Vulnerability Summary for the Week of December 23, 2019
Released
Dec 30, 2019
Document ID
SB19-364
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded in the past week. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
Vulnerability Severity:
The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
High Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| handlebars -- handlebars | Versions of handlebars prior to 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Object's __proto__ and __defineGetter__ properties, which may allow an attacker to execute arbitrary code through crafted payloads. | 2019-12-20 | 7.5 | CVE-2019-19919 MISC |
Medium Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| huawei -- elle-al00b_smart_phones | Huawei smart phones with earlier versions than ELLE-AL00B 9.1.0.222(C00E220R2P1) have a buffer overflow vulnerability. An attacker may intercept and tamper with the packet in the local area network (LAN) to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal. | 2019-12-23 | 5.8 | CVE-2019-5276 CONFIRM |
| huawei -- p30_smartphones | Huawei Share function in P30 9.1.0.193(C00E190R2P1) smartphone has an improper access control vulnerability. The function incorrectly controls certain access messages, attackers can simulate a sender to steal P2P network information. Successful exploit may cause information leakage. | 2019-12-23 | 5 | CVE-2019-5265 CONFIRM |
| huawei -- p30_smartphones | Huawei Share function in P30 9.1.0.193(C00E190R2P1) smartphone has an insufficient input validation vulnerability. Attackers can exploit this vulnerability by sending crafted packets to the affected device. Successful exploit may cause the function will be disabled. | 2019-12-23 | 5 | CVE-2019-5266 CONFIRM |
| ibm -- cognos_analytics | IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 159356. | 2019-12-20 | 4.3 | CVE-2019-4231 XF CONFIRM |
| ibm -- cognos_business_intelligence | IBM Cognos Business Intelligence 10.2.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 153179. | 2019-12-20 | 6.8 | CVE-2018-1934 XF CONFIRM |
| ibm -- financial_transaction_manager | IBM Financial Transaction Manager 3.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 172706. | 2019-12-20 | 4.3 | CVE-2019-4736 XF CONFIRM |
| ibm -- financial_transaction_manager | IBM Financial Transaction Manager 3.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 172877. | 2019-12-20 | 4.3 | CVE-2019-4742 XF CONFIRM |
| ibm -- financial_transaction_manager | IBM Financial Transaction Manager 3.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 172880. | 2019-12-20 | 4.3 | CVE-2019-4743 XF CONFIRM |
| ibm -- financial_transaction_manager | IBM Financial Transaction Manager 3.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 172882. | 2019-12-20 | 4.3 | CVE-2019-4744 XF CONFIRM |
| lout -- lout | Lout 3.40 has a buffer overflow in the StringQuotedWord() function in z39.c. | 2019-12-20 | 6.8 | CVE-2019-19917 MISC |
| lout -- lout | Lout 3.40 has a heap-based buffer overflow in the srcnext() function in z02.c. | 2019-12-20 | 6.8 | CVE-2019-19918 MISC |
Low Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| huawei -- oceanstor_sns3096 | Huawei OceanStor SNS3096 V100R002C01 have an information disclosure vulnerability. Attackers with low privilege can exploit this vulnerability by performing some specific operations. Successful exploit of this vulnerability can cause some information disclosure. | 2019-12-23 | 2.1 | CVE-2019-5267 CONFIRM |
| ibm -- cognos_analytics | IBM Cognos Analytics 11.0 and 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 166204. | 2019-12-20 | 3.5 | CVE-2019-4555 XF CONFIRM |
Severity Not Yet Assigned
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| abcprintf -- upload-image-with-ajax | Due to a logic error in the code, upload-image-with-ajax v1.0 allows arbitrary files to be uploaded to the web root allowing code execution. | 2019-12-23 | not yet calculated | CVE-2019-8293 MLIST MISC |
| alcatel-lucent_enterprise -- omnivista_4760_and_8770_devices | An issue was discovered on Alcatel-Lucent OmniVista 4760 devices, and 8770 devices before 4.1.2. An incorrect web server configuration allows a remote unauthenticated attacker to retrieve the content of its own session files. Every session file contains the administrative LDAP credentials encoded in a reversible format. Sessions are stored in /sessions/sess_<sessionid>. | 2019-12-27 | not yet calculated | CVE-2019-20047 MISC MISC MISC MISC |
| alcatel-lucent_enterprise -- omnivista_4760_devices | An issue was discovered on Alcatel-Lucent OmniVista 4760 devices. A remote unauthenticated attacker can chain a directory traversal (which helps to bypass authentication) with an insecure file upload to achieve Remote Code Execution as SYSTEM. The directory traversal is in the __construct() whereas the insecure file upload is in SetSkinImages(). | 2019-12-27 | not yet calculated | CVE-2019-20049 MISC MISC MISC MISC |
| alcatel-lucent_enterprise -- omnivista_8770_devices | An issue was discovered on Alcatel-Lucent OmniVista 8770 devices before 4.1.2. An authenticated remote attacker, with elevated privileges in the Web Directory component on port 389, may upload a PHP file to achieve Remote Code Execution as SYSTEM. | 2019-12-27 | not yet calculated | CVE-2019-20048 MISC MISC MISC MISC |
| apache -- tomcat | When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker could perform a session fixation attack. The window was considered too narrow for an exploit to be practical but, erring on the side of caution, this issue has been treated as a security vulnerability. | 2019-12-23 | not yet calculated | CVE-2019-17563 CONFIRM BUGTRAQ DEBIAN |
| apache -- tomcat | When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0.97 is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack to capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and gain complete control over the Tomcat instance. | 2019-12-23 | not yet calculated | CVE-2019-12418 CONFIRM BUGTRAQ DEBIAN |
| appleple -- a-blog_cms | a-blog cms versions prior to Ver.2.10.23 (Ver.2.10.x), Ver.2.9.26 (Ver.2.9.x), and Ver.2.8.64 (Ver.2.8.x) allows arbitrary scripts to be executed in the context of the application due to unspecified vectors. | 2019-12-26 | not yet calculated | CVE-2019-6034 MISC MISC |
| appleple -- a-blog_cms | Cross-site scripting vulnerability in a-blog cms versions prior to Ver.2.10.23 (Ver.2.10.x), Ver.2.9.26 (Ver.2.9.x), and Ver.2.8.64 (Ver.2.8.x) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2019-12-26 | not yet calculated | CVE-2019-6033 MISC MISC |
| archery -- archery | In Archery before 1.3, inserting an XSS payload into a project name (either by creating a new project or editing an existing one) will result in stored XSS on the vulnerability-scan scheduling page. | 2019-12-26 | not yet calculated | CVE-2019-20008 MISC MISC MISC |
| artica -- pandora_fms | Pandora FMS 7.x suffers from remote code execution vulnerability. With an authenticated user who can modify the alert system, it is possible to define and execute Commands in the context of the Application. | 2019-12-26 | not yet calculated | CVE-2019-19681 MISC |
| avtech -- avn801_dvr | AVTECH AVN801 DVR has a security bypass via the administration login captcha | 2019-12-27 | not yet calculated | CVE-2013-4982 MISC MISC MISC |
| belkin -- f5d8236-4_wireless_router | An authentication bypass exists in the web management interface in Belkin F5D8236-4 v2. | 2019-12-26 | not yet calculated | CVE-2013-3085 MISC |
| belkin -- n900_router | Belkin N900 router (F9K1104v1) contains an Authentication Bypass using "Javascript debugging". | 2019-12-26 | not yet calculated | CVE-2013-3088 MISC MISC |
| bullguard -- premium_protection | The malware scan function in BullGuard Premium Protection 20.0.371.8 has a TOCTOU issue that enables a symbolic link attack, allowing privileged files to be deleted. | 2019-12-26 | not yet calculated | CVE-2019-20000 MISC |
