Prime Minister: Budget 2019-2020 focuses on all social categories

 

GIS – 13 June, 2019: Budget 2019-2020, with a series of measures announced to consolidate the productive sectors, to reach a higher social development path and that are based on continuity while expressing Government’s vision, continues to take into consideration and targets all social categories so that we can embrace a brighter future together as a nation.

The Prime Minister, Minister of Home Affairs, External Communications and National Development Unit, Minister of Finance and Economic Development, Mr Pravind Kumar Jugnauth, made this statement, yesterday, during a television interview organised by the Ministry of Finance and Economic Development in collaboration with the Economic Development Board and the Mauritius Broadcasting Corporation in Ebène. His intervention focussed on measures announced in Budget 2019-2020 and aimed at shedding light on some of these measures.
 
Prime Minister Jugnauth recalled that, in line with Government’s innovative development strategy and its aim of transforming the country into a digital economy, Budget 2019-2020 puts emphasis on the need to equip youths with the required skills, and to that end a range of courses will be offered in areas including Artificial Intelligence, Robotics and Fintech. Furthermore, the Budget makes provision for another Governmental measure to boost productivity by maximising the skills and talents of youths through the provision of training that is relevant to the job market. To this end, a National Skills Matching Platform, to assess the training requirement of job applicants and direct them towards the relevant employability scheme with the guarantee of a job at the end, will be created.
 
This Budget, he added, also focusses on several other areas such as: expanding and modernising our infrastructure; dealing with the challenges facing the sugar and manufacturing sectors, including textiles; investing in new pillars of growth; and further opening up and integrating our economy with the rest of the world. It also takes into account the investment in the education, training and other skills needed by the youth, so that they are better prepared for the future. Measures have also been proposed to address the impact of demographic change, promote a more inclusive and equitable society and further address the problem of poverty as well as building greater resilience to the impact of climate change.
 
Speaking about the repayment of public debt, the Prime Minister stated that the statutory requirement was to bring it down to 60 percent as a ratio of Gross Domestic Product by end of June 2021, but that Government plans to reach this target much earlier. This will be done by generating revenue from ongoing projects as well as using part of the accumulated undistributed surplus held at the Bank of Mauritius, as the country’s reserves increased by Rs 117 billion during the last four years to reach Rs 241 billion, that is, by 94 percent, and now representing 11.2 months of import cover. It is recalled that the Bank of Mauritius indicated, in a communique, that it is an acceptable international practice by central banks to hold official foreign exchange reserves in support of a range of objectives including, inter alia, to assist governments in meeting their external debt obligations.
 
With regard to global situations such as Brexit or the increasing price of petroleum products which will have an impact on Mauritius, Prime Minister Jugnauth said that the measures enunciated in Budget 2019-2020 will help to bring more economic growth for the country in forthcoming years. Government will do its uttermost to be as far-sighted as possible so as to cater for the needs of the population, he added.
 

Government Information Service, Prime Minister’s Office, Level 6, New Government Centre, Port Louis, Mauritius. Email: gis@govmu.org  Website: http://gis.govmu.org  Mobile App: Search Gov

SB19-154: Vulnerability Summary for the Week of May 27, 2019

Original release date: June 03, 2019

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High – Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 – 10.0

  • Medium – Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 – 6.9

  • Low – Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 – 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

 

High Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 10.0 CVE-2019-7018
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 10.0 CVE-2019-7019
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a buffer errors vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 10.0 CVE-2019-7020
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 10.0 CVE-2019-7025
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 10.0 CVE-2019-7026
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 10.0 CVE-2019-7029
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 10.0 CVE-2019-7031
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 10.0 CVE-2019-7037
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 10.0 CVE-2019-7039
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 10.0 CVE-2019-7040
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 9.3 CVE-2019-7042
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 9.3 CVE-2019-7043
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 9.3 CVE-2019-7044
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 10.0 CVE-2019-7046
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 9.3 CVE-2019-7048
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 10.0 CVE-2019-7050
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 10.0 CVE-2019-7051
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 10.0 CVE-2019-7052
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 10.0 CVE-2019-7054
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 10.0 CVE-2019-7060
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 10.0 CVE-2019-7062
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 10.0 CVE-2019-7066
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 10.0 CVE-2019-7068
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 9.3 CVE-2019-7069
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 9.3 CVE-2019-7070
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 9.3 CVE-2019-7072
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 7.1 CVE-2019-7075
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 10.0 CVE-2019-7076
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 9.3 CVE-2019-7077
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 9.3 CVE-2019-7078
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 9.3 CVE-2019-7079
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a double free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 10.0 CVE-2019-7080
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 10.0 CVE-2019-7082
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 10.0 CVE-2019-7083
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 10.0 CVE-2019-7084
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a buffer errors vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 10.0 CVE-2019-7085
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 10.0 CVE-2019-7086
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 10.0 CVE-2019-7087
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a data leakage (sensitive) vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 7.8 CVE-2019-7089
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20091 and earlier, 2019.010.20091 and earlier, 2017.011.30120 and earlier version, and 2015.006.30475 and earlier have a data leakage (sensitive) vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 7.8 CVE-2019-7815
CONFIRM
adobe — coldfusion ColdFusion versions Update 1 and earlier, Update 7 and earlier, and Update 15 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-24 10.0 CVE-2019-7091
CONFIRM
adobe — coldfusion ColdFusion versions Update 2 and earlier, Update 9 and earlier, and Update 17 and earlier have a file upload restriction bypass vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-24 10.0 CVE-2019-7816
CONFIRM
adobe — digital_editions Adobe Digital Editions versions 4.5.10.185749 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-24 10.0 CVE-2019-7095
CONFIRM
adobe — photoshop_cc Adobe Photoshop CC 19.1.7 and earlier, and 20.0.2 and earlier have a heap corruption vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-24 10.0 CVE-2019-7094
CONFIRM
apache — hadoop In Apache Hadoop versions 3.0.0-alpha1 to 3.1.0, 2.9.0 to 2.9.1, and 2.2.0 to 2.8.4, a user who can escalate to yarn user can possibly run arbitrary commands as root user. 2019-05-30 9.0 CVE-2018-8029
BID
CONFIRM
MLIST
auerswald — comfortel_1200_ip_firmware A command injection (missing input validation, escaping) in the ftp upgrade configuration interface on the Auerswald COMfort 1200 IP phone 3.4.4.1-10589 allows an authenticated remote attacker (simple user) — in the same network as the device — to trigger OS commands (like starting telnetd or opening a reverse shell) via a POST request to the web server. 2019-05-29 7.7 CVE-2018-19977
MISC
MISC
auerswald — comfortel_1200_ip_firmware A buffer overflow vulnerability in the DHCP and PPPOE configuration interface of the Auerswald COMfort 1200 IP phone 3.4.4.1-10589 allows a remote attacker (authenticated as simple user in the same network as the device) to trigger remote code execution via a POST request (ManufacturerName parameter) to the web server on the device. The web server is running with root privileges and the injected code will also run with root privileges. 2019-05-29 7.7 CVE-2018-19978
MISC
MISC
bosch — bosch_video_management_system A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Video Recording Manager (VRM), Video Streaming Gateway (VSG), Configuration Manager, Building Integration System (BIS) with Video Engine, Access Professional Edition (APE), Access Easy Controller (AEC), Bosch Video Client (BVC) and Video SDK (VSDK). The vulnerability potentially allows the unauthorized execution of code in the system via the network interface. 2019-05-29 7.5 CVE-2019-6957
CONFIRM
deltek — maconomy Deltek Maconomy 2.2.5 is prone to local file inclusion via absolute path traversal in the WS.macx1.W_MCS/ PATH_INFO, as demonstrated by a cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS//etc/passwd URI. 2019-05-24 7.5 CVE-2019-12314
MISC
MISC
exponentcms — exponent_cms Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules/ecommerce/controllers/cartController.php. 2019-05-24 7.5 CVE-2016-8898
MISC
MISC
exponentcms — exponent_cms Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules/core/controllers/expTagController.php related to change_tags. 2019-05-24 7.5 CVE-2016-8900
MISC
MISC
firejail_project — firejail Firejail before 0.9.60 allows truncation (resizing to length 0) of the firejail binary on the host by running exploit code inside a firejail sandbox and having the sandbox terminated. To succeed, certain conditions need to be fulfilled: The jail (with the exploit code inside) needs to be started as root, and it also needs to be terminated as root from the host (either by stopping it ungracefully (e.g., SIGKILL), or by using the –shutdown control command). This is similar to CVE-2019-5736. 2019-05-31 9.3 CVE-2019-12499
MISC
fortinet — forticlient An Unsafe Search Path vulnerability in FortiClient Online Installer (Windows version before 6.0.6) may allow an unauthenticated, remote attacker with control over the directory in which FortiClientOnlineInstaller.exe resides to execute arbitrary code on the system via uploading malicious .dll files in that directory. 2019-05-28 9.3 CVE-2019-5589
CONFIRM
gitlab — gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Uncontrolled Resource Consumption (issue 2 of 2). 2019-05-29 7.8 CVE-2019-9177
MISC
gitlab — gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 1 of 5). 2019-05-29 7.5 CVE-2019-9218
MISC
gitlab — gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Insecure Permissions. 2019-05-29 7.5 CVE-2019-9485
MISC
MISC
gitlab — gitlab An issue was discovered in GitLab Community and Enterprise Edition 10.x (starting from 10.8) and 11.x before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control. 2019-05-29 7.5 CVE-2019-9732
MISC
MISC
gnome — glib file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used. 2019-05-29 7.5 CVE-2019-12450
MISC
gnome — gvfs An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid is not used. 2019-05-29 7.5 CVE-2019-12447
MISC
gnome — gvfs An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles a file’s user and group ownership during move (and copy with G_FILE_COPY_ALL_METADATA) operations from admin:// to file:// URIs, because root privileges are unavailable. 2019-05-29 10.0 CVE-2019-12449
MISC
gog — galaxy An exploitable local privilege elevation vulnerability exists in the file system permissions of the `Temp` directory in GOG Galaxy 1.2.48.36 (Windows 64-bit Installer). An attacker can overwrite executables of the Desktop Galaxy Updater to exploit this vulnerability and execute arbitrary code with SYSTEM privileges. 2019-05-30 7.2 CVE-2018-4048
MISC
karamasoft — ultimateeditor Karamasoft UltimateEditor 1 does not ensure that an uploaded file is an image or document (neither file types nor extensions are restricted). The attacker must use the Attach icon to perform an upload. An uploaded file is accessible under the UltimateEditorInclude/UserFiles/ URI. 2019-05-24 7.5 CVE-2019-12150
MISC
MISC
linux — linux_kernel An issue was discovered in wcd9335_codec_enable_dec in sound/soc/codecs/wcd9335.c in the Linux kernel through 5.1.5. It uses kstrndup instead of kmemdup_nul, which allows attackers to have an unspecified impact via unknown vectors. 2019-05-30 7.2 CVE-2019-12454
MISC
MISC
linux — linux_kernel An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other impact by changing the value of ioc_number between two kernel reads of that value, aka a “double fetch” vulnerability. 2019-05-30 7.2 CVE-2019-12456
