Weekly Vulnerabilities Reports > September 30 to October 6, 2019

Overview

289 new vulnerabilities reported during this period, including 26 critical vulnerabilities and 39 high severity vulnerabilities. This weekly summary report vulnerabilities in 329 products from 101 vendors including Cisco, Opensuse, Tcpdump, Redhat, and Debian. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Read", "SQL Injection", "Improper Input Validation", and "Use After Free".

  • 253 reported vulnerabilities are remotely exploitables.
  • 104 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 226 reported vulnerabilities are exploitable by an anonymous user.
  • Cisco has the most reported vulnerabilities, with 43 reported vulnerabilities.
  • Cisco has the most reported critical vulnerabilities, with 12 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

26 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-10-02 CVE-2019-12157 Jetbrains Improper Input Validation vulnerability in Jetbrains Teamcity and Upsource

In JetBrains UpSource versions before 2018.2 build 1293, there is credential disclosure via RPC commands.

10.0
2019-10-01 CVE-2019-15940 Govicture Missing Authentication for Critical Function vulnerability in Govicture Pc530 Firmware 3.13.70

Victure PC530 devices allow unauthenticated TELNET access as root.

10.0
2019-09-30 CVE-2019-2294 Qualcomm Use of Insufficiently Random Values vulnerability in Qualcomm products

Usage of hard-coded magic number for calculating heap guard bytes can allow users to corrupt heap blocks without heap algorithm knowledge in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9655, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130

10.0
2019-09-30 CVE-2019-2252 Qualcomm Classic Buffer Overflow vulnerability in Qualcomm products

Classic buffer overflow vulnerability while playing the specific video whose Decode picture buffer size is more than 16 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130

10.0
2019-09-30 CVE-2019-10540 Qualcomm Classic Buffer Overflow vulnerability in Qualcomm products

Buffer overflow in WLAN NAN function due to lack of check of count value received in NAN availability attribute in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, MSM8996AU, QCA6174A, QCA6574AU, QCA8081, QCA9377, QCA9379, QCS404, QCS405, QCS605, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SXR1130

10.0
2019-09-30 CVE-2019-10539 Qualcomm Classic Buffer Overflow vulnerability in Qualcomm products

Possible buffer overflow issue due to lack of length check when parsing the extended cap IE header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574, QCA6574AU, QCA6584, QCA8081, QCA9379, QCS404, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, SXR1130

10.0
2019-09-30 CVE-2019-10538 Qualcomm Improper Input Validation vulnerability in Qualcomm products

Lack of check of address range received from firmware response allows modem to respond arbitrary pages into its address range which can compromise HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM660, SDX20, SDX24

10.0
2019-09-30 CVE-2019-10509 Qualcomm Use After Free vulnerability in Qualcomm products

Device record of the pairing device used after free during ACL disconnection in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCA6574AU, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016

10.0
2019-10-04 CVE-2019-17133 Linux
Debian
Canonical
Opensuse
Classic Buffer Overflow vulnerability in multiple products

In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.

9.8
2019-10-01 CVE-2019-16943 Fasterxml
Debian
Fedoraproject
Redhat
Oracle
Netapp
Deserialization of Untrusted Data vulnerability in multiple products

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10.

9.8
2019-10-01 CVE-2019-16942 Fasterxml
Debian
Fedoraproject
Redhat
Netapp
Oracle
Deserialization of Untrusted Data vulnerability in multiple products

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10.

9.8
2019-10-01 CVE-2019-16508 Google Integer Overflow or Wraparound vulnerability in Google Chrome OS

The Imagination Technologies driver for Chrome OS before R74-11895.B, R75 before R75-12105.B, and R76 before R76-12208.0.0 allows attackers to trigger an Integer Overflow and gain privileges via a malicious application.

9.3
2019-10-02 CVE-2019-15036 Jetbrains OS Command Injection vulnerability in Jetbrains Teamcity 2018.2.4

An issue was discovered in JetBrains TeamCity 2018.2.4.

9.0
2019-10-02 CVE-2019-12690 Cisco OS Command Injection vulnerability in Cisco Firepower Management Center

A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to inject arbitrary commands that are executed with the privileges of the root user of the underlying operating system.

9.0
2019-10-02 CVE-2019-12689 Cisco Improper Input Validation vulnerability in Cisco Firepower Management Center

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system of an affected device.

9.0
2019-10-02 CVE-2019-12688 Cisco Improper Input Validation vulnerability in Cisco Firepower Management Center 6.2.2

A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to execute arbitrary commands on an affected device.

9.0
2019-10-02 CVE-2019-12687 Cisco Improper Input Validation vulnerability in Cisco Firepower Management Center 6.2.2/6.2.3

A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to execute arbitrary commands on an affected device.

9.0
2019-10-02 CVE-2019-12686 Cisco SQL Injection vulnerability in Cisco Firepower Management Center 6.2.3/6.3.0

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device.

9.0
2019-10-02 CVE-2019-12685 Cisco SQL Injection vulnerability in Cisco Firepower Management Center 6.2.2

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device.

9.0
2019-10-02 CVE-2019-12684 Cisco SQL Injection vulnerability in Cisco Firepower Management Center 6.2.0/6.2.2/6.2.3

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device.

9.0
2019-10-02 CVE-2019-12683 Cisco SQL Injection vulnerability in Cisco Firepower Management Center

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device.

9.0
2019-10-02 CVE-2019-12682 Cisco SQL Injection vulnerability in Cisco Firepower Management Center 6.2.2

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device.

9.0
2019-10-02 CVE-2019-12681 Cisco SQL Injection vulnerability in Cisco Firepower Management Center

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device.

9.0
2019-10-02 CVE-2019-12680 Cisco SQL Injection vulnerability in Cisco Firepower Management Center 6.2.2/6.2.3

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device.

9.0
2019-10-02 CVE-2019-12679 Cisco SQL Injection vulnerability in Cisco Firepower Management Center 6.2.2

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device.

9.0
2019-09-30 CVE-2019-17046 Ilch Unrestricted Upload of File with Dangerous Type vulnerability in Ilch CMS 2.1.22

Ilch 2.1.22 allows remote code execution because php is listed under "Allowed files" on the index.php/admin/media/settings/index page.

9.0

39 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-09-30 CVE-2019-10510 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm products

BT process died and BT toggled due to null pointer dereference when invalid vendor pass through command sent from remote in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music in QCS405, QCS605, SD 636, SD 675, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM630, SDM660

8.5
2019-10-04 CVE-2019-6015 FON Resource Exhaustion vulnerability in FON products

FON2601E-SE, FON2601E-RE, FON2601E-FSW-S, and FON2601E-FSW-B with firmware versions 1.1.7 and earlier contain an issue where they may behave as open resolvers.

7.8
2019-10-04 CVE-2019-6775 Foxitsoftware Use After Free vulnerability in Foxitsoftware Reader

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723.

7.8
2019-10-04 CVE-2019-6774 Foxitsoftware Use After Free vulnerability in Foxitsoftware Reader

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.4.1.16828.

7.8
2019-10-02 CVE-2019-15256 Cisco Resource Exhaustion vulnerability in Cisco products

A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition.

7.8
2019-10-02 CVE-2019-12698 Cisco Unspecified vulnerability in Cisco products

A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device.

7.8
2019-09-30 CVE-2019-10489 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm products

Possible null-pointer dereference can occur while parsing avi clip during copy in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W, MSM8996AU, QCA6574AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20

7.8
2019-09-30 CVE-2019-16995 Linux
Opensuse
Netapp
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d.

7.8
2019-10-06 CVE-2019-17266 Gnome
Canonical
Out-of-bounds Read vulnerability in multiple products

libsoup from versions 2.65.1 until 2.68.1 have a heap-based buffer over-read because soup_ntlm_parse_challenge() in soup-auth-ntlm.c does not properly check an NTLM message's length before proceeding with a memcpy.

7.5
2019-10-06 CVE-2019-17216 Vzug Use of Password Hash With Insufficient Computational Effort vulnerability in Vzug Combi-Stream Mslq Firmware

An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05.

7.5
2019-10-05 CVE-2019-17206 Redis Wrapper Project Deserialization of Untrusted Data vulnerability in Redis Wrapper Project Redis Wrapper 0.2.0/0.2.1

Uncontrolled deserialization of a pickled object in models.py in Frost Ming rediswrapper (aka Redis Wrapper) before 0.3.0 allows attackers to execute arbitrary scripts.