| check_point -- endpoint_security_client_for_windows | A denial of service vulnerability was reported in Check Point Endpoint Security Client for Windows before E82.10, that could allow service log file to be written to non-standard locations. | 2019-12-23 | not yet calculated | CVE-2019-8463 CONFIRM |
| citrix -- application_delivery_controller_and_gateway | An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal. | 2019-12-27 | not yet calculated | CVE-2019-19781 CONFIRM |
| crushftp -- crushftp | CrushFTP through 8.3.0 is vulnerable to credentials theft via URL redirection. | 2019-12-26 | not yet calculated | CVE-2018-18288 MISC MISC |
| cybozu -- cybozu_office | Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.3 allows remote authenticated attackers to alter arbitrary files via the 'Customapp' function. | 2019-12-26 | not yet calculated | CVE-2019-6022 MISC MISC |
| cybozu -- cybozu_office | Cybozu Office 10.0.0 to 10.8.3 allows remote authenticated attackers to bypass access restriction which may result in obtaining data without access privileges via the application 'Address'. | 2019-12-26 | not yet calculated | CVE-2019-6023 MISC MISC |
| d-link -- dba-1510P_firmware | DBA-1510P firmware 1.70b009 and earlier allows authenticated attackers to execute arbitrary OS commands via Command Line Interface (CLI). | 2019-12-26 | not yet calculated | CVE-2019-6013 MISC MISC |
| d-link -- dba-1510P_firmware | DBA-1510P firmware 1.70b009 and earlier allows an attacker to execute arbitrary OS commands via Web User Interface. | 2019-12-26 | not yet calculated | CVE-2019-6014 MISC MISC |
| d-link -- dir-601_b1_devices | D-Link DIR-601 B1 2.00NA devices have CSRF because no anti-CSRF token is implemented. A remote attacker could exploit this in conjunction with CVE-2019-16327 to enable remote router management and device compromise. NOTE: this is an end-of-life product. | 2019-12-26 | not yet calculated | CVE-2019-16326 MISC |
| d-link -- dir-601_devices | D-Link DIR-601 B1 2.00NA devices are vulnerable to authentication bypass. They do not check for authentication at the server side and rely on client-side validation, which is bypassable. NOTE: this is an end-of-life product. | 2019-12-26 | not yet calculated | CVE-2019-16327 MISC |
| d-link -- dwr-113_wifi_router | Cross-site request forgery (CSRF) vulnerability in D-Link DWR-113 (Rev. Ax) with firmware before 2.03b02 allows remote attackers to hijack the authentication of administrators for requests that change the admin password via unspecified vectors. | 2019-12-27 | not yet calculated | CVE-2014-3136 XF MISC BID |
| debian -- debian-edu-config | Debian-edu-config all versions < 2.11.10, a set of configuration files used for Debian Edu, and debian-lan-config < 0.26, configured too permissive ACLs for the Kerberos admin server, which allowed password changes for other Kerberos user principals. | 2019-12-23 | not yet calculated | CVE-2019-3467 MISC CONFIRM MLIST BUGTRAQ BUGTRAQ CONFIRM DEBIAN DEBIAN |
| electronic_arts -- karotz_api | Karotz API 12.07.19.00: Session Token Information Disclosure | 2019-12-27 | not yet calculated | CVE-2013-4868 MISC MISC MISC |
| electronic_arts -- karotz_smart_rabbit | Electronic Arts Karotz Smart Rabbit 12.07.19.00 allows Python module hijacking | 2019-12-27 | not yet calculated | CVE-2013-4867 MISC MISC |
| equinox -- control_expert | Equinox Control Expert all versions, is vulnerable to an SQL injection attack, which may allow an attacker to remotely execute arbitrary code. | 2019-12-23 | not yet calculated | CVE-2019-18234 MISC |
| ezxml -- ezxml | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing a crafted XML file, performs incorrect memory handling, leading to a heap-based buffer over-read while running strchr() starting with a pointer after a '\0' character (where the processing of a string was finished). | 2019-12-26 | not yet calculated | CVE-2019-20005 MISC |
| ezxml -- ezxml | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_char_content puts a pointer to the internal address of a larger block as xml->txt. This is later deallocated (using free), leading to a segmentation fault. | 2019-12-26 | not yet calculated | CVE-2019-20006 MISC |
| ezxml -- ezxml | An issue was discovered in ezXML 0.8.2 through 0.8.6. The function ezxml_str2utf8, while parsing a crafted XML file, performs zero-length reallocation in ezxml.c, leading to returning a NULL pointer (in some compilers). After this, the function ezxml_parse_str does not check whether the s variable is not NULL in ezxml.c, leading to a NULL pointer dereference and crash (segmentation fault). | 2019-12-26 | not yet calculated | CVE-2019-20007 MISC |
| f5 -- big-ip | On BIG-IP versions 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5, while processing traffic through a standard virtual server that targets a FastL4 virtual server (VIP on VIP), hardware appliances may stop responding. | 2019-12-23 | not yet calculated | CVE-2019-6680 CONFIRM |
| f5 -- big-ip | On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, the Traffic Management Microkernel (TMM) might stop responding after the total number of diameter connections and pending messages on a single virtual server has reached 32K. | 2019-12-23 | not yet calculated | CVE-2019-6686 CONFIRM |
| f5 -- big-ip | On BIG-IP versions 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.5, under certain conditions when using custom TCP congestion control settings in a TCP profile, TMM stops processing traffic when processed by an iRule. | 2019-12-23 | not yet calculated | CVE-2019-6677 CONFIRM |
| f5 -- big-ip | On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, users with access to edit iRules are able to create iRules which can lead to an elevation of privilege, configuration modification, and arbitrary system command execution. | 2019-12-23 | not yet calculated | CVE-2019-6685 CONFIRM |
| f5 -- big-ip | On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.5, a memory leak in Multicast Forwarding Cache (MFC) handling in tmrouted. | 2019-12-23 | not yet calculated | CVE-2019-6681 CONFIRM |
| f5 -- big-ip | On BIG-IP versions 15.0.0-15.0.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, the TMM process may restart when the packet filter feature is enabled. | 2019-12-23 | not yet calculated | CVE-2019-6678 CONFIRM |
| f5 -- big-ip | On BIG-IP versions 15.0.0-15.0.1, 14.1.0.2-14.1.2.2, 14.0.0.5-14.0.1, 13.1.1.5-13.1.3.1, 12.1.4.1-12.1.5, 11.6.4-11.6.5, and 11.5.9-11.5.10, the access controls implemented by scp.whitelist and scp.blacklist are not properly enforced for paths that are symlinks. This allows authenticated users with SCP access to overwrite certain configuration files that would otherwise be restricted. | 2019-12-23 | not yet calculated | CVE-2019-6679 CONFIRM |
| f5 -- big-ip_and_big-iq | On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5 and BIG-IQ versions 6.0.0-6.1.0 and 5.2.0-5.4.0, a user is able to obtain the secret that was being used to encrypt a BIG-IP UCS backup file while sending SNMP query to the BIG-IP or BIG-IQ system, however the user can not access to the UCS files. | 2019-12-23 | not yet calculated | CVE-2019-6688 CONFIRM |
| f5 -- big-ip_apm | On versions 15.0.0-15.0.1.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, the BIG-IP APM system logs the client-session-id when a per-session policy is attached to the virtual server with debug logging enabled. | 2019-12-23 | not yet calculated | CVE-2019-19150 CONFIRM |
| f5 -- big-ip_asm | On versions 15.0.0-15.0.1.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, the BIG-IP ASM system may consume excessive resources when processing certain types of HTTP responses from the origin web server. This vulnerability is only known to affect resource-constrained systems in which the security policy is configured with response-side features, such as Data Guard or response-side learning. | 2019-12-23 | not yet calculated | CVE-2019-6682 CONFIRM |
