Vulnerability Summary for the Week of December 16, 2019
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded in the past week. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
High Vulnerabilities
Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
advantech -- diaganywhere_server | In Advantech DiagAnywhere Server, Versions 3.07.11 and prior, multiple stack-based buffer overflow vulnerabilities exist in the file transfer service listening on the TCP port. Successful exploitation could allow an unauthenticated attacker to execute arbitrary code with the privileges of the user running DiagAnywhere Server. | 2019-12-17 | 7.5 | CVE-2019-18257 MISC |
apple -- icloud_for_windows | A race condition existed during the installation of iTunes for Windows. This was addressed with improved state handling. This issue is fixed in iCloud for Windows 7.11. Running the iTunes installer in an untrusted directory may result in arbitrary code execution. | 2019-12-18 | 7.6 | CVE-2019-6232 MISC |
apple -- icloud_for_windows | A race condition existed during the installation of iCloud for Windows. This was addressed with improved state handling. This issue is fixed in iCloud for Windows 7.11. Running the iCloud installer in an untrusted directory may result in arbitrary code execution. | 2019-12-18 | 7.6 | CVE-2019-6236 MISC |
apple -- macos_catalina | A validation issue was addressed with improved logic. This issue is fixed in macOS Catalina 10.15.1. A malicious application may be able to gain root privileges. | 2019-12-18 | 9.3 | CVE-2019-8802 MISC |
apple -- macos_catalina | A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15. An application may be able to execute arbitrary code with kernel privileges. | 2019-12-18 | 7.2 | CVE-2019-8748 MISC |
apple -- macos_catalina | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15. An application may be able to execute arbitrary code with kernel privileges. | 2019-12-18 | 9.3 | CVE-2019-8781 MISC |
apple -- macos_catalina | A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15. An application may be able to execute arbitrary code with system privileges. | 2019-12-18 | 7.2 | CVE-2019-8758 MISC |
apple -- macos_catalina | A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1. An application may be able to execute arbitrary code with system privileges. | 2019-12-18 | 9.3 | CVE-2019-8807 MISC |
apple -- macos_catalina_and_tvos | A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15, tvOS 13. An application may be able to execute arbitrary code with kernel privileges. | 2019-12-18 | 7.2 | CVE-2019-8717 MISC |
apple -- macos_mojave | A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6. An application may be able to execute arbitrary code with kernel privileges. | 2019-12-18 | 9.3 | CVE-2019-8694 MISC |
apple -- macos_mojave | A logic issue was addressed with improved restrictions. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with kernel privileges. | 2019-12-18 | 9.3 | CVE-2019-8590 MISC |
apple -- macos_mojave | A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6. An application may be able to execute arbitrary code with system privileges. | 2019-12-18 | 9.3 | CVE-2019-8695 MISC |
apple -- macos_mojave | This issue was addressed with improved checks. This issue is fixed in macOS Mojave 10.14.4. A local user may be able to execute arbitrary shell commands. | 2019-12-18 | 7.2 | CVE-2019-8513 MISC |
apple -- macos_mojave | A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with system privileges. | 2019-12-18 | 9.3 | CVE-2019-8629 MISC |
apple -- macos_mojave | A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with system privileges. | 2019-12-18 | 7.2 | CVE-2019-8635 MISC |
apple -- macos_mojave | A use after free issue was addressed with improved memory management. This issue is fixed in macOS Mojave 10.14.6. A remote attacker may be able to cause arbitrary code execution. | 2019-12-18 | 7.5 | CVE-2019-8661 MISC |
apple -- macos_mojave | A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6. An application may be able to execute arbitrary code with system privileges. | 2019-12-18 | 7.2 | CVE-2019-8697 MISC |
apple -- macos_mojave | A buffer overflow was addressed with improved size validation. This issue is fixed in macOS Mojave 10.14.4. A malicious application may be able to execute arbitrary code with kernel privileges. | 2019-12-18 | 9.3 | CVE-2019-8555 MISC |
apple -- macos_mojave | A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with system privileges. | 2019-12-18 | 7.2 | CVE-2019-8616 MISC |
apple -- macos_mojave | A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with system privileges. | 2019-12-18 | 7.2 | CVE-2019-8604 MISC |
apple -- macos_mojave | A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Mojave 10.14.4. Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges. | 2019-12-18 | 7.2 | CVE-2019-8508 MISC |
apple -- macos_mojave | A race condition was addressed with additional validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A malicious application may be able to gain root privileges. | 2019-12-18 | 7.6 | CVE-2019-8565 MISC MISC |
apple -- macos_mojave | A use after free issue was addressed with improved memory management. This issue is fixed in macOS Mojave 10.14.4. An application may be able to gain elevated privileges. | 2019-12-18 | 7.2 | CVE-2019-8526 MISC |
apple -- multiple_products | A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A maliciously crafted SQL query may lead to arbitrary code execution. | 2019-12-18 | 7.5 | CVE-2019-8600 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. An application may be able to cause unexpected system termination or write kernel memory. | 2019-12-18 | 8.8 | CVE-2019-8591 MISC MISC MISC MISC |
apple -- multiple_products | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. An application may be able to execute arbitrary code with system privileges. | 2019-12-18 | 9.3 | CVE-2019-8593 MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 9.3 | CVE-2019-8814 MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 9.3 | CVE-2019-8676 MISC MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 9.3 | CVE-2019-8815 MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 9.3 | CVE-2019-8688 MISC MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 9.3 | CVE-2019-8669 MISC MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 9.3 | CVE-2019-8684 MISC MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 9.3 | CVE-2019-8689 MISC MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 9.3 | CVE-2019-8816 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. A remote attacker may be able to cause arbitrary code execution. | 2019-12-18 | 7.5 | CVE-2019-8613 MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 9.3 | CVE-2019-8685 MISC MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. An application may be able to execute arbitrary code with system privileges. | 2019-12-18 | 9.3 | CVE-2019-8574 MISC MISC MISC MISC |
apple -- multiple_products | A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. A remote attacker may be able to cause arbitrary code execution. | 2019-12-18 | 7.5 | CVE-2019-8648 MISC MISC MISC MISC |
apple -- multiple_products | A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A malicious application may be able to execute arbitrary code with system privileges. | 2019-12-18 | 9.3 | CVE-2019-8605 MISC MISC MISC MISC |
apple -- multiple_products | A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.4, tvOS 12.4, watchOS 5.3. A remote attacker may be able to cause arbitrary code execution. | 2019-12-18 | 7.5 | CVE-2019-8647 MISC MISC MISC |
apple -- multiple_products | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. | 2019-12-18 | 7.5 | CVE-2019-8641 MISC MISC MISC MISC |
apple -- multiple_products | This issue was addressed with improved checks. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. An attacker may be able to trigger a use-after-free in an application deserializing an untrusted NSDictionary. | 2019-12-18 | 7.5 | CVE-2019-8662 MISC MISC MISC MISC |
apple -- multiple_products | An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. A malicious application may be able to gain root privileges. | 2019-12-18 | 9.3 | CVE-2019-8637 MISC MISC MISC |
apple -- multiple_products | A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. | 2019-12-18 | 7.5 | CVE-2019-8660 MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 9.3 | CVE-2019-8672 MISC MISC MISC MISC MISC MISC MISC MISC |
apple -- watchos | A memory corruption vulnerability was addressed with improved locking. This issue is fixed in watchOS 6.1. An application may be able to execute arbitrary code with kernel privileges. | 2019-12-18 | 9.3 | CVE-2019-8747 MISC |
apple -- watchos_and_icloud_for_windows | Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Multiple issues in libxslt. | 2019-12-18 | 7.5 | CVE-2019-8750 MISC MISC |
apple -- xcode | Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege. | 2019-12-18 | 9.3 | CVE-2019-8723 MISC |
apple -- xcode | Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege. | 2019-12-18 | 9.3 | CVE-2019-8724 MISC |
elog -- elog | ELOG 3.1.4-57bea22 and below can be used as an HTTP GET request proxy when unauthenticated remote attackers send crafted HTTP POST requests. | 2019-12-17 | 7.5 | CVE-2019-3996 MISC |
envoy_proxy -- envoy | An issue was discovered in Envoy 1.12.0. An untrusted remote client may send an HTTP header (such as Host) with whitespace after the header content. Envoy will treat "header-value " as a different string from "header-value" so for example with the Host header "example.com " one could bypass "example.com" matchers. | 2019-12-13 | 7.5 | CVE-2019-18802 MISC MISC MISC MISC |
envoy_proxy -- envoy | An issue was discovered in Envoy 1.12.0. An untrusted remote client may send HTTP/2 requests that write to the heap outside of the request buffers when the upstream is HTTP/1. This may be used to corrupt nearby heap contents (leading to a query-of-death scenario) or may be used to bypass Envoy's access control mechanisms such as path based routing. An attacker can also modify requests from other users that happen to be proximal temporally and spatially. | 2019-12-13 | 7.5 | CVE-2019-18801 MISC MISC MISC CONFIRM MISC |
fontforge -- libspiro | Libspiro through 20190731 has a stack-based buffer overflow in the spiro_to_bpath0() function in spiro.c. | 2019-12-17 | 7.5 | CVE-2019-19847 MISC |
google -- tensorflow | In TensorFlow before 1.15, a heap buffer overflow in UnsortedSegmentSum can be produced when the Index template argument is int32. In this case data_size and num_segments fields are truncated from int64 to int32 and can produce negative numbers, resulting in accessing out of bounds heap memory. This is unlikely to be exploitable and was detected and fixed internally in TensorFlow 1.15 and 2.0. | 2019-12-16 | 7.5 | CVE-2019-16778 MISC MISC CONFIRM |
joomla -- joomla! | class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-2019-19576. | 2019-12-17 | 7.5 | CVE-2019-19634 MISC MISC MISC |
joomla -- joomla! | In Joomla! before 3.9.14, the lack of validation of configuration parameters used in SQL queries caused various SQL injection vectors. | 2019-12-18 | 7.5 | CVE-2019-19846 MISC |
labf -- aceaxe_plus | The FTP client in AceaXe Plus 1.0 allows a buffer overflow via a long EHLO response from an FTP server. | 2019-12-13 | 10 | CVE-2019-19782 MISC MISC |
linux -- linux_kernel | In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause a NULL pointer dereference in f2fs_recover_fsync_data in fs/f2fs/recovery.c. This is related to F2FS_P_SB in fs/f2fs/f2fs.h. | 2019-12-17 | 7.1 | CVE-2019-19815 MISC MISC |
linux -- linux_kernel | In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this. | 2019-12-17 | 9.3 | CVE-2019-19814 MISC |
linux -- linux_kernel | In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image and performing some operations can cause slab-out-of-bounds write access in __btrfs_map_block in fs/btrfs/volumes.c, because a value of 1 for the number of data stripes is mishandled. | 2019-12-17 | 9.3 | CVE-2019-19816 MISC |
linux -- linux_kernel | In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. This is related to mutex_can_spin_on_owner in kernel/locking/mutex.c, __btrfs_qgroup_free_meta in fs/btrfs/qgroup.c, and btrfs_insert_delayed_items in fs/btrfs/delayed-inode.c. | 2019-12-17 | 9.3 | CVE-2019-19813 MISC |
petwant_and_skymee -- pf-103_and_petalk_ai | The processCommandSetMac() function of libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user. | 2019-12-13 | 10 | CVE-2019-16737 MISC |
petwant_and_skymee -- pf-103_and_petalk_ai | processCommandSetUid() in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user. | 2019-12-13 | 10 | CVE-2019-16733 MISC |
petwant_and_skymee -- pf-103_and_petalk_ai | Unencrypted HTTP communications for firmware upgrades in Petalk AI and PF-103 allow man-in-the-middle attackers to run arbitrary code as the root user. | 2019-12-13 | 9.3 | CVE-2019-16732 MISC |
petwant_and_skymee -- pf-103_and_petalk_ai | A stack-based buffer overflow in processCommandUploadLog in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to cause denial of service or run arbitrary code as the root user. | 2019-12-13 | 10 | CVE-2019-16735 MISC |
petwant_and_skymee -- pf-103_and_petalk_ai | processCommandUpgrade() in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user. | 2019-12-13 | 10 | CVE-2019-16730 MISC MISC |
petwant_and_skymee -- pf-103_and_petalk_ai | The processCommandUploadLog() function of libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user. | 2019-12-13 | 10 | CVE-2019-17364 MISC |
petwant_and_skymee -- pf-103_and_petalk_ai | A stack-based buffer overflow in processCommandUploadSnapshot in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to cause denial of service or run arbitrary code as the root user. | 2019-12-13 | 10 | CVE-2019-16736 MISC |
petwant_and_skymee -- pf-103_and_petalk_ai | Use of default credentials for the TELNET server in Petwant PF-103 firmware 4.3.2.50 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user. | 2019-12-13 | 10 | CVE-2019-16734 MISC |
puppet -- mcollective | mcollective has a default password set at install | 2019-12-13 | 7.5 | CVE-2014-0175 MISC MISC MISC |
python-requests-kerberos -- python-requests-kerberos | python-requests-Kerberos through 0.5 does not handle mutual authentication | 2019-12-15 | 7.5 | CVE-2014-8650 MISC MISC MISC MISC |
qualcomm -- multiple_snapdragon_products | Out of boundary access is possible as there is no validation of data accessed against the received size of the packet in case of malicious firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS405, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 | 2019-12-18 | 7.5 | CVE-2019-10614 CONFIRM |
qualcomm -- multiple_snapdragon_products | Buffer overwrite can occur in IEEE80211 header filling function due to lack of range check of array index received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, IPQ8074, MDM9607, MDM9650, MSM8909, MSM8939, QCN7605, SDA660, SDM630, SDM636, SDM660, SDX20, SDX24 | 2019-12-18 | 7.2 | CVE-2019-10605 CONFIRM |
qualcomm -- multiple_snapdragon_products | Integer overflow to buffer overflow due to lack of validation of event arguments received from firmware. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, MDM9607, MSM8917, MSM8920, MSM8937, MSM8940, QCN7605, QCS405, QCS605, SDA845, SDM660, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130 | 2019-12-18 | 7.2 | CVE-2019-2304 CONFIRM |
qualcomm -- multiple_snapdragon_products | Out of bound access can occur while processing firmware event due to lack of validation of WMI message received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MSM8996AU, Nicobar, QCA6574AU, QCN7605, QCS405, SDM630, SDM636, SDM660, SDM845, SM6150, SM7150, SM8150 | 2019-12-18 | 7.2 | CVE-2019-10601 CONFIRM |
qualcomm -- multiple_snapdragon_products | When a fake broadcast/multicast 11w rmf without mmie received, since no proper length check in wma_process_bip, buffer overflow will happen in both cds_is_mmie_valid and qdf_nbuf_trim_tail in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8937, MSM8996AU, MSM8998, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS605, SDM630, SDM636, SDM660, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130 | 2019-12-18 | 7.2 | CVE-2018-11980 CONFIRM |
qualcomm -- multiple_snapdragon_products | Out of bound write can happen in WMI firmware event handler due to lack of validation of data received from WLAN firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCA9980, QCN7605, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130 | 2019-12-18 | 7.2 | CVE-2019-10480 CONFIRM |
qualcomm -- multiple_snapdragon_products | Device memory may get corrupted because of buffer overflow/underflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8016, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SM6150, SM7150, SXR1130 | 2019-12-18 | 10 | CVE-2019-2242 CONFIRM |
qualcomm -- multiple_snapdragon_products | Improper Access Control for RPU write access from secure processor in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8017, APQ8053, APQ8098, IPQ8074, MDM9150, MDM9650, MDM9655, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998, Nicobar, QCA8081, QCN7605, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX55, SM6150, SM7150, SM8150, SXR1130 | 2019-12-18 | 7.2 | CVE-2019-2274 CONFIRM |
qualcomm -- multiple_snapdragon_products | Out of bounds memcpy can occur by providing the embedded NULL character string and length greater than the actual string length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8996, MSM8996AU, QCA4531, QCA8081, QCA9531, QCA9558, QCA9886, QCA9980, QCN7605, QCS605, SDA660, SDX20, SDX24, SDX55, SM8150, SXR1130 | 2019-12-18 | 7.2 | CVE-2019-10607 CONFIRM |
qualcomm -- multiple_snapdragon_products | Out of bound access can occur while processing peer info in IBSS connection mode due to lack of upper bounds check to ensure that for loop further will not cause an overflow in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8096AU, MDM9607, MSM8996AU, QCA6574AU, QCN7605, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130 | 2019-12-18 | 7.2 | CVE-2019-10598 CONFIRM |
qualcomm -- multiple_snapdragon_products | Possible buffer overwrite in message handler due to lack of validation of tid value calculated from packets received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8064, APQ8096AU, IPQ4019, IPQ8064, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909, MSM8909W, MSM8939, MSM8996AU, QCA4531, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCA9558, QCA9880, QCA9886, QCA9980, SDA660, SDM630, SDM636, SDM660, SDX20, SDX24 | 2019-12-18 | 7.2 | CVE-2019-10595 CONFIRM |
qualcomm -- multiple_snapdragon_products | Use of local variable as argument to netlink CB callback goes out of it scope when callback triggered lead to invalid stack memory in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCA8081, QCS405, QCS605, QM215, SA6155P, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 | 2019-12-18 | 7.2 | CVE-2019-10600 CONFIRM |
red_hat -- edeploy | eDeploy has tmp file race condition flaws | 2019-12-15 | 9.3 | CVE-2014-3701 REDHAT MISC MISC |
red_hat -- edeploy | eDeploy has RCE via cPickle deserialization of untrusted data | 2019-12-15 | 7.5 | CVE-2014-3699 REDHAT MISC MISC |
xfig -- fig2dev | read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write. | 2019-12-15 | 7.5 | CVE-2019-19797 MISC |
Medium Vulnerabilities
Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
apache -- incubator_superset | In Apache Incubator Superset before 0.31 user could query database metadata information from a database he has no access to, by using a specially crafted complex query. | 2019-12-16 | 5 | CVE-2019-12413 MISC |
apache -- incubator_superset | In Apache Incubator Superset before 0.32, a user can view database names that he has no access to on a dropdown list in SQLLab | 2019-12-16 | 5 | CVE-2019-12414 MISC |
apple -- ios | A logic issue was addressed with improved state management. This issue is fixed in iOS 13. Visiting a malicious website may lead to address bar spoofing. | 2019-12-18 | 4.3 | CVE-2019-8727 MISC |
apple -- ios | A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in iOS 12.2. A device may be passively tracked by its WiFi MAC address. | 2019-12-18 | 5 | CVE-2019-8567 MISC |
apple -- ios | A permissions issue existed in which execute permission was incorrectly granted. This issue was addressed with improved permission validation. This issue is fixed in iOS 13. Processing a maliciously crafted file may disclose user information. | 2019-12-18 | 4.3 | CVE-2019-8731 MISC |
