Weekly Vulnerabilities Reports > November 18 to 24, 2019

Overview

311 new vulnerabilities reported during this period, including 45 critical vulnerabilities and 129 high severity vulnerabilities. This weekly summary report vulnerabilities in 381 products from 149 vendors including Debian, Linux, Canonical, Fedoraproject, and Opensuse. Vulnerabilities are notably categorized as "Memory Leak", "Cross-site Scripting", "Improper Input Validation", "Information Exposure", and "Out-of-bounds Read".

  • 214 reported vulnerabilities are remotely exploitables.
  • 18 reported vulnerabilities have public exploit available.
  • 83 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 182 reported vulnerabilities are exploitable by an anonymous user.
  • Debian has the most reported vulnerabilities, with 49 reported vulnerabilities.
  • Qualcomm has the most reported critical vulnerabilities, with 5 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

45 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-11-21 CVE-2019-16541 Jenkins Exposure of Resource to Wrong Sphere vulnerability in Jenkins Jira

Jenkins JIRA Plugin 3.0.10 and earlier does not declare the correct (folder) scope for per-folder Jira site definitions, allowing users to select and use credentials with System scope.

9.9
2019-11-22 CVE-2019-18622 Phpmyadmin
Opensuse
Fedoraproject
SQL Injection vulnerability in multiple products

An issue was discovered in phpMyAdmin before 4.9.2.

9.8
2019-11-22 CVE-2019-13566 ROS Classic Buffer Overflow vulnerability in ROS Ros-Comm

An issue was discovered in the ROS communications-related packages (aka ros_comm or ros-melodic-ros-comm) through 1.14.3.

9.8
2019-11-22 CVE-2014-6311 Vanderbilt
Debian
Use of Insufficiently Random Values vulnerability in multiple products

generate_doygen.pl in ace before 6.2.7+dfsg-2 creates predictable file names in the /tmp directory which allows attackers to gain elevated privileges.

9.8
2019-11-22 CVE-2014-6310 Call CC
Debian
Classic Buffer Overflow vulnerability in multiple products

Buffer overflow in CHICKEN 4.9.0 and 4.9.0.1 may allow remote attackers to execute arbitrary code via the 'select' function.

9.8
2019-11-22 CVE-2014-3585 Redhat Improper Verification of Cryptographic Signature vulnerability in Redhat Enterprise Linux and Redhat-Upgrade-Tool

redhat-upgrade-tool: Does not check GPG signatures when upgrading versions

9.8
2019-11-21 CVE-2019-18933 Zulip Unspecified vulnerability in Zulip Server

In Zulip Server versions from 1.7.0 to before 2.0.7, a bug in the new user signup process meant that users who registered their account using social authentication (e.g., GitHub or Google SSO) in an organization that also allows password authentication could have their personal API key stolen by an unprivileged attacker, allowing nearly full access to the user's account.

9.8
2019-11-21 CVE-2019-18889 Sensiolabs
Fedoraproject
Code Injection vulnerability in multiple products

An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7.

9.8
2019-11-21 CVE-2019-11325 Sensiolabs Improper Encoding or Escaping of Output vulnerability in Sensiolabs Symfony

An issue was discovered in Symfony before 4.2.12 and 4.3.x before 4.3.8.

9.8
2019-11-21 CVE-2019-19033 Jalios Use of Hard-coded Credentials vulnerability in Jalios Jcms 10.0

Jalios JCMS 10 allows attackers to access any part of the website and the WebDAV server with administrative privileges via a backdoor account, by using any username and the hardcoded dev password.

9.8
2019-11-21 CVE-2019-19006 Sangoma Improper Authentication vulnerability in Sangoma Freepbx

Sangoma FreePBX 115.0.16.26 and below, 14.0.13.11 and below, 13.0.197.13 and below have Incorrect Access Control.

9.8
2019-11-21 CVE-2019-18349 Hotkeyp Project Unspecified vulnerability in Hotkeyp Project Hotkeyp

HotkeyP through 4.9 r96 allows privilege escalation in the privilege function in Commands.cpp.

9.8
2019-11-21 CVE-2019-5509 Netapp Code Injection vulnerability in Netapp Ontap Select Deploy Administration Utility

ONTAP Select Deploy administration utility versions 2.11.2 through 2.12.2 are susceptible to a code injection vulnerability which when successfully exploited could allow an unauthenticated remote attacker to enable and use a privileged user account.

9.8
2019-11-21 CVE-2018-8879 Asus Out-of-bounds Write vulnerability in Asus Rt-Ac66U Firmware

Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to execute arbitrary code by providing a long string to the blocking.asp page via a GET or POST request.

9.8
2019-11-21 CVE-2019-2303 Qualcomm Out-of-bounds Read vulnerability in Qualcomm products

SNDCP module may access array out side its boundary when it receives malformed XID message.

9.8
2019-11-21 CVE-2019-2289 Qualcomm Insufficient Verification of Data Authenticity vulnerability in Qualcomm products

Lack of integrity check allows MODEM to accept any NAS messages which can result into authentication bypass of NAS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130

9.8
2019-11-21 CVE-2019-2271 Qualcomm Out-of-bounds Read vulnerability in Qualcomm products

Buffer over read can happen while parsing downlink session management OTA messages if network sends un-intended values in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130

9.8
2019-11-21 CVE-2019-2268 Qualcomm Out-of-bounds Read vulnerability in Qualcomm products

Possible OOB read issue in P2P action frames while handling WLAN management frame in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8996AU, MSM8998, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS405, QCS605, SDA660, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150

9.8
2019-11-21 CVE-2019-16340 Linksys Forced Browsing vulnerability in Linksys products

Belkin Linksys Velop 1.1.8.192419 devices allows remote attackers to discover the recovery key via a direct request for the /sysinfo_json.cgi URI.

9.8
2019-11-21 CVE-2019-10627 Qualcomm
HP
Incorrect Calculation of Buffer Size vulnerability in multiple products

Integer overflow to buffer overflow vulnerability in PostScript image handling code used by the PostScript- and PDF-compatible interpreters due to incorrect buffer size calculation.

9.8
2019-11-21 CVE-2014-3700 Redhat Injection vulnerability in Redhat Edeploy and Jboss Enterprise web Server

eDeploy through at least 2014-10-14 has remote code execution due to eval() of untrusted data

9.8
2019-11-21 CVE-2012-3460 Redhat Improper Input Validation vulnerability in Redhat Enterprise MRG 2.0

cumin: At installation postgresql database user created without password

9.8
2019-11-21 CVE-2013-7171 Slackware Improper Input Validation vulnerability in Slackware Linux 14.0/14.1

Slackware 14.0 and 14.1, and Slackware LLVM 3.0-i486-2 and 3.3-i486-2, contain world-writable permissions on the /tmp directory which could allow remote attackers to execute arbitrary code with root privileges.

9.8
2019-11-20 CVE-2015-3166 Postgresql
Debian
Canonical
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified impact via unknown vectors, as demonstrated by an out-of-memory error.

9.8
2019-11-20 CVE-2013-2093 Dolibarr Improper Input Validation vulnerability in Dolibarr Erp/Crm 3.3.1

Dolibarr ERP/CRM 3.3.1 does not properly validate user input in viewimage.php and barcode.lib.php which allows remote attackers to execute arbitrary commands.

9.8
2019-11-20 CVE-2013-2091 Dolibarr SQL Injection vulnerability in Dolibarr Erp/Crm 3.3.1

SQL injection vulnerability in Dolibarr ERP/CRM 3.3.1 allows remote attackers to execute arbitrary SQL commands via the 'pays' parameter in fiche.php.

9.8
2019-11-20 CVE-2019-18858 Codesys Classic Buffer Overflow vulnerability in Codesys products

CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overflow.

9.8
2019-11-20 CVE-2019-10765 Iobroker Path Traversal vulnerability in Iobroker Iobroker.Admin

iobroker.admin before 3.6.12 allows attacker to include file contents from outside the `/log/file1/` directory.

9.8
2019-11-20 CVE-2010-4660 Status Improper Input Validation vulnerability in Status Statusnet

Unspecified vulnerability in statusnet through 2010 due to the way addslashes are used in SQL string escapes..

9.8
2019-11-20 CVE-2016-9652 Google Unspecified vulnerability in Google Chrome

Multiple unspecified vulnerabilities in Google Chrome before 55.0.2883.75.

9.8
2019-11-20 CVE-2016-5194 Google Unspecified vulnerability in Google Chrome

Unspecified vulnerabilities in Google Chrome before 54.0.2840.59.

9.8
2019-11-20 CVE-2011-1028 Smarty
Debian
Improper Input Validation vulnerability in multiple products

The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smarty_internal_compile_private_special_variable.php file.

9.8
2019-11-19 CVE-2011-3350 Marmaro Improper Check for Dropped Privileges vulnerability in Marmaro Masqmail 0.2.21/0.2.30

masqmail 0.2.21 through 0.2.30 improperly calls seteuid() in src/log.c and src/masqmail.c that results in improper privilege dropping.

9.8
2019-11-19 CVE-2019-10766 Pixie Project SQL Injection vulnerability in Pixie Project Pixie

Pixie versions 1.0.x before 1.0.3, and 2.0.x before 2.0.2 allow SQL Injection in the limit() function due to improper sanitization.

9.8
2019-11-19 CVE-2011-2921 Ktsuss Project Improper Check for Dropped Privileges vulnerability in Ktsuss Project Ktsuss 1.3/1.4

ktsuss versions 1.4 and prior has the uid set to root and does not drop privileges prior to executing user specified commands, which can result in command execution with root privileges.

9.8
2019-11-19 CVE-2012-0824 GNU Use of Externally-Controlled Format String vulnerability in GNU Gnusound 0.7.5

gnusound 0.7.5 has format string issue

9.8
2019-11-19 CVE-2016-1000006 Facebook Use After Free vulnerability in Facebook Hhvm

hhvm before 3.12.11 has a use-after-free in the serialize_memoize_param() and ResourceBundle::__construct() functions.