MISC
MISC
mlmsoftwarez — add_clicking_mlm_software SQL injection exists in ADD Clicking MLM Software 1.0, Binary MLM Software 1.0, Level MLM Software 1.0, Singleleg MLM Software 1.0, Autopool MLM Software 1.0, Investment MLM Software 1.0, Bidding MLM Software 1.0, Moneyorder MLM Software 1.0, Repurchase MLM Software 1.0, and Gift MLM Software 1.0 via the member/readmsg.php msg_id parameter, the member/tree.php pid parameter, or the member/downline.php m_id parameter. 2019-05-24 7.5 CVE-2018-17843
MISC
MISC
mobotix — s14_firmware There is a lack of CSRF countermeasures on MOBOTIX S14 MX-V4.2.1.61 cameras, as demonstrated by adding an admin account via the /admin/access URI. 2019-05-31 9.3 CVE-2019-12502
MISC
precurio — precurio The Xinha plugin in Precurio 2.1 allows Directory Traversal, with resultant arbitrary code execution, via ExtendedFileManager/Classes/ExtendedFileManager.php because ExtendedFileManager can be used to rename the .htaccess file that blocks .php uploads. 2019-05-24 7.5 CVE-2016-10759
MISC
MISC
qualcomm — ipq4019_firmware Data length received from firmware is not validated against the max allowed size which can result in buffer overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24 2019-05-24 7.2 CVE-2018-11925
CONFIRM
qualcomm — ipq4019_firmware Improper check before assigning value can lead to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA4020, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9980, QCN5502, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX20, SDX24, SM7150, Snapdragon_High_Med_2016, SXR1130 2019-05-24 7.2 CVE-2018-11968
CONFIRM
qualcomm — ipq8074_firmware Lack of check on length parameter may cause buffer overflow while processing WMI commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCS605, SD 210/SD 212/SD 205, SD 425, SD 600, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX20, SDX24, SM7150, SXR1130 2019-05-24 7.2 CVE-2018-11928
CONFIRM
qualcomm — mdm9150_firmware Improper input validation on input which is used as an array index will lead to an out of bounds issue while processing AP find event from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 625, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 845 / SD 850, SD 855, SDX20, SDX24, SM7150 2019-05-24 7.2 CVE-2018-11927
CONFIRM
qualcomm — mdm9150_firmware Improper input validation on input data which is used to locate and copy the additional IEs in WLAN function can lead to potential integer truncation issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS605, Qualcomm 215, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, SM7150 2019-05-24 10.0 CVE-2018-11930
CONFIRM
qualcomm — mdm9150_firmware Lack of input validation before copying can lead to a buffer over read in WLAN function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24, SM7150 2019-05-24 10.0 CVE-2018-11937
CONFIRM
qualcomm — mdm9150_firmware Lack of check in length before using memcpy in WLAN function can lead to OOB access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS605, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24, SXR1130 2019-05-24 10.0 CVE-2018-11940
CONFIRM
qualcomm — mdm9150_firmware Failure to initialize the extra buffer can lead to an out of buffer access in WLAN function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24 2019-05-24 10.0 CVE-2018-11949
CONFIRM
qualcomm — mdm9150_firmware While processing ssid IE length from remote AP, possible out-of-bounds access may occur due to crafted ssid IE length in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 650/52, SD 820, SD 820A, SDM439, SDX20 2019-05-24 10.0 CVE-2018-11953
CONFIRM
qualcomm — mdm9150_firmware Signature verification of the skel library could potentially be disabled as the memory region on the remote subsystem in which the library is loaded is allocated from userspace currently in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24 2019-05-24 7.2 CVE-2018-11967
CONFIRM
qualcomm — mdm9150_firmware Unchecked OTA field in GNSS XTRA3 lead to integer overflow and then buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, SM7150, Snapdragon_High_Med_2016, SXR1130 2019-05-24 10.0 CVE-2018-13886
CONFIRM
qualcomm — mdm9150_firmware Untrusted header fields in GNSS XTRA3 function can lead to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8909W, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, SM7150, SXR1130 2019-05-24 10.0 CVE-2018-13887
CONFIRM
qualcomm — mdm9150_firmware Due to the missing permissions on several content providers of the RCS app in its android manifest file will lead to an unprivileged access to phone in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20 2019-05-24 7.2 CVE-2018-13895
CONFIRM
qualcomm — mdm9150_firmware Processing messages after error may result in user after free memory fault in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, SM7150 2019-05-24 7.2 CVE-2018-13899
CONFIRM
qualcomm — mdm9206_firmware Improper authentication can happen on Remote command handling due to inappropriate handling of events in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SM7150, Snapdragon_High_Med_2016, SXR1130 2019-05-24 7.5 CVE-2018-11271
CONFIRM
qualcomm — mdm9206_firmware Index of array is processed in a wrong way inside a while loop and result in invalid index (-1 or something else) leads to out of bound memory access. in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9379, QCA9886, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 820, SD 820A, SD 835, SDX20, SDX24, Snapdragon_High_Med_2016 2019-05-24 10.0 CVE-2018-11936
CONFIRM
qualcomm — mdm9206_firmware While updating blacklisting region shared buffered memory region is not validated against newly updated black list, causing boot-up to be compromised in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MDM9655, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SD 8CX, SXR1130 2019-05-24 7.2 CVE-2018-12012
CONFIRM
qualcomm — mdm9206_firmware Improper authentication in locked memory region can lead to unprivilged access to the memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MDM9655, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 636, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM630, SDM660, SXR1130 2019-05-24 7.2 CVE-2018-12013
CONFIRM
qualcomm — mdm9206_firmware Use-after-free condition due to Improper handling of hrtimers when the PMU driver tries to access its events in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 712 / SD 710 / SD 670, SD 820A, SD 845 / SD 850, SD 855, SDM439, SDM630, SDM660, SDX24 2019-05-24 7.2 CVE-2018-13920
CONFIRM
qualcomm — mdm9206_firmware Error in parsing PMT table frees the memory allocated for the map section but does not reset the context map section reference causing heap use after free issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130 2019-05-24 10.0 CVE-2018-13925
CONFIRM
qualcomm — mdm9206_firmware Possible integer underflow can happen when calculating length of elementary stream info from invalid section length which is later used to read from input buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearable in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016 2019-05-24 10.0 CVE-2019-2244
CONFIRM
qualcomm — mdm9206_firmware Possible integer underflow can happen when calculating length of elementary stream map from invalid packet length which is later used to read from input buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SM7150, Snapdragon_High_Med_2016 2019-05-24 10.0 CVE-2019-2245
CONFIRM
qualcomm — qcs605_firmware Kernel can write to arbitrary memory address passed by user while freeing/stopping a thread in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCS605, SD 675, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SM7150, SXR1130 2019-05-24 7.2 CVE-2019-2250
CONFIRM
s9y — serendipity serendipity_moveMediaDirectory in Serendipity 2.0.3 allows remote attackers to upload and execute arbitrary PHP code because it mishandles an extensionless filename during a rename, as demonstrated by “php” as a filename. 2019-05-24 7.5 CVE-2016-10752
MISC
MISC
sqlite — sqlite SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables. 2019-05-30 7.5 CVE-2019-8457
MISC
MISC
synacor — zimbra_collaboration_suite ZxChat (aka ZeXtras Chat), as used for zimbra-chat and zimbra-talk in Synacor Zimbra Collaboration Suite 8.7 and 8.8 and in other products, allows XXE attacks, as demonstrated by a crafted XML request to mailboxd. 2019-05-29 7.5 CVE-2018-20160
MISC
MISC
MISC
synacor — zimbra_collaboration_suite Synacor Zimbra Collaboration Suite 8.7.x through 8.8.11 allows insecure object deserialization in the IMAP component. 2019-05-29 7.5 CVE-2019-6980
MISC
MISC
synacor — zimbra_collaboration_suite mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML External Entity injection (XXE) vulnerability. 2019-05-29 7.5 CVE-2019-9670
MISC
MISC
MISC
MISC
EXPLOIT-DB
yealink — ultra-elegant_ip_phone_sip-t41p_firmware The network diagnostic function (ping) in the Yeahlink Ultra-elegant IP Phone SIP-T41P (firmware 66.83.0.35) allows a remote authenticated attacker to trigger OS commands or open a reverse shell via command injection. 2019-05-29 9.0 CVE-2018-16217
MISC
MISC
yealink — ultra-elegant_ip_phone_sip-t41p_firmware The diagnostics web interface in the Yeahlink Ultra-elegant IP Phone SIP-T41P (firmware 66.83.0.35) does not validate (escape) the path information (path traversal), which allows an authenticated remote attacker to get access to privileged information (e.g., /etc/passwd) via path traversal (relative path information in the file parameter of the corresponding POST request). 2019-05-29 7.7 CVE-2018-16221
MISC
MISC

