US-CERT - Vulnerability Summary for the Week of July 15, 2019
Original release date: July 22, 2019
Back to top
Back to top
Back to top
Back to top
from CISA All NCAS Products https://www.us-cert.gov/ncas/bulletins/sb19-203
High Vulnerabilities
Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
adobe -- campaign | Adobe Campaign Classic version 18.10.5-8984 and earlier versions have a Command injection vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user. | 2019-07-18 | 7.5 | CVE-2019-7850 MISC |
archivesunleashed -- graphpass | borg-reducer c6d5240 is affected by: Buffer Overflow. The impact is: Possible code execution and denial of service. The component is: Output parameter within the executable. | 2019-07-15 | 7.5 | CVE-2019-1010044 MISC |
centos-webpanel -- centos_web_panel | In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, a cwpsrv-xxx cookie allows a normal user to craft and upload a session file to the /tmp directory, and use it to become the root user. | 2019-07-16 | 8.5 | CVE-2019-13359 MISC MISC |
centos-webpanel -- centos_web_panel | In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, remote attackers can bypass authentication in the login process by leveraging knowledge of a valid username. | 2019-07-16 | 7.5 | CVE-2019-13360 MISC MISC |
fanucamerica -- robotics_virtual_robot_controller | The remote admin webserver on FANUC Robotics Virtual Robot Controller 8.23 has a Buffer Overflow via a forged HTTP request. | 2019-07-17 | 7.5 | CVE-2019-13585 MISC BUGTRAQ |
foliovision -- fv_flowplayer_video_player | A SQL injection vulnerability exists in the FolioVision FV Flowplayer Video Player plugin before 7.3.19.727 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system. | 2019-07-17 | 10.0 | CVE-2019-13573 MISC CONFIRM CONFIRM |
gdnsd -- gdnsd | The set_ipv4() function in zscan_rfc1035.rl in gdnsd 3.x before 3.2.1 has a stack-based buffer overflow via a long and malformed IPv4 address in zone data. | 2019-07-18 | 7.5 | CVE-2019-13951 MISC |
gdnsd -- gdnsd | The set_ipv6() function in zscan_rfc1035.rl in gdnsd before 2.4.3 and 3.x before 3.2.1 has a stack-based buffer overflow via a long and malformed IPv6 address in zone data. | 2019-07-18 | 7.5 | CVE-2019-13952 MISC |
getvera -- vera_edge_firmware | LuaUPnP in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users to execute arbitrary OS commands via the code parameter to /port_3480/data_request because the "No unsafe lua allowed" code block is skipped. | 2019-07-14 | 10.0 | CVE-2019-13598 MISC |
gnu -- glibc | GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. | 2019-07-15 | 7.5 | CVE-2019-1010022 MISC |
layerbb -- layerbb | LayerBB 1.1.3 allows admin/general.php arbitrary file upload because the custom_logo filename suffix is not restricted, and .php may be used. | 2019-07-19 | 7.5 | CVE-2019-13973 MISC |
linaro -- op-tee | Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Boundary crossing. The impact is: Memory corruption of the TEE itself. The component is: optee_os. The fixed version is: 3.4.0 and later. | 2019-07-15 | 7.5 | CVE-2019-1010293 MISC |
linaro -- op-tee | Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Memory corruption and disclosure of memory content. The component is: optee_os. The fixed version is: 3.4.0 and later. | 2019-07-15 | 7.5 | CVE-2019-1010295 MISC |
linaro -- op-tee | Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Code execution in context of TEE core (kernel). The component is: optee_os. The fixed version is: 3.4.0 and later. | 2019-07-15 | 10.0 | CVE-2019-1010296 MISC |
linaro -- op-tee | Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Execution of code in TEE core (kernel) context. The component is: optee_os. The fixed version is: 3.4.0 and later. | 2019-07-15 | 10.0 | CVE-2019-1010297 MISC |
linaro -- op-tee | Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Code execution in the context of TEE core (kernel). The component is: optee_os. The fixed version is: 3.4.0 and later. | 2019-07-15 | 10.0 | CVE-2019-1010298 MISC |
microsoft -- chakracore | A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1004, CVE-2019-1056, CVE-2019-1059. | 2019-07-15 | 7.6 | CVE-2019-1001 MISC |
microsoft -- chakracore | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1092, CVE-2019-1103, CVE-2019-1106, CVE-2019-1107. | 2019-07-15 | 7.6 | CVE-2019-1062 MISC |
microsoft -- chakracore | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1103, CVE-2019-1106, CVE-2019-1107. | 2019-07-15 | 7.6 | CVE-2019-1092 MISC |
microsoft -- chakracore | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1106, CVE-2019-1107. | 2019-07-15 | 7.6 | CVE-2019-1103 N/A |
microsoft -- chakracore | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1107. | 2019-07-15 | 7.6 | CVE-2019-1106 N/A |
microsoft -- chakracore | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1106. | 2019-07-15 | 7.6 | CVE-2019-1107 N/A |
microsoft -- edge | A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'. | 2019-07-15 | 7.6 | CVE-2019-1104 N/A |
microsoft -- excel | A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1111. | 2019-07-15 | 9.3 | CVE-2019-1110 N/A |
microsoft -- excel | A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1110. | 2019-07-15 | 9.3 | CVE-2019-1111 N/A |
microsoft -- internet_explorer | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1001, CVE-2019-1056, CVE-2019-1059. | 2019-07-15 | 7.6 | CVE-2019-1004 MISC |
microsoft -- internet_explorer | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1001, CVE-2019-1004, CVE-2019-1059. | 2019-07-15 | 7.6 | CVE-2019-1056 MISC |
microsoft -- internet_explorer | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1001, CVE-2019-1004, CVE-2019-1056. | 2019-07-15 | 7.6 | CVE-2019-1059 MISC |
microsoft -- internet_explorer | A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'. | 2019-07-15 | 7.6 | CVE-2019-1063 MISC |
microsoft -- team_foundation_server | A remote code execution vulnerability exists when Azure DevOps Server and Team Foundation Server (TFS) improperly handle user input, aka 'Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability'. | 2019-07-15 | 7.5 | CVE-2019-1072 MISC |
microsoft -- windows_10 | A remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal Services - when an authenticated attacker abuses clipboard redirection, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. | 2019-07-15 | 8.5 | CVE-2019-0887 MISC |
microsoft -- windows_10 | An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'. | 2019-07-15 | 7.2 | CVE-2019-0999 MISC |
microsoft -- windows_10 | An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. | 2019-07-15 | 7.2 | CVE-2019-1067 MISC |
microsoft -- windows_10 | An elevation of privilege vulnerability exists in Microsoft Windows where a certain DLL, with Local Service privilege, is vulnerable to race planting a customized DLL.An attacker who successfully exploited this vulnerability could potentially elevate privilege to SYSTEM.The update addresses this vulnerability by requiring SYSTEM privileges for a certain DLL., aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1074. | 2019-07-15 | 7.2 | CVE-2019-1082 MISC |
microsoft -- windows_10 | An elevation of privilege vulnerability exists in rpcss.dll when the RPC service Activation Kernel improperly handles an RPC request. To exploit this vulnerability, a low level authenticated attacker could run a specially crafted application. The security update addresses this vulnerability by correcting how rpcss.dll handles these requests., aka 'Windows RPCSS Elevation of Privilege Vulnerability'. | 2019-07-15 | 7.2 | CVE-2019-1089 MISC MISC |
microsoft -- windows_10 | An elevation of privilege vulnerability exists in the way that the dnsrslvr.dll handles objects in memory, aka 'Windows dnsrlvr.dll Elevation of Privilege Vulnerability'. | 2019-07-15 | 7.2 | CVE-2019-1090 MISC |
microsoft -- windows_10 | A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. | 2019-07-15 | 9.3 | CVE-2019-1102 N/A |
microsoft -- windows_10 | A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124, CVE-2019-1127, CVE-2019-1128. | 2019-07-15 | 9.3 | CVE-2019-1117 N/A |
microsoft -- windows_10 | A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124, CVE-2019-1127, CVE-2019-1128. | 2019-07-15 | 9.3 | CVE-2019-1118 N/A |
microsoft -- windows_10 | A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124, CVE-2019-1127, CVE-2019-1128. | 2019-07-15 | 9.3 | CVE-2019-1119 N/A |
microsoft -- windows_10 | A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124, CVE-2019-1127, CVE-2019-1128. | 2019-07-15 | 9.3 | CVE-2019-1120 N/A |
microsoft -- windows_10 | A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124, CVE-2019-1127, CVE-2019-1128. | 2019-07-15 | 9.3 | CVE-2019-1121 N/A |
microsoft -- windows_10 | A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1123, CVE-2019-1124, CVE-2019-1127, CVE-2019-1128. | 2019-07-15 | 9.3 | CVE-2019-1122 N/A |
microsoft -- windows_10 | A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1124, CVE-2019-1127, CVE-2019-1128. | 2019-07-15 | 9.3 | CVE-2019-1123 N/A |
microsoft -- windows_10 | A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123, CVE-2019-1127, CVE-2019-1128. | 2019-07-15 | 9.3 | CVE-2019-1124 N/A |
microsoft -- windows_10 | A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124, CVE-2019-1128. | 2019-07-15 | 9.3 | CVE-2019-1127 N/A |
microsoft -- windows_10 | A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124, CVE-2019-1127. | 2019-07-15 | 9.3 | CVE-2019-1128 N/A |
microsoft -- windows_10 | An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1130. | 2019-07-15 | 7.2 | CVE-2019-1129 N/A |
microsoft -- windows_10 | An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1129. | 2019-07-15 | 7.2 | CVE-2019-1130 N/A |
microsoft -- windows_7 | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. | 2019-07-15 | 7.2 | CVE-2019-1132 N/A |
microsoft -- windows_server_2012 | A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP failover server, aka 'Windows DHCP Server Remote Code Execution Vulnerability'. | 2019-07-15 | 7.5 | CVE-2019-0785 MISC |
onosproject -- onos | In ONOS 1.15.0, apps/yang/web/src/main/java/org/onosproject/yang/web/YangWebResource.java mishandles backquote characters within strings that can be used in a shell command. | 2019-07-16 | 10.0 | CVE-2019-13624 MISC |
rapid7 -- insight_agent | Rapid7 Insight Agent, version 2.6.3 and prior, suffers from a local privilege escalation due to an uncontrolled DLL search path. Specifically, when Insight Agent 2.6.3 and prior starts, the Python interpreter attempts to load python3.dll at "C:\DLLs\python3.dll," which normally is writable by locally authenticated users. Because of this, a malicious local user could use Insight Agent's startup conditions to elevate to SYSTEM privileges. This issue was fixed in Rapid7 Insight Agent 2.6.4. | 2019-07-12 | 7.2 | CVE-2019-5629 MISC FULLDISC MISC CONFIRM BUGTRAQ |
realization -- concerto_critical_chain_planner | Realization Concerto Critical Chain Planner (aka CCPM) 5.10.8071 has SQL Injection in at least in the taskupdt/taskdetails.aspx webpage via the projectname parameter. | 2019-07-12 | 7.5 | CVE-2019-13027 MISC |
saltstack -- salt_2018 | SaltStack Salt 2018.3, 2019.2 is affected by: SQL Injection. The impact is: An attacker could escalate privileges on MySQL server deployed by cloud provider. It leads to RCE. The component is: The mysql.user_chpass function from the MySQL module for Salt (https://ift.tt/2XQbbC5). The attack vector is: specially crafted password string. The fixed version is: 2018.3.4. | 2019-07-18 | 7.5 | CVE-2019-1010259 MISC MISC MISC |
schneider-electric -- proclima | A CWE-94: Code Injection vulnerability exists in ProClima (all versions prior to version 8.0.0) which could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system in all versions of ProClima prior to version 8.0.0. | 2019-07-15 | 10.0 | CVE-2019-6823 MISC |
schneider-electric -- proclima | A CWE-119: Buffer Errors vulnerability exists in ProClima (all versions prior to version 8.0.0) which allows an unauthenticated, remote attacker to execute arbitrary code on the targeted system in all versions of ProClima prior to version 8.0.0. | 2019-07-15 | 10.0 | CVE-2019-6824 MISC |
sertek -- xpare | An issue was discovered in Sertek Xpare 3.67. The login form does not sanitize input data. Because of this, a malicious agent could access the backend database via SQL injection. | 2019-07-17 | 10.0 | CVE-2019-13447 MISC |
videolan -- vlc_media_player | VideoLAN VLC media player 3.0.7.1 has a heap-based buffer over-read in mkv::demux_sys_t::FreeUnused() in modules/demux/mkv/demux.cpp when called from mkv::Open in modules/demux/mkv/mkv.cpp. | 2019-07-16 | 7.5 | CVE-2019-13615 MISC |
wpeverest -- everest_forms | A SQL injection vulnerability exists in WPEverest Everest Forms plugin for WordPress through 1.4.9. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via includes/evf-entry-functions.php | 2019-07-18 | 7.5 | CVE-2019-13575 CONFIRM MISC MISC MISC MISC |
zohocorp -- manageengine_admanager_plus | Zoho ManageEngine ADManager Plus 6.6.5, ADSelfService Plus 5.7, and DesktopCentral 10.0.380 have Insecure Permissions, leading to Privilege Escalation from low level privileges to System. | 2019-07-17 | 8.5 | CVE-2019-12876 BID MISC |
