Dridex Malware

December 5, 2019, 6:13 am

≫ Next: NCSC-NZ Releases Cyber Governance Resource for Leaders

≪ Previous: Mozilla Releases Security Updates for Firefox and Firefox ESR

Original release date: December 5, 2019

This Alert is the result of recent collaboration between Department of the Treasury Financial Sector Cyber Information Group (CIG) and the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) to identify and share information with the financial services sector. Treasury and the Cybersecurity and Infrastructure Security Agency (CISA) are providing this report to inform the sector about the Dridex malware and variants. The report provides an overview of the malware, related activity, and a list of previously unreported indicators of compromise derived from information reported to FinCEN by private sector financial institutions. Because actors using Dridex malware and its derivatives continue to target the financial services sector, including financial institutions and customers, the techniques, tactics, and procedures contained in this report warrant renewed attention. Treasury and CISA encourage network security specialists to incorporate these indicators into existing Dridex-related network defense capabilities and planning. For information regarding the malicious cyber actors responsible for the development and distribution of the Dridex malware, see the Treasury press release, Treasury Sanctions Evil Corp, the Russia-Based Cybercriminal Group Behind Dridex Malware.

This Alert does not introduce a new regulatory interpretation, nor impose any new requirements on regulated entities. Except where noted, there is no indication that the actual owner of the email address was involved in the suspicious or malicious activity. If activity related to these indicators of compromise is detected, please notify appropriate law enforcement and the CIG.

For a downloadable copy of IOCs, see:

This product is provided subject to this Notification and this Privacy & Use policy.

↧

NCSC-NZ Releases Cyber Governance Resource for Leaders

December 5, 2019, 7:57 am

≫ Next: Microsoft Releases Security Advisory for Windows Hello for Business

≪ Previous: Dridex Malware

Original release date: December 5, 2019

The New Zealand National Cyber Security Centre (NCSC-NZ) has released an article on a new cybersecurity governance resource to support public and private sector leaders in making decisions about their cybersecurity resilience and risk. NCSC-NZ developed this governance—a series of documents with practical advice and simple steps—following a cybersecurity resilience assessment of New Zealand’s nationally significant organizations.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages senior leaders and security practitioners to review NCSC-NZ’s Charting Your Course: Cyber Security Governance and Cyber Security Resilience of New Zealand’s Nationally Significant Organisations 2017-2018 for more information.

This product is provided subject to this Notification and this Privacy & Use policy.

↧

Microsoft Releases Security Advisory for Windows Hello for Business

December 5, 2019, 8:02 am

≫ Next: ACSC Releases Fundamentals of Cross Domain Solutions

≪ Previous: NCSC-NZ Releases Cyber Governance Resource for Leaders

Original release date: December 5, 2019

Microsoft has released a Security Advisory to address an issue in Windows Hello for Business (WHfB). An attacker could exploit this issue on devices that were affected by CVE-2017-15361, also known as Return of Coppersmith’s Attack (ROCA), to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft Security Advisories ADV190026 and ADV170012 and apply the recommended mitigations.

This product is provided subject to this Notification and this Privacy & Use policy.

↧

ACSC Releases Fundamentals of Cross Domain Solutions

December 5, 2019, 8:06 am

≫ Next: VMware Releases Security Updates for ESXi and Horizon DaaS

≪ Previous: Microsoft Releases Security Advisory for Windows Hello for Business

Original release date: December 5, 2019

The Australian Cyber Security Centre (ACSC) has released a cybersecurity guide outlining the fundamentals of cross domain solution (CDS) technologies. This guidance provides cross domain security principles to enable organizations to share information securely across separated networks.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages organizations with information sharing requirements to review ACSC’s Fundamentals of Cross Domain Solutions to learn how to plan, analyze, design, and implement CDS systems.

This product is provided subject to this Notification and this Privacy & Use policy.

↧

VMware Releases Security Updates for ESXi and Horizon DaaS

December 6, 2019, 7:56 am

≫ Next: Vulnerability Summary for the Week of December 2, 2019

≪ Previous: ACSC Releases Fundamentals of Cross Domain Solutions

Original release date: December 6, 2019

VMware has released security updates to address a vulnerability in ESXi and Horizon DaaS. An attacker could exploit this vulnerability to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisory VMSA-2019-0022 and apply the necessary updates and workarounds.

This product is provided subject to this Notification and this Privacy & Use policy.

↧

Vulnerability Summary for the Week of December 2, 2019

December 9, 2019, 3:12 am

≫ Next: Samba Releases Security Updates

≪ Previous: VMware Releases Security Updates for ESXi and Horizon DaaS

Original release date: December 9, 2019

The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

High Vulnerabilities

Primary Vendor -- Product	Description	Published	CVSS Score	Source & Patch Info
embedthis -- goahead	An exploitable code execution vulnerability exists in the processing of multi-part/form-data requests within the base GoAhead web server application in versions v5.0.1, v.4.1.1 and v3.6.5. A specially crafted HTTP request can lead to a use-after-free condition during the processing of this request that can be used to corrupt heap structures that could lead to full code execution. The request can be unauthenticated in the form of GET or POST requests, and does not require the requested resource to exist on the server.	2019-12-03	7.5	CVE-2019-5096 MISC
titanhq -- webtitan	An issue was discovered in TitanHQ WebTitan before 5.18. It has a sudoers file that enables low-privilege users to execute a vast number of commands as root, including mv, chown, and chmod. This can be trivially exploited to gain root privileges by an attacker with access.	2019-12-02	7.2	CVE-2019-19014 MISC MISC
titanhq -- webtitan	An issue was discovered in TitanHQ WebTitan before 5.18. The proxy service (which is typically exposed to all users) allows connections to the internal PostgreSQL database of the appliance. By connecting to the database through the proxy (without password authentication), an attacker is able to fully control the appliance database. Through this, several different paths exist to gain further access, or execute code.	2019-12-02	10	CVE-2019-19015 MISC MISC

Medium Vulnerabilities

Primary Vendor -- Product	Description	Published	CVSS Score	Source & Patch Info
accusoft -- imagegear	An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll PNG header-parser of the Accusoft ImageGear 19.3.0 library. A specially crafted PNG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the viction to trigger the vulnerability.	2019-12-03	6.8	CVE-2019-5076 MISC
accusoft -- imagegear	An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll TIFdecodethunderscan function of Accusoft ImageGear 19.3.0 library. A specially crafted TIFF file can cause an out of bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability.	2019-12-03	6.8	CVE-2019-5083 MISC
accusoft -- imagegear	An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll GEM Raster parser of the Accusoft ImageGear 19.3.0 library. A specially crafted GEM file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability.	2019-12-03	6.8	CVE-2019-5132 MISC
accusoft -- imagegear	An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll BMP parser of the ImageGear 19.3.0 library. A specially crafted BMP file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability.	2019-12-03	6.8	CVE-2019-5133 MISC
debian -- devscripts	An issue exists in uscan in devscripts before 2.13.19, which could let a remote malicious user execute arbitrary code via a crafted tarball.	2019-12-03	6.5	CVE-2013-7325 MISC MISC MISC
embedthis -- goahead	A denial-of-service vulnerability exists in the processing of multi-part/form-data requests in the base GoAhead web server application in versions v5.0.1, v.4.1.1 and v3.6.5. A specially crafted HTTP request can lead to an infinite loop in the process. The request can be unauthenticated in the form of GET or POST requests and does not require the requested resource to exist on the server.	2019-12-03	5	CVE-2019-5097 MISC
forma -- forma.lms	Exploitable SQL injection vulnerabilities exists in the authenticated portion of Forma LMS 2.2.1. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing exfiltration of the database, user credentials and, in certain configurations, access the underlying operating system.	2019-12-03	6.5	CVE-2019-5109 MISC
forma -- forma.lms	Exploitable SQL injection vulnerabilities exist in the authenticated portion of Forma LMS 2.2.1. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing exfiltration of the database, user credentials and, in certain configurations, access the underlying operating system.	2019-12-03	6.5	CVE-2019-5110 MISC
forma -- forma.lms	Exploitable SQL injection vulnerability exists in the authenticated portion of Forma LMS 2.2.1. The /appLms/ajax.server.php URL and parameter filter_cat was confirmed to suffer from SQL injections and could be exploited by authenticated attackers. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing exfiltration of the database, user credentials and, in certain configurations, access the underlying operating system.	2019-12-03	6.5	CVE-2019-5111 MISC
forma -- forma.lms	Exploitable SQL injection vulnerability exists in the authenticated portion of Forma LMS 2.2.1. The /appLms/ajax.server.php URL and parameter filter_status was confirmed to suffer from SQL injections and could be exploited by authenticated attackers. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing exfiltration of the database, user credentials and, in certain configurations, access the underlying operating system.	2019-12-03	6.5	CVE-2019-5112 MISC
fusionpbx -- fusionpbx	A cross-site scripting (XSS) vulnerability in app/dialplans/dialplan_detail_edit.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the dialplan_uuid parameter.	2019-11-29	4.3	CVE-2019-19388 MISC MISC
fusionpbx -- fusionpbx	A cross-site scripting (XSS) vulnerability in app/fax/fax_log_view.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the fax_uuid parameter.	2019-11-29	4.3	CVE-2019-19384 MISC MISC
fusionpbx -- fusionpbx	A cross-site scripting (XSS) vulnerability in app/dialplans/dialplans.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the app_uuid parameter.	2019-11-29	4.3	CVE-2019-19385 MISC MISC
fusionpbx -- fusionpbx	A cross-site scripting (XSS) vulnerability in app/fifo_list/fifo_interactive.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the c parameter.	2019-11-29	4.3	CVE-2019-19387 MISC MISC
fusionpbx -- fusionpbx	A cross-site scripting (XSS) vulnerability in app/voicemail_greetings/voicemail_greeting_edit.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the id and/or voicemail_id parameter.	2019-11-29	4.3	CVE-2019-19386 MISC MISC
huawei -- multiple_home_routers	Some Huawei home routers have an improper authorization vulnerability. Due to improper authorization of certain programs, an attacker can exploit this vulnerability to execute uploaded malicious files and escalate privilege.	2019-11-29	4.6	CVE-2019-5269 CONFIRM
huawei -- nova_5i_pro_and_nova_5_smartphones	Nova 5i pro and Nova 5 smartphones with versions earlier than 9.1.1.190(C00E190R6P2)and Versions earlier than 9.1.1.175(C00E170R3P2) have an improper validation of array index vulnerability. The system does not properly validate the input value before use it as an array index when processing certain image information. The attacker tricks the user into installing a malicious application, successful exploit could cause malicious code execution.	2019-11-29	4.4	CVE-2019-5210 CONFIRM
huawei -- p30_and_mate_20_and_p30_pro_smartphones	P30, Mate 20, P30 Pro smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), versions earlier than Hima-AL00B 9.1.0.135(C00E200R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12) have a buffer overflow vulnerability on several , the system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause malicious code execution.	2019-11-29	6.8	CVE-2019-5225 CONFIRM
libgwenhywfar -- libgwenhywfar	An issue exists in libgwenhywfar through 4.12.0 due to the usage of outdated bundled CA certificates.	2019-12-03	5	CVE-2015-7542 MISC MISC MISC MISC MISC
linux -- linux_kernel	In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c.	2019-11-29	6.8	CVE-2019-19378 MISC
linux -- linux_kernel	In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.	2019-11-29	6.8	CVE-2019-19377 MISC
piwigo -- piwigo	piwigo has XSS in password.php	2019-12-02	4.3	CVE-2012-4525 MISC MISC MISC MISC MISC
piwigo -- piwigo	piwigo has XSS in password.php (incomplete fix for CVE-2012-4525)	2019-12-02	4.3	CVE-2012-4526 MISC MISC MISC MISC MISC
shadowsocks -- shadowsocks-libev	An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a local_address, arbitrary UDP packets can cause a FATAL error code path and exit. An attacker can send arbitrary UDP packets to trigger this vulnerability.	2019-12-03	4.3	CVE-2019-5163 MISC
shadowsocks -- shadowsocks-libev	An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger this vulnerability.	2019-12-03	4.6	CVE-2019-5164 MISC
testlink -- testlink	TestLink 1.9.19 has XSS via the lib/testcases/archiveData.php edit parameter, the index.php reqURI parameter, or the URI in a lib/testcases/tcEdit.php?doAction=doDeleteStep request.	2019-12-02	4.3	CVE-2019-19491 MISC
titanhq -- webtitan	An issue was discovered in TitanHQ WebTitan before 5.18. Some functions, such as /history-x.php, of the administration interface are vulnerable to SQL Injection through the results parameter. This could be used by an attacker to extract sensitive information from the appliance database.	2019-12-02	5	CVE-2019-19016 MISC MISC
wireshark -- wireshark	In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. This was addressed in epan/dissectors/asn1/cms/packet-cms-template.c by ensuring that an object identifier is set to NULL after a ContentInfo dissection.	2019-12-05	5	CVE-2019-19553 MISC MISC MISC
wordpress -- wordpress	The CSS Hero plugin through 4.0.3 for WordPress is prone to reflected XSS via the URI in a csshero_action=edit_page request because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary JavaScript in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookies or launch other attacks.	2019-12-04	4.3	CVE-2019-19133 MISC MISC MISC
wso2 -- enterprise_integrator	In WSO2 Enterprise Integrator 6.5.0, reflected XSS occurs when updating the message processor configuration from the source view in the Management Console.	2019-12-05	4.3	CVE-2019-19587 MISC
zanata -- zanata	Zanata 3.0.0 through 3.1.2 has RCE due to EL interpolation in logging	2019-12-03	6.8	CVE-2013-4486 MISC MISC MISC

Low Vulnerabilities

Primary Vendor -- Product	Description	Published	CVSS Score	Source & Patch Info
gitbook -- gitbook	GitBook through 2.6.9 allows XSS via a local .md file.	2019-12-05	3.5	CVE-2019-19596 MISC
gnupg -- libgcrypt_and_gnupg	Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during multiplication.	2019-11-29	1.9	CVE-2014-3591 MISC MISC MISC MISC MISC
ibm -- cloud_pak_system	IBM Cloud Pak System 2.3 and 2.3.0.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 163774.	2019-12-03	2.1	CVE-2019-4465 XF CONFIRM
qnap-- qts	A stored cross-site scripting (XSS) vulnerability has been reported to affect multiple versions of QTS. If exploited, this vulnerability may allow an attacker to inject and execute scripts on the administrator console. To fix this vulnerability, QNAP recommend updating QTS to the latest version.	2019-12-04	3.5	CVE-2019-7197 CONFIRM

Severity Not Yet Assigned

Primary Vendor -- Product	Description	Published	CVSS Score	Source & Patch Info
10-strike_software -- free_photo_viewer	Free Photo Viewer 1.3 allows remote attackers to execute arbitrary code via a crafted BMP and/or TIFF file that triggers a malformed SEH, as demonstrated by a 0012ECB4 FreePhot.00425642 42200008 corrupt entry.	2019-11-30	not yet calculated	CVE-2019-19468 MISC
allied_telesis -- at-gs950/8_devices	A Directory Traversal in the Web interface of the Allied Telesis AT-GS950/8 until Firmware AT-S107 V.1.1.3 [1.00.047] allows unauthenticated attackers to read arbitrary system files via a GET request. NOTE: This is an End-of-Life product.	2019-11-29	not yet calculated	CVE-2019-18922 MISC FULLDISC MISC
amd -- atidxx64.dll_driver	An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.29010. A specially crafted pixel shader can cause out-of-bounds memory read. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host.	2019-12-05	not yet calculated	CVE-2019-5098 MISC
anhui_huami_information_technology -- mi_fit_application	The Anhui Huami Mi Fit application before 4.0.11 for Android has an Unencrypted Update Check.	2019-11-30	not yet calculated	CVE-2019-19463 MISC
apache -- olingo	The XML content type entity deserializer in Apache Olingo versions 4.0.0 to 4.6.0 is not configured to deny the resolution of external entities. Request with content type "application/xml", which trigger the deserialization of entities, can be used to trigger XXE attacks.	2019-12-04	not yet calculated	CVE-2019-17554 MLIST
apache -- olingo	The AsyncResponseWrapperImpl class in Apache Olingo versions 4.0.0 to 4.6.0 reads the Retry-After header and passes it to the Thread.sleep() method without any check. If a malicious server returns a huge value in the header, then it can help to implement a DoS attack.	2019-12-04	not yet calculated	CVE-2019-17555 MLIST
apache -- olingo	Apache Olingo versions 4.0.0 to 4.6.0 provide the AbstractService class, which is public API, uses ObjectInputStream and doesn't check classes being deserialized. If an attacker can feed malicious metadata to the class, then it may result in running attacker's code in the worse case.	2019-12-04	not yet calculated	CVE-2019-17556 MLIST
armeria -- armeria	Versions of Armeria 0.85.0 through and including 0.96.0 are vulnerable to HTTP response splitting, which allows remote attackers to inject arbitrary HTTP headers via CRLF sequences when unsanitized data is used to populate the headers of an HTTP response. This vulnerability has been patched in 0.97.0. Potential impacts of this vulnerability include cross-user defacement, cache poisoning, Cross-site scripting (XSS), and page hijacking.	2019-12-06	not yet calculated	CVE-2019-16771 MISC CONFIRM
autodesk -- desktop_application	DLL preloading vulnerability in Autodesk Desktop Application versions 7.0.16.29 and earlier. An attacker may trick a user into downloading a malicious DLL file into the working directory, which may then leverage a DLL preloading vulnerability and execute code on the system.	2019-12-03	not yet calculated	CVE-2019-7365 CONFIRM
autodesk -- fbx_software_development_kit	Buffer overflow vulnerability in Autodesk FBX Software Development Kit version 2019.5. A user may be tricked into opening a malicious FBX file which may exploit a buffer overflow vulnerability causing it to run arbitrary code on the system.	2019-12-03	not yet calculated	CVE-2019-7366 CONFIRM
autodesk -- desktop_application	DLL preloading vulnerability in Autodesk Desktop Application versions 7.0.16.29 and earlier. An attacker may trick a user into downloading a malicious DLL file into the working directory, which may then leverage a DLL preloading vulnerability and execute code on the system.	2019-12-03	not yet calculated	CVE-2019-7365 CONFIRM
autodesk -- fbx_software_development_kit	Buffer overflow vulnerability in Autodesk FBX Software Development Kit version 2019.5. A user may be tricked into opening a malicious FBX file which may exploit a buffer overflow vulnerability causing it to run arbitrary code on the system.	2019-12-03	not yet calculated	CVE-2019-7366 CONFIRM
aviatrix -- vpn_client	Weak file permissions applied to the Aviatrix VPN Client through 2.2.10 installation directory on Windows and Linux allow a local attacker to execute arbitrary code by gaining elevated privileges through file modifications.	2019-12-05	not yet calculated	CVE-2019-17388 MISC MISC MISC
aviatrix -- vpn_client	An authentication flaw in the AVPNC_RP service in Aviatrix VPN Client through 2.2.10 allows an attacker to gain elevated privileges through arbitrary code execution on Windows, Linux, and macOS.	2019-12-05	not yet calculated	CVE-2019-17387 MISC MISC MISC
axtls -- axtls	process_certificate in tls1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow via a crafted TLS certificate handshake message with zero certificates.	2019-12-03	not yet calculated	CVE-2019-9689 MISC MISC
cbc -- cbc_gem_application_for_android	The CBC Gem application before 9.24.1 for Android and before 9.26.0 for iOS has Unencrypted Analytics.	2019-11-30	not yet calculated	CVE-2019-19464 MISC
chkstat -- chkstat	The chkstat tool in the permissions package followed symlinks before commit a9e1d26cd49ef9ee0c2060c859321128a6dd4230 (please also check the additional hardenings after this fix). This allowed local attackers with control over a path that is traversed by chkstat to escalate privileges.	2019-12-05	not yet calculated	CVE-2019-3690 CONFIRM
chkstat -- chkstat	The chkstat tool in the permissions package followed symlinks before commit a9e1d26cd49ef9ee0c2060c859321128a6dd4230 (please also check the additional hardenings after this fix). This allowed local attackers with control over a path that is traversed by chkstat to escalate privileges.	2019-12-05	not yet calculated	CVE-2019-3690 CONFIRM
ckeditor -- ckeditor	pluginconfig.php in the Image Uploader and Browser plugin before 4.1.9 for CKEditor mishandles certain characters in pathnames.	2019-12-02	not yet calculated	CVE-2019-19502 MISC MISC MISC MISC
d-link -- dap-1860_devices	D-Link DAP-1860 devices before v1.04b03 Beta allow access to administrator functions without authentication via the HNAP_AUTH header timestamp value. In HTTP requests, part of the HNAP_AUTH header is the timestamp used to determine the time when the user sent the request. If this value is equal to the value stored in the device's /var/hnap/timestamp file, the request will pass the HNAP_AUTH check function.	2019-12-05	not yet calculated	CVE-2019-19598 MISC MISC
d-link -- dap-1860_devices	D-Link DAP-1860 devices before v1.04b03 Beta allow arbitrary remote code execution as root without authentication via shell metacharacters within an HNAP_AUTH HTTP header.	2019-12-05	not yet calculated	CVE-2019-19597 MISC MISC
daps -- daps	An issue was discovered in Decentralized Anonymous Payment System (DAPS) through 2019-08-26. It is possible to force wallets to send HTTP requests to arbitrary locations, both on the local network and on the internet. This is a serious threat to user privacy, since it can possibly leak their IP address and the fact that they are using the product. This also affects Dash Core through 0.14.0.3 and Private Instant Verified Transactions (PIVX) through 3.4.0.	2019-12-04	not yet calculated	CVE-2019-16752 MISC
daps -- daps	An issue was discovered in Decentralized Anonymous Payment System (DAPS) through 2019-08-26. The content to be signed is composed of a representation of strings, rather than being composed of their binary representations. This is a weak signature scheme design that would allow the reuse of signatures in some cases (or even the reuse of signatures, intended for one type of message, for another type). This also affects Private Instant Verified Transactions (PIVX) through 3.4.0.	2019-12-04	not yet calculated	CVE-2019-16753 MISC
davical -- davical	A CSRF issue was discovered in DAViCal through 1.1.8. If an authenticated user visits an attacker-controlled webpage, the attacker can send arbitrary requests in the name of the user to the application. If the attacked user is an administrator, the attacker could for example add a new admin user.	2019-12-04	not yet calculated	CVE-2019-18346 MISC MISC MISC
davical -- davical	A stored XSS issue was discovered in DAViCal through 1.1.8. It does not adequately sanitize output of various fields that can be set by unprivileged users, making it possible for JavaScript stored in those fields to be executed by another (possibly privileged) user. Affected database fields include Username, Display Name, and Email.	2019-12-04	not yet calculated	CVE-2019-18347 MISC MISC MISC
dell -- command_update	Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. A local authenticated malicious user with low privileges potentially could exploit this vulnerability to delete arbitrary files by creating a symlink from the "Temp\IC\ICDebugLog.txt" to any targeted file. This issue occurs because of insecure handling of Temp directory permissions that were set incorrectly.	2019-12-03	not yet calculated	CVE-2019-3750 MISC
dell -- command_update	Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. A local authenticated malicious user with low privileges potentially could exploit this vulnerability to delete arbitrary files by creating a symlink from the "Temp\ICProgress\Dell_InventoryCollector_Progress.xml" to any targeted file. This issue occurs because permissions on the Temp directory were set incorrectly.	2019-12-03	not yet calculated	CVE-2019-3749 MISC
dell -- command_configure	Dell Command Configure versions prior to 4.2.1 contain an uncontrolled search path vulnerability. A locally authenticated malicious user could exploit this vulnerability by creating a symlink to a target file, allowing the attacker to overwrite or corrupt a specified file on the system.	2019-12-06	not yet calculated	CVE-2019-18575 MISC
dell -- command_update	Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. A local authenticated malicious user with low privileges potentially could exploit this vulnerability to delete arbitrary files by creating a symlink from the "Temp\IC\ICDebugLog.txt" to any targeted file. This issue occurs because of insecure handling of Temp directory permissions that were set incorrectly.	2019-12-03	not yet calculated	CVE-2019-3750 MISC
dell -- command_update	Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. A local authenticated malicious user with low privileges potentially could exploit this vulnerability to delete arbitrary files by creating a symlink from the "Temp\ICProgress\Dell_InventoryCollector_Progress.xml" to any targeted file. This issue occurs because permissions on the Temp directory were set incorrectly.	2019-12-03	not yet calculated	CVE-2019-3749 MISC
dell -- rsa_authentication_manager_software	RSA Authentication Manager software versions prior to 8.4 P8 contain a stored cross-site scripting vulnerability in the Security Console. A malicious Security Console administrator could exploit this vulnerability to store arbitrary HTML or JavaScript code through the web interface which could then be included in a report. When other Security Console administrators open the affected report, the injected scripts could potentially be executed in their browser.	2019-12-03	not yet calculated	CVE-2019-18574 MISC
django -- django	Django 2.1 before 2.1.15 and 2.2 before 2.2.8 allows unintended model editing. A Django model admin displaying inline related models, where the user has view-only permissions to a parent model but edit permissions to the inline model, would be presented with an editing UI, allowing POST requests, for updating the inline model. Directly editing the view-only parent model was not possible, but the parent model's save() method was called, triggering potential side effects, and causing pre and post-save signal handlers to be invoked. (To resolve this, the Django admin is adjusted to require edit permissions on the parent model in order for inline models to be editable.)	2019-12-02	not yet calculated	CVE-2019-19118 MLIST MISC MISC CONFIRM
documize -- documize	domain/section/markdown/markdown.go in Documize before 3.5.1 mishandles untrusted Markdown content. This was addressed by adding the bluemonday HTML sanitizer to defend against XSS.	2019-12-06	not yet calculated	CVE-2019-19619 MISC MISC MISC
documize -- documize	domain/section/markdown/markdown.go in Documize before 3.5.1 mishandles untrusted Markdown content. This was addressed by adding the bluemonday HTML sanitizer to defend against XSS.	2019-12-06	not yet calculated	CVE-2019-19619 MISC MISC MISC
ezmaster -- exmaster	The admin sys mode is now conditional and dedicated for the special case. By default, since ezmaster@5.2.11 no instance (container) is launched with advanced capabilities (not launched as root)	2019-11-29	not yet calculated	CVE-2019-16767 MISC MISC CONFIRM
freeswitch -- freeswitch	FreeSWITCH 1.6.10 through 1.10.1 has a default password in event_socket.conf.xml.	2019-12-02	not yet calculated	CVE-2019-19492 MISC
fronius -- solar_inverter_devices	admincgi-bin/service.fcgi on Fronius Solar Inverter devices before 3.14.1 (HM 1.12.1) allows action=download&filename= Directory Traversal.	2019-12-04	not yet calculated	CVE-2019-19229 MISC MISC MISC
fronius -- solar_inverter_devices	Fronius Solar Inverter devices before 3.14.1 (HM 1.12.1) allow attackers to bypass authentication because the password for the today account is stored in the /tmp/web_users.conf file.	2019-12-04	not yet calculated	CVE-2019-19228 MISC MISC MISC
gnome -- dia	When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid codepoint in the current encoding, it enters an endless loop, thus endlessly writing text to stdout. If this launch is from a thumbnailer service, this output will usually be written to disk via the system's logging facility (potentially with elevated privileges), thus filling up the disk and eventually rendering the system unusable. (The filename can be for a nonexistent file.) NOTE: this does not affect an upstream release, but affects certain Linux distribution packages with version numbers such as 0.97.3.	2019-11-29	not yet calculated	CVE-2019-19451 MISC
google -- android	In setCpuVulkanInUse of GpuStats.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141003796	2019-12-06	not yet calculated	CVE-2019-2217 MISC
google -- android	In various functions of RecentLocationApps.java, DevicePolicyManagerService.java, and RecognitionService.java, there is an incorrect warning indicating an app accessed the user's location. This could dissolve the trust in the platform's permission system, with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141028068	2019-12-06	not yet calculated	CVE-2019-9464 MISC
google -- android	In ReadMATImage of mat.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process when loading a MATLAB image file with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-140328986	2019-12-06	not yet calculated	CVE-2019-2224 MISC
google -- android	In ihevcd_ref_list of ihevcd_ref_list.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-140692129	2019-12-06	not yet calculated	CVE-2019-2223 MISC
google -- android	In hasActivityInVisibleTask of WindowProcessController.java there?s a possible bypass of user interaction requirements due to incorrect handling of top activities in INITIALIZING state. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-138583650	2019-12-06	not yet calculated	CVE-2019-2221 MISC
google -- android	In DeepCopy of btif_av.cc, there is a possible out of bounds read due to improper casting. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-140768453	2019-12-06	not yet calculated	CVE-2019-2227 MISC
google -- android	In device_class_to_int of device_class.cc, there is a possible out of bounds read due to improper casting. This could lead to local information disclosure in the Bluetooth server with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-140152619	2019-12-06	not yet calculated	CVE-2019-2226 MISC
google -- android	When pairing with a Bluetooth device, it may be possible to pair a malicious device without any confirmation from the user, and that device may be able to interact with the phone. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-110433804	2019-12-06	not yet calculated	CVE-2019-2225 MISC
google -- android	n ihevcd_parse_slice_data of ihevcd_parse_slice.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-140322595	2019-12-06	not yet calculated	CVE-2019-2222 MISC
google -- android	In nfcManager_routeAid and nfcManager_unrouteAid of NativeNfcManager.cpp, there is possible memory reuse due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141170038	2019-12-06	not yet calculated	CVE-2019-2230 MISC
google -- android	In checkOperation of AppOpsService.java, there is a possible bypass of user interaction requirements due to mishandling application suspend. This could lead to local information disclosure no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-138636979	2019-12-06	not yet calculated	CVE-2019-2220 MISC
google -- android	In System UI, there is a possible bypass of user's consent for access to sensor data due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-119041698	2019-12-06	not yet calculated	CVE-2019-2219 MISC
google -- android	In createSessionInternal of PackageInstallerService.java, there is a possible improper permission grant due to a missing permission check. This could lead to local escalation of privilege by installing malicious packages with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141169173	2019-12-06	not yet calculated	CVE-2019-2218 MISC
google -- android	In Blob::Blob of blob.cpp, there is a possible unencrypted master key due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-141955555	2019-12-06	not yet calculated	CVE-2019-2231 MISC
google -- android	In handleRun of TextLine.java, there is a possible application crash due to improper input validation. This could lead to remote denial of service when processing Unicode with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-140632678	2019-12-06	not yet calculated	CVE-2019-2232 MISC
google -- android	In updateWidget of BaseWidgetProvider.java, there is a possible leak of user data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-139803872	2019-12-06	not yet calculated	CVE-2019-2229 MISC
google -- android	In array_find of array.c, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to local information disclosure in the printer spooler with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-111210196	2019-12-06	not yet calculated	CVE-2019-2228 MISC
google -- android	In hasActivityInVisibleTask of WindowProcessController.java there?s a possible bypass of user interaction requirements due to incorrect handling of top activities in INITIALIZING state. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-138583650	2019-12-06	not yet calculated	CVE-2019-2221 MISC
google -- android	In ReadMATImage of mat.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process when loading a MATLAB image file with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-140328986	2019-12-06	not yet calculated	CVE-2019-2224 MISC
google -- android	When pairing with a Bluetooth device, it may be possible to pair a malicious device without any confirmation from the user, and that device may be able to interact with the phone. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-110433804	2019-12-06	not yet calculated	CVE-2019-2225 MISC
google -- android	In ihevcd_ref_list of ihevcd_ref_list.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-140692129	2019-12-06	not yet calculated	CVE-2019-2223 MISC
google -- android	In updateWidget of BaseWidgetProvider.java, there is a possible leak of user data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-139803872	2019-12-06	not yet calculated	CVE-2019-2229 MISC
google -- android	In nfcManager_routeAid and nfcManager_unrouteAid of NativeNfcManager.cpp, there is possible memory reuse due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141170038	2019-12-06	not yet calculated	CVE-2019-2230 MISC
google -- android	In Blob::Blob of blob.cpp, there is a possible unencrypted master key due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-141955555	2019-12-06	not yet calculated	CVE-2019-2231 MISC
google -- android	In handleRun of TextLine.java, there is a possible application crash due to improper input validation. This could lead to remote denial of service when processing Unicode with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-140632678	2019-12-06	not yet calculated	CVE-2019-2232 MISC
google -- android	n ihevcd_parse_slice_data of ihevcd_parse_slice.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-140322595	2019-12-06	not yet calculated	CVE-2019-2222 MISC
google -- android	In DeepCopy of btif_av.cc, there is a possible out of bounds read due to improper casting. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-140768453	2019-12-06	not yet calculated	CVE-2019-2227 MISC
google -- android	In checkOperation of AppOpsService.java, there is a possible bypass of user interaction requirements due to mishandling application suspend. This could lead to local information disclosure no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-138636979	2019-12-06	not yet calculated	CVE-2019-2220 MISC
google -- android	In createSessionInternal of PackageInstallerService.java, there is a possible improper permission grant due to a missing permission check. This could lead to local escalation of privilege by installing malicious packages with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141169173	2019-12-06	not yet calculated	CVE-2019-2218 MISC
google -- android	In device_class_to_int of device_class.cc, there is a possible out of bounds read due to improper casting. This could lead to local information disclosure in the Bluetooth server with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-140152619	2019-12-06	not yet calculated	CVE-2019-2226 MISC
google -- android	In setCpuVulkanInUse of GpuStats.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141003796	2019-12-06	not yet calculated	CVE-2019-2217 MISC
google -- android	In array_find of array.c, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to local information disclosure in the printer spooler with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-111210196	2019-12-06	not yet calculated	CVE-2019-2228 MISC
google -- android	In various functions of RecentLocationApps.java, DevicePolicyManagerService.java, and RecognitionService.java, there is an incorrect warning indicating an app accessed the user's location. This could dissolve the trust in the platform's permission system, with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141028068	2019-12-06	not yet calculated	CVE-2019-9464 MISC
google -- android	In System UI, there is a possible bypass of user's consent for access to sensor data due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-119041698	2019-12-06	not yet calculated	CVE-2019-2219 MISC
harbor -- harbor	A User Enumeration flaw exists in Harbor. The issue is present in the "/users" API endpoint. This endpoint is supposed to be restricted to administrators. This restriction is able to be bypassed and information can be obtained about registered users can be obtained via the "search" functionality.	2019-12-03	not yet calculated	CVE-2019-3990 CONFIRM MISC
harbor -- harbor	A User Enumeration flaw exists in Harbor. The issue is present in the "/users" API endpoint. This endpoint is supposed to be restricted to administrators. This restriction is able to be bypassed and information can be obtained about registered users can be obtained via the "search" functionality.	2019-12-03	not yet calculated	CVE-2019-3990 CONFIRM MISC
hashicorp -- terraform	When using the Azure backend with a shared access signature (SAS), Terraform versions prior to 0.12.17 may transmit the token and state snapshot using cleartext HTTP.	2019-12-02	not yet calculated	CVE-2019-19316 CONFIRM
huawei -- atlas_300_and_atlas_500	Huawei Atlas 300, Atlas 500 have a buffer overflow vulnerability. A local, authenticated attacker may craft specific parameter and send to the process to exploit this vulnerability. Successfully exploit may cause service crash.	2019-11-29	not yet calculated	CVE-2019-5247 CONFIRM
huawei -- band_2_and_honor_band_3	There is an insufficient authentication vulnerability in Huawei Band 2 and Honor Band 3. The band does not sufficiently authenticate the device try to connect to it in certain scenario. Successful exploit could allow the attacker to spoof then connect to the band.	2019-11-29	not yet calculated	CVE-2019-5218 CONFIRM
huawei -- hisuite_and_hwbackup	HiSuite with 9.1.0.305 and earlier versions and 9.1.0.305(MAC) and earlier versions and HwBackup with earlier versions before 9.1.1.308 have a brute forcing encrypted backup data vulnerability. Huawei smartphone user backup information can be obtained by brute forcing the password for encrypting the backup.	2019-11-29	not yet calculated	CVE-2019-5263 CONFIRM
huawei -- honor_play_smartphones	Honor play smartphones with versions earlier than 9.1.0.333(C00E333R1P1T8) have an information disclosure vulnerability in certain Huawei . An attacker could view certain information after a series of operation without unlock the screen lock. Successful exploit could cause an information disclosure condition.	2019-11-29	not yet calculated	CVE-2019-5309 CONFIRM
huawei -- mate_20_rs_smartphones	Mate 20 RS smartphones with versions earlier than 9.1.0.135(C786E133R3P1) have an improper authorization vulnerability. The software does not properly restrict certain operation in ADB mode, successful exploit could allow the attacker to switch to third desktop after a series of operation.	2019-11-29	not yet calculated	CVE-2019-5308 CONFIRM
huawei -- multiple_home_routers	Some Huawei home routers have an input validation vulnerability. Due to input parameter is not correctly verified, an attacker can exploit this vulnerability by sending special constructed packets to obtain files in the device and upload files to some directories.	2019-11-29	not yet calculated	CVE-2019-5268 CONFIRM
huawei -- myna_smart_speaker	There is an information leak vulnerability in Huawei smart speaker Myna. When the smart speaker is paired with the cloud through Wi-Fi, the speaker incorrectly processes some data. Attackers can exploit this vulnerability to read and modify specific configurations of speakers through a series of operations.	2019-11-29	not yet calculated	CVE-2019-5271 CONFIRM
huawei -- p20_phones	The Huawei Share function of P20 phones with versions earlier than Emily-L29C 9.1.0.311 has an improper file management vulnerability. The attacker tricks the victim to perform certain operations on the mobile phone during file transfer. Because the file is not properly processed, successfully exploit may cause some files on the victim's mobile phone are deleted.	2019-11-29	not yet calculated	CVE-2019-5211 CONFIRM
huawei -- p30_and_p30_pro_and_mate_20_smartphones	P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version.	2019-11-29	not yet calculated	CVE-2019-5227 CONFIRM
huawei -- p30_and_p30_pro_and_mate_20_smartphones	P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version.	2019-11-29	not yet calculated	CVE-2019-5226 CONFIRM
huawei -- p30_smartphones	P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21) have an out of bounds read vulnerability. The system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause out of bounds read and information disclosure.	2019-11-29	not yet calculated	CVE-2019-5224 CONFIRM
huawei -- share	There is an improper access control vulnerability in Huawei Share. The software does not properly restrict access to certain file from certain application. An attacker tricks the user into installing a malicious application then establishing a connect to the attacker through Huawei Share, successful exploit could cause information disclosure.	2019-11-29	not yet calculated	CVE-2019-5212 CONFIRM
huawei -- viewpoint_products	There is a use of insufficiently random values vulnerability in Huawei ViewPoint products. An unauthenticated, remote attacker can guess information by a large number of attempts. Successful exploitation may cause information leak.	2019-11-29	not yet calculated	CVE-2019-5232 CONFIRM
ibm -- cloud_pak_system	IBM Cloud Pak System 2.3 and 2.3.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 159243.	2019-12-03	not yet calculated	CVE-2019-4226 XF CONFIRM
ibm -- cloud_pak_system	IBM Cloud Pak System 2.3 and 2.3.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 163776.	2019-12-03	not yet calculated	CVE-2019-4467 XF CONFIRM
ibm -- cloud_pak_system	IBM Cloud Pak System 2.3 and 2.3.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 163777.	2019-12-03	not yet calculated	CVE-2019-4468 XF CONFIRM
ibm -- cloud_pak_system	IBM Cloud Pak System 2.3 and 2.3.0.1 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server. IBM X-Force ID: 158280.	2019-12-03	not yet calculated	CVE-2019-4130 XF CONFIRM
ibm -- cloud_pak_system	IBM Cloud Pak System 2.3 and 2.3.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 158020.	2019-12-03	not yet calculated	CVE-2019-4098 XF CONFIRM
ibm -- cloud_pak_system	IBM Cloud Pak System 2.3 and 2.3.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 163776.	2019-12-03	not yet calculated	CVE-2019-4467 XF CONFIRM
ibm -- cloud_pak_system	IBM Cloud Pak System 2.3 and 2.3.0.1 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server. IBM X-Force ID: 158280.	2019-12-03	not yet calculated	CVE-2019-4130 XF CONFIRM
ibm -- cloud_pak_system	IBM Cloud Pak System 2.3 and 2.3.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 158020.	2019-12-03	not yet calculated	CVE-2019-4098 XF CONFIRM
intelbras -- iwr_3000n_devices	Intelbras IWR 3000N 1.8.7 devices allow disclosure of the administrator login name and password because v1/system/user is mishandled, a related issue to CVE-2019-17600.	2019-12-05	not yet calculated	CVE-2019-19007 MISC
kaspersky -- multiple_products	Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud prior to version 2020 patch E have bug that allows a local user to execute arbitrary code via execution compromised file placed by an attacker with administrator rights. No privilege escalation. Possible whitelisting bypass some of the security products	2019-12-02	not yet calculated	CVE-2019-15689 CONFIRM
kentico -- kentico	Kentico before 12.0.50 allows file uploads in which the Content-Type header is inconsistent with the file extension, leading to XSS.	2019-12-02	not yet calculated	CVE-2019-19493 MISC
libyang -- libyang	In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of service or possibly gain code execution.	2019-12-06	not yet calculated	CVE-2019-19333 CONFIRM CONFIRM
libyang -- libyang	In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of service or possibly gain code execution.	2019-12-06	not yet calculated	CVE-2019-19334 CONFIRM CONFIRM
linux -- linux_kernel	fpregs_state_valid in arch/x86/include/asm/fpu/internal.h in the Linux kernel before 5.4.2, when GCC 9 is used, allows context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact because of incorrect fpu_fpregs_owner_ctx caching, as demonstrated by mishandling of signal-based non-cooperative preemption in Go 1.14 prereleases on amd64, aka CID-59c4bd853abc.	2019-12-05	not yet calculated	CVE-2019-19602 MISC MISC MISC MISC MISC
linux -- linux_kernel	relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result.	2019-11-30	not yet calculated	CVE-2019-19462 MISC MISC MISC MISC MISC
litemanger -- litemanager	LiteManager 4.5.0 has weak permissions (Everyone: Full Control) in the "LiteManagerFree - Server" folder, as demonstrated by ROMFUSClient.exe.	2019-12-02	not yet calculated	CVE-2019-19490 MISC
max_secure -- anti_virus_plus	Max Secure Anti Virus Plus 19.0.4.020 has Insecure Permissions on the installation directory. Local attackers can replace a .exe or .dll file to achieve privilege escalation.	2019-12-03	not yet calculated	CVE-2019-19382 MISC MISC
mcafee -- web_advisor	Code Injection vulnerability in the web interface in McAfee Web Advisor (WA) prior to 4.1.1.48 allows remote unauthenticated attacker to allow the browser to render a website which Web Advisor would normally have blocked via a carefully crafted web site.	2019-12-03	not yet calculated	CVE-2019-3665 CONFIRM
mcafee -- web_advisor	API Abuse/Misuse vulnerability in the web interface in McAfee Web Advisor (WA) prior to 4.1.1.48 allows remote unauthenticated attacker to allow the browser to navigate to restricted websites via a carefully crafted web site.	2019-12-03	not yet calculated	CVE-2019-3666 CONFIRM
mcafee -- web_advisor	API Abuse/Misuse vulnerability in the web interface in McAfee Web Advisor (WA) prior to 4.1.1.48 allows remote unauthenticated attacker to allow the browser to navigate to restricted websites via a carefully crafted web site.	2019-12-03	not yet calculated	CVE-2019-3666 CONFIRM
mcafee -- web_advisor	Code Injection vulnerability in the web interface in McAfee Web Advisor (WA) prior to 4.1.1.48 allows remote unauthenticated attacker to allow the browser to render a website which Web Advisor would normally have blocked via a carefully crafted web site.	2019-12-03	not yet calculated	CVE-2019-3665 CONFIRM
myphpadmin -- myphpadmin	phpMyAdmin before 4.9.2 does not escape certain Git information, related to libraries/classes/Display/GitRevision.php and libraries/classes/Footer.php.	2019-12-06	not yet calculated	CVE-2019-19617 MISC MISC MLIST MISC
napc -- xinet_elegant_6_asset_library	NAPC Xinet Elegant 6 Asset Library 6.1.655 allows Pre-Authentication SQL Injection via the /elegant6/login LoginForm[username] field when double quotes are used.	2019-12-02	not yet calculated	CVE-2019-19245 MISC MISC
norton -- password_manager	Norton Password Manager, prior to 6.6.2.5, may be susceptible to a cross origin resource sharing (CORS) vulnerability, which is a type of issue that allows restricted resources on a web page to be requested from another domain outside the domain from which the first resource was served.	2019-12-05	not yet calculated	CVE-2019-18381 CONFIRM
norton -- password_manager	Norton Password Manager, prior to 6.6.2.5, may be susceptible to an information disclosure issue, which is a type of vulnerability whereby there is an unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.	2019-12-05	not yet calculated	CVE-2019-19546 CONFIRM
okaycms -- okaycms	In OkayCMS through 2.3.4, an unauthenticated attacker can achieve remote code execution by injecting a malicious PHP object via a crafted cookie. This could happen at two places: first in view/ProductsView.php using the cookie price_filter, and second in api/Comparison.php via the cookie comparison.	2019-12-03	not yet calculated	CVE-2019-16885 MISC FULLDISC MISC
omnios_community_edition -- omnios_community_edition	illumos, as used in OmniOS Community Edition before r151030y, allows a kernel crash via an application with multiple threads calling sendmsg concurrently over a single socket, because uts/common/inet/ip/ip_attr.c mishandles conn_ixa dereferences.	2019-11-29	not yet calculated	CVE-2019-19396 MISC MISC
opencv -- opencv	An out-of-bounds read was discovered in OpenCV before 4.1.1. Specifically, variable coarsest_scale is assumed to be greater than or equal to finest_scale within the calc()/ocl_calc() functions in dis_flow.cpp. However, this is not true when dealing with small images, leading to an out-of-bounds read of the heap-allocated arrays Ux and Uy.	2019-12-06	not yet calculated	CVE-2019-19624 MISC MISC
opencv -- opencv	An out-of-bounds read was discovered in OpenCV before 4.1.1. Specifically, variable coarsest_scale is assumed to be greater than or equal to finest_scale within the calc()/ocl_calc() functions in dis_flow.cpp. However, this is not true when dealing with small images, leading to an out-of-bounds read of the heap-allocated arrays Ux and Uy.	2019-12-06	not yet calculated	CVE-2019-19624 MISC MISC
opendetex -- opendetex	OpenDetex 2.8.5 has a Buffer Overflow in TexOpen in detex.l because of an incorrect sprintf.	2019-12-05	not yet calculated	CVE-2019-19601 MISC
opensc -- opensc	An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/card-cac1.c mishandles buffer limits for CAC certificates.	2019-12-01	not yet calculated	CVE-2019-19481 MISC MISC
openwrt_project -- openwrt	OpenWrt 18.06.4 allows XSS via the "New port forward" Name field to the cgi-bin/luci/admin/network/firewall/forwards URI (this can occur, for example, on a TP-Link Archer C7 device).	2019-12-03	not yet calculated	CVE-2019-18993 CONFIRM
openwrt_project -- openwrt	OpenWrt 18.06.4 allows XSS via these Name fields to the cgi-bin/luci/admin/network/firewall/rules URI: "Open ports on router" and "New forward rule" and "New Source NAT" (this can occur, for example, on a TP-Link Archer C7 device).	2019-12-03	not yet calculated	CVE-2019-18992 CONFIRM
otrs -- otrs_community_edition_and_otrs	Improper Check for filenames with overly long extensions in PostMaster (sending in email) or uploading files (e.g. attaching files to mails) of ((OTRS)) Community Edition and OTRS allows an remote attacker to cause an endless loop. This issue affects: OTRS AG: ((OTRS)) Community Edition 5.0.x version 5.0.38 and prior versions; 6.0.x version 6.0.23 and prior versions. OTRS AG: OTRS 7.0.x version 7.0.12 and prior versions.	2019-12-05	not yet calculated	CVE-2019-18180 CONFIRM
palo_alto_networks -- pan-os	An improper authentication check in Palo Alto Networks PAN-OS may allow an authenticated low privileged non-superuser custom role user to elevate privileges and become superuser. This issue affects PAN-OS 7.1 versions prior to 7.1.25; 8.0 versions prior to 8.0.20; 8.1 versions prior to 8.1.11; 9.0 versions prior to 9.0.5. PAN-OS version 7.0 and prior EOL versions have not been evaluated for this issue.	2019-12-05	not yet calculated	CVE-2019-17437 CONFIRM
phpmyadmin -- phpmyadmin	phpMyAdmin before 4.9.2 does not escape certain Git information, related to libraries/classes/Display/GitRevision.php and libraries/classes/Footer.php.	2019-12-06	not yet calculated	CVE-2019-19617 MISC MISC MLIST MISC
proftpd -- proftpd	An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. A dereference of a NULL pointer may occur. This pointer is returned by the OpenSSL sk_X509_REVOKED_value() function when encountering an empty CRL installed by a system administrator. The dereference occurs when validating the certificate of a client connecting to the server in a TLS client/server mutual-authentication setup.	2019-11-30	not yet calculated	CVE-2019-19269 MISC MLIST FEDORA FEDORA
puma -- puma	In Puma before version 4.3.2, a poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack. If more keepalive connections to Puma are opened than there are threads available, additional connections will wait permanently if the attacker sends requests frequently enough.	2019-12-05	not yet calculated	CVE-2019-16770 CONFIRM
qnap -- music_station	This cross-site scripting (XSS) vulnerability in Music Station allows remote attackers to inject and execute scripts on the administrator?s management console. To fix this vulnerability, QNAP recommend updating Music Station to their latest versions.	2019-12-05	not yet calculated	CVE-2019-7185 CONFIRM
qnap -- netback_replicator	An unquoted service path vulnerability is reported to affect the service ?QVssService? in QNAP NetBak Replicator. This vulnerability could allow an authorized but non-privileged local user to execute arbitrary code with elevated system privileges. QNAP have already fixed this issue in QNAP NetBak Replicator 4.5.12.1108.	2019-12-04	not yet calculated	CVE-2019-7201 CONFIRM
qnap -- photo_station	This external control of file name or path vulnerability allows remote attackers to access or modify system files. To fix the vulnerability, QNAP recommend updating Photo Station to their latest versions.	2019-12-05	not yet calculated	CVE-2019-7195 CONFIRM
qnap -- photo_station	This improper access control vulnerability allows remote attackers to gain unauthorized access to the system. To fix these vulnerabilities, QNAP recommend updating Photo Station to their latest versions.	2019-12-05	not yet calculated	CVE-2019-7192 CONFIRM
qnap -- photo_station	This external control of file name or path vulnerability allows remote attackers to access or modify system files. To fix the vulnerability, QNAP recommend updating Photo Station to their latest versions.	2019-12-05	not yet calculated	CVE-2019-7194 CONFIRM
qnap -- qts	This improper link resolution vulnerability allows remote attackers to access system files. To fix this vulnerability, QNAP recommend updating QTS to their latest versions.	2019-12-05	not yet calculated	CVE-2019-7183 CONFIRM
qnap -- qts	This improper input validation vulnerability allows remote attackers to inject arbitrary code to the system. To fix the vulnerability, QNAP recommend updating QTS to their latest versions.	2019-12-05	not yet calculated	CVE-2019-7193 CONFIRM
qnap -- video_station	This cross-site scripting (XSS) vulnerability in Video Station allows remote attackers to inject and execute scripts on the administrator?s management console. To fix this vulnerability, QNAP recommend updating Video Station to their latest versions.	2019-12-05	not yet calculated	CVE-2019-7184 CONFIRM
rabbitmq-c -- rabbitmq-c	An issue was discovered in amqp_handle_input in amqp_connection.c in rabbitmq-c 0.9.0. There is an integer overflow that leads to heap memory corruption in the handling of CONNECTION_STATE_HEADER. A rogue server could return a malicious frame header that leads to a smaller target_size value than needed. This condition is then carried on to a memcpy function that copies too much data into a heap buffer.	2019-12-01	not yet calculated	CVE-2019-18609 MISC CONFIRM MLIST MISC UBUNTU
radare -- radare2	In radare2 through 4.0, there is an integer overflow for the variable new_token_size in the function r_asm_massemble at libr/asm/asm.c. This integer overflow will result in a Use-After-Free for the buffer tokens, which can be filled with arbitrary malicious data after the free. This allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted input.	2019-12-05	not yet calculated	CVE-2019-19590 MISC
reset.pro -- adobe_stock_api_integration_for_prestashop	reset/modules/fotoliaFoto/multi_upload.php in the RESET.PRO Adobe Stock API Integration for PrestaShop 1.6 and 1.7 allows remote attackers to execute arbitrary code by uploading a .php file.	2019-12-05	not yet calculated	CVE-2019-19594 MISC
reset.pro -- adobe_stock_api_integration_for_prestashop	reset/modules/advanced_form_maker_edit/multiupload/upload.php in the RESET.PRO Adobe Stock API integration 4.8 for PrestaShop allows remote attackers to execute arbitrary code by uploading a .php file.	2019-12-05	not yet calculated	CVE-2019-19595 MISC
ros -- sros	SROS 2 0.8.1 (after CVE-2019-19625 is mitigated) leaks ROS 2 node-related information regardless of the rtps_protection_kind configuration. (SROS2 provides the tools to generate and distribute keys for Robot Operating System 2 and uses the underlying security plugins of DDS from ROS 2.)	2019-12-06	not yet calculated	CVE-2019-19627 MISC MISC MISC MISC MISC
ros -- sros	SROS 2 0.8.1 (which provides the tools that generate and distribute keys for Robot Operating System 2 and uses the underlying security plugins of DDS from ROS 2) leaks node information due to a leaky default configuration as indicated in the policy/defaults/dds/governance.xml document.	2019-12-06	not yet calculated	CVE-2019-19625 MISC MISC
ros -- sros_2	SROS 2 0.8.1 (which provides the tools that generate and distribute keys for Robot Operating System 2 and uses the underlying security plugins of DDS from ROS 2) leaks node information due to a leaky default configuration as indicated in the policy/defaults/dds/governance.xml document.	2019-12-06	not yet calculated	CVE-2019-19625 MISC MISC
ros -- sros_2	SROS 2 0.8.1 (after CVE-2019-19625 is mitigated) leaks ROS 2 node-related information regardless of the rtps_protection_kind configuration. (SROS2 provides the tools to generate and distribute keys for Robot Operating System 2 and uses the underlying security plugins of DDS from ROS 2.)	2019-12-06	not yet calculated	CVE-2019-19627 MISC MISC MISC MISC MISC
salto -- proaccess_space	An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. The product's webserver runs as a Windows service with local SYSTEM permissions by default. This is against the principle of least privilege. An attacker who is able to exploit CVE-2019-19458 or CVE-2019-19459 is basically able to write to every single path on the file system, because the webserver is running with the highest privileges available.	2019-12-03	not yet calculated	CVE-2019-19460 MISC MISC
salto -- proaccess_space	An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. An attacker can write arbitrary content to arbitrary files, as demonstrated by CVE-2019-19458 files under the web root, or .bat files that will be used with auto start. This allows an attacker to execute arbitrary commands on the server.	2019-12-03	not yet calculated	CVE-2019-19459 MISC MISC
salto -- proaccess_space	SALTO ProAccess SPACE 5.4.3.0 allows Directory Traversal in the Data Export feature.	2019-12-03	not yet calculated	CVE-2019-19458 MISC MISC
salto -- proaccess_space	SALTO ProAccess SPACE 5.4.3.0 allows XSS.	2019-12-03	not yet calculated	CVE-2019-19457 MISC MISC
sangoma -- freepbx	In userman 13.0.76.43 through 15.0.20 in Sangoma FreePBX, XSS exists in the User Management screen of the Administrator web site. An attacker with access to the User Control Panel application can submit malicious values in some of the time/date formatting and time-zone fields. These fields are not being properly sanitized. If this is done and a user (such as an admin) visits the User Management screen and views that user's profile, the XSS payload will render and execute in the context of the victim user's account.	2019-12-06	not yet calculated	CVE-2019-19551 CONFIRM
sangoma -- freepbx	In userman 13.0.76.43 through 15.0.20 in Sangoma FreePBX, XSS exists in the user management screen of the Administrator web site, i.e., the/admin/config.php?display=userman URI. An attacker with sufficient privileges can edit the Display Name of a user and embed malicious XSS code. When another user (such as an admin) visits the main User Management screen, the XSS payload will render and execute in the context of the victim user's account.	2019-12-06	not yet calculated	CVE-2019-19552 MISC
sceditor -- sceditor	SCEditor 2.1.3 allows XSS.	2019-12-05	not yet calculated	CVE-2019-19466 MISC MISC
secureworks -- red_cloak_windows_agent	In SecureWorks Red Cloak Windows Agent before 2.0.7.9, a local user can bypass the generation of telemetry alerts by removing NT AUTHORITY\SYSTEM permissions from a malicious file.	2019-12-06	not yet calculated	CVE-2019-19620 MISC MISC
securworks -- red_cloak_windows_agent	In SecureWorks Red Cloak Windows Agent before 2.0.7.9, a local user can bypass the generation of telemetry alerts by removing NT AUTHORITY\SYSTEM permissions from a malicious file.	2019-12-06	not yet calculated	CVE-2019-19620 MISC MISC
serialize-to-js -- serialize-to-js	The serialize-to-js NPM package before version 3.0.1 is vulnerable to Cross-site Scripting (XSS). It does not properly mitigate against unsafe characters in serialized regular expressions. This vulnerability is not affected on Node.js environment since Node.js's implementation of RegExp.prototype.toString() backslash-escapes all forward slashes in regular expressions. If serialized data of regular expression objects are used in an environment other than Node.js, it is affected by this vulnerability.	2019-12-07	not yet calculated	CVE-2019-16772 MISC CONFIRM
shapeshift -- keykeep_hardware_wallet	Insufficient checks in the finite state machine of the ShapeShift KeepKey hardware wallet before firmware 6.2.2 allow a partial reset of cryptographic secrets to known values via crafted messages. Notably, this breaks the security of U2F for new server registrations and invalidates existing registrations. This vulnerability can be exploited by unauthenticated attackers and the interface is reachable via WebUSB.	2019-12-06	not yet calculated	CVE-2019-18672 MISC MISC CONFIRM
shapeshift -- keykeep_hardware_wallet	Insufficient checks in the USB packet handling of the ShapeShift KeepKey hardware wallet before firmware 6.2.2 allow out-of-bounds writes on the stack via crafted messages. The vulnerability could allow code execution or other forms of impact. It can be triggered by unauthenticated attackers and the interface is reachable via WebUSB.	2019-12-06	not yet calculated	CVE-2019-18671 MISC MISC CONFIRM
smplayer -- smplayer	SMPlayer 19.5.0 has a buffer overflow via a long .m3u file.	2019-12-02	not yet calculated	CVE-2019-19489 MISC
sony -- catalyst_production_suite_and_catalyst_browse	In Sony Catalyst Production Suite through 2019.1 (1.1.0.21) and Catalyst Browse through 2019.1 (1.1.0.21), an unprivileged user can obtain admin privileges, and execute a program as admin, after DLL hijacking of a DLL that is loaded during setup (installation).	2019-12-04	not yet calculated	CVE-2019-19364 MISC
sqlite -- sqlite	lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other impact.	2019-12-05	not yet calculated	CVE-2019-19317 MISC MISC
strapi -- strapi	The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Code Execution in the Install and Uninstall Plugin components of the Admin panel, because it does not sanitize the plugin name, and attackers can inject arbitrary shell commands to be executed by the execa function.	2019-12-05	not yet calculated	CVE-2019-19609 MISC MISC
sylius -- sylius	In affected versions of Sylius, exception messages from internal exceptions (like database exception) are wrapped by \Symfony\Component\Security\Core\Exception\AuthenticationServiceException and propagated through the system to UI. Therefore, some internal system information may leak and be visible to the customer. A validation message with the exception details will be presented to the user when one will try to log into the shop. This has been patched in versions 1.3.14, 1.4.10, 1.5.7, and 1.6.3.	2019-12-05	not yet calculated	CVE-2019-16768 MISC CONFIRM
teamviewer -- teamviewer	An issue was discovered in the Chat functionality of the TeamViewer desktop application 14.3.4730 on Windows. (The vendor states that it was later fixed.) Upon login, every communication is saved within Windows main memory. When a user logs out or deletes conversation history (but does not exit the application), this data is not wiped from main memory, and therefore could be read by a local user with the same or greater privileges.	2019-12-02	not yet calculated	CVE-2019-19362 MISC
thinkparq -- beegfs	beegfs-ctl in ThinkParQ BeeGFS through 7.1.3 allows Authentication Bypass via communication with a BeeGFS metadata server (which is typically not exposed to external networks).	2019-12-05	not yet calculated	CVE-2019-15897 MISC MISC MISC
titanhq -- webtitan	An issue was discovered in TitanHQ WebTitan before 5.18. It contains a Remote Code Execution issue through which an attacker can execute arbitrary code as root. The issue stems from the hotfix download mechanism, which downloads a shell script via HTTP, and then executes it as root. This is analogous to CVE-2019-6800 but for a different product.	2019-12-02	not yet calculated	CVE-2019-19019 MISC MISC
titanhq -- webtitan	An issue was discovered in TitanHQ WebTitan before 5.18. The appliance has a hard-coded root password set during installation. An attacker could utilize this to gain root privileges on the system.	2019-12-02	not yet calculated	CVE-2019-19017 MISC MISC
titanhq -- webtitan	An issue was discovered in TitanHQ WebTitan before 5.18. It has a hidden support account (with a hard-coded password) in the web administration interface, with administrator privileges. Anybody can log in with this account.	2019-12-02	not yet calculated	CVE-2019-19021 MISC MISC
titanhq -- webtitan	An issue was discovered in TitanHQ WebTitan before 5.18. In the administration web interface it is possible to upload a crafted backup file that enables an attacker to execute arbitrary code by overwriting existing files or adding new PHP files under the web root. This requires the attacker to have access to a valid web interface account.	2019-12-02	not yet calculated	CVE-2019-19020 MISC MISC
titanhq -- webtitan	An issue was discovered in TitanHQ WebTitan before 5.18. It exposes a database configuration file under /include/dbconfig.ini in the web administration interface, revealing what database the web application is using.	2019-12-02	not yet calculated	CVE-2019-19018 MISC MISC
trustedsec -- trevorc2	TrevorC2 v1.1/v1.2 fails to prevent fingerprinting primarily via a discrepancy between response headers when responding to different HTTP methods, also via predictible responses when accessing and interacting with the "SITE_PATH_QUERY".	2019-12-04	not yet calculated	CVE-2019-18850 MISC MISC
validators -- validators	The validators package 0.12.2 through 0.12.5 for Python enters an infinite loop when validators.domain is called with a crafted domain string. This is fixed in 0.12.6.	2019-12-05	not yet calculated	CVE-2019-19588 MISC
validators -- validators	The validators package 0.12.2 through 0.12.5 for Python enters an infinite loop when validators.domain is called with a crafted domain string. This is fixed in 0.12.6.	2019-12-05	not yet calculated	CVE-2019-19588 MISC
verot -- class.upload.php	class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions.	2019-12-04	not yet calculated	CVE-2019-19576 MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC
vmware -- esxi_and_horizon_daas	OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.	2019-12-06	not yet calculated	CVE-2019-5544 CONFIRM
wagtail-2fa -- wagtail-2fa	When using wagtail-2fa before 1.3.0, if someone gains access to someone's Wagtail login credentials, they can log into the CMS and bypass the 2FA check by changing the URL. They can then add a new device and gain full access to the CMS. This problem has been patched in version 1.3.0.	2019-11-29	not yet calculated	CVE-2019-16766 MISC MISC CONFIRM
weidmueller -- ie-sw-vl05m_and_ie-sw-vl08mt_and_ie-sw-pl10m_devices	An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. Remote authenticated users can crash a device with a special packet because of Uncontrolled Resource Consumption.	2019-12-06	not yet calculated	CVE-2019-16671 MISC MISC CONFIRM
weidmueller -- ie-sw-vl05m_and_ie-sw-vl08mt_and_ie-sw-pl10m_devices	An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. Sensitive Credentials data is transmitted in cleartext.	2019-12-06	not yet calculated	CVE-2019-16672 MISC MISC CONFIRM
weidmueller -- ie-sw-vl05m_and_ie-sw-vl08mt_and_ie-sw-pl10m_devices	An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. Authentication Information used in a cookie is predictable and can lead to admin password compromise when captured on the network.	2019-12-06	not yet calculated	CVE-2019-16674 MISC MISC CONFIRM
weidmueller -- ie-sw-vl05m_and_ie-sw-vl08mt_and_ie-sw-pl10m_devices	An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. Passwords are stored in cleartext and can be read by anyone with access to the device.	2019-12-06	not yet calculated	CVE-2019-16673 MISC MISC CONFIRM
weidmueller -- ie-sw-vl05m_and_ie-sw-vl08mt_and_ie-sw-pl10m_devices	An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. The Authentication mechanism has no brute-force prevention.	2019-12-06	not yet calculated	CVE-2019-16670 MISC MISC MISC
wordpress -- wordpress	The Lever PDF Embedder plugin 4.4 for WordPress does not block the distribution of polyglot PDF documents that are valid JAR archives.	2019-12-05	not yet calculated	CVE-2019-19589 MISC MISC
xen -- xen	An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device (and assignable-add is not used), because of an incomplete fix for CVE-2019-18424. XSA-302 relies on the use of libxl's "assignable-add" feature to prepare devices to be assigned to untrusted guests. Unfortunately, this is not considered a strictly required step for device assignment. The PCI passthrough documentation on the wiki describes alternate ways of preparing devices for assignment, and libvirt uses its own ways as well. Hosts where these "alternate" methods are used will still leave the system in a vulnerable state after the device comes back from a guest. An untrusted domain with access to a physical device can DMA into host memory, leading to privilege escalation. Only systems where guests are given direct access to physical devices capable of DMA (PCI pass-through) are vulnerable. Systems which do not use PCI pass-through are not vulnerable.	2019-12-04	not yet calculated	CVE-2019-19579 MLIST CONFIRM MISC MISC
xfig -- fig2dev	read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf.	2019-12-04	not yet calculated	CVE-2019-19555 MISC
xtivia -- web_and_time_expense_interface_for_microsoft_dynamics_nav	An Insecure Direct Object Reference (IDOR) vulnerability in the Xtivia Web Time and Expense (WebTE) interface used for Microsoft Dynamics NAV before 2017 allows an attacker to download arbitrary files by specifying arbitrary values for the recId and filename parameters of the /Home/GetAttachment function.	2019-12-06	not yet calculated	CVE-2019-19616 MISC
xtivia -- web_time_and_expense_interface_for_microsoft_dynamics_nav	An Insecure Direct Object Reference (IDOR) vulnerability in the Xtivia Web Time and Expense (WebTE) interface used for Microsoft Dynamics NAV before 2017 allows an attacker to download arbitrary files by specifying arbitrary values for the recId and filename parameters of the /Home/GetAttachment function.	2019-12-06	not yet calculated	CVE-2019-19616 MISC
yahoo -- serialize-javascript	The serialize-javascript npm package before version 2.1.1 is vulnerable to Cross-site Scripting (XSS). It does not properly mitigate against unsafe characters in serialized regular expressions. This vulnerability is not affected on Node.js environment since Node.js's implementation of RegExp.prototype.toString() backslash-escapes all forward slashes in regular expressions. If serialized data of regular expression objects are used in an environment other than Node.js, it is affected by this vulnerability.	2019-12-05	not yet calculated	CVE-2019-16769 CONFIRM
zmanda -- zmanda_management_console	In Zmanda Management Console 3.3.9, ZMC_Admin_Advanced?form=adminTasks&action=Apply&command= allows CSRF, as demonstrated by command injection with shell metacharacters. This may depend on weak default credentials.	2019-12-01	not yet calculated	CVE-2019-19469 MISC

