Weekly Vulnerabilities Reports > December 2 to 8, 2019
Overview
246 new vulnerabilities reported during this period, including 51 critical vulnerabilities and 92 high severity vulnerabilities. This weekly summary report vulnerabilities in 313 products from 128 vendors including Debian, Linux, Fedoraproject, Google, and Opensuse. Vulnerabilities are notably categorized as "Cross-site Scripting", "Use After Free", "Out-of-bounds Write", "Improper Privilege Management", and "Out-of-bounds Read".
- 168 reported vulnerabilities are remotely exploitables.
- 10 reported vulnerabilities have public exploit available.
- 72 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 153 reported vulnerabilities are exploitable by an anonymous user.
- Debian has the most reported vulnerabilities, with 28 reported vulnerabilities.
- Qnap has the most reported critical vulnerabilities, with 7 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
51 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2019-12-08 | CVE-2019-19638 | Libsixel Project | Integer Overflow or Wraparound vulnerability in Libsixel Project Libsixel 1.8.2 An issue was discovered in libsixel 1.8.2. | 9.8 |
2019-12-08 | CVE-2019-19637 | Libsixel Project | Integer Overflow or Wraparound vulnerability in Libsixel Project Libsixel 1.8.2 An issue was discovered in libsixel 1.8.2. | 9.8 |
2019-12-08 | CVE-2019-19636 | Libsixel Project | Integer Overflow or Wraparound vulnerability in Libsixel Project Libsixel 1.8.2 An issue was discovered in libsixel 1.8.2. | 9.8 |
2019-12-08 | CVE-2019-19635 | Libsixel Project | Out-of-bounds Write vulnerability in Libsixel Project Libsixel 1.8.2 An issue was discovered in libsixel 1.8.2. | 9.8 |
2019-12-06 | CVE-2019-10769 | Safer Eval Project | Code Injection vulnerability in Safer-Eval Project Safer-Eval safer-eval is a npm package to sandbox the he evaluation of code used within the eval function. | 9.8 |
2019-12-06 | CVE-2019-18671 | Keepkey | Out-of-bounds Write vulnerability in Keepkey Firmware Insufficient checks in the USB packet handling of the ShapeShift KeepKey hardware wallet before firmware 6.2.2 allow out-of-bounds writes in the .bss segment via crafted messages. | 9.8 |
2019-12-06 | CVE-2019-16674 | Weidmueller | Use of Insufficiently Random Values vulnerability in Weidmueller products An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. | 9.8 |
2019-12-06 | CVE-2019-16672 | Weidmueller | Insufficiently Protected Credentials vulnerability in Weidmueller products An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. | 9.8 |
2019-12-06 | CVE-2019-16670 | Weidmueller | Improper Restriction of Excessive Authentication Attempts vulnerability in Weidmueller products An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. | 9.8 |
2019-12-06 | CVE-2018-7282 | Titool | SQL Injection vulnerability in Titool Printmonitor The username parameter of the TITool PrintMonitor solution during the login request is vulnerable to and/or time-based blind SQLi. | 9.8 |
2019-12-06 | CVE-2019-5544 | Vmware Redhat Openslp Fedoraproject | Out-of-bounds Write vulnerability in multiple products OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. | 9.8 |
2019-12-06 | CVE-2019-19334 | Cesnet Redhat Fedoraproject | Out-of-bounds Write vulnerability in multiple products In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref". | 9.8 |
2019-12-06 | CVE-2019-19333 | Cesnet Redhat | Out-of-bounds Write vulnerability in multiple products In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits". | 9.8 |
2019-12-06 | CVE-2019-19617 | Phpmyadmin Debian | phpMyAdmin before 4.9.2 does not escape certain Git information, related to libraries/classes/Display/GitRevision.php and libraries/classes/Footer.php. | 9.8 |
2019-12-05 | CVE-2019-7195 | Qnap | Path Traversal vulnerability in Qnap Photo Station This external control of file name or path vulnerability allows remote attackers to access or modify system files. | 9.8 |
2019-12-05 | CVE-2019-7194 | Qnap | Path Traversal vulnerability in Qnap Photo Station This external control of file name or path vulnerability allows remote attackers to access or modify system files. | 9.8 |
2019-12-05 | CVE-2019-7193 | Qnap | Improper Input Validation vulnerability in Qnap QTS This improper input validation vulnerability allows remote attackers to inject arbitrary code to the system. | 9.8 |
2019-12-05 | CVE-2019-7192 | Qnap | Incorrect Authorization vulnerability in Qnap Photo Station This improper access control vulnerability allows remote attackers to gain unauthorized access to the system. | 9.8 |
2019-12-05 | CVE-2019-7183 | Qnap | Link Following vulnerability in Qnap QTS This improper link resolution vulnerability allows remote attackers to access system files. | 9.8 |
2019-12-05 | CVE-2019-19595 | Adobe Prestashop | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products reset/modules/advanced_form_maker_edit/multiupload/upload.php in the RESET.PRO Adobe Stock API integration 4.8 for PrestaShop allows remote attackers to execute arbitrary code by uploading a .php file. | 9.8 |
2019-12-05 | CVE-2019-19594 | Adobe Prestashop | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products reset/modules/fotoliaFoto/multi_upload.php in the RESET.PRO Adobe Stock API Integration for PrestaShop 1.6 and 1.7 allows remote attackers to execute arbitrary code by uploading a .php file. | 9.8 |
2019-12-05 | CVE-2019-14910 | Redhat | Improper Certificate Validation vulnerability in Redhat Keycloak 7.0.0/7.0.1 A vulnerability was found in keycloak 7.x, when keycloak is configured with LDAP user federation and StartTLS is used instead of SSL/TLS from the LDAP server (ldaps), in this case user authentication succeeds even if invalid password has entered. | 9.8 |
2019-12-05 | CVE-2019-19317 | Sqlite Netapp Oracle Siemens | Incorrect Conversion between Numeric Types vulnerability in multiple products lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other impact. | 9.8 |
2019-12-05 | CVE-2019-19589 | WP PDF | Interpretation Conflict vulnerability in Wp-Pdf PDF Embedder 4.4 The Lever PDF Embedder plugin 4.4 for WordPress does not block the distribution of polyglot PDF documents that are valid JAR archives. | 9.8 |
2019-12-05 | CVE-2019-19521 | Openbsd | Improper Authentication vulnerability in Openbsd 6.6 libc in OpenBSD 6.6 allows authentication bypass via the -schallenge username, as demonstrated by smtpd, ldapd, or radiusd. | 9.8 |
2019-12-04 | CVE-2013-2745 | Minidlna Project Debian | SQL Injection vulnerability in multiple products An SQL Injection vulnerability exists in MiniDLNA prior to 1.1.0 | 9.8 |
2019-12-04 | CVE-2019-19228 | Fronius | Cleartext Storage of Sensitive Information vulnerability in Fronius products Fronius Solar Inverter devices before 3.14.1 (HM 1.12.1) allow attackers to bypass authentication because the password for the today account is stored in the /tmp/web_users.conf file. | 9.8 |
2019-12-04 | CVE-2019-19576 | Verot Project Getk2 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions. | 9.8 |
2019-12-04 | CVE-2019-17556 | Apache | Deserialization of Untrusted Data vulnerability in Apache Olingo Apache Olingo versions 4.0.0 to 4.6.0 provide the AbstractService class, which is public API, uses ObjectInputStream and doesn't check classes being deserialized. | 9.8 |