| f5 -- big-ip_asm | On versions 15.0.0-15.0.1.1, the BIG-IP ASM Cloud Security Services profile uses a built-in verification mechanism that fails to properly authenticate the X.509 certificate of remote endpoints. | 2019-12-23 | not yet calculated | CVE-2019-6687 CONFIRM |
| f5 -- big-ip_virtual_clustered_multiprocessing | On versions 15.0.0-15.0.1.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, under certain conditions, a multi-bladed BIG-IP Virtual Clustered Multiprocessing (vCMP) may drop broadcast packets when they are rebroadcast to the vCMP guest secondary blades. An attacker can leverage the fragmented broadcast IP packets to perform any type of fragmentation-based attack. | 2019-12-23 | not yet calculated | CVE-2019-6684 CONFIRM |
| f5 -- big-ip_virtual_edition | On versions 15.0.0-15.0.1, 14.0.0-14.1.2.2, and 13.1.0-13.1.3.1, TMM may restart on BIG-IP Virtual Edition (VE) when using virtio direct descriptors and packets 2 KB or larger. | 2019-12-23 | not yet calculated | CVE-2019-6676 CONFIRM |
| f5 -- big-ip_virtual_servers | On versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, BIG-IP virtual servers with Loose Initiation enabled on a FastL4 profile may be subject to excessive flow usage under undisclosed conditions. | 2019-12-23 | not yet calculated | CVE-2019-6683 CONFIRM |
| f5 -- multiple_products | On BIG-IP versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, BIG-IQ versions 7.0.0, 6.0.0-6.1.0, and 5.0.0-5.4.0, iWorkflow version 2.3.0, and Enterprise Manager version 3.1.1, authenticated users granted TMOS Shell (tmsh) privileges are able access objects on the file system which would normally be disallowed by tmsh restrictions. This allows for authenticated, low privileged attackers to access objects on the file system which would not normally be allowed. | 2019-12-23 | not yet calculated | CVE-2019-19151 CONFIRM |
| fermax -- outdoor_panel | An access control weakness in the DTMF tone receiver of Fermax Outdoor Panel allows physical attackers to inject a Dual-Tone-Multi-Frequency (DTMF) tone to invoke an access grant that would allow physical access to a restricted floor/level. By design, only a residential unit owner may allow such an access grant. However, due to incorrect access control, an attacker could inject it via the speaker unit to perform an access grant to gain unauthorized access, as demonstrated by a loud DTMF tone representing '1' and a long '#' (697 Hz and 1209 Hz, followed by 941 Hz and 1477 Hz). | 2019-12-24 | not yet calculated | CVE-2017-16778 MISC |
| forcepoint -- ngfw_security_management_center | Forcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12 or 6.7.1 have a rare issue that in specific circumstances can corrupt the internal configuration database. When the database is corrupted, the SMC might produce an incorrect IPsec configuration for the Forcepoint Next Generation Firewall (NGFW), possibly resulting in settings that are weaker than expected. All SMC versions lower than 6.5.12 or 6.7.1 are vulnerable. | 2019-12-23 | not yet calculated | CVE-2019-6147 CONFIRM |
| forum_software -- reviewboard | ReviewBoard 1.6.17 allows code execution by attaching PHP scripts to review request | 2019-12-27 | not yet calculated | CVE-2013-4796 MISC MISC |
| gitlab -- community_and_enterprise_edition | An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control (issue 2 of 6). | 2019-12-26 | not yet calculated | CVE-2018-20492 MISC MISC |
| gnome -- libxml2 | xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs. | 2019-12-24 | not yet calculated | CVE-2019-19956 MISC MLIST |
| gnu -- libredwg | An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decode_R13_R2000 in decode.c. | 2019-12-27 | not yet calculated | CVE-2019-20011 MISC MISC |
| gnu -- libredwg | An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c. | 2019-12-27 | not yet calculated | CVE-2019-20014 MISC MISC MISC |
| gnu -- libredwg | An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_HATCH_private in dwg.spec. | 2019-12-27 | not yet calculated | CVE-2019-20012 MISC MISC |
| gnu -- libredwg | An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_SPLINE_private in dwg.spec. | 2019-12-27 | not yet calculated | CVE-2019-20009 MISC MISC MISC |
| gnu -- libredwg | An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolve_objectref_vector in decode.c. | 2019-12-27 | not yet calculated | CVE-2019-20010 MISC MISC |
| gnu -- libredwg | An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_LWPOLYLINE_private in dwg.spec. | 2019-12-27 | not yet calculated | CVE-2019-20015 MISC MISC |
| gnu -- libredwg | An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode_3dsolid in dwg.spec. | 2019-12-27 | not yet calculated | CVE-2019-20013 MISC MISC MISC |
| graphicsmagick -- graphicsmagick | In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c. | 2019-12-24 | not yet calculated | CVE-2019-19953 MISC MISC |
| graphicsmagick -- graphicsmagick | In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c. | 2019-12-24 | not yet calculated | CVE-2019-19951 MISC MISC |
| graphicsmagick -- graphicsmagick | In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c. | 2019-12-24 | not yet calculated | CVE-2019-19950 MISC MISC |
| halo -- halo | Halo before 1.2.0-beta.1 allows Server Side Template Injection (SSTI) because TemplateClassResolver.SAFER_RESOLVER is not used in the FreeMarker configuration. | 2019-12-26 | not yet calculated | CVE-2019-19999 MISC MISC MISC |
| hikvision -- ds-2cd7153-e_ip_camera | Hikvision DS-2CD7153-E IP Camera has Privilege Escalation | 2019-12-27 | not yet calculated | CVE-2013-4975 MISC MISC MISC |
| hikvision -- ds-2cd7153-e_ip_camera | Hikvision DS-2CD7153-E IP Camera has security bypass via hardcoded credentials | 2019-12-27 | not yet calculated | CVE-2013-4976 MISC MISC MISC |
| huawei -- m5_lite_10 | M5 lite 10 with versions of 8.0.0.182(C00) have an insufficient input validation vulnerability. Due to the input validation logic is incorrect, an attacker can exploit this vulnerability to modify the memory of the device by doing a series of operations. Successful exploit may lead to malicious code execution. | 2019-12-26 | not yet calculated | CVE-2019-19398 CONFIRM |
| huawei -- usg9500_devices | USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in an infinite loop, an attacker may exploit the vulnerability via a malicious certificate to perform a denial of service attack on the affected products. | 2019-12-26 | not yet calculated | CVE-2019-5274 CONFIRM |
| huawei -- usg9500_devices | USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in a heap buffer overflow when decoding a certificate, an attacker may exploit the vulnerability by a malicious certificate to perform a denial of service attack on the affected products. | 2019-12-26 | not yet calculated | CVE-2019-5275 CONFIRM |
| huawei -- usg9500_devices | USG9500 with versions of V500R001C30;V500R001C60 have a missing integrity checking vulnerability. The software of the affected products does not check the integrity which may allow an attacker with high privilege to make malicious modifications without detection. | 2019-12-26 | not yet calculated | CVE-2019-5272 CONFIRM |
| huawei -- usg9500_devices | USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in a large heap buffer overrun error, an attacker may exploit the vulnerability by a malicious certificate, resulting a denial of service on the affected products. | 2019-12-26 | not yet calculated | CVE-2019-5273 CONFIRM |
| imagemagick -- imagemagick | In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c. | 2019-12-24 | not yet calculated | CVE-2019-19948 MISC MLIST |
| imagemagick -- imagemagick | In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to ReadOneMNGImage. | 2019-12-24 | not yet calculated | CVE-2019-19952 MISC |
