Vulnerability Summary for the Week of November 25, 2019

Released
Dec 02, 2019
Document ID
SB19-336

The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded in the past week. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores.

Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High: vulnerabilities with a CVSS base score of 7.0–10.0
  • Medium: vulnerabilities with a CVSS base score of 4.0–6.9
  • Low: vulnerabilities with a CVSS base score of 0.0–3.9

Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis. 

Vulnerability Severity:

The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

 

High Vulnerabilities

Primary
Vendor -- Product		DescriptionPublishedCVSS ScoreSource & Patch Info
chicken -- chicken
 		Buffer overflow in CHICKEN 4.9.0 and 4.9.0.1 may allow remote attackers to execute arbitrary code via the 'select' function.2019-11-227.5CVE-2014-6310
MISC
MISC
CONFIRM
MISC
google -- chrome
 		Out of bounds memory access in JavaScript in Google Chrome prior to 75.0.3770.142 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-257.5CVE-2019-5866
MISC
MISC
red_hat -- redhat-upgrade-tool
 		redhat-upgrade-tool: Does not check GPG signatures when upgrading versions2019-11-2210CVE-2014-3585
REDHAT
REDHAT

Back to top

 

Medium Vulnerabilities

Primary
Vendor -- Product		DescriptionPublishedCVSS ScoreSource & Patch Info
gael -- q-pulseCross-site scripting (XSS) vulnerability in ui/common/managedlistdialog.aspx in Gael Q-Pulse 0.6 and earlier.2019-11-224.3CVE-2014-1238
MISC
gitlab -- gitlab_community_and_enterprise_edition

 

An issue was discovered in GitLab Community and Enterprise Edition before 12.4. It has Insecure Permissions.2019-11-264CVE-2019-18447
MISC
MISC
gitlab -- gitlab_community_and_enterprise_edition

 

An issue was discovered in GitLab Community and Enterprise Edition through 12.4. It has Insecure Permissions (issue 2 of 4).2019-11-264CVE-2019-18458
MISC
MISC
gitlab -- gitlab_community_and_enterprise_edition

 

An issue was discovered in GitLab Community and Enterprise Edition 11.3 through 12.4 when moving an issue to a public project from a private one. It has Insecure Permissions.2019-11-265CVE-2019-18452
MISC
MISC
gitlab -- gitlab_community_and_enterprise_edition

 

An issue was discovered in GitLab Community and Enterprise Edition 11.6 through 12.4 in the add comments via email feature. It has Insecure Permissions.2019-11-264CVE-2019-18453
MISC
MISC
gitlab -- gitlab_community_and_enterprise_edition

 

An issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the Project labels feature. It has Insecure Permissions.2019-11-264CVE-2019-18450
MISC
MISC
gitlab -- gitlab_community_and_enterprise_edition

 

An issue was discovered in GitLab Community and Enterprise Edition before 12.4. It has Incorrect Access Control.2019-11-264CVE-2019-18448
MISC
MISC
gitlab -- gitlab_community_and_enterprise_edition
 		An issue was discovered in GitLab Community and Enterprise Edition 8.15 through 12.4 in the Comments Search feature provided by the Elasticsearch integration. It has Incorrect Access Control.2019-11-265CVE-2019-18460
MISC
MISC
gitlab -- gitlab_community_and_enterprise_edition
 		An issue was discovered in GitLab Community and Enterprise Edition 11.8 through 12.4 when handling Security tokens.. It has Insecure Permissions.2019-11-266.5CVE-2019-18457
MISC
MISC
gitlab -- gitlab_community_and_enterprise_edition
 		An issue was discovered in GitLab Community and Enterprise Edition 10.7.4 through 12.4 in the InternalRedirect filtering feature. It has an Open Redirect.2019-11-265.8CVE-2019-18451
MISC
MISC
gitlab -- gitlab_community_and_enterprise_edition
 		An issue was discovered in GitLab Community and Enterprise Edition 10.5 through 12.4 in link validation for RDoc wiki pages feature. It has XSS.2019-11-264.3CVE-2019-18454
MISC
MISC
gitlab -- gitlab_community_and_enterprise_edition
 		An issue was discovered in GitLab Community and Enterprise Edition 8.15 through 12.4. It has Insecure Permissions (issue 1 of 2).2019-11-265.5CVE-2019-18446
CONFIRM
MISC
gitlab -- gitlab_community_and_enterprise_edition
 		An issue was discovered in GitLab Community and Enterprise Edition 11 through 12.4 when building Nested GraphQL queries. It has a large or infinite loop.2019-11-265CVE-2019-18455
MISC
MISC
google -- chromeInsufficient validation of untrusted input in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download restrictions via a crafted HTML page.2019-11-254.3CVE-2019-13710
MISC
MISC
google -- chromeInsufficient policy enforcement in the Omnibox in Google Chrome on Android prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.2019-11-254.3CVE-2019-13703
MISC
MISC
google -- chromeInsufficient policy enforcement in reader mode in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass site isolation via a crafted HTML page.2019-11-256.8CVE-2019-13692
MISC
MISC
google -- chrome

 

Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.2019-11-255CVE-2019-13711
MISC
MISC
google -- chrome
 		Use after free in audio in Google Chrome on Android prior to 77.0.3865.120 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-13695
MISC
MISC
google -- chrome
 		Insufficient policy enforcement in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass content security policy via a crafted HTML page.2019-11-254.3CVE-2019-13704
MISC
MISC
google -- chrome
 		Inappropriate implementation in navigation in Google Chrome on iOS prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.2019-11-254.3CVE-2019-13708
MISC
MISC
google -- chrome
 		Insufficient validation of untrusted input in Color Enhancer extension in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to inject CSS into an HTML page via a crafted URL.2019-11-254.3CVE-2019-13714
MISC
MISC
google -- chrome
 		Insufficient validation of untrusted input in intents in Google Chrome on Android prior to 78.0.3904.70 allowed a local attacker to leak files via a crafted application.2019-11-254.3CVE-2019-13707
MISC
MISC
google -- chrome
 		Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.2019-11-254.3CVE-2019-13715
MISC
MISC
google -- chrome
 		Insufficient policy enforcement in extensions in Google Chrome prior to 78.0.3904.70 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension.2019-11-254.3CVE-2019-13705
MISC
MISC
google -- chrome
 		Out of bounds read in Skia in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.2019-11-255.8CVE-2019-5849
MISC
MISC
google -- chrome
 		Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page.2019-11-254.3CVE-2019-13717
MISC
MISC
google -- chrome
 		Insufficient policy enforcement in service workers in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.2019-11-254.3CVE-2019-13716
MISC
MISC
google -- chrome
 		Use after free in Blink in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-13687
MISC
MISC
google -- chrome
 		Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page.2019-11-254.3CVE-2019-13719
MISC
MISC
google -- chrome
 		Insufficient data validation in Omnibox in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.2019-11-254.3CVE-2019-13718
MISC
MISC
google -- chrome
 		Use after free in Blink in Google Chrome prior to 76.0.3809.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-254.3CVE-2019-5869
MISC
MISC
google -- chrome
 		Inappropriate implementation in JavaScript in Google Chrome prior to 75.0.3770.142 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-254.3CVE-2019-5847
MISC
MISC
google -- chrome
 		Inappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.2019-11-254.3CVE-2019-5852
MISC
MISC
google -- chrome
 		Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.2019-11-254.3CVE-2019-13713
MISC
MISC
google -- chrome
 		Use after free in PDFium in Google Chrome prior to 76.0.3809.100 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.2019-11-254.3CVE-2019-5868
MISC
MISC
google -- chrome
 		Use after free in PDFium in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.2019-11-254.3CVE-2019-5860
MISC
MISC
google -- chrome
 		Use after free in Mojo in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-254.3CVE-2019-5872
MISC
MISC
google -- chrome
 		Use after free in Blink in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-13688
MISC
MISC
google -- chrome
 		Use after free in Blink in Google Chrome prior to 75.0.3770.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-254.3CVE-2019-5842
MISC
MISC
google -- chrome
 		Insufficient policy enforcement in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download restrictions via a crafted HTML page.2019-11-254.3CVE-2019-13709
MISC
MISC
google -- chrome
 		Use after free in offline mode in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-13686
MISC
MISC
google -- chrome
 		Insufficient policy enforcement in performance APIs in Google Chrome prior to 77.0.3865.120 allowed a remote attacker to leak cross-origin data via a crafted HTML page.2019-11-254.3CVE-2019-13697
MISC
MISC
google -- chrome
 		Use after free in media in Google Chrome on Android prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-5876
MISC
MISC
google -- chrome
 		Use after free in WebAudio in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-5851
MISC
MISC
google -- chrome
 		Use after free in PDFium in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-13721
MISC
MISC
google -- chrome
 		Use after free in media in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-13699
MISC
MISC
google -- chrome
 		Out of bounds memory access in the gamepad API in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-13700
MISC
MISC
google -- chrome
 		Inappropriate implementation in installer in Google Chrome on Windows prior to 78.0.3904.70 allowed a local attacker to perform privilege escalation via a crafted executable.2019-11-256.8CVE-2019-13702
MISC
MISC
google -- chrome
 		Out of bounds memory access in PDFium in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.2019-11-256.8CVE-2019-13706
MISC
MISC
google -- chrome
 		Use after free in WebAudio in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-13720
MISC
MISC
google -- chrome
 		Incorrect font handling in autofill in Google Chrome prior to 75.0.3770.142 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.2019-11-254.3CVE-2019-5848
MISC
MISC
google -- chrome
 		Out of bounds memory access in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-13724
MISC
MISC
google -- chrome
 		Use after free in offline mode in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.2019-11-256.8CVE-2019-5850
MISC
MISC
google -- chrome
 		Use after free in IndexedDB in Google Chrome prior to 77.0.3865.120 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.2019-11-256.8CVE-2019-13693
MISC
MISC
google -- chrome
 		Inappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-5853
MISC
MISC
google -- chrome
 		Insufficient validation of untrusted input in navigation in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.2019-11-254.3CVE-2019-13691
MISC
MISC
google -- chrome
 		Incorrect implementation in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.2019-11-254.3CVE-2019-13701
MISC
MISC
google -- chrome
 		Integer overflow in PDFium in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.2019-11-256.8CVE-2019-5854
MISC
MISC
google -- chrome
 		Use after free in media in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.2019-11-256.8CVE-2019-5870
MISC
MISC
google -- chrome
 		Out of bounds memory access in JavaScript in Google Chrome prior to 73.0.3683.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-13698
MISC
MISC
google -- chrome
 		Use after free in V8 in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-5878
MISC
MISC
google -- chrome
 		Use after free in JavaScript in Google Chrome prior to 77.0.3865.120 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-13696
MISC
MISC
google -- chrome
 		Insufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.2019-11-254.3CVE-2019-13683
MISC
MISC
google -- chrome
 		Use after free in WebRTC in Google Chrome prior to 77.0.3865.120 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-13694
MISC
MISC
google -- chrome
 		Use after free in sharing view in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-256.8CVE-2019-13685
MISC
MISC
ibm -- smartcloud_analyticsIBM SmartCloud Analytics 1.3.1 through 1.3.5 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. IBM X-Force ID: 159187.2019-11-224.9CVE-2019-4216
XF
CONFIRM
ibm -- smartcloud_analytics
 		IBM SmartCloud Analytics 1.3.1 through 1.3.5 does not set the secure attribute on authorization tokens or session cookies. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 159185.2019-11-224.3CVE-2019-4214
XF
CONFIRM
ibm -- smartcloud_analytics
 		IBM SmartCloud Analytics 1.3.1 through 1.3.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 159186.2019-11-224.3CVE-2019-4215
XF
CONFIRM
openstack -- designateDesignate does not enforce the DNS protocol limit concerning record set sizes2019-11-224CVE-2015-5694
MISC
MISC
MISC
MISC
ovirt -- ovirtoVirt users with MANIPULATE_STORAGE_DOMAIN permissions can attach a storage domain to any data-center2019-11-224CVE-2015-1780
MISC
MISC
pagekit -- pagekitA CSRF vulnerability in Pagekit 1.0.17 allows an attacker to upload an arbitrary file by removing the CSRF token from a request.2019-11-226.8CVE-2019-19013
MISC
plow -- plow
 		plow has local buffer overflow vulnerability2019-11-224.6CVE-2012-3407
MISC
MISC
MISC
postfixadmin -- postfixadmin
 		PostfixAdmin 2.3.4 has multiple XSS vulnerabilities2019-11-224.3CVE-2012-0812
MISC
MISC
MISC
MISC
MISC
MISC
MISC
zte -- zxcdn_iamwebThe version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a code injection vulnerability. An attacker could exploit the vulnerability to inject malicious code into the management page, resulting in users? information leakage.2019-11-226.5CVE-2019-3427
CONFIRM