Medium Vulnerabilities
Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
adobe -- campaign | Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Insufficient input validation vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user. | 2019-07-18 | 5.0 | CVE-2019-7843 MISC |
adobe -- campaign | Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Improper error handling vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user. | 2019-07-18 | 5.0 | CVE-2019-7846 MISC |
adobe -- campaign | Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Improper Restriction of XML External Entity Reference ('XXE') vulnerability. Successful exploitation could lead to Arbitrary read access to the file system in the context of the current user. | 2019-07-18 | 5.0 | CVE-2019-7847 MISC |
adobe -- campaign | Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Inadequate access control vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user. | 2019-07-18 | 5.0 | CVE-2019-7848 MISC |
adobe -- campaign | Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Information Exposure Through an Error Message vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user. | 2019-07-18 | 5.0 | CVE-2019-7941 MISC |
adobe -- dreamweaver | Adobe Dreamweaver direct download installer versions 19.0 and below, 18.0 and below have an Insecure Library Loading (DLL hijacking) vulnerability. Successful exploitation could lead to Privilege Escalation in the context of the current user. | 2019-07-18 | 6.8 | CVE-2019-7956 MISC |
adobe -- experience_manager | Adobe Experience Manager version 6.4 and ealier have a Cross-Site Request Forgery vulnerability. Successful exploitation could lead to Sensitive Information disclosure in the context of the current user. | 2019-07-18 | 4.3 | CVE-2019-7953 MISC |
adobe -- experience_manager | Adobe Experience Manager version 6.4 and ealier have a Reflected Cross-site Scripting vulnerability. Successful exploitation could lead to Sensitive Information disclosure in the context of the current user. | 2019-07-18 | 5.8 | CVE-2019-7955 MISC |
altn -- mdaemon_webmail | MDaemon Webmail (formerly WorldClient) has CSRF. | 2019-07-19 | 6.8 | CVE-2018-17792 MISC MISC |
apache -- roller | A Reflected Cross-site Scripting (XSS) vulnerability exists in Apache Roller. Roller's Math Comment Authenticator did not property sanitize user input and could be exploited to perform Reflected Cross Site Scripting (XSS). The mitigation for this vulnerability is to upgrade to the latest version of Roller, which is now Roller 5.2.3. | 2019-07-15 | 4.3 | CVE-2019-0234 CONFIRM |
automattic -- camptix_event_ticketing | The CampTix Event Ticketing plugin before 1.5 for WordPress allows CSV injection when the export tool is used. | 2019-07-18 | 5.1 | CVE-2016-10762 MISC MISC |
axiosys -- bento4 | In Bento4 1.5.1-627, AP4_DataBuffer::SetDataSize does not handle reallocation failures, leading to a memory copy into a NULL pointer. This is different from CVE-2018-20186. | 2019-07-18 | 4.3 | CVE-2019-13959 MISC |
blackberry -- qnx_software_development_platform | An information disclosure vulnerability leading to a potential local escalation of privilege in the procfs service (the /proc filesystem) of BlackBerry QNX Software Development Platform version(s) 6.5.0 SP1 and earlier could allow an attacker to potentially gain unauthorized access to a chosen process address space. | 2019-07-12 | 4.6 | CVE-2019-8998 MISC |
centos-webpanel -- centos_web_panel | In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, the Login process allows attackers to check whether a username is valid by reading the HTTP response. | 2019-07-16 | 5.0 | CVE-2019-13383 MISC MISC |
centos-webpanel -- centos_web_panel | In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.838 to 0.9.8.846, remote attackers can bypass authentication in the login process by leveraging the knowledge of a valid username. The attacker must defeat an encoding that is not equivalent to base64, and thus this is different from CVE-2019-13360. | 2019-07-16 | 6.5 | CVE-2019-13605 MISC MISC MISC |
cmsmadesimple -- bable:multilingual_site | Babel: Multilingual site Babel All is affected by: Open Redirection. The impact is: Redirection to any URL, which is supplied to redirect.php in a "newurl" parameter. The component is: redirect.php. The attack vector is: The victim must open a link created by an attacker. Attacker may use any legitimate site using Babel to redirect user to a URL of his/her choosing. | 2019-07-16 | 5.8 | CVE-2019-1010290 MISC MISC |
deepsoft -- weblibrarian | Deepwoods Software WebLibrarian 3.5.2 and earlier is affected by: SQL Injection. The impact is: Exposing the entire database. The component is: Function "AllBarCodes" (defined at database_code.php line 1018) is vulnerable to a boolean-based blind sql injection. This function call can be triggered by any user logged-in with at least Volunteer role or manage_circulation capabilities. PoC : /wordpress/wp-admin/admin.php?page=weblib-circulation-desk&orderby=title&order=DESC. | 2019-07-15 | 4.0 | CVE-2019-1010034 MISC |
digium -- asterisk | Buffer overflow in res_pjsip_messaging in Digium Asterisk versions 13.21-cert3, 13.27.0, 15.7.2, 16.4.0 and earlier allows remote authenticated users to crash Asterisk by sending a specially crafted SIP MESSAGE message. | 2019-07-12 | 4.0 | CVE-2019-12827 CONFIRM CONFIRM |
dolibarr -- dolibarr | Dolibarr 6.0.4 is affected by: Cross Site Scripting (XSS). The impact is: Cookie stealing. The component is: htdocs/product/stats/card.php. The attack vector is: Victim must click a specially crafted link sent by the attacker. | 2019-07-14 | 4.3 | CVE-2019-1010016 MISC |
dolibarr -- dolibarr | Dolibarr 7.0.0 is affected by: Cross Site Request Forgery (CSRF). The impact is: allow malitious html to change user password, disable users and disable password encryptation. The component is: Function User password change, user disable and password encryptation. The attack vector is: admin access malitious urls. | 2019-07-18 | 6.8 | CVE-2019-1010054 MISC |
domainmod -- domainmod | domainmod v4.10.0 is affected by: Cross Site Request Forgery (CSRF). The impact is: There is a CSRF vulnerability that can change admin password. The component is: https://ift.tt/30ygraq https://ift.tt/2xWSfSI https://ift.tt/32yERSV. The attack vector is: After the administrator logged in, open the html page. | 2019-07-18 | 6.8 | CVE-2019-1010094 MISC |
domainmod -- domainmod | domainmod(https://domainmod.org/) domainmod v4.10.0 is affected by: Cross Site Request Forgery (CSRF). The impact is: There is a CSRF vulnerability that can add the administrator account. The component is: https://ift.tt/2xWSfSI. The attack vector is: After the administrator logged in, open the html page. | 2019-07-18 | 6.8 | CVE-2019-1010095 MISC |
domainmod -- domainmod | domainmod(https://domainmod.org/) domainmod v4.10.0 is affected by: Cross Site Request Forgery (CSRF). The impact is: There is a CSRF vulnerability that can change the read-only user to admin. The component is: https://ift.tt/32yERSV. The attack vector is: After the administrator logged in, open the html page. | 2019-07-18 | 6.8 | CVE-2019-1010096 MISC |
eclipse -- openj9 | AIX builds of Eclipse OpenJ9 before 0.15.0 contain unused RPATHs which may facilitate code injection and privilege elevation by local users. | 2019-07-17 | 4.6 | CVE-2019-11771 CONFIRM |
fanucamerica -- robotics_virtual_robot_controller | The remote admin webserver on FANUC Robotics Virtual Robot Controller 8.23 allows Directory Traversal via a forged HTTP request. | 2019-07-17 | 5.0 | CVE-2019-13584 MISC BUGTRAQ |
flatcore -- flatcore | A CSRF vulnerability was found in flatCore before 1.5, leading to the upload of arbitrary .php files via acp/core/files.upload-script.php. | 2019-07-18 | 6.8 | CVE-2019-13961 MISC MISC |
gitea -- gitea | Gitea 1.7.0 and earlier is affected by: Cross Site Scripting (XSS). The impact is: Attacker is able to have victim execute arbitrary JS in browser. The component is: go-get URL generation - PR to fix: https://ift.tt/2K1QWYH. The attack vector is: victim must open a specifically crafted URL. The fixed version is: 1.7.1 and later. | 2019-07-18 | 4.3 | CVE-2019-1010261 MISC |
gnome -- evince | Evince 3.26.0 is affected by buffer overflow. The impact is: DOS / Possible code execution. The component is: backend/tiff/tiff-document.c. The attack vector is: Victim must open a crafted PDF file. The issue occurs because of an incorrect integer overflow protection mechanism in tiff_document_render and tiff_document_get_thumbnail. | 2019-07-14 | 6.8 | CVE-2019-1010006 MISC MISC |
gnu -- glibc | GNU Libc current is affected by: Re-mapping current loaded libray with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. | 2019-07-15 | 6.8 | CVE-2019-1010023 BID MISC |
gnu -- glibc | GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. | 2019-07-15 | 5.0 | CVE-2019-1010024 BID MISC |
gnu -- glibc | GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. | 2019-07-15 | 5.0 | CVE-2019-1010025 MISC |
gpac -- gpac | In GPAC before 0.8.0, isomedia/isom_read.c in libgpac.a has a heap-based buffer over-read, as demonstrated by a crash in gf_m2ts_sync in media_tools/mpegts.c. | 2019-07-16 | 5.0 | CVE-2019-13618 MISC MISC |
hexoeditor_project -- hexoeditor | HexoEditor v1.1.8-beta is affected by: XSS to code execution. | 2019-07-14 | 4.3 | CVE-2019-1010005 MISC MISC |
ht2labs -- learning_locker | In HT2 Labs Learning Locker 3.15.1, it's possible to inject malicious HTML and JavaScript code into the DOM of the website via the PATH_INFO to the dashboards/ URI. | 2019-07-16 | 4.3 | CVE-2019-12834 MISC |
http-file-server_project -- http-file-server | A path traversal vulnerability in <= v0.2.6 of http-file-server npm module allows attackers to list files in arbitrary folders. | 2019-07-15 | 5.0 | CVE-2019-5447 MISC |
ibm -- jazz_for_service_management | IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2 is missing function level access control that could allow a user to delete authorized resources. IBM X-Force ID: 159033. | 2019-07-17 | 4.0 | CVE-2019-4194 CONFIRM XF |
ibm -- maximo_asset_management | IBM Maximo Asset Management 7.6 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 162887. | 2019-07-17 | 5.0 | CVE-2019-4430 XF CONFIRM |
ibm -- qradar_security_information_and_event_manager | IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 155345. | 2019-07-17 | 4.3 | CVE-2018-2021 XF CONFIRM |
ibm -- qradar_security_information_and_event_manager | IBM QRadar SIEM 7.2 and 7.3 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 155346. | 2019-07-17 | 5.0 | CVE-2018-2022 XF CONFIRM |
jenkins -- jenkins | CSRF tokens in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier did not expire, thereby allowing attackers able to obtain them to bypass CSRF protection. | 2019-07-17 | 5.1 | CVE-2019-10353 MLIST MISC |
jhead_project -- jhead | jhead 3.03 is affected by: Buffer Overflow. The impact is: Denial of service. The component is: gpsinfo.c Line 151 ProcessGpsInfo(). The attack vector is: Open a specially crafted JPEG file. | 2019-07-15 | 4.3 | CVE-2019-1010301 MISC |
jhead_project -- jhead | jhead 3.03 is affected by: Incorrect Access Control. The impact is: Denial of service. The component is: iptc.c Line 122 show_IPTC(). The attack vector is: the victim must open a specially crafted JPEG file. | 2019-07-15 | 4.3 | CVE-2019-1010302 MISC |
knot-resolver -- knot_resolver | A vulnerability was discovered in DNS resolver component of knot resolver through version 3.2.0 before 4.1.0 which allows remote attackers to bypass DNSSEC validation for non-existence answer. NXDOMAIN answer would get passed through to the client even if its DNSSEC validation failed, instead of sending a SERVFAIL packet. Caching is not affected by this particular bug but see CVE-2019-10191. | 2019-07-16 | 5.0 | CVE-2019-10190 CONFIRM FEDORA FEDORA CONFIRM |
layerbb -- layerbb | LayerBB 1.1.3 allows XSS via the application/commands/new.php pm_title variable, a related issue to CVE-2019-17997. | 2019-07-19 | 4.3 | CVE-2019-13972 MISC |
layerbb -- layerbb | LayerBB 1.1.3 allows conversations.php/cmd/new CSRF. | 2019-07-19 | 6.8 | CVE-2019-13974 MISC |
libnmap -- libnmap | libnmap < v0.6.3 is affected by: XML Injection. The impact is: Denial of service (DoS) by consuming resources. The component is: XML Parsing. The attack vector is: Specially crafted XML payload. | 2019-07-14 | 5.0 | CVE-2019-1010017 MISC |
libsdl -- libsdl | SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c. | 2019-07-16 | 6.8 | CVE-2019-13616 MISC |
linaro -- op-tee | Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Rounding error. The impact is: Potentially leaking code and/or data from previous Trusted Application. The component is: optee_os. The fixed version is: 3.4.0 and later. | 2019-07-15 | 5.0 | CVE-2019-1010294 MISC |
lodash -- lodash | lodash prior to 4.17.11 is affected by: CWE-400: Uncontrolled Resource Consumption. The impact is: Denial of service. The component is: Date handler. The attack vector is: Attacker provides very long strings, which the library attempts to match using a regular expression. The fixed version is: 4.17.11. | 2019-07-17 | 4.0 | CVE-2019-1010266 MISC CONFIRM MISC |