| imagemagick -- imagemagick | In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare. | 2019-12-24 | not yet calculated | CVE-2019-19949 MISC MLIST |
| information-technology_promotion_agency -- stamp_workbench_installer | Untrusted search path vulnerability in STAMP Workbench installer all versions allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 2019-12-26 | not yet calculated | CVE-2019-6019 MISC MISC |
| insteon -- insteon_hub | INSTEON Hub 2242-222 lacks Web and API authentication | 2019-12-27 | not yet calculated | CVE-2013-4859 MISC MISC |
| intelbras -- iwr_3000n_devices | A CSRF issue was discovered on Intelbras IWR 3000N 1.8.7 devices, leading to complete control of the router, as demonstrated by v1/system/user. | 2019-12-26 | not yet calculated | CVE-2019-19995 MISC |
| intelbras -- iwr_3000n_devices | An issue was discovered on Intelbras IWR 3000N 1.8.7 devices. A malformed login request allows remote attackers to cause a denial of service (reboot), as demonstrated by JSON misparsing of the \""} string to v1/system/login. | 2019-12-26 | not yet calculated | CVE-2019-19996 MISC |
| jetbrains -- ktor_framework | JetBrains Ktor framework before version 1.2.6 was vulnerable to HTTP Response Splitting. | 2019-12-26 | not yet calculated | CVE-2019-19389 MISC MISC |
| joomla! -- joomla! | Xorbin Analog Flash Clock 1.0 extension for Joomia has XSS | 2019-12-27 | not yet calculated | CVE-2013-4692 MISC MISC MISC |
| k7_computing -- ultimate_security | In K7 Ultimate Security 16.0.0117, the module K7BKCExt.dll (aka the backup module) improperly validates the administrative privileges of the user, allowing an arbitrary file write via a symbolic link attack with file restoration functionality. | 2019-12-27 | not yet calculated | CVE-2019-16896 MISC MISC |
| kinza -- kinza_for_windows | Cross-site scripting vulnerability in KINZA for Windows version 5.9.2 and earlier and for Mac version 5.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via RSS reader. | 2019-12-26 | not yet calculated | CVE-2019-6031 MISC MISC |
| libesmtp -- libesmtp | libESMTP through 1.0.6 mishandles domain copying into a fixed-size buffer in ntlm_build_type_2 in ntlm/ntlmstruct.c, as demonstrated by a stack-based buffer over-read. | 2019-12-26 | not yet calculated | CVE-2019-19977 MISC MISC MISC |
| libiec61850 -- libiec61850 | In libIEC61850 1.4.0, MmsValue_newOctetString in mms/iso_mms/common/mms_value.c has an integer signedness error that can lead to an attempted excessive memory allocation. | 2019-12-23 | not yet calculated | CVE-2019-19930 MISC |
| libiec61850 -- libiec61850 | In libIEC61850 1.4.0, BerDecoder_decodeUint32 in mms/asn1/ber_decode.c has an out-of-bounds read, related to intLen and bufPos. | 2019-12-23 | not yet calculated | CVE-2019-19944 MISC |
| libiec61850 -- libiec61850 | In libIEC61850 1.4.0, MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c has a heap-based buffer overflow. | 2019-12-23 | not yet calculated | CVE-2019-19931 MISC |
| libiec61850 -- libiec61850 | In libIEC61850 1.4.0, StringUtils_createStringFromBuffer in common/string_utilities.c has an integer signedness issue that could lead to an attempted excessive memory allocation and denial of service. | 2019-12-24 | not yet calculated | CVE-2019-19958 MISC |
| libiec61850 -- libiec61850 | In libIEC61850 1.4.0, getNumberOfElements in mms/iso_mms/server/mms_access_result.c has an out-of-bounds read vulnerability, related to bufPos and elementLength. | 2019-12-24 | not yet calculated | CVE-2019-19957 MISC |
| libsixel_project -- libsixel | A memory leak was discovered in image_buffer_resize in fromsixel.c in libsixel 1.8.4. | 2019-12-27 | not yet calculated | CVE-2019-20023 MISC |
| libsixel_project -- libsixel | A heap-based buffer overflow was discovered in image_buffer_resize in fromsixel.c in libsixel before 1.8.4. | 2019-12-27 | not yet calculated | CVE-2019-20024 MISC |
| libsixel_project -- libsixel | An invalid memory address dereference was discovered in load_pnm in frompnm.c in libsixel before 1.8.3. | 2019-12-27 | not yet calculated | CVE-2019-20022 MISC |
| linux -- linux_kernel | In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655. | 2019-12-25 | not yet calculated | CVE-2019-19966 MISC MISC |
| linux -- linux_kernel | In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5. | 2019-12-25 | not yet calculated | CVE-2019-19965 MISC |
| linux -- linux_kernel | In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c. | 2019-12-24 | not yet calculated | CVE-2019-19947 MLIST MISC |
| linux -- linux_kernel | In the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka CID-23da9588037e. | 2019-12-28 | not yet calculated | CVE-2019-20054 MISC MISC MISC MISC |
| linux -- linux_kernel | An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to different denial-of-service scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already existing clients in other nearby APs of the same wireless infrastructure. An attacker can forge Authentication and Association Request packets to trigger this vulnerability. | 2019-12-23 | not yet calculated | CVE-2019-5108 MISC |
| linux -- linux_kernel | kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1. (In other words, although this slice expiration would typically be seen with benign workloads, it is possible that an attacker could calculate how many stray requests are required to force an entire Kubernetes cluster into a low-performance state caused by slice expiration, and ensure that a DDoS attack sent that number of stray requests. An attack does not affect the stability of the kernel; it only causes mismanagement of application execution.) | 2019-12-22 | not yet calculated | CVE-2019-19922 MISC MISC MISC MISC MISC |
| livefyre -- livecomments | Cross-site scripting (XSS) vulnerability in Livefyre LiveComments 3.0 allows remote attackers to inject arbitrary web script or HTML via the name of an uploaded picture. | 2019-12-27 | not yet calculated | CVE-2014-6420 MISC XF |
| magnolia_international -- magnolia_cms | Magnolia CMS before 4.5.9 has multiple access bypass vulnerabilities | 2019-12-27 | not yet calculated | CVE-2013-4621 MISC MISC |
| malwarebytes -- adwcleaner | An Untrusted Search Path vulnerability in Malwarebytes AdwCleaner before 8.0.1 could cause arbitrary code execution with SYSTEM privileges when a malicious DLL library is loaded by the product. | 2019-12-23 | not yet calculated | CVE-2019-19929 MISC MISC MISC |
| mongo-express -- mongo-express | mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method. A misuse of the `vm` dependency to perform `exec` commands in a non-safe environment. | 2019-12-24 | not yet calculated | CVE-2019-10758 MISC |
| motex -- multiple_products | Privilege escalation vulnerability in Multiple MOTEX products (LanScope Cat client program (MR) and LanScope Cat client program (MR)LanScope Cat detection agent (DA) prior to Ver.9.2.1.0, LanScope Cat server monitoring agent (SA, SAE) prior to Ver.9.2.2.0, LanScope An prior to Ver 2.7.7.0 (LanScope An 2 series), and LanScope An prior to Ver 3.0.8.1 (LanScope An 3 series)) allow authenticated attackers to obtain unauthorized privileges and execute arbitrary code. | 2019-12-26 | not yet calculated | CVE-2019-6026 MISC MISC |
| movable_type -- multiple_products | Open redirect vulnerability in Movable Type series Movable Type 7 r.4602 (7.1.3) and earlier (Movable Type 7), Movable Type 6.5.0 and 6.5.1 (Movable Type 6.5), Movable Type 6.3.9 and earlier (Movable Type 6.3.x, 6.2.x, 6.1.x, 6.0.x), Movable Type Advanced 7 r.4602 (7.1.3) and earlier (Movable Type 7), Movable Type Advanced 6.5.0 and 6.5.1 (Movable Type 6.5), Movable Type Advanced 6.3.9 and earlier (Movable Type 6.3.x, 6.2.x, 6.1.x, 6.0.x), Movable Type Premium 1.24 and earlier (Movable Type Premium), and Movable Type Premium (Advanced Edition) 1.24 and earlier (Movable Type Premium) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL. | 2019-12-26 | not yet calculated | CVE-2019-6025 MISC MISC |