7.5
2019-10-05 CVE-2019-17197 Open EMR SQL Injection vulnerability in Open-Emr Openemr

OpenEMR through 5.0.2 has SQL Injection in the Lifestyle demographic filter criteria in library/clinical_rules.php that affects library/patient.inc.

7.5
2019-10-05 CVE-2019-17192 Signal Always-Incorrect Control Flow Implementation vulnerability in Signal Private Messenger

** DISPUTED ** The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android processes videoconferencing RTP packets before a callee chooses to answer a call, which might make it easier for remote attackers to cause a denial of service or possibly have unspecified other impact via malformed packets.

7.5
2019-10-04 CVE-2019-17184 Xerox Unspecified vulnerability in Xerox Atlalink Firmware

Xerox AtlaLink B8045/B8055/B8065/B8075/B8090 C8030/C8035/C8045/C8055/C8070 printers with software before 101.00x.089.22600 allow an attacker to gain privileges.

7.5
2019-10-04 CVE-2019-4227 IBM Session Fixation vulnerability in IBM MQ

IBM MQ 8.0.0.4 - 8.0.0.12, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.0 - 9.1.2 AMQP Listeners could allow an unauthorized user to conduct a session fixation attack due to clients not being disconnected as they should.

7.5
2019-10-04 CVE-2019-17113 Openmpt Classic Buffer Overflow vulnerability in Openmpt Libopenmpt

In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_InstrumentName and ModPlug_SampleName in libopenmpt_modplug.c do not restrict the lengths of libmodplug output-buffer strings in the C API, leading to a buffer overflow.

7.5
2019-10-03 CVE-2018-10105 Tcpdump Improper Input Validation vulnerability in Tcpdump

tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).

7.5
2019-10-03 CVE-2018-10103 Tcpdump Improper Input Validation vulnerability in Tcpdump

tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).

7.5
2019-10-02 CVE-2019-13957 Umbraco SQL Injection vulnerability in Umbraco 7.3.8

In Umbraco 7.3.8, there is SQL Injection in the backoffice/PageWApprove/PageWApproveApi/GetInpectSearch method via the nodeName parameter.

7.5
2019-10-02 CVE-2019-12736 Jetbrains Command Injection vulnerability in Jetbrains Ktor

JetBrains Ktor framework before 1.2.0-rc does not sanitize the username provided by the user for the LDAP protocol, leading to command injection.

7.5
2019-10-02 CVE-2019-12630 Cisco Deserialization of Untrusted Data vulnerability in Cisco Security Manager

A vulnerability in the Java deserialization function used by Cisco Security Manager could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device.

7.5
2019-10-02 CVE-2019-11929 Facebook Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Facebook Hhvm

Insufficient boundary checks when formatting numbers in number_format allows read/write access to out-of-bounds memory, potentially leading to remote code execution.

7.5
2019-10-02 CVE-2019-13658 Broadcom Use of Hard-coded Credentials vulnerability in Broadcom Network Flow Analysis

CA Network Flow Analysis 9.x and 10.0.x have a default credential vulnerability that can allow a remote attacker to execute arbitrary commands and compromise system security.

7.5
2019-10-02 CVE-2019-13025 Compal Incorrect Resource Transfer Between Spheres vulnerability in Compal Ch7465Lg Firmware Ch7465Lgncip6.12.18.245P8Nosh

Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorrect Access Control because of Improper Input Validation.

7.5
2019-10-02 CVE-2019-14454 Salesagility Unspecified vulnerability in Salesagility Suitecrm

SuiteCRM 7.11.x and 7.10.x before 7.11.8 and 7.10.20 is vulnerable to vertical privilege escalation.

7.5
2019-10-02 CVE-2019-13335 Salesagility Server-Side Request Forgery (SSRF) vulnerability in Salesagility Suitecrm

SalesAgility SuiteCRM 7.10.x 7.10.19 and 7.11.x before and 7.11.7 has SSRF.

7.5
2019-10-01 CVE-2019-17067 Putty Allocation of Resources Without Limits or Throttling vulnerability in Putty

PuTTY before 0.73 on Windows improperly opens port-forwarding listening sockets, which allows attackers to listen on the same port to steal an incoming connection.

7.5
2019-10-01 CVE-2019-10202 Redhat Deserialization of Untrusted Data vulnerability in Redhat Jboss Enterprise Application Platform 7.2.0

A series of deserialization vulnerabilities have been discovered in Codehaus 1.9.x implemented in EAP 7.

7.5
2019-09-30 CVE-2019-17040 Rsyslog Out-of-bounds Read vulnerability in Rsyslog 8.1908.0

contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bounds access because the level length is mishandled.

7.5
2019-09-30 CVE-2019-16999 Idcos SQL Injection vulnerability in Idcos Cloudboot 20190308

CloudBoot through 2019-03-08 allows SQL Injection via a crafted Status field in JSON data to the api/osinstall/v1/device/getNumByStatus URI.

7.5
2019-09-30 CVE-2019-16676 Plataformatec Improper Input Validation vulnerability in Plataformatec Simple Form

Plataformatec Simple Form has Incorrect Access Control in file_method? in lib/simple_form/form_builder.rb, because a user-supplied string is invoked as a method call.

7.5
2019-10-04 CVE-2019-17180 Valvesoftware Path Traversal vulnerability in Valvesoftware Steam Client

Valve Steam Client before 2019-09-12 allows placing or appending partially controlled filesystem content, as demonstrated by file modifications on Windows in the context of NT AUTHORITY\SYSTEM.

7.2
2019-10-02 CVE-2019-12699 Cisco OS Command Injection vulnerability in Cisco products

Multiple vulnerabilities in the CLI of Cisco FXOS Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute commands on the underlying operating system (OS) with root privileges.

7.2
2019-10-02 CVE-2019-12694 Cisco Improper Input Validation vulnerability in Cisco Firepower Threat Defense

A vulnerability in the command line interface (CLI) of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker with administrative privileges to execute commands on the underlying operating system with root privileges.

7.2
2019-10-02 CVE-2019-12675 Cisco Improper Encoding or Escaping of Output vulnerability in Cisco products

Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace.

7.2
2019-10-02 CVE-2019-12674 Cisco Improper Encoding or Escaping of Output vulnerability in Cisco products

Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace.

7.2
2019-09-30 CVE-2019-10499 Qualcomm Improper Validation of Array Index vulnerability in Qualcomm products

Improper validation of read and write index of tx and rx fifo`s before using for data copy from fifo can lead to out-of-bound access.

7.2
2019-09-30 CVE-2019-10492 Qualcomm Use of a Broken or Risky Cryptographic Algorithm vulnerability in Qualcomm products

Boot image not getting verified by AVB in Snapdragon Auto, Snapdragon Mobile, Snapdragon Wearables in MDM9607, MSM8909W, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 820, SD 820A, SDM439

7.2
2019-10-01 CVE-2019-17075 Linux Unspecified vulnerability in Linux Kernel

An issue was discovered in write_tpt_entry in drivers/infiniband/hw/cxgb4/mem.c in the Linux kernel through 5.3.2.

7.1

191 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-10-06 CVE-2019-17217 Vzug Cross-Site Request Forgery (CSRF) vulnerability in Vzug Combi-Stream Mslq Firmware

An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05.

6.8
2019-10-04 CVE-2019-6776 Foxitsoftware Use After Free vulnerability in Foxitsoftware Phantompdf

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723.

6.8
2019-10-04 CVE-2019-13320 Foxitsoftware Use After Free vulnerability in Foxitsoftware Reader

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723.

6.8
2019-10-04 CVE-2019-13319 Foxitsoftware Use After Free vulnerability in Foxitsoftware Reader

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723.

6.8
2019-10-04 CVE-2019-13317 Foxitsoftware Use After Free vulnerability in Foxitsoftware Reader

This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723.

6.8
2019-10-04 CVE-2019-13316 Foxitsoftware Use After Free vulnerability in Foxitsoftware Phantompdf

This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723.

6.8
2019-10-04 CVE-2019-13315 Foxitsoftware Use After Free vulnerability in Foxitsoftware Reader

This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723.

6.8
2019-10-04 CVE-2019-17132 Vbulletin Improper Input Validation vulnerability in Vbulletin

vBulletin through 5.5.4 mishandles custom avatars.

6.8
2019-10-03 CVE-2019-13332 Foxitsoftware Use After Free vulnerability in Foxitsoftware Reader

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.6.0.25114.

6.8
2019-10-03 CVE-2019-13331 Foxitsoftware Out-of-bounds Read vulnerability in Foxitsoftware Reader

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723.