9.8
2019-11-18 CVE-2019-12409 Apache Unrestricted Upload of File with Dangerous Type vulnerability in Apache Solr 8.1.1/8.2.0

The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLE_REMOTE_JMX_OPTS configuration option in the default solr.in.sh configuration file shipping with Solr.

9.8
2019-11-18 CVE-2019-12271 Sandline Unrestricted Upload of File with Dangerous Type vulnerability in Sandline Centraleyezer

Sandline Centraleyezer (On Premises) allows unrestricted File Upload with a dangerous type, because the feature of adding ".jpg" to any uploaded filename is not enforced on the server side.

9.8
2019-11-18 CVE-2018-20687 Raritan XXE vulnerability in Raritan Commandcenter Secure Gateway

An XML external entity (XXE) vulnerability in CommandCenterWebServices/.*?wsdl in Raritan CommandCenter Secure Gateway before 8.0.0 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.

9.8
2019-11-18 CVE-2011-5331 Distributed Ruby Project Unspecified vulnerability in Distributed Ruby Project Distributed Ruby 1.8

Distributed Ruby (aka DRuby) 1.8 mishandles instance_eval.

9.8
2019-11-18 CVE-2011-5330 Distributed Ruby Project Unspecified vulnerability in Distributed Ruby Project Distributed Ruby 1.8

Distributed Ruby (aka DRuby) 1.8 mishandles the sending of syscalls.

9.8
2019-11-18 CVE-2019-19113 Newbee Mall Project SQL Injection vulnerability in Newbee-Mall Project Newbee-Mall 1.0

main/resources/mapper/NewBeeMallGoodsMapper.xml in newbee-mall (aka New Bee) before 2019-10-23 allows search?goodsCategoryId=&keyword= SQL Injection.

9.8
2019-11-20 CVE-2019-5541 Vmware Out-of-bounds Write vulnerability in VMWare Fusion and Workstation

VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain an out-of-bounds write vulnerability in the e1000e virtual network adapter.

9.1
2019-11-18 CVE-2019-17058 Footy Unrestricted Upload of File with Dangerous Type vulnerability in Footy Tipping Software 2019

Footy Tipping Software AFL Web Edition 2019 allows arbitrary file upload and resultant remote code execution because a whitelist can be bypassed by an Administrator who uploads a crafted upload.dat file.

9.1

129 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-11-22 CVE-2019-18610 Digium
Debian
Missing Authorization vulnerability in multiple products

An issue was discovered in manager.c in Sangoma Asterisk through 13.x, 16.x, 17.x and Certified Asterisk 13.21 through 13.21-cert4.

8.8
2019-11-22 CVE-2013-6811 D Link Cross-Site Request Forgery (CSRF) vulnerability in D-Link Dsl6740U Firmware

Multiple cross-site request forgery (CSRF) vulnerabilities in the D-Link DSL-6740U gateway (Rev.

8.8
2019-11-22 CVE-2019-19013 Pagekit Cross-Site Request Forgery (CSRF) vulnerability in Pagekit 1.0.17

A CSRF vulnerability in Pagekit 1.0.17 allows an attacker to upload an arbitrary file by removing the CSRF token from a request.

8.8
2019-11-22 CVE-2012-2079 Drupal Cross-Site Request Forgery (CSRF) vulnerability in Drupal Activity 6.X1.X

A cross-site request forgery (CSRF) vulnerability in the Activity module 6.x-1.x for Drupal.

8.8
2019-11-21 CVE-2019-19207 Rconfig SQL Injection vulnerability in Rconfig 3.9.2

rConfig 3.9.2 allows devices.php?searchColumn= SQL injection.

8.8
2019-11-21 CVE-2015-3140 Synametrics Cross-Site Request Forgery (CSRF) vulnerability in Synametrics Synaman and Syncrify

Multiple cross-site request forgery (CSRF) vulnerabilities in Synametrics Technologies SynaMan before 3.5 Build 1451, Syncrify before 3.7 Build 856, and SynTail before 1.5 Build 567

8.8
2019-11-21 CVE-2014-8356 Dasanzhone Authorization Bypass Through User-Controlled Key vulnerability in Dasanzhone Znid 2426A Firmware

The web administrative portal in Zhone zNID 2426A before S3.0.501 allows remote authenticated users to bypass intended access restrictions via a modified server response, related to an insecure direct object reference.

8.8
2019-11-21 CVE-2019-19202 Vtiger Incorrect Default Permissions vulnerability in Vtiger CRM 7.0/7.0.1/7.1.0

In Vtiger 7.x before 7.2.0, the My Preferences saving functionality allows a user without administrative privileges to change his own role by adding roleid=H2 to a POST request.

8.8
2019-11-21 CVE-2013-3312 Loftek Cross-Site Request Forgery (CSRF) vulnerability in Loftek Nexus 543 Firmware

Multiple cross-site request forgery (CSRF) vulnerabilities in the Loftek Nexus 543 IP Camera allow remote attackers to hijack the authentication of unspecified victims for requests that change (1) passwords or (2) firewall configuration, as demonstrated by a request to set_users.cgi.

8.8
2019-11-21 CVE-2019-5087 Xcftools Project
Debian
Integer Overflow or Wraparound vulnerability in multiple products

An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools 1.0.7.

8.8
2019-11-21 CVE-2019-5086 Xcftools Project
Debian
Integer Overflow or Wraparound vulnerability in multiple products

An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools, version 1.0.7.

8.8
2019-11-21 CVE-2019-16548 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Google Compute Engine

A cross-site request forgery vulnerability in Jenkins Google Compute Engine Plugin 4.1.1 and earlier in ComputeEngineCloud#doProvision could be used to provision new agents.

8.8
2019-11-21 CVE-2019-16544 Qmetry Insufficiently Protected Credentials vulnerability in Qmetry Jenkins Qmetry for Jira

Jenkins QMetry for JIRA - Test Management Plugin 1.12 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.

8.8
2019-11-21 CVE-2019-16538 Jenkins Incorrect Authorization vulnerability in Jenkins Script Security

A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.67 and earlier related to the handling of default parameter expressions in closures allowed attackers to execute arbitrary code in sandboxed scripts.

8.8
2019-11-20 CVE-2019-4561 IBM Deserialization of Untrusted Data vulnerability in IBM Security Identity Manager 6.0.0

IBM Security Identity Manager 6.0.0 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data.

8.8
2019-11-20 CVE-2019-6186 Lenovo Unspecified vulnerability in Lenovo System Interface Foundation 1.0.66.0

A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an authenticated user to execute code as another user.

8.8
2019-11-19 CVE-2019-12421 Apache Insufficient Session Expiration vulnerability in Apache Nifi

When using an authentication mechanism other than PKI, when the user clicks Log Out in NiFi versions 1.0.0 to 1.9.2, NiFi invalidates the authentication token on the client side but not on the server side.

8.8
2019-11-19 CVE-2011-4952 Cobblerd Cross-Site Request Forgery (CSRF) vulnerability in Cobblerd Cobbler

cobbler: Web interface lacks CSRF protection when using Django framework

8.8
2019-11-18 CVE-2019-19117 Phicomm OS Command Injection vulnerability in Phicomm K2(Psg1218) Firmware 22.5.9.163

/usr/lib/lua/luci/controller/admin/autoupgrade.lua on PHICOMM K2(PSG1218) V22.5.9.163 devices allows remote authenticated users to execute any command via shell metacharacters in the cgi-bin/luci autoUpTime parameter.

8.8
2019-11-18 CVE-2012-4438 Jenkins Improper Input Validation vulnerability in Jenkins

Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers with read access and HTTP access to Jenkins master to insert data and execute arbitrary code.

8.8
2019-11-22 CVE-2019-3654 Mcafee Improper Authentication vulnerability in Mcafee Client Proxy

Authentication Bypass vulnerability in the Microsoft Windows client in McAfee Client Proxy (MCP) prior to 3.0.0 allows local user to bypass scanning of web traffic and gain access to blocked sites for a short period of time via generating an authorization key on the client which should only be generated by the network administrator.

8.6
2019-11-19 CVE-2019-11289 Cloudfoundry Improper Input Validation vulnerability in Cloudfoundry Routing-Release

Cloud Foundry Routing, all versions before 0.193.0, does not properly validate nonce input.

8.6
2019-11-18 CVE-2019-3424 Ztehome Unspecified vulnerability in Ztehome C520V21 Firmware 2.1.14

authentication issues vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices.

8.2
2019-11-21 CVE-2019-18887 Sensiolabs
Fedoraproject
Information Exposure Through Discrepancy vulnerability in multiple products

An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7.

8.1
2019-11-22 CVE-2019-18909 HP OS Command Injection vulnerability in HP Thinpro

The VPN software within HP ThinPro does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with root privileges.

8.0
2019-11-22 CVE-2013-6234 ENG Unrestricted Upload of File with Dangerous Type vulnerability in ENG Spagobi 4.0

Unrestricted file upload vulnerability in the Worksheet designer in SpagoBI before 4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory, aka "XSS File Upload."

8.0
2019-11-22 CVE-2019-17446 Eracent Untrusted Search Path vulnerability in Eracent EPA Agent 10.2.26

An issue was discovered in Eracent EPA Agent through 10.2.26.

7.8
2019-11-22 CVE-2012-3407 Plow Project Classic Buffer Overflow vulnerability in Plow Project Plow 0.0.5

plow has local buffer overflow vulnerability

7.8
2019-11-21 CVE-2019-19197 Kyrolsecuritylabs Incorrect Permission Assignment for Critical Resource vulnerability in Kyrolsecuritylabs Kyrol Internet Security 9.0.6.9

IOCTL Handling in the kyrld.sys driver in Kyrol Internet Security 9.0.6.9 allows an attacker to achieve privilege escalation, denial-of-service, and code execution via usermode because 0x9C402401 using METHOD_NEITHER results in a read primitive.

