Post sponsored by NewzEngine.com

Source: US Computer Emergency Readiness Team

360 — multiple_routers A command injection vulnerability exists when the authorized user passes crafted parameter to background process in the router. This affects 360 router series products (360 Safe Router P0,P1,P2,P3,P4), the affected version is V2.0.61.58897. 2019-11-04 6.5 CVE-2018-19031
MISC alqo — alqo alqo through 4.1 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim’s disk. 2019-11-05 5 CVE-2018-19161
MISC
MISC amazon_web_services — freertos+fat Real Time Engineers FreeRTOS+FAT 160919a has a use after free. The function FF_Close() is defined in ff_file.c. The file handler pxFile is freed by ffconfigFREE, which (by default) is a macro definition of vPortFree(), but it is reused to flush modified file content from the cache to disk by the function FF_FlushCache(). 2019-11-04 5 CVE-2019-18178
MISC atlassian — jira An issue was discovered in the Infosysta “In-App & Desktop Notifications” app before 1.6.14_J8 for Jira. It is possible to obtain a list of all Jira projects (with authentication as a Jira user, but without authorization for specific projects) via the plugins/servlet/nfj/NotificationSettings URI. 2019-11-01 4 CVE-2019-16909
MISC
MISC atlassian — jira An issue was discovered in the Infosysta “In-App & Desktop Notifications” app before 1.6.14_J8 for Jira. It is possible to obtain a list of all Jira projects without authentication/authorization via the plugins/servlet/nfj/ProjectFilter?searchQuery= URI. 2019-11-01 5 CVE-2019-16908
MISC
MISC avast — antivirus A Cross Site Scripting (XSS) issue exists in Avast AntiVirus (Free, Internet Security, and Premiere Edition) 19.3.2369 build 19.3.4241.440 in the Network Notification Popup, allowing an attacker to execute JavaScript code via an SSID Name. 2019-11-01 4.3 CVE-2019-18653
MISC
MISC avg_technologies — antivirus A Cross Site Scripting (XSS) issue exists in AVG AntiVirus (Internet Security Edition) 19.3.3084 build 19.3.4241.440 in the Network Notification Popup, allowing an attacker to execute JavaScript code via an SSID Name. 2019-11-01 4.3 CVE-2019-18654
MISC
MISC broadcom — brocade_sannav A vulnerability, in The ReportsTrustManager class of Brocade SANnav versions before v2.0, could allow an attacker to perform a man-in-the-middle attack against Secure Sockets Layer(SSL)connections. 2019-11-08 5.8 CVE-2019-16209
CONFIRM broadcom — brocade_sannav Brocade SANnav versions before v2.0 use a hard-coded password, which could allow local authenticated attackers to access a back-end database and gain privileges. 2019-11-08 4.6 CVE-2019-16207
CONFIRM centurylink — technicolor_c2000t_and_c2100t_modems Technicolor C2000T and C2100T uses hard-coded cryptographic keys. 2019-11-06 4.3 CVE-2015-7276
MISC
MISC cisco — enterprise_chat_and_email A vulnerability in the HTTP API of Cisco Enterprise Chat and Email could allow an unauthenticated, remote attacker to download files attached through chat sessions. The vulnerability is due to insufficient authentication mechanisms on the file download function of the API. An attacker could exploit this vulnerability by sending a crafted request to the API. A successful exploit could allow the attacker to download files that other users attach through the chat feature. This vulnerability affects versions prior to 12.0(1)ES1. 2019-11-05 4.3 CVE-2019-1877
CISCO cisco — multiple_products A vulnerability in the stream reassembly component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper reassembly of traffic streams. An attacker could exploit this vulnerability by sending crafted streams through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems that would otherwise be blocked. 2019-11-05 5 CVE-2019-1978
CISCO cisco — multiple_products A vulnerability in the protocol detection component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper detection of the initial use of a protocol on a nonstandard port. An attacker could exploit this vulnerability by sending traffic on a nonstandard port for the protocol in use through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems that would otherwise be blocked. Once the initial protocol flow on the nonstandard port is detected, future flows on the nonstandard port will be successfully detected and handled as configured by the applied policy. 2019-11-05 5 CVE-2019-1980
CISCO cisco — multiple_products A vulnerability in the normalization functionality of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to insufficient normalization of a text-based payload. An attacker could exploit this vulnerability by sending traffic that contains specifically obfuscated payloads through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious payloads to protected systems that would otherwise be blocked. 2019-11-05 5 CVE-2019-1981
CISCO cisco — multiple_products A vulnerability in the HTTP traffic filtering component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper handling of HTTP requests, including those communicated over a secure HTTPS connection, that contain maliciously crafted headers. An attacker could exploit this vulnerability by sending malicious requests to an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems, allowing attackers to deliver malicious content that would otherwise be blocked. 2019-11-05 5 CVE-2019-1982
CISCO cisco — telepresence_advanced_media_gateway A vulnerability in the web application of Cisco TelePresence Advanced Media Gateway could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the lack of input validation in the web application. An attacker could exploit this vulnerability by sending a crafted authenticated HTTP request to the device. An exploit could allow the attacker to stop services on an affected device. The device may become inoperable and results in a denial of service (DoS) condition. 2019-11-05 6.8 CVE-2019-15966
CISCO clamav — clamav ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system. 2019-11-05 5 CVE-2019-12625