This product is provided subject to this Notification and this Privacy & Use policy.

↧

Samba Releases Security Updates

December 10, 2019, 8:43 am

≫ Next: Adobe Releases Security Updates

≪ Previous: Vulnerability Summary for the Week of December 2, 2019

Original release date: December 10, 2019

The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit one of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Samba Security Announcements for CVE-2019-14861 and CVE-2019-14870 and apply the necessary updates and workarounds.

This product is provided subject to this Notification and this Privacy & Use policy.

↧

Adobe Releases Security Updates

December 10, 2019, 8:49 am

≫ Next: Intel Releases Security Updates

≪ Previous: Samba Releases Security Updates

Original release date: December 10, 2019

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates.

ColdFusion APSB19-58
Brackets APSB19-57
Photoshop CC APSB19-56
Acrobat and Reader APSB19-55

This product is provided subject to this Notification and this Privacy & Use policy.

↧

Intel Releases Security Updates

December 10, 2019, 10:38 am

≫ Next: Apple Releases Multiple Security Updates

≪ Previous: Adobe Releases Security Updates

Original release date: December 10, 2019

Intel has released security updates to address vulnerabilities in multiple products. An authenticated attacker with local access could exploit some of these vulnerabilities to gain escalation of privileges.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Intel advisories and apply the necessary updates and recommended mitigations:

Linux Administrative Tools for Intel Network Adapters Advisory INTEL-SA-00237
FPGA SDK for OpenCL Advisory INTEL-SA-00284
Processors Voltage Settings Modification Advisory INTEL-SA-00289
Control Center-I Advisory INTEL-SA-00299
Quartus Prime Pro Edition Advisory INTEL-SA-00311
SCS Platform Discovery Utility Advisory INTEL-SA-00312
Unexpected Page Fault in Virtualized Environment Advisory INTEL-SA-00317
NUC Firmware Advisory INTEL-SA-00323
Rapid Storage Technology Advisory INTEL-SA-00324

For updates addressing low severity vulnerabilities, see the Intel technology blog.

This product is provided subject to this Notification and this Privacy & Use policy.

↧

Apple Releases Multiple Security Updates

December 10, 2019, 2:05 pm

≫ Next: Google Releases Security Updates for Chrome

≪ Previous: Intel Releases Security Updates

Original release date: December 10, 2019

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates:

This product is provided subject to this Notification and this Privacy & Use policy.

↧

Google Releases Security Updates for Chrome

December 10, 2019, 2:22 pm

≫ Next: Microsoft Releases December 2019 Security Updates

≪ Previous: Apple Releases Multiple Security Updates

Original release date: December 10, 2019

Google has released security updates for Chrome version 79.0.3945.79 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

↧

Microsoft Releases December 2019 Security Updates

December 10, 2019, 3:29 pm

≫ Next: WordPress Releases Security and Maintenance Updates

≪ Previous: Google Releases Security Updates for Chrome

Original release date: December 10, 2019

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s December 2019 Security Update Summary and Deployment Information and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

↧

WordPress Releases Security and Maintenance Updates

December 13, 2019, 7:45 am

≫ Next: Vulnerability Summary for the Week of December 9, 2019

≪ Previous: Microsoft Releases December 2019 Security Updates

Original release date: December 13, 2019

WordPress 5.3 and prior versions are affected by multiple vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected website.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the WordPress Security and Maintenance Release and upgrade to WordPress 5.3.1.

This product is provided subject to this Notification and this Privacy & Use policy.

↧

Vulnerability Summary for the Week of December 9, 2019

December 16, 2019, 3:31 am

≫ Next: Microsoft Releases Out-of-Band Security Updates

≪ Previous: WordPress Releases Security and Maintenance Updates

Original release date: December 16, 2019

High Vulnerabilities

Primary Vendor -- Product	Description	Published	CVSS Score	Source & Patch Info
amazon -- blink_xt2_camera	Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the bssid parameter.	2019-12-11	8.3	CVE-2019-3988 CONFIRM
amazon -- blink_xt2_camera	Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the key parameter.	2019-12-11	8.3	CVE-2019-3987 CONFIRM
amazon -- blink_xt2_camera	Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the encryption parameter.	2019-12-11	8.3	CVE-2019-3986 CONFIRM
amazon -- blink_xt2_camera	Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary code and commands on the device due to insufficient UART protections.	2019-12-11	7.2	CVE-2019-3983 CONFIRM
amazon -- blink_xt2_camera	Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when retrieving internal network configuration data.	2019-12-11	9.3	CVE-2019-3989 CONFIRM
amazon -- blink_xt2_camera	Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the ssid parameter.	2019-12-11	8.3	CVE-2019-3985 CONFIRM
electronic_arts -- origin	Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 1 of 2).	2019-12-12	7.2	CVE-2019-19247 MISC
electronic_arts -- origin	Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 2 of 2).	2019-12-12	7.2	CVE-2019-19248 CONFIRM
git_project -- git	Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a "git submodule update" operation can run commands found in the .gitmodules file of a malicious repository.	2019-12-11	10	CVE-2019-19604 MLIST MISC CONFIRM CONFIRM DEBIAN
google -- android	In handleRun of TextLine.java, there is a possible application crash due to improper input validation. This could lead to remote denial of service when processing Unicode with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-140632678	2019-12-06	7.8	CVE-2019-2232 MISC
google -- android	In ReadMATImage of mat.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process when loading a MATLAB image file with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-140328986	2019-12-06	9.3	CVE-2019-2224 MISC
google -- android	In createSessionInternal of PackageInstallerService.java, there is a possible improper permission grant due to a missing permission check. This could lead to local escalation of privilege by installing malicious packages with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141169173	2019-12-06	7.2	CVE-2019-2218 MISC
google -- android	In setCpuVulkanInUse of GpuStats.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141003796	2019-12-06	7.2	CVE-2019-2217 MISC
ibm -- cloud_pak_system	Platform System Manager in IBM Cloud Pak System 2.3 is potentially vulnerable to CVS Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 165179.	2019-12-10	10	CVE-2019-4521 XF CONFIRM
ibm -- spectrum_scale	IBM Spectrum Scale 4.2 and 5.0 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 172093.	2019-12-11	9	CVE-2019-4715 XF CONFIRM
intesync -- solismed	Intesync Solismed 3.3sp allows Directory Traversal, a different vulnerability than CVE-2019-16246.	2019-12-12	7.5	CVE-2019-15931 MISC MISC MISC MISC
intesync -- solismed	Intesync Solismed 3.3sp has Incorrect Access Control.	2019-12-12	7.5	CVE-2019-15932 MISC MISC MISC MISC
intesync -- solismed	Intesync Solismed 3.3sp has SQL Injection.	2019-12-12	7.5	CVE-2019-15933 MISC MISC MISC MISC
intesync -- solismed	Intesync Solismed 3.3sp allows Insecure File Upload.	2019-12-12	7.5	CVE-2019-15936 MISC MISC MISC
intesync -- solismed	Intesync Solismed 3.3sp1 allows Local File Inclusion (LFI), a different vulnerability than CVE-2019-15931. This leads to unauthenticated code execution.	2019-12-12	7.5	CVE-2019-16246 MISC MISC MISC
libsixel_project -- libsixel	An issue was discovered in libsixel 1.8.2. There is an integer overflow in the function sixel_encode_body at tosixel.c.	2019-12-08	7.5	CVE-2019-19636 MISC
libsixel_project -- libsixel	An issue was discovered in libsixel 1.8.2. There is a heap-based buffer overflow in the function sixel_decode_raw_impl at fromsixel.c.	2019-12-08	7.5	CVE-2019-19635 MISC
libsixel_project -- libsixel	An issue was discovered in libsixel 1.8.2. There is an integer overflow in the function sixel_decode_raw_impl at fromsixel.c.	2019-12-08	7.5	CVE-2019-19637 MISC
libsixel_project -- libsixel	An issue was discovered in libsixel 1.8.2. There is a heap-based buffer overflow in the function load_pnm at frompnm.c, due to an integer overflow.	2019-12-08	7.5	CVE-2019-19638 MISC
libyang -- libyang	In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of service or possibly gain code execution.	2019-12-06	7.5	CVE-2019-19333 CONFIRM CONFIRM
microsoft -- internet_explorer	A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'.	2019-12-10	7.6	CVE-2019-1485 MISC
microsoft -- multiple_products	A denial of service vulnerability exists in Microsoft Word software when the software fails to properly handle objects in memory, aka 'Microsoft Word Denial of Service Vulnerability'.	2019-12-10	7.1	CVE-2019-1461 MISC
microsoft -- multiple_products	A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka 'Microsoft PowerPoint Remote Code Execution Vulnerability'.	2019-12-10	9.3	CVE-2019-1462 MISC MISC
microsoft -- multiple_windows_products	A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Win32k Graphics Remote Code Execution Vulnerability'.	2019-12-10	9.3	CVE-2019-1468 MISC MISC
microsoft -- multiple_windows_products	An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1483.	2019-12-10	7.2	CVE-2019-1476 MISC MISC
microsoft -- multiple_windows_products	An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.	2019-12-10	7.2	CVE-2019-1458 MISC
microsoft -- windows_10_and_windows_server_2019	An elevation of privilege vulnerability exists when the Windows Printer Service improperly validates file paths while loading printer drivers, aka 'Windows Printer Service Elevation of Privilege Vulnerability'.	2019-12-10	7.2	CVE-2019-1477 MISC
microsoft -- windows_10_and_windows_server_and_windows_server_2019	An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1476.	2019-12-10	7.2	CVE-2019-1483 MISC MISC
microsoft -- windows_7_and_windows_server_2008_and_windows_server_2008_r2	An elevation of privilege vulnerability exists when Windows improperly handles COM object creation, aka 'Windows COM Server Elevation of Privilege Vulnerability'.	2019-12-10	7.2	CVE-2019-1478 MISC
monkey_project -- monkey_http_daemon	Monkey HTTP Daemon: broken user name authentication	2019-12-10	7.5	CVE-2013-2159 MISC MISC MISC MISC
nolio -- ca_release_automation	An unsafe deserialization vulnerability exists in CA Release Automation (Nolio) 6.6 with the DataManagement component that can allow a remote attacker to execute arbitrary code.	2019-12-09	7.5	CVE-2019-19230 MISC FULLDISC BUGTRAQ CONFIRM
octeth -- oempro	Octeth Oempro 4.7 allows SQL injection. The parameter CampaignID in Campaign.Get is vulnerable.	2019-12-12	7.5	CVE-2019-19740 MISC MISC
ovirt -- ovirt_node	oVirt Node: Lock screen accepts F2 to drop to shell causing privilege escalation	2019-12-10	7.2	CVE-2013-0293 MISC MISC MISC MISC MISC
qualcomm -- multiple_snapdragon_products	Possibility of memory overflow while decoding GSNDCP compressed mode PDU in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130	2019-12-12	10	CVE-2019-10511 CONFIRM
qualcomm -- multiple_snapdragon_products	Out of bound write in TZ while copying the secure dump structure on HLOS provided buffer as a part of memory dump in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8976, MSM8996, MSM8996AU, MSM8998, QCA8081, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, Snapdragon_High_Med_2016, SXR1130	2019-12-12	7.2	CVE-2019-2288 CONFIRM
qualcomm -- multiple_snapdragon_products	Incorrect length used while validating the qsee log buffer sent from HLOS which could then lead to remap conflict in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ4019, IPQ8074, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, QCA8081, QCS404, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SM6150, SM7150, SM8150, Snapdragon_High_Med_2016, SXR1130, SXR2130	2019-12-12	7.2	CVE-2019-2321 CONFIRM
qualcomm -- multiple_snapdragon_products	Infinite loop while decoding compressed data can lead to overrun condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130	2019-12-12	7.8	CVE-2019-10485 CONFIRM
qualcomm -- multiple_snapdragon_products	While Skipping unknown IES, EMM is reading the buffer even if the no of bytes to read are more than message length which may cause device to shutdown in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130	2019-12-12	7.8	CVE-2019-2337 CONFIRM
qualcomm -- multiple_snapdragon_products	Accessing data buffer beyond the available data while parsing ogg clip can lead to null-pointer dereference and then memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8939, MSM8953, MSM8996, MSM8996AU, Nicobar, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130	2019-12-12	7.5	CVE-2019-10559 CONFIRM
qualcomm -- multiple_snapdragon_products	Position determination accuracy may be degraded due to wrongly decoded information in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130	2019-12-12	10	CVE-2019-10493 CONFIRM
qualcomm -- multiple_snapdragon_products	Possible out of bounds write in a MT SMS/SS scenario due to improper validation of array index in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130	2019-12-12	10	CVE-2019-2320 CONFIRM
sitevision -- sitevision	SiteVision 4 allows Remote Code Execution.	2019-12-06	9	CVE-2019-12733 MISC FULLDISC FULLDISC MISC MISC MISC
sqlite -- sqlite	SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash.	2019-12-09	7.5	CVE-2019-19603 MISC MISC
symantec -- messaging_gateway	Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a server-side request forgery (SSRF) exploit, which is a type of issue that can let an attacker send crafted requests from the backend server of a vulnerable web application or access services available through the loopback interface.	2019-12-11	7.5	CVE-2019-18379 MISC
sysstat_project -- sysstat	sysstat through 12.2.0 has a double free in check_file_actlst in sa_common.c.	2019-12-11	7.5	CVE-2019-19725 MISC
trend_micro -- security_2020	Trend Micro Security (Consumer) 2020 (v16.x) is affected by a vulnerability in where null pointer dereference errors result in the crash of application, which could potentially lead to possible unsigned code execution under certain circumstances.	2019-12-09	7.5	CVE-2019-18190 MISC
weidmueller -- multiple_devices	An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. The Authentication mechanism has no brute-force prevention.	2019-12-06	7.5	CVE-2019-16670 MISC MISC MISC MISC
zoho_manageengine -- applications_manager	Zoho ManageEngine Applications Manager before 13620 allows a remote unauthenticated SQL injection via the SyncEventServlet eventid parameter to the SyncEventServlet.java doGet function.	2019-12-11	7.5	CVE-2019-19649 CONFIRM

Medium Vulnerabilities

Primary Vendor -- Product	Description	Published	CVSS Score	Source & Patch Info
accentis -- content_resource_management_system	Cross-site scripting (XSS) vulnerability in Accentis Content Resource Management System before October 2015 patch allows remote attackers to inject arbitrary web script or HTML via the ctl00$cph_content$_uig_formState parameter.	2019-12-09	4.3	CVE-2015-3425 MISC
accentis -- content_resource_management_system	SQL injection vulnerability in Accentis Content Resource Management System before the October 2015 patch allows remote attackers to execute arbitrary SQL commands via the SIDX parameter.	2019-12-09	6.5	CVE-2015-3424 MISC
atasm -- atasm	ATasm 1.06 has a stack-based buffer overflow in the parse_expr() function in setparse.c via a crafted .m65 file.	2019-12-13	6.8	CVE-2019-19786 MISC
atasm -- atasm	ATasm 1.06 has a stack-based buffer overflow in the get_signed_expression() function in setparse.c via a crafted .m65 file.	2019-12-13	6.8	CVE-2019-19787 MISC
atasm -- atasm	ATasm 1.06 has a stack-based buffer overflow in the to_comma() function in asm.c via a crafted .m65 file.	2019-12-13	6.8	CVE-2019-19785 MISC
atlassian -- fisheye_and_crucible	The /json/profile/removeStarAjax.do resource in Atlassian Fisheye and Crucible before version 4.8.0 allows remote attackers to remove another user's favourite setting for a project via an improper authorization vulnerability.	2019-12-11	4	CVE-2019-15009 MISC MISC
atlassian -- fisheye_and_crucible	The /plugins/servlet/branchreview resource in Atlassian Fisheye and Crucible before version 4.7.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the reviewedBranch parameter.	2019-12-11	4.3	CVE-2019-15008 MISC MISC
atlassian -- jira	The Work Time Calendar app before 4.7.1 for Jira allows XSS.	2019-12-12	4.3	CVE-2019-19748 MISC
audible -- audible	The Audible application through 2.34.0 for Android has Missing SSL Certificate Validation for Adobe SDKs, allowing MITM attackers to cause a denial of service.	2019-12-06	4.3	CVE-2019-11554 MISC
cacti -- cacti	Cacti through 1.2.7 is affected by multiple instances of lib/functions.php unsafe deserialization of user-controlled data to populate arrays. An authenticated attacker could use this to influence object data values and control actions taken by Cacti or potentially cause memory corruption in the PHP module.	2019-12-12	5.5	CVE-2019-17358 MISC MISC MISC MISC MISC MISC MISC
commenthol -- serialize-to-js	The serialize-to-js NPM package before version 3.0.1 is vulnerable to Cross-site Scripting (XSS). It does not properly mitigate against unsafe characters in serialized regular expressions. This vulnerability is not affected on Node.js environment since Node.js's implementation of RegExp.prototype.toString() backslash-escapes all forward slashes in regular expressions. If serialized data of regular expression objects are used in an environment other than Node.js, it is affected by this vulnerability.	2019-12-07	4.3	CVE-2019-16772 MISC CONFIRM
davical -- davical	A reflected XSS issue was discovered in DAViCal through 1.1.8. It echoes the action parameter without encoding. If a user visits an attacker-supplied link, the attacker can view all data the attacked user can view, as well as perform all actions in the name of the user. If the user is an administrator, the attacker can for example add a new admin user to gain full access to the application.	2019-12-12	4.3	CVE-2019-18345 MISC MISC MISC MLIST MISC MISC DEBIAN
documize -- documize	domain/section/markdown/markdown.go in Documize before 3.5.1 mishandles untrusted Markdown content. This was addressed by adding the bluemonday HTML sanitizer to defend against XSS.	2019-12-06	4.3	CVE-2019-19619 MISC MISC MISC
gnome -- libxslt	Type confusion in xsltNumberFormatGetMultipleLevel prior to libxslt 1.1.33 could allow attackers to potentially exploit heap corruption via crafted XML data.	2019-12-11	5	CVE-2019-5815 MISC MISC
gnome -- orca	Orca has arbitrary code execution due to insecure Python module load	2019-12-11	4.4	CVE-2013-4245 MISC MISC MISC MISC
google -- android	When pairing with a Bluetooth device, it may be possible to pair a malicious device without any confirmation from the user, and that device may be able to interact with the phone. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-110433804	2019-12-06	5.8	CVE-2019-2225 MISC
google -- android	In array_find of array.c, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to local information disclosure in the printer spooler with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-111210196	2019-12-06	4.9	CVE-2019-2228 MISC
google -- android	In checkOperation of AppOpsService.java, there is a possible bypass of user interaction requirements due to mishandling application suspend. This could lead to local information disclosure no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-138636979	2019-12-06	4.9	CVE-2019-2220 MISC
google -- android	In various functions of RecentLocationApps.java, DevicePolicyManagerService.java, and RecognitionService.java, there is an incorrect warning indicating an app accessed the user's location. This could dissolve the trust in the platform's permission system, with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141028068	2019-12-06	4.3	CVE-2019-9464 MISC
google -- android	In ihevcd_ref_list of ihevcd_ref_list.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-140692129	2019-12-06	6.8	CVE-2019-2223 MISC
google -- android	In device_class_to_int of device_class.cc, there is a possible out of bounds read due to improper casting. This could lead to local information disclosure in the Bluetooth server with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-140152619	2019-12-06	4.9	CVE-2019-2226 MISC
google -- android	n ihevcd_parse_slice_data of ihevcd_parse_slice.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-140322595	2019-12-06	6.8	CVE-2019-2222 MISC
google -- android	In nfcManager_routeAid and nfcManager_unrouteAid of NativeNfcManager.cpp, there is possible memory reuse due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141170038	2019-12-06	5	CVE-2019-2230 MISC
google -- android	In hasActivityInVisibleTask of WindowProcessController.java there?s a possible bypass of user interaction requirements due to incorrect handling of top activities in INITIALIZING state. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-138583650	2019-12-06	4.6	CVE-2019-2221 MISC
google -- android	In System UI, there is a possible bypass of user's consent for access to sensor data due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-119041698	2019-12-06	4.7	CVE-2019-2219 MISC
google -- chrome	Use-after-free in WebAudio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2019-12-10	6.8	CVE-2019-13732 MISC MISC
google -- chrome	Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a crafted HTML page.	2019-12-10	4.3	CVE-2019-13750 MISC MISC
google -- chrome	Insufficient validation of untrusted input in Blink in Google Chrome prior to 79.0.3945.79 allowed a local attacker to bypass same origin policy via crafted clipboard content.	2019-12-10	6.8	CVE-2019-13741 MISC MISC
google -- chrome	Incorrect security UI in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page on iOS.	2019-12-10	4.3	CVE-2019-13672 MISC MISC
google -- chrome	Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2019-12-10	6.8	CVE-2019-13764 MISC MISC
google -- chrome	Use-after-free in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2019-12-10	6.8	CVE-2019-13729 MISC MISC
google -- chrome	Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.	2019-12-10	4.3	CVE-2019-13754 MISC MISC
google -- chrome	Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.	2019-12-10	4.3	CVE-2019-13753 MISC MISC
google -- chrome	Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.	2019-12-10	4.3	CVE-2019-13751 MISC MISC
google -- chrome	Use-after-free in Bluetooth in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.	2019-12-10	6.8	CVE-2019-13725 MISC MISC
google -- chrome	Out of bounds memory access in JavaScript in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2019-12-10	6.8	CVE-2019-5841 MISC MISC
google -- chrome	Out of bounds memory access in JavaScript in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2019-12-10	6.8	CVE-2019-5843 MISC MISC
google -- chrome	Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2019-12-10	6.8	CVE-2019-13728 MISC MISC
google -- chrome	Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.	2019-12-10	6.8	CVE-2019-13735 MISC MISC
google -- chrome	Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2019-12-10	6.8	CVE-2019-13734 MISC MISC
google -- chrome	Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass same origin policy via a crafted HTML page.	2019-12-10	6.8	CVE-2019-13727 MISC MISC
google -- chrome	Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.	2019-12-10	4.3	CVE-2019-13749 MISC MISC
google -- chrome	Uninitialized data in rendering in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2019-12-10	6.8	CVE-2019-13747 MISC MISC
google -- chrome	Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	2019-12-10	6.8	CVE-2019-13730 MISC MISC
google -- chrome	Integer overflow in PDFium in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.	2019-12-10	6.8	CVE-2019-13736 MISC MISC
google -- chrome	Insufficient policy enforcement in developer tools in Google Chrome prior to 79.0.3945.79 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted HTML page.	2019-12-10	4.3	CVE-2019-13748 MISC MISC
google -- chrome	Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.	2019-12-10	4.3	CVE-2019-13746 MISC MISC
google -- chrome	Incorrect security UI in sharing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.	2019-12-10	4.3	CVE-2019-13740 MISC MISC
google -- chrome	Insufficient policy enforcement in audio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.	2019-12-10	4.3	CVE-2019-13745 MISC MISC
google -- chrome	Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.	2019-12-10	4.3	CVE-2019-13761 MISC MISC
google -- chrome	Buffer overflow in password manager in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.	2019-12-10	6.8	CVE-2019-13726 MISC MISC
google -- chrome	Incorrect security UI in interstitials in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.	2019-12-10	4.3	CVE-2019-13759 MISC MISC
google -- chrome	Insufficient policy enforcement in navigation in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.	2019-12-10	4.3	CVE-2019-13758 MISC MISC
google -- chrome	Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.	2019-12-10	4.3	CVE-2019-13757 MISC MISC
google -- chrome	Incorrect security UI in external protocol handling in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof security UI via a crafted HTML page.	2019-12-10	4.3	CVE-2019-13743 MISC MISC
google -- chrome	Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.	2019-12-10	4.3	CVE-2019-13739 MISC MISC
google -- chrome	Incorrect security UI in printing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.	2019-12-10	4.3	CVE-2019-13756 MISC MISC
google -- chrome	Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.	2019-12-10	4.3	CVE-2019-13752 MISC MISC
google -- chrome	Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.	2019-12-10	4.3	CVE-2019-13742 MISC MISC
google -- chrome	Insufficient policy enforcement in cookies in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.	2019-12-10	4.3	CVE-2019-13744 MISC MISC
google -- chrome	Insufficient policy enforcement in payments in Google Chrome prior to 79.0.3945.79 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.	2019-12-10	4.3	CVE-2019-13763 MISC MISC
google -- chrome	Insufficient policy enforcement in autocomplete in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.	2019-12-10	4.3	CVE-2019-13737 MISC MISC
google -- chrome	Insufficient policy enforcement in navigation in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass site isolation via a crafted HTML page.	2019-12-10	4.3	CVE-2019-13738 MISC MISC
google -- chrome	Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to disable extensions via a crafted HTML page.	2019-12-10	4.3	CVE-2019-13755 MISC MISC
htmldoc -- htmldoc	HTMLDOC 1.9.7 allows a stack-based buffer overflow in the hd_strlcpy() function in string.c (when called from render_contents in ps-pdf.cxx) via a crafted HTML document.	2019-12-08	6.8	CVE-2019-19630 MISC MLIST
ibm -- cloud_pak_system	IBM Cloud Pak System 2.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 158015.	2019-12-10	4.3	CVE-2019-4095 XF CONFIRM
ibm -- planning_analytics	IBM Planning Analytics 2.0 is vulnerable to malicious file upload in the My Account Portal. Attackers can make use of this weakness and upload malicious executable files into the system and it can be sent to victim for performing further attacks. IBM X-Force ID: 168523.	2019-12-09	6.5	CVE-2019-4612 XF CONFIRM
ibm -- smartcloud_analytics	IBM SmartCloud Analytics 1.3.1 through 1.3.5 could allow a remote attacker to gain unauthorized information and unrestricted control over Zookeeper installations due to missing authentication. IBM X-Force ID: 159518.	2019-12-10	6.4	CVE-2019-4244 XF CONFIRM
intesync -- solismed	Intesync Solismed 3.3sp has CSRF.	2019-12-12	6.8	CVE-2019-15934 MISC MISC MISC MISC
intesync -- solismed	Intesync Solismed 3.3sp allows Clickjacking.	2019-12-12	4.3	CVE-2019-15930 MISC MISC MISC MISC
intesync -- solismed	Intesync Solismed 3.3sp has XSS.	2019-12-12	4.3	CVE-2019-15935 MISC MISC MISC MISC
intesync -- solismed	An issue was discovered in Intesync Solismed 3.3sp1. An flaw in the encryption implementation exists, allowing for all encrypted data stored within the database to be decrypted.	2019-12-12	4.3	CVE-2019-17428 MISC MISC MISC
katello -- katello	Katello has a Denial of Service vulnerability in API OAuth authentication	2019-12-10	5	CVE-2013-4120 MISC MISC
ktor -- ktor	In Ktor through 1.2.6, the client resends data from the HTTP Authorization header to a redirect location.	2019-12-10	5.8	CVE-2019-19703 MISC
libcapsinetwork_and_monopd -- libcapsinetwork_and_monopd	Off-by-one error in the readBuf function in listener.cpp in libcapsinetwork and monopd before 0.9.8, allows remote attackers to cause a denial of service (crash) via a long line.	2019-12-09	5	CVE-2015-0841 MISC MISC MISC MISC
linux -- linux_kernel	In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c.	2019-12-08	6.8	CVE-2019-19447 MISC
linux -- linux_kernel	In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer to a left data structure can be the same as the pointer to a right data structure.	2019-12-08	6.8	CVE-2019-19448 MISC
linux -- linux_kernel	In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated).	2019-12-08	6.8	CVE-2019-19449 MISC
marc-q -- libwav	marc-q libwav through 2017-04-20 has a NULL pointer dereference in wav_content_read() at libwav.c.	2019-12-10	4.3	CVE-2019-19698 MISC MISC
mediawiki -- mediawiki	The VisualEditor extension through 1.34 for MediaWiki allows XSS via pasted content containing an element with a data-ve-clipboard-key attribute.	2019-12-11	4.3	CVE-2019-19708 MISC MISC
microsoft -- authentication_library_for_android	An information disclosure vulnerability in Android Apps using Microsoft Authentication Library (MSAL) 0.3.1-Alpha or later exists under specific conditions, aka 'Microsoft Authentication Library for Android Information Disclosure Vulnerability'.	2019-12-10	4	CVE-2019-1487 MISC
microsoft -- multiple_excel_and_office_products	An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.	2019-12-10	4.3	CVE-2019-1464 MISC
microsoft -- multiple_windows_products	A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'.	2019-12-10	5	CVE-2019-1453 MISC
microsoft -- multiple_windows_products	An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Information Disclosure Vulnerability'.	2019-12-10	4	CVE-2019-1470 MISC
microsoft -- multiple_windows_products	An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1465, CVE-2019-1466.	2019-12-10	4.3	CVE-2019-1467 MISC
microsoft -- multiple_windows_products	An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1466, CVE-2019-1467.	2019-12-10	4.3	CVE-2019-1465 MISC MISC
microsoft -- multiple_windows_products	A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input, aka 'Windows OLE Remote Code Execution Vulnerability'.	2019-12-10	6.8	CVE-2019-1484 MISC
microsoft -- multiple_windows_products	An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1465, CVE-2019-1467.	2019-12-10	4.3	CVE-2019-1466 MISC MISC
microsoft -- power_bi_report_server_and_sql_server _ 2017_ reporting _ services _and_sql_server _ 2019_ reporting _ services	A cross-site scripting (XSS) vulnerability exists when Microsoft SQL Server Reporting Services (SSRS) does not properly sanitize a specially-crafted web request to an affected SSRS server, aka 'Microsoft SQL Server Reporting Services XSS Vulnerability'.	2019-12-10	4.3	CVE-2019-1332 MISC
microsoft -- windows_10_and_windows_server_and_windows_server_2019	A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'.	2019-12-10	6.5	CVE-2019-1471 MISC
microsoft -- windows_7	An information disclosure vulnerability exists in Windows Media Player when it fails to properly handle objects in memory, aka 'Windows Media Player Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1481.	2019-12-10	4.3	CVE-2019-1480 MISC MISC
microsoft -- windows_7	An information disclosure vulnerability exists in Windows Media Player when it fails to properly handle objects in memory, aka 'Windows Media Player Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1480.	2019-12-10	4.3	CVE-2019-1481 MISC MISC
microsoft -- windows_xp_service	An information disclosure vulnerability exists when the Windows Remote Desktop Protocol (RDP) fails to properly handle objects in memory, aka 'Remote Desktop Protocol Information Disclosure Vulnerability'.	2019-12-10	5	CVE-2019-1489 MISC
mozilla -- firefox	Mozilla Firefox 20.0a1 and earlier allows remote attackers to cause a denial of service (crash), related to event handling with frames.	2019-12-10	4.3	CVE-2013-1689 CONFIRM MISC
nopcommerce -- nopcommerce	nopCommerce v4.2.0 allows privilege escalation via file upload in Presentation/Nop.Web/Admin/Areas/Controllers/PluginController.cs via Admin/FacebookAuthentication/Configure because it is possible to upload a crafted Facebook Auth plugin.	2019-12-09	6.5	CVE-2019-19684 MISC
openstack -- openstack-utils	openstack-utils openstack-db has insecure password creation	2019-12-10	5	CVE-2013-1793 MISC MISC
puppet -- puppet_enterprise	Puppet Enterprise before 3.0.1 allows remote attackers to (1) conduct clickjacking attacks via unspecified vectors related to the console, and (2) conduct cross-site scripting (XSS) attacks via unspecified vectors related to "live management."	2019-12-11	4.3	CVE-2013-4968 MISC
pyradius -- pyrad	The CreateID function in packet.py in pyrad before 2.1 uses sequential packet IDs, which makes it easier for remote attackers to spoof packets by predicting the next ID, a different vulnerability than CVE-2013-0294.	2019-12-09	4.3	CVE-2013-0342 MISC MISC MISC MISC MISC MISC CONFIRM
qualcomm -- multiple_snapdragon_products	Out of bound read would occur while trying to read action category and action ID without validating the action length of the Rx Frame body in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS605, SDA660, SDA845, SDM450, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM8150	2019-12-12	5	CVE-2019-2310 CONFIRM
qualcomm -- multiple_snapdragon_products	Race condition between the camera functions due to lack of resource lock which will lead to memory corruption and UAF issue in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150	2019-12-12	4.4	CVE-2019-10494 CONFIRM
qualcomm -- multiple_snapdragon_products	Buffer overflow can occur due to usage of wrong datatype and missing length check before copying into buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150	2019-12-12	4.6	CVE-2019-10555 CONFIRM
qualcomm -- multiple_snapdragon_products	An unprivileged application can allocate GPU memory by calling memory allocation ioctl function and can exhaust all the memory which results in out of memory in Snapdragon Mobile, Snapdragon Voice & Music in QCS405, SD 210/SD 212/SD 205, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / SD 850, SD 855	2019-12-12	4.9	CVE-2019-10520 CONFIRM
qualcomm -- multiple_snapdragon_products	HLOS could corrupt CPZ page table memory for S1 managed VMs in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, QCS605, SDA845, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130, SXR2130	2019-12-12	4.6	CVE-2019-2319 CONFIRM
qualcomm -- multiple_snapdragon_products	Possible integer overflow while multiplying two integers of 32 bit in QDCM API of get display modes as there is no check on the maximum mode count in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130	2019-12-12	4.6	CVE-2019-10592 CONFIRM
qualcomm -- multiple_snapdragon_products	Lack of check of data truncation on user supplied data in kernel leads to buffer overflow in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24	2019-12-12	4.6	CVE-2019-10530 CONFIRM
qualcomm -- multiple_snapdragon_products	Snapshot of IB can lead to invalid address access due to missing check for size in the related function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, Nicobar, QCN7605, QCS405, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR2130	2019-12-12	4.6	CVE-2019-10571 CONFIRM
radare -- radare2	radare2 through 4.0.0 lacks validation of the content variable in the function r_asm_pseudo_incbin at libr/asm/asm.c, ultimately leading to an arbitrary write. This allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted input.	2019-12-09	6.8	CVE-2019-19647 MISC
red_hat -- jboss_enterprise_application_platform_and_jboss_portal_platform	JBossWeb Bayeux has reflected XSS	2019-12-11	4.3	CVE-2013-6495 MISC MISC
red_hat -- jboss_keycloak	JBoss KeyCloak: XSS in login-status-iframe.html	2019-12-10	4.3	CVE-2014-3656 MISC MISC
red_hat -- subscription_asset_manager	katello-headpin is vulnerable to CSRF in REST API	2019-12-11	4.3	CVE-2014-0026 MISC MISC
ros -- sros	SROS 2 0.8.1 (after CVE-2019-19625 is mitigated) leaks ROS 2 node-related information regardless of the rtps_protection_kind configuration. (SROS2 provides the tools to generate and distribute keys for Robot Operating System 2 and uses the underlying security plugins of DDS from ROS 2.)	2019-12-06	5	CVE-2019-19627 MISC MISC MISC MISC MISC
ros -- sros	SROS 2 0.8.1 (which provides the tools that generate and distribute keys for Robot Operating System 2 and uses the underlying security plugins of DDS from ROS 2) leaks node information due to a leaky default configuration as indicated in the policy/defaults/dds/governance.xml document.	2019-12-06	5	CVE-2019-19625 MISC MISC
samsung -- s6_edge	Stack-based buffer overflow in the m2m1shot_compat_ioctl32 function in the Samsung m2m1shot driver framework, as used in Samsung S6 Edge, allows local users to have unspecified impact via a large data.buf_out.num_planes value in an ioctl call.	2019-12-09	4.6	CVE-2015-7892 MISC MISC MISC
sitevision -- sitevision	SiteVision 4 has Incorrect Access Control.	2019-12-06	6.5	CVE-2019-12734 MISC FULLDISC FULLDISC MISC MISC MISC
symantec -- messaging_gateway	Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.	2019-12-11	6.5	CVE-2019-18377 MISC
tableau -- tableau_server	Tableau Server 10.3 through 2019.4 on Windows and Linux allows XSS via the embeddedAuthRedirect page.	2019-12-11	4.3	CVE-2019-19719 MISC
weidmueller -- multiple_devices	An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. Passwords are stored in cleartext and can be read by anyone with access to the device.	2019-12-06	4	CVE-2019-16673 MISC MISC CONFIRM MISC
weidmueller -- multiple_devices	An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. Sensitive Credentials data is transmitted in cleartext.	2019-12-06	5	CVE-2019-16672 MISC MISC CONFIRM MISC
weidmueller -- multiple_devices	An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. Authentication Information used in a cookie is predictable and can lead to admin password compromise when captured on the network.	2019-12-06	5	CVE-2019-16674 MISC MISC CONFIRM MISC
weidmueller -- multiple_devices	An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. Remote authenticated users can crash a device with a special packet because of Uncontrolled Resource Consumption.	2019-12-06	6.8	CVE-2019-16671 MISC MISC CONFIRM MISC
xfig_project -- fig2dev	make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type.	2019-12-12	4.3	CVE-2019-19746 MISC
zoho_manageengine -- applications_manager	Zoho ManageEngine Applications Manager before 13640 allows a remote authenticated SQL injection via the Agent servlet agentid parameter to the Agent.java process function.	2019-12-11	6.5	CVE-2019-19650 CONFIRM