6.8
2019-10-03 CVE-2019-13330 Foxitsoftware Type Confusion vulnerability in Foxitsoftware Reader

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723.

6.8
2019-10-03 CVE-2019-13329 Foxitsoftware Type Confusion vulnerability in Foxitsoftware Reader

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.

6.8
2019-10-03 CVE-2019-13328 Foxitsoftware Use After Free vulnerability in Foxitsoftware Reader

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723.

6.8
2019-10-03 CVE-2019-13327 Foxitsoftware Use After Free vulnerability in Foxitsoftware Reader

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723.

6.8
2019-10-03 CVE-2019-13326 Foxitsoftware Out-of-bounds Read vulnerability in Foxitsoftware Reader

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723.

6.8
2019-10-03 CVE-2019-13325 Foxitsoftware Out-of-bounds Read vulnerability in Foxitsoftware Foxit Studio Photo 3.6.6.909/3.6.6.911

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.909.

6.8
2019-10-03 CVE-2019-13324 Foxitsoftware Out-of-bounds Read vulnerability in Foxitsoftware Foxit Studio Photo 3.6.6.909/3.6.6.911

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.909.

6.8
2019-10-03 CVE-2019-13323 Foxitsoftware Out-of-bounds Write vulnerability in Foxitsoftware Foxit Studio Photo 3.6.6.909/3.6.6.911

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.909.

6.8
2019-10-03 CVE-2019-11932 Whatsapp
Android GIF Drawable Project
Double Free vulnerability in multiple products

A double free vulnerability in the DDGifSlurp function in decoding.c in the android-gif-drawable library before version 1.2.18, as used in WhatsApp for Android before version 2.19.244 and many other Android applications, allows remote attackers to execute arbitrary code or cause a denial of service when the library is used to parse a specially crafted GIF image.

6.8
2019-10-03 CVE-2019-3834 Redhat Unsafe Reflection vulnerability in Redhat Jboss Operations Network

It was found that the fix for CVE-2014-0114 had been reverted in JBoss Operations Network 3 (JON).

6.8
2019-10-02 CVE-2019-15040 Jetbrains Cross-Site Request Forgery (CSRF) vulnerability in Jetbrains Youtrack

JetBrains YouTrack versions before 2019.1 had a CSRF vulnerability on the settings page.

6.8
2019-10-02 CVE-2019-12700 Cisco Unspecified vulnerability in Cisco products

A vulnerability in the configuration of the Pluggable Authentication Module (PAM) used in Cisco Firepower Threat Defense (FTD) Software, Cisco Firepower Management Center (FMC) Software, and Cisco FXOS Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition.

6.8
2019-10-02 CVE-2019-5031 Foxitsoftware Allocation of Resources Without Limits or Throttling vulnerability in Foxitsoftware Phantompdf

An exploitable memory corruption vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader, version 9.4.1.16828.

6.8
2019-10-02 CVE-2019-17080 Linuxmint Deserialization of Untrusted Data vulnerability in Linuxmint Mintinstall 7.9.9

mintinstall (aka Software Manager) 7.9.9 for Linux Mint allows code execution if a REVIEWS_CACHE file is controlled by an attacker, because an unpickle occurs.

6.8
2019-10-01 CVE-2019-15039 Jetbrains Path Traversal vulnerability in Jetbrains Teamcity 2018.2.4

An issue was discovered in JetBrains TeamCity 2018.2.4.

6.8
2019-09-30 CVE-2019-17051 Evernote Improper Input Validation vulnerability in Evernote

Evernote before 7.13 GA on macOS allows code execution because the com.apple.quarantine attribute is not used for attachment files, as demonstrated by a one-click attack involving a drag-and-drop operation on a crafted Terminal file.

6.8
2019-09-30 CVE-2019-16993 Phpbb
Debian
Cross-Site Request Forgery (CSRF) vulnerability in multiple products

In phpBB before 3.1.7-PL1, includes/acp/acp_bbcodes.php has improper verification of a CSRF token on the BBCode page in the Administration Control Panel.

6.8
2019-10-04 CVE-2019-17188 Fecmall Unrestricted Upload of File with Dangerous Type vulnerability in Fecmall 2.3.4

An unrestricted file upload vulnerability was discovered in catalog/productinfo/imageupload in Fecshop FecMall 2.3.4.

6.5
2019-10-04 CVE-2019-11655 HP Unrestricted Upload of File with Dangerous Type vulnerability in HP Arcsight Logger

Unrestricted file upload vulnerability in Micro Focus ArcSight Logger, version 6.7.0 and later.

6.5
2019-10-04 CVE-2019-16891 Liferay Deserialization of Untrusted Data vulnerability in Liferay Portal

Liferay Portal CE 6.2.5 allows remote command execution because of deserialization of a JSON payload.

6.5
2019-10-03 CVE-2019-15766 Kslabs Code Injection vulnerability in Kslabs Ksweb 3.93

The KSLABS KSWEB (aka ru.kslabs.ksweb) application 3.93 for Android allows authenticated remote code execution via a POST request to the AJAX handler with the configFile parameter set to the arbitrary file to be written to (and the config_text parameter set to the content of the file to be created).

6.5
2019-10-03 CVE-2019-4422 IBM Unspecified vulnerability in IBM Security Guardium

IBM Security Guardium 9.0, 9.5, and 10.6 are vulnerable to a privilege escalation which could allow an authenticated user to change the accessmgr password.

6.5
2019-10-01 CVE-2019-10431 Jenkins Code Injection vulnerability in Jenkins Script Security

A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.64 and earlier related to the handling of default parameter expressions in constructors allowed attackers to execute arbitrary code in sandboxed scripts.

6.5
2019-09-30 CVE-2019-17050 Thecontrolgroup Authorization Bypass Through User-Controlled Key vulnerability in Thecontrolgroup Voyager

An issue was discovered in the Voyager package through 1.2.7 for Laravel.

6.5
2019-09-30 CVE-2019-4304 IBM Session Fixation vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server - Liberty could allow a remote attacker to bypass security restrictions caused by improper session validation.

6.5
2019-09-30 CVE-2019-16997 Metinfo SQL Injection vulnerability in Metinfo 7.0.0

In Metinfo 7.0.0beta, a SQL Injection was discovered in app/system/language/admin/language_general.class.php via the admin/?n=language&c=language_general&a=doExportPack appno parameter.

6.5
2019-09-30 CVE-2019-16996 Metinfo SQL Injection vulnerability in Metinfo 7.0.0

In Metinfo 7.0.0beta, a SQL Injection was discovered in app/system/product/admin/product_admin.class.php via the admin/?n=product&c=product_admin&a=dopara&app_type=shop id parameter.

6.5
2019-09-30 CVE-2019-16745 Ebrigade SQL Injection vulnerability in Ebrigade

eBrigade before 5.0 has evenement_choice.php chxCal SQL Injection.

6.5
2019-09-30 CVE-2019-16744 Ebrigade SQL Injection vulnerability in Ebrigade

eBrigade before 5.0 has evenements.php cid SQL Injection.

6.5
2019-09-30 CVE-2019-16743 Ebrigade SQL Injection vulnerability in Ebrigade

eBrigade before 5.0 has evenement_ical.php evenement SQL Injection.

6.5
2019-10-04 CVE-2019-17130 Vbulletin Files or Directories Accessible to External Parties vulnerability in Vbulletin

vBulletin through 5.5.4 mishandles external URLs within the /core/vb/vurl.php file and the /core/vb/vurl directories.

6.4
2019-10-02 CVE-2019-15272 Cisco HTTP Request Smuggling vulnerability in Cisco Unified Communications Manager

A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) could allow an unauthenticated, remote attacker to bypass security restrictions.

6.4
2019-10-02 CVE-2019-12711 Cisco XXE vulnerability in Cisco Unified Communications Manager

A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) could allow an unauthenticated, remote attacker to access sensitive information or cause a denial of service (DoS) condition.

6.4
2019-10-01 CVE-2019-8291 Online Store System Project Path Traversal vulnerability in Online Store System Project Online Store System 1.0

Online Store System v1.0 delete_file.php doesn't check to see if a user has administrative rights nor does it check for path traversal.

6.4
2019-10-06 CVE-2019-17219 Vzug Missing Authentication for Critical Function vulnerability in Vzug Combi-Stream Mslq Firmware

An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05.

5.8
2019-10-02 CVE-2019-4538 IBM Open Redirect vulnerability in IBM Security Directory Server 6.4.0

IBM Security Directory Server 6.4.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.