metinfo -- metinfo | Metinfo 6.x allows SQL Injection via the id parameter in an admin/index.php?n=ui_set&m=admin&c=index&a=doget_text_content&table=lang&field=1 request. | 2019-07-19 | 6.5 | CVE-2019-13969 MISC |
microsoft -- .net_framework | An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'. | 2019-07-15 | 5.0 | CVE-2019-1006 MISC |
microsoft -- .net_framework | A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests, aka '.NET Denial of Service Vulnerability'. | 2019-07-15 | 5.0 | CVE-2019-1083 MISC |
microsoft -- .net_framework | A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'. | 2019-07-15 | 6.8 | CVE-2019-1113 N/A |
microsoft -- asp.net_core | A spoofing vulnerability exists in ASP.NET Core that could lead to an open redirect, aka 'ASP.NET Core Spoofing Vulnerability'. | 2019-07-15 | 5.8 | CVE-2019-1075 MISC |
microsoft -- azure_automation | An elevation of privilege vulnerability exists in Azure Automation "RunAs account" runbooks for users with contributor role, aka 'Azure Automation Elevation of Privilege Vulnerability'. | 2019-07-15 | 4.0 | CVE-2019-0962 MISC |
microsoft -- exchange_server | An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. | 2019-07-15 | 5.1 | CVE-2019-1136 N/A |
microsoft -- office | A spoofing vulnerability exists when Microsoft Office Javascript does not check the validity of the web page making a request to Office documents.An attacker who successfully exploited this vulnerability could read or write information in Office documents.The security update addresses the vulnerability by correcting the way that Microsoft Office Javascript verifies trusted web pages., aka 'Microsoft Office Spoofing Vulnerability'. | 2019-07-15 | 6.4 | CVE-2019-1109 N/A |
microsoft -- office | An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'. | 2019-07-15 | 4.3 | CVE-2019-1112 N/A |
microsoft -- sql_server | A remote code execution vulnerability exists in Microsoft SQL Server when it incorrectly handles processing of internal functions, aka 'Microsoft SQL Server Remote Code Execution Vulnerability'. | 2019-07-15 | 6.5 | CVE-2019-1068 MISC |
microsoft -- visual_studio | An information disclosure vulnerability exists when Visual Studio improperly parses XML input in certain settings files, aka 'Visual Studio Information Disclosure Vulnerability'. | 2019-07-15 | 4.3 | CVE-2019-1079 MISC |
microsoft -- visual_studio_2017 | An elevation of privilege vulnerability exists when the Visual Studio updater service improperly handles file permissions, aka 'Visual Studio Elevation of Privilege Vulnerability'. | 2019-07-15 | 6.6 | CVE-2019-1077 MISC |
microsoft -- windows_10 | A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls, aka 'Microsoft splwow64 Elevation of Privilege Vulnerability'. | 2019-07-15 | 4.6 | CVE-2019-0880 MISC |
microsoft -- windows_10 | A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. | 2019-07-15 | 5.5 | CVE-2019-0966 MISC |
microsoft -- windows_10 | An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. | 2019-07-15 | 6.9 | CVE-2019-1037 MISC |
microsoft -- windows_10 | An elevation of privilege vulnerability exists in the way that the wlansvc.dll handles objects in memory, aka 'Windows WLAN Service Elevation of Privilege Vulnerability'. | 2019-07-15 | 4.6 | CVE-2019-1085 MISC |
microsoft -- windows_10 | An elevation of privilege exists in Windows Audio Service, aka 'Windows Audio Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1087, CVE-2019-1088. | 2019-07-15 | 4.6 | CVE-2019-1086 MISC |
microsoft -- windows_10 | An elevation of privilege exists in Windows Audio Service, aka 'Windows Audio Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1086, CVE-2019-1088. | 2019-07-15 | 4.6 | CVE-2019-1087 MISC |
microsoft -- windows_10 | An elevation of privilege exists in Windows Audio Service, aka 'Windows Audio Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1086, CVE-2019-1087. | 2019-07-15 | 4.6 | CVE-2019-1088 MISC |
microsoft -- windows_10 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1095, CVE-2019-1098, CVE-2019-1099, CVE-2019-1100, CVE-2019-1101, CVE-2019-1116. | 2019-07-15 | 4.3 | CVE-2019-1094 MISC |
microsoft -- windows_10 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1094, CVE-2019-1098, CVE-2019-1099, CVE-2019-1100, CVE-2019-1101, CVE-2019-1116. | 2019-07-15 | 4.3 | CVE-2019-1095 MISC |
microsoft -- windows_10 | An information disclosure vulnerability exists when the Windows RDP client improperly discloses the contents of its memory, aka 'Remote Desktop Protocol Client Information Disclosure Vulnerability'. | 2019-07-15 | 4.0 | CVE-2019-1108 N/A |
microsoft -- windows_7 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1094, CVE-2019-1095, CVE-2019-1099, CVE-2019-1100, CVE-2019-1101, CVE-2019-1116. | 2019-07-15 | 4.3 | CVE-2019-1098 N/A |
microsoft -- windows_7 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1094, CVE-2019-1095, CVE-2019-1098, CVE-2019-1100, CVE-2019-1101, CVE-2019-1116. | 2019-07-15 | 4.3 | CVE-2019-1099 N/A |
microsoft -- windows_7 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1094, CVE-2019-1095, CVE-2019-1098, CVE-2019-1099, CVE-2019-1101, CVE-2019-1116. | 2019-07-15 | 4.3 | CVE-2019-1100 N/A |
microsoft -- windows_7 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1094, CVE-2019-1095, CVE-2019-1098, CVE-2019-1099, CVE-2019-1100, CVE-2019-1116. | 2019-07-15 | 4.3 | CVE-2019-1101 N/A |
microsoft -- windows_7 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1094, CVE-2019-1095, CVE-2019-1098, CVE-2019-1099, CVE-2019-1100, CVE-2019-1101. | 2019-07-15 | 4.3 | CVE-2019-1116 N/A |
microsoft -- windows_server_2012 | A denial of service vulnerability exists in Windows DNS Server when it fails to properly handle DNS queries, aka 'Windows DNS Server Denial of Service Vulnerability'. | 2019-07-15 | 5.0 | CVE-2019-0811 MISC |
microstrategy -- microstrategy_web | In MicroStrategy Web before 10.4.6, there is stored XSS in metric due to insufficient input validation. | 2019-07-17 | 4.3 | CVE-2019-12475 MISC |
mirumee -- saleor | In Mirumee Saleor 2.7.0 (fixed in 2.8.0), CSRF protection middleware was accidentally disabled, which allowed attackers to send a POST request without a valid CSRF token and be accepted by the server. | 2019-07-14 | 6.8 | CVE-2019-13594 MISC |
moinejf -- abcm2ps | moinejf abcm2ps 8.13.20 is affected by: Incorrect Access Control. The impact is: Allows attackers to cause a denial of service attack via a crafted file. The component is: front.c, function txt_add. The fixed version is: after commit commit 08aef597656d065e86075f3d53fda89765845eae. | 2019-07-18 | 4.3 | CVE-2019-1010069 MISC MISC |
myt_project -- myt | In MyT 1.5.1, the User[username] parameter has XSS. | 2019-07-17 | 4.3 | CVE-2019-13346 EXPLOIT-DB |
netfilter -- iptables | A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c. | 2019-07-12 | 4.3 | CVE-2019-11360 MISC CONFIRM |
nginx -- njs | njs through 0.3.3, used in NGINX, has a heap-based buffer over-read in nxt_vsprintf in nxt/nxt_sprintf.c during error handling, as demonstrated by an njs_regexp_literal call that leads to an njs_parser_lexer_error call and then an njs_parser_scope_error call. | 2019-07-16 | 4.3 | CVE-2019-13617 MISC MISC |
nsa -- ghidra | In NSA Ghidra through 9.0.4, path traversal can occur in RestoreTask.java (from the package ghidra.app.plugin.core.archive) via an archive with an executable file that has an initial ../ in its filename. This allows attackers to overwrite arbitrary files in scenarios where an intermediate analysis result is archived for sharing with other persons. To achieve arbitrary code execution, one approach is to overwrite some critical Ghidra modules, e.g., the decompile module. | 2019-07-16 | 6.8 | CVE-2019-13623 MISC MISC |
ovidentia -- ovidentia | Ovidentia 8.4.3 has SQL Injection via the id parameter in an index.php?tg=delegat&idx=mem request. | 2019-07-19 | 6.5 | CVE-2019-13978 MISC |
paloaltonetworks -- pan-os | Information disclosure in PAN-OS 7.1.23 and earlier, PAN-OS 8.0.18 and earlier, PAN-OS 8.1.8-h4 and earlier, and PAN-OS 9.0.2 and earlier may allow for an authenticated user with read-only privileges to extract the API key of the device and/or the username/password from the XML API (in PAN-OS) and possibly escalate privileges granted to them. | 2019-07-16 | 6.5 | CVE-2019-1575 BID CONFIRM |
paloaltonetworks -- pan-os | Command injection in PAN-0S 9.0.2 and earlier may allow an authenticated attacker to gain access to a remote shell in PAN-OS, and potentially run with the escalated user?s permissions. | 2019-07-16 | 6.5 | CVE-2019-1576 CONFIRM |
python -- python | http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server with a hostname that has another valid hostname as a suffix (e.g., pythonicexample.com to steal cookies for example.com). When a program uses http.cookiejar.DefaultPolicy and tries to do an HTTP connection to an attacker-controlled server, existing cookies can be leaked to the attacker. This affects 2.x through 2.7.16, 3.x before 3.4.10, 3.5.x before 3.5.7, 3.6.x before 3.6.9, and 3.7.x before 3.7.3. | 2019-07-13 | 5.0 | CVE-2018-20852 MISC MISC |
rust-lang -- rust | The Rust Programming Language Standard Library 1.18.0 and later is affected by: CWE-200: Information Exposure. The impact is: Contents of uninitialized memory could be printed to string or to log file. The component is: Debug trait implementation for std::collections::vec_deque::Iter. The attack vector is: The program needs to invoke debug printing for iterator over an empty VecDeque. The fixed version is: 1.30.0, nightly versions after commit b85e4cc8fadaabd41da5b9645c08c68b8f89908d. | 2019-07-15 | 5.0 | CVE-2019-1010299 MISC MISC |
schneider-electric -- interactive_graphical_scada_system | A CWE-787: Out-of-bounds Write vulnerability exists in Interactive Graphical SCADA System (IGSS), Version 14 and prior, which could cause a software crash when data in the mdb database is manipulated. | 2019-07-15 | 6.8 | CVE-2019-6827 MISC |
schneider-electric -- proclima | A CWE-427: Uncontrolled Search Path Element vulnerability exists in ProClima (all versions prior to version 8.0.0) which could allow a malicious DLL file, with the same name of any resident DLLs inside the software installation, to execute arbitrary code in all versions of ProClima prior to version 8.0.0. | 2019-07-15 | 6.8 | CVE-2019-6825 MISC |
schneider-electric -- zelio_soft_2 | A Use After Free: CWE-416 vulnerability exists in Zelio Soft 2, V5.2 and earlier, which could cause remote code execution when opening a specially crafted Zelio Soft 2 project file. | 2019-07-15 | 6.8 | CVE-2019-6822 MISC |
school_college_portal_with_erp_script_project -- school_college_portal_with_erp_script | phpscriptsmall.com School College Portal with ERP Script 2.6.1 and earlier is affected by: Cross Site Scripting (XSS). The impact is: Attack administrators and teachers, students and more. The component is: /pro-school/index.php?student/message/send_reply/. The attack vector is: <img src=x onerror=alert(document.domain) />. | 2019-07-15 | 4.3 | CVE-2019-1010028 MISC |
sertek -- xpare | An issue was discovered in Sertek Xpare 3.67. The login form does not sanitize input data. Because of this, a malicious agent could exploit the vulnerable function in order to prepare an XSS payload to send to the product's clients. | 2019-07-17 | 4.3 | CVE-2019-13448 MISC |
solarwinds -- network_performance_monitor | SolarWinds Network Performance Monitor 12.3 allows SQL Injection via the /api/ActiveAlertsOnThisEntity/GetActiveAlerts TriggeringObjectEntityNames parameter. | 2019-07-16 | 6.5 | CVE-2018-13442 MISC |
soundexchange -- sound_exchange | SoX - Sound eXchange 14.4.2 and earlier is affected by: Out-of-bounds Read. The impact is: Denial of Service. The component is: read_samples function at xa.c:219. The attack vector is: Victim must open specially crafted .xa file. NOTE: this may overlap CVE-2017-18189. | 2019-07-14 | 4.3 | CVE-2019-1010004 MISC MISC |
syguestbook_a5_project -- syguestbook_a5 | SyGuestBook A5 Version 1.2 has no CSRF protection mechanism, as demonstrated by CSRF for an index.php?c=Administrator&a=update admin password change. | 2019-07-18 | 6.8 | CVE-2019-13949 MISC MISC |
temenos -- cwx | Temenos CWX version 8.9 has an Broken Access Control vulnerability in the module /CWX/Employee/EmployeeEdit2.aspx, leading to the viewing of user information. | 2019-07-17 | 5.0 | CVE-2019-13403 MISC |
videolan -- vlc_media_player | An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact via a crafted .mp4 file. | 2019-07-14 | 6.8 | CVE-2019-13602 BID MISC MISC |
wireshark -- wireshark | In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. This was addressed in epan/asn1.c by properly restricting buffer increments. | 2019-07-17 | 5.0 | CVE-2019-13619 BID MISC MISC MISC |
zammad -- zammad | Zammad GmbH Zammad 2.3.0 and earlier is affected by: Cross Site Scripting (XSS) - CWE-80. The impact is: Execute java script code on users browser. The component is: web app. The attack vector is: the victim must open a ticket. The fixed version is: 2.3.1, 2.2.2 and 2.1.3. | 2019-07-16 | 4.3 | CVE-2019-1010018 MISC MISC MISC |
Low Vulnerabilities
Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
automattic -- camptix_event_ticketing | The CampTix Event Ticketing plugin before 1.5 for WordPress allows XSS in the admin section via a ticket title or body. | 2019-07-18 | 3.5 | CVE-2016-10763 MISC MISC |