Low Vulnerabilities

Primary Vendor -- Product	Description	Published	CVSS Score	Source & Patch Info
atlassian -- fisheye_and_crucible	The review resource in Atlassian Fisheye and Crucible before version 4.7.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the name of a missing branch.	2019-12-11	3.5	CVE-2019-15007 MISC MISC
atlassian -- jira	In "Xray Test Management for Jira" prior to version 3.5.5, remote authenticated attackers can cause XSS in the generic field entry point via the Generic Test Definition field of a new Generic Test issue.	2019-12-09	3.5	CVE-2019-19678 MISC
atlassian -- jira	In "Xray Test Management for Jira" prior to version 3.5.5, remote authenticated attackers can cause XSS in the Pre-Condition Summary entry point via the summary field of a Create Pre-Condition action for a new Test Issue.	2019-12-09	3.5	CVE-2019-19679 MISC
cloud_foundry -- uaa_release	Cloud Foundry UAA Release, versions prior to v74.10.0, when set to logging level DEBUG, logs client_secret credentials when sent as a query parameter. A remote authenticated malicious user could gain access to user credentials via the uaa.log file if authentication is provided via query parameters.	2019-12-06	3.5	CVE-2019-11293 CONFIRM
google -- android	In updateWidget of BaseWidgetProvider.java, there is a possible leak of user data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-139803872	2019-12-06	2.1	CVE-2019-2229 MISC
google -- android	In DeepCopy of btif_av.cc, there is a possible out of bounds read due to improper casting. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-140768453	2019-12-06	3.3	CVE-2019-2227 MISC
google -- android	In Blob::Blob of blob.cpp, there is a possible unencrypted master key due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-141955555	2019-12-06	2.1	CVE-2019-2231 MISC
google -- chrome	Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 79.0.3945.79 allowed a local attacker to spoof downloaded files via local code.	2019-12-10	2.1	CVE-2019-13762 MISC MISC
ibm -- planning_analytics	IBM Planning Analytics 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 168519.	2019-12-09	3.5	CVE-2019-4611 XF CONFIRM
ibm -- spectrum_scale	IBM Spectrum Scale 4.2 and 5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 171247.	2019-12-11	3.5	CVE-2019-4665 XF CONFIRM
ibm -- watson_assistant	IBM Watson Assistant for IBM Cloud Pak for Data 1.0.0 through 1.3.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 162807.	2019-12-09	3.5	CVE-2019-4428 XF CONFIRM
ibm -- websphere_application_server	IBM WebSphere Application Server - Liberty is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 171245.	2019-12-10	3.5	CVE-2019-4663 XF CONFIRM
microsoft -- multiple_office_products	An information disclosure vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory, aka 'Microsoft Access Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1463.	2019-12-10	2.1	CVE-2019-1400 MISC
microsoft -- multiple_office_products	An information disclosure vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory, aka 'Microsoft Access Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1400.	2019-12-10	2.1	CVE-2019-1463 MISC
microsoft -- multiple_windows_products	An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1472.	2019-12-10	2.1	CVE-2019-1474 MISC
microsoft -- multiple_windows_products	An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1474.	2019-12-10	2.1	CVE-2019-1472 MISC
microsoft -- multiple_windows_products	A security feature bypass vulnerability exists when Microsoft Defender improperly handles specific buffers, aka 'Microsoft Defender Security Feature Bypass Vulnerability'.	2019-12-10	2.1	CVE-2019-1488 MISC
microsoft -- multiple_windows_products	An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.	2019-12-10	2.1	CVE-2019-1469 MISC
microsoft -- skype_for_business_server	A spoofing vulnerability exists when a Skype for Business Server does not properly sanitize a specially crafted request, aka 'Skype for Business Server Spoofing Vulnerability'.	2019-12-10	3.5	CVE-2019-1490 MISC
monkey_project -- monkey_http_daemon	Monkey HTTP Daemon has local security bypass	2019-12-10	3.6	CVE-2013-2183 MISC MISC MISC MISC
nopcommerce -- nopcommerce	nopCommerce through 4.20 allows XSS in the SaveStoreMappings of the components \Presentation\Nop.Web\Areas\Admin\Controllers\NewsController.cs and \Presentation\Nop.Web\Areas\Admin\Controllers\BlogController.cs via Body or Full to Admin/News/NewsItemEdit/[id] Admin/Blog/BlogPostEdit/[id]. NOTE: the vendor reportedly considers this a "feature" because the affected components are an HTML content editor.	2019-12-09	3.5	CVE-2019-19682 MISC
qualcomm -- multiple_snapdragon_products	Use after free issue occurs when command destructors access dynamically allocated response buffer which is already deallocated during previous command teardwon sequence in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8098, MSM8909W, Nicobar, QCS405, QCS605, SDA845, SDM660, SDM670, SDM710, SDM845, SDX24, SM6150, SM7150, SM8150, SM8250, SXR2130	2019-12-12	2.1	CVE-2019-10484 CONFIRM
qualcomm -- multiple_snapdragon_products	Null pointer dereference issue in kernel due to missing check related to LLC support in GPU in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music in QCS605, SDM670, SDM710, SM6150, SM7150, SM8150	2019-12-12	2.1	CVE-2019-10545 CONFIRM
qualcomm -- multiple_snapdragon_products	Crafted image that has a valid signature from a non-QC entity can be loaded which can read/write memory that belongs to the secure world in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, MSM8998, QCS404, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SM6150, SM7150, SM8150, SXR1130, SXR2130	2019-12-12	3.6	CVE-2019-2338 CONFIRM
sangoma -- freepbx	In userman 13.0.76.43 through 15.0.20 in Sangoma FreePBX, XSS exists in the User Management screen of the Administrator web site. An attacker with access to the User Control Panel application can submit malicious values in some of the time/date formatting and time-zone fields. These fields are not being properly sanitized. If this is done and a user (such as an admin) visits the User Management screen and views that user's profile, the XSS payload will render and execute in the context of the victim user's account.	2019-12-06	3.5	CVE-2019-19551 CONFIRM
sangoma -- freepbx	In userman 13.0.76.43 through 15.0.20 in Sangoma FreePBX, XSS exists in the user management screen of the Administrator web site, i.e., the/admin/config.php?display=userman URI. An attacker with sufficient privileges can edit the Display Name of a user and embed malicious XSS code. When another user (such as an admin) visits the main User Management screen, the XSS payload will render and execute in the context of the victim user's account.	2019-12-06	3.5	CVE-2019-19552 MISC
sap -- adaptive_server_enterprise	SAP Adaptive Server Enterprise, before versions 15.7 and 16.0, under certain conditions exposes some sensitive information to the admin, leading to Information Disclosure.	2019-12-11	2.1	CVE-2019-0402 CONFIRM CONFIRM
symantec -- messaging_gateway	Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to potentially bypass access controls such as the same-origin policy.	2019-12-11	3.5	CVE-2019-18378 MISC
wordpress -- wordpress	The Scoutnet Kalender plugin 1.1.0 for WordPress allows XSS.	2019-12-12	3.5	CVE-2019-19198 MISC MISC MISC

