Weekly Vulnerabilities Reports > October 28 to November 3, 2019

Overview

261 new vulnerabilities reported during this period, including 25 critical vulnerabilities and 57 high severity vulnerabilities. This weekly summary report vulnerabilities in 405 products from 156 vendors including Debian, Redhat, Fedoraproject, Schneider Electric, and Jetbrains. Vulnerabilities are notably categorized as "Cross-site Scripting", "Improper Input Validation", "Information Exposure", "SQL Injection", and "Path Traversal".

  • 230 reported vulnerabilities are remotely exploitables.
  • 2 reported vulnerabilities have public exploit available.
  • 91 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 201 reported vulnerabilities are exploitable by an anonymous user.
  • Debian has the most reported vulnerabilities, with 39 reported vulnerabilities.
  • Mitsubishielectric has the most reported critical vulnerabilities, with 4 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

25 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-10-31 CVE-2019-13551 Advantech Path Traversal vulnerability in Advantech Wise-Paas/Rmm 3.3.29

Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior.

10.0
2019-10-31 CVE-2019-13547 Advantech Missing Authentication for Critical Function vulnerability in Advantech Wise-Paas/Rmm 3.3.29

Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior.

10.0
2019-10-31 CVE-2018-4031 Getcujo Code Injection vulnerability in Getcujo Smart Firewall 7003

An exploitable vulnerability exists in the safe browsing function of the CUJO Smart Firewall, version 7003.

10.0
2019-10-28 CVE-2019-18189 Trendmicro Path Traversal vulnerability in Trendmicro Apex One, Officescan and Worry-Free Business Security

A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (11.0, XG) and Worry-Free Business Security (9.5, 10.0) may allow an attacker to bypass authentication and log on to an affected product's management console as a root user.

10.0
2019-10-28 CVE-2019-17181 Intrasrv Project Classic Buffer Overflow vulnerability in Intrasrv Project Intrasrv 1.0

A remote SEH buffer overflow has been discovered in IntraSrv 1.0 (2007-06-03).

10.0
2019-10-28 CVE-2019-14450 Repetier Server Path Traversal vulnerability in Repetier-Server

A directory traversal vulnerability was discovered in RepetierServer.exe in Repetier-Server 0.8 through 0.91 that allows for the creation of a user controlled XML file at an unintended location.

10.0
2019-10-28 CVE-2019-16662 Rconfig OS Command Injection vulnerability in Rconfig 3.9.2

An issue was discovered in rConfig 3.9.2.

10.0
2019-11-01 CVE-2011-3923 Apache
Redhat
Incorrect Permission Assignment for Critical Resource vulnerability in multiple products

Apache Struts before 2.3.1.2 allows remote attackers to bypass security protections in the ParameterInterceptor class and execute arbitrary commands.

9.8
2019-10-31 CVE-2019-18425 XEN
Debian
Fedoraproject
Opensuse
Improper Privilege Management vulnerability in multiple products

An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descriptors.

9.8
2019-10-30 CVE-2018-21029 Systemd Project
Fedoraproject
Improper Certificate Validation vulnerability in multiple products

systemd 239 through 245 accepts any certificate signed by a trusted certificate authority for DNS Over TLS.

9.8
2019-10-29 CVE-2019-18624 Opera Unspecified vulnerability in Opera Mini 44.1.2254.142553/44.1.2254.142659/44.1.2254.143214

Opera Mini for Android allows attackers to bypass intended restrictions on .apk file download/installation via an RTLO (aka Right to Left Override) approach, as demonstrated by misinterpretation of malicious%E2%80%AEtxt.apk as maliciouskpa.txt.

9.8
2019-10-29 CVE-2019-18604 Axohelp C Project
Axodraw2 Project
In axohelp.c before 1.3 in axohelp in axodraw2 before 2.1.1b, as distributed in TeXLive and other collections, sprintf is mishandled.
9.8
2019-10-29 CVE-2019-10748 Sequelizejs SQL Injection vulnerability in Sequelizejs Sequelize

Sequelize all versions prior to 3.35.1, 4.44.3, and 5.8.11 are vulnerable to SQL Injection due to JSON path keys not being properly escaped for the MySQL/MariaDB dialects.

9.8
2019-10-28 CVE-2019-11043 PHP
Canonical
Debian
Fedoraproject
Tenable
Redhat
Out-of-bounds Write vulnerability in multiple products

In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.

9.8
2019-10-28 CVE-2019-14931 Mitsubishielectric
Inea
OS Command Injection vulnerability in multiple products

An issue was discovered on Mitsubishi Electric Europe B.V.

9.8
2019-10-28 CVE-2019-14930 Mitsubishielectric
Inea
Use of Hard-coded Credentials vulnerability in multiple products

An issue was discovered on Mitsubishi Electric Europe B.V.

9.8
2019-10-28 CVE-2019-14929 Mitsubishielectric
Inea
Insufficiently Protected Credentials vulnerability in multiple products

An issue was discovered on Mitsubishi Electric Europe B.V.

9.8
2019-10-28 CVE-2019-14926 Mitsubishielectric
Inea
Use of Hard-coded Credentials vulnerability in multiple products

An issue was discovered on Mitsubishi Electric Europe B.V.

9.8
2019-11-01 CVE-2019-15588 Sonatype OS Command Injection vulnerability in Sonatype Nexus Repository Manager

There is an OS Command Injection in Nexus Repository Manager <= 2.14.14 (bypass CVE-2019-5475) that could allow an attacker a Remote Code Execution (RCE).

9.0
2019-10-31 CVE-2019-15710 Fortiguard OS Command Injection vulnerability in Fortiguard Fortiextender Firmware 4.1.1

An OS command injection vulnerability in FortiExtender 4.1.0 to 4.1.1, 4.0.0 and below under CLI admin console may allow unauthorized administrators to run arbitrary system level commands via specially crafted "execute date" commands.

9.0
2019-10-31 CVE-2013-2024 Call CC
Debian
OS Command Injection vulnerability in multiple products

OS command injection vulnerability in the "qs" procedure from the "utils" module in Chicken before 4.9.0.

9.0
2019-10-29 CVE-2018-18931 Trms Improper Privilege Management vulnerability in Trms Carousel Digital Signage 7.0.4.104

An issue was discovered in the Tightrope Media Carousel digital signage product 7.0.4.104.

9.0
2019-10-29 CVE-2019-16647 Maxthon Unquoted Search Path or Element vulnerability in Maxthon Browser

Unquoted Search Path in Maxthon 5.1.0 to 5.2.7 Browser for Windows.

9.0
2019-10-29 CVE-2011-2538 Cisco Injection vulnerability in Cisco Telepresence Video Communication Server

Cisco Video Communications Server (VCS) before X7.0.3 contains a command injection vulnerability which allows remote, authenticated attackers to execute arbitrary commands.

9.0
2019-10-28 CVE-2019-16663 Rconfig OS Command Injection vulnerability in Rconfig 3.9.2

An issue was discovered in rConfig 3.9.2.

9.0

57 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-10-31 CVE-2013-2075 Call CC Classic Buffer Overflow vulnerability in Call-Cc Chicken

Multiple buffer overflows in the (1) R5RS char-ready, (2) tcp-accept-ready, and (3) file-select procedures in Chicken through 4.8.0.3 allows attackers to cause a denial of service (crash) by opening a file descriptor with a large integer value.

8.8
2019-10-31 CVE-2019-18423 XEN
Debian
Fedoraproject
Off-by-one Error vulnerability in multiple products

An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service via a XENMEM_add_to_physmap hypercall.

8.8
2019-10-31 CVE-2019-18422 XEN
Debian
Fedoraproject
Incorrect Permission Assignment for Critical Resource vulnerability in multiple products

An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service or gain privileges by leveraging the erroneous enabling of interrupts.

8.8
2019-10-29 CVE-2019-3977 Mikrotik Download of Code Without Integrity Check vulnerability in Mikrotik Routeros

RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below insufficiently validate where upgrade packages are download from when using the autoupgrade feature.

8.5
2019-10-31 CVE-2019-5043 Google Allocation of Resources Without Limits or Throttling vulnerability in Google Nest CAM IQ Indoor Firmware 4620002

An exploitable denial-of-service vulnerability exists in the Weave daemon of the Nest Cam IQ Indoor, version 4620002.