apple -- ios | A logic issue existed with the display of notification previews. This issue was addressed with improved validation. This issue is fixed in iOS 13. Notification previews may show on Bluetooth accessories even when previews are disabled. | 2019-12-18 | 5 | CVE-2019-8711 MISC |
apple -- ios | An access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 12.3. A sandboxed process may be able to circumvent sandbox restrictions. | 2019-12-18 | 6.8 | CVE-2019-8617 MISC |
apple -- ios | A permissions issue existed in the handling of motion and orientation data. This issue was addressed with improved restrictions. This issue is fixed in iOS 12.2. A website may be able to access sensor information without user consent. | 2019-12-18 | 4.3 | CVE-2019-8554 MISC |
apple -- ios_and_macos_mojave | This issue was addressed with improved checks. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6. A remote attacker may be able to leak memory. | 2019-12-18 | 5 | CVE-2019-8663 MISC MISC |
apple -- ios_and_safari | A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13. Processing maliciously crafted web content may lead to universal cross site scripting. | 2019-12-18 | 4.3 | CVE-2019-8674 MISC MISC |
apple -- ios_and_tvos | A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue is fixed in iOS 12.4, tvOS 12.4. A malicious application may be able to restrict access to websites. | 2019-12-18 | 4.3 | CVE-2019-8698 MISC MISC |
apple -- ios_and_watchos | A denial of service issue was addressed with improved validation. This issue is fixed in iOS 12.4, watchOS 5.3. A remote attacker may cause an unexpected application termination. | 2019-12-18 | 5 | CVE-2019-8665 MISC MISC |
apple -- ios_and_watchos | An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, watchOS 5.2.1. Processing a maliciously crafted message may lead to a denial of service. | 2019-12-18 | 4.3 | CVE-2019-8626 MISC MISC |
apple -- macos_catalina | "Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items. | 2019-12-18 | 5 | CVE-2019-8768 MISC |
apple -- macos_catalina | The issue was addressed with improved permissions logic. This issue is fixed in macOS Catalina 10.15. A malicious application may be able to access recent documents. | 2019-12-18 | 4.3 | CVE-2019-8770 MISC |
apple -- macos_catalina | An issue existed in the handling of links in encrypted PDFs. This issue was addressed by adding a confirmation prompt. This issue is fixed in macOS Catalina 10.15. An attacker may be able to exfiltrate the contents of an encrypted PDF. | 2019-12-18 | 5 | CVE-2019-8772 MISC |
apple -- macos_catalina_and_tvos | A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15, tvOS 13. Processing a maliciously crafted movie may result in the disclosure of process memory. | 2019-12-18 | 4.3 | CVE-2019-8705 MISC |
apple -- macos_mojave | An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.6. The encryption status of a Time Machine backup may be incorrect. | 2019-12-18 | 5 | CVE-2019-8667 MISC |
apple -- macos_mojave | This issue was addressed with improved handling of file metadata. This issue is fixed in macOS Mojave 10.14.4. A malicious application may bypass Gatekeeper checks. | 2019-12-18 | 4.6 | CVE-2019-6239 MISC MISC |
apple -- macos_mojave | A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.5. An application may be able to read restricted memory. | 2019-12-18 | 6.8 | CVE-2019-8603 MISC |
apple -- macos_mojave | An authentication issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.5. A user may be unexpectedly logged in to another user?s account. | 2019-12-18 | 6.5 | CVE-2019-8634 MISC |
apple -- macos_mojave | A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.4. A malicious application may be able to elevate privileges. | 2019-12-18 | 6.8 | CVE-2019-8561 MISC |
apple -- macos_mojave | A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.6. An application may be able to read restricted memory. | 2019-12-18 | 4.3 | CVE-2019-8693 MISC |
apple -- macos_mojave | This issue was addressed with improved checks. This issue is fixed in macOS Mojave 10.14.5. A malicious application may bypass Gatekeeper checks. | 2019-12-18 | 4.3 | CVE-2019-8589 MISC |
apple -- macos_mojave_and_safari | An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.6, Safari 12.1.2. Visiting a malicious website may lead to address bar spoofing. | 2019-12-18 | 4.3 | CVE-2019-8670 MISC MISC |
apple -- multiple_products | A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. | 2019-12-18 | 4.3 | CVE-2019-8690 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. A remote attacker may be able to leak memory. | 2019-12-18 | 5 | CVE-2019-8787 MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8822 MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8821 MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8820 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8819 MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8812 MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8678 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A local user may be able to cause unexpected system termination or read kernel memory. | 2019-12-18 | 6.6 | CVE-2019-8576 MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.1 and iPadOS 13.1, tvOS 13, Safari 13.0.1, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8763 MISC MISC MISC |
apple -- multiple_products | A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting. | 2019-12-18 | 4.3 | CVE-2019-8625 MISC MISC MISC |
apple -- multiple_products | An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A malicious application may be able to read restricted memory. | 2019-12-18 | 4.3 | CVE-2019-8598 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 4.3 | CVE-2019-8597 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | A logic issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. | 2019-12-18 | 4.3 | CVE-2019-8658 MISC MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8735 MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8595 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8596 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8563 MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8686 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. | 2019-12-18 | 4.3 | CVE-2019-8649 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8811 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. A remote attacker may be able to leak memory. | 2019-12-18 | 5 | CVE-2019-8646 MISC MISC MISC MISC |
apple -- multiple_products | A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. A device may be passively tracked by its WiFi MAC address. | 2019-12-18 | 5 | CVE-2019-8620 MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8609 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8594 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8687 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A malicious application may be able to read restricted memory. | 2019-12-18 | 4.3 | CVE-2019-8560 MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8823 MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. Parsing a maliciously crafted office document may lead to an unexpected application termination or arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8657 MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8586 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 4.3 | CVE-2019-8615 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8584 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8673 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows. A sandboxed process may be able to circumvent sandbox restrictions. | 2019-12-18 | 6.8 | CVE-2019-8562 MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8608 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8559 MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8558 MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8556 MISC MISC MISC MISC MISC |
apple -- multiple_products | A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2. Clicking a malicious SMS link may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8553 MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8571 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to universal cross site scripting. | 2019-12-18 | 4.3 | CVE-2019-8813 MISC MISC MISC MISC MISC |
apple -- multiple_products | A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting. | 2019-12-18 | 4.3 | CVE-2019-8719 MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8601 MISC MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8622 MISC MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8681 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8623 MISC MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8677 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8611 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | An input validation issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. An application may be able to gain elevated privileges. | 2019-12-18 | 6.8 | CVE-2019-8577 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8683 MISC MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8610 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8680 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8628 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8644 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. Processing a maliciously crafted movie file may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8585 MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8671 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8679 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8666 MISC MISC MISC MISC MISC MISC MISC |
apple -- safari | An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 13.0.1. Visiting a malicious website may lead to user interface spoofing. | 2019-12-18 | 4.3 | CVE-2019-8654 MISC |
apple -- safari | The issue was addressed with improved handling of service worker lifetime. This issue is fixed in Safari 13.0.1. Service workers may leak private browsing history. | 2019-12-18 | 5 | CVE-2019-8725 MISC |
apple -- watchos | This issue was addressed with improved checks. This issue is fixed in watchOS 5.3. Users removed from an iMessage conversation may still be able to alter state. | 2019-12-18 | 5 | CVE-2019-8659 MISC |
apple -- watchos | An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 5.3. A remote attacker may be able to leak memory. | 2019-12-18 | 5 | CVE-2019-8624 MISC |
apple -- watchos | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8765 MISC |
apple -- watchos | A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to universal cross site scripting. | 2019-12-18 | 4.3 | CVE-2019-8764 MISC |
apple -- watchos | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8743 MISC |
apple -- watchos_and_icloud_for_windows | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | 6.8 | CVE-2019-8766 MISC MISC |
atlassian -- jira | The WorkflowResource class removeStatus method in Jira before version 7.13.12, from version 8.0.0 before version 8.4.3, and from version 8.5.0 before version 8.5.2 allows authenticated remote attackers who do not have project administration access to remove a configured issue status from a project via a missing authorisation check. | 2019-12-18 | 4 | CVE-2019-15013 MISC |
atlassian -- multiple_products | An issue was discovered in the SAML Single Sign On (SSO) plugin for several Atlassian products affecting versions 3.1.0 through 3.2.2 for Jira and Confluence, versions 2.4.0 through 3.0.3 for Bitbucket, and versions 2.4.0 through 2.5.2 for Bamboo. It allows locally disabled users to reactivate their accounts just by browsing the affected Jira/Confluence/Bitbucket/Bamboo instance, even when the applicable configuration option of the plugin has been disabled ("Reactivate inactive users"). Exploiting this vulnerability requires an attacker to be authorized by the identity provider and requires that the plugin's configuration option "User Update Method" have the "Update from SAML Attributes" value. | 2019-12-13 | 6 | CVE-2019-13347 MISC MISC |
centos-webpanel -- centos_web_panel | CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.864 allows an attacker to get a victim's session file name from /home/[USERNAME]/tmp/session/sess_xxxxxx, and the victim's token value from /usr/local/cwpsrv/logs/access_log, then use them to gain access to the victim's password (for the OS and phpMyAdmin) via an attacker account. This is different from CVE-2019-14782. | 2019-12-17 | 4 | CVE-2019-15235 MISC MISC |
centos-webpanel -- centos_web_panel | CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.856 through 0.9.8.864 allows an attacker to get a victim's session file name from the /tmp directory, and the victim's token value from /usr/local/cwpsrv/logs/access_log, then use them to make a request to extract the victim's password (for the OS and phpMyAdmin) via an attacker account. | 2019-12-17 | 4 | CVE-2019-14782 MISC MISC |
contao -- contao | Contao 4.8.4 and 4.8.5 has Improper Encoding or Escaping of Output. It is possible to inject insert tags into the login module which will be replaced when the page is rendered. | 2019-12-17 | 5 | CVE-2019-19714 MISC CONFIRM |
contao -- contao | Contao 4.0 through 4.8.5 allows PHP local file inclusion. A back end user with access to the form generator can upload arbitrary files and execute them on the server. | 2019-12-17 | 6.5 | CVE-2019-19745 MISC CONFIRM |
coredns -- coredns | The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries. | 2019-12-13 | 4.3 | CVE-2019-19794 MISC CONFIRM MISC MISC MISC |
docker -- docker_engine_and_cs_docker_engine | Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 does not properly validate and extract the manifest object from its JSON representation during a pull, which allows attackers to inject new attributes in a JSON object and bypass pull-by-digest validation. | 2019-12-17 | 5 | CVE-2014-8179 MISC MISC MISC MISC MISC CONFIRM |
dovecot -- dovecot | In Dovecot before 2.3.9.2, an attacker can crash a push-notification driver with a crafted email when push notifications are used, because of a NULL Pointer Dereference. The email must use a group address as either the sender or the recipient. | 2019-12-13 | 5 | CVE-2019-19722 CONFIRM CONFIRM CONFIRM CONFIRM |
duplicity -- duplicity | duplicity 0.6.24 has improper verification of SSL certificates | 2019-12-13 | 5 | CVE-2014-3495 MISC MISC MISC MISC |
elog -- elog | ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can recover a user's password hash by sending a crafted HTTP POST request. | 2019-12-17 | 5 | CVE-2019-3993 MISC |
elog -- elog | ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a use after free. A remote unauthenticated attacker can crash the ELOG server by sending multiple HTTP POST requests which causes the ELOG function retrieve_url() to use a freed variable. | 2019-12-17 | 5 | CVE-2019-3994 MISC |
elog -- elog | ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a NULL pointer dereference. A remote unauthenticated attacker can crash the ELOG server by sending a crafted HTTP GET request. | 2019-12-17 | 5 | CVE-2019-3995 MISC |
elog-- elog | ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can access the server's configuration file by sending an HTTP GET request. Amongst the configuration data, the attacker may gain access to valid admin usernames and, in older versions of ELOG, passwords. | 2019-12-17 | 5 | CVE-2019-3992 MISC |
envoy_proxy -- envoy | An issue was discovered in Envoy 1.12.0. Upon receipt of a malformed HTTP request without a Host header, it sends an internally generated "Invalid request" response. This internally generated response is dispatched through the configured encoder filter chain before being sent to the client. An encoder filter that invokes route manager APIs that access a request's Host header causes a NULL pointer dereference, resulting in abnormal termination of the Envoy process. | 2019-12-13 | 5 | CVE-2019-18838 MISC MISC CONFIRM MISC |
huawei -- campusinsight | There is an out-of-bounds read vulnerability in the Advanced Packages feature of the Gauss100 OLTP database in CampusInsight before V100R019C00SPC200. Attackers who gain the specific permission can use this vulnerability by sending elaborate SQL statements to the database. Successful exploit of this vulnerability may cause the database to crash. | 2019-12-13 | 4 | CVE-2019-5278 MISC |
huawei -- cloudengine | CloudEngine 12800 has a DoS vulnerability. An attacker of a neighboring device sends a large number of specific packets. As a result, a memory leak occurs after the device uses the specific packet. As a result, the attacker can exploit this vulnerability to cause DoS attacks on the target device. | 2019-12-13 | 6.1 | CVE-2019-5248 MISC |
huawei -- cloudusm-eua_product | Huawei CloudUSM-EUA V600R006C10;V600R019C00 have an information leak vulnerability. Due to improper configuration, the attacker may cause information leak by successful exploitation. | 2019-12-13 | 5 | CVE-2019-5277 MISC |
huawei -- mate_20_pro_smartphones | Mate 20 Pro smartphones with versions earlier than 9.1.0.135(C00E133R3P1) have an improper authorization vulnerability. The software does not properly restrict certain operation of certain privilege, the attacker could trick the user into installing a malicious application before the user turns on student mode function. Successful exploit could allow the attacker to bypass the limit of student mode function. | 2019-12-13 | 6.8 | CVE-2019-5250 MISC |
huawei -- multiple_products | There is a weak algorithm vulnerability in some Huawei products. The affected products use weak algorithms by default. Attackers may exploit the vulnerability to cause information leaks. | 2019-12-13 | 5 | CVE-2019-19397 MISC |
huawei -- multiple_products | Some Huawei products have an insufficient verification of data authenticity vulnerability. A remote, unauthenticated attacker has to intercept specific packets between two devices, modify the packets, and send the modified packets to the peer device. Due to insufficient verification of some fields in the packets, an attacker may exploit the vulnerability to cause the target device to be abnormal. | 2019-12-13 | 4.3 | CVE-2019-5291 MISC |
huawei -- multiple_products | Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal. | 2019-12-13 | 5 | CVE-2019-5254 MISC |
huawei -- multiple_smartphones | There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure. | 2019-12-13 | 4.3 | CVE-2019-5251 MISC |
huawei -- s5700_and_s6700_devices | Huawei S5700 and S6700 have a DoS security vulnerability. Attackers with certain permissions perform specific operations on affected devices. Because the pointer in the program is not processed properly, the vulnerability can be exploited to cause the device to be abnormal. | 2019-12-13 | 4 | CVE-2019-5290 MISC |
huawei -- y9_2019_and_honor_view_20_smartphones | Huawei smartphones HUAWEI Y9 2019 and Honor View 20 have a denial of service vulnerability. Due to insufficient input validation of specific value when parsing the messages, an attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices to exploit this vulnerability. Successful exploit may cause an infinite loop and the device to reboot. | 2019-12-13 | 6.1 | CVE-2019-5260 MISC |
ibm -- api_connect | IBM API Connect 2018.4.1.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 168510. | 2019-12-18 | 5 | CVE-2019-4609 XF CONFIRM |
ibm -- financial_transaction_manager | IBM Financial Transaction Manager 3.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 172882. | 2019-12-20 | 4.3 | CVE-2019-4744 XF CONFIRM |
ibm -- financial_transaction_manager | IBM Financial Transaction Manager 3.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 172880. | 2019-12-20 | 4.3 | CVE-2019-4743 XF CONFIRM |
ibm -- mq_and_mq_appliance | IBM MQ and IBM MQ Appliance 9.1 CD, 9.1 LTS, 9.0 LTS, and 8.0 is vulnerable to a denial of service attack caused by channels processing poorly formatted messages. IBM X-Force ID: 166357. | 2019-12-16 | 4 | CVE-2019-4560 XF CONFIRM |
imagemagick -- imagemagick | imagemagick 6.8.9.6 has remote DOS via infinite loop | 2019-12-15 | 4.3 | CVE-2014-8561 MISC MISC MISC MISC MISC |
intel -- control_center-i | Unquoted service path in Control Center-I version 2.1.0.0 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access. | 2019-12-16 | 4.6 | CVE-2019-14599 MISC |
jenkins -- jenkins | A missing permission check in Jenkins Alauda DevOps Pipeline Plugin 2.3.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 2019-12-17 | 4 | CVE-2019-16574 MLIST CONFIRM |