7.8
2019-11-21 CVE-2019-19191 Shibboleth Link Following vulnerability in Shibboleth Service Provider

Shibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file that calls chown on files in a directory controlled by the service user (the shibd account) after installation.

7.8
2019-11-21 CVE-2019-16406 Centreon Incorrect Permission Assignment for Critical Resource vulnerability in Centreon web 19.04.4

Centreon Web 19.04.4 has weak permissions within the OVA (aka VMware virtual machine) and OVF (aka VirtualBox virtual machine) files, allowing attackers to gain privileges via a Trojan horse Centreon-autodisco executable file that is launched by cron.

7.8
2019-11-21 CVE-2019-15511 GOG Missing Authentication for Critical Function vulnerability in GOG Galaxy

An exploitable local privilege escalation vulnerability exists in the GalaxyClientService installed by GOG Galaxy.

7.8
2019-11-21 CVE-2019-5072 Tendacn OS Command Injection vulnerability in Tendacn Ac9V1.0 Firmware 15.03.05.14En/15.03.05.16Multitru

An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route (AC9V1.0 Firmware V15.03.05.16multiTRU).

7.8
2019-11-21 CVE-2019-5071 Tendacn OS Command Injection vulnerability in Tendacn Ac9V1.0 Firmware 15.03.05.14En/15.03.05.16Multitru

An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route (AC9V1.0 Firmware V15.03.05.16multiTRU).

7.8
2019-11-21 CVE-2019-17650 Fortinet OS Command Injection vulnerability in Fortinet Forticlient

An Improper Neutralization of Special Elements used in a Command vulnerability in one of FortiClient for Mac OS root processes, may allow a local user of the system on which FortiClient is running to execute unauthorized code as root by bypassing a security check.

7.8
2019-11-21 CVE-2019-2339 Qualcomm Improper Validation of Array Index vulnerability in Qualcomm products

Out of bound access due to lack of check of whiltelist array size while reading the image elf segments.

7.8
2019-11-21 CVE-2019-2329 Qualcomm Use After Free vulnerability in Qualcomm products

Use after free issue in cleanup routine due to missing pointer sanitization for a failed start of a trusted application.

7.8
2019-11-21 CVE-2019-2315 Qualcomm Unspecified vulnerability in Qualcomm products

While invoking the API to copy from fd or local buffer to the secure buffer, Parameters being populated are from non secure environment.

7.8
2019-11-21 CVE-2019-2297 Qualcomm Integer Overflow or Wraparound vulnerability in Qualcomm products

Buffer overflow can occur while processing non-standard NAN message from user space.

7.8
2019-11-21 CVE-2019-2266 Qualcomm Double Free vulnerability in Qualcomm products

Possible double free issue in kernel while handling the camera sensor and its sub modules power sequence in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MDM9206, MDM9207C, MDM9607, MSM8909, MSM8909W, Nicobar, QCA9980, QCS405, QCS605, SDM845, SDX24, SM7150, SM8150

7.8
2019-11-21 CVE-2019-2251 Qualcomm Out-of-bounds Write vulnerability in Qualcomm products

If a bitmap file is loaded from any un-authenticated source, there is a possibility that the bitmap can potentially cause stack buffer overflow.

7.8
2019-11-21 CVE-2019-18958 Gonitro Incorrect Permission Assignment for Critical Resource vulnerability in Gonitro Nitro PRO

Nitro Pro before 13.2 creates a debug.log file in the directory where a .pdf file is located, if the .pdf document was produced by an OCR operation on the JPEG output of a scanner.

7.8
2019-11-21 CVE-2019-17421 Zohocorp Incorrect Default Permissions vulnerability in Zohocorp products

Incorrect file permissions on the packaged Nipper executable file in Zoho ManageEngine OpManager 12.4.072 and Firewall Analyzer 12.4.072 allow local users to elevate privileges to root by overwriting this file with a malicious payload.

7.8
2019-11-21 CVE-2019-10617 Qualcomm Unspecified vulnerability in Qualcomm Qca6174 Firmware

Low privilege users can access service configuration which contains registry data that admins uses to create or delete entries in the registry in QCA6174_9377.WIN.1.0 in QCA6174_9377

7.8
2019-11-21 CVE-2019-10566 Qualcomm Classic Buffer Overflow vulnerability in Qualcomm products

Buffer overflow can occur in wlan module if supported rates or extended rates element length is greater than max rate set length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8996AU, Nicobar, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA845, SDM670, SDM710, SDM845, SDX20, SM6150, SM8150, SM8250, SXR2130

7.8
2019-11-21 CVE-2019-10563 Qualcomm Out-of-bounds Read vulnerability in Qualcomm products

Buffer over-read can occur in fast message handler due to improper input validation while processing a message from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8096AU, MSM8996AU, MSM8998, QCN7605, QCS405, QCS605, SDA660, SDM636, SDM660, SDX20, SDX24

7.8
2019-11-21 CVE-2019-10503 Qualcomm Improper Validation of Array Index vulnerability in Qualcomm products

Out-of-bounds access can occur in camera driver due to improper validation of array index in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, QCN7605, SDA660, SDM450, SDM630, SDM636, SDM660, SDX20

7.8
2019-11-21 CVE-2018-13916 Qualcomm Classic Buffer Overflow vulnerability in Qualcomm products

Out-of-bounds memory access in Qurt kernel function when using the identifier to access Qurt kernel buffer to retrieve thread data.

7.8
2019-11-21 CVE-2013-7172 Slackware Improper Input Validation vulnerability in Slackware Linux

Slackware 13.1, 13.37, 14.0 and 14.1 contain world-writable permissions on the iodbctest and iodbctestw programs within the libiodbc package, which could allow local users to use RPATH information to execute arbitrary code with root privileges.

7.8
2019-11-20 CVE-2019-3466 Postgresql
Canonical
Debian
Improper Privilege Management vulnerability in multiple products

The pg_ctlcluster script in postgresql-common in versions prior to 210 didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation.

7.8
2019-11-20 CVE-2019-6191 Lenovo Unspecified vulnerability in Lenovo Paper 1.0.0.22

A potential vulnerability in the discontinued LenovoPaper software version 1.0.0.22 may allow local privilege escalation.

7.8
2019-11-20 CVE-2019-6189 Lenovo Untrusted Search Path vulnerability in Lenovo System Interface Foundation 1.0.66.0

A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an administrative user to load an unsigned DLL.

7.8
2019-11-20 CVE-2019-6184 Lenovo Unspecified vulnerability in Lenovo Customer Engagement Service 2.0.21.1

A potential vulnerability in the discontinued Customer Engagement Service (CCSDK) software version 2.0.21.1 may allow local privilege escalation.

7.8
2019-11-19 CVE-2011-3349 Lightdm Project Improper Privilege Management vulnerability in Lightdm Project Lightdm

lightdm before 0.9.6 writes in .dmrc and Xauthority files using root permissions while the files are in user controlled folders.

7.8
2019-11-19 CVE-2011-2922 Ktsuss Project Improper Input Validation vulnerability in Ktsuss Project Ktsuss 1.3/1.4

ktsuss versions 1.4 and prior spawns the GTK interface to run as root.

7.8
2019-11-19 CVE-2014-5439 Sniffit Project
Debian
Out-of-bounds Write vulnerability in multiple products

Multiple Stack-based Buffer Overflow vulnerabilities exists in Sniffit prior to 0.3.7 via a crafted configuration file that will bypass Non-eXecutable bit NX, stack smashing protector SSP, and address space layout randomization ASLR protection mechanisms, which could let a malicious user execute arbitrary code.

7.8
2019-11-19 CVE-2011-4954 Cobblerd Improper Privilege Management vulnerability in Cobblerd Cobbler

cobbler has local privilege escalation via the use of insecure location for PYTHON_EGG_CACHE

7.8
2019-11-18 CVE-2008-7273 Getfiregpg Link Following vulnerability in Getfiregpg Iceweasel-Firegpg

A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling.

7.8
2019-11-18 CVE-2019-18215 Comodo Uncontrolled Search Path Element vulnerability in Comodo Internet Security

An issue was discovered in signmgr.dll 6.5.0.819 in Comodo Internet Security through 12.0.

7.8
2019-11-18 CVE-2019-14467 Infoway Unrestricted Upload of File with Dangerous Type vulnerability in Infoway Social Photo Gallery 1.0

The Social Photo Gallery plugin 1.0 for WordPress allows Remote Code Execution by creating an album and attaching a malicious PHP file in the cover photo album, because the file extension is not checked.

7.8
2019-11-20 CVE-2019-5542 Vmware Unspecified vulnerability in VMWare Fusion and Workstation

VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain a denial-of-service vulnerability in the RPC handler.

7.7
2019-11-20 CVE-2019-5540 Vmware Memory Leak vulnerability in VMWare Fusion and Workstation

VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain an information disclosure vulnerability in vmnetdhcp.

7.7
2019-11-23 CVE-2019-11287 Pivotal Software
Vmware
Fedoraproject
Redhat
Debian
Use of Externally-Controlled Format String vulnerability in multiple products

Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack.

7.5
2019-11-22 CVE-2012-6079 Boldgrid Information Exposure vulnerability in Boldgrid W3 Total Cache

W3 Total Cache before 0.9.2.5 exposes sensitive cached database information which allows remote attackers to download this information via their hash keys.

7.5
2019-11-22 CVE-2012-6078 Boldgrid Information Exposure vulnerability in Boldgrid W3 Total Cache

W3 Total Cache before 0.9.2.5 generates hash keys insecurely which allows remote attackers to predict the values of the hashes.

7.5
2019-11-22 CVE-2012-6077 Boldgrid Information Exposure vulnerability in Boldgrid W3 Total Cache

W3 Total Cache before 0.9.2.5 allows remote attackers to retrieve password hash information due to insecure storage of database cache files.

7.5
2019-11-22 CVE-2019-18976 Digium
Debian
NULL Pointer Dereference vulnerability in multiple products

An issue was discovered in res_pjsip_t38.c in Sangoma Asterisk through 13.x and Certified Asterisk through 13.21-x.