firefly-iii -- firefly_iii | Firefly III before 4.7.17.1 is vulnerable to stored XSS due to lack of filtration of user-supplied data in a budget name. The JavaScript code is contained in a transaction, and is executed on the tags/show/$tag_number$ tag summary page. | 2019-07-17 | 3.5 | CVE-2019-13644 MISC MISC |
firefly-iii -- firefly_iii | Firefly III before 4.7.17.3 is vulnerable to stored XSS due to lack of filtration of user-supplied data in image file names. The JavaScript code is executed during attachments/edit/$file_id$ attachment editing. | 2019-07-17 | 3.5 | CVE-2019-13645 MISC MISC |
firefly-iii -- firefly_iii | Firefly III before 4.7.17.3 is vulnerable to reflected XSS due to lack of filtration of user-supplied data in a search query. | 2019-07-17 | 3.5 | CVE-2019-13646 MISC MISC |
firefly-iii -- firefly_iii | Firefly III before 4.7.17.3 is vulnerable to stored XSS due to lack of filtration of user-supplied data in image file content. The JavaScript code is executed during attachments/view/$file_id$ attachment viewing. | 2019-07-17 | 3.5 | CVE-2019-13647 MISC MISC |
glpi-project -- glpi | GLPI GLPI Product 9.3.1 is affected by: Cross Site Scripting (XSS). The impact is: All dropdown values are vulnerable to XSS leading to privilege escalation and executing js on admin. The component is: /glpi/ajax/getDropDownValue.php. The attack vector is: 1- User Create a ticket , 2- Admin opens another ticket and click on the "Link Tickets" feature, 3- a request to the endpoint fetches js and executes it. | 2019-07-15 | 3.5 | CVE-2019-1010307 MISC MISC |
glpi-project -- glpi | GLPI GLPI Product 9.3.1 is affected by: Frame and Form tags Injection allowing admins to phish users by putting code in reminder description. The impact is: Admins can phish any user or group of users for credentials / credit cards. The component is: Tools > Reminder > Description .. Set the description to any iframe/form tags and apply. The attack vector is: The attacker puts a login form, the user fills it and clicks on submit .. the request is sent to the attacker domain saving the data. The fixed version is: 9.4.1. | 2019-07-12 | 3.5 | CVE-2019-1010310 MISC MISC |
ibm -- campaign | IBM Campaign 9.1.0, 9.1.2, 10.1, and 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152857. | 2019-07-17 | 3.5 | CVE-2018-1921 XF CONFIRM |
ibm -- qradar_security_information_and_event_manager | IBM QRadar SIEM 7.2 and 7.3 could allow a local user to obtain sensitive information when exporting content that could aid an attacker in further attacks against the system. IBM X-Force ID: 156563. | 2019-07-17 | 2.1 | CVE-2019-4054 XF CONFIRM |
ibm -- qradar_security_information_and_event_manager | IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 159131. | 2019-07-17 | 3.5 | CVE-2019-4211 XF CONFIRM |
microsoft -- exchange_server | A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server, aka 'Microsoft Exchange Server Spoofing Vulnerability'. | 2019-07-15 | 3.5 | CVE-2019-1137 N/A |
microsoft -- sharepoint_enterprise_server | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. | 2019-07-15 | 3.5 | CVE-2019-1134 N/A |
microsoft -- team_foundation_server | A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'. | 2019-07-15 | 3.5 | CVE-2019-1076 MISC |
microsoft -- windows_10 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1073. | 2019-07-15 | 2.1 | CVE-2019-1071 MISC |
microsoft -- windows_10 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071. | 2019-07-15 | 2.1 | CVE-2019-1073 MISC |
microsoft -- windows_10 | An elevation of privilege vulnerability exists in Microsoft Windows where certain folders, with local service privilege, are vulnerable to symbolic link attack. An attacker who successfully exploited this vulnerability could potentially access unauthorized information. The update addresses this vulnerability by not allowing symbolic links in these scenarios., aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1082. | 2019-07-15 | 2.1 | CVE-2019-1074 MISC |
microsoft -- windows_10 | An information disclosure vulnerability exists when Unistore.dll fails to properly handle objects in memory, aka 'Microsoft unistore.dll Information Disclosure Vulnerability'. | 2019-07-15 | 2.1 | CVE-2019-1091 MISC |
microsoft -- windows_10 | An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1097. | 2019-07-15 | 2.1 | CVE-2019-1093 MISC |
microsoft -- windows_10 | An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. | 2019-07-15 | 2.1 | CVE-2019-1096 MISC |
microsoft -- windows_10 | An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1093. | 2019-07-15 | 2.1 | CVE-2019-1097 MISC |
norton -- password_manager | Norton Password Manager, prior to 6.3.0.2082, may be susceptible to an address spoofing issue. This type of issue may allow an attacker to disguise their origin IP address in order to obfuscate the source of network traffic. | 2019-07-16 | 1.7 | CVE-2019-9700 CONFIRM |
openenergymonitor -- emoncms | OpenEnergyMonitor Project Emoncms 9.8.8 is affected by: Cross Site Scripting (XSS). The impact is: Theoretically low, but might potentially enable persistent XSS (user could embed mal. code). The component is: Javascript code execution in "Name", "Location", "Bio" and "Starting Page" fields in the "My Account" page. File: Lib/listjs/list.js, line 67. The attack vector is: unknown, victim must open profile page if persistent was possible. | 2019-07-14 | 3.5 | CVE-2019-1010008 MISC |
ovidentia -- ovidentia | index.php in Ovidentia 8.4.3 has XSS via tg=groups, tg=maildoms&idx=create&userid=0&bgrp=y, tg=delegat, tg=site&idx=create, tg=site&item=4, tg=admdir&idx=mdb&id=1, tg=notes&idx=Create, tg=admfaqs&idx=Add, or tg=admoc&idx=addoc&item=. | 2019-07-19 | 3.5 | CVE-2019-13977 MISC |
rdbrck -- shift | Redbrick Shift through 3.4.3 allows an attacker to extract emails of services (such as Gmail, Outlook, etc.) used in the application. | 2019-07-17 | 2.1 | CVE-2019-12912 CONFIRM |
rdbrck -- shift | Redbrick Shift through 3.4.3 allows an attacker to extract emails of services (such as Gmail, Outlook, etc.) used in the application. | 2019-07-17 | 2.1 | CVE-2019-12913 CONFIRM |
sitecore -- experience_platform | In Sitecore 9.0 rev 171002, Persistent XSS exists in the Media Library and File Manager. An authenticated unprivileged user can modify the uploaded file extension parameter to inject arbitrary JavaScript. | 2019-07-17 | 3.5 | CVE-2019-13493 MISC |
syguestbook_a5_project -- syguestbook_a5 | SyGuestBook A5 Version 1.2 allows stored XSS because the isValidData function in include/functions.php does not properly block XSS payloads, as demonstrated by a crafted use of the onerror attribute of an IMG element. | 2019-07-18 | 3.5 | CVE-2019-13948 MISC MISC |
syguestbook_a5_project -- syguestbook_a5 | index.php?c=admin&a=index in SyGuestBook A5 Version 1.2 has stored XSS via a reply to a comment. | 2019-07-18 | 3.5 | CVE-2019-13950 MISC MISC |
Severity Not Yet Assigned
Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
adobe -- bridge_cc |
Adobe Bridge CC version 9.0.2 and earlier versions have an out of bound read vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user. | 2019-07-18 | not yet calculated | CVE-2019-7963 MISC |
adobe -- experience_manager |
Adobe Experience Manager version 6.4 and ealier have a Stored Cross-site Scripting vulnerability. Successful exploitation could lead to Sensitive Information disclosure in the context of the current user. | 2019-07-18 | not yet calculated | CVE-2019-7954 MISC |
akeo_consulting -- rufus | Akeo Consulting Rufus 3.0 and earlier is affected by: Insecure Permissions. The impact is: arbitrary code execution with escalation of privilege. The component is: Executable installer, portable executable (ALL executables available). The attack vector is: CWE-29, CWE-377, CWE-379. | 2019-07-19 | not yet calculated | CVE-2019-1010101 MISC |
akeo_consulting -- rufus | Akeo Consulting Rufus 3.0 and earlier is affected by: DLL search order hijacking. The impact is: Arbitrary code execution WITH escalation of privilege. The component is: Executable installers, portable executables (ALL executables on the web site). The attack vector is: CAPEC-471, CWE-426, CWE-427. | 2019-07-19 | not yet calculated | CVE-2019-1010100 MISC |
antsword_project -- antsword | In antSword before 2.1.0, self-XSS in the database configuration leads to code execution via modules/database/asp/index.js, modules/database/custom/index.js, modules/database/index.js, or modules/database/php/index.js. | 2019-07-19 | not yet calculated | CVE-2019-13970 MISC MISC MISC |
aquaverde -- aquarius_cms | Aquaverde GmbH Aquarius CMS prior to version 4.1.1 is affected by: Incorrect Access Control. The impact is: The access to the log file is not restricted. It contains sensitive information like passwords etc. The component is: log file. The attack vector is: open the file. | 2019-07-15 | not yet calculated | CVE-2019-1010308 MISC MISC |
arduino -- arduino | Embedded systems based on Arduino before Rev3 allow remote attackers to send data to LEDs (directly connected to GPIO pins) via a laser, because of LED photosensitivity. | 2019-07-19 | not yet calculated | CVE-2019-13991 MISC |
audiocodes -- multiple_mediant_devices |
An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions F7.20A to F7.20A.251. An internal interface exposed to the link-local address 169.254.254.253 allows attackers in the local network to access multiple quagga VTYs. Attackers can authenticate with the default 1234 password that cannot be changed, and can execute malicious and unauthorized actions. | 2019-07-19 | not yet calculated | CVE-2019-9229 MISC |
audiocodes -- multiple_mediant_devices |
An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions F7.20A to F7.20A.253. A cross-site scripting (XSS) vulnerability in the search function of the management web interface allows remote attackers to inject arbitrary web script or HTML via the keyword parameter. | 2019-07-18 | not yet calculated | CVE-2019-9230 MISC |
audiocodes -- multiple_mediant_devices |
An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions before 7.20A.202.307. A Cross-Site Request Forgery (CSRF) vulnerability in the management web interface allows remote attackers to execute malicious and unauthorized actions, because CSRFProtection=1 is not a default and is not documented. | 2019-07-18 | not yet calculated | CVE-2019-9231 MISC |
avast -- antivirus | In Avast Antivirus before 19.4, a local administrator can trick the product into renaming arbitrary files by replacing the Logs\Update.log file with a symlink. The next time the product attempts to write to the log file, the target of the symlink is renamed. This defect can be exploited to rename a critical product file (e.g., AvastSvc.exe), causing the product to fail to start on the next system restart. | 2019-07-18 | not yet calculated | CVE-2019-11230 MISC |
b3log -- wide | b3log Wide before 1.6.0 allows three types of attacks to access arbitrary files. First, the attacker can write code in the editor, and compile and run it approximately three times to read an arbitrary file. Second, the attacker can create a symlink, and then place the symlink into a ZIP archive. An unzip operation leads to read access, and write access (depending on file permissions), to the symlink target. Third, the attacker can import a Git repository that contains a symlink, similarly leading to read and write access. | 2019-07-18 | not yet calculated | CVE-2019-13915 MISC |
bacnet -- stack_bacserv | BACnet Stack bacserv 0.9.1 and 0.8.5 is affected by: Buffer Overflow. The impact is: exploit was not explored. The component is: bacserv BVLC forwarded NPDU. bvlc_bdt_forward_npdu() calls bvlc_encode_forwarded_npdu() which copies the content from the request into a local in the bvlc_bdt_forward_npdu() stack frame and clobbers the canary. The attack vector is: A BACnet/IP device with BBMD enabled based on this library connected to IP network. The fixed version is: 0.8.6. | 2019-07-18 | not yet calculated | CVE-2019-1010073 MISC MISC |
chinamobile -- plc_wireless_router_gpn2.4p21-c-cn | ChinaMobile GPN2.4P21-C-CN W2001EN-00 is affected by: Incorrect Access Control - Unauthenticated Remote Reboot. The impact is: PLC Wireless Router's are vulnerable to an unauthenticated remote reboot due. The component is: Reboot settings are available to unauthenticated users instead of only authenticaed users. The attack vector is: Remote. | 2019-07-19 | not yet calculated | CVE-2019-1010136 EXPLOIT-DB MISC |
cisco -- findit_network_manager_and_findit_network_probe_release |
A vulnerability in the Cisco FindIT Network Management Software virtual machine (VM) images could allow an unauthenticated, local attacker who has access to the VM console to log in to the device with a static account that has root privileges. The vulnerability is due to the presence of an account with static credentials in the underlying Linux operating system. An attacker could exploit this vulnerability by logging in to the command line of the affected VM with the static account. A successful exploit could allow the attacker to log in with root-level privileges. This vulnerability affects only Cisco FindIT Network Manager and Cisco FindIT Network Probe Release 1.1.4 if these products are using Cisco-supplied VM images. No other releases or deployment models are known to be vulnerable. | 2019-07-17 | not yet calculated | CVE-2019-1919 BID CISCO |