jenkins -- jenkins | A cross-site request forgery vulnerability in Jenkins Team Concert Plugin 1.3.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 2019-12-17 | 6.8 | CVE-2019-16565 MLIST CONFIRM |
jenkins -- jenkins | A missing permission check in Jenkins Team Concert Plugin 1.3.0 and earlier in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins. | 2019-12-17 | 4 | CVE-2019-16567 MLIST CONFIRM |
jenkins -- jenkins | A missing permission check in Jenkins RapidDeploy Plugin 4.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server. | 2019-12-17 | 4 | CVE-2019-16571 MLIST CONFIRM |
jenkins -- jenkins | Jenkins WebSphere Deployer Plugin 1.6.1 and earlier allows users with Overall/Read access to disable SSL/TLS certificate and hostname validation for the entire Jenkins master JVM. | 2019-12-17 | 5.5 | CVE-2019-16561 MLIST CONFIRM |
jenkins -- jenkins | A cross-site request forgery vulnerability in Jenkins Alauda DevOps Pipeline Plugin 2.3.2 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 2019-12-17 | 6.8 | CVE-2019-16573 MLIST CONFIRM |
jenkins -- jenkins | Jenkins SCTMExecutor Plugin 2.2 and earlier transmits previously configured service credentials in plain text as part of the global configuration, as well as individual jobs' configurations. | 2019-12-17 | 5 | CVE-2019-16568 MLIST CONFIRM |
jenkins -- jenkins | A cross-site request forgery vulnerability in Jenkins Mantis Plugin 0.26 and earlier allows attackers to connect to an attacker-specified web server using attacker-specified credentials. | 2019-12-17 | 4.3 | CVE-2019-16569 MLIST CONFIRM |
jenkins -- jenkins | A missing permission check in Jenkins Alauda Kubernetes Suport Plugin 2.3.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing the Kubernetes service account token or credentials stored in Jenkins. | 2019-12-17 | 4 | CVE-2019-16576 MLIST CONFIRM |
jenkins -- jenkins | A cross-site request forgery vulnerability in Jenkins Alauda Kubernetes Suport Plugin 2.3.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing the Kubernetes service account token or credentials stored in Jenkins. | 2019-12-17 | 6.8 | CVE-2019-16575 MLIST CONFIRM |
jenkins -- jenkins | A missing permission check in Jenkins Team Concert Plugin 1.3.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 2019-12-17 | 4 | CVE-2019-16566 MLIST CONFIRM |
jenkins -- jenkins | A cross-site request forgery vulnerability in Jenkins RapidDeploy Plugin 4.1 and earlier allows attackers to connect to an attacker-specified web server. | 2019-12-17 | 6.8 | CVE-2019-16570 MLIST CONFIRM |
jersey -- jersey | jersey: XXE via parameter entities not disabled by the jersey SAX parser | 2019-12-15 | 5 | CVE-2014-3643 REDHAT MISC |
joomla -- joomla! | In Joomla! before 3.9.14, a missing access check in framework files could lead to a path disclosure. | 2019-12-18 | 5 | CVE-2019-19845 MISC |
knot-resolver -- knot-resolver | knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for each such uncached message. For example, a few thousand A records can be squashed into one DNS message (limit is 64kB). | 2019-12-16 | 5 | CVE-2019-19331 CONFIRM MISC |
libsixel_project -- libsixel | stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has a heap-based buffer over-read in stbi__load_main. | 2019-12-13 | 6.8 | CVE-2019-19777 MISC |
libsixel_project -- libsixel | An issue was discovered in libsixel 1.8.2. There is a heap-based buffer over-read in the function load_sixel at loader.c. | 2019-12-13 | 6.8 | CVE-2019-19778 MISC |
linux -- linux_kernel | In the Linux kernel before 5.3.11, sound/core/timer.c has a use-after-free caused by erroneous code refactoring, aka CID-e7af6307a8a5. This is related to snd_timer_open and snd_timer_close_locked. The timeri variable was originally intended to be for a newly created timer instance, but was used for a different purpose after refactoring. | 2019-12-15 | 4.9 | CVE-2019-19807 MISC MISC MISC |
linux -- linux_kernel | In the Linux kernel before 5.4.2, the io_uring feature leads to requests that inadvertently have UID 0 and full capabilities, aka CID-181e448d8709. This is related to fs/io-wq.c, fs/io_uring.c, and net/socket.c. For example, an attacker can bypass intended restrictions on adding an IPv4 address to the loopback interface. This occurs because IORING_OP_SENDMSG operations, although requested in the context of an unprivileged user, are sometimes performed by a kernel worker thread without considering that context. | 2019-12-17 | 4.6 | CVE-2019-19241 MISC MISC MISC MISC |
lout -- lout | Lout 3.40 has a heap-based buffer overflow in the srcnext() function in z02.c. | 2019-12-20 | 6.8 | CVE-2019-19918 MISC |
lout -- lout | Lout 3.40 has a buffer overflow in the StringQuotedWord() function in z39.c. | 2019-12-20 | 6.8 | CVE-2019-19917 MISC |
mahara -- mahara | Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.4.x before 1.4.3 and 1.5.x before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) javascript innerHTML as used when generating login forms, (2) links or (3) resources URLs, and (4) the Display name in a user profile. | 2019-12-17 | 4.3 | CVE-2012-2237 MISC MISC MISC MISC MISC |
micro_focus -- arcsight_logger | Cross-Site Request Forgery vulnerability in all Micro Focus ArcSight Logger affecting all product versions below version 7.0. The vulnerability could be exploited to perform CSRF attack. | 2019-12-17 | 6.8 | CVE-2019-11657 MISC |
nitro -- nitro_free_pdf_reader | The JBIG2Decode library in npdf.dll in Nitro Free PDF Reader 12.0.0.112 has a CAPPDAnnotHandlerUtils::PDAnnotHandlerDestroyData2+0xa08a Out-of-Bounds Read via crafted Unicode content. | 2019-12-16 | 4.3 | CVE-2019-19818 MISC MISC |
npm -- cli | Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It fails to prevent access to folders outside of the intended node_modules folder through the bin field. A properly constructed entry in the package.json bin field would allow a package publisher to modify and/or gain access to arbitrary files on a user?s system when the package is installed. This behavior is still possible through install scripts. This vulnerability bypasses a user using the --ignore-scripts install option. | 2019-12-13 | 5.5 | CVE-2019-16776 MISC CONFIRM |
npm -- cli | Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It is possible for packages to create symlinks to files outside of thenode_modules folder through the bin field upon installation. A properly constructed entry in the package.json bin field would allow a package publisher to create a symlink pointing to arbitrary files on a user?s system when the package is installed. This behavior is still possible through install scripts. This vulnerability bypasses a user using the --ignore-scripts install option. | 2019-12-13 | 4 | CVE-2019-16775 MISC CONFIRM |
npm -- cli | Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For example, if a package was installed globally and created a serve binary, any subsequent installs of packages that also create a serve binary would overwrite the previous serve binary. This behavior is still allowed in local installations and also through install scripts. This vulnerability bypasses a user using the --ignore-scripts install option. | 2019-12-13 | 5.5 | CVE-2019-16777 MISC CONFIRM |
owncloud -- owncloud | Cross-site scripting (XSS) vulnerability in ownCloud 4.5.5, 4.0.10, and earlier allows remote attackers to inject arbitrary web script or HTML via the action parameter to core/ajax/sharing.php. | 2019-12-17 | 4.3 | CVE-2013-0202 MISC MISC |
pen -- pen | Pen 0.18.0 has Insecure Temporary File Creation vulnerabilities | 2019-12-13 | 4.6 | CVE-2014-2387 MISC MISC MISC MISC MISC MISC MISC |
petwant_and_skymee -- pf-103_and_petalk_ai | The udpServerSys service in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to initiate firmware upgrades and alter device settings. | 2019-12-13 | 5 | CVE-2019-16731 MISC |
puppet -- puppet_agent | Previous versions of Puppet Agent didn't verify the peer in the SSL connection prior to downloading the CRL. This issue is resolved in Puppet Agent 6.4.0. | 2019-12-16 | 5 | CVE-2018-11751 MISC |
qpid-cpp -- qpid-cpp | qpid-cpp: ACL policies only loaded if the acl-file option specified enabling DoS by consuming all available file descriptors | 2019-12-13 | 5 | CVE-2014-0212 MISC MISC MISC |
qualcomm -- multiple_snapdragon_products | Possibility of out of bound access in debug queue, if packet size field is corrupted in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS405, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 | 2019-12-18 | 4.6 | CVE-2019-10584 CONFIRM |
red_hat -- cloudforms_management_engine | CFME: CSRF protection vulnerability via permissive check of the referrer header | 2019-12-13 | 6.8 | CVE-2014-0197 MISC MISC |
red_hat -- jboss_keycloak | JBoss KeyCloak: Open redirect vulnerability via failure to validate the redirect URL. | 2019-12-15 | 5.8 | CVE-2014-3652 MISC MISC |
samurai -- samurai | samurai 0.7 has a heap-based buffer overflow in canonpath in util.c via a crafted build file. | 2019-12-13 | 6.8 | CVE-2019-19795 MISC |
sap -- treasury_and_risk_management | Transaction Management in SAP Treasury and Risk Management (corrected in S4CORE versions 1.01, 1.02, 1.03, 1.04 and EA-FINSERV versions 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. | 2019-12-17 | 6.5 | CVE-2019-0383 MISC CONFIRM |
sap -- treasury_and_risk_management | Transaction Management in SAP Treasury and Risk Management (corrected in S4CORE versions 1.01, 1.02, 1.03, 1.04 and EA-FINSERV versions 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0) does not perform necessary authorization checks for functionalities that require user identity. | 2019-12-17 | 6.5 | CVE-2019-0384 MISC CONFIRM |
solarwinds -- serv-u_ftp_server | A CSV injection vulnerability exists in the web UI of SolarWinds Serv-U FTP Server v15.1.7. | 2019-12-16 | 4 | CVE-2019-13181 MISC FULLDISC MISC |
sonicwall -- sma100_devices | Vulnerability in SonicWall SMA100 allow unauthenticated user to gain read-only access to unauthorized resources. This vulnerablity impacted SMA100 version 9.0.0.3 and earlier. | 2019-12-17 | 5 | CVE-2019-7481 CONFIRM |
spip -- spip | _core_/plugins/medias in SPIP 3.2.x before 3.2.7 allows remote authenticated authors to inject content into the database. | 2019-12-17 | 4 | CVE-2019-19830 MISC MISC DEBIAN MISC |
sqlite -- sqlite | exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled. | 2019-12-18 | 5 | CVE-2019-19880 MISC |
suphp -- suphp | suPHP before 0.7.2 source-highlighting feature allows security bypass which could lead to arbitrary code execution | 2019-12-13 | 4.4 | CVE-2014-1867 MISC MISC MISC MISC |
tematres -- tematres | TemaTres 3.0 has reflected XSS via the replace_string or search_string parameter to the vocab/admin.php?doAdmin=bulkReplace URI. | 2019-12-13 | 4.3 | CVE-2019-14344 MISC MISC |
tibco -- spotfire_analytics_platform_for_aws_marketplace_and_spotfire_server | The Spotfire library component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains a vulnerability that theoretically allows an attacker to perform a reflected cross-site scripting (XSS) attack. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace: version 10.6.0 and TIBCO Spotfire Server: versions 7.11.7 and below, versions 7.12.0, 7.13.0, 7.14.0, 10.0.0, 10.0.1, 10.1.0, 10.2.0, 10.2.1, 10.3.0, 10.3.1, 10.3.2, 10.3.3, and 10.3.4, versions 10.4.0, 10.5.0, and 10.6.0. | 2019-12-17 | 4.3 | CVE-2019-17337 MISC MISC |
typo3 -- typo3 | An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. Because escaping of user-submitted content is mishandled, the class QueryGenerator is vulnerable to SQL injection. Exploitation requires having the system extension ext:lowlevel installed, and a valid backend user who has administrator privileges. | 2019-12-17 | 6.5 | CVE-2019-19850 MISC MISC |
veracrypt -- veracrypt | VeraCrypt 1.24 allows Local Privilege Escalation during execution of VeraCryptExpander.exe. | 2019-12-13 | 4.6 | CVE-2019-19501 MISC MISC |
wordpress -- wordpress | The quiz-master-next (aka Quiz And Survey Master) plugin before 6.3.5 for WordPress is affected by: Cross Site Scripting (XSS). The impact is: Allows an attacker to execute arbitrary HTML and JavaScript code via the from or till parameter (and/or the quiz_id parameter). The component is: admin/quiz-options-page.php. The attack vector is: When the Administrator is logged in, a reflected XSS may execute upon a click on a malicious URL. | 2019-12-13 | 4.3 | CVE-2019-17599 MISC MISC MISC MISC |
yabasic -- yabasic | Yabasic 2.86.2 has a heap-based buffer overflow in myformat in function.c via a crafted BASIC source file. | 2019-12-13 | 6.8 | CVE-2019-19796 MISC |
zend_framework -- zend_framework | ZF2014-03 has a potential cross site scripting vector in multiple view helpers | 2019-12-15 | 4.3 | CVE-2014-4913 MISC MISC MISC MISC MISC |
zulip -- zulip_server | The image thumbnailing handler in Zulip Server versions 1.9.0 to before 2.0.8 allowed an open redirect that was visible to logged-in users. | 2019-12-18 | 5.8 | CVE-2019-19775 CONFIRM CONFIRM |
Low Vulnerabilities
Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
altn -- mdaemon_email_server | MDaemon Email Server 17.5.1 allows XSS via the filename of an attachment to an email message. | 2019-12-17 | 3.5 | CVE-2019-19497 MISC MISC |
apple -- ios | A logic issue was addressed with improved restrictions. This issue is fixed in iOS 12.3. A person with physical access to an iOS device may be able to see the email address used for iTunes. | 2019-12-18 | 2.1 | CVE-2019-8599 MISC |
apple -- ios | The issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 13. A person with physical access to an iOS device may be able to access contacts from the lock screen. | 2019-12-18 | 2.1 | CVE-2019-8742 MISC |
apple -- ios_and_watchos | The issue was addressed with improved UI handling. This issue is fixed in iOS 12.4, watchOS 5.3. A user may inadvertently complete an in-app purchase while on the lock screen. | 2019-12-18 | 2.1 | CVE-2019-8682 MISC MISC |
apple -- macos_mojave | Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.4. Processing malicious data may lead to unexpected application termination. | 2019-12-18 | 2.1 | CVE-2019-8507 MISC |
apple -- macos_mojave | A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.6. An application may be able to read restricted memory. | 2019-12-18 | 2.1 | CVE-2019-8691 MISC |
apple -- macos_mojave | An access issue was addressed with improved memory management. This issue is fixed in macOS Mojave 10.14.4. A local user may be able to view a user?s locked notes. | 2019-12-18 | 2.1 | CVE-2019-8537 MISC |
apple -- macos_mojave | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Mojave 10.14.4. A malicious application may be able to read restricted memory. | 2019-12-18 | 2.1 | CVE-2019-8520 MISC |
apple -- macos_mojave | A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.6. An application may be able to read restricted memory. | 2019-12-18 | 2.1 | CVE-2019-8692 MISC |
apple -- multiple_products | A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A local user may be able to modify protected parts of the file system. | 2019-12-18 | 2.1 | CVE-2019-8568 MISC MISC MISC MISC |
apple -- multiple_products | An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout. | 2019-12-18 | 2.1 | CVE-2019-8510 MISC MISC MISC MISC |
apple -- multiple_products | An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout. | 2019-12-18 | 2.1 | CVE-2019-6207 MISC MISC MISC MISC |
apple -- tvos | An authentication issue was addressed with improved state management. This issue is fixed in tvOS 13. A local user may be able to leak sensitive user information. | 2019-12-18 | 2.1 | CVE-2019-8704 MISC MISC |
hammer_cli_foreman_gem_for_ruby_on_rails -- hammer_cli_foreman_gem_for_ruby_on_rails | rubygem-hammer_cli_foreman: File /etc/hammer/cli.modules.d/foreman.yml world readable | 2019-12-13 | 2.1 | CVE-2014-0241 MISC MISC |
ibm -- api_connect | IBM API Connect 2018.1 through 2018.4.1.7 Developer Portal's user registration page does not disable password autocomplete. An attacker with access to the browser instance and local system credentials can steal the credentials used for registration. IBM X-Force ID: 163453. | 2019-12-16 | 2.1 | CVE-2019-4444 XF CONFIRM |
ibm -- case_builder_and_case_manager | The Case Builder component shipped with 18.0.0.1 through 19.0.0.2 and IBM Case Manager 5.1.1 through 5.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 162772. | 2019-12-13 | 3.5 | CVE-2019-4426 XF CONFIRM CONFIRM |
jenkins -- jenkins | Jenkins buildgraph-view Plugin 1.8 and earlier does not escape the description of builds shown in its view, resulting in a stored XSS vulnerability exploitable by users able to change build descriptions. | 2019-12-17 | 3.5 | CVE-2019-16562 MLIST CONFIRM |
jenkins -- jenkins | Jenkins Weibo Plugin 1.0.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | 2019-12-17 | 2.1 | CVE-2019-16572 MLIST CONFIRM |
jenkins -- jenkins | Jenkins Pipeline Aggregator View Plugin 1.8 and earlier does not escape information shown on its view, resulting in a stored XSS vulnerability exploitable by attackers able to affects view content such as job display name or pipeline stage names. | 2019-12-17 | 3.5 | CVE-2019-16564 MLIST CONFIRM |
jenkins -- jenkins | Jenkins Mission Control Plugin 0.9.16 and earlier does not escape job display names and build names shown on its view, resulting in a stored XSS vulnerability exploitable by attackers able to change these properties. | 2019-12-17 | 3.5 | CVE-2019-16563 MLIST CONFIRM |
red_hat -- cloudforms_management_engine | CFME (CloudForms Management Engine) 5: RHN account information is logged to top_output.log during registration | 2019-12-15 | 2.1 | CVE-2014-3536 MISC MISC |
solarwinds -- serv-u_ftp_server | A stored cross-site scripting (XSS) vulnerability exists in the web UI of SolarWinds Serv-U FTP Server 15.1.7. | 2019-12-16 | 3.5 | CVE-2019-13182 MISC FULLDISC MISC |
Severity Not Yet Assigned
Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
3s-smart -- multiple_codesys_products | 3S-Smart CODESYS SP Realtime NT before V2.3.7.28, CODESYS Runtime Toolkit 32 bit full before V2.4.7.54, and CODESYS PLCWinNT before V2.4.7.54 allow a NULL pointer dereference. | 2019-12-20 | not yet calculated | CVE-2019-19789 CONFIRM MISC |
abb -- pb610_panel_builder_600 | The HMISimulator component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier fails to validate the content-length field for HTTP requests, exposing HMISimulator to denial of service via crafted HTTP requests manipulating the content-length setting. | 2019-12-18 | not yet calculated | CVE-2019-18995 MISC |
abb -- pb610_panel_builder_600 | The HMISimulator component of ABB PB610 Panel Builder 600 uses the readFile/writeFile interface to manipulate the work file. Path configuration in PB610 HMISimulator versions 2.8.0.424 and earlier potentially allows access to files outside of the working directory, thus potentially supporting unauthorized file access. | 2019-12-18 | not yet calculated | CVE-2019-18997 MISC |
abb -- pb610_panel_builder_600 | Due to a lack of file length check, the HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier crashes when trying to load an empty *.JPR application file. An attacker with access to the file system might be able to cause application malfunction such as denial of service. | 2019-12-18 | not yet calculated | CVE-2019-18994 MISC |
abb -- pb610_panel_builder_600 | Path settings in HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier accept DLLs outside of the program directory, potentially allowing an attacker with access to the local file system the execution of code in the application?s context. | 2019-12-18 | not yet calculated | CVE-2019-18996 MISC |
acer -- quick_access | In the Quick Access Service (QAAdminAgent.exe) in Acer Quick Access V2.01.3000 through 2.01.3027 and V3.00.3000 through V3.00.3008, a REGULAR user can load an arbitrary unsigned DLL into the signed service's process, which is running as NT AUTHORITY\SYSTEM. This is a DLL Hijacking vulnerability (including search order hijacking, which searches for the missing DLL in the PATH environment variable), which is caused by an uncontrolled search path element for nvapi.dll, atiadlxx.dll, or atiadlxy.dll. | 2019-12-17 | not yet calculated | CVE-2019-18670 MISC CONFIRM |
adobe -- coldfusion | ColdFusion versions Update 6 and earlier have an insecure inherited permissions of default installation directory vulnerability. Successful exploitation could lead to privilege escalation. | 2019-12-19 | not yet calculated | CVE-2019-8256 CONFIRM |