2019-12-04 | CVE-2019-11940 | Use After Free vulnerability in Facebook Proxygen In the course of decompressing HPACK inside the HTTP2 protocol, an unexpected sequence of header table resize operations can place the header table into a corrupted state, leading to a use-after-free condition and undefined behavior. | 9.8 | |
2019-12-04 | CVE-2019-11936 | Unspecified vulnerability in Facebook Hhvm Various APC functions accept keys containing null bytes as input, leading to premature truncation of input. | 9.8 | |
2019-12-04 | CVE-2019-11935 | Classic Buffer Overflow vulnerability in Facebook Hhvm Insufficient boundary checks when processing a string in mb_ereg_replace allows access to out-of-bounds memory. | 9.8 | |
2019-12-04 | CVE-2019-11934 | Out-of-bounds Read vulnerability in Facebook Folly Improper handling of close_notify alerts can result in an out-of-bounds read in AsyncSSLSocket. | 9.8 | |
2019-12-04 | CVE-2019-11930 | Release of Invalid Pointer or Reference vulnerability in Facebook Hhvm An invalid free in mb_detect_order can cause the application to crash or potentially result in remote code execution. | 9.8 | |
2019-12-04 | CVE-2018-0730 | Qnap | Command Injection vulnerability in Qnap QTS This command injection vulnerability in File Station allows attackers to execute commands on the affected device. | 9.8 |
2019-12-04 | CVE-2018-0729 | Qnap | Command Injection vulnerability in Qnap Music Station This command injection vulnerability in Music Station allows attackers to execute commands on the affected device. | 9.8 |
2019-12-03 | CVE-2019-5096 | Embedthis | Use After Free vulnerability in Embedthis Goahead 3.6.5/4.1.1/5.0.1 An exploitable code execution vulnerability exists in the processing of multi-part/form-data requests within the base GoAhead web server application in versions v5.0.1, v.4.1.1 and v3.6.5. | 9.8 |
2019-12-03 | CVE-2019-19459 | Saltosystem | Path Traversal vulnerability in Saltosystem Proaccess Space 5.4.3.0/5.5 An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. | 9.8 |
2019-12-03 | CVE-2019-16885 | Okay CMS | Code Injection vulnerability in Okay-Cms Okaycms In OkayCMS through 2.3.4, an unauthenticated attacker can achieve remote code execution by injecting a malicious PHP object via a crafted cookie. | 9.8 |
2019-12-03 | CVE-2013-4486 | Redhat | Injection vulnerability in Redhat Zanata Zanata 3.0.0 through 3.1.2 has RCE due to EL interpolation in logging | 9.8 |
2019-12-02 | CVE-2019-19021 | Titanhq | Use of Hard-coded Credentials vulnerability in Titanhq Webtitan An issue was discovered in TitanHQ WebTitan before 5.18. | 9.8 |
2019-12-02 | CVE-2019-19015 | Titanhq | Exposure of Resource to Wrong Sphere vulnerability in Titanhq Webtitan An issue was discovered in TitanHQ WebTitan before 5.18. | 9.8 |
2019-12-02 | CVE-2019-12518 | Anviz | Classic Buffer Overflow vulnerability in Anviz Crosschex 4.3.12/4.3.8.0 Anviz CrossChex access control management software 4.3.8.0 and 4.3.12 is vulnerable to a buffer overflow vulnerability. | 9.8 |
2019-12-02 | CVE-2019-12503 | Inateck | Cleartext Transmission of Sensitive Information vulnerability in Inateck Bcst-60 Firmware Due to unencrypted and unauthenticated data communication, the wireless barcode scanner Inateck BCST-60 is prone to keystroke injection attacks. | 9.8 |
2019-12-02 | CVE-2019-12394 | Anviz | Improper Authentication vulnerability in Anviz Management System Anviz access control devices allow unverified password change which allows remote attackers to change the administrator password without prior authentication. | 9.8 |
2019-12-02 | CVE-2019-12392 | Anviz | Missing Authentication for Critical Function vulnerability in Anviz Firmware Anviz access control devices allow remote attackers to issue commands without a password. | 9.8 |
2019-12-02 | CVE-2019-19502 | Maleck | Code Injection vulnerability in Maleck Image Uploader and Browser for Ckeditor Code injection in pluginconfig.php in Image Uploader and Browser for CKEditor before 4.1.9 allows remote authenticated users to execute arbitrary PHP code. | 9.8 |
2019-12-02 | CVE-2019-19245 | Napc | SQL Injection vulnerability in Napc Xinet Elegant 6 Asset Library 6.1.655 NAPC Xinet Elegant 6 Asset Library 6.1.655 allows Pre-Authentication SQL Injection via the /elegant6/login LoginForm[username] field when double quotes are used. | 9.8 |
2019-12-02 | CVE-2019-19492 | Freeswitch | Use of Hard-coded Credentials vulnerability in Freeswitch FreeSWITCH 1.6.10 through 1.10.1 has a default password in event_socket.conf.xml. | 9.8 |
2019-12-02 | CVE-2019-15631 | Mulesoft | Unspecified vulnerability in Mulesoft API Gateway and Mule Runtime Remote Code Execution vulnerability in MuleSoft Mule CE/EE 3.x and API Gateway 2.x released before October 31, 2019 allows remote attackers to execute arbitrary code. | 9.8 |
2019-12-05 | CVE-2019-15897 | Thinkparq | Improper Authentication vulnerability in Thinkparq Beegfs 7.1.3 beegfs-ctl in ThinkParQ BeeGFS through 7.1.3 allows Authentication Bypass via communication with a BeeGFS metadata server (which is typically not exposed to external networks). | 9.6 |
92 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2019-12-08 | CVE-2019-19642 | Supermicro | OS Command Injection vulnerability in Supermicro X8Sti-F Bios and X8Sti-F Firmware On SuperMicro X8STi-F motherboards with IPMI firmware 2.06 and BIOS 02.68, the Virtual Media feature allows OS Command Injection by authenticated attackers who can send HTTP requests to the IPMI IP address. | 8.8 |
2019-12-06 | CVE-2019-2225 | Improper Privilege Management vulnerability in Google Android When pairing with a Bluetooth device, it may be possible to pair a malicious device without any confirmation from the user, and that device may be able to interact with the phone. | 8.8 | |
2019-12-06 | CVE-2019-12734 | Sitevision | Missing Authorization vulnerability in Sitevision 4.0/5.0 SiteVision 4 has Incorrect Access Control. | 8.8 |
2019-12-06 | CVE-2019-12733 | Sitevision | Unspecified vulnerability in Sitevision 4.0/5.0 SiteVision 4 allows Remote Code Execution. | 8.8 |
2019-12-05 | CVE-2012-1592 | Apache | Unrestricted Upload of File with Dangerous Type vulnerability in Apache Struts 2.0.0 A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which could let a malicious user upload and execute arbitrary files. | 8.8 |
2019-12-05 | CVE-2019-19598 | Dlink | Improper Authentication vulnerability in Dlink Dap-1860 Firmware 1.01B06/1.02B01/1.04B01 D-Link DAP-1860 devices before v1.04b03 Beta allow access to administrator functions without authentication via the HNAP_AUTH header timestamp value. | 8.8 |
2019-12-05 | CVE-2019-19597 | Dlink | Incorrect Authorization vulnerability in Dlink Dap-1860 Firmware 1.01B06/1.02B01/1.04B01 D-Link DAP-1860 devices before v1.04b03 Beta allow arbitrary remote code execution as root without authentication via shell metacharacters within an HNAP_AUTH HTTP header. | 8.8 |
2019-12-04 | CVE-2019-18346 | Davical | Cross-Site Request Forgery (CSRF) vulnerability in Davical A CSRF issue was discovered in DAViCal through 1.1.8. | 8.8 |
2019-12-03 | CVE-2013-7325 | Debian | Unspecified vulnerability in Debian Linux and Devscripts An issue exists in uscan in devscripts before 2.13.19, which could let a remote malicious user execute arbitrary code via a crafted tarball. | 8.8 |
2019-12-03 | CVE-2019-5133 | Accusoft | Out-of-bounds Write vulnerability in Accusoft Imagegear 19.3.0 An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll BMP parser of the ImageGear 19.3.0 library. | 8.8 |