5.8
2019-10-01 CVE-2019-15041 Jetbrains Open Redirect vulnerability in Jetbrains Youtrack

JetBrains YouTrack versions before 2019.1.52545 allowed unbounded URL whitelisting because of Inclusion of Functionality from an Untrusted Control Sphere.

5.8
2019-09-30 CVE-2019-4109 IBM Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Websphere Extreme Scale

IBM WebSphere eXtreme Scale 8.6 Admin Console could allow a remote attacker to hijack the clicking action of the victim.

5.8
2019-09-30 CVE-2019-16932 Themeisle Server-Side Request Forgery (SSRF) vulnerability in Themeisle Visualizer

A blind SSRF vulnerability exists in the Visualizer plugin before 3.3.1 for WordPress via wp-json/visualizer/v1/upload-data.

5.8
2019-10-02 CVE-2019-4539 IBM XML Injection (aka Blind XPath Injection) vulnerability in IBM Security Directory Server 6.4.0

IBM Security Directory Server 6.4.0 does not properly neutralize special elements that are used in XML, allowing attackers to modify the syntax, content, or commands of the XML before it is processed by an end system.

5.5
2019-10-01 CVE-2019-17073 Emlog Path Traversal vulnerability in Emlog 3.5.1/5.3.1/6.0.0

emlog through 6.0.0beta allows remote authenticated users to delete arbitrary files via admin/template.php?action=del&tpl=../ directory traversal.

5.5
2019-10-01 CVE-2019-8292 Online Store System Project Missing Authentication for Critical Function vulnerability in Online Store System Project Online Store System 1.0

Online Store System v1.0 delete_product.php doesn't check to see if a user authtenticated or has administrative rights allowing arbitrary product deletion.

5.3
2019-10-03 CVE-2018-14879 F5
Tcpdump
Apple
Debian
Fedoraproject
Opensuse
Redhat
Classic Buffer Overflow vulnerability in multiple products

The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file().

5.1
2019-10-06 CVE-2019-17218 Vzug Missing Encryption of Sensitive Data vulnerability in Vzug Combi-Stream Mslq Firmware Ethernetr07

An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05.

5.0
2019-10-06 CVE-2019-17215 Vzug Improper Restriction of Excessive Authentication Attempts vulnerability in Vzug Combi-Stream Mslq Firmware

An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05.

5.0
2019-10-06 CVE-2019-17214 Webarxsecurity Cross-site Scripting vulnerability in Webarxsecurity Webarx 1.3.0

The WebARX plugin 1.3.0 for WordPress allows firewall bypass by appending &cc=1 to a URI.

5.0
2019-10-05 CVE-2019-17199 Webpagetest Path Traversal vulnerability in Webpagetest 19.04

www/getfile.php in WPO WebPageTest 19.04 on Windows allows Directory Traversal (for reading arbitrary files) because of an unanchored regular expression, as demonstrated by the a.jpg\..

5.0
2019-10-05 CVE-2019-17191 Signal Improper Input Validation vulnerability in Signal Private Messenger

The Signal Private Messenger application before 4.47.7 for Android allows a caller to force a call to be answered, without callee user interaction, via a connect message.

5.0
2019-10-04 CVE-2019-16865 Python
Fedoraproject
Allocation of Resources Without Limits or Throttling vulnerability in multiple products

An issue was discovered in Pillow before 6.2.0.

5.0
2019-10-04 CVE-2019-17183 Foxitsoftware Missing Release of Resource after Effective Lifetime vulnerability in Foxitsoftware Reader

Foxit Reader before 9.7 allows an Access Violation and crash if insufficient memory exists.

5.0
2019-10-04 CVE-2019-17178 Freerdp
Lodev
Opensuse
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through 2019-09-28, as used in WinPR in FreeRDP and other products, has a memory leak because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value.

5.0
2019-10-04 CVE-2019-17177 Freerdp
Opensuse
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0.0-rc4 has memory leaks because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value.

5.0
2019-10-04 CVE-2019-17175 Joyplus CMS Project Path Traversal vulnerability in Joyplus-Cms Project Joyplus-Cms 1.6.0

joyplus-cms 1.6.0 allows manager/admin_pic.php?rootpath= absolute path traversal.

5.0
2019-10-04 CVE-2019-4514 IBM Information Exposure vulnerability in IBM Security KEY Lifecycle Manager

IBM Security Key Lifecycle Manager 2.6, 2.7, 3.0, and 3.0.1 discloses sensitive information to unauthorized users.

5.0
2019-10-04 CVE-2018-11768 Apache Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apache Hadoop

In Apache Hadoop 3.1.0 to 3.1.1, 3.0.0-alpha1 to 3.0.3, 2.9.0 to 2.9.1, and 2.0.0-alpha to 2.8.4, the user/group information can be corrupted across storing in fsimage and reading back from fsimage.

5.0
2019-10-03 CVE-2019-16328 Rpyc Project Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Rpyc Project Rpyc 4.1.0/4.1.1

In RPyC 4.1.x through 4.1.1, a remote attacker can dynamically modify object attributes to construct a remote procedure call that executes code for an RPyC service with default configuration settings.

5.0
2019-10-03 CVE-2019-16866 Nlnetlabs
Canonical
Use of Uninitialized Resource vulnerability in multiple products

Unbound before 1.9.4 accesses uninitialized memory, which allows remote attackers to trigger a crash via a crafted NOTIFY query.

5.0
2019-10-03 CVE-2019-15165 Tcpdump
Debian
Opensuse
Oracle
Apple
Canonical
Fedoraproject
Allocation of Resources Without Limits or Throttling vulnerability in multiple products

sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.

5.0
2019-10-03 CVE-2019-15164 Tcpdump Server-Side Request Forgery (SSRF) vulnerability in Tcpdump Libpcap

rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source.

5.0
2019-10-03 CVE-2019-15163 Tcpdump NULL Pointer Dereference vulnerability in Tcpdump Libpcap

rpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service (NULL pointer dereference and daemon crash) if a crypt() call fails.

5.0
2019-10-03 CVE-2019-15162 Tcpdump Insufficient Verification of Data Authenticity vulnerability in Tcpdump Libpcap

rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames.

5.0
2019-10-03 CVE-2019-15161 Tcpdump Incorrect Calculation of Buffer Size vulnerability in Tcpdump Libpcap

rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable.

5.0
2019-10-03 CVE-2019-15166 Tcpdump
Apple
Debian
Fedoraproject
Opensuse
Redhat
Netapp
Canonical
Classic Buffer Overflow vulnerability in multiple products

lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.

5.0
2019-10-03 CVE-2018-16452 Tcpdump Uncontrolled Recursion vulnerability in Tcpdump

The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.

5.0
2019-10-03 CVE-2018-16451 Tcpdump
Apple
Debian
Fedoraproject
Opensuse
Redhat
Out-of-bounds Read vulnerability in multiple products

The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN.

5.0
2019-10-03 CVE-2018-16300 Tcpdump Uncontrolled Recursion vulnerability in Tcpdump

The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion.

5.0
2019-10-03 CVE-2018-16230 Tcpdump
Apple
Debian
Fedoraproject
Opensuse
Redhat
Out-of-bounds Read vulnerability in multiple products

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).

5.0
2019-10-03 CVE-2018-16229 Tcpdump
F5
Apple
Debian
Fedoraproject
Opensuse
Redhat
Out-of-bounds Read vulnerability in multiple products

The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().

5.0
2019-10-03 CVE-2018-16228 Tcpdump
Apple
Debian
Fedoraproject
Opensuse
Redhat
Out-of-bounds Read vulnerability in multiple products

The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().

5.0
2019-10-03 CVE-2018-16227 Tcpdump
Apple
Debian
Fedoraproject
Opensuse
Redhat
Out-of-bounds Read vulnerability in multiple products

The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.

5.0
2019-10-03 CVE-2018-14882 Tcpdump
F5
Apple
Debian
Fedoraproject
Opensuse
Redhat
Out-of-bounds Read vulnerability in multiple products

The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.

5.0
2019-10-03 CVE-2018-14881 Tcpdump
Apple
Debian
Fedoraproject
Opensuse
Redhat
Out-of-bounds Read vulnerability in multiple products

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).

5.0
2019-10-03 CVE-2018-14880 Tcpdump
Apple
Debian
Fedoraproject
Opensuse
Redhat
F5
Out-of-bounds Read vulnerability in multiple products

The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().