7.8
2019-10-31 CVE-2018-3983 Atlantiswordprocessor Access of Uninitialized Pointer vulnerability in Atlantiswordprocessor Atlantis Word Processor 3.0.2.3/3.0.2.5

An exploitable uninitialized pointer vulnerability exists in the Word document parser of the the Atlantis Word Processor.

7.8
2019-10-28 CVE-2019-3636 Mcafee Cleartext Storage of Sensitive Information vulnerability in Mcafee Total Protection

A File Masquerade vulnerability in McAfee Total Protection (MTP) version 16.0.R21 and earlier in Windows client allowed an attacker to read the plaintext list of AV-Scan exclusion files from the Windows registry, and to possibly replace excluded files with potential malware without being detected.

7.8
2019-10-31 CVE-2019-3421 ZTW Command Injection vulnerability in ZTW Zx297520V3 Firmware 7520V3V1.0.0B09P27

The 7520V3V1.0.0B09P27 version, and all earlier versions of ZTE product ZX297520V3 are impacted by a Command Injection vulnerability.

7.7
2019-11-02 CVE-2019-18662 Youphptube SQL Injection vulnerability in Youphptube

An issue was discovered in YouPHPTube through 7.7.

7.5
2019-11-01 CVE-2013-2739 Readymedia Project
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

MiniDLNA has heap-based buffer overflow

7.5
2019-11-01 CVE-2005-3056 Twiki Injection vulnerability in Twiki 200409023

TWiki allows arbitrary shell command execution via the Include function

7.5
2019-11-01 CVE-2013-2738 Readymedia Project SQL Injection vulnerability in Readymedia Project Readymedia

minidlna has SQL Injection that may allow retrieval of arbitrary files

7.5
2019-10-31 CVE-2019-18226 Honeywell Authentication Bypass by Capture-replay vulnerability in Honeywell products

Honeywell equIP series and Performance series IP cameras and recorders, A vulnerability exists in the affected products where IP cameras and recorders have a potential replay attack vulnerability as a weak authentication method is retained for compatibility with legacy products.

7.5
2019-10-31 CVE-2019-5010 Python
Opensuse
Debian
Redhat
NULL Pointer Dereference vulnerability in multiple products

An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6.

7.5
2019-10-31 CVE-2019-13508 Freetds
Canonical
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

FreeTDS through 1.1.11 has a Buffer Overflow.

7.5
2019-10-31 CVE-2018-4002 Cujo Uncontrolled Recursion vulnerability in Cujo Smart Firewall Firmware 7003

An exploitable denial-of-service vulnerability exists in the mdnscap binary of the CUJO Smart Firewall running firmware 7003.

7.5
2019-10-31 CVE-2012-6125 Call CC Improper Input Validation vulnerability in Call-Cc Chicken

Chicken before 4.8.0 is susceptible to algorithmic complexity attacks related to hash table collisions.

7.5
2019-10-31 CVE-2019-5151 Youphptube SQL Injection vulnerability in Youphptube 7.7

An exploitable SQL injection vulnerability exist in YouPHPTube 7.7.

7.5
2019-10-31 CVE-2019-5049 AMD Out-of-bounds Write vulnerability in AMD products

An exploitable memory corruption vulnerability exists in AMD ATIDXX64.DLL driver, versions 25.20.15031.5004 and 25.20.15031.9002.

7.5
2019-10-31 CVE-2013-1910 Baseurl
Debian
Improper Input Validation vulnerability in multiple products

yum does not properly handle bad metadata, which allows an attacker to cause a denial of service and possibly have other unspecified impact via a Trojan horse file in the metadata of a remote repository.

7.5
2019-10-31 CVE-2019-18464 Ipswitch SQL Injection vulnerability in Ipswitch Moveit Transfer

In Progress MOVEit Transfer 10.2 before 10.2.6 (2018.3), 11.0 before 11.0.4 (2019.0.4), and 11.1 before 11.1.3 (2019.1.3), multiple SQL Injection vulnerabilities have been found in the REST API that could allow an unauthenticated attacker to gain unauthorized access to the database.

7.5
2019-10-31 CVE-2019-18368 Jetbrains Unspecified vulnerability in Jetbrains Toolbox

In JetBrains Toolbox App before 1.15.5666 for Windows, privilege escalation was possible.

7.5
2019-10-31 CVE-2009-5043 Burn Project
Debian
Improper Handling of Exceptional Conditions vulnerability in multiple products

burn allows file names to escape via mishandled quotation marks

7.5
2019-10-31 CVE-2009-5041 Debian Classic Buffer Overflow vulnerability in Debian Overkill

overkill has buffer overflow via long player names that can corrupt data on the server machine

7.5
2019-10-31 CVE-2019-18364 Jetbrains Deserialization of Untrusted Data vulnerability in Jetbrains Teamcity

In JetBrains TeamCity before 2019.1.4, insecure Java Deserialization could potentially allow remote code execution.

7.5
2019-10-31 CVE-2019-18421 XEN
Debian
Fedoraproject
Opensuse
Race Condition vulnerability in multiple products

An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations.

7.5
2019-10-30 CVE-2010-0748 Transmissionbt
Linux
Debian
Improper Input Validation vulnerability in multiple products

Transmission before 1.92 allows an attacker to cause a denial of service (crash) or possibly have other unspecified impact via a large number of tr arguments in a magnet link.

7.5
2019-10-30 CVE-2019-18633 Europa Improper Certificate Validation vulnerability in Europa Eidas-Node Integration Package 2.1

European Commission eIDAS-Node Integration Package before 2.3.1 has Missing Certificate Validation because a certain ExplicitKeyTrustEvaluator return value is not checked.

7.5
2019-10-30 CVE-2019-18632 Europa Improper Certificate Validation vulnerability in Europa Eidas-Node Integration Package

European Commission eIDAS-Node Integration Package before 2.3.1 allows Certificate Faking because an attacker can sign a manipulated SAML response with a forged certificate.

7.5
2019-10-30 CVE-2019-10762 Medoo SQL Injection vulnerability in Medoo

columnQuote in medoo before 1.7.5 allows remote attackers to perform a SQL Injection due to improper escaping.

7.5
2019-10-30 CVE-2018-5742 ISC Reachable Assertion vulnerability in ISC Bind 9.9.465/9.9.472

While backporting a feature for a newer branch of BIND9, RedHat introduced a path leading to an assertion failure in buffer.c:420.

7.5
2019-10-29 CVE-2012-0694 Sugarcrm Improper Input Validation vulnerability in Sugarcrm 6.3.1

SugarCRM CE <= 6.3.1 contains scripts that use "unserialize()" with user controlled input which allows remote attackers to execute arbitrary PHP code.

7.5
2019-10-29 CVE-2018-19151 Qtum Resource Exhaustion vulnerability in Qtum

qtum through 0.16 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service.

7.5
2019-10-29 CVE-2019-8287 Tightvnc Classic Buffer Overflow vulnerability in Tightvnc 1.3.10

TightVNC code version 1.3.10 contains global buffer overflow in HandleCoRREBBP macro function, which can potentially result code execution.

7.5
2019-10-29 CVE-2019-15683 Turbovnc Out-of-bounds Write vulnerability in Turbovnc

TurboVNC server code contains stack buffer overflow vulnerability in commit prior to cea98166008301e614e0d36776bf9435a536136e.

7.5
2019-10-29 CVE-2019-15679 Tightvnc Out-of-bounds Write vulnerability in Tightvnc 1.3.10

TightVNC code version 1.3.10 contains heap buffer overflow in InitialiseRFBConnection function, which can potentially result code execution.

7.5
2019-10-29 CVE-2019-15678 Tightvnc Out-of-bounds Write vulnerability in Tightvnc 1.3.10

TightVNC code version 1.3.10 contains heap buffer overflow in rfbServerCutText handler, which can potentially result code execution..

7.5
2019-10-29 CVE-2019-10749 Sequelizejs SQL Injection vulnerability in Sequelizejs Sequelize

sequelize before version 3.35.1 allows attackers to perform a SQL Injection due to the JSON path keys not being properly sanitized in the Postgres dialect.

7.5
2019-10-29 CVE-2019-10211 Postgresql Unspecified vulnerability in Postgresql

Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via bundled OpenSSL executing code from unprotected directory.

7.5
2019-10-29 CVE-2019-0210 Apache
Redhat
Oracle
Out-of-bounds Read vulnerability in multiple products

In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data.

7.5
2019-10-29 CVE-2019-0205 Apache
Redhat
Oracle
Infinite Loop vulnerability in multiple products

In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data.