7.5
2019-11-22 CVE-2012-0877 Python
Redhat
Resource Exhaustion vulnerability in multiple products

PyXML: Hash table collisions CPU usage Denial of Service

7.5
2019-11-22 CVE-2019-13157 Naver Path Traversal vulnerability in Naver Vaccine 2.1.4

nsGreen.dll in Naver Vaccine 2.1.4 allows remote attackers to overwrite arbitary files via directory traversal sequences in a filename within nsz archive.

7.5
2019-11-21 CVE-2019-18888 Sensiolabs
Fedoraproject
Argument Injection or Modification vulnerability in multiple products

An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7.

7.5
2019-11-21 CVE-2014-2904 Wolfssl Improper Authentication vulnerability in Wolfssl

wolfssl before 3.2.0 has a server certificate that is not properly authorized for server authentication.

7.5
2019-11-21 CVE-2014-2902 Wolfssl Improper Certificate Validation vulnerability in Wolfssl

wolfssl before 3.2.0 does not properly authorize CA certificate for signing other certificates.

7.5
2019-11-21 CVE-2014-2901 Wolfssl Improper Certificate Validation vulnerability in Wolfssl

wolfssl before 3.2.0 does not properly issue certificates for a server's hostname.

7.5
2019-11-21 CVE-2019-19204 Oniguruma Project
Debian
Fedoraproject
Out-of-bounds Read vulnerability in multiple products

An issue was discovered in Oniguruma 6.x before 6.9.4_rc2.

7.5
2019-11-21 CVE-2019-19203 Oniguruma Project
Fedoraproject
Out-of-bounds Read vulnerability in multiple products

An issue was discovered in Oniguruma 6.x before 6.9.4_rc2.

7.5
2019-11-21 CVE-2019-5637 Beckhoff Divide By Zero vulnerability in Beckhoff Twincat 3.1.4022.29/3.1.4022.30

When Beckhoff TwinCAT is configured to use the Profinet driver, a denial of service of the controller could be reached by sending a malformed UDP packet to the device.

7.5
2019-11-21 CVE-2019-5636 Beckhoff Improper Resource Shutdown or Release vulnerability in Beckhoff Twincat 2.0/3.1

When a Beckhoff TwinCAT Runtime receives a malformed UDP packet, the ADS Discovery Service shuts down.

7.5
2019-11-21 CVE-2013-3314 Loftek Information Exposure vulnerability in Loftek Nexus 543 Firmware

The Loftek Nexus 543 IP Camera allows remote attackers to obtain (1) IP addresses via a request to get_realip.cgi or (2) firmware versions (ui and system), timestamp, serial number, p2p port number, and wifi status via a request to get_status.cgi.

7.5
2019-11-21 CVE-2013-3313 Loftek Insufficiently Protected Credentials vulnerability in Loftek Nexus 543 Firmware

The Loftek Nexus 543 IP Camera stores passwords in cleartext, which allows remote attackers to obtain sensitive information via an HTTP GET request to check_users.cgi.

7.5
2019-11-21 CVE-2013-3311 Loftek Path Traversal vulnerability in Loftek Nexus 543 Firmware

Directory traversal vulnerability in the Loftek Nexus 543 IP Camera allows remote attackers to read arbitrary files via a ..

7.5
2019-11-21 CVE-2019-16758 Lexmark Path Traversal vulnerability in Lexmark Services Monitor Firmware 2.27.4.0.39

In Lexmark Services Monitor 2.27.4.0.39 (running on TCP port 2070), a remote attacker can use a directory traversal technique using /../../../ or ..%2F..%2F..%2F to obtain local files on the host operating system.

7.5
2019-11-21 CVE-2019-10767 Iobroker Path Traversal vulnerability in Iobroker Iobroker.Js-Controller

An attacker can include file contents from outside the `/adapter/xxx/` directory, where `xxx` is the name of an existent adapter like "admin".

7.5
2019-11-21 CVE-2019-2335 Qualcomm Infinite Loop vulnerability in Qualcomm products

While processing Attach Reject message, Valid exit condition is not met resulting into an infinite loop in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130

7.5
2019-11-21 CVE-2014-1937 Gamera Project Improper Input Validation vulnerability in Gamera Project Gamera 3.4.0

Gamera before 3.4.1 insecurely creates temporary files.

7.5
2019-11-21 CVE-2014-1936 RC Project
Debian
Improper Input Validation vulnerability in multiple products

rc before 1.7.1-5 insecurely creates temporary files.

7.5
2019-11-21 CVE-2012-4524 Sillycycle
Fedoraproject
Improper Input Validation vulnerability in multiple products

xlockmore before 5.43 'dclock' security bypass vulnerability

7.5
2019-11-21 CVE-2012-3543 Mono Project
Canonical
Debian
Improper Input Validation vulnerability in multiple products

mono 2.10.x ASP.NET Web Form Hash collision DoS

7.5
2019-11-21 CVE-2012-2350 PAM Shield Project
Debian
Improper Input Validation vulnerability in multiple products

pam_shield before 0.9.4: Default configuration does not perform protective action

7.5
2019-11-21 CVE-2012-2238 Tryton Incorrect Authorization vulnerability in Tryton Trytond 2.4.0/2.4.1

trytond 2.4: ModelView.button fails to validate authorization

7.5
2019-11-20 CVE-2019-6852 Schneider Electric Information Exposure vulnerability in Schneider-Electric products

A CWE-200: Information Exposure vulnerability exists in Modicon Controllers (M340 CPUs, M340 communication modules, Premium CPUs, Premium communication modules, Quantum CPUs, Quantum communication modules - see security notification for specific versions), which could cause the disclosure of FTP hardcoded credentials when using the Web server of the controller on an unsecure network.

7.5
2019-11-20 CVE-2015-3167 Postgresql
Debian
Canonical
Information Exposure vulnerability in multiple products

contrib/pgcrypto in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 uses different error responses when an incorrect key is used, which makes it easier for attackers to obtain the key via a brute force attack.

7.5
2019-11-20 CVE-2013-1817 Mediawiki
Debian
Redhat
Fedoraproject
Information Exposure vulnerability in multiple products

MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information.

7.5
2019-11-20 CVE-2013-1816 Mediawiki
Debian
Redhat
Fedoraproject
Improper Input Validation vulnerability in multiple products

MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request.

7.5
2019-11-20 CVE-2011-0529 Weborf Project
Debian
Improper Input Validation vulnerability in multiple products

Weborf before 0.12.5 is affected by a Denial of Service (DOS) due to malformed fields in HTTP.

7.5
2019-11-20 CVE-2019-16200 GNU Incorrect Conversion between Numeric Types vulnerability in GNU Serveez 0.2.2

GNU Serveez through 0.2.2 has an Information Leak.

7.5
2019-11-20 CVE-2019-6176 Lenovo Unspecified vulnerability in Lenovo Thinkpad Usb-C Dock Firmware 3.7.2

A potential vulnerability reported in ThinkPad USB-C Dock Firmware version 3.7.2 may allow a denial of service.

7.5
2019-11-19 CVE-2019-10768 Angularjs Unspecified vulnerability in Angularjs Angular.Js

In AngularJS before 1.7.9 the function `merge()` could be tricked into adding or modifying properties of `Object.prototype` using a `__proto__` payload.

7.5
2019-11-19 CVE-2012-6135 Phusion
Redhat
Improper Input Validation vulnerability in multiple products

RubyGems passenger 4.0.0 betas 1 and 2 allows remote attackers to delete arbitrary files during the startup process.

7.5
2019-11-19 CVE-2012-6071 Nusoap Project
Debian
Improper Certificate Validation vulnerability in multiple products

nuSOAP before 0.7.3-5 does not properly check the hostname of a cert.

7.5
2019-11-19 CVE-2012-6070 Falconpl Improper Input Validation vulnerability in Falconpl 0.8.10/0.9.6.8

Falconpl before 0.9.6.9-git20120606 misuses the libcurl API which may allow remote attackers to interfere with security checks.

7.5
2019-11-19 CVE-2011-4967 Openpegasus
Redhat
Improper Input Validation vulnerability in multiple products

tog-Pegasus has a package hash collision DoS vulnerability

7.5
2019-11-19 CVE-2011-4919 Mpack Project Information Exposure vulnerability in Mpack Project Mpack 1.6

mpack 1.6 has information disclosure via eavesdropping on mails sent by other users

7.5
2019-11-18 CVE-2019-12422 Apache Unspecified vulnerability in Apache Shiro

Apache Shiro before 1.4.2, when using the default "remember me" configuration, cookies could be susceptible to a padding attack.

7.5
2019-11-18 CVE-2019-10172 Fasterxml
Redhat
Debian
Apache
A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries.
7.5
2019-11-18 CVE-2019-19079 Linux
Canonical
Memory Leak vulnerability in multiple products

A memory leak in the qrtr_tun_write_iter() function in net/qrtr/tun.c in the Linux kernel before 5.3 allows attackers to cause a denial of service (memory consumption), aka CID-a21b7f0cff19.

7.5
2019-11-18 CVE-2019-19078 Linux
Canonical
Memory Leak vulnerability in multiple products

A memory leak in the ath10k_usb_hif_tx_sg() function in drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-b8d17e7d93d2.

7.5
2019-11-18 CVE-2019-19075 Linux
Canonical
Memory Leak vulnerability in multiple products

A memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering ca8210_get_platform_data() failures, aka CID-6402939ec86e.

7.5
2019-11-18 CVE-2019-19074 Linux
Debian
Canonical
Memory Leak vulnerability in multiple products

A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4.

7.5
2019-11-18 CVE-2019-19071 Linux
Canonical
Memory Leak vulnerability in multiple products

A memory leak in the rsi_send_beacon() function in drivers/net/wireless/rsi/rsi_91x_mgmt.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering rsi_prepare_beacon() failures, aka CID-d563131ef23c.