5.0
2019-10-03 CVE-2018-14470 Tcpdump
Apple
Debian
Fedoraproject
Opensuse
Redhat
Out-of-bounds Read vulnerability in multiple products

The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().

5.0
2019-10-03 CVE-2018-14469 Tcpdump
F5
Apple
Debian
Fedoraproject
Opensuse
Redhat
Out-of-bounds Read vulnerability in multiple products

The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().

5.0
2019-10-03 CVE-2018-14468 Tcpdump
Apple
Debian
Fedoraproject
Opensuse
Redhat
F5
Out-of-bounds Read vulnerability in multiple products

The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().

5.0
2019-10-03 CVE-2018-14467 Tcpdump
Apple
Debian
Fedoraproject
Opensuse
Redhat
Out-of-bounds Read vulnerability in multiple products

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).

5.0
2019-10-03 CVE-2018-14466 Tcpdump
Apple
Debian
Fedoraproject
Opensuse
Redhat
Out-of-bounds Read vulnerability in multiple products

The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert().

5.0
2019-10-03 CVE-2018-14465 Tcpdump
F5
Apple
Debian
Fedoraproject
Opensuse
Redhat
Out-of-bounds Read vulnerability in multiple products

The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().

5.0
2019-10-03 CVE-2018-14464 Tcpdump
Apple
Debian
Fedoraproject
Opensuse
Redhat
Out-of-bounds Read vulnerability in multiple products

The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().

5.0
2019-10-03 CVE-2018-14463 Tcpdump
Redhat
Debian
Opensuse
Fedoraproject
F5
Apple
Out-of-bounds Read vulnerability in multiple products

The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167.

5.0
2019-10-03 CVE-2018-14462 Tcpdump
F5
Apple
Debian
Fedoraproject
Opensuse
Redhat
Out-of-bounds Read vulnerability in multiple products

The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().

5.0
2019-10-03 CVE-2018-14461 Tcpdump
Apple
Debian
Fedoraproject
Opensuse
Redhat
Out-of-bounds Read vulnerability in multiple products

The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().

5.0
2019-10-03 CVE-2019-4441 IBM Information Exposure Through an Error Message vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and Liberty could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser.

5.0
2019-10-02 CVE-2019-14958 Jetbrains Allocation of Resources Without Limits or Throttling vulnerability in Jetbrains Pycharm

JetBrains PyCharm before 2019.2 was allocating a buffer of unknown size for one of the connection processes.

5.0
2019-10-02 CVE-2019-12737 Jetbrains Use of Password Hash With Insufficient Computational Effort vulnerability in Jetbrains Ktor

UserHashedTableAuth in JetBrains Ktor framework before 1.2.0-rc uses a One-Way Hash with a Predictable Salt for storing user credentials.

5.0
2019-10-02 CVE-2019-12706 Cisco Improper Input Validation vulnerability in Cisco Email Security Appliance Firmware

A vulnerability in the Sender Policy Framework (SPF) functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the configured user filters on an affected device.

5.0
2019-10-02 CVE-2019-12701 Cisco Improper Input Validation vulnerability in Cisco products

A vulnerability in the file and malware inspection feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass the file and malware inspection policies on an affected system.

5.0
2019-10-02 CVE-2019-12697 Cisco Unspecified vulnerability in Cisco Firepower

Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types.

5.0
2019-10-02 CVE-2019-12696 Cisco Unspecified vulnerability in Cisco Firepower

Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types.

5.0
2019-10-02 CVE-2019-12678 Cisco Integer Underflow (Wrap or Wraparound) vulnerability in Cisco products

A vulnerability in the Session Initiation Protocol (SIP) inspection module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

5.0
2019-10-02 CVE-2019-12673 Cisco Improper Input Validation vulnerability in Cisco products

A vulnerability in the FTP inspection engine of Cisco Adaptive Security (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

5.0
2019-10-02 CVE-2019-12156 Jetbrains Information Exposure Through an Error Message vulnerability in Jetbrains Upsource

Server metadata could be exposed because one of the error messages reflected the whole response back to the client in JetBrains TeamCity versions before 2018.2.5 and UpSource versions before 2018.2 build 1293.

5.0
2019-10-02 CVE-2019-8462 Checkpoint Improper Handling of Exceptional Conditions vulnerability in Checkpoint Security Gateway R80.30

In a rare scenario, Check Point R80.30 Security Gateway before JHF Take 50 managed by Check Point R80.30 Management crashes with a unique configuration of enhanced logging.

5.0
2019-10-02 CVE-2019-13343 Butor Path Traversal vulnerability in Butor Portal

Butor Portal before 1.0.27 is affected by a Path Traversal vulnerability leading to a pre-authentication arbitrary file download.

5.0
2019-10-02 CVE-2019-4549 IBM Insecure Storage of Sensitive Information vulnerability in IBM Security Directory Server 6.4.0

IBM Security Directory Server 6.4.0 discloses sensitive information to unauthorized users.

5.0
2019-10-02 CVE-2019-4520 IBM Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Security Directory Server 6.4.0

IBM Security Directory Server 6.4.0 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials.

5.0
2019-10-01 CVE-2019-0231 Apache Cleartext Transmission of Sensitive Information vulnerability in Apache Mina 2.0.20/2.1.1

Handling of the close_notify SSL/TLS message does not lead to a connection closure, leading the server to retain the socket opened and to have the client potentially receive clear text messages afterward.

5.0
2019-10-01 CVE-2019-17069 Putty
Opensuse
Netapp
Use After Free vulnerability in multiple products

PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1_MSG_DISCONNECT message.

5.0
2019-10-01 CVE-2019-17068 Putty
Opensuse
Injection vulnerability in multiple products

PuTTY before 0.73 mishandles the "bracketed paste mode" protection mechanism, which may allow a session to be affected by malicious clipboard content.

5.0
2019-10-01 CVE-2019-15042 Jetbrains Improper Certificate Validation vulnerability in Jetbrains Teamcity 2018.2.4

An issue was discovered in JetBrains TeamCity 2018.2.4.

5.0
2019-10-01 CVE-2019-15038 Jetbrains Unspecified vulnerability in Jetbrains Teamcity 2018.2.4

An issue was discovered in JetBrains TeamCity 2018.2.4.

5.0
2019-10-01 CVE-2019-14957 Jetbrains Insecure Storage of Sensitive Information vulnerability in Jetbrains VIM

The JetBrains Vim plugin before version 0.52 was storing individual project data in the global vim_settings.xml file.

5.0
2019-10-01 CVE-2019-14955 Jetbrains Weak Password Recovery Mechanism for Forgotten Password vulnerability in Jetbrains HUB

In JetBrains Hub versions earlier than 2018.4.11436, there was no option to force a user to change the password and no password expiration policy was implemented.

5.0
2019-10-01 CVE-2019-4246 IBM Unspecified vulnerability in IBM Daeja Viewone

IBM Daeja ViewONE Virtual 5.0 through 5.0.6 could expose internal parameters to ViewONE clients that could be used in further attacks against the system.

5.0
2019-10-01 CVE-2019-10435 Jenkins Cleartext Transmission of Sensitive Information vulnerability in Jenkins Sourcegear Vault 1.0/1.1/1.1.1

Jenkins SourceGear Vault Plugin transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure.

5.0
2019-10-01 CVE-2019-10434 Jenkins Cleartext Transmission of Sensitive Information vulnerability in Jenkins Ldap Email

Jenkins LDAP Email Plugin transmits configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure.

5.0
2019-09-30 CVE-2019-3732 Dell
EMC
Information Exposure Through Discrepancy vulnerability in multiple products

RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 (in 4.0.x) and versions prior to 4.1.3.3 (in 4.1.x), and RSA Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) versions prior to 4.1.6.1 (in 4.1.x) and versions prior to 4.3.3 (4.2.x and 4.3.x) are vulnerable to an Information Exposure Through Timing Discrepancy.

5.0
2019-09-30 CVE-2019-3731 Dell Information Exposure Through Discrepancy vulnerability in Dell products

RSA BSAFE Crypto-C Micro Edition versions prior to 4.1.4 and RSA Micro Edition Suite versions prior to 4.4 are vulnerable to an Information Exposure Through Timing Discrepancy.

5.0
2019-09-30 CVE-2019-3730 Dell Information Exposure Through an Error Message vulnerability in Dell Bsafe Micro-Edition-Suite

RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and prior to 4.4 (in 4.2.x and 4.3.x), are vulnerable to an Information Exposure Through an Error Message vulnerability, also known as a “padding oracle attack vulnerability”.

