Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-11-12 | CVE-2019-4652 | Incorrect Default Permissions vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 through 10.1.4 uses insecure file permissions on restored files and directories in Windows which could allow a local user to obtain sensitive information or perform unauthorized actions. | 7.1 |
2019-11-12 | CVE-2019-18848 | Improper Authentication vulnerability in multiple products The json-jwt gem before 1.11.0 for Ruby lacks an element count during the splitting of a JWE string. | 7.5 |
2019-11-12 | CVE-2012-1109 | Improper Handling of Exceptional Conditions vulnerability in Pediapress Mwlib mwlib 0.13 through 0.13.4 has a denial of service vulnerability when parsing #iferror magic functions | 7.5 |
2019-11-12 | CVE-2011-3618 | Link Following vulnerability in multiple products atop: symlink attack possible due to insecure tempfile handling | 7.8 |
2019-11-12 | CVE-2019-18817 | Infinite Loop vulnerability in Istio Istio 1.3.x before 1.3.5 allows Denial of Service because continue_on_listener_filters_timeout is set to True, a related issue to CVE-2019-18836. | 7.5 |
2019-11-12 | CVE-2014-7143 | Improper Certificate Validation vulnerability in Twisted 14.0.0 Python Twisted 14.0 trustRoot is not respected in HTTP client | 7.5 |
2019-11-12 | CVE-2019-18874 | Double Free vulnerability in Psutil Project Psutil psutil (aka python-psutil) through 5.6.5 can have a double free. | 7.5 |
2019-11-11 | CVE-2019-18862 | Unspecified vulnerability in GNU Mailutils 0.5/0.6 maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode. | 7.8 |
2019-11-11 | CVE-2019-18857 | Cross-site Scripting vulnerability in Svg-Sanitizer Project Svg-Sanitizer darylldoyle svg-sanitizer before 0.12.0 mishandles script and data values in attributes, as demonstrated by unexpected whitespace such as in the javascript	:alert substring. | 7.5 |
2019-11-11 | CVE-2019-18856 | Incorrect Permission Assignment for Critical Resource vulnerability in Drupal SVG Sanitizer A Denial Of Service vulnerability exists in the SVG Sanitizer module through 8.x-1.0-alpha1 for Drupal because access to external resources with an SVG use element is mishandled. | 7.5 |