2019-12-03 | CVE-2019-5132 | Accusoft | Out-of-bounds Write vulnerability in Accusoft Imagegear 19.3.0 An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll GEM Raster parser of the Accusoft ImageGear 19.3.0 library. | 8.8 |
2019-12-03 | CVE-2019-5112 | Formalms | SQL Injection vulnerability in Formalms 2.2.1 Exploitable SQL injection vulnerability exists in the authenticated portion of Forma LMS 2.2.1. | 8.8 |
2019-12-03 | CVE-2019-5111 | Formalms | SQL Injection vulnerability in Formalms 2.2.1 Exploitable SQL injection vulnerability exists in the authenticated portion of Forma LMS 2.2.1. | 8.8 |
2019-12-03 | CVE-2019-5110 | Formalms | SQL Injection vulnerability in Formalms 2.2.1 Exploitable SQL injection vulnerabilities exist in the authenticated portion of Forma LMS 2.2.1. | 8.8 |
2019-12-03 | CVE-2019-5109 | Formalms | SQL Injection vulnerability in Formalms 2.2.1 Exploitable SQL injection vulnerabilities exists in the authenticated portion of Forma LMS 2.2.1. | 8.8 |
2019-12-03 | CVE-2019-5083 | Accusoft | Out-of-bounds Write vulnerability in Accusoft Imagegear 19.3.0 An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll TIFdecodethunderscan function of Accusoft ImageGear 19.3.0 library. | 8.8 |
2019-12-03 | CVE-2019-5076 | Accusoft | Out-of-bounds Write vulnerability in Accusoft Imagegear 19.3.0 An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll PNG header-parser of the Accusoft ImageGear 19.3.0 library. | 8.8 |
2019-12-03 | CVE-2016-1000104 | Apache Opensuse | Improper Input Validation vulnerability in multiple products A security Bypass vulnerability exists in the FcgidPassHeader Proxy in mod_fcgid through 2016-07-07. | 8.8 |
2019-12-03 | CVE-2019-19383 | Freeftpd | Classic Buffer Overflow vulnerability in Freeftpd 1.0.8 freeFTPd 1.0.8 has a Post-Authentication Buffer Overflow via a crafted SIZE command (this is exploitable even if logging is disabled). | 8.8 |
2019-12-03 | CVE-2019-4130 | IBM | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Cloud PAK System 2.3/2.3.0.1 IBM Cloud Pak System 2.3 and 2.3.0.1 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server. | 8.8 |
2019-12-05 | CVE-2019-5098 | Vmware AMD | Out-of-bounds Read vulnerability in multiple products An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.29010. | 8.6 |
2019-12-03 | CVE-2019-19458 | Saltosystem | Path Traversal vulnerability in Saltosystem Proaccess Space 5.4.3.0/5.5 SALTO ProAccess SPACE 5.4.3.0 allows Directory Traversal in the Data Export feature. | 8.6 |
2019-12-02 | CVE-2014-9356 | Docker | Path Traversal vulnerability in Docker Path traversal vulnerability in Docker before 1.3.3 allows remote attackers to write to arbitrary files and bypass a container protection mechanism via a full pathname in a symlink in an (1) image or (2) build in a Dockerfile. | 8.6 |
2019-12-04 | CVE-2019-14909 | Redhat | Improper Authentication vulnerability in Redhat Keycloak 7.0.0/7.0.1 A vulnerability was found in Keycloak 7.x where the user federation LDAP bind type is none (LDAP anonymous bind), any password, invalid or valid will be accepted. | 8.3 |
2019-12-03 | CVE-2013-2228 | Saltstack | Improper Restriction of Excessive Authentication Attempts vulnerability in Saltstack 0.14.0/0.14.1/0.15.0 SaltStack RSA Key Generation allows remote users to decrypt communications | 8.1 |
2019-12-03 | CVE-2013-2103 | Redhat | Improper Input Validation vulnerability in Redhat Openshift 1.0 OpenShift cartridge allows remote URL retrieval | 8.1 |
2019-12-02 | CVE-2019-19017 | Titanhq | Use of Hard-coded Credentials vulnerability in Titanhq Webtitan An issue was discovered in TitanHQ WebTitan before 5.18. | 8.1 |
2019-12-08 | CVE-2019-19630 | Htmldoc Project Debian Fedoraproject | Out-of-bounds Write vulnerability in multiple products HTMLDOC 1.9.7 allows a stack-based buffer overflow in the hd_strlcpy() function in string.c (when called from render_contents in ps-pdf.cxx) via a crafted HTML document. | 7.8 |
2019-12-08 | CVE-2019-19449 | Linux | Out-of-bounds Read vulnerability in Linux Kernel 5.0.21 In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated). | 7.8 |
2019-12-08 | CVE-2019-19448 | Linux Debian Canonical Netapp | Use After Free vulnerability in multiple products In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer to a left data structure can be the same as the pointer to a right data structure. | 7.8 |
2019-12-08 | CVE-2019-19447 | Linux Netapp | Use After Free vulnerability in multiple products In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c. | 7.8 |
2019-12-06 | CVE-2019-2223 | Out-of-bounds Write vulnerability in Google Android In ihevcd_ref_list of ihevcd_ref_list.c, there is a possible out of bounds write due to a missing bounds check. | 7.8 | |
2019-12-06 | CVE-2019-2222 | Out-of-bounds Write vulnerability in Google Android n ihevcd_parse_slice_data of ihevcd_parse_slice.c, there is a possible out of bounds write due to a missing bounds check. | 7.8 | |
2019-12-06 | CVE-2019-2221 | Unspecified vulnerability in Google Android 10.0 In hasActivityInVisibleTask of WindowProcessController.java there’s a possible bypass of user interaction requirements due to incorrect handling of top activities in INITIALIZING state. | 7.8 | |
2019-12-06 | CVE-2019-2218 | Missing Authorization vulnerability in Google Android 10.0 In createSessionInternal of PackageInstallerService.java, there is a possible improper permission grant due to a missing permission check. | 7.8 | |
2019-12-06 | CVE-2019-2217 | Use After Free vulnerability in Google Android 10.0 In setCpuVulkanInUse of GpuStats.cpp, there is possible memory corruption due to a use after free. | 7.8 | |
2019-12-06 | CVE-2012-1615 | Fedoraproject | Improper Privilege Management vulnerability in Fedoraproject Fedora and Sectool A Privilege Escalation vulnerability exits in Fedoraproject Sectool due to an incorrect DBus file. | 7.8 |
2019-12-05 | CVE-2019-17388 | Aviatrix | Incorrect Permission Assignment for Critical Resource vulnerability in Aviatrix VPN Client Weak file permissions applied to the Aviatrix VPN Client through 2.2.10 installation directory on Windows and Linux allow a local attacker to execute arbitrary code by gaining elevated privileges through file modifications. | 7.8 |
2019-12-05 | CVE-2019-17387 | Aviatrix | Unspecified vulnerability in Aviatrix VPN Client An authentication flaw in the AVPNC_RP service in Aviatrix VPN Client through 2.2.10 allows an attacker to gain elevated privileges through arbitrary code execution on Windows, Linux, and macOS. | 7.8 |
2019-12-05 | CVE-2019-3690 | Opensuse | Unspecified vulnerability in Opensuse Leap 15.1 The chkstat tool in the permissions package followed symlinks before commit a9e1d26cd49ef9ee0c2060c859321128a6dd4230 (please also check the additional hardenings after this fix). | 7.8 |
2019-12-05 | CVE-2019-17437 | Paloaltonetworks | Improper Authentication vulnerability in Paloaltonetworks Pan-Os An improper authentication check in Palo Alto Networks PAN-OS may allow an authenticated low privileged non-superuser custom role user to elevate privileges and become superuser. | 7.8 |
2019-12-05 | CVE-2019-19601 | Opendetex Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Opendetex Project Opendetex 2.8.5 OpenDetex 2.8.5 has a Buffer Overflow in TexOpen in detex.l because of an incorrect sprintf. | 7.8 |