adobe -- acrobat_and_reader | Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . | 2019-12-19 | not yet calculated | CVE-2019-16448 CONFIRM |
adobe -- acrobat_and_reader | Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . | 2019-12-19 | not yet calculated | CVE-2019-16457 CONFIRM |
adobe -- acrobat_and_reader | Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . | 2019-12-19 | not yet calculated | CVE-2019-16464 CONFIRM |
adobe -- acrobat_and_reader | Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have a security bypass vulnerability. Successful exploitation could lead to arbitrary code execution. | 2019-12-19 | not yet calculated | CVE-2019-16453 CONFIRM |
adobe -- acrobat_and_reader | Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . | 2019-12-19 | not yet calculated | CVE-2019-16452 CONFIRM |
adobe -- acrobat_and_reader | Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . | 2019-12-19 | not yet calculated | CVE-2019-16449 CONFIRM |
adobe -- acrobat_and_reader | Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . | 2019-12-19 | not yet calculated | CVE-2019-16465 CONFIRM |
adobe -- acrobat_and_reader | Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have a binary planting (default folder privilege escalation) vulnerability. Successful exploitation could lead to privilege escalation. | 2019-12-19 | not yet calculated | CVE-2019-16444 CONFIRM |
adobe -- acrobat_and_reader | Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . | 2019-12-19 | not yet calculated | CVE-2019-16445 CONFIRM |
adobe -- acrobat_and_reader | Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . | 2019-12-19 | not yet calculated | CVE-2019-16456 CONFIRM |
adobe -- acrobat_and_reader | Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution . | 2019-12-19 | not yet calculated | CVE-2019-16451 CONFIRM |
adobe -- acrobat_and_reader | Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | 2019-12-19 | not yet calculated | CVE-2019-16450 CONFIRM |
adobe -- acrobat_and_reader | Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . | 2019-12-19 | not yet calculated | CVE-2019-16463 CONFIRM |
adobe -- acrobat_and_reader | Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . | 2019-12-19 | not yet calculated | CVE-2019-16459 CONFIRM |
adobe -- acrobat_and_reader | Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . | 2019-12-19 | not yet calculated | CVE-2019-16461 CONFIRM |
adobe -- acrobat_and_reader | Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . | 2019-12-19 | not yet calculated | CVE-2019-16455 CONFIRM |
adobe -- acrobat_and_reader | Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | 2019-12-19 | not yet calculated | CVE-2019-16454 CONFIRM |
adobe -- acrobat_and_reader | Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . | 2019-12-19 | not yet calculated | CVE-2019-16458 CONFIRM |
adobe -- acrobat_and_reader | Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution . | 2019-12-19 | not yet calculated | CVE-2019-16462 CONFIRM |
adobe -- acrobat_and_reader | Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . | 2019-12-19 | not yet calculated | CVE-2019-16446 CONFIRM |
adobe -- acrobat_and_reader | Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . | 2019-12-19 | not yet calculated | CVE-2019-16460 CONFIRM |
adobe -- brackets | Brackets versions 1.14 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution. | 2019-12-19 | not yet calculated | CVE-2019-8255 CONFIRM |
adobe -- photoshop_cc | Adobe Photoshop CC versions before 20.0.8 and 21.0.x before 21.0.2 have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | 2019-12-19 | not yet calculated | CVE-2019-8253 CONFIRM |
adobe -- photoshop_cc | Adobe Photoshop CC versions before 20.0.8 and 21.0.x before 21.0.2 have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | 2019-12-19 | not yet calculated | CVE-2019-8254 CONFIRM |
apache -- http_server | A Path traversal exists in http_server which allows an attacker to read arbitrary system files. | 2019-12-18 | not yet calculated | CVE-2019-15600 MISC |
apache -- log4j | Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17. | 2019-12-20 | not yet calculated | CVE-2019-17571 CONFIRM |
apache -- xerces-c | The Apache Xerces-C 3.0.0 to 3.2.2 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via the DOM using a standard parser feature, or via SAX using the XERCES_DISABLE_DTD environment variable. | 2019-12-18 | not yet calculated | CVE-2018-1311 CONFIRM |
apple -- macos_catalina | A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue is fixed in macOS Catalina 10.15.1. An application may be able to execute arbitrary code with system privileges. | 2019-12-18 | not yet calculated | CVE-2019-8805 MISC |
apple -- macos_catalina | A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Catalina 10.15.1. An application may be able to read restricted memory. | 2019-12-18 | not yet calculated | CVE-2019-8817 MISC |
apple -- macos_catalina | A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15. An application may be able to execute arbitrary code with system privileges. | 2019-12-18 | not yet calculated | CVE-2019-8701 MISC |
apple -- icloud_for_windows | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | not yet calculated | CVE-2019-8710 MISC |
apple -- ios | A logic issue existed in the handling of answering phone calls. The issue was addressed with improved state management. This issue is fixed in iOS 12.4. The initiator of a phone call may be able to cause the recipient to answer a simultaneous Walkie-Talkie connection. | 2019-12-18 | not yet calculated | CVE-2019-8699 MISC |
apple -- ios | The issue was addressed with improved UI handling. This issue is fixed in iOS 12.3. The lock screen may show a locked icon after unlocking. | 2019-12-18 | not yet calculated | CVE-2019-8630 MISC |
apple -- ios | This issue was addressed with improved checks. This issue is fixed in iOS 12.2. Processing a maliciously crafted mail message may lead to S/MIME signature spoofing. | 2019-12-18 | not yet calculated | CVE-2019-7284 MISC |
apple -- ios | A consistency issue was addressed with improved state handling. This issue is fixed in iOS 12.2. A website may be able to access the microphone without the microphone use indicator being shown. | 2019-12-18 | not yet calculated | CVE-2019-6222 MISC |
apple -- ios | An API issue existed in the handling of microphone data. This issue was addressed with improved validation. This issue is fixed in iOS 12.2. A malicious application may be able to access the microphone without indication to the user. | 2019-12-18 | not yet calculated | CVE-2019-8566 MISC |
apple -- ios | A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4. An application may be able to execute arbitrary code with kernel privileges. | 2019-12-18 | not yet calculated | CVE-2019-7287 MISC |
apple -- ios | This issue was addressed with improved transparency. This issue is fixed in iOS 12.2. A user may authorize an enterprise administrator to remotely wipe their device without appropriate disclosure. | 2019-12-18 | not yet calculated | CVE-2019-8512 MISC |
apple -- ios | This issue was addressed by improving Face ID machine learning models. This issue is fixed in iOS 13. A 3D model constructed to look like the enrolled user may authenticate via Face ID. | 2019-12-18 | not yet calculated | CVE-2019-8760 MISC |
apple -- ios_and_ipados | A logic issue applied the incorrect restrictions. This issue was addressed by updating the logic to apply the correct restrictions. This issue is fixed in iOS 13.1.1 and iPadOS 13.1.1. Third party app extensions may not receive the correct sandbox restrictions. | 2019-12-18 | not yet calculated | CVE-2019-8779 MISC |
apple -- ios_and_ipados | The issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 13.1 and iPadOS 13.1. A person with physical access to an iOS device may be able to access contacts from the lock screen. | 2019-12-18 | not yet calculated | CVE-2019-8775 MISC MISC |
apple -- ios_and_ipados | A consistency issue existed in deciding when to show the screen recording indicator. The issue was resolved with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2. A local user may be able to record the screen without a visible screen recording indicator. | 2019-12-18 | not yet calculated | CVE-2019-8793 MISC |
apple -- ios_and_ipados | An inconsistency in Wi-Fi network configuration settings was addressed. This issue is fixed in iOS 13.2 and iPadOS 13.2. An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup. | 2019-12-18 | not yet calculated | CVE-2019-8804 MISC |
apple -- ios_and_ipados_and_macos_catalina | An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history. | 2019-12-18 | not yet calculated | CVE-2019-8769 MISC |
apple -- ios_and_ipados_and_macos_catalina | An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1. Improper URL processing may lead to data exfiltration. | 2019-12-18 | not yet calculated | CVE-2019-8788 MISC MISC |
apple -- ios_and_ipados_and_macos_catalina | A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1. Parsing a maliciously crafted iBooks file may lead to disclosure of user information. | 2019-12-18 | not yet calculated | CVE-2019-8789 MISC MISC |
apple -- ios_and_ipados_and_tvos | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2. An application may be able to execute arbitrary code with system privileges. | 2019-12-18 | not yet calculated | CVE-2019-8795 MISC MISC |
apple -- ios_and_macos_mojave | This issue was addressed with improved checks. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A malicious application may be able to overwrite arbitrary files. | 2019-12-18 | not yet calculated | CVE-2019-8521 MISC MISC |
apple -- ios_and_macos_mojave | A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A local user may be able to read kernel memory. | 2019-12-18 | not yet calculated | CVE-2019-8504 MISC MISC |
apple -- ios_and_macos_mojave | A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. An application may be able to execute arbitrary code with kernel privileges. | 2019-12-18 | not yet calculated | CVE-2019-8529 MISC MISC |
apple -- ios_and_macos_mojave | A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4, macOS Mojave 10.14.3 Supplemental Update. An application may be able to gain elevated privileges. | 2019-12-18 | not yet calculated | CVE-2019-7286 MISC MISC MISC MISC |
apple -- ios_and_macos_mojave_and_tvos | An access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A local user may be able to view sensitive user information. | 2019-12-18 | not yet calculated | CVE-2019-8546 MISC MISC MISC |
apple -- ios_and_macos_mojave_and_tvos | This issue was addressed with improved checks. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2. A malicious application may be able to overwrite arbitrary files. | 2019-12-18 | not yet calculated | CVE-2019-8530 MISC MISC MISC |
apple -- ios_and_macos_mojave_and_watchos | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A malicious application may be able to elevate privileges. | 2019-12-18 | not yet calculated | CVE-2019-8511 MISC MISC MISC |
apple -- ios_and_macos_mojave_and_watchos | An issue existed in the pausing of FaceTime video. The issue was resolved with improved logic. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A user?s video may not be paused in a FaceTime call if they exit the FaceTime app while the call is ringing. | 2019-12-18 | not yet calculated | CVE-2019-8550 MISC MISC MISC |
apple -- ios_and_safari | A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, Safari 12.1. Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting. | 2019-12-18 | not yet calculated | CVE-2019-8505 MISC MISC |
apple -- ios_and_safari | A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, Safari 12.1. Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting. | 2019-12-18 | not yet calculated | CVE-2019-6204 MISC MISC |
apple -- ios_and_watchos | A privacy issue existed in motion sensor calibration. This issue was addressed with improved motion sensor processing. This issue is fixed in iOS 12.2, watchOS 5.2. A malicious app may be able to track users between installs. | 2019-12-18 | not yet calculated | CVE-2019-8541 MISC MISC |
apple -- macos_catalina | A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15. A malicious application may be able to determine kernel memory layout. | 2019-12-18 | not yet calculated | CVE-2019-8755 MISC |
apple -- macos_catalina | A race condition existed when reading and writing user preferences. This was addressed with improved state handling. This issue is fixed in macOS Catalina 10.15. The "Share Mac Analytics" setting may not be disabled when a user deselects the switch to share analytics. | 2019-12-18 | not yet calculated | CVE-2019-8757 MISC |
apple -- macos_catalina | The contents of locked notes sometimes appeared in search results. This issue was addressed with improved data cleanup. This issue is fixed in macOS Catalina 10.15. A local user may be able to view a user?s locked notes. | 2019-12-18 | not yet calculated | CVE-2019-8730 MISC |
apple -- macos_catalina_and_itunes_for_windows | A dynamic library loading issue existed in iTunes setup. This was addressed with improved path searching. This issue is fixed in macOS Catalina 10.15.1, iTunes for Windows 12.10.2. Running the iTunes installer in an untrusted directory may result in arbitrary code execution. | 2019-12-18 | not yet calculated | CVE-2019-8801 MISC MISC |
apple -- macos_mojave | A lock handling issue was addressed with improved lock handling. This issue is fixed in macOS Mojave 10.14.4. A Mac may not lock when disconnecting from an external monitor. | 2019-12-18 | not yet calculated | CVE-2019-8533 MISC |
apple -- macos_mojave | A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4. An encrypted volume may be unmounted and remounted by a different user without prompting for the password. | 2019-12-18 | not yet calculated | CVE-2019-8522 MISC |
apple -- macos_mojave | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Mojave 10.14.4. An application may be able to read restricted memory. | 2019-12-18 | not yet calculated | CVE-2019-8519 MISC |
apple -- macos_mojave | A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Mojave 10.14.5. A local user may be able to load unsigned kernel extensions. | 2019-12-18 | not yet calculated | CVE-2019-8606 MISC |
apple -- multiple_products | A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout. | 2019-12-18 | not yet calculated | CVE-2019-8540 MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | not yet calculated | CVE-2019-8619 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | A validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted string may lead to a denial of service. | 2019-12-18 | not yet calculated | CVE-2019-8516 MISC MISC MISC MISC |
apple -- multiple_products | An API issue existed in the handling of dictation requests. This issue was addressed with improved validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to initiate a Dictation request without user authorization. | 2019-12-18 | not yet calculated | CVE-2019-8502 MISC MISC MISC MISC |
apple -- multiple_products | A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory. | 2019-12-18 | not yet calculated | CVE-2019-8527 MISC MISC MISC MISC |
apple -- multiple_products | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted font may result in the disclosure of process memory. | 2019-12-18 | not yet calculated | CVE-2019-8517 MISC MISC MISC MISC |
apple -- multiple_products | A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. An application may be able to gain elevated privileges. | 2019-12-18 | not yet calculated | CVE-2019-8514 MISC MISC MISC MISC |
apple -- multiple_products | A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A local user may be able to cause unexpected system termination or read kernel memory. | 2019-12-18 | not yet calculated | CVE-2019-8545 MISC MISC MISC MISC |
apple -- multiple_products | Multiple input validation issues existed in MIG generated code. These issues were addressed with improved validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to execute arbitrary code with system privileges. | 2019-12-18 | not yet calculated | CVE-2019-8549 MISC MISC MISC MISC |
apple -- multiple_products | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A local user may be able to read kernel memory. | 2019-12-18 | not yet calculated | CVE-2019-7293 MISC MISC MISC MISC |
apple -- multiple_products | A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15, tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing a maliciously crafted text file may lead to arbitrary code execution. | 2019-12-18 | not yet calculated | CVE-2019-8745 MISC MISC MISC MISC |
apple -- multiple_products | A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | not yet calculated | CVE-2019-8535 MISC MISC MISC MISC MISC |
apple -- multiple_products | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | not yet calculated | CVE-2019-8544 MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to universal cross site scripting. | 2019-12-18 | not yet calculated | CVE-2019-8551 MISC MISC MISC MISC MISC |
apple -- multiple_products | A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious application may be able to elevate privileges. | 2019-12-18 | not yet calculated | CVE-2019-8542 MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | not yet calculated | CVE-2019-8726 MISC MISC MISC |
apple -- multiple_products | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | not yet calculated | CVE-2019-8536 MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | not yet calculated | CVE-2019-8523 MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | not yet calculated | CVE-2019-8782 MISC MISC MISC MISC MISC |
apple -- multiple_products | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with kernel privileges. | 2019-12-18 | not yet calculated | CVE-2019-8786 MISC MISC MISC MISC |
apple -- multiple_products | A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to elevate privileges. | 2019-12-18 | not yet calculated | CVE-2019-8552 MISC MISC MISC MISC |
apple -- multiple_products | A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information. | 2019-12-18 | not yet calculated | CVE-2019-8515 MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | not yet calculated | CVE-2019-6201 MISC MISC MISC MISC MISC |
apple -- multiple_products | A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A malicious application may be able to elevate privileges. | 2019-12-18 | not yet calculated | CVE-2019-8602 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | not yet calculated | CVE-2019-8518 MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | not yet calculated | CVE-2019-8783 MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious website may be able to execute scripts in the context of another website. | 2019-12-18 | not yet calculated | CVE-2019-8503 MISC MISC MISC MISC MISC |
apple -- multiple_products | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may result in the disclosure of process memory. | 2019-12-18 | not yet calculated | CVE-2019-8607 MISC MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | not yet calculated | CVE-2019-8808 MISC MISC MISC MISC MISC |
apple -- multiple_products | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with system privileges. | 2019-12-18 | not yet calculated | CVE-2019-8785 MISC MISC MISC MISC |
apple -- multiple_products | An authentication issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. A local attacker may be able to login to the account of a previously logged in user without valid credentials.. | 2019-12-18 | not yet calculated | CVE-2019-8803 MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | not yet calculated | CVE-2019-8583 MISC MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | not yet calculated | CVE-2019-7285 MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | not yet calculated | CVE-2019-8707 MISC MISC MISC |
apple -- multiple_products | A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | not yet calculated | CVE-2019-8506 MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | not yet calculated | CVE-2019-6237 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with system privileges. | 2019-12-18 | not yet calculated | CVE-2019-8798 MISC MISC MISC MISC |
apple -- multiple_products | A validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may result in the disclosure of process memory. | 2019-12-18 | not yet calculated | CVE-2019-7292 MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | not yet calculated | CVE-2019-8524 MISC MISC MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | not yet calculated | CVE-2019-8733 MISC MISC MISC |