7.5
2019-11-18 CVE-2019-19070 Linux
Fedoraproject
Memory Leak vulnerability in multiple products

A memory leak in the spi_gpio_probe() function in drivers/spi/spi-gpio.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering devm_add_action_or_reset() failures, aka CID-d3b0ffa1d75d.

7.5
2019-11-18 CVE-2019-19069 Linux
Canonical
Netapp
Broadcom
Memory Leak vulnerability in multiple products

A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc/fastrpc.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering dma_get_sgtable() failures, aka CID-fc739a058d99.

7.5
2019-11-18 CVE-2019-19064 Linux
Fedoraproject
Memory Leak vulnerability in multiple products

A memory leak in the fsl_lpspi_probe() function in drivers/spi/spi-fsl-lpspi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering pm_runtime_get_sync() failures, aka CID-057b8945f78f.

7.5
2019-11-18 CVE-2019-19061 Linux
Canonical
Netapp
Broadcom
Memory Leak vulnerability in multiple products

A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-9c0530e898f3.

7.5
2019-11-18 CVE-2019-19060 Linux
Netapp
Broadcom
Canonical
Opensuse
Memory Leak vulnerability in multiple products

A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41.

7.5
2019-11-18 CVE-2019-19053 Linux
Canonical
Netapp
Broadcom
Memory Leak vulnerability in multiple products

A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy_from_iter_full() failures, aka CID-bbe692e349e2.

7.5
2019-11-18 CVE-2019-19052 Linux
Debian
Canonical
Opensuse
Oracle
Netapp
Broadcom
Memory Leak vulnerability in multiple products

A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486.

7.5
2019-11-18 CVE-2019-19050 Linux
Fedoraproject
Canonical
Netapp
Broadcom
Memory Leak vulnerability in multiple products

A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_reportstat_alg() failures, aka CID-c03b04dcdba1.

7.5
2019-11-18 CVE-2019-19049 Linux
Opensuse
Memory Leak vulnerability in multiple products

A memory leak in the unittest_data_add() function in drivers/of/unittest.c in the Linux kernel before 5.3.10 allows attackers to cause a denial of service (memory consumption) by triggering of_fdt_unflatten_tree() failures, aka CID-e13de8fe0d6a.

7.5
2019-11-18 CVE-2019-19048 Linux
Canonical
Memory Leak vulnerability in multiple products

A memory leak in the crypto_reportstat() function in drivers/virt/vboxguest/vboxguest_utils.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering copy_form_user() failures, aka CID-e0b0cb938864.

7.5
2019-11-18 CVE-2019-19044 Linux
Netapp
Broadcom
Canonical
Memory Leak vulnerability in multiple products

Two memory leaks in the v3d_submit_cl_ioctl() function in drivers/gpu/drm/v3d/v3d_gem.c in the Linux kernel before 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering kcalloc() or v3d_job_init() failures, aka CID-29cd13cfd762.

7.5
2019-11-18 CVE-2019-10764 Simplito Information Exposure Through Discrepancy vulnerability in Simplito Elliptic-PHP

In elliptic-php versions priot to 1.0.6, Timing attacks might be possible which can result in practical recovery of the long-term private key generated by the library under certain conditions.

7.4
2019-11-19 CVE-2019-18934 Nlnetlabs
Fedoraproject
Opensuse
OS Command Injection vulnerability in multiple products

Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer.

7.3
2019-11-19 CVE-2019-16861 Code42 Untrusted Search Path vulnerability in Code42

Code42 server through 7.0.2 for Windows has an Untrusted Search Path.

7.3
2019-11-19 CVE-2019-16860 Code42 Untrusted Search Path vulnerability in Code42

Code42 app through version 7.0.2 for Windows has an Untrusted Search Path.

7.3
2019-11-22 CVE-2019-3427 ZTE Code Injection vulnerability in ZTE Zxcdn Iamweb Firmware 6.01.03.01

The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a code injection vulnerability.

7.2
2019-11-21 CVE-2019-16405 Centreon Unspecified vulnerability in Centreon web

Centreon Web before 2.8.30, 18.10.x before 18.10.8, 19.04.x before 19.04.5 and 19.10.x before 19.10.2 allows Remote Code Execution by an administrator who can modify Macro Expression location settings.

7.2
2019-11-21 CVE-2019-17272 Netapp Unspecified vulnerability in Netapp Ontap Select Deploy Administration Utility

All versions of ONTAP Select Deploy administration utility are susceptible to a vulnerability which when successfully exploited could allow an administrative user to escalate their privileges.

7.2
2019-11-21 CVE-2014-5255 Xcfa Project
Debian
Race Condition vulnerability in multiple products

xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary files.

7.0
2019-11-21 CVE-2019-10486 Qualcomm Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products

Race condition due to the lack of resource lock which will be concurrently modified in the memcpy statement leads to out of bound access in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8939, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150

7.0

134 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-11-22 CVE-2019-18910 HP OS Command Injection vulnerability in HP Thinpro

The Citrix Receiver wrapper function does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with local user privileges.

6.8
2019-11-22 CVE-2019-16287 HP Unspecified vulnerability in HP Thinpro

In HP ThinPro Linux 6.2, 6.2.1, 7.0 and 7.1, an attacker may be able to leverage the application filter bypass vulnerability to gain privileged access to create a file on the local file system whose presence puts the device in Administrative Mode, which will allow the attacker to executed commands with elevated privileges.

6.8
2019-11-22 CVE-2019-16286 HP Improper Authentication vulnerability in HP Thinpro Linux

An attacker may be able to bypass the OS application filter meant to restrict applications that can be executed by changing browser preferences to launch a separate process that in turn can execute arbitrary commands.

6.8
2019-11-22 CVE-2019-9536 Apple Improper Handling of Exceptional Conditions vulnerability in Apple Iphone 3GS

Apple iPhone 3GS bootrom malloc implementation returns a non-NULL pointer when unable to allocate memory, aka 'alloc8'.

6.8
2019-11-18 CVE-2019-5688 Nvidia Unspecified vulnerability in Nvidia Gpumodeswitch, Nvflash and Nvuflash

NVIDIA NVFlash, NVUFlash Tool prior to v5.588.0 and GPUModeSwitch Tool prior to 2019-11, NVIDIA kernel mode driver (nvflash.sys, nvflsh32.sys, and nvflsh64.sys) contains a vulnerability in which authenticated users with administrative privileges can gain access to device memory and registers of other devices not managed by NVIDIA, which may lead to escalation of privileges, information disclosure, or denial of service.

6.7
2019-11-22 CVE-2019-15593 Gitlab Allocation of Resources Without Limits or Throttling vulnerability in Gitlab 12.2.3

GitLab 12.2.3 contains a security vulnerability that allows a user to affect the availability of the service through a Denial of Service attack in Issue Comments.

6.5
2019-11-22 CVE-2019-18790 Digium
Debian
Missing Authorization vulnerability in multiple products

An issue was discovered in channels/chan_sip.c in Sangoma Asterisk 13.x before 13.29.2, 16.x before 16.6.2, and 17.x before 17.0.1, and Certified Asterisk 13.21 before cert5.

6.5
2019-11-22 CVE-2019-3428 ZTE Unspecified vulnerability in ZTE Zxcdn Iamweb Firmware 6.01.03.01

The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a configuration error vulnerability.

6.5
2019-11-22 CVE-2015-5694 Openstack
Redhat
Debian
Infinite Loop vulnerability in multiple products

Designate does not enforce the DNS protocol limit concerning record set sizes

6.5
2019-11-22 CVE-2015-1780 Redhat Incorrect Authorization vulnerability in Redhat Ovirt-Engine and Virtualization

oVirt users with MANIPULATE_STORAGE_DOMAIN permissions can attach a storage domain to any data-center

6.5
2019-11-22 CVE-2019-10206 Redhat
Debian
Opensuse
Insufficiently Protected Credentials vulnerability in multiple products

ansible-playbook -k and ansible cli tools, all versions 2.8.x before 2.8.4, all 2.7.x before 2.7.13 and all 2.6.x before 2.6.19, prompt passwords by expanding them from templates as they could contain special characters.

6.5
2019-11-21 CVE-2019-18890 Redmine
Debian
SQL Injection vulnerability in multiple products

A SQL injection vulnerability in Redmine through 3.2.9 and 3.3.x before 3.3.10 allows Redmine users to access protected information via a crafted object query.

6.5
2019-11-21 CVE-2019-6693 Fortinet Use of Hard-coded Credentials vulnerability in Fortinet Fortios

Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key.

6.5
2019-11-21 CVE-2019-16545 Qmetry Cleartext Transmission of Sensitive Information vulnerability in Qmetry Jenkins Qmetry for Jira

Jenkins QMetry for JIRA - Test Management Plugin transmits credentials in its configuration in plain text as part of job configuration forms, potentially resulting in their exposure.

6.5
2019-11-21 CVE-2019-16542 Jenkins Insufficiently Protected Credentials vulnerability in Jenkins Anchore Container Image Scanner

Jenkins Anchore Container Image Scanner Plugin 1.0.19 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.

6.5
2019-11-21 CVE-2019-16540 Jenkins Path Traversal vulnerability in Jenkins Support Core

A path traversal vulnerability in Jenkins Support Core Plugin 2.63 and earlier allows attackers with Overall/Read permission to delete arbitrary files on the Jenkins master.

6.5
2019-11-21 CVE-2019-16539 Jenkins Improper Preservation of Permissions vulnerability in Jenkins Support Core

A missing permission check in Jenkins Support Core Plugin 2.63 and earlier allows attackers with Overall/Read permission to delete support bundles.

6.5
2019-11-20 CVE-2019-4530 IBM Unspecified vulnerability in IBM Maximo Asset Management 7.6.0.0/7.6.1/7.6.1.1

IBM Maximo Asset Management 7.6, 7.6.1, and 7.6.1.1 could allow an authenticated user to delete a record that they should not normally be able to.