2019-12-05 | CVE-2019-19590 | Radare | Use After Free vulnerability in Radare Radare2 In radare2 through 4.0, there is an integer overflow for the variable new_token_size in the function r_asm_massemble at libr/asm/asm.c. | 7.8 |
2019-12-05 | CVE-2019-19522 | Openbsd | Incorrect Permission Assignment for Critical Resource vulnerability in Openbsd 6.6 OpenBSD 6.6, in a non-default configuration where S/Key or YubiKey authentication is enabled, allows local users to become root by leveraging membership in the auth group. | 7.8 |
2019-12-05 | CVE-2019-19520 | Openbsd | Incorrect Authorization vulnerability in Openbsd 6.6 xlock in OpenBSD 6.6 allows local users to gain the privileges of the auth group by providing a LIBGL_DRIVERS_PATH environment variable, because xenocara/lib/mesa/src/loader/loader.c mishandles dlopen. | 7.8 |
2019-12-05 | CVE-2019-19519 | Openbsd | Improper Authentication vulnerability in Openbsd 6.6 In OpenBSD 6.6, local users can use the su -L option to achieve any login class (often excluding root) because there is a logic error in the main function in su/su.c. | 7.8 |
2019-12-04 | CVE-2019-19364 | Sony | Uncontrolled Search Path Element vulnerability in Sony Catalyst Browse and Catalyst Production Suite A weak malicious user can escalate its privilege whenever CatalystProductionSuite.2019.1.exe (version 1.1.0.21) and CatalystBrowseSuite.2019.1.exe (version 1.1.0.21) installers run. | 7.8 |
2019-12-04 | CVE-2019-7201 | Qnap | Unquoted Search Path or Element vulnerability in Qnap Netbak Replicator 4.5.11.816 An unquoted service path vulnerability is reported to affect the service QVssService in QNAP NetBak Replicator. | 7.8 |
2019-12-04 | CVE-2019-15638 | Copadata | Uncontrolled Search Path Element vulnerability in Copadata Zenon 8.10 COPA-DATA zenone32 zenon Editor through 8.10 has an Uncontrolled Search Path Element. | 7.8 |
2019-12-03 | CVE-2019-5164 | Shadowsocks Opensuse | Missing Authentication for Critical Function vulnerability in multiple products An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. | 7.8 |
2019-12-03 | CVE-2019-19543 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel before 5.1.6, there is a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c. | 7.8 |
2019-12-03 | CVE-2019-19382 | Maxpcsecure | Incorrect Permission Assignment for Critical Resource vulnerability in Maxpcsecure Anti Virus Plus 19.0.4.020 Max Secure Anti Virus Plus 19.0.4.020 has Insecure Permissions on the installation directory. | 7.8 |
2019-12-03 | CVE-2019-7366 | Autodesk | Classic Buffer Overflow vulnerability in Autodesk FBX Software Development KIT 2019.5 Buffer overflow vulnerability in Autodesk FBX Software Development Kit version 2019.5. | 7.8 |
2019-12-03 | CVE-2019-7365 | Autodesk | Uncontrolled Search Path Element vulnerability in Autodesk Desktop 7.0.16.29 DLL preloading vulnerability in Autodesk Desktop Application versions 7.0.16.29 and earlier. | 7.8 |
2019-12-02 | CVE-2012-4576 | Freebsd Debian | Improper Input Validation vulnerability in multiple products FreeBSD: Input Validation Flaw allows local users to gain elevated privileges | 7.8 |
2019-12-02 | CVE-2012-4480 | Ovirt Fedoraproject | Improper Privilege Management vulnerability in multiple products mom creates world-writable pid files in /var/run | 7.8 |
2019-12-02 | CVE-2019-19014 | Titanhq | Improper Privilege Management vulnerability in Titanhq Webtitan An issue was discovered in TitanHQ WebTitan before 5.18. | 7.8 |
2019-12-02 | CVE-2019-15628 | Trendmicro | Untrusted Search Path vulnerability in Trendmicro products Trend Micro Security (Consumer) 2020 (v16.0.1221 and below) is affected by a DLL hijacking vulnerability that could allow an attacker to use a specific service as an execution and/or persistence mechanism which could execute a malicious program each time the service is started. | 7.8 |
2019-12-06 | CVE-2019-2232 | Incorrect Calculation vulnerability in Google Android In handleRun of TextLine.java, there is a possible application crash due to improper input validation. | 7.5 | |
2019-12-06 | CVE-2019-2230 | Use After Free vulnerability in Google Android 10.0 In nfcManager_routeAid and nfcManager_unrouteAid of NativeNfcManager.cpp, there is possible memory reuse due to a use after free. | 7.5 | |
2019-12-06 | CVE-2019-18672 | Shapeshift | Improper Validation of Integrity Check Value vulnerability in Shapeshift Keepkey Firmware Insufficient checks in the finite state machine of the ShapeShift KeepKey hardware wallet before firmware 6.2.2 allow a partial reset of cryptographic secrets to known values via crafted messages. | 7.5 |
2019-12-05 | CVE-2019-16770 | Puma Debian | In Puma before versions 3.12.2 and 4.3.1, a poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack. | 7.5 |
2019-12-05 | CVE-2019-18180 | Otrs | Infinite Loop vulnerability in Otrs Improper Check for filenames with overly long extensions in PostMaster (sending in email) or uploading files (e.g. | 7.5 |
2019-12-05 | CVE-2019-19588 | Validators Project | Infinite Loop vulnerability in Validators Project Validators The validators package 0.12.2 through 0.12.5 for Python enters an infinite loop when validators.domain is called with a crafted domain string. | 7.5 |
2019-12-05 | CVE-2019-19553 | Wireshark Opensuse Oracle Debian | Missing Initialization of Resource vulnerability in multiple products In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. | 7.5 |
2019-12-04 | CVE-2019-16753 | Pivx Decentralized Anonymous Payment System Project | Improper Verification of Cryptographic Signature vulnerability in multiple products An issue was discovered in Decentralized Anonymous Payment System (DAPS) through 2019-08-26. | 7.5 |
2019-12-04 | CVE-2019-17555 | Apache | Improper Input Validation vulnerability in Apache Olingo The AsyncResponseWrapperImpl class in Apache Olingo versions 4.0.0 to 4.6.0 reads the Retry-After header and passes it to the Thread.sleep() method without any check. | 7.5 |
2019-12-04 | CVE-2018-0728 | Qnap | Improper Privilege Management vulnerability in Qnap Helpdesk This improper access control vulnerability in Helpdesk allows attackers to access the system logs. | 7.5 |
2019-12-04 | CVE-2019-11937 | Uncontrolled Recursion vulnerability in Facebook Mcrouter In Mcrouter prior to v0.41.0, a large struct input provided to the Carbon protocol reader could result in stack exhaustion and denial of service. | 7.5 | |
2019-12-04 | CVE-2019-11923 | Allocation of Resources Without Limits or Throttling vulnerability in Facebook Mcrouter In Mcrouter prior to v0.41.0, the deprecated ASCII parser would allocate a buffer to a user-specified length with no maximum length enforced, allowing for resource exhaustion or denial of service. | 7.5 | |
2019-12-04 | CVE-2019-18850 | Trustedsec | Information Exposure Through Discrepancy vulnerability in Trustedsec Trevorc2 1.1/1.2 TrevorC2 v1.1/v1.2 fails to prevent fingerprinting primarily via a discrepancy between response headers when responding to different HTTP methods, also via predictible responses when accessing and interacting with the "SITE_PATH_QUERY". | 7.5 |
2019-12-03 | CVE-2019-5163 | Shadowsocks Opensuse | Missing Authentication for Critical Function vulnerability in multiple products An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. | 7.5 |