5.0
2019-09-30 CVE-2019-3728 Dell Out-of-bounds Read vulnerability in Dell products

RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.4 (in 4.0.x) and 4.1.4 (in 4.1.x) and RSA BSAFE Micro Edition Suite versions prior to 4.0.13 (in 4.0.x) and prior to 4.4 (in 4.1.x, 4.2.x, 4.3.x) are vulnerable to a Buffer Over-read vulnerability when processing DSA signature.

5.0
2019-09-30 CVE-2019-16760 Rust Lang Download of Code Without Integrity Check vulnerability in Rust-Lang Rust

Cargo prior to Rust 1.26.0 may download the wrong dependency if your package.toml file uses the `package` configuration key.

5.0
2019-09-30 CVE-2019-13124 Foxitsoftware Uncontrolled Recursion vulnerability in Foxitsoftware Foxit Reader

Foxit Reader 9.6.0.25114 and earlier has two unique RecursiveCall bugs involving 3 functions exhausting available stack memory because of Uncontrolled Recursion in the V8 JavaScript engine (issue 2 of 2).

5.0
2019-09-30 CVE-2019-13123 Foxitsoftware Uncontrolled Recursion vulnerability in Foxitsoftware Foxit Reader

Foxit Reader 9.6.0.25114 and earlier has two unique RecursiveCall bugs involving 3 functions exhausting available stack memory because of Uncontrolled Recursion in the V8 JavaScript engine (issue 1 of 2).

5.0
2019-09-30 CVE-2019-17049 Netgear SQL Injection vulnerability in Netgear Srx5308 Firmware 4.3.53

NETGEAR SRX5308 4.3.5-3 devices allow SQL Injection, as exploited in the wild in September 2019 to add a new user account.

5.0
2019-09-30 CVE-2019-16276 Golang
Debian
Opensuse
Fedoraproject
Redhat
Netapp
HTTP Request Smuggling vulnerability in multiple products

Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling.

5.0
2019-09-30 CVE-2019-13466 Sandisk
Westerndigital
Use of Hard-coded Credentials vulnerability in multiple products

Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 have Incorrect Access Control.

5.0
2019-09-30 CVE-2019-4423 IBM Path Traversal vulnerability in IBM Sterling File Gateway

IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 could allow a remote attacker to traverse directories on the system.

5.0
2019-09-30 CVE-2019-4305 IBM Reliance on Cookies without Validation and Integrity Checking vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information caused by the improper setting of a cookie.

5.0
2019-09-30 CVE-2019-4280 IBM Cleartext Transmission of Sensitive Information vulnerability in IBM Sterling File Gateway

IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 displays sensitive information in HTTP requests which could be used in further attacks against the system.

5.0
2019-09-30 CVE-2017-18636 Esafenet Path Traversal vulnerability in Esafenet CDG

CDG through 2017-01-01 allows downloadDocument.jsp?command=download&pathAndName= directory traversal.

5.0
2019-09-30 CVE-2019-16992 Keybase Improper Verification of Cryptographic Signature vulnerability in Keybase 2.13.2

The Keybase app 2.13.2 for iOS provides potentially insufficient notice that it is employing a user's private key to sign a certain cryptocurrency attestation (that an address at keybase.io can be used for Stellar payments to the user), which might be incompatible with a user's personal position on the semantics of an attestation.

5.0
2019-09-30 CVE-2019-16994 Linux
Opensuse
Redhat
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when register_netdev() fails to register sitn->fb_tunnel_dev, which may cause denial of service, aka CID-07f12b26e21a.

4.7
2019-10-01 CVE-2019-14960 Jetbrains Untrusted Search Path vulnerability in Jetbrains Rider

JetBrains Rider before 2019.1.2 was using an unsigned JetBrains.Rider.Unity.Editor.Plugin.Repacked.dll file.

4.6
2019-09-30 CVE-2019-2341 Qualcomm Classic Buffer Overflow vulnerability in Qualcomm products

Buffer overflow when the audio buffer size provided by user is larger than the maximum allowable audio buffer size.

4.6
2019-09-30 CVE-2019-2333 Qualcomm Classic Buffer Overflow vulnerability in Qualcomm products

Buffer overflow due to improper validation of buffer size while IPA driver processing to perform read operation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

4.6
2019-09-30 CVE-2019-10508 Qualcomm Classic Buffer Overflow vulnerability in Qualcomm products

Lack of input validation for data received from user space can lead to OOB access in WLAN in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 425, SD 430, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 650/52, SD 820A, SDX20

4.6
2019-09-30 CVE-2019-10507 Qualcomm Out-of-bounds Read vulnerability in Qualcomm products

Lack of check of extscan change results received from firmware can lead to an out of buffer read in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS605, SD 210/SD 212/SD 205, SD 425, SD 430, SD 600, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24

4.6
2019-09-30 CVE-2019-10506 Qualcomm Improper Input Validation vulnerability in Qualcomm products

While processing QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY vendor command, driver does not validate the data obtained from the user space which could be invalid and thus leads to an undesired behaviour in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS605, SD 600, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM630, SDM660, SDX24

4.6
2019-09-30 CVE-2019-10501 Qualcomm Use After Free vulnerability in Qualcomm products

Possible use after free issue due to improper input validation in volume listener library in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

4.6
2019-09-30 CVE-2019-10498 Qualcomm Classic Buffer Overflow vulnerability in Qualcomm products

Buffer overflow scenario if the client sends more than 5 io_vec requests to the server in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

4.6
2019-09-30 CVE-2019-10497 Qualcomm Use After Free vulnerability in Qualcomm products

Use after free issue occurs If another instance of open for voice_svc node has been called from application without closing the previous one.

4.6
2019-10-03 CVE-2018-16301 Tcpdump Classic Buffer Overflow vulnerability in Tcpdump

The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile().

4.4
2019-10-02 CVE-2019-16407 Jetbrains Untrusted Search Path vulnerability in Jetbrains Resharper

JetBrains ReSharper installers for versions before 2019.2 had a DLL Hijacking vulnerability.

4.4
2019-09-30 CVE-2019-2284 Qualcomm Use After Free vulnerability in Qualcomm products

Possible use-after-free issue due to a race condition while calling camera ioctl concurrently in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / SD 850, SD 855, SDM439, SDX24

4.4
2019-10-06 CVE-2019-17240 Bludit Improper Restriction of Excessive Authentication Attempts vulnerability in Bludit 3.9.2

bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypass a brute-force protection mechanism by using many different forged X-Forwarded-For or Client-IP HTTP headers.

4.3
2019-10-06 CVE-2019-17213 Webarxsecurity Cross-site Scripting vulnerability in Webarxsecurity Webarx 1.3.0

The WebARX plugin 1.3.0 for WordPress has unauthenticated stored XSS via the URI or the X-Forwarded-For HTTP header.

4.3
2019-10-05 CVE-2019-17205 Teampass Cross-site Scripting vulnerability in Teampass 2.1.27.36

TeamPass 2.1.27.36 allows Stored XSS by placing a payload in the username field during a login attempt.

4.3
2019-10-04 CVE-2019-17179 Open EMR Cross-site Scripting vulnerability in Open-Emr Openemr

4.1.0, 4.1.1, 4.1.2, 4.1.2.3, 4.1.2.6, 4.1.2.7, 4.2.0, 4.2.1, 4.2.2, 5.0.0, 5.0.0.5, 5.0.0.6, 5.0.1, 5.0.1.1, 5.0.1.2, 5.0.1.3, 5.0.1.4, 5.0.1.5, 5.0.1.6, 5.0.1.7, 5.0.2, fixed in version 5.0.2.1

4.3
2019-10-04 CVE-2019-13318 Foxitsoftware Use of Externally-Controlled Format String vulnerability in Foxitsoftware Reader

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 9.5.0.20723.

4.3
2019-10-04 CVE-2019-4564 IBM Cross-site Scripting vulnerability in IBM Security KEY Lifecycle Manager

IBM Security Key Lifecycle Manager 2.6, 2.7, 3.0, and 3.0.1 is vulnerable to cross-site scripting.

4.3
2019-10-04 CVE-2019-17131 Vbulletin Improper Restriction of Rendered UI Layers or Frames vulnerability in Vbulletin

vBulletin before 5.5.4 allows clickjacking.