MISC clamav — clamav ClamAV versions prior to 0.101.2 are susceptible to a denial of service (DoS) vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result of inadequate bound-checking. 2019-11-05 5 CVE-2019-1789
MISC cloakcoin — cloakcoin CloakCoin through 2.2.2.0 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim’s disk. 2019-11-05 5 CVE-2018-19167
MISC
MISC computing_for_good — basic_laboratory_information_system Computing For Good’s Basic Laboratory Information System (also known as C4G BLIS) version 3.5 and earlier suffers from an instance of CWE-284, “Improper Access Control.” As a result, an unauthenticated user may enumerate the user names and facility names in use on a particular installation. 2019-11-06 5 CVE-2019-5643
MISC cryptocat_project — cryptocat Cryptocat before 2.0.22: cryptocat.js handlePresence() has cross site scripting 2019-11-05 4.3 CVE-2013-4107
MISC
MISC
MISC
MISC cryptocat_project — cryptocat Cryptocat before 2.0.22 has Remote Denial of Service via username 2019-11-04 5 CVE-2013-4100
MISC
MISC
MISC
MISC cryptocat_project — cryptocat Cryptocat before 2.0.22 has Multiparty Encryption Scheme Information Disclosure 2019-11-04 5 CVE-2013-4105
MISC
MISC
MISC cryptocat_project — cryptocat Cryptocat before 2.0.22 Link Markup Decorator HTML Handling Weakness 2019-11-04 5 CVE-2013-4101
MISC
MISC
MISC cryptocat_project — cryptocat Cryptocat has an Unspecified Chat Participant User List Disclosure 2019-11-05 5 CVE-2013-4110
MISC
MISC
MISC
MISC cryptocat_project — cryptocat Cryptocat strophe.js before 2.0.22 has information disclosure 2019-11-04 5 CVE-2013-2262
MISC
MISC
MISC
MISC cryptocat_project — cryptocat Cryptocat before 2.0.22 strophe.js Math.random() Random Number Generator Weakness 2019-11-04 6.4 CVE-2013-4102
MISC
MISC
MISC
MISC cryptocat_project — cryptocat Cryptocat before 2.0.22: Cryptocat.random() Function Array Key has Entropy Weakness 2019-11-04 5 CVE-2013-2260
MISC
MISC
MISC
MISC cryptocat_project — cryptocat Cryptocat before 2.0.22 Chrome Extension ‘img/keygen.gif’ has Information Disclosure 2019-11-04 5 CVE-2013-2261
MISC
MISC
MISC cryptocat_project — cryptocat Cryptocat before 2.0.22 has weak encryption in the Socialist Millionnaire Protocol 2019-11-04 5 CVE-2013-4104
MISC
MISC
MISC
MISC cryptocat_project — cryptocat Cryptocat before 2.0.22 has Nickname User Impersonation 2019-11-04 5 CVE-2013-2258
MISC
MISC
MISC cryptocat_project — cryptocat
  Cryptocat before 2.0.42 has Group Chat ECC Private Key Generation Brute Force Weakness 2019-11-04 5 CVE-2013-2257
MISC
MISC
MISC diamond — diamond Diamond through 3.0.1.2 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim’s disk. 2019-11-05 5 CVE-2018-19160
MISC
MISC divi_project — divi Divi through 4.0.5 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim’s disk. 2019-11-05 5 CVE-2018-19162
MISC
MISC djvulibre — djvulibre DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU::filter_fv at IW44EncodeCodec.cpp. 2019-11-07 5 CVE-2019-18804
MISC
MLIST
MISC eclipse — jetty Cookie Dump Servlet stored XSS vulnerability in jetty though 6.1.20. 2019-11-06 4.3 CVE-2009-5048
MISC
MISC
MLIST eclipse — jetty WebApp JSP Snoop page XSS in jetty though 6.1.21. 2019-11-06 4.3 CVE-2009-5049
MISC
MISC
MLIST emercoin — emercoin emercoin through 0.7 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service. The attacker sends invalid headers/blocks. The attack requires no stake and can fill the victim’s disk and RAM. 2019-11-05 5 CVE-2018-19152
MISC
MISC f5 — big-ip On BIG-IP AFM 15.0.0-15.0.1, 14.0.0-14.1.2, 13.1.0-13.1.3.1, and 12.1.0-12.1.5, a vulnerability in the AFM configuration utility may allow any authenticated BIG-IP user to run an SQL injection attack. 2019-11-01 4 CVE-2019-6658
CONFIRM f5 — big-ip On BIG-IP 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, a reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Traffic Management User Interface (TMUI), also known as the BIG-IP Configuration utility. 2019-11-01 4.3 CVE-2019-6657
CONFIRM fastweb — fastgate Fastweb FASTGate 1.0.1b devices allow partial authentication bypass by changing a certain check_pwd return value from 0 to 1. An attack does not achieve administrative control of a device; however, the attacker can view all of the web pages of the administration console. 2019-11-02 5 CVE-2019-18661
MISC
MISC federal_communications_commission — wireless_emergency_alerts The Wireless Emergency Alerts (WEA) protocol allows remote attackers to spoof a Presidential Alert because cryptographic authentication is not used, as demonstrated by MessageIdentifier 4370 in LTE System Information Block 12 (aka SIB12). NOTE: testing inside an RF-isolated shield box suggested that all LTE phones are affected by design (e.g., use of Android versus iOS does not matter); testing in an open RF environment is, of course, contraindicated. 2019-11-02 5 CVE-2019-18659
MISC forcepoint — email_security It has been reported that XSS is possible in Forcepoint Email Security, versions 8.5 and 8.5.3. It is strongly recommended that you apply the relevant hotfix in order to remediate this issue. 2019-11-05 4.3 CVE-2019-6142
CONFIRM foswiki — foswiki Foswiki before 1.1.8 contains a code injection vulnerability in the MAKETEXT macro. 2019-11-01 6.8 CVE-2013-1666
CONFIRM
MISC
MISC
MISC freebsd — nsd FreeBSD NSD before 3.2.13 allows remote attackers to crash a NSD child server process (SIGSEGV) and cause a denial of service in the NSD server. 2019-11-01 4.3 CVE-2012-2979
MISC
CONFIRM
MISC glpi_project — glpi GLPI 0.83.7 has Local File Inclusion in common.tabs.php. 2019-11-01 5 CVE-2013-2227
MISC
MISC
MISC
MISC
MISC gnome — evince evince is missing a check on number of pages which can lead to a segmentation fault 2019-11-01 4.3 CVE-2013-3718
MISC
MISC
MISC
MISC gnu — glibc slim has NULL pointer dereference when using crypt() method from glibc 2.17 2019-11-04 5 CVE-2013-4412
MISC
MISC
MISC
MISC
MISC
MISC gnuboard — gnuboard5 GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the “board tail contents” parameter, aka the adm/board_form_update.php bo_content_tail parameter. 2019-11-07 4.3 CVE-2018-18674
