. If it receives a re-invite initiating T.38 faxing and has a port of 0 and no c line in the SDP, a NULL pointer dereference and crash will occur. This is different from CVE-2019-18940.2019-11-22not yet calculatedCVE-2019-18976
CONFIRM
MISC
MISC
MISC
MISC
sangoma -- asterisk_and_certified_asteriskAn issue was discovered in channels/chan_sip.c in Sangoma Asterisk 13.x, 16.x, and 17.x, and Certified Asterisk 13.21, because of an incomplete fix for CVE-2019-18351. A SIP request can be sent to Asterisk that can change a SIP peer's IP address. A REGISTER does not need to occur, and calls can be hijacked as a result. The only thing that needs to be known is the peer's name; authentication details such as passwords do not need to be known. This vulnerability is only exploitable when the nat option is set to the default, or auto_force_rport.2019-11-22not yet calculatedCVE-2019-18790
MISC
MISC
serendipity -- serendipitySerendipity before 1.6 has an XSS issue in the karma plugin which may allow privilege escalation.2019-11-26not yet calculatedCVE-2011-4090
MISC
MISC
MISC
siemens -- polarionImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webclient of Siemens AG Polarion could allow an attacker to exploit a reflected XSS vulnerability. This issue affects: Siemens AG Polarion All versions < 19.2.2019-11-27not yet calculatedCVE-2019-13935
MISC
siemens -- polarionImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webclient of Siemens AG Polarion could allow an attacker to exploit a persistent XSS vulnerability. This issue affects: Siemens AG Polarion All versions < 19.2.2019-11-27not yet calculatedCVE-2019-13936
MISC
siemens -- polarionImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webclient of Siemens AG Polarion could allow an attacker to exploit a reflected XSS vulnerability. This issue affects: Siemens AG Polarion All versions < 19.2.2019-11-27not yet calculatedCVE-2019-13934
MISC
spagobi -- spagobiUnrestricted file upload vulnerability in the Worksheet designer in SpagoBI before 4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory, aka "XSS File Upload."2019-11-22not yet calculatedCVE-2013-6234
MISC
MISC
MISC
sqlite -- sqliteSQLite 3.30.1 mishandles pExpr->y.pTab, as demonstrated by the TK_COLUMN case in sqlite3ExprCodeTarget in expr.c.2019-11-27not yet calculatedCVE-2019-19242
MISC
sqlite -- sqlitesqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage.2019-11-25not yet calculatedCVE-2019-19244
MISC
squid-cache -- squidAn issue was discovered in Squid 3.x and 4.x through 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to incorrect message processing, it can inappropriately redirect traffic to origins it should not be delivered to.2019-11-26not yet calculatedCVE-2019-18677
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
squid-cache -- squidAn issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response can fit within the buffer. This leads to attacker controlled data overflowing in the heap.2019-11-26not yet calculatedCVE-2019-12526
CONFIRM
CONFIRM
squid-cache -- squidAn issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypassed and allows access to restricted HTTP servers, e.g., an attacker can connect to HTTP servers that only listen on localhost.2019-11-26not yet calculatedCVE-2019-12523
CONFIRM
CONFIRM
CONFIRM
squid-cache -- squidAn issue was discovered in Squid 3.x and 4.x through 4.8. Due to incorrect input validation, there is a heap-based buffer overflow that can result in Denial of Service to all clients using the proxy. Severity is high due to this vulnerability occurring before normal security checks; any remote client that can reach the proxy port can trivially perform the attack via a crafted URI scheme.2019-11-26not yet calculatedCVE-2019-18676
CONFIRM
CONFIRM
CONFIRM
MISC
squid-cache -- squidAn issue was discovered in Squid 3.x and 4.x through 4.8. It allows attackers to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches (between a client and Squid) with attacker-controlled content at arbitrary URLs. Effects are isolated to software between the attacker client and Squid. There are no effects on Squid itself, nor on any upstream servers. The issue is related to a request header containing whitespace between a header name and a colon.2019-11-26not yet calculatedCVE-2019-18678