4.3
2019-10-03 CVE-2019-16931 Themeisle Cross-site Scripting vulnerability in Themeisle Visualizer

A stored XSS vulnerability in the Visualizer plugin 3.3.0 for WordPress allows an unauthenticated attacker to execute arbitrary JavaScript when an admin or other privileged user edits the chart via the admin dashboard.

4.3
2019-10-03 CVE-2019-13629 Matrixssl Use of a Broken or Risky Cryptographic Algorithm vulnerability in Matrixssl

MatrixSSL 4.2.1 and earlier contains a timing side channel in ECDSA signature generation.

4.3
2019-10-02 CVE-2019-11651 Microfocus Cross-site Scripting vulnerability in Microfocus Enterprise Developer and Enterprise Server

Reflected XSS on Micro Focus Enterprise Developer and Enterprise Server, all versions prior to version 3.0 Patch Update 20, version 4.0 Patch Update 12, and version 5.0 Patch Update 2.

4.3
2019-10-02 CVE-2019-1915 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco products

A vulnerability in the web-based interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition (SME), Cisco Unified Communications Manager IM and Presence (Unified CM IM&P) Service, and Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system.

4.3
2019-10-02 CVE-2019-16171 Jetbrains Cross-site Scripting vulnerability in Jetbrains Youtrack

In JetBrains YouTrack through 2019.2.56594, stored XSS was found on the issue page.

4.3
2019-10-02 CVE-2019-15259 Cisco Injection vulnerability in Cisco Unified Contact Center Express

A vulnerability in Cisco Unified Contact Center Express (UCCX) Software could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack.

4.3
2019-10-02 CVE-2019-15037 Jetbrains Cross-site Scripting vulnerability in Jetbrains Teamcity 2018.2.4

An issue was discovered in JetBrains TeamCity 2018.2.4.

4.3
2019-10-02 CVE-2019-14959 Jetbrains Missing Encryption of Sensitive Data vulnerability in Jetbrains Toolbox

JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection.

4.3
2019-10-02 CVE-2019-12716 Cisco Cross-site Scripting vulnerability in Cisco Unified Communications Manager

A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface.

4.3
2019-10-02 CVE-2019-12715 Cisco Cross-site Scripting vulnerability in Cisco Unified Communications Manager

A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of the affected software.

4.3
2019-10-02 CVE-2019-12713 Cisco Cross-site Scripting vulnerability in Cisco Prime Infrastructure 3.5

A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software.

4.3
2019-10-02 CVE-2019-12712 Cisco Cross-site Scripting vulnerability in Cisco Prime Infrastructure 3.7

A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software.

4.3
2019-10-02 CVE-2019-12707 Cisco Cross-site Scripting vulnerability in Cisco products

A vulnerability in the web-based interface of multiple Cisco Unified Communications products could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of the affected software.

4.3
2019-10-02 CVE-2019-12695 Cisco Cross-site Scripting vulnerability in Cisco products

A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

4.3
2019-10-02 CVE-2019-12631 Cisco Cross-site Scripting vulnerability in Cisco Identity Services Engine

A vulnerability in the web-based guest portal of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface.

4.3
2019-10-02 CVE-2019-10212 Redhat
Netapp
Information Exposure Through Log Files vulnerability in multiple products

A flaw was found in, all under 2.0.20, in the Undertow DEBUG log for io.undertow.request.security.

4.3
2019-10-02 CVE-2019-4542 IBM Cross-site Scripting vulnerability in IBM Security Directory Server 6.4.0

IBM Security Directory Server 6.4.0 is vulnerable to cross-site scripting.

4.3
2019-10-02 CVE-2019-17091 Eclipse
Oracle
Cross-site Scripting vulnerability in multiple products

faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used in Mojarra for Eclipse EE4J before 2.3.10 and Mojarra JavaServer Faces before 2.2.20, allows Reflected XSS because a client window field is mishandled.

4.3
2019-10-01 CVE-2019-8290 Online Store System Project Cross-site Scripting vulnerability in Online Store System Project Online Store System 1.0

Vulnerability in Online Store v1.0, The registration form requirements for the member email format can be bypassed by posting directly to sent_register.php allowing special characters to be included and an XSS payload to be injected.

4.3
2019-10-01 CVE-2019-14961 Jetbrains Cross-site Scripting vulnerability in Jetbrains Upsource

JetBrains Upsource before 2019.1.1412 was not properly escaping HTML tags in a code block comments, leading to XSS.

4.3
2019-10-01 CVE-2019-17064 Glyphandcog NULL Pointer Dereference vulnerability in Glyphandcog Xpdfreader 4.02

Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog.pageLabels is initialized too late in the Catalog constructor.

4.3
2019-10-01 CVE-2019-17063 Snowtide Improper Input Validation vulnerability in Snowtide Pdfxstream

In Snowtide PDFxStream before 3.7.1 (for Java), a crafted PDF file can trigger an extremely long running computation because of page-tree mishandling.

4.3
2019-10-01 CVE-2019-14953 Jetbrains Cross-site Scripting vulnerability in Jetbrains Youtrack

JetBrains YouTrack versions before 2019.2.53938 had a possible XSS through issue attachments when using the Firefox browser.

4.3
2019-10-01 CVE-2019-14954 Jetbrains Missing Encryption of Sensitive Data vulnerability in Jetbrains Intellij Idea

JetBrains IntelliJ IDEA before 2019.2 was resolving the markdown plantuml artifact download link via a cleartext http connection.

4.3
2019-10-01 CVE-2019-14952 Jetbrains Cross-site Scripting vulnerability in Jetbrains Youtrack

JetBrains YouTrack versions before 2019.1.52584 had a possible XSS in the issue titles.

4.3
2019-09-30 CVE-2019-13467 Sandisk
Westerndigital
Description: Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 applications are potentially vulnerable to man-in-the-middle attacks when the applications download resources from the Dashboard web service.
4.3
2019-09-30 CVE-2019-15810 Netdisco Cross-site Scripting vulnerability in Netdisco 2.042010

Insufficient sanitization during device search in Netdisco 2.042010 allows for reflected XSS via manipulation of a URL parameter.

4.3
2019-09-30 CVE-2019-16414 GFI Cross-site Scripting vulnerability in GFI Kerio Control 9.3.0

A DOM based XSS in GFI Kerio Control v9.3.0 allows embedding of malicious code and manipulating the login page to send back a victim's cleartext credentials to an attacker via a login/?reason=failure&NTLM= URI.

4.3
2019-09-30 CVE-2019-14752 Salesagility Cross-site Scripting vulnerability in Salesagility Suitecrm

SuiteCRM 7.10.x and 7.11.x before 7.10.20 and 7.11.8 has XSS.

4.3
2019-10-03 CVE-2019-16198 Kslabs Path Traversal vulnerability in Kslabs Ksweb 3.93

KSLabs KSWEB 3.93 allows ../ directory traversal, as demonstrated by the hostFile parameter.

4.0
2019-10-02 CVE-2019-14956 Jetbrains Improper Preservation of Permissions vulnerability in Jetbrains Youtrack

JetBrains YouTrack before 2019.2.53938 was using incorrect settings, allowing a user without necessary permissions to get other project names.

4.0
2019-10-02 CVE-2019-12714 Cisco Allocation of Resources Without Limits or Throttling vulnerability in Cisco Ic3000 Industrial Compute Gateway Firmware 1.0.1

A vulnerability in the web-based management interface of Cisco IC3000 Industrial Compute Gateway could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

4.0
2019-10-02 CVE-2019-12710 Cisco SQL Injection vulnerability in Cisco Unified Communications Manager

A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) could allow an authenticated, remote attacker to impact the confidentiality of an affected system by executing arbitrary SQL queries.

4.0
2019-10-02 CVE-2019-12693 Cisco Incorrect Type Conversion or Cast vulnerability in Cisco Adaptive Security Appliance

A vulnerability in the Secure Copy (SCP) feature of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition.

4.0
2019-10-02 CVE-2019-12691 Cisco Path Traversal vulnerability in Cisco Firepower Management Center

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an affected device.

4.0
2019-10-02 CVE-2019-12677 Cisco Improper Handling of Exceptional Conditions vulnerability in Cisco products

A vulnerability in the Secure Sockets Layer (SSL) VPN feature of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition that prevents the creation of new SSL/Transport Layer Security (TLS) connections to an affected device.

4.0
2019-10-01 CVE-2019-15035 Jetbrains Information Exposure vulnerability in Jetbrains Teamcity 2018.2.4

An issue was discovered in JetBrains TeamCity 2018.2.4.