apple -- multiple_products | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 2019-12-18 | not yet calculated | CVE-2019-8587 MISC MISC MISC MISC MISC MISC MISC |
apple -- multiple_products | A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to read restricted memory. | 2019-12-18 | not yet calculated | CVE-2019-8794 MISC MISC MISC MISC |
apple -- multiple_products | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with system privileges. | 2019-12-18 | not yet calculated | CVE-2019-8797 MISC MISC MISC MISC |
apple -- multiple_products | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. An application may be able to execute arbitrary code with system privileges. | 2019-12-18 | not yet calculated | CVE-2019-8784 MISC MISC MISC MISC MISC |
apple -- shazam_andriod_app_and_shazam_ios_app | An injection issue was addressed with improved validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to arbitrary javascript code execution. | 2019-12-18 | not yet calculated | CVE-2019-8792 MISC MISC |
apple -- shazam_andriod_app_and_shazam_ios_app | An issue existed in the parsing of URL schemes. This issue was addressed with improved URL validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to an open redirect. | 2019-12-18 | not yet calculated | CVE-2019-8791 MISC MISC |
apple -- shortcuts_for_ios | An access issue was addressed with additional sandbox restrictions. This issue is fixed in Shortcuts 2.1.3 for iOS. A sandboxed process may be able to circumvent sandbox restrictions. | 2019-12-18 | not yet calculated | CVE-2019-7290 MISC |
apple -- shortcuts_for_ios | A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in Shortcuts 2.1.3 for iOS. A local user may be able to view senstive user information. | 2019-12-18 | not yet calculated | CVE-2019-7289 MISC |
apple -- swift-nio-ssl | The issue was addressed by signaling that an executable stack is not required. This issue is fixed in SwiftNIO SSL 2.4.1. A SwiftNIO application using TLS may be able to execute arbitrary code. | 2019-12-18 | not yet calculated | CVE-2019-8849 MISC |
apple -- texture_for_ios_and_texture_for_android | Some analytics data was sent using HTTP rather than HTTPS. This was addressed by no longer sending this analytics data. This issue is fixed in Texture 5.11.10 for iOS, Texture 4.22.0.4 for Android. An attacker in a privileged network position may be able to intercept analytics data. | 2019-12-18 | not yet calculated | CVE-2019-8632 MISC MISC |
apple -- watchos | An issue existed where partially entered passcodes may not clear when the device went to sleep. This issue was addressed by clearing the passcode when a locked device sleeps. This issue is fixed in watchOS 5.2. A partially entered passcode may not clear when the device goes to sleep. | 2019-12-18 | not yet calculated | CVE-2019-8548 MISC |
apple -- xcode | Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege. | 2019-12-18 | not yet calculated | CVE-2019-8721 MISC |
apple -- xcode | Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege. | 2019-12-18 | not yet calculated | CVE-2019-8722 MISC |
apple -- xcode | A memory corruption issue was addressed with improved validation. This issue is fixed in Xcode 11.2. Processing a maliciously crafted file may lead to arbitrary code execution. | 2019-12-18 | not yet calculated | CVE-2019-8806 MISC |
apple -- xcode | A memory corruption issue was addressed with improved state management. This issue is fixed in Xcode 11.0. Processing a maliciously crafted file may lead to arbitrary code execution. | 2019-12-18 | not yet calculated | CVE-2019-8738 MISC |
apple -- xcode | A memory corruption issue was addressed with improved state management. This issue is fixed in Xcode 11.0. Processing a maliciously crafted file may lead to arbitrary code execution. | 2019-12-18 | not yet calculated | CVE-2019-8739 MISC |
apple -- xcode | A memory corruption issue was addressed with improved validation. This issue is fixed in Xcode 11.2. Processing a maliciously crafted file may lead to arbitrary code execution. | 2019-12-18 | not yet calculated | CVE-2019-8800 MISC |
aristia -- cloudvision_portal | In CloudVision Portal all releases in the 2018.1 and 2018.2 Code train allows users with read-only permissions to bypass permissions for restricted functionality via CVP API calls through the Configlet Builder modules. This vulnerability can potentially enable authenticated users with read-only access to take actions that are otherwise restricted in the GUI. | 2019-12-19 | not yet calculated | CVE-2019-18181 CONFIRM |
aristia -- cloudvision_portal | In CloudVision Portal (CVP) for all releases in the 2018.2 Train, under certain conditions, the application logs user passwords in plain text for certain API calls, potentially leading to user password exposure. This only affects CVP environments where: 1. Devices have enable mode passwords which are different from the user's login password, OR 2. There are configlet builders that use the Device class and specify username and password explicitly Application logs are not accessible or visible from the CVP GUI. Application logs can only be read by authorized users with privileged access to the VM hosting the CVP application. | 2019-12-19 | not yet calculated | CVE-2019-18615 CONFIRM |
asus -- atk_package_for_windows_10_notebook_pcs | AsLdrSrv.exe in ASUS ATK Package before V1.0.0061 (for Windows 10 notebook PCs) could lead to unsigned code execution with no additional execution. The user must put an application at a particular path, with a particular file name. | 2019-12-18 | not yet calculated | CVE-2019-19235 MISC CONFIRM MISC |
asus -- hg100_and_ws-101_and_ts-101_devices | An issue was discovered on ASUS HG100 1.05.12, WS-101 1.05.12, and TS-101 1.05.12 devices using ZigBee PRO. Attackers can utilize the "discover ZigBee network procedure" to perform a denial of service attack. | 2019-12-20 | not yet calculated | CVE-2019-15910 MISC |
asus -- hg100_and_ws-101_and_ts-101_devices | An issue was discovered on ASUS HG100 1.05.12, WS-101 1.05.12, and TS-101 1.05.12 devices using ZigBee PRO. Attackers can use the ZigBee trust center rejoin procedure to perform a denial of service attack. | 2019-12-20 | not yet calculated | CVE-2019-15912 MISC MISC |
asus -- hg100_and_ws-101_and_ts-101_devices | An issue was discovered on ASUS HG100 1.05.12, WS-101 1.05.12, and TS-101 1.05.12 devices using ZigBee PRO. Because of insecure key transport in ZigBee communication, attackers can obtain sensitive information, cause a denial of service attack, take over smart home devices, and tamper with messages. | 2019-12-20 | not yet calculated | CVE-2019-15911 MISC |
atlassian -- bitbucket_kopano_group_core | HrAddFBBlock in libfreebusy/freebusyutil.cpp in Kopano Groupware Core before 8.7.7 allows out-of-bounds access, as demonstrated by mishandling of an array copy during parsing of ICal data. | 2019-12-19 | not yet calculated | CVE-2019-19907 MISC MISC |
atlassian -- confluence_server_and_confluence_data_center | There was a man-in-the-middle (MITM) vulnerability present in the Confluence Previews plugin in Confluence Server and Confluence Data Center. This plugin was used to facilitate communication with the Atlassian Companion application. The Confluence Previews plugin in Confluence Server and Confluence Data Center communicated with the Companion application via the atlassian-domain-for-localhost-connections-only.com domain name, the DNS A record of which points at 127.0.0.1. Additionally, a signed certificate for the domain was publicly distributed with the Companion application. An attacker in the position to control DNS resolution of their victim could carry out a man-in-the-middle (MITM) attack between Confluence Server (or Confluence Data Center) and the atlassian-domain-for-localhost-connections-only.com domain intended to be used with the Companion application. This certificate has been revoked, however, usage of the atlassian-domain-for-localhost-connections-only.com domain name was still present in Confluence Server and Confluence Data Center. An attacker could perform the described attack by denying their victim access to certificate revocation information, and carry out a man-in-the-middle (MITM) attack to observe files being edited using the Companion application and/or modify them, and access some limited user information. | 2019-12-19 | not yet calculated | CVE-2019-15006 MISC MISC MISC BUGTRAQ MISC |
atlassian -- crowd | Various resources in the Crowd Demo application of Atlassian Crowd before version 3.1.1 allow remote attackers to modify add, modify and delete users & groups via a Cross-site request forgery (CSRF) vulnerability. Please be aware that the Demo application is not enabled by default. | 2019-12-17 | not yet calculated | CVE-2017-18107 MISC |
atlassian -- jira_application_links | The ListEntityLinksServlet resource in Application Links before version 5.0.12, from version 5.1.0 before version 5.2.11, from version 5.3.0 before version 5.3.7, from version 5.4.0 before 5.4.13, and from version 6.0.0 before 6.0.5 disclosed application link information to non-admin users via a missing permissions check. | 2019-12-17 | not yet calculated | CVE-2019-15011 MISC |
backdrop -- backdrop_cms | An issue was discovered in Backdrop CMS 1.14.x before 1.14.2. It doesn't sufficiently filter output when displaying file type descriptions created by administrators. An attacker could potentially craft a specialized description, then have an administrator execute scripting when viewing the list of file types, aka XSS. This vulnerability is mitigated by the fact that an attacker must have a role with the "Administer file types" permission. | 2019-12-19 | not yet calculated | CVE-2019-19903 MISC |
backdrop -- backdrop_cms | An issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14.x before 1.14.2. It doesn't sufficiently filter output when displaying content type names in the content creation interface. An attacker could potentially craft a specialized content type name, then have an editor execute scripting when creating content, aka XSS. This vulnerability is mitigated by the fact that an attacker must have a role with the "Administer content types" permission. | 2019-12-19 | not yet calculated | CVE-2019-19900 MISC |
backdrop -- backdrop_cms | An issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14.x before 1.14.2. It doesn't sufficiently filter output when displaying certain block descriptions created by administrators. An attacker could potentially craft a specialized description, then have an administrator execute scripting when configuring a layout, aka XSS. This issue is mitigated by the fact that the attacker would be required to have the permission to create custom blocks, which is typically an administrative task. | 2019-12-19 | not yet calculated | CVE-2019-19901 MISC |
backdrop -- backdrop_cms | An issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14.x before 1.14.2. It allows the upload of entire-site configuration archives through the user interface or command line. It does not sufficiently check uploaded archives for invalid data, allowing non-configuration scripts to potentially be uploaded to the server. This issue is mitigated by the fact that the attacker would be required to have the "Synchronize, import, and export configuration" permission, a permission that only trusted administrators should be given. Other measures in the product prevent the execution of PHP scripts, so another server-side scripting language must be accessible on the server to execute code. | 2019-12-19 | not yet calculated | CVE-2019-19902 MISC |
barco -- clickshare_button_r9861500d01_devices | Barco ClickShare Button R9861500D01 devices before 1.9.0 allow OS Command Injection. The embedded 'dongle_bridge' program used to expose the functionalities of the ClickShare Button to a USB host, is vulnerable to OS command injection vulnerabilities. These vulnerabilities could lead to code execution on the ClickShare Button with the privileges of the user 'nobody'. | 2019-12-16 | not yet calculated | CVE-2019-18830 MISC MISC MISC MISC MISC MISC |
barco -- clickshare_button_r9861500d01_devices | Barco ClickShare Button R9861500D01 devices before 1.9.0 have Improper Following of a Certificate's Chain of Trust. The embedded 'dongle_bridge' program used to expose the functionalities of the ClickShare Button to a USB host, does not properly validate the whole certificate chain. | 2019-12-16 | not yet calculated | CVE-2019-18826 MISC |
barco -- clickshare_button_r9861500d01_devices | On Barco ClickShare Button R9861500D01 devices (before firmware version 1.9.0) JTAG access is disabled after ROM code execution. This means that JTAG access is possible when the system is running code from ROM before handing control over to embedded firmware. | 2019-12-16 | not yet calculated | CVE-2019-18827 MISC MISC MISC MISC MISC MISC |
barco -- clickshare_button_r9861500d01_devices | Barco ClickShare Button R9861500D01 devices before 1.9.0 have Insufficiently Protected Credentials. The root account (present for access via debug interfaces, which are by default not enabled on production devices) of the embedded Linux on the ClickShare Button is using a weak password. | 2019-12-16 | not yet calculated | CVE-2019-18828 MISC MISC MISC MISC MISC MISC |
barco -- clickshare_button_r9861500d01_devices | Barco ClickShare Button R9861500D01 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Button implements encryption at rest which uses a one-time programmable (OTP) AES encryption key. This key is shared across all ClickShare Buttons of model R9861500D01. | 2019-12-17 | not yet calculated | CVE-2019-18832 MISC MISC |
barco -- clickshare_button_r9861500d01_devices | Barco ClickShare Button R9861500D01 devices before 1.9.0 have Missing Support for Integrity Check. The ClickShare Button does not verify the integrity of the mutable content on the UBIFS partition before being used. | 2019-12-17 | not yet calculated | CVE-2019-18824 MISC MISC |
barco -- clickshare_button_r9861500d01_devices | Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information exposure (issue 2 of 2).. The encryption key of the media content which is shared between a ClickShare Button and a ClickShare Base Unit is randomly generated for each new session and communicated over a TLS connection. An attacker who is able to perform a Man-in-the-Middle attack between the TLS connection, is able to obtain the encryption key. | 2019-12-17 | not yet calculated | CVE-2019-18833 MISC MISC |
barco -- clickshare_button_r9861500d01_devices | Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information Exposure. The encrypted ClickShare Button firmware contains the private key of a test device-certificate. | 2019-12-16 | not yet calculated | CVE-2019-18831 MISC MISC MISC MISC MISC MISC |
barco -- clickshare_button_r9861500d1_devices | Barco ClickShare Button R9861500D01 devices before 1.9.0 have Missing Support for Integrity Check. The Barco signed 'Clickshare_For_Windows.exe' binary on the ClickShare Button (R9861500D01) loads a number of DLL files dynamically without verifying their integrity. | 2019-12-17 | not yet calculated | CVE-2019-18829 MISC MISC |
barco -- clickshare_huddle_cs-100_devices | Barco ClickShare Huddle CS-100 devices before 1.9.0 and CSE-200 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Base Unit implements encryption at rest using encryption keys which are shared across all ClickShare Base Units of models CS-100 & CSE-200. | 2019-12-17 | not yet calculated | CVE-2019-18825 MISC MISC |
beckhoff -- embedded_windows_plcs_and_twincat_on_windows_engineering_stations | Beckhoff Embedded Windows PLCs through 3.1.4024.0, and Beckhoff Twincat on Windows Engineering stations, allow an attacker to achieve Remote Code Execution (as SYSTEM) via the Beckhoff ADS protocol. | 2019-12-19 | not yet calculated | CVE-2019-16871 CONFIRM MISC |
broadcom -- ca_client_automation_agent_for_windows | An insecure file access vulnerability exists in CA Client Automation 14.0, 14.1, 14.2, and 14.3 Agent for Windows that can allow a local attacker to gain escalated privileges. | 2019-12-20 | not yet calculated | CVE-2019-19231 CONFIRM |
cloud_foundry_foundation -- cloud_controller_api | Cloud Foundry Cloud Controller API (CAPI), version 1.88.0, allows space developers to list all global service brokers, including service broker URLs and GUIDs, which should only be accessible to admins. | 2019-12-19 | not yet calculated | CVE-2019-11294 CONFIRM |
contao -- contao | Contao 4.0 through 4.8.5 has Insecure Permissions. Back end users can manipulate the details view URL to show pages and articles that have not been enabled for them. | 2019-12-17 | not yet calculated | CVE-2019-19712 MISC CONFIRM |
cups -- cups | cups (Common Unix Printing System) 'Listen localhost:631' option not honored correctly which could provide unauthorized access to the system | 2019-12-20 | not yet calculated | CVE-2012-6094 MISC MISC REDHAT MISC MISC MISC MISC |
cyrus -- imap | An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8. If sieve script uploading is allowed (3.x) or certain non-default sieve options are enabled (2.x), a user with a mail account on the service can use a sieve script containing a fileinto directive to create any mailbox with administrator privileges, because of folder mishandling in autosieve_createfolder() in imap/lmtp_sieve.c. | 2019-12-16 | not yet calculated | CVE-2019-19783 BUGTRAQ MISC MISC DEBIAN |
cyrus -- sasl | cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl. | 2019-12-19 | not yet calculated | CVE-2019-19906 MISC MLIST DEBIAN MISC |
d-link -- dir-615_devices | On D-Link DIR-615 devices, the User Account Configuration page is vulnerable to blind XSS via the name field. | 2019-12-18 | not yet calculated | CVE-2019-19742 MISC MISC MISC MISC MISC MISC |
d-link -- dir-615_devices | On D-Link DIR-615 devices, a normal user is able to create a root(admin) user from the D-Link portal. | 2019-12-16 | not yet calculated | CVE-2019-19743 FULLDISC MISC MISC MISC MISC |
dell -- rsa_identity_governance_and_lifecycle_and_rsa_via_lifecycle_and_governance | The RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance products prior to 7.1.1 P03 contain a Session Fixation vulnerability. An authenticated malicious local user could potentially exploit this vulnerability as the session token is exposed as part of the URL. A remote attacker can gain access to victim?s session and perform arbitrary actions with privileges of the user within the compromised session. | 2019-12-18 | not yet calculated | CVE-2019-18573 MISC |
dell -- rsa_identity_governance_and_lifecycle_and_rsa_via_lifecycle_and_governance | The RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance products prior to 7.1.1 P03 contain a reflected cross-site scripting vulnerability in the My Access Live module [MAL]. An authenticated malicious local user could potentially exploit this vulnerability by sending crafted URL with scripts. When victim users access the module through their browsers, the malicious code gets injected and executed by the web browser in the context of the vulnerable web application. | 2019-12-18 | not yet calculated | CVE-2019-18571 MISC |
dell -- rsa_identity_governance_and_lifecycle_and_rsa_via_lifecycle_and_governance | The RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance products prior to 7.1.1 P03 contain an Improper Authentication vulnerability. A Java JMX agent running on the remote host is configured with plain text password authentication. An unauthenticated remote attacker can connect to the JMX agent and monitor and manage the Java application. | 2019-12-18 | not yet calculated | CVE-2019-18572 MISC |
dell -- xps_13_2-in-1_bios | Settings for the Dell XPS 13 2-in-1 (7390) BIOS versions prior to 1.1.3 contain a configuration vulnerability. The BIOS configuration for the "Enable Thunderbolt (and PCIe behind TBT) pre-boot modules" setting is enabled by default. A local unauthenticated attacker with physical access to a user's system can obtain read or write access to main memory via a DMA attack during platform boot. | 2019-12-16 | not yet calculated | CVE-2019-18579 MISC |