2019-12-03 | CVE-2019-5097 | Embedthis | Infinite Loop vulnerability in Embedthis Goahead 3.6.5/4.1.1/5.0.1 A denial-of-service vulnerability exists in the processing of multi-part/form-data requests in the base GoAhead web server application in versions v5.0.1, v.4.1.1 and v3.6.5. | 7.5 |
2019-12-03 | CVE-2019-9689 | Axtls Project | Classic Buffer Overflow vulnerability in Axtls Project Axtls process_certificate in tls1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow via a crafted TLS certificate handshake message with zero certificates. | 7.5 |
2019-12-03 | CVE-2019-10013 | Axtls Project | Classic Buffer Overflow vulnerability in Axtls Project Axtls The asn1_signature function in asn1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow that allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted certificate in the TLS certificate handshake message, because the result of get_asn1_length() is not checked for a minimum or maximum size. | 7.5 |
2019-12-03 | CVE-2013-2106 | Stanford Debian | Insufficiently Protected Credentials vulnerability in multiple products webauth before 4.6.1 has authentication credential disclosure | 7.5 |
2019-12-02 | CVE-2019-19316 | Hashicorp | Cleartext Transmission of Sensitive Information vulnerability in Hashicorp Terraform When using the Azure backend with a shared access signature (SAS), Terraform versions prior to 0.12.17 may transmit the token and state snapshot using cleartext HTTP. | 7.5 |
2019-12-02 | CVE-2013-4410 | Reviewboard Fedoraproject | Incorrect Authorization vulnerability in multiple products ReviewBoard: has an access-control problem in REST API | 7.5 |
2019-12-02 | CVE-2012-4428 | Openslp Debian Fedoraproject Canonical | Out-of-bounds Read vulnerability in multiple products openslp: SLPIntersectStringList()' Function has a DoS vulnerability | 7.5 |
2019-12-02 | CVE-2019-19019 | Titanhq | Origin Validation Error vulnerability in Titanhq Webtitan An issue was discovered in TitanHQ WebTitan before 5.18. | 7.5 |
2019-12-02 | CVE-2019-19016 | Titanhq | SQL Injection vulnerability in Titanhq Webtitan An issue was discovered in TitanHQ WebTitan before 5.18. | 7.5 |
2019-12-02 | CVE-2019-12393 | Anviz | Authentication Bypass by Capture-replay vulnerability in Anviz Management System Anviz access control devices are vulnerable to replay attacks which could allow attackers to intercept and replay open door requests. | 7.5 |
2019-12-02 | CVE-2019-12391 | Anviz | Unspecified vulnerability in Anviz Management System The Anviz Management System for access control has insufficient logging for device events such as door open requests. | 7.5 |
2019-12-02 | CVE-2019-12389 | Anviz | Missing Authentication for Critical Function vulnerability in Anviz Firmware Anviz access control devices expose credentials (names and passwords) by allowing remote attackers to query this information without credentials via port tcp/5010. | 7.5 |
2019-12-02 | CVE-2019-12388 | Anviz | Cleartext Transmission of Sensitive Information vulnerability in Anviz Firmware Anviz access control devices perform cleartext transmission of sensitive information (passwords/pins and names) when replying to query on port tcp/5010. | 7.5 |
2019-12-06 | CVE-2012-2130 | Polarssl Debian Fedoraproject | Inadequate Encryption Strength vulnerability in multiple products A Security Bypass vulnerability exists in PolarSSL 0.99pre4 through 1.1.1 due to a weak encryption error when generating Diffie-Hellman values and RSA keys. | 7.4 |
2019-12-05 | CVE-2013-0243 | Haskell | Improper Input Validation vulnerability in Haskell Hs-Tls haskell-tls-extra before 0.6.1 has Basic Constraints attribute vulnerability may lead to Man in the Middle attacks on TLS connections | 7.4 |
2019-12-02 | CVE-2019-19490 | Litemanager | Incorrect Default Permissions vulnerability in Litemanager 4.5.0 LiteManager 4.5.0 has weak permissions (Everyone: Full Control) in the "LiteManagerFree - Server" folder, as demonstrated by ROMFUSClient.exe. | 7.3 |
2019-12-05 | CVE-2019-19609 | Strapi | OS Command Injection vulnerability in Strapi The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Code Execution in the Install and Uninstall Plugin components of the Admin panel, because it does not sanitize the plugin name, and attackers can inject arbitrary shell commands to be executed by the execa function. | 7.2 |
2019-12-05 | CVE-2019-19007 | Intelbras | Information Exposure vulnerability in Intelbras IWR 3000N Firmware 1.8.7 Intelbras IWR 3000N 1.8.7 devices allow disclosure of the administrator login name and password because v1/system/user is mishandled, a related issue to CVE-2019-17600. | 7.2 |
2019-12-02 | CVE-2019-19020 | Titanhq | Unrestricted Upload of File with Dangerous Type vulnerability in Titanhq Webtitan An issue was discovered in TitanHQ WebTitan before 5.18. | 7.2 |
2019-12-06 | CVE-2019-18575 | Dell | Uncontrolled Search Path Element vulnerability in Dell Command|Configure Dell Command Configure versions prior to 4.2.1 contain an uncontrolled search path vulnerability. | 7.1 |
96 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2019-12-04 | CVE-2019-19579 | XEN Fedoraproject | Improper Input Validation vulnerability in multiple products An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device (and assignable-add is not used), because of an incomplete fix for CVE-2019-18424. | 6.8 |
2019-12-03 | CVE-2019-19532 | Linux | Out-of-bounds Write vulnerability in Linux Kernel In the Linux kernel before 5.3.9, there are multiple out-of-bounds write bugs that can be caused by a malicious USB device in the Linux kernel HID drivers, aka CID-d9d4b1e46d95. | 6.8 |
2019-12-03 | CVE-2019-19531 | Linux Debian Opensuse | Use After Free vulnerability in multiple products In the Linux kernel before 5.2.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca. | 6.8 |
2019-12-03 | CVE-2019-19527 | Linux Debian Opensuse | Use After Free vulnerability in multiple products In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver, aka CID-9c09b214f30e. | 6.8 |
2019-12-02 | CVE-2019-15689 | Kaspersky | Exposure of Resource to Wrong Sphere vulnerability in Kaspersky products Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud prior to version 2020 patch E have bug that allows a local user to execute arbitrary code via execution compromised file placed by an attacker with administrator rights. | 6.7 |
2019-12-06 | CVE-2019-2227 | Out-of-bounds Read vulnerability in Google Android 10.0/9.0 In DeepCopy of btif_av.cc, there is a possible out of bounds read due to improper casting. | 6.5 | |
2019-12-06 | CVE-2019-11293 | Cloudfoundry | Information Exposure Through Log Files vulnerability in Cloudfoundry Cf-Deployment Cloud Foundry UAA Release, versions prior to v74.10.0, when set to logging level DEBUG, logs client_secret credentials when sent as a query parameter. | 6.5 |
2019-12-06 | CVE-2019-16771 | Linecorp | Injection vulnerability in Linecorp Armeria Versions of Armeria 0.85.0 through and including 0.96.0 are vulnerable to HTTP response splitting, which allows remote attackers to inject arbitrary HTTP headers via CRLF sequences when unsanitized data is used to populate the headers of an HTTP response. | 6.5 |
2019-12-06 | CVE-2019-16673 | Weidmueller | Insufficiently Protected Credentials vulnerability in Weidmueller products An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. | 6.5 |
2019-12-06 | CVE-2019-16671 | Weidmueller | Resource Exhaustion vulnerability in Weidmueller products An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. | 6.5 |