MISC
MISC
MISC gource — gource Gource through 0.26 logs to a predictable file name (/tmp/gource-$UID.tmp), enabling attackers to overwrite an arbitrary file via a symlink attack. 2019-11-07 5.5 CVE-2010-2449
CONFIRM
MISC
BID gs-gpl — gs-gpl I race condition in Temp files was found in gs-gpl before 8.56 addons scripts. 2019-11-01 6.8 CVE-2005-2352
MISC
MISC horde — groupware_webmail_edition Multiple CSRF issues in Horde Groupware Webmail Edition 5.1.2 and earlier in basic.php. 2019-11-05 4.3 CVE-2013-6275
MISC
MISC
MISC
MISC
MISC
MISC
MISC htmlcoin — htmlcoin HTMLCOIN through 2.12 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service. The attacker sends invalid headers/blocks. The attack requires no stake and can fill the victim’s disk and RAM. 2019-11-05 5 CVE-2018-19154
MISC
MISC icoutils — icoutils The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable. 2019-11-04 6.8 CVE-2017-5332
SUSE
SUSE
SUSE
REDHAT
DEBIAN
MLIST
BID
UBUNTU
CONFIRM
CONFIRM icoutils — icoutils Integer overflow in the check_offset function in b/wrestool/fileread.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable. 2019-11-04 4.6 CVE-2017-5331
SUSE
SUSE
SUSE
DEBIAN
MLIST
BID
UBUNTU
CONFIRM icoutils — icoutils Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) or execute arbitrary code via a crafted executable file. 2019-11-04 6.8 CVE-2017-5333
SUSE
SUSE
SUSE
REDHAT
DEBIAN
MLIST
BID
UBUNTU
CONFIRM
CONFIRM internet_systems_consortium — bind There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. All releases of dhcpd from ISC contain copies of this, and other, BIND libraries in combinations that have been tested prior to release and are known to not present issues like this. Some third-party packagers of ISC software have modified the dhcpd source, BIND source, or version matchup in ways that create the crash potential. Based on reports available to ISC, the crash probability is large and no analysis has been done on how, or even if, the probability can be manipulated by an attacker. Affects: Builds of dhcpd versions prior to version 4.4.1 when using BIND versions 9.11.2 or later, or BIND versions with specific bug fixes backported to them. ISC does not have access to comprehensive version lists for all repackagings of dhcpd that are vulnerable. In particular, builds from other vendors may also be affected. Operators are advised to consult their vendor documentation. 2019-11-01 5 CVE-2019-6470
CONFIRM
REDHAT
CONFIRM
CONFIRM
CONFIRM investintech — able2extract_professional An exploitable memory corruption vulnerability exists in Investintech Able2Extract Professional 4.0.7 x64. A specially crafted JPEG file can cause an out-of-bounds memory write, allowing an attacker to execute arbitrary code on the victim machine. An attacker could exploit a vulnerability by providing the user with a specially crafted JPEG file. 2019-11-05 6.8 CVE-2019-5089
MISC investintech — able2extract_professional An exploitable memory corruption vulnerability exists in Investintech Able2Extract Professional 14.0.7 x64. A specially crafted BMP file can cause an out-of-bounds memory write, allowing a potential attacker to execute arbitrary code on the victim machine. Can trigger this vulnerability by sending the user a specially crafted BMP file. 2019-11-05 6.8 CVE-2019-5088
MISC joomla! — joomla! An issue was discovered in Joomla! before 3.9.13. A missing access check in the phputf8 mapping files could lead to a path disclosure. 2019-11-06 5 CVE-2019-18674
MISC joomla! — joomla! An issue was discovered in Joomla! before 3.9.13. A missing token check in com_template causes a CSRF vulnerability. 2019-11-06 6.8 CVE-2019-18650
MISC konversation — konversation konversation before 1.2.3 allows attackers to cause a denial of service. 2019-11-06 5 CVE-2009-5050
MISC
MISC
MLIST kubernetes — kube-state-metrics A security issue was discovered in the kube-state-metrics versions v1.7.0 and v1.7.1. An experimental feature was added to the v1.7.0 release that enabled annotations to be exposed as metrics. By default, the kube-state-metrics metrics only expose metadata about Secrets. However, a combination of the default `kubectl` behavior and this new feature can cause the entire secret content to end up in metric labels thus inadvertently exposing the secret content in metrics. This feature has been reverted and released as the v1.7.2 release. If you are running the v1.7.0 or v1.7.1 release, please upgrade to the v1.7.2 release as soon as possible. 2019-11-05 4 CVE-2019-10223
CONFIRM
MISC lead_technologies — leadtools An exploitable heap overflow vulnerability exists in the JPEG2000 parsing functionality of LEADTOOLS 20. A specially crafted J2K image file can cause an out of bounds write of a heap buffer, potentially resulting in code execution. An attack can specially craft a J2K image to trigger this vulnerability. 2019-11-06 6.8 CVE-2019-5125
MISC lead_technologies — leadtools An exploitable heap out-of-bounds write vulnerability exists in the TIF-parsing functionality of LEADTOOLS 20. A specially crafted TIF image can cause an offset beyond the bounds of a heap allocation to be written, potentially resulting in code execution. An attacker can specially craft a TIF image to trigger this vulnerability. 2019-11-06 6.8 CVE-2019-5084
MISC lead_technologies — leadtools An exploitable integer overflow vulnerability exists in the BMP header parsing functionality of LEADTOOLS 20. A specially crafted BMP image file can cause an integer overflow, potentially resulting in code execution. An attacker can specially craft a BMP image to trigger this vulnerability. 2019-11-06 6.8 CVE-2019-5100
MISC lead_technologies — leadtools An exploitable integer underflow vulnerability exists in the CMP-parsing functionality of LEADTOOLS 20. A specially crafted CMP image file can cause an integer underflow, potentially resulting in code execution. An attacker can specially craft a CMP image to trigger this vulnerability. 2019-11-06 6.8 CVE-2019-5099
