Weekly Vulnerabilities Reports > December 9 to 15, 2019

Overview

392 new vulnerabilities reported during this period, including 37 critical vulnerabilities and 113 high severity vulnerabilities. This weekly summary report vulnerabilities in 491 products from 128 vendors including Siemens, Debian, Fedoraproject, Redhat, and Google. Vulnerabilities are notably categorized as "Out-of-bounds Write", "Cross-site Scripting", "Information Exposure", "Improper Authentication", and "Out-of-bounds Read".

  • 310 reported vulnerabilities are remotely exploitables.
  • 3 reported vulnerabilities have public exploit available.
  • 106 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 331 reported vulnerabilities are exploitable by an anonymous user.
  • Siemens has the most reported vulnerabilities, with 71 reported vulnerabilities.
  • Skymee has the most reported critical vulnerabilities, with 8 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

37 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-12-13 CVE-2019-17364 Skymee
Petwant
OS Command Injection vulnerability in multiple products

The processCommandUploadLog() function of libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user.

10.0
2019-12-13 CVE-2019-16737 Skymee
Petwant
OS Command Injection vulnerability in multiple products

The processCommandSetMac() function of libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user.

10.0
2019-12-13 CVE-2019-16736 Skymee
Petwant
Out-of-bounds Write vulnerability in multiple products

A stack-based buffer overflow in processCommandUploadSnapshot in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to cause denial of service or run arbitrary code as the root user.

10.0
2019-12-13 CVE-2019-16735 Skymee
Petwant
Out-of-bounds Write vulnerability in multiple products

A stack-based buffer overflow in processCommandUploadLog in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to cause denial of service or run arbitrary code as the root user.

10.0
2019-12-13 CVE-2019-16734 Skymee
Petwant
Use of Hard-coded Credentials vulnerability in multiple products

Use of default credentials for the TELNET server in Petwant PF-103 firmware 4.3.2.50 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user.

10.0
2019-12-13 CVE-2019-16733 Skymee
Petwant
OS Command Injection vulnerability in multiple products

processCommandSetUid() in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user.

10.0
2019-12-13 CVE-2019-16730 Skymee
Petwant
Improper Input Validation vulnerability in multiple products

processCommandUpgrade() in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user.

10.0
2019-12-13 CVE-2019-19782 Labf Classic Buffer Overflow vulnerability in Labf Aceaxe Plus 1.0

The FTP client in AceaXe Plus 1.0 allows a buffer overflow via a long EHLO response from an FTP server.

10.0
2019-12-12 CVE-2019-2320 Qualcomm Improper Validation of Array Index vulnerability in Qualcomm products

Possible out of bounds write in a MT SMS/SS scenario due to improper validation of array index in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130

10.0
2019-12-12 CVE-2019-10511 Qualcomm Improper Validation of Array Index vulnerability in Qualcomm products

Possibility of memory overflow while decoding GSNDCP compressed mode PDU in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130

10.0
2019-12-12 CVE-2019-10493 Qualcomm Classic Buffer Overflow vulnerability in Qualcomm products

Position determination accuracy may be degraded due to wrongly decoded information in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130

10.0
2019-12-11 CVE-2013-3542 Grandstream Use of Hard-coded Credentials vulnerability in Grandstream products

Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models with firmware 1.0.4.11, have a hardcoded account "!#/" with the same password, which makes it easier for remote attackers to obtain access via a TELNET session.

10.0
2019-12-10 CVE-2019-17270 Yachtcontrol OS Command Injection vulnerability in Yachtcontrol 20191006

Yachtcontrol through 2019-10-06: It's possible to perform direct Operating System commands as an unauthenticated user via the "/pages/systemcall.php?command={COMMAND}" page and parameter, where {COMMAND} will be executed and returning the results to the client.

10.0
2019-12-10 CVE-2019-4521 IBM Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Cloud PAK System 2.3/2.3.0.1

Platform System Manager in IBM Cloud Pak System 2.3 is potentially vulnerable to CVS Injection.

10.0
2019-12-12 CVE-2019-18342 Siemens Unspecified vulnerability in Siemens Control Center Server

A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0).

9.9
2019-12-13 CVE-2019-18802 Envoyproxy Unspecified vulnerability in Envoyproxy Envoy

An issue was discovered in Envoy 1.12.0.

9.8
2019-12-13 CVE-2019-18801 Envoyproxy Out-of-bounds Write vulnerability in Envoyproxy Envoy

An issue was discovered in Envoy 1.12.0.

9.8
2019-12-13 CVE-2014-0175 Puppet
Redhat
Debian
Use of Hard-coded Credentials vulnerability in multiple products

mcollective has a default password set at install

9.8
2019-12-12 CVE-2019-18339 Siemens Missing Authentication for Critical Function vulnerability in Siemens products

A vulnerability has been identified in SiNVR/SiVMS Video Server (All versions < V5.0.0).

9.8
2019-12-12 CVE-2019-18337 Siemens Improper Authentication vulnerability in Siemens products

A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0).

9.8
2019-12-12 CVE-2019-19750 Minerstat Unspecified vulnerability in Minerstat Msos

minerstat msOS before 2019-10-23 does not have a unique SSH key for each instance of the product.

9.8
2019-12-12 CVE-2019-19740 Octeth SQL Injection vulnerability in Octeth Oempro 4.7/4.8

Octeth Oempro 4.7 and 4.8 allow SQL injection.

9.8
2019-12-11 CVE-2019-19725 Sysstat Project
Debian
Canonical
Double Free vulnerability in multiple products

sysstat through 12.2.0 has a double free in check_file_actlst in sa_common.c.

9.8
2019-12-11 CVE-2019-19649 Zohocorp SQL Injection vulnerability in Zohocorp Manageengine Applications Manager

Zoho ManageEngine Applications Manager before 13620 allows a remote unauthenticated SQL injection via the SyncEventServlet eventid parameter to the SyncEventServlet.java doGet function.

9.8
2019-12-11 CVE-2019-18935 Telerik Deserialization of Untrusted Data vulnerability in Telerik UI for Asp.Net Ajax

Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUpload function.

9.8
2019-12-10 CVE-2013-2167 Openstack
Redhat
Debian
Insufficient Verification of Data Authenticity vulnerability in multiple products

python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache signing bypass

9.8
2019-12-10 CVE-2013-2166 Openstack
Redhat
Fedoraproject
Debian
Inadequate Encryption Strength vulnerability in multiple products

python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass

9.8
2019-12-15 CVE-2014-3701 Redhat Race Condition vulnerability in Redhat Edeploy and Jboss Enterprise web Server

eDeploy has tmp file race condition flaws

9.3
2019-12-13 CVE-2019-16732 Skymee
Petwant
Improper Verification of Cryptographic Signature vulnerability in multiple products

Unencrypted HTTP communications for firmware upgrades in Petalk AI and PF-103 allow man-in-the-middle attackers to run arbitrary code as the root user.

9.3
2019-12-12 CVE-2019-19771 Lodahs Project Improper Input Validation vulnerability in Lodahs Project Lodahs 1.0.0

The lodahs package 0.0.1 for Node.js is a Trojan horse, and may have been installed by persons who mistyped the lodash package name.

9.3
2019-12-12 CVE-2019-18345 Davical
Debian
Cross-site Scripting vulnerability in multiple products

A reflected XSS issue was discovered in DAViCal through 1.1.8.

9.3
2019-12-11 CVE-2019-3989 Amazon OS Command Injection vulnerability in Amazon Blink XT2 Sync Module Firmware 2.3.11

Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when retrieving internal network configuration data.

9.3
2019-12-10 CVE-2019-1468 Microsoft Out-of-bounds Write vulnerability in Microsoft products

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Win32k Graphics Remote Code Execution Vulnerability'.

9.3
2019-12-10 CVE-2019-1462 Microsoft Use of Uninitialized Resource vulnerability in Microsoft Office, Office 365 Proplus and Powerpoint

A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka 'Microsoft PowerPoint Remote Code Execution Vulnerability'.

9.3
2019-12-11 CVE-2014-0163 Redhat OS Command Injection vulnerability in Redhat Openshift 1.0/2.0

Openshift has shell command injection flaws due to unsanitized data being passed into shell commands.

9.0
2019-12-11 CVE-2019-4715 IBM Improper Input Validation vulnerability in IBM Spectrum Scale

IBM Spectrum Scale 4.2 and 5.0 could allow a remote authenticated attacker to execute arbitrary commands on the system.

9.0
2019-12-09 CVE-2019-19683 Nopcommerce Path Traversal vulnerability in Nopcommerce 4.20

RoxyFileman, as shipped with nopCommerce v4.2.0, is vulnerable to ../ path traversal via d or f to Admin/RoxyFileman/ProcessRequest because of Libraries/Nop.Services/Media/RoxyFileman/FileRoxyFilemanService.cs.

9.0

113 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-12-13 CVE-2019-19774 Zohocorp Unspecified vulnerability in Zohocorp Manageengine Eventlog Analyzer

An issue was discovered in Zoho ManageEngine EventLog Analyzer 10.0 SP1 before Build 12110.

8.8
2019-12-13 CVE-2014-0197 Redhat Cross-Site Request Forgery (CSRF) vulnerability in Redhat Cloudforms and Cloudforms Management Engine

CFME: CSRF protection vulnerability via permissive check of the referrer header

8.8
2019-12-11 CVE-2019-19650 Zohocorp SQL Injection vulnerability in Zohocorp Manageengine Applications Manager

Zoho ManageEngine Applications Manager before 13640 allows a remote authenticated SQL injection via the Agent servlet agentid parameter to the Agent.java process function.

8.8
2019-12-11 CVE-2019-19578 XEN
Fedoraproject
Incorrect Calculation vulnerability in multiple products

An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via degenerate chains of linear pagetables, because of an incorrect fix for CVE-2017-15595.

8.8
2019-12-10 CVE-2019-14889 Libssh
Canonical
Opensuse
Fedoraproject
Debian
Oracle
OS Command Injection vulnerability in multiple products

A flaw was found with the libssh API function ssh_scp_new() in versions before 0.9.3 and before 0.8.8.

8.8
2019-12-10 CVE-2019-13764 Google
Debian
Fedoraproject
Suse
Opensuse
Redhat
Type Confusion vulnerability in multiple products

Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2019-12-10 CVE-2019-13747 Google
Debian
Fedoraproject
Redhat
Use of Uninitialized Resource vulnerability in multiple products

Uninitialized data in rendering in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2019-12-10 CVE-2019-13741 Google
Debian
Fedoraproject
Redhat
Cross-site Scripting vulnerability in multiple products

Insufficient validation of untrusted input in Blink in Google Chrome prior to 79.0.3945.79 allowed a local attacker to bypass same origin policy via crafted clipboard content.