7.5
2019-10-29 CVE-2012-1187 Bitlbee Improper Check for Dropped Privileges vulnerability in Bitlbee 3.0.4

Bitlbee does not drop extra group privileges correctly in unix.c

7.5
2019-10-29 CVE-2010-3375 Qtparted Project Improper Input Validation vulnerability in Qtparted Project Qtparted 0.4.59

qtparted has insecure library loading which may allow arbitrary code execution

7.5
2019-10-29 CVE-2009-3887 Ytnef Project Path Traversal vulnerability in Ytnef Project Ytnef

ytnef has directory traversal

7.5
2019-10-29 CVE-2009-3723 Sangoma
Debian
Incorrect Authorization vulnerability in multiple products

asterisk allows calls on prohibited networks

7.5
2019-10-29 CVE-2019-4339 IBM Inadequate Encryption Strength vulnerability in IBM Security Guardium BIG Data Intelligence 4.0

IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

7.5
2019-10-29 CVE-2019-4314 IBM Cleartext Storage of Sensitive Information vulnerability in IBM Security Guardium BIG Data Intelligence 4.0

IBM Security Guardium Big Data Intelligence (SonarG) 4.0 stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

7.5
2019-10-28 CVE-2019-16897 K7Computing Improper Privilege Management vulnerability in K7Computing products

In K7 Antivirus Premium 16.0.xxx through 16.0.0120; K7 Total Security 16.0.xxx through 16.0.0120; and K7 Ultimate Security 16.0.xxx through 16.0.0120, the module K7TSHlpr.dll improperly validates the administrative privileges of the user, allowing arbitrary registry writes in the K7AVOptn.dll module to facilitate escalation of privileges via inter-process communication with a service process.

7.5
2019-10-28 CVE-2010-4239 Tiki Improper Input Validation vulnerability in Tiki Tikiwiki Cms/Groupware 5.2

Tiki Wiki CMS Groupware 5.2 has Local File Inclusion

7.5
2019-10-28 CVE-2009-4899 Pixelpost SQL Injection vulnerability in Pixelpost 1.7.15

pixelpost 1.7.1 has SQL injection

7.5
2019-10-28 CVE-2002-2444 Snoopy Project Improper Input Validation vulnerability in Snoopy Project Snoopy 2.0.01

Snoopy before 2.0.0 has a security hole in exec cURL

7.5
2019-10-28 CVE-2019-14927 Mitsubishielectric
Inea
Forced Browsing vulnerability in multiple products

An issue was discovered on Mitsubishi Electric Europe B.V.

7.5
2019-11-01 CVE-2013-0165 Redhat Improper Input Validation vulnerability in Redhat Openshift

cartridges/openshift-origin-cartridge-mongodb-2.2/info/bin/dump.sh in OpenShift does not properly create files in /tmp.

7.3
2019-10-31 CVE-2019-18396 Technicolor OS Command Injection vulnerability in Technicolor Td5130V2 Firmware Oifwv20

An issue was discovered in certain Oi third-party firmware that may be installed on Technicolor TD5130v2 devices.

7.2
2019-10-31 CVE-2019-12612 Bitdefender Unspecified vulnerability in Bitdefender BOX Firmware

An issue was discovered in Bitdefender BOX firmware versions before 2.1.37.37-34 that allows an attacker to pass arbitrary code to the BOX appliance via the web API.

7.2
2019-10-29 CVE-2010-2061 Rpcbind Project Improper Input Validation vulnerability in Rpcbind Project Rpcbind 0.2.0

rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr, which can be created by an attacker before the daemon is started.

7.2
2019-10-29 CVE-2019-10210 Postgresql Insufficiently Protected Credentials vulnerability in Postgresql

Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via superuser writing password to unprotected temporary file.

7.0

157 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-11-01 CVE-2005-2352 GS GPL Project Race Condition vulnerability in Gs-Gpl Project Gs-Gpl

I race condition in Temp files was found in gs-gpl before 8.56 addons scripts.

6.8
2019-11-01 CVE-2013-1666 Foswiki Code Injection vulnerability in Foswiki

Foswiki before 1.1.8 contains a code injection vulnerability in the MAKETEXT macro.

6.8
2019-10-31 CVE-2019-16675 Phoenixcontact Out-of-bounds Read vulnerability in Phoenixcontact Config+ and PC Worx

An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86.

6.8
2019-10-31 CVE-2019-5030 Antennahouse Out-of-bounds Write vulnerability in Antennahouse Rainbow PDF Office Server Document Converter 7.0.2019.0220

A buffer overflow vulnerability exists in the PowerPoint document conversion function of Rainbow PDF Office Server Document Converter V7.0 Pro MR1 (7,0,2019,0220).

6.8
2019-10-31 CVE-2019-5150 Youphptube SQL Injection vulnerability in Youphptube 7.7

An exploitable SQL injection vulnerability exist in YouPHPTube 7.7.

6.8
2019-10-31 CVE-2019-18465 Ipswitch Missing Authentication for Critical Function vulnerability in Ipswitch Moveit Transfer 11.1/11.1.1

In Progress MOVEit Transfer 11.1 before 11.1.3, a vulnerability has been found that could allow an attacker to sign in without full credentials via the SSH (SFTP) interface.

6.8
2019-10-31 CVE-2019-18424 XEN
Debian
Fedoraproject
Opensuse
OS Command Injection vulnerability in multiple products

An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device.

6.8
2019-10-30 CVE-2019-17323 Clipsoft XML Injection (aka Blind XPath Injection) vulnerability in Clipsoft Rexpert 1.0.0.527

ClipSoft REXPERT 1.0.0.527 and earlier version allows arbitrary file creation and execution via report print function of rexpert viewer with modified XML document.

6.8
2019-10-30 CVE-2019-18206 Zucchetti Cross-Site Request Forgery (CSRF) vulnerability in Zucchetti Infobusiness 4.4.1

A cross-site request forgery (CSRF) vulnerability in Zucchetti InfoBusiness before and including 4.4.1 allows arbitrary file upload.

6.8
2019-10-29 CVE-2019-9926 Labkey Cross-Site Request Forgery (CSRF) vulnerability in Labkey Server 19.1.0

An issue was discovered in LabKey Server 19.1.0.

6.8
2019-10-28 CVE-2010-4241 Tiki Cross-Site Request Forgery (CSRF) vulnerability in Tiki Tikiwiki Cms/Groupware 5.2

Tiki Wiki CMS Groupware 5.2 has CSRF

6.8
2019-10-31 CVE-2019-18420 XEN
Debian
Fedoraproject
Use of Externally-Controlled Format String vulnerability in multiple products

An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via a VCPUOP_initialise hypercall.

6.5
2019-10-30 CVE-2019-18204 Zucchetti Unrestricted Upload of File with Dangerous Type vulnerability in Zucchetti Infobusiness 4.4.1

Zucchetti InfoBusiness before and including 4.4.1 allows any authenticated user to upload .php files in order to achieve code execution.

6.5
2019-10-29 CVE-2018-18930 Trms Unrestricted Upload of File with Dangerous Type vulnerability in Trms Carousel Digital Signage 7.0.4.104

The Tightrope Media Carousel digital signage product 7.0.4.104 contains an arbitrary file upload vulnerability in the Manage Bulletins/Upload feature, which can be leveraged to gain remote code execution.

6.5
2019-10-29 CVE-2019-3976 Mikrotik Path Traversal vulnerability in Mikrotik Routeros

RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below are vulnerable to an arbitrary directory creation vulnerability via the upgrade package's name field.

6.5
2019-10-29 CVE-2019-10208 Postgresql SQL Injection vulnerability in Postgresql

A flaw was discovered in postgresql versions 9.4.x before 9.4.24, 9.5.x before 9.5.19, 9.6.x before 9.6.15, 10.x before 10.10 and 11.x before 11.5 where arbitrary SQL statements can be executed given a suitable SECURITY DEFINER function.

6.5
2019-10-29 CVE-2019-4546 IBM Improper Privilege Management vulnerability in IBM products

After installing the IBM Maximo Health- Safety and Environment Manager 7.6.1, a user is granted additional privileges that they are not normally allowed to access.

6.5
2019-10-29 CVE-2019-4306 IBM Exposure of Resource to Wrong Sphere vulnerability in IBM Security Guardium BIG Data Intelligence 4.0

IBM Security Guardium Big Data Intelligence (SonarG) 4.0 specifies permissions for a security-critical resource which could lead to the exposure of sensitive information or the modification of that resource by unintended parties.