CONFIRM
CONFIRM
CONFIRM
MISC
squid-cache -- squidAn issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks.2019-11-26not yet calculatedCVE-2019-18679
CONFIRM
CONFIRM
CONFIRM
MISC
symantec -- critical_system_protectionSymantec Critical System Protection (CSP), versions 8.0, 8.0 HF1 & 8.0 MP1, may be susceptible to an authentication bypass vulnerability, which is a type of issue that can potentially allow a threat actor to circumvent existing authentication controls.2019-11-25not yet calculatedCVE-2019-18374
CONFIRM
tahoe-lafs -- tahoe-lafsTahoe-LAFS v1.3.0 through v1.8.2 could allow unauthorized users to delete immutable files in some cases.2019-11-26not yet calculatedCVE-2011-3617
MISC
MISC
MISC
tcl_alcatel -- cingular_flip_2_b9huah1_devicesOn TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an undocumented web API that allows unprivileged JavaScript, including JavaScript running within the KaiOS browser, to view and edit the device's firmware over-the-air update settings. (This web API is normally used by the system application to trigger firmware updates via OmaService.js.)2019-11-26not yet calculatedCVE-2019-16243
MISC
MISC
tcl_alcatel -- cingular_flip_2_b9huah1_devicesOn TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an engineering application named omamock that is vulnerable to OS command injection. An attacker with physical access to the device can abuse this vulnerability to execute arbitrary OS commands as the root user via the application's UI.2019-11-26not yet calculatedCVE-2019-16242
MISC
MISC
tcl_alcatel -- cingular_flip_2_b9huah1_devicesOn TCL Alcatel Cingular Flip 2 B9HUAH1 devices, PIN authentication can be bypassed by creating a special file within the /data/local/tmp/ directory. The System application that implements the lock screen checks for the existence of a specific file and disables PIN authentication if it exists. This file would typically be created via Android Debug Bridge (adb) over USB.2019-11-26not yet calculatedCVE-2019-16241
MISC
MISC
thttpd -- thttpdthttpd has a local DoS vulnerability via specially-crafted .htpasswd files2019-11-25not yet calculatedCVE-2012-5640
MISC
REDHAT
MISC
MISC
trend_micro -- password_manager_for_andriodTrend Micro Password Manager versions 3.x, 5.0, and 5.1 for Android is affected by a FLAG_MISUSE vulnerability that could be exploited to allow the application to share information to third-party applications on the device.2019-11-25not yet calculatedCVE-2019-15629
N/A
typo3 -- typo3It was found that Typo3 Core versions 4.5.0 - 4.5.5 uses prepared statements that, if the parameter values are not properly replaced, could lead to a SQL Injection vulnerability. This issue can only be exploited if two or more parameters are bound to the query and at least two come from user input.2019-11-26not yet calculatedCVE-2011-3583
MISC
MISC
MISC
MISC
typo3 -- typo3The TYPO3 Core wec_discussion extension before 2.1.1 is vulnerable to SQL Injection due to improper sanitation of user-supplied input.2019-11-26not yet calculatedCVE-2011-3584
MISC
MISC
MISC
ubiquiti -- unifi_video_controller_softwareA privilege escalation exists in UniFi Video Controller =<3.10.6 that would allow an attacker on the local machine to run arbitrary commands.2019-11-26not yet calculatedCVE-2019-15595
MISC
vdsm -- vdsmvdsm: certificate generation upon node creation allowing vdsm to start and serve requests from anyone who has a matching key (and certificate)2019-11-25not yet calculatedCVE-2012-5518
MISC
MISC
MISC
vsftpd -- vsftpdvsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.2019-11-27not yet calculatedCVE-2011-2523
MISC
MISC
MISC
MISC
MLIST
w3edge -- w3_total_cacheW3 Total Cache before 0.9.2.5 generates hash keys insecurely which allows remote attackers to predict the values of the hashes.2019-11-22not yet calculatedCVE-2012-6078
MISC
MISC
MISC
CONFIRM
w3edge -- w3_total_cacheW3 Total Cache before 0.9.2.5 allows remote attackers to retrieve password hash information due to insecure storage of database cache files.2019-11-22not yet calculatedCVE-2012-6077
MISC
MISC
MISC
MISC
CONFIRM
w3edge -- w3_total_cacheW3 Total Cache before 0.9.2.5 exposes sensitive cached database information which allows remote attackers to download this information via their hash keys.2019-11-22not yet calculatedCVE-2012-6079