Back to top

 

Low Vulnerabilities

Primary
Vendor -- Product		DescriptionPublishedCVSS ScoreSource & Patch Info
google -- chrome
 		Inappropriate implementation in JavaScript in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page.2019-11-252.6CVE-2019-13684
MISC
MISC
ibm -- smartcloud_analytics
 		IBM SmartCloud Analytics 1.3.1 through 1.3.5 allows unauthorized disclosure of information like accessing solrconfig.xml and could allow an attacker to perform disruptive administrator tasks. IBM X-Force ID: 159517.2019-11-223.6CVE-2019-4243
XF
CONFIRM
videolan -- libbluray
 		libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when expanding JAR files2019-11-223.3CVE-2015-7810
MISC
MISC
MISC
MISC
MISC

Back to top

 

Severity Not Yet Assigned

Primary
Vendor -- Product		DescriptionPublishedCVSS ScoreSource & Patch Info
abb -- power_generation_information_manager_and_plant_connectIn all versions of ABB Power Generation Information Manager (PGIM) and Plant Connect, the affected product is vulnerable to authentication bypass, which may allow an attacker to remotely bypass authentication and extract credentials from the affected device.2019-11-26not yet calculatedCVE-2019-18250
MISC
abb -- relion_670_series_intelligent_electronic_devicesAn attacker could use specially crafted paths in a specific request to read or delete files from Relion 670 Series (versions 1p1r26, 1.2.3.17, 2.0.0.10, RES670 2.0.0.4, 2.1.0.1, and prior) outside the intended directory.2019-11-27not yet calculatedCVE-2019-18253
MISC
abb -- relion_670_series_intelligent_electronic_devicesAn attacker may use a specially crafted message to force Relion 650 series (versions 1.3.0.5 and prior) or Relion 670 series (versions 1.2.3.18, 2.0.0.11, 2.1.0.1 and prior) to reboot, which could cause a denial of service.2019-11-27not yet calculatedCVE-2019-18247
MISC
accountservice -- accountserviceAn issue exists AccountService 0.6.37 in the user_change_password_authorized_cb() function in user.c which could let a local users obtain encrypted passwords.2019-11-27not yet calculatedCVE-2012-6655
MISC
MISC
MISC
MISC
MISC
MISC
ace -- acegenerate_doygen.pl in ace before 6.2.7+dfsg-2 creates predictable file names in the /tmp directory which allows attackers to gain elevated privileges.2019-11-22not yet calculatedCVE-2014-6311
MISC
MISC
MISC
MISC
afterlogic -- webmail_pro_and_auroraAfterlogic WebMail Pro 8.3.11, and WebMail in Afterlogic Aurora 8.3.11, allows Remote Stored XSS via an attachment name.2019-11-26not yet calculatedCVE-2019-19129
MISC
MISC
apache -- ofbizThe /webtools/control/xmlrpc endpoint in OFBiz XML-RPC event handler is exposed to External Entity Injection by passing DOCTYPE declarations with executable payloads that discloses the contents of files in the filesystem. In addition, it can also be used to probe for open network ports, and figure out from returned error messages whether a file exists or not. This affects OFBiz 16.11.01 to 16.11.04.2019-11-26not yet calculatedCVE-2011-3600
CONFIRM
MISC
MISC
MISC
MISC
apache -- openofficeOpenOffice.org v3.3 allows execution of arbitrary code with the privileges of the user running the OpenOffice.org suite tools.2019-11-27not yet calculatedCVE-2011-2177
MISC
MISC
MISC
MLIST
apple -- iphone_3gsApple iPhone 3GS bootrom malloc implementation returns a non-NULL pointer when unable to allocate memory, aka 'alloc8'. An attacker with physical access to the device can install arbitrary firmware.2019-11-22not yet calculatedCVE-2019-9536
MISC
MISC
apt -- aptIt was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.2019-11-26not yet calculatedCVE-2011-3374
MISC
MISC
MISC
MISC
MISC
artifex -- ghostscriptA flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.2019-11-27not yet calculatedCVE-2019-14812
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
artifex -- ghostscriptIt was found that the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas.2019-11-27not yet calculatedCVE-2019-10216
CONFIRM
best_practical_solutions -- jifty::dbiSQL injection vulnerability in Jifty::DBI before 0.68.2019-11-26not yet calculatedCVE-2011-1933
MLIST
MISC
MISC
CONFIRM
MLIST
MISC
centreon -- centreonCentreon before 2.8.30, 18.x before 18.10.8, and 19.x before 19.04.5 allows XSS via myAccount alias and name fields.2019-11-26not yet calculatedCVE-2019-16195
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
centreon -- centreon_webA problem was found in Centreon Web through 19.04.3. An authenticated command injection is present in the page include/configuration/configObject/traps-mibs/formMibs.php. This page is called from the Centreon administration interface. This is the mibs management feature that contains a file filing form. At the time of submission of a file, the mnftr parameter is sent to the page and is not filtered properly. This allows one to inject Linux commands directly.2019-11-27not yet calculatedCVE-2019-15298
MISC
MISC
MISC
centreon -- centreon_webA problem was found in Centreon Web through 19.04.3. An authenticated SQL injection is present in the page include/Administration/parameters/ldap/xml/ldap_host.php. The arId parameter is not properly filtered before being passed to the SQL query.2019-11-27not yet calculatedCVE-2019-15300
MISC
MISC
MISC
MISC
MISC
MISC
cesanta -- mongooseAn integer overflow in parse_mqtt in mongoose.c in Cesanta Mongoose 6.16 allows an attacker to achieve remote DoS (infinite loop), or possibly cause an out-of-bounds write, by sending a crafted MQTT protocol packet.2019-11-26not yet calculatedCVE-2019-19307
MISC
cisco -- small_business_rv_series_routersA vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an unauthenticated, remote attacker to view information displayed in the web-based management interface. The vulnerability is due to improper authorization of HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface of an affected device. A successful exploit could allow the attacker to view information displayed in the web-based management interface without authentication.2019-11-26not yet calculatedCVE-2019-15990
CISCO
cisco -- dna_spaces_connectorA vulnerability in the web UI of Cisco DNA Spaces: Connector could allow an authenticated, remote attacker to execute arbitrary SQL queries. The vulnerability exists because the web UI does not properly validate user-supplied input. An attacker could exploit this vulnerability by entering malicious SQL statements in an affected field in the web UI. A successful exploit could allow the attacker to remove the SQL database, which would require the reinstallation of the Connector VM.2019-11-26not yet calculatedCVE-2019-15995
CISCO
cisco -- dna_spaces_connectorA vulnerability in Cisco DNA Spaces: Connector could allow an authenticated, local attacker to perform a command injection attack and execute arbitrary commands on the underlying operating system as root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command. An attacker could exploit this vulnerability by including malicious input during the execution of the affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system as root.2019-11-26not yet calculatedCVE-2019-15997
CISCO
cisco -- dna_spaces_connectorA vulnerability in Cisco DNA Spaces: Connector could allow an authenticated, local attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root. The vulnerability is due to insufficient restrictions during the execution of an affected CLI command. An attacker could exploit this vulnerability by leveraging the insufficient restrictions to modify sensitive files. A successful exploit could allow the attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root.2019-11-26not yet calculatedCVE-2019-15996
CISCO
cisco -- email_security_applianceA vulnerability in the MP3 detection engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured content filters on the device. The vulnerability is due to improper validation of certain MP3 file types. An attacker could exploit this vulnerability by sending a crafted MP3 file through the targeted device. A successful exploit could allow the attacker to bypass configured content filters that would normally drop the email.2019-11-26not yet calculatedCVE-2019-15971
CISCO
cisco -- email_security_applianceA vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. The vulnerability is due to insufficient input validation of URLs. An attacker could exploit this vulnerability by crafting the URL in a particular way. A successful exploit could allow the attacker to bypass the URL reputation filters that are configured for the affected device, which could allow malicious URLs to pass through the device.2019-11-26not yet calculatedCVE-2019-15988
CISCO
cisco -- industrial_network_directorA vulnerability in the web-based management interface of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected application. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected application. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.2019-11-26not yet calculatedCVE-2019-15973
CISCO
cisco -- ios_xr_softwareA vulnerability in the access-control logic of the NETCONF over Secure Shell (SSH) of Cisco IOS XR Software may allow connections despite an access control list (ACL) that is configured to deny access to the NETCONF over SSH of an affected device. The vulnerability is due to a missing check in the NETCONF over SSH access control list (ACL). An attacker could exploit this vulnerability by connecting to an affected device using NETCONF over SSH. A successful exploit could allow the attacker to connect to the device on the NETCONF port. Valid credentials are required to access the device. This vulnerability does not affect connections to the default SSH process on the device.2019-11-26not yet calculatedCVE-2019-15998
CISCO
cisco -- multiple_productsA vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE), Cisco TelePresence Codec (TC), and Cisco RoomOS Software could allow an authenticated, remote attacker to escalate privileges to an unrestricted user of the restricted shell. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including specific arguments when opening an SSH connection to an affected device. A successful exploit could allow the attacker to gain unrestricted user access to the restricted shell of an affected device.2019-11-26not yet calculatedCVE-2019-15288
CISCO
cisco -- multiple_productsA vulnerability in web interface of the Cisco Webex Event Center, Cisco Webex Meeting Center, Cisco Webex Support Center, and Cisco Webex Training Center could allow an unauthenticated, remote attacker to guess account usernames. The vulnerability is due to missing CAPTCHA protection in certain URLs. An attacker could exploit this vulnerability by sending a crafted request to the web interface. A successful exploit could allow the attacker to know if a given username is valid and find the real name of the user.2019-11-26not yet calculatedCVE-2019-15987
CISCO
cisco -- prime_infrastructure_and_evolved_programmable_network_managerA vulnerability in the REST API of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network Manager (EPNM) could allow an unauthenticated remote attacker to execute arbitrary code with root privileges on the underlying operating system. The vulnerability is due to insufficient input validation during the initial High Availability (HA) configuration and registration process of an affected device. An attacker could exploit this vulnerability by uploading a malicious file during the HA registration period. A successful exploit could allow the attacker to execute arbitrary code with root-level privileges on the underlying operating system. Note: This vulnerability can only be exploited during the HA registration period. See the Details section for more information.2019-11-26not yet calculatedCVE-2019-15958
CISCO
cisco -- sd-wan_solutionA vulnerability in the vManage web-based UI (web UI) of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web UI on an affected instance of vManage. An attacker could exploit this vulnerability by persuading a user to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user.2019-11-26not yet calculatedCVE-2019-16002
CISCO
cisco -- small_business_rv_series_routersA vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an authenticated, remote attacker to execute arbitrary commands with root privileges. The attacker must have either a valid credential or an active session token. The vulnerability is due to lack of input validation of the HTTP payload. An attacker could exploit this vulnerability by sending a malicious HTTP request to the web-based management interface of the targeted device. A successful exploit could allow the attacker to execute commands with root privileges.2019-11-26not yet calculatedCVE-2019-15271