8.8
2019-12-10 CVE-2019-13736 Google
Debian
Fedoraproject
Redhat
Integer Overflow or Wraparound vulnerability in multiple products

Integer overflow in PDFium in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

8.8
2019-12-10 CVE-2019-13735 Google
Debian
Fedoraproject
Redhat
Out-of-bounds Write vulnerability in multiple products

Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

8.8
2019-12-10 CVE-2019-13734 Google
Fedoraproject
Redhat
Canonical
Suse
Opensuse
Debian
Oracle
Out-of-bounds Write vulnerability in multiple products

Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2019-12-10 CVE-2019-13732 Google
Debian
Fedoraproject
Redhat
Use After Free vulnerability in multiple products

Use-after-free in WebAudio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2019-12-10 CVE-2019-13730 Google
Debian
Fedoraproject
Novell
Opensuse
Redhat
Type Confusion vulnerability in multiple products

Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2019-12-10 CVE-2019-13729 Google
Debian
Fedoraproject
Redhat
Use After Free vulnerability in multiple products

Use-after-free in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2019-12-10 CVE-2019-13728 Google
Debian
Fedoraproject
Redhat
Out-of-bounds Write vulnerability in multiple products

Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2019-12-10 CVE-2019-13727 Google
Debian
Fedoraproject
Redhat
Improper Preservation of Permissions vulnerability in multiple products

Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass same origin policy via a crafted HTML page.

8.8
2019-12-10 CVE-2019-13726 Google
Debian
Fedoraproject
Redhat
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

Buffer overflow in password manager in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.

8.8
2019-12-10 CVE-2019-13725 Google
Debian
Fedoraproject
Redhat
Use After Free vulnerability in multiple products

Use-after-free in Bluetooth in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.

8.8
2019-12-10 CVE-2019-5843 Google Out-of-bounds Write vulnerability in Google Chrome

Out of bounds memory access in JavaScript in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2019-12-10 CVE-2019-5841 Google Out-of-bounds Write vulnerability in Google Chrome

Out of bounds memory access in JavaScript in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2019-12-11 CVE-2019-3988 Amazon OS Command Injection vulnerability in Amazon Blink XT2 Sync Module Firmware 2.3.11

Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the bssid parameter.

8.3
2019-12-11 CVE-2019-3987 Amazon OS Command Injection vulnerability in Amazon Blink XT2 Sync Module Firmware 2.3.11

Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the key parameter.

8.3
2019-12-11 CVE-2019-3986 Amazon OS Command Injection vulnerability in Amazon Blink XT2 Sync Module Firmware 2.3.11

Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the encryption parameter.

8.3
2019-12-11 CVE-2019-3985 Amazon OS Command Injection vulnerability in Amazon Blink XT2 Sync Module Firmware 2.3.11

Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the ssid parameter.

8.3
2019-12-12 CVE-2019-19770 Linux Use After Free vulnerability in Linux Kernel

In the Linux kernel 4.19.83, there is a use-after-free (read) in the debugfs_remove function in fs/debugfs/inode.c (which is used to remove a file or directory in debugfs that was previously created with a call to another debugfs function such as debugfs_create_file).

8.2
2019-12-13 CVE-2019-16776 Npmjs
Opensuse
Oracle
Fedoraproject
Redhat
Path Traversal vulnerability in multiple products

Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write.

8.1
2019-12-15 CVE-2019-19807 Linux
Canonical
Use After Free vulnerability in multiple products

In the Linux kernel before 5.3.11, sound/core/timer.c has a use-after-free caused by erroneous code refactoring, aka CID-e7af6307a8a5.

7.8
2019-12-13 CVE-2019-19787 Atasm Project
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

ATasm 1.06 has a stack-based buffer overflow in the get_signed_expression() function in setparse.c via a crafted .m65 file.

7.8
2019-12-13 CVE-2019-19786 Atasm Project
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

ATasm 1.06 has a stack-based buffer overflow in the parse_expr() function in setparse.c via a crafted .m65 file.

7.8
2019-12-13 CVE-2019-19785 Atasm Project
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

ATasm 1.06 has a stack-based buffer overflow in the to_comma() function in asm.c via a crafted .m65 file.

7.8
2019-12-12 CVE-2019-2337 Qualcomm Out-of-bounds Read vulnerability in Qualcomm products

While Skipping unknown IES, EMM is reading the buffer even if the no of bytes to read are more than message length which may cause device to shutdown in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130

7.8
2019-12-12 CVE-2019-10485 Qualcomm Infinite Loop vulnerability in Qualcomm products

Infinite loop while decoding compressed data can lead to overrun condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130

7.8
2019-12-12 CVE-2019-19726 Openbsd Improper Privilege Management vulnerability in Openbsd

OpenBSD through 6.6 allows local users to escalate to root because a check for LD_LIBRARY_PATH in setuid programs can be defeated by setting a very small RLIMIT_DATA resource limit.

7.8
2019-12-11 CVE-2013-3691 Ovislink Resource Exhaustion vulnerability in Ovislink Airlive Poe2600Hd Firmware

AirLive POE-2600HD allows remote attackers to cause a denial of service (device reset) via a long URL.

7.8
2019-12-11 CVE-2019-3667 Mcafee Uncontrolled Search Path Element vulnerability in Mcafee Techcheck 3.0.0.17

DLL Search Order Hijacking vulnerability in the Microsoft Windows client in McAfee Tech Check 3.0.0.17 and earlier allows local users to execute arbitrary code via the local folder placed there by an attacker.

7.8
2019-12-11 CVE-2019-19707 Moxa Unspecified vulnerability in Moxa products

On Moxa EDS-G508E, EDS-G512E, and EDS-G516E devices (with firmware through 6.0), denial of service can occur via PROFINET DCE-RPC endpoint discovery packets.

7.8
2019-12-11 CVE-2019-19604 GIT SCM
Debian
Fedoraproject
Opensuse
Missing Authorization vulnerability in multiple products

Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a "git submodule update" operation can run commands found in the .gitmodules file of a malicious repository.

7.8
2019-12-10 CVE-2019-1458 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.

7.8
2019-12-10 CVE-2019-6183 Lenovo Unspecified vulnerability in Lenovo Energy Management 15.11.29.1

A denial of service vulnerability has been reported in Lenovo Energy Management Driver for Windows 10 versions prior to 15.11.29.7 that could cause systems to experience a blue screen error.

7.8
2019-12-10 CVE-2013-4133 KDE
Debian
Improper Resource Shutdown or Release vulnerability in multiple products

kde-workspace before 4.10.5 has a memory leak in plasma desktop

7.8
2019-12-09 CVE-2019-19648 Virustotal
Fedoraproject
Out-of-bounds Read vulnerability in multiple products

In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, command_size may be inconsistent with the real size.

7.8
2019-12-09 CVE-2019-19647 Radare
Fedoraproject
NULL Pointer Dereference vulnerability in multiple products

radare2 through 4.0.0 lacks validation of the content variable in the function r_asm_pseudo_incbin at libr/asm/asm.c, ultimately leading to an arbitrary write.

7.8
2019-12-12 CVE-2019-18338 Siemens Relative Path Traversal vulnerability in Siemens products

A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0).

7.7
2019-12-10 CVE-2019-1485 Microsoft Out-of-bounds Write vulnerability in Microsoft Internet Explorer 10/11/9

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'.

7.6
2019-12-15 CVE-2014-8650 Requests Kerberos Project
Debian
Improper Authentication vulnerability in multiple products

python-requests-Kerberos through 0.5 does not handle mutual authentication

7.5
2019-12-15 CVE-2014-3699 Redhat Deserialization of Untrusted Data vulnerability in Redhat Edeploy and Jboss Enterprise web Server

eDeploy has RCE via cPickle deserialization of untrusted data

7.5
2019-12-13 CVE-2019-19790 Telerik Path Traversal vulnerability in Telerik Radchart and UI FOR Asp.Net Ajax

Path traversal in RadChart in Telerik UI for ASP.NET AJAX allows a remote attacker to read and delete an image with extension .BMP, .EXIF, .GIF, .ICON, .JPEG, .PNG, .TIFF, or .WMF on the server through a specially crafted request.

7.5
2019-12-13 CVE-2019-18838 Envoyproxy NULL Pointer Dereference vulnerability in Envoyproxy Envoy

An issue was discovered in Envoy 1.12.0.

7.5
2019-12-12 CVE-2019-16774 Phpfastcache Deserialization of Untrusted Data vulnerability in PHPfastcache

In phpfastcache before 5.1.3, there is a possible object injection vulnerability in cookie driver.

7.5
2019-12-12 CVE-2019-12420 Apache
Debian
Resource Exhaustion vulnerability in multiple products

In Apache SpamAssassin before 3.4.3, a message can be crafted in a way to use excessive resources.

7.5
2019-12-12 CVE-2019-3951 Advantech Out-of-bounds Write vulnerability in Advantech Webaccess

Advantech WebAccess before 8.4.3 allows unauthenticated remote attackers to execute arbitrary code or cause a denial of service (memory corruption) due to a stack-based buffer overflow when handling IOCTL 70533 RPC messages.

7.5
2019-12-12 CVE-2019-18330 Siemens Out-of-bounds Write vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

7.5
2019-12-12 CVE-2019-18329 Siemens Out-of-bounds Write vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

7.5
2019-12-12 CVE-2019-18328 Siemens Out-of-bounds Write vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

7.5
2019-12-12 CVE-2019-18327 Siemens Out-of-bounds Write vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

7.5
2019-12-12 CVE-2019-18326 Siemens Out-of-bounds Write vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

7.5
2019-12-12 CVE-2019-18325 Siemens Out-of-bounds Write vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

7.5
2019-12-12 CVE-2019-18324 Siemens Out-of-bounds Write vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

7.5
2019-12-12 CVE-2019-18323 Siemens Out-of-bounds Write vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

7.5
2019-12-12 CVE-2019-18316 Siemens Deserialization of Untrusted Data vulnerability in Siemens Sppa-T3000 Application Server R8.2

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2).

7.5
2019-12-12 CVE-2019-18315 Siemens Improper Authentication vulnerability in Siemens Sppa-T3000 Application Server R8.2

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2).

7.5
2019-12-12 CVE-2019-18314 Siemens Improper Authentication vulnerability in Siemens Sppa-T3000 Application Server R8.2

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2).

7.5
2019-12-12 CVE-2019-18313 Siemens Unrestricted Upload of File with Dangerous Type vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

7.5
2019-12-12 CVE-2019-18296 Siemens Out-of-bounds Write vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

7.5
2019-12-12 CVE-2019-18295 Siemens Out-of-bounds Write vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

7.5
2019-12-12 CVE-2019-18293 Siemens Out-of-bounds Write vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

7.5
2019-12-12 CVE-2019-18289 Siemens Out-of-bounds Write vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

7.5
2019-12-12 CVE-2019-18283 Siemens Deserialization of Untrusted Data vulnerability in Siemens Sppa-T3000 Application Server R8.2

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2).