Severity Not Yet Assigned

Primary Vendor -- Product	Description	Published	CVSS Score	Source & Patch Info
advantech -- webaccess	Advantech WebAccess before 8.4.3 allows unauthenticated remote attackers to execute arbitrary code or cause a denial of service (memory corruption) due to a stack-based buffer overflow when handling IOCTL 70533 RPC messages.	2019-12-12	not yet calculated	CVE-2019-3951 MISC
airlive -- poe-2600hd_devices	AirLive POE-2600HD allows remote attackers to cause a denial of service (device reset) via a long URL.	2019-12-11	not yet calculated	CVE-2013-3691 MISC MISC
apache -- mod_wsgi	mod_wsgi module before 3.4 for Apache, when used in embedded mode, might allow remote attackers to obtain sensitive information via the Content-Type header which is generated from memory that may have been freed and then overwritten by a separate thread.	2019-12-09	not yet calculated	CVE-2014-0242 MISC MISC MISC MISC
apache -- qpid-cpp	qpid-cpp: ACL policies only loaded if the acl-file option specified enabling DoS by consuming all available file descriptors	2019-12-13	not yet calculated	CVE-2014-0212 MISC MISC MISC
apache -- spamassassin	In Apache SpamAssassin before 3.4.3, nefarious CF files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA 3.4.3, we recommend that users should only use update channels or 3rd party .cf files from trusted places.	2019-12-12	not yet calculated	CVE-2018-11805 MLIST CONFIRM MLIST MLIST MLIST MLIST MISC CONFIRM DEBIAN
apache -- spamassassin	In Apache SpamAssassin before 3.4.3, a message can be crafted in a way to use excessive resources. Upgrading to SA 3.4.3 as soon as possible is the recommended fix but details will not be shared publicly.	2019-12-12	not yet calculated	CVE-2019-12420 MLIST MISC MLIST MLIST MLIST MLIST CONFIRM DEBIAN
apple -- safari	A freed memory access vulnerability exists in the SVG Marker Element feature of Apple Safari's WebKit version 13.0.2. A specially crafted HTML web page can cause a use after free, resulting in memory corruption and possibly arbitrary code execution. To trigger this vulnerability, a specifically crafted HTML web page needs to be opened in the browser.	2019-12-12	not yet calculated	CVE-2019-5144 MISC
atlassian -- multiple_products	An issue was discovered in the SAML Single Sign On (SSO) plugin for several Atlassian products affecting versions 3.1.0 through 3.2.2 for Jira and Confluence, versions 2.4.0 through 3.0.3 for Bitbucket, and versions 2.4.0 through 2.5.2 for Bamboo. It allows locally disabled users to reactivate their accounts just by browsing the affected Jira/Confluence/Bitbucket/Bamboo instance, even when the applicable configuration option of the plugin has been disabled ("Reactivate inactive users"). Exploiting this vulnerability requires an attacker to be authorized by the identity provider and requires that the plugin's configuration option "User Update Method" have the "Update from SAML Attributes" value.	2019-12-13	not yet calculated	CVE-2019-13347 MISC MISC
avaya -- ip_office_application_server	A Cross-Site Scripting (XSS) vulnerability in the WebUI component of IP Office Application Server could allow unauthorized code execution and potentially disclose sensitive information. All product versions 11.x are affected. Product versions prior to 11.0, including unsupported versions, were not evaluated.	2019-12-12	not yet calculated	CVE-2019-7004 CONFIRM
bitwarden -- server	The Bitwarden server through 1.32.0 has a potentially unwanted KDF.	2019-12-12	not yet calculated	CVE-2019-19766 MISC MISC
bson-objectid -- bson-objectid	An issue was discovered in the BSON ObjectID (aka bson-objectid) package 1.3.0 for Node.js. ObjectID() allows an attacker to generate a malformed objectid by inserting an additional property to the user-input, because bson-objectid will return early if it detects _bsontype==ObjectID in the user-input object. As a result, objects in arbitrary forms can bypass formatting if they have a valid bsontype.	2019-12-11	not yet calculated	CVE-2019-19729 MISC MISC
chrony -- chrony	chrony before 1.31.1 does not properly protect state variables in authenticated symmetric NTP associations, which allows remote attackers with knowledge of NTP peering to cause a denial of service (inability to synchronize) via random timestamps in crafted NTP data packets.	2019-12-09	not yet calculated	CVE-2015-1853 MISC MISC
coredns -- coredns	The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries.	2019-12-13	not yet calculated	CVE-2019-19794 MISC MISC MISC MISC
cyxtera -- appgate_sdp_client	In Cyxtera AppGate SDP Client 4.1.x through 4.3.x before 4.3.2 on Windows, a local or remote user from the same domain can gain privileges.	2019-12-13	not yet calculated	CVE-2019-19793 MISC
data-uuid -- data-uuid	Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks	2019-12-10	not yet calculated	CVE-2013-4184 MISC MISC MISC MISC MISC MISC MISC
dbd-pgpp -- dbd-pgpp	SQL injection vulnerability in DBD::PgPP 0.05 and earlier	2019-12-11	not yet calculated	CVE-2014-7257 MISC MISC
dovecot -- dovecot	In Dovecot before 2.3.9.2, an attacker can crash a push-notification driver with a crafted email when push notifications are used, because of a NULL Pointer Dereference. The email must use a group address as either the sender or the recipient.	2019-12-13	not yet calculated	CVE-2019-19722 CONFIRM CONFIRM CONFIRM CONFIRM
duplicity -- duplicity	duplicity 0.6.24 has improper verification of SSL certificates	2019-12-13	not yet calculated	CVE-2014-3495 MISC MISC MISC MISC
egain -- mail	The eGain Web Email API 11+ allows spoofed messages because the fromName and message fields (to /system/ws/v11/ss/email) are mishandled, as demonstrated by fromName header injection with a %0a or %0d character. (Also, the message parameter can have initial HTML comment characters.)	2019-12-13	not yet calculated	CVE-2019-17123 MISC
enshrined -- svg-sanitize	It is possible to bypass enshrined/svg-sanitize before 0.13.1 using the "xlink:href" attribute due to mishandling of the xlink namespace by the sanitizer.	2019-12-11	not yet calculated	CVE-2019-10772 MISC
envoy_proxy -- envoy	An issue was discovered in Envoy 1.12.0. An untrusted remote client may send HTTP/2 requests that write to the heap outside of the request buffers when the upstream is HTTP/1. This may be used to corrupt nearby heap contents (leading to a query-of-death scenario) or may be used to bypass Envoy's access control mechanisms such as path based routing. An attacker can also modify requests from other users that happen to be proximal temporally and spatially.	2019-12-13	not yet calculated	CVE-2019-18801 MISC MISC MISC CONFIRM MISC
envoy_proxy -- envoy	An issue was discovered in Envoy 1.12.0. Upon receipt of a malformed HTTP request without a Host header, it sends an internally generated "Invalid request" response. This internally generated response is dispatched through the configured encoder filter chain before being sent to the client. An encoder filter that invokes route manager APIs that access a request's Host header causes a NULL pointer dereference, resulting in abnormal termination of the Envoy process.	2019-12-13	not yet calculated	CVE-2019-18838 MISC MISC CONFIRM MISC
envoy_proxy -- envoy	An issue was discovered in Envoy 1.12.0. An untrusted remote client may send an HTTP header (such as Host) with whitespace after the header content. Envoy will treat "header-value " as a different string from "header-value" so for example with the Host header "example.com " one could bypass "example.com" matchers.	2019-12-13	not yet calculated	CVE-2019-18802 MISC MISC MISC MISC
erlang -- erlang	inets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.	2019-12-10	not yet calculated	CVE-2016-1000107 MISC MISC MISC MISC
firecracker -- firecracker	Firecracker vsock implementation buffer overflow in versions 0.18.0 and 0.19.0. This can result in potentially exploitable crashes.	2019-12-11	not yet calculated	CVE-2019-18960 MISC MISC MISC CONFIRM CONFIRM
foreman -- foreman	Foreman has improper input validation which could lead to partial Denial of Service	2019-12-11	not yet calculated	CVE-2014-0091 MISC MISC MISC
grandstream -- multiple_products	Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models with firmware 1.0.4.11, have a hardcoded account "!#/" with the same password, which makes it easier for remote attackers to obtain access via a TELNET session.	2019-12-11	not yet calculated	CVE-2013-3542 MISC MISC
hammer_cli_foreman_gem_for_ruby_on_rails -- hammer_cli_foreman_gem_for_ruby_on_rails	rubygem-hammer_cli_foreman: File /etc/hammer/cli.modules.d/foreman.yml world readable	2019-12-13	not yet calculated	CVE-2014-0241 MISC MISC
hostapd -- hostapd	An exploitable denial-of-service vulnerability exists in the hostapd 2.6, where an attacker could trigger AP to send IAPP location updates for stations, before the required authentication process has completed. This could lead to different denial of service scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already existing clients in other nearby Aps of the same wireless infrastructure. An attacker can forge Authentication and Association Request packets to trigger this vulnerability.	2019-12-12	not yet calculated	CVE-2019-5061 MISC
hostapd -- hostapd	An exploitable denial-of-service vulnerability exists in the 802.11w security state handling for hostapd 2.6 connected clients with valid 802.11w sessions. By simulating an incomplete new association, an attacker can trigger a deauthentication against stations using 802.11w, resulting in a denial of service.	2019-12-12	not yet calculated	CVE-2019-5062 MISC
huawei -- campusinsight	There is an out-of-bounds read vulnerability in the Advanced Packages feature of the Gauss100 OLTP database in CampusInsight before V100R019C00SPC200. Attackers who gain the specific permission can use this vulnerability by sending elaborate SQL statements to the database. Successful exploit of this vulnerability may cause the database to crash.	2019-12-13	not yet calculated	CVE-2019-5278 MISC
huawei -- cloudengine	CloudEngine 12800 has a DoS vulnerability. An attacker of a neighboring device sends a large number of specific packets. As a result, a memory leak occurs after the device uses the specific packet. As a result, the attacker can exploit this vulnerability to cause DoS attacks on the target device.	2019-12-13	not yet calculated	CVE-2019-5248 MISC
huawei -- cloudusm-eua	Huawei CloudUSM-EUA V600R006C10;V600R019C00 have an information leak vulnerability. Due to improper configuration, the attacker may cause information leak by successful exploitation.	2019-12-13	not yet calculated	CVE-2019-5277 MISC
huawei -- e5572-855	E5572-855 with versions earlier than 8.0.1.3(H335SP1C233) has an improper authentication vulnerability. The device does not perform a sufficient authentication when doing certain operations, successful exploit could allow an attacker to cause the device to reboot after launch a man in the middle attack.	2019-12-13	not yet calculated	CVE-2019-5253 MISC
huawei -- mate_20_pro_smartphone	Mate 20 Pro smartphones with versions earlier than 9.1.0.135(C00E133R3P1) have an improper authorization vulnerability. The software does not properly restrict certain operation of certain privilege, the attacker could trick the user into installing a malicious application before the user turns on student mode function. Successful exploit could allow the attacker to bypass the limit of student mode function.	2019-12-13	not yet calculated	CVE-2019-5250 MISC
huawei -- multiple_products	There is a weak algorithm vulnerability in some Huawei products. The affected products use weak algorithms by default. Attackers may exploit the vulnerability to cause information leaks.	2019-12-13	not yet calculated	CVE-2019-19397 MISC
huawei -- multiple_products	Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a DoS vulnerability. An attacker may send crafted messages from a FTP client to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the system out-of-bounds read and result in a denial of service condition of the affected service.	2019-12-13	not yet calculated	CVE-2019-5255 MISC
huawei -- multiple_products	Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace) have a resource management vulnerability. An attacker who logs in to the board may send crafted messages from the internal network.	2019-12-13	not yet calculated	CVE-2019-5257 MISC
huawei -- multiple_products	Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a buffer overflow vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal.	2019-12-13	not yet calculated	CVE-2019-5258 MISC
huawei -- multiple_products	Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal.	2019-12-13	not yet calculated	CVE-2019-5254 MISC
huawei -- multiple_products	Some Huawei products have an insufficient verification of data authenticity vulnerability. A remote, unauthenticated attacker has to intercept specific packets between two devices, modify the packets, and send the modified packets to the peer device. Due to insufficient verification of some fields in the packets, an attacker may exploit the vulnerability to cause the target device to be abnormal.	2019-12-13	not yet calculated	CVE-2019-5291 MISC
huawei -- multiple_products	Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a null pointer dereference vulnerability. The system dereferences a pointer that it expects to be valid, but is NULL. A local attacker could exploit this vulnerability by sending crafted parameters. A successful exploit could cause a denial of service and the process reboot.	2019-12-13	not yet calculated	CVE-2019-5256 MISC
huawei -- multiple_smartphones	Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal.	2019-12-14	not yet calculated	CVE-2019-5235 MISC
huawei -- multiple_smartphones	There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock in a rare condition. Successful exploit could cause information disclosure.	2019-12-13	not yet calculated	CVE-2019-5264 MISC
huawei -- multiple_smartphones	There is an improper authentication vulnerability in Huawei smartphones (Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro). The applock does not perform a sufficient authentication in a rare condition. Successful exploit could allow the attacker to use the application locked by applock in an instant.	2019-12-14	not yet calculated	CVE-2019-5252 MISC
huawei -- multiple_smartphones	There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure.	2019-12-13	not yet calculated	CVE-2019-5251 MISC
huawei -- s5700_and_s6700_switches	Huawei S5700 and S6700 have a DoS security vulnerability. Attackers with certain permissions perform specific operations on affected devices. Because the pointer in the program is not processed properly, the vulnerability can be exploited to cause the device to be abnormal.	2019-12-13	not yet calculated	CVE-2019-5290 MISC
huawei -- y9_2019_and_honor_view_20_smartphones	Huawei smartphones HUAWEI Y9 2019 and Honor View 20 have a denial of service vulnerability. Due to insufficient input validation of specific value when parsing the messages, an attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices to exploit this vulnerability. Successful exploit may cause an infinite loop and the device to reboot.	2019-12-13	not yet calculated	CVE-2019-5260 MISC
ibm -- case_manager	The Case Builder component shipped with 18.0.0.1 through 19.0.0.2 and IBM Case Manager 5.1.1 through 5.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 162772.	2019-12-13	not yet calculated	CVE-2019-4426 XF CONFIRM CONFIRM
ibm -- datapower_gateway	IBM DataPower Gateway 7.6.0.0-7 throug 6.0.14 and 2018.4.1.0 through 2018.4.1.5 have a default administrator account that is enabled if the IPMI LAN channel is enabled. A remote attacker could use this account to gain unauthorised access to the BMC. IBM X-Force ID: 168883.	2019-12-09	not yet calculated	CVE-2019-4621 XF CONFIRM
ibm -- db2_high_performance_unload	IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 could allow a local attacker to execute arbitrary code on the system, caused by an untrusted search path vulnerability. By using a executable file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 168298.	2019-12-12	not yet calculated	CVE-2019-4606 XF CONFIRM
idrix -- veracrypt	VeraCrypt 1.24 allows Local Privilege Escalation during execution of VeraCryptExpander.exe.	2019-12-13	not yet calculated	CVE-2019-19501 MISC MISC
kde -- kde_workspace	kde-workspace before 4.10.5 has a memory leak in plasma desktop	2019-12-10	not yet calculated	CVE-2013-4133 MISC MISC MISC MISC MISC MISC MISC
labf -- aceaxe_plus	The FTP client in AceaXe Plus 1.0 allows a buffer overflow via a long EHLO response from an FTP server.	2019-12-13	not yet calculated	CVE-2019-19782 MISC MISC
last.fm -- last.fm_app_for_macos	The Last.fm desktop app (Last.fm Scrobbler) through 2.1.39 on macOS makes HTTP requests that include an API key without the use of SSL/TLS. Although there is an Enable SSL option, it is disabled by default, and cleartext requests are made as soon as the app starts.	2019-12-10	not yet calculated	CVE-2019-19251 MISC
lead_technologies -- leadtools	An exploitable code execution vulnerability exists in the DICOM packet-parsing functionality of LEADTOOLS libltdic.so, version 20.0.2019.3.15. A specially crafted packet can cause an integer overflow, resulting in heap corruption. An attacker can send a packet to trigger this vulnerability.	2019-12-12	not yet calculated	CVE-2019-5085 CONFIRM
lead_technologies -- leadtools	An exploitable information disclosure vulnerability exists in the DICOM packet-parsing functionality of LEADTOOLS libltdic.so, version 20.0.2019.3.15. A specially crafted packet can cause an out-of-bounds read, resulting in information disclosure. An attacker can send a packet to trigger this vulnerability.	2019-12-12	not yet calculated	CVE-2019-5090 CONFIRM
lead_technologies -- leadtools	An exploitable heap overflow vulnerability exists in the JPEG2000 parsing functionality of LEADTOOLS 20.0.2019.3.15. A specially crafted J2K image file can cause an out of bounds write of a null byte in a heap buffer, potentially resulting in code execution. An attack can specially craft a J2K image to trigger this vulnerability.	2019-12-12	not yet calculated	CVE-2019-5154 CONFIRM
lead_technologies -- leadtools	An exploitable code execution vulnerability exists in the DICOM network response functionality of LEADTOOLS libltdic.so version 20.0.2019.3.15. A specially crafted packet can cause an integer overflow, resulting in heap corruption. An attacker can send a packet to trigger this vulnerability.	2019-12-12	not yet calculated	CVE-2019-5093 CONFIRM
lead_technologies -- leadtools	An exploitable heap out of bounds write vulnerability exists in the UI tag parsing functionality of the DICOM image format of LEADTOOLS 20.0.2019.3.15. A specially crafted DICOM image can cause an offset beyond the bounds of a heap allocation to be written, potentially resulting in code execution. An attacker can specially craft a DICOM image to trigger this vulnerability.	2019-12-12	not yet calculated	CVE-2019-5092 CONFIRM
lead_technologies -- leadtools	An exploitable denial-of-service vulnerability exists in the Dicom-packet parsing functionality of LEADTOOLS libltdic.so version 20.0.2019.3.15. A specially crafted packet can cause an infinite loop, resulting in a denial of service. An attacker can send a packet to trigger this vulnerability.	2019-12-12	not yet calculated	CVE-2019-5091 CONFIRM
lenovo-- energy_management_driver_for_windows_10	A denial of service vulnerability has been reported in Lenovo Energy Management Driver for Windows 10 versions prior to 15.11.29.7 that could cause systems to experience a blue screen error. Lenovo Energy Management is a client utility. Lenovo XClarity Energy Manager is not affected.	2019-12-10	not yet calculated	CVE-2019-6183 CONFIRM
lenovo-- power_management_driver	A potential vulnerability has been reported in Lenovo Power Management Driver versions prior to 1.67.17.48 leading to a buffer overflow which could cause a denial of service.	2019-12-10	not yet calculated	CVE-2019-6192 MISC CONFIRM
libsixel_project -- libsixel	An issue was discovered in libsixel 1.8.2. There is a heap-based buffer over-read in the function load_sixel at loader.c.	2019-12-13	not yet calculated	CVE-2019-19778 MISC
libssh -- libssh	A flaw was found with the libssh API function ssh_scp_new() in versions before 0.9.3 and before 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the library is used in a way where users can influence the third parameter of the function, it would become possible for an attacker to inject arbitrary commands, leading to a compromise of the remote target.	2019-12-10	not yet calculated	CVE-2019-14889 CONFIRM UBUNTU CONFIRM
linux -- linux_kernel	In the Linux kernel 5.4.0-rc2, there is a use-after-free (read) in the __blk_add_trace function in kernel/trace/blktrace.c (which is used to fill out a blk_io_trace structure and place it in a per-cpu sub-buffer).	2019-12-12	not yet calculated	CVE-2019-19768 MISC
linux -- linux_kernel	In the Linux kernel 5.3.10, there is a use-after-free (read) in the perf_trace_lock_acquire function (related to include/trace/events/lock.h).	2019-12-12	not yet calculated	CVE-2019-19769 MISC
linux -- linux_kernel	In the Linux kernel 4.19.83, there is a use-after-free (read) in the debugfs_remove function in fs/debugfs/inode.c (which is used to remove a file or directory in debugfs that was previously created with a call to another debugfs function such as debugfs_create_file).	2019-12-12	not yet calculated	CVE-2019-19770 MISC
linux -- linux_kernel	The Linux kernel before 5.4.2 mishandles ext4_expand_extra_isize, as demonstrated by use-after-free errors in __ext4_expand_extra_isize and ext4_xattr_set_entry, related to fs/ext4/inode.c and fs/ext4/super.c, aka CID-4ea99936a163.	2019-12-12	not yet calculated	CVE-2019-19767 MISC MISC MISC MISC MISC
mcafee -- techcheck	DLL Search Order Hijacking vulnerability in the Microsoft Windows client in McAfee Tech Check 3.0.0.17 and earlier allows local users to execute arbitrary code via the local folder placed there by an attacker.	2019-12-11	not yet calculated	CVE-2019-3667 CONFIRM
mcollective -- mcollective	mcollective has a default password set at install	2019-12-13	not yet calculated	CVE-2014-0175 MISC MISC MISC
mediawiki -- mediawiki	includes/libs/IEUrlExtension.php in the MediaWiki API in MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 does not properly detect extensions when there are an even number of "." (period) characters in a string, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the siprop parameter in a query action to wiki/api.php.	2019-12-11	not yet calculated	CVE-2013-4303 MISC MISC MISC MISC MISC
mediawiki -- mediawiki	MediaWiki through 1.33.1 allows attackers to bypass the Title_blacklist protection mechanism by starting with an arbitrary title, establishing a non-resolvable redirect for the associated page, and using redirect=1 in the action API when editing that page.	2019-12-11	not yet calculated	CVE-2019-19709 MISC MISC
micro_focus -- acutoweb	Unauthorized file download vulnerability in all supported versions of Micro Focus AcuToWeb. The vulnerability could be exploited to enumerate and download files from the filesystem of the system running AcuToWeb, with the privileges of the account AcuToWeb is running under.	2019-12-11	not yet calculated	CVE-2019-17087 CONFIRM
microsoft -- visual_studio_2019_and_visual_studio_live_share	A spoofing vulnerability exists in Visual Studio Live Share when a guest connected to a Live Share session is redirected to an arbitrary URL specified by the session host, aka 'Visual Studio Live Share Spoofing Vulnerability'.	2019-12-10	not yet calculated	CVE-2019-1486 MISC
minerstat -- msos	minerstat msOS before 2019-10-23 does not have a unique SSH key for each instance of the product.	2019-12-12	not yet calculated	CVE-2019-19750 MISC
modoboa -- modoboa	The modoboa-dmarc plugin 1.1.0 for Modoboa is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this to perform a denial of service against the DMARC reporting functionality, such as by referencing the /dev/random file within XML documents that are emailed to the address in the rua field of the DMARC records of a domain.	2019-12-10	not yet calculated	CVE-2019-19702 MISC
moxa -- eds-g508e_and_eds-g512e_and_eds-g516e_devices	On Moxa EDS-G508E, EDS-G512E, and EDS-G516E devices (with firmware through 6.0), denial of service can occur via PROFINET DCE-RPC endpoint discovery packets.	2019-12-11	not yet calculated	CVE-2019-19707 MISC
multiple_vendors -- multiple_products	A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. This provides everything that is needed for an attacker to hijack active connections inside the VPN tunnel.	2019-12-11	not yet calculated	CVE-2019-14899 CONFIRM MISC
node-connect -- node-connect	node-connect before 2.8.1 has XSS in the Sencha Labs Connect middleware	2019-12-11	not yet calculated	CVE-2013-7370 MISC MISC MISC MISC MISC MISC MISC
node-connect -- node-connect	node-connects before 2.8.2 has cross site scripting in Sencha Labs Connect middleware (vulnerability due to incomplete fix for CVE-2013-7370)	2019-12-11	not yet calculated	CVE-2013-7371 MISC MISC MISC MISC MISC MISC
node.js -- node.js	The lodahs package 0.0.1 for Node.js is a Trojan horse, and may have been installed by persons who mistyped the lodash package name. In particular, the Trojan horse finds and exfiltrates cryptocurrency wallets.	2019-12-12	not yet calculated	CVE-2019-19771 MISC MISC
nopcommerce -- nopcommerce	RoxyFileman, as shipped with nopCommerce v4.2.0, is vulnerable to CSRF because GET requests can be used for renames and deletions.	2019-12-09	not yet calculated	CVE-2019-19685 MISC
nopcommerce -- nopcommerce	RoxyFileman, as shipped with nopCommerce v4.2.0, is vulnerable to ../ path traversal via d or f to Admin/RoxyFileman/ProcessRequest because of Libraries/Nop.Services/Media/RoxyFileman/FileRoxyFilemanService.cs.	2019-12-09	not yet calculated	CVE-2019-19683 MISC
npm -- cli	Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It fails to prevent access to folders outside of the intended node_modules folder through the bin field. A properly constructed entry in the package.json bin field would allow a package publisher to modify and/or gain access to arbitrary files on a user?s system when the package is installed. This behavior is still possible through install scripts. This vulnerability bypasses a user using the --ignore-scripts install option.	2019-12-13	not yet calculated	CVE-2019-16776 MISC CONFIRM
npm -- cli	Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It is possible for packages to create symlinks to files outside of thenode_modules folder through the bin field upon installation. A properly constructed entry in the package.json bin field would allow a package publisher to create a symlink pointing to arbitrary files on a user?s system when the package is installed. This behavior is still possible through install scripts. This vulnerability bypasses a user using the --ignore-scripts install option.	2019-12-13	not yet calculated	CVE-2019-16775 MISC CONFIRM
npm -- cli	Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For example, if a package was installed globally and created a serve binary, any subsequent installs of packages that also create a serve binary would overwrite the previous serve binary. This behavior is still allowed in local installations and also through install scripts. This vulnerability bypasses a user using the --ignore-scripts install option.	2019-12-13	not yet calculated	CVE-2019-16777 MISC CONFIRM
omniauth-facebook_gem_for_ruby_on_rails -- omniauth-facebook_gem_for_ruby_on_rails	RubyGem omniauth-facebook has an access token security vulnerability	2019-12-11	not yet calculated	CVE-2013-4593 MISC MISC MISC MISC
openbsd -- openbsd	lib/libc/stdlib/random.c in OpenBSD returns 0 when seeded with 0.	2019-12-10	not yet calculated	CVE-2012-1577 CONFIRM MISC MISC MISC
openbsd -- openbsd	OpenBSD through 6.6 allows local users to escalate to root because a check for LD_LIBRARY_PATH in setuid programs can be defeated by setting a very small RLIMIT_DATA resource limit. When executing chpass or passwd (which are setuid root), _dl_setup_env in ld.so tries to strip LD_LIBRARY_PATH from the environment, but fails when it cannot allocate memory. Thus, the attacker is able to execute their own library code as root.	2019-12-12	not yet calculated	CVE-2019-19726 MISC FULLDISC BUGTRAQ CONFIRM MISC
openshift-origin-controller_gem_for_ruby_on_rails -- openshift-origin-controller_gem_for_ruby_on_rails	rubygem-openshift-origin-controller: API can be used to create applications via cartridge_cache.rb URI.prase() to perform command injection	2019-12-10	not yet calculated	CVE-2013-2095 MISC MISC
openstack -- keystone	OpenStack Keystone 15.0.0 and 16.0.0 is affected by Data Leakage in the list credentials API. Any user with a role on a project is able to list any credentials with the /v3/credentials API when enforce_scope is false. Users with a role on a project are able to view any other users' credentials, which could (for example) leak sign-on information for Time-based One Time Passwords (TOTP). Deployments with enforce_scope set to false are affected. (There will be a slight performance impact for the list credentials API once this issue is fixed.)	2019-12-09	not yet calculated	CVE-2019-19687 MLIST MISC MISC MISC MISC CONFIRM
pen -- pen	Pen 0.18.0 has Insecure Temporary File Creation vulnerabilities	2019-12-13	not yet calculated	CVE-2014-2387 MISC MISC MISC MISC MISC MISC MISC
phpfastcache -- phpfastcache	In phpfastcache before 5.1.3, there is a possible object injection vulnerability in cookie driver.	2019-12-12	not yet calculated	CVE-2019-16774 MISC MISC CONFIRM
puppet -- puppet_enterprise	The express install, which is the suggested way to install Puppet Enterprise, gives the user a URL at the end of the install to set the admin password. If they do not use that URL, there is an overlooked default password for the admin user. This was resolved in Puppet Enterprise 2019.0.3 and 2018.1.9.	2019-12-12	not yet calculated	CVE-2019-10694 MISC
puppet -- puppet_enterprise	When using the cd4pe::root_configuration task to configure a Continuous Delivery for PE installation, the root user?s username and password were exposed in the job?s Job Details pane in the PE console. These issues have been resolved in version 1.2.1 of the puppetlabs/cd4pe module.	2019-12-12	not yet calculated	CVE-2019-10695 MISC
python-keystoneclient -- python-keystoneclient	python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass	2019-12-10	not yet calculated	CVE-2013-2166 MISC MISC MISC MISC MISC MISC MISC MISC
python-keystoneclient -- python-keystoneclient	python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache signing bypass	2019-12-10	not yet calculated	CVE-2013-2167 MISC MISC MISC MISC MISC MISC MISC MISC MISC
qualcomm -- snapdragon_connectivity	Driver may access an invalid address while processing IO control due to lack of check of address validation in Snapdragon Connectivity in QCA6390	2019-12-12	not yet calculated	CVE-2019-10618 CONFIRM
red_hat -- cloudform_management_engine	CFME: CSRF protection vulnerability via permissive check of the referrer header	2019-12-13	not yet calculated	CVE-2014-0197 MISC MISC
red_hat -- openshift	Openshift has shell command injection flaws due to unsanitized data being passed into shell commands.	2019-12-11	not yet calculated	CVE-2014-0163 MISC MISC
red_hat -- 3scale	A vulnerability was found in 3scale before version 2.6, did not set the HTTPOnly attribute on the user session cookie. An attacker could use this to conduct cross site scripting attacks and gain access to unauthorized information.	2019-12-12	not yet calculated	CVE-2019-14849 CONFIRM
relialble_controls -- licensemanager	Reliable Controls LicenseManager versions 3.4 and prior may allow an authenticated user to insert malicious code into the system root path, which may allow execution of code with elevated privileges of the application.	2019-12-11	not yet calculated	CVE-2019-18245 MISC
samba -- samba	All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the (poorly named) dnsserver RPC pipe provides administrative facilities to modify DNS records and zones. Samba, when acting as an AD DC, stores DNS records in LDAP. In AD, the default permissions on the DNS partition allow creation of new records by authenticated users. This is used for example to allow machines to self-register in DNS. If a DNS record was created that case-insensitively matched the name of the zone, the ldb_qsort() and dns_name_compare() routines could be confused into reading memory prior to the list of DNS entries when responding to DnssrvEnumRecords() or DnssrvEnumRecords2() and so following invalid memory as a pointer.	2019-12-10	not yet calculated	CVE-2019-14861 CONFIRM FEDORA CONFIRM UBUNTU UBUNTU CONFIRM
samba -- samba	All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U (MS-SFU) Kerberos delegation model includes a feature allowing for a subset of clients to be opted out of constrained delegation in any way, either S4U2Self or regular Kerberos authentication, by forcing all tickets for these clients to be non-forwardable. In AD this is implemented by a user attribute delegation_not_allowed (aka not-delegated), which translates to disallow-forwardable. However the Samba AD DC does not do that for S4U2Self and does set the forwardable flag even if the impersonated client has the not-delegated flag set.	2019-12-10	not yet calculated	CVE-2019-14870 CONFIRM FEDORA CONFIRM UBUNTU UBUNTU CONFIRM
samurai -- samurai	samurai 0.7 has a heap-based buffer overflow in canonpath in util.c via a crafted build file.	2019-12-13	not yet calculated	CVE-2019-19795 MISC
sap -- businessobjects_business_intelligence_platform	Due to insufficient CSRF protection, SAP BusinessObjects Business Intelligence Platform (Monitoring Application), before versions 4.1, 4.2 and 4.3, may lead to an authenticated user to send unintended request to the web server, leading to Cross Site Request Forgery.	2019-12-11	not yet calculated	CVE-2019-0398 CONFIRM CONFIRM
sap -- businessobjects_business_intelligence_platform	SAP BusinessObjects Business Intelligence Platform (Fiori BI Launchpad), before version 4.2, allows execution of JavaScript in a text module in Fiori BI Launchpad, leading to Stored Cross Site Scripting vulnerability.	2019-12-11	not yet calculated	CVE-2019-0395 CONFIRM CONFIRM
sap -- enable_now	SAP Enable Now, before version 1911, allows an attacker to input commands into the CSV files, which will be executed when opened, leading to CSV Command Injection.	2019-12-11	not yet calculated	CVE-2019-0403 CONFIRM CONFIRM
sap -- enable_now	SAP Enable Now, before version 1911, leaks information about network configuration in the server error messages, leading to Information Disclosure.	2019-12-11	not yet calculated	CVE-2019-0404 CONFIRM CONFIRM
sap -- enable_now	SAP Enable Now, before version 1911, leaks information about the existence of a particular user which can be used to construct a list of users, leading to a user enumeration vulnerability and Information Disclosure.	2019-12-11	not yet calculated	CVE-2019-0405 CONFIRM CONFIRM
sap -- portfolio_and_project_management	SAP Portfolio and Project Management, before versions S4CORE 102, 103, EPPM 100 and CPRXRPM 500_702, 600_740, 610_740; unintentionally allows a user to discover accounting information of the Projects in Project dashboard, leading to Information Disclosure.	2019-12-11	not yet calculated	CVE-2019-0399 CONFIRM CONFIRM
secureworks -- red_cloak_windows_agent	In SecureWorks Red Cloak Windows Agent before 2.0.7.9, a local user can bypass the generation of telemetry alerts by removing NT AUTHORITY\SYSTEM permissions from a file.	2019-12-06	not yet calculated	CVE-2019-19620 MISC MISC
siemens -- sinvr_3_central_control_server_and_sinvr_3_video_server	A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR 3 Video Server (all versions). The user configuration menu in the web interface of the SiNVR 3 Central Control Server (CCS) transfers user passwords in clear to the client (browser). An attacker with administrative privileges for the web interface could be able to read (and not only reset) passwords of other SiNVR 3 CCS users.	2019-12-12	not yet calculated	CVE-2019-13947 CONFIRM
siemens -- sinvr_3_central_control_server_and_sinvr_3_video_server	A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR 3 Video Server (all versions). The SiNVR 3 Central Control Server (CCS) contains a directory traversal vulnerability in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. An authenticated remote attacker with network access to the CCS server could exploit this vulnerability to list arbitrary directories or read files outside of the CCS application context.	2019-12-12	not yet calculated	CVE-2019-18338 CONFIRM
siemens -- sinvr_3_central_control_server_and_sinvr_3_video_server	A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR 3 Video Server (all versions). The SFTP service (default port 22/tcp) of the SiNVR 3 Central Control Server (CCS) does not properly limit its capabilities to the specified purpose. In conjunction with CVE-2019-18341, an unauthenticated remote attacker with network access to the CCS server could exploit this vulnerability to read or delete arbitrary files, or access other resources on the same server.	2019-12-12	not yet calculated	CVE-2019-18342 CONFIRM
siemens -- sinvr_3_central_control_server_and_sinvr_3_video_server	A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR 3 Video Server (all versions). Both the SiNVR 3 Video Server and the Central Control Server (CCS) store user and device passwords by applying weak cryptography. A local attacker could exploit this vulnerability to extract the passwords from the user database and/or the device configuration files to conduct further attacks.	2019-12-12	not yet calculated	CVE-2019-18340 CONFIRM
siemens -- sinvr_3_central_control_server_and_sinvr_3_video_server	A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR 3 Video Server (all versions). The HTTP service (default port 5401/tcp) of the SiNVR 3 Video Server contains an authentication bypass vulnerability, even when properly configured with enforced authentication. A remote attacker with network access to the Video Server could exploit this vulnerability to read the SiNVR users database, including the passwords of all users in obfuscated cleartext.	2019-12-12	not yet calculated	CVE-2019-18339 CONFIRM
siemens -- sinvr_3_central_control_server_and_sinvr_3_video_server	A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR 3 Video Server (all versions). The SiNVR 3 Central Control Server (CCS) contains an authentication bypass vulnerability in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. A remote attacker with network access to the CCS server could exploit this vulnerability to read the CCS users database, including the passwords of all users in obfuscated cleartext.	2019-12-12	not yet calculated	CVE-2019-18337 CONFIRM
siemens -- sinvr_3_central_control_server_and_sinvr_3_video_server	A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR 3 Video Server (all versions). The SFTP service (default port 22/tcp) of the SiNVR 3 Central Control Server (CCS) contains an authentication bypass vulnerability. A remote attacker with network access to the CCS server could exploit this vulnerability to read data from the EDIR directory (for example, the list of all configured stations).	2019-12-12	not yet calculated	CVE-2019-18341 CONFIRM
siemens -- sppa-t3000_application_server	A vulnerability has been identified in SPPA-T3000 Application Server (All versions). An attacker with network access to the Application Server could gain access to directory listings of the server by sending specifically crafted packets to 80/tcp, 8095/tcp or 8080/tcp. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18332 CONFIRM
siemens -- sppa-t3000_application_server	A vulnerability has been identified in SPPA-T3000 Application Server (All versions). An attacker with network access to the Application Server could gain access to filenames on the server by sending specifically crafted packets to 8090/tcp. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18333 CONFIRM
siemens -- sppa-t3000_application_server	A vulnerability has been identified in SPPA-T3000 Application Server (All versions). An attacker with network access to the Application Server could be able to enumerate valid user names by sending specifically crafted packets to 8090/tcp. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18334 CONFIRM
siemens -- sppa-t3000_application_server	A vulnerability has been identified in SPPA-T3000 Application Server (All versions). An attacker with network access to the Application Server could be able to gain access to logs and configuration files by sending specifically crafted packets to 80/tcp. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18335 CONFIRM
siemens -- sppa-t3000_application_server	A vulnerability has been identified in SPPA-T3000 Application Server (All versions). An attacker with network access to the Application Server could be able to upload arbitrary files without authentication. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18320 CONFIRM
siemens -- sppa-t3000_application_server	A vulnerability has been identified in SPPA-T3000 Application Server (All versions). An attacker with network access to the Application Server could gain access to path and filenames on the server by sending specifically crafted packets to 1099/tcp. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18331 CONFIRM
siemens -- sppa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can cause a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to 5010/tcp. This vulnerability is independent from CVE-2019-18323, CVE-2019-18324, CVE-2019-18325, CVE-2019-18327, CVE-2019-18328, CVE-2019-18329, and CVE-2019-18330. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18326 CONFIRM
siemens -- sppa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could cause a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to 5010/tcp. This vulnerability is independent from CVE-2019-18324, CVE-2019-18325, CVE-2019-18326, CVE-2019-18327, CVE-2019-18328, CVE-2019-18329, and CVE-2019-18330. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18323 CONFIRM
siemens -- sppa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can cause a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to 5010/tcp. This vulnerability is independent from CVE-2019-18323, CVE-2019-18324, CVE-2019-18325, CVE-2019-18326, CVE-2019-18327, CVE-2019-18328, and CVE-2019-18330. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18329 CONFIRM
siemens -- sppa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could cause a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to 5010/tcp. This vulnerability is independent from CVE-2019-18323, CVE-2019-18324, CVE-2019-18325, CVE-2019-18326, CVE-2019-18327, CVE-2019-18328, and CVE-2019-18329. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18330 CONFIRM
siemens -- sppa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can cause a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to 5010/tcp. This vulnerability is independent from CVE-2019-18323, CVE-2019-18324, CVE-2019-18325, CVE-2019-18326, CVE-2019-18327, CVE-2019-18329, and CVE-2019-18330. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18328 CONFIRM
siemens -- sppa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can cause a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to 5010/tcp. This vulnerability is independent from CVE-2019-18323, CVE-2019-18324, CVE-2019-18325, CVE-2019-18326, CVE-2019-18328, CVE-2019-18329, and CVE-2019-18330. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18327 CONFIRM
siemens -- sppa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can cause a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to 5010/tcp. This vulnerability is independent from CVE-2019-18323, CVE-2019-18324, CVE-2019-18326, CVE-2019-18327, CVE-2019-18328, CVE-2019-18329, and CVE-2019-18330. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18325 CONFIRM
siemens -- sppa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can cause a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to 5010/tcp. This vulnerability is independent from CVE-2019-18323, CVE-2019-18325, CVE-2019-18326, CVE-2019-18327, CVE-2019-18328, CVE-2019-18329, and CVE-2019-18330. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18324 CONFIRM
siemens -- sppa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could be able to read and write arbitrary files on the local file system by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18321. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18322 CONFIRM
siemens -- sppa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could be able to read and write arbitrary files on the local file system by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18322. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18321 CONFIRM
siemens -- en100_ethernet_modules	A vulnerability has been identified in EN100 Ethernet module DNP3 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.37), EN100 Ethernet module IEC104 variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions). The web interface could allow Cross-Site Scripting (XSS) attacks if an attacker is able to modify content of particular web pages, causing the application to behave in unexpected ways for legitimate users. Successful exploitation does not require for an attacker to be authenticated to the web interface. This could allow the attacker to read or modify contents of the web application. At the time of advisory publication no public exploitation of this security. vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-13943 CONFIRM
siemens -- en100_ethernet_modules	A vulnerability has been identified in EN100 Ethernet module DNP3 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.37), EN100 Ethernet module IEC104 variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions). An unauthorized user could exploit a buffer overflow vulnerability in the webserver. Specially crafted packets sent could cause a Denial-of-Service condition and if certain conditions are met, the affected devices must be restarted manually to fully recover. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-13942 CONFIRM
siemens -- en100_ethernet_modules	A vulnerability has been identified in EN100 Ethernet module DNP3 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.37), EN100 Ethernet module IEC104 variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions). A vulnerability in the integrated web server of the affected devices could allow unauthorized attackers to obtain sensitive information about the device, including logs and configurations. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-13944 CONFIRM
siemens -- multiple_desigo_px_products	A vulnerability has been identified in Desigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D with Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 (All firmware versions < V6.00.320), Desigo PX automation controllers PXC00-U, PXC64-U, PXC128-U with Desigo PX Web modules PXA30-W0, PXA30-W1, PXA30-W2 (All firmware versions < V6.00.320), Desigo PX automation controllers PXC22.1-E.D, PXC36-E.D, PXC36.1-E.D with activated web server (All firmware versions < V6.00.320). The device contains a vulnerability that could allow an attacker to cause a denial of service condition on the device's web server by sending a specially crafted HTTP message to the web server port (tcp/80). The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the device's web service. While the device itself stays operational, the web server responds with HTTP status code 404 (Not found) to any further request. A reboot is required to recover the web interface. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-13927 MISC
siemens -- simatic_s7-1200_cpu_and_simatic_s7-200_smart_cpu	A vulnerability has been identified in SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-200 SMART CPU family (All versions). There is an access mode used during manufacturing of S7-1200 CPUs that allows additional diagnostic functionality. The security vulnerability could be exploited by an attacker with physical access to the UART interface during boot process. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-13945 MISC
siemens -- spa-t3000_application_server	A vulnerability has been identified in SPPA-T3000 Application Server (All versions). The Application Server exposes directory listings and files containing sensitive information. This vulnerability is independent from CVE-2019-18286. Please note that an attacker needs to have access to the Application Highway in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18287 MISC CONFIRM
siemens -- spa-t3000_application_server	A vulnerability has been identified in SPPA-T3000 Application Server (All versions). An attacker with network access to the Application Server could gain remote code execution by sending specifically crafted packets to 1099/tcp. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18316 CONFIRM
siemens -- spa-t3000_application_server	A vulnerability has been identified in SPPA-T3000 Application Server (All versions). An attacker with valid authentication at the RMI interface could be able to gain remote code execution through an unsecured file upload. Please note that an attacker needs to have access to the Application Highway in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18288 MISC CONFIRM
siemens -- spa-t3000_application_server	A vulnerability has been identified in SPPA-T3000 Application Server (All versions). An attacker with network access to the Application Server could cause a Denial-of-Service condition by sending specifically crafted objects via RMI. This vulnerability is independent from CVE-2019-18317 and CVE-2019-18318. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18319 CONFIRM
siemens -- spa-t3000_application_server	A vulnerability has been identified in SPPA-T3000 Application Server (All versions). An attacker with network access to the Application Server could cause a Denial-of-Service condition by sending specifically crafted objects via RMI. This vulnerability is independent from CVE-2019-18318 and CVE-2019-18319. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18317 CONFIRM
siemens -- spa-t3000_application_server	A vulnerability has been identified in SPPA-T3000 Application Server (All versions). An attacker with network access to the Application Server can cause a Denial-of-Service condition by sending specifically crafted objects via RMI. This vulnerability is independent from CVE-2019-18317 and CVE-2019-18319. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18318 CONFIRM
siemens -- spa-t3000_application_server	A vulnerability has been identified in SPPA-T3000 Application Server (All versions). An attacker with network access to the Application Server could gain remote code execution by sending specifically crafted objects via RMI. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18314 CONFIRM
siemens -- spa-t3000_application_server	A vulnerability has been identified in SPPA-T3000 Application Server (All versions). The AdminService is available without authentication on the Application Server. An attacker can use methods exposed via this interface to receive password hashes of other users and to change user passwords. Please note that an attacker needs to have access to the Application Highway in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18284 MISC CONFIRM
siemens -- spa-t3000_application_server	A vulnerability has been identified in SPPA-T3000 Application Server (All versions). The Application Server exposes directory listings and files containing sensitive information. This vulnerability is independent from CVE-2019-18287. Please note that an attacker needs to have access to the Application Highway in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18286 MISC CONFIRM
siemens -- spa-t3000_application_server	A vulnerability has been identified in SPPA-T3000 Application Server (All versions). An attacker with network access to the Application Server could gain remote code execution by sending specifically crafted packets to 8888/tcp. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18315 CONFIRM
siemens -- spa-t3000_application_server	A vulnerability has been identified in SPPA-T3000 Application Server (All versions). The AdminService is available without authentication on the Application Server. An attacker can gain remote code execution by sending specifically crafted objects to one of its functions. Please note that an attacker needs to have access to the Application Highway in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18283 MISC CONFIRM
siemens -- spa-t3000_application_server	A vulnerability has been identified in SPPA-T3000 Application Server (All versions). The RMI communication between the client and the Application Server is unencrypted. An attacker with access to the communication channel can read credentials of a valid user. Please note that an attacker needs to have access to the Application Highway in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18285 MISC CONFIRM
siemens -- spa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18294 MISC CONFIRM
siemens -- spa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18299 MISC CONFIRM
siemens -- spa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18293, CVE-2019-18295, and CVE-2019-18296. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18289 MISC CONFIRM
siemens -- spa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18302 MISC CONFIRM
siemens -- spa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18289, CVE-2019-18293, and CVE-2019-18295. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18296 MISC CONFIRM
siemens -- spa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18301 MISC CONFIRM
siemens -- spa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18298 MISC CONFIRM
siemens -- spa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18300 MISC CONFIRM
siemens -- spa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18292 MISC CONFIRM
siemens -- spa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18289, CVE-2019-18293, and CVE-2019-18296. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18295 MISC CONFIRM
siemens -- spa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18289, CVE-2019-18295, and CVE-2019-18296. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18293 MISC CONFIRM
siemens -- spa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with local access to the MS3000 Server and low privileges could gain root privileges by sending specifically crafted packets to a named pipe. Please note that an attacker needs to have local access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18297 MISC CONFIRM
siemens -- spa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18303 MISC CONFIRM
siemens -- spa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18291 MISC CONFIRM
siemens -- spa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with local access to the MS3000 Server and a low privileged user account could gain root privileges by manipulating specific files in the local file system. This vulnerability is independent from CVE-2019-18309. Please note that an attacker needs to have local access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18308 CONFIRM
siemens -- spa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could be able to enumerate running RPC services. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18312 CONFIRM
siemens -- spa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 7061/tcp. This vulnerability is independent from CVE-2019-18310. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18311 CONFIRM
siemens -- spa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with local access to the MS3000 Server and a low privileged user account could gain root privileges by manipulating specific files in the local file system. This vulnerability is independent from CVE-2019-18308. Please note that an attacker needs to have local access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18309 CONFIRM
siemens -- spa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18304 MISC CONFIRM
siemens -- spa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 7061/tcp. This vulnerability is independent from CVE-2019-18311. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18310 CONFIRM
siemens -- spa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18306 MISC CONFIRM
siemens -- spa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18305 MISC CONFIRM
siemens -- spa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could gain remote code execution by sending specifically crafted objects to one of the RPC services. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18313 CONFIRM
siemens -- spa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18290 MISC CONFIRM
siemens -- spa-t3000_ms3000_migration_server	A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, and CVE-2019-18306. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-18307 MISC CONFIRM
siemens -- xhq	A vulnerability has been identified in XHQ (All versions < V6.0.0.2). The web interface could allow a Cross-Site Request Forgery (CSRF) attack if an unsuspecting user is tricked into accessing a malicious link. Successful exploitation requires user interaction by a legitimate user, who must be authenticated to the web interface. A successful attack could allow an attacker to trigger actions via the web interface that the legitimate user is allowed to perform. This could allow the attacker to read or modify contents of the web application. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-13930 CONFIRM
siemens -- xhq	A vulnerability has been identified in XHQ (All versions < V6.0.0.2). The web interface could allow for an an attacker to craft the input in a form that is not expected, causing the application to behave in unexpected ways for legitimate users. Successful exploitation requires for an attacker to be authenticated to the web interface. A successful attack could cause the application to have unexpected behavior. This could allow the attacker to modify contents of the web application. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-13931 CONFIRM
siemens -- xhq	A vulnerability has been identified in XHQ (All versions < V6.0.0.2). The web application requests could be manipulated, causing the the application to behave in unexpected ways for legitimate users. Successful exploitation does not require for an attacker to be authenticated. A successful attack could allow the import of scripts or generation of malicious links. This could allow the attacker to read or modify contents of the web application. At the time of advisory publication no public exploitation of this security vulnerability was known.	2019-12-12	not yet calculated	CVE-2019-13932 CONFIRM
skymee -- petwant_pf-103_and_petalk_ai	The processCommandSetMac() function of libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user.	2019-12-13	not yet calculated	CVE-2019-16737 MISC
skymee -- petwant_pf-103_and_petalk_ai	processCommandUpgrade() in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user.	2019-12-13	not yet calculated	CVE-2019-16730 MISC MISC
skymee -- petwant_pf-103_and_petalk_ai	The udpServerSys service in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to initiate firmware upgrades and alter device settings.	2019-12-13	not yet calculated	CVE-2019-16731 MISC
skymee -- petwant_pf-103_and_petalk_ai	Unencrypted HTTP communications for firmware upgrades in Petalk AI and PF-103 allow man-in-the-middle attackers to run arbitrary code as the root user.	2019-12-13	not yet calculated	CVE-2019-16732 MISC
skymee -- petwant_pf-103_and_petalk_ai	processCommandSetUid() in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user.	2019-12-13	not yet calculated	CVE-2019-16733 MISC
skymee -- petwant_pf-103_and_petalk_ai	A stack-based buffer overflow in processCommandUploadLog in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to cause denial of service or run arbitrary code as the root user.	2019-12-13	not yet calculated	CVE-2019-16735 MISC
skymee -- petwant_pf-103_and_petalk_ai	The processCommandUploadLog() function of libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user.	2019-12-13	not yet calculated	CVE-2019-17364 MISC
skymee -- petwant_pf-103_and_petalk_ai	Use of default credentials for the TELNET server in Petwant PF-103 firmware 4.3.2.50 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user.	2019-12-13	not yet calculated	CVE-2019-16734 MISC
skymee -- petwant_pf-103_and_petalk_ai	A stack-based buffer overflow in processCommandUploadSnapshot in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to cause denial of service or run arbitrary code as the root user.	2019-12-13	not yet calculated	CVE-2019-16736 MISC
smokeping -- smokeping	smokeping before 2.6.9 has XSS (incomplete fix for CVE-2012-0790)	2019-12-11	not yet calculated	CVE-2013-4158 MISC MISC MISC MISC MISC MISC MISC MISC
snakeyaml -- snakeyaml	The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564.	2019-12-12	not yet calculated	CVE-2017-18640 MISC MISC
sqlite -- sqlite	alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.	2019-12-09	not yet calculated	CVE-2019-19645 MISC
sqlite -- sqlite	pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns.	2019-12-09	not yet calculated	CVE-2019-19646 MISC MISC MISC
squiz -- squiz_matrix_content_management_system	An issue was discovered in Squiz Matrix CMS 5.5.0 prior to 5.5.0.3, 5.5.1 prior to 5.5.1.8, 5.5.2 prior to 5.5.2.4, and 5.5.3 prior to 5.5.3.3 where a user can trigger arbitrary unserialization of a PHP object from a packages/cms/page_templates/page_remote_content/page_remote_content.inc POST parameter during processing of a Remote Content page type. This unserialization can be used to trigger the inclusion of arbitrary files on the filesystem (local file inclusion), and results in remote code execution.	2019-12-11	not yet calculated	CVE-2019-19373 FULLDISC MISC MISC
squiz -- squiz_matrix_content_management_system	An issue was discovered in core/assets/form/form_question_types/form_question_type_file_upload/form_question_type_file_upload.inc in Squiz Matrix CMS 5.5.0 prior to 5.5.0.3, 5.5.1 prior to 5.5.1.8, 5.5.2 prior to 5.5.2.4, and 5.5.3 prior to 5.5.3.3 where a user can delete arbitrary files from the server during interaction with the File Upload field type, when a custom form exists. (This is related to an information disclosure issue within the File Upload field type that allows users to view the full path to uploaded files, including the product's web root directory.)	2019-12-11	not yet calculated	CVE-2019-19374 FULLDISC MISC MISC
stb_image.h -- stb_image.h	stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has a heap-based buffer over-read in stbi__load_main.	2019-12-13	not yet calculated	CVE-2019-19777 MISC
supermicro -- x8sti-f_motherboards	On SuperMicro X8STi-F motherboards with IPMI firmware 2.06 and BIOS 02.68, the Virtual Media feature allows OS Command Injection by authenticated attackers who can send HTTP requests to the IPMI IP address. This requires a POST to /rpc/setvmdrive.asp with shell metacharacters in ShareHost or ShareName. The attacker can achieve a persistent backdoor.	2019-12-08	not yet calculated	CVE-2019-19642 MISC
suphp -- suphp	suPHP before 0.7.2 source-highlighting feature allows security bypass which could lead to arbitrary code execution	2019-12-13	not yet calculated	CVE-2014-1867 MISC MISC MISC MISC
symantec -- industrial_control_system_protection	Symantec Industrial Control System Protection (ICSP), versions 6.x.x, may be susceptible to an unauthorized access issue that could potentially allow a threat actor to create or modify application user accounts without proper authentication.	2019-12-09	not yet calculated	CVE-2019-18380 CONFIRM
telerik -- telerik_ui_for_asp.net_ajax	Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUpload function. This is exploitable when the encryption keys are known due to the presence of CVE-2017-11317 or CVE-2017-11357, or other means. Exploitation can result in remote code execution. (In 2019.3.1023 but not earlier versions, a non-default setting can prevent exploitation.)	2019-12-11	not yet calculated	CVE-2019-18935 MISC MISC MISC MISC
telerik -- telerik_ui_for_asp.net_ajax	Path traversal in RadChart in Telerik UI for ASP.NET AJAX allows a remote attacker to read and delete an image with extension .BMP, .EXIF, .GIF, .ICON, .JPEG, .PNG, .TIFF, or .WMF on the server through a specially crafted request. NOTE: RadChart was discontinued in 2014 in favor of RadHtmlChart. All RadChart versions were affected. To avoid this vulnerability, you must remove RadChart's HTTP handler from a web.config (its type is Telerik.Web.UI.ChartHttpHandler).	2019-12-13	not yet calculated	CVE-2019-19790 MISC MISC
tematres -- tematres	TemaTres 3.0 has reflected XSS via the replace_string or search_string parameter to the vocab/admin.php?doAdmin=bulkReplace URI.	2019-12-13	not yet calculated	CVE-2019-14344 MISC MISC
temenos -- channels	An issue was discovered in T24 in TEMENOS Channels R15.01. The login page presents JavaScript functions to access a document on the server once successfully authenticated. However, an attacker can leverage downloadDocServer() to traverse the file system and access files or directories that are outside of the restricted directory because WealthT24/GetImage is used with the docDownloadPath and uploadLocation parameters.	2019-12-09	not yet calculated	CVE-2019-14251 MISC
thales_dis -- safenet_sentinel_ldk_license_manager	SafeNet Sentinel LDK License Manager, all versions prior to 7.101(only Microsoft Windows versions are affected) is vulnerable when configured as a service. This vulnerability may allow an attacker with local access to create, write, and/or delete files in system folder using symbolic links, leading to a privilege escalation. This vulnerability could also be used by an attacker to execute a malicious DLL, which could impact the integrity and availability of the system.	2019-12-11	not yet calculated	CVE-2019-18232 MISC
virustotal -- yara	In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, command_size may be inconsistent with the real size. A specially crafted MachO file can cause an out-of-bounds memory access, resulting in Denial of Service (application crash) or potential code execution.	2019-12-09	not yet calculated	CVE-2019-19648 MISC
wolfssl -- wolfssl_and_wolfcrypt	wolfSSL and wolfCrypt 4.1.0 and earlier (formerly known as CyaSSL) generate biased DSA nonces. This allows a remote attacker to compute the long term private key from several hundred DSA signatures via a lattice attack. The issue occurs because dsa.c fixes two bits of the generated nonces.	2019-12-11	not yet calculated	CVE-2019-14317 MISC
wordpress -- wordpress	Multiple cross-site scripting (XSS) vulnerabilities in products.php in the Cart66 Lite plugin before 1.5.1.15 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) Product name or (2) Price description fields via a request to wp-admin/admin.php. NOTE: This issue may only cross privilege boundaries if used in combination with CVE-2013-5977.	2019-12-11	not yet calculated	CVE-2013-5978 MISC MISC MISC MISC MISC MISC MISC
wordpress -- wordpress	The quiz-master-next (aka Quiz And Survey Master) plugin before 6.3.5 for WordPress is affected by: Cross Site Scripting (XSS). The impact is: Allows an attacker to execute arbitrary HTML and JavaScript code via the from or till parameter (and/or the quiz_id parameter). The component is: admin/quiz-options-page.php. The attack vector is: When the Administrator is logged in, a reflected XSS may execute upon a click on a malicious URL.	2019-12-13	not yet calculated	CVE-2019-17599 MISC MISC MISC MISC
xen -- xen	An issue was discovered in Xen through 4.12.x allowing x86 guest OS users to cause a denial of service (infinite loop) because certain bit iteration is mishandled. In a number of places bitmaps are being used by the hypervisor to track certain state. Iteration over all bits involves functions which may misbehave in certain corner cases: On x86 accesses to bitmaps with a compile time known size of 64 may incur undefined behavior, which may in particular result in infinite loops. A malicious guest may cause a hypervisor crash or hang, resulting in a Denial of Service (DoS). All versions of Xen are vulnerable. x86 systems with 64 or more nodes are vulnerable (there might not be any such systems that Xen would run on). x86 systems with less than 64 nodes are not vulnerable.	2019-12-11	not yet calculated	CVE-2019-19582 MISC
xen -- xen	An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations, because of an incomplete fix for CVE-2019-18421. XSA-299 addressed several critical issues in restartable PV type change operations. Despite extensive testing and auditing, some corner cases were missed. A malicious PV guest administrator may be able to escalate their privilege to that of the host. All security-supported versions of Xen are vulnerable. Only x86 systems are affected. Arm systems are not affected. Only x86 PV guests can leverage the vulnerability. x86 HVM and PVH guests cannot leverage the vulnerability. Note that these attacks require very precise timing, which may be difficult to exploit in practice.	2019-12-11	not yet calculated	CVE-2019-19580 MISC
xen -- xen	An issue was discovered in Xen through 4.12.x allowing x86 AMD HVM guest OS users to cause a denial of service or possibly gain privileges by triggering data-structure access during pagetable-height updates. When running on AMD systems with an IOMMU, Xen attempted to dynamically adapt the number of levels of pagetables (the pagetable height) in the IOMMU according to the guest's address space size. The code to select and update the height had several bugs. Notably, the update was done without taking a lock which is necessary for safe operation. A malicious guest administrator can cause Xen to access data structures while they are being modified, causing Xen to crash. Privilege escalation is thought to be very difficult but cannot be ruled out. Additionally, there is a potential memory leak of 4kb per guest boot, under memory pressure. Only Xen on AMD CPUs is vulnerable. Xen running on Intel CPUs is not vulnerable. ARM systems are not vulnerable. Only systems where guests are given direct access to physical devices are vulnerable. Systems which do not use PCI pass-through are not vulnerable. Only HVM guests can exploit the vulnerability. PV and PVH guests cannot. All versions of Xen with IOMMU support are vulnerable.	2019-12-11	not yet calculated	CVE-2019-19577 MISC
xen -- xen	An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via degenerate chains of linear pagetables, because of an incorrect fix for CVE-2017-15595. "Linear pagetables" is a technique which involves either pointing a pagetable at itself, or to another pagetable of the same or higher level. Xen has limited support for linear pagetables: A page may either point to itself, or point to another pagetable of the same level (i.e., L2 to L2, L3 to L3, and so on). XSA-240 introduced an additional restriction that limited the "depth" of such chains by allowing pages to either point to other pages of the same level, or be pointed to by other pages of the same level, but not both. To implement this, we keep track of the number of outstanding times a page points to or is pointed to another page table, to prevent both from happening at the same time. Unfortunately, the original commit introducing this reset this count when resuming validation of a partially-validated pagetable, incorrectly dropping some "linear_pt_entry" counts. If an attacker could engineer such a situation to occur, they might be able to make loops or other arbitrary chains of linear pagetables, as described in XSA-240. A malicious or buggy PV guest may cause the hypervisor to crash, resulting in Denial of Service (DoS) affecting the entire host. Privilege escalation and information leaks cannot be excluded. All versions of Xen are vulnerable. Only x86 systems are affected. Arm systems are not affected. Only x86 PV guests can leverage the vulnerability. x86 HVM and PVH guests cannot leverage the vulnerability. Only systems which have enabled linear pagetables are vulnerable. Systems which have disabled linear pagetables, either by selecting CONFIG_PV_LINEAR_PT=n when building the hypervisor, or adding pv-linear-pt=false on the command-line, are not vulnerable.	2019-12-11	not yet calculated	CVE-2019-19578 MISC
xen -- xen	An issue was discovered in Xen through 4.12.x allowing 32-bit Arm guest OS users to cause a denial of service (out-of-bounds access) because certain bit iteration is mishandled. In a number of places bitmaps are being used by the hypervisor to track certain state. Iteration over all bits involves functions which may misbehave in certain corner cases: On 32-bit Arm accesses to bitmaps with bit a count which is a multiple of 32, an out of bounds access may occur. A malicious guest may cause a hypervisor crash or hang, resulting in a Denial of Service (DoS). All versions of Xen are vulnerable. 32-bit Arm systems are vulnerable. 64-bit Arm systems are not vulnerable.	2019-12-11	not yet calculated	CVE-2019-19581 MISC
xen -- xen	An issue was discovered in Xen through 4.12.x allowing x86 HVM/PVH guest OS users to cause a denial of service (guest OS crash) because VMX VMEntry checks mishandle a certain case. Please see XSA-260 for background on the MovSS shadow. Please see XSA-156 for background on the need for #DB interception. The VMX VMEntry checks do not like the exact combination of state which occurs when #DB in intercepted, Single Stepping is active, and blocked by STI/MovSS is active, despite this being a legitimate state to be in. The resulting VMEntry failure is fatal to the guest. HVM/PVH guest userspace code may be able to crash the guest, resulting in a guest Denial of Service. All versions of Xen are affected. Only systems supporting VMX hardware virtual extensions (Intel, Cyrix, or Zhaoxin CPUs) are affected. Arm and AMD systems are unaffected. Only HVM/PVH guests are affected. PV guests cannot leverage the vulnerability.	2019-12-11	not yet calculated	CVE-2019-19583 MISC
yabasic -- yabasic	Yabasic 2.86.2 has a heap-based buffer overflow in myformat in function.c via a crafted BASIC source file.	2019-12-13	not yet calculated	CVE-2019-19796 MISC
yabasic -- yabasic	Yabasic 2.86.1 has a heap-based buffer overflow in the yylex() function in flex.c via a crafted BASIC source file.	2019-12-11	not yet calculated	CVE-2019-19720 MISC MISC
yachtcontrol -- yachtcontrol	Yachtcontrol through 2019-10-06: It's possible to perform direct Operating System commands as an unauthenticated user via the "/pages/systemcall.php?command={COMMAND}" page and parameter, where {COMMAND} will be executed and returning the results to the client. Affects Yachtcontrol webservers disclosed via Dutch GPRS/4G mobile IP-ranges. IP addresses vary due to DHCP client leasing of telco's.	2019-12-10	not yet calculated	CVE-2019-17270 MISC EXPLOIT-DB
yaws -- yaws	yaws before 2.0.4 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.	2019-12-10	not yet calculated	CVE-2016-1000108 MISC CONFIRM MISC MISC
zabbix -- zabbix	Multiple SQL injection vulnerabilities in Zabbix 1.8.x before 1.8.18rc1, 2.0.x before 2.0.9rc1, and 2.1.x before 2.1.7.	2019-12-11	not yet calculated	CVE-2013-5743 CONFIRM CONFIRM CONFIRM CONFIRM
zoho manageengine -- eventlog_analyzer	An issue was discovered in Zoho ManageEngine EventLog Analyzer 10.0 SP1 before Build 12110. By running "select hostdetails from hostdetails" at the /event/runquery.do endpoint, it is possible to bypass the security restrictions that prevent even administrative users from viewing credential data stored in the database, and recover the MD5 hashes of the accounts used to authenticate the ManageEngine platform to the managed machines on the network (most often administrative accounts). Specifically, this bypasses these restrictions: a query cannot mention password, and a query result cannot have a password column.	2019-12-13	not yet calculated	CVE-2019-19774 MISC MISC

This product is provided subject to this Notification and this Privacy & Use policy.

↧

Microsoft Releases Out-of-Band Security Updates

December 18, 2019, 7:38 am

≫ Next: Google Releases Security Updates for Chrome for Windows, Mac, and Linux

≪ Previous: Vulnerability Summary for the Week of December 9, 2019

Original release date: December 18, 2019

Microsoft has released out-of-band security updates to address a vulnerability in SharePoint Server. An attacker could exploit this vulnerability to obtain sensitive information.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft Security Advisory for CVE-2019-1491 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

↧

Google Releases Security Updates for Chrome for Windows, Mac, and Linux

December 18, 2019, 7:49 am

≫ Next: Drupal Releases Security Updates

≪ Previous: Microsoft Releases Out-of-Band Security Updates

Original release date: December 18, 2019

Google has released security updates for Chrome version 79.0.3945.88 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

↧

Drupal Releases Security Updates

December 19, 2019, 7:43 am

≫ Next: Vulnerability Summary for the Week of December 16, 2019

≪ Previous: Google Releases Security Updates for Chrome for Windows, Mac, and Linux

Original release date: December 19, 2019

Drupal has released security updates to address vulnerabilities in Drupal 7.x, 8.7.x, and 8.8.x. An attacker could exploit some of these vulnerabilities to modify data on an affected website.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Drupal Security Advisories and apply the necessary updates:

• SA-CORE-2019-012
• SA-CORE-2019-011
• SA-CORE-2019-010
• SA-CORE-2019-009

This product is provided subject to this Notification and this Privacy & Use policy.

↧

Vulnerability Summary for the Week of December 16, 2019

December 23, 2019, 3:26 am

≫ Next: Vulnerability Summary for the Week of December 23, 2019

≪ Previous: Drupal Releases Security Updates

Original release date: December 23, 2019

High Vulnerabilities

Primary Vendor -- Product	Description	Published	CVSS Score	Source & Patch Info
advantech -- diaganywhere_server	In Advantech DiagAnywhere Server, Versions 3.07.11 and prior, multiple stack-based buffer overflow vulnerabilities exist in the file transfer service listening on the TCP port. Successful exploitation could allow an unauthenticated attacker to execute arbitrary code with the privileges of the user running DiagAnywhere Server.	2019-12-17	7.5	CVE-2019-18257 MISC
apple -- icloud_for_windows	A race condition existed during the installation of iTunes for Windows. This was addressed with improved state handling. This issue is fixed in iCloud for Windows 7.11. Running the iTunes installer in an untrusted directory may result in arbitrary code execution.	2019-12-18	7.6	CVE-2019-6232 MISC
apple -- icloud_for_windows	A race condition existed during the installation of iCloud for Windows. This was addressed with improved state handling. This issue is fixed in iCloud for Windows 7.11. Running the iCloud installer in an untrusted directory may result in arbitrary code execution.	2019-12-18	7.6	CVE-2019-6236 MISC
apple -- macos_catalina	A validation issue was addressed with improved logic. This issue is fixed in macOS Catalina 10.15.1. A malicious application may be able to gain root privileges.	2019-12-18	9.3	CVE-2019-8802 MISC
apple -- macos_catalina	A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15. An application may be able to execute arbitrary code with kernel privileges.	2019-12-18	7.2	CVE-2019-8748 MISC
apple -- macos_catalina	A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15. An application may be able to execute arbitrary code with kernel privileges.	2019-12-18	9.3	CVE-2019-8781 MISC
apple -- macos_catalina	A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15. An application may be able to execute arbitrary code with system privileges.	2019-12-18	7.2	CVE-2019-8758 MISC
apple -- macos_catalina	A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1. An application may be able to execute arbitrary code with system privileges.	2019-12-18	9.3	CVE-2019-8807 MISC
apple -- macos_catalina_and_tvos	A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15, tvOS 13. An application may be able to execute arbitrary code with kernel privileges.	2019-12-18	7.2	CVE-2019-8717 MISC
apple -- macos_mojave	A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6. An application may be able to execute arbitrary code with kernel privileges.	2019-12-18	9.3	CVE-2019-8694 MISC
apple -- macos_mojave	A logic issue was addressed with improved restrictions. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with kernel privileges.	2019-12-18	9.3	CVE-2019-8590 MISC
apple -- macos_mojave	A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6. An application may be able to execute arbitrary code with system privileges.	2019-12-18	9.3	CVE-2019-8695 MISC
apple -- macos_mojave	This issue was addressed with improved checks. This issue is fixed in macOS Mojave 10.14.4. A local user may be able to execute arbitrary shell commands.	2019-12-18	7.2	CVE-2019-8513 MISC
apple -- macos_mojave	A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with system privileges.	2019-12-18	9.3	CVE-2019-8629 MISC
apple -- macos_mojave	A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with system privileges.	2019-12-18	7.2	CVE-2019-8635 MISC
apple -- macos_mojave	A use after free issue was addressed with improved memory management. This issue is fixed in macOS Mojave 10.14.6. A remote attacker may be able to cause arbitrary code execution.	2019-12-18	7.5	CVE-2019-8661 MISC
apple -- macos_mojave	A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6. An application may be able to execute arbitrary code with system privileges.	2019-12-18	7.2	CVE-2019-8697 MISC
apple -- macos_mojave	A buffer overflow was addressed with improved size validation. This issue is fixed in macOS Mojave 10.14.4. A malicious application may be able to execute arbitrary code with kernel privileges.	2019-12-18	9.3	CVE-2019-8555 MISC
apple -- macos_mojave	A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with system privileges.	2019-12-18	7.2	CVE-2019-8616 MISC
apple -- macos_mojave	A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with system privileges.	2019-12-18	7.2	CVE-2019-8604 MISC
apple -- macos_mojave	A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Mojave 10.14.4. Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges.	2019-12-18	7.2	CVE-2019-8508 MISC
apple -- macos_mojave	A race condition was addressed with additional validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A malicious application may be able to gain root privileges.	2019-12-18	7.6	CVE-2019-8565 MISC MISC
apple -- macos_mojave	A use after free issue was addressed with improved memory management. This issue is fixed in macOS Mojave 10.14.4. An application may be able to gain elevated privileges.	2019-12-18	7.2	CVE-2019-8526 MISC
apple -- multiple_products	A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A maliciously crafted SQL query may lead to arbitrary code execution.	2019-12-18	7.5	CVE-2019-8600 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. An application may be able to cause unexpected system termination or write kernel memory.	2019-12-18	8.8	CVE-2019-8591 MISC MISC MISC MISC
apple -- multiple_products	A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. An application may be able to execute arbitrary code with system privileges.	2019-12-18	9.3	CVE-2019-8593 MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	9.3	CVE-2019-8814 MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	9.3	CVE-2019-8676 MISC MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	9.3	CVE-2019-8815 MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	9.3	CVE-2019-8688 MISC MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	9.3	CVE-2019-8669 MISC MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	9.3	CVE-2019-8684 MISC MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	9.3	CVE-2019-8689 MISC MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	9.3	CVE-2019-8816 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. A remote attacker may be able to cause arbitrary code execution.	2019-12-18	7.5	CVE-2019-8613 MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	9.3	CVE-2019-8685 MISC MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. An application may be able to execute arbitrary code with system privileges.	2019-12-18	9.3	CVE-2019-8574 MISC MISC MISC MISC
apple -- multiple_products	A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. A remote attacker may be able to cause arbitrary code execution.	2019-12-18	7.5	CVE-2019-8648 MISC MISC MISC MISC
apple -- multiple_products	A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A malicious application may be able to execute arbitrary code with system privileges.	2019-12-18	9.3	CVE-2019-8605 MISC MISC MISC MISC
apple -- multiple_products	A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.4, tvOS 12.4, watchOS 5.3. A remote attacker may be able to cause arbitrary code execution.	2019-12-18	7.5	CVE-2019-8647 MISC MISC MISC
apple -- multiple_products	An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.	2019-12-18	7.5	CVE-2019-8641 MISC MISC MISC MISC
apple -- multiple_products	This issue was addressed with improved checks. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. An attacker may be able to trigger a use-after-free in an application deserializing an untrusted NSDictionary.	2019-12-18	7.5	CVE-2019-8662 MISC MISC MISC MISC
apple -- multiple_products	An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. A malicious application may be able to gain root privileges.	2019-12-18	9.3	CVE-2019-8637 MISC MISC MISC
apple -- multiple_products	A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.	2019-12-18	7.5	CVE-2019-8660 MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	9.3	CVE-2019-8672 MISC MISC MISC MISC MISC MISC MISC MISC
apple -- watchos	A memory corruption vulnerability was addressed with improved locking. This issue is fixed in watchOS 6.1. An application may be able to execute arbitrary code with kernel privileges.	2019-12-18	9.3	CVE-2019-8747 MISC
apple -- watchos_and_icloud_for_windows	Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Multiple issues in libxslt.	2019-12-18	7.5	CVE-2019-8750 MISC MISC
apple -- xcode	Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege.	2019-12-18	9.3	CVE-2019-8723 MISC
apple -- xcode	Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege.	2019-12-18	9.3	CVE-2019-8724 MISC
elog -- elog	ELOG 3.1.4-57bea22 and below can be used as an HTTP GET request proxy when unauthenticated remote attackers send crafted HTTP POST requests.	2019-12-17	7.5	CVE-2019-3996 MISC
envoy_proxy -- envoy	An issue was discovered in Envoy 1.12.0. An untrusted remote client may send an HTTP header (such as Host) with whitespace after the header content. Envoy will treat "header-value " as a different string from "header-value" so for example with the Host header "example.com " one could bypass "example.com" matchers.	2019-12-13	7.5	CVE-2019-18802 MISC MISC MISC MISC
envoy_proxy -- envoy	An issue was discovered in Envoy 1.12.0. An untrusted remote client may send HTTP/2 requests that write to the heap outside of the request buffers when the upstream is HTTP/1. This may be used to corrupt nearby heap contents (leading to a query-of-death scenario) or may be used to bypass Envoy's access control mechanisms such as path based routing. An attacker can also modify requests from other users that happen to be proximal temporally and spatially.	2019-12-13	7.5	CVE-2019-18801 MISC MISC MISC CONFIRM MISC
fontforge -- libspiro	Libspiro through 20190731 has a stack-based buffer overflow in the spiro_to_bpath0() function in spiro.c.	2019-12-17	7.5	CVE-2019-19847 MISC
google -- tensorflow	In TensorFlow before 1.15, a heap buffer overflow in UnsortedSegmentSum can be produced when the Index template argument is int32. In this case data_size and num_segments fields are truncated from int64 to int32 and can produce negative numbers, resulting in accessing out of bounds heap memory. This is unlikely to be exploitable and was detected and fixed internally in TensorFlow 1.15 and 2.0.	2019-12-16	7.5	CVE-2019-16778 MISC MISC CONFIRM
joomla -- joomla!	class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-2019-19576.	2019-12-17	7.5	CVE-2019-19634 MISC MISC MISC
joomla -- joomla!	In Joomla! before 3.9.14, the lack of validation of configuration parameters used in SQL queries caused various SQL injection vectors.	2019-12-18	7.5	CVE-2019-19846 MISC
labf -- aceaxe_plus	The FTP client in AceaXe Plus 1.0 allows a buffer overflow via a long EHLO response from an FTP server.	2019-12-13	10	CVE-2019-19782 MISC MISC
linux -- linux_kernel	In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause a NULL pointer dereference in f2fs_recover_fsync_data in fs/f2fs/recovery.c. This is related to F2FS_P_SB in fs/f2fs/f2fs.h.	2019-12-17	7.1	CVE-2019-19815 MISC MISC
linux -- linux_kernel	In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.	2019-12-17	9.3	CVE-2019-19814 MISC
linux -- linux_kernel	In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image and performing some operations can cause slab-out-of-bounds write access in __btrfs_map_block in fs/btrfs/volumes.c, because a value of 1 for the number of data stripes is mishandled.	2019-12-17	9.3	CVE-2019-19816 MISC
linux -- linux_kernel	In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. This is related to mutex_can_spin_on_owner in kernel/locking/mutex.c, __btrfs_qgroup_free_meta in fs/btrfs/qgroup.c, and btrfs_insert_delayed_items in fs/btrfs/delayed-inode.c.	2019-12-17	9.3	CVE-2019-19813 MISC
petwant_and_skymee -- pf-103_and_petalk_ai	The processCommandSetMac() function of libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user.	2019-12-13	10	CVE-2019-16737 MISC
petwant_and_skymee -- pf-103_and_petalk_ai	processCommandSetUid() in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user.	2019-12-13	10	CVE-2019-16733 MISC
petwant_and_skymee -- pf-103_and_petalk_ai	Unencrypted HTTP communications for firmware upgrades in Petalk AI and PF-103 allow man-in-the-middle attackers to run arbitrary code as the root user.	2019-12-13	9.3	CVE-2019-16732 MISC
petwant_and_skymee -- pf-103_and_petalk_ai	A stack-based buffer overflow in processCommandUploadLog in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to cause denial of service or run arbitrary code as the root user.	2019-12-13	10	CVE-2019-16735 MISC
petwant_and_skymee -- pf-103_and_petalk_ai	processCommandUpgrade() in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user.	2019-12-13	10	CVE-2019-16730 MISC MISC
petwant_and_skymee -- pf-103_and_petalk_ai	The processCommandUploadLog() function of libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user.	2019-12-13	10	CVE-2019-17364 MISC
petwant_and_skymee -- pf-103_and_petalk_ai	A stack-based buffer overflow in processCommandUploadSnapshot in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to cause denial of service or run arbitrary code as the root user.	2019-12-13	10	CVE-2019-16736 MISC
petwant_and_skymee -- pf-103_and_petalk_ai	Use of default credentials for the TELNET server in Petwant PF-103 firmware 4.3.2.50 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user.	2019-12-13	10	CVE-2019-16734 MISC
puppet -- mcollective	mcollective has a default password set at install	2019-12-13	7.5	CVE-2014-0175 MISC MISC MISC
python-requests-kerberos -- python-requests-kerberos	python-requests-Kerberos through 0.5 does not handle mutual authentication	2019-12-15	7.5	CVE-2014-8650 MISC MISC MISC MISC
qualcomm -- multiple_snapdragon_products	Out of boundary access is possible as there is no validation of data accessed against the received size of the packet in case of malicious firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS405, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130	2019-12-18	7.5	CVE-2019-10614 CONFIRM
qualcomm -- multiple_snapdragon_products	Buffer overwrite can occur in IEEE80211 header filling function due to lack of range check of array index received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, IPQ8074, MDM9607, MDM9650, MSM8909, MSM8939, QCN7605, SDA660, SDM630, SDM636, SDM660, SDX20, SDX24	2019-12-18	7.2	CVE-2019-10605 CONFIRM
qualcomm -- multiple_snapdragon_products	Integer overflow to buffer overflow due to lack of validation of event arguments received from firmware. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, MDM9607, MSM8917, MSM8920, MSM8937, MSM8940, QCN7605, QCS405, QCS605, SDA845, SDM660, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130	2019-12-18	7.2	CVE-2019-2304 CONFIRM
qualcomm -- multiple_snapdragon_products	Out of bound access can occur while processing firmware event due to lack of validation of WMI message received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MSM8996AU, Nicobar, QCA6574AU, QCN7605, QCS405, SDM630, SDM636, SDM660, SDM845, SM6150, SM7150, SM8150	2019-12-18	7.2	CVE-2019-10601 CONFIRM
qualcomm -- multiple_snapdragon_products	When a fake broadcast/multicast 11w rmf without mmie received, since no proper length check in wma_process_bip, buffer overflow will happen in both cds_is_mmie_valid and qdf_nbuf_trim_tail in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8937, MSM8996AU, MSM8998, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS605, SDM630, SDM636, SDM660, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130	2019-12-18	7.2	CVE-2018-11980 CONFIRM
qualcomm -- multiple_snapdragon_products	Out of bound write can happen in WMI firmware event handler due to lack of validation of data received from WLAN firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCA9980, QCN7605, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130	2019-12-18	7.2	CVE-2019-10480 CONFIRM
qualcomm -- multiple_snapdragon_products	Device memory may get corrupted because of buffer overflow/underflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8016, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SM6150, SM7150, SXR1130	2019-12-18	10	CVE-2019-2242 CONFIRM
qualcomm -- multiple_snapdragon_products	Improper Access Control for RPU write access from secure processor in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8017, APQ8053, APQ8098, IPQ8074, MDM9150, MDM9650, MDM9655, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998, Nicobar, QCA8081, QCN7605, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX55, SM6150, SM7150, SM8150, SXR1130	2019-12-18	7.2	CVE-2019-2274 CONFIRM
qualcomm -- multiple_snapdragon_products	Out of bounds memcpy can occur by providing the embedded NULL character string and length greater than the actual string length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8996, MSM8996AU, QCA4531, QCA8081, QCA9531, QCA9558, QCA9886, QCA9980, QCN7605, QCS605, SDA660, SDX20, SDX24, SDX55, SM8150, SXR1130	2019-12-18	7.2	CVE-2019-10607 CONFIRM
qualcomm -- multiple_snapdragon_products	Out of bound access can occur while processing peer info in IBSS connection mode due to lack of upper bounds check to ensure that for loop further will not cause an overflow in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8096AU, MDM9607, MSM8996AU, QCA6574AU, QCN7605, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130	2019-12-18	7.2	CVE-2019-10598 CONFIRM
qualcomm -- multiple_snapdragon_products	Possible buffer overwrite in message handler due to lack of validation of tid value calculated from packets received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8064, APQ8096AU, IPQ4019, IPQ8064, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909, MSM8909W, MSM8939, MSM8996AU, QCA4531, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCA9558, QCA9880, QCA9886, QCA9980, SDA660, SDM630, SDM636, SDM660, SDX20, SDX24	2019-12-18	7.2	CVE-2019-10595 CONFIRM
qualcomm -- multiple_snapdragon_products	Use of local variable as argument to netlink CB callback goes out of it scope when callback triggered lead to invalid stack memory in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCA8081, QCS405, QCS605, QM215, SA6155P, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130	2019-12-18	7.2	CVE-2019-10600 CONFIRM
red_hat -- edeploy	eDeploy has tmp file race condition flaws	2019-12-15	9.3	CVE-2014-3701 REDHAT MISC MISC
red_hat -- edeploy	eDeploy has RCE via cPickle deserialization of untrusted data	2019-12-15	7.5	CVE-2014-3699 REDHAT MISC MISC
xfig -- fig2dev	read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write.	2019-12-15	7.5	CVE-2019-19797 MISC