CISCO
cisco -- stealthwatch_enterpriseA vulnerability in the web-based management interface of Cisco Stealthwatch Enterprise could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.2019-11-26not yet calculatedCVE-2019-15994
CISCO
cisco -- telepresence_collaboration_endpoint_and_roomos_softwareA vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS Software could allow an authenticated, local attacker to enable audio recording without notifying users. The vulnerability is due to the presence of unnecessary debug commands. An attacker could exploit this vulnerability by gaining unrestricted access to the restricted shell and using the specific debug commands. A successful exploit could allow the attacker to enable the microphone of an affected device to record audio without notifying users.2019-11-26not yet calculatedCVE-2019-15967
CISCO
cisco -- unified_communications_domain_managerA vulnerability in the web-based management interface of Cisco Unified Communications Domain Manager (Unified CDM) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.2019-11-26not yet calculatedCVE-2019-15968
CISCO
cisco -- unified_communications_managerA vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management interface improperly validates SQL values. An attacker could exploit this vulnerability by authenticating to the application and sending malicious requests to an affected system. A successful exploit could allow the attacker to modify values on or return values from the underlying database.2019-11-26not yet calculatedCVE-2019-15972
CISCO
cisco -- unity_expressA vulnerability in the CLI of Cisco Unity Express could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. To exploit this vulnerability, an attacker would need valid administrator credentials. The vulnerability is due to improper input validation for certain CLI commands that are executed on a vulnerable system. An attacker could exploit this vulnerability by logging in to the system and sending crafted CLI commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root.2019-11-26not yet calculatedCVE-2019-15986
CISCO
cisco -- web_security_applianceA vulnerability in the web management interface of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform an unauthorized system reset on an affected device. The vulnerability is due to improper authorization controls for a specific URL in the web management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could have a twofold impact: the attacker could either change the administrator password, gaining privileged access, or reset the network configuration details, causing a denial of service (DoS) condition. In both scenarios, manual intervention is required to restore normal operations.2019-11-26not yet calculatedCVE-2019-15956
CISCO
cisco -- webex_meetingsA vulnerability in the Webex Network Recording Admin page of Cisco Webex Meetings could allow an authenticated, remote attacker to elevate privileges in the context of the affected page. To exploit this vulnerability, the attacker must be logged in as a low-level administrator. The vulnerability is due to insufficient access control validation. An attacker could exploit this vulnerability by submitting a crafted URL request to gain privileged access in the context of the affected page. A successful exploit could allow the attacker to elevate privileges in the Webex Recording Admin page, which could allow them to view or delete recordings that they would not normally be able to access.2019-11-26not yet calculatedCVE-2019-15960
CISCO
cisco -- webex_network_recording_player_and_webex_player_for_microsoft_windowsMultiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist due to insufficient validation of certain elements with a Webex recording stored in either the Advanced Recording Format (ARF) or the Webex Recording Format (WRF). An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user.2019-11-26not yet calculatedCVE-2019-15284
CISCO
cisco -- webex_recording_player_and_webex_player_for_microsoft_windowsMultiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist due to insufficient validation of certain elements with a Webex recording stored in either the Advanced Recording Format (ARF) or the Webex Recording Format (WRF). An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user.2019-11-26not yet calculatedCVE-2019-15286
CISCO
cisco -- webex_teamsA vulnerability in the loading mechanism of specific dynamic link libraries in Cisco Webex Teams for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The vulnerability is due to insufficient validation of the resources loaded by the application at run time. An attacker could exploit this vulnerability by crafting a malicious DLL file and placing it in a specific location on the targeted system. The malicious DLL file would execute when the vulnerable application is launched. A successful exploit could allow the attacker to execute arbitrary code on the target machine with the privileges of another user account.2019-11-26not yet calculatedCVE-2019-16001
CISCO
cisco -- wireless_lan_controller_softwareA vulnerability in the web interface of Cisco Wireless LAN Controller Software could allow a low-privileged, authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists due to a failure of the HTTP parsing engine to handle specially crafted URLs. An attacker could exploit this vulnerability by authenticating with low privileges to an affected controller and submitting the crafted URL to the web interface of the affected device. Conversely, an unauthenticated attacker could exploit this vulnerability by persuading a user of the web interface to click the crafted URL. A successful exploit could allow the attacker to cause an unexpected restart of the device, resulting in a DoS condition.2019-11-26not yet calculatedCVE-2019-15276
CISCO
claws_mail -- claws_mailClaws Mail vCalendar plugin: credentials exposed on interface2019-11-25not yet calculatedCVE-2012-5527
MISC
MISC
MISC
MISC
MISC
cloud-init -- cloud-initAn privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data.2019-11-25not yet calculatedCVE-2012-6639
MISC
MISC
MISC
MISC
MISC
MISC
cloud_foundry -- uaaCloud Foundry UAA Release, versions prior to v74.8.0, logs all query parameters to tomcat’s access file. If the query parameters are used to provide authentication, ie. credentials, then they will be logged as well.2019-11-26not yet calculatedCVE-2019-11290
CONFIRM
cloudera -- cloudera_data_science_workbenchAn issue was discovered in Cloudera Data Science Workbench (CDSW) 1.4.0 through 1.4.2. Authenticated users can bypass project permission checks and gain read-write access to any project folder.2019-11-26not yet calculatedCVE-2018-20090
CONFIRM
cloudera -- cloudera_hueIn Cloudera Hue, there is privilege escalation by a read-only user when CDH 5.x brefore 5.4.9 is used.2019-11-26not yet calculatedCVE-2015-7831
MISC
cloudera -- cloudera_managerCloudera Manager 5.8.x before 5.8.5, 5.9.x before 5.9.2, and 5.10.x before 5.10.1 allows a read-only Cloudera Manager user to discover the usernames of other users and elevate the privileges of those users.2019-11-26not yet calculatedCVE-2017-7399
CONFIRM
cloudera -- cloudera_managerMultiple cross-site scripting (XSS) vulnerabilities in the Cloudera Manager UI before 5.4.3 allow remote authenticated users to inject arbitrary web script or HTML using unspecified vectors.2019-11-26not yet calculatedCVE-2015-4457
MISC
cloudera -- cloudera_managerThere is Sensitive Information in Cloudera Manager before 5.4.6 Diagnostic Support Bundles.2019-11-26not yet calculatedCVE-2015-6495
MISC
cloudera -- cloudera_managerCloudera Manager 5.x before 5.7.1 places Sensitive Data in cleartext Readable Files.2019-11-26not yet calculatedCVE-2016-3192
MISC
cloudera -- cloudera_managerAn issue was discovered in Cloudera Manager 5.x before 5.16.2, 6.0.x before 6.0.2, and 6.1.x before 6.1.1. Malicious impala queries can result in Cross Site Scripting (XSS) when viewed within this product.2019-11-26not yet calculatedCVE-2019-14449
CONFIRM
cloudera -- cloudera_managerCloudera Manager 5.7.x before 5.7.6, 5.8.x before 5.8.4, and 5.9.x before 5.9.1 allows XSS in the help search feature.2019-11-26not yet calculatedCVE-2016-9271
CONFIRM
cloudera -- coudera_hueAn issue was discovered in Cloudera Hue 6.0.0 through 6.1.0. When using one of following authentication backends: LdapBackend, PamBackend, SpnegoDjangoBackend, RemoteUserDjangoBackend, SAML2Backend, OpenIDBackend, or OAuthBackend, external users are created with superuser privileges.2019-11-26not yet calculatedCVE-2019-7319
CONFIRM
CONFIRM
cloudera -- cloudera_distribution_hadoopCloudera CDH has Insecure Permissions because ALL cannot be revoked.This affects 5.x through 5.15.1 and 6.x through 6.0.1.2019-11-26not yet calculatedCVE-2018-17860
CONFIRM
CONFIRM
cloudera -- cloudera_distribution_hadoopCloudera Search in CDH before 5.7.0 allows unauthorized document access because Solr Queries by document id can bypass Sentry document-level security via the RealTimeGetHandler.2019-11-26not yet calculatedCVE-2016-6353
MISC
cloudera -- cloudera_distribution_hadoopCloudera CDH before 5.6.1 allows authorization bypass via direct internal API calls.2019-11-26not yet calculatedCVE-2016-3131
MISC
cloudera -- cloudera_distribution_hadoopCloudera CDH before 5.9 has Potentially Sensitive Information in Diagnostic Support Bundles.2019-11-26not yet calculatedCVE-2016-5724
MISC
cloudera -- cloudera_distribution_hadoopIn Cloudera CDH before 5.7.1, Impala REVOKE ALL ON SERVER commands do not revoke all privileges.2019-11-26not yet calculatedCVE-2016-4572
MISC
cmsms -- cmsmsThe news module in CMSMS before 1.9.4.3 allows remote attackers to corrupt new articles.2019-11-26not yet calculatedCVE-2011-4310
CONFIRM
creston -- dmc-stro_devicesCrestron DMC-STRO 1.0 devices allow remote command execution as root via shell metacharacters to the ping function.2019-11-27not yet calculatedCVE-2019-18184
MISC
MISC
MISC
cri-o -- cri-oA flaw was found in cri-o, as a result of all pod-related processes being placed in the same memory cgroup. This can result in container management (conmon) processes being killed if a workload process triggers an out-of-memory (OOM) condition for the cgroup. An attacker could abuse this flaw to get host network access on an cri-o host.2019-11-25not yet calculatedCVE-2019-14891
CONFIRM
csrf_magic -- csrf_magicThe csrf_callback function in the CSRF Magic library through 2016-03-27 is vulnerable to CSRF protection bypass as it allows one to tamper with the csrf token values. A remote attacker can exploit this by crafting a malicious page and dispersing it to a victim via social engineering, enticing them to click the link. Once the user/victim clicks the "try again" button, the attacker can take over the account and perform unintended actions on the victim's behalf.2019-11-26not yet calculatedCVE-2019-17590
MISC
d-link -- dsl-6740u_gatewayMultiple cross-site request forgery (CSRF) vulnerabilities in the D-Link DSL-6740U gateway (Rev. H1) allow remote attackers to hijack the authentication of administrators for requests that change administrator credentials or enable remote management services to (1) Custom Services in Port Forwarding, (2) Port Triggering Entries, (3) URL Filters in Parental Control, (4) Print Server settings, (5) QoS Queue Setup, or (6) QoS Classification Entries.2019-11-22not yet calculatedCVE-2013-6811
MISC
MISC
d4_software -- querytreeControllers/InvitationsController.cs in QueryTree before 3.0.99-beta mishandles invitations.2019-11-25not yet calculatedCVE-2019-19249
MISC
MISC
dell_emc -- storage_monitoring_reportingDell EMC Storage Monitoring and Reporting version 4.3.1 contains a Java RMI Deserialization of Untrusted Data vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by sending a crafted RMI request to execute arbitrary code on the target host.2019-11-26not yet calculatedCVE-2019-18580
MISC
dhclient -- dhclientAn issue was discovered in dhclient 4.3.1-6 due to an embedded path variable.2019-11-27not yet calculatedCVE-2012-2248
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
dhcpv6 -- dscpv6The DHCPv6 client (dhcp6c) as used in the dhcpv6 project through 2011-07-25 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message.2019-11-27not yet calculatedCVE-2011-2717
MISC
MISC
MISC
MLIST
dirmngr -- dirmngrdirmngr before 2.1.0 improperly handles certain system calls, which allows remote attackers to cause a denial of service (DOS) via a specially-crafted certificate.2019-11-27not yet calculatedCVE-2011-2207
MISC
MISC
MISC