7.5
2019-12-12 CVE-2019-13942 Siemens Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Siemens products

A vulnerability has been identified in EN100 Ethernet module DNP3 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.37), EN100 Ethernet module IEC104 variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions).

7.5
2019-12-12 CVE-2019-16246 Intesync Information Exposure vulnerability in Intesync Solismed 3.3

Intesync Solismed 3.3sp1 allows Local File Inclusion (LFI), a different vulnerability than CVE-2019-15931.

7.5
2019-12-12 CVE-2019-15936 Intesync Unrestricted Upload of File with Dangerous Type vulnerability in Intesync Solismed 3.3

Intesync Solismed 3.3sp allows Insecure File Upload.

7.5
2019-12-12 CVE-2019-15933 Intesync SQL Injection vulnerability in Intesync Solismed 3.3

Intesync Solismed 3.3sp has SQL Injection.

7.5
2019-12-12 CVE-2019-15932 Intesync Missing Authentication for Critical Function vulnerability in Intesync Solismed 3.3

Intesync Solismed 3.3sp has Incorrect Access Control.

7.5
2019-12-12 CVE-2019-15931 Intesync Path Traversal vulnerability in Intesync Solismed 3.3

Intesync Solismed 3.3sp allows Directory Traversal, a different vulnerability than CVE-2019-16246.

7.5
2019-12-12 CVE-2019-10559 Qualcomm Out-of-bounds Read vulnerability in Qualcomm products

Accessing data buffer beyond the available data while parsing ogg clip can lead to null-pointer dereference and then memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8939, MSM8953, MSM8996, MSM8996AU, Nicobar, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

7.5
2019-12-12 CVE-2017-18640 Snakeyaml Project
Fedoraproject
Quarkus
Oracle
XML Entity Expansion vulnerability in multiple products

The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564.

7.5
2019-12-12 CVE-2019-5093 Leadtools Integer Overflow or Wraparound vulnerability in Leadtools 20.0.2019.3.15

An exploitable code execution vulnerability exists in the DICOM network response functionality of LEADTOOLS libltdic.so version 20.0.2019.3.15.

7.5
2019-12-12 CVE-2019-5085 Leadtools Integer Overflow or Wraparound vulnerability in Leadtools 20.0.2019.3.15

An exploitable code execution vulnerability exists in the DICOM packet-parsing functionality of LEADTOOLS libltdic.so, version 20.0.2019.3.15.

7.5
2019-12-12 CVE-2019-10694 Puppet Use of Hard-coded Credentials vulnerability in Puppet Enterprise

The express install, which is the suggested way to install Puppet Enterprise, gives the user a URL at the end of the install to set the admin password.

7.5
2019-12-11 CVE-2019-17087 Microfocus Unspecified vulnerability in Microfocus Acutoweb

Unauthorized file download vulnerability in all supported versions of Micro Focus AcuToWeb.

7.5
2019-12-11 CVE-2019-0403 SAP Improper Neutralization of Formula Elements in a CSV File vulnerability in SAP Enable NOW 1902/1908

SAP Enable Now, before version 1911, allows an attacker to input commands into the CSV files, which will be executed when opened, leading to CSV Command Injection.

7.5
2019-12-11 CVE-2019-19374 Squiz Path Traversal vulnerability in Squiz Matrix

An issue was discovered in core/assets/form/form_question_types/form_question_type_file_upload/form_question_type_file_upload.inc in Squiz Matrix CMS 5.5.0 prior to 5.5.0.3, 5.5.1 prior to 5.5.1.8, 5.5.2 prior to 5.5.2.4, and 5.5.3 prior to 5.5.3.3 where a user can delete arbitrary files from the server during interaction with the File Upload field type, when a custom form exists.

7.5
2019-12-11 CVE-2014-7257 DBD SQL Injection vulnerability in Dbd::Pgpp Project Dbd::Pgpp

SQL injection vulnerability in DBD::PgPP 0.05 and earlier

7.5
2019-12-11 CVE-2013-5743 Zabbix SQL Injection vulnerability in Zabbix

Multiple SQL injection vulnerabilities in Zabbix 1.8.x before 1.8.18rc1, 2.0.x before 2.0.9rc1, and 2.1.x before 2.1.7.

7.5
2019-12-11 CVE-2019-19583 XEN
Fedoraproject
Opensuse
Debian
An issue was discovered in Xen through 4.12.x allowing x86 HVM/PVH guest OS users to cause a denial of service (guest OS crash) because VMX VMEntry checks mishandle a certain case.
7.5
2019-12-11 CVE-2019-18379 Symantec Server-Side Request Forgery (SSRF) vulnerability in Symantec Messaging Gateway

Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a server-side request forgery (SSRF) exploit, which is a type of issue that can let an attacker send crafted requests from the backend server of a vulnerable web application or access services available through the loopback interface.

7.5
2019-12-11 CVE-2019-18960 Amazon Classic Buffer Overflow vulnerability in Amazon Firecracker 0.18.0/0.19.0

Firecracker vsock implementation buffer overflow in versions 0.18.0 and 0.19.0.

7.5
2019-12-11 CVE-2019-5815 Xmlsoft
Debian
Type Confusion vulnerability in multiple products

Type confusion in xsltNumberFormatGetMultipleLevel prior to libxslt 1.1.33 could allow attackers to potentially exploit heap corruption via crafted XML data.

7.5
2019-12-10 CVE-2012-1577 Dietlibc Project
Openbsd
Debian
Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) vulnerability in multiple products

lib/libc/stdlib/random.c in OpenBSD returns 0 when seeded with 0.

7.5
2019-12-10 CVE-2013-2159 Monkey Project Improper Authentication vulnerability in Monkey-Project Monkey 1.2.1

Monkey HTTP Daemon: broken user name authentication

7.5
2019-12-10 CVE-2013-2095 Openshift Origin Controller Project Injection vulnerability in Openshift-Origin-Controller Project Openshift-Origin-Controller

rubygem-openshift-origin-controller: API can be used to create applications via cartridge_cache.rb URI.prase() to perform command injection

7.5
2019-12-09 CVE-2019-19230 Broadcom Deserialization of Untrusted Data vulnerability in Broadcom Nolio 6.6

An unsafe deserialization vulnerability exists in CA Release Automation (Nolio) 6.6 with the DataManagement component that can allow a remote attacker to execute arbitrary code.

7.5
2019-12-09 CVE-2019-19646 Sqlite
Siemens
Tenable
Oracle
Netapp
Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products

pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns.

7.5
2019-12-09 CVE-2019-19603 Sqlite
Oracle
Siemens
Apache
Netapp
SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash.
7.5
2019-12-09 CVE-2019-18190 Trendmicro NULL Pointer Dereference vulnerability in Trendmicro products

Trend Micro Security (Consumer) 2020 (v16.x) is affected by a vulnerability in where null pointer dereference errors result in the crash of application, which could potentially lead to possible unsigned code execution under certain circumstances.

7.5
2019-12-11 CVE-2019-14899 Freebsd
Linux
Openbsd
Apple
Man-in-the-Middle vulnerability in multiple products

A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream.

7.4
2019-12-12 CVE-2019-18309 Siemens Unspecified vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

7.2
2019-12-12 CVE-2019-18308 Siemens Unspecified vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

7.2
2019-12-12 CVE-2019-18297 Siemens Out-of-bounds Write vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

7.2
2019-12-12 CVE-2019-19248 EA Unspecified vulnerability in EA Origin 10.5.36/10.5.37/10.5.55.33574

Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 2 of 2).

7.2
2019-12-12 CVE-2019-19247 EA Unspecified vulnerability in EA Origin

Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 1 of 2).

7.2
2019-12-12 CVE-2019-2321 Qualcomm Classic Buffer Overflow vulnerability in Qualcomm products

Incorrect length used while validating the qsee log buffer sent from HLOS which could then lead to remap conflict in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ4019, IPQ8074, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, QCA8081, QCS404, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SM6150, SM7150, SM8150, Snapdragon_High_Med_2016, SXR1130, SXR2130

7.2
2019-12-12 CVE-2019-2288 Qualcomm Classic Buffer Overflow vulnerability in Qualcomm products

Out of bound write in TZ while copying the secure dump structure on HLOS provided buffer as a part of memory dump in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8976, MSM8996, MSM8996AU, MSM8998, QCA8081, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, Snapdragon_High_Med_2016, SXR1130

7.2
2019-12-11 CVE-2019-3983 Amazon Use of Hard-coded Credentials vulnerability in Amazon Blink XT2 Sync Module Firmware 2.3.11

Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary code and commands on the device due to insufficient UART protections.

7.2
2019-12-11 CVE-2019-18245 Reliablecontrols Unquoted Search Path or Element vulnerability in Reliablecontrols Rc-Licensemanager 3.4

Reliable Controls LicenseManager versions 3.4 and prior may allow an authenticated user to insert malicious code into the system root path, which may allow execution of code with elevated privileges of the application.

7.2
2019-12-11 CVE-2019-19577 XEN
Fedoraproject
Improper Synchronization vulnerability in multiple products

An issue was discovered in Xen through 4.12.x allowing x86 AMD HVM guest OS users to cause a denial of service or possibly gain privileges by triggering data-structure access during pagetable-height updates.

7.2
2019-12-10 CVE-2019-1483 Microsoft Link Following vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'.

7.2
2019-12-10 CVE-2019-1478 Microsoft Unspecified vulnerability in Microsoft Windows 7 and Windows Server 2008

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation, aka 'Windows COM Server Elevation of Privilege Vulnerability'.

7.2
2019-12-10 CVE-2019-1477 Microsoft Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2019

An elevation of privilege vulnerability exists when the Windows Printer Service improperly validates file paths while loading printer drivers, aka 'Windows Printer Service Elevation of Privilege Vulnerability'.

7.2
2019-12-10 CVE-2019-1476 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'.

7.2
2019-12-10 CVE-2013-0293 Ovirt Improper Privilege Management vulnerability in Ovirt Node 2.6.01

oVirt Node: Lock screen accepts F2 to drop to shell causing privilege escalation

7.2
2019-12-13 CVE-2019-5253 Huawei Improper Authentication vulnerability in Huawei E5572-855 Firmware

E5572-855 with versions earlier than 8.0.1.3(H335SP1C233) has an improper authentication vulnerability.

7.1
2019-12-10 CVE-2019-1461 Microsoft Unspecified vulnerability in Microsoft Office, Office 365 Proplus and Word

A denial of service vulnerability exists in Microsoft Word software when the software fails to properly handle objects in memory, aka 'Microsoft Word Denial of Service Vulnerability'.