| netcommons -- netcommons | Cross-site scripting vulnerability in NetCommons 3.2.2 and earlier (NetCommons3.x) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2019-12-26 | not yet calculated | CVE-2019-6018 MISC MISC |
| nippon_television_network_corporation -- ntv_news24_app | The NTV News24 prior to Ver.3.0.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 2019-12-26 | not yet calculated | CVE-2019-6032 MISC MISC |
| nvidia -- geforce_experience | NVIDIA GeForce Experience, all versions prior to 3.20.2, contains a vulnerability when GameStream is enabled in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges. | 2019-12-24 | not yet calculated | CVE-2019-5702 CONFIRM |
| open_dynamics -- collabtive | Collabtive 1.0 has incorrect access control | 2019-12-27 | not yet calculated | CVE-2013-5027 MISC |
| open_tftp_server_mt -- open_tftp_server_mt | Stack-based overflow vulnerability in the logMess function in Open TFTP Server MT 1.65 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via a long TFTP error packet, a different vulnerability than CVE-2018-10387 and CVE-2019-12568. | 2019-12-23 | not yet calculated | CVE-2019-12567 MISC |
| open_tftp_server_sp -- open_tftp_server_sp | Stack-based overflow vulnerability in the logMess function in Open TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via a long TFTP error packet, a different vulnerability than CVE-2018-10387 and CVE-2019-12567. | 2019-12-23 | not yet calculated | CVE-2019-12568 MISC |
| openjdk -- openjdk | An information disclosure flaw was found in the way the Java Virtual Machine (JVM) implementation of Java SE 7 as provided by OpenJDK 7 incorrectly initialized integer arrays after memory allocation (in certain circumstances they had nonzero elements right after the allocation). A remote attacker could use this flaw to obtain potentially sensitive information. | 2019-12-26 | not yet calculated | CVE-2012-4420 MISC MISC MISC MISC MISC MISC MISC |
| orchestra_technologies -- c1_cms | An issue was discovered in Orckestra C1 CMS through 6.6. The EntityTokenSerializer class in Composite.dll is prone to unvalidated deserialization of wrapped BinaryFormatter payloads, leading to arbitrary remote code execution for any low-privilege user. | 2019-12-23 | not yet calculated | CVE-2019-18211 MISC |
| palo_alto_networks -- pan-os | Improper restriction of communications to Log Forwarding Card (LFC) on PA-7000 Series devices with second-generation Switch Management Card (SMC) may allow an attacker with network access to the LFC to gain root access to PAN-OS. This issue affects PAN-OS 9.0 versions prior to 9.0.5-h3 on PA-7080 and PA-7050 devices with an LFC installed and configured. This issue does not affect PA-7000 Series deployments using the first-generation SMC and the Log Processing Card (LPC). This issue does not affect any other PA series devices. This issue does not affect devices without an LFC. This issue does not affect PAN-OS 8.1 or prior releases. This issue only affected a very limited number of customers and we undertook individual outreach to help them upgrade. At the time of publication, all identified customers have upgraded SW or content and are not impacted. | 2019-12-20 | not yet calculated | CVE-2019-17440 CONFIRM |
| pax-linux -- pax-linux | A locally locally exploitable DOS vulnerability was found in pax-linux versions 2.6.32.33-test79.patch, 2.6.38-test3.patch, and 2.6.37.4-test14.patch. A bad bounds check in arch_get_unmapped_area_topdown triggered by programs doing an mmap after a MAP_GROWSDOWN mmap will create an infinite loop condition without releasing the VM semaphore eventually leading to a system crash. | 2019-12-26 | not yet calculated | CVE-2011-1474 MISC MISC |
| php -- php | In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access. | 2019-12-23 | not yet calculated | CVE-2019-11045 MISC MLIST |
| php -- php | When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. | 2019-12-23 | not yet calculated | CVE-2019-11047 MISC MLIST |
| php -- php | In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP bcmath extension functions on some systems, including Windows, can be tricked into reading beyond the allocated space by supplying it with string containing characters that are identified as numeric by the OS but aren't ASCII numbers. This can read to disclosure of the content of some memory locations. | 2019-12-23 | not yet calculated | CVE-2019-11046 MISC MLIST |
| php -- php | In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 on Windows, PHP link() function accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access. | 2019-12-23 | not yet calculated | CVE-2019-11044 MISC |
| php -- php | In PHP versions 7.3.x below 7.3.13 and 7.4.0 on Windows, when supplying custom headers to mail() function, due to mistake introduced in commit 78f4b4a2dcf92ddbccea1bb95f8390a18ac3342e, if the header is supplied in lowercase, this can result in double-freeing certain memory locations. | 2019-12-23 | not yet calculated | CVE-2019-11049 MISC |
| php -- php | When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. | 2019-12-23 | not yet calculated | CVE-2019-11050 MISC MLIST |
| powercms -- powercms | Open redirect vulnerability in PowerCMS 5.12 and earlier (PowerCMS 5.x), 4.42 and earlier (PowerCMS 4.x), and 3.293 and earlier (PowerCMS 3.x) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL. | 2019-12-26 | not yet calculated | CVE-2019-6020 MISC MISC |
| pylons_project -- waitress | In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests containing special whitespace characters in the Transfer-Encoding header would get parsed by Waitress as being a chunked request, but a front-end server would use the Content-Length instead as the Transfer-Encoding header is considered invalid due to containing invalid characters. If a front-end server does HTTP pipelining to a backend Waitress server this could lead to HTTP request splitting which may lead to potential cache poisoning or unexpected information disclosure. This issue is fixed in Waitress 1.4.1 through more strict HTTP field validation. | 2019-12-26 | not yet calculated | CVE-2019-16789 MISC CONFIRM MISC |
| rakuten -- rakuma_app_for_android_and_ios | Rakuma App for Android version 7.15.0 and earlier, and for iOS version 7.16.4 and earlier allows an attacker to bypass authentication and obtain the user's authentication information via a malicious application created by the third party. | 2019-12-26 | not yet calculated | CVE-2019-6024 MISC MISC MISC |
| ratbox -- ircd_ratbox | ircd-ratbox 3.0.9 mishandles the MONITOR command which allows remote attackers to cause a denial of service (system out-of-memory event). | 2019-12-26 | not yet calculated | CVE-2015-5290 MISC MISC |
| red_hat -- ceph_storage | A flaw was found in Red Hat Ceph Storage version 3 in the way the Ceph RADOS Gateway daemon handles S3 requests. An authenticated attacker can abuse this flaw by causing a remote denial of service by sending a specially crafted HTTP Content-Length header to the Ceph RADOS Gateway server. | 2019-12-23 | not yet calculated | CVE-2019-19337 CONFIRM |
| red_hat -- networkmanager | In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in AdHoc mode, it created an open/insecure network. | 2019-12-26 | not yet calculated | CVE-2012-2736 MISC MISC MISC MISC MISC MISC MISC MISC |
| reliable_controls -- mach-prowebcom/sys | Reliable Controls MACH-ProWebCom/Sys, all versions prior to 2.15 (Firmware versions prior to 8.26.4), may allow attacker to execute commands on behalf of the user when an authenticated user clicks on a malicious link. | 2019-12-24 | not yet calculated | CVE-2019-18249 MISC |
| remise -- payment_module | REMISE Payment Module (2.11, 2.12 and 2.13) version 3.0.12 and earlier allow remote attackers to [Disclosed_Information_type] via unspecified vectors. | 2019-12-26 | not yet calculated | CVE-2019-6017 MISC MISC |