MISC
MLIST
dolibarr_foundation -- dolibarr_crm_and_erpDolibarr CRM/ERP 10.0.3 allows viewimage.php?file= Stored XSS due to JavaScript execution in an SVG image for a profile picture.2019-11-26not yet calculatedCVE-2019-19206
MISC
MISC
drupal -- drupalA cross-site request forgery (CSRF) vulnerability in the Activity module 6.x-1.x for Drupal.2019-11-22not yet calculatedCVE-2012-2079
MISC
MISC
drupal -- drupalDrupal Views Builk Operations (VBO) module 6.x-1.0 through 6.x-1.10 does not properly escape the vocabulary help when the vocabulary has had user tagging enabled and the "Modify node taxonomy terms" action is used. A remote attacker could provide a specially-crafted URL that could lead to cross-site scripting (XSS) attack.2019-11-25not yet calculatedCVE-2011-3373
MISC
MISC
MISC
MISC
eclipse -- jettyIn Eclipse Jetty versions 9.4.21.v20190926, 9.4.22.v20191022, and 9.4.23.v20191118, the generation of default unhandled Error response content (in text/html and text/json Content-Type) does not escape Exception messages in stacktraces included in error output.2019-11-25not yet calculatedCVE-2019-17632
CONFIRM
embedthis -- goaheadEmbedthis GoAhead before 5.0.1 mishandles redirected HTTP requests with a large Host header. The GoAhead WebsRedirect uses a static host buffer that has a limited length and can overflow. This can cause a copy of the Host header to fail, leaving that buffer uninitialized, which may leak uninitialized data in a response.2019-11-22not yet calculatedCVE-2019-19240
MISC
MISC
MISC
eracent -- multiple_linux_agentsAn issue was discovered in Eracent EDA, EPA, EPM, EUA, FLW, and SUM Agent through 10.2.26. The agent executable, when installed for non-root operations (scanning), can be forced to copy files from the filesystem to other locations via Symbolic Link Following.2019-11-22not yet calculatedCVE-2019-17445
CONFIRM
eracent -- epa_agentAn issue was discovered in Eracent EPA Agent through 10.2.26. The agent executable, when installed for non-root operations (scanning), can be used to start external programs with elevated permissions because of an Untrusted Search Path.2019-11-22not yet calculatedCVE-2019-17446
CONFIRM
evolution-data-server3 -- evolution-data-server3evolution-data-server3 3.0.3 through 3.2.1 used insecure (non-SSL) connection when attempting to store sent email messages into the Sent folder, when the Sent folder was located on the remote server. An attacker could use this flaw to obtain login credentials of the victim.2019-11-25not yet calculatedCVE-2011-3355
MISC
MISC
MISC
MISC
MISC
exis -- contexisCross-site scripting (XSS) vulnerability in the photo gallery model in Exis Contexis before 2.0 allows remote attackers to inject arbitrary web script or HTML via the image parameter in a detail action.2019-11-22not yet calculatedCVE-2013-6239
MISC
MISC
MISC
f5 -- big-ipOn BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, and 13.1.0-13.1.1.4, the TMM process may produce a core file when an upstream server or cache sends the BIG-IP an invalid age header value.2019-11-27not yet calculatedCVE-2019-6666
CONFIRM
f5 -- big-ipOn BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, under certain conditions tmm may leak memory when processing packet fragments, leading to resource starvation.2019-11-27not yet calculatedCVE-2019-6671
CONFIRM
f5 -- big-ipOn BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.1.0-13.1.1.5, 12.1.0-12.1.4.1, and 11.5.1-11.6.5, under certain conditions, TMM may consume excessive resources when processing traffic for a Virtual Server with the FIX (Financial Information eXchange) profile applied.2019-11-27not yet calculatedCVE-2019-6667
CONFIRM
f5 -- big-ipOn BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5.1, undisclosed traffic flow may cause TMM to restart under some circumstances.2019-11-27not yet calculatedCVE-2019-6669
CONFIRM
f5 -- big-ipOn versions 15.0.0-15.0.1 and 14.0.0-14.1.2, when the BIG-IP is configured in HTTP/2 Full Proxy mode, specifically crafted requests may cause a disruption of service provided by the Traffic Management Microkernel (TMM).2019-11-27not yet calculatedCVE-2019-6673
CONFIRM
f5 -- big-ipOn BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5, vCMP hypervisors are incorrectly exposing the plaintext unit key for their vCMP guests on the filesystem.2019-11-27not yet calculatedCVE-2019-6670
CONFIRM
f5 -- big-ip_afmOn BIG-IP AFM 15.0.0-15.0.1, 14.0.0-14.1.2, and 13.1.0-13.1.3.1, when bad-actor detection is configured on a wildcard virtual server on platforms with hardware-based sPVA, the performance of the BIG-IP AFM system is degraded.2019-11-27not yet calculatedCVE-2019-6672
CONFIRM
f5 -- big-ip_apmThe BIG-IP APM Edge Client for macOS bundled with BIG-IP APM 15.0.0-15.0.1, 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.1.0-13.1.1.5, 12.1.0-12.1.5, and 11.5.1-11.6.5 may allow unprivileged users to access files owned by root.2019-11-27not yet calculatedCVE-2019-6668
CONFIRM
f5 -- hotfix-bigipBIG-IP configurations using Active Directory, LDAP, or Client Certificate LDAP for management authentication with multiple servers are exposed to a vulnerability which allows an authentication bypass. This can result in a complete compromise of the system. This issue only impacts specific engineering hotfixes using the aforementioned authentication configuration. NOTE: This vulnerability does not affect any of the BIG-IP major, minor or maintenance releases you obtained from downloads.f5.com. The affected Engineering Hotfix builds are as follows: Hotfix-BIGIP-14.1.0.3.0.79.6-ENG.iso, Hotfix-BIGIP-14.1.0.3.0.97.6-ENG.iso, Hotfix-BIGIP-14.1.0.3.0.99.6-ENG.iso, Hotfix-BIGIP-14.1.0.5.0.15.5-ENG.iso, Hotfix-BIGIP-14.1.0.5.0.36.5-ENG.iso, Hotfix-BIGIP-14.1.0.5.0.40.5-ENG.iso, Hotfix-BIGIP-14.1.0.6.0.11.9-ENG.iso, Hotfix-BIGIP-14.1.0.6.0.14.9-ENG.iso, Hotfix-BIGIP-14.1.0.6.0.68.9-ENG.iso, Hotfix-BIGIP-14.1.0.6.0.70.9-ENG.iso, Hotfix-BIGIP-14.1.2.0.11.37-ENG.iso, Hotfix-BIGIP-14.1.2.0.18.37-ENG.iso, Hotfix-BIGIP-14.1.2.0.32.37-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.46.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.14.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.16.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.34.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.97.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.99.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.105.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.111.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.115.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.122.4-ENG.iso, Hotfix-BIGIP-15.0.1.0.33.11-ENG.iso, Hotfix-BIGIP-15.0.1.0.48.11-ENG.iso2019-11-26not yet calculatedCVE-2019-6675
CONFIRM
CONFIRM
f5 -- multiple_productsOn BIG-IP ASM 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, BIG-IQ 6.0.0 and 5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, an attacker with access to the device communication between the BIG-IP ASM Central Policy Builder and the BIG-IQ/Enterprise Manager/F5 iWorkflow will be able to set up the proxy the same way and intercept the traffic.2019-11-27not yet calculatedCVE-2019-6665
CONFIRM
f5 -- ssl_orchestratorOn F5 SSL Orchestrator 15.0.0-15.0.1 and 14.0.0-14.1.2, TMM may crash when processing SSLO data in a service-chaining configuration.2019-11-27not yet calculatedCVE-2019-6674
CONFIRM
fastweb -- askey_rtv1907vw_devicesAn issue was discovered on Fastweb Askey RTV1907VW 0.00.81_FW_200_Askey 2018-10-02 18:08:18 devices. By using the usb_remove service through an HTTP request, it is possible to inject and execute a command between two & characters in the mount parameter.2019-11-26not yet calculatedCVE-2019-12489
MISC
EXPLOIT-DB
flashcanvas -- flashcanvasOpen redirect in proxy.php in FlashCanvas before 1.6 allows remote attackers to redirect users to arbitrary web sites and conduct cross-site scripting (XSS) attacks via the HTTP Referer header.2019-11-22not yet calculatedCVE-2013-6880
MISC
MISC
MISC
MISC
fortinet -- fortiosAn Improper Input Validation vulnerability in the SSL VPN portal of FortiOS versions 6.2.1 and below, and 6.0.6 and below may allow an unauthenticated remote attacker to crash the SSL VPN service by sending a crafted POST request.2019-11-27not yet calculatedCVE-2019-15705
CONFIRM
frams'_fast_file_exchange -- frams'_fast_file_exchangeThe addto parameter to fup in Frams' Fast File EXchange (F*EX, aka fex) before fex-2014053 allows remote attackers to conduct cross-site scripting (XSS) attacks2019-11-27not yet calculatedCVE-2014-3875
MISC
MISC
MISC
MISC
MISC
freebsd -- freebsdInformation Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. A signedness error in the IEEE80211_IOC_CHANINFO ioctl allows a local unprivileged user to cause the kernel to copy large amounts of kernel memory back to the user, disclosing potentially sensitive information.2019-11-27not yet calculatedCVE-2011-2480
MISC
MISC
MISC
MISC
MLIST
freeipa -- freeipaipa 3.0 does not properly check server identity before sending credential containing cookies2019-11-25not yet calculatedCVE-2012-5631
MISC
MISC
MISC
MISC
freeipa -- freeipaA flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way that FreeIPA's batch processing API logged operations. This included passing user passwords in clear text on FreeIPA masters. Batch processing of commands with passwords as arguments or options is not performed by default in FreeIPA but is possible by third-party components. An attacker having access to system logs on FreeIPA masters could use this flaw to produce log file content with passwords exposed.2019-11-27not yet calculatedCVE-2019-10195
CONFIRM
MISC
MISC
MISC
freeipa -- freeipaA flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way the internal function ber_scanf() was used in some components of the IPA server, which parsed kerberos key data. An unauthenticated attacker who could trigger parsing of the krb principal key could cause the IPA server to crash or in some conditions, cause arbitrary code to be executed on the server hosting the IPA server.2019-11-27not yet calculatedCVE-2019-14867
CONFIRM
MISC
MISC
MISC
fusionpbx -- fusionpbxA cross-site scripting (XSS) vulnerability in app/fax/fax_files.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter.2019-11-27not yet calculatedCVE-2019-19367
MISC
MISC
fusionpbx -- fusionpbxA cross-site scripting (XSS) vulnerability in app/xml_cdr/xml_cdr_search.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter.2019-11-27not yet calculatedCVE-2019-19366
MISC
MISC
gitlab -- gitlabGitLab 12.2.3 contains a security vulnerability that allows a user to affect the availability of the service through a Denial of Service attack in Issue Comments.2019-11-22not yet calculatedCVE-2019-15593
MISC
gitlab -- gitlab_community_and_enterprise_editionAn issue was discovered in GitLab Community and Enterprise Edition through 12.4. It has Insecure Permissions (issue 4 of 4).2019-11-26not yet calculatedCVE-2019-18463
MISC
MISC
gitlab -- gitlab_community_and_enterprise_editionAn issue was discovered in GitLab Community and Enterprise Edition 11.3 to 12.3 in the protected environments feature. It has Insecure Permissions (issue 3 of 4).2019-11-26not yet calculatedCVE-2019-18459
MISC
MISC
gitlab -- gitlab_community_and_enterprise_editionAn issue was discovered in GitLab Community and Enterprise Edition 11.3 through 12.3 when a sub group epic is added to a public group. It has Incorrect Access Control.2019-11-26not yet calculatedCVE-2019-18461
MISC
MISC
gitlab -- gitlab_community_and_enterprise_editionAn issue was discovered in GitLab Community and Enterprise Edition 11.3 through 12.4. It has Insecure Permissions.2019-11-26not yet calculatedCVE-2019-18462
MISC
MISC
gitlab -- gitlab_community_and_enterprise_editionAn issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the autocomplete feature. It has Insecure Permissions (issue 2 of 2).2019-11-26not yet calculatedCVE-2019-18449
MISC
MISC
gitlab -- gitlab_community_and_enterprise_editionAn issue was discovered in GitLab Community and Enterprise Edition 8.17 through 12.4 in the Search feature provided by Elasticsearch integration.. It has Insecure Permissions (issue 1 of 4).2019-11-26not yet calculatedCVE-2019-18456
MISC
MISC
gksu-polkit -- gksu-polkitgksu-polkit: permissive PolicyKit policy configuration file allows privilege escalation2019-11-25not yet calculatedCVE-2012-5617
MISC
MISC
MISC
MISC
MISC
MISC
MISC
gnome -- gnome-font-viewerIn text_to_glyphs in sushi-font-widget.c in gnome-font-viewer 3.34.0, there is a NULL pointer dereference while parsing a TTF font file that lacks a name section (due to a g_strconcat call that returns NULL).2019-11-27not yet calculatedCVE-2019-19308