7.1

201 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-12-12 CVE-2019-4606 IBM Untrusted Search Path vulnerability in IBM DB2 High Performance Unload Load

IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 could allow a local attacker to execute arbitrary code on the system, caused by an untrusted search path vulnerability.

6.9
2019-12-13 CVE-2019-19796 Yabasic Out-of-bounds Write vulnerability in Yabasic 2.86.2

Yabasic 2.86.2 has a heap-based buffer overflow in myformat in function.c via a crafted BASIC source file.

6.8
2019-12-13 CVE-2019-19795 Samurai Project Out-of-bounds Write vulnerability in Samurai Project Samurai 0.7

samurai 0.7 has a heap-based buffer overflow in canonpath in util.c via a crafted build file.

6.8
2019-12-13 CVE-2019-5250 Huawei Improper Privilege Management vulnerability in Huawei Mate 20 PRO Firmware

Mate 20 Pro smartphones with versions earlier than 9.1.0.135(C00E133R3P1) have an improper authorization vulnerability.

6.8
2019-12-13 CVE-2019-19778 Libsixel Project Out-of-bounds Read vulnerability in Libsixel Project Libsixel 1.8.2

An issue was discovered in libsixel 1.8.2.

6.8
2019-12-13 CVE-2019-19777 Libsixel Project
Nothings
Out-of-bounds Read vulnerability in multiple products

stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has a heap-based buffer over-read in stbi__load_main.

6.8
2019-12-12 CVE-2019-5144 Kakadusoftware Out-of-bounds Write vulnerability in Kakadusoftware Kakadu Software 7.10.2

An exploitable heap underflow vulnerability exists in the derive_taps_and_gains function in kdu_v7ar.dll of Kakadu Software SDK 7.10.2.

6.8
2019-12-12 CVE-2019-15934 Intesync Cross-Site Request Forgery (CSRF) vulnerability in Intesync Solismed 3.3

Intesync Solismed 3.3sp has CSRF.

6.8
2019-12-12 CVE-2019-5154 Leadtools Out-of-bounds Write vulnerability in Leadtools 20.0.2019.3.15

An exploitable heap overflow vulnerability exists in the JPEG2000 parsing functionality of LEADTOOLS 20.0.2019.3.15.

6.8
2019-12-12 CVE-2019-5092 Leadtools Out-of-bounds Write vulnerability in Leadtools 20.0.2019.3.15

An exploitable heap out of bounds write vulnerability exists in the UI tag parsing functionality of the DICOM image format of LEADTOOLS 20.0.2019.3.15.

6.8
2019-12-11 CVE-2019-0398 SAP Cross-Site Request Forgery (CSRF) vulnerability in SAP Businessobjects Business Intelligence Platform 4.1/4.2/4.3

Due to insufficient CSRF protection, SAP BusinessObjects Business Intelligence Platform (Monitoring Application), before versions 4.1, 4.2 and 4.3, may lead to an authenticated user to send unintended request to the web server, leading to Cross Site Request Forgery.

6.8
2019-12-11 CVE-2019-19720 Yabasic Out-of-bounds Write vulnerability in Yabasic 2.86.1

Yabasic 2.86.1 has a heap-based buffer overflow in the yylex() function in flex.c via a crafted BASIC source file.

6.8
2019-12-10 CVE-2019-1484 Microsoft Improper Input Validation vulnerability in Microsoft products

A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input, aka 'Windows OLE Remote Code Execution Vulnerability'.

6.8
2019-12-09 CVE-2019-4621 IBM Insecure Default Initialization of Resource vulnerability in IBM Datapower Gateway

IBM DataPower Gateway 7.6.0.0-7 throug 6.0.14 and 2018.4.1.0 through 2018.4.1.5 have a default administrator account that is enabled if the IPMI LAN channel is enabled.

6.8
2019-12-09 CVE-2019-19685 Nopcommerce Cross-Site Request Forgery (CSRF) vulnerability in Nopcommerce 4.20

RoxyFileman, as shipped with nopCommerce v4.2.0, is vulnerable to CSRF because GET requests can be used for renames and deletions.

6.8
2019-12-12 CVE-2018-11805 Apache
Debian
OS Command Injection vulnerability in multiple products

In Apache SpamAssassin before 3.4.3, nefarious CF files can be configured to run system commands without any output or errors.

6.7
2019-12-12 CVE-2019-19769 Linux
Fedoraproject
Use After Free vulnerability in multiple products

In the Linux kernel 5.3.10, there is a use-after-free (read) in the perf_trace_lock_acquire function (related to include/trace/events/lock.h).

6.7
2019-12-11 CVE-2019-19580 XEN
Fedoraproject
Race Condition vulnerability in multiple products

An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations, because of an incomplete fix for CVE-2019-18421.

6.6
2019-12-13 CVE-2019-19793 Cyxtera Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Cyxtera Appgate SDP

In Cyxtera AppGate SDP Client 4.1.x through 4.3.x before 4.3.2 on Windows, a local or remote user from the same domain can gain privileges.

6.5
2019-12-13 CVE-2019-16777 Npmjs
Opensuse
Oracle
Fedoraproject
Redhat
Improper Privilege Management vulnerability in multiple products

Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite.

6.5
2019-12-13 CVE-2019-16775 Redhat
Npmjs
Opensuse
Oracle
Fedoraproject
UNIX Symbolic Link (Symlink) Following vulnerability in multiple products

Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write.

6.5
2019-12-12 CVE-2019-18288 Siemens Unrestricted Upload of File with Dangerous Type vulnerability in Siemens Sppa-T3000 Application Server R8.2

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2).

6.5
2019-12-12 CVE-2019-10695 Puppet Information Exposure Through Log Files vulnerability in Puppet Continuous Delivery

When using the cd4pe::root_configuration task to configure a Continuous Delivery for PE installation, the root user’s username and password were exposed in the job’s Job Details pane in the PE console.

6.5
2019-12-11 CVE-2019-19582 XEN
Fedoraproject
Infinite Loop vulnerability in multiple products

An issue was discovered in Xen through 4.12.x allowing x86 guest OS users to cause a denial of service (infinite loop) because certain bit iteration is mishandled.

6.5
2019-12-11 CVE-2019-19581 XEN
Fedoraproject
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

An issue was discovered in Xen through 4.12.x allowing 32-bit Arm guest OS users to cause a denial of service (out-of-bounds access) because certain bit iteration is mishandled.

6.5
2019-12-11 CVE-2019-18377 Symantec Unspecified vulnerability in Symantec Messaging Gateway

Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.

6.5
2019-12-10 CVE-2019-1471 Microsoft Improper Input Validation vulnerability in Microsoft products

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'.

6.5
2019-12-10 CVE-2019-13753 Google
Debian
Fedoraproject
Redhat
Canonical
Out-of-bounds Read vulnerability in multiple products

Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

6.5
2019-12-10 CVE-2019-13752 Google
Debian
Fedoraproject
Redhat
Canonical
Out-of-bounds Read vulnerability in multiple products

Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

6.5
2019-12-10 CVE-2019-13751 Google
Debian
Fedoraproject
Redhat
Canonical
Use of Uninitialized Resource vulnerability in multiple products

Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

6.5
2019-12-10 CVE-2019-13750 Google
Debian
Fedoraproject
Redhat
Canonical
Improper Input Validation vulnerability in multiple products

Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a crafted HTML page.

6.5
2019-12-10 CVE-2019-13749 Google
Debian
Fedoraproject
Redhat
Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
6.5
2019-12-10 CVE-2019-13748 Google
Debian
Fedoraproject
Redhat
Missing Authorization vulnerability in multiple products

Insufficient policy enforcement in developer tools in Google Chrome prior to 79.0.3945.79 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

6.5
2019-12-10 CVE-2019-13746 Google
Debian
Fedoraproject
Redhat
Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
6.5
2019-12-10 CVE-2019-13745 Google
Debian
Suse
Opensuse
Fedoraproject
Redhat
Insufficient policy enforcement in audio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
6.5
2019-12-10 CVE-2019-13744 Google
Debian
Fedoraproject
Redhat
Information Exposure vulnerability in multiple products

Insufficient policy enforcement in cookies in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

6.5
2019-12-10 CVE-2019-13743 Google
Debian
Fedoraproject
Redhat
Incorrect security UI in external protocol handling in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof security UI via a crafted HTML page.
6.5
2019-12-10 CVE-2019-13742 Google
Debian
Fedoraproject
Redhat
Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
6.5
2019-12-10 CVE-2019-13740 Google
Debian
Fedoraproject
Redhat
Origin Validation Error vulnerability in multiple products

Incorrect security UI in sharing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.

6.5
2019-12-10 CVE-2019-13739 Google
Debian
Fedoraproject
Redhat
Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
6.5
2019-12-10 CVE-2019-13738 Google
Debian
Fedoraproject
Redhat
Improper Privilege Management vulnerability in multiple products

Insufficient policy enforcement in navigation in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass site isolation via a crafted HTML page.

6.5
2019-12-10 CVE-2019-13737 Google
Debian
Fedoraproject
Redhat
Information Exposure vulnerability in multiple products

Insufficient policy enforcement in autocomplete in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

6.5
2019-12-10 CVE-2019-13672 Google Unspecified vulnerability in Google Chrome

Incorrect security UI in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page on iOS.

6.5
2019-12-09 CVE-2019-4612 IBM Unrestricted Upload of File with Dangerous Type vulnerability in IBM Planning Analytics 2.0

IBM Planning Analytics 2.0 is vulnerable to malicious file upload in the My Account Portal.

6.5
2019-12-09 CVE-2015-3424 Accentis SQL Injection vulnerability in Accentis Content Resource Management System

SQL injection vulnerability in Accentis Content Resource Management System before the October 2015 patch allows remote attackers to execute arbitrary SQL commands via the SIDX parameter.

6.5
2019-12-09 CVE-2015-1853 Tuxfamily Unspecified vulnerability in Tuxfamily Chrony

chrony before 1.31.1 does not properly protect state variables in authenticated symmetric NTP associations, which allows remote attackers with knowledge of NTP peering to cause a denial of service (inability to synchronize) via random timestamps in crafted NTP data packets.

6.5
2019-12-09 CVE-2019-19684 Nopcommerce Unrestricted Upload of File with Dangerous Type vulnerability in Nopcommerce 4.20

nopCommerce v4.2.0 allows privilege escalation via file upload in Presentation/Nop.Web/Admin/Areas/Controllers/PluginController.cs via Admin/FacebookAuthentication/Configure because it is possible to upload a crafted Facebook Auth plugin.

6.5
2019-12-12 CVE-2019-18322 Siemens Improper Authentication vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

6.4
2019-12-12 CVE-2019-18321 Siemens Improper Authentication vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

6.4
2019-12-12 CVE-2019-13932 Siemens Improper Input Validation vulnerability in Siemens XHQ 6.0.0.0

A vulnerability has been identified in XHQ (All versions < V6.0.0.2).