6.5
2019-11-20 CVE-2019-6187 Lenovo Improper Neutralization of Formula Elements in a CSV File vulnerability in Lenovo Xclarity Controller

A stored CSV Injection vulnerability was reported in Lenovo XClarity Controller (XCC) that could allow an administrative or other appropriately permissioned user to store malformed data in certain XCC server informational fields, that could result in crafted formulas being stored in an exported CSV file.

6.5
2019-11-19 CVE-2019-10080 Apache XXE vulnerability in Apache Nifi

The XMLFileLookupService in NiFi versions 1.3.0 to 1.9.2 allowed trusted users to inadvertently configure a potentially malicious XML file.

6.5
2019-11-18 CVE-2019-17085 Microfocus XXE vulnerability in Microfocus Operations Agent

XXE attack vulnerability on Micro Focus Operations Agent, affected version 12.0, 12.01, 12.02, 12.03, 12.04, 12.05, 12.06, 12.10, 12.11.

6.5
2019-11-18 CVE-2019-10763 Pimcore SQL Injection vulnerability in Pimcore

pimcore/pimcore before 6.3.0 is vulnerable to SQL Injection.

6.5
2019-11-18 CVE-2018-21031 Plex Insufficiently Protected Credentials vulnerability in Plex Media Server 1.18.2.202936236Cc4C

Tautulli versions 2.1.38 and below allows remote attackers to bypass intended access control in Plex Media Server because the X-Plex-Token is mishandled and can be retrieved from Tautulli.

6.5
2019-11-18 CVE-2019-19046 Linux
Fedoraproject
Opensuse
Memory Leak vulnerability in multiple products

A memory leak in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering ida_simple_get() failure, aka CID-4aa7afb0ee20.

6.5
2019-11-22 CVE-2019-16763 Pannellum Cross-site Scripting vulnerability in Pannellum

In Pannellum from 2.5.0 through 2.5.4 URLs were not sanitized for data URIs (or vbscript:), allowing for potential XSS attacks.

6.1
2019-11-22 CVE-2014-2214 Posh Project Cross-site Scripting vulnerability in Posh Project Posh

Multiple cross-site scripting (XSS) vulnerabilities in POSH (aka Posh portal or Portaneo) 3.0 through 3.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) error parameter to /includes/plugins/mobile/scripts/login.php or (2) id parameter to portal/openrssarticle.php

6.1
2019-11-22 CVE-2014-2213 Posh Project Open Redirect vulnerability in Posh Project Posh

Open redirect vulnerability in the password reset functionality in POSH 3.0 through 3.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to portal/scr_sendmd5.php.

6.1
2019-11-22 CVE-2014-1238 Ideagen Cross-site Scripting vulnerability in Ideagen Q-Pulse 0.6

Cross-site scripting (XSS) vulnerability in ui/common/managedlistdialog.aspx in Gael Q-Pulse 0.6 and earlier.

6.1
2019-11-22 CVE-2013-6878 Miwisoft Cross-site Scripting vulnerability in Miwisoft Mijosearch

Cross-site scripting (XSS) vulnerability in the Mijosoft MijoSearch component 2.0.4 and earlier for Joomla! allows remote attackers to inject arbitrary web script or HTML via the query parameter to component/mijosearch/search.

6.1
2019-11-22 CVE-2013-6239 Exis TI Cross-site Scripting vulnerability in Exis-Ti Exis Contexis 1.0

Cross-site scripting (XSS) vulnerability in the photo gallery model in Exis Contexis before 2.0 allows remote attackers to inject arbitrary web script or HTML via the image parameter in a detail action.

6.1
2019-11-22 CVE-2019-15652 Nssglobal Cross-site Scripting vulnerability in Nssglobal VMU Software

The web interface for NSSLGlobal SatLink VSAT Modem Unit (VMU) devices before 18.1.0 doesn't properly sanitize input for error messages, leading to the ability to inject client-side code.

6.1
2019-11-22 CVE-2013-6880 Elvedia Cross-site Scripting vulnerability in Elvedia Flashcanvas

Open redirect in proxy.php in FlashCanvas before 1.6 allows remote attackers to redirect users to arbitrary web sites and conduct cross-site scripting (XSS) attacks via the HTTP Referer header.

6.1
2019-11-22 CVE-2012-0812 Postfix Admin Project
Debian
Cross-site Scripting vulnerability in multiple products

PostfixAdmin 2.3.4 has multiple XSS vulnerabilities

6.1
2019-11-22 CVE-2019-4215 IBM Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Smartcloud Analytics LOG Analysis

IBM SmartCloud Analytics 1.3.1 through 1.3.5 could allow a remote attacker to hijack the clicking action of the victim.

6.1
2019-11-21 CVE-2012-1001 Chyrp Cross-site Scripting vulnerability in Chyrp 2.0/2.1/2.5.2

Multiple cross-site scripting (XSS) vulnerabilities in Chyrp before 2.1.2 and before 2.5 Beta 2 allow remote attackers to inject arbitrary web script or HTML via the (1) content parameter to includes/ajax.php or (2) body parameter to includes/error.php.

6.1
2019-11-21 CVE-2015-2793 Ikiwiki
Fedoraproject
Cross-site Scripting vulnerability in multiple products

Cross-site scripting (XSS) vulnerability in templates/openid-selector.tmpl in ikiwiki before 3.20150329 allows remote attackers to inject arbitrary web script or HTML via the openid_identifier parameter in a verify action to ikiwiki.cgi.

6.1
2019-11-20 CVE-2019-6853 Schneider Electric Cross-site Scripting vulnerability in Schneider-Electric products

A CWE-79: Failure to Preserve Web Page Structure vulnerability exists in Andover Continuum (models 9680, 5740 and 5720, bCX4040, bCX9640, 9900, 9940, 9924 and 9702) , which could enable a successful Cross-site Scripting (XSS attack) when using the products web server.

6.1
2019-11-20 CVE-2013-2092 Dolibarr Cross-site Scripting vulnerability in Dolibarr Erp/Crm 3.3.1

Cross-site Scripting (XSS) in Dolibarr ERP/CRM 3.3.1 allows remote attackers to inject arbitrary web script or HTML in functions.lib.php.

6.1
2019-11-20 CVE-2011-4455 Tiki Cross-site Scripting vulnerability in Tiki

Multiple cross-site scripting vulnerabilities in Tiki 7.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the path info to (1) tiki-admin_system.php, (2) tiki-pagehistory.php, (3) tiki-removepage.php, or (4) tiki-rename_page.php.

6.1
2019-11-20 CVE-2011-4454 Tiki Cross-site Scripting vulnerability in Tiki

Multiple cross-site scripting vulnerabilities in Tiki 8.0 RC1 and earlier allow remote attackers to inject arbitrary web script or HTML via the path info to (1) tiki-remind_password.php, (2) tiki-index.php, (3) tiki-login_scr.php, or (4) tiki-index.

6.1
2019-11-20 CVE-2010-4659 Status Cross-site Scripting vulnerability in Status Statusnet

Cross-site scripting (XSS) vulnerability in statusnet through 2010 in error message contents.

6.1
2019-11-20 CVE-2013-0195 Matomo Cross-site Scripting vulnerability in Matomo

Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

6.1
2019-11-20 CVE-2013-0194 Matomo Cross-site Scripting vulnerability in Matomo

Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

6.1
2019-11-20 CVE-2013-0193 Matomo Cross-site Scripting vulnerability in Matomo

Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

6.1
2019-11-20 CVE-2019-15073 Openfind Open Redirect vulnerability in Openfind Mail2000 6.0/7.0

An Open Redirect vulnerability for all browsers in MAIL2000 through version 6.0 and 7.0, which will redirect to a malicious site without authentication.

6.1
2019-11-20 CVE-2019-15072 Openfind Cross-site Scripting vulnerability in Openfind Mail2000 6.0/7.0

The login feature in "/cgi-bin/portal" in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code via any parameter.

6.1
2019-11-20 CVE-2019-15071 Openfind Cross-site Scripting vulnerability in Openfind Mail2000 6.0/7.0

The "/cgi-bin/go" page in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code via ACTION parameter without authentication.

6.1
2019-11-18 CVE-2012-4441 Jenkins Cross-site Scripting vulnerability in Jenkins

Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML in the CI game plugin.

6.1
2019-11-18 CVE-2012-4440 Jenkins Cross-site Scripting vulnerability in Jenkins

Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML in the Violations plugin.

6.1
2019-11-18 CVE-2019-15054 Getmailbird Cross-site Scripting vulnerability in Getmailbird Mailbird

Multiple cross-site scripting (XSS) vulnerabilities in Mailbird before 2.7.5.0 r allow remote attackers to execute arbitrary JavaScript in a privileged context via a crafted HTML mail message.

6.1
2019-11-18 CVE-2019-10070 Apache Cross-site Scripting vulnerability in Apache Atlas 0.8.3/1.1.0

Apache Atlas versions 0.8.3 and 1.1.0 were found vulnerable to Stored Cross-Site Scripting in the search functionality

6.1
2019-11-18 CVE-2012-4439 Jenkins Cross-site Scripting vulnerability in Jenkins

Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL that points to Jenkins.

6.1
2019-11-18 CVE-2019-12311 Sandline Cross-site Scripting vulnerability in Sandline Centraleyezer

Sandline Centraleyezer (On Premises) allows Unrestricted File Upload leading to Stored XSS.

6.1
2019-11-18 CVE-2019-12299 Sandline Cross-site Scripting vulnerability in Sandline Centraleyezer

Sandline Centraleyezer (On Premises) allows Stored XSS using HTML entities in the name field of the Category section.

6.1
2019-11-18 CVE-2019-17057 Footy Cross-site Scripting vulnerability in Footy Tipping Software 2019

Footy Tipping Software AFL Web Edition 2019 allows XSS.