MISC linux — linux_kernel Two memory leaks in the sja1105_static_config_upload() function in drivers/net/dsa/sja1105/sja1105_spi.c in the Linux kernel before 5.3.5 allow attackers to cause a denial of service (memory consumption) by triggering static_config_buf_prepare_for_upload() or sja1105_inhibit_tx() failures, aka CID-68501df92d11. 2019-11-07 5 CVE-2019-18807
MISC
MISC linux — linux_kernel ovirt-engine 3.2 running on Linux kernel 3.1 and newer creates certain files world-writeable due to an upstream kernel change which impacted how python’s os.chmod() works when passed a mode of ‘-1’. 2019-11-01 4.6 CVE-2013-4367
MISC
MISC linux — linux_kernel A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247. 2019-11-07 5 CVE-2019-18808
MISC linux — linux_kernel An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem). These issues are caused by wrong mutex locking in vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and the corresponding kthreads. At least one of these race conditions leads to a use-after-free. 2019-11-04 6.9 CVE-2019-18683
MLIST
MISC
MISC luxcore — luxcoin lux through 5.2.2 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim’s disk. 2019-11-05 5 CVE-2018-19159
MISC
MISC magento — magento A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with admin privileges to manipulate shippment settings can execute arbitrary code through server-side request forgery due to unsafe handling of a carrier gateway. 2019-11-06 6.5 CVE-2019-8151
MISC magento — magento A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with access to email templates can send malicious SQL queries and obtain access to sensitive information stored in the database. 2019-11-06 4 CVE-2019-8143
MISC magento — magento Insecure authentication and session management vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An unauthenticated user can leverage a guest session id value following a successful login to gain access to customer account index page. 2019-11-05 5 CVE-2019-8116
MISC magento — magento Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1 uses cryptographically weak random number generator to brute-force the confirmation code for customer registration. 2019-11-05 5 CVE-2019-8113
MISC magento — magento A security bypass vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An unauthenticated user can bypass the email confirmation mechanism via GET request that captures relevant account data obtained from the POST response related to new user creation. 2019-11-05 5 CVE-2019-8112
MISC magento — magento A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with privileges to an account with Newsletter Template editing permission could exfiltrate the Admin login data, and reset their password, effectively performing a privilege escalation. 2019-11-05 6.5 CVE-2019-8127
MISC magento — magento A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. A user with store manipulation privileges can execute arbitrary SQL queries by getting access to the database connection through group instance in email templates. 2019-11-06 6.5 CVE-2019-8130
MISC magento — magento In Magento to 1.9.4.3 and Magento prior to 1.14.4.3, an authenticated user with administrative privileges for editing attribute sets can execute arbitrary code through custom layout modification. 2019-11-06 6.5 CVE-2019-8231
MISC magento — magento Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 uses weak cryptographic function to store the failed login attempts for customer accounts. 2019-11-05 5 CVE-2019-8118
MISC magento — magento An insufficient logging and monitoring vulnerability exists in Magento 1 prior to 1.9.4.3 and 1.14.4.3, Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. The logging feature required for effective monitoring did not contain sufficent data to effectively track configuration changes. 2019-11-05 5 CVE-2019-8123
MISC magento — magento A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. A user with marketing privileges can execute arbitrary SQL queries in the database when accessing email template variables. 2019-11-06 6.5 CVE-2019-8134
MISC magento — magento A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with privileges to manipulate CMS section of the website can trigger remote code execution via custom layout update. 2019-11-06 6.5 CVE-2019-8137
MISC magento — magento In Magentoprior to 1.9.4.3, and Magento prior to 1.14.4.3, an authenticated user with administrative privileges to edit configuration settings can execute arbitrary code through a crafted support/output path. 2019-11-06 6.5 CVE-2019-8230
MISC magento — magento In Magento prior to 1.9.4.3, and Magento prior to 1.14.4.3, an authenticated user with administrative privileges to edit product attributes can execute arbitrary code through crafted layout updates. 2019-11-06 6.5 CVE-2019-8229
MISC magento — magento A server-side request forgery (SSRF) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with admin privileges to modify store configurations can manipulate the connector api endpoint to enable remote code execution. 2019-11-06 6.5 CVE-2019-8156
MISC magento — magento In Magento prior to 1.9.4.3, Magento prior to 1.14.4.3, Magento 2.2 prior to 2.2.10, and Magento 2.3 prior to 2.3.3 or 2.3.2-p1, an authenticated user with administrative privileges for the import feature can execute arbitrary code through a race condition that allows webserver configuration file modification. 2019-11-06 6 CVE-2019-8232
MISC magento — magento A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can craft a malicious CSRF payload that can result in arbitrary command execution. 2019-11-05 6 CVE-2019-8109
MISC magento — magento A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with privileges to manipulate layouts and images can insert a malicious payload into the page layout. 2019-11-06 6.5 CVE-2019-8150
MISC magento — magento In Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1, an unauthenticated user can inject arbitrary JavaScript code as a result of the sanitization engine ignoring HTML comments. 2019-11-06 4.3 CVE-2019-8233