Medium Vulnerabilities

Primary Vendor -- Product	Description	Published	CVSS Score	Source & Patch Info
apache -- incubator_superset	In Apache Incubator Superset before 0.31 user could query database metadata information from a database he has no access to, by using a specially crafted complex query.	2019-12-16	5	CVE-2019-12413 MISC
apache -- incubator_superset	In Apache Incubator Superset before 0.32, a user can view database names that he has no access to on a dropdown list in SQLLab	2019-12-16	5	CVE-2019-12414 MISC
apple -- ios	A logic issue was addressed with improved state management. This issue is fixed in iOS 13. Visiting a malicious website may lead to address bar spoofing.	2019-12-18	4.3	CVE-2019-8727 MISC
apple -- ios	A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in iOS 12.2. A device may be passively tracked by its WiFi MAC address.	2019-12-18	5	CVE-2019-8567 MISC
apple -- ios	A permissions issue existed in which execute permission was incorrectly granted. This issue was addressed with improved permission validation. This issue is fixed in iOS 13. Processing a maliciously crafted file may disclose user information.	2019-12-18	4.3	CVE-2019-8731 MISC
apple -- ios	A logic issue existed with the display of notification previews. This issue was addressed with improved validation. This issue is fixed in iOS 13. Notification previews may show on Bluetooth accessories even when previews are disabled.	2019-12-18	5	CVE-2019-8711 MISC
apple -- ios	An access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 12.3. A sandboxed process may be able to circumvent sandbox restrictions.	2019-12-18	6.8	CVE-2019-8617 MISC
apple -- ios	A permissions issue existed in the handling of motion and orientation data. This issue was addressed with improved restrictions. This issue is fixed in iOS 12.2. A website may be able to access sensor information without user consent.	2019-12-18	4.3	CVE-2019-8554 MISC
apple -- ios_and_macos_mojave	This issue was addressed with improved checks. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6. A remote attacker may be able to leak memory.	2019-12-18	5	CVE-2019-8663 MISC MISC
apple -- ios_and_safari	A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13. Processing maliciously crafted web content may lead to universal cross site scripting.	2019-12-18	4.3	CVE-2019-8674 MISC MISC
apple -- ios_and_tvos	A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue is fixed in iOS 12.4, tvOS 12.4. A malicious application may be able to restrict access to websites.	2019-12-18	4.3	CVE-2019-8698 MISC MISC
apple -- ios_and_watchos	A denial of service issue was addressed with improved validation. This issue is fixed in iOS 12.4, watchOS 5.3. A remote attacker may cause an unexpected application termination.	2019-12-18	5	CVE-2019-8665 MISC MISC
apple -- ios_and_watchos	An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, watchOS 5.2.1. Processing a maliciously crafted message may lead to a denial of service.	2019-12-18	4.3	CVE-2019-8626 MISC MISC
apple -- macos_catalina	"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items.	2019-12-18	5	CVE-2019-8768 MISC
apple -- macos_catalina	The issue was addressed with improved permissions logic. This issue is fixed in macOS Catalina 10.15. A malicious application may be able to access recent documents.	2019-12-18	4.3	CVE-2019-8770 MISC
apple -- macos_catalina	An issue existed in the handling of links in encrypted PDFs. This issue was addressed by adding a confirmation prompt. This issue is fixed in macOS Catalina 10.15. An attacker may be able to exfiltrate the contents of an encrypted PDF.	2019-12-18	5	CVE-2019-8772 MISC
apple -- macos_catalina_and_tvos	A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15, tvOS 13. Processing a maliciously crafted movie may result in the disclosure of process memory.	2019-12-18	4.3	CVE-2019-8705 MISC
apple -- macos_mojave	An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.6. The encryption status of a Time Machine backup may be incorrect.	2019-12-18	5	CVE-2019-8667 MISC
apple -- macos_mojave	This issue was addressed with improved handling of file metadata. This issue is fixed in macOS Mojave 10.14.4. A malicious application may bypass Gatekeeper checks.	2019-12-18	4.6	CVE-2019-6239 MISC MISC
apple -- macos_mojave	A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.5. An application may be able to read restricted memory.	2019-12-18	6.8	CVE-2019-8603 MISC
apple -- macos_mojave	An authentication issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.5. A user may be unexpectedly logged in to another user?s account.	2019-12-18	6.5	CVE-2019-8634 MISC
apple -- macos_mojave	A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.4. A malicious application may be able to elevate privileges.	2019-12-18	6.8	CVE-2019-8561 MISC
apple -- macos_mojave	A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.6. An application may be able to read restricted memory.	2019-12-18	4.3	CVE-2019-8693 MISC
apple -- macos_mojave	This issue was addressed with improved checks. This issue is fixed in macOS Mojave 10.14.5. A malicious application may bypass Gatekeeper checks.	2019-12-18	4.3	CVE-2019-8589 MISC
apple -- macos_mojave_and_safari	An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.6, Safari 12.1.2. Visiting a malicious website may lead to address bar spoofing.	2019-12-18	4.3	CVE-2019-8670 MISC MISC
apple -- multiple_products	A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting.	2019-12-18	4.3	CVE-2019-8690 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. A remote attacker may be able to leak memory.	2019-12-18	5	CVE-2019-8787 MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8822 MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8821 MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8820 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8819 MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8812 MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8678 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A local user may be able to cause unexpected system termination or read kernel memory.	2019-12-18	6.6	CVE-2019-8576 MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.1 and iPadOS 13.1, tvOS 13, Safari 13.0.1, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8763 MISC MISC MISC
apple -- multiple_products	A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting.	2019-12-18	4.3	CVE-2019-8625 MISC MISC MISC
apple -- multiple_products	An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A malicious application may be able to read restricted memory.	2019-12-18	4.3	CVE-2019-8598 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	4.3	CVE-2019-8597 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	A logic issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting.	2019-12-18	4.3	CVE-2019-8658 MISC MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8735 MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8595 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8596 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8563 MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8686 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting.	2019-12-18	4.3	CVE-2019-8649 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8811 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. A remote attacker may be able to leak memory.	2019-12-18	5	CVE-2019-8646 MISC MISC MISC MISC
apple -- multiple_products	A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. A device may be passively tracked by its WiFi MAC address.	2019-12-18	5	CVE-2019-8620 MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8609 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8594 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8687 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A malicious application may be able to read restricted memory.	2019-12-18	4.3	CVE-2019-8560 MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8823 MISC MISC MISC MISC MISC MISC
apple -- multiple_products	An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. Parsing a maliciously crafted office document may lead to an unexpected application termination or arbitrary code execution.	2019-12-18	6.8	CVE-2019-8657 MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8586 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	4.3	CVE-2019-8615 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8584 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8673 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows. A sandboxed process may be able to circumvent sandbox restrictions.	2019-12-18	6.8	CVE-2019-8562 MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8608 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8559 MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8558 MISC MISC MISC MISC MISC MISC
apple -- multiple_products	A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8556 MISC MISC MISC MISC MISC
apple -- multiple_products	A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2. Clicking a malicious SMS link may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8553 MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8571 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to universal cross site scripting.	2019-12-18	4.3	CVE-2019-8813 MISC MISC MISC MISC MISC
apple -- multiple_products	A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting.	2019-12-18	4.3	CVE-2019-8719 MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8601 MISC MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8622 MISC MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8681 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8623 MISC MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8677 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8611 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	An input validation issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. An application may be able to gain elevated privileges.	2019-12-18	6.8	CVE-2019-8577 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8683 MISC MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8610 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8680 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8628 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8644 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. Processing a maliciously crafted movie file may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8585 MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8671 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8679 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8666 MISC MISC MISC MISC MISC MISC MISC
apple -- safari	An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 13.0.1. Visiting a malicious website may lead to user interface spoofing.	2019-12-18	4.3	CVE-2019-8654 MISC
apple -- safari	The issue was addressed with improved handling of service worker lifetime. This issue is fixed in Safari 13.0.1. Service workers may leak private browsing history.	2019-12-18	5	CVE-2019-8725 MISC
apple -- watchos	This issue was addressed with improved checks. This issue is fixed in watchOS 5.3. Users removed from an iMessage conversation may still be able to alter state.	2019-12-18	5	CVE-2019-8659 MISC
apple -- watchos	An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 5.3. A remote attacker may be able to leak memory.	2019-12-18	5	CVE-2019-8624 MISC
apple -- watchos	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8765 MISC
apple -- watchos	A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to universal cross site scripting.	2019-12-18	4.3	CVE-2019-8764 MISC
apple -- watchos	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8743 MISC
apple -- watchos_and_icloud_for_windows	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	6.8	CVE-2019-8766 MISC MISC
atlassian -- jira	The WorkflowResource class removeStatus method in Jira before version 7.13.12, from version 8.0.0 before version 8.4.3, and from version 8.5.0 before version 8.5.2 allows authenticated remote attackers who do not have project administration access to remove a configured issue status from a project via a missing authorisation check.	2019-12-18	4	CVE-2019-15013 MISC
atlassian -- multiple_products	An issue was discovered in the SAML Single Sign On (SSO) plugin for several Atlassian products affecting versions 3.1.0 through 3.2.2 for Jira and Confluence, versions 2.4.0 through 3.0.3 for Bitbucket, and versions 2.4.0 through 2.5.2 for Bamboo. It allows locally disabled users to reactivate their accounts just by browsing the affected Jira/Confluence/Bitbucket/Bamboo instance, even when the applicable configuration option of the plugin has been disabled ("Reactivate inactive users"). Exploiting this vulnerability requires an attacker to be authorized by the identity provider and requires that the plugin's configuration option "User Update Method" have the "Update from SAML Attributes" value.	2019-12-13	6	CVE-2019-13347 MISC MISC
centos-webpanel -- centos_web_panel	CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.864 allows an attacker to get a victim's session file name from /home/[USERNAME]/tmp/session/sess_xxxxxx, and the victim's token value from /usr/local/cwpsrv/logs/access_log, then use them to gain access to the victim's password (for the OS and phpMyAdmin) via an attacker account. This is different from CVE-2019-14782.	2019-12-17	4	CVE-2019-15235 MISC MISC
centos-webpanel -- centos_web_panel	CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.856 through 0.9.8.864 allows an attacker to get a victim's session file name from the /tmp directory, and the victim's token value from /usr/local/cwpsrv/logs/access_log, then use them to make a request to extract the victim's password (for the OS and phpMyAdmin) via an attacker account.	2019-12-17	4	CVE-2019-14782 MISC MISC
contao -- contao	Contao 4.8.4 and 4.8.5 has Improper Encoding or Escaping of Output. It is possible to inject insert tags into the login module which will be replaced when the page is rendered.	2019-12-17	5	CVE-2019-19714 MISC CONFIRM
contao -- contao	Contao 4.0 through 4.8.5 allows PHP local file inclusion. A back end user with access to the form generator can upload arbitrary files and execute them on the server.	2019-12-17	6.5	CVE-2019-19745 MISC CONFIRM
coredns -- coredns	The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries.	2019-12-13	4.3	CVE-2019-19794 MISC CONFIRM MISC MISC MISC
docker -- docker_engine_and_cs_docker_engine	Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 does not properly validate and extract the manifest object from its JSON representation during a pull, which allows attackers to inject new attributes in a JSON object and bypass pull-by-digest validation.	2019-12-17	5	CVE-2014-8179 MISC MISC MISC MISC MISC CONFIRM
dovecot -- dovecot	In Dovecot before 2.3.9.2, an attacker can crash a push-notification driver with a crafted email when push notifications are used, because of a NULL Pointer Dereference. The email must use a group address as either the sender or the recipient.	2019-12-13	5	CVE-2019-19722 CONFIRM CONFIRM CONFIRM CONFIRM
duplicity -- duplicity	duplicity 0.6.24 has improper verification of SSL certificates	2019-12-13	5	CVE-2014-3495 MISC MISC MISC MISC
elog -- elog	ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can recover a user's password hash by sending a crafted HTTP POST request.	2019-12-17	5	CVE-2019-3993 MISC
elog -- elog	ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a use after free. A remote unauthenticated attacker can crash the ELOG server by sending multiple HTTP POST requests which causes the ELOG function retrieve_url() to use a freed variable.	2019-12-17	5	CVE-2019-3994 MISC
elog -- elog	ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a NULL pointer dereference. A remote unauthenticated attacker can crash the ELOG server by sending a crafted HTTP GET request.	2019-12-17	5	CVE-2019-3995 MISC
elog-- elog	ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can access the server's configuration file by sending an HTTP GET request. Amongst the configuration data, the attacker may gain access to valid admin usernames and, in older versions of ELOG, passwords.	2019-12-17	5	CVE-2019-3992 MISC
envoy_proxy -- envoy	An issue was discovered in Envoy 1.12.0. Upon receipt of a malformed HTTP request without a Host header, it sends an internally generated "Invalid request" response. This internally generated response is dispatched through the configured encoder filter chain before being sent to the client. An encoder filter that invokes route manager APIs that access a request's Host header causes a NULL pointer dereference, resulting in abnormal termination of the Envoy process.	2019-12-13	5	CVE-2019-18838 MISC MISC CONFIRM MISC
huawei -- campusinsight	There is an out-of-bounds read vulnerability in the Advanced Packages feature of the Gauss100 OLTP database in CampusInsight before V100R019C00SPC200. Attackers who gain the specific permission can use this vulnerability by sending elaborate SQL statements to the database. Successful exploit of this vulnerability may cause the database to crash.	2019-12-13	4	CVE-2019-5278 MISC
huawei -- cloudengine	CloudEngine 12800 has a DoS vulnerability. An attacker of a neighboring device sends a large number of specific packets. As a result, a memory leak occurs after the device uses the specific packet. As a result, the attacker can exploit this vulnerability to cause DoS attacks on the target device.	2019-12-13	6.1	CVE-2019-5248 MISC
huawei -- cloudusm-eua_product	Huawei CloudUSM-EUA V600R006C10;V600R019C00 have an information leak vulnerability. Due to improper configuration, the attacker may cause information leak by successful exploitation.	2019-12-13	5	CVE-2019-5277 MISC
huawei -- mate_20_pro_smartphones	Mate 20 Pro smartphones with versions earlier than 9.1.0.135(C00E133R3P1) have an improper authorization vulnerability. The software does not properly restrict certain operation of certain privilege, the attacker could trick the user into installing a malicious application before the user turns on student mode function. Successful exploit could allow the attacker to bypass the limit of student mode function.	2019-12-13	6.8	CVE-2019-5250 MISC
huawei -- multiple_products	There is a weak algorithm vulnerability in some Huawei products. The affected products use weak algorithms by default. Attackers may exploit the vulnerability to cause information leaks.	2019-12-13	5	CVE-2019-19397 MISC
huawei -- multiple_products	Some Huawei products have an insufficient verification of data authenticity vulnerability. A remote, unauthenticated attacker has to intercept specific packets between two devices, modify the packets, and send the modified packets to the peer device. Due to insufficient verification of some fields in the packets, an attacker may exploit the vulnerability to cause the target device to be abnormal.	2019-12-13	4.3	CVE-2019-5291 MISC
huawei -- multiple_products	Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal.	2019-12-13	5	CVE-2019-5254 MISC
huawei -- multiple_smartphones	There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure.	2019-12-13	4.3	CVE-2019-5251 MISC
huawei -- s5700_and_s6700_devices	Huawei S5700 and S6700 have a DoS security vulnerability. Attackers with certain permissions perform specific operations on affected devices. Because the pointer in the program is not processed properly, the vulnerability can be exploited to cause the device to be abnormal.	2019-12-13	4	CVE-2019-5290 MISC
huawei -- y9_2019_and_honor_view_20_smartphones	Huawei smartphones HUAWEI Y9 2019 and Honor View 20 have a denial of service vulnerability. Due to insufficient input validation of specific value when parsing the messages, an attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices to exploit this vulnerability. Successful exploit may cause an infinite loop and the device to reboot.	2019-12-13	6.1	CVE-2019-5260 MISC
ibm -- api_connect	IBM API Connect 2018.4.1.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 168510.	2019-12-18	5	CVE-2019-4609 XF CONFIRM
ibm -- financial_transaction_manager	IBM Financial Transaction Manager 3.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 172882.	2019-12-20	4.3	CVE-2019-4744 XF CONFIRM
ibm -- financial_transaction_manager	IBM Financial Transaction Manager 3.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 172880.	2019-12-20	4.3	CVE-2019-4743 XF CONFIRM
ibm -- mq_and_mq_appliance	IBM MQ and IBM MQ Appliance 9.1 CD, 9.1 LTS, 9.0 LTS, and 8.0 is vulnerable to a denial of service attack caused by channels processing poorly formatted messages. IBM X-Force ID: 166357.	2019-12-16	4	CVE-2019-4560 XF CONFIRM
imagemagick -- imagemagick	imagemagick 6.8.9.6 has remote DOS via infinite loop	2019-12-15	4.3	CVE-2014-8561 MISC MISC MISC MISC MISC
intel -- control_center-i	Unquoted service path in Control Center-I version 2.1.0.0 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access.	2019-12-16	4.6	CVE-2019-14599 MISC
jenkins -- jenkins	A missing permission check in Jenkins Alauda DevOps Pipeline Plugin 2.3.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.	2019-12-17	4	CVE-2019-16574 MLIST CONFIRM
jenkins -- jenkins	A cross-site request forgery vulnerability in Jenkins Team Concert Plugin 1.3.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.	2019-12-17	6.8	CVE-2019-16565 MLIST CONFIRM
jenkins -- jenkins	A missing permission check in Jenkins Team Concert Plugin 1.3.0 and earlier in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins.	2019-12-17	4	CVE-2019-16567 MLIST CONFIRM
jenkins -- jenkins	A missing permission check in Jenkins RapidDeploy Plugin 4.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server.	2019-12-17	4	CVE-2019-16571 MLIST CONFIRM
jenkins -- jenkins	Jenkins WebSphere Deployer Plugin 1.6.1 and earlier allows users with Overall/Read access to disable SSL/TLS certificate and hostname validation for the entire Jenkins master JVM.	2019-12-17	5.5	CVE-2019-16561 MLIST CONFIRM
jenkins -- jenkins	A cross-site request forgery vulnerability in Jenkins Alauda DevOps Pipeline Plugin 2.3.2 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.	2019-12-17	6.8	CVE-2019-16573 MLIST CONFIRM
jenkins -- jenkins	Jenkins SCTMExecutor Plugin 2.2 and earlier transmits previously configured service credentials in plain text as part of the global configuration, as well as individual jobs' configurations.	2019-12-17	5	CVE-2019-16568 MLIST CONFIRM
jenkins -- jenkins	A cross-site request forgery vulnerability in Jenkins Mantis Plugin 0.26 and earlier allows attackers to connect to an attacker-specified web server using attacker-specified credentials.	2019-12-17	4.3	CVE-2019-16569 MLIST CONFIRM
jenkins -- jenkins	A missing permission check in Jenkins Alauda Kubernetes Suport Plugin 2.3.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing the Kubernetes service account token or credentials stored in Jenkins.	2019-12-17	4	CVE-2019-16576 MLIST CONFIRM
jenkins -- jenkins	A cross-site request forgery vulnerability in Jenkins Alauda Kubernetes Suport Plugin 2.3.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing the Kubernetes service account token or credentials stored in Jenkins.	2019-12-17	6.8	CVE-2019-16575 MLIST CONFIRM
jenkins -- jenkins	A missing permission check in Jenkins Team Concert Plugin 1.3.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.	2019-12-17	4	CVE-2019-16566 MLIST CONFIRM
jenkins -- jenkins	A cross-site request forgery vulnerability in Jenkins RapidDeploy Plugin 4.1 and earlier allows attackers to connect to an attacker-specified web server.	2019-12-17	6.8	CVE-2019-16570 MLIST CONFIRM
jersey -- jersey	jersey: XXE via parameter entities not disabled by the jersey SAX parser	2019-12-15	5	CVE-2014-3643 REDHAT MISC
joomla -- joomla!	In Joomla! before 3.9.14, a missing access check in framework files could lead to a path disclosure.	2019-12-18	5	CVE-2019-19845 MISC
knot-resolver -- knot-resolver	knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for each such uncached message. For example, a few thousand A records can be squashed into one DNS message (limit is 64kB).	2019-12-16	5	CVE-2019-19331 CONFIRM MISC
libsixel_project -- libsixel	stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has a heap-based buffer over-read in stbi__load_main.	2019-12-13	6.8	CVE-2019-19777 MISC
libsixel_project -- libsixel	An issue was discovered in libsixel 1.8.2. There is a heap-based buffer over-read in the function load_sixel at loader.c.	2019-12-13	6.8	CVE-2019-19778 MISC
linux -- linux_kernel	In the Linux kernel before 5.3.11, sound/core/timer.c has a use-after-free caused by erroneous code refactoring, aka CID-e7af6307a8a5. This is related to snd_timer_open and snd_timer_close_locked. The timeri variable was originally intended to be for a newly created timer instance, but was used for a different purpose after refactoring.	2019-12-15	4.9	CVE-2019-19807 MISC MISC MISC
linux -- linux_kernel	In the Linux kernel before 5.4.2, the io_uring feature leads to requests that inadvertently have UID 0 and full capabilities, aka CID-181e448d8709. This is related to fs/io-wq.c, fs/io_uring.c, and net/socket.c. For example, an attacker can bypass intended restrictions on adding an IPv4 address to the loopback interface. This occurs because IORING_OP_SENDMSG operations, although requested in the context of an unprivileged user, are sometimes performed by a kernel worker thread without considering that context.	2019-12-17	4.6	CVE-2019-19241 MISC MISC MISC MISC
lout -- lout	Lout 3.40 has a heap-based buffer overflow in the srcnext() function in z02.c.	2019-12-20	6.8	CVE-2019-19918 MISC
lout -- lout	Lout 3.40 has a buffer overflow in the StringQuotedWord() function in z39.c.	2019-12-20	6.8	CVE-2019-19917 MISC
mahara -- mahara	Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.4.x before 1.4.3 and 1.5.x before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) javascript innerHTML as used when generating login forms, (2) links or (3) resources URLs, and (4) the Display name in a user profile.	2019-12-17	4.3	CVE-2012-2237 MISC MISC MISC MISC MISC
micro_focus -- arcsight_logger	Cross-Site Request Forgery vulnerability in all Micro Focus ArcSight Logger affecting all product versions below version 7.0. The vulnerability could be exploited to perform CSRF attack.	2019-12-17	6.8	CVE-2019-11657 MISC
nitro -- nitro_free_pdf_reader	The JBIG2Decode library in npdf.dll in Nitro Free PDF Reader 12.0.0.112 has a CAPPDAnnotHandlerUtils::PDAnnotHandlerDestroyData2+0xa08a Out-of-Bounds Read via crafted Unicode content.	2019-12-16	4.3	CVE-2019-19818 MISC MISC
npm -- cli	Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It fails to prevent access to folders outside of the intended node_modules folder through the bin field. A properly constructed entry in the package.json bin field would allow a package publisher to modify and/or gain access to arbitrary files on a user?s system when the package is installed. This behavior is still possible through install scripts. This vulnerability bypasses a user using the --ignore-scripts install option.	2019-12-13	5.5	CVE-2019-16776 MISC CONFIRM
npm -- cli	Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It is possible for packages to create symlinks to files outside of thenode_modules folder through the bin field upon installation. A properly constructed entry in the package.json bin field would allow a package publisher to create a symlink pointing to arbitrary files on a user?s system when the package is installed. This behavior is still possible through install scripts. This vulnerability bypasses a user using the --ignore-scripts install option.	2019-12-13	4	CVE-2019-16775 MISC CONFIRM
npm -- cli	Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For example, if a package was installed globally and created a serve binary, any subsequent installs of packages that also create a serve binary would overwrite the previous serve binary. This behavior is still allowed in local installations and also through install scripts. This vulnerability bypasses a user using the --ignore-scripts install option.	2019-12-13	5.5	CVE-2019-16777 MISC CONFIRM
owncloud -- owncloud	Cross-site scripting (XSS) vulnerability in ownCloud 4.5.5, 4.0.10, and earlier allows remote attackers to inject arbitrary web script or HTML via the action parameter to core/ajax/sharing.php.	2019-12-17	4.3	CVE-2013-0202 MISC MISC
pen -- pen	Pen 0.18.0 has Insecure Temporary File Creation vulnerabilities	2019-12-13	4.6	CVE-2014-2387 MISC MISC MISC MISC MISC MISC MISC
petwant_and_skymee -- pf-103_and_petalk_ai	The udpServerSys service in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to initiate firmware upgrades and alter device settings.	2019-12-13	5	CVE-2019-16731 MISC
puppet -- puppet_agent	Previous versions of Puppet Agent didn't verify the peer in the SSL connection prior to downloading the CRL. This issue is resolved in Puppet Agent 6.4.0.	2019-12-16	5	CVE-2018-11751 MISC
qpid-cpp -- qpid-cpp	qpid-cpp: ACL policies only loaded if the acl-file option specified enabling DoS by consuming all available file descriptors	2019-12-13	5	CVE-2014-0212 MISC MISC MISC
qualcomm -- multiple_snapdragon_products	Possibility of out of bound access in debug queue, if packet size field is corrupted in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS405, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130	2019-12-18	4.6	CVE-2019-10584 CONFIRM
red_hat -- cloudforms_management_engine	CFME: CSRF protection vulnerability via permissive check of the referrer header	2019-12-13	6.8	CVE-2014-0197 MISC MISC
red_hat -- jboss_keycloak	JBoss KeyCloak: Open redirect vulnerability via failure to validate the redirect URL.	2019-12-15	5.8	CVE-2014-3652 MISC MISC
samurai -- samurai	samurai 0.7 has a heap-based buffer overflow in canonpath in util.c via a crafted build file.	2019-12-13	6.8	CVE-2019-19795 MISC
sap -- treasury_and_risk_management	Transaction Management in SAP Treasury and Risk Management (corrected in S4CORE versions 1.01, 1.02, 1.03, 1.04 and EA-FINSERV versions 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.	2019-12-17	6.5	CVE-2019-0383 MISC CONFIRM
sap -- treasury_and_risk_management	Transaction Management in SAP Treasury and Risk Management (corrected in S4CORE versions 1.01, 1.02, 1.03, 1.04 and EA-FINSERV versions 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0) does not perform necessary authorization checks for functionalities that require user identity.	2019-12-17	6.5	CVE-2019-0384 MISC CONFIRM
solarwinds -- serv-u_ftp_server	A CSV injection vulnerability exists in the web UI of SolarWinds Serv-U FTP Server v15.1.7.	2019-12-16	4	CVE-2019-13181 MISC FULLDISC MISC
sonicwall -- sma100_devices	Vulnerability in SonicWall SMA100 allow unauthenticated user to gain read-only access to unauthorized resources. This vulnerablity impacted SMA100 version 9.0.0.3 and earlier.	2019-12-17	5	CVE-2019-7481 CONFIRM
spip -- spip	_core_/plugins/medias in SPIP 3.2.x before 3.2.7 allows remote authenticated authors to inject content into the database.	2019-12-17	4	CVE-2019-19830 MISC MISC DEBIAN MISC
sqlite -- sqlite	exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.	2019-12-18	5	CVE-2019-19880 MISC
suphp -- suphp	suPHP before 0.7.2 source-highlighting feature allows security bypass which could lead to arbitrary code execution	2019-12-13	4.4	CVE-2014-1867 MISC MISC MISC MISC
tematres -- tematres	TemaTres 3.0 has reflected XSS via the replace_string or search_string parameter to the vocab/admin.php?doAdmin=bulkReplace URI.	2019-12-13	4.3	CVE-2019-14344 MISC MISC
tibco -- spotfire_analytics_platform_for_aws_marketplace_and_spotfire_server	The Spotfire library component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains a vulnerability that theoretically allows an attacker to perform a reflected cross-site scripting (XSS) attack. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace: version 10.6.0 and TIBCO Spotfire Server: versions 7.11.7 and below, versions 7.12.0, 7.13.0, 7.14.0, 10.0.0, 10.0.1, 10.1.0, 10.2.0, 10.2.1, 10.3.0, 10.3.1, 10.3.2, 10.3.3, and 10.3.4, versions 10.4.0, 10.5.0, and 10.6.0.	2019-12-17	4.3	CVE-2019-17337 MISC MISC
typo3 -- typo3	An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. Because escaping of user-submitted content is mishandled, the class QueryGenerator is vulnerable to SQL injection. Exploitation requires having the system extension ext:lowlevel installed, and a valid backend user who has administrator privileges.	2019-12-17	6.5	CVE-2019-19850 MISC MISC
veracrypt -- veracrypt	VeraCrypt 1.24 allows Local Privilege Escalation during execution of VeraCryptExpander.exe.	2019-12-13	4.6	CVE-2019-19501 MISC MISC
wordpress -- wordpress	The quiz-master-next (aka Quiz And Survey Master) plugin before 6.3.5 for WordPress is affected by: Cross Site Scripting (XSS). The impact is: Allows an attacker to execute arbitrary HTML and JavaScript code via the from or till parameter (and/or the quiz_id parameter). The component is: admin/quiz-options-page.php. The attack vector is: When the Administrator is logged in, a reflected XSS may execute upon a click on a malicious URL.	2019-12-13	4.3	CVE-2019-17599 MISC MISC MISC MISC
yabasic -- yabasic	Yabasic 2.86.2 has a heap-based buffer overflow in myformat in function.c via a crafted BASIC source file.	2019-12-13	6.8	CVE-2019-19796 MISC
zend_framework -- zend_framework	ZF2014-03 has a potential cross site scripting vector in multiple view helpers	2019-12-15	4.3	CVE-2014-4913 MISC MISC MISC MISC MISC
zulip -- zulip_server	The image thumbnailing handler in Zulip Server versions 1.9.0 to before 2.0.8 allowed an open redirect that was visible to logged-in users.	2019-12-18	5.8	CVE-2019-19775 CONFIRM CONFIRM

Low Vulnerabilities

Primary Vendor -- Product	Description	Published	CVSS Score	Source & Patch Info
altn -- mdaemon_email_server	MDaemon Email Server 17.5.1 allows XSS via the filename of an attachment to an email message.	2019-12-17	3.5	CVE-2019-19497 MISC MISC
apple -- ios	A logic issue was addressed with improved restrictions. This issue is fixed in iOS 12.3. A person with physical access to an iOS device may be able to see the email address used for iTunes.	2019-12-18	2.1	CVE-2019-8599 MISC
apple -- ios	The issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 13. A person with physical access to an iOS device may be able to access contacts from the lock screen.	2019-12-18	2.1	CVE-2019-8742 MISC
apple -- ios_and_watchos	The issue was addressed with improved UI handling. This issue is fixed in iOS 12.4, watchOS 5.3. A user may inadvertently complete an in-app purchase while on the lock screen.	2019-12-18	2.1	CVE-2019-8682 MISC MISC
apple -- macos_mojave	Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.4. Processing malicious data may lead to unexpected application termination.	2019-12-18	2.1	CVE-2019-8507 MISC
apple -- macos_mojave	A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.6. An application may be able to read restricted memory.	2019-12-18	2.1	CVE-2019-8691 MISC
apple -- macos_mojave	An access issue was addressed with improved memory management. This issue is fixed in macOS Mojave 10.14.4. A local user may be able to view a user?s locked notes.	2019-12-18	2.1	CVE-2019-8537 MISC
apple -- macos_mojave	An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Mojave 10.14.4. A malicious application may be able to read restricted memory.	2019-12-18	2.1	CVE-2019-8520 MISC
apple -- macos_mojave	A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.6. An application may be able to read restricted memory.	2019-12-18	2.1	CVE-2019-8692 MISC
apple -- multiple_products	A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A local user may be able to modify protected parts of the file system.	2019-12-18	2.1	CVE-2019-8568 MISC MISC MISC MISC
apple -- multiple_products	An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout.	2019-12-18	2.1	CVE-2019-8510 MISC MISC MISC MISC
apple -- multiple_products	An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout.	2019-12-18	2.1	CVE-2019-6207 MISC MISC MISC MISC
apple -- tvos	An authentication issue was addressed with improved state management. This issue is fixed in tvOS 13. A local user may be able to leak sensitive user information.	2019-12-18	2.1	CVE-2019-8704 MISC MISC
hammer_cli_foreman_gem_for_ruby_on_rails -- hammer_cli_foreman_gem_for_ruby_on_rails	rubygem-hammer_cli_foreman: File /etc/hammer/cli.modules.d/foreman.yml world readable	2019-12-13	2.1	CVE-2014-0241 MISC MISC
ibm -- api_connect	IBM API Connect 2018.1 through 2018.4.1.7 Developer Portal's user registration page does not disable password autocomplete. An attacker with access to the browser instance and local system credentials can steal the credentials used for registration. IBM X-Force ID: 163453.	2019-12-16	2.1	CVE-2019-4444 XF CONFIRM
ibm -- case_builder_and_case_manager	The Case Builder component shipped with 18.0.0.1 through 19.0.0.2 and IBM Case Manager 5.1.1 through 5.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 162772.	2019-12-13	3.5	CVE-2019-4426 XF CONFIRM CONFIRM
jenkins -- jenkins	Jenkins buildgraph-view Plugin 1.8 and earlier does not escape the description of builds shown in its view, resulting in a stored XSS vulnerability exploitable by users able to change build descriptions.	2019-12-17	3.5	CVE-2019-16562 MLIST CONFIRM
jenkins -- jenkins	Jenkins Weibo Plugin 1.0.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.	2019-12-17	2.1	CVE-2019-16572 MLIST CONFIRM
jenkins -- jenkins	Jenkins Pipeline Aggregator View Plugin 1.8 and earlier does not escape information shown on its view, resulting in a stored XSS vulnerability exploitable by attackers able to affects view content such as job display name or pipeline stage names.	2019-12-17	3.5	CVE-2019-16564 MLIST CONFIRM
jenkins -- jenkins	Jenkins Mission Control Plugin 0.9.16 and earlier does not escape job display names and build names shown on its view, resulting in a stored XSS vulnerability exploitable by attackers able to change these properties.	2019-12-17	3.5	CVE-2019-16563 MLIST CONFIRM
red_hat -- cloudforms_management_engine	CFME (CloudForms Management Engine) 5: RHN account information is logged to top_output.log during registration	2019-12-15	2.1	CVE-2014-3536 MISC MISC
solarwinds -- serv-u_ftp_server	A stored cross-site scripting (XSS) vulnerability exists in the web UI of SolarWinds Serv-U FTP Server 15.1.7.	2019-12-16	3.5	CVE-2019-13182 MISC FULLDISC MISC