6.1
2019-11-18 CVE-2018-13257 Blackboard Open Redirect vulnerability in Blackboard Learn 20180702

The bb-auth-provider-cas authentication module within Blackboard Learn 2018-07-02 is susceptible to HTTP host header spoofing during Central Authentication Service (CAS) service ticket validation, enabling a phishing attack from the CAS server login page.

6.1
2019-11-21 CVE-2019-16546 Jenkins Authorization Bypass Through User-Controlled Key vulnerability in Jenkins Google Compute Engine

Jenkins Google Compute Engine Plugin 4.1.1 and earlier does not verify SSH host keys when connecting agents created by the plugin, enabling man-in-the-middle attacks.

5.9
2019-11-21 CVE-2018-9195 Fortinet Use of Hard-coded Credentials vulnerability in Fortinet Fortios

Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge of the key to eavesdrop on and modify information (URL/SPAM services in FortiOS 5.6, and URL/SPAM/AV services in FortiOS 6.0.; URL rating in FortiClient) sent and received from Fortiguard severs by decrypting these messages.

5.9
2019-11-18 CVE-2019-5102 Openwrt Unspecified vulnerability in Openwrt 15.05.1/18.06.4

An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1.

5.9
2019-11-18 CVE-2019-5101 Openwrt Unspecified vulnerability in Openwrt 15.05.1/18.06.4

An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1.

5.9
2019-11-18 CVE-2019-19081 Linux
Redhat
Opensuse
Memory Leak vulnerability in multiple products

A memory leak in the nfp_flower_spawn_vnic_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allows attackers to cause a denial of service (memory consumption), aka CID-8ce39eb5a67a.

5.9
2019-11-18 CVE-2019-19080 Linux
Opensuse
Memory Leak vulnerability in multiple products

Four memory leaks in the nfp_flower_spawn_phy_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allow attackers to cause a denial of service (memory consumption), aka CID-8572cea1461a.

5.9
2019-11-18 CVE-2019-19076 Linux
Canonical
Redhat
Memory Leak vulnerability in multiple products

A memory leak in the nfp_abm_u32_knode_replace() function in drivers/net/ethernet/netronome/nfp/abm/cls.c in the Linux kernel before 5.3.6 allows attackers to cause a denial of service (memory consumption), aka CID-78beef629fd9.

5.9
2019-11-18 CVE-2019-18373 Symantec Unspecified vulnerability in Symantec Norton APP Lock

Norton App Lock, prior to 1.4.0.503, may be susceptible to a bypass exploit.

5.6
2019-11-22 CVE-2019-17445 Eracent Link Following vulnerability in Eracent products

An issue was discovered in Eracent EDA, EPA, EPM, EUA, FLW, and SUM Agent through 10.2.26.

5.5
2019-11-22 CVE-2019-19227 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the AppleTalk subsystem in the Linux kernel before 5.1, there is a potential NULL pointer dereference because register_snap_client may return NULL.

5.5
2019-11-21 CVE-2019-19221 Libarchive
Debian
Fedoraproject
Canonical
Out-of-bounds Read vulnerability in multiple products

In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call.

5.5
2019-11-21 CVE-2019-2336 Qualcomm Use After Free vulnerability in Qualcomm products

Subsequent use of the CBO listener may result in further memory corruption due to use after free issue.

5.5
2019-11-21 CVE-2019-2318 Qualcomm Out-of-bounds Read vulnerability in Qualcomm products

Non Secure Kernel can cause Trustzone to do an arbitrary memory read which will result into DOS in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8017, APQ8053, APQ8096, APQ8096AU, IPQ8074, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, QCA8081, QM215, SDM429, SDM439, SDM450, SDM632, Snapdragon_High_Med_2016

5.5
2019-11-21 CVE-2019-2295 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

Information disclosure due to lack of address range check done on the SysDBG buffers in SDI code.

5.5
2019-11-21 CVE-2019-16543 Jenkins Insufficiently Protected Credentials vulnerability in Jenkins Spira Importer 3.2.2

Jenkins Spira Importer Plugin 3.2.2 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

5.5
2019-11-21 CVE-2019-15704 Fortinet Missing Encryption of Sensitive Data vulnerability in Fortinet Forticlient

A clear text storage of sensitive information vulnerability in FortiClient for Mac may allow a local attacker to read sensitive information logged in the console window when the user connects to an SSL VPN Gateway.

5.5
2019-11-21 CVE-2019-10535 Qualcomm Improper Input Validation vulnerability in Qualcomm products

Improper validation for loop variable received from firmware can lead to out of bound access in WLAN function while iterating through loop in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8096AU, APQ8098, MDM9640, MSM8996AU, MSM8998, QCA6574AU, QCN7605, QCS405, QCS605, SDA845, SDM845, SDX20

5.5
2019-11-21 CVE-2019-10490 Qualcomm Use After Free vulnerability in Qualcomm products

Use after free issue in Xtra daemon shutdown due to static object instance getting freed from a multiple places in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCS605, SDA660, SDA845, SDM450, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR2130

5.5
2019-11-21 CVE-2014-1938 Rply Project Link Following vulnerability in Rply Project Rply

python-rply before 0.7.4 insecurely creates temporary files.

5.5
2019-11-21 CVE-2014-0084 Redhat Improper Input Validation vulnerability in Redhat Openshift Origin

Ruby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and cron.weekly.

5.5
2019-11-21 CVE-2014-0083 NET Ldap Project
Debian
Use of Password Hash With Insufficient Computational Effort vulnerability in multiple products

The Ruby net-ldap gem before 0.11 uses a weak salt when generating SSHA passwords.

5.5
2019-11-21 CVE-2019-19037 Linux NULL Pointer Dereference vulnerability in Linux Kernel

ext4_empty_dir in fs/ext4/namei.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because ext4_read_dirblock(inode,0,DIRENT_HTREE) can be zero.

5.5
2019-11-21 CVE-2019-19039 Linux
Debian
Canonical
Information Exposure Through Log Files vulnerability in multiple products

__btrfs_free_extent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfs_print_leaf in a certain ENOENT case, which allows local users to obtain potentially sensitive information about register values via the dmesg program.

5.5
2019-11-21 CVE-2019-19036 Linux NULL Pointer Dereference vulnerability in Linux Kernel

btrfs_root_node in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because rcu_dereference(root->node) can be zero.

5.5
2019-11-20 CVE-2012-1257 Pidgin Cleartext Transmission of Sensitive Information vulnerability in Pidgin 2.10.0

Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain sensitive information via a dbus session monitor.

5.5
2019-11-20 CVE-2015-1607 Gnupg
Canonical
Improper Input Validation vulnerability in multiple products

kbx/keybox-search.c in GnuPG before 1.4.19, 2.0.x before 2.0.27, and 2.1.x before 2.1.2 does not properly handle bitwise left-shifts, which allows remote attackers to cause a denial of service (invalid read operation) via a crafted keyring file, related to sign extensions and "memcpy with overlapping ranges."

5.5
2019-11-20 CVE-2015-1606 Gnupg
Debian
Use After Free vulnerability in multiple products

The keyring DB in GnuPG before 2.1.2 does not properly handle invalid packets, which allows remote attackers to cause a denial of service (invalid read and use-after-free) via a crafted keyring file.

5.5
2019-11-20 CVE-2012-6136 Redhat
Fedoraproject
Debian
Incorrect Default Permissions vulnerability in multiple products

tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitrary processes.

5.5
2019-11-19 CVE-2011-2924 Linuxfoundation
Debian
Fedoraproject
Link Following vulnerability in multiple products

foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled.

5.5
2019-11-19 CVE-2011-2923 Linuxfoundation
Debian
Link Following vulnerability in multiple products

foomatic-rip filter, all versions, used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled.

5.5
2019-11-19 CVE-2012-0843 Uzbl
Debian
Information Exposure vulnerability in multiple products

uzbl: Information disclosure via world-readable cookies storage file

5.5
2019-11-19 CVE-2012-0842 Suckless
Debian
Information Exposure vulnerability in multiple products

surf: cookie jar has read access from other local user

5.5
2019-11-18 CVE-2014-5118 Trusted Boot Project
Redhat
Fedoraproject
Improper Input Validation vulnerability in multiple products

Trusted Boot (tboot) before 1.8.2 has a 'loader.c' Security Bypass Vulnerability

5.5
2019-11-18 CVE-2019-19077 Linux
Canonical
Opensuse
Memory Leak vulnerability in multiple products

A memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy to udata failures, aka CID-4a9d46a9fe14.

5.5
2019-11-18 CVE-2019-19055 Canonical
Fedoraproject
Linux
Memory Leak vulnerability in multiple products

A memory leak in the nl80211_get_ftm_responder_stats() function in net/wireless/nl80211.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering nl80211hdr_put() failures, aka CID-1399c59fa929.

5.5
2019-11-18 CVE-2019-19051 Linux
Debian
Canonical
Opensuse
Memory Leak vulnerability in multiple products

A memory leak in the i2400m_op_rfkill_sw_toggle() function in drivers/net/wimax/i2400m/op-rfkill.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-6f3ef5c25cc7.

5.5
2019-11-18 CVE-2019-19047 Linux
Canonical
Memory Leak vulnerability in multiple products

A memory leak in the mlx5_fw_fatal_reporter_dump() function in drivers/net/ethernet/mellanox/mlx5/core/health.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mlx5_crdump_collect() failures, aka CID-c7ed6d0183d5.

5.5
2019-11-18 CVE-2019-19043 Linux
Canonical
Fedoraproject
Memory Leak vulnerability in multiple products

A memory leak in the i40e_setup_macvlans() function in drivers/net/ethernet/intel/i40e/i40e_main.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering i40e_setup_channel() failures, aka CID-27d461333459.

5.5
2019-11-22 CVE-2013-0203 Owncloud Cross-site Scripting vulnerability in Owncloud

Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.5, 4.0.10, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) unspecified parameters to apps/calendar/ajax/event/new.php or (2) url parameter to apps/bookmarks/ajax/addBookmark.php.