6.4
2019-12-10 CVE-2019-4244 IBM Missing Authentication for Critical Function vulnerability in IBM Smartcloud Analytics LOG Analysis

IBM SmartCloud Analytics 1.3.1 through 1.3.5 could allow a remote attacker to gain unauthorized information and unrestricted control over Zookeeper installations due to missing authentication.

6.4
2019-12-13 CVE-2019-5260 Huawei Improper Input Validation vulnerability in Huawei View 20 Firmware and Y9 2019 Firmware

Huawei smartphones HUAWEI Y9 2019 and Honor View 20 have a denial of service vulnerability.

6.1
2019-12-13 CVE-2019-14344 Vocabularyserver Cross-site Scripting vulnerability in Vocabularyserver Tematres 3.0

TemaTres 3.0 has reflected XSS via the replace_string or search_string parameter to the vocab/admin.php?doAdmin=bulkReplace URI.

6.1
2019-12-13 CVE-2019-5248 Huawei Missing Release of Resource after Effective Lifetime vulnerability in Huawei Cloudengine 12800 Firmware

CloudEngine 12800 has a DoS vulnerability.

6.1
2019-12-12 CVE-2019-13943 Siemens Cross-site Scripting vulnerability in Siemens products

A vulnerability has been identified in EN100 Ethernet module DNP3 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.37), EN100 Ethernet module IEC104 variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions).

6.1
2019-12-11 CVE-2019-19709 Mediawiki
Debian
Open Redirect vulnerability in multiple products

MediaWiki through 1.33.1 allows attackers to bypass the Title_blacklist protection mechanism by starting with an arbitrary title, establishing a non-resolvable redirect for the associated page, and using redirect=1 in the action API when editing that page.

6.1
2019-12-10 CVE-2019-1332 Microsoft Cross-site Scripting vulnerability in Microsoft products

A cross-site scripting (XSS) vulnerability exists when Microsoft SQL Server Reporting Services (SSRS) does not properly sanitize a specially-crafted web request to an affected SSRS server, aka 'Microsoft SQL Server Reporting Services XSS Vulnerability'.

6.1
2019-12-13 CVE-2019-13347 Atlassian Unspecified vulnerability in Atlassian Saml Single Sign ON

An issue was discovered in the SAML Single Sign On (SSO) plugin for several Atlassian products affecting versions 3.1.0 through 3.2.2 for Jira and Confluence, versions 2.4.0 through 3.0.3 for Bitbucket, and versions 2.4.0 through 2.5.2 for Bamboo.

6.0
2019-12-15 CVE-2014-3652 Redhat Open Redirect vulnerability in Redhat Keycloak 1.0.1

JBoss KeyCloak: Open redirect vulnerability via failure to validate the redirect URL.

5.8
2019-12-12 CVE-2019-13930 Siemens Cross-Site Request Forgery (CSRF) vulnerability in Siemens XHQ 6.0.0.0

A vulnerability has been identified in XHQ (All versions < V6.0.0.2).

5.8
2019-12-10 CVE-2019-1486 Microsoft Open Redirect vulnerability in Microsoft Visual Studio 2019 and Visual Studio Live Share

A spoofing vulnerability exists in Visual Studio Live Share when a guest connected to a Live Share session is redirected to an arbitrary URL specified by the session host, aka 'Visual Studio Live Share Spoofing Vulnerability'.

5.8
2019-12-10 CVE-2019-19703 Jetbrains Open Redirect vulnerability in Jetbrains Ktor

In Ktor through 1.2.6, the client resends data from the HTTP Authorization header to a redirect location.

5.8
2019-12-10 CVE-2016-1000107 Erlang Open Redirect vulnerability in Erlang Erlang/Otp

inets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.

5.8
2019-12-10 CVE-2016-1000108 Yaws
Debian
Open Redirect vulnerability in multiple products

yaws before 2.0.4 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.

5.8
2019-12-15 CVE-2019-19797 Xfig Project
Fedoraproject
Debian
Out-of-bounds Write vulnerability in multiple products

read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write.

5.5
2019-12-12 CVE-2019-18340 Siemens Use of a Broken or Risky Cryptographic Algorithm vulnerability in Siemens products

A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0), Control Center Server (CCS) (All versions >= V1.5.0), SiNVR/SiVMS Video Server (All versions < V5.0.0), SiNVR/SiVMS Video Server (All versions >= V5.0.0).

5.5
2019-12-12 CVE-2019-17358 Cacti
Debian
Opensuse
Deserialization of Untrusted Data vulnerability in multiple products

Cacti through 1.2.7 is affected by multiple instances of lib/functions.php unsafe deserialization of user-controlled data to populate arrays.

5.5
2019-12-12 CVE-2019-19746 Fig2Dev Project
Fedoraproject
Integer Overflow or Wraparound vulnerability in multiple products

make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type.

5.5
2019-12-10 CVE-2013-4184 Data
Debian
Link Following vulnerability in multiple products

Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks

5.5
2019-12-12 CVE-2019-14849 Redhat Information Exposure Through Sent Data vulnerability in Redhat 3Scale 2.0/2.4

A vulnerability was found in 3scale before version 2.6, did not set the HTTPOnly attribute on the user session cookie.

5.4
2019-12-12 CVE-2019-7004 Avaya Cross-site Scripting vulnerability in Avaya IP Office Application Server 11.0/11.0.4.0

A Cross-Site Scripting (XSS) vulnerability in the WebUI component of IP Office Application Server could allow unauthorized code execution and potentially disclose sensitive information.

5.4
2019-12-10 CVE-2019-14870 Samba
Fedoraproject
Canonical
Debian
Opensuse
Improper Authentication vulnerability in multiple products

All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U (MS-SFU) Kerberos delegation model includes a feature allowing for a subset of clients to be opted out of constrained delegation in any way, either S4U2Self or regular Kerberos authentication, by forcing all tickets for these clients to be non-forwardable.

5.4
2019-12-13 CVE-2019-19722 Dovecot
Fedoraproject
NULL Pointer Dereference vulnerability in multiple products

In Dovecot before 2.3.9.2, an attacker can crash a push-notification driver with a crafted email when push notifications are used, because of a NULL Pointer Dereference.

5.3
2019-12-12 CVE-2019-18341 Siemens Improper Authentication vulnerability in Siemens products

A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0).

5.3
2019-12-12 CVE-2019-13944 Siemens Path Traversal vulnerability in Siemens products

A vulnerability has been identified in EN100 Ethernet module DNP3 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.37), EN100 Ethernet module IEC104 variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions).

5.3
2019-12-11 CVE-2014-0091 Theforeman Improper Input Validation vulnerability in Theforeman Foreman

Foreman has improper input validation which could lead to partial Denial of Service

5.3
2019-12-10 CVE-2019-14861 Samba
Fedoraproject
Canonical
Opensuse
Debian
Incorrect Default Permissions vulnerability in multiple products

All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the (poorly named) dnsserver RPC pipe provides administrative facilities to modify DNS records and zones.

5.3
2019-12-15 CVE-2014-3643 Jersey Project XXE vulnerability in Jersey Project Jersey

jersey: XXE via parameter entities not disabled by the jersey SAX parser

5.0
2019-12-14 CVE-2019-5235 Huawei NULL Pointer Dereference vulnerability in Huawei products

Some Huawei smart phones have a null pointer dereference vulnerability.

5.0
2019-12-13 CVE-2019-5277 Huawei Unspecified vulnerability in Huawei Cloudusm-Eua Firmware V600R006C10/V600R019C00

Huawei CloudUSM-EUA V600R006C10;V600R019C00 have an information leak vulnerability.

5.0
2019-12-13 CVE-2019-5254 Huawei Out-of-bounds Read vulnerability in Huawei products

Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability.

5.0
2019-12-13 CVE-2019-16731 Skymee
Petwant
Missing Authentication for Critical Function vulnerability in multiple products

The udpServerSys service in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to initiate firmware upgrades and alter device settings.

5.0
2019-12-13 CVE-2019-17123 Egain Improper Input Validation vulnerability in Egain Mail 11

The eGain Web Email API 11+ allows spoofed messages because the fromName and message fields (to /system/ws/v11/ss/email) are mishandled, as demonstrated by fromName header injection with a %0a or %0d character.

5.0
2019-12-13 CVE-2019-19397 Huawei Use of a Broken or Risky Cryptographic Algorithm vulnerability in Huawei products

There is a weak algorithm vulnerability in some Huawei products.

5.0
2019-12-13 CVE-2014-3495 Debian
Opensuse
Improper Certificate Validation vulnerability in multiple products

duplicity 0.6.24 has improper verification of SSL certificates

5.0
2019-12-13 CVE-2014-0212 Apache Resource Exhaustion vulnerability in Apache Qpid-Cpp

qpid-cpp: ACL policies only loaded if the acl-file option specified enabling DoS by consuming all available file descriptors

5.0
2019-12-12 CVE-2019-19768 Linux Use After Free vulnerability in Linux Kernel 5.4.0

In the Linux kernel 5.4.0-rc2, there is a use-after-free (read) in the __blk_add_trace function in kernel/trace/blktrace.c (which is used to fill out a blk_io_trace structure and place it in a per-cpu sub-buffer).

5.0
2019-12-12 CVE-2019-19766 Bitwarden Inadequate Encryption Strength vulnerability in Bitwarden Server

The Bitwarden server through 1.32.0 has a potentially unwanted KDF.

5.0
2019-12-12 CVE-2019-18335 Siemens Information Exposure vulnerability in Siemens Sppa-T3000 Application Server R8.2

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2).

5.0
2019-12-12 CVE-2019-18334 Siemens Information Exposure vulnerability in Siemens Sppa-T3000 Application Server R8.2

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2).

5.0
2019-12-12 CVE-2019-18333 Siemens Information Exposure vulnerability in Siemens Sppa-T3000 Application Server R8.2

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2).

5.0
2019-12-12 CVE-2019-18332 Siemens Improper Authentication vulnerability in Siemens Sppa-T3000 Application Server R8.2

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2).

5.0
2019-12-12 CVE-2019-18331 Siemens Information Exposure vulnerability in Siemens Sppa-T3000 Application Server R8.2

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2).

5.0
2019-12-12 CVE-2019-18320 Siemens Unrestricted Upload of File with Dangerous Type vulnerability in Siemens Sppa-T3000 Application Server R8.2

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2).

5.0
2019-12-12 CVE-2019-18319 Siemens Improper Authentication vulnerability in Siemens Sppa-T3000 Application Server R8.2

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2).

5.0
2019-12-12 CVE-2019-18318 Siemens Improper Authentication vulnerability in Siemens Sppa-T3000 Application Server R8.2

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2).