| remise -- payment_module | Cross-site scripting vulnerability in REMISE Payment Module (2.11, 2.12 and 2.13) version 3.0.12 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2019-12-26 | not yet calculated | CVE-2019-6016 MISC MISC |
| ricoh -- library_information_management_system_limedio | Open redirect vulnerability in Library Information Management System LIMEDIO all versions allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL. | 2019-12-26 | not yet calculated | CVE-2019-6021 MISC MISC |
| ruby_gem_features_for_ruby_on_rails -- ruby_gem_features_for_ruby_on_rails | File injection vulnerability in Ruby gem Features 0.3.0 allows remote attackers to inject malicious html in the /tmp directory. | 2019-12-26 | not yet calculated | CVE-2013-4318 MISC MISC |
| sa-exim -- sa-exim | sa-exim 4.2.1 allows attackers to execute arbitrary code if they can write a .cf file or a rule. This occurs because Greylisting.pm relies on eval (rather than direct parsing and/or use of the taint feature). This issue is similar to CVE-2018-11805. | 2019-12-22 | not yet calculated | CVE-2019-19920 MISC MISC MISC |
| samsung -- galaxy_s3/s4_smartphones | Samsung Galaxy S3/S4 exposes an unprotected component allowing an unprivileged app to send arbitrary SMS texts to arbitrary destinations without permission. | 2019-12-27 | not yet calculated | CVE-2013-4764 MISC MISC |
| samsung -- galaxy_s3/s4_smartphones | Samsung Galaxy S3/S4 exposes an unprotected component allowing arbitrary SMS text messages without requesting permission. | 2019-12-27 | not yet calculated | CVE-2013-4763 MISC MISC |
| sencha_labs -- connect | Sencha Labs Connect has XSS with connect.methodOverride() | 2019-12-27 | not yet calculated | CVE-2013-4691 MISC |
| senkas -- kolibri | Buffer overflow in Senkas Kolibri 2.0 allows remote attackers to execute arbitrary code via a long URI in a POST request. | 2019-12-27 | not yet calculated | CVE-2014-5289 MISC BID XF |
| signal -- signal_desktop_on_windows | Signal Desktop before 1.29.1 on Windows allows local users to gain privileges by creating a Trojan horse %SYSTEMDRIVE%\node_modules\.bin\wmic.exe file. | 2019-12-24 | not yet calculated | CVE-2019-19954 MISC MISC |
| sonicwall -- email_security_appliance | A vulnerability in SonicWall Email Security appliance allow an unauthenticated user to perform remote code execution. This vulnerability affected Email Security Appliance version 10.0.2 and earlier. | 2019-12-23 | not yet calculated | CVE-2019-7489 CONFIRM |
| sonicwall -- email_security_appliance | Weak default password cause vulnerability in SonicWall Email Security appliance which leads to attacker gain access to appliance database. This vulnerability affected Email Security Appliance version 10.0.2 and earlier. | 2019-12-23 | not yet calculated | CVE-2019-7488 CONFIRM |
| spbas_-- business_automation_software | SPBAS Business Automation Software 2012 has CSRF. | 2019-12-27 | not yet calculated | CVE-2013-4665 MISC MISC |
| spbas_-- business_automation_software | SPBAS Business Automation Software 2012 has XSS. | 2019-12-27 | not yet calculated | CVE-2013-4664 MISC MISC MISC |
| sqlite -- sqlite | multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880. | 2019-12-23 | not yet calculated | CVE-2019-19926 MISC |
| sqlitte -- sqlite | flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results). | 2019-12-24 | not yet calculated | CVE-2019-19923 MISC |
| sqlitte -- sqlite | zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive. | 2019-12-24 | not yet calculated | CVE-2019-19925 MISC |
| sqlitte -- sqlite | SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling. | 2019-12-24 | not yet calculated | CVE-2019-19924 MISC |
| static_http_server -- static_http_server | Static HTTP Server 1.0 has a Local Overflow | 2019-12-27 | not yet calculated | CVE-2013-4743 MISC MISC |
| symonics -- libmysofa | libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate this issue. | 2019-12-27 | not yet calculated | CVE-2019-20016 MISC MISC MISC |
| system_security_services_daemon -- system_security_services_daemon | A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context. | 2019-12-26 | not yet calculated | CVE-2012-3462 MISC MISC MISC |
| tbeu -- matio | A stack-based buffer over-read was discovered in ReadNextCell in mat5.c in matio 1.5.17. | 2019-12-27 | not yet calculated | CVE-2019-20018 MISC |
| tbeu -- matio | A memory leak was discovered in Mat_VarCalloc in mat.c in matio 1.5.17 because SafeMulDims does not consider the rank==0 case. | 2019-12-27 | not yet calculated | CVE-2019-20052 MISC |
| tbeu -- matio | A stack-based buffer over-read was discovered in ReadNextStructField in mat5.c in matio 1.5.17. | 2019-12-27 | not yet calculated | CVE-2019-20020 MISC |
| tbeu -- matio | A stack-based buffer over-read was discovered in Mat_VarReadNextInfo5 in mat5.c in matio 1.5.17. | 2019-12-27 | not yet calculated | CVE-2019-20017 MISC |
| tbeu -- matio | An attempted excessive memory allocation was discovered in Mat_VarRead5 in mat5.c in matio 1.5.17. | 2019-12-27 | not yet calculated | CVE-2019-20019 MISC |
| tenable -- nessus | Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would potentially impact other admins (Tenable IDs 5218 and 5269). | 2019-12-27 | not yet calculated | CVE-2016-1000029 MISC MISC MISC |
| tenable -- nessus | Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would only potentially impact other admins. (Tenable ID 5198). | 2019-12-27 | not yet calculated | CVE-2016-1000028 MISC MISC CONFIRM |
| tftp_server_mt -- tftp_server_mt | Format string vulnerability in the logMess function in TFTP Server MT 1.65 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet. | 2019-12-23 | not yet calculated | CVE-2018-10389 MISC |
| tftp_server_sp -- tftp_server_sp | Heap-based overflow vulnerability in TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or possibly execute arbitrary code via a long TFTP error packet, a different vulnerability than CVE-2008-2161. | 2019-12-23 | not yet calculated | CVE-2018-10387 MISC |
| tftp_server_sp -- tftp_server_sp | Format string vulnerability in the logMess function in TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet. | 2019-12-23 | not yet calculated | CVE-2018-10388 MISC |
| thttpd -- thttpd | thttpd 2007 has buffer underflow. | 2019-12-27 | not yet calculated | CVE-2007-0158 MISC |
| tigervnc -- tigervnc | TigerVNC version prior to 1.10.1 is vulnerable to stack buffer overflow, which could be triggered from CMsgReader::readSetCursor. This vulnerability occurs due to insufficient sanitization of PixelFormat. Since remote attacker can choose offset from start of the buffer to start writing his values, exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity. | 2019-12-26 | not yet calculated | CVE-2019-15695 MISC MISC MLIST |
| tigervnc -- tigervnc | TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which occurs in TightDecoder::FilterGradient. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity. | 2019-12-26 | not yet calculated | CVE-2019-15693 MISC MISC MLIST |
| tigervnc -- tigervnc | TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow. Vulnerability could be triggered from CopyRectDecoder due to incorrect value checks. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity. | 2019-12-26 | not yet calculated | CVE-2019-15692 MISC MISC MLIST |
| tigervnc -- tigervnc | TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which could be triggered from DecodeManager::decodeRect. Vulnerability occurs due to the signdness error in processing MemOutStream. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity. | 2019-12-26 | not yet calculated | CVE-2019-15694 MISC MISC MLIST |
| tigervnc -- tigervnc | TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack memory in ZRLEDecoder. If decoding routine would throw an exception, ZRLEDecoder may try to access stack variable, which has been already freed during the process of stack unwinding. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity. | 2019-12-26 | not yet calculated | CVE-2019-15691 MISC MISC MLIST |