4.0
2019-10-01 CVE-2019-11275 Pivotal
Pivotal Software
Improper Neutralization of Formula Elements in a CSV File vulnerability in multiple products

Pivotal Application Manager, versions 666.0.x prior to 666.0.36, versions 667.0.x prior to 667.0.22, versions 668.0.x prior to 668.0.21, versions 669.0.x prior to 669.0.13, and versions 670.0.x prior to 670.0.7, contain a vulnerability where a remote authenticated user can create an app with a name such that a csv program can interpret into a formula and gets executed.

4.0
2019-09-30 CVE-2019-3733 Dell
EMC
Incomplete Cleanup vulnerability in multiple products

RSA BSAFE Crypto-C Micro Edition, all versions prior to 4.1.4, is vulnerable to three (3) different Improper Clearing of Heap Memory Before Release vulnerability, also known as 'Heap Inspection vulnerability'.

4.0

33 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-10-06 CVE-2019-17226 Cmsmadesimple Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.11

CMS Made Simple (CMSMS) 2.2.11 allows XSS via the Site Admin > Module Manager > Search Term field.

3.5
2019-10-06 CVE-2019-17225 Intelliants Cross-site Scripting vulnerability in Intelliants Subrion 4.2.1

Subrion 4.2.1 allows XSS via the panel/members/ Username, Full Name, or Email field, aka an "Admin Member JSON Update" issue.

3.5
2019-10-05 CVE-2019-17204 Teampass Cross-site Scripting vulnerability in Teampass 2.1.27.36

TeamPass 2.1.27.36 allows Stored XSS by setting a crafted Knowledge Base label and adding any available item.

3.5
2019-10-05 CVE-2019-17203 Teampass Cross-site Scripting vulnerability in Teampass 2.1.27.36

TeamPass 2.1.27.36 allows Stored XSS at the Search page by setting a crafted password for an item in any folder.

3.5
2019-10-04 CVE-2019-11656 HP Cross-site Scripting vulnerability in HP Arcsight Logger

Stored XSS vulnerability in Micro Focus ArcSight Logger, affects versions prior to Logger 6.7.1 HotFix 6.7.1.8262.0.

3.5
2019-10-04 CVE-2019-17121 Vanderbilt Cross-site Scripting vulnerability in Vanderbilt Redcap

REDCap before 9.3.4 has XSS on the Customize & Manage Locking/E-signatures page via Lock Record Custom Text values.

3.5
2019-10-02 CVE-2019-16116 Enterprisedt Information Exposure Through Log Files vulnerability in Enterprisedt Completeftp Server

EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable to information exposure in the Bootstrap.log file.

3.5
2019-10-01 CVE-2019-8289 Online Store System Project Cross-site Scripting vulnerability in Online Store System Project Online Store System 1.0

Vulnerability in Online Store v1.0, stored XSS in admin/user_view.php adidas_member_email variable

3.5
2019-10-01 CVE-2019-8288 Online Store System Project Cross-site Scripting vulnerability in Online Store System Project Online Store System 1.0

Vulnerability in Online Store v1.0, Stored XSS in user_view.php where adidas_member_user variable is not sanitized.

3.5
2019-10-01 CVE-2019-17074 Xunruicms Cross-site Scripting vulnerability in Xunruicms 4.3.1

An issue was discovered in XunRuiCMS 4.3.1.

3.5
2019-10-01 CVE-2019-7618 Elastic Path Traversal vulnerability in Elastic Kibana 7.3.0/7.3.1/7.3.2

A local file disclosure flaw was found in Elastic Code versions 7.3.0, 7.3.1, and 7.3.2.

3.5
2019-10-01 CVE-2019-4497 IBM Cross-site Scripting vulnerability in IBM Jazz Reporting Service

IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting.

3.5
2019-10-01 CVE-2019-4495 IBM Cross-site Scripting vulnerability in IBM Jazz Reporting Service

IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting.

3.5
2019-10-01 CVE-2019-4494 IBM Cross-site Scripting vulnerability in IBM Jazz Reporting Service

IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting.

3.5
2019-10-01 CVE-2019-10432 Jenkins Cross-site Scripting vulnerability in Jenkins Html Publisher

Jenkins HTML Publisher Plugin 1.20 and earlier did not escape the project and build display names in the HTML report frame, resulting in a cross-site scripting vulnerability exploitable by users able to change those.

3.5
2019-09-30 CVE-2019-4115 IBM Cross-site Scripting vulnerability in IBM Websphere Extreme Scale

IBM WebSphere eXtreme Scale 8.6 Admin API is vulnerable to cross-site scripting.

3.5
2019-09-30 CVE-2019-4106 IBM Cross-site Scripting vulnerability in IBM Websphere Extreme Scale

IBM WebSphere eXtreme Scale 8.6 Admin Console is vulnerable to cross-site scripting.

3.5
2019-09-30 CVE-2019-16684 Xoops Cross-site Scripting vulnerability in Xoops 2.5.10

An issue was discovered in the image-manager in Xoops 2.5.10.

3.5
2019-09-30 CVE-2019-16683 Xoops Cross-site Scripting vulnerability in Xoops 2.5.10

An issue was discovered in the image-manager in Xoops 2.5.10.

3.5
2019-09-30 CVE-2019-17045 Ilch Cross-site Scripting vulnerability in Ilch CMS 2.1.22

Ilch 2.1.22 allows stored XSS via the title, text, or email id to the Jobs Tab.

3.5
2019-10-02 CVE-2019-12676 Cisco Unspecified vulnerability in Cisco products

A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition.

3.3
2019-10-01 CVE-2019-17052 Linux
Debian
Fedoraproject
Canonical
Incorrect Default Permissions vulnerability in multiple products

ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768.

3.3
2019-10-01 CVE-2019-10433 Jenkins Unprotected Storage of Credentials vulnerability in Jenkins Dingding

Jenkins Dingding[??] Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.

3.3
2019-09-30 CVE-2019-3729 Dell Out-of-bounds Write vulnerability in Dell Bsafe Micro-Edition-Suite

RSA BSAFE Micro Edition Suite versions prior to 4.4 (in 4.0.x, 4.1.x, 4.2.x and 4.3.x) are vulnerable to a Heap-based Buffer Overflow vulnerability when parsing ECDSA signature.

2.7
2019-10-06 CVE-2019-17264 Liblnk Project Out-of-bounds Read vulnerability in Liblnk Project Liblnk

** DISPUTED ** In libyal liblnk before 20191006, liblnk_location_information_read_data in liblnk_location_information.c has a heap-based buffer over-read because an incorrect variable name is used for a certain offset.

2.1
2019-10-06 CVE-2019-17263 Libfwsi Project Out-of-bounds Read vulnerability in Libfwsi Project Libfwsi 20181227

** DISPUTED ** In libyal libfwsi before 20191006, libfwsi_extension_block_copy_from_byte_stream in libfwsi_extension_block.c has a heap-based buffer over-read because rejection of an unsupported size only considers values less than 6, even though values of 6 and 7 are also unsupported.

2.1
2019-10-01 CVE-2019-17056 Linux Incorrect Default Permissions vulnerability in Linux Kernel

llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.

2.1
2019-10-01 CVE-2019-17055 Linux
Debian
Fedoraproject
Canonical
Opensuse
Redhat
Missing Authorization vulnerability in multiple products

base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.

2.1
2019-10-01 CVE-2019-17054 Linux Incorrect Default Permissions vulnerability in Linux Kernel

atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c.

2.1
2019-10-01 CVE-2019-17053 Linux Incorrect Default Permissions vulnerability in Linux Kernel

ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7.

2.1
2019-09-30 CVE-2019-4112 IBM Improper Privilege Management vulnerability in IBM Websphere Extreme Scale

IBM WebSphere eXtreme Scale 8.6 Admin Console allows web pages to be stored locally which can be read by another user on the system.

2.1
2019-10-03 CVE-2019-15809 Microchip
Athena SCS
Cryptsoft
Tecsec
Thalesgroup
Information Exposure Through Discrepancy vulnerability in multiple products

Smart cards from the Athena SCS manufacturer, based on the Atmel Toolbox 00.03.11.05 and the AT90SC chip, contain a timing side channel in ECDSA signature generation.

1.2
2019-10-03 CVE-2019-13628 Wolfssl Information Exposure Through Discrepancy vulnerability in Wolfssl

wolfSSL and wolfCrypt 4.0.0 and earlier (when configured without --enable-fpecc, --enable-sp, or --enable-sp-math) contain a timing side channel in ECDSA signature generation.

1.2