Back to top

 

Medium Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
abantecart — abantecart AbanteCart 1.2.8 allows SQL Injection via the source_language parameter to admin/controller/pages/localisation/language.php and core/lib/language_manager.php, or via POST data to admin/controller/pages/tool/backup.php and admin/model/tool/backup.php. 2019-05-24 4.0 CVE-2016-10755
MISC
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 5.0 CVE-2019-7021
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 5.0 CVE-2019-7022
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 5.0 CVE-2019-7023
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 5.0 CVE-2019-7024
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 5.0 CVE-2019-7028
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an integer overflow vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 5.0 CVE-2019-7030
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 5.0 CVE-2019-7032
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 5.0 CVE-2019-7033
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 5.0 CVE-2019-7034
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 5.0 CVE-2019-7035
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 5.0 CVE-2019-7036
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 5.0 CVE-2019-7038
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a security bypass vulnerability. Successful exploitation could lead to privilege escalation. 2019-05-24 6.8 CVE-2019-7041
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 4.3 CVE-2019-7045
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 5.0 CVE-2019-7047
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 4.3 CVE-2019-7049
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 5.0 CVE-2019-7053
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 5.0 CVE-2019-7055
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 5.0 CVE-2019-7056
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 5.0 CVE-2019-7057
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 5.0 CVE-2019-7058
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 5.0 CVE-2019-7059
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 5.0 CVE-2019-7063
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 5.0 CVE-2019-7064
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 5.0 CVE-2019-7065
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 5.0 CVE-2019-7067
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 4.3 CVE-2019-7071
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 4.3 CVE-2019-7073
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 4.3 CVE-2019-7074
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 5.0 CVE-2019-7081
CONFIRM
adobe — coldfusion ColdFusion versions Update 1 and earlier, Update 7 and earlier, and Update 15 and earlier have a cross site scripting vulnerability. Successful exploitation could lead to information disclosure . 2019-05-24 4.3 CVE-2019-7092
CONFIRM
adobe — creative_cloud Creative Cloud Desktop Application (installer) versions 4.7.0.400 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation. 2019-05-24 6.8 CVE-2019-7093
CONFIRM
adobe — experience_manager_forms Adobe Experience Manager Forms versions 6.2, 6.3 and 6.4 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. 2019-05-29 4.3 CVE-2019-7129
CONFIRM
adobe — flash_player Flash Player Desktop Runtime versions 32.0.0.114 and earlier, Flash Player for Google Chrome versions 32.0.0.114 and earlier, and Flash Player for Microsoft Edge and Internet Explorer 11 versions 32.0.0.114 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 4.3 CVE-2019-7090
CONFIRM
afian — filerun FileRun 2019.05.21 allows images/extjs Directory Listing. 2019-05-30 5.0 CVE-2019-12457
MISC
MISC
MISC
afian — filerun FileRun 2019.05.21 allows css/ext-ux Directory Listing. 2019-05-30 5.0 CVE-2019-12458
MISC
MISC
MISC
afian — filerun FileRun 2019.05.21 allows customizables/plugins/audio_player Directory Listing. 2019-05-30 5.0 CVE-2019-12459
MISC
MISC
MISC
ampache — ampache Ampache 3.8.3 allows PHP Object Instantiation via democratic.ajax.php and democratic.class.php. 2019-05-24 6.5 CVE-2017-18375
MISC
apache — camel Apache Camel prior to 2.24.0 contains an XML external entity injection (XXE) vulnerability (CWE-611) due to using an outdated vulnerable JSON-lib library. This affects only the camel-xmljson component, which was removed. 2019-05-28 5.0 CVE-2019-0188
JVN
MLIST
BID
CONFIRM
MLIST
apache — tomcat The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default. The printenv command is intended for debugging and is unlikely to be present in a production website. 2019-05-28 4.3 CVE-2019-0221
FULLDISC
CONFIRM
MLIST
bacnet_protocol_stack_project — bacnet_protocol_stack BACnet Protocol Stack through 0.8.6 could allow an unauthenticated, remote attacker to cause a denial of service (bacserv daemon crash) because there is an invalid read in bacdcode.c during parsing of alarm tag numbers. 2019-05-30 5.0 CVE-2019-12480
MISC
blueprism — robotic_process_automation In AutomateAppCore.dll in Blue Prism Robotic Process Automation 6.4.0.8445, a vulnerability in access control can be exploited to escalate privileges. The vulnerability allows for abusing the application for fraud or unauthorized access to certain information. The attack requires a valid user account to connect to the Blue Prism server, but the roles associated to this account are not required to have any permissions. First of all, the application files are modified to grant full permissions on the client side. In a test environment (or his own instance of the software) an attacker is able to grant himself full privileges also on the server side. He can then, for instance, create a process with malicious behavior and export it to disk. With the modified client, it is possible to import the exported file as a release and overwrite any existing process in the database. Eventually, the bots execute the malicious process. The server does not check the user’s permissions for the aforementioned actions, such that a modification of the client software enables this kind of attack. Possible scenarios may involve changing bank accounts or setting passwords. 2019-05-24 6.5 CVE-2019-11875
MISC
MISC
bosch — bosch_video_management_system A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Configuration Manager, Building Integration System (BIS) with Video Engine, Access Professional Edition (APE), Access Easy Controller (AEC), Bosch Video Client (BVC) and Video SDK (VSDK). The RCP+ network port allows access without authentication. Adding authentication feature to the respective library fixes the issue. The issue is classified as “CWE-284: Improper Access Control.” This vulnerability, for example, allows a potential attacker to delete video or read video data. 2019-05-29 6.4 CVE-2019-6958
CONFIRM
ca — risk_authentication A UI redress vulnerability in the administrative user interface of CA Technologies CA Strong Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 7.1.x and CA Risk Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 3.1.x may allow a remote attacker to gain sensitive information in some cases. 2019-05-28 4.0 CVE-2019-7393
MISC
FULLDISC
BID
BUGTRAQ
CONFIRM
ca — risk_authentication A privilege escalation vulnerability in the administrative user interface of CA Technologies CA Strong Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 7.1.x and CA Risk Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 3.1.x allows an authenticated attacker to gain additional privileges in some cases where an account has customized and limited privileges. 2019-05-28 6.5 CVE-2019-7394
MISC
FULLDISC
BID
BUGTRAQ
CONFIRM
cloudera — cloudera_manager An issue was discovered in Cloudera Manager before 5.13.4, 5.14.x before 5.14.4, and 5.15.x before 5.15.1. A read-only user can access sensitive cluster information. 2019-05-24 4.0 CVE-2018-10815
MISC
CONFIRM
computrols — computrols_building_automation_software Computrols CBAS 18.0.0 allows Cross-Site Request Forgery. 2019-05-24 6.8 CVE-2019-10847
MISC
MISC
computrols — computrols_building_automation_software Computrols CBAS 18.0.0 allows Username Enumeration. 2019-05-24 5.0 CVE-2019-10848
MISC
MISC
dollarshaveclub — shave XSS exists in Shave before 2.5.3 because output encoding is mishandled during the overwrite of an HTML element. 2019-05-24 4.3 CVE-2019-12313
MISC
MISC
MISC
doxygen — doxygen Insufficient sanitization of the query parameter in templates/html/search_opensearch.php could lead to reflected cross-site scripting or iframe injection. 2019-05-24 4.3 CVE-2016-10245
SUSE
BID
MISC
MISC
MISC
MLIST
drupal — drupal In PrestaShop 1.7.5.2, the shop_country parameter in the install/index.php installation script/component is affected by Reflected XSS. Exploitation by a malicious actor requires the user to follow the initial stages of the setup (accepting terms and conditions) before executing the malicious link. 2019-05-24 4.3 CVE-2019-11876
MISC
MISC
dynmap_project — dynmap In Webbukkit Dynmap 3.0-beta-3, with Spigot 1.13.2, due to a missing login check in servlet/MapStorageHandler.java, an attacker can see a map image without login despite an enabled login-required setting. 2019-05-28 5.0 CVE-2019-12395
MISC
MISC
MISC
e107 — e107 e107 2.1.2 allows PHP Object Injection with resultant SQL injection, because usersettings.php uses unserialize without an HMAC. 2019-05-24 6.5 CVE-2016-10753
MISC
MISC
eficode — influxdb Jenkins InfluxDB Plugin 1.21 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. 2019-05-31 4.0 CVE-2019-10329
MLIST
MISC
emerson — ovation_ocr400_firmware In Emerson Ovation OCR400 Controller 3.3.1 and earlier, a heap-based buffer overflow vulnerability in the embedded third-party FTP server involves improper handling of a long command to the FTP service, which may cause memory corruption that halts the controller or leads to remote code execution and escalation of privileges. 2019-05-28 6.5 CVE-2019-10965
BID
MISC