MISC
MISC
MISC
CONFIRM
wikimedia -- wikibase_wikidata_query_serviceIn Wikibase Wikidata Query Service GUI before 0.3.6-SNAPSHOT 2019-11-07, when mathematical expressions in results are displayed directly, arbitrary JavaScript execution can occur, aka XSS. This was addressed by introducing MathJax as a new mathematics rendering engine.2019-11-27not yet calculatedCVE-2019-19329
MISC
MISC
MISC
MISC
wikimedia -- wikibase_wikidata_query_serviceui/editor/tooltip/Rdf.js in Wikibase Wikidata Query Service GUI before 0.3.6-SNAPSHOT 2019-11-07 allows HTML injection in tooltips for entities.2019-11-27not yet calculatedCVE-2019-19328
MISC
MISC
MISC
wikimedia -- wikibase_wikidata_query_serviceui/ResultView.js in Wikibase Wikidata Query Service GUI before 0.3.6-SNAPSHOT 2019-11-07 allows HTML injection when reporting the number of results and number of milliseconds.2019-11-27not yet calculatedCVE-2019-19327
MISC
MISC
MISC
wordpress -- wordpressThe NextGEN Gallery plugin before 2.1.15 for WordPress allows ../ Directory Traversal in path selection.2019-11-26not yet calculatedCVE-2015-9538
MISC
MISC
MISC
MISC
MISC
MISC
wordpress -- wordpressThe Zoho CRM Lead Magnet plugin 1.6.9.1 for WordPress allows XSS via module, EditShortcode, or LayoutName.2019-11-26not yet calculatedCVE-2019-19306
MISC
MISC
MISC
wordpress -- wordpressThe NextGEN Gallery plugin before 2.1.10 for WordPress has multiple XSS issues involving thumbnail_width, thumbnail_height, thumbwidth, thumbheight, wmXpos, and wmYpos, and template.2019-11-26not yet calculatedCVE-2015-9537
MISC
MISC
MISC
wordpress -- wordpressThe Fast Secure Contact Form plugin before 4.0.38 for WordPress allows fs_contact_form1[welcome] XSS.2019-11-26not yet calculatedCVE-2015-9539
MISC
MISC
MISC
xquest -- xquestA password generation weakness exists in xquest through 2016-06-13.2019-11-27not yet calculatedCVE-2016-4980
MISC
MISC
MISC
xscreensaver -- xscreensaverxscreensaver before 5.14 crashes during activation and leaves the screen unlocked when in Blank Only Mode and when DPMS is disabled, which allows local attackers to access resources without authentication.2019-11-27not yet calculatedCVE-2011-2187
MISC
MISC
MISC
MISC
MISC
MLIST
yaws -- yawsYaws 1.91 has a directory traversal vulnerability in the way certain URLs are processed. A remote authenticated user could use this flaw to obtain content of arbitrary local files via specially-crafted URL request.2019-11-26not yet calculatedCVE-2011-4350
MISC
MISC
MISC
MISC
MISC
yubico -- pamYubico PAM Module before 2.10 performed user authentication when 'use_first_pass' PAM configuration option was not used and the module was configured as 'sufficient' in the PAM configuration. A remote attacker could use this flaw to circumvent common authentication process and obtain access to the account in question by providing a NULL value (pressing Ctrl-D keyboard sequence) as the password string.2019-11-26not yet calculatedCVE-2011-4120
MISC
MISC
MISC
MISC
zend_framework -- zend_frameworkSQL injection vulnerability in Zend Framework 1.10.x before 1.10.9 and 1.11.x before 1.11.6 when using non-ASCII-compatible encodings in conjunction PDO_MySql in PHP before 5.3.6.2019-11-26not yet calculatedCVE-2011-1939
MISC
BID
MISC
CONFIRM
MISC
CONFIRM
MISC
zmartzone -- mod_auth_openidcmod_auth_openidc before version 2.4.0.1 is vulnerable to a None2019-11-26not yet calculatedCVE-2019-14857
CONFIRM
zope -- zopeCross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3, 3.1.1 through 3.4.1. allows remote attackers to inject arbitrary web script or HTML via vectors related to the way error messages perform sanitization. NOTE: this issue exists because of an incomplete fix for CVE-2010-11042019-11-25not yet calculatedCVE-2011-4924
MISC
MISC
MISC
MISC
MISC
MISC
MISC
zte -- zxcdn_iamwebThe version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a configuration error vulnerability. An attacker could directly access the management portal in HTTP, resulting in users? information leakage.2019-11-22not yet calculatedCVE-2019-3428
CONFIRM
Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

Viewing all 2670 articles
Browse latest View live
Search