cisco -- identity_services_engine | A vulnerability in the sponsor portal web interface for Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted input that includes SQL statements to an affected system. A successful exploit could allow the attacker to modify entries in some database tables, affecting the integrity of the data. At the time of publication, this vulnerability affected Cisco ISE running software releases 2.6.0 and prior. | 2019-07-17 | not yet calculated | CVE-2019-1942 BID CISCO |
cisco -- identity_services_engine | A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. At the time of publication, this vulnerability affected Cisco ISE running software releases prior to 2.4.0 Patch 9 and 2.6.0. | 2019-07-17 | not yet calculated | CVE-2019-1941 BID CISCO |
cisco -- industrial_network_director | A vulnerability in the Web Services Management Agent (WSMA) feature of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data using an invalid X.509 certificate. The vulnerability is due to insufficient X.509 certificate validation when establishing a WSMA connection. An attacker could exploit this vulnerability by supplying a crafted X.509 certificate during the WSMA connection setup phase. A successful exploit could allow the attacker to conduct man-in-the-middle attacks to decrypt confidential information on WSMA connections to the affected software. At the time of publication, this vulnerability affected Cisco IND Software releases prior to 1.7. | 2019-07-17 | not yet calculated | CVE-2019-1940 BID CISCO |
cisco -- ios_access_points_software | A vulnerability in the 802.11r Fast Transition (FT) implementation for Cisco IOS Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected interface. The vulnerability is due to a lack of complete error handling condition for client authentication requests sent to a targeted interface configured for FT. An attacker could exploit this vulnerability by sending crafted authentication request traffic to the targeted interface, causing the device to restart unexpectedly. | 2019-07-17 | not yet calculated | CVE-2019-1920 CISCO |
cisco -- small_business_200_and_300_and_500_series_switches | A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Switches software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of the parameters of an HTTP request. An attacker could exploit this vulnerability by intercepting a user's HTTP request and modifying it into a request that causes the web interface to redirect the user to a specific malicious URL. This type of vulnerability is known as an open redirect attack and is used in phishing attacks that get users to unknowingly visit malicious sites. | 2019-07-17 | not yet calculated | CVE-2019-1943 BID CISCO |
cisco -- small_business_spa500_series_ip_phones | A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate attacker to execute arbitrary commands on the device. The vulnerability is due to improper input validation in the device configuration interface. An attacker could exploit this vulnerability by accessing the configuration interface, which may require a password, and then accessing the device's physical interface and inserting a USB storage device. A successful exploit could allow the attacker to execute arbitrary commands on the device in an elevated security context. At the time of publication, this vulnerability affected Cisco Small Business SPA500 Series IP Phones firmware releases 7.6.2SR5 and prior. | 2019-07-17 | not yet calculated | CVE-2019-1923 BID CISCO |
cisco -- vision_dynamic_signage_director | A vulnerability in the REST API interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected system. The vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected system. A successful exploit could allow the attacker to execute arbitrary actions through the REST API with administrative privileges on the affected system. The REST API is enabled by default and cannot be disabled. | 2019-07-17 | not yet calculated | CVE-2019-1917 BID CISCO |
citrix -- sd-wan_and_netscaler_sd-wan | Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow SQL Injection. | 2019-07-16 | not yet calculated | CVE-2019-12989 MISC BID MISC MISC |
citrix -- sd-wan_and_netscaler_sd-wan | Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 3 of 6). | 2019-07-16 | not yet calculated | CVE-2019-12987 BID MISC MISC |
citrix -- sd-wan_and_netscaler_sd-wan | Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 4 of 6). | 2019-07-16 | not yet calculated | CVE-2019-12988 BID MISC MISC |
citrix -- sd-wan_and_netscaler_sd-wan | Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 6 of 6). | 2019-07-16 | not yet calculated | CVE-2019-12992 BID MISC MISC |
citrix -- sd-wan_and_netscaler_sd-wan | Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow Directory Traversal. | 2019-07-16 | not yet calculated | CVE-2019-12990 BID MISC MISC |
citrix -- sd-wan_and_netscaler_sd-wan | Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 5 of 6). | 2019-07-16 | not yet calculated | CVE-2019-12991 MISC BID MISC MISC |
citrix -- sd-wan_and_netscaler_sd-wan | Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 2 of 6). | 2019-07-16 | not yet calculated | CVE-2019-12986 BID MISC MISC |
citrix -- sd-wan_and_netscaler_sd-wan | Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 1 of 6). | 2019-07-16 | not yet calculated | CVE-2019-12985 BID MISC MISC |
cjson -- cjson | DaveGamble/cJSON cJSON 1.7.8 is affected by: Improper Check for Unusual or Exceptional Conditions. The impact is: Null dereference, so attack can cause denial of service. The component is: cJSON_GetObjectItemCaseSensitive() function. The attack vector is: crafted json file. The fixed version is: 1.7.9 and later. | 2019-07-19 | not yet calculated | CVE-2019-1010239 MISC MISC |
cloud_foundry -- uua | Cloud Foundry UAA, versions prior to v73.4.0, does not set an X-FRAME-OPTIONS header on various endpoints. A remote user can perform clickjacking attacks on UAA's frontend sites. | 2019-07-18 | not yet calculated | CVE-2019-3794 CONFIRM |
code42 -- code42_enterprise_and_crashplan_for_small_business | Code42 Enterprise and Crashplan for Small Business Client version 6.7 before 6.7.5, 6.8 before 6.8.8, and 6.9 before 6.9.4 allows eval injection. A proxy auto-configuration file, crafted by a lesser privileged user, may be used to execute arbitrary code at a higher privilege as the service user. | 2019-07-19 | not yet calculated | CVE-2019-11552 MISC CONFIRM |
code42 -- code42_for_enterprise | Code42 for Enterprise through 6.8.4 has Incorrect Access Control. | 2019-07-19 | not yet calculated | CVE-2019-11553 CONFIRM |
cohesity -- dataplatform | A man-in-the-middle vulnerability related to vCenter access was found in Cohesity DataPlatform version 5.x and 6.x prior to 6.1.1c. Cohesity clusters did not verify TLS certificates presented by vCenter. This vulnerability could expose Cohesity user credentials configured to access vCenter. | 2019-07-12 | not yet calculated | CVE-2019-11242 CONFIRM |
computerlab -- maple_wbt_snmp_administrator | SnmpAdm.exe in MAPLE WBT SNMP Administrator v2.0.195.15 has an Unauthenticated Remote Buffer Overflow via a long string to the CE Remote feature listening on Port 987. | 2019-07-17 | not yet calculated | CVE-2019-13577 MISC MISC FULLDISC BUGTRAQ |
dancer-plugin-simplecrud -- dancer-plugin-simplecrud | Dancer::Plugin::SimpleCRUD 1.14 and earlier is affected by: Incorrect Access Control. The impact is: Potential for unathorised access to data. The component is: Incorrect calls to _ensure_auth() wrapper result in authentication-checking not being applied to al routes. | 2019-07-17 | not yet calculated | CVE-2019-1010084 MISC |
dell_emc -- unity_and_unityvsa | Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116 contain a plain-text password storage vulnerability. A Unisphere user?s (including the admin privilege user) password is stored in a plain text in Unity Data Collection bundle (logs files for troubleshooting). A local authenticated attacker with access to the Data Collection bundle may use the exposed password to gain access with the privileges of the compromised user. | 2019-07-18 | not yet calculated | CVE-2019-3741 MISC |
dell_emc -- unity_and_unityvsa | Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116 contain an improper authorization vulnerability in NAS Server quotas configuration. A remote authenticated Unisphere Operator could potentially exploit this vulnerability to edit quota configuration of other users. | 2019-07-18 | not yet calculated | CVE-2019-3734 MISC |
dglogik_inc -- dglux_server | DGLogik Inc DGLux Server All Versions is affected by: Insecure Permissions. The impact is: Remote Execution, Credential Leaks. The component is: IoT API. The attack vector is: Any Accessible Server. | 2019-07-14 | not yet calculated | CVE-2019-1010009 MISC |
discuz!ml -- discuz!ml | Discuz!ML 3.2 through 3.4 allows remote attackers to execute arbitrary PHP code via a modified language cookie, as demonstrated by changing 4gH4_0df5_language=en to 4gH4_0df5_language=en'.phpinfo().'; (if the random prefix 4gH4_0df5_ were used). | 2019-07-18 | not yet calculated | CVE-2019-13956 MISC |
docker -- docker_ce_and_docker_ee | In Docker CE and EE before 18.09.8 (as well as Docker EE before 17.06.2-ee-23 and 18.x before 18.03.1-ee-10), Docker Engine in debug mode may sometimes add secrets to the debug log. This applies to a scenario where docker stack deploy is run to redeploy a stack that includes (non external) secrets. It potentially applies to other API users of the stack API if they resend the secret. | 2019-07-18 | not yet calculated | CVE-2019-13509 MISC |
dpic -- dpic | dpic 2019.06.20 has a Stack-based Buffer Overflow in the wfloat() function in main.c. | 2019-07-19 | not yet calculated | CVE-2019-13989 MISC |
eclipse -- openj9 | In Eclipse OpenJ9 prior to 0.15, the String.getBytes(int, int, byte[], int) method does not verify that the provided byte array is non-null nor that the provided index is in bounds when compiled by the JIT. This allows arbitrary writes to any 32-bit address or beyond the end of a byte array within Java code run under a SecurityManager. | 2019-07-17 | not yet calculated | CVE-2019-11772 CONFIRM |
elcom -- elcom_cms | Elcom CMS before 10.7 has SQL Injection via EventSearchByState.aspx and EventSearchAdv.aspx. | 2019-07-19 | not yet calculated | CVE-2019-12946 MISC |
epsocrm -- epsocrm | Stored XSS in EspoCRM before 5.6.4 allows remote attackers to execute malicious JavaScript and inject arbitrary source code into the target pages. The attack begins by storing a new stream message containing an XSS payload. The stored payload can then be triggered by clicking a malicious link on the Notifications page. | 2019-07-17 | not yet calculated | CVE-2019-13643 MISC MISC |
facebook -- hhvm | Call to the scrypt_enc() function in HHVM can lead to heap corruption by using specifically crafted parameters (N, r and p). This happens if the parameters are configurable by an attacker for instance by providing the output of scrypt_enc() in a context where Hack/PHP code would attempt to verify it by re-running scrypt_enc() with the same parameters. This could result in information disclosure, memory being overwriten or crashes of the HHVM process. This issue affects versions 4.3.0, 4.4.0, 4.5.0, 4.6.0, 4.7.0, 4.8.0, versions 3.30.5 and below, and all versions in the 4.0, 4.1, and 4.2 series. | 2019-07-18 | not yet calculated | CVE-2019-3570 CONFIRM CONFIRM |
facebook -- whatsapp_desktop | An input validation issue affected WhatsApp Desktop versions prior to 0.3.3793 which allows malicious clients to send files to users that would be displayed with a wrong extension. | 2019-07-16 | not yet calculated | CVE-2019-3571 CONFIRM |
fitbit -- multiple_products | On Fitbit activity-tracker devices, certain addresses never change. According to the popets-2019-0036.pdf document, this leads to "permanent trackability" and "considerable privacy concerns" without a user-accessible anonymization feature. The devices, such as Charge 2, transmit Bluetooth Low Energy (BLE) advertising packets with a TxAdd flag indicating random addresses, but the addresses remain constant. If devices come within BLE range at one or more locations where an adversary has set up passive sniffing, the adversary can determine whether the same device has entered one of these locations. | 2019-07-15 | not yet calculated | CVE-2014-10374 MISC MISC |
gnome -- pango | Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize. | 2019-07-19 | not yet calculated | CVE-2019-1010238 MISC |
gnu -- patch | In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c. | 2019-07-17 | not yet calculated | CVE-2019-13636 MISC MLIST |
h3c -- h3cloud | H3C H3Cloud OS all versions allows SQL injection via the ear/grid_event sidx parameter. | 2019-07-19 | not yet calculated | CVE-2019-12193 MISC |