2019-12-06 | CVE-2019-19624 | Opencv Redhat | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read was discovered in OpenCV before 4.1.1. | 6.5 |
2019-12-05 | CVE-2019-19546 | Norton | Unspecified vulnerability in Norton Password Manager Norton Password Manager, prior to 6.6.2.5, may be susceptible to an information disclosure issue, which is a type of vulnerability whereby there is an unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information. | 6.5 |
2019-12-05 | CVE-2019-11255 | Kubernetes Redhat | Improper Input Validation vulnerability in multiple products Improper input validation in Kubernetes CSI sidecar containers for external-provisioner (<v0.4.3, <v1.0.2, v1.1, <v1.2.2, <v1.3.1), external-snapshotter (<v0.4.2, <v1.0.2, v1.1, <1.2.2), and external-resizer (v0.1, v0.2) could result in unauthorized PersistentVolume data access or volume mutation during snapshot, restore from snapshot, cloning and resizing operations. | 6.5 |
2019-12-04 | CVE-2019-11216 | BMC | Unrestricted Upload of File with Dangerous Type vulnerability in BMC Remedy Smart Reporting BMC Smart Reporting 7.3 20180418 allows authenticated XXE within the import functionality. | 6.5 |
2019-12-04 | CVE-2019-19229 | Fronius | Path Traversal vulnerability in Fronius products admincgi-bin/service.fcgi on Fronius Solar Inverter devices before 3.14.1 (HM 1.12.1) allows action=download&filename= Directory Traversal. | 6.5 |
2019-12-03 | CVE-2019-13456 | Freeradius Redhat Opensuse | Information Exposure Through Discrepancy vulnerability in multiple products In FreeRADIUS 3.0 through 3.0.19, on average 1 in every 2048 EAP-pwd handshakes fails because the password element cannot be found within 10 iterations of the hunting and pecking loop. | 6.5 |
2019-12-03 | CVE-2019-3666 | Mcafee | Unspecified vulnerability in Mcafee Webadvisor API Abuse/Misuse vulnerability in the web interface in McAfee Web Advisor (WA) prior to 4.1.1.48 allows remote unauthenticated attacker to allow the browser to navigate to restricted websites via a carefully crafted web site. | 6.5 |
2019-12-03 | CVE-2019-3665 | Mcafee | Code Injection vulnerability in Mcafee Webadvisor Code Injection vulnerability in the web interface in McAfee Web Advisor (WA) prior to 4.1.1.48 allows remote unauthenticated attacker to allow the browser to render a website which Web Advisor would normally have blocked via a carefully crafted web site. | 6.5 |
2019-12-02 | CVE-2019-19516 | Intelbras | Cross-Site Request Forgery (CSRF) vulnerability in Intelbras WRN 150 Firmware 1.0.18 Intelbras WRN 150 1.0.18 devices allow CSRF via GO=system_password.asp to the goform/SysToolChangePwd URI to change a password. | 6.5 |
2019-12-02 | CVE-2012-5562 | Redhat | Cleartext Transmission of Sensitive Information vulnerability in Redhat Satellite rhn-proxy: may transmit credentials over clear-text when accessing RHN Satellite | 6.5 |
2019-12-02 | CVE-2019-19118 | Djangoproject Fedoraproject | Incorrect Default Permissions vulnerability in multiple products Django 2.1 before 2.1.15 and 2.2 before 2.2.8 allows unintended model editing. | 6.5 |
2019-12-02 | CVE-2019-19362 | Teamviewer | Improper Cross-boundary Removal of Sensitive Data vulnerability in Teamviewer 14.3.4730 An issue was discovered in the Chat functionality of the TeamViewer desktop application 14.3.4730 on Windows. | 6.5 |
2019-12-05 | CVE-2019-19545 | Norton | Origin Validation Error vulnerability in Norton Password Manager Norton Password Manager, prior to 6.6.2.5, may be susceptible to a cross origin resource sharing (CORS) vulnerability, which is a type of issue that allows restricted resources on a web page to be requested from another domain outside the domain from which the first resource was served. | 6.3 |
2019-12-05 | CVE-2019-18381 | Norton | Origin Validation Error vulnerability in Norton Password Manager Norton Password Manager, prior to 6.6.2.5, may be susceptible to a cross origin resource sharing (CORS) vulnerability, which is a type of issue that allows restricted resources on a web page to be requested from another domain outside the domain from which the first resource was served. | 6.3 |
2019-12-03 | CVE-2019-19529 | Linux Canonical | Use After Free vulnerability in multiple products In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41. | 6.3 |
2019-12-07 | CVE-2019-16772 | Serialize TO JS Project | Cross-site Scripting vulnerability in Serialize-To-Js Project Serialize-To-Js The serialize-to-js NPM package before version 3.0.1 is vulnerable to Cross-site Scripting (XSS). | 6.1 |
2019-12-06 | CVE-2019-19619 | Documize | Cross-site Scripting vulnerability in Documize domain/section/markdown/markdown.go in Documize before 3.5.1 mishandles untrusted Markdown content. | 6.1 |
2019-12-05 | CVE-2012-1115 | Ldap Account Manager Fedoraproject Debian | Cross-site Scripting vulnerability in multiple products A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the export, add_value_form, and dn parameters to cmd.php. | 6.1 |
2019-12-05 | CVE-2012-1114 | Ldap Account Manager Fedoraproject Debian | Cross-site Scripting vulnerability in multiple products A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the filter parameter to cmd.php in an export and exporter_id action. | 6.1 |
2019-12-05 | CVE-2019-19466 | Sceditor | Cross-site Scripting vulnerability in Sceditor 2.1.3 SCEditor 2.1.3 allows XSS. | 6.1 |
2019-12-05 | CVE-2019-19602 | Linux Canonical | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products fpregs_state_valid in arch/x86/include/asm/fpu/internal.h in the Linux kernel before 5.4.2, when GCC 9 is used, allows context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact because of incorrect fpu_fpregs_owner_ctx caching, as demonstrated by mishandling of signal-based non-cooperative preemption in Go 1.14 prereleases on amd64, aka CID-59c4bd853abc. | 6.1 |
2019-12-05 | CVE-2019-19587 | Wso2 | Cross-site Scripting vulnerability in Wso2 Enterprise Integrator 6.5.0 In WSO2 Enterprise Integrator 6.5.0, reflected XSS occurs when updating the message processor configuration from the source view in the Management Console. | 6.1 |
2019-12-04 | CVE-2019-19133 | Csshero | Cross-site Scripting vulnerability in Csshero 4.0.3 The CSS Hero plugin through 4.0.3 for WordPress is prone to reflected XSS via the URI in a csshero_action=edit_page request because it fails to sufficiently sanitize user-supplied input. | 6.1 |
2019-12-03 | CVE-2019-19528 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d. | 6.1 |
2019-12-02 | CVE-2012-4526 | Piwigo | Cross-site Scripting vulnerability in Piwigo piwigo has XSS in password.php (incomplete fix for CVE-2012-4525) | 6.1 |
2019-12-02 | CVE-2012-4525 | Piwigo | Cross-site Scripting vulnerability in Piwigo piwigo has XSS in password.php | 6.1 |
2019-12-02 | CVE-2019-19491 | Testlink | Cross-site Scripting vulnerability in Testlink 1.9.19 TestLink 1.9.19 has XSS via the lib/testcases/archiveData.php edit parameter, the index.php reqURI parameter, or the URI in a lib/testcases/tcEdit.php?doAction=doDeleteStep request. | 6.1 |
2019-12-06 | CVE-2012-2092 | Canonical | Improper Verification of Cryptographic Signature vulnerability in Canonical Ubuntu Cobbler A Security Bypass vulnerability exists in Ubuntu Cobbler before 2,2,2 in the cobbler-ubuntu-import script due to an error when verifying the GPG signature. | 5.9 |