5.0
2019-12-12 CVE-2019-18317 Siemens Improper Authentication vulnerability in Siemens Sppa-T3000 Application Server R8.2

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2).

5.0
2019-12-12 CVE-2019-18312 Siemens Improper Authentication vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

5.0
2019-12-12 CVE-2019-18311 Siemens Missing Authentication for Critical Function vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

5.0
2019-12-12 CVE-2019-18310 Siemens Out-of-bounds Write vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

5.0
2019-12-12 CVE-2019-18307 Siemens Out-of-bounds Read vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

5.0
2019-12-12 CVE-2019-18306 Siemens Out-of-bounds Write vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

5.0
2019-12-12 CVE-2019-18305 Siemens Integer Overflow or Wraparound vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

5.0
2019-12-12 CVE-2019-18304 Siemens Integer Overflow or Wraparound vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

5.0
2019-12-12 CVE-2019-18303 Siemens Integer Overflow or Wraparound vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

5.0
2019-12-12 CVE-2019-18302 Siemens Integer Overflow or Wraparound vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

5.0
2019-12-12 CVE-2019-18301 Siemens Integer Overflow or Wraparound vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

5.0
2019-12-12 CVE-2019-18300 Siemens Integer Overflow or Wraparound vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

5.0
2019-12-12 CVE-2019-18299 Siemens Integer Overflow or Wraparound vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

5.0
2019-12-12 CVE-2019-18298 Siemens Integer Overflow or Wraparound vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

5.0
2019-12-12 CVE-2019-18294 Siemens Out-of-bounds Write vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

5.0
2019-12-12 CVE-2019-18292 Siemens Out-of-bounds Write vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

5.0
2019-12-12 CVE-2019-18291 Siemens Out-of-bounds Write vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

5.0
2019-12-12 CVE-2019-18290 Siemens Out-of-bounds Write vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions).

5.0
2019-12-12 CVE-2019-18287 Siemens Information Exposure vulnerability in Siemens Sppa-T3000 Application Server R8.2

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2).

5.0
2019-12-12 CVE-2019-18286 Siemens Information Exposure vulnerability in Siemens Sppa-T3000 Application Server R8.2

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2).

5.0
2019-12-12 CVE-2019-18284 Siemens Missing Authentication for Critical Function vulnerability in Siemens Sppa-T3000 Application Server R8.2

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2).

5.0
2019-12-12 CVE-2019-13927 Siemens Exposure of Resource to Wrong Sphere vulnerability in Siemens products

A vulnerability has been identified in Desigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D with Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 (All firmware versions < V6.00.320), Desigo PX automation controllers PXC00-U, PXC64-U, PXC128-U with Desigo PX Web modules PXA30-W0, PXA30-W1, PXA30-W2 (All firmware versions < V6.00.320), Desigo PX automation controllers PXC22.1-E.D, PXC36-E.D, PXC36.1-E.D with activated web server (All firmware versions < V6.00.320).

5.0
2019-12-12 CVE-2019-2310 Qualcomm Out-of-bounds Read vulnerability in Qualcomm products

Out of bound read would occur while trying to read action category and action ID without validating the action length of the Rx Frame body in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS605, SDA660, SDA845, SDM450, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM8150

5.0
2019-12-12 CVE-2019-5091 Leadtools Infinite Loop vulnerability in Leadtools 20.0.2019.3.15

An exploitable denial-of-service vulnerability exists in the Dicom-packet parsing functionality of LEADTOOLS libltdic.so version 20.0.2019.3.15.

5.0
2019-12-12 CVE-2019-5090 Leadtools Out-of-bounds Read vulnerability in Leadtools 20.0.2019.3.15

An exploitable information disclosure vulnerability exists in the DICOM packet-parsing functionality of LEADTOOLS libltdic.so, version 20.0.2019.3.15.

5.0
2019-12-11 CVE-2019-0405 SAP Information Exposure vulnerability in SAP Enable NOW 1902/1908

SAP Enable Now, before version 1911, leaks information about the existence of a particular user which can be used to construct a list of users, leading to a user enumeration vulnerability and Information Disclosure.

5.0
2019-12-11 CVE-2019-0404 SAP Information Exposure Through an Error Message vulnerability in SAP Enable NOW 1902/1908

SAP Enable Now, before version 1911, leaks information about network configuration in the server error messages, leading to Information Disclosure.

5.0
2019-12-11 CVE-2019-19729 Bson Objectid Project Improper Input Validation vulnerability in Bson-Objectid Project Bson-Objectid 1.3.0

An issue was discovered in the BSON ObjectID (aka bson-objectid) package 1.3.0 for Node.js.

5.0
2019-12-11 CVE-2019-19373 Squiz Deserialization of Untrusted Data vulnerability in Squiz Matrix

An issue was discovered in Squiz Matrix CMS 5.5.0 prior to 5.5.0.3, 5.5.1 prior to 5.5.1.8, 5.5.2 prior to 5.5.2.4, and 5.5.3 prior to 5.5.3.3 where a user can trigger arbitrary unserialization of a PHP object from a packages/cms/page_templates/page_remote_content/page_remote_content.inc POST parameter during processing of a Remote Content page type.

5.0
2019-12-11 CVE-2013-4593 Omniauth Facebook Project Improper Authentication vulnerability in Omniauth-Facebook Project Omniauth-Facebook

RubyGem omniauth-facebook has an access token security vulnerability

5.0
2019-12-10 CVE-2019-1489 Microsoft Information Exposure vulnerability in Microsoft Windows XP

An information disclosure vulnerability exists when the Windows Remote Desktop Protocol (RDP) fails to properly handle objects in memory, aka 'Remote Desktop Protocol Information Disclosure Vulnerability'.

5.0
2019-12-10 CVE-2019-1453 Microsoft Unspecified vulnerability in Microsoft products

A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'.

5.0
2019-12-10 CVE-2019-19702 Modoboa XML Injection (aka Blind XPath Injection) vulnerability in Modoboa Modoboa-Dmarc 1.1.0

The modoboa-dmarc plugin 1.1.0 for Modoboa is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.

5.0
2019-12-10 CVE-2019-19251 Last FM Cleartext Transmission of Sensitive Information vulnerability in Last.Fm Desktop

The Last.fm desktop app (Last.fm Scrobbler) through 2.1.39 on macOS makes HTTP requests that include an API key without the use of SSL/TLS.

5.0
2019-12-10 CVE-2013-4120 Theforeman Resource Exhaustion vulnerability in Theforeman Katello

Katello has a Denial of Service vulnerability in API OAuth authentication

5.0
2019-12-10 CVE-2013-1793 Redhat Missing Authentication for Critical Function vulnerability in Redhat Openstack and Openstack Essex

openstack-utils openstack-db has insecure password creation

5.0
2019-12-09 CVE-2015-0841 Monopd Project Off-by-one Error vulnerability in Monopd Project Monopd

Off-by-one error in the readBuf function in listener.cpp in libcapsinetwork and monopd before 0.9.8, allows remote attackers to cause a denial of service (crash) via a long line.

5.0
2019-12-09 CVE-2019-14251 Temenos Path Traversal vulnerability in Temenos T24 R15.01

An issue was discovered in T24 in TEMENOS Channels R15.01.

5.0
2019-12-12 CVE-2019-13947 Siemens Cleartext Storage of Sensitive Information in GUI vulnerability in Siemens products

A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0).

4.9
2019-12-12 CVE-2019-10520 Qualcomm Missing Release of Resource after Effective Lifetime vulnerability in Qualcomm products

An unprivileged application can allocate GPU memory by calling memory allocation ioctl function and can exhaust all the memory which results in out of memory in Snapdragon Mobile, Snapdragon Voice & Music in QCS405, SD 210/SD 212/SD 205, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / SD 850, SD 855

4.9
2019-12-13 CVE-2014-2387 PEN Project
Opensuse
Debian
Exposure of Resource to Wrong Sphere vulnerability in multiple products

Pen 0.18.0 has Insecure Temporary File Creation vulnerabilities

4.6
2019-12-13 CVE-2019-19501 Idrix Unspecified vulnerability in Idrix Veracrypt 1.24

VeraCrypt 1.24 allows Local Privilege Escalation during execution of VeraCryptExpander.exe.

4.6
2019-12-12 CVE-2019-13945 Siemens Unspecified vulnerability in Siemens products

A vulnerability has been identified in SIMATIC S7-1200 CPU family (incl.

4.6
2019-12-12 CVE-2019-2319 Qualcomm Out-of-bounds Write vulnerability in Qualcomm products

HLOS could corrupt CPZ page table memory for S1 managed VMs in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, QCS605, SDA845, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130, SXR2130

4.6
2019-12-12 CVE-2019-10592 Qualcomm Integer Overflow or Wraparound vulnerability in Qualcomm products

Possible integer overflow while multiplying two integers of 32 bit in QDCM API of get display modes as there is no check on the maximum mode count in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

4.6
2019-12-12 CVE-2019-10571 Qualcomm Classic Buffer Overflow vulnerability in Qualcomm products

Snapshot of IB can lead to invalid address access due to missing check for size in the related function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, Nicobar, QCN7605, QCS405, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR2130

4.6
2019-12-12 CVE-2019-10555 Qualcomm Classic Buffer Overflow vulnerability in Qualcomm products

Buffer overflow can occur due to usage of wrong datatype and missing length check before copying into buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150

4.6
2019-12-12 CVE-2019-10530 Qualcomm Integer Overflow or Wraparound vulnerability in Qualcomm products

Lack of check of data truncation on user supplied data in kernel leads to buffer overflow in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

4.6
2019-12-11 CVE-2019-18232 Gemalto Link Following vulnerability in Gemalto Sentinel LDK License Manager

SafeNet Sentinel LDK License Manager, all versions prior to 7.101(only Microsoft Windows versions are affected) is vulnerable when configured as a service.

4.6
2019-12-09 CVE-2015-7892 Samsung Out-of-bounds Write vulnerability in Samsung M2M1Shot Driver

Stack-based buffer overflow in the m2m1shot_compat_ioctl32 function in the Samsung m2m1shot driver framework, as used in Samsung S6 Edge, allows local users to have unspecified impact via a large data.buf_out.num_planes value in an ioctl call.

4.6
2019-12-13 CVE-2014-1867 Suphp Improper Authentication vulnerability in Suphp

suPHP before 0.7.2 source-highlighting feature allows security bypass which could lead to arbitrary code execution

4.4
2019-12-12 CVE-2019-10494 Qualcomm Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products

Race condition between the camera functions due to lack of resource lock which will lead to memory corruption and UAF issue in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150

4.4
2019-12-11 CVE-2013-4245 Gnome
Debian
Improper Input Validation vulnerability in multiple products

Orca has arbitrary code execution due to insecure Python module load

4.4
2019-12-15 CVE-2014-8561 Imagemagick
Debian
Infinite Loop vulnerability in multiple products

imagemagick 6.8.9.6 has remote DOS via infinite loop

4.3
2019-12-15 CVE-2014-4913 Zend
Debian
Cross-site Scripting vulnerability in multiple products

ZF2014-03 has a potential cross site scripting vector in multiple view helpers

4.3
2019-12-13 CVE-2019-19794 Miekg DNS Project Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Miekg-Dns Project Miekg-Dns

The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used.