6.5
2019-10-28 CVE-2019-18195 Terra Master Unspecified vulnerability in Terra-Master F2-210 Firmware 4.0.19

An issue was discovered on TerraMaster FS-210 4.0.19 devices.

6.5
2019-10-28 CVE-2019-14925 Mitsubishielectric
Inea
Incorrect Default Permissions vulnerability in multiple products

An issue was discovered on Mitsubishi Electric Europe B.V.

6.5
2019-10-31 CVE-2010-2783 Redhat Information Exposure vulnerability in Redhat Icedtea6 1.7

IcedTea6 before 1.7.4 allow unsigned apps to read and write arbitrary files, related to Extended JNLP Services.

6.4
2019-10-31 CVE-2010-2548 Redhat Incorrect Authorization vulnerability in Redhat Icedtea6 1.7

IcedTea6 before 1.7.4 does not properly check property access, which allows unsigned apps to read and write arbitrary files.

6.4
2019-10-31 CVE-2009-5042 Python Docutils Project
Debian
Exposure of Resource to Wrong Sphere vulnerability in multiple products

python-docutils allows insecure usage of temporary files

6.4
2019-10-29 CVE-2011-1408 Ikiwiki
Debian
Link Following vulnerability in multiple products

ikiwiki before 3.20110608 allows remote attackers to hijack root's tty and run symlink attacks.

6.4
2019-11-01 CVE-2019-18654 AVG Cross-site Scripting vulnerability in AVG Anti-Virus 19.3.3084

A Cross Site Scripting (XSS) issue exists in AVG AntiVirus (Internet Security Edition) 19.3.3084 build 19.3.4241.440 in the Network Notification Popup, allowing an attacker to execute JavaScript code via an SSID Name.

6.1
2019-11-01 CVE-2019-18653 Avast Cross-site Scripting vulnerability in Avast Antivirus 19.3.2369

A Cross Site Scripting (XSS) issue exists in Avast AntiVirus (Free, Internet Security, and Premiere Edition) 19.3.2369 build 19.3.4241.440 in the Network Notification Popup, allowing an attacker to execute JavaScript code via an SSID Name.

6.1
2019-11-01 CVE-2013-0186 Redhat Cross-site Scripting vulnerability in Redhat products

Multiple cross-site scripting (XSS) vulnerabilities in ManageIQ EVM allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

6.1
2019-10-30 CVE-2018-18678 SIR Cross-site Scripting vulnerability in SIR Gnuboard

GNUBOARD5 before 5.3.2.0 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "board group extra contents" parameter, aka the adm/boardgroup_form_update.php gr_1~10 parameter.

6.1
2019-11-01 CVE-2010-3661 Typo3 Open Redirect vulnerability in Typo3

TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Open Redirection on the backend.

5.8
2019-10-31 CVE-2019-18644 Totaldefense Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Totaldefense Anti-Virus 11.5.2.28

The malware scan function in Total Defense Anti-virus 11.5.2.28 is vulnerable to a TOCTOU bug; consequently, symbolic link attacks allow privileged files to be deleted.

5.8
2019-10-28 CVE-2019-18466 Libpod Project Link Following vulnerability in Libpod Project Libpod

An issue was discovered in Podman in libpod before 1.6.0.

5.8
2019-10-31 CVE-2018-4064 Sierrawireless Improper Authentication vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3

An exploitable unverified password change vulnerability exists in the ACEManager upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3.

5.5
2019-10-30 CVE-2010-0398 Autokey Project Link Following vulnerability in Autokey Project Autokey

The init script in autokey before 0.61.3-2 allows local attackers to write to arbitrary files via a symlink attack.

5.5
2019-10-29 CVE-2019-10743 Archiver Project Path Traversal vulnerability in Archiver Project Archiver

All versions of archiver allow attacker to perform a Zip Slip attack via the "unarchive" functions.

5.5
2019-10-29 CVE-2019-4309 IBM Use of Hard-coded Credentials vulnerability in IBM Security Guardium BIG Data Intelligence 4.0

IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses hard coded credentials which could allow a local user to obtain highly sensitive information.

5.5
2019-10-29 CVE-2019-4307 IBM Insufficiently Protected Credentials vulnerability in IBM Security Guardium BIG Data Intelligence 4.0

IBM Security Guardium Big Data Intelligence (SonarG) 4.0 stores user credentials in plain in clear text which can be read by a local user.

5.5
2019-10-28 CVE-2019-14928 Mitsubishielectric
Inea
Cross-site Scripting vulnerability in multiple products

An issue was discovered on Mitsubishi Electric Europe B.V.

5.4
2019-10-31 CVE-2019-14356 Coinkite Information Exposure Through Discrepancy vulnerability in Coinkite Coldcard MK1 Firmware and Coldcard MK2 Firmware

On Coldcard MK1 and MK2 devices, a side channel for the row-based OLED display was found.

5.3
2019-10-29 CVE-2019-4311 IBM Incorrect Authorization vulnerability in IBM Security Guardium BIG Data Intelligence 4.0

IBM Security Guardium Big Data Intelligence (SonarG) 4.0 discloses sensitive information to unauthorized users.

5.3
2019-10-30 CVE-2010-0737 Redhat Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Jboss Operations Network

A missing permission check was found in The CLI in JBoss Operations Network before 2.3.1 does not properly check permissions, which allows JBoss ON users to perform management tasks and configuration changes with the privileges of the administrator user.

5.2
2019-11-02 CVE-2019-18665 Secudos Path Traversal vulnerability in Secudos Domos

The Log module in SECUDOS DOMOS before 5.6 allows local file inclusion.

5.0
2019-11-02 CVE-2019-18661 Fastweb Improper Authentication vulnerability in Fastweb Fastgate Firmware 1.0.1B

Fastweb FASTGate 1.0.1b devices allow partial authentication bypass by changing a certain check_pwd return value from 0 to 1.

5.0
2019-11-02 CVE-2019-18659 Ready Use of a Broken or Risky Cryptographic Algorithm vulnerability in Ready Wireless Emergency Alerts

The Wireless Emergency Alerts (WEA) protocol allows remote attackers to spoof a Presidential Alert because cryptographic authentication is not used, as demonstrated by MessageIdentifier 4370 in LTE System Information Block 12 (aka SIB12).

5.0
2019-11-01 CVE-2019-6470 ISC
Redhat
Opensuse
There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode.
5.0
2019-11-01 CVE-2013-2227 Glpi Project
Debian
Improper Input Validation vulnerability in multiple products

GLPI 0.83.7 has Local File Inclusion in common.tabs.php.

5.0
2019-11-01 CVE-2019-16908 Infosysta Information Exposure vulnerability in Infosysta In-App & Desktop Notifications 1.6.13J8

An issue was discovered in the Infosysta "In-App & Desktop Notifications" app before 1.6.14_J8 for Jira.

5.0
2019-11-01 CVE-2013-2600 Miniupnp Project
Debian
Information Exposure vulnerability in multiple products

MiniUPnPd has information disclosure use of snprintf()

5.0
2019-10-31 CVE-2019-18230 Honeywell Missing Authentication for Critical Function vulnerability in Honeywell products

Honeywell equIP and Performance series IP cameras, multiple versions, A vulnerability exists where the affected product allows unauthenticated access to audio streaming over HTTP.

5.0
2019-10-31 CVE-2019-18228 Honeywell Improper Input Validation vulnerability in Honeywell products

Honeywell equIP series IP cameras Multiple equIP Series Cameras, A vulnerability exists in the affected products where a specially crafted HTTP packet request could result in a denial of service.

5.0
2019-10-31 CVE-2019-18227 Advantech XXE vulnerability in Advantech Wise-Paas/Rmm 3.3.29

Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior.

5.0
2019-10-31 CVE-2019-16907 Infosysta Missing Authentication for Critical Function vulnerability in Infosysta In-App & Desktop Notifications 1.6.13J8

An issue was discovered in the Infosysta "In-App & Desktop Notifications" app 1.6.13_J8 for Jira.

5.0
2019-10-31 CVE-2019-16906 Infosysta Missing Authentication for Critical Function vulnerability in Infosysta In-App & Desktop Notifications 1.6.13J8

An issue was discovered in the Infosysta "In-App & Desktop Notifications" app 1.6.13_J8 for Jira.

5.0
2019-10-31 CVE-2012-6124 Call CC Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Call-Cc Chicken

A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to return a constant value.