MISC magento — magento A mitigation bypass to prevent cross-site scripting (XSS) exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. Successful exploitation of this vulnerability would result in an attacker being able to bypass the `escapeURL()` function and execute a malicious XSS payload. 2019-11-06 4.3 CVE-2019-8153
MISC magento — magento A remote code execution vulnerability exists in Magento 1 prior to 1.9.4.3 and 1.14.4.3. An authenticated admin user with privileges to access product attributes can leverage layout updates to trigger remote code execution. 2019-11-05 6.5 CVE-2019-8091
MISC magento — magento An unrestricted file upload vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated admin user can manipulate the Synchronization feature in the Media File Storage of the database to transform uploaded JPEG file into a PHP file. 2019-11-06 4 CVE-2019-8140
MISC magento — magento A security bypass vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. A user with privileges to generate sitemaps can bypass configuration that restricts directory access. The bypass allows overwrite of a subset of configuration files which can lead to denial of service. 2019-11-06 4 CVE-2019-8133
MISC magento — magento An XML entity injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated admin user can craft document type definition for an XML representing XML layout. The crafted document type definition and XML layout allow processing of external entities which can lead to information disclosure. 2019-11-05 4 CVE-2019-8126
MISC magento — magento Insecure authentication and session management vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can manipulate session validation setting for a storefront that leads to insecure authentication and session management. 2019-11-05 4 CVE-2019-8108
MISC magento — magento An insufficient logging and monitoring vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. Failure to track admin actions related to design configuration could lead to repudiation attacks. 2019-11-05 5 CVE-2019-8124
MISC magento — magento An arbitrary file deletion vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. An authenticated users can manipulate the design layout update feature. 2019-11-05 5.5 CVE-2019-8090
MISC magento — magento Magento prior to 1.9.4.3 and prior to 1.14.4.3 included a user’s CSRF token in the URL of a GET request. This could be exploited by an attacker with access to network traffic to perform unauthorized actions. 2019-11-06 5 CVE-2019-8155
MISC magento — magento A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. An authenticated user with administrative privileges (system level import) can execute arbitrary code through a Phar deserialization vulnerability in the import functionality. 2019-11-06 6.5 CVE-2019-8141
MISC magento — magento An arbitrary file deletion vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with export data transfer privileges can craft a request to perform arbitrary file deletion. 2019-11-05 5.5 CVE-2019-8107
MISC magento — magento A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can leverage plugin functionality related to email templates to manipulate the interceptor class in a way that allows an attacker to execute arbitrary code. 2019-11-05 6.5 CVE-2019-8111
MISC magento — magento A remote code execution vulnerability exists in Magento 1 prior to 1.9.4.3 and 1.14.4.3, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with admin privileges to import features can execute arbitrary code via crafted configuration archive file upload. 2019-11-05 6.5 CVE-2019-8114
MISC magento — magento A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. An authenticated user with privileges to create products can craft custom layout update and use import product functionality to enable remote code execution. 2019-11-05 6.5 CVE-2019-8122
MISC magento — magento A remote code execution vulnerability exists in Magento 1 prior to 1.9.x and 1.14.x. An authenticated admin user can modify configuration parameters via crafted support configuration. The modification can lead to remote code execution. 2019-11-05 6.5 CVE-2019-8125
MISC magento — magento
  A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can leverage email templates hierarchy to manipulate the interceptor class in a way that allows an attacker to execute arbitrary code. 2019-11-05 6.5 CVE-2019-8110
MISC magento — magento
  An arbitrary file access vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can leverage file upload controller for downloadable products to read/delete an arbitary files. 2019-11-05 6.5 CVE-2019-8093
MISC magento — magento
  A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. An authenticated admin user with import product privileges can delete files through bulk product import and inject code into XSLT file. The combination of these manipulations can lead to remote code execution. 2019-11-05 6.5 CVE-2019-8119
MISC mantisbt — mantisbt An access control issue in MantisBT before 1.2.13 allows users with “Reporter” permissions to change any issue to “New”. 2019-11-07 4 CVE-2013-1811
MISC
MISC
MISC
CONFIRM
MISC miniupnpd — miniupnpd MiniUPnPd has information disclosure use of snprintf() 2019-11-01 5 CVE-2013-2600
MISC
MISC
MISC
MISC
MISC mondo — mondo Mondo 2.24 has insecure handling of temporary files. 2019-11-07 6.4 CVE-2007-3915
MISC navcoin — navcoin navcoin through 4.3.0 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service. The attacker sends invalid headers/blocks. The attack requires no stake and can fill the victim’s disk and RAM. 2019-11-05 5 CVE-2018-19155
MISC
MISC neblio — neblio neblio through 1.5.1 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim’s disk. 2019-11-05 5 CVE-2018-19165
MISC
MISC nicehash — miner An issue was discovered in NiceHash Miner before 2.0.3.0. A missing rate limit while adding a wallet via Email address allows remote attackers to submit a large number of email addresses to identify valid ones. By exploiting this vulnerability with CVE-2019-6122 (Username Enumeration) an adversary can enumerate a large number of valid users’ Email addresses. 2019-11-06 5 CVE-2019-6120