divisa_it -- proxia_suite_and_sparkspace_and_proxia_phr | Divisa Proxia Suite 9 < 9.12.16, 9.11.19, 9.10.26, 9.9.8, 9.8.43 and 9.7.10, 10.0 < 10.0.32, and 10.1 < 10.1.5, SparkSpace 1.0 < 1.0.30, 1.1 < 1.1.2, and 1.2 < 1.2.4, and Proxia PHR 1.0 < 1.0.30 and 1.1 < 1.1.2 allows remote code execution via untrusted Java deserialization. The proxia-error cookie is insecurely deserialized in every request (GET or POST). Thus, an unauthenticated attacker can easily craft a seria1.0lized payload in order to execute arbitrary code via the prepareError function in the com.divisait.dv2ee.controller.MVCControllerServlet class of the dv2eemvc.jar component. allows remote code execution via untrusted Java deserialization. The proxia-error cookie is insecurely deserialized in every request (GET or POST). Thus, an unauthenticated attacker can easily craft a serialized payload in order to execute arbitrary code via the prepareError function in the com.divisait.dv2ee.controller.MVCControllerServlet class of the dv2eemvc.jar component. Affected products include Proxia Premium Edition 2017 and Sparkspace. | 2019-12-17 | not yet calculated | CVE-2019-18956 MISC |
django -- django | Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of Unicode characters) would allow an attacker to be sent a password reset token for the matched user account. (One mitigation in the new releases is to send password reset tokens only to the registered user email address.) | 2019-12-18 | not yet calculated | CVE-2019-19844 MISC MISC UBUNTU CONFIRM |
docker -- docker_engine_and_cs_docker_engine | Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 do not use a globally unique identifier to store image layers, which makes it easier for attackers to poison the image cache via a crafted image in pull or push commands. | 2019-12-17 | not yet calculated | CVE-2014-8178 MISC MISC MISC MISC CONFIRM |
drupal -- drupal | The Views Dynamic Fields module through 7.x-1.0-alpha4 for Drupal makes insecure unserialize calls in handlers/views_handler_filter_dynamic_fields.inc, as demonstrated by PHP object injection, involving a field_names object and an Archive_Tar object, for file deletion. Code execution might also be possible. | 2019-12-16 | not yet calculated | CVE-2019-19826 MISC |
eclipse -- che | For Eclipse Che versions 6.16 to 7.3.0, with both authentication and TLS disabled, visiting a malicious web site could trigger the start of an arbitrary Che workspace. Che with no authentication and no TLS is not usually deployed on a public network but is often used for local installations (e.g. on personal laptops). In that case, even if the Che API is not exposed externally, some javascript running in the local browser is able to send requests to it. | 2019-12-19 | not yet calculated | CVE-2019-17633 CONFIRM |
ecryptfs -- ecrpytfs-utils | ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev which creates a possible privilege escalation | 2019-12-20 | not yet calculated | CVE-2012-3409 MISC MISC MISC REDHAT MISC MISC |
elastic -- kibana | Kibana versions before 6.8.6 and 7.5.1 contain a cross site scripting (XSS) flaw in the coordinate and region map visualizations. An attacker with the ability to create coordinate map visualizations could create a malicious visualization. If another Kibana user views that visualization or a dashboard containing the visualization it could execute JavaScript in the victim?s browser. | 2019-12-18 | not yet calculated | CVE-2019-7621 MISC MISC |
excon_gem_for_ruby_on_rails -- excon_gem_for_ruby_on_rails | In RubyGem excon before 0.71.0, there was a race condition around persistent connections, where a connection which is interrupted (such as by a timeout) would leave data on the socket. Subsequent requests would then read this data, returning content from the previous response. The race condition window appears to be short, and it would be difficult to purposefully exploit this. | 2019-12-16 | not yet calculated | CVE-2019-16779 MISC CONFIRM |
ffjpeg -- ffjpeg | bitstr_tell at bitstr.c in ffjpeg through 2019-08-21 has a NULL pointer dereference related to jfif_encode. | 2019-12-18 | not yet calculated | CVE-2019-19887 MISC |
ffjpeg -- ffjpeg | jfif_decode in jfif.c in ffjpeg through 2019-08-21 has a divide-by-zero error. | 2019-12-18 | not yet calculated | CVE-2019-19888 MISC |
ge -- s2020/s2020g_fast_switch_61850 | An issue was found in GE S2020/S2020G Fast Switch 61850, S2020/S2020G Fast Switch 61850 Versions 07A03 and prior. An attacker can inject arbitrary Javascript in a specially crafted HTTP request that may be reflected back in the HTTP response. The device is also vulnerable to a stored cross-site scripting vulnerability that may allow session hijacking, disclosure of sensitive data, cross-site request forgery (CSRF) attacks, and remote code execution. | 2019-12-18 | not yet calculated | CVE-2019-18267 MISC |
git_project -- git | An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. Recursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones. | 2019-12-18 | not yet calculated | CVE-2019-1387 REDHAT CONFIRM |
gitlab -- gitlab | An IDOR vulnerability exists in GitLab <v12.1.2, <v12.0.4, and <v11.11.6 that allowed uploading files from project archive to replace other users files potentially allowing an attacker to replace project binaries or other uploaded assets. | 2019-12-18 | not yet calculated | CVE-2019-5469 MISC MISC |
gitlab -- gitlab_community_and_enterprise_editions | A command injection exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12 that allowed an attacker to inject commands via the API through the blobs scope. | 2019-12-18 | not yet calculated | CVE-2019-15575 MISC |
gitlab -- gitlab_community_and_enterprise_editions | An information disclosure vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12 that allowed an attacker to view private system notes from a GraphQL endpoint. | 2019-12-18 | not yet calculated | CVE-2019-15576 MISC |
gitlab -- gitlab_community_and_enterprise_editions | An information disclosure vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12 that allowed project milestones to be disclosed via groups browsing. | 2019-12-18 | not yet calculated | CVE-2019-15577 MISC |
gitlab -- gitlab_community_and_enterprise_editions | A authentication bypass vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.10 in the Salesforce login integration that could be used by an attacker to create an account that bypassed domain restrictions and email verification requirements. | 2019-12-18 | not yet calculated | CVE-2019-5486 MISC |
gitlab -- enterprise_edition | An improper access control vulnerability exists in Gitlab EE <v12.3.3, <v12.2.7, & <v12.1.13 that allowed the group search feature with Elasticsearch to return private code, merge requests and commits. | 2019-12-18 | not yet calculated | CVE-2019-5487 MISC |
gitlab -- gitlab | A denial of service exists in gitlab <v12.3.2, <v12.2.6, and <v12.1.10 that would let an attacker bypass input validation in markdown fields take down the affected page. | 2019-12-20 | not yet calculated | CVE-2019-15584 MISC |
gitlab -- gitlab | An improper access control vulnerability exists in GitLab <12.3.3 that allows an attacker to obtain container and dependency scanning reports through the merge request widget even though public pipelines were disabled. | 2019-12-18 | not yet calculated | CVE-2019-15591 MISC |
gitlab -- gitlab | An information exposure vulnerability exists in gitlab.com <v12.3.2, <v12.2.6, and <v12.1.10 when using the blocking merge request feature, it was possible for an unauthenticated user to see the head pipeline data of a public project even though pipeline visibility was restricted. | 2019-12-18 | not yet calculated | CVE-2019-15580 MISC |
gitlab -- gitlab | An improper access control vulnerability exists in Gitlab <v12.3.2, <v12.2.6, <v12.1.12 which would allow a blocked user would be able to use GIT clone and pull if he had obtained a CI/CD token before. | 2019-12-18 | not yet calculated | CVE-2019-15589 MISC |
gnome -- gnome-keyring | gnome-keyring does not discard stored secrets when using gnome_keyring_lock_all_sync function | 2019-12-20 | not yet calculated | CVE-2012-6111 MISC REDHAT MISC MISC |
gnutls -- gnutls | GnuTLS incorrectly validates the first byte of padding in CBC modes | 2019-12-20 | not yet calculated | CVE-2015-8313 MISC MISC MISC MISC MISC MISC MISC |
handlebars -- handlebars | Versions of handlebars prior to 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Object's __proto__ and __defineGetter__ properties, which may allow an attacker to execute arbitrary code through crafted payloads. | 2019-12-20 | not yet calculated | CVE-2019-19919 MISC |
hcl_software -- hcl_appscan_source | HCL AppScan Source 9.0.3.13 and earlier is susceptible to cross-site scripting (XSS) attacks by allowing users to embed arbitrary JavaScript code in the Web UI. | 2019-12-18 | not yet calculated | CVE-2019-4388 CONFIRM |
hpe -- universal_internet_of_things_platform | Security vulnerabilities in HPE UIoT version 1.2.4.2 could allow unauthorized remote access and access to sensitive data. HPE has addressed this issue in HPE UIoT: For customers with release UIoT 1.2.4.2 fixes are made available with 1.2.4.2 RP3 HF1. For customers with release older than 1.2.4.2, such as 1.2.4.1, 1.2.4.0, the resolution will be to upgrade to 1.2.4.2 RP3 HF1 Customers are requested to upgrade to the updated versions or contact HPE support for further assistance. | 2019-12-18 | not yet calculated | CVE-2019-11995 MISC |
huawei -- multiple_products | There is an information leakage vulnerability on some Huawei products(AR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600). An attacker with low permissions can view some high-privilege information by running specific commands.Successful exploit could cause an information disclosure condition. | 2019-12-16 | not yet calculated | CVE-2019-5259 MISC |
humax -- wireless_voice_gateway_hgb10r-2_devices | An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160817_1855 devices. Admin credentials are sent over cleartext HTTP. | 2019-12-18 | not yet calculated | CVE-2019-19890 MISC |
humax -- wireless_voice_gateway_hgb10r-2_devices | An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160817_1855 devices. The attacker can discover admin credentials in the backup file, aka backupsettings.conf. | 2019-12-18 | not yet calculated | CVE-2019-19889 MISC |
ibm -- cognos_analytics | IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 159356. | 2019-12-20 | not yet calculated | CVE-2019-4231 XF CONFIRM |
ibm -- cognos_analytics | IBM Cognos Analytics 11.0 and 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 166204. | 2019-12-20 | not yet calculated | CVE-2019-4555 XF CONFIRM |
ibm -- cognos_business_intelligence | IBM Cognos Business Intelligence 10.2.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 153179. | 2019-12-20 | not yet calculated | CVE-2018-1934 XF CONFIRM |
ibm -- financial_transaction_manager | IBM Financial Transaction Manager 3.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 172877. | 2019-12-20 | not yet calculated | CVE-2019-4742 XF CONFIRM |
ibm -- financial_transaction_manager | IBM Financial Transaction Manager 3.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 172706. | 2019-12-20 | not yet calculated | CVE-2019-4736 XF CONFIRM |
ibm -- planning_analytics | IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting. IBM X-Force ID: 172094. | 2019-12-18 | not yet calculated | CVE-2019-4716 XF CONFIRM |
intel -- active_management_technology | Insufficient input validation in subsystem for Intel(R) AMT before version 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | 2019-12-18 | not yet calculated | CVE-2019-11086 MISC |
intel -- active_management_technology | Logic issue in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | 2019-12-18 | not yet calculated | CVE-2019-11131 MISC |
intel -- active_management_technology | Insufficient input validation in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. | 2019-12-18 | not yet calculated | CVE-2019-11088 MISC |
intel -- active_management_technology | Insufficient input validation in the subsystem for Intel(R) AMT before version 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | 2019-12-18 | not yet calculated | CVE-2019-11107 MISC |
intel -- active_management_technology | Insufficient input validation in the subsystem for Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable information disclosure via network access. | 2019-12-18 | not yet calculated | CVE-2019-0166 MISC |
intel -- active_management_technology | Insufficient input validation in the subsystem for Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable information disclosure via physical access. | 2019-12-18 | not yet calculated | CVE-2019-11100 MISC |
intel -- active_management_technology | Cross site scripting in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow a privileged user to potentially enable escalation of privilege via network access. | 2019-12-18 | not yet calculated | CVE-2019-11132 MISC |
intel -- active_management_technology | Insufficient input validation in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access. | 2019-12-18 | not yet calculated | CVE-2019-0131 MISC |
intel -- converged_security_and_management_engine | Insufficient input validation in subsystem for Intel(R) CSME before versions 12.0.45 and 13.0.10 may allow a privileged user to potentially enable escalation of privilege via local access. | 2019-12-18 | not yet calculated | CVE-2019-11108 MISC |
intel -- converged_security_and_management_engine | Logic issue in subsystem for Intel(R) CSME before versions 12.0.45, 13.0.10 and 14.0.10 may allow a privileged user to potentially enable escalation of privilege and information disclosure via local access. | 2019-12-18 | not yet calculated | CVE-2019-11105 MISC |
intel -- converged_security_and_management_engine | Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2019-12-18 | not yet calculated | CVE-2019-11103 MISC |
intel -- converged_security_and_management_engine | Insufficient Input validation in the subsystem for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow a privileged user to potentially enable denial of service via local access. | 2019-12-18 | not yet calculated | CVE-2019-0165 MISC |
intel -- converged_security_and_management_engine_and_trusted_execution_engine | Authentication bypass in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege via local access. | 2019-12-18 | not yet calculated | CVE-2019-11110 MISC |
intel -- converged_security_and_management_engine_and_trusted_execution_engine | Heap overflow in subsystem in Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an unauthenticated user to potentially enable escalation of privileges, information disclosure or denial of service via adjacent access. | 2019-12-18 | not yet calculated | CVE-2019-0169 MISC |
intel -- converged_security_and_management_engine_and_trusted_execution_engine | Insufficient input validation in Intel(R) DAL software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access. | 2019-12-18 | not yet calculated | CVE-2019-11102 MISC |
intel -- converged_security_and_management_engine_and_trusted_execution_engine | Insufficient input validation in MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2019-12-18 | not yet calculated | CVE-2019-11104 MISC |
intel -- converged_security_and_management_engine_and_trusted_execution_engine | Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access. | 2019-12-18 | not yet calculated | CVE-2019-11101 MISC |
intel -- converged_security_and_management_engine_and_trusted_execution_engine | Insufficient session validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege via local access. | 2019-12-18 | not yet calculated | CVE-2019-11106 MISC |
intel -- converged_security_and_management_engine_and_trusted_execution_engine | Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45 and 13.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access. | 2019-12-18 | not yet calculated | CVE-2019-0168 MISC |
intel -- converged_security_and_management_engine_and_trusted_execution_engine | Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege, information disclosure or denial of service via local access. | 2019-12-18 | not yet calculated | CVE-2019-11087 MISC |
intel -- dynamic_platform_and_thermal_framework | Improper permissions in the Intel(R) Dynamic Platform and Thermal Framework v8.3.10208.5643 and before may allow an authenticated user to potentially execute code at an elevated level of privilege. | 2019-12-16 | not yet calculated | CVE-2019-0134 MISC |
intel -- ethernet_i218_adapter_driver_for_windows_10 | Insufficient memory protection for Intel(R) Ethernet I218 Adapter driver for Windows* 10 before version 24.1 may allow an authenticated user to potentially enable information disclosure via local access. | 2019-12-16 | not yet calculated | CVE-2019-11096 MISC |
intel -- fpga_sdk_for_opencl(tm)_pro_edition | Improper conditions check in the Linux kernel driver for the Intel(R) FPGA SDK for OpenCL(TM) Pro Edition before version 19.4 may allow an authenticated user to potentially enable denial of service via local access. | 2019-12-16 | not yet calculated | CVE-2019-11165 MISC |
intel -- management_engine_consumer_driver_for_windows | Improper directory permissions in the installer for Intel(R) Management Engine Consumer Driver for Windows before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45,13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2019-12-18 | not yet calculated | CVE-2019-11097 MISC |
intel -- multiple_processors | Improper conditions check in voltage settings for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege and/or information disclosure via local access. | 2019-12-16 | not yet calculated | CVE-2019-11157 CONFIRM CONFIRM MISC |
intel -- multiple_processors | Improper conditions check in multiple Intel? Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via local access. | 2019-12-16 | not yet calculated | CVE-2019-14607 CONFIRM MISC |
intel -- multiple_products | Cryptographic timing conditions in the subsystem for Intel(R) PTT before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0 and 14.0.10; Intel(R) TXE 3.1.70 and 4.0.20; Intel(R) SPS before versions SPS_E5_04.01.04.305.0, SPS_SoC-X_04.00.04.108.0, SPS_SoC-A_04.00.04.191.0, SPS_E3_04.01.04.086.0, SPS_E3_04.08.04.047.0 may allow an unauthenticated user to potentially enable information disclosure via network access. | 2019-12-18 | not yet calculated | CVE-2019-11090 MISC |
intel -- multiple_products | Insufficient access control in hardware abstraction driver for MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0, 14.0.10; TXEInfo software for Intel(R) TXE before versions 3.1.70 and 4.0.20; INTEL-SA-00086 Detection Tool version 1.2.7.0 or before; INTEL-SA-00125 Detection Tool version 1.0.45.0 or before may allow an authenticated user to potentially enable escalation of privilege via local access. | 2019-12-18 | not yet calculated | CVE-2019-11147 MISC |
intel -- network_adapters | Insufficient memory protection in the Linux Administrative Tools for Intel(R) Network Adapters before version 24.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2019-12-16 | not yet calculated | CVE-2019-0159 MISC |
intel -- nuc | Out of bounds write in firmware for Intel(R) NUC(R) may allow a privileged user to potentially enable escalation of privilege via local access. | 2019-12-16 | not yet calculated | CVE-2019-14612 MISC |
intel -- nuc | Improper input validation in firmware for Intel(R) NUC(R) may allow a privileged user to potentially enable escalation of privilege via local access. | 2019-12-16 | not yet calculated | CVE-2019-14609 MISC |
intel -- nuc | Improper access control in firmware for Intel(R) NUC(R) may allow an authenticated user to potentially enable escalation of privilege via local access. | 2019-12-16 | not yet calculated | CVE-2019-14610 MISC |
intel -- nuc | Integer overflow in firmware for Intel(R) NUC(R) may allow a privileged user to potentially enable escalation of privilege via local access. | 2019-12-16 | not yet calculated | CVE-2019-14611 MISC |
intel -- nuc | Improper buffer restrictions in firmware for Intel(R) NUC(R) may allow an authenticated user to potentially enable escalation of privilege via local access. | 2019-12-16 | not yet calculated | CVE-2019-14608 MISC |
intel -- quartus_prime_pro_edition | Null pointer dereference in the FPGA kernel driver for Intel(R) Quartus(R) Prime Pro Edition before version 19.3 may allow an authenticated user to potentially enable denial of service via local access. | 2019-12-16 | not yet calculated | CVE-2019-14604 MISC |
intel -- quartus_prime_pro_edition | Improper permissions in the installer for the License Server software for Intel? Quartus? Prime Pro Edition before version 19.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2019-12-16 | not yet calculated | CVE-2019-14603 MISC |