5.0
2019-10-31 CVE-2012-6123 Call CC
Debian
Improper Input Validation vulnerability in multiple products

Chicken before 4.8.0 does not properly handle NUL bytes in certain strings, which allows an attacker to conduct "poisoned NUL byte attack."

5.0
2019-10-31 CVE-2012-6122 Call CC Classic Buffer Overflow vulnerability in Call-Cc Chicken

Buffer overflow in the thread scheduler in Chicken before 4.8.0.1 allows attackers to cause a denial of service (crash) by opening a file descriptor with a large integer value.

5.0
2019-10-31 CVE-2019-18657 Yandex Injection vulnerability in Yandex Clickhouse

ClickHouse before 19.13.5.44 allows HTTP header injection via the url table function.

5.0
2019-10-31 CVE-2019-18369 Jetbrains Incorrect Default Permissions vulnerability in Jetbrains Youtrack

In JetBrains YouTrack before 2019.2.55152, removing tags from the issues list without the corresponding permission was possible.

5.0
2019-10-31 CVE-2019-18367 Jetbrains Incorrect Default Permissions vulnerability in Jetbrains Teamcity

In JetBrains TeamCity before 2019.1.2, a non-destructive operation could be performed by a user without the corresponding permissions.

5.0
2019-10-31 CVE-2019-18366 Jetbrains Incorrect Default Permissions vulnerability in Jetbrains Teamcity

In JetBrains TeamCity before 2019.1.2, secure values could be exposed to users with the "View build runtime parameters and data" permission.

5.0
2019-10-31 CVE-2019-18363 Jetbrains Information Exposure vulnerability in Jetbrains Teamcity

In JetBrains TeamCity before 2019.1.2, access could be gained to the history of builds of a deleted build configuration under some circumstances.

5.0
2019-10-31 CVE-2019-18362 Jetbrains Information Exposure vulnerability in Jetbrains MPS

JetBrains MPS before 2019.2.2 exposed listening ports to the network.

5.0
2019-10-31 CVE-2019-18360 Jetbrains Information Exposure vulnerability in Jetbrains HUB

In JetBrains Hub versions earlier than 2019.1.11738, username enumeration was possible through password recovery.

5.0
2019-10-31 CVE-2018-21030 Jupyter Incorrect Authorization vulnerability in Jupyter Notebook

Jupyter Notebook before 5.5.0 does not use a CSP header to treat served files as belonging to a separate origin.

5.0
2019-10-30 CVE-2010-0749 Transmissionbt
Linux
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

Transmission before 1.92 allows attackers to prevent download of a file by corrupted data during the endgame.

5.0
2019-10-30 CVE-2019-18635 Themooltipass NULL Pointer Dereference vulnerability in Themooltipass Moolticute

An issue was discovered in Mooltipass Moolticute through v0.42.1 and v0.42.x-testing through v0.42.5-testing.

5.0
2019-10-30 CVE-2019-17321 Clipsoft Information Exposure vulnerability in Clipsoft Rexpert 1.0.0.527

ClipSoft REXPERT 1.0.0.527 and earlier version have an information disclosure issue.

5.0
2019-10-30 CVE-2013-1391 Huntcctv
Capturecctv
Hachi
Novuscctv
VSP
Improper Authentication vulnerability in multiple products

Authentication bypass vulnerability in the the web interface in Hunt CCTV, Capture CCTV, Hachi CCTV, NoVus CCTV, and Well-Vision Inc DVR systems allows a remote attacker to retrieve the device configuration.

5.0
2019-10-30 CVE-2018-16417 Arubanetworks
Siemens
Command Injection vulnerability in multiple products

Aruba Instant 4.x prior to 6.4.4.8-4.2.4.12, 6.5.x prior to 6.5.4.11, 8.3.x prior to 8.3.0.6, and 8.4.x prior to 8.4.0.1 allows Command injection.

5.0
2019-10-30 CVE-2019-15682 Rdesktop Out-of-bounds Read vulnerability in Rdesktop 1.8.4

RDesktop version 1.8.4 contains multiple out-of-bound access read vulnerabilities in its code, which results in a denial of service (DoS) condition.

5.0
2019-10-30 CVE-2019-7620 Elastic Unspecified vulnerability in Elastic Logstash

Logstash versions before 7.4.1 and 6.8.4 contain a denial of service flaw in the Logstash Beats input plugin.

5.0
2019-10-30 CVE-2019-7619 Elastic Unspecified vulnerability in Elastic Elasticsearch

Elasticsearch versions 7.0.0-7.3.2 and 6.7.0-6.8.3 contain a username disclosure flaw was found in the API Key service.

5.0
2019-10-30 CVE-2018-5735 Debian Reachable Assertion vulnerability in Debian Linux 10.0/8.0/9.0

The Debian backport of the fix for CVE-2017-3137 leads to assertion failure in validator.c:1858; Affects Debian versions 9.9.5.dfsg-9+deb8u15; 9.9.5.dfsg-9+deb8u18; 9.10.3.dfsg.P4-12.3+deb9u5; 9.11.5.P4+dfsg-5.1 No ISC releases are affected.

5.0
2019-10-29 CVE-2010-1678 Osgeo Improper Input Validation vulnerability in Osgeo Mapserver

Mapserver 5.2, 5.4 and 5.6 before 5.6.5-2 improperly validates symbol index values during Mapfile parsing.

5.0
2019-10-29 CVE-2019-9757 Labkey XXE vulnerability in Labkey Server 19.1.0

An issue was discovered in LabKey Server 19.1.0.

5.0
2019-10-29 CVE-2019-6851 Schneider Electric Information Exposure vulnerability in Schneider-Electric products

A CWE-538: File and Directory Information Exposure vulnerability exists in Modicon M580, Modicon M340, Modicon Premium , Modicon Quantum (all firmware versions), which could cause the disclosure of information from the controller when using TFTP protocol.

5.0
2019-10-29 CVE-2019-6850 Schneider Electric Information Exposure vulnerability in Schneider-Electric products

A CWE-200: Information Exposure vulnerability exists in Modicon M580, Modicon BMENOC 0311, and Modicon BMENOC 0321, which could cause the disclosure of sensitive information when reading specific registers with the REST API of the controller/communication module.

5.0
2019-10-29 CVE-2019-6849 Schneider Electric Information Exposure vulnerability in Schneider-Electric products

A CWE-200: Information Exposure vulnerability exists in Modicon M580, Modicon BMENOC 0311, and Modicon BMENOC 0321, which could cause the disclosure of sensitive information when using specific Modbus services provided by the REST API of the controller/communication module.

5.0
2019-10-29 CVE-2019-6848 Schneider Electric Improper Handling of Exceptional Conditions vulnerability in Schneider-Electric products

A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580 CPU (BMEx58*) and Modicon M580 communication module (BMENOC0311, BMENOC0321) (see notification for version info), which could cause a Denial of Service attack on the PLC when sending specific data on the REST API of the controller/communication module.

5.0
2019-10-29 CVE-2019-6845 Schneider Electric Cleartext Transmission of Sensitive Information vulnerability in Schneider-Electric products

A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580, Modicon M340, Modicon Premium , Modicon Quantum (all firmware versions), which could cause the disclosure of information when transferring applications to the controller using Modbus TCP protocol.

5.0
2019-10-29 CVE-2019-3979 Mikrotik Improper Input Validation vulnerability in Mikrotik Routeros

RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below are vulnerable to a DNS unrelated data attack.

5.0
2019-10-29 CVE-2019-3978 Mikrotik Missing Authentication for Critical Function vulnerability in Mikrotik Routeros

RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below allow remote unauthenticated attackers to trigger DNS queries via port 8291.

5.0
2019-10-29 CVE-2019-18612 Mediawiki Information Exposure vulnerability in Mediawiki Abusefilter

An issue was discovered in the AbuseFilter extension through 1.34 for MediaWiki.

5.0
2019-10-29 CVE-2019-18608 Cezerin Improper Input Validation vulnerability in Cezerin 0.33.0

Cezerin v0.33.0 allows unauthorized order-information modification because certain internal attributes can be overwritten via a conflicting name when processing order requests.

5.0
2019-10-29 CVE-2019-18602 Openafs
Debian
Use of Uninitialized Resource vulnerability in multiple products

OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to an information disclosure vulnerability because uninitialized scalars are sent over the network to a peer.

5.0
2019-10-29 CVE-2019-18601 Openafs Deserialization of Untrusted Data vulnerability in Openafs

OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to denial of service from unserialized data access because remote attackers can make a series of VOTE_Debug RPC calls to crash a database server within the SVOTE_Debug RPC handler.