MISC
MISC nicehash — miner A Username Enumeration via Error Message issue was discovered in NiceHash Miner before 2.0.3.0 because an “EMAIL DOES NOT EXIST” error message occurs whenever a submitted email address is incorrect, but there is a different error message for invalid credentials with a correct email address. 2019-11-06 4.3 CVE-2019-6122
MISC
MISC nicehash — miner An issue was discovered in NiceHash Miner before 2.0.3.0. Missing Authorization allows an adversary to can gain access to a miner’s information about such as his recent payments, unclaimed Balance, Old Balance (at the time of December 2017 breach) , Projected payout, Mining stats like profitability, Efficiency, Number of workers, etc.. A valid Email address is required in order to retrieve this Information. 2019-11-06 4.3 CVE-2019-6121
MISC
MISC nokogiri_gem_for_ruby_on_rails — nokogiri_gem_for_ruby_on_rails Nokogiri gem 1.5.x has Denial of Service via infinite loop when parsing XML documents 2019-11-05 4.3 CVE-2013-6460
MISC
MISC
MISC
MISC
MISC
MISC
MISC nokogiri_gem_for_ruby_on_rails — nokogiri_gem_for_ruby_on_rails Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits 2019-11-05 4.3 CVE-2013-6461
MISC
MISC
MISC
MISC
MISC
MISC oetiker+partner — smokeping Cross-site scripting (XSS) vulnerability in SmokePing 2.6.9 in the start and end time fields. 2019-11-01 4.3 CVE-2013-4168
MISC
MISC
MISC
MISC
MISC
MISC one_identity — cloud_access_manager One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows CSRF for logout requests. 2019-11-04 4.3 CVE-2019-13497
MISC
CONFIRM one_identity — cloud_access_manager One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows OTP bypass via vectors involving a man in the middle, the One Identity Defender product, and replacing a failed SAML response with a successful SAML response. 2019-11-04 4.3 CVE-2019-13496
MISC
CONFIRM open_build_service — open_build_service Open Build Service before version 0.165.4 diddn’t validate TLS certificates for HTTPS connections with the osc client binary 2019-11-05 6.8 CVE-2019-3685
CONFIRM openstack — keystone_and_compute HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates. 2019-11-01 4.3 CVE-2013-2255
MISC
MISC
MISC
MISC
MISC
MISC
MISC openttd — openttd OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server. 2019-11-07 4 CVE-2012-0049
CONFIRM
MISC
MISC
MISC
MISC oxid — multiple_products An issue was discovered in OXID eShop 6.x before 6.0.6 and 6.1.x before 6.1.5, OXID eShop Enterprise Edition Version 5.2.x-5.3.x, OXID eShop Professional Edition Version 4.9.x-4.10.x and OXID eShop Community Edition Version: 4.9.x-4.10.x. By using a specially crafted URL, users with administrative rights could unintentionally grant unauthorized users access to the admin panel via session fixation. 2019-11-05 6.8 CVE-2019-17062
MISC pagure — pagure Pagure: XSS possible in file attachment endpoint 2019-11-06 4.3 CVE-2016-1000037
MISC
MISC
MISC
MISC particl — particl particl through 0.17 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service. The attacker sends invalid headers/blocks. The attack requires no stake and can fill the victim’s disk and RAM. 2019-11-05 5 CVE-2018-19153
MISC
MISC peercoin — peercoin peercoin through 0.6.4 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim’s disk. 2019-11-05 5 CVE-2018-19166
MISC
MISC pfsense — pfsense /usr/local/www/freeradius_view_config.php in the freeradius3 package before 0.15.7_3 for pfSense on FreeBSD allows a user with an XSS payload as password or username to execute arbitrary javascript code on a victim browser. 2019-11-02 4.3 CVE-2019-18667
MISC phantomjs — phantomjs PhantomJS through 2.1.1 has an arbitrary file read vulnerability, as demonstrated by an XMLHttpRequest for a file:// URI. The vulnerability exists in the page.open() function of the webpage module, which loads a specified URL and calls a given callback. An attacker can supply a specially crafted HTML file, as user input, that allows reading arbitrary files on the filesystem. For example, if page.render() is the function callback, this generates a PDF or an image of the targeted file. NOTE: this product is no longer developed. 2019-11-05 5 CVE-2019-17221
MISC phore — phore Phore through 1.3.3.1 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim’s disk. 2019-11-05 5 CVE-2018-19157
MISC
MISC pivx — pivx PIVX through 3.1.03 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim’s disk. 2019-11-05 5 CVE-2018-19156
MISC
MISC popojicms — popojicms po-admin/route.php?mod=post&act=edit in PopojiCMS 2.0.1 allows post[1][content]= stored XSS. 2019-11-07 4.3 CVE-2019-18816
MISC popojicms — popojicms PopojiCMS 2.0.1 allows refer= Open Redirection. 2019-11-07 5.8 CVE-2019-18815
MISC portainer — portainer Portainer before 1.22.1 has Incorrect Access Control (issue 4 of 4). 2019-11-07 6.5 CVE-2019-16877
MISC portainer — portainer Portainer before 1.22.1 allows Directory Traversal. 2019-11-07 5 CVE-2019-16876
MISC portainer — portainer Portainer before 1.22.1 has Incorrect Access Control (issue 2 of 4). 2019-11-07 4 CVE-2019-16874
MISC progress — sitefinity_cms Progress Sitefinity CMS before 10.1 allows XSS via /Pages Parameter : Page Title, /Content/News Parameter : News Title, /Content/List Parameter : List Title, /Content/Documents/LibraryDocuments/incident-request-attachments Parameter : Document Title, /Content/Images/LibraryImages/newsimages Parameter : Image Title, /Content/links Parameter : Link Title, /Content/links Parameter : Link Title, or /Content/Videos/LibraryVideos/default-video-library Parameter : Video Title. 2019-11-06 4.3 CVE-2017-18639
MISC qualcomm — multiple_products Lack of check for a negative value returned for get_clk is wrongly interpreted as valid pointer and lead to use after free in clk driver in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24 2019-11-06 4.6 CVE-2019-10524