2019-12-06 | CVE-2019-11554 | Amazon | Improper Certificate Validation vulnerability in Amazon Audible 2.34.0 The Audible application through 2.34.0 for Android has Missing SSL Certificate Validation for Adobe SDKs, allowing MITM attackers to cause a denial of service. | 5.9 |
2019-12-06 | CVE-2019-9464 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android 10.0 In various functions of RecentLocationApps.java, DevicePolicyManagerService.java, and RecognitionService.java, there is an incorrect warning indicating an app accessed the user's location. | 5.5 | |
2019-12-06 | CVE-2019-2229 | Missing Authorization vulnerability in Google Android In updateWidget of BaseWidgetProvider.java, there is a possible leak of user data due to a missing permission check. | 5.5 | |
2019-12-06 | CVE-2019-2228 | Out-of-bounds Read vulnerability in Google Android In array_find of array.c, there is a possible out-of-bounds read due to an incorrect bounds check. | 5.5 | |
2019-12-06 | CVE-2019-2226 | Out-of-bounds Read vulnerability in Google Android In device_class_to_int of device_class.cc, there is a possible out of bounds read due to improper casting. | 5.5 | |
2019-12-06 | CVE-2019-2220 | Unspecified vulnerability in Google Android 10.0/9.0 In checkOperation of AppOpsService.java, there is a possible bypass of user interaction requirements due to mishandling application suspend. | 5.5 | |
2019-12-05 | CVE-2012-1105 | Apereo Fedoraproject Debian | Information Exposure vulnerability in multiple products An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. | 5.5 |
2019-12-05 | CVE-2013-0326 | Openstack Debian | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products OpenStack nova base images permissions are world readable | 5.5 |
2019-12-05 | CVE-2013-0163 | Redhat | Exposure of Resource to Wrong Sphere vulnerability in Redhat Openshift 1.0/2.0 OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS | 5.5 |
2019-12-04 | CVE-2019-19555 | Xfig Project | Out-of-bounds Write vulnerability in Xfig Project Xfig 3.2.7 read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf. | 5.5 |
2019-12-04 | CVE-2019-17554 | Apache | XXE vulnerability in Apache Olingo The XML content type entity deserializer in Apache Olingo versions 4.0.0 to 4.6.0 is not configured to deny the resolution of external entities. | 5.5 |
2019-12-03 | CVE-2019-3750 | Dell | Link Following vulnerability in Dell Command Update Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. | 5.5 |
2019-12-03 | CVE-2019-3749 | Dell | Link Following vulnerability in Dell Command Update Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. | 5.5 |
2019-12-03 | CVE-2019-19460 | Saltosystem | Incorrect Default Permissions vulnerability in Saltosystem Proaccess Space 5.4.3.0/5.5 An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. | 5.5 |
2019-12-02 | CVE-2019-19489 | Smplayer | Classic Buffer Overflow vulnerability in Smplayer 19.5.0 SMPlayer 19.5.0 has a buffer overflow via a long .m3u file. | 5.5 |
2019-12-05 | CVE-2019-16769 | Verizon | Cross-site Scripting vulnerability in Verizon Serialize-Javascript The serialize-javascript npm package before version 2.1.1 is vulnerable to Cross-site Scripting (XSS). | 5.4 |
2019-12-05 | CVE-2013-0283 | Theforeman | Cross-site Scripting vulnerability in Theforeman Katello Katello: Username in Notification page has cross site scripting | 5.4 |
2019-12-05 | CVE-2019-19596 | Gitbook | Cross-site Scripting vulnerability in Gitbook GitBook through 2.6.9 allows XSS via a local .md file. | 5.4 |
2019-12-04 | CVE-2019-18347 | Davical | Cross-site Scripting vulnerability in Davical A stored XSS issue was discovered in DAViCal through 1.1.8. | 5.4 |
2019-12-03 | CVE-2019-19457 | Saltosystem | Cross-site Scripting vulnerability in Saltosystem Proaccess Space 5.4.3.0/5.5 SALTO ProAccess SPACE 5.4.3.0 allows XSS. | 5.4 |
2019-12-03 | CVE-2019-18993 | Openwrt | Cross-site Scripting vulnerability in Openwrt 18.06.4 OpenWrt 18.06.4 allows XSS via the "New port forward" Name field to the cgi-bin/luci/admin/network/firewall/forwards URI (this can occur, for example, on a TP-Link Archer C7 device). | 5.4 |
2019-12-03 | CVE-2019-18992 | Openwrt | Cross-site Scripting vulnerability in Openwrt 18.06.4 OpenWrt 18.06.4 allows XSS via these Name fields to the cgi-bin/luci/admin/network/firewall/rules URI: "Open ports on router" and "New forward rule" and "New Source NAT" (this can occur, for example, on a TP-Link Archer C7 device). | 5.4 |
2019-12-03 | CVE-2019-4468 | IBM | Cross-site Scripting vulnerability in IBM Cloud PAK System 2.3/2.3.0.1 IBM Cloud Pak System 2.3 and 2.3.0.1 is vulnerable to cross-site scripting. | 5.4 |
2019-12-03 | CVE-2019-4467 | IBM | Cross-site Scripting vulnerability in IBM Cloud PAK System 2.3/2.3.0.1 IBM Cloud Pak System 2.3 and 2.3.0.1 is vulnerable to cross-site scripting. | 5.4 |
2019-12-03 | CVE-2019-4226 | IBM | Cross-site Scripting vulnerability in IBM Cloud PAK System 2.3/2.3.0.1 IBM Cloud Pak System 2.3 and 2.3.0.1 is vulnerable to cross-site scripting. | 5.4 |
2019-12-03 | CVE-2019-4098 | IBM | Cross-site Scripting vulnerability in IBM Cloud PAK System 2.3/2.3.0.1 IBM Cloud Pak System 2.3 and 2.3.0.1 is vulnerable to cross-site scripting. | 5.4 |
2019-12-03 | CVE-2013-2101 | Theforeman Redhat | Cross-site Scripting vulnerability in multiple products Katello has multiple XSS issues in various entities | 5.4 |
2019-12-02 | CVE-2019-19496 | Alfresco | Cross-site Scripting vulnerability in Alfresco Alfresco Enterprise before 5.2.5 allows stored XSS via an uploaded HTML document. | 5.4 |
2019-12-02 | CVE-2019-19493 | Kentico | Use of Incorrectly-Resolved Name or Reference vulnerability in Kentico Kentico before 12.0.50 allows file uploads in which the Content-Type header is inconsistent with the file extension, leading to XSS. | 5.4 |
2019-12-06 | CVE-2019-1551 | Openssl Opensuse Oracle Canonical Fedoraproject Debian Tenable | Integer Overflow or Wraparound vulnerability in multiple products There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. | 5.3 |
2019-12-06 | CVE-2019-19627 | ROS | Information Exposure vulnerability in ROS Sros2 0.8.1 SROS 2 0.8.1 (after CVE-2019-19625 is mitigated) leaks ROS 2 node-related information regardless of the rtps_protection_kind configuration. | 5.3 |
2019-12-06 | CVE-2019-19625 | ROS | Information Exposure vulnerability in ROS Sros2 0.8.1 SROS 2 0.8.1 (which provides the tools that generate and distribute keys for Robot Operating System 2 and uses the underlying security plugins of DDS from ROS 2) leaks node information due to a leaky default configuration as indicated in the policy/defaults/dds/governance.xml document. | 5.3 |
2019-12-05 | CVE-2012-1104 | Apereo Debian | Improper Privilege Management vulnerability in multiple products A Security Bypass vulnerability exists in the phpCAS 1.2.2 library from the jasig project due to the way proxying of services are managed. | 5.3 |
2019-12-03 | CVE-2015-7542 | Aquamaniac Debian Opensuse | Cleartext Transmission of Sensitive Information vulnerability in multiple products A vulnerability exists in libgwenhywfar through 4.12.0 due to the usage of outdated bundled CA certificates. | 5.3 |
2019-12-02 | CVE-2019-19507 | Json Pattern Validator Project | Improper Authentication vulnerability in Json Pattern Validator Project Json Pattern Validator In jpv (aka Json Pattern Validator) before 2.1.1, compareCommon() can be bypassed because certain internal attributes can be overwritten via a conflicting name, as demonstrated by 'constructor': {'name':'Array'}. | 5.3 |