| toshiba -- configfree_utility | Multiple stack-based buffer overflows in CFProfile.exe in Toshiba ConfigFree Utility 8.0.38 allow user-assisted attackers to execute arbitrary code. | 2019-12-27 | not yet calculated | CVE-2012-4980 BID XF |
| trend_micro -- antivirus_for_mac | A privilege escalation vulnerability in Trend Micro Antivirus for Mac 2019 (v9.0.1379 and below) could potentially allow an attacker to create a symbolic link to a target file and modify it. | 2019-12-24 | not yet calculated | CVE-2019-19695 N/A |
| upc -- connect_box_eurodocsis_voice_gateway_devices | The Administration page on Connect Box EuroDOCSIS 3.0 Voice Gateway CH7465LG-NCIP-6.12.18.25-2p6-NOSH devices accepts a cleartext password in a POST request on port 80, as demonstrated by the Password field to the xml/setter.xml URI. | 2019-12-25 | not yet calculated | CVE-2019-19967 MISC |
| upx -- upx | A heap-based buffer over-read was discovered in canUnpack in p_mach.cpp in UPX 3.95 via a crafted Mach-O file. | 2019-12-27 | not yet calculated | CVE-2019-20021 MISC |
| upx -- upx | A floating-point exception was discovered in PackLinuxElf::elf_hash in p_lx_elf.cpp in UPX 3.95. The vulnerability causes an application crash, which leads to denial of service. | 2019-12-27 | not yet calculated | CVE-2019-20051 MISC |
| upx -- upx | An invalid memory address dereference was discovered in the canUnpack function in p_mach.cpp in UPX 3.95 via a crafted Mach-O file. | 2019-12-27 | not yet calculated | CVE-2019-20053 MISC |
| virglrenderer_project -- virglrenderer | An out-of-bounds read in the vrend_blit_need_swizzle function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_BLIT commands. | 2019-12-23 | not yet calculated | CVE-2019-18390 REDHAT MISC MISC MISC |
| virglrenderer_project -- virglrenderer | A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service, or QEMU guest-to-host escape and code execution, via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands. | 2019-12-23 | not yet calculated | CVE-2019-18389 REDHAT MISC MISC MISC |
| virglrenderer_project -- virglrenderer | A NULL pointer dereference in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via malformed commands. | 2019-12-23 | not yet calculated | CVE-2019-18388 REDHAT MISC MISC MISC |
| virglrenderer_project -- virglrenderer | A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands. | 2019-12-23 | not yet calculated | CVE-2019-18391 REDHAT MISC MISC MISC |
| vivotek -- multiple_ip_cameras | Multiple Vivotek IP Cameras remote authentication bypass that could allow access to the video stream | 2019-12-27 | not yet calculated | CVE-2013-4985 MISC MISC MISC |
| vmware -- workstation_and_horizon_view_agent | VMware Workstation (15.x prior to 15.5.1) and Horizon View Agent (7.10.x prior to 7.10.1 and 7.5.x prior to 7.5.4) contain a DLL hijacking vulnerability due to insecure loading of a DLL by Cortado Thinprint. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to administrator on a Windows machine where Workstation or View Agent is installed. | 2019-12-23 | not yet calculated | CVE-2019-5539 CONFIRM |
| wecon -- plc_editor | Multiple buffer overflow vulnerabilities exist when the PLC Editor Version 1.3.5_20190129 processes project files. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application. | 2019-12-23 | not yet calculated | CVE-2019-18236 MISC |
| winamp -- winamp | Winamp 5.63: Invalid Pointer Dereference leading to Arbitrary Code Execution | 2019-12-27 | not yet calculated | CVE-2013-4695 MISC MISC |
| wolfssl -- wolfssl | An issue was discovered in wolfSSL before 4.3.0 in a non-default configuration where DSA is enabled. DSA signing uses the BEEA algorithm during modular inversion of the nonce, leading to a side-channel attack against the nonce. | 2019-12-25 | not yet calculated | CVE-2019-19963 MISC MISC |
| wolfssl -- wolfssl | In wolfSSL before 4.3.0, wc_ecc_mulmod_ex does not properly resist side-channel attacks. | 2019-12-25 | not yet calculated | CVE-2019-19960 MISC MISC |
| wolfssl -- wolfssl | wolfSSL before 4.3.0 mishandles calls to wc_SignatureGenerateHash, leading to fault injection in RSA cryptography. | 2019-12-25 | not yet calculated | CVE-2019-19962 MISC MISC |
| wordpress -- wordpress | In WordPress before 5.3.1, authenticated users with lower privileges (like contributors) can inject JavaScript code in the block editor, which is executed within the dashboard. It can lead to an admin opening the affected post in the editor leading to XSS. | 2019-12-26 | not yet calculated | CVE-2019-16781 CONFIRM MISC MISC MISC |
| wordpress -- wordpress | The ListingPro theme before v2.0.14.2 for WordPress has Reflected XSS via the What field on the homepage. | 2019-12-26 | not yet calculated | CVE-2019-19540 MISC |
| wordpress -- wordpress | The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed for CSRF to be exploited on all plugin settings. | 2019-12-26 | not yet calculated | CVE-2019-19981 MISC MISC |
| wordpress -- wordpress | Cross-site scripting vulnerability in Custom Body Class 0.6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2019-12-26 | not yet calculated | CVE-2019-6029 MISC MISC |
| wordpress -- wordpress | Cross-site request forgery (CSRF) vulnerability in Custom Body Class 0.6.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 2019-12-26 | not yet calculated | CVE-2019-6030 MISC MISC |
| wordpress -- wordpress | Multiple cross-site scripting (XSS) vulnerabilities in test-plugin.php in the Swipe Checkout for WP e-Commerce plugin 3.1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) api_key, (2) payment_page_url, (3) merchant_id, (4) api_url, or (5) currency parameter. | 2019-12-27 | not yet calculated | CVE-2014-4559 MISC |
| wordpress -- wordpress | The ListingPro theme before v2.0.14.2 for WordPress has Persistent XSS via the Good For field on the new listing submit page. | 2019-12-26 | not yet calculated | CVE-2019-19542 MISC |
| wordpress -- wordpress | Cross-site scripting (XSS) vulnerability in test-plugin.php in the Swipe Checkout for WooCommerce plugin 2.7.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the api_url parameter. | 2019-12-27 | not yet calculated | CVE-2014-4558 MISC |
| wordpress -- wordpress | The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a privilege bypass flaw that allowed authenticated users (Subscriber or greater access) to send test emails from the administrative dashboard on behalf of an administrator. This occurs because the plugin registers a wp_ajax function to send_test_email. | 2019-12-26 | not yet calculated | CVE-2019-19980 MISC MISC |
| wordpress -- wordpress | WordPress users with lower privileges (like contributors) can inject JavaScript code in the block editor using a specific payload, which is executed within the dashboard. This can lead to XSS if an admin opens the post in the editor. Execution of this attack does require an authenticated user. This has been patched in WordPress 5.3.1, along with all the previous WordPress versions from 3.7 to 5.3 via a minor release. Automatic updates are enabled by default for minor releases and we strongly recommend that you keep them enabled. | 2019-12-26 | not yet calculated | CVE-2019-16780 MISC CONFIRM MISC MISC MISC |
| wordpress -- wordpress | SQL injection vulnerability in the wpDataTables Lite Version 2.0.11 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | 2019-12-26 | not yet calculated | CVE-2019-6012 MISC MISC |
| wordpress -- wordpress | Cross-site scripting (XSS) vulnerability in the Movies plugin 0.6 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php. | 2019-12-27 | not yet calculated | CVE-2014-4539 MISC |