emerson — ovation_ocr400_firmware In Emerson Ovation OCR400 Controller 3.3.1 and earlier, a stack-based buffer overflow vulnerability in the embedded third-party FTP server involves improper handling of a long file name from the LIST command to the FTP service, which may cause the service to overwrite buffers, leading to remote code execution and escalation of privileges. 2019-05-28 6.5 CVE-2019-10967
BID
MISC
eventum_project — eventum An issue was discovered in Eventum 3.5.0. /htdocs/post_note.php has XSS via the garlic_prefix parameter. 2019-05-24 4.3 CVE-2018-12624
MISC
CONFIRM
fedoraproject — fedora Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://intel.ly/2w0UaVx 2019-05-30 4.7 CVE-2018-12126
FEDORA
CONFIRM
fedoraproject — fedora Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://intel.ly/2w0UaVx 2019-05-30 4.7 CVE-2018-12127
FEDORA
CONFIRM
fedoraproject — fedora Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://intel.ly/2w0UaVx 2019-05-30 4.7 CVE-2018-12130
FEDORA
CONFIRM
fedoraproject — fedora Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://intel.ly/2w0UaVx 2019-05-30 4.7 CVE-2019-11091
FEDORA
CONFIRM
fortinet — fortianalyzer An Improper Neutralization of Script-Related HTML Tags in Fortinet FortiAnalyzer 5.6.0 and below and FortiManager 5.6.0 and below allows an attacker to send DHCP request containing malicious scripts in the HOSTNAME parameter. The malicious script code is executed while viewing the logs in FortiAnalyzer and FortiManager (with FortiAnalyzer feature enabled). 2019-05-28 4.3 CVE-2018-13375
CONFIRM
fortinet — forticlient A local privilege escalation in Fortinet FortiClient for Windows 6.0.4 and earlier allows attacker to execute unauthorized code or commands via the command injection. 2019-05-30 4.6 CVE-2018-13368
CONFIRM
fortinet — forticlient A local privilege escalation in Fortinet FortiClient for Windows 6.0.4 and earlier allows attackers to execute unauthorized code or commands via the named pipe responsible for Forticlient updates. 2019-05-30 4.6 CVE-2018-9191
CONFIRM
fortinet — forticlient A local privilege escalation in Fortinet FortiClient for Windows 6.0.4 and earlier allows attacker to execute unauthorized code or commands via the parsing of the file. 2019-05-30 4.6 CVE-2018-9193
CONFIRM
fortinet — fortios An Information Exposure vulnerability in Fortinet FortiOS 6.0.1, 5.6.5 and below, allow attackers to learn private IP as well as the hostname of FortiGate via Application Control Block page. 2019-05-29 5.0 CVE-2018-13365
CONFIRM
fortinet — fortios A heap buffer overflow in Fortinet FortiOS all versions below 6.0.5 in the SSL VPN web portal may cause the SSL VPN web service termination for logged in users due to a failure to properly handle javascript href data when proxying webpages. 2019-05-29 4.3 CVE-2018-13383
CONFIRM
freeradius — freeradius It was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privileges to root, by tricking logrotate into writing a radiusd-writable file to a directory normally inaccessible by the radiusd user. 2019-05-24 6.9 CVE-2019-10143
CONFIRM
CONFIRM
gitea — gitea Jenkins Gitea Plugin 1.1.1 and earlier did not implement trusted revisions, allowing attackers without commit access to the Git repo to change Jenkinsfiles even if Jenkins is configured to consider them to be untrusted. 2019-05-31 5.0 CVE-2019-10330
MLIST
MISC
gitlab — gitlab An issue was discovered in GitLab Community and Enterprise Edition 10.x and 11.x before 11.5.10, 11.6.x before 11.6.8, and 11.7.x before 11.7.3. It has Incorrect Access Control, 2019-05-29 4.0 CVE-2019-7549
MISC
MISC
gitlab — gitlab An issue was discovered in GitLab Community and Enterprise Edition 11.x before 11.7.7 and 11.8.x before 11.8.3. It allows Information Disclosure. 2019-05-29 4.0 CVE-2019-9866
MISC
glyphandcog — xpdfreader A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data into dump content. 2019-05-27 5.8 CVE-2019-12360
MISC
glyphandcog — xpdfreader A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data. 2019-05-30 5.8 CVE-2019-12493
MISC
gnome — gvfs An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c has race conditions because the admin backend doesn’t implement query_info_on_read/write. 2019-05-29 6.8 CVE-2019-12448
MISC
gpac — gpac An issue was discovered in GPAC 0.7.1. There is a NULL pointer dereference in the function GetESD at isomedia/track.c in libgpac.a, as demonstrated by MP4Box. 2019-05-30 4.3 CVE-2019-12481
MISC
gpac — gpac An issue was discovered in GPAC 0.7.1. There is a NULL pointer dereference in the function gf_isom_get_original_format_type at isomedia/drm_sample.c in libgpac.a, as demonstrated by MP4Box. 2019-05-30 5.0 CVE-2019-12482
MISC
gpac — gpac An issue was discovered in GPAC 0.7.1. There is a heap-based buffer overflow in the function ReadGF_IPMPX_RemoveToolNotificationListener in odf/ipmpx_code.c in libgpac.a, as demonstrated by MP4Box. 2019-05-30 6.8 CVE-2019-12483
MISC
haxx — curl An integer overflow in curl’s URL API results in a buffer overflow in libcurl 7.62.0 to and including 7.64.1. 2019-05-28 4.3 CVE-2019-5435
CONFIRM
haxx — libcurl A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1. 2019-05-28 4.6 CVE-2019-5436
CONFIRM
heidelberg — prinect_archiver A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Heidelberg Prinect Archiver v2013 release 1.0. 2019-05-24 4.3 CVE-2019-10685
MISC
MISC
horde — groupware Remote code execution was discovered in Horde Groupware Webmail 5.2.22 and 5.2.17. Horde/Form/Type.php contains a vulnerable class that handles image upload in forms. When the Horde_Form_Type_image method onSubmit() is called on uploads, it invokes the functions getImage() and _getUpload(), which uses unsanitized user input as a path to save the image. The unsanitized POST parameter object[photo][img][file] is saved in the $upload[img][file] PHP variable, allowing an attacker to manipulate the $tmp_file passed to move_uploaded_file() to save the uploaded file. By setting the parameter to (for example) ../usr/share/horde/static/bd.php, one can write a PHP backdoor inside the web root. The static/ destination folder is a good candidate to drop the backdoor because it is always writable in Horde installations. (The unsanitized POST parameter went probably unnoticed because it’s never submitted by the forms, which default to securely using a random path.) 2019-05-29 6.5 CVE-2019-9858
MISC
MISC
hybridgroup — gobot An issue was discovered in Hybrid Group Gobot before 1.13.0. The mqtt subsystem skips verification of root CA certificates by default. 2019-05-31 5.0 CVE-2019-12496
MISC
MISC
ibm — api_connect IBM API Connect 5.0.0.0 through 5.0.8.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 159944. 2019-05-29 5.0 CVE-2019-4256
BID
XF
CONFIRM
ibm — qradar_security_information_and_event_manager IBM QRadar SIEM 7.2.8 WinCollect could allow an attacker to obtain sensitive information by spoofing a trusted entity using man in the middle techniques due to not validating or incorrectly validating a certificate. IBM X-Force ID: 160072. 2019-05-29 4.3 CVE-2019-4264
BID
XF
CONFIRM
incsub — hustle The Hustle (aka wordpress-popup) plugin 6.0.7 for WordPress is vulnerable to CSV Injection as it allows for injecting malicious code into a pop-up window. Successful exploitation grants an attacker with a right to execute malicious code on the administrator’s computer through Excel functions as the plugin does not sanitize the user’s input and allows insertion of any text. 2019-05-29 6.8 CVE-2019-11872
MISC
MISC
MISC
jenkins — pipeline_maven_integration An XML external entities (XXE) vulnerability in Jenkins Pipeline Maven Integration Plugin 1.7.0 and earlier allowed attackers able to control a temporary directory’s content on the agent running the Maven build to have Jenkins parse a maliciously crafted XML file that uses external entities for extraction of secrets from the Jenkins master, server-side request forgery, or denial-of-service attacks. 2019-05-31 5.5 CVE-2019-10327
MLIST
MISC
jenkins — pipeline_remote_loader Jenkins Pipeline Remote Loader Plugin 1.4 and earlier provided a custom whitelist for script security that allowed attackers to invoke arbitrary methods, bypassing typical sandbox protection. 2019-05-31 6.5 CVE-2019-10328
MLIST
MISC
jenkins — warnings_next_generation A cross-site request forgery vulnerability in Jenkins Warnings NG Plugin 5.0.0 and earlier allowed attackers to reset warning counts for future builds. 2019-05-31 4.3 CVE-2019-10326
MLIST
MISC
jfrog — artifactory A cross-site request forgery vulnerability in Jenkins Artifactory Plugin 3.2.2 and earlier in ArtifactoryBuilder.DescriptorImpl#doTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. 2019-05-31 4.3 CVE-2019-10321
MLIST
MISC
jfrog — artifactory A missing permission check in Jenkins Artifactory Plugin 3.2.2 and earlier in ArtifactoryBuilder.DescriptorImpl#doTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. 2019-05-31 4.0 CVE-2019-10322
MLIST
MISC
jfrog — artifactory A missing permission check in Jenkins Artifactory Plugin 3.2.2 and earlier in various ‘fillCredentialsIdItems’ methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins. 2019-05-31 4.0 CVE-2019-10323
MLIST
MISC
jfrog — artifactory A cross-site request forgery vulnerability in Jenkins Artifactory Plugin 3.2.2 and earlier in ReleaseAction#doSubmit, GradleReleaseApiAction#doStaging, MavenReleaseApiAction#doStaging, and UnifiedPromoteBuildAction#doSubmit allowed attackers to schedule a release build, perform release staging for Gradle and Maven projects, and promote previously staged builds, respectively. 2019-05-31 4.3 CVE-2019-10324
MLIST
MISC
kibokolabs — hostel XSS exists in the Kiboko Hostel plugin before 1.1.4 for WordPress. 2019-05-27 4.3 CVE-2019-12345
MISC
kliqqi — kliqqi_cms Kliqqi 3.0.0.5 allows CSRF with resultant Arbitrary File Upload because module.php?module=upload can be used to configure the uploading of .php files, and then modules/upload/upload_main.php can be used for the upload itself. 2019-05-24 6.8 CVE-2016-10756
MISC
MISC
libreswan — libreswan In Libreswan before 3.28, an assertion failure can lead to a pluto IKE daemon restart. An attacker can trigger a NULL pointer dereference by sending two IKEv2 packets (init_IKE and delete_IKE) in 3des_cbc mode to a Libreswan server. This affects send_v2N_spi_response_from_state in programs/pluto/ikev2_send.c when built with Network Security Services (NSS). 2019-05-24 5.0 CVE-2019-12312