MISC
CONFIRM
gnome -- gnome-system-loggnome-system-log polkit policy allows arbitrary files on the system to be read2019-11-25not yet calculatedCVE-2012-5535
MISC
MISC
MISC
MISC
MISC
gnu -- patchA Directory Traversal vulnerability exists in the GNU patch before 2.7.4. A remote attacker can write to arbitrary files via a symlink attack in a patch file. NOTE: this issue exists because of an incomplete fix for CVE-2015-1196.2019-11-25not yet calculatedCVE-2015-1396
MISC
MISC
MISC
MISC
google -- chromeInappropriate implementation in Omnibox in Google Chrome on iOS prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13667
MISC
MISC
google -- chromeIDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.2019-11-25not yet calculatedCVE-2019-13659
MISC
MISC
google -- chromeInsufficient policy enforcement in navigations in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13662
MISC
MISC
google -- chromeIncorrect data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13678
MISC
MISC
google -- chromeUse after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13723
MISC
MISC
google -- chromeUI spoofing in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof notifications via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13660
MISC
MISC
google -- chromeInsufficient policy enforcement in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13676
MISC
MISC
google -- chromeInsufficient policy enforcement in PDFium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to show print dialogs via a crafted PDF file.2019-11-25not yet calculatedCVE-2019-13679
MISC
MISC
google -- chromeInsufficient policy enforcement in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13664
MISC
MISC
google -- chromeIncorrect data validation in navigation in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13669
MISC
MISC
google -- chromeUI spoofing in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof security UI via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13671
MISC
MISC
google -- chromeInsufficient filtering in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass multiple file download protection via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13665
MISC
MISC
google -- chromeInsufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13668
MISC
MISC
google -- chromeIDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.2019-11-25not yet calculatedCVE-2019-13663
MISC
MISC
google -- chromeInsufficient data validation in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13673
MISC
MISC
google -- chromeInappropriate implementation in TLS in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof client IP address to websites via crafted TLS connections.2019-11-25not yet calculatedCVE-2019-13680
MISC
MISC
google -- chromeIDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.2019-11-25not yet calculatedCVE-2019-13674
MISC
MISC
google -- chromeUI spoofing in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof notifications via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13661
MISC
MISC
google -- chromeInsufficient policy enforcement in site isolation in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass site isolation via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13677
MISC
MISC
google -- chromeInsufficient policy enforcement in external protocol handling in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass same origin policy via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13682
MISC
MISC
google -- chromeInformation leak in storage in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13666
MISC
MISC
google -- chromeInsufficient data validation in extensions in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to disable extensions via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13675
MISC
MISC
google -- chromeInsufficient data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass download restrictions via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13681
MISC
MISC
google -- chromeInsufficient data validation in JavaScript in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-13670
MISC
MISC
google -- chromeInsufficient policy enforcement in extensions in Google Chrome prior to 77.0.3865.75 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension.2019-11-25not yet calculatedCVE-2019-5879
MISC
MISC
google -- chromeInsufficient policy enforcement in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5880
MISC
MISC
google -- chromeIncorrect security UI in MacOS services integration in Google Chrome on OS X prior to 76.0.3809.87 allowed a local attacker to execute arbitrary code via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5858
MISC
MISC
google -- chromeOut of bounds write in JavaScript in Google Chrome prior to 73.0.3683.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5825
MISC
MISC
google -- chromeInsufficient data validation in AppCache in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5862
MISC
MISC
google -- chromeInsufficient data validation in CORS in Google Chrome prior to 76.0.3809.87 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension.2019-11-25not yet calculatedCVE-2019-5864
MISC
MISC
google -- chromeInteger overflow in PDFium in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.2019-11-25not yet calculatedCVE-2019-5855
MISC
MISC
google -- chromeInsufficient data validation in Blink in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to bypass anti-clickjacking policy via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5861
MISC
MISC
google -- chromeUse after free in IndexedDB in Google Chrome prior to 73.0.3683.86 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5826
MISC
MISC
google -- chromeInappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5857
MISC
MISC
google -- chromeInsufficient policy enforcement in navigations in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5865
MISC
MISC
google -- chromeInsufficient data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5875
MISC
MISC
google -- chromeInsufficient policy enforcement in storage in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5856
MISC
MISC
google -- chromeOut of bounds read in SwiftShader in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5881
MISC
MISC
google -- chromeOut of bounds memory access in JavaScript in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5877
MISC
MISC
google -- chromeHeap buffer overflow in Skia in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5871
MISC
MISC
google -- chromeInsufficient policy validation in navigation in Google Chrome on iOS prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5873
MISC
MISC
google -- chromeInsufficient filtering in URI schemes in Google Chrome on Windows prior to 77.0.3865.75 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5874
MISC
MISC
google -- chromeKaspersky Protection extension for web browser Google Chrome prior to 30.112.62.0 was vulnerable to unauthorized access to its features remotely that could lead to removing other installed extensions.2019-11-25not yet calculatedCVE-2019-15684
CONFIRM
google -- chromeOut of bounds read in JavaScript in Google Chrome prior to 76.0.3809.100 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5867
MISC
MISC
google -- chromeInsufficient filtering in URI schemes in Google Chrome on Windows prior to 76.0.3809.87 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.2019-11-25not yet calculatedCVE-2019-5859
MISC
MISC
haproxy -- haproxyThe HTTP/2 implementation in HAProxy before 2.0.10 mishandles headers, as demonstrated by carriage return (CR, ASCII 0xd), line feed (LF, ASCII 0xa), and the zero character (NUL, ASCII 0x0), aka Intermediary Encapsulation Attacks.2019-11-27not yet calculatedCVE-2019-19330
MISC
MISC
MISC
MISC
hardlink -- hardlinkHardlink before 0.1.2 operates on full file system objects path names which can allow a local attacker to use this flaw to conduct symlink attacks.2019-11-26not yet calculatedCVE-2011-3632
MISC
MISC
MISC
MISC
MISC
MISC
hardlink -- hardlinkHardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. A remote attacker could provide a specially-crafted directory tree, and trick the local user into consolidating it, leading to hardlink executable crash, or, potentially arbitrary code execution with the privileges of the user running the hardlink executable.2019-11-26not yet calculatedCVE-2011-3630
MISC
MISC
MISC
MISC
MISC
hardlink -- hardlinkHardlink before 0.1.2 has multiple integer overflows leading to heap-based buffer overflows because of the way string lengths concatenation is done in the calculation of the required memory space to be used. A remote attacker could provide a specially-crafted directory tree and trick the local user into consolidating it, leading to hardlink executable crash or potentially arbitrary code execution with user privileges.2019-11-26not yet calculatedCVE-2011-3631
MISC
MISC
MISC
MISC
hp -- thinproAn attacker may be able to bypass the OS application filter meant to restrict applications that can be executed by changing browser preferences to launch a separate process that in turn can execute arbitrary commands.2019-11-22not yet calculatedCVE-2019-16286
CONFIRM
hp -- thinproThe Citrix Receiver wrapper function does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with local user privileges.2019-11-22not yet calculatedCVE-2019-18910
CONFIRM
hp -- thinproAn attacker may be able to leverage the application filter bypass vulnerability to gain privileged access to create a file on the local file system whose presence puts the device in Administrative Mode, which will allow the attacker to executed commands with elevated privileges.2019-11-22not yet calculatedCVE-2019-16287
CONFIRM
hp -- thinproIf a local user has been configured and logged in, an unauthenticated attacker with physical access may be able to extract sensitive information onto a local drive.2019-11-22not yet calculatedCVE-2019-16285
CONFIRM
hp -- thinproThe VPN software within HP ThinPro does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with root privileges.2019-11-22not yet calculatedCVE-2019-18909
CONFIRM
ibm -- spectrum_protect_backup-archive_clientIBM Spectrum Protect Backup-Archive Client 7.1 and 8.1 may be vulnerable to a denial of service attack due to a timing issue between client and server TCP/IP communications. IBM X-Force ID: 162477.2019-11-25not yet calculatedCVE-2019-4406
XF
CONFIRM
ibm -- spectrum_protect_backup-archive_client_and_spectrum_protect_for_virtual_enviromentsIBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments 7.1 and 8.1 creates directories/files in the CIT sub directory that are read/writable by everyone. IBM X-Force ID: 155551.2019-11-25not yet calculatedCVE-2018-2025
XF
CONFIRM
ibm -- sterling_b2b_integrator_standard_editionIBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.2.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 162715.2019-11-26not yet calculatedCVE-2019-4387
XF
CONFIRM
ibm -- tivoli_netcool_impactIBM Tivoli Netcool Impact 7.1.0 through 7.1.0.16 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 166720.2019-11-22not yet calculatedCVE-2019-4570
XF
CONFIRM
ibm -- tivoli_netcool_impactIBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.16 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 166719.2019-11-22not yet calculatedCVE-2019-4569
XF
CONFIRM
ibus -- ibusA flaw was discovered in ibus that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrokes of a victim user who is using the graphical interface, change the input method engine, or modify other input related configurations of the victim user.2019-11-25not yet calculatedCVE-2019-14822
CONFIRM
infinispan -- infinispanA vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan's privileges. The attacker can use reflection to introduce new, malicious behavior into the application.2019-11-25not yet calculatedCVE-2019-10174
CONFIRM
internet_systems_consortium -- bindWith pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resources than the server has been provisioned to handle. When a TCP connection with a large number of pipelined queries is closed, the load on the server releasing these multiple resources can cause it to become unresponsive, even for queries that can be answered authoritatively or from cache. (This is most likely to be perceived as an intermittent server problem).2019-11-26not yet calculatedCVE-2019-6477
CONFIRM
iobroker.web -- iobroker.webCharacters in the GET url path are not properly escaped and can be reflected in the server response.2019-11-25not yet calculatedCVE-2019-10771
MISC