5.0
2019-10-29 CVE-2019-15681 Libvnc Project
Canonical
Debian
Siemens
Improper Initialization vulnerability in multiple products

LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure.

5.0
2019-10-29 CVE-2019-15680 Tightvnc NULL Pointer Dereference vulnerability in Tightvnc 1.3.10

TightVNC code version 1.3.10 contains null pointer dereference in HandleZlibBPP function, which results Denial of System (DoS).

5.0
2019-10-29 CVE-2012-2945 Apache Link Following vulnerability in Apache Hadoop 1.0.3

Hadoop 1.0.3 contains a symlink vulnerability.

5.0
2019-10-29 CVE-2012-0046 Mediawiki Information Exposure vulnerability in Mediawiki

mediawiki allows deleted text to be exposed

5.0
2019-10-29 CVE-2011-4931 GPW Project
Debian
Weak Password Requirements vulnerability in multiple products

gpw generates shorter passwords than required

5.0
2019-10-29 CVE-2019-4600 IBM Unspecified vulnerability in IBM API Connect

IBM API Connect version V5.0.0.0 through 5.0.8.7 could reveal sensitive information to an attacker using a specially crafted HTTP request.

5.0
2019-10-28 CVE-2019-18188 Trendmicro Unrestricted Upload of File with Dangerous Type vulnerability in Trendmicro Apex ONE 2019

Trend Micro Apex One could be exploited by an attacker utilizing a command injection vulnerability to extract files from an arbitrary zip file to a specific folder on the Apex One server, which could potentially lead to remote code execution (RCE).

5.0
2019-10-28 CVE-2019-18187 Trendmicro Path Traversal vulnerability in Trendmicro Officescan 11.0/Xg

Trend Micro OfficeScan versions 11.0 and XG (12.0) could be exploited by an attacker utilizing a directory traversal vulnerability to extract files from an arbitrary zip file to a specific folder on the OfficeScan server, which could potentially lead to remote code execution (RCE).

5.0
2019-10-28 CVE-2017-15725 Devada XXE vulnerability in Devada Dzone Answerhub

An XML External Entity Injection vulnerability exists in Dzone AnswerHub.

5.0
2019-10-28 CVE-2012-5577 Python
Debian
Incorrect Default Permissions vulnerability in multiple products

Python keyring lib before 0.10 created keyring files with world-readable permissions.

5.0
2019-10-28 CVE-2019-17224 Compal Path Traversal vulnerability in Compal Ch7465Lg Firmware Ch7465Lgncip6.12.18.252P6Nosh

The web interface of the Compal Broadband CH7465LG modem (version CH7465LG-NCIP-6.12.18.25-2p6-NOSH) is vulnerable to a /%2f/ path traversal attack, which can be exploited in order to test for the existence of a file pathname outside of the web root directory.

5.0
2019-10-28 CVE-2005-2349 ZOO Project Path Traversal vulnerability in ZOO Project ZOO 2.1027

Zoo 2.10 has Directory traversal

5.0
2019-11-01 CVE-2013-4751 Sensiolabs
Fedoraproject
Redhat
Improper Input Validation vulnerability in multiple products

php-symfony2-Validator has loss of information during serialization

4.9
2019-10-30 CVE-2019-12417 Apache Cross-site Scripting vulnerability in Apache Airflow

A malicious admin user could edit the state of objects in the Airflow metadata database to execute arbitrary javascript on certain page views.

4.8
2019-11-01 CVE-2013-4367 Ovirt
Linux
Incorrect Permission Assignment for Critical Resource vulnerability in Ovirt Ovirt-Engine 3.2

ovirt-engine 3.2 running on Linux kernel 3.1 and newer creates certain files world-writeable due to an upstream kernel change which impacted how python's os.chmod() works when passed a mode of '-1'.

4.6
2019-10-31 CVE-2019-16295 Control Webpanel Cross-site Scripting vulnerability in Control-Webpanel Webpanel 0.9.8.855

Stored XSS in filemanager2.php in CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.885 exists via the cmd_arg parameter.

4.6
2019-10-31 CVE-2019-18361 Jetbrains Unspecified vulnerability in Jetbrains Intellij Idea

JetBrains IntelliJ IDEA before 2019.2 allows local user privilege escalation, potentially leading to arbitrary code execution.

4.6
2019-10-30 CVE-2010-0747 Linbit
Debian
Incorrect Permission Assignment for Critical Resource vulnerability in Linbit Drbd8 2.6.26

drbd8 allows local users to bypass intended restrictions for certain actions via netlink packets, similar to CVE-2009-3725.

4.6
2019-10-28 CVE-2017-5731 Tianocore Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tianocore Edk2

Bounds checking in Tianocompress before November 7, 2017 may allow an authenticated user to potentially enable an escalation of privilege via local access.

4.6
2019-10-31 CVE-2013-2012 Autojump Project
Debian
Improper Privilege Management vulnerability in multiple products

autojump before 21.5.8 allows local users to gain privileges via a Trojan horse custom_install directory in the current working directory.

4.4
2019-11-02 CVE-2019-18667 Pfsense Cross-site Scripting vulnerability in Pfsense Pfsense-Pkg-Freeradius3

/usr/local/www/freeradius_view_config.php in the freeradius3 package before 0.15.7_3 for pfSense on FreeBSD allows a user with an XSS payload as password or username to execute arbitrary javascript code on a victim browser.

4.3
2019-11-01 CVE-2013-4168 Smokeping
Debian
Fedoraproject
Cross-site Scripting vulnerability in multiple products

Cross-site scripting (XSS) vulnerability in SmokePing 2.6.9 in the start and end time fields.

4.3
2019-11-01 CVE-2013-2255 Openstack
Redhat
Debian
Improper Certificate Validation vulnerability in multiple products

HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates.

4.3
2019-11-01 CVE-2005-2350 Websieve Project Cross-site Scripting vulnerability in Websieve Project Websieve 0.62

Cross-site scripting (XSS) vulnerability in websieve v0.62 allows remote attackers to inject arbitrary web script or HTML code in the web user interface.

4.3
2019-11-01 CVE-2019-6657 F5 Cross-site Scripting vulnerability in F5 products

On BIG-IP 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, a reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Traffic Management User Interface (TMUI), also known as the BIG-IP Configuration utility.

4.3
2019-11-01 CVE-2012-2979 Freebsd Incorrect Resource Transfer Between Spheres vulnerability in Freebsd Name Server Daemon

FreeBSD NSD before 3.2.13 allows remote attackers to crash a NSD child server process (SIGSEGV) and cause a denial of service in the NSD server.

4.3
2019-11-01 CVE-2013-3718 Gnome
Debian
Opensuse
Redhat
Improper Input Validation vulnerability in multiple products

evince is missing a check on number of pages which can lead to a segmentation fault

4.3
2019-10-31 CVE-2019-5023 Opensrcsec Missing Release of Resource after Effective Lifetime vulnerability in Opensrcsec Grsecurity and PAX

An exploitable vulnerability exists in the grsecurity PaX patch for the function read_kmem, in PaX from version pax-linux-4.9.8-test1 to 4.9.24-test7, grsecurity official from version grsecurity-3.1-4.9.8-201702060653 to grsecurity-3.1-4.9.24-201704252333, grsecurity unofficial from version v4.9.25-unofficialgrsec to v4.9.74-unofficialgrsec.

4.3
2019-10-31 CVE-2013-1951 Mediawiki
Linux
Debian
Cross-site Scripting vulnerability in multiple products

A cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.5 and 1.20.x before 1.20.4 and allows remote attackers to inject arbitrary web script or HTML via Lua function names.

4.3
2019-10-31 CVE-2013-1931 Mantisbt
Fedoraproject
Cross-site Scripting vulnerability in multiple products

A cross-site scripting (XSS) vulnerability in MantisBT 1.2.14 allows remote attackers to inject arbitrary web script or HTML via a version, related to deleting a version.

4.3
2019-10-31 CVE-2019-18656 Pimcore Cross-site Scripting vulnerability in Pimcore 6.2.3

Pimcore 6.2.3 has XSS in the translations grid because bundles/AdminBundle/Resources/public/js/pimcore/settings/translations.js mishandles certain HTML elements.

4.3
2019-10-31 CVE-2019-18365 Jetbrains Improper Privilege Management vulnerability in Jetbrains Teamcity

In JetBrains TeamCity before 2019.1.4, reverse tabnabbing was possible on several pages.