4.3
2019-12-13 CVE-2019-5291 Huawei Insufficient Verification of Data Authenticity vulnerability in Huawei products

Some Huawei products have an insufficient verification of data authenticity vulnerability.

4.3
2019-12-13 CVE-2019-5251 Huawei Path Traversal vulnerability in Huawei products

There is a path traversal vulnerability in several Huawei smartphones.

4.3
2019-12-13 CVE-2019-17599 Expresstech Cross-site Scripting vulnerability in Expresstech Quiz and Survey Master

The quiz-master-next (aka Quiz And Survey Master) plugin before 6.3.5 for WordPress is affected by: Cross Site Scripting (XSS).

4.3
2019-12-12 CVE-2019-19767 Linux Use After Free vulnerability in Linux Kernel

The Linux kernel before 5.4.2 mishandles ext4_expand_extra_isize, as demonstrated by use-after-free errors in __ext4_expand_extra_isize and ext4_xattr_set_entry, related to fs/ext4/inode.c and fs/ext4/super.c, aka CID-4ea99936a163.

4.3
2019-12-12 CVE-2019-18285 Siemens Cleartext Transmission of Sensitive Information vulnerability in Siemens Sppa-T3000 Application Server R8.2

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2).

4.3
2019-12-12 CVE-2019-17428 Intesync Inadequate Encryption Strength vulnerability in Intesync Solismed 3.3

An issue was discovered in Intesync Solismed 3.3sp1.

4.3
2019-12-12 CVE-2019-15935 Intesync Cross-site Scripting vulnerability in Intesync Solismed 3.3

Intesync Solismed 3.3sp has XSS.

4.3
2019-12-12 CVE-2019-15930 Intesync Improper Restriction of Rendered UI Layers or Frames vulnerability in Intesync Solismed 3.3

Intesync Solismed 3.3sp allows Clickjacking.

4.3
2019-12-12 CVE-2019-19748 Brizoit Cross-site Scripting vulnerability in Brizoit Work Time Calendar

The Work Time Calendar app before 4.7.1 for Jira allows XSS.

4.3
2019-12-11 CVE-2013-5978 Cart66 Cross-site Scripting vulnerability in Cart66 Lite Plugin

Multiple cross-site scripting (XSS) vulnerabilities in products.php in the Cart66 Lite plugin before 1.5.1.15 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) Product name or (2) Price description fields via a request to wp-admin/admin.php.

4.3
2019-12-11 CVE-2013-4303 Mediawiki Cross-site Scripting vulnerability in Mediawiki

includes/libs/IEUrlExtension.php in the MediaWiki API in MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 does not properly detect extensions when there are an even number of "." (period) characters in a string, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the siprop parameter in a query action to wiki/api.php.

4.3
2019-12-11 CVE-2019-14317 Wolfssl Missing Encryption of Sensitive Data vulnerability in Wolfssl

wolfSSL and wolfCrypt 4.1.0 and earlier (formerly known as CyaSSL) generate biased DSA nonces.

4.3
2019-12-11 CVE-2013-4968 Puppet Cross-site Scripting vulnerability in Puppet Enterprise

Puppet Enterprise before 3.0.1 allows remote attackers to (1) conduct clickjacking attacks via unspecified vectors related to the console, and (2) conduct cross-site scripting (XSS) attacks via unspecified vectors related to "live management."

4.3
2019-12-11 CVE-2019-10772 SVG Sanitizer Project Cross-site Scripting vulnerability in Svg-Sanitizer Project Svg-Sanitizer

It is possible to bypass enshrined/svg-sanitize before 0.13.1 using the "xlink:href" attribute due to mishandling of the xlink namespace by the sanitizer.

4.3
2019-12-11 CVE-2019-15008 Atlassian Cross-site Scripting vulnerability in Atlassian Crucible

The /plugins/servlet/branchreview resource in Atlassian Fisheye and Crucible before version 4.7.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the reviewedBranch parameter.

4.3
2019-12-11 CVE-2014-0026 Redhat Cross-Site Request Forgery (CSRF) vulnerability in Redhat Subscription Asset Manager 1.0.0

katello-headpin is vulnerable to CSRF in REST API

4.3
2019-12-11 CVE-2013-7371 Sencha
Debian
Cross-site Scripting vulnerability in multiple products

node-connects before 2.8.2 has cross site scripting in Sencha Labs Connect middleware (vulnerability due to incomplete fix for CVE-2013-7370)

4.3
2019-12-11 CVE-2013-7370 Redhat
Sencha
Opensuse
Debian
Cross-site Scripting vulnerability in multiple products

node-connect before 2.8.1 has XSS in the Sencha Labs Connect middleware

4.3
2019-12-11 CVE-2013-6495 Redhat Cross-site Scripting vulnerability in Redhat products

JBossWeb Bayeux has reflected XSS

4.3
2019-12-11 CVE-2013-4158 Smokeping
Debian
Fedoraproject
Cross-site Scripting vulnerability in multiple products

smokeping before 2.6.9 has XSS (incomplete fix for CVE-2012-0790)

4.3
2019-12-11 CVE-2019-19719 Tableau Cross-site Scripting vulnerability in Tableau Server

Tableau Server 10.3 through 2019.4 on Windows and Linux allows XSS via the embeddedAuthRedirect page.

4.3
2019-12-11 CVE-2019-19708 Mediawiki Cross-site Scripting vulnerability in Mediawiki Visual Editor 1.34

The VisualEditor extension through 1.34 for MediaWiki allows XSS via pasted content containing an element with a data-ve-clipboard-key attribute.

4.3
2019-12-10 CVE-2019-1481 Microsoft Out-of-bounds Read vulnerability in Microsoft Windows 7

An information disclosure vulnerability exists in Windows Media Player when it fails to properly handle objects in memory, aka 'Windows Media Player Information Disclosure Vulnerability'.

4.3
2019-12-10 CVE-2019-1480 Microsoft Out-of-bounds Read vulnerability in Microsoft Windows 7

An information disclosure vulnerability exists in Windows Media Player when it fails to properly handle objects in memory, aka 'Windows Media Player Information Disclosure Vulnerability'.

4.3
2019-12-10 CVE-2019-1467 Microsoft Information Exposure vulnerability in Microsoft products

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'.

4.3
2019-12-10 CVE-2019-1466 Microsoft Out-of-bounds Read vulnerability in Microsoft products

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'.

4.3
2019-12-10 CVE-2019-1465 Microsoft Out-of-bounds Read vulnerability in Microsoft products

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'.

4.3
2019-12-10 CVE-2019-1464 Microsoft Information Exposure vulnerability in Microsoft Excel, Office and Office 365 Proplus

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.

4.3
2019-12-10 CVE-2019-13763 Google
Debian
Fedoraproject
Redhat
Insufficient policy enforcement in payments in Google Chrome prior to 79.0.3945.79 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.
4.3
2019-12-10 CVE-2019-13761 Google
Debian
Fedoraproject
Redhat
Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
4.3
2019-12-10 CVE-2019-13759 Google
Debian
Fedoraproject
Redhat
Incorrect security UI in interstitials in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
4.3
2019-12-10 CVE-2019-13758 Google
Debian
Fedoraproject
Redhat
Insufficient policy enforcement in navigation in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
4.3
2019-12-10 CVE-2019-13757 Google
Debian
Fedoraproject
Redhat
Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
4.3
2019-12-10 CVE-2019-13756 Google
Debian
Fedoraproject
Redhat
Incorrect security UI in printing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
4.3
2019-12-10 CVE-2019-13755 Google
Debian
Fedoraproject
Redhat
Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to disable extensions via a crafted HTML page.
4.3
2019-12-10 CVE-2019-13754 Google
Debian
Fedoraproject
Redhat
Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
4.3
2019-12-10 CVE-2013-1689 Mozilla Improper Input Validation vulnerability in Mozilla Firefox

Mozilla Firefox 20.0a1 and earlier allows remote attackers to cause a denial of service (crash), related to event handling with frames.

4.3
2019-12-10 CVE-2019-4095 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Cloud PAK System 2.3/2.3.0.1

IBM Cloud Pak System 2.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

4.3
2019-12-10 CVE-2014-3656 Redhat Cross-site Scripting vulnerability in Redhat Jboss Keycloak

JBoss KeyCloak: XSS in login-status-iframe.html

4.3
2019-12-10 CVE-2019-19698 Libwav Project NULL Pointer Dereference vulnerability in Libwav Project Libwav

marc-q libwav through 2017-04-20 has a NULL pointer dereference in wav_content_read() at libwav.c.

4.3
2019-12-09 CVE-2013-0342 Pyrad Project Improper Input Validation vulnerability in Pyrad Project Pyrad

The CreateID function in packet.py in pyrad before 2.1 uses sequential packet IDs, which makes it easier for remote attackers to spoof packets by predicting the next ID, a different vulnerability than CVE-2013-0294.

4.3
2019-12-09 CVE-2015-3425 Accentis Cross-site Scripting vulnerability in Accentis Content Resource Management System

Cross-site scripting (XSS) vulnerability in Accentis Content Resource Management System before October 2015 patch allows remote attackers to inject arbitrary web script or HTML via the ctl00$cph_content$_uig_formState parameter.

4.3
2019-12-09 CVE-2014-0242 Modwsgi Information Exposure vulnerability in Modwsgi MOD Wsgi

mod_wsgi module before 3.4 for Apache, when used in embedded mode, might allow remote attackers to obtain sensitive information via the Content-Type header which is generated from memory that may have been freed and then overwritten by a separate thread.

4.3
2019-12-13 CVE-2019-5278 Huawei Out-of-bounds Read vulnerability in Huawei Campusinsight V100R019C00

There is an out-of-bounds read vulnerability in the Advanced Packages feature of the Gauss100 OLTP database in CampusInsight before V100R019C00SPC200.

4.0
2019-12-13 CVE-2019-5290 Huawei Improper Input Validation vulnerability in Huawei S5700 Firmware and S6700 Firmware

Huawei S5700 and S6700 have a DoS security vulnerability.

4.0
2019-12-11 CVE-2019-0399 SAP Unspecified vulnerability in SAP Portfolio and Project Management

SAP Portfolio and Project Management, before versions S4CORE 102, 103, EPPM 100 and CPRXRPM 500_702, 600_740, 610_740; unintentionally allows a user to discover accounting information of the Projects in Project dashboard, leading to Information Disclosure.