joomla! -- joomla!Cross-site scripting (XSS) vulnerability in the Mijosoft MijoSearch component 2.0.4 and earlier for Joomla! allows remote attackers to inject arbitrary web script or HTML via the query parameter to component/mijosearch/search.2019-11-22not yet calculatedCVE-2013-6878
MISC
joomla! -- joomla!The Mijosoft MijoSearch component 2.0.1 and earlier for Joomla! allows remote attackers to obtain sensitive information via a request to component/mijosearch/search, which reveals the installation path in an error message.2019-11-22not yet calculatedCVE-2013-6879
MISC
kaspersky -- multiple_productsKaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component did not adequately inform the user about the threat of redirecting to an untrusted site. Bypass.2019-11-26not yet calculatedCVE-2019-15688
CONFIRM
kaspersky -- multiple_productsKaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component allowed an attacker remotely disable such product's security features as private browsing and anti-banner. Bypass.2019-11-26not yet calculatedCVE-2019-15685
CONFIRM
kaspersky -- multiple_productsKaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component was vulnerable to remote disclosure of various information about the user's system (like Windows version and version of the product, host unique ID). Information Disclosure.2019-11-26not yet calculatedCVE-2019-15687
CONFIRM
kaspersky -- multiple_productsKaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component allowed an attacker remotely disable various anti-virus protection features. DoS, Bypass.2019-11-26not yet calculatedCVE-2019-15686
CONFIRM
katello -- katelloA cleartext password storage issue was discovered in Katello, versions 3.x.x.x before katello 3.12.0.9. Registry credentials used during container image discovery were inadvertently logged without being masked. This flaw could expose the registry credentials to other privileged users.2019-11-25not yet calculatedCVE-2019-14825
CONFIRM
libnbd -- libnbdStructured reply is a feature of the newstyle NBD protocol allowing the server to send a reply in chunks. A bounds check which was supposed to test for chunk offsets smaller than the beginning of the request did not work because of signed/unsigned confusion. If one of these chunks contains a negative offset then data under control of the server is written to memory before the read buffer supplied by the client. If the read buffer is located on the stack then this allows the stack return address from nbd_pread() to be trivially modified, allowing arbitrary code execution under the control of the server. If the buffer is located on the heap then other memory objects before the buffer can be overwritten, which again would usually lead to arbitrary code execution.2019-11-26not yet calculatedCVE-2019-14842
CONFIRM
MISC
libuser -- libuserlibuser has information disclosure when moving user's home directory2019-11-25not yet calculatedCVE-2012-5644
MISC
REDHAT
MISC
MISC
libuser -- libuserlibuser 0.56 and 0.57 has a TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees.2019-11-25not yet calculatedCVE-2012-5630
FEDORA
REDHAT
MISC
MISC
MISC
lilo -- lilolilo-uuid-diskid causes lilo.conf to be world-readable in lilo 23.1.2019-11-26not yet calculatedCVE-2011-1934
MISC
CONFIRM
MLIST
MISC
linux -- linux_kernelkernel is vulnerable to a None2019-11-25not yet calculatedCVE-2019-14815
CONFIRM
linux -- linux_kernelThe Linux kernel through 5.3.13 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c.2019-11-27not yet calculatedCVE-2019-18660
MISC
MISC
linux -- linux_kernelIn the AppleTalk subsystem in the Linux kernel before 5.1, there is a potential NULL pointer dereference because register_snap_client may return NULL. This will lead to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c, as demonstrated by unregister_snap_client, aka CID-9804501fa122.2019-11-22not yet calculatedCVE-2019-19227
MISC
MISC
linux -- linux_kernelA flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash.2019-11-25not yet calculatedCVE-2019-10207
CONFIRM
linux -- linux_kernelIn the Linux kernel 5.0.21, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a memset call.2019-11-27not yet calculatedCVE-2019-19319
MISC
linux -- linux_kernelThe Linux kernel through 5.3.13 has a start_offset+size Integer Overflow in cpia2_remap_buffer in drivers/media/usb/cpia2/cpia2_core.c because cpia2 has its own mmap implementation. This allows local users (with /dev/video0 access) to obtain read and write permissions on kernel physical pages, which can possibly result in a privilege escalation.2019-11-25not yet calculatedCVE-2019-18675
MISC
MISC
linux -- linux_kernelvcs_write in drivers/tty/vt/vc_screen.c in the Linux kernel through 5.3.13 does not prevent write access to vcsu devices, aka CID-0c9acb1af77a.2019-11-25not yet calculatedCVE-2019-19252
MISC
MISC
linux -- linux_kernelA vulnerability was found in marvell wifi chip driver in Linux kernel. There is a heap-based buffer overflow in lbs_ibss_join_existing function in drivers/net/wireless/marvell/libertas/cfg.c allows remote attackers to cause a denial of service(system crash) or possibly execute arbitrary code. When STA connects to AP, lbs_ibss_join_existing function will be called for STA.2019-11-27not yet calculatedCVE-2019-14896
CONFIRM
linux -- linux_kernelIn the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer,2019-11-28not yet calculatedCVE-2019-19318
MISC
linux -- linux_kernelLinux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.2019-11-27not yet calculatedCVE-2019-10220
CONFIRM
mcafee -- client_proxyAuthentication Bypass vulnerability in the Microsoft Windows client in McAfee Client Proxy (MCP) prior to 3.0.0 allows local user to bypass scanning of web traffic and gain access to blocked sites for a short period of time via generating an authorization key on the client which should only be generated by the network administrator.2019-11-22not yet calculatedCVE-2019-3654
MISC
mersive -- solsticeInsufficient validation of user-supplied input for the Solstice Pod networking configuration enables authenticated attackers to execute arbitrary commands as root.2019-11-27not yet calculatedCVE-2017-12945
MISC
MISC
microsoft -- visual_studio_codeIf an attacker can get a user to open a specially prepared directory tree as a workspace in Visual Studio Code with the CodeQL extension active, arbitrary code of the attacker's choosing may be executed on the user's behalf. This is fixed in version 1.0.1 of the extension. Users should upgrade to this version using Visual Studio Code Marketplace's upgrade mechanism. After upgrading, the codeQL.cli.executablePath setting can only be set in the per-user settings, and not in the per-workspace settings. More information about VS Code settings can be found here.2019-11-25not yet calculatedCVE-2019-16765
MISC
MISC
CONFIRM
naver -- vaccinensGreen.dll in Naver Vaccine 2.1.4 allows remote attackers to overwrite arbitary files via directory traversal sequences in a filename within nsz archive.2019-11-22not yet calculatedCVE-2019-13157
CONFIRM
nokia -- impactNokia IMPACT < 18A: allows full path disclosure2019-11-25not yet calculatedCVE-2019-17404
MISC
MISC
nokia -- impactNokia IMPACT < 18A: An unrestricted File Upload vulnerability was found that may lead to Remote Code Execution.2019-11-25not yet calculatedCVE-2019-17403
MISC
MISC
nokia -- impactNokia IMPACT < 18A has path traversal that may lead to RCE if chained with CVE-2019-17432019-11-25not yet calculatedCVE-2019-17406
MISC
MISC
nokia -- impactNokia IMPACT < 18A: has Reflected self XSS2019-11-25not yet calculatedCVE-2019-17405
MISC
MISC
nsslglobal_technologies -- satlink_vsat_modem_unit_devicesThe web interface for NSSLGlobal SatLink VSAT Modem Unit (VMU) devices before 18.1.0 doesn't properly sanitize input for error messages, leading to the ability to inject client-side code.2019-11-22not yet calculatedCVE-2019-15652
MISC
MISC
omron -- cx-supervisorIn Omron CX-Supervisor, Versions 3.5 (12) and prior, Omron CX-Supervisor ships with Teamviewer Version 5.0.8703 QS. This version of Teamviewer is vulnerable to an obsolete function vulnerability requiring user interaction to exploit.2019-11-26not yet calculatedCVE-2019-18251
MISC
oniguruma -- onigurumaOniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c.2019-11-25not yet calculatedCVE-2019-19246
MISC
MISC
opendnssec -- opendnssecopendnssec misuses libcurl API2019-11-25not yet calculatedCVE-2012-5582
MISC
MISC
MISC
MISC
openstack -- novaOpenStack Nova before 2012.1 allows someone with access to an EC2_ACCESS_KEY (equivalent to a username) to obtain the EC2_SECRET_KEY (equivalent to a password). Exposing the EC2_ACCESS_KEY via http or tools that allow man-in-the-middle over https could allow an attacker to easily obtain the EC2_SECRET_KEY. An attacker could also presumably brute force values for EC2_ACCESS_KEY.2019-11-26not yet calculatedCVE-2011-4076
MISC
MISC
MISC
MISC
MISC
opentrade -- opentradeOpenTrade before 2019-11-23 allows SQL injection, related to server/modules/api/v1.js and server/utils.js.2019-11-25not yet calculatedCVE-2019-19250
MISC
openvas -- openvasopenvas-scanner before 2011-09-11 creates a temporary file insecurely when generating OVAL system characteristics document with the ovaldi integrated tool enabled. A local attacker could use this flaw to conduct symlink attacks to overwrite arbitrary files on the system.2019-11-25not yet calculatedCVE-2011-3351
MISC
MISC
MISC
MISC
otrs -- help_desk_and_itsm_and_faqAn Access Bypass issue exists in OTRS Help Desk before 3.2.4, 3.1.14, and 3.0.19, OTRS ITSM before 3.2.3, 3.1.8, and 3.0.7, and FAQ before 2.2.3, 2.1.4, and 2.0.8. Access rights by the object linking mechanism is not verified2019-11-27not yet calculatedCVE-2013-2625
MISC
MISC
MISC
MISC
MISC
owncloud -- owncloudMultiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.5, 4.0.10, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) unspecified parameters to apps/calendar/ajax/event/new.php or (2) url parameter to apps/bookmarks/ajax/addBookmark.php.2019-11-22not yet calculatedCVE-2013-0203
MISC
MISC
packagekit -- packagekitPackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of arbitrary code.2019-11-27not yet calculatedCVE-2011-2515
MISC
MISC
MISC
BID
pannellum -- pannellumIn Pannellum from 2.5.0 through 2.5.4 URLs were not sanitized for data URIs (or vbscript:), allowing for potential XSS attacks. Such an attack would require a user to click on a hot spot to execute and would require an attacker-provided configuration. The most plausible potential attack would be if pannellum.htm was hosted on a domain that shared cookies with the targeted site's user authentication; an &lt;iframe&gt; could then be embedded on the attacker's site using pannellum.htm from the targeted site, which would allow the attacker to potentially access information from the targeted site as the authenticated user (or worse if the targeted site did not have adequate CSRF protections) if the user clicked on a hot spot in the attacker's embedded panorama viewer. This was patched in version 2.5.5.2019-11-22not yet calculatedCVE-2019-16763
MISC
CONFIRM
pega -- pega_platformPEGA Platform 8.3.0 is vulnerable to a direct prweb/sso/random_token/!STANDARD?pyActivity=Data-Admin-DB-Name.DBSchema_ListDatabases request while using a low-privilege account. (This can perform actions and retrieve data that only an administrator should have access to.)2019-11-26not yet calculatedCVE-2019-16387
MISC
pega -- pega_platformPEGA Platform 8.3.0 is vulnerable to Information disclosure via a direct prweb/sso/random_token/!STANDARD?pyStream=MyAlerts request to get Audit Log information while using a low-privilege account.2019-11-26not yet calculatedCVE-2019-16388
MISC
pega -- pega_platformPEGA Platform 7.x and 8.x is vulnerable to Information disclosure via a direct prweb/sso/random_token/!STANDARD?pyActivity=GetWebInfo&target=popup&pzHarnessID=random_harness_id request to get database schema information while using a low-privilege account.2019-11-26not yet calculatedCVE-2019-16386
MISC
philips -- intellibridge_ec40_and_ec80_devicesIn Philips IntelliBridge EC40 and EC80, IntelliBridge EC40 Hub all versions, and IntelliBridge EC80 Hub all versions, the SSH server running on the affected products is configured to allow weak ciphers. This could enable an unauthorized attacker with access to the network to capture and replay the session and gain unauthorized access to the EC40/80 hub.2019-11-26not yet calculatedCVE-2019-18241
MISC
phpldapadmin -- phpldapadminA local file inclusion flaw was found in the way the phpLDAPadmin before 0.9.8 processed certain values of the "Accept-Language" HTTP header. A remote attacker could use this flaw to cause a denial of service via specially-crafted request.2019-11-26not yet calculatedCVE-2011-4082