helm -- helm | helm Before 2.7.2 is affected by: CWE-295: Improper Certificate Validation. The impact is: Unauthorized clients could connect to the server because self-signed client certs were aloowed. The component is: helm (many files updated, see https://ift.tt/2Ls81Ov). The attack vector is: A malicious client could connect to the server over the network. The fixed version is: 2.7.2. | 2019-07-17 | not yet calculated | CVE-2019-1010275 MISC MISC MISC |
hid_digitalpersona -- u.are.u_4500_fingerprint_reader | An issue was discovered in the HID Global DigitalPersona (formerly Crossmatch) U.are.U 4500 Fingerprint Reader Windows Biometric Framework driver 5.0.0.5. It has a statically coded initialization vector to encrypt a user's fingerprint image, resulting in weak encryption of that. This, in combination with retrieving an encrypted fingerprint image and encryption key (through another vulnerability), allows an attacker to obtain a user's fingerprint image. | 2019-07-16 | not yet calculated | CVE-2019-13603 MISC MISC MISC |
hid_digitalpersona -- u.are.u_4500_fingerprint_reader | There is a short key vulnerability in HID Global DigitalPersona (formerly Crossmatch) U.are.U 4500 Fingerprint Reader v24. The key for obfuscating the fingerprint image is vulnerable to brute-force attacks. This allows an attacker to recover the key and decrypt that image using the key. Successful exploitation causes a sensitive biometric information leak. | 2019-07-15 | not yet calculated | CVE-2019-13604 MISC MISC MISC |
hpe -- icewall_sso_agent_option_and_icewall_mfa | A security vulnerability in HPE IceWall SSO Agent Option and IceWall MFA (Agent module ) could be exploited remotely to cause a denial of service. The versions and platforms of Agent Option modules that are impacted are as follows: 10.0 for Apache 2.2 on RHEL 5 and 6, 10.0 for Apache 2.4 on RHEL 7, 10.0 for Apache 2.4 on HP-UX 11i v3, 10.0 for IIS on Windows, 11.0 for Apache 2.4 on RHEL 7, MFA Proxy 4.0 (Agent module only) for Apache 2.4 on RHEL 7. | 2019-07-19 | not yet calculated | CVE-2019-11989 MISC |
hpe -- icewall_sso_agent_option_and_icewall_mfa | A security vulnerability in HPE IceWall SSO Agent Option and IceWall MFA (Agent module ) could be exploited remotely to cause a denial of service. The versions and platforms of Agent Option modules that are impacted are as follows: 10.0 for Apache 2.2 on RHEL 5 and 6, 10.0 for Apache 2.4 on RHEL 7, 10.0 for Apache 2.4 on HP-UX 11i v3, 10.0 for IIS on Windows, 11.0 for Apache 2.4 on RHEL 7, MFA Proxy 4.0 (Agent module only) for Apache 2.4 on RHEL 7. | 2019-07-19 | not yet calculated | CVE-2019-11990 MISC |
huawei -- tony-al00b_smartphones | There is an information disclosure vulnerability on Secure Input of certain Huawei smartphones in Versions earlier than Tony-AL00B 9.1.0.216(C00E214R2P1). The Secure Input does not properly limit certain system privilege. An attacker tricks the user to install a malicious application and successful exploit could result in information disclosure. | 2019-07-17 | not yet calculated | CVE-2019-5222 MISC |
hyland -- perceptive_content_server | A Denial of Service vulnerability in the ImageNow Server service in Hyland Perceptive Content Server before 7.1.5 allows an attacker to crash the service via a TCP connection. | 2019-07-16 | not yet calculated | CVE-2018-19629 MISC |
jenkins -- jenkins | A path traversal vulnerability in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier in core/src/main/java/hudson/model/FileParameterValue.java allowed attackers with Job/Configure permission to define a file parameter with a file name outside the intended directory, resulting in an arbitrary file write on the Jenkins master when scheduling a build. | 2019-07-17 | not yet calculated | CVE-2019-10352 MLIST BID MISC MISC |
jenkins -- jenkins | A vulnerability in the Stapler web framework used in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier allowed attackers to access view fragments directly, bypassing permission checks and possibly obtain sensitive information. | 2019-07-17 | not yet calculated | CVE-2019-10354 MLIST MISC |
jenkins -- jenkins | Jenkins Credentials Binding Plugin Jenkins 1.17 is affected by: CWE-257: Storing Passwords in a Recoverable Format. The impact is: Authenticated users can recover credentials. The component is: config-variables.jelly line #30 (passwordVariable). The attack vector is: Attacker creates and executes a Jenkins job. | 2019-07-19 | not yet calculated | CVE-2019-1010241 MISC |
johnson_controls -- exacqvision_server | ExacqVision Server?s services 'exacqVisionServer', 'dvrdhcpserver' and 'mdnsresponder' have an unquoted service path. If an authenticated user is able to insert code in their system root path it potentially can be executed during the application startup. This could allow the authenticated user to elevate privileges on the system. This issue affects: Exacq Technologies, Inc. exacqVision Server 9.6; 9.8. This issue does not affect: Exacq Technologies, Inc. exacqVision Server version 9.4 and prior versions; 19.03. It is not known whether this issue affects: Exacq Technologies, Inc. exacqVision Server versions prior to 8.4. | 2019-07-19 | not yet calculated | CVE-2019-7590 BID MISC MISC CONFIRM MISC MISC |
kaspersky -- multiple_products |
Information Disclosure in Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security versions up to 2019 could potentially disclose unique Product ID by forcing victim to visit a specially crafted webpage (for example, via clicking phishing link). Vulnerability has CVSS v3.0 base score 2.6 | 2019-07-18 | not yet calculated | CVE-2019-8286 BID CONFIRM |
knot_resolver -- knot_resolver | A vulnerability was discovered in DNS resolver of knot resolver before version 4.1.0 which allows remote attackers to downgrade DNSSEC-secure domains to DNSSEC-insecure state, opening possibility of domain hijack using attacks against insecure DNS protocol. | 2019-07-16 | not yet calculated | CVE-2019-10191 CONFIRM FEDORA FEDORA CONFIRM |
ladon -- ladon | Ladon since 0.6.1 (since ebef0aae48af78c159b6fce81bc6f5e7e0ddb059) is affected by: XML External Entity (XXE). The impact is: Information Disclosure, reading files and reaching internal network endpoints. The component is: SOAP request handlers. For instance: https://ift.tt/2XW9bIR. The attack vector is: Send a specially crafted SOAP call. | 2019-07-18 | not yet calculated | CVE-2019-1010268 MISC MISC |
lawrence_livermore_national_laboratory -- msr-safe | Lawrence Livermore National Laboratory msr-safe v1.1.0 is affected by: Incorrect Access Control. The impact is: An attacker could modify model specific registers. The component is: ioctl handling. The attack vector is: An attacker could exploit a bug in ioctl interface whitelist checking, in order to write to model specific registers, normally a function reserved for the root user. The fixed version is: v1.2.0. | 2019-07-18 | not yet calculated | CVE-2019-1010066 MISC MISC |
lenovoemc -- nas_products | A vulnerability in various versions of Iomega and LenovoEMC NAS products could allow an unauthenticated user to access files on NAS shares via the API. | 2019-07-16 | not yet calculated | CVE-2019-6160 CONFIRM |
libiec61850 -- libiec61850 | mz-automation libiec61850 1.3.2 1.3.1 1.3.0 is affected by: Buffer Overflow. The impact is: Software crash. The component is: server_example_complex_array. The attack vector is: Send a specific MMS protocol packet. | 2019-07-15 | not yet calculated | CVE-2019-1010300 MISC |
libmspack -- libmspack | libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmd_read_headers() in libmspack(file libmspack/mspack/chmd.c). The attack vector is: the victim must open a specially crafted chm file. The fixed version is: after commit 2f084136cfe0d05e5bf5703f3e83c6d955234b4d. | 2019-07-15 | not yet calculated | CVE-2019-1010305 MISC MISC UBUNTU |
libreoffice -- libreoffice |
LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. LibreOffice is typically also bundled with LibreLogo, a programmable turtle vector graphics script, which can be manipulated into executing arbitrary python commands. By using the document event feature to trigger LibreLogo to execute python contained within a document a malicious document could be constructed which would execute arbitrary python commands silently without warning. In the fixed versions, LibreLogo cannot be called from a document event handler. This issue affects: Document Foundation LibreOffice versions prior to 6.2.5. | 2019-07-17 | not yet calculated | CVE-2019-9848 FEDORA UBUNTU CONFIRM |
libreoffice -- libreoffice |
LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote resources within a document. A flaw existed where bullet graphics were omitted from this protection prior to version 6.2.5. This issue affects: Document Foundation LibreOffice versions prior to 6.2.5. | 2019-07-17 | not yet calculated | CVE-2019-9849 FEDORA UBUNTU CONFIRM |
libsdl -- libsdl | SDL (Simple DirectMedia Layer) 2.x through 2.0.9 has a heap-based buffer over-read in Fill_IMA_ADPCM_block, caused by an integer overflow in IMA_ADPCM_decode() in audio/SDL_wave.c. | 2019-07-17 | not yet calculated | CVE-2019-13626 MISC |
libssh2 -- libssh2 | In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. This is related to an _libssh2_check_length mistake, and is different from the various issues fixed in 1.8.1, such as CVE-2019-3855. | 2019-07-16 | not yet calculated | CVE-2019-13115 MISC MISC MISC MISC |
linario -- op-tee | Linaro/OP-TEE OP-TEE Prior to version v3.4.0 is affected by: Boundary checks. The impact is: This could lead to corruption of any memory which the TA can access. The component is: optee_os. The fixed version is: v3.4.0. | 2019-07-16 | not yet calculated | CVE-2019-1010292 MISC |
linksys -- wifi_extender_products | Unsanitized user input in the web interface for Linksys WiFi extender products (RE6400 and RE6300 through 1.2.04.022) allows for remote command execution. An attacker can access system OS configurations and commands that are not intended for use beyond the web UI. | 2019-07-17 | not yet calculated | CVE-2019-11535 CONFIRM |
linux -- linux_kernel | In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments. | 2019-07-17 | not yet calculated | CVE-2019-13272 MISC MISC CONFIRM CONFIRM MISC MISC MISC FEDORA DEBIAN |
linux_foundation -- onos | The Linux Foundation ONOS 2.0.0 and earlier is affected by: Poor Input-validation. The impact is: A network administrator (or attacker) can install unintended flow rules in the switch by mistake. The component is: createFlow() and createFlows() functions in FlowWebResource.java (RESTful service). The attack vector is: network management and connectivity. | 2019-07-18 | not yet calculated | CVE-2019-1010250 MISC MISC |
linux_foundation -- onos | The Linux Foundation ONOS 2.0.0 and earlier is affected by: Poor Input-validation. The impact is: A network administrator (or attacker) can install unintended flow rules in the switch by mistake. The component is: applyFlowRules() and apply() functions in FlowRuleManager.java. The attack vector is: network management and connectivity. | 2019-07-18 | not yet calculated | CVE-2019-1010252 MISC MISC |
linux_foundation -- onos | The Linux Foundation ONOS 2.0.0 and earlier is affected by: Integer Overflow. The impact is: A network administrator (or attacker) can install unintended flow rules in the switch by mistake. The component is: createFlow() and createFlows() functions in FlowWebResource.java (RESTful service). The attack vector is: network management and connectivity. | 2019-07-18 | not yet calculated | CVE-2019-1010249 MISC MISC |
linux_foundation -- onos_sdn_controller | The Linux Foundation ONOS SDN Controller 1.15 and earlier versions is affected by: Improper Input Validation. The impact is: A remote attacker can execute arbitrary commands on the controller. The component is: apps/yang/src/main/java/org/onosproject/yang/impl/YangLiveCompilerManager.java. The attack vector is: network connectivity. The fixed version is: 1.15. | 2019-07-19 | not yet calculated | CVE-2019-1010245 MISC MISC |
linux -- linux_kernel | In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a crafted signal frame. This affects arch/powerpc/kernel/signal_32.c and arch/powerpc/kernel/signal_64.c. | 2019-07-19 | not yet calculated | CVE-2019-13648 MISC |
linux -- linux_kernel | In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages. | 2019-07-17 | not yet calculated | CVE-2019-13631 BID MISC |
logmein -- join.me | In LogMeIn join.me before 3.16.0.5505, an attacker could execute arbitrary commands on a targeted system. This vulnerability is due to unsafe search paths used by the application URI that is defined in Windows. An attacker could exploit this vulnerability by convincing a targeted user to follow a malicious link. Successful exploitation could cause the application to load libraries from the directory targeted by the URI link. The attacker could use this behavior to execute arbitrary commands on the system with the privileges of the targeted user if the attacker can place a crafted library in a directory that is accessible to the vulnerable system. | 2019-07-17 | not yet calculated | CVE-2019-13637 MISC |
mailcleaner -- mailcleaner | MailCleaner before c888fbb6aaa7c5f8400f637bcf1cbb844de46cd9 is affected by: Unauthenticated MySQL database password information disclosure. The impact is: MySQL database content disclosure (e.g. username, password). The component is: The API call in the function allowAction() in NewslettersController.php. The attack vector is: HTTP Get request. The fixed version is: c888fbb6aaa7c5f8400f637bcf1cbb844de46cd9. | 2019-07-18 | not yet calculated | CVE-2019-1010246 MISC |