| wordpress -- wordpress | Cross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slashbox.php in the Ebay Feeds for WordPress plugin 1.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the rss_url parameter. | 2019-12-27 | not yet calculated | CVE-2014-4525 MISC CONFIRM |
| wordpress -- wordpress | The ListingPro theme before v2.0.14.2 for WordPress has Persistent XSS via the Best Day/Night field on the new listing submit page. | 2019-12-26 | not yet calculated | CVE-2019-19541 MISC |
| wordpress -- wordpress | Multiple cross-site scripting (XSS) vulnerabilities in tests/notAuto_test_ContactService_pauseCampaign.php in the Infusionsoft Gravity Forms plugin before 1.5.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) go, (2) contactId, or (3) campaignId parameter. | 2019-12-27 | not yet calculated | CVE-2014-4536 MISC CONFIRM |
| wordpress -- wordpress | Cross-site scripting (XSS) vulnerability in the Easy Career Openings plugin 0.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. | 2019-12-27 | not yet calculated | CVE-2014-4523 MISC |
| wordpress -- wordpress | Cross-site scripting (XSS) vulnerability in rss.class/scripts/magpie_debug.php in the WP-Planet plugin 0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the url parameter. | 2019-12-27 | not yet calculated | CVE-2014-4592 MISC |
| wordpress -- wordpress | Cross-site scripting (XSS) vulnerability in tinymce/popup.php in the Ruven Toolkit plugin 1.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the popup parameter. | 2019-12-27 | not yet calculated | CVE-2014-4548 MISC |
| wordpress -- wordpress | The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed for unauthenticated option creation. In order to exploit this vulnerability, an attacker would need to send a /wp-admin/admin-post.php?es_skip=1&option_name= request. | 2019-12-26 | not yet calculated | CVE-2019-19982 MISC MISC |
| wordpress -- wordpress | Cross-site scripting (XSS) vulnerability in comments/videowhisper2/r_logout.php in the Video Comments Webcam Recorder plugin 1.55, as downloaded before 20140116 for WordPress allows remote attackers to inject arbitrary web script or HTML via the message parameter. | 2019-12-27 | not yet calculated | CVE-2014-4567 MISC CONFIRM |
| wordpress -- wordpress | Cross-site scripting (XSS) vulnerability in the Conversador plugin 2.61 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the 'page' parameter. | 2019-12-27 | not yet calculated | CVE-2014-4519 MISC |
| wordpress -- wordpress | wp_kses_bad_protocol in wp-includes/kses.php in WordPress before 5.3.1 mishandles the HTML5 colon named entity, allowing attackers to bypass input sanitization, as demonstrated by the javascript: substring. | 2019-12-27 | not yet calculated | CVE-2019-20041 MISC MISC |
| wordpress -- wordpress | The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed unauthenticated file download with user information disclosure. | 2019-12-26 | not yet calculated | CVE-2019-19985 MISC MISC |
| wordpress -- wordpress | WordPress Xorbin Digital Flash Clock 1.0 has XSS | 2019-12-27 | not yet calculated | CVE-2013-4693 MISC |
| wordpress -- wordpress | Cross-site scripting vulnerability in wpDataTables Lite Version 2.0.11 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2019-12-26 | not yet calculated | CVE-2019-6011 MISC MISC |
| wordpress -- wordpress | Cross-site scripting (XSS) vulnerability in preview-shortcode-external.php in the Shortcode Ninja plugin 1.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the shortcode parameter. | 2019-12-27 | not yet calculated | CVE-2014-4550 MISC |
| wordpress -- wordpress | WordPress before 5.3.1 allowed an unauthenticated user to make a post sticky through the REST API because of missing access control in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php. | 2019-12-27 | not yet calculated | CVE-2019-20043 MISC MISC MISC MISC |
| wordpress -- wordpress | WordPress W3 Super Cache Plugin before 1.3.2 contains a PHP code-execution vulnerability which could allow remote attackers to inject arbitrary code. This issue exists because of an incomplete fix for CVE-2013-2009. | 2019-12-26 | not yet calculated | CVE-2013-2011 MISC MISC MISC MISC |
| wordpress -- wordpress | The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed users with edit_post capabilities to manage plugin settings and email campaigns. | 2019-12-26 | not yet calculated | CVE-2019-19984 MISC MISC |
| wordpress -- wordpress | A flaw in the WordPress plugin, WP Maintenance before 5.0.6, allowed attackers to enable a vulnerable site's maintenance mode and inject malicious code affecting site visitors. There was CSRF with resultant XSS. | 2019-12-26 | not yet calculated | CVE-2019-19979 MISC MISC |
| wordpress -- wordpress | Cross-site request forgery (CSRF) vulnerability in WP Spell Check 7.1.9 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 2019-12-26 | not yet calculated | CVE-2019-6027 MISC MISC |
| wordpress -- wordpress | WordPress before 5.3.1 allowed an attacker to create a cross-site scripting attack (XSS) in well crafted links, because of an insufficient protection mechanism in wp_targeted_link_rel in wp-includes/formatting.php. | 2019-12-27 | not yet calculated | CVE-2019-20042 MISC MISC MISC MISC MISC |
| wordpress -- wordpress | Cross-site scripting (XSS) vulnerability in the Import Legacy Media plugin 0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php. | 2019-12-27 | not yet calculated | CVE-2014-4535 MISC |
| wordpress -- wordpress | Cross-site scripting (XSS) vulnerability in the Podcast Channels plugin 0.20 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the Filename parameter to getid3/demos/demo.write.php. | 2019-12-27 | not yet calculated | CVE-2014-4544 MISC |
| wordpress -- wordpress | In the WordPress plugin, Fast Velocity Minify before 2.7.7, the full web root path to the running WordPress application can be discovered. In order to exploit this vulnerability, FVM Debug Mode needs to be enabled and an admin-ajax request needs to call the fastvelocity_min_files action. | 2019-12-26 | not yet calculated | CVE-2019-19983 MISC MISC |
| xiuno -- bbs | Xiuno BBS 4.0 allows XXE via plugin/xn_wechat_public/route/token.php. | 2019-12-26 | not yet calculated | CVE-2019-19998 MISC |
| yahoo -- athenz | Open redirect vulnerability in Athenz v1.8.24 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted page. | 2019-12-26 | not yet calculated | CVE-2019-6035 MISC MISC MISC |
| yokogawa -- multiple_products_for_windows | An unquoted search path vulnerability in Multiple Yokogawa products for Windows (Exaopc (R1.01.00 ? R3.77.00), Exaplog (R1.10.00 ? R3.40.00), Exaquantum (R1.10.00 ? R3.02.00 and R3.15.00), Exaquantum/Batch (R1.01.00 ? R2.50.40), Exasmoc (all revisions), Exarqe (all revisions), GA10 (R1.01.01 ? R3.05.01), and InsightSuiteAE (R1.01.00 ? R1.06.00)) allow local users to gain privileges via a Trojan horse executable file and execute arbitrary code with eleveted privileges. | 2019-12-26 | not yet calculated | CVE-2019-6008 MISC MISC |
| zte -- zxcloud_goldendata_vap | All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have an information disclosure vulnerability. Attackers could use this vulnerability to collect data information and damage the system. | 2019-12-23 | not yet calculated | CVE-2019-3430 CONFIRM |
| zte -- zxcloud_goldendata_vap | All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have encryption problems vulnerability. Attackers could sniff unencrypted account and password through the network for front-end system access. | 2019-12-23 | not yet calculated | CVE-2019-3431 CONFIRM |
| zte -- zxcloud_goldendata_vap | All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have a file reading vulnerability. Attackers could obtain log file information without authorization, causing the disclosure of sensitive information. | 2019-12-23 | not yet calculated | CVE-2019-3429 CONFIRM |
Please share your thoughts
We recently updated our anonymous product survey; we’d welcome your feedback.