4.0
2019-12-11 CVE-2019-15009 Atlassian Unspecified vulnerability in Atlassian Crucible

The /json/profile/removeStarAjax.do resource in Atlassian Fisheye and Crucible before version 4.8.0 allows remote attackers to remove another user's favourite setting for a project via an improper authorization vulnerability.

4.0
2019-12-10 CVE-2019-1487 Microsoft Information Exposure vulnerability in Microsoft Authentication Library

An information disclosure vulnerability in Android Apps using Microsoft Authentication Library (MSAL) 0.3.1-Alpha or later exists under specific conditions, aka 'Microsoft Authentication Library for Android Information Disclosure Vulnerability'.

4.0
2019-12-10 CVE-2019-1470 Microsoft Improper Input Validation vulnerability in Microsoft products

An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Information Disclosure Vulnerability'.

4.0

41 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-12-14 CVE-2019-5252 Huawei Improper Authentication vulnerability in Huawei products

There is an improper authentication vulnerability in Huawei smartphones (Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro).

3.6
2019-12-12 CVE-2019-2338 Qualcomm Unspecified vulnerability in Qualcomm products

Crafted image that has a valid signature from a non-QC entity can be loaded which can read/write memory that belongs to the secure world in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, MSM8998, QCS404, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SM6150, SM7150, SM8150, SXR1130, SXR2130

3.6
2019-12-10 CVE-2013-2183 Monkey Project Exposure of Resource to Wrong Sphere vulnerability in Monkey-Project Monkey

Monkey HTTP Daemon has local security bypass

3.6
2019-12-13 CVE-2019-4426 IBM Cross-site Scripting vulnerability in IBM Business Automation Workflow and Case Manager

The Case Builder component shipped with 18.0.0.1 through 19.0.0.2 and IBM Case Manager 5.1.1 through 5.3 is vulnerable to cross-site scripting.

3.5
2019-12-12 CVE-2019-13931 Siemens Cross-site Scripting vulnerability in Siemens XHQ 6.0.0.0

A vulnerability has been identified in XHQ (All versions < V6.0.0.2).

3.5
2019-12-12 CVE-2019-19198 Scoutnet Cross-site Scripting vulnerability in Scoutnet Kalender 1.1.0

The Scoutnet Kalender plugin 1.1.0 for WordPress allows XSS.

3.5
2019-12-11 CVE-2019-0395 SAP Cross-site Scripting vulnerability in SAP Businessobjects Business Intelligence Platform

SAP BusinessObjects Business Intelligence Platform (Fiori BI Launchpad), before version 4.2, allows execution of JavaScript in a text module in Fiori BI Launchpad, leading to Stored Cross Site Scripting vulnerability.

3.5
2019-12-11 CVE-2019-18378 Symantec Cross-site Scripting vulnerability in Symantec Messaging Gateway

Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users.

3.5
2019-12-11 CVE-2019-4665 IBM Cross-site Scripting vulnerability in IBM Spectrum Scale

IBM Spectrum Scale 4.2 and 5.0 is vulnerable to cross-site scripting.

3.5
2019-12-11 CVE-2019-15007 Atlassian Cross-site Scripting vulnerability in Atlassian Crucible

The review resource in Atlassian Fisheye and Crucible before version 4.7.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the name of a missing branch.

3.5
2019-12-10 CVE-2019-1490 Microsoft Injection vulnerability in Microsoft Skype FOR Business 2019

A spoofing vulnerability exists when a Skype for Business Server does not properly sanitize a specially crafted request, aka 'Skype for Business Server Spoofing Vulnerability'.

3.5
2019-12-10 CVE-2019-4663 IBM Cross-site Scripting vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server - Liberty is vulnerable to cross-site scripting.

3.5
2019-12-09 CVE-2019-4611 IBM Cross-site Scripting vulnerability in IBM Planning Analytics 2.0

IBM Planning Analytics 2.0 is vulnerable to cross-site scripting.

3.5
2019-12-09 CVE-2019-4428 IBM Cross-site Scripting vulnerability in IBM Watson Assistant FOR IBM Cloud PAK FOR Data 1.0.0/1.3.0

IBM Watson Assistant for IBM Cloud Pak for Data 1.0.0 through 1.3.0 is vulnerable to cross-site scripting.

3.5
2019-12-09 CVE-2019-19687 Openstack Insufficiently Protected Credentials vulnerability in Openstack Keystone 15.0.0/16.0.0

OpenStack Keystone 15.0.0 and 16.0.0 is affected by Data Leakage in the list credentials API.

3.5
2019-12-09 CVE-2019-19682 Nopcommerce Cross-site Scripting vulnerability in Nopcommerce 4.20

nopCommerce through 4.20 allows XSS in the SaveStoreMappings of the components \Presentation\Nop.Web\Areas\Admin\Controllers\NewsController.cs and \Presentation\Nop.Web\Areas\Admin\Controllers\BlogController.cs via Body or Full to Admin/News/NewsItemEdit/[id] Admin/Blog/BlogPostEdit/[id].

3.5
2019-12-09 CVE-2019-19679 Xpand IT Cross-site Scripting vulnerability in Xpand-It Xray Test Mangaement

In "Xray Test Management for Jira" prior to version 3.5.5, remote authenticated attackers can cause XSS in the Pre-Condition Summary entry point via the summary field of a Create Pre-Condition action for a new Test Issue.

3.5
2019-12-09 CVE-2019-19678 Xpand IT Cross-site Scripting vulnerability in Xpand-It Xray Test Mangaement

In "Xray Test Management for Jira" prior to version 3.5.5, remote authenticated attackers can cause XSS in the generic field entry point via the Generic Test Definition field of a new Generic Test issue.

3.5
2019-12-12 CVE-2019-5062 W1 FI Origin Validation Error vulnerability in W1.Fi Hostapd 2.6

An exploitable denial-of-service vulnerability exists in the 802.11w security state handling for hostapd 2.6 connected clients with valid 802.11w sessions.

3.3
2019-12-12 CVE-2019-5061 W1 FI Improper Authentication vulnerability in W1.Fi Hostapd 2.6

An exploitable denial-of-service vulnerability exists in the hostapd 2.6, where an attacker could trigger AP to send IAPP location updates for stations, before the required authentication process has completed.

3.3
2019-12-10 CVE-2019-13762 Google
Debian
Fedoraproject
Redhat
Improper Locking vulnerability in multiple products

Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 79.0.3945.79 allowed a local attacker to spoof downloaded files via local code.

3.3
2019-12-09 CVE-2019-18380 Symantec Improper Authentication vulnerability in Symantec Industrial Control System Protection 6.0.0

Symantec Industrial Control System Protection (ICSP), versions 6.x.x, may be susceptible to an unauthorized access issue that could potentially allow a threat actor to create or modify application user accounts without proper authentication.

3.3
2019-12-15 CVE-2014-3536 Redhat Information Exposure Through Log Files vulnerability in Redhat Cloudforms Management Engine 5.0

CFME (CloudForms Management Engine) 5: RHN account information is logged to top_output.log during registration

2.1
2019-12-13 CVE-2019-5264 Huawei Unspecified vulnerability in Huawei products

There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9).

2.1
2019-12-13 CVE-2019-5258 Huawei Classic Buffer Overflow vulnerability in Huawei products

Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a buffer overflow vulnerability.

2.1
2019-12-13 CVE-2019-5257 Huawei Classic Buffer Overflow vulnerability in Huawei products

Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace) have a resource management vulnerability.

2.1
2019-12-13 CVE-2019-5256 Huawei NULL Pointer Dereference vulnerability in Huawei products

Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a null pointer dereference vulnerability.

2.1
2019-12-13 CVE-2019-5255 Huawei Out-of-bounds Read vulnerability in Huawei products

Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a DoS vulnerability.

2.1
2019-12-13 CVE-2014-0241 Theforeman
Redhat
Insufficiently Protected Credentials vulnerability in multiple products

rubygem-hammer_cli_foreman: File /etc/hammer/cli.modules.d/foreman.yml world readable

2.1
2019-12-12 CVE-2019-10618 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm Qca6390 Firmware

Driver may access an invalid address while processing IO control due to lack of check of address validation in Snapdragon Connectivity in QCA6390

2.1
2019-12-12 CVE-2019-10545 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm products

Null pointer dereference issue in kernel due to missing check related to LLC support in GPU in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music in QCS605, SDM670, SDM710, SM6150, SM7150, SM8150

2.1
2019-12-12 CVE-2019-10484 Qualcomm Use After Free vulnerability in Qualcomm products

Use after free issue occurs when command destructors access dynamically allocated response buffer which is already deallocated during previous command teardwon sequence in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8098, MSM8909W, Nicobar, QCS405, QCS605, SDA845, SDM660, SDM670, SDM710, SDM845, SDX24, SM6150, SM7150, SM8150, SM8250, SXR2130

2.1
2019-12-11 CVE-2019-0402 SAP Unspecified vulnerability in SAP Adaptive Server Enterprise 16.0

SAP Adaptive Server Enterprise, before versions 15.7 and 16.0, under certain conditions exposes some sensitive information to the admin, leading to Information Disclosure.

2.1
2019-12-10 CVE-2019-1488 Microsoft Unspecified vulnerability in Microsoft products

A security feature bypass vulnerability exists when Microsoft Defender improperly handles specific buffers, aka 'Microsoft Defender Security Feature Bypass Vulnerability'.

2.1
2019-12-10 CVE-2019-1474 Microsoft Information Exposure vulnerability in Microsoft products

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'.

2.1
2019-12-10 CVE-2019-1472 Microsoft Information Exposure vulnerability in Microsoft products

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'.

2.1
2019-12-10 CVE-2019-1469 Microsoft Information Exposure vulnerability in Microsoft products

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.

2.1
2019-12-10 CVE-2019-1463 Microsoft Information Exposure vulnerability in Microsoft Office and Office 365 Proplus

An information disclosure vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory, aka 'Microsoft Access Information Disclosure Vulnerability'.

2.1
2019-12-10 CVE-2019-1400 Microsoft Information Exposure vulnerability in Microsoft Office and Office 365 Proplus

An information disclosure vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory, aka 'Microsoft Access Information Disclosure Vulnerability'.

2.1
2019-12-10 CVE-2019-6192 Lenovo Classic Buffer Overflow vulnerability in Lenovo Power Management Driver

A potential vulnerability has been reported in Lenovo Power Management Driver versions prior to 1.67.17.48 leading to a buffer overflow which could cause a denial of service.

2.1
2019-12-09 CVE-2019-19645 Sqlite
Netapp
Oracle
Tenable
Siemens
Uncontrolled Recursion vulnerability in multiple products

alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.

2.1