Severity Not Yet Assigned

Primary Vendor -- Product	Description	Published	CVSS Score	Source & Patch Info
3s-smart -- multiple_codesys_products	3S-Smart CODESYS SP Realtime NT before V2.3.7.28, CODESYS Runtime Toolkit 32 bit full before V2.4.7.54, and CODESYS PLCWinNT before V2.4.7.54 allow a NULL pointer dereference.	2019-12-20	not yet calculated	CVE-2019-19789 CONFIRM MISC
abb -- pb610_panel_builder_600	The HMISimulator component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier fails to validate the content-length field for HTTP requests, exposing HMISimulator to denial of service via crafted HTTP requests manipulating the content-length setting.	2019-12-18	not yet calculated	CVE-2019-18995 MISC
abb -- pb610_panel_builder_600	The HMISimulator component of ABB PB610 Panel Builder 600 uses the readFile/writeFile interface to manipulate the work file. Path configuration in PB610 HMISimulator versions 2.8.0.424 and earlier potentially allows access to files outside of the working directory, thus potentially supporting unauthorized file access.	2019-12-18	not yet calculated	CVE-2019-18997 MISC
abb -- pb610_panel_builder_600	Due to a lack of file length check, the HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier crashes when trying to load an empty *.JPR application file. An attacker with access to the file system might be able to cause application malfunction such as denial of service.	2019-12-18	not yet calculated	CVE-2019-18994 MISC
abb -- pb610_panel_builder_600	Path settings in HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier accept DLLs outside of the program directory, potentially allowing an attacker with access to the local file system the execution of code in the application?s context.	2019-12-18	not yet calculated	CVE-2019-18996 MISC
acer -- quick_access	In the Quick Access Service (QAAdminAgent.exe) in Acer Quick Access V2.01.3000 through 2.01.3027 and V3.00.3000 through V3.00.3008, a REGULAR user can load an arbitrary unsigned DLL into the signed service's process, which is running as NT AUTHORITY\SYSTEM. This is a DLL Hijacking vulnerability (including search order hijacking, which searches for the missing DLL in the PATH environment variable), which is caused by an uncontrolled search path element for nvapi.dll, atiadlxx.dll, or atiadlxy.dll.	2019-12-17	not yet calculated	CVE-2019-18670 MISC CONFIRM
adobe -- coldfusion	ColdFusion versions Update 6 and earlier have an insecure inherited permissions of default installation directory vulnerability. Successful exploitation could lead to privilege escalation.	2019-12-19	not yet calculated	CVE-2019-8256 CONFIRM
adobe -- acrobat_and_reader	Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .	2019-12-19	not yet calculated	CVE-2019-16448 CONFIRM
adobe -- acrobat_and_reader	Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .	2019-12-19	not yet calculated	CVE-2019-16457 CONFIRM
adobe -- acrobat_and_reader	Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .	2019-12-19	not yet calculated	CVE-2019-16464 CONFIRM
adobe -- acrobat_and_reader	Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have a security bypass vulnerability. Successful exploitation could lead to arbitrary code execution.	2019-12-19	not yet calculated	CVE-2019-16453 CONFIRM
adobe -- acrobat_and_reader	Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .	2019-12-19	not yet calculated	CVE-2019-16452 CONFIRM
adobe -- acrobat_and_reader	Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .	2019-12-19	not yet calculated	CVE-2019-16449 CONFIRM
adobe -- acrobat_and_reader	Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .	2019-12-19	not yet calculated	CVE-2019-16465 CONFIRM
adobe -- acrobat_and_reader	Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have a binary planting (default folder privilege escalation) vulnerability. Successful exploitation could lead to privilege escalation.	2019-12-19	not yet calculated	CVE-2019-16444 CONFIRM
adobe -- acrobat_and_reader	Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .	2019-12-19	not yet calculated	CVE-2019-16445 CONFIRM
adobe -- acrobat_and_reader	Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .	2019-12-19	not yet calculated	CVE-2019-16456 CONFIRM
adobe -- acrobat_and_reader	Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .	2019-12-19	not yet calculated	CVE-2019-16451 CONFIRM
adobe -- acrobat_and_reader	Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .	2019-12-19	not yet calculated	CVE-2019-16450 CONFIRM
adobe -- acrobat_and_reader	Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .	2019-12-19	not yet calculated	CVE-2019-16463 CONFIRM
adobe -- acrobat_and_reader	Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .	2019-12-19	not yet calculated	CVE-2019-16459 CONFIRM
adobe -- acrobat_and_reader	Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .	2019-12-19	not yet calculated	CVE-2019-16461 CONFIRM
adobe -- acrobat_and_reader	Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .	2019-12-19	not yet calculated	CVE-2019-16455 CONFIRM
adobe -- acrobat_and_reader	Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .	2019-12-19	not yet calculated	CVE-2019-16454 CONFIRM
adobe -- acrobat_and_reader	Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .	2019-12-19	not yet calculated	CVE-2019-16458 CONFIRM
adobe -- acrobat_and_reader	Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution .	2019-12-19	not yet calculated	CVE-2019-16462 CONFIRM
adobe -- acrobat_and_reader	Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .	2019-12-19	not yet calculated	CVE-2019-16446 CONFIRM
adobe -- acrobat_and_reader	Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .	2019-12-19	not yet calculated	CVE-2019-16460 CONFIRM
adobe -- brackets	Brackets versions 1.14 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.	2019-12-19	not yet calculated	CVE-2019-8255 CONFIRM
adobe -- photoshop_cc	Adobe Photoshop CC versions before 20.0.8 and 21.0.x before 21.0.2 have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.	2019-12-19	not yet calculated	CVE-2019-8253 CONFIRM
adobe -- photoshop_cc	Adobe Photoshop CC versions before 20.0.8 and 21.0.x before 21.0.2 have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.	2019-12-19	not yet calculated	CVE-2019-8254 CONFIRM
apache -- http_server	A Path traversal exists in http_server which allows an attacker to read arbitrary system files.	2019-12-18	not yet calculated	CVE-2019-15600 MISC
apache -- log4j	Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17.	2019-12-20	not yet calculated	CVE-2019-17571 CONFIRM
apache -- xerces-c	The Apache Xerces-C 3.0.0 to 3.2.2 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via the DOM using a standard parser feature, or via SAX using the XERCES_DISABLE_DTD environment variable.	2019-12-18	not yet calculated	CVE-2018-1311 CONFIRM
apple -- macos_catalina	A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue is fixed in macOS Catalina 10.15.1. An application may be able to execute arbitrary code with system privileges.	2019-12-18	not yet calculated	CVE-2019-8805 MISC
apple -- macos_catalina	A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Catalina 10.15.1. An application may be able to read restricted memory.	2019-12-18	not yet calculated	CVE-2019-8817 MISC
apple -- macos_catalina	A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15. An application may be able to execute arbitrary code with system privileges.	2019-12-18	not yet calculated	CVE-2019-8701 MISC
apple -- icloud_for_windows	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	not yet calculated	CVE-2019-8710 MISC
apple -- ios	A logic issue existed in the handling of answering phone calls. The issue was addressed with improved state management. This issue is fixed in iOS 12.4. The initiator of a phone call may be able to cause the recipient to answer a simultaneous Walkie-Talkie connection.	2019-12-18	not yet calculated	CVE-2019-8699 MISC
apple -- ios	The issue was addressed with improved UI handling. This issue is fixed in iOS 12.3. The lock screen may show a locked icon after unlocking.	2019-12-18	not yet calculated	CVE-2019-8630 MISC
apple -- ios	This issue was addressed with improved checks. This issue is fixed in iOS 12.2. Processing a maliciously crafted mail message may lead to S/MIME signature spoofing.	2019-12-18	not yet calculated	CVE-2019-7284 MISC
apple -- ios	A consistency issue was addressed with improved state handling. This issue is fixed in iOS 12.2. A website may be able to access the microphone without the microphone use indicator being shown.	2019-12-18	not yet calculated	CVE-2019-6222 MISC
apple -- ios	An API issue existed in the handling of microphone data. This issue was addressed with improved validation. This issue is fixed in iOS 12.2. A malicious application may be able to access the microphone without indication to the user.	2019-12-18	not yet calculated	CVE-2019-8566 MISC
apple -- ios	A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4. An application may be able to execute arbitrary code with kernel privileges.	2019-12-18	not yet calculated	CVE-2019-7287 MISC
apple -- ios	This issue was addressed with improved transparency. This issue is fixed in iOS 12.2. A user may authorize an enterprise administrator to remotely wipe their device without appropriate disclosure.	2019-12-18	not yet calculated	CVE-2019-8512 MISC
apple -- ios	This issue was addressed by improving Face ID machine learning models. This issue is fixed in iOS 13. A 3D model constructed to look like the enrolled user may authenticate via Face ID.	2019-12-18	not yet calculated	CVE-2019-8760 MISC
apple -- ios_and_ipados	A logic issue applied the incorrect restrictions. This issue was addressed by updating the logic to apply the correct restrictions. This issue is fixed in iOS 13.1.1 and iPadOS 13.1.1. Third party app extensions may not receive the correct sandbox restrictions.	2019-12-18	not yet calculated	CVE-2019-8779 MISC
apple -- ios_and_ipados	The issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 13.1 and iPadOS 13.1. A person with physical access to an iOS device may be able to access contacts from the lock screen.	2019-12-18	not yet calculated	CVE-2019-8775 MISC MISC
apple -- ios_and_ipados	A consistency issue existed in deciding when to show the screen recording indicator. The issue was resolved with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2. A local user may be able to record the screen without a visible screen recording indicator.	2019-12-18	not yet calculated	CVE-2019-8793 MISC
apple -- ios_and_ipados	An inconsistency in Wi-Fi network configuration settings was addressed. This issue is fixed in iOS 13.2 and iPadOS 13.2. An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup.	2019-12-18	not yet calculated	CVE-2019-8804 MISC
apple -- ios_and_ipados_and_macos_catalina	An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history.	2019-12-18	not yet calculated	CVE-2019-8769 MISC
apple -- ios_and_ipados_and_macos_catalina	An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1. Improper URL processing may lead to data exfiltration.	2019-12-18	not yet calculated	CVE-2019-8788 MISC MISC
apple -- ios_and_ipados_and_macos_catalina	A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1. Parsing a maliciously crafted iBooks file may lead to disclosure of user information.	2019-12-18	not yet calculated	CVE-2019-8789 MISC MISC
apple -- ios_and_ipados_and_tvos	A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2. An application may be able to execute arbitrary code with system privileges.	2019-12-18	not yet calculated	CVE-2019-8795 MISC MISC
apple -- ios_and_macos_mojave	This issue was addressed with improved checks. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A malicious application may be able to overwrite arbitrary files.	2019-12-18	not yet calculated	CVE-2019-8521 MISC MISC
apple -- ios_and_macos_mojave	A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A local user may be able to read kernel memory.	2019-12-18	not yet calculated	CVE-2019-8504 MISC MISC
apple -- ios_and_macos_mojave	A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. An application may be able to execute arbitrary code with kernel privileges.	2019-12-18	not yet calculated	CVE-2019-8529 MISC MISC
apple -- ios_and_macos_mojave	A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4, macOS Mojave 10.14.3 Supplemental Update. An application may be able to gain elevated privileges.	2019-12-18	not yet calculated	CVE-2019-7286 MISC MISC MISC MISC
apple -- ios_and_macos_mojave_and_tvos	An access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A local user may be able to view sensitive user information.	2019-12-18	not yet calculated	CVE-2019-8546 MISC MISC MISC
apple -- ios_and_macos_mojave_and_tvos	This issue was addressed with improved checks. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2. A malicious application may be able to overwrite arbitrary files.	2019-12-18	not yet calculated	CVE-2019-8530 MISC MISC MISC
apple -- ios_and_macos_mojave_and_watchos	A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A malicious application may be able to elevate privileges.	2019-12-18	not yet calculated	CVE-2019-8511 MISC MISC MISC
apple -- ios_and_macos_mojave_and_watchos	An issue existed in the pausing of FaceTime video. The issue was resolved with improved logic. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A user?s video may not be paused in a FaceTime call if they exit the FaceTime app while the call is ringing.	2019-12-18	not yet calculated	CVE-2019-8550 MISC MISC MISC
apple -- ios_and_safari	A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, Safari 12.1. Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting.	2019-12-18	not yet calculated	CVE-2019-8505 MISC MISC
apple -- ios_and_safari	A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, Safari 12.1. Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting.	2019-12-18	not yet calculated	CVE-2019-6204 MISC MISC
apple -- ios_and_watchos	A privacy issue existed in motion sensor calibration. This issue was addressed with improved motion sensor processing. This issue is fixed in iOS 12.2, watchOS 5.2. A malicious app may be able to track users between installs.	2019-12-18	not yet calculated	CVE-2019-8541 MISC MISC
apple -- macos_catalina	A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15. A malicious application may be able to determine kernel memory layout.	2019-12-18	not yet calculated	CVE-2019-8755 MISC
apple -- macos_catalina	A race condition existed when reading and writing user preferences. This was addressed with improved state handling. This issue is fixed in macOS Catalina 10.15. The "Share Mac Analytics" setting may not be disabled when a user deselects the switch to share analytics.	2019-12-18	not yet calculated	CVE-2019-8757 MISC
apple -- macos_catalina	The contents of locked notes sometimes appeared in search results. This issue was addressed with improved data cleanup. This issue is fixed in macOS Catalina 10.15. A local user may be able to view a user?s locked notes.	2019-12-18	not yet calculated	CVE-2019-8730 MISC
apple -- macos_catalina_and_itunes_for_windows	A dynamic library loading issue existed in iTunes setup. This was addressed with improved path searching. This issue is fixed in macOS Catalina 10.15.1, iTunes for Windows 12.10.2. Running the iTunes installer in an untrusted directory may result in arbitrary code execution.	2019-12-18	not yet calculated	CVE-2019-8801 MISC MISC
apple -- macos_mojave	A lock handling issue was addressed with improved lock handling. This issue is fixed in macOS Mojave 10.14.4. A Mac may not lock when disconnecting from an external monitor.	2019-12-18	not yet calculated	CVE-2019-8533 MISC
apple -- macos_mojave	A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4. An encrypted volume may be unmounted and remounted by a different user without prompting for the password.	2019-12-18	not yet calculated	CVE-2019-8522 MISC
apple -- macos_mojave	An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Mojave 10.14.4. An application may be able to read restricted memory.	2019-12-18	not yet calculated	CVE-2019-8519 MISC
apple -- macos_mojave	A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Mojave 10.14.5. A local user may be able to load unsigned kernel extensions.	2019-12-18	not yet calculated	CVE-2019-8606 MISC
apple -- multiple_products	A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout.	2019-12-18	not yet calculated	CVE-2019-8540 MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	not yet calculated	CVE-2019-8619 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	A validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted string may lead to a denial of service.	2019-12-18	not yet calculated	CVE-2019-8516 MISC MISC MISC MISC
apple -- multiple_products	An API issue existed in the handling of dictation requests. This issue was addressed with improved validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to initiate a Dictation request without user authorization.	2019-12-18	not yet calculated	CVE-2019-8502 MISC MISC MISC MISC
apple -- multiple_products	A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.	2019-12-18	not yet calculated	CVE-2019-8527 MISC MISC MISC MISC
apple -- multiple_products	An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted font may result in the disclosure of process memory.	2019-12-18	not yet calculated	CVE-2019-8517 MISC MISC MISC MISC
apple -- multiple_products	A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. An application may be able to gain elevated privileges.	2019-12-18	not yet calculated	CVE-2019-8514 MISC MISC MISC MISC
apple -- multiple_products	A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A local user may be able to cause unexpected system termination or read kernel memory.	2019-12-18	not yet calculated	CVE-2019-8545 MISC MISC MISC MISC
apple -- multiple_products	Multiple input validation issues existed in MIG generated code. These issues were addressed with improved validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to execute arbitrary code with system privileges.	2019-12-18	not yet calculated	CVE-2019-8549 MISC MISC MISC MISC
apple -- multiple_products	A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A local user may be able to read kernel memory.	2019-12-18	not yet calculated	CVE-2019-7293 MISC MISC MISC MISC
apple -- multiple_products	A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15, tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing a maliciously crafted text file may lead to arbitrary code execution.	2019-12-18	not yet calculated	CVE-2019-8745 MISC MISC MISC MISC
apple -- multiple_products	A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	not yet calculated	CVE-2019-8535 MISC MISC MISC MISC MISC
apple -- multiple_products	A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	not yet calculated	CVE-2019-8544 MISC MISC MISC MISC MISC MISC
apple -- multiple_products	A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to universal cross site scripting.	2019-12-18	not yet calculated	CVE-2019-8551 MISC MISC MISC MISC MISC
apple -- multiple_products	A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious application may be able to elevate privileges.	2019-12-18	not yet calculated	CVE-2019-8542 MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	not yet calculated	CVE-2019-8726 MISC MISC MISC
apple -- multiple_products	A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	not yet calculated	CVE-2019-8536 MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	not yet calculated	CVE-2019-8523 MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	not yet calculated	CVE-2019-8782 MISC MISC MISC MISC MISC
apple -- multiple_products	A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with kernel privileges.	2019-12-18	not yet calculated	CVE-2019-8786 MISC MISC MISC MISC
apple -- multiple_products	A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to elevate privileges.	2019-12-18	not yet calculated	CVE-2019-8552 MISC MISC MISC MISC
apple -- multiple_products	A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information.	2019-12-18	not yet calculated	CVE-2019-8515 MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	not yet calculated	CVE-2019-6201 MISC MISC MISC MISC MISC
apple -- multiple_products	A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A malicious application may be able to elevate privileges.	2019-12-18	not yet calculated	CVE-2019-8602 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	not yet calculated	CVE-2019-8518 MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	not yet calculated	CVE-2019-8783 MISC MISC MISC MISC MISC MISC
apple -- multiple_products	A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious website may be able to execute scripts in the context of another website.	2019-12-18	not yet calculated	CVE-2019-8503 MISC MISC MISC MISC MISC
apple -- multiple_products	An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may result in the disclosure of process memory.	2019-12-18	not yet calculated	CVE-2019-8607 MISC MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	not yet calculated	CVE-2019-8808 MISC MISC MISC MISC MISC
apple -- multiple_products	A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with system privileges.	2019-12-18	not yet calculated	CVE-2019-8785 MISC MISC MISC MISC
apple -- multiple_products	An authentication issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. A local attacker may be able to login to the account of a previously logged in user without valid credentials..	2019-12-18	not yet calculated	CVE-2019-8803 MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	not yet calculated	CVE-2019-8583 MISC MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	not yet calculated	CVE-2019-7285 MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	not yet calculated	CVE-2019-8707 MISC MISC MISC
apple -- multiple_products	A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	not yet calculated	CVE-2019-8506 MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	not yet calculated	CVE-2019-6237 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with system privileges.	2019-12-18	not yet calculated	CVE-2019-8798 MISC MISC MISC MISC
apple -- multiple_products	A validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may result in the disclosure of process memory.	2019-12-18	not yet calculated	CVE-2019-7292 MISC MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	not yet calculated	CVE-2019-8524 MISC MISC MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	not yet calculated	CVE-2019-8733 MISC MISC MISC
apple -- multiple_products	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	2019-12-18	not yet calculated	CVE-2019-8587 MISC MISC MISC MISC MISC MISC MISC
apple -- multiple_products	A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to read restricted memory.	2019-12-18	not yet calculated	CVE-2019-8794 MISC MISC MISC MISC
apple -- multiple_products	A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with system privileges.	2019-12-18	not yet calculated	CVE-2019-8797 MISC MISC MISC MISC
apple -- multiple_products	A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. An application may be able to execute arbitrary code with system privileges.	2019-12-18	not yet calculated	CVE-2019-8784 MISC MISC MISC MISC MISC
apple -- shazam_andriod_app_and_shazam_ios_app	An injection issue was addressed with improved validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to arbitrary javascript code execution.	2019-12-18	not yet calculated	CVE-2019-8792 MISC MISC
apple -- shazam_andriod_app_and_shazam_ios_app	An issue existed in the parsing of URL schemes. This issue was addressed with improved URL validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to an open redirect.	2019-12-18	not yet calculated	CVE-2019-8791 MISC MISC
apple -- shortcuts_for_ios	An access issue was addressed with additional sandbox restrictions. This issue is fixed in Shortcuts 2.1.3 for iOS. A sandboxed process may be able to circumvent sandbox restrictions.	2019-12-18	not yet calculated	CVE-2019-7290 MISC
apple -- shortcuts_for_ios	A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in Shortcuts 2.1.3 for iOS. A local user may be able to view senstive user information.	2019-12-18	not yet calculated	CVE-2019-7289 MISC
apple -- swift-nio-ssl	The issue was addressed by signaling that an executable stack is not required. This issue is fixed in SwiftNIO SSL 2.4.1. A SwiftNIO application using TLS may be able to execute arbitrary code.	2019-12-18	not yet calculated	CVE-2019-8849 MISC
apple -- texture_for_ios_and_texture_for_android	Some analytics data was sent using HTTP rather than HTTPS. This was addressed by no longer sending this analytics data. This issue is fixed in Texture 5.11.10 for iOS, Texture 4.22.0.4 for Android. An attacker in a privileged network position may be able to intercept analytics data.	2019-12-18	not yet calculated	CVE-2019-8632 MISC MISC
apple -- watchos	An issue existed where partially entered passcodes may not clear when the device went to sleep. This issue was addressed by clearing the passcode when a locked device sleeps. This issue is fixed in watchOS 5.2. A partially entered passcode may not clear when the device goes to sleep.	2019-12-18	not yet calculated	CVE-2019-8548 MISC
apple -- xcode	Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege.	2019-12-18	not yet calculated	CVE-2019-8721 MISC
apple -- xcode	Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege.	2019-12-18	not yet calculated	CVE-2019-8722 MISC
apple -- xcode	A memory corruption issue was addressed with improved validation. This issue is fixed in Xcode 11.2. Processing a maliciously crafted file may lead to arbitrary code execution.	2019-12-18	not yet calculated	CVE-2019-8806 MISC
apple -- xcode	A memory corruption issue was addressed with improved state management. This issue is fixed in Xcode 11.0. Processing a maliciously crafted file may lead to arbitrary code execution.	2019-12-18	not yet calculated	CVE-2019-8738 MISC
apple -- xcode	A memory corruption issue was addressed with improved state management. This issue is fixed in Xcode 11.0. Processing a maliciously crafted file may lead to arbitrary code execution.	2019-12-18	not yet calculated	CVE-2019-8739 MISC
apple -- xcode	A memory corruption issue was addressed with improved validation. This issue is fixed in Xcode 11.2. Processing a maliciously crafted file may lead to arbitrary code execution.	2019-12-18	not yet calculated	CVE-2019-8800 MISC
aristia -- cloudvision_portal	In CloudVision Portal all releases in the 2018.1 and 2018.2 Code train allows users with read-only permissions to bypass permissions for restricted functionality via CVP API calls through the Configlet Builder modules. This vulnerability can potentially enable authenticated users with read-only access to take actions that are otherwise restricted in the GUI.	2019-12-19	not yet calculated	CVE-2019-18181 CONFIRM
aristia -- cloudvision_portal	In CloudVision Portal (CVP) for all releases in the 2018.2 Train, under certain conditions, the application logs user passwords in plain text for certain API calls, potentially leading to user password exposure. This only affects CVP environments where: 1. Devices have enable mode passwords which are different from the user's login password, OR 2. There are configlet builders that use the Device class and specify username and password explicitly Application logs are not accessible or visible from the CVP GUI. Application logs can only be read by authorized users with privileged access to the VM hosting the CVP application.	2019-12-19	not yet calculated	CVE-2019-18615 CONFIRM
asus -- atk_package_for_windows_10_notebook_pcs	AsLdrSrv.exe in ASUS ATK Package before V1.0.0061 (for Windows 10 notebook PCs) could lead to unsigned code execution with no additional execution. The user must put an application at a particular path, with a particular file name.	2019-12-18	not yet calculated	CVE-2019-19235 MISC CONFIRM MISC
asus -- hg100_and_ws-101_and_ts-101_devices	An issue was discovered on ASUS HG100 1.05.12, WS-101 1.05.12, and TS-101 1.05.12 devices using ZigBee PRO. Attackers can utilize the "discover ZigBee network procedure" to perform a denial of service attack.	2019-12-20	not yet calculated	CVE-2019-15910 MISC
asus -- hg100_and_ws-101_and_ts-101_devices	An issue was discovered on ASUS HG100 1.05.12, WS-101 1.05.12, and TS-101 1.05.12 devices using ZigBee PRO. Attackers can use the ZigBee trust center rejoin procedure to perform a denial of service attack.	2019-12-20	not yet calculated	CVE-2019-15912 MISC MISC
asus -- hg100_and_ws-101_and_ts-101_devices	An issue was discovered on ASUS HG100 1.05.12, WS-101 1.05.12, and TS-101 1.05.12 devices using ZigBee PRO. Because of insecure key transport in ZigBee communication, attackers can obtain sensitive information, cause a denial of service attack, take over smart home devices, and tamper with messages.	2019-12-20	not yet calculated	CVE-2019-15911 MISC
atlassian -- bitbucket_kopano_group_core	HrAddFBBlock in libfreebusy/freebusyutil.cpp in Kopano Groupware Core before 8.7.7 allows out-of-bounds access, as demonstrated by mishandling of an array copy during parsing of ICal data.	2019-12-19	not yet calculated	CVE-2019-19907 MISC MISC
atlassian -- confluence_server_and_confluence_data_center	There was a man-in-the-middle (MITM) vulnerability present in the Confluence Previews plugin in Confluence Server and Confluence Data Center. This plugin was used to facilitate communication with the Atlassian Companion application. The Confluence Previews plugin in Confluence Server and Confluence Data Center communicated with the Companion application via the atlassian-domain-for-localhost-connections-only.com domain name, the DNS A record of which points at 127.0.0.1. Additionally, a signed certificate for the domain was publicly distributed with the Companion application. An attacker in the position to control DNS resolution of their victim could carry out a man-in-the-middle (MITM) attack between Confluence Server (or Confluence Data Center) and the atlassian-domain-for-localhost-connections-only.com domain intended to be used with the Companion application. This certificate has been revoked, however, usage of the atlassian-domain-for-localhost-connections-only.com domain name was still present in Confluence Server and Confluence Data Center. An attacker could perform the described attack by denying their victim access to certificate revocation information, and carry out a man-in-the-middle (MITM) attack to observe files being edited using the Companion application and/or modify them, and access some limited user information.	2019-12-19	not yet calculated	CVE-2019-15006 MISC MISC MISC BUGTRAQ MISC
atlassian -- crowd	Various resources in the Crowd Demo application of Atlassian Crowd before version 3.1.1 allow remote attackers to modify add, modify and delete users & groups via a Cross-site request forgery (CSRF) vulnerability. Please be aware that the Demo application is not enabled by default.	2019-12-17	not yet calculated	CVE-2017-18107 MISC
atlassian -- jira_application_links	The ListEntityLinksServlet resource in Application Links before version 5.0.12, from version 5.1.0 before version 5.2.11, from version 5.3.0 before version 5.3.7, from version 5.4.0 before 5.4.13, and from version 6.0.0 before 6.0.5 disclosed application link information to non-admin users via a missing permissions check.	2019-12-17	not yet calculated	CVE-2019-15011 MISC
backdrop -- backdrop_cms	An issue was discovered in Backdrop CMS 1.14.x before 1.14.2. It doesn't sufficiently filter output when displaying file type descriptions created by administrators. An attacker could potentially craft a specialized description, then have an administrator execute scripting when viewing the list of file types, aka XSS. This vulnerability is mitigated by the fact that an attacker must have a role with the "Administer file types" permission.	2019-12-19	not yet calculated	CVE-2019-19903 MISC
backdrop -- backdrop_cms	An issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14.x before 1.14.2. It doesn't sufficiently filter output when displaying content type names in the content creation interface. An attacker could potentially craft a specialized content type name, then have an editor execute scripting when creating content, aka XSS. This vulnerability is mitigated by the fact that an attacker must have a role with the "Administer content types" permission.	2019-12-19	not yet calculated	CVE-2019-19900 MISC
backdrop -- backdrop_cms	An issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14.x before 1.14.2. It doesn't sufficiently filter output when displaying certain block descriptions created by administrators. An attacker could potentially craft a specialized description, then have an administrator execute scripting when configuring a layout, aka XSS. This issue is mitigated by the fact that the attacker would be required to have the permission to create custom blocks, which is typically an administrative task.	2019-12-19	not yet calculated	CVE-2019-19901 MISC
backdrop -- backdrop_cms	An issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14.x before 1.14.2. It allows the upload of entire-site configuration archives through the user interface or command line. It does not sufficiently check uploaded archives for invalid data, allowing non-configuration scripts to potentially be uploaded to the server. This issue is mitigated by the fact that the attacker would be required to have the "Synchronize, import, and export configuration" permission, a permission that only trusted administrators should be given. Other measures in the product prevent the execution of PHP scripts, so another server-side scripting language must be accessible on the server to execute code.	2019-12-19	not yet calculated	CVE-2019-19902 MISC
barco -- clickshare_button_r9861500d01_devices	Barco ClickShare Button R9861500D01 devices before 1.9.0 allow OS Command Injection. The embedded 'dongle_bridge' program used to expose the functionalities of the ClickShare Button to a USB host, is vulnerable to OS command injection vulnerabilities. These vulnerabilities could lead to code execution on the ClickShare Button with the privileges of the user 'nobody'.	2019-12-16	not yet calculated	CVE-2019-18830 MISC MISC MISC MISC MISC MISC
barco -- clickshare_button_r9861500d01_devices	Barco ClickShare Button R9861500D01 devices before 1.9.0 have Improper Following of a Certificate's Chain of Trust. The embedded 'dongle_bridge' program used to expose the functionalities of the ClickShare Button to a USB host, does not properly validate the whole certificate chain.	2019-12-16	not yet calculated	CVE-2019-18826 MISC
barco -- clickshare_button_r9861500d01_devices	On Barco ClickShare Button R9861500D01 devices (before firmware version 1.9.0) JTAG access is disabled after ROM code execution. This means that JTAG access is possible when the system is running code from ROM before handing control over to embedded firmware.	2019-12-16	not yet calculated	CVE-2019-18827 MISC MISC MISC MISC MISC MISC
barco -- clickshare_button_r9861500d01_devices	Barco ClickShare Button R9861500D01 devices before 1.9.0 have Insufficiently Protected Credentials. The root account (present for access via debug interfaces, which are by default not enabled on production devices) of the embedded Linux on the ClickShare Button is using a weak password.	2019-12-16	not yet calculated	CVE-2019-18828 MISC MISC MISC MISC MISC MISC
barco -- clickshare_button_r9861500d01_devices	Barco ClickShare Button R9861500D01 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Button implements encryption at rest which uses a one-time programmable (OTP) AES encryption key. This key is shared across all ClickShare Buttons of model R9861500D01.	2019-12-17	not yet calculated	CVE-2019-18832 MISC MISC
barco -- clickshare_button_r9861500d01_devices	Barco ClickShare Button R9861500D01 devices before 1.9.0 have Missing Support for Integrity Check. The ClickShare Button does not verify the integrity of the mutable content on the UBIFS partition before being used.	2019-12-17	not yet calculated	CVE-2019-18824 MISC MISC
barco -- clickshare_button_r9861500d01_devices	Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information exposure (issue 2 of 2).. The encryption key of the media content which is shared between a ClickShare Button and a ClickShare Base Unit is randomly generated for each new session and communicated over a TLS connection. An attacker who is able to perform a Man-in-the-Middle attack between the TLS connection, is able to obtain the encryption key.	2019-12-17	not yet calculated	CVE-2019-18833 MISC MISC
barco -- clickshare_button_r9861500d01_devices	Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information Exposure. The encrypted ClickShare Button firmware contains the private key of a test device-certificate.	2019-12-16	not yet calculated	CVE-2019-18831 MISC MISC MISC MISC MISC MISC
barco -- clickshare_button_r9861500d1_devices	Barco ClickShare Button R9861500D01 devices before 1.9.0 have Missing Support for Integrity Check. The Barco signed 'Clickshare_For_Windows.exe' binary on the ClickShare Button (R9861500D01) loads a number of DLL files dynamically without verifying their integrity.	2019-12-17	not yet calculated	CVE-2019-18829 MISC MISC
barco -- clickshare_huddle_cs-100_devices	Barco ClickShare Huddle CS-100 devices before 1.9.0 and CSE-200 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Base Unit implements encryption at rest using encryption keys which are shared across all ClickShare Base Units of models CS-100 & CSE-200.	2019-12-17	not yet calculated	CVE-2019-18825 MISC MISC
beckhoff -- embedded_windows_plcs_and_twincat_on_windows_engineering_stations	Beckhoff Embedded Windows PLCs through 3.1.4024.0, and Beckhoff Twincat on Windows Engineering stations, allow an attacker to achieve Remote Code Execution (as SYSTEM) via the Beckhoff ADS protocol.	2019-12-19	not yet calculated	CVE-2019-16871 CONFIRM MISC
broadcom -- ca_client_automation_agent_for_windows	An insecure file access vulnerability exists in CA Client Automation 14.0, 14.1, 14.2, and 14.3 Agent for Windows that can allow a local attacker to gain escalated privileges.	2019-12-20	not yet calculated	CVE-2019-19231 CONFIRM
cloud_foundry_foundation -- cloud_controller_api	Cloud Foundry Cloud Controller API (CAPI), version 1.88.0, allows space developers to list all global service brokers, including service broker URLs and GUIDs, which should only be accessible to admins.	2019-12-19	not yet calculated	CVE-2019-11294 CONFIRM
contao -- contao	Contao 4.0 through 4.8.5 has Insecure Permissions. Back end users can manipulate the details view URL to show pages and articles that have not been enabled for them.	2019-12-17	not yet calculated	CVE-2019-19712 MISC CONFIRM
cups -- cups	cups (Common Unix Printing System) 'Listen localhost:631' option not honored correctly which could provide unauthorized access to the system	2019-12-20	not yet calculated	CVE-2012-6094 MISC MISC REDHAT MISC MISC MISC MISC
cyrus -- imap	An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8. If sieve script uploading is allowed (3.x) or certain non-default sieve options are enabled (2.x), a user with a mail account on the service can use a sieve script containing a fileinto directive to create any mailbox with administrator privileges, because of folder mishandling in autosieve_createfolder() in imap/lmtp_sieve.c.	2019-12-16	not yet calculated	CVE-2019-19783 BUGTRAQ MISC MISC DEBIAN
cyrus -- sasl	cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.	2019-12-19	not yet calculated	CVE-2019-19906 MISC MLIST DEBIAN MISC
d-link -- dir-615_devices	On D-Link DIR-615 devices, the User Account Configuration page is vulnerable to blind XSS via the name field.	2019-12-18	not yet calculated	CVE-2019-19742 MISC MISC MISC MISC MISC MISC
d-link -- dir-615_devices	On D-Link DIR-615 devices, a normal user is able to create a root(admin) user from the D-Link portal.	2019-12-16	not yet calculated	CVE-2019-19743 FULLDISC MISC MISC MISC MISC
dell -- rsa_identity_governance_and_lifecycle_and_rsa_via_lifecycle_and_governance	The RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance products prior to 7.1.1 P03 contain a Session Fixation vulnerability. An authenticated malicious local user could potentially exploit this vulnerability as the session token is exposed as part of the URL. A remote attacker can gain access to victim?s session and perform arbitrary actions with privileges of the user within the compromised session.	2019-12-18	not yet calculated	CVE-2019-18573 MISC
dell -- rsa_identity_governance_and_lifecycle_and_rsa_via_lifecycle_and_governance	The RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance products prior to 7.1.1 P03 contain a reflected cross-site scripting vulnerability in the My Access Live module [MAL]. An authenticated malicious local user could potentially exploit this vulnerability by sending crafted URL with scripts. When victim users access the module through their browsers, the malicious code gets injected and executed by the web browser in the context of the vulnerable web application.	2019-12-18	not yet calculated	CVE-2019-18571 MISC
dell -- rsa_identity_governance_and_lifecycle_and_rsa_via_lifecycle_and_governance	The RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance products prior to 7.1.1 P03 contain an Improper Authentication vulnerability. A Java JMX agent running on the remote host is configured with plain text password authentication. An unauthenticated remote attacker can connect to the JMX agent and monitor and manage the Java application.	2019-12-18	not yet calculated	CVE-2019-18572 MISC
dell -- xps_13_2-in-1_bios	Settings for the Dell XPS 13 2-in-1 (7390) BIOS versions prior to 1.1.3 contain a configuration vulnerability. The BIOS configuration for the "Enable Thunderbolt (and PCIe behind TBT) pre-boot modules" setting is enabled by default. A local unauthenticated attacker with physical access to a user's system can obtain read or write access to main memory via a DMA attack during platform boot.	2019-12-16	not yet calculated	CVE-2019-18579 MISC
divisa_it -- proxia_suite_and_sparkspace_and_proxia_phr	Divisa Proxia Suite 9 < 9.12.16, 9.11.19, 9.10.26, 9.9.8, 9.8.43 and 9.7.10, 10.0 < 10.0.32, and 10.1 < 10.1.5, SparkSpace 1.0 < 1.0.30, 1.1 < 1.1.2, and 1.2 < 1.2.4, and Proxia PHR 1.0 < 1.0.30 and 1.1 < 1.1.2 allows remote code execution via untrusted Java deserialization. The proxia-error cookie is insecurely deserialized in every request (GET or POST). Thus, an unauthenticated attacker can easily craft a seria1.0lized payload in order to execute arbitrary code via the prepareError function in the com.divisait.dv2ee.controller.MVCControllerServlet class of the dv2eemvc.jar component. allows remote code execution via untrusted Java deserialization. The proxia-error cookie is insecurely deserialized in every request (GET or POST). Thus, an unauthenticated attacker can easily craft a serialized payload in order to execute arbitrary code via the prepareError function in the com.divisait.dv2ee.controller.MVCControllerServlet class of the dv2eemvc.jar component. Affected products include Proxia Premium Edition 2017 and Sparkspace.	2019-12-17	not yet calculated	CVE-2019-18956 MISC
django -- django	Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of Unicode characters) would allow an attacker to be sent a password reset token for the matched user account. (One mitigation in the new releases is to send password reset tokens only to the registered user email address.)	2019-12-18	not yet calculated	CVE-2019-19844 MISC MISC UBUNTU CONFIRM
docker -- docker_engine_and_cs_docker_engine	Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 do not use a globally unique identifier to store image layers, which makes it easier for attackers to poison the image cache via a crafted image in pull or push commands.	2019-12-17	not yet calculated	CVE-2014-8178 MISC MISC MISC MISC CONFIRM
drupal -- drupal	The Views Dynamic Fields module through 7.x-1.0-alpha4 for Drupal makes insecure unserialize calls in handlers/views_handler_filter_dynamic_fields.inc, as demonstrated by PHP object injection, involving a field_names object and an Archive_Tar object, for file deletion. Code execution might also be possible.	2019-12-16	not yet calculated	CVE-2019-19826 MISC
eclipse -- che	For Eclipse Che versions 6.16 to 7.3.0, with both authentication and TLS disabled, visiting a malicious web site could trigger the start of an arbitrary Che workspace. Che with no authentication and no TLS is not usually deployed on a public network but is often used for local installations (e.g. on personal laptops). In that case, even if the Che API is not exposed externally, some javascript running in the local browser is able to send requests to it.	2019-12-19	not yet calculated	CVE-2019-17633 CONFIRM
ecryptfs -- ecrpytfs-utils	ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev which creates a possible privilege escalation	2019-12-20	not yet calculated	CVE-2012-3409 MISC MISC MISC REDHAT MISC MISC
elastic -- kibana	Kibana versions before 6.8.6 and 7.5.1 contain a cross site scripting (XSS) flaw in the coordinate and region map visualizations. An attacker with the ability to create coordinate map visualizations could create a malicious visualization. If another Kibana user views that visualization or a dashboard containing the visualization it could execute JavaScript in the victim?s browser.	2019-12-18	not yet calculated	CVE-2019-7621 MISC MISC
excon_gem_for_ruby_on_rails -- excon_gem_for_ruby_on_rails	In RubyGem excon before 0.71.0, there was a race condition around persistent connections, where a connection which is interrupted (such as by a timeout) would leave data on the socket. Subsequent requests would then read this data, returning content from the previous response. The race condition window appears to be short, and it would be difficult to purposefully exploit this.	2019-12-16	not yet calculated	CVE-2019-16779 MISC CONFIRM
ffjpeg -- ffjpeg	bitstr_tell at bitstr.c in ffjpeg through 2019-08-21 has a NULL pointer dereference related to jfif_encode.	2019-12-18	not yet calculated	CVE-2019-19887 MISC
ffjpeg -- ffjpeg	jfif_decode in jfif.c in ffjpeg through 2019-08-21 has a divide-by-zero error.	2019-12-18	not yet calculated	CVE-2019-19888 MISC
ge -- s2020/s2020g_fast_switch_61850	An issue was found in GE S2020/S2020G Fast Switch 61850, S2020/S2020G Fast Switch 61850 Versions 07A03 and prior. An attacker can inject arbitrary Javascript in a specially crafted HTTP request that may be reflected back in the HTTP response. The device is also vulnerable to a stored cross-site scripting vulnerability that may allow session hijacking, disclosure of sensitive data, cross-site request forgery (CSRF) attacks, and remote code execution.	2019-12-18	not yet calculated	CVE-2019-18267 MISC
git_project -- git	An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. Recursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones.	2019-12-18	not yet calculated	CVE-2019-1387 REDHAT CONFIRM
gitlab -- gitlab	An IDOR vulnerability exists in GitLab <v12.1.2, <v12.0.4, and <v11.11.6 that allowed uploading files from project archive to replace other users files potentially allowing an attacker to replace project binaries or other uploaded assets.	2019-12-18	not yet calculated	CVE-2019-5469 MISC MISC
gitlab -- gitlab_community_and_enterprise_editions	A command injection exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12 that allowed an attacker to inject commands via the API through the blobs scope.	2019-12-18	not yet calculated	CVE-2019-15575 MISC
gitlab -- gitlab_community_and_enterprise_editions	An information disclosure vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12 that allowed an attacker to view private system notes from a GraphQL endpoint.	2019-12-18	not yet calculated	CVE-2019-15576 MISC
gitlab -- gitlab_community_and_enterprise_editions	An information disclosure vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12 that allowed project milestones to be disclosed via groups browsing.	2019-12-18	not yet calculated	CVE-2019-15577 MISC
gitlab -- gitlab_community_and_enterprise_editions	A authentication bypass vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.10 in the Salesforce login integration that could be used by an attacker to create an account that bypassed domain restrictions and email verification requirements.	2019-12-18	not yet calculated	CVE-2019-5486 MISC
gitlab -- enterprise_edition	An improper access control vulnerability exists in Gitlab EE <v12.3.3, <v12.2.7, & <v12.1.13 that allowed the group search feature with Elasticsearch to return private code, merge requests and commits.	2019-12-18	not yet calculated	CVE-2019-5487 MISC
gitlab -- gitlab	A denial of service exists in gitlab <v12.3.2, <v12.2.6, and <v12.1.10 that would let an attacker bypass input validation in markdown fields take down the affected page.	2019-12-20	not yet calculated	CVE-2019-15584 MISC
gitlab -- gitlab	An improper access control vulnerability exists in GitLab <12.3.3 that allows an attacker to obtain container and dependency scanning reports through the merge request widget even though public pipelines were disabled.	2019-12-18	not yet calculated	CVE-2019-15591 MISC
gitlab -- gitlab	An information exposure vulnerability exists in gitlab.com <v12.3.2, <v12.2.6, and <v12.1.10 when using the blocking merge request feature, it was possible for an unauthenticated user to see the head pipeline data of a public project even though pipeline visibility was restricted.	2019-12-18	not yet calculated	CVE-2019-15580 MISC
gitlab -- gitlab	An improper access control vulnerability exists in Gitlab <v12.3.2, <v12.2.6, <v12.1.12 which would allow a blocked user would be able to use GIT clone and pull if he had obtained a CI/CD token before.	2019-12-18	not yet calculated	CVE-2019-15589 MISC
gnome -- gnome-keyring	gnome-keyring does not discard stored secrets when using gnome_keyring_lock_all_sync function	2019-12-20	not yet calculated	CVE-2012-6111 MISC REDHAT MISC MISC
gnutls -- gnutls	GnuTLS incorrectly validates the first byte of padding in CBC modes	2019-12-20	not yet calculated	CVE-2015-8313 MISC MISC MISC MISC MISC MISC MISC
handlebars -- handlebars	Versions of handlebars prior to 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Object's __proto__ and __defineGetter__ properties, which may allow an attacker to execute arbitrary code through crafted payloads.	2019-12-20	not yet calculated	CVE-2019-19919 MISC
hcl_software -- hcl_appscan_source	HCL AppScan Source 9.0.3.13 and earlier is susceptible to cross-site scripting (XSS) attacks by allowing users to embed arbitrary JavaScript code in the Web UI.	2019-12-18	not yet calculated	CVE-2019-4388 CONFIRM
hpe -- universal_internet_of_things_platform	Security vulnerabilities in HPE UIoT version 1.2.4.2 could allow unauthorized remote access and access to sensitive data. HPE has addressed this issue in HPE UIoT: For customers with release UIoT 1.2.4.2 fixes are made available with 1.2.4.2 RP3 HF1. For customers with release older than 1.2.4.2, such as 1.2.4.1, 1.2.4.0, the resolution will be to upgrade to 1.2.4.2 RP3 HF1 Customers are requested to upgrade to the updated versions or contact HPE support for further assistance.	2019-12-18	not yet calculated	CVE-2019-11995 MISC
huawei -- multiple_products	There is an information leakage vulnerability on some Huawei products(AR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600). An attacker with low permissions can view some high-privilege information by running specific commands.Successful exploit could cause an information disclosure condition.	2019-12-16	not yet calculated	CVE-2019-5259 MISC
humax -- wireless_voice_gateway_hgb10r-2_devices	An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160817_1855 devices. Admin credentials are sent over cleartext HTTP.	2019-12-18	not yet calculated	CVE-2019-19890 MISC
humax -- wireless_voice_gateway_hgb10r-2_devices	An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160817_1855 devices. The attacker can discover admin credentials in the backup file, aka backupsettings.conf.	2019-12-18	not yet calculated	CVE-2019-19889 MISC
ibm -- cognos_analytics	IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 159356.	2019-12-20	not yet calculated	CVE-2019-4231 XF CONFIRM
ibm -- cognos_analytics	IBM Cognos Analytics 11.0 and 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 166204.	2019-12-20	not yet calculated	CVE-2019-4555 XF CONFIRM
ibm -- cognos_business_intelligence	IBM Cognos Business Intelligence 10.2.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 153179.	2019-12-20	not yet calculated	CVE-2018-1934 XF CONFIRM
ibm -- financial_transaction_manager	IBM Financial Transaction Manager 3.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 172877.	2019-12-20	not yet calculated	CVE-2019-4742 XF CONFIRM
ibm -- financial_transaction_manager	IBM Financial Transaction Manager 3.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 172706.	2019-12-20	not yet calculated	CVE-2019-4736 XF CONFIRM
ibm -- planning_analytics	IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting. IBM X-Force ID: 172094.	2019-12-18	not yet calculated	CVE-2019-4716 XF CONFIRM
intel -- active_management_technology	Insufficient input validation in subsystem for Intel(R) AMT before version 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.	2019-12-18	not yet calculated	CVE-2019-11086 MISC
intel -- active_management_technology	Logic issue in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via network access.	2019-12-18	not yet calculated	CVE-2019-11131 MISC
intel -- active_management_technology	Insufficient input validation in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.	2019-12-18	not yet calculated	CVE-2019-11088 MISC
intel -- active_management_technology	Insufficient input validation in the subsystem for Intel(R) AMT before version 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via network access.	2019-12-18	not yet calculated	CVE-2019-11107 MISC
intel -- active_management_technology	Insufficient input validation in the subsystem for Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable information disclosure via network access.	2019-12-18	not yet calculated	CVE-2019-0166 MISC
intel -- active_management_technology	Insufficient input validation in the subsystem for Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable information disclosure via physical access.	2019-12-18	not yet calculated	CVE-2019-11100 MISC
intel -- active_management_technology	Cross site scripting in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow a privileged user to potentially enable escalation of privilege via network access.	2019-12-18	not yet calculated	CVE-2019-11132 MISC
intel -- active_management_technology	Insufficient input validation in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access.	2019-12-18	not yet calculated	CVE-2019-0131 MISC
intel -- converged_security_and_management_engine	Insufficient input validation in subsystem for Intel(R) CSME before versions 12.0.45 and 13.0.10 may allow a privileged user to potentially enable escalation of privilege via local access.	2019-12-18	not yet calculated	CVE-2019-11108 MISC
intel -- converged_security_and_management_engine	Logic issue in subsystem for Intel(R) CSME before versions 12.0.45, 13.0.10 and 14.0.10 may allow a privileged user to potentially enable escalation of privilege and information disclosure via local access.	2019-12-18	not yet calculated	CVE-2019-11105 MISC
intel -- converged_security_and_management_engine	Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access.	2019-12-18	not yet calculated	CVE-2019-11103 MISC
intel -- converged_security_and_management_engine	Insufficient Input validation in the subsystem for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow a privileged user to potentially enable denial of service via local access.	2019-12-18	not yet calculated	CVE-2019-0165 MISC
intel -- converged_security_and_management_engine_and_trusted_execution_engine	Authentication bypass in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege via local access.	2019-12-18	not yet calculated	CVE-2019-11110 MISC
intel -- converged_security_and_management_engine_and_trusted_execution_engine	Heap overflow in subsystem in Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an unauthenticated user to potentially enable escalation of privileges, information disclosure or denial of service via adjacent access.	2019-12-18	not yet calculated	CVE-2019-0169 MISC
intel -- converged_security_and_management_engine_and_trusted_execution_engine	Insufficient input validation in Intel(R) DAL software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.	2019-12-18	not yet calculated	CVE-2019-11102 MISC
intel -- converged_security_and_management_engine_and_trusted_execution_engine	Insufficient input validation in MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access.	2019-12-18	not yet calculated	CVE-2019-11104 MISC
intel -- converged_security_and_management_engine_and_trusted_execution_engine	Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.	2019-12-18	not yet calculated	CVE-2019-11101 MISC
intel -- converged_security_and_management_engine_and_trusted_execution_engine	Insufficient session validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege via local access.	2019-12-18	not yet calculated	CVE-2019-11106 MISC
intel -- converged_security_and_management_engine_and_trusted_execution_engine	Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45 and 13.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.	2019-12-18	not yet calculated	CVE-2019-0168 MISC
intel -- converged_security_and_management_engine_and_trusted_execution_engine	Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege, information disclosure or denial of service via local access.	2019-12-18	not yet calculated	CVE-2019-11087 MISC
intel -- dynamic_platform_and_thermal_framework	Improper permissions in the Intel(R) Dynamic Platform and Thermal Framework v8.3.10208.5643 and before may allow an authenticated user to potentially execute code at an elevated level of privilege.	2019-12-16	not yet calculated	CVE-2019-0134 MISC
intel -- ethernet_i218_adapter_driver_for_windows_10	Insufficient memory protection for Intel(R) Ethernet I218 Adapter driver for Windows* 10 before version 24.1 may allow an authenticated user to potentially enable information disclosure via local access.	2019-12-16	not yet calculated	CVE-2019-11096 MISC
intel -- fpga_sdk_for_opencl(tm)_pro_edition	Improper conditions check in the Linux kernel driver for the Intel(R) FPGA SDK for OpenCL(TM) Pro Edition before version 19.4 may allow an authenticated user to potentially enable denial of service via local access.	2019-12-16	not yet calculated	CVE-2019-11165 MISC
intel -- management_engine_consumer_driver_for_windows	Improper directory permissions in the installer for Intel(R) Management Engine Consumer Driver for Windows before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45,13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access.	2019-12-18	not yet calculated	CVE-2019-11097 MISC
intel -- multiple_processors	Improper conditions check in voltage settings for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege and/or information disclosure via local access.	2019-12-16	not yet calculated	CVE-2019-11157 CONFIRM CONFIRM MISC
intel -- multiple_processors	Improper conditions check in multiple Intel? Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via local access.	2019-12-16	not yet calculated	CVE-2019-14607 CONFIRM MISC
intel -- multiple_products	Cryptographic timing conditions in the subsystem for Intel(R) PTT before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0 and 14.0.10; Intel(R) TXE 3.1.70 and 4.0.20; Intel(R) SPS before versions SPS_E5_04.01.04.305.0, SPS_SoC-X_04.00.04.108.0, SPS_SoC-A_04.00.04.191.0, SPS_E3_04.01.04.086.0, SPS_E3_04.08.04.047.0 may allow an unauthenticated user to potentially enable information disclosure via network access.	2019-12-18	not yet calculated	CVE-2019-11090 MISC
intel -- multiple_products	Insufficient access control in hardware abstraction driver for MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0, 14.0.10; TXEInfo software for Intel(R) TXE before versions 3.1.70 and 4.0.20; INTEL-SA-00086 Detection Tool version 1.2.7.0 or before; INTEL-SA-00125 Detection Tool version 1.0.45.0 or before may allow an authenticated user to potentially enable escalation of privilege via local access.	2019-12-18	not yet calculated	CVE-2019-11147 MISC
intel -- network_adapters	Insufficient memory protection in the Linux Administrative Tools for Intel(R) Network Adapters before version 24.3 may allow an authenticated user to potentially enable escalation of privilege via local access.	2019-12-16	not yet calculated	CVE-2019-0159 MISC
intel -- nuc	Out of bounds write in firmware for Intel(R) NUC(R) may allow a privileged user to potentially enable escalation of privilege via local access.	2019-12-16	not yet calculated	CVE-2019-14612 MISC
intel -- nuc	Improper input validation in firmware for Intel(R) NUC(R) may allow a privileged user to potentially enable escalation of privilege via local access.	2019-12-16	not yet calculated	CVE-2019-14609 MISC
intel -- nuc	Improper access control in firmware for Intel(R) NUC(R) may allow an authenticated user to potentially enable escalation of privilege via local access.	2019-12-16	not yet calculated	CVE-2019-14610 MISC
intel -- nuc	Integer overflow in firmware for Intel(R) NUC(R) may allow a privileged user to potentially enable escalation of privilege via local access.	2019-12-16	not yet calculated	CVE-2019-14611 MISC
intel -- nuc	Improper buffer restrictions in firmware for Intel(R) NUC(R) may allow an authenticated user to potentially enable escalation of privilege via local access.	2019-12-16	not yet calculated	CVE-2019-14608 MISC
intel -- quartus_prime_pro_edition	Null pointer dereference in the FPGA kernel driver for Intel(R) Quartus(R) Prime Pro Edition before version 19.3 may allow an authenticated user to potentially enable denial of service via local access.	2019-12-16	not yet calculated	CVE-2019-14604 MISC
intel -- quartus_prime_pro_edition	Improper permissions in the installer for the License Server software for Intel? Quartus? Prime Pro Edition before version 19.3 may allow an authenticated user to potentially enable escalation of privilege via local access.	2019-12-16	not yet calculated	CVE-2019-14603 MISC
intel -- rapid_storage_technology	Improper permissions in the executable for Intel(R) RST before version 17.7.0.1006 may allow an authenticated user to potentially enable escalation of privilege via local access.	2019-12-16	not yet calculated	CVE-2019-14568 MISC
intel -- scs_platform_discovery_utility	Improper permissions in the installer for the Intel(R) SCS Platform Discovery Utility, all versions, may allow an authenticated user to potentially enable escalation of privilege via local attack.	2019-12-16	not yet calculated	CVE-2019-14605 MISC
intel -- server_platform_services	Logic issue in the subsystem for Intel(R) SPS before versions SPS_E5_04.01.04.275.0, SPS_SoC-X_04.00.04.100.0 and SPS_SoC-A_04.00.04.191.0 may allow a privileged user to potentially enable denial of service via local access.	2019-12-18	not yet calculated	CVE-2019-11109 MISC
ivanti -- workspace_control	In Ivanti Workspace Control before 10.3.180.0. a locally authenticated user with low privileges can bypass Managed Application Security by leveraging an unspecified attack vector in Workspace Preferences, when it is enabled. As a result, the attacker can start applications that should be blocked.	2019-12-17	not yet calculated	CVE-2019-19675 CONFIRM
jenkins -- jenkins	Jenkins Rundeck Plugin 3.6.5 and earlier stores credentials unencrypted in its global configuration file and in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.	2019-12-17	not yet calculated	CVE-2019-16556 MLIST CONFIRM
jenkins -- jenkins	A missing permission check in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier allows attackers with Overall/Read permission to have Jenkins evaluate a computationally expensive regular expression.	2019-12-17	not yet calculated	CVE-2019-16554 MLIST CONFIRM
jenkins -- jenkins	Jenkins Spira Importer Plugin 3.2.3 and earlier disables SSL/TLS certificate validation for the Jenkins master JVM.	2019-12-17	not yet calculated	CVE-2019-16558 MLIST CONFIRM
jenkins -- jenkins	A missing permission check in Jenkins WebSphere Deployer Plugin 1.6.1 and earlier allows attackers with Overall/Read permission to perform connection tests and determine whether files with an attacker-specified path exist on the Jenkins master file system.	2019-12-17	not yet calculated	CVE-2019-16559 MLIST CONFIRM
jenkins -- jenkins	A cross-site request forgery vulnerability in Jenkins Gerrit Trigger Plugin 2.30.1 and earlier allows attackers to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials.	2019-12-17	not yet calculated	CVE-2019-16551 MLIST CONFIRM
jenkins -- jenkins	A cross-site request forgery vulnerability in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier allows attackers to have Jenkins evaluate a computationally expensive regular expression.	2019-12-17	not yet calculated	CVE-2019-16553 MLIST CONFIRM
jenkins -- jenkins	A cross-site request forgery vulnerability in Jenkins WebSphere Deployer Plugin 1.6.1 and earlier allows attackers to perform connection tests and determine whether files with an attacker-specified path exist on the Jenkins master file system.	2019-12-17	not yet calculated	CVE-2019-16560 MLIST CONFIRM
jenkins -- jenkins	A cross-site request forgery vulnerability in a connection test form method in Jenkins Maven Release Plugin 0.16.1 and earlier allows attackers to have Jenkins connect to an attacker specified web server and parse XML documents.	2019-12-17	not yet calculated	CVE-2019-16550 MLIST CONFIRM
jenkins -- jenkins	A missing permission check in Jenkins Gerrit Trigger Plugin 2.30.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials, or determine the existence of a file with a given path on the Jenkins master.	2019-12-17	not yet calculated	CVE-2019-16552 MLIST CONFIRM
jenkins -- jenkins	Jenkins Maven Release Plugin 0.16.1 and earlier does not configure the XML parser to prevent XML external entity (XXE) attacks, allowing man-in-the-middle attackers to have Jenkins parse crafted XML documents.	2019-12-17	not yet calculated	CVE-2019-16549 MLIST CONFIRM
jenkins -- jenkins	A user-supplied regular expression in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier was processed in a way that wasn't interruptible, allowing attackers to have Jenkins evaluate a regular expression without the ability to interrupt this process.	2019-12-17	not yet calculated	CVE-2019-16555 MLIST CONFIRM
jenkins -- jenkins	Jenkins Redgate SQL Change Automation Plugin 2.0.3 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.	2019-12-17	not yet calculated	CVE-2019-16557 MLIST CONFIRM
joomla! -- joomla!	dataForDepandantField in models/custormfields.php in the JS JOBS FREE extension before 1.2.7 for Joomla! allows SQL Injection via the index.php?option=com_jsjobs&task=customfields.getfieldtitlebyfieldandfieldfo child parameter.	2019-12-19	not yet calculated	CVE-2019-17527 MISC
lansweeper -- lansweeper	The web console in Lansweeper 7.2.105.2 has XSS via the URL path. Product vulnerability has been fixed and disclosed within changelog as of 02 Dec 2019.	2019-12-19	not yet calculated	CVE-2019-18955 CONFIRM
libreoffice_and_apache -- libreoffice_and_openoffice	LibreOffice and OpenOffice automatically open embedded content	2019-12-20	not yet calculated	CVE-2012-5639 MISC REDHAT MISC MISC
maxum_development_corporation -- rumpus_ftp_web_file_manager	A Reflected Cross Site Scripting was discovered in the Login page of Rumpus FTP Web File Manager 8.2.9.1. An attacker can exploit it by sending a crafted link to end users and can execute arbitrary Javascripts	2019-12-16	not yet calculated	CVE-2019-19368 MISC MISC MISC
mediawiki -- mediawiki	The MinervaNeue Skin in MediaWiki from 2019-11-05 to 2019-12-13 (1.35 and/or 1.34) mishandles certain HTML attributes, as demonstrated by IMG onmouseover= (impact is XSS) and IMG src=http (impact is disclosing the client's IP address). This can occur within a talk page topical header that is viewed within a mobile (MobileFrontend) context.	2019-12-19	not yet calculated	CVE-2019-19910 MISC MISC
midori -- midori_browser	In Midori Browser 0.5.11 (on Windows 10), Content Security Policy (CSP) is not applied correctly to all parts of multipart content sent with the multipart/x-mixed-replace MIME type. This could result in script running where CSP should have blocked it, allowing for cross-site scripting (XSS) and other attacks when the product renders the content as HTML. Remediating this would also need to consider the polyglot case, e.g., a file that is a valid GIF image and also valid JavaScript.	2019-12-20	not yet calculated	CVE-2019-19916 MISC MISC MISC
myphpchat-plus -- myphpchat-plus	phpMyChat-Plus 1.98 is vulnerable to reflected XSS via JavaScript injection into the password reset URL. In the URL, the pmc_username parameter to pass_reset.php is vulnerable.	2019-12-20	not yet calculated	CVE-2019-19908 MISC MISC MISC
nalpeiron -- nalpeiron_licensing_service	NLSSRV32.EXE in Nalpeiron Licensing Service 7.3.4.0, as used with Nitro PDF and other products, allows Elevation of Privilege via the \\.\mailslot\nlsX86ccMailslot mailslot.	2019-12-17	not yet calculated	CVE-2019-19315 MISC
nathack -- nathack	In NatHack between 3.6.0 and 3.6.3, a buffer overflow issue exists when reading very long lines from a NetHack configuration file (usually named .nethackrc). This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to upload their own configuration files. All users are urged to upgrade to NetHack 3.6.4 as soon as possible.	2019-12-20	not yet calculated	CVE-2019-16787 MISC CONFIRM MISC
negotiator -- negotiator	negotiator before 0.6.1 is vulnerable to a regular expression DoS	2019-12-20	not yet calculated	CVE-2016-1000022 MISC MISC MISC MISC MISC MISC
nethack -- nethack	NetHack before 3.6.4 is prone to a buffer overflow vulnerability when reading very long lines from configuration files. This affects systems that have NetHack installed suid/sgid, and shared systems that allow users to upload their own configuration files.	2019-12-19	not yet calculated	CVE-2019-19905 MISC MISC MISC CONFIRM MISC
neuvector -- neuvector	NeuVector 3.1 when configured to allow authentication via Active Directory, does not enforce non-empty passwords which allows an attacker with access to the Neuvector portal to authenticate as any valid LDAP user by providing a valid username and an empty password (provided that the active directory server has not been configured to reject empty passwords).	2019-12-20	not yet calculated	CVE-2019-19747 MISC MISC
node-df -- node-df	A code injection exists in node-df v0.1.4 that can allow an attacker to remote code execution by unsanitized input.	2019-12-18	not yet calculated	CVE-2019-15597 MISC
odoo -- community_and_enterprise	Improper access control in the computed fields system of the framework of Odoo Community 13.0 and Odoo Enterprise 13.0 allows remote authenticated attackers to access sensitive information via crafted RPC requests, which could lead to privilege escalation.	2019-12-19	not yet calculated	CVE-2019-11780 MISC
omron -- cj_and_cs_series_programmable_logic_controllers	In Omron PLC CJ series, all versions, and Omron PLC CS series, all versions, the software properly checks for the existence of a lock, but the lock can be externally controlled or influenced by an actor that is outside of the intended sphere of control.	2019-12-16	not yet calculated	CVE-2019-18269 MISC
omron -- cj_and_cs_series_programmable_logic_controllers	In Omron PLC CJ series, all versions, and Omron PLC CS series, all versions, an attacker could monitor traffic between the PLC and the controller and replay requests that could result in the opening and closing of industrial valves.	2019-12-16	not yet calculated	CVE-2019-13533 MISC
omron -- cj_and_cs_series_programmable_logic_controllers	In Omron PLC CJ series, all versions and Omron PLC CS series, all versions, an attacker could spoof arbitrary messages or execute commands.	2019-12-16	not yet calculated	CVE-2019-18259 MISC
omron -- cj_and_nj_series_programmable_logic_controllers	In Omron PLC CS series, all versions, Omron PLC CJ series, all versions, and Omron PLC NJ series, all versions, the software does not implement sufficient measures to prevent multiple failed authentication attempts within in a short time frame, making it more susceptible to brute force attacks.	2019-12-16	not yet calculated	CVE-2019-18261 MISC
opera -- opera_for_android	Opera for Android before 54.0.2669.49432 is vulnerable to a sandboxed cross-origin iframe bypass attack. By using a service working inside a sandboxed iframe it is possible to bypass the normal sandboxing attributes. This allows an attacker to make forced redirections without any user interaction from a third-party context.	2019-12-18	not yet calculated	CVE-2019-19788 MISC
palo_alto_networks -- pan-os	Improper restriction of communications to Log Forwarding Card (LFC) on PA-7000 Series devices with second-generation Switch Management Card (SMC) may allow an attacker with network access to the LFC to gain root access to PAN-OS. This issue affects PAN-OS 9.0 versions prior to 9.0.5-h3 on PA-7080 and PA-7050 devices with an LFC installed and configured. This issue does not affect PA-7000 Series deployments using the first-generation SMC and the Log Processing Card (LPC). This issue does not affect any other PA series devices. This issue does not affect devices without an LFC. This issue does not affect PAN-OS 8.1 or prior releases. This issue only affects a very limited number of customers and we undertook individual outreach to help them upgrade. At the time of publication, all identified customers have upgraded SW or content and are not impacted.	2019-12-20	not yet calculated	CVE-2019-17440 CONFIRM
pebble_templates -- pebble_templates	Pebble Templates 3.1.2 allows attackers to bypass a protection mechanism (intended to block access to instances of java.lang.Class) because getClass is accessible via the public static java.lang.Class java.lang.Class.forName(java.lang.Module,java.lang.String) signature.	2019-12-19	not yet calculated	CVE-2019-19899 MISC
phillips -- multiple_routers	An issue was found in Philips Veradius Unity, Pulsera, and Endura Dual WAN Router, Veradius Unity (718132) with wireless option (shipped between 2016-August 2018), Veradius Unity (718132) with ViewForum option (shipped between 2016-August 2018), Pulsera (718095) and Endura (718075) with wireless option (shipped between 26-June-2017 through 07-August 2018), Pulsera (718095) and Endura (718075) with ViewForum option (shipped between 26-June-2017 through 07-August 2018). The router software uses an encryption scheme that is not strong enough for the level of protection required.	2019-12-20	not yet calculated	CVE-2019-18263 MISC
plex -- media_server	The Camera Upload functionality in Plex Media Server through 1.18.2.2029 allows remote authenticated users to write files anywhere the user account running the Plex Media Server has permissions. This allows remote code execution via a variety of methods, such as (on a default Ubuntu installation) creating a .ssh folder in the plex user's home directory via directory traversal, uploading an SSH authorized_keys file there, and logging into the host as the Plex user via SSH.	2019-12-19	not yet calculated	CVE-2019-19141 MISC
pronestor -- pronestor_planner	An issue was discovered in the Outlook add-in in Pronestor Planner before 8.1.77. There is local privilege escalation in the Health Monitor service because PronestorHealthMonitor.exe access control is mishandled, aka PNB-2359.	2019-12-18	not yet calculated	CVE-2019-17390 MISC MISC
public_knowledge_project -- pkp-lib	An issue was discovered in Public Knowledge Project (PKP) pkp-lib before 3.1.2-2, as used in Open Journal Systems (OJS) before 3.1.2-2. Code injection can occur in the OJS report generator if an authenticated Journal Manager user visits a crafted URL, because unserialize is used.	2019-12-19	not yet calculated	CVE-2019-19909 MISC MISC MISC
pylons_project -- waitress	Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separated list, with the inner-most encoding first, followed by any further transfer codings, ending with chunked. Requests sent with: "Transfer-Encoding: gzip, chunked" would incorrectly get ignored, and the request would use a Content-Length header instead to determine the body size of the HTTP message. This could allow for Waitress to treat a single request as multiple requests in the case of HTTP pipelining. This issue is fixed in Waitress 1.4.0.	2019-12-20	not yet calculated	CVE-2019-16786 MISC MISC CONFIRM
pylons_project -- waitress	Waitress through version 1.3.1 implemented a "MAY" part of the RFC7230 which states: "Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize a single LF as a line terminator and ignore any preceding CR." Unfortunately if a front-end server does not parse header fields with an LF the same way as it does those with a CRLF it can lead to the front-end and the back-end server parsing the same HTTP message in two different ways. This can lead to a potential for HTTP request smuggling/splitting whereby Waitress may see two requests while the front-end server only sees a single HTTP message. This issue is fixed in Waitress 1.4.0.	2019-12-20	not yet calculated	CVE-2019-16785 MISC MISC CONFIRM
qualcomm -- multiple_snapdragon_products	Multiple read overflows in MM while decoding service accept,service reject,attach reject and MT detach in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130	2019-12-18	not yet calculated	CVE-2019-10516 CONFIRM
qualcomm -- multiple_snapdragon_products	Memory is being freed up twice when two concurrent threads are executing in parallel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8996AU, QCS405, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130	2019-12-18	not yet calculated	CVE-2019-10517 CONFIRM
qualcomm -- multiple_snapdragon_products	Improper length check on source buffer to handle userspace data received can lead to out-of-bound access in diag handlers in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, QCN7605, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130	2019-12-18	not yet calculated	CVE-2019-10544 CONFIRM
qualcomm -- multiple_snapdragon_products	Out-of-bound read in the wireless driver in the Linux kernel due to lack of check of buffer length. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDX20, SDX55, SXR1130	2019-12-18	not yet calculated	CVE-2019-10557 CONFIRM
qualcomm -- multiple_snapdragon_products	Potential double free scenario if driver receives another DIAG_EVENT_LOG_SUPPORTED event from firmware as the pointer is not set to NULL on first call in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6174A, QCA6574AU, QCA8081, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA660, SDA845, SDM450, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130	2019-12-18	not yet calculated	CVE-2019-10536 CONFIRM
qualcomm -- multiple_snapdragon_products	Use after free of a pointer in iWLAN scenario during netmgr state transition to CONNECT in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, QCA6574AU, QCS405, QCS605, SDA660, SDA845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130	2019-12-18	not yet calculated	CVE-2019-10518 CONFIRM
qualcomm -- multiple_snapdragon_products	Buffer overflow during SIB read when network configures complete sib list along with first and last segment of other SIB in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130	2019-12-18	not yet calculated	CVE-2019-10525 CONFIRM
qualcomm -- multiple_snapdragon_products	Improper validation of event buffer extracted from FW response can lead to integer overflow, which will allow to pass the length check and eventually will lead to buffer overwrite when event data is copied to context buffer in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, Nicobar, QCA6574AU, QCN7605, QCS405, QCS605, SDM660, SDM845, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130	2019-12-18	not yet calculated	CVE-2019-10537 CONFIRM
qualcomm -- multiple_snapdragon_products	Due to the use of non-time-constant comparison functions there is issue in timing side channels which can be used as a potential side channel for SUI corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCS404, QCS405, QCS605, QM215, SA6155P, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130	2019-12-18	not yet calculated	CVE-2019-10482 CONFIRM
qualcomm -- multiple_snapdragon_products	Out of bound access occurs while handling the WMI FW event due to lack of check of buffer argument which comes directly from the WLAN FW in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9607, MSM8996AU, QCA6574AU, QCA8081, QCN7605, SDX55, SM6150, SM7150, SM8150	2019-12-18	not yet calculated	CVE-2019-10481 CONFIRM
qualcomm -- multiple_snapdragon_products	Buffer over read can happen while parsing SMS OTA messages at transport layer if network sends un-intended values in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130	2019-12-18	not yet calculated	CVE-2019-10487 CONFIRM
qualcomm -- multiple_snapdragon_products	Possibility of Null pointer access if the SPDM commands are executed in the non-standard way in Trustzone in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ8074, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCS404, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130	2019-12-18	not yet calculated	CVE-2019-10513 CONFIRM
qualcomm -- multiple_snapdragon_products	Possible OOB issue in EEPROM due to lack of check while accessing memory map array at the time of reading operation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, MSM8909W, MSM8917, MSM8953, Nicobar, QCS405, QCS605, QM215, SA6155P, SDA845, SDM429, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130	2019-12-18	not yet calculated	CVE-2019-10564 CONFIRM
qualcomm -- multiple_snapdragon_products	While processing MT Secondary PDP request, Buffer overflow will happen due to incorrect calculation of buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130	2019-12-18	not yet calculated	CVE-2019-10500 CONFIRM
qualcomm -- multiple_snapdragon_products	Improper check in video driver while processing data from video firmware can lead to integer overflow and then buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130	2019-12-18	not yet calculated	CVE-2019-10572 CONFIRM
rack_gem_for_ruby_on_rails -- rack_gem_for_ruby_on_rails	There's a possible information leak / session hijack vulnerability in Rack (RubyGem rack). This vulnerability is patched in versions 1.6.12 and 2.0.8. Attackers may be able to find and hijack sessions by using timing attacks targeting the session id. Session ids are usually stored and indexed in a database that uses some kind of scheme for speeding up lookups of that session id. By carefully measuring the amount of time it takes to look up a session, an attacker may be able to find a valid session id and hijack the session. The session id itself may be generated randomly, but the way the session is indexed by the backing store does not use a secure comparison.	2019-12-18	not yet calculated	CVE-2019-16782 MLIST MLIST MLIST CONFIRM CONFIRM
red_hat -- ansible_tower	A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.4, when /websocket is requested and the password contains the '#' character. This request would cause a socket error in RabbitMQ when parsing the password and an HTTP error code 500 and partial password disclose will occur in plaintext. An attacker could easily guess some predictable passwords or brute force the password.	2019-12-19	not yet calculated	CVE-2019-19342 CONFIRM
red_hat -- ansible_tower	A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.3, where enabling RabbitMQ manager by setting it with '-e rabbitmq_enable_manager=true' exposes the RabbitMQ management interface publicly, as expected. If the default admin user is still active, an attacker could guess the password and gain access to the system.	2019-12-19	not yet calculated	CVE-2019-19340 CONFIRM
red_hat -- ansible_tower	A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2, where files in '/var/backup/tower' are left world-readable. These files include both the SECRET_KEY and the database backup. Any user with access to the Tower server, and knowledge of when a backup is run, could retrieve every credential stored in Tower. Access to data is the highest threat with this vulnerability.	2019-12-19	not yet calculated	CVE-2019-19341 CONFIRM
red_hat -- jboss_application_server_7	An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation, A threat gets reused from the thread pool that still retains the security context from the process last used, which lets a local user obtain elevated privileges.	2019-12-18	not yet calculated	CVE-2012-2312 MISC MISC MISC
roxy_fileman -- roxy_fileman	Roxy Fileman 1.4.5 for .NET is vulnerable to path traversal. A remote attacker can write uploaded files to arbitrary locations via the RENAMEFILE action. This can be leveraged for code execution by uploading a specially crafted Windows shortcut file and writing the file to the Startup folder (because an incomplete blacklist of file extensions allows Windows shortcut files to be uploaded).	2019-12-16	not yet calculated	CVE-2019-19731 MISC MISC
shadowsocks -- shadowsocks-libev	An exploitable information disclosure vulnerability exists in the network packet handling functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher, a specially crafted set of network packets can cause an outbound connection from the server, resulting in information disclosure. An attacker can send arbitrary packets to trigger this vulnerability.	2019-12-18	not yet calculated	CVE-2019-5152 MISC
shadow -- shadow	shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).	2019-12-18	not yet calculated	CVE-2019-19882 MISC MISC MISC MISC MISC
simplifile -- recordfusion	In Simplifile RecordFusion through 2019-11-25, the logs and hist parameters allow remote attackers to access local files via a logger/logs?/../ or logger/hist?/../ URI.	2019-12-17	not yet calculated	CVE-2019-19264 MISC
solarwinds -- serv-u_ftp_server	A cross-site scripting (XSS) vulnerability exists in SolarWinds Serv-U FTP Server 15.1.7 in the email parameter, a different vulnerability than CVE-2018-19934 and CVE-2019-13182.	2019-12-18	not yet calculated	CVE-2019-19829 MISC
sonicos -- ssl_vpn_nacagent	Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path in quotes, so if a malicious binary by an attacker within the parent path could allow code execution.	2019-12-19	not yet calculated	CVE-2019-7487 CONFIRM
sonicwall -- sma100_devices	Code injection in SonicWall SMA100 allows an authenticated user to execute arbitrary code in viewcacert CGI script. This vulnerability impacted SMA100 version 9.0.0.4 and earlier.	2019-12-19	not yet calculated	CVE-2019-7486 CONFIRM
sonicwall -- sma100_devices	Buffer overflow in SonicWall SMA100 allows an authenticated user to execute arbitrary code in DEARegister CGI script. This vulnerability impacted SMA100 version 9.0.0.3 and earlier.	2019-12-19	not yet calculated	CVE-2019-7485 CONFIRM
sonicwall -- sma100_devices	In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server.	2019-12-19	not yet calculated	CVE-2019-7483 CONFIRM
sonicwall -- sma100_devices	Authenticated SQL Injection in SonicWall SMA100 allow user to gain read-only access to unauthorized resources using viewcacert CGI script. This vulnerability impacted SMA100 version 9.0.0.3 and earlier.	2019-12-19	not yet calculated	CVE-2019-7484 CONFIRM
sonicwall -- sma100_devices	Stack-based buffer overflow in SonicWall SMA100 allows an unauthenticated user to execute arbitrary code in function libSys.so. This vulnerability impacted SMA100 version 9.0.0.3 and earlier.	2019-12-19	not yet calculated	CVE-2019-7482 CONFIRM
statics_server -- statics_server	A path traversal in statics-server exists in all version that allows an attacker to perform a path traversal when a symlink is used within the working directory.	2019-12-18	not yet calculated	CVE-2019-15596 MISC
sudo -- sudo	In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user.	2019-12-19	not yet calculated	CVE-2019-19232 CONFIRM MISC
sudo -- sudo	In Sudo through 1.8.29, the fact that a user has been blocked (e.g., by using the ! character in the shadow file instead of a password hash) is not considered, allowing an attacker (who has access to a Runas ALL sudoer account) to impersonate any blocked user.	2019-12-19	not yet calculated	CVE-2019-19234 CONFIRM MISC
swagger -- swagger_ui	swagger-ui has XSS in key names	2019-12-20	not yet calculated	CVE-2016-1000229 MISC MISC MISC MISC
sylabs -- singularity	Insecure permissions (777) are set on $HOME/.singularity when it is newly created by Singularity (version from 3.3.0 to 3.5.1), which could lead to an information leak, and malicious redirection of operations performed against Sylabs cloud services.	2019-12-18	not yet calculated	CVE-2019-19724 CONFIRM
talend -- restlet_framework	An XML eXternal Entity (XXE) issue exists in Restlet 1.1.10 in an endpoint using XML transport, which lets a remote attacker obtain sensitive information.	2019-12-18	not yet calculated	CVE-2012-2656 MISC MISC MISC MISC MISC
tautulli -- tautulli	In Tautulli 2.1.9, CSRF in the /shutdown URI allows an attacker to shut down the remote media server. (Also, anonymous access can be achieved in applications that do not have a user login area).	2019-12-18	not yet calculated	CVE-2019-19833 MISC MISC
tibco -- multiple_tibco_spotfire_products	The Visualizations component of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Deployment Kit, TIBCO Spotfire Desktop, and TIBCO Spotfire Desktop Language Packs contains a vulnerability that theoretically allows an attacker with permission to write DXP files to the Spotfire library to remotely execute code of their choice on the user account of other users who access the affected system. This attack is a risk only when the attacker has write access to a network file system shared with the affected system. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analyst: versions 7.11.1 and below, versions 7.12.0, 7.13.0, 7.14.0, 10.0.0, 10.1.0, 10.2.0, 10.3.0, 10.3.1, and 10.3.2, versions 10.4.0, 10.5.0, and 10.6.0, TIBCO Spotfire Analytics Platform for AWS Marketplace: version 10.6.0, TIBCO Spotfire Deployment Kit: versions 7.11.1 and below, TIBCO Spotfire Desktop: versions 7.11.1 and below, versions 7.12.0, 7.13.0, 7.14.0, 10.0.0, 10.1.0, 10.2.0, 10.3.0, 10.3.1, and 10.3.2, versions 10.4.0, 10.5.0, and 10.6.0, and TIBCO Spotfire Desktop Language Packs: versions 7.11.1 and below.	2019-12-17	not yet calculated	CVE-2019-17334 MISC MISC
tibco -- spotfire_analytics_platform_for_aws_marketplace_and_spotfire_server	The Data access layer component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains multiple vulnerabilities that theoretically allow an attacker access to data cached from a data source, or a portion of a data source, that the attacker should not have access to. The attacker would need privileges to save a Spotfire file to the library. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace: version 10.6.0 and TIBCO Spotfire Server: versions 7.11.7 and below, versions 7.12.0, 7.13.0, 7.14.0, 10.0.0, 10.0.1, 10.1.0, 10.2.0, 10.2.1, 10.3.0, 10.3.1, 10.3.2, 10.3.3, and 10.3.4, versions 10.4.0, 10.5.0, and 10.6.0.	2019-12-17	not yet calculated	CVE-2019-17335 MISC MISC
tibco -- spotfire_analytics_platform_for_aws_marketplace_and_spotfire_server	The Data access layer component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains multiple vulnerabilities that theoretically allow an attacker access to information that can lead to obtaining credentials used to access Spotfire data sources. The attacker would need privileges to save a Spotfire file to the library, and only applies in a situation where NTLM credentials, or a credentials profile is in use. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace: version 10.6.0 and TIBCO Spotfire Server: versions 7.11.7 and below, versions 7.12.0, 7.13.0, 7.14.0, 10.0.0, 10.0.1, 10.1.0, 10.2.0, 10.2.1, 10.3.0, 10.3.1, 10.3.2, 10.3.3, and 10.3.4, versions 10.4.0, 10.5.0, and 10.6.0.	2019-12-17	not yet calculated	CVE-2019-17336 MISC MISC
tree-kill -- tree-kill	A Code Injection exists in treekill on Windows which allows a remote code execution when an attacker is able to control the input into the command.	2019-12-18	not yet calculated	CVE-2019-15598 MISC
tree-kill -- tree-kill	A Code Injection exists in tree-kill on Windows which allows a remote code execution when an attacker is able to control the input into the command.	2019-12-18	not yet calculated	CVE-2019-15599 MISC
trend_micro -- apex_one	Trend Micro Apex One (2019) is affected by a cross-site scripting (XSS) vulnerability on the product console. Note that the Japanese version of the product is NOT affected.	2019-12-20	not yet calculated	CVE-2019-19692 MISC
trend_micro -- apex_one_and_officescan_xg	A vulnerability in Trend Micro Apex One and OfficeScan XG could allow an attacker to expose a masked credential key by manipulating page elements using development tools. Note that the attacker must already have admin/root privileges on the product console to exploit this vulnerability.	2019-12-20	not yet calculated	CVE-2019-19691 MISC
trend_micro -- deep_security	A privilege escalation vulnerability in the Trend Micro Deep Security as a Service Quick Setup cloud formation template could allow an authenticated entity with certain unrestricted AWS execution privileges to escalate to full privileges within the target AWS account.	2019-12-16	not yet calculated	CVE-2019-18191 N/A
trend_micro -- housecall_for_home_networks	A privilege escalation vulnerability in Trend Micro HouseCall for Home Networks (versions below 5.3.0.1063) could be exploited allowing an attacker to place a malicious DLL file into the application directory and elevate privileges.	2019-12-18	not yet calculated	CVE-2019-19688 MISC
trend_micro -- housecall_for_home_networks	Trend Micro HouseCall for Home Networks (versions below 5.3.0.1063) could be exploited via a DLL Hijack related to a vulnerability on the packer that the program uses.	2019-12-18	not yet calculated	CVE-2019-19689 MISC
trend_micro -- security_2020	The Trend Micro Security 2020 consumer family of products contains a vulnerability that could allow a local attacker to disclose sensitive information or to create a denial-of-service condition on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.	2019-12-20	not yet calculated	CVE-2019-19693 MISC MISC
trend_micro -- mobile_security_for_android	Trend Micro Mobile Security for Android (Consumer) versions 10.3.1 and below on Android 8.0+ has an issue in which an attacker could bypass the product's App Password Protection feature.	2019-12-18	not yet calculated	CVE-2019-19690 MISC
trendnet -- tew-651br_and_tew-652brp_and_tew-652bru_devices	An issue was discovered on TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices. OS command injection occurs through the get_set.ccp lanHostCfg_HostName_1.1.1.0.0 parameter.	2019-12-18	not yet calculated	CVE-2019-11399 MISC MISC
trendnet -- tew-651br_and_tew-652brp_and_tew-652bru_devices	An issue was discovered on TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices. A buffer overflow occurs through the get_set.ccp ccp_act parameter.	2019-12-18	not yet calculated	CVE-2019-11400 MISC MISC
typo3 -- typo3	An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. It has been discovered that the extraction of manually uploaded ZIP archives in Extension Manager is vulnerable to directory traversal. Admin privileges are required in order to exploit this vulnerability. (In v9 LTS and later, System Maintainer privileges are also required.)	2019-12-17	not yet calculated	CVE-2019-19848 MISC MISC
typo3 -- typo3	An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. It has been discovered that the classes QueryGenerator and QueryView are vulnerable to insecure deserialization. One exploitable scenario requires having the system extension ext:lowlevel (Backend Module: DB Check) installed, with a valid backend user who has administrator privileges. The other exploitable scenario requires having the system extension ext:sys_action installed, with a valid backend user who has limited privileges.	2019-12-17	not yet calculated	CVE-2019-19849 MISC MISC
vmware -- vcenter	A security vulnerability in HPE OneView for VMware vCenter 9.5 could be exploited remotely to allow Cross-Site Scripting.	2019-12-18	not yet calculated	CVE-2019-11992 MISC
wago -- pfc100_and_pfc200_devices	An exploitable denial of service vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). A specially crafted set of packets can cause a denial of service, resulting in the device entering an error state where it ceases all network communications. An attacker can send unauthenticated packets to trigger this vulnerability.	2019-12-18	not yet calculated	CVE-2019-5078 MISC
wago -- pfc100_and_pfc200_devices	An exploitable heap buffer overflow vulnerability exists in the iocheckd service ''I/O-Chec'' functionality of WAGO PFC 200 Firmware version 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). A specially crafted set of packets can cause a heap buffer overflow, potentially resulting in code execution. An attacker can send unauthenticated packets to trigger this vulnerability.	2019-12-18	not yet calculated	CVE-2019-5081 MISC MISC
wago -- pfc100_and_pfc200_devices	An exploitable information exposure vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). A specially crafted set of packets can cause an external tool to fail, resulting in uninitialized stack data to be copied to the response packet buffer. An attacker can send unauthenticated packets to trigger this vulnerability.	2019-12-18	not yet calculated	CVE-2019-5073 MISC
wago -- pfc100_and_pfc200_devices	An exploitable stack buffer overflow vulnerability exists in the command line utility getcouplerdetails of WAGO PFC200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). A specially crafted set of packets sent to the iocheckd service "I/O-Check" can cause a stack buffer overflow in the sub-process getcouplerdetails, resulting in code execution. An attacker can send unauthenticated packets to trigger this vulnerability.	2019-12-18	not yet calculated	CVE-2019-5075 MISC
wago -- pfc100_and_pfc200_devices	An exploitable stack buffer overflow vulnerability exists in the iocheckd service ''I/O-Check'' functionality of WAGO PFC200 Firmware version 03.01.07(13), WAGO PFC200 Firmware version 03.00.39(12) and WAGO PFC100 Firmware version 03.00.39(12). A specially crafted set of packets can cause a stack buffer overflow, resulting in code execution. An attacker can send unauthenticated packets to trigger this vulnerability.	2019-12-18	not yet calculated	CVE-2019-5074 CONFIRM
wago -- pfc100_and_pfc200_devices	An exploitable denial-of-service vulnerability exists in the iocheckd service ??I/O-Chec?? functionality of WAGO PFC 200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC 100 Firmware version 03.00.39(12). A specially crafted set of packets can cause a denial of service, resulting in the device entering an error state where it ceases all network communications. An attacker can send unauthenticated packets to trigger this vulnerability.	2019-12-18	not yet calculated	CVE-2019-5077 MISC
wago -- pfc100_and_pfc200_devices	An exploitable denial-of-service vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC 200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). A single packet can cause a denial of service and weaken credentials resulting in the default documented credentials being applied to the device. An attacker can send an unauthenticated packet to trigger this vulnerability.	2019-12-18	not yet calculated	CVE-2019-5080 MISC
wago -- pfc100_and_pfc200_devices	An exploitable heap buffer overflow vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). A specially crafted set of packets can cause a heap buffer overflow, potentially resulting in code execution. An attacker can send unauthenticated packets to trigger this vulnerability.	2019-12-18	not yet calculated	CVE-2019-5079 MISC
wordpress -- wordpress	The "301 Redirects - Easy Redirect Manager" plugin before 2.45 for WordPress allows users (with subscriber or greater access) to modify, delete, or inject redirect rules, and exploit XSS, with the /admin-ajax.php?action=eps_redirect_save and /admin-ajax.php?action=eps_redirect_delete actions. This could result in a loss of site availability, malicious redirects, and user infections. This could also be exploited via CSRF.	2019-12-19	not yet calculated	CVE-2019-19915 MISC MISC
xerox -- altalink_c8035_printers	Xerox AltaLink C8035 printers allow CSRF. A request to add users is made in the Device User Database form field to the xerox.set URI. (The frmUserName value must have a unique name.)	2019-12-18	not yet calculated	CVE-2019-19832 MISC
xiaomi-- multiple_devices	An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDCGQ01LM, RTCGQ01LM 5.5.48 devices. Because of insecure key transport in ZigBee communication, attackers can obtain sensitive information, cause a denial of service attack, take over smart home devices, and tamper with messages.	2019-12-20	not yet calculated	CVE-2019-15913 MISC
xiaomi -- multiple_devices	An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDCGQ01LM, RTCGQ01LM 5.5.48 devices. Attackers can utilize the "discover ZigBee network procedure" to perform a denial of service attack.	2019-12-20	not yet calculated	CVE-2019-15915 MISC
xiaomi -- multiple_devices	An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDCGQ01LM, RTCGQ01LM 5.5.48 devices. Attackers can use the ZigBee trust center rejoin procedure to perform a denial of service attack.	2019-12-20	not yet calculated	CVE-2019-15914 MISC MISC
yarn -- yarn	In Yarn before 1.21.1, the package install functionality can be abused to generate arbitrary symlinks on the host filesystem by using specially crafted "bin" keys. Existing files could be overwritten depending on the current user permission set.	2019-12-16	not yet calculated	CVE-2019-10773 MISC MISC CONFIRM MISC
zoho_manageengine -- adselfservice_plus	An open redirect vulnerability was discovered in Zoho ManageEngine ADSelfService Plus 5.x before 5809 that allows attackers to force users who click on a crafted link to be sent to a specified external site.	2019-12-18	not yet calculated	CVE-2019-18781 CONFIRM MISC