intel -- rapid_storage_technology | Improper permissions in the executable for Intel(R) RST before version 17.7.0.1006 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2019-12-16 | not yet calculated | CVE-2019-14568 MISC |
intel -- scs_platform_discovery_utility | Improper permissions in the installer for the Intel(R) SCS Platform Discovery Utility, all versions, may allow an authenticated user to potentially enable escalation of privilege via local attack. | 2019-12-16 | not yet calculated | CVE-2019-14605 MISC |
intel -- server_platform_services | Logic issue in the subsystem for Intel(R) SPS before versions SPS_E5_04.01.04.275.0, SPS_SoC-X_04.00.04.100.0 and SPS_SoC-A_04.00.04.191.0 may allow a privileged user to potentially enable denial of service via local access. | 2019-12-18 | not yet calculated | CVE-2019-11109 MISC |
ivanti -- workspace_control | In Ivanti Workspace Control before 10.3.180.0. a locally authenticated user with low privileges can bypass Managed Application Security by leveraging an unspecified attack vector in Workspace Preferences, when it is enabled. As a result, the attacker can start applications that should be blocked. | 2019-12-17 | not yet calculated | CVE-2019-19675 CONFIRM |
jenkins -- jenkins | Jenkins Rundeck Plugin 3.6.5 and earlier stores credentials unencrypted in its global configuration file and in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | 2019-12-17 | not yet calculated | CVE-2019-16556 MLIST CONFIRM |
jenkins -- jenkins | A missing permission check in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier allows attackers with Overall/Read permission to have Jenkins evaluate a computationally expensive regular expression. | 2019-12-17 | not yet calculated | CVE-2019-16554 MLIST CONFIRM |
jenkins -- jenkins | Jenkins Spira Importer Plugin 3.2.3 and earlier disables SSL/TLS certificate validation for the Jenkins master JVM. | 2019-12-17 | not yet calculated | CVE-2019-16558 MLIST CONFIRM |
jenkins -- jenkins | A missing permission check in Jenkins WebSphere Deployer Plugin 1.6.1 and earlier allows attackers with Overall/Read permission to perform connection tests and determine whether files with an attacker-specified path exist on the Jenkins master file system. | 2019-12-17 | not yet calculated | CVE-2019-16559 MLIST CONFIRM |
jenkins -- jenkins | A cross-site request forgery vulnerability in Jenkins Gerrit Trigger Plugin 2.30.1 and earlier allows attackers to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials. | 2019-12-17 | not yet calculated | CVE-2019-16551 MLIST CONFIRM |
jenkins -- jenkins | A cross-site request forgery vulnerability in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier allows attackers to have Jenkins evaluate a computationally expensive regular expression. | 2019-12-17 | not yet calculated | CVE-2019-16553 MLIST CONFIRM |
jenkins -- jenkins | A cross-site request forgery vulnerability in Jenkins WebSphere Deployer Plugin 1.6.1 and earlier allows attackers to perform connection tests and determine whether files with an attacker-specified path exist on the Jenkins master file system. | 2019-12-17 | not yet calculated | CVE-2019-16560 MLIST CONFIRM |
jenkins -- jenkins | A cross-site request forgery vulnerability in a connection test form method in Jenkins Maven Release Plugin 0.16.1 and earlier allows attackers to have Jenkins connect to an attacker specified web server and parse XML documents. | 2019-12-17 | not yet calculated | CVE-2019-16550 MLIST CONFIRM |
jenkins -- jenkins | A missing permission check in Jenkins Gerrit Trigger Plugin 2.30.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials, or determine the existence of a file with a given path on the Jenkins master. | 2019-12-17 | not yet calculated | CVE-2019-16552 MLIST CONFIRM |
jenkins -- jenkins | Jenkins Maven Release Plugin 0.16.1 and earlier does not configure the XML parser to prevent XML external entity (XXE) attacks, allowing man-in-the-middle attackers to have Jenkins parse crafted XML documents. | 2019-12-17 | not yet calculated | CVE-2019-16549 MLIST CONFIRM |
jenkins -- jenkins | A user-supplied regular expression in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier was processed in a way that wasn't interruptible, allowing attackers to have Jenkins evaluate a regular expression without the ability to interrupt this process. | 2019-12-17 | not yet calculated | CVE-2019-16555 MLIST CONFIRM |
jenkins -- jenkins | Jenkins Redgate SQL Change Automation Plugin 2.0.3 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | 2019-12-17 | not yet calculated | CVE-2019-16557 MLIST CONFIRM |
joomla! -- joomla! | dataForDepandantField in models/custormfields.php in the JS JOBS FREE extension before 1.2.7 for Joomla! allows SQL Injection via the index.php?option=com_jsjobs&task=customfields.getfieldtitlebyfieldandfieldfo child parameter. | 2019-12-19 | not yet calculated | CVE-2019-17527 MISC |
lansweeper -- lansweeper | The web console in Lansweeper 7.2.105.2 has XSS via the URL path. Product vulnerability has been fixed and disclosed within changelog as of 02 Dec 2019. | 2019-12-19 | not yet calculated | CVE-2019-18955 CONFIRM |
libreoffice_and_apache -- libreoffice_and_openoffice | LibreOffice and OpenOffice automatically open embedded content | 2019-12-20 | not yet calculated | CVE-2012-5639 MISC REDHAT MISC MISC |
maxum_development_corporation -- rumpus_ftp_web_file_manager | A Reflected Cross Site Scripting was discovered in the Login page of Rumpus FTP Web File Manager 8.2.9.1. An attacker can exploit it by sending a crafted link to end users and can execute arbitrary Javascripts | 2019-12-16 | not yet calculated | CVE-2019-19368 MISC MISC MISC |
mediawiki -- mediawiki | The MinervaNeue Skin in MediaWiki from 2019-11-05 to 2019-12-13 (1.35 and/or 1.34) mishandles certain HTML attributes, as demonstrated by IMG onmouseover= (impact is XSS) and IMG src=http (impact is disclosing the client's IP address). This can occur within a talk page topical header that is viewed within a mobile (MobileFrontend) context. | 2019-12-19 | not yet calculated | CVE-2019-19910 MISC MISC |
midori -- midori_browser | In Midori Browser 0.5.11 (on Windows 10), Content Security Policy (CSP) is not applied correctly to all parts of multipart content sent with the multipart/x-mixed-replace MIME type. This could result in script running where CSP should have blocked it, allowing for cross-site scripting (XSS) and other attacks when the product renders the content as HTML. Remediating this would also need to consider the polyglot case, e.g., a file that is a valid GIF image and also valid JavaScript. | 2019-12-20 | not yet calculated | CVE-2019-19916 MISC MISC MISC |
myphpchat-plus -- myphpchat-plus | phpMyChat-Plus 1.98 is vulnerable to reflected XSS via JavaScript injection into the password reset URL. In the URL, the pmc_username parameter to pass_reset.php is vulnerable. | 2019-12-20 | not yet calculated | CVE-2019-19908 MISC MISC MISC |
nalpeiron -- nalpeiron_licensing_service | NLSSRV32.EXE in Nalpeiron Licensing Service 7.3.4.0, as used with Nitro PDF and other products, allows Elevation of Privilege via the \\.\mailslot\nlsX86ccMailslot mailslot. | 2019-12-17 | not yet calculated | CVE-2019-19315 MISC |
nathack -- nathack | In NatHack between 3.6.0 and 3.6.3, a buffer overflow issue exists when reading very long lines from a NetHack configuration file (usually named .nethackrc). This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to upload their own configuration files. All users are urged to upgrade to NetHack 3.6.4 as soon as possible. | 2019-12-20 | not yet calculated | CVE-2019-16787 MISC CONFIRM MISC |
negotiator -- negotiator | negotiator before 0.6.1 is vulnerable to a regular expression DoS | 2019-12-20 | not yet calculated | CVE-2016-1000022 MISC MISC MISC MISC MISC MISC |
nethack -- nethack | NetHack before 3.6.4 is prone to a buffer overflow vulnerability when reading very long lines from configuration files. This affects systems that have NetHack installed suid/sgid, and shared systems that allow users to upload their own configuration files. | 2019-12-19 | not yet calculated | CVE-2019-19905 MISC MISC MISC CONFIRM MISC |
neuvector -- neuvector | NeuVector 3.1 when configured to allow authentication via Active Directory, does not enforce non-empty passwords which allows an attacker with access to the Neuvector portal to authenticate as any valid LDAP user by providing a valid username and an empty password (provided that the active directory server has not been configured to reject empty passwords). | 2019-12-20 | not yet calculated | CVE-2019-19747 MISC MISC |
node-df -- node-df | A code injection exists in node-df v0.1.4 that can allow an attacker to remote code execution by unsanitized input. | 2019-12-18 | not yet calculated | CVE-2019-15597 MISC |
odoo -- community_and_enterprise | Improper access control in the computed fields system of the framework of Odoo Community 13.0 and Odoo Enterprise 13.0 allows remote authenticated attackers to access sensitive information via crafted RPC requests, which could lead to privilege escalation. | 2019-12-19 | not yet calculated | CVE-2019-11780 MISC |
omron -- cj_and_cs_series_programmable_logic_controllers | In Omron PLC CJ series, all versions, and Omron PLC CS series, all versions, the software properly checks for the existence of a lock, but the lock can be externally controlled or influenced by an actor that is outside of the intended sphere of control. | 2019-12-16 | not yet calculated | CVE-2019-18269 MISC |
omron -- cj_and_cs_series_programmable_logic_controllers | In Omron PLC CJ series, all versions, and Omron PLC CS series, all versions, an attacker could monitor traffic between the PLC and the controller and replay requests that could result in the opening and closing of industrial valves. | 2019-12-16 | not yet calculated | CVE-2019-13533 MISC |
omron -- cj_and_cs_series_programmable_logic_controllers | In Omron PLC CJ series, all versions and Omron PLC CS series, all versions, an attacker could spoof arbitrary messages or execute commands. | 2019-12-16 | not yet calculated | CVE-2019-18259 MISC |
omron -- cj_and_nj_series_programmable_logic_controllers | In Omron PLC CS series, all versions, Omron PLC CJ series, all versions, and Omron PLC NJ series, all versions, the software does not implement sufficient measures to prevent multiple failed authentication attempts within in a short time frame, making it more susceptible to brute force attacks. | 2019-12-16 | not yet calculated | CVE-2019-18261 MISC |
opera -- opera_for_android | Opera for Android before 54.0.2669.49432 is vulnerable to a sandboxed cross-origin iframe bypass attack. By using a service working inside a sandboxed iframe it is possible to bypass the normal sandboxing attributes. This allows an attacker to make forced redirections without any user interaction from a third-party context. | 2019-12-18 | not yet calculated | CVE-2019-19788 MISC |
palo_alto_networks -- pan-os | Improper restriction of communications to Log Forwarding Card (LFC) on PA-7000 Series devices with second-generation Switch Management Card (SMC) may allow an attacker with network access to the LFC to gain root access to PAN-OS. This issue affects PAN-OS 9.0 versions prior to 9.0.5-h3 on PA-7080 and PA-7050 devices with an LFC installed and configured. This issue does not affect PA-7000 Series deployments using the first-generation SMC and the Log Processing Card (LPC). This issue does not affect any other PA series devices. This issue does not affect devices without an LFC. This issue does not affect PAN-OS 8.1 or prior releases. This issue only affects a very limited number of customers and we undertook individual outreach to help them upgrade. At the time of publication, all identified customers have upgraded SW or content and are not impacted. | 2019-12-20 | not yet calculated | CVE-2019-17440 CONFIRM |
pebble_templates -- pebble_templates | Pebble Templates 3.1.2 allows attackers to bypass a protection mechanism (intended to block access to instances of java.lang.Class) because getClass is accessible via the public static java.lang.Class java.lang.Class.forName(java.lang.Module,java.lang.String) signature. | 2019-12-19 | not yet calculated | CVE-2019-19899 MISC |
phillips -- multiple_routers | An issue was found in Philips Veradius Unity, Pulsera, and Endura Dual WAN Router, Veradius Unity (718132) with wireless option (shipped between 2016-August 2018), Veradius Unity (718132) with ViewForum option (shipped between 2016-August 2018), Pulsera (718095) and Endura (718075) with wireless option (shipped between 26-June-2017 through 07-August 2018), Pulsera (718095) and Endura (718075) with ViewForum option (shipped between 26-June-2017 through 07-August 2018). The router software uses an encryption scheme that is not strong enough for the level of protection required. | 2019-12-20 | not yet calculated | CVE-2019-18263 MISC |
plex -- media_server | The Camera Upload functionality in Plex Media Server through 1.18.2.2029 allows remote authenticated users to write files anywhere the user account running the Plex Media Server has permissions. This allows remote code execution via a variety of methods, such as (on a default Ubuntu installation) creating a .ssh folder in the plex user's home directory via directory traversal, uploading an SSH authorized_keys file there, and logging into the host as the Plex user via SSH. | 2019-12-19 | not yet calculated | CVE-2019-19141 MISC |
pronestor -- pronestor_planner | An issue was discovered in the Outlook add-in in Pronestor Planner before 8.1.77. There is local privilege escalation in the Health Monitor service because PronestorHealthMonitor.exe access control is mishandled, aka PNB-2359. | 2019-12-18 | not yet calculated | CVE-2019-17390 MISC MISC |
public_knowledge_project -- pkp-lib | An issue was discovered in Public Knowledge Project (PKP) pkp-lib before 3.1.2-2, as used in Open Journal Systems (OJS) before 3.1.2-2. Code injection can occur in the OJS report generator if an authenticated Journal Manager user visits a crafted URL, because unserialize is used. | 2019-12-19 | not yet calculated | CVE-2019-19909 MISC MISC MISC |
pylons_project -- waitress | Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separated list, with the inner-most encoding first, followed by any further transfer codings, ending with chunked. Requests sent with: "Transfer-Encoding: gzip, chunked" would incorrectly get ignored, and the request would use a Content-Length header instead to determine the body size of the HTTP message. This could allow for Waitress to treat a single request as multiple requests in the case of HTTP pipelining. This issue is fixed in Waitress 1.4.0. | 2019-12-20 | not yet calculated | CVE-2019-16786 MISC MISC CONFIRM |
pylons_project -- waitress | Waitress through version 1.3.1 implemented a "MAY" part of the RFC7230 which states: "Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize a single LF as a line terminator and ignore any preceding CR." Unfortunately if a front-end server does not parse header fields with an LF the same way as it does those with a CRLF it can lead to the front-end and the back-end server parsing the same HTTP message in two different ways. This can lead to a potential for HTTP request smuggling/splitting whereby Waitress may see two requests while the front-end server only sees a single HTTP message. This issue is fixed in Waitress 1.4.0. | 2019-12-20 | not yet calculated | CVE-2019-16785 MISC MISC CONFIRM |
qualcomm -- multiple_snapdragon_products | Multiple read overflows in MM while decoding service accept,service reject,attach reject and MT detach in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130 | 2019-12-18 | not yet calculated | CVE-2019-10516 CONFIRM |
qualcomm -- multiple_snapdragon_products | Memory is being freed up twice when two concurrent threads are executing in parallel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8996AU, QCS405, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 | 2019-12-18 | not yet calculated | CVE-2019-10517 CONFIRM |
qualcomm -- multiple_snapdragon_products | Improper length check on source buffer to handle userspace data received can lead to out-of-bound access in diag handlers in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, QCN7605, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 | 2019-12-18 | not yet calculated | CVE-2019-10544 CONFIRM |
qualcomm -- multiple_snapdragon_products | Out-of-bound read in the wireless driver in the Linux kernel due to lack of check of buffer length. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDX20, SDX55, SXR1130 | 2019-12-18 | not yet calculated | CVE-2019-10557 CONFIRM |
qualcomm -- multiple_snapdragon_products | Potential double free scenario if driver receives another DIAG_EVENT_LOG_SUPPORTED event from firmware as the pointer is not set to NULL on first call in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6174A, QCA6574AU, QCA8081, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA660, SDA845, SDM450, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 | 2019-12-18 | not yet calculated | CVE-2019-10536 CONFIRM |
qualcomm -- multiple_snapdragon_products | Use after free of a pointer in iWLAN scenario during netmgr state transition to CONNECT in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, QCA6574AU, QCS405, QCS605, SDA660, SDA845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 | 2019-12-18 | not yet calculated | CVE-2019-10518 CONFIRM |
qualcomm -- multiple_snapdragon_products | Buffer overflow during SIB read when network configures complete sib list along with first and last segment of other SIB in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130 | 2019-12-18 | not yet calculated | CVE-2019-10525 CONFIRM |
qualcomm -- multiple_snapdragon_products | Improper validation of event buffer extracted from FW response can lead to integer overflow, which will allow to pass the length check and eventually will lead to buffer overwrite when event data is copied to context buffer in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, Nicobar, QCA6574AU, QCN7605, QCS405, QCS605, SDM660, SDM845, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 | 2019-12-18 | not yet calculated | CVE-2019-10537 CONFIRM |
qualcomm -- multiple_snapdragon_products | Due to the use of non-time-constant comparison functions there is issue in timing side channels which can be used as a potential side channel for SUI corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCS404, QCS405, QCS605, QM215, SA6155P, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 | 2019-12-18 | not yet calculated | CVE-2019-10482 CONFIRM |
qualcomm -- multiple_snapdragon_products | Out of bound access occurs while handling the WMI FW event due to lack of check of buffer argument which comes directly from the WLAN FW in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9607, MSM8996AU, QCA6574AU, QCA8081, QCN7605, SDX55, SM6150, SM7150, SM8150 | 2019-12-18 | not yet calculated | CVE-2019-10481 CONFIRM |
qualcomm -- multiple_snapdragon_products | Buffer over read can happen while parsing SMS OTA messages at transport layer if network sends un-intended values in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130 | 2019-12-18 | not yet calculated | CVE-2019-10487 CONFIRM |
qualcomm -- multiple_snapdragon_products | Possibility of Null pointer access if the SPDM commands are executed in the non-standard way in Trustzone in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ8074, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCS404, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130 | 2019-12-18 | not yet calculated | CVE-2019-10513 CONFIRM |
qualcomm -- multiple_snapdragon_products | Possible OOB issue in EEPROM due to lack of check while accessing memory map array at the time of reading operation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, MSM8909W, MSM8917, MSM8953, Nicobar, QCS405, QCS605, QM215, SA6155P, SDA845, SDM429, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 | 2019-12-18 | not yet calculated | CVE-2019-10564 CONFIRM |
qualcomm -- multiple_snapdragon_products | While processing MT Secondary PDP request, Buffer overflow will happen due to incorrect calculation of buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130 | 2019-12-18 | not yet calculated | CVE-2019-10500 CONFIRM |
qualcomm -- multiple_snapdragon_products | Improper check in video driver while processing data from video firmware can lead to integer overflow and then buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130 | 2019-12-18 | not yet calculated | CVE-2019-10572 CONFIRM |