4.3
2019-10-31 CVE-2019-17551 Apakgroup Cross-site Scripting vulnerability in Apakgroup Wholesale Floorplanning Finance 6.31.8.3/6.31.8.5

In Apak Wholesale Floorplanning Finance 6.31.8.3 and 6.31.8.5, an attacker can send an authenticated POST request with a malicious payload to /WFS/agreementView.faces allowing a stored XSS via the mainForm:loanNotesnotes:0:rich_text_editor_note_text parameter in the Notes section.

4.3
2019-10-30 CVE-2010-1673 Ikiwiki Cross-site Scripting vulnerability in Ikiwiki

A cross-site scripting (XSS) vulnerability in ikiwiki before 3.20101112 allows remote attackers to inject arbitrary web script or HTML via a comment.

4.3
2019-10-30 CVE-2019-17326 Clipsoft Unspecified vulnerability in Clipsoft Rexpert 1.0.0.527

ClipSoft REXPERT 1.0.0.527 and earlier version allows remote attacker to arbitrary file deletion by issuing a HTTP GET request with a specially crafted parameter.

4.3
2019-10-30 CVE-2019-17325 Clipsoft Unrestricted Upload of File with Dangerous Type vulnerability in Clipsoft Rexpert 1.0.0.527

ClipSoft REXPERT 1.0.0.527 and earlier version allows remote attacker to upload arbitrary local file via the ActiveX method in RexViewerCtrl30.ocx.

4.3
2019-10-30 CVE-2019-17324 Clipsoft Path Traversal vulnerability in Clipsoft Rexpert 1.0.0.527

ClipSoft REXPERT 1.0.0.527 and earlier version allows directory traversal by issuing a special HTTP POST request with ../ characters.

4.3
2019-10-30 CVE-2019-17322 Clipsoft Path Traversal vulnerability in Clipsoft Rexpert 1.0.0.527

ClipSoft REXPERT 1.0.0.527 and earlier version allows arbitrary file creation via a POST request with the parameter set to the file path to be written.

4.3
2019-10-30 CVE-2010-0207 Xpdfreader
Debian
Infinite Loop vulnerability in Xpdfreader Xpdf 3.0317/3.0413/3.044

In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-based PDF viewers.

4.3
2019-10-30 CVE-2010-0206 Xpdfreader
Debian
NULL Pointer Dereference vulnerability in Xpdfreader Xpdf 3.0317/3.0413/3.044

xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects.

4.3
2019-10-30 CVE-2019-18205 Zucchetti Cross-site Scripting vulnerability in Zucchetti Infobusiness 4.4.1

Multiple Reflected Cross-site Scripting (XSS) vulnerabilities exist in Zucchetti InfoBusiness before and including 4.4.1.

4.3
2019-10-29 CVE-2019-6846 Schneider Electric Cleartext Transmission of Sensitive Information vulnerability in Schneider-Electric products

A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause information disclosure when using the FTP protocol.

4.3
2019-10-29 CVE-2019-18603 Openafs
Debian
Use of Uninitialized Resource vulnerability in multiple products

OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to information leakage upon certain error conditions because uninitialized RPC output variables are sent over the network to a peer.

4.3
2019-10-29 CVE-2019-13066 Sahipro Cross-site Scripting vulnerability in Sahipro Sahi PRO 8.0.0

Sahi Pro 8.0.0 has a script manager arena located at _s_/dyn/pro/DBReports with many different areas that are vulnerable to reflected XSS, by updating a script's Script Name, Suite Name, Base URL, Android, iOS, Scripts Run, Origin Machine, or Comment field.

4.3
2019-10-29 CVE-2018-10727 Fabrikar Cross-site Scripting vulnerability in Fabrikar Fabrik

Reflected Cross-Site Scripting (XSS) vulnerability in the fabrik_referrer hidden field in the Fabrikar Fabrik component through v3.8.1 for Joomla! allows remote attackers to inject arbitrary web script via the HTTP Referer header.

4.3
2019-10-29 CVE-2011-0428 Ikiwiki Cross-site Scripting vulnerability in Ikiwiki

Cross Site Scripting (XSS) in ikiwiki before 3.20110122 could allow remote attackers to insert arbitrary JavaScript due to insufficient checking in comments.

4.3
2019-10-29 CVE-2010-4237 Mercurial Improper Certificate Validation vulnerability in Mercurial

Mercurial before 1.6.4 fails to verify the Common Name field of SSL certificates which allows remote attackers who acquire a certificate signed by a Certificate Authority to perform a man-in-the-middle attack.

4.3
2019-10-29 CVE-2019-4330 IBM Reliance on Cookies without Validation and Integrity Checking vulnerability in IBM Security Guardium BIG Data Intelligence 4.0

IBM Security Guardium Big Data Intelligence (SonarG) 4.0 does not set the secure attribute for cookies in HTTPS sessions, which could cause the user agent to send those cookies in plaintext over an HTTP session.

4.3
2019-10-28 CVE-2019-5538 Vmware Improper Certificate Validation vulnerability in VMWare Vcenter Server 6.5/6.7

Sensitive information disclosure vulnerability resulting from a lack of certificate validation during the File-Based Backup and Restore operations of VMware vCenter Server Appliance (6.7 before 6.7u3a and 6.5 before 6.5u3d) may allow a malicious actor to intercept sensitive data in transit over SCP.

4.3
2019-10-28 CVE-2019-5537 Vmware Improper Certificate Validation vulnerability in VMWare Vcenter Server 6.5/6.7

Sensitive information disclosure vulnerability resulting from a lack of certificate validation during the File-Based Backup and Restore operations of VMware vCenter Server Appliance (6.7 before 6.7u3a and 6.5 before 6.5u3d) may allow a malicious actor to intercept sensitive data in transit over FTPS and HTTPS.

4.3
2019-10-28 CVE-2010-4245 Translatehouse Cross-site Scripting vulnerability in Translatehouse Pootle

pootle 2.0.5 has XSS via 'match_names' parameter

4.3
2019-10-28 CVE-2010-4240 Tiki Cross-site Scripting vulnerability in Tiki Tikiwiki Cms/Groupware 5.2

Tiki Wiki CMS Groupware 5.2 has XSS

4.3
2019-10-28 CVE-2009-4900 Pixelpost Cross-site Scripting vulnerability in Pixelpost 1.7.15

pixelpost 1.7.1 has XSS

4.3
2019-11-01 CVE-2019-12752 Symantec Incorrect Default Permissions vulnerability in Symantec Sonar

The Symantec SONAR component, prior to 12.0.2, may be susceptible to a tamper protection bypass vulnerability which could potentially allow an attacker to circumvent the existing tamper protection in use on the resident system.

4.1
2019-11-02 CVE-2019-18668 Wpwham Improper Input Validation vulnerability in Wpwham Currency Switcher for Woocommerce

An issue was discovered in the Currency Switcher addon before 2.11.2 for WooCommerce if a user provides a currency that was not added by the administrator.

4.0
2019-11-01 CVE-2019-6658 F5 SQL Injection vulnerability in F5 Big-Ip Advanced Firewall Manager

On BIG-IP AFM 15.0.0-15.0.1, 14.0.0-14.1.2, 13.1.0-13.1.3.1, and 12.1.0-12.1.5, a vulnerability in the AFM configuration utility may allow any authenticated BIG-IP user to run an SQL injection attack.

4.0
2019-11-01 CVE-2019-16909 Infosysta Information Exposure vulnerability in Infosysta In-App & Desktop Notifications 1.6.13J8

An issue was discovered in the Infosysta "In-App & Desktop Notifications" app before 1.6.14_J8 for Jira.

4.0
2019-10-31 CVE-2019-18229 Advantech SQL Injection vulnerability in Advantech Wise-Paas/Rmm 3.3.29

Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior.

4.0
2019-10-31 CVE-2019-5095 Tempo Missing Authorization vulnerability in Tempo 4.10.0

An issue summary information disclosure vulnerability exists in Atlassian Jira Tempo plugin, version 4.10.0.

4.0
2019-10-31 CVE-2013-1930 Mantisbt
Fedoraproject
Improper Input Validation vulnerability in multiple products

MantisBT 1.2.12 before 1.2.15 allows authenticated users to by the workflow restriction and close issues.