CONFIRM qualcomm — multiple_products Firmware not able to send EXT scan response to host within 1 sec due to resource consumption issue in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 665, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016 2019-11-06 5 CVE-2019-10504
CONFIRM qualcomm — multiple_products DCI client which might be preemptively freed up might be accessed for transferring packets leading to kernel error in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24 2019-11-06 4.9 CVE-2019-10515
CONFIRM qualcomm — multiple_products Null pointer dereference can occur while parsing invalid chunks while playing the nonstandard clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCA6574AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20 2019-11-06 5 CVE-2019-10488
CONFIRM qualcomm — multiple_products Possible stack overflow when an index equal to io buffer size is accessed in camera module in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / SD 850, SD 855, SDM439, SDX24 2019-11-06 4.6 CVE-2019-10502
CONFIRM
MISC qualcomm — multiple_products ADSP can be compromised since it`s a general-purpose CPU processing untrusted data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24 2019-11-06 4.6 CVE-2019-10491
CONFIRM qualcomm — multiple_products Payload size is not checked before using it as array index in audio in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, SXR1130 2019-11-06 4.6 CVE-2019-10512
CONFIRM qualcomm — multiple_products Lack of checking a variable received from driver and populating in Firmware data structure leads to buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130 2019-11-06 4.6 CVE-2019-10496
CONFIRM qualcomm — multiple_products Arbitrary buffer write issue while processing sequence header during HEVC or AVC encoding. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130 2019-11-06 4.6 CVE-2019-10495
CONFIRM quest — kace_systems_management_appliance_server_center Quest KACE Systems Management Appliance Server Center 9.1.317 is vulnerable to SQL injection. An authenticated user has the ability to execute arbitrary commands against the database. The affected component is /userui/ticket_list.php, and affected parameters are order[0][column] and order[0][dir]. 2019-11-06 6.5 CVE-2019-13076
MISC
MISC quest — kace_systems_management_appliance_server_center Quest KACE Systems Management Appliance Server Center 9.1.317 has an XSS vulnerability (via the sam_detail_titled.php SAM_TYPE parameter) that allows an attacker to create a malicious link in order to attack authenticated users. 2019-11-06 4.3 CVE-2019-13077
MISC
MISC quest — kace_systems_management_appliance_server_center A reflected XSS vulnerability exists in Quest KACE Systems Management Appliance Server Center 9.1.317 affecting the userui/software_library.php component via the PATH_INFO. 2019-11-06 4.3 CVE-2019-12917
MISC
MISC quest — kace_systems_management_appliance_server_center Quest KACE Systems Management Appliance Server Center 9.1.317 is vulnerable to SQL injection. An authenticated user has the ability to execute arbitrary commands against the database. The affected component is /common/user_profile.php. The affected parameter is sort_column. 2019-11-06 6.5 CVE-2019-13078
MISC
MISC quest — kace_systems_management_appliance_server_center
  Quest KACE Systems Management Appliance Server Center 9.1.317 is vulnerable to SQL injection. An authenticated user has the ability to execute arbitrary commands against the database. The affected component is /adminui/history_log.php. The affected parameter is TYPE_NAME. 2019-11-06 6.5 CVE-2019-13079
MISC
MISC red_hat — cloud_forms_management_engine Multiple cross-site scripting (XSS) vulnerabilities in ManageIQ EVM allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2019-11-01 4.3 CVE-2013-0186
CONFIRM
MISC red_hat — directory_server_8_and_389_directory_server The _ger_parse_control function in Red Hat Directory Server 8 and the 389 Directory Server allows attackers to cause a denial of service (NULL pointer dereference) via a crafted search query. 2019-11-05 5 CVE-2010-2222
MISC
MISC red_hat — jboss_aerogear JBoss AeroGear has reflected XSS via the password field 2019-11-04 4.3 CVE-2014-3649
MISC
MISC reddcoin — reddcoin reddcoin through 2.1.0.5 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim’s disk. 2019-11-05 5 CVE-2018-19164
MISC
MISC s9y — serendipity Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code in plugins/ExtendedFileManager/manager.php and plugins/ImageManager/manager.php. 2019-11-05 4.3 CVE-2011-1135
CONFIRM
DEBIAN
SECTRACK
MISC s9y — serendipity Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code via plugins/ExtendedFileManager/backend.php. 2019-11-05 4.3 CVE-2011-1133
CONFIRM
DEBIAN
SECTRACK
MISC samba — samba A flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x before 4.10.10. An attacker can crash AD DC LDAP server via dirsync resulting in denial of service. Privilege escalation is not possible with this issue. 2019-11-06 4 CVE-2019-14847
SUSE
CONFIRM
MISC sap — sap_hana_database SAP HANA Database, versions 1.0, 2.0, allows an unauthorized attacker to send a malformed connection request, which crashes the indexserver of an SAP HANA instance, leading to Denial of Service 2019-11-04 5 CVE-2019-0350
MISC
MISC sass — libsass LibSass 3.6.1 has uncontrolled recursion in Sass::Eval::operator()(Sass::Binary_Expression*) in eval.cpp. 2019-11-06 4.3 CVE-2019-18797
MISC sass — libsass LibSass before 3.6.3 allows a heap-based buffer over-read in Sass::weaveParents in ast_sel_weave.cpp. 2019-11-06 4.3 CVE-2019-18798
MISC sass — libsass LibSass before 3.6.3 allows a NULL pointer dereference in Sass::Parser::parseCompoundSelector in parser_selectors.cpp. 2019-11-06 4.3 CVE-2019-18799
MISC scipy — scipy The scipy.weave component in SciPy before 0.12.1 creates insecure temporary directories. 2019-11-04 4.6 CVE-2013-4251
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC secudos — domos The Log module in SECUDOS DOMOS before 5.6 allows local file inclusion. 2019-11-02 5 CVE-2019-18665
MISC
MISC
MISC sourceforge — archivemail archivemail 0.6.2 uses temporary files insecurely leading to a possible race condition. 2019-11-06 6.8 CVE-2006-4245