MISC
MISC
MISC
linux — linux_kernel An issue was discovered in ip6_ra_control in net/ipv6/ipv6_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). 2019-05-27 4.9 CVE-2019-12378
BID
MISC
MISC
linux — linux_kernel An issue was discovered in con_insert_unipair in drivers/tty/vt/consolemap.c in the Linux kernel through 5.1.5. There is a memory leak in a certain case of an ENOMEM outcome of kmalloc. 2019-05-27 4.9 CVE-2019-12379
BID
MISC
linux — linux_kernel An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). 2019-05-27 4.9 CVE-2019-12381
BID
MISC
MISC
linux — linux_kernel An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). 2019-05-27 4.9 CVE-2019-12382
BID
MISC
MISC
linux — linux_kernel An issue was discovered in sunxi_divs_clk_setup in drivers/clk/sunxi/clk-sunxi.c in the Linux kernel through 5.1.5. There is an unchecked kstrndup of derived_name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). 2019-05-30 4.9 CVE-2019-12455
MISC
MISC
netgate — pfsense In pfSense 2.4.4-p3, a stored XSS vulnerability occurs when attackers inject a payload into the Name or Description field via an acme_accountkeys_edit.php action. The vulnerability occurs due to input validation errors. 2019-05-29 4.3 CVE-2019-12347
MISC
MISC
CONFIRM
MISC
MISC
oracle — enterprise_manager_ops_center Vulnerability in the Enterprise Manager Ops Center component of Oracle Enterprise Manager Products Suite (subcomponent: Services Integration). The supported version that is affected is 12.3.3. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Enterprise Manager Ops Center. While the vulnerability is in Enterprise Manager Ops Center, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Enterprise Manager Ops Center. CVSS 3.0 Base Score 6.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H). 2019-05-24 6.3 CVE-2019-2726
MISC
osclass — osclass osClass 3.6.1 allows oc-admin/plugins.php Directory Traversal via the plugin parameter. This is exploitable for remote PHP code execution because an administrator can upload an image that contains PHP code in the EXIF data via index.php?page=ajax&action=ajax_upload. 2019-05-24 6.5 CVE-2016-10751
MISC
MISC
phome — empirecms EmpireCMS 7.5.0 has XSS via the from parameter to e/member/doaction.php, as demonstrated by a CSRF payload that changes the dynamic page template. The attacker can choose to resend the e/template/member/regsend.php registered activation mail page. 2019-05-27 4.3 CVE-2019-12361
MISC
phome — empirecms EmpireCMS 7.5.0 has XSS via the HTTP Referer header to e/member/doaction.php. 2019-05-27 4.3 CVE-2019-12362
MISC
phpkit — phpkit PHPKIT 1.6.6 allows arbitrary File Upload, as demonstrated by a .php file to pkinc/admin/mediaarchive.php and pkinc/func/default.php via the image_name parameter. 2019-05-24 6.5 CVE-2016-10758
MISC
MISC
phprelativepath_project — phprelativepath An XSS vulnerability exists in PHPRelativePath (aka Relative Path) through 1.0.2 via the RelativePath.Example1.php path parameter. 2019-05-31 4.3 CVE-2019-12507
MISC
MISC
qemu — qemu interface_release_resource in hw/display/qxl.c in QEMU 4.0.0 has a NULL pointer dereference. 2019-05-24 5.0 CVE-2019-12155
CONFIRM
MISC
BUGTRAQ
DEBIAN
qualcomm — 215_firmware Buffer overflow can occur if invalid header tries to overwrite the existing buffer which fix size allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 820, SD 820A, SD 845 / SD 850, SDM439, SDM660, SDX20 2019-05-24 4.6 CVE-2019-2248
CONFIRM
qualcomm — ipq8074_firmware ECDSA signature code leaks private keys from secure world to non-secure world in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA8081, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130 2019-05-24 4.9 CVE-2018-11976
CONFIRM
qualcomm — mdm9150_firmware Improper buffer length check before copying can lead to integer overflow and then a buffer overflow in WMA event handler in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24 2019-05-24 4.6 CVE-2018-11923
CONFIRM
qualcomm — mdm9150_firmware Improper buffer length validation in WLAN function can lead to a potential integer oveflow issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24, SM7150 2019-05-24 4.6 CVE-2018-11924
CONFIRM
qualcomm — mdm9150_firmware An unprivileged user can issue a binder call and cause a system halt in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, SM7150 2019-05-24 4.9 CVE-2018-12005
CONFIRM
qualcomm — mdm9150_firmware Possible memory overread may be lead to access of sensitive data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9650, MDM9655, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, SM7150, SXR1130 2019-05-24 4.9 CVE-2018-13885
CONFIRM
qualcomm — mdm9150_firmware Possibility of double free issue while running multiple instances of smp2p test because of proper protection is missing while using global variable in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24 2019-05-24 4.6 CVE-2019-2247
CONFIRM
qualcomm — mdm9206_firmware Secure keypad is unlocked with secure display still intact in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MDM9655, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 636, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM630, SDM660, SXR1130 2019-05-24 4.9 CVE-2018-12004
CONFIRM
readaxo — readaxo In Redaxo 5.2.0, the cron management of the admin panel suffers from CSRF that leads to arbitrary Remote Code Execution via addons/cronjob/lib/types/phpcode.php. 2019-05-24 6.8 CVE-2016-10757
MISC
MISC
revive-adserver — revive_adserver Use of cryptographically weak PRNG in the password recovery token generation of Revive Adserver < v4.2.1 causes a potential authentication bypass attack if an attacker exploits the password recovery functionality. In lib/OA/Dal/PasswordRecovery.php, the function generateRecoveryId() generates a password reset token that relies on the PHP uniqid function and consequently depends only on the current server time, which is often visible in an HTTP Date header. 2019-05-28 6.8 CVE-2019-5440
MISC
samsung — scx-824_firmware Samsung SCX-824 printers allow a reflected Cross-Site-Scripting (XSS) vulnerability that can be triggered by using the “print from file” feature, as demonstrated by the sws/swsAlert.sws?popupid=successMsg msg parameter. 2019-05-24 4.3 CVE-2019-12315
MISC
synacor — zimbra_collaboration_suite Synacor Zimbra Mail Client 8.6 before 8.6.0 Patch 5 has XSS via the error/warning dialog and email body content in Zimbra. 2019-05-30 4.3 CVE-2015-7609
MISC
MISC
MISC
MISC
MISC
synacor — zimbra_collaboration_suite Synacor Zimbra Collaboration Suite Collaboration before 8.8.11 has XSS in the AJAX and html web clients. 2019-05-29 4.3 CVE-2018-14013
MISC
MISC
MISC
MISC
MISC
MISC
MISC
synacor — zimbra_collaboration_suite There is a Persistent XSS vulnerability in the briefcase component of Synacor Zimbra Collaboration Suite (ZCS) Zimbra Web Client (ZWC) 8.8.8 before 8.8.8 Patch 7 and 8.8.9 before 8.8.9 Patch 1. 2019-05-30 4.3 CVE-2018-14425
MISC
MISC
synacor — zimbra_collaboration_suite An issue was discovered in Synacor Zimbra Collaboration Suite 8.6.x before 8.6.0 Patch 11, 8.7.x before 8.7.11 Patch 6, 8.8.x before 8.8.8 Patch 9, and 8.8.9 before 8.8.9 Patch 3. Account number enumeration is possible via inconsistent responses for specific types of authentication requests. 2019-05-30 5.0 CVE-2018-15131
MISC
MISC
synacor — zimbra_collaboration_suite mailboxd component in Synacor Zimbra Collaboration Suite 8.6, 8.7 before 8.7.11 Patch 7, and 8.8 before 8.8.10 Patch 2 has Persistent XSS. 2019-05-29 4.3 CVE-2018-18631
MISC
MISC
synacor — zimbra_collaboration_suite Zimbra Collaboration Suite 8.7.x through 8.8.11 allows Blind SSRF in the Feed component. 2019-05-29 4.0 CVE-2019-6981
MISC
MISC
tinycc — tinycc An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. Compiling a crafted source file leads to a one-byte out-of-bounds write in the gsym_addr function in x86_64-gen.c. This occurs because tccasm.c mishandles section switches. 2019-05-31 4.3 CVE-2019-12495
MISC
MISC
torproject — tor_browser Tor Browser before 8.0.1 has an information exposure vulnerability. It allows remote attackers to detect the browser’s UI locale by measuring a button width, even if the user has a “Don’t send my language” setting. 2019-05-27 4.3 CVE-2019-12383
BID
MISC
MISC
MISC
vtiger — vtiger_crm modules/Calendar/Activity.php in Vtiger CRM 6.5.0 allows SQL injection via the contactidlist parameter. 2019-05-24 6.5 CVE-2016-10754
MISC
MISC
webport — web_port Web Port 1.19.1 allows XSS via the /access/setup type parameter. 2019-05-30 4.3 CVE-2019-12460
MISC
MISC
webport — web_port Web Port 1.19.1 allows XSS via the /log type parameter. 2019-05-30 4.3 CVE-2019-12461
MISC
MISC
westermo — dr-250_firmware The /uploadfile? functionality in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allows remote users to upload malicious file types and execute ASP code. 2019-05-24 6.5 CVE-2018-19612
MISC
MISC
westermo — dr-250_firmware Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allow CSRF. 2019-05-24 4.3 CVE-2018-19613
MISC
MISC
windriver — vxworks When RPC is enabled in Wind River VxWorks 6.9 prior to 6.9.1, a specially crafted RPC request can trigger an integer overflow leading to an out-of-bounds memory copy. It may allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code. 2019-05-29 6.8 CVE-2019-9865
MISC
CONFIRM
yealink — ultra-elegant_ip_phone_sip-t41p_firmware A CSRF (Cross Site Request Forgery) in the web interface of the Yeahlink Ultra-elegant IP Phone SIP-T41P firmware version 66.83.0.35 allows a remote attacker to trigger code execution or settings modification on the device by providing a crafted link to the victim. 2019-05-29 6.8 CVE-2018-16218
MISC
MISC
zohocorp — manageengine_adselfservice_plus In Zoho ManageEngine ADSelfService Plus 5.x through 5704, an authorization.do cross-site Scripting (XSS) vulnerability allows for an unauthenticated manipulation of the JavaScript code by injecting the HTTP form parameter adscsrf. An attacker can use this to capture a user’s AD self-service password reset and MFA token. 2019-05-24 4.3 CVE-2019-8346
MISC