MISC
MISC
MISC
phpldapadmin -- phpldapadminAn issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack through the designer feature.2019-11-22not yet calculatedCVE-2019-18622
CONFIRM
pivotal -- rabbitmq_and_rabbitmq_for_pcfPivotal RabbitMQ, 3.7 versions prior to v3.7.20 and 3.8 version prior to v3.8.1, and RabbitMQ for PCF, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain two endpoints, federation and shovel, which do not properly sanitize user input. A remote authenticated malicious user with administrative access could craft a cross site scripting attack via the vhost or node name fields that could grant access to virtual hosts and policy management information.2019-11-22not yet calculatedCVE-2019-11291
CONFIRM
pivotal -- rabbitmq_and_rabbitmq_for_pivotal_platformPivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. The "X-Reason" HTTP Header can be leveraged to insert a malicious Erlang format string that will expand and consume the heap, resulting in the server crashing.2019-11-23not yet calculatedCVE-2019-11287
CONFIRM
polipo -- polipoPolipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT request.2019-11-26not yet calculatedCVE-2011-3596
MISC
MISC
MISC
MISC
posh -- posh_portalMultiple cross-site scripting (XSS) vulnerabilities in POSH (aka Posh portal or Portaneo) 3.0 through 3.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) error parameter to /includes/plugins/mobile/scripts/login.php or (2) id parameter to portal/openrssarticle.php2019-11-22not yet calculatedCVE-2014-2214
MISC
MISC
posh -- posh_portalOpen redirect vulnerability in the password reset functionality in POSH 3.0 through 3.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to portal/scr_sendmd5.php.2019-11-22not yet calculatedCVE-2014-2213
MISC
MISC
MISC
pow_assent -- pow_assentThe use of `String.to_atom/1` in PowAssent is susceptible to denial of service attacks. In `PowAssent.Phoenix.AuthorizationController` a value is fetched from the user provided params, and `String.to_atom/1` is used to convert the binary value to an atom so it can be used to fetch the provider configuration value. This is unsafe as it is user provided data, and can be used to fill up the whole atom table of ~1M which will cause the app to crash.2019-11-25not yet calculatedCVE-2019-16764
MISC
MISC
CONFIRM
MISC
powerdns -- powerdnsPowerDNS Authoritative daemon , pdns versions 4.0.x before 4.0.9, 4.1.x before 4.1.11, exiting when encountering a serial between 2^31 and 2^32-1 while trying to notify a slave leads to DoS.2019-11-22not yet calculatedCVE-2019-10203
CONFIRM
CONFIRM
proftpd -- proftpdAn issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. Failure to check for the appropriate field of a CRL entry (checking twice for subject, rather than once for subject and once for issuer) prevents some valid CRLs from being taken into account, and can allow clients whose certificates have been revoked to proceed with a connection to the server.2019-11-26not yet calculatedCVE-2019-19270
MISC
proftpd -- proftpdAn issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. A wrong iteration variable, used when checking a client certificate against CRL entries (installed by a system administrator), can cause some CRL entries to be ignored, and can allow clients whose certificates have been revoked to proceed with a connection to the server.2019-11-26not yet calculatedCVE-2019-19271
MISC
proftpd -- proftpdAn issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. Direct dereference of a NULL pointer (a variable initialized to NULL) leads to a crash when validating the certificate of a client connecting to the server in a TLS client/server mutual-authentication setup.2019-11-26not yet calculatedCVE-2019-19272
MISC
progress -- sitefinityProgress Sitefinity 12.1 has a Weak Password Recovery Mechanism for a Forgotten Password because the HTTP Host header is mishandled.2019-11-26not yet calculatedCVE-2019-17392
MISC
python-ecdsa -- python-ecdsaAn error-handling flaw was found in python-ecdsa. During signature decoding, malformed DER signatures could raise unexpected exceptions (or no exceptions at all), which could lead to a denial of service.2019-11-26not yet calculatedCVE-2019-14853
CONFIRM
MISC
python -- pythontyped_ast 1.3.0 and 1.3.1 has an ast_for_arguments out-of-bounds read. An attacker with the ability to cause a Python interpreter to parse Python source (but not necessarily execute it) may be able to crash the interpreter process. This could be a concern, for example, in a web-based service that parses (but does not execute) Python code. (This issue also affected certain Python 3.8.0-alpha prereleases.)2019-11-26not yet calculatedCVE-2019-19275
MISC
MISC
MISC
MISC
MISC
python -- pythonThe CGIHandler class in Python before 2.7.12 does not protect against the HTTP_PROXY variable name clash in a CGI script, which could allow a remote attacker to redirect HTTP requests.2019-11-27not yet calculatedCVE-2016-1000110
MISC
MISC
MISC
MISC
python -- pythonPython keyring has insecure permissions on new databases allowing world-readable files to be created2019-11-25not yet calculatedCVE-2012-5578
MISC
REDHAT
MISC
MISC
MISC
DEBIAN
python -- pythontyped_ast 1.3.0 and 1.3.1 has a handle_keywordonly_args out-of-bounds read. An attacker with the ability to cause a Python interpreter to parse Python source (but not necessarily execute it) may be able to crash the interpreter process. This could be a concern, for example, in a web-based service that parses (but does not execute) Python code. (This issue also affected certain Python 3.8.0-alpha prereleases.)2019-11-26not yet calculatedCVE-2019-19274
MISC
MISC
MISC
MISC
MISC
pyxml -- pyxmlPyXML: Hash table collisions CPU usage Denial of Service2019-11-22not yet calculatedCVE-2012-0877
MISC
MISC
MISC
MISC
MISC
quagga -- quaggaquagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal2019-11-25not yet calculatedCVE-2012-5521
MISC
MISC
MISC
MISC
MISC
MISC
MISC
red_hat -- ansible-playbook_-k_and_ansible_cli_toolsansible-playbook -k and ansible cli tools, all versions 2.8.x before 2.8.4, all 2.7.x before 2.7.13 and all 2.6.x before 2.6.19, prompt passwords by expanding them from templates as they could contain special characters. Passwords should be wrapped to prevent templates trigger and exposing them.2019-11-22not yet calculatedCVE-2019-10206
CONFIRM
red_hat -- openshift_container_platformOpenShift Container Platform, versions 4.1 and 4.2, does not sanitize secret data written to pod logs when the log level in a given operator is set to Debug or higher. A low privileged user could read pod logs to discover secret material if the log level has already been modified in an operator by a privileged user.2019-11-25not yet calculatedCVE-2019-10213
CONFIRM
red_hat -- 389_directory_serverA flaw has been found in 389-ds-base versions 1.4.x.x before 1.4.1.3. When executed in verbose mode, the dscreate and dsconf commands may display sensitive information, such as the Directory Manager password. An attacker, able to see the screen or record the terminal standard error output, could use this flaw to gain sensitive information.2019-11-25not yet calculatedCVE-2019-10224
CONFIRM
MISC
red_hat -- ansibleA flaw was found in ansible 2.8.0 before 2.8.4. Fields managing sensitive data should be set as such by no_log feature. Some of these fields in GCP modules are not set properly. service_account_contents() which is common class for all gcp modules is not setting no_log to True. Any sensitive data managed by that function would be leak as an output when running ansible playbooks.2019-11-25not yet calculatedCVE-2019-10217
CONFIRM
CONFIRM
CONFIRM
red_hat -- ansibleansible before versions 2.8.6, 2.7.14, 2.6.20 is vulnerable to a None2019-11-26not yet calculatedCVE-2019-14856
CONFIRM
red_hat -- ansible_towerAn attacker with low privilege could retrieve usernames and passwords credentials from the new RHSM saved in plain text into the database at '/api/v2/config' when applying the Ansible Tower license.2019-11-26not yet calculatedCVE-2019-14890
CONFIRM
red_hat -- cloudformscloudforms version, cloudforms 5.8 and cloudforms 5.9, is vulnerable to a cross-site-scripting. A flaw was found in CloudForms's v2v infrastructure mapping delete feature. A stored cross-site scripting due to improper sanitization of user input in Name field.2019-11-22not yet calculatedCVE-2018-10854
CONFIRM
red_hat -- enterprise_linux_and_openshift_container_platformThe containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launch a MiTM attack and steal login credentials or bearer tokens.2019-11-25not yet calculatedCVE-2019-10214
CONFIRM
red_hat -- jboss_application_server_7A CSRF issue was found in JBoss Application Server 7 before 7.1.0. JBoss did not properly restrict access to the management console information (for example via the "Access-Control-Allow-Origin" HTTP access control flag). This can lead to unauthorized information leak if a user with admin privileges visits a specially-crafted web page provided by a remote attacker.2019-11-26not yet calculatedCVE-2011-3609
MISC
MISC
MISC
MISC
red_hat -- jboss_application_server_7A DOM based cross-site scripting flaw was found in the JBoss Application Server 7 before 7.1.0 Beta 1 administration console. A remote attacker could provide a specially-crafted web page and trick the valid JBoss AS user, with the administrator privilege, to visit it, which would lead into the DOM environment modification and arbitrary HTML or web script execution.2019-11-26not yet calculatedCVE-2011-3606
MISC
MISC
MISC
ros -- ros_comm_and_ ros-melodic-ros-commAn issue was discovered in the ROS communications-related packages (aka ros_comm or ros-melodic-ros-comm) through 1.14.3. A buffer overflow allows attackers to cause a denial of service and possibly execute arbitrary code via an IP address with a long hostname.2019-11-22not yet calculatedCVE-2019-13566
MISC
MISC
MISC
ruby -- rubyVarious methods in WEBrick::HTTPRequest in Ruby 1.9.2 and 1.8.7 and earlier do not validate the X-Forwarded-For, X-Forwarded-Host and X-Forwarded-Server headers in requests, which might allow remote attackers to inject arbitrary text into log files or bypass intended address parsing via a crafted header.2019-11-26not yet calculatedCVE-2011-3624
MISC
MISC
MISC
ruby -- rubyWEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Service cause by looping/backtracking. A victim must expose a WEBrick server that uses DigestAuth to the Internet or a untrusted network.2019-11-26not yet calculatedCVE-2019-16201
MISC
MISC
ruby -- rubyThe OpenSSL extension of Ruby (Git trunk) versions after 2011-09-01 up to 2011-11-03 always generated an exponent value of '1' to be used for private RSA key generation. A remote attacker could use this flaw to bypass or corrupt integrity of services, depending on strong private RSA keys generation mechanism.2019-11-26not yet calculatedCVE-2011-4121
MISC
MISC
MISC
MISC
ruby -- rubyRuby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions.2019-11-26not yet calculatedCVE-2019-15845
MISC
MLIST
UBUNTU
ruby -- rubyRuby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows HTTP Response Splitting. If a program using WEBrick inserts untrusted input into the response header, an attacker can exploit it to insert a newline character to split a header, and inject malicious content to deceive clients. NOTE: this issue exists because of an incomplete fix for CVE-2017-17742, which addressed the CRLF vector, but did not address an isolated CR or an isolated LF.2019-11-26not yet calculatedCVE-2019-16254
MISC
MISC
CONFIRM
CONFIRM
CONFIRM
CONFIRM
ruby -- ruby
 		Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the "command" argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. An attacker can exploit this to call an arbitrary Ruby method.2019-11-26not yet calculatedCVE-2019-16255
MISC
MISC
CONFIRM
CONFIRM
CONFIRM
CONFIRM
sangoma -- asterisk_and_certified_asteriskAn issue was discovered in manager.c in Sangoma Asterisk through 13.x, 16.x, 17.x and Certified Asterisk 13.21 through 13.21-cert4. A remote authenticated Asterisk Manager Interface (AMI) user without system authorization could use a specially crafted Originate AMI request to execute arbitrary system commands.2019-11-22not yet calculatedCVE-2019-18610
MISC
MISC
sangoma -- asterisk_and_certified_asteriskAn issue was discovered in res_pjsip_t38.c in Sangoma Asterisk through 13.x and Certified Asterisk through 13.21-x. If it receives a re-invite initiating T.38 faxing and has a port of 0 and no c line in the SDP, a NULL pointer dereference and crash will occur. This is different from CVE-2019-18940.2019-11-22not yet calculatedCVE-2019-18976