MISC
MISC stratisx_project — stratisx stratisX through 2.0.0.5 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim’s disk. 2019-11-05 5 CVE-2018-19163
MISC
MISC symantec — sonar_component The Symantec SONAR component, prior to 12.0.2, may be susceptible to a tamper protection bypass vulnerability which could potentially allow an attacker to circumvent the existing tamper protection in use on the resident system. 2019-11-01 4.1 CVE-2019-12752
CONFIRM symfony — symfony php-symfony2-Validator has loss of information during serialization 2019-11-01 4.9 CVE-2013-4751
MISC
MISC
MISC
MISC
MISC
MISC typo3 — typo3 TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows Information Disclosure on the backend. 2019-11-06 4 CVE-2011-4627
MISC
CONFIRM typo3 — typo3 TYPO3 before 4.5.4 allows Information Disclosure in the backend. 2019-11-06 4 CVE-2011-4900
MISC
CONFIRM typo3 — typo3 TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Header Injection in the secure download feature jumpurl. 2019-11-04 5 CVE-2010-3668
MISC
MISC
CONFIRM typo3 — typo3 TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Spam Abuse in the native form content element. 2019-11-04 5 CVE-2010-3667
MISC
MISC
CONFIRM typo3 — typo3 TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 contains insecure randomness in the uniqid function. 2019-11-04 5 CVE-2010-3666
MISC
MISC
CONFIRM typo3 — typo3 TYPO3 before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS and Open Redirection in the frontend login box. 2019-11-04 4.9 CVE-2010-3669
MISC
MISC
CONFIRM typo3 — typo3 TYPO3 before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows information disclosure in the mail header of the HTML mailing API. 2019-11-05 5 CVE-2010-3673
MISC
MISC
CONFIRM typo3 — typo3 TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to extract arbitrary information from the TYPO3 database. 2019-11-06 4 CVE-2011-4901
MISC
CONFIRM typo3 — typo3 TYPO3 before 4.4.9 and 4.5.x before 4.5.4 does not apply proper access control on ExtDirect calls which allows remote attackers to retrieve ExtDirect endpoint services. 2019-11-06 4 CVE-2011-4904
MISC
CONFIRM typo3 — typo3 TYPO3 before 4.4.1 allows XSS in the frontend search box. 2019-11-05 4.3 CVE-2010-3674
MISC
MISC
CONFIRM typo3 — typo3 TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 contains an insecure default value of the variable fileDenyPattern which could allow remote attackers to execute arbitrary code on the backend. 2019-11-04 6.5 CVE-2010-3663
MISC
MISC
CONFIRM typo3 — typo3 TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to delete arbitrary files on the webserver. 2019-11-06 5.5 CVE-2011-4902
MISC
CONFIRM typo3 — typo3 Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the RemoveXSS function. 2019-11-06 4.3 CVE-2011-4903
MISC
CONFIRM typo3 — typo3 TYPO3 before 4.3.4 and 4.4.x before 4.4.1 contains insecure randomness during generation of a hash with the “forgot password” function. 2019-11-05 5.8 CVE-2010-3670
MISC
MISC
CONFIRM typo3 — typo3 Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the “JSwindow” property of the typolink function. 2019-11-06 4.3 CVE-2011-4626
MISC
CONFIRM typo3 — typo3 TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows SQL Injection on the backend. 2019-11-04 6.5 CVE-2010-3662
MISC
MISC
CONFIRM typo3 — typo3 TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Open Redirection on the backend. 2019-11-01 5.8 CVE-2010-3661
MISC
MISC
CONFIRM typo3 — typo3 TYPO3 before 4.3.4 and 4.4.x before 4.4.1 allows XSS in the textarea view helper in an extbase extension. 2019-11-05 4.3 CVE-2010-3672
MISC
MISC
CONFIRM typo3 — typo3 TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Information Disclosure on the backend. 2019-11-04 4 CVE-2010-3664
MISC
MISC
CONFIRM viewvc — viewvc viewvc 1.0.3 allows improper access control to files in a repository when using the “forbidden” configuration option. 2019-11-07 4.3 CVE-2007-5743
MISC
MISC websieve — websieve Cross-site scripting (XSS) vulnerability in websieve v0.62 allows remote attackers to inject arbitrary web script or HTML code in the web user interface. 2019-11-01 4.3 CVE-2005-2350
MISC
MISC wordpress — wordpress An issue was discovered in the Currency Switcher addon before 2.11.2 for WooCommerce if a user provides a currency that was not added by the administrator. In this case, even though the currency does not exist, it will be selected, but a price amount will fall back to the default currency. This means that if an attacker provides a currency that does not exist and is worth less than this default, the attacker can eventually purchase an item for a significantly cheaper price. 2019-11-02 4 CVE-2019-18668
MISC
MISC
MISC wordpress — wordpress Directory traversal vulnerability in the ajaxinit function in wpmarketplace/libs/cart.php in the WP Marketplace plugin before 2.4.1 for WordPress allows remote authenticated users to download arbitrary files via a .. (dot dot) in the file parameter. 2019-11-06 4 CVE-2014-9014
MISC
MISC wordpress — wordpress The ajaxinit function in wpmarketplace/libs/cart.php in the WP Marketplace plugin 2.4.0 for WordPress allows remote authenticated users to create arbitrary users and gain admin privileges via a request to wpmp_pp_ajax_call with an execution target of wp_insert_user. 2019-11-06 6.5 CVE-2014-9013
MISC wordpress — wordpress An issue was discovered in the MailPoet Newsletters (aka wysija-newsletters) plugin before 2.8.2 for WordPress. The plugin is vulnerable to SPAM attacks. 2019-11-06 5 CVE-2018-20853
CONFIRM zoho_manageengine — adselfservice_plus Zoho ManageEngine ADSelfService Plus 5.x through 5803 has CSRF on the users’ profile information page. Users who are attacked with this vulnerability will be forced to modify their enrolled information, such as email and mobile phone, unintentionally. Attackers could use the reset password function and control the system to send the authentication code back to the channel that the attackers own. 2019-11-06 6.8 CVE-2019-18411
MISC

MIL OSI USA News