This product is provided subject to this Notification and this Privacy & Use policy.

↧

Vulnerability Summary for the Week of December 23, 2019

December 30, 2019, 3:32 am

≫ Next: Reminder: CISA Publishes Weekly Vulnerability Summaries

≪ Previous: Vulnerability Summary for the Week of December 16, 2019

Original release date: December 30, 2019

High Vulnerabilities

Primary Vendor -- Product	Description	Published	CVSS Score	Source & Patch Info
handlebars -- handlebars	Versions of handlebars prior to 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Object's __proto__ and __defineGetter__ properties, which may allow an attacker to execute arbitrary code through crafted payloads.	2019-12-20	7.5	CVE-2019-19919 MISC

Medium Vulnerabilities

Primary Vendor -- Product	Description	Published	CVSS Score	Source & Patch Info
huawei -- elle-al00b_smart_phones	Huawei smart phones with earlier versions than ELLE-AL00B 9.1.0.222(C00E220R2P1) have a buffer overflow vulnerability. An attacker may intercept and tamper with the packet in the local area network (LAN) to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal.	2019-12-23	5.8	CVE-2019-5276 CONFIRM
huawei -- p30_smartphones	Huawei Share function in P30 9.1.0.193(C00E190R2P1) smartphone has an improper access control vulnerability. The function incorrectly controls certain access messages, attackers can simulate a sender to steal P2P network information. Successful exploit may cause information leakage.	2019-12-23	5	CVE-2019-5265 CONFIRM
huawei -- p30_smartphones	Huawei Share function in P30 9.1.0.193(C00E190R2P1) smartphone has an insufficient input validation vulnerability. Attackers can exploit this vulnerability by sending crafted packets to the affected device. Successful exploit may cause the function will be disabled.	2019-12-23	5	CVE-2019-5266 CONFIRM
ibm -- cognos_analytics	IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 159356.	2019-12-20	4.3	CVE-2019-4231 XF CONFIRM
ibm -- cognos_business_intelligence	IBM Cognos Business Intelligence 10.2.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 153179.	2019-12-20	6.8	CVE-2018-1934 XF CONFIRM
ibm -- financial_transaction_manager	IBM Financial Transaction Manager 3.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 172706.	2019-12-20	4.3	CVE-2019-4736 XF CONFIRM
ibm -- financial_transaction_manager	IBM Financial Transaction Manager 3.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 172877.	2019-12-20	4.3	CVE-2019-4742 XF CONFIRM
ibm -- financial_transaction_manager	IBM Financial Transaction Manager 3.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 172880.	2019-12-20	4.3	CVE-2019-4743 XF CONFIRM
ibm -- financial_transaction_manager	IBM Financial Transaction Manager 3.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 172882.	2019-12-20	4.3	CVE-2019-4744 XF CONFIRM
lout -- lout	Lout 3.40 has a buffer overflow in the StringQuotedWord() function in z39.c.	2019-12-20	6.8	CVE-2019-19917 MISC
lout -- lout	Lout 3.40 has a heap-based buffer overflow in the srcnext() function in z02.c.	2019-12-20	6.8	CVE-2019-19918 MISC

Low Vulnerabilities

Primary Vendor -- Product	Description	Published	CVSS Score	Source & Patch Info
huawei -- oceanstor_sns3096	Huawei OceanStor SNS3096 V100R002C01 have an information disclosure vulnerability. Attackers with low privilege can exploit this vulnerability by performing some specific operations. Successful exploit of this vulnerability can cause some information disclosure.	2019-12-23	2.1	CVE-2019-5267 CONFIRM
ibm -- cognos_analytics	IBM Cognos Analytics 11.0 and 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 166204.	2019-12-20	3.5	CVE-2019-4555 XF CONFIRM