Back to top

 

Low Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
gitlab — gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 3 of 5). 2019-05-29 2.1 CVE-2019-9221
MISC
MISC
iball — 300m_2-port_wireless-n_broadband_router_firmware iBall Baton iB-WRB302N20122017 devices have improper access control over the UART interface, allowing physical attackers to discover Wi-Fi credentials (plain text) and the web-console password (base64) via the debugging console. 2019-05-28 2.1 CVE-2018-20008
MISC
MISC
ibm — cognos_analytics IBM Cognos Analytics 11.0, 11.1.0, and 11.1.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 158335. 2019-05-29 3.5 CVE-2019-4139
CONFIRM
BID
XF
ibm — jazz_reporting_service IBM Jazz Reporting Service 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 158974. 2019-05-29 3.5 CVE-2019-4184
BID
XF
CONFIRM
jenkins — warnings_next_generation A cross-site scripting vulnerability in Jenkins Warnings NG Plugin 5.0.0 and earlier allowed attacker with Job/Configure permission to inject arbitrary JavaScript in build overview pages. 2019-05-31 3.5 CVE-2019-10325
MLIST
MISC
linux — linux_kernel An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. phys_efi_set_virtual_address_map in arch/x86/platform/efi/efi.c and efi_call_phys_prolog in arch/x86/platform/efi/efi_64.c mishandle memory allocation failures. 2019-05-27 2.1 CVE-2019-12380
BID
MISC
synacor — zimbra_collaboration_suite Synacor Zimbra Admin UI in Zimbra Collaboration Suite before 8.8.0 beta 2 has Persistent XSS via mail addrs. 2019-05-30 3.5 CVE-2018-10948
MISC
tp-link — tl-wr840n_firmware TP-Link TL-WR840N v5 00000005 devices allow XSS via the network name. The attacker must log into the router by breaking the password and going to the admin login page by THC-HYDRA to get the network name. With an XSS payload, the network name changed automatically and the internet connection was disconnected. All the users become disconnected from the internet. 2019-05-24 3.5 CVE-2019-12195
MISC
MISC

Back to top

 

Severity Not Yet Assigned

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
advanced_infodata_systems — esel-server SQL Injection in Advanced InfoData Systems (AIS) ESEL-Server 67 (which is the backend for the AIS logistics mobile app) allows an anonymous attacker to execute arbitrary code in the context of the user of the MSSQL database. The default user for the database is the ‘sa’ user. 2019-05-31 not yet calculated CVE-2019-10123
MISC
MISC
apache — roller Server-side Request Forgery (SSRF) and File Enumeration vulnerability in Apache Roller 5.2.1, 5.2.0 and earlier unsupported versions relies on Java SAX Parser to implement its XML-RPC interface and by default that parser supports external entities in XML DOCTYPE, which opens Roller up to SSRF / File Enumeration vulnerability. Note that this vulnerability exists even if Roller XML-RPC interface is disable via the Roller web admin UI. Mitigation: There are a couple of ways you can fix this vulnerability: 1) Upgrade to the latest version of Roller, which is now 5.2.2 2) Or, edit the Roller web.xml file and comment out the XML-RPC Servlet mapping as shown below: <!– <servlet-mapping> <servlet-name>XmlRpcServlet</servlet-name> <url-pattern>/roller-services/xmlrpc</url-pattern> </servlet-mapping> –> 2019-05-28 not yet calculated CVE-2018-17198
BID
MISC
aveva — vijeo_citect_and_citectscada In Vijeo Citect 7.30 and 7.40, and CitectSCADA 7.30 and 7.40, a vulnerability has been identified that may allow an authenticated local user access to Citect user credentials. 2019-05-31 not yet calculated CVE-2019-10981
MISC
CONFIRM
bitdefender — bitdefender_engines An issue was discovered in Bitdefender Engines before 7.76675. A vulnerability has been discovered in the rar.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. Paired with other vulnerabilities, this can result in denial-of-service. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. 2019-05-24 not yet calculated CVE-2018-18059
MISC
MISC
bitdefender — bitdefender_engines An issue was discovered in Bitdefender Engines before 7.76808. A vulnerability has been discovered in the dalvik.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. Paired with other vulnerabilities, this can result in denial-of-service. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. 2019-05-24 not yet calculated CVE-2018-18060
MISC
MISC
bitdefender — bitdefender_engines
 