2019-12-02 | CVE-2019-12390 | Anviz | Missing Authentication for Critical Function vulnerability in Anviz Firmware Anviz access control devices expose private Information (pin code and name) by allowing remote attackers to query this information without credentials via port tcp/5010. | 5.3 |
2019-12-06 | CVE-2019-19552 | Sangoma | Cross-site Scripting vulnerability in Sangoma Freepbx In userman 13.0.76.43 through 15.0.20 in Sangoma FreePBX, XSS exists in the user management screen of the Administrator web site, i.e., the/admin/config.php?display=userman URI. | 4.8 |
2019-12-06 | CVE-2019-19551 | Sangoma | Cross-site Scripting vulnerability in Sangoma Freepbx In userman 13.0.76.43 through 15.0.20 in Sangoma FreePBX, XSS exists in the User Management screen of the Administrator web site. | 4.8 |
2019-12-05 | CVE-2019-7185 | Qnap | Cross-site Scripting vulnerability in Qnap Music Station This cross-site scripting (XSS) vulnerability in Music Station allows remote attackers to inject and execute scripts on the administrator’s management console. | 4.8 |
2019-12-05 | CVE-2019-7184 | Qnap | Cross-site Scripting vulnerability in Qnap Video Station This cross-site scripting (XSS) vulnerability in Video Station allows remote attackers to inject and execute scripts on the administrator’s management console. | 4.8 |
2019-12-04 | CVE-2019-7197 | Qnap | Cross-site Scripting vulnerability in Qnap QTS A stored cross-site scripting (XSS) vulnerability has been reported to affect multiple versions of QTS. | 4.8 |
2019-12-03 | CVE-2019-18574 | RSA EMC | Cross-site Scripting vulnerability in multiple products RSA Authentication Manager software versions prior to 8.4 P8 contain a stored cross-site scripting vulnerability in the Security Console. | 4.8 |
2019-12-06 | CVE-2019-2219 | Race Condition vulnerability in Google Android 10.0/9.0 In several functions of NotificationManagerService.java and related files, there is a possible way to record audio from the background without notification to the user due to a permission bypass. | 4.7 | |
2019-12-03 | CVE-2013-4235 | Debian Fedoraproject Redhat | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees | 4.7 |
2019-12-03 | CVE-2019-19536 | Linux Debian Opensuse | Missing Initialization of Resource vulnerability in multiple products In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_pro.c driver, aka CID-ead16e53c2f0. | 4.6 |
2019-12-03 | CVE-2019-19535 | Linux Debian Opensuse Oracle | Missing Initialization of Resource vulnerability in multiple products In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_fd.c driver, aka CID-30a8beeb3042. | 4.6 |
2019-12-03 | CVE-2019-19530 | Linux Debian Opensuse | Use After Free vulnerability in multiple products In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef. | 4.6 |
2019-12-03 | CVE-2019-19526 | Linux Canonical Opensuse | Use After Free vulnerability in multiple products In the Linux kernel before 5.3.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/nfc/pn533/usb.c driver, aka CID-6af3aa57a098. | 4.6 |
2019-12-03 | CVE-2019-19525 | Linux Debian Opensuse | Use After Free vulnerability in multiple products In the Linux kernel before 5.3.6, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035. | 4.6 |
2019-12-03 | CVE-2019-19524 | Linux Debian Canonical | Use After Free vulnerability in multiple products In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9. | 4.6 |
2019-12-03 | CVE-2019-19523 | Linux Debian Opensuse | Use After Free vulnerability in multiple products In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79. | 4.6 |
2019-12-06 | CVE-2019-2231 | Missing Encryption of Sensitive Data vulnerability in Google Android 10.0/9.0 In Blob::Blob of blob.cpp, there is a possible unencrypted master key due to improper input validation. | 4.4 | |
2019-12-06 | CVE-2019-19616 | Xtivia | Authorization Bypass Through User-Controlled Key vulnerability in Xtivia web Time and Expense 2016 An Insecure Direct Object Reference (IDOR) vulnerability in the Xtivia Web Time and Expense (WebTE) interface used for Microsoft Dynamics NAV before 2017 allows an attacker to download arbitrary files by specifying arbitrary values for the recId and filename parameters of the /Home/GetAttachment function. | 4.3 |
2019-12-05 | CVE-2019-16768 | Sylius | Information Exposure Through an Error Message vulnerability in Sylius In affected versions of Sylius, exception messages from internal exceptions (like database exception) are wrapped by \Symfony\Component\Security\Core\Exception\AuthenticationServiceException and propagated through the system to UI. | 4.3 |
2019-12-04 | CVE-2019-16752 | Pivx Dash Officialdapscoin | Cross-Site Request Forgery (CSRF) vulnerability in multiple products An issue was discovered in Decentralized Anonymous Payment System (DAPS) through 2019-08-26. | 4.3 |
2019-12-03 | CVE-2019-3990 | Linuxfoundation | Improper Privilege Management vulnerability in Linuxfoundation Harbor A User Enumeration flaw exists in Harbor. | 4.3 |
2019-12-03 | CVE-2013-4411 | Reviewboard Fedoraproject | Incorrect Authorization vulnerability in multiple products Review Board: URL processing gives unauthorized users access to review lists | 4.3 |
2019-12-03 | CVE-2019-19537 | Linux | Race Condition vulnerability in Linux Kernel In the Linux kernel before 5.2.10, there is a race condition bug that can be caused by a malicious USB device in the USB character device driver layer, aka CID-303911cfc5b9. | 4.2 |
7 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2019-12-06 | CVE-2012-2148 | Redhat | Improper Privilege Management vulnerability in Redhat products An issue exists in the property replacements feature in any descriptor in JBoxx AS 7.1.1 ignores java security policies | 3.3 |
2019-12-06 | CVE-2019-19620 | Dell | Improper Preservation of Permissions vulnerability in Dell RED Cloak Windows Agent In SecureWorks Red Cloak Windows Agent before 2.0.7.9, a local user can bypass the generation of telemetry alerts by removing NT AUTHORITY\SYSTEM permissions from a file. | 3.3 |
2019-12-03 | CVE-2019-4465 | IBM | Improper Privilege Management vulnerability in IBM Cloud PAK System 2.3/2.3.0.1 IBM Cloud Pak System 2.3 and 2.3.0.1 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
2019-12-02 | CVE-2019-19018 | Titanhq | Files or Directories Accessible to External Parties vulnerability in Titanhq Webtitan An issue was discovered in TitanHQ WebTitan before 5.18. | 2.7 |
2019-12-05 | CVE-2018-1002102 | Kubernetes Fedoraproject | Open Redirect vulnerability in multiple products Improper validation of URL redirection in the Kubernetes API server in versions prior to v1.14.0 allows an attacker-controlled Kubelet to redirect API server requests from streaming endpoints to arbitrary hosts. | 2.6 |
2019-12-03 | CVE-2019-19534 | Linux Debian Canonical | Missing Initialization of Resource vulnerability in multiple products In the Linux kernel before 5.3.11, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver, aka CID-f7a1337f0d29. | 2.4 |
2019-12-03 | CVE-2019-19533 | Linux | Missing Release of Resource after Effective Lifetime vulnerability in Linux Kernel In the Linux kernel before 5.3.4, there is an info-leak bug that can be caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c driver, aka CID-a10feaf8c464. | 2.4 |