mcafee -- agent | Privilege escalation vulnerability in McAfee Agent (MA) before 5.6.1 HF3, allows local administrator users to potentially disable some McAfee processes by manipulating the MA directory control and placing a carefully constructed file in the MA directory. | 2019-07-18 | not yet calculated | CVE-2019-3592 CONFIRM |
mdaemon_technologies -- email_server | MDaemon Email Server 19 skips SpamAssassin checks by default for e-mail messages larger than 2 MB (and limits checks to 10 MB even with special configuration), which is arguably inconsistent with currently popular message sizes. This might interfere with risk management for malicious e-mail, if a customer deploys a server with sufficient resources to scan large messages. | 2019-07-16 | not yet calculated | CVE-2019-13612 MISC |
microsoft -- active_directory_federation_services | A security feature bypass vulnerability exists in Active Directory Federation Services (ADFS) which could allow an attacker to bypass the extranet lockout policy.To exploit this vulnerability, an attacker could run a specially crafted application, which would allow an attacker to launch a password brute-force attack or cause account lockouts in Active Directory.This security update corrects how ADFS handles external authentication requests., aka 'ADFS Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0975. | 2019-07-15 | not yet calculated | CVE-2019-1126 N/A |
microsoft -- active_directory_federation_services | A security feature bypass vulnerability exists when Active Directory Federation Services (ADFS) improperly updates its list of banned IP addresses. To exploit this vulnerability, an attacker would have to convince a victim ADFS administrator to update the list of banned IP addresses. This security update corrects how ADFS updates its list of banned IP addresses., aka 'ADFS Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-1126. | 2019-07-15 | not yet calculated | CVE-2019-0975 MISC |
microsoft -- exchange | An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display names, which, when added to conversations, remain invisible. This security update addresses the issue by validating display names upon creation in Microsoft Exchange, and by rendering invalid display names correctly in Microsoft Outlook clients., aka 'Microsoft Exchange Information Disclosure Vulnerability'. | 2019-07-15 | not yet calculated | CVE-2019-1084 MISC |
microsoft -- symcrypt | A denial of service vulnerability exists when SymCrypt improperly handles a specially crafted digital signature.An attacker could exploit the vulnerability by creating a specially crafted connection or message.The security update addresses the vulnerability by correcting the way SymCrypt handles digital signatures., aka 'SymCrypt Denial of Service Vulnerability'. | 2019-07-15 | not yet calculated | CVE-2019-0865 MISC |
microsoft -- windows_defender_application_control | A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'. | 2019-07-19 | not yet calculated | CVE-2019-1167 MISC |
microstrategy -- microstrategy_web | In MicroStrategy Web before 10.1 patch 10, stored XSS is possible in the FLTB parameter due to missing input validation. | 2019-07-19 | not yet calculated | CVE-2019-12453 MISC MISC |
mongodb -- mongodb_enterprise_server | Improper handling of LDAP authentication in MongoDB Server versions 3.0.0 to 3.0.6 allows an unauthenticated client to gain unauthorized access. | 2019-07-19 | not yet calculated | CVE-2015-7882 CONFIRM |
nasa -- cfitsio | NASA CFITSIO prior to 3.43 is affected by: Buffer Overflow. The impact is: arbitrary code execution. The component is: over 40 source code files were changed. The attack vector is: remote unauthenticated attacker. The fixed version is: 3.43. NOTE: this CVE refers to the issues not covered by CVE-2018-3846, CVE-2018-3847, CVE-2018-3848, and CVE-2018-3849. One example is ftp_status in drvrnet.c mishandling a long string beginning with a '4' character. | 2019-07-16 | not yet calculated | CVE-2019-1010060 MISC MISC MISC MISC MISC |
nfdump -- nfdump | nfdump 1.6.16 and earlier is affected by: Buffer Overflow. The impact is: The impact could range from a denial of service to local code execution. The component is: nfx.c:546, nffile_inline.c:83, minilzo.c (redistributed). The attack vector is: nfdump must read and process a specially crafted file. The fixed version is: after commit 9f0fe9563366f62a71d34c92229da3432ec5cf0e. | 2019-07-16 | not yet calculated | CVE-2019-1010057 MISC |
nsa -- ghidra | NSA Ghidra before 9.0.1 allows XXE when a project is opened or restored, or a tool is imported, as demonstrated by a project.prp file. | 2019-07-16 | not yet calculated | CVE-2019-13625 MISC MISC MISC |
nvidia -- jetson_tx1 | In NVIDIA Jetson TX1 L4T R32 version branch prior to R32.2, Tegra bootloader contains a vulnerability in nvtboot in which the nvtboot-cpu image is loaded without the load address first being validated, which may lead to code execution, denial of service, or escalation of privileges. | 2019-07-19 | not yet calculated | CVE-2019-5680 CONFIRM |
oecms -- oecms | OECMS v4.3.R60321 and v4.3 later is affected by: Cross Site Request Forgery (CSRF). The impact is: The victim clicks on adding an administrator account. The component is: admincp.php. The attack vector is: network connectivity. The fixed version is: v4.3. | 2019-07-18 | not yet calculated | CVE-2019-1010112 MISC |
open_information_security_foundation -- suricata | Open Information Security Foundation Suricata prior to version 4.1.3 is affected by: Denial of Service - TCP/HTTP detection bypass. The impact is: An attacker can evade a signature detection with a specialy formed sequence of network packets. The component is: detect.c (https://ift.tt/2JTKmTV). The attack vector is: An attacker can trigger the vulnerability by a specifically crafted network TCP session. The fixed version is: 4.1.3. | 2019-07-18 | not yet calculated | CVE-2019-1010279 MISC MISC MISC |
open_information_security_foundation -- suricata | Open Information Security Foundation Suricata prior to version 4.1.2 is affected by: Denial of Service - DNS detection bypass. The impact is: An attacker can evade a signature detection with a specialy formed network packet. The component is: app-layer-detect-proto.c, decode.c, decode-teredo.c and decode-ipv6.c (https://ift.tt/2JTKhQ7, https://ift.tt/2XRcuk8). The attack vector is: An attacker can trigger the vulnerability by sending a specifically crafted network request. The fixed version is: 4.1.2. | 2019-07-18 | not yet calculated | CVE-2019-1010251 MISC MISC MISC |
openmodelica -- omcompiler | OpenModelica OMCompiler is affected by: Buffer Overflow. The impact is: Possible code execution and denial of service. The component is: OPENMODELICAHOME parameter changeable via environment variable. The attack vector is: Changing an environment variable. | 2019-07-15 | not yet calculated | CVE-2019-1010038 CONFIRM |
opera_software -- opera_mini_for_ios | The Opera Mini application through 16.0.14 for iOS has a UXSS vulnerability that can be triggered by performing navigation to a javascript: URL. | 2019-07-18 | not yet calculated | CVE-2019-13607 MISC |
otcms -- otcms | OTCMS 3.81 allows XSS via the mode parameter in an apiRun.php?mudi=autoRun request. | 2019-07-19 | not yet calculated | CVE-2019-13971 MISC |
pallets_project -- flask | The Pallets Project Flask before 1.0 is affected by: unexpected memory usage. The impact is: denial of service. The attack vector is: crafted encoded JSON data. The fixed version is: 1. | 2019-07-17 | not yet calculated | CVE-2019-1010083 CONFIRM |
palo_alto_networks -- pan-os | Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11 and earlier, and PAN-OS 8.1.2 and earlier with GlobalProtect Portal or GlobalProtect Gateway Interface enabled may allow an unauthenticated remote attacker to execute arbitrary code. | 2019-07-19 | not yet calculated | CVE-2019-1579 BID MISC |
perl_crypt-jwt -- perl_crypt-jwt | Perl Crypt::JWT prior to 0.023 is affected by: Incorrect Access Control. The impact is: allow attackers to bypass authentication by providing a token by crafting with hmac(). The component is: JWT.pm, line 614. The attack vector is: network connectivity. The fixed version is: after commit b98a59b42ded9f9e51b2560410106207c2152d6c. | 2019-07-17 | not yet calculated | CVE-2019-1010263 MISC MISC |
pluckcms -- pluckcms | PluckCMS 4.7.4 and earlier is affected by: CWE-434 Unrestricted Upload of File with Dangerous Type. The impact is: get webshell. The component is: data/inc/images.php line36. The attack vector is: modify the MIME TYPE on HTTP request to upload a php file. The fixed version is: after commit 09f0ab871bf633973cfd9fc4fe59d4a912397cf8. | 2019-07-16 | not yet calculated | CVE-2019-1010062 MISC MISC |
premium_software -- cleditor | Premium Software CLEditor 1.4.5 and earlier is affected by: Cross Site Scripting (XSS). The impact is: An attacker might be able to inject arbitrary html and script code into the web site. The component is: jQuery plug-in. The attack vector is: the victim must open a crafted href attribute of a link (A) element. | 2019-07-19 | not yet calculated | CVE-2019-1010113 MISC |
printeron -- printeron_central_print_services | An issue was discovered in PrinterOn Central Print Services (CPS) through 4.1.4. The core components that create and launch a print job do not perform complete verification of the session cookie that is supplied to them. As a result, an attacker with guest/pseudo-guest level permissions can bypass the session checks (that would otherwise logout a low-privileged user) by calling the core print job components directly via crafted HTTP GET and POST requests. | 2019-07-19 | not yet calculated | CVE-2018-17210 MISC |
proftpd -- proftpd | An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306. | 2019-07-19 | not yet calculated | CVE-2019-12815 MISC MISC MISC |
python_engineio -- python_engineio | An issue was discovered in python-engineio through 3.8.2. There is a Cross-Site WebSocket Hijacking (CSWSH) vulnerability that allows attackers to make WebSocket connections to a server by using a victim's credentials, because the Origin header is not restricted. | 2019-07-15 | not yet calculated | CVE-2019-13611 MISC |
qbittorrent -- qbittorrent | In qBittorrent before 4.1.7, the function Application::runExternalProgram() located in app/application.cpp allows command injection via shell metacharacters in the torrent name parameter or current tracker parameter, as demonstrated by remote command execution via a crafted name within an RSS feed. | 2019-07-17 | not yet calculated | CVE-2019-13640 MISC |
quake3e -- quake3e | Quake3e < 5ed740d is affected by: Buffer Overflow. The impact is: Possible code execution and denial of service. The component is: Argument string creation. | 2019-07-16 | not yet calculated | CVE-2019-1010043 MISC |
ranger_studios -- directus_7_api | In Directus 7 API before 2.2.1, uploading of PHP files is not blocked, leading to uploads/_/originals remote code execution. | 2019-07-19 | not yet calculated | CVE-2019-13979 MISC MISC |
ranger_studios -- directus_7_api | In Directus 7 API through 2.3.0, uploading of PHP files is blocked only when the Apache HTTP Server is used, leading to uploads/_/originals remote code execution with nginx. | 2019-07-19 | not yet calculated | CVE-2019-13980 MISC |
ranger_studios -- directus_7_api | In Directus 7 API through 2.3.0, remote attackers can read image files via a direct request for a filename under the uploads/_/originals/ directory. This is related to a configuration option in which the file collection can be non-public, but this option does not apply to the thumbnailer. | 2019-07-19 | not yet calculated | CVE-2019-13981 MISC MISC |
ranger_studios -- directus_7_api | Directus 7 API before 2.2.2 has insufficient anti-automation, as demonstrated by lack of a CAPTCHA in core/Directus/Services/AuthService.php and endpoints/Auth.php. | 2019-07-19 | not yet calculated | CVE-2019-13983 MISC MISC |
ranger_studios -- directus_7_api | Directus 7 API before 2.3.0 does not validate uploaded files. Regardless of the file extension or MIME type, there is a direct link to each uploaded file, accessible by unauthenticated users, as demonstrated by the EICAR Anti-Virus Test File. | 2019-07-19 | not yet calculated | CVE-2019-13984 MISC MISC |
ranger_studios -- directus_7_api | interfaces/markdown/input.vue in Directus 7 Application before 7.7.0 does not sanitize Markdown text before rendering a preview. | 2019-07-19 | not yet calculated | CVE-2019-13982 MISC |
redbrick -- shift |
Redbrick Shift through 3.4.3 allows an attacker to extract authentication tokens of services (such as Gmail, Outlook, etc.) used in the application. | 2019-07-17 | not yet calculated | CVE-2019-8932 CONFIRM |
redbrick -- shift |
Redbrick Shift through 3.4.3 allows an attacker to extract emails of services (such as Gmail, Outlook, etc.) used in the application. | 2019-07-17 | not yet calculated | CVE-2019-8931 CONFIRM |