Severity Not Yet Assigned

Primary Vendor -- Product	Description	Published	CVSS Score	Source & Patch Info
abcprintf -- upload-image-with-ajax	Due to a logic error in the code, upload-image-with-ajax v1.0 allows arbitrary files to be uploaded to the web root allowing code execution.	2019-12-23	not yet calculated	CVE-2019-8293 MLIST MISC
alcatel-lucent_enterprise -- omnivista_4760_and_8770_devices	An issue was discovered on Alcatel-Lucent OmniVista 4760 devices, and 8770 devices before 4.1.2. An incorrect web server configuration allows a remote unauthenticated attacker to retrieve the content of its own session files. Every session file contains the administrative LDAP credentials encoded in a reversible format. Sessions are stored in /sessions/sess_<sessionid>.	2019-12-27	not yet calculated	CVE-2019-20047 MISC MISC MISC MISC
alcatel-lucent_enterprise -- omnivista_4760_devices	An issue was discovered on Alcatel-Lucent OmniVista 4760 devices. A remote unauthenticated attacker can chain a directory traversal (which helps to bypass authentication) with an insecure file upload to achieve Remote Code Execution as SYSTEM. The directory traversal is in the __construct() whereas the insecure file upload is in SetSkinImages().	2019-12-27	not yet calculated	CVE-2019-20049 MISC MISC MISC MISC
alcatel-lucent_enterprise -- omnivista_8770_devices	An issue was discovered on Alcatel-Lucent OmniVista 8770 devices before 4.1.2. An authenticated remote attacker, with elevated privileges in the Web Directory component on port 389, may upload a PHP file to achieve Remote Code Execution as SYSTEM.	2019-12-27	not yet calculated	CVE-2019-20048 MISC MISC MISC MISC
apache -- tomcat	When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker could perform a session fixation attack. The window was considered too narrow for an exploit to be practical but, erring on the side of caution, this issue has been treated as a security vulnerability.	2019-12-23	not yet calculated	CVE-2019-17563 CONFIRM BUGTRAQ DEBIAN
apache -- tomcat	When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0.97 is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack to capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and gain complete control over the Tomcat instance.	2019-12-23	not yet calculated	CVE-2019-12418 CONFIRM BUGTRAQ DEBIAN
appleple -- a-blog_cms	a-blog cms versions prior to Ver.2.10.23 (Ver.2.10.x), Ver.2.9.26 (Ver.2.9.x), and Ver.2.8.64 (Ver.2.8.x) allows arbitrary scripts to be executed in the context of the application due to unspecified vectors.	2019-12-26	not yet calculated	CVE-2019-6034 MISC MISC
appleple -- a-blog_cms	Cross-site scripting vulnerability in a-blog cms versions prior to Ver.2.10.23 (Ver.2.10.x), Ver.2.9.26 (Ver.2.9.x), and Ver.2.8.64 (Ver.2.8.x) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	2019-12-26	not yet calculated	CVE-2019-6033 MISC MISC
archery -- archery	In Archery before 1.3, inserting an XSS payload into a project name (either by creating a new project or editing an existing one) will result in stored XSS on the vulnerability-scan scheduling page.	2019-12-26	not yet calculated	CVE-2019-20008 MISC MISC MISC
artica -- pandora_fms	Pandora FMS 7.x suffers from remote code execution vulnerability. With an authenticated user who can modify the alert system, it is possible to define and execute Commands in the context of the Application.	2019-12-26	not yet calculated	CVE-2019-19681 MISC
avtech -- avn801_dvr	AVTECH AVN801 DVR has a security bypass via the administration login captcha	2019-12-27	not yet calculated	CVE-2013-4982 MISC MISC MISC
belkin -- f5d8236-4_wireless_router	An authentication bypass exists in the web management interface in Belkin F5D8236-4 v2.	2019-12-26	not yet calculated	CVE-2013-3085 MISC
belkin -- n900_router	Belkin N900 router (F9K1104v1) contains an Authentication Bypass using "Javascript debugging".	2019-12-26	not yet calculated	CVE-2013-3088 MISC MISC
bullguard -- premium_protection	The malware scan function in BullGuard Premium Protection 20.0.371.8 has a TOCTOU issue that enables a symbolic link attack, allowing privileged files to be deleted.	2019-12-26	not yet calculated	CVE-2019-20000 MISC
check_point -- endpoint_security_client_for_windows	A denial of service vulnerability was reported in Check Point Endpoint Security Client for Windows before E82.10, that could allow service log file to be written to non-standard locations.	2019-12-23	not yet calculated	CVE-2019-8463 CONFIRM
citrix -- application_delivery_controller_and_gateway	An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.	2019-12-27	not yet calculated	CVE-2019-19781 CONFIRM
crushftp -- crushftp	CrushFTP through 8.3.0 is vulnerable to credentials theft via URL redirection.	2019-12-26	not yet calculated	CVE-2018-18288 MISC MISC
cybozu -- cybozu_office	Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.3 allows remote authenticated attackers to alter arbitrary files via the 'Customapp' function.	2019-12-26	not yet calculated	CVE-2019-6022 MISC MISC
cybozu -- cybozu_office	Cybozu Office 10.0.0 to 10.8.3 allows remote authenticated attackers to bypass access restriction which may result in obtaining data without access privileges via the application 'Address'.	2019-12-26	not yet calculated	CVE-2019-6023 MISC MISC
d-link -- dba-1510P_firmware	DBA-1510P firmware 1.70b009 and earlier allows authenticated attackers to execute arbitrary OS commands via Command Line Interface (CLI).	2019-12-26	not yet calculated	CVE-2019-6013 MISC MISC
d-link -- dba-1510P_firmware	DBA-1510P firmware 1.70b009 and earlier allows an attacker to execute arbitrary OS commands via Web User Interface.	2019-12-26	not yet calculated	CVE-2019-6014 MISC MISC
d-link -- dir-601_b1_devices	D-Link DIR-601 B1 2.00NA devices have CSRF because no anti-CSRF token is implemented. A remote attacker could exploit this in conjunction with CVE-2019-16327 to enable remote router management and device compromise. NOTE: this is an end-of-life product.	2019-12-26	not yet calculated	CVE-2019-16326 MISC
d-link -- dir-601_devices	D-Link DIR-601 B1 2.00NA devices are vulnerable to authentication bypass. They do not check for authentication at the server side and rely on client-side validation, which is bypassable. NOTE: this is an end-of-life product.	2019-12-26	not yet calculated	CVE-2019-16327 MISC
d-link -- dwr-113_wifi_router	Cross-site request forgery (CSRF) vulnerability in D-Link DWR-113 (Rev. Ax) with firmware before 2.03b02 allows remote attackers to hijack the authentication of administrators for requests that change the admin password via unspecified vectors.	2019-12-27	not yet calculated	CVE-2014-3136 XF MISC BID
debian -- debian-edu-config	Debian-edu-config all versions < 2.11.10, a set of configuration files used for Debian Edu, and debian-lan-config < 0.26, configured too permissive ACLs for the Kerberos admin server, which allowed password changes for other Kerberos user principals.	2019-12-23	not yet calculated	CVE-2019-3467 MISC CONFIRM MLIST BUGTRAQ BUGTRAQ CONFIRM DEBIAN DEBIAN
electronic_arts -- karotz_api	Karotz API 12.07.19.00: Session Token Information Disclosure	2019-12-27	not yet calculated	CVE-2013-4868 MISC MISC MISC
electronic_arts -- karotz_smart_rabbit	Electronic Arts Karotz Smart Rabbit 12.07.19.00 allows Python module hijacking	2019-12-27	not yet calculated	CVE-2013-4867 MISC MISC
equinox -- control_expert	Equinox Control Expert all versions, is vulnerable to an SQL injection attack, which may allow an attacker to remotely execute arbitrary code.	2019-12-23	not yet calculated	CVE-2019-18234 MISC
ezxml -- ezxml	An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing a crafted XML file, performs incorrect memory handling, leading to a heap-based buffer over-read while running strchr() starting with a pointer after a '\0' character (where the processing of a string was finished).	2019-12-26	not yet calculated	CVE-2019-20005 MISC
ezxml -- ezxml	An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_char_content puts a pointer to the internal address of a larger block as xml->txt. This is later deallocated (using free), leading to a segmentation fault.	2019-12-26	not yet calculated	CVE-2019-20006 MISC
ezxml -- ezxml	An issue was discovered in ezXML 0.8.2 through 0.8.6. The function ezxml_str2utf8, while parsing a crafted XML file, performs zero-length reallocation in ezxml.c, leading to returning a NULL pointer (in some compilers). After this, the function ezxml_parse_str does not check whether the s variable is not NULL in ezxml.c, leading to a NULL pointer dereference and crash (segmentation fault).	2019-12-26	not yet calculated	CVE-2019-20007 MISC
f5 -- big-ip	On BIG-IP versions 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5, while processing traffic through a standard virtual server that targets a FastL4 virtual server (VIP on VIP), hardware appliances may stop responding.	2019-12-23	not yet calculated	CVE-2019-6680 CONFIRM
f5 -- big-ip	On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, the Traffic Management Microkernel (TMM) might stop responding after the total number of diameter connections and pending messages on a single virtual server has reached 32K.	2019-12-23	not yet calculated	CVE-2019-6686 CONFIRM
f5 -- big-ip	On BIG-IP versions 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.5, under certain conditions when using custom TCP congestion control settings in a TCP profile, TMM stops processing traffic when processed by an iRule.	2019-12-23	not yet calculated	CVE-2019-6677 CONFIRM
f5 -- big-ip	On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, users with access to edit iRules are able to create iRules which can lead to an elevation of privilege, configuration modification, and arbitrary system command execution.	2019-12-23	not yet calculated	CVE-2019-6685 CONFIRM
f5 -- big-ip	On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.5, a memory leak in Multicast Forwarding Cache (MFC) handling in tmrouted.	2019-12-23	not yet calculated	CVE-2019-6681 CONFIRM
f5 -- big-ip	On BIG-IP versions 15.0.0-15.0.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, the TMM process may restart when the packet filter feature is enabled.	2019-12-23	not yet calculated	CVE-2019-6678 CONFIRM
f5 -- big-ip	On BIG-IP versions 15.0.0-15.0.1, 14.1.0.2-14.1.2.2, 14.0.0.5-14.0.1, 13.1.1.5-13.1.3.1, 12.1.4.1-12.1.5, 11.6.4-11.6.5, and 11.5.9-11.5.10, the access controls implemented by scp.whitelist and scp.blacklist are not properly enforced for paths that are symlinks. This allows authenticated users with SCP access to overwrite certain configuration files that would otherwise be restricted.	2019-12-23	not yet calculated	CVE-2019-6679 CONFIRM
f5 -- big-ip_and_big-iq	On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5 and BIG-IQ versions 6.0.0-6.1.0 and 5.2.0-5.4.0, a user is able to obtain the secret that was being used to encrypt a BIG-IP UCS backup file while sending SNMP query to the BIG-IP or BIG-IQ system, however the user can not access to the UCS files.	2019-12-23	not yet calculated	CVE-2019-6688 CONFIRM
f5 -- big-ip_apm	On versions 15.0.0-15.0.1.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, the BIG-IP APM system logs the client-session-id when a per-session policy is attached to the virtual server with debug logging enabled.	2019-12-23	not yet calculated	CVE-2019-19150 CONFIRM
f5 -- big-ip_asm	On versions 15.0.0-15.0.1.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, the BIG-IP ASM system may consume excessive resources when processing certain types of HTTP responses from the origin web server. This vulnerability is only known to affect resource-constrained systems in which the security policy is configured with response-side features, such as Data Guard or response-side learning.	2019-12-23	not yet calculated	CVE-2019-6682 CONFIRM
f5 -- big-ip_asm	On versions 15.0.0-15.0.1.1, the BIG-IP ASM Cloud Security Services profile uses a built-in verification mechanism that fails to properly authenticate the X.509 certificate of remote endpoints.	2019-12-23	not yet calculated	CVE-2019-6687 CONFIRM
f5 -- big-ip_virtual_clustered_multiprocessing	On versions 15.0.0-15.0.1.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, under certain conditions, a multi-bladed BIG-IP Virtual Clustered Multiprocessing (vCMP) may drop broadcast packets when they are rebroadcast to the vCMP guest secondary blades. An attacker can leverage the fragmented broadcast IP packets to perform any type of fragmentation-based attack.	2019-12-23	not yet calculated	CVE-2019-6684 CONFIRM
f5 -- big-ip_virtual_edition	On versions 15.0.0-15.0.1, 14.0.0-14.1.2.2, and 13.1.0-13.1.3.1, TMM may restart on BIG-IP Virtual Edition (VE) when using virtio direct descriptors and packets 2 KB or larger.	2019-12-23	not yet calculated	CVE-2019-6676 CONFIRM
f5 -- big-ip_virtual_servers	On versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, BIG-IP virtual servers with Loose Initiation enabled on a FastL4 profile may be subject to excessive flow usage under undisclosed conditions.	2019-12-23	not yet calculated	CVE-2019-6683 CONFIRM
f5 -- multiple_products	On BIG-IP versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, BIG-IQ versions 7.0.0, 6.0.0-6.1.0, and 5.0.0-5.4.0, iWorkflow version 2.3.0, and Enterprise Manager version 3.1.1, authenticated users granted TMOS Shell (tmsh) privileges are able access objects on the file system which would normally be disallowed by tmsh restrictions. This allows for authenticated, low privileged attackers to access objects on the file system which would not normally be allowed.	2019-12-23	not yet calculated	CVE-2019-19151 CONFIRM
fermax -- outdoor_panel	An access control weakness in the DTMF tone receiver of Fermax Outdoor Panel allows physical attackers to inject a Dual-Tone-Multi-Frequency (DTMF) tone to invoke an access grant that would allow physical access to a restricted floor/level. By design, only a residential unit owner may allow such an access grant. However, due to incorrect access control, an attacker could inject it via the speaker unit to perform an access grant to gain unauthorized access, as demonstrated by a loud DTMF tone representing '1' and a long '#' (697 Hz and 1209 Hz, followed by 941 Hz and 1477 Hz).	2019-12-24	not yet calculated	CVE-2017-16778 MISC
forcepoint -- ngfw_security_management_center	Forcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12 or 6.7.1 have a rare issue that in specific circumstances can corrupt the internal configuration database. When the database is corrupted, the SMC might produce an incorrect IPsec configuration for the Forcepoint Next Generation Firewall (NGFW), possibly resulting in settings that are weaker than expected. All SMC versions lower than 6.5.12 or 6.7.1 are vulnerable.	2019-12-23	not yet calculated	CVE-2019-6147 CONFIRM
forum_software -- reviewboard	ReviewBoard 1.6.17 allows code execution by attaching PHP scripts to review request	2019-12-27	not yet calculated	CVE-2013-4796 MISC MISC
gitlab -- community_and_enterprise_edition	An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control (issue 2 of 6).	2019-12-26	not yet calculated	CVE-2018-20492 MISC MISC
gnome -- libxml2	xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.	2019-12-24	not yet calculated	CVE-2019-19956 MISC MLIST
gnu -- libredwg	An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decode_R13_R2000 in decode.c.	2019-12-27	not yet calculated	CVE-2019-20011 MISC MISC
gnu -- libredwg	An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c.	2019-12-27	not yet calculated	CVE-2019-20014 MISC MISC MISC
gnu -- libredwg	An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_HATCH_private in dwg.spec.	2019-12-27	not yet calculated	CVE-2019-20012 MISC MISC
gnu -- libredwg	An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_SPLINE_private in dwg.spec.	2019-12-27	not yet calculated	CVE-2019-20009 MISC MISC MISC
gnu -- libredwg	An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolve_objectref_vector in decode.c.	2019-12-27	not yet calculated	CVE-2019-20010 MISC MISC
gnu -- libredwg	An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_LWPOLYLINE_private in dwg.spec.	2019-12-27	not yet calculated	CVE-2019-20015 MISC MISC
gnu -- libredwg	An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode_3dsolid in dwg.spec.	2019-12-27	not yet calculated	CVE-2019-20013 MISC MISC MISC
graphicsmagick -- graphicsmagick	In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c.	2019-12-24	not yet calculated	CVE-2019-19953 MISC MISC
graphicsmagick -- graphicsmagick	In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c.	2019-12-24	not yet calculated	CVE-2019-19951 MISC MISC
graphicsmagick -- graphicsmagick	In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c.	2019-12-24	not yet calculated	CVE-2019-19950 MISC MISC
halo -- halo	Halo before 1.2.0-beta.1 allows Server Side Template Injection (SSTI) because TemplateClassResolver.SAFER_RESOLVER is not used in the FreeMarker configuration.	2019-12-26	not yet calculated	CVE-2019-19999 MISC MISC MISC
hikvision -- ds-2cd7153-e_ip_camera	Hikvision DS-2CD7153-E IP Camera has Privilege Escalation	2019-12-27	not yet calculated	CVE-2013-4975 MISC MISC MISC
hikvision -- ds-2cd7153-e_ip_camera	Hikvision DS-2CD7153-E IP Camera has security bypass via hardcoded credentials	2019-12-27	not yet calculated	CVE-2013-4976 MISC MISC MISC
huawei -- m5_lite_10	M5 lite 10 with versions of 8.0.0.182(C00) have an insufficient input validation vulnerability. Due to the input validation logic is incorrect, an attacker can exploit this vulnerability to modify the memory of the device by doing a series of operations. Successful exploit may lead to malicious code execution.	2019-12-26	not yet calculated	CVE-2019-19398 CONFIRM
huawei -- usg9500_devices	USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in an infinite loop, an attacker may exploit the vulnerability via a malicious certificate to perform a denial of service attack on the affected products.	2019-12-26	not yet calculated	CVE-2019-5274 CONFIRM
huawei -- usg9500_devices	USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in a heap buffer overflow when decoding a certificate, an attacker may exploit the vulnerability by a malicious certificate to perform a denial of service attack on the affected products.	2019-12-26	not yet calculated	CVE-2019-5275 CONFIRM
huawei -- usg9500_devices	USG9500 with versions of V500R001C30;V500R001C60 have a missing integrity checking vulnerability. The software of the affected products does not check the integrity which may allow an attacker with high privilege to make malicious modifications without detection.	2019-12-26	not yet calculated	CVE-2019-5272 CONFIRM
huawei -- usg9500_devices	USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in a large heap buffer overrun error, an attacker may exploit the vulnerability by a malicious certificate, resulting a denial of service on the affected products.	2019-12-26	not yet calculated	CVE-2019-5273 CONFIRM
imagemagick -- imagemagick	In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.	2019-12-24	not yet calculated	CVE-2019-19948 MISC MLIST
imagemagick -- imagemagick	In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to ReadOneMNGImage.	2019-12-24	not yet calculated	CVE-2019-19952 MISC
imagemagick -- imagemagick	In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.	2019-12-24	not yet calculated	CVE-2019-19949 MISC MLIST
information-technology_promotion_agency -- stamp_workbench_installer	Untrusted search path vulnerability in STAMP Workbench installer all versions allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.	2019-12-26	not yet calculated	CVE-2019-6019 MISC MISC
insteon -- insteon_hub	INSTEON Hub 2242-222 lacks Web and API authentication	2019-12-27	not yet calculated	CVE-2013-4859 MISC MISC
intelbras -- iwr_3000n_devices	A CSRF issue was discovered on Intelbras IWR 3000N 1.8.7 devices, leading to complete control of the router, as demonstrated by v1/system/user.	2019-12-26	not yet calculated	CVE-2019-19995 MISC
intelbras -- iwr_3000n_devices	An issue was discovered on Intelbras IWR 3000N 1.8.7 devices. A malformed login request allows remote attackers to cause a denial of service (reboot), as demonstrated by JSON misparsing of the \""} string to v1/system/login.	2019-12-26	not yet calculated	CVE-2019-19996 MISC
jetbrains -- ktor_framework	JetBrains Ktor framework before version 1.2.6 was vulnerable to HTTP Response Splitting.	2019-12-26	not yet calculated	CVE-2019-19389 MISC MISC
joomla! -- joomla!	Xorbin Analog Flash Clock 1.0 extension for Joomia has XSS	2019-12-27	not yet calculated	CVE-2013-4692 MISC MISC MISC
k7_computing -- ultimate_security	In K7 Ultimate Security 16.0.0117, the module K7BKCExt.dll (aka the backup module) improperly validates the administrative privileges of the user, allowing an arbitrary file write via a symbolic link attack with file restoration functionality.	2019-12-27	not yet calculated	CVE-2019-16896 MISC MISC
kinza -- kinza_for_windows	Cross-site scripting vulnerability in KINZA for Windows version 5.9.2 and earlier and for Mac version 5.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via RSS reader.	2019-12-26	not yet calculated	CVE-2019-6031 MISC MISC
libesmtp -- libesmtp	libESMTP through 1.0.6 mishandles domain copying into a fixed-size buffer in ntlm_build_type_2 in ntlm/ntlmstruct.c, as demonstrated by a stack-based buffer over-read.	2019-12-26	not yet calculated	CVE-2019-19977 MISC MISC MISC
libiec61850 -- libiec61850	In libIEC61850 1.4.0, MmsValue_newOctetString in mms/iso_mms/common/mms_value.c has an integer signedness error that can lead to an attempted excessive memory allocation.	2019-12-23	not yet calculated	CVE-2019-19930 MISC
libiec61850 -- libiec61850	In libIEC61850 1.4.0, BerDecoder_decodeUint32 in mms/asn1/ber_decode.c has an out-of-bounds read, related to intLen and bufPos.	2019-12-23	not yet calculated	CVE-2019-19944 MISC
libiec61850 -- libiec61850	In libIEC61850 1.4.0, MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c has a heap-based buffer overflow.	2019-12-23	not yet calculated	CVE-2019-19931 MISC
libiec61850 -- libiec61850	In libIEC61850 1.4.0, StringUtils_createStringFromBuffer in common/string_utilities.c has an integer signedness issue that could lead to an attempted excessive memory allocation and denial of service.	2019-12-24	not yet calculated	CVE-2019-19958 MISC
libiec61850 -- libiec61850	In libIEC61850 1.4.0, getNumberOfElements in mms/iso_mms/server/mms_access_result.c has an out-of-bounds read vulnerability, related to bufPos and elementLength.	2019-12-24	not yet calculated	CVE-2019-19957 MISC
libsixel_project -- libsixel	A memory leak was discovered in image_buffer_resize in fromsixel.c in libsixel 1.8.4.	2019-12-27	not yet calculated	CVE-2019-20023 MISC
libsixel_project -- libsixel	A heap-based buffer overflow was discovered in image_buffer_resize in fromsixel.c in libsixel before 1.8.4.	2019-12-27	not yet calculated	CVE-2019-20024 MISC
libsixel_project -- libsixel	An invalid memory address dereference was discovered in load_pnm in frompnm.c in libsixel before 1.8.3.	2019-12-27	not yet calculated	CVE-2019-20022 MISC
linux -- linux_kernel	In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655.	2019-12-25	not yet calculated	CVE-2019-19966 MISC MISC
linux -- linux_kernel	In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5.	2019-12-25	not yet calculated	CVE-2019-19965 MISC
linux -- linux_kernel	In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c.	2019-12-24	not yet calculated	CVE-2019-19947 MLIST MISC
linux -- linux_kernel	In the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka CID-23da9588037e.	2019-12-28	not yet calculated	CVE-2019-20054 MISC MISC MISC MISC
linux -- linux_kernel	An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to different denial-of-service scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already existing clients in other nearby APs of the same wireless infrastructure. An attacker can forge Authentication and Association Request packets to trigger this vulnerability.	2019-12-23	not yet calculated	CVE-2019-5108 MISC
linux -- linux_kernel	kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1. (In other words, although this slice expiration would typically be seen with benign workloads, it is possible that an attacker could calculate how many stray requests are required to force an entire Kubernetes cluster into a low-performance state caused by slice expiration, and ensure that a DDoS attack sent that number of stray requests. An attack does not affect the stability of the kernel; it only causes mismanagement of application execution.)	2019-12-22	not yet calculated	CVE-2019-19922 MISC MISC MISC MISC MISC
livefyre -- livecomments	Cross-site scripting (XSS) vulnerability in Livefyre LiveComments 3.0 allows remote attackers to inject arbitrary web script or HTML via the name of an uploaded picture.	2019-12-27	not yet calculated	CVE-2014-6420 MISC XF
magnolia_international -- magnolia_cms	Magnolia CMS before 4.5.9 has multiple access bypass vulnerabilities	2019-12-27	not yet calculated	CVE-2013-4621 MISC MISC
malwarebytes -- adwcleaner	An Untrusted Search Path vulnerability in Malwarebytes AdwCleaner before 8.0.1 could cause arbitrary code execution with SYSTEM privileges when a malicious DLL library is loaded by the product.	2019-12-23	not yet calculated	CVE-2019-19929 MISC MISC MISC
mongo-express -- mongo-express	mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method. A misuse of the `vm` dependency to perform `exec` commands in a non-safe environment.	2019-12-24	not yet calculated	CVE-2019-10758 MISC
motex -- multiple_products	Privilege escalation vulnerability in Multiple MOTEX products (LanScope Cat client program (MR) and LanScope Cat client program (MR)LanScope Cat detection agent (DA) prior to Ver.9.2.1.0, LanScope Cat server monitoring agent (SA, SAE) prior to Ver.9.2.2.0, LanScope An prior to Ver 2.7.7.0 (LanScope An 2 series), and LanScope An prior to Ver 3.0.8.1 (LanScope An 3 series)) allow authenticated attackers to obtain unauthorized privileges and execute arbitrary code.	2019-12-26	not yet calculated	CVE-2019-6026 MISC MISC
movable_type -- multiple_products	Open redirect vulnerability in Movable Type series Movable Type 7 r.4602 (7.1.3) and earlier (Movable Type 7), Movable Type 6.5.0 and 6.5.1 (Movable Type 6.5), Movable Type 6.3.9 and earlier (Movable Type 6.3.x, 6.2.x, 6.1.x, 6.0.x), Movable Type Advanced 7 r.4602 (7.1.3) and earlier (Movable Type 7), Movable Type Advanced 6.5.0 and 6.5.1 (Movable Type 6.5), Movable Type Advanced 6.3.9 and earlier (Movable Type 6.3.x, 6.2.x, 6.1.x, 6.0.x), Movable Type Premium 1.24 and earlier (Movable Type Premium), and Movable Type Premium (Advanced Edition) 1.24 and earlier (Movable Type Premium) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL.	2019-12-26	not yet calculated	CVE-2019-6025 MISC MISC
netcommons -- netcommons	Cross-site scripting vulnerability in NetCommons 3.2.2 and earlier (NetCommons3.x) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	2019-12-26	not yet calculated	CVE-2019-6018 MISC MISC
nippon_television_network_corporation -- ntv_news24_app	The NTV News24 prior to Ver.3.0.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.	2019-12-26	not yet calculated	CVE-2019-6032 MISC MISC
nvidia -- geforce_experience	NVIDIA GeForce Experience, all versions prior to 3.20.2, contains a vulnerability when GameStream is enabled in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges.	2019-12-24	not yet calculated	CVE-2019-5702 CONFIRM
open_dynamics -- collabtive	Collabtive 1.0 has incorrect access control	2019-12-27	not yet calculated	CVE-2013-5027 MISC
open_tftp_server_mt -- open_tftp_server_mt	Stack-based overflow vulnerability in the logMess function in Open TFTP Server MT 1.65 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via a long TFTP error packet, a different vulnerability than CVE-2018-10387 and CVE-2019-12568.	2019-12-23	not yet calculated	CVE-2019-12567 MISC
open_tftp_server_sp -- open_tftp_server_sp	Stack-based overflow vulnerability in the logMess function in Open TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via a long TFTP error packet, a different vulnerability than CVE-2018-10387 and CVE-2019-12567.	2019-12-23	not yet calculated	CVE-2019-12568 MISC
openjdk -- openjdk	An information disclosure flaw was found in the way the Java Virtual Machine (JVM) implementation of Java SE 7 as provided by OpenJDK 7 incorrectly initialized integer arrays after memory allocation (in certain circumstances they had nonzero elements right after the allocation). A remote attacker could use this flaw to obtain potentially sensitive information.	2019-12-26	not yet calculated	CVE-2012-4420 MISC MISC MISC MISC MISC MISC MISC
orchestra_technologies -- c1_cms	An issue was discovered in Orckestra C1 CMS through 6.6. The EntityTokenSerializer class in Composite.dll is prone to unvalidated deserialization of wrapped BinaryFormatter payloads, leading to arbitrary remote code execution for any low-privilege user.	2019-12-23	not yet calculated	CVE-2019-18211 MISC
palo_alto_networks -- pan-os	Improper restriction of communications to Log Forwarding Card (LFC) on PA-7000 Series devices with second-generation Switch Management Card (SMC) may allow an attacker with network access to the LFC to gain root access to PAN-OS. This issue affects PAN-OS 9.0 versions prior to 9.0.5-h3 on PA-7080 and PA-7050 devices with an LFC installed and configured. This issue does not affect PA-7000 Series deployments using the first-generation SMC and the Log Processing Card (LPC). This issue does not affect any other PA series devices. This issue does not affect devices without an LFC. This issue does not affect PAN-OS 8.1 or prior releases. This issue only affected a very limited number of customers and we undertook individual outreach to help them upgrade. At the time of publication, all identified customers have upgraded SW or content and are not impacted.	2019-12-20	not yet calculated	CVE-2019-17440 CONFIRM
pax-linux -- pax-linux	A locally locally exploitable DOS vulnerability was found in pax-linux versions 2.6.32.33-test79.patch, 2.6.38-test3.patch, and 2.6.37.4-test14.patch. A bad bounds check in arch_get_unmapped_area_topdown triggered by programs doing an mmap after a MAP_GROWSDOWN mmap will create an infinite loop condition without releasing the VM semaphore eventually leading to a system crash.	2019-12-26	not yet calculated	CVE-2011-1474 MISC MISC
php -- php	In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access.	2019-12-23	not yet calculated	CVE-2019-11045 MISC MLIST
php -- php	When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.	2019-12-23	not yet calculated	CVE-2019-11047 MISC MLIST
php -- php	In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP bcmath extension functions on some systems, including Windows, can be tricked into reading beyond the allocated space by supplying it with string containing characters that are identified as numeric by the OS but aren't ASCII numbers. This can read to disclosure of the content of some memory locations.	2019-12-23	not yet calculated	CVE-2019-11046 MISC MLIST
php -- php	In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 on Windows, PHP link() function accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access.	2019-12-23	not yet calculated	CVE-2019-11044 MISC
php -- php	In PHP versions 7.3.x below 7.3.13 and 7.4.0 on Windows, when supplying custom headers to mail() function, due to mistake introduced in commit 78f4b4a2dcf92ddbccea1bb95f8390a18ac3342e, if the header is supplied in lowercase, this can result in double-freeing certain memory locations.	2019-12-23	not yet calculated	CVE-2019-11049 MISC
php -- php	When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.	2019-12-23	not yet calculated	CVE-2019-11050 MISC MLIST
powercms -- powercms	Open redirect vulnerability in PowerCMS 5.12 and earlier (PowerCMS 5.x), 4.42 and earlier (PowerCMS 4.x), and 3.293 and earlier (PowerCMS 3.x) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL.	2019-12-26	not yet calculated	CVE-2019-6020 MISC MISC
pylons_project -- waitress	In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests containing special whitespace characters in the Transfer-Encoding header would get parsed by Waitress as being a chunked request, but a front-end server would use the Content-Length instead as the Transfer-Encoding header is considered invalid due to containing invalid characters. If a front-end server does HTTP pipelining to a backend Waitress server this could lead to HTTP request splitting which may lead to potential cache poisoning or unexpected information disclosure. This issue is fixed in Waitress 1.4.1 through more strict HTTP field validation.	2019-12-26	not yet calculated	CVE-2019-16789 MISC CONFIRM MISC
rakuten -- rakuma_app_for_android_and_ios	Rakuma App for Android version 7.15.0 and earlier, and for iOS version 7.16.4 and earlier allows an attacker to bypass authentication and obtain the user's authentication information via a malicious application created by the third party.	2019-12-26	not yet calculated	CVE-2019-6024 MISC MISC MISC
ratbox -- ircd_ratbox	ircd-ratbox 3.0.9 mishandles the MONITOR command which allows remote attackers to cause a denial of service (system out-of-memory event).	2019-12-26	not yet calculated	CVE-2015-5290 MISC MISC
red_hat -- ceph_storage	A flaw was found in Red Hat Ceph Storage version 3 in the way the Ceph RADOS Gateway daemon handles S3 requests. An authenticated attacker can abuse this flaw by causing a remote denial of service by sending a specially crafted HTTP Content-Length header to the Ceph RADOS Gateway server.	2019-12-23	not yet calculated	CVE-2019-19337 CONFIRM
red_hat -- networkmanager	In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in AdHoc mode, it created an open/insecure network.	2019-12-26	not yet calculated	CVE-2012-2736 MISC MISC MISC MISC MISC MISC MISC MISC
reliable_controls -- mach-prowebcom/sys	Reliable Controls MACH-ProWebCom/Sys, all versions prior to 2.15 (Firmware versions prior to 8.26.4), may allow attacker to execute commands on behalf of the user when an authenticated user clicks on a malicious link.	2019-12-24	not yet calculated	CVE-2019-18249 MISC
remise -- payment_module	REMISE Payment Module (2.11, 2.12 and 2.13) version 3.0.12 and earlier allow remote attackers to [Disclosed_Information_type] via unspecified vectors.	2019-12-26	not yet calculated	CVE-2019-6017 MISC MISC
remise -- payment_module	Cross-site scripting vulnerability in REMISE Payment Module (2.11, 2.12 and 2.13) version 3.0.12 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	2019-12-26	not yet calculated	CVE-2019-6016 MISC MISC
ricoh -- library_information_management_system_limedio	Open redirect vulnerability in Library Information Management System LIMEDIO all versions allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL.	2019-12-26	not yet calculated	CVE-2019-6021 MISC MISC
ruby_gem_features_for_ruby_on_rails -- ruby_gem_features_for_ruby_on_rails	File injection vulnerability in Ruby gem Features 0.3.0 allows remote attackers to inject malicious html in the /tmp directory.	2019-12-26	not yet calculated	CVE-2013-4318 MISC MISC
sa-exim -- sa-exim	sa-exim 4.2.1 allows attackers to execute arbitrary code if they can write a .cf file or a rule. This occurs because Greylisting.pm relies on eval (rather than direct parsing and/or use of the taint feature). This issue is similar to CVE-2018-11805.	2019-12-22	not yet calculated	CVE-2019-19920 MISC MISC MISC
samsung -- galaxy_s3/s4_smartphones	Samsung Galaxy S3/S4 exposes an unprotected component allowing an unprivileged app to send arbitrary SMS texts to arbitrary destinations without permission.	2019-12-27	not yet calculated	CVE-2013-4764 MISC MISC
samsung -- galaxy_s3/s4_smartphones	Samsung Galaxy S3/S4 exposes an unprotected component allowing arbitrary SMS text messages without requesting permission.	2019-12-27	not yet calculated	CVE-2013-4763 MISC MISC
sencha_labs -- connect	Sencha Labs Connect has XSS with connect.methodOverride()	2019-12-27	not yet calculated	CVE-2013-4691 MISC
senkas -- kolibri	Buffer overflow in Senkas Kolibri 2.0 allows remote attackers to execute arbitrary code via a long URI in a POST request.	2019-12-27	not yet calculated	CVE-2014-5289 MISC BID XF
signal -- signal_desktop_on_windows	Signal Desktop before 1.29.1 on Windows allows local users to gain privileges by creating a Trojan horse %SYSTEMDRIVE%\node_modules\.bin\wmic.exe file.	2019-12-24	not yet calculated	CVE-2019-19954 MISC MISC
sonicwall -- email_security_appliance	A vulnerability in SonicWall Email Security appliance allow an unauthenticated user to perform remote code execution. This vulnerability affected Email Security Appliance version 10.0.2 and earlier.	2019-12-23	not yet calculated	CVE-2019-7489 CONFIRM
sonicwall -- email_security_appliance	Weak default password cause vulnerability in SonicWall Email Security appliance which leads to attacker gain access to appliance database. This vulnerability affected Email Security Appliance version 10.0.2 and earlier.	2019-12-23	not yet calculated	CVE-2019-7488 CONFIRM
spbas_-- business_automation_software	SPBAS Business Automation Software 2012 has CSRF.	2019-12-27	not yet calculated	CVE-2013-4665 MISC MISC
spbas_-- business_automation_software	SPBAS Business Automation Software 2012 has XSS.	2019-12-27	not yet calculated	CVE-2013-4664 MISC MISC MISC
sqlite -- sqlite	multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880.	2019-12-23	not yet calculated	CVE-2019-19926 MISC
sqlitte -- sqlite	flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).	2019-12-24	not yet calculated	CVE-2019-19923 MISC
sqlitte -- sqlite	zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.	2019-12-24	not yet calculated	CVE-2019-19925 MISC
sqlitte -- sqlite	SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling.	2019-12-24	not yet calculated	CVE-2019-19924 MISC
static_http_server -- static_http_server	Static HTTP Server 1.0 has a Local Overflow	2019-12-27	not yet calculated	CVE-2013-4743 MISC MISC
symonics -- libmysofa	libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate this issue.	2019-12-27	not yet calculated	CVE-2019-20016 MISC MISC MISC
system_security_services_daemon -- system_security_services_daemon	A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context.	2019-12-26	not yet calculated	CVE-2012-3462 MISC MISC MISC
tbeu -- matio	A stack-based buffer over-read was discovered in ReadNextCell in mat5.c in matio 1.5.17.	2019-12-27	not yet calculated	CVE-2019-20018 MISC
tbeu -- matio	A memory leak was discovered in Mat_VarCalloc in mat.c in matio 1.5.17 because SafeMulDims does not consider the rank==0 case.	2019-12-27	not yet calculated	CVE-2019-20052 MISC
tbeu -- matio	A stack-based buffer over-read was discovered in ReadNextStructField in mat5.c in matio 1.5.17.	2019-12-27	not yet calculated	CVE-2019-20020 MISC
tbeu -- matio	A stack-based buffer over-read was discovered in Mat_VarReadNextInfo5 in mat5.c in matio 1.5.17.	2019-12-27	not yet calculated	CVE-2019-20017 MISC
tbeu -- matio	An attempted excessive memory allocation was discovered in Mat_VarRead5 in mat5.c in matio 1.5.17.	2019-12-27	not yet calculated	CVE-2019-20019 MISC
tenable -- nessus	Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would potentially impact other admins (Tenable IDs 5218 and 5269).	2019-12-27	not yet calculated	CVE-2016-1000029 MISC MISC MISC
tenable -- nessus	Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would only potentially impact other admins. (Tenable ID 5198).	2019-12-27	not yet calculated	CVE-2016-1000028 MISC MISC CONFIRM
tftp_server_mt -- tftp_server_mt	Format string vulnerability in the logMess function in TFTP Server MT 1.65 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet.	2019-12-23	not yet calculated	CVE-2018-10389 MISC
tftp_server_sp -- tftp_server_sp	Heap-based overflow vulnerability in TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or possibly execute arbitrary code via a long TFTP error packet, a different vulnerability than CVE-2008-2161.	2019-12-23	not yet calculated	CVE-2018-10387 MISC
tftp_server_sp -- tftp_server_sp	Format string vulnerability in the logMess function in TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet.	2019-12-23	not yet calculated	CVE-2018-10388 MISC
thttpd -- thttpd	thttpd 2007 has buffer underflow.	2019-12-27	not yet calculated	CVE-2007-0158 MISC
tigervnc -- tigervnc	TigerVNC version prior to 1.10.1 is vulnerable to stack buffer overflow, which could be triggered from CMsgReader::readSetCursor. This vulnerability occurs due to insufficient sanitization of PixelFormat. Since remote attacker can choose offset from start of the buffer to start writing his values, exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.	2019-12-26	not yet calculated	CVE-2019-15695 MISC MISC MLIST
tigervnc -- tigervnc	TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which occurs in TightDecoder::FilterGradient. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.	2019-12-26	not yet calculated	CVE-2019-15693 MISC MISC MLIST
tigervnc -- tigervnc	TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow. Vulnerability could be triggered from CopyRectDecoder due to incorrect value checks. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.	2019-12-26	not yet calculated	CVE-2019-15692 MISC MISC MLIST
tigervnc -- tigervnc	TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which could be triggered from DecodeManager::decodeRect. Vulnerability occurs due to the signdness error in processing MemOutStream. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.	2019-12-26	not yet calculated	CVE-2019-15694 MISC MISC MLIST
tigervnc -- tigervnc	TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack memory in ZRLEDecoder. If decoding routine would throw an exception, ZRLEDecoder may try to access stack variable, which has been already freed during the process of stack unwinding. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.	2019-12-26	not yet calculated	CVE-2019-15691 MISC MISC MLIST
toshiba -- configfree_utility	Multiple stack-based buffer overflows in CFProfile.exe in Toshiba ConfigFree Utility 8.0.38 allow user-assisted attackers to execute arbitrary code.	2019-12-27	not yet calculated	CVE-2012-4980 BID XF
trend_micro -- antivirus_for_mac	A privilege escalation vulnerability in Trend Micro Antivirus for Mac 2019 (v9.0.1379 and below) could potentially allow an attacker to create a symbolic link to a target file and modify it.	2019-12-24	not yet calculated	CVE-2019-19695 N/A
upc -- connect_box_eurodocsis_voice_gateway_devices	The Administration page on Connect Box EuroDOCSIS 3.0 Voice Gateway CH7465LG-NCIP-6.12.18.25-2p6-NOSH devices accepts a cleartext password in a POST request on port 80, as demonstrated by the Password field to the xml/setter.xml URI.	2019-12-25	not yet calculated	CVE-2019-19967 MISC
upx -- upx	A heap-based buffer over-read was discovered in canUnpack in p_mach.cpp in UPX 3.95 via a crafted Mach-O file.	2019-12-27	not yet calculated	CVE-2019-20021 MISC
upx -- upx	A floating-point exception was discovered in PackLinuxElf::elf_hash in p_lx_elf.cpp in UPX 3.95. The vulnerability causes an application crash, which leads to denial of service.	2019-12-27	not yet calculated	CVE-2019-20051 MISC
upx -- upx	An invalid memory address dereference was discovered in the canUnpack function in p_mach.cpp in UPX 3.95 via a crafted Mach-O file.	2019-12-27	not yet calculated	CVE-2019-20053 MISC
virglrenderer_project -- virglrenderer	An out-of-bounds read in the vrend_blit_need_swizzle function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_BLIT commands.	2019-12-23	not yet calculated	CVE-2019-18390 REDHAT MISC MISC MISC
virglrenderer_project -- virglrenderer	A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service, or QEMU guest-to-host escape and code execution, via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands.	2019-12-23	not yet calculated	CVE-2019-18389 REDHAT MISC MISC MISC
virglrenderer_project -- virglrenderer	A NULL pointer dereference in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via malformed commands.	2019-12-23	not yet calculated	CVE-2019-18388 REDHAT MISC MISC MISC
virglrenderer_project -- virglrenderer	A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands.	2019-12-23	not yet calculated	CVE-2019-18391 REDHAT MISC MISC MISC
vivotek -- multiple_ip_cameras	Multiple Vivotek IP Cameras remote authentication bypass that could allow access to the video stream	2019-12-27	not yet calculated	CVE-2013-4985 MISC MISC MISC
vmware -- workstation_and_horizon_view_agent	VMware Workstation (15.x prior to 15.5.1) and Horizon View Agent (7.10.x prior to 7.10.1 and 7.5.x prior to 7.5.4) contain a DLL hijacking vulnerability due to insecure loading of a DLL by Cortado Thinprint. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to administrator on a Windows machine where Workstation or View Agent is installed.	2019-12-23	not yet calculated	CVE-2019-5539 CONFIRM
wecon -- plc_editor	Multiple buffer overflow vulnerabilities exist when the PLC Editor Version 1.3.5_20190129 processes project files. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.	2019-12-23	not yet calculated	CVE-2019-18236 MISC
winamp -- winamp	Winamp 5.63: Invalid Pointer Dereference leading to Arbitrary Code Execution	2019-12-27	not yet calculated	CVE-2013-4695 MISC MISC
wolfssl -- wolfssl	An issue was discovered in wolfSSL before 4.3.0 in a non-default configuration where DSA is enabled. DSA signing uses the BEEA algorithm during modular inversion of the nonce, leading to a side-channel attack against the nonce.	2019-12-25	not yet calculated	CVE-2019-19963 MISC MISC
wolfssl -- wolfssl	In wolfSSL before 4.3.0, wc_ecc_mulmod_ex does not properly resist side-channel attacks.	2019-12-25	not yet calculated	CVE-2019-19960 MISC MISC
wolfssl -- wolfssl	wolfSSL before 4.3.0 mishandles calls to wc_SignatureGenerateHash, leading to fault injection in RSA cryptography.	2019-12-25	not yet calculated	CVE-2019-19962 MISC MISC
wordpress -- wordpress	In WordPress before 5.3.1, authenticated users with lower privileges (like contributors) can inject JavaScript code in the block editor, which is executed within the dashboard. It can lead to an admin opening the affected post in the editor leading to XSS.	2019-12-26	not yet calculated	CVE-2019-16781 CONFIRM MISC MISC MISC
wordpress -- wordpress	The ListingPro theme before v2.0.14.2 for WordPress has Reflected XSS via the What field on the homepage.	2019-12-26	not yet calculated	CVE-2019-19540 MISC
wordpress -- wordpress	The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed for CSRF to be exploited on all plugin settings.	2019-12-26	not yet calculated	CVE-2019-19981 MISC MISC
wordpress -- wordpress	Cross-site scripting vulnerability in Custom Body Class 0.6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	2019-12-26	not yet calculated	CVE-2019-6029 MISC MISC
wordpress -- wordpress	Cross-site request forgery (CSRF) vulnerability in Custom Body Class 0.6.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.	2019-12-26	not yet calculated	CVE-2019-6030 MISC MISC
wordpress -- wordpress	Multiple cross-site scripting (XSS) vulnerabilities in test-plugin.php in the Swipe Checkout for WP e-Commerce plugin 3.1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) api_key, (2) payment_page_url, (3) merchant_id, (4) api_url, or (5) currency parameter.	2019-12-27	not yet calculated	CVE-2014-4559 MISC
wordpress -- wordpress	The ListingPro theme before v2.0.14.2 for WordPress has Persistent XSS via the Good For field on the new listing submit page.	2019-12-26	not yet calculated	CVE-2019-19542 MISC
wordpress -- wordpress	Cross-site scripting (XSS) vulnerability in test-plugin.php in the Swipe Checkout for WooCommerce plugin 2.7.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the api_url parameter.	2019-12-27	not yet calculated	CVE-2014-4558 MISC
wordpress -- wordpress	The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a privilege bypass flaw that allowed authenticated users (Subscriber or greater access) to send test emails from the administrative dashboard on behalf of an administrator. This occurs because the plugin registers a wp_ajax function to send_test_email.	2019-12-26	not yet calculated	CVE-2019-19980 MISC MISC
wordpress -- wordpress	WordPress users with lower privileges (like contributors) can inject JavaScript code in the block editor using a specific payload, which is executed within the dashboard. This can lead to XSS if an admin opens the post in the editor. Execution of this attack does require an authenticated user. This has been patched in WordPress 5.3.1, along with all the previous WordPress versions from 3.7 to 5.3 via a minor release. Automatic updates are enabled by default for minor releases and we strongly recommend that you keep them enabled.	2019-12-26	not yet calculated	CVE-2019-16780 MISC CONFIRM MISC MISC MISC
wordpress -- wordpress	SQL injection vulnerability in the wpDataTables Lite Version 2.0.11 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.	2019-12-26	not yet calculated	CVE-2019-6012 MISC MISC
wordpress -- wordpress	Cross-site scripting (XSS) vulnerability in the Movies plugin 0.6 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php.	2019-12-27	not yet calculated	CVE-2014-4539 MISC
wordpress -- wordpress	Cross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slashbox.php in the Ebay Feeds for WordPress plugin 1.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the rss_url parameter.	2019-12-27	not yet calculated	CVE-2014-4525 MISC CONFIRM
wordpress -- wordpress	The ListingPro theme before v2.0.14.2 for WordPress has Persistent XSS via the Best Day/Night field on the new listing submit page.	2019-12-26	not yet calculated	CVE-2019-19541 MISC
wordpress -- wordpress	Multiple cross-site scripting (XSS) vulnerabilities in tests/notAuto_test_ContactService_pauseCampaign.php in the Infusionsoft Gravity Forms plugin before 1.5.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) go, (2) contactId, or (3) campaignId parameter.	2019-12-27	not yet calculated	CVE-2014-4536 MISC CONFIRM
wordpress -- wordpress	Cross-site scripting (XSS) vulnerability in the Easy Career Openings plugin 0.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.	2019-12-27	not yet calculated	CVE-2014-4523 MISC
wordpress -- wordpress	Cross-site scripting (XSS) vulnerability in rss.class/scripts/magpie_debug.php in the WP-Planet plugin 0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the url parameter.	2019-12-27	not yet calculated	CVE-2014-4592 MISC
wordpress -- wordpress	Cross-site scripting (XSS) vulnerability in tinymce/popup.php in the Ruven Toolkit plugin 1.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the popup parameter.	2019-12-27	not yet calculated	CVE-2014-4548 MISC
wordpress -- wordpress	The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed for unauthenticated option creation. In order to exploit this vulnerability, an attacker would need to send a /wp-admin/admin-post.php?es_skip=1&option_name= request.	2019-12-26	not yet calculated	CVE-2019-19982 MISC MISC
wordpress -- wordpress	Cross-site scripting (XSS) vulnerability in comments/videowhisper2/r_logout.php in the Video Comments Webcam Recorder plugin 1.55, as downloaded before 20140116 for WordPress allows remote attackers to inject arbitrary web script or HTML via the message parameter.	2019-12-27	not yet calculated	CVE-2014-4567 MISC CONFIRM
wordpress -- wordpress	Cross-site scripting (XSS) vulnerability in the Conversador plugin 2.61 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the 'page' parameter.	2019-12-27	not yet calculated	CVE-2014-4519 MISC
wordpress -- wordpress	wp_kses_bad_protocol in wp-includes/kses.php in WordPress before 5.3.1 mishandles the HTML5 colon named entity, allowing attackers to bypass input sanitization, as demonstrated by the javascript&colon; substring.	2019-12-27	not yet calculated	CVE-2019-20041 MISC MISC
wordpress -- wordpress	The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed unauthenticated file download with user information disclosure.	2019-12-26	not yet calculated	CVE-2019-19985 MISC MISC
wordpress -- wordpress	WordPress Xorbin Digital Flash Clock 1.0 has XSS	2019-12-27	not yet calculated	CVE-2013-4693 MISC
wordpress -- wordpress	Cross-site scripting vulnerability in wpDataTables Lite Version 2.0.11 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	2019-12-26	not yet calculated	CVE-2019-6011 MISC MISC
wordpress -- wordpress	Cross-site scripting (XSS) vulnerability in preview-shortcode-external.php in the Shortcode Ninja plugin 1.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the shortcode parameter.	2019-12-27	not yet calculated	CVE-2014-4550 MISC
wordpress -- wordpress	WordPress before 5.3.1 allowed an unauthenticated user to make a post sticky through the REST API because of missing access control in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php.	2019-12-27	not yet calculated	CVE-2019-20043 MISC MISC MISC MISC
wordpress -- wordpress	WordPress W3 Super Cache Plugin before 1.3.2 contains a PHP code-execution vulnerability which could allow remote attackers to inject arbitrary code. This issue exists because of an incomplete fix for CVE-2013-2009.	2019-12-26	not yet calculated	CVE-2013-2011 MISC MISC MISC MISC
wordpress -- wordpress	The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed users with edit_post capabilities to manage plugin settings and email campaigns.	2019-12-26	not yet calculated	CVE-2019-19984 MISC MISC
wordpress -- wordpress	A flaw in the WordPress plugin, WP Maintenance before 5.0.6, allowed attackers to enable a vulnerable site's maintenance mode and inject malicious code affecting site visitors. There was CSRF with resultant XSS.	2019-12-26	not yet calculated	CVE-2019-19979 MISC MISC
wordpress -- wordpress	Cross-site request forgery (CSRF) vulnerability in WP Spell Check 7.1.9 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.	2019-12-26	not yet calculated	CVE-2019-6027 MISC MISC
wordpress -- wordpress	WordPress before 5.3.1 allowed an attacker to create a cross-site scripting attack (XSS) in well crafted links, because of an insufficient protection mechanism in wp_targeted_link_rel in wp-includes/formatting.php.	2019-12-27	not yet calculated	CVE-2019-20042 MISC MISC MISC MISC MISC
wordpress -- wordpress	Cross-site scripting (XSS) vulnerability in the Import Legacy Media plugin 0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php.	2019-12-27	not yet calculated	CVE-2014-4535 MISC
wordpress -- wordpress	Cross-site scripting (XSS) vulnerability in the Podcast Channels plugin 0.20 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the Filename parameter to getid3/demos/demo.write.php.	2019-12-27	not yet calculated	CVE-2014-4544 MISC
wordpress -- wordpress	In the WordPress plugin, Fast Velocity Minify before 2.7.7, the full web root path to the running WordPress application can be discovered. In order to exploit this vulnerability, FVM Debug Mode needs to be enabled and an admin-ajax request needs to call the fastvelocity_min_files action.	2019-12-26	not yet calculated	CVE-2019-19983 MISC MISC
xiuno -- bbs	Xiuno BBS 4.0 allows XXE via plugin/xn_wechat_public/route/token.php.	2019-12-26	not yet calculated	CVE-2019-19998 MISC
yahoo -- athenz	Open redirect vulnerability in Athenz v1.8.24 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted page.	2019-12-26	not yet calculated	CVE-2019-6035 MISC MISC MISC
yokogawa -- multiple_products_for_windows	An unquoted search path vulnerability in Multiple Yokogawa products for Windows (Exaopc (R1.01.00 ? R3.77.00), Exaplog (R1.10.00 ? R3.40.00), Exaquantum (R1.10.00 ? R3.02.00 and R3.15.00), Exaquantum/Batch (R1.01.00 ? R2.50.40), Exasmoc (all revisions), Exarqe (all revisions), GA10 (R1.01.01 ? R3.05.01), and InsightSuiteAE (R1.01.00 ? R1.06.00)) allow local users to gain privileges via a Trojan horse executable file and execute arbitrary code with eleveted privileges.	2019-12-26	not yet calculated	CVE-2019-6008 MISC MISC
zte -- zxcloud_goldendata_vap	All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have an information disclosure vulnerability. Attackers could use this vulnerability to collect data information and damage the system.	2019-12-23	not yet calculated	CVE-2019-3430 CONFIRM
zte -- zxcloud_goldendata_vap	All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have encryption problems vulnerability. Attackers could sniff unencrypted account and password through the network for front-end system access.	2019-12-23	not yet calculated	CVE-2019-3431 CONFIRM
zte -- zxcloud_goldendata_vap	All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have a file reading vulnerability. Attackers could obtain log file information without authorization, causing the disclosure of sensitive information.	2019-12-23	not yet calculated	CVE-2019-3429 CONFIRM

This product is provided subject to this Notification and this Privacy & Use policy.

↧

Reminder: CISA Publishes Weekly Vulnerability Summaries

December 31, 2019, 8:43 am

≫ Next: Secure New Internet-Connected Devices

≪ Previous: Vulnerability Summary for the Week of December 23, 2019

Original release date: December 31, 2019

Did you know that the Cybersecurity and Infrastructure Security Agency (CISA) publishes a weekly Vulnerability Bulletin? This recurring item provides a summary of all new vulnerabilities that have been recorded by the CISA-sponsored National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) within the past week. Patch information is provided when available. CISA encourages interested parties to sign up for the email/text list or RSS feed to automatically receive the Vulnerability Summary each week.

This product is provided subject to this Notification and this Privacy & Use policy.

↧