CONFIRM
MISC
MISC
MISC
MISC
sangoma -- asterisk_and_certified_asteriskAn issue was discovered in channels/chan_sip.c in Sangoma Asterisk 13.x, 16.x, and 17.x, and Certified Asterisk 13.21, because of an incomplete fix for CVE-2019-18351. A SIP request can be sent to Asterisk that can change a SIP peer's IP address. A REGISTER does not need to occur, and calls can be hijacked as a result. The only thing that needs to be known is the peer's name; authentication details such as passwords do not need to be known. This vulnerability is only exploitable when the nat option is set to the default, or auto_force_rport.2019-11-22not yet calculatedCVE-2019-18790
MISC
MISC
serendipity -- serendipitySerendipity before 1.6 has an XSS issue in the karma plugin which may allow privilege escalation.2019-11-26not yet calculatedCVE-2011-4090
MISC
MISC
MISC
siemens -- polarionImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webclient of Siemens AG Polarion could allow an attacker to exploit a reflected XSS vulnerability. This issue affects: Siemens AG Polarion All versions < 19.2.2019-11-27not yet calculatedCVE-2019-13935
MISC
siemens -- polarionImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webclient of Siemens AG Polarion could allow an attacker to exploit a persistent XSS vulnerability. This issue affects: Siemens AG Polarion All versions < 19.2.2019-11-27not yet calculatedCVE-2019-13936
MISC
siemens -- polarionImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webclient of Siemens AG Polarion could allow an attacker to exploit a reflected XSS vulnerability. This issue affects: Siemens AG Polarion All versions < 19.2.2019-11-27not yet calculatedCVE-2019-13934
MISC
spagobi -- spagobiUnrestricted file upload vulnerability in the Worksheet designer in SpagoBI before 4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory, aka "XSS File Upload."2019-11-22not yet calculatedCVE-2013-6234
MISC
MISC
MISC
sqlite -- sqliteSQLite 3.30.1 mishandles pExpr->y.pTab, as demonstrated by the TK_COLUMN case in sqlite3ExprCodeTarget in expr.c.2019-11-27not yet calculatedCVE-2019-19242
MISC
sqlite -- sqlitesqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage.2019-11-25not yet calculatedCVE-2019-19244
MISC
squid-cache -- squidAn issue was discovered in Squid 3.x and 4.x through 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to incorrect message processing, it can inappropriately redirect traffic to origins it should not be delivered to.2019-11-26not yet calculatedCVE-2019-18677
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
squid-cache -- squidAn issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response can fit within the buffer. This leads to attacker controlled data overflowing in the heap.2019-11-26not yet calculatedCVE-2019-12526
CONFIRM
CONFIRM
squid-cache -- squidAn issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypassed and allows access to restricted HTTP servers, e.g., an attacker can connect to HTTP servers that only listen on localhost.2019-11-26not yet calculatedCVE-2019-12523
CONFIRM
CONFIRM
CONFIRM
squid-cache -- squidAn issue was discovered in Squid 3.x and 4.x through 4.8. Due to incorrect input validation, there is a heap-based buffer overflow that can result in Denial of Service to all clients using the proxy. Severity is high due to this vulnerability occurring before normal security checks; any remote client that can reach the proxy port can trivially perform the attack via a crafted URI scheme.2019-11-26not yet calculatedCVE-2019-18676
CONFIRM
CONFIRM
CONFIRM
MISC
squid-cache -- squidAn issue was discovered in Squid 3.x and 4.x through 4.8. It allows attackers to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches (between a client and Squid) with attacker-controlled content at arbitrary URLs. Effects are isolated to software between the attacker client and Squid. There are no effects on Squid itself, nor on any upstream servers. The issue is related to a request header containing whitespace between a header name and a colon.2019-11-26not yet calculatedCVE-2019-18678
CONFIRM
CONFIRM
CONFIRM
MISC
squid-cache -- squidAn issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks.2019-11-26not yet calculatedCVE-2019-18679
CONFIRM
CONFIRM
CONFIRM
MISC
symantec -- critical_system_protectionSymantec Critical System Protection (CSP), versions 8.0, 8.0 HF1 & 8.0 MP1, may be susceptible to an authentication bypass vulnerability, which is a type of issue that can potentially allow a threat actor to circumvent existing authentication controls.2019-11-25not yet calculatedCVE-2019-18374
CONFIRM
tahoe-lafs -- tahoe-lafsTahoe-LAFS v1.3.0 through v1.8.2 could allow unauthorized users to delete immutable files in some cases.2019-11-26not yet calculatedCVE-2011-3617
MISC
MISC
MISC
tcl_alcatel -- cingular_flip_2_b9huah1_devicesOn TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an undocumented web API that allows unprivileged JavaScript, including JavaScript running within the KaiOS browser, to view and edit the device's firmware over-the-air update settings. (This web API is normally used by the system application to trigger firmware updates via OmaService.js.)2019-11-26not yet calculatedCVE-2019-16243
MISC
MISC
tcl_alcatel -- cingular_flip_2_b9huah1_devicesOn TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an engineering application named omamock that is vulnerable to OS command injection. An attacker with physical access to the device can abuse this vulnerability to execute arbitrary OS commands as the root user via the application's UI.2019-11-26not yet calculatedCVE-2019-16242
MISC
MISC
tcl_alcatel -- cingular_flip_2_b9huah1_devicesOn TCL Alcatel Cingular Flip 2 B9HUAH1 devices, PIN authentication can be bypassed by creating a special file within the /data/local/tmp/ directory. The System application that implements the lock screen checks for the existence of a specific file and disables PIN authentication if it exists. This file would typically be created via Android Debug Bridge (adb) over USB.2019-11-26not yet calculatedCVE-2019-16241
MISC
MISC
thttpd -- thttpdthttpd has a local DoS vulnerability via specially-crafted .htpasswd files2019-11-25not yet calculatedCVE-2012-5640
MISC
REDHAT
MISC
MISC
trend_micro -- password_manager_for_andriodTrend Micro Password Manager versions 3.x, 5.0, and 5.1 for Android is affected by a FLAG_MISUSE vulnerability that could be exploited to allow the application to share information to third-party applications on the device.2019-11-25not yet calculatedCVE-2019-15629
N/A
typo3 -- typo3It was found that Typo3 Core versions 4.5.0 - 4.5.5 uses prepared statements that, if the parameter values are not properly replaced, could lead to a SQL Injection vulnerability. This issue can only be exploited if two or more parameters are bound to the query and at least two come from user input.2019-11-26not yet calculatedCVE-2011-3583
MISC
MISC
MISC
MISC
typo3 -- typo3The TYPO3 Core wec_discussion extension before 2.1.1 is vulnerable to SQL Injection due to improper sanitation of user-supplied input.2019-11-26not yet calculatedCVE-2011-3584
MISC
MISC
MISC
ubiquiti -- unifi_video_controller_softwareA privilege escalation exists in UniFi Video Controller =<3.10.6 that would allow an attacker on the local machine to run arbitrary commands.2019-11-26not yet calculatedCVE-2019-15595
MISC
vdsm -- vdsmvdsm: certificate generation upon node creation allowing vdsm to start and serve requests from anyone who has a matching key (and certificate)2019-11-25not yet calculatedCVE-2012-5518
MISC
MISC
MISC
vsftpd -- vsftpdvsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.2019-11-27not yet calculatedCVE-2011-2523
MISC
MISC
MISC
MISC
MLIST
w3edge -- w3_total_cacheW3 Total Cache before 0.9.2.5 generates hash keys insecurely which allows remote attackers to predict the values of the hashes.2019-11-22not yet calculatedCVE-2012-6078
MISC
MISC
MISC
CONFIRM
w3edge -- w3_total_cacheW3 Total Cache before 0.9.2.5 exposes sensitive cached database information which allows remote attackers to download this information via their hash keys.2019-11-22not yet calculatedCVE-2012-6079
MISC
MISC
MISC
CONFIRM
w3edge -- w3_total_cacheW3 Total Cache before 0.9.2.5 allows remote attackers to retrieve password hash information due to insecure storage of database cache files.2019-11-22not yet calculatedCVE-2012-6077
MISC
MISC
MISC
MISC
CONFIRM
wikimedia -- wikibase_wikidata_query_serviceIn Wikibase Wikidata Query Service GUI before 0.3.6-SNAPSHOT 2019-11-07, when mathematical expressions in results are displayed directly, arbitrary JavaScript execution can occur, aka XSS. This was addressed by introducing MathJax as a new mathematics rendering engine.2019-11-27not yet calculatedCVE-2019-19329
MISC
MISC
MISC
MISC
wikimedia -- wikibase_wikidata_query_serviceui/editor/tooltip/Rdf.js in Wikibase Wikidata Query Service GUI before 0.3.6-SNAPSHOT 2019-11-07 allows HTML injection in tooltips for entities.2019-11-27not yet calculatedCVE-2019-19328
MISC
MISC
MISC
wikimedia -- wikibase_wikidata_query_serviceui/ResultView.js in Wikibase Wikidata Query Service GUI before 0.3.6-SNAPSHOT 2019-11-07 allows HTML injection when reporting the number of results and number of milliseconds.2019-11-27not yet calculatedCVE-2019-19327
MISC
MISC
MISC
wordpress -- wordpressThe NextGEN Gallery plugin before 2.1.10 for WordPress has multiple XSS issues involving thumbnail_width, thumbnail_height, thumbwidth, thumbheight, wmXpos, and wmYpos, and template.2019-11-26not yet calculatedCVE-2015-9537
MISC
MISC
MISC
wordpress -- wordpressThe Fast Secure Contact Form plugin before 4.0.38 for WordPress allows fs_contact_form1[welcome] XSS.2019-11-26not yet calculatedCVE-2015-9539
MISC
MISC
MISC
wordpress -- wordpressThe Zoho CRM Lead Magnet plugin 1.6.9.1 for WordPress allows XSS via module, EditShortcode, or LayoutName.2019-11-26not yet calculatedCVE-2019-19306
MISC
MISC
MISC
wordpress -- wordpressThe NextGEN Gallery plugin before 2.1.15 for WordPress allows ../ Directory Traversal in path selection.2019-11-26not yet calculatedCVE-2015-9538
MISC
MISC
MISC
MISC
MISC
MISC
xquest -- xquestA password generation weakness exists in xquest through 2016-06-13.2019-11-27not yet calculatedCVE-2016-4980
MISC
MISC
MISC
xscreensaver -- xscreensaverxscreensaver before 5.14 crashes during activation and leaves the screen unlocked when in Blank Only Mode and when DPMS is disabled, which allows local attackers to access resources without authentication.2019-11-27not yet calculatedCVE-2011-2187
MISC
MISC
MISC
MISC
MISC
MLIST
yaws -- yawsYaws 1.91 has a directory traversal vulnerability in the way certain URLs are processed. A remote authenticated user could use this flaw to obtain content of arbitrary local files via specially-crafted URL request.2019-11-26not yet calculatedCVE-2011-4350
MISC
MISC
MISC
MISC
MISC
yubico -- pamYubico PAM Module before 2.10 performed user authentication when 'use_first_pass' PAM configuration option was not used and the module was configured as 'sufficient' in the PAM configuration. A remote attacker could use this flaw to circumvent common authentication process and obtain access to the account in question by providing a NULL value (pressing Ctrl-D keyboard sequence) as the password string.2019-11-26not yet calculatedCVE-2011-4120
MISC
MISC
MISC
MISC
zend_framework -- zend_frameworkSQL injection vulnerability in Zend Framework 1.10.x before 1.10.9 and 1.11.x before 1.11.6 when using non-ASCII-compatible encodings in conjunction PDO_MySql in PHP before 5.3.6.2019-11-26not yet calculatedCVE-2011-1939
MISC
BID
MISC
CONFIRM
MISC
CONFIRM
MISC
zmartzone -- mod_auth_openidcmod_auth_openidc before version 2.4.0.1 is vulnerable to a None2019-11-26not yet calculatedCVE-2019-14857
CONFIRM
zope -- zopeCross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3, 3.1.1 through 3.4.1. allows remote attackers to inject arbitrary web script or HTML via vectors related to the way error messages perform sanitization. NOTE: this issue exists because of an incomplete fix for CVE-2010-11042019-11-25not yet calculatedCVE-2011-4924
MISC
MISC
MISC
MISC
MISC
MISC
MISC
zte -- zxcdn_iamwebThe version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a configuration error vulnerability. An attacker could directly access the management portal in HTTP, resulting in users? information leakage.2019-11-22not yet calculatedCVE-2019-3428
CONFIRM

Back to top

Please share your thoughts

We recently updated our anonymous product survey; we’d welcome your feedback.