4.0
2019-10-31 CVE-2019-16251 Yithemes Unspecified vulnerability in Yithemes products

plugin-fw/lib/yit-plugin-panel-wc.php in the YIT Plugin Framework through 3.3.8 for WordPress allows authenticated options changes.

4.0
2019-10-31 CVE-2010-2490 Mumble
Debian
Improper Input Validation vulnerability in multiple products

Mumble: murmur-server has DoS due to malformed client query

4.0
2019-10-30 CVE-2019-8235 Magento Authorization Bypass Through User-Controlled Key vulnerability in Magento

An insecure direct object reference (IDOR) vulnerability exists in Magento 2.3 prior to 2.3.1, 2.2 prior to 2.2.8, and 2.1 prior to 2.1.17 versions.

4.0
2019-10-29 CVE-2018-18929 Trms Use of Hard-coded Credentials vulnerability in Trms Seneca HDN Firmware 7.0.4.104

The Tightrope Media Carousel Seneca HDn Windows-based appliance 7.0.4.104 is shipped with a default local administrator username and password.

4.0
2019-10-29 CVE-2019-6847 Schneider Electric Improper Handling of Exceptional Conditions vulnerability in Schneider-Electric products

A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service attack on the FTP service when upgrading the firmware with a version incompatible with the application in the controller using FTP protocol.

4.0
2019-10-29 CVE-2019-6844 Schneider Electric Improper Handling of Exceptional Conditions vulnerability in Schneider-Electric products

A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service atack on the PLC when upgrading the controller with a firmware package containing an invalid web server image using FTP protocol.

4.0
2019-10-29 CVE-2019-6843 Schneider Electric Improper Handling of Exceptional Conditions vulnerability in Schneider-Electric products

A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580 with firmware (version prior to V3.10), Modicon M340 (all firmware versions), and Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service attack on the PLC when upgrading the controller with an empty firmware package using FTP protocol.

4.0
2019-10-29 CVE-2019-6842 Schneider Electric Improper Handling of Exceptional Conditions vulnerability in Schneider-Electric products

A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service attack on the PLC when upgrading the firmware with a missing web server image inside the package using FTP protocol.

4.0
2019-10-29 CVE-2019-6841 Schneider Electric Improper Handling of Exceptional Conditions vulnerability in Schneider-Electric products

A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580 with firmware (version prior to V3.10), Modicon M340 (all firmware versions), and Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service attack on the PLC when upgrading the firmware with no firmware image inside the package using FTP protocol.

4.0
2019-10-29 CVE-2019-5533 Vmware Incorrect Authorization vulnerability in VMWare Sd-Wan BY Velocloud

In VMware SD-WAN by VeloCloud versions 3.x prior to 3.3.0, the VeloCloud Orchestrator parameter authorization check mistakenly allows enterprise users to obtain information of Managed Service Provider accounts.

4.0
2019-10-29 CVE-2019-18611 Mediawiki Information Exposure vulnerability in Mediawiki Checkuser

An issue was discovered in the CheckUser extension through 1.34 for MediaWiki.

4.0
2019-10-29 CVE-2019-4329 IBM Unspecified vulnerability in IBM Security Guardium BIG Data Intelligence 4.0

IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity.

4.0

22 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-11-01 CVE-2013-0180 Redislabs Improper Input Validation vulnerability in Redislabs Redis 2.6.0

Insecure temporary file vulnerability in Redis 2.6 related to /tmp/redis.ds.

3.6
2019-11-01 CVE-2013-0178 Redislabs Improper Input Validation vulnerability in Redislabs Redis

Insecure temporary file vulnerability in Redis before 2.6 related to /tmp/redis-%p.vm.

3.6
2019-10-29 CVE-2010-2064 Rpcbind Project Link Following vulnerability in Rpcbind Project Rpcbind 0.2.0

rpcbind 0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr.

3.6
2019-11-02 CVE-2019-18664 Secudos Cross-site Scripting vulnerability in Secudos Domos

The Log module in SECUDOS DOMOS before 5.6 allows XSS.

3.5
2019-11-01 CVE-2010-3660 Typo3 Cross-site Scripting vulnerability in Typo3

TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS on the backend.

3.5
2019-11-01 CVE-2019-18636 Jitbit Cross-site Scripting vulnerability in Jitbit .Net Forum 8.3.8

A cross-site scripting (XSS) vulnerability in Jitbit .NET Forum (aka ASP.NET forum) 8.3.8 allows remote attackers to inject arbitrary web script or HTML via the gravatar URL parameter.

3.5
2019-10-31 CVE-2013-1934 Mantisbt
Debian
Cross-site Scripting vulnerability in multiple products

A cross-site scripting (XSS) vulnerability in the configuration report page (adm_config_report.php) in MantisBT 1.2.0rc1 before 1.2.14 allows remote authenticated users to inject arbitrary web script or HTML via a complex value.

3.5
2019-10-31 CVE-2013-1932 Mantisbt Cross-site Scripting vulnerability in Mantisbt 1.2.13

A cross-site scripting (XSS) vulnerability in the configuration report page (adm_config_report.php) in MantisBT 1.2.13 allows remote authenticated users to inject arbitrary web script or HTML via a project name.

3.5
2019-10-30 CVE-2019-18207 Zucchetti Cross-site Scripting vulnerability in Zucchetti Infobusiness 4.4.1

In Zucchetti InfoBusiness before and including 4.4.1, an authenticated user can inject client-side code due to improper validation of the Title field in the InfoBusiness Web Component.

3.5
2019-10-29 CVE-2019-9758 Labkey Cross-site Scripting vulnerability in Labkey Server 19.1.0

An issue was discovered in LabKey Server 19.1.0.

3.5
2019-10-29 CVE-2019-10209 Postgresql Out-of-bounds Read vulnerability in Postgresql

Postgresql, versions 11.x before 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan.

3.5
2019-10-28 CVE-2019-5536 Vmware Improper Input Validation vulnerability in VMWare Esxi, Fusion and Workstation

VMware ESXi (6.7 before ESXi670-201908101-SG and 6.5 before ESXi650-201910401-SG), Workstation (15.x before 15.5.0) and Fusion (11.x before 11.5.0) contain a denial-of-service vulnerability in the shader functionality.

3.5
2019-10-31 CVE-2019-3419 ZTE Improper Input Validation vulnerability in ZTE Zxmp M721 DX Firmware Zxmpm721V3.10P01B10M2Ncp

A security vulnerability exists in a management port in the version of ZTE's ZXMP M721V3.10P01B10_M2NCP.

2.7
2019-11-01 CVE-2005-2351 Mutt
Debian
Exposure of Resource to Wrong Sphere vulnerability in multiple products

Mutt before 1.5.20 patch 7 allows an attacker to cause a denial of service via a series of requests to mutt temporary files.

2.1
2019-10-31 CVE-2013-1945 Ruby Lang Inclusion of Functionality from Untrusted Control Sphere vulnerability in Ruby-Lang Ruby193

ruby193 uses an insecure LD_LIBRARY_PATH setting.

2.1
2019-10-31 CVE-2019-18645 Totaldefense Link Following vulnerability in Totaldefense Anti-Virus 11.5.2.28

The quarantine restoration function in Total Defense Anti-virus 11.5.2.28 is vulnerable to symbolic link attacks, allowing files to be written to privileged directories.

2.1
2019-10-29 CVE-2016-4289 Gmer Out-of-bounds Write vulnerability in Gmer 2.1.19357

A stack based buffer overflow vulnerability exists in the method receiving data from SysTreeView32 control of the GMER 2.1.19357 application.

2.1
2019-10-29 CVE-2010-3373 Grsecurity
Debian
Improper Input Validation vulnerability in multiple products

paxtest handles temporary files insecurely

2.1
2019-10-28 CVE-2010-3293 Mailscanner Improper Input Validation vulnerability in Mailscanner

mailscanner can allow local users to prevent virus signatures from being updated

2.1
2019-11-02 CVE-2019-18673 Shiftcrypto Information Exposure vulnerability in Shiftcrypto Bitbox02

On SHIFT BitBox02 devices, a side channel for the row-based OLED display was found.

1.9
2019-11-02 CVE-2019-14360 Hyundai PAY Information Exposure vulnerability in Hyundai-Pay Hk-1000

On Hyundai Pay Kasse HK-1000 devices, a side channel for the row-based OLED display was found.

1.9
2019-11-02 CVE-2019-14358 Archos Information Exposure vulnerability in Archos Safe-T

On Archos Safe-T devices, a side channel for the row-based OLED display was found.

1.9