rack_gem_for_ruby_on_rails -- rack_gem_for_ruby_on_rails | There's a possible information leak / session hijack vulnerability in Rack (RubyGem rack). This vulnerability is patched in versions 1.6.12 and 2.0.8. Attackers may be able to find and hijack sessions by using timing attacks targeting the session id. Session ids are usually stored and indexed in a database that uses some kind of scheme for speeding up lookups of that session id. By carefully measuring the amount of time it takes to look up a session, an attacker may be able to find a valid session id and hijack the session. The session id itself may be generated randomly, but the way the session is indexed by the backing store does not use a secure comparison. | 2019-12-18 | not yet calculated | CVE-2019-16782 MLIST MLIST MLIST CONFIRM CONFIRM |
red_hat -- ansible_tower | A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.4, when /websocket is requested and the password contains the '#' character. This request would cause a socket error in RabbitMQ when parsing the password and an HTTP error code 500 and partial password disclose will occur in plaintext. An attacker could easily guess some predictable passwords or brute force the password. | 2019-12-19 | not yet calculated | CVE-2019-19342 CONFIRM |
red_hat -- ansible_tower | A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.3, where enabling RabbitMQ manager by setting it with '-e rabbitmq_enable_manager=true' exposes the RabbitMQ management interface publicly, as expected. If the default admin user is still active, an attacker could guess the password and gain access to the system. | 2019-12-19 | not yet calculated | CVE-2019-19340 CONFIRM |
red_hat -- ansible_tower | A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2, where files in '/var/backup/tower' are left world-readable. These files include both the SECRET_KEY and the database backup. Any user with access to the Tower server, and knowledge of when a backup is run, could retrieve every credential stored in Tower. Access to data is the highest threat with this vulnerability. | 2019-12-19 | not yet calculated | CVE-2019-19341 CONFIRM |
red_hat -- jboss_application_server_7 | An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation, A threat gets reused from the thread pool that still retains the security context from the process last used, which lets a local user obtain elevated privileges. | 2019-12-18 | not yet calculated | CVE-2012-2312 MISC MISC MISC |
roxy_fileman -- roxy_fileman | Roxy Fileman 1.4.5 for .NET is vulnerable to path traversal. A remote attacker can write uploaded files to arbitrary locations via the RENAMEFILE action. This can be leveraged for code execution by uploading a specially crafted Windows shortcut file and writing the file to the Startup folder (because an incomplete blacklist of file extensions allows Windows shortcut files to be uploaded). | 2019-12-16 | not yet calculated | CVE-2019-19731 MISC MISC |
shadowsocks -- shadowsocks-libev | An exploitable information disclosure vulnerability exists in the network packet handling functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher, a specially crafted set of network packets can cause an outbound connection from the server, resulting in information disclosure. An attacker can send arbitrary packets to trigger this vulnerability. | 2019-12-18 | not yet calculated | CVE-2019-5152 MISC |
shadow -- shadow | shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8). | 2019-12-18 | not yet calculated | CVE-2019-19882 MISC MISC MISC MISC MISC |
simplifile -- recordfusion | In Simplifile RecordFusion through 2019-11-25, the logs and hist parameters allow remote attackers to access local files via a logger/logs?/../ or logger/hist?/../ URI. | 2019-12-17 | not yet calculated | CVE-2019-19264 MISC |
solarwinds -- serv-u_ftp_server | A cross-site scripting (XSS) vulnerability exists in SolarWinds Serv-U FTP Server 15.1.7 in the email parameter, a different vulnerability than CVE-2018-19934 and CVE-2019-13182. | 2019-12-18 | not yet calculated | CVE-2019-19829 MISC |
sonicos -- ssl_vpn_nacagent | Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path in quotes, so if a malicious binary by an attacker within the parent path could allow code execution. | 2019-12-19 | not yet calculated | CVE-2019-7487 CONFIRM |
sonicwall -- sma100_devices | Code injection in SonicWall SMA100 allows an authenticated user to execute arbitrary code in viewcacert CGI script. This vulnerability impacted SMA100 version 9.0.0.4 and earlier. | 2019-12-19 | not yet calculated | CVE-2019-7486 CONFIRM |
sonicwall -- sma100_devices | Buffer overflow in SonicWall SMA100 allows an authenticated user to execute arbitrary code in DEARegister CGI script. This vulnerability impacted SMA100 version 9.0.0.3 and earlier. | 2019-12-19 | not yet calculated | CVE-2019-7485 CONFIRM |
sonicwall -- sma100_devices | In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server. | 2019-12-19 | not yet calculated | CVE-2019-7483 CONFIRM |
sonicwall -- sma100_devices | Authenticated SQL Injection in SonicWall SMA100 allow user to gain read-only access to unauthorized resources using viewcacert CGI script. This vulnerability impacted SMA100 version 9.0.0.3 and earlier. | 2019-12-19 | not yet calculated | CVE-2019-7484 CONFIRM |
sonicwall -- sma100_devices | Stack-based buffer overflow in SonicWall SMA100 allows an unauthenticated user to execute arbitrary code in function libSys.so. This vulnerability impacted SMA100 version 9.0.0.3 and earlier. | 2019-12-19 | not yet calculated | CVE-2019-7482 CONFIRM |
statics_server -- statics_server | A path traversal in statics-server exists in all version that allows an attacker to perform a path traversal when a symlink is used within the working directory. | 2019-12-18 | not yet calculated | CVE-2019-15596 MISC |
sudo -- sudo | In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. | 2019-12-19 | not yet calculated | CVE-2019-19232 CONFIRM MISC |
sudo -- sudo | In Sudo through 1.8.29, the fact that a user has been blocked (e.g., by using the ! character in the shadow file instead of a password hash) is not considered, allowing an attacker (who has access to a Runas ALL sudoer account) to impersonate any blocked user. | 2019-12-19 | not yet calculated | CVE-2019-19234 CONFIRM MISC |
swagger -- swagger_ui | swagger-ui has XSS in key names | 2019-12-20 | not yet calculated | CVE-2016-1000229 MISC MISC MISC MISC |
sylabs -- singularity | Insecure permissions (777) are set on $HOME/.singularity when it is newly created by Singularity (version from 3.3.0 to 3.5.1), which could lead to an information leak, and malicious redirection of operations performed against Sylabs cloud services. | 2019-12-18 | not yet calculated | CVE-2019-19724 CONFIRM |
talend -- restlet_framework | An XML eXternal Entity (XXE) issue exists in Restlet 1.1.10 in an endpoint using XML transport, which lets a remote attacker obtain sensitive information. | 2019-12-18 | not yet calculated | CVE-2012-2656 MISC MISC MISC MISC MISC |
tautulli -- tautulli | In Tautulli 2.1.9, CSRF in the /shutdown URI allows an attacker to shut down the remote media server. (Also, anonymous access can be achieved in applications that do not have a user login area). | 2019-12-18 | not yet calculated | CVE-2019-19833 MISC MISC |
tibco -- multiple_tibco_spotfire_products | The Visualizations component of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Deployment Kit, TIBCO Spotfire Desktop, and TIBCO Spotfire Desktop Language Packs contains a vulnerability that theoretically allows an attacker with permission to write DXP files to the Spotfire library to remotely execute code of their choice on the user account of other users who access the affected system. This attack is a risk only when the attacker has write access to a network file system shared with the affected system. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analyst: versions 7.11.1 and below, versions 7.12.0, 7.13.0, 7.14.0, 10.0.0, 10.1.0, 10.2.0, 10.3.0, 10.3.1, and 10.3.2, versions 10.4.0, 10.5.0, and 10.6.0, TIBCO Spotfire Analytics Platform for AWS Marketplace: version 10.6.0, TIBCO Spotfire Deployment Kit: versions 7.11.1 and below, TIBCO Spotfire Desktop: versions 7.11.1 and below, versions 7.12.0, 7.13.0, 7.14.0, 10.0.0, 10.1.0, 10.2.0, 10.3.0, 10.3.1, and 10.3.2, versions 10.4.0, 10.5.0, and 10.6.0, and TIBCO Spotfire Desktop Language Packs: versions 7.11.1 and below. | 2019-12-17 | not yet calculated | CVE-2019-17334 MISC MISC |
tibco -- spotfire_analytics_platform_for_aws_marketplace_and_spotfire_server | The Data access layer component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains multiple vulnerabilities that theoretically allow an attacker access to data cached from a data source, or a portion of a data source, that the attacker should not have access to. The attacker would need privileges to save a Spotfire file to the library. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace: version 10.6.0 and TIBCO Spotfire Server: versions 7.11.7 and below, versions 7.12.0, 7.13.0, 7.14.0, 10.0.0, 10.0.1, 10.1.0, 10.2.0, 10.2.1, 10.3.0, 10.3.1, 10.3.2, 10.3.3, and 10.3.4, versions 10.4.0, 10.5.0, and 10.6.0. | 2019-12-17 | not yet calculated | CVE-2019-17335 MISC MISC |
tibco -- spotfire_analytics_platform_for_aws_marketplace_and_spotfire_server | The Data access layer component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains multiple vulnerabilities that theoretically allow an attacker access to information that can lead to obtaining credentials used to access Spotfire data sources. The attacker would need privileges to save a Spotfire file to the library, and only applies in a situation where NTLM credentials, or a credentials profile is in use. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace: version 10.6.0 and TIBCO Spotfire Server: versions 7.11.7 and below, versions 7.12.0, 7.13.0, 7.14.0, 10.0.0, 10.0.1, 10.1.0, 10.2.0, 10.2.1, 10.3.0, 10.3.1, 10.3.2, 10.3.3, and 10.3.4, versions 10.4.0, 10.5.0, and 10.6.0. | 2019-12-17 | not yet calculated | CVE-2019-17336 MISC MISC |
tree-kill -- tree-kill | A Code Injection exists in treekill on Windows which allows a remote code execution when an attacker is able to control the input into the command. | 2019-12-18 | not yet calculated | CVE-2019-15598 MISC |
tree-kill -- tree-kill | A Code Injection exists in tree-kill on Windows which allows a remote code execution when an attacker is able to control the input into the command. | 2019-12-18 | not yet calculated | CVE-2019-15599 MISC |
trend_micro -- apex_one | Trend Micro Apex One (2019) is affected by a cross-site scripting (XSS) vulnerability on the product console. Note that the Japanese version of the product is NOT affected. | 2019-12-20 | not yet calculated | CVE-2019-19692 MISC |
trend_micro -- apex_one_and_officescan_xg | A vulnerability in Trend Micro Apex One and OfficeScan XG could allow an attacker to expose a masked credential key by manipulating page elements using development tools. Note that the attacker must already have admin/root privileges on the product console to exploit this vulnerability. | 2019-12-20 | not yet calculated | CVE-2019-19691 MISC |
trend_micro -- deep_security | A privilege escalation vulnerability in the Trend Micro Deep Security as a Service Quick Setup cloud formation template could allow an authenticated entity with certain unrestricted AWS execution privileges to escalate to full privileges within the target AWS account. | 2019-12-16 | not yet calculated | CVE-2019-18191 N/A |
trend_micro -- housecall_for_home_networks | A privilege escalation vulnerability in Trend Micro HouseCall for Home Networks (versions below 5.3.0.1063) could be exploited allowing an attacker to place a malicious DLL file into the application directory and elevate privileges. | 2019-12-18 | not yet calculated | CVE-2019-19688 MISC |
trend_micro -- housecall_for_home_networks | Trend Micro HouseCall for Home Networks (versions below 5.3.0.1063) could be exploited via a DLL Hijack related to a vulnerability on the packer that the program uses. | 2019-12-18 | not yet calculated | CVE-2019-19689 MISC |
trend_micro -- security_2020 | The Trend Micro Security 2020 consumer family of products contains a vulnerability that could allow a local attacker to disclose sensitive information or to create a denial-of-service condition on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 2019-12-20 | not yet calculated | CVE-2019-19693 MISC MISC |
trend_micro -- mobile_security_for_android | Trend Micro Mobile Security for Android (Consumer) versions 10.3.1 and below on Android 8.0+ has an issue in which an attacker could bypass the product's App Password Protection feature. | 2019-12-18 | not yet calculated | CVE-2019-19690 MISC |
trendnet -- tew-651br_and_tew-652brp_and_tew-652bru_devices | An issue was discovered on TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices. OS command injection occurs through the get_set.ccp lanHostCfg_HostName_1.1.1.0.0 parameter. | 2019-12-18 | not yet calculated | CVE-2019-11399 MISC MISC |
trendnet -- tew-651br_and_tew-652brp_and_tew-652bru_devices | An issue was discovered on TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices. A buffer overflow occurs through the get_set.ccp ccp_act parameter. | 2019-12-18 | not yet calculated | CVE-2019-11400 MISC MISC |
typo3 -- typo3 | An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. It has been discovered that the extraction of manually uploaded ZIP archives in Extension Manager is vulnerable to directory traversal. Admin privileges are required in order to exploit this vulnerability. (In v9 LTS and later, System Maintainer privileges are also required.) | 2019-12-17 | not yet calculated | CVE-2019-19848 MISC MISC |
typo3 -- typo3 | An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. It has been discovered that the classes QueryGenerator and QueryView are vulnerable to insecure deserialization. One exploitable scenario requires having the system extension ext:lowlevel (Backend Module: DB Check) installed, with a valid backend user who has administrator privileges. The other exploitable scenario requires having the system extension ext:sys_action installed, with a valid backend user who has limited privileges. | 2019-12-17 | not yet calculated | CVE-2019-19849 MISC MISC |
vmware -- vcenter | A security vulnerability in HPE OneView for VMware vCenter 9.5 could be exploited remotely to allow Cross-Site Scripting. | 2019-12-18 | not yet calculated | CVE-2019-11992 MISC |
wago -- pfc100_and_pfc200_devices | An exploitable denial of service vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). A specially crafted set of packets can cause a denial of service, resulting in the device entering an error state where it ceases all network communications. An attacker can send unauthenticated packets to trigger this vulnerability. | 2019-12-18 | not yet calculated | CVE-2019-5078 MISC |
wago -- pfc100_and_pfc200_devices | An exploitable heap buffer overflow vulnerability exists in the iocheckd service ''I/O-Chec'' functionality of WAGO PFC 200 Firmware version 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). A specially crafted set of packets can cause a heap buffer overflow, potentially resulting in code execution. An attacker can send unauthenticated packets to trigger this vulnerability. | 2019-12-18 | not yet calculated | CVE-2019-5081 MISC MISC |
wago -- pfc100_and_pfc200_devices | An exploitable information exposure vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). A specially crafted set of packets can cause an external tool to fail, resulting in uninitialized stack data to be copied to the response packet buffer. An attacker can send unauthenticated packets to trigger this vulnerability. | 2019-12-18 | not yet calculated | CVE-2019-5073 MISC |
wago -- pfc100_and_pfc200_devices | An exploitable stack buffer overflow vulnerability exists in the command line utility getcouplerdetails of WAGO PFC200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). A specially crafted set of packets sent to the iocheckd service "I/O-Check" can cause a stack buffer overflow in the sub-process getcouplerdetails, resulting in code execution. An attacker can send unauthenticated packets to trigger this vulnerability. | 2019-12-18 | not yet calculated | CVE-2019-5075 MISC |
wago -- pfc100_and_pfc200_devices | An exploitable stack buffer overflow vulnerability exists in the iocheckd service ''I/O-Check'' functionality of WAGO PFC200 Firmware version 03.01.07(13), WAGO PFC200 Firmware version 03.00.39(12) and WAGO PFC100 Firmware version 03.00.39(12). A specially crafted set of packets can cause a stack buffer overflow, resulting in code execution. An attacker can send unauthenticated packets to trigger this vulnerability. | 2019-12-18 | not yet calculated | CVE-2019-5074 CONFIRM |
wago -- pfc100_and_pfc200_devices | An exploitable denial-of-service vulnerability exists in the iocheckd service ??I/O-Chec?? functionality of WAGO PFC 200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC 100 Firmware version 03.00.39(12). A specially crafted set of packets can cause a denial of service, resulting in the device entering an error state where it ceases all network communications. An attacker can send unauthenticated packets to trigger this vulnerability. | 2019-12-18 | not yet calculated | CVE-2019-5077 MISC |
wago -- pfc100_and_pfc200_devices | An exploitable denial-of-service vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC 200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). A single packet can cause a denial of service and weaken credentials resulting in the default documented credentials being applied to the device. An attacker can send an unauthenticated packet to trigger this vulnerability. | 2019-12-18 | not yet calculated | CVE-2019-5080 MISC |
wago -- pfc100_and_pfc200_devices | An exploitable heap buffer overflow vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). A specially crafted set of packets can cause a heap buffer overflow, potentially resulting in code execution. An attacker can send unauthenticated packets to trigger this vulnerability. | 2019-12-18 | not yet calculated | CVE-2019-5079 MISC |
wordpress -- wordpress | The "301 Redirects - Easy Redirect Manager" plugin before 2.45 for WordPress allows users (with subscriber or greater access) to modify, delete, or inject redirect rules, and exploit XSS, with the /admin-ajax.php?action=eps_redirect_save and /admin-ajax.php?action=eps_redirect_delete actions. This could result in a loss of site availability, malicious redirects, and user infections. This could also be exploited via CSRF. | 2019-12-19 | not yet calculated | CVE-2019-19915 MISC MISC |
xerox -- altalink_c8035_printers | Xerox AltaLink C8035 printers allow CSRF. A request to add users is made in the Device User Database form field to the xerox.set URI. (The frmUserName value must have a unique name.) | 2019-12-18 | not yet calculated | CVE-2019-19832 MISC |
xiaomi-- multiple_devices | An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDCGQ01LM, RTCGQ01LM 5.5.48 devices. Because of insecure key transport in ZigBee communication, attackers can obtain sensitive information, cause a denial of service attack, take over smart home devices, and tamper with messages. | 2019-12-20 | not yet calculated | CVE-2019-15913 MISC |
xiaomi -- multiple_devices | An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDCGQ01LM, RTCGQ01LM 5.5.48 devices. Attackers can utilize the "discover ZigBee network procedure" to perform a denial of service attack. | 2019-12-20 | not yet calculated | CVE-2019-15915 MISC |
xiaomi -- multiple_devices | An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDCGQ01LM, RTCGQ01LM 5.5.48 devices. Attackers can use the ZigBee trust center rejoin procedure to perform a denial of service attack. | 2019-12-20 | not yet calculated | CVE-2019-15914 MISC MISC |
yarn -- yarn | In Yarn before 1.21.1, the package install functionality can be abused to generate arbitrary symlinks on the host filesystem by using specially crafted "bin" keys. Existing files could be overwritten depending on the current user permission set. | 2019-12-16 | not yet calculated | CVE-2019-10773 MISC MISC CONFIRM MISC |
zoho_manageengine -- adselfservice_plus | An open redirect vulnerability was discovered in Zoho ManageEngine ADSelfService Plus 5.x before 5809 that allows attackers to force users who click on a crafted link to be sent to a specified external site. | 2019-12-18 | not yet calculated | CVE-2019-18781 CONFIRM MISC |
Please share your thoughts
We recently updated our anonymous product survey; we’d welcome your feedback.