redbrick -- shift | Redbrick Shift through 3.4.3 allows an attacker to extract authentication tokens of services (such as Gmail, Outlook, etc.) used in the application. | 2019-07-17 | not yet calculated | CVE-2019-12914 CONFIRM |
redbrick -- shift | Redbrick Shift through 3.4.3 allows an attacker to extract authentication tokens of services (such as Gmail, Outlook, etc.) used in the application. | 2019-07-17 | not yet calculated | CVE-2019-12911 CONFIRM |
rubygems -- paranoid2_gem | The paranoid2 gem 1.1.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. The current version, without this backdoor, is 1.1.5. | 2019-07-14 | not yet calculated | CVE-2019-13589 BID MISC MISC |
sahi_pro -- sahi_pro | _s_/sprm/_s_/dyn/Player_setScriptFile in Sahi Pro 8.0.0 allows command execution. It allows one to run ".sah" scripts via Sahi Launcher. Also, one can create a new script with an editor. It is possible to execute commands on the server using the _execute() function. | 2019-07-14 | not yet calculated | CVE-2019-13597 MISC MISC |
saleor -- saleor | Saleor Issue was introduced by merge commit: e1b01bad0703afd08d297ed3f1f472248312cc9c. This commit was released as part of 2.0.0 release is affected by: Incorrect Access Control. The impact is: Important. The component is: ProductVariant type in GraphQL API. The attack vector is: Unauthenticated user can access the GraphQL API (which is by default publicly exposed under `/graphql/` URL) and fetch products data which may include admin-restricted shop's revenue data. The fixed version is: 2.3.1. | 2019-07-15 | not yet calculated | CVE-2019-1010304 MISC |
scapy -- scapy | scapy 2.4.0 is affected by: Denial of Service. The impact is: infinite loop, resource consumption and program unresponsive. The component is: _RADIUSAttrPacketListField.getfield(self..). The attack vector is: over the network or in a pcap. both work. | 2019-07-19 | not yet calculated | CVE-2019-1010142 MISC MISC MISC |
schneider_electric -- modicon_m580_cpu-bmep582040_and_modicon_ethernet_module_ bmenoc0301 | A CWE-119 Buffer Errors vulnerability exists in Modicon M580 CPU - BMEP582040, all versions before V2.90, and Modicon Ethernet Module BMENOC0301, all versions before V2.16, which could cause denial of service on the FTP service of the controller or the Ethernet BMENOC module when it receives a FTP CWD command with a data length greater than 1020 bytes. A power cycle is then needed to reactivate the FTP service. | 2019-07-15 | not yet calculated | CVE-2018-7838 MISC |
shenzhen -- jisiwei_i3_robot_vacuum_cleaner | A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner. Actions performed on the app such as changing a password, and personal information it communicates with the server, use unencrypted HTTP. As an example, while logging in through the app to a Jisiwei account, the login request is being sent in cleartext. The vulnerability exists in both the Android and iOS version of the app. An attacker could exploit this by using an MiTM attack on the local network to obtain someone's login credentials, which gives them full access to the robot vacuum cleaner. | 2019-07-19 | not yet calculated | CVE-2019-12820 MISC |
shenzhen -- jisiwei_i3_robot_vacuum_cleaner | A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner, while adding a device to the account using a QR-code. The QR-code follows an easily predictable pattern that depends only on the specific device ID of the robot vacuum cleaner. By generating a QR-code containing information about the device ID, it is possible to connect an arbitrary device and gain full access to it. The device ID has an initial "JSW" substring followed by a six digit number that depends on the specific device. | 2019-07-19 | not yet calculated | CVE-2019-12821 MISC |
slanger -- slanger | Slanger 0.6.0 is affected by: Remote Code Execution (RCE). The impact is: A remote attacker can execute arbitrary commands by sending a crafted request to the server. The component is: Message handler & request validator. The attack vector is: Remote unauthenticated. The fixed version is: after commit 5267b455caeb2e055cccf0d2b6a22727c111f5c3. | 2019-07-15 | not yet calculated | CVE-2019-1010306 MISC |
sleuthkit -- sleuthkit | The Sleuth Kit 4.6.0 and earlier is affected by: Integer Overflow. The impact is: Opening crafted disk image triggers crash in tsk/fs/hfs_dent.c:237. The component is: Overflow in fls tool used on HFS image. Bug is in tsk/fs/hfs.c file in function hfs_cat_traverse() in lines: 952, 1062. The attack vector is: Victim must open a crafted HFS filesystem image. | 2019-07-18 | not yet calculated | CVE-2019-1010065 MISC MISC |
snapview -- mikogo | The Windows versions of Snapview Mikogo, versions before 5.10.2 are affected by insecure implementations which allow local attackers to escalate privileges. | 2019-07-12 | not yet calculated | CVE-2019-12731 MISC |
sourceforge -- timesheet_next_gen | Timesheet Next Gen 1.5.3 and earlier is affected by: Cross Site Scripting (XSS). The impact is: Allows an attacker to execute arbitrary HTML and JavaScript code via a "redirect" parameter. The component is: Web login form: login.php, lines 40 and 54. The attack vector is: reflected XSS, victim may click the malicious url. | 2019-07-17 | not yet calculated | CVE-2019-1010287 MISC MISC |
sox -- sox | An issue was discovered in libsox.a in SoX 14.4.2. In sox-fmt.h (startread function), there is an integer overflow on the result of integer addition (wraparound to 0) fed into the lsx_calloc macro that wraps malloc. When a NULL pointer is returned, it is used without a prior check that it is a valid pointer, leading to a NULL pointer dereference on lsx_readbuf in formats_i.c. | 2019-07-14 | not yet calculated | CVE-2019-13590 MISC |
synetics_gmbh -- i-doit | Synetics GmbH I-doit 1.12 and earlier is affected by: SQL Injection. The impact is: Unauthenticated mysql database access. The component is: Web login form. The attack vector is: An attacker can exploit the vulnerability by sending a malicious HTTP POST request. The fixed version is: 1.12.1. | 2019-07-18 | not yet calculated | CVE-2019-1010248 MISC |
tenable -- comodo_antivirus | Comodo Antivirus versions 12.0.0.6810 and below are vulnerable to Denial of Service affecting CmdAgent.exe via an unprotected section object "<GUID>_CisSharedMemBuff". This section object is exposed by CmdAgent and contains a SharedMemoryDictionary object, which allows a low privileged process to modify the object data causing CmdAgent.exe to crash. | 2019-07-17 | not yet calculated | CVE-2019-3972 MISC |
tenable -- comodo_antivirus | Comodo Antivirus versions 11.0.0.6582 and below are vulnerable to Denial of Service affecting CmdGuard.sys via its filter port "cmdServicePort". A low privileged process can crash CmdVirth.exe to decrease the port's connection count followed by process hollowing a CmdVirth.exe instance with malicious code to obtain a handle to "cmdServicePort". Once this occurs, a specially crafted message can be sent to "cmdServicePort" using "FilterSendMessage" API. This can trigger an out-of-bounds write if lpOutBuffer parameter in FilterSendMessage API is near the end of specified buffer bounds. The crash occurs when the driver performs a memset operation which uses a size beyond the size of buffer specified, causing kernel crash. | 2019-07-17 | not yet calculated | CVE-2019-3973 MISC |
tenable -- comodo_antivirus | Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Local Privilege Escalation due to CmdAgent's handling of COM clients. A local process can bypass the signature check enforced by CmdAgent via process hollowing which can then allow the process to invoke sensitive COM methods in CmdAgent such as writing to the registry with SYSTEM privileges. | 2019-07-17 | not yet calculated | CVE-2019-3969 MISC |
tenable -- comodo_antivirus | Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to a local Denial of Service affecting CmdVirth.exe via its LPC port "cmdvrtLPCServerPort". A low privileged local process can connect to this port and send an LPC_DATAGRAM, which triggers an Access Violation due to hardcoded NULLs used for Source parameter in a memcpy operation that is called for this handler. This results in CmdVirth.exe and its child svchost.exe instances to terminate. | 2019-07-17 | not yet calculated | CVE-2019-3971 MISC |
tenable -- comodo_antivirus | Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Arbitrary File Write due to Cavwp.exe handling of Comodo's Antivirus database. Cavwp.exe loads Comodo antivirus definition database in unsecured global section objects, allowing a local low privileged process to modify this data directly and change virus signatures. | 2019-07-17 | not yet calculated | CVE-2019-3970 MISC |
tinymce -- tinymce | tinymce 4.7.11, 4.7.12 is affected by: CWE-79: Improper Neutralization of Input During Web Page Generation. The impact is: JavaScript code execution. The component is: Media element. The attack vector is: The victim must paste malicious content to media element's embed tab. | 2019-07-17 | not yet calculated | CVE-2019-1010091 MISC |
tp-link -- archer_c1200 | CMD_SET_CONFIG_COUNTRY in the TP-Link Device Debug protocol in TP-Link Archer C1200 1.0.0 Build 20180502 rel.45702 and earlier is prone to a stack-based buffer overflow, which allows a remote attacker to achieve code execution or denial of service by sending a crafted payload to the listening server. | 2019-07-17 | not yet calculated | CVE-2019-13614 MISC |
tp-link -- wireless_router_archer_router | CMD_FTEST_CONFIG in the TP-Link Device Debug protocol in TP-Link Wireless Router Archer Router version 1.0.0 Build 20180502 rel.45702 (EU) and earlier is prone to a stack-based buffer overflow, which allows a remote attacker to achieve code execution or denial of service by sending a crafted payload to the listening server. | 2019-07-17 | not yet calculated | CVE-2019-13613 MISC |
ulaunchelf_project -- ulaunchelf | uLaunchELF < commit 170827a is affected by: Buffer Overflow. The impact is: Possible code execution and denial of service. The component is: Loader program (loader.c) overly trusts the arguments provided via command line. | 2019-07-15 | not yet calculated | CVE-2019-1010039 MISC |
univention -- univention_corporate_server | Univention Corporate Server univention-directory-notifier 12.0.1-3 and earlier is affected by: CWE-213: Intentional Information Exposure. The impact is: Loss of Confidentiality. The component is: function data_on_connection() in src/callback.c. The attack vector is: network connectivity. The fixed version is: 12.0.1-4 and later. | 2019-07-17 | not yet calculated | CVE-2019-1010283 MISC MISC |
videolan -- vlc_media_player | lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height. | 2019-07-18 | not yet calculated | CVE-2019-13962 MISC MISC |
wordpress -- wordpress | TechyTalk Quick Chat WordPress Plugin All up to the latest is affected by: SQL Injection. The impact is: Access to the database. The component is: like_escape is used in Quick-chat.php line 399. The attack vector is: Crafted ajax request. | 2019-07-18 | not yet calculated | CVE-2019-1010104 MISC |
wordpress -- wordpress | A SQL injection vulnerability exists in the Icegram Email Subscribers & Newsletters plugin through 4.1.7 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system. | 2019-07-19 | not yet calculated | CVE-2019-13569 MISC |
wordpress -- wordpress | An issue was discovered in the wp-code-highlightjs plugin through 0.6.2 for WordPress. wp-admin/options-general.php?page=wp-code-highlight-js allows CSRF, as demonstrated by an XSS payload in the hljs_additional_css parameter. | 2019-07-19 | not yet calculated | CVE-2019-12934 MISC MISC |
zeek -- zeek | In Zeek Network Security Monitor (formerly known as Bro) before 2.6.2, a NULL pointer dereference in the Kerberos (aka KRB) protocol parser leads to DoS because a case-type index is mishandled. | 2019-07-17 | not yet calculated | CVE-2019-12175 CONFIRM |
zeroshell -- zeroshell | Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web application mishandles a few HTTP parameters. An unauthenticated attacker can exploit this issue by injecting OS commands inside the vulnerable parameters. | 2019-07-19 | not yet calculated | CVE-2019-12725 MISC MISC |
zipios_project -- zipios | Zipios before 0.1.7 does not properly handle certain malformed zip archives and can go into an infinite loop, causing a denial of service. This is related to zipheadio.h:readUint32() and zipfile.cpp:Zipfile::Zipfile(). | 2019-07-17 | not yet calculated | CVE-2019-13453 BID MISC CONFIRM |
zmartzone -- iam_auth_openidc | ZmartZone IAM mod_auth_openidc 2.3.10.1 and earlier is affected by: Cross Site Scripting (XSS). The impact is: Redirecting the user to a phishing page or interacting with the application on behalf of the user. The component is: File: src/mod_auth_openidc.c, Line: 3109. The fixed version is: 2.3.10.2. | 2019-07-19 | not yet calculated | CVE-2019-1010247 MISC MISC MISC |
zzcms -- zzmcms | zzcms zzmcms 8.3 and earlier is affected by: File Delete to getshell. The impact is: getshell. The component is: /user/ppsave.php. | 2019-07-19 | not yet calculated | CVE-2019-1010151 MISC |
This product is provided subject to this Notification and this Privacy & Use policy.
from CISA All NCAS Products https://www.us-cert.gov/ncas/bulletins/sb19-203
Comments
Post a Comment