5.4
2019-11-22 CVE-2019-4569 IBM Cross-site Scripting vulnerability in IBM Tivoli Netcool/Impact

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.16 is vulnerable to cross-site scripting.

5.4
2019-11-22 CVE-2018-10854 Redhat Unspecified vulnerability in Redhat Cloudforms Management Engine 4.7/5.8/5.9

cloudforms version, cloudforms 5.8 and cloudforms 5.9, is vulnerable to a cross-site-scripting.

5.4
2019-11-18 CVE-2019-19085 Octopus Cross-site Scripting vulnerability in Octopus Server

A persistent cross-site scripting (XSS) vulnerability in Octopus Server 3.4.0 through 2019.10.5 allows remote authenticated attackers to inject arbitrary web script or HTML.

5.4
2019-11-22 CVE-2019-19240 Embedthis Use of Uninitialized Resource vulnerability in Embedthis Goahead

Embedthis GoAhead before 5.0.1 mishandles redirected HTTP requests with a large Host header.

5.3
2019-11-22 CVE-2013-6879 Miwisoft Information Exposure Through an Error Message vulnerability in Miwisoft Mijosearch

The Mijosoft MijoSearch component 2.0.1 and earlier for Joomla! allows remote attackers to obtain sensitive information via a request to component/mijosearch/search, which reveals the installation path in an error message.

5.3
2019-11-22 CVE-2019-4570 IBM Information Exposure Through an Error Message vulnerability in IBM Tivoli Netcool/Impact

IBM Tivoli Netcool Impact 7.1.0 through 7.1.0.16 generates an error message that includes sensitive information about its environment, users, or associated data.

5.3
2019-11-21 CVE-2019-18886 Sensiolabs Information Exposure Through Discrepancy vulnerability in Sensiolabs Symfony

An issue was discovered in Symfony 4.2.0 to 4.2.11 and 4.3.0 to 4.3.7.

5.3
2019-11-21 CVE-2014-1935 9Base Project
Debian
Improper Input Validation vulnerability in multiple products

9base 1:6-6 and 1:6-7 insecurely creates temporary files which results in predictable filenames.

5.3
2019-11-19 CVE-2019-10083 Apache Information Exposure vulnerability in Apache Nifi

When updating a Process Group via the API in NiFi versions 1.3.0 to 1.9.2, the response to the request includes all of its contents (at the top most level, not recursively).

5.3
2019-11-18 CVE-2019-3423 Ztehome Path Traversal vulnerability in Ztehome C520V21 Firmware 2.1.14

permission and access control vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices.

5.3
2019-11-22 CVE-2019-11291 Vmware
Redhat
Cross-site Scripting vulnerability in multiple products

Pivotal RabbitMQ, 3.7 versions prior to v3.7.20 and 3.8 version prior to v3.8.1, and RabbitMQ for PCF, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain two endpoints, federation and shovel, which do not properly sanitize user input.

4.8
2019-11-21 CVE-2012-2078 Drupal Cross-site Scripting vulnerability in Drupal Activity 6.X1.X

Cross-site scripting (XSS) vulnerability in the Activity module 6.x-1.x for Drupal.

4.8
2019-11-21 CVE-2012-1637 Drupal Cross-site Scripting vulnerability in Drupal Quick Tabs

Cross-site scripting vulnerability (XSS) in the Quick Tabs module 6.x-2.x before 6.x-2.1, 6.x-3.x before 6.x-3.1, and 7.x-3.x before 7.x-3.3 for Drupal.

4.8
2019-11-19 CVE-2011-3352 Ziku Cross-site Scripting vulnerability in Ziku Zikula 1.3.0

Zikula 1.3.0 build #3168 and probably prior has XSS flaw due to improper sanitization of the 'themename' parameter by setting default, modifying and deleting themes.

4.8
2019-11-19 CVE-2011-4968 F5
Debian
Improper Input Validation vulnerability in multiple products

nginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle attack (MITM)

4.8
2019-11-22 CVE-2015-7810 Videolan
Redhat
Fedoraproject
Debian
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products

libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when expanding JAR files

4.7
2019-11-21 CVE-2014-5254 Xcfa Project Race Condition vulnerability in Xcfa Project Xcfa

xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary files.

4.7
2019-11-18 CVE-2019-19083 Linux
Canonical
Opensuse
Memory Leak vulnerability in multiple products

Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption).

4.7
2019-11-18 CVE-2019-19082 Linux
Canonical
Opensuse
Memory Leak vulnerability in multiple products

Memory leaks in *create_resource_pool() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption).

4.7
2019-11-18 CVE-2019-19066 Linux
Redhat
Debian
Canonical
Fedoraproject
Opensuse
Memory Leak vulnerability in multiple products

A memory leak in the bfad_im_get_stats() function in drivers/scsi/bfa/bfad_attr.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering bfa_port_get_stats() failures, aka CID-0e62395da2bd.

4.7
2019-11-18 CVE-2019-19065 Linux
Canonical
Opensuse
Memory Leak vulnerability in multiple products

A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering rhashtable_init() failures, aka CID-34b3be18a04e.

4.7
2019-11-18 CVE-2019-19062 Linux
Redhat
Debian
Canonical
Fedoraproject
Opensuse
Memory Leak vulnerability in multiple products

A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042.

4.7
2019-11-18 CVE-2019-19059 Linux
Canonical
Fedoraproject
Memory Leak vulnerability in multiple products

Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering iwl_pcie_init_fw_sec() or dma_alloc_coherent() failures, aka CID-0f4f199443fa.

4.7
2019-11-18 CVE-2019-19058 Linux
Canonical
Fedoraproject
Opensuse
Memory Leak vulnerability in multiple products

A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering alloc_page() failures, aka CID-b4b814fec1a5.

4.7
2019-11-18 CVE-2019-19056 Linux
Debian
Canonical
Fedoraproject
Opensuse
Memory Leak vulnerability in multiple products

A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-db8fd2cde932.

4.7
2019-11-18 CVE-2019-19054 Linux
Canonical
Fedoraproject
Opensuse
Netapp
Broadcom
Memory Leak vulnerability in multiple products

A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b.

4.7
2019-11-22 CVE-2019-16285 HP Information Exposure vulnerability in HP Thinpro Linux

If a local user has been configured and logged in, an unauthenticated attacker with physical access may be able to extract sensitive information onto a local drive.

4.6
2019-11-22 CVE-2019-4216 IBM Injection vulnerability in IBM Smartcloud Analytics LOG Analysis

IBM SmartCloud Analytics 1.3.1 through 1.3.5 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass.

4.6
2019-11-18 CVE-2019-19068 Linux
Redhat
Debian
Canonical
Fedoraproject
Opensuse
Memory Leak vulnerability in multiple products

A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-a2cdd07488e6.

4.6
2019-11-18 CVE-2019-19063 Linux
Canonical
Fedoraproject
Opensuse
Oracle
Netapp
Broadcom
Memory Leak vulnerability in multiple products

Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113.

4.6
2019-11-22 CVE-2019-4243 IBM Unspecified vulnerability in IBM Smartcloud Analytics LOG Analysis

IBM SmartCloud Analytics 1.3.1 through 1.3.5 allows unauthorized disclosure of information like accessing solrconfig.xml and could allow an attacker to perform disruptive administrator tasks.

4.4
2019-11-19 CVE-2016-1000236 Cookie Signature Project
Debian
Race Condition vulnerability in multiple products

Node-cookie-signature before 1.0.6 is affected by a timing attack due to the type of comparison used.

4.4
2019-11-18 CVE-2019-19072 Canonical
Fedoraproject
Redhat
Linux
Memory Leak vulnerability in multiple products

A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-96c5c6e6a5b6.

4.4
2019-11-18 CVE-2019-19067 Linux
Canonical
Opensuse
Memory Leak vulnerability in multiple products

Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption) by triggering mfd_add_hotplug_devices() or pm_genpd_add_device() failures, aka CID-57be09c6e874.

4.4
2019-11-18 CVE-2019-19045 Linux
Canonical
Opensuse
Memory Leak vulnerability in multiple products

A memory leak in the mlx5_fpga_conn_create_cq() function in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mlx5_vector2eqn() failures, aka CID-c8c2a057fdc7.

4.4
2019-11-22 CVE-2019-10203 Powerdns Incorrect Conversion between Numeric Types vulnerability in Powerdns Authoritative Server

PowerDNS Authoritative daemon , pdns versions 4.0.x before 4.0.9, 4.1.x before 4.1.11, exiting when encountering a serial between 2^31 and 2^32-1 while trying to notify a slave leads to DoS.

4.3
2019-11-21 CVE-2019-16547 Jenkins Missing Authorization vulnerability in Jenkins Google Compute Engine

Missing permission checks in various API endpoints in Jenkins Google Compute Engine Plugin 4.1.1 and earlier allow attackers with Overall/Read permission to obtain limited information about the plugin configuration and environment.

4.3
2019-11-18 CVE-2019-19084 Octopus Unrestricted Upload of File with Dangerous Type vulnerability in Octopus Deploy

In Octopus Deploy 3.3.0 through 2019.10.4, an authenticated user with PackagePush permission to upload packages could upload a maliciously crafted package, triggering an exception that exposes underlying operating system details.

4.3
2019-11-18 CVE-2019-19073 Linux
Fedoraproject
Opensuse
Memory Leak vulnerability in multiple products

Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures.

4.0

3 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-11-22 CVE-2019-4214 IBM Incorrect Permission Assignment for Critical Resource vulnerability in IBM Smartcloud Analytics LOG Analysis

IBM SmartCloud Analytics 1.3.1 through 1.3.5 does not set the secure attribute on authorization tokens or session cookies.

3.7
2019-11-19 CVE-2019-19126 GNU
Canonical
Fedoraproject
Debian
Improper Initialization vulnerability in multiple products

On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.

3.3
2019-11-18 CVE-2019-19057 Linux
Debian
Canonical
Fedoraproject
Opensuse
Netapp
Broadcom
Memory Leak vulnerability in multiple products

Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e.

3.3