An issue was discovered in Bitdefender Engines before 7.76662. A vulnerability has been discovered in the iso.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a division-by-zero circumstance. Paired with other vulnerabilities, this can result in denial-of-service. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. 2019-05-24 not yet calculated CVE-2018-18058
MISC
MISC
bosch — smart_home_controller A potential improper access control vulnerability exists in the JSON-RPC interface of the Bosch Smart Home Controller (SHC) before 9.8.905 that may result in reading or modification of the SHC’s configuration or triggering and restoring backups. In order to exploit the vulnerability, the adversary needs to have successfully paired an app or service, which requires user interaction. 2019-05-29 not yet calculated CVE-2019-11892
CONFIRM
bosch — smart_home_controller A potential incorrect privilege assignment vulnerability exists in the app pairing mechanism of the Bosch Smart Home Controller (SHC) before 9.8.905 that may result in elevated privileges of the adversary’s choosing. In order to exploit the vulnerability, the adversary needs physical access to the SHC during the attack. 2019-05-29 not yet calculated CVE-2019-11891
CONFIRM
bosch — smart_home_controller A potential incorrect privilege assignment vulnerability exists in the app permission update API of the Bosch Smart Home Controller (SHC) before 9.8.905 that may result in a restricted app obtaining default app permissions. In order to exploit the vulnerability, the adversary needs to have successfully paired an app with restricted permissions, which required user interaction. 2019-05-29 not yet calculated CVE-2019-11893
CONFIRM
bosch — smart_home_controller A potential improper access control vulnerability exists in the backup mechanism of the Bosch Smart Home Controller (SHC) before 9.8.905 that may result in unauthorized download of a backup. In order to exploit the vulnerability, the adversary needs to download the backup directly after a backup triggered by a legitimate user has been completed. 2019-05-29 not yet calculated CVE-2019-11894
CONFIRM
bosch — smart_home_controller A potential improper access control vulnerability exists in the JSON-RPC interface of the Bosch Smart Home Controller (SHC) before 9.8.905 that may result in a successful denial of service of the SHC and connected sensors and actuators. In order to exploit the vulnerability, the adversary needs to have successfully paired an app or service, which requires user interaction. 2019-05-29 not yet calculated CVE-2019-11895
CONFIRM
bosch — smart_home_controller A potential incorrect privilege assignment vulnerability exists in the 3rd party pairing mechanism of the Bosch Smart Home Controller (SHC) before 9.8.907 that may result in a restricted app obtaining default app permissions. In order to exploit the vulnerability, the adversary needs to have successfully paired an app, which requires user interaction. 2019-05-29 not yet calculated CVE-2019-11896
CONFIRM
containous — traefik types/types.go in Containous Traefik 1.7.x through 1.7.11, when the –api flag is used and the API is publicly reachable and exposed without sufficient access control (which is contrary to the API documentation), allows remote authenticated users to discover password hashes by reading the Basic HTTP Authentication or Digest HTTP Authentication section, or discover a key by reading the ClientTLS section. These can be found in the JSON response to a /api request. 2019-05-29 not yet calculated CVE-2019-12452
MISC
MISC
MISC
evernote — evernote Evernote 7.9 on macOS allows attackers to execute arbitrary programs by embedding a reference to a local executable file such as the /Applications/Calculator.app/Contents/MacOS/Calculator file. 2019-05-31 not yet calculated CVE-2019-10038
MISC
MISC
MISC
godot_engine — godot In Godot through 3.1, remote code execution is possible due to the deserialization policy not being applied correctly. 2019-05-31 not yet calculated CVE-2019-10069
MISC
MISC
google — sign-in An unhandled exception vulnerability exists during Google Sign-In with Google API C++ Client before 2019-04-10. It potentially causes an outage of third-party services that were not designed to recover from exceptions. On the client, ID token handling can cause an unhandled exception because of misinterpretation of an integer as a string, resulting in denial-of-service and then other users can no longer login/sign-in to the affected third-party service. Once this third-party service uses Google Sign-In with google-api-cpp-client, a malicious user can trigger this client/auth/oauth2_authorization.cc vulnerability by requesting the client to receive the ID token from a Google authentication server. 2019-05-30 not yet calculated CVE-2018-20840
MISC
MISC
hp — workstation_bios HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is enabled by default. 2019-05-29 not yet calculated CVE-2019-6322
HP
hp — workstation_bios HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is disabled by default. 2019-05-29 not yet calculated CVE-2019-6321
HP
ibm — spectrum_control IBM Tivoli Storage Productivity Center 5.2.13 through 5.3.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. X-Force ID: 158334. 2019-05-29 not yet calculated CVE-2019-4138
CONFIRM
BID
XF
ibm — spectrum_control IBM Tivoli Storage Productivity Center 5.2.13 through 5.3.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 158333. 2019-05-29 not yet calculated CVE-2019-4137
CONFIRM
BID
XF
jector — smart_tv_fm-k75_devices Jector Smart TV FM-K75 devices allow remote code execution because there is an adb open port with root permission. 2019-05-31 not yet calculated CVE-2019-9871
MISC
MISC
logicaldoc — logicaldoc_community_edition LogicalDOC Community Edition 8.x before 8.2.1 has a path traversal vulnerability that allows reading arbitrary files and the creation of directories, in the class PluginRegistry. 2019-05-30 not yet calculated CVE-2019-9723
MISC
mitel — micollab_and_micollab_awv MiCollab 7.3 PR2 (7.3.0.204) and earlier, 7.2 (7.2.2.13) and earlier, and 7.1 (7.1.0.57) and earlier and MiCollab AWV 6.3 (6.3.0.103), 6.2 (6.2.2.8), 6.1 (6.1.0.28), 6.0 (6.0.0.61), and 5.0 (5.0.5.7) have a Command Execution Vulnerability. Successful exploit of this vulnerability could allow an attacker to execute arbitrary system commands. 2019-05-29 not yet calculated CVE-2019-12165
MISC
nuuo — network_video_recorder_firmware NUUO Network Video Recorder Firmware 1.7.x through 3.3.x allows unauthenticated attackers to execute arbitrary commands via shell metacharacters to handle_load_config.php. 2019-05-31 not yet calculated CVE-2019-9653
MISC
MISC
MISC
nvidia — geforce_experience NVIDIA GeForce Experience versions prior to 3.19 contains a vulnerability in the Web Helper component, in which an attacker with local system access can craft input that may not be properly validated. Such an attack may lead to code execution, denial of service or information disclosure. 2019-05-31 not yet calculated CVE-2019-5678
CONFIRM
petraware — ptransformer_adc Petraware pTransformer ADC before 2.1.7.22827 allows SQL Injection via the User ID parameter to the login form. 2019-05-27 not yet calculated CVE-2019-12372
MISC
MISC
project_atomic — bubblewrap bubblewrap.c in Bubblewrap before 0.3.3 misuses temporary directories in /tmp as a mount point. In some particular configurations (related to XDG_RUNTIME_DIR), a local attacker may abuse this flaw to prevent other users from executing bubblewrap or potentially execute code. 2019-05-29 not yet calculated CVE-2019-12439
MISC
MISC
MISC
MISC
pydio — pydio An unauthenticated attacker can obtain information about the Pydio 8.2.2 configuration including session timeout, libraries, and license information. 2019-05-31 not yet calculated CVE-2019-10046
MISC
pydio — pydio The “action” get_sess_id in the web application of Pydio through 8.2.2 discloses the session cookie value in the response body, enabling scripts to get access to its value. This identifier can be reused by an attacker to impersonate a user and perform actions on behalf of him/her (if the session is still active). 2019-05-31 not yet calculated CVE-2019-10045
MISC
pydio — pydio
 
It is possible for an attacker with regular user access to the web application of Pydio through 8.2.2 to trick an administrator user into opening a link shared through the application, that in turn opens a shared file that contains JavaScript code (that is executed in the context of the victim user to obtain sensitive information such as session identifiers and perform actions on behalf of him/her). 2019-05-31 not yet calculated CVE-2019-10049
MISC
pydio — pydio
 
A stored XSS vulnerability exists in the web application of Pydio through 8.2.2 that can be exploited by levering the file upload and file preview features of the application. An authenticated attacker can upload an HTML file containing JavaScript code and afterwards a file preview URL can be used to access the uploaded file. If a malicious user shares an uploaded HTML file containing JavaScript code with another user of the application, and tricks an authenticated victim into accessing a URL that results in the HTML code being interpreted by the web browser, then the included JavaScript code is executed under the context of the victim user session. 2019-05-31 not yet calculated CVE-2019-10047
MISC
pydio — pydio
 
The ImageMagick plugin that is installed by default in Pydio through 8.2.2 does not perform the appropriate validation and sanitization of user supplied input in the plugin’s configuration options, allowing arbitrary shell commands to be entered that result in command execution on the underlying operating system, with the privileges of the local user running the web server. The attacker must be authenticated into the application with an administrator user account in order to be able to edit the affected plugin configuration. 2019-05-31 not yet calculated CVE-2019-10048
MISC
qemu — qemu In QEMU 3.1.0, load_device_tree in device_tree.c calls the deprecated load_image function, which has a buffer overflow risk. 2019-05-31 not yet calculated CVE-2018-20815
MISC
quest — kace_systems_management_appliance An issue was discovered in Quest KACE Systems Management Appliance before 9.1. The script at /service/kbot_service_notsoap.php is vulnerable to unauthenticated reflected XSS when user-supplied input to the METHOD GET parameter is processed by the web application. Since the application does not properly validate and sanitize this parameter, it is possible to place arbitrary script code into the context of the same page. 2019-05-24 not yet calculated CVE-2019-11604
MISC
FULLDISC
MISC
saet — impianti_speciali_tebe_small_devices The WebApp v04.68 in the supervisor on SAET Impianti Speciali TEBE Small 05.01 build 1137 devices allows remote attackers to execute or include local .php files, as demonstrated by menu=php://filter/convert.base64-encode/resource=index.php to read index.php. 2019-05-31 not yet calculated CVE-2019-9106
MISC
MISC
saet — impianti_speciali_tebe_small_devices The WebApp v04.68 in the supervisor on SAET Impianti Speciali TEBE Small 05.01 build 1137 devices allows remote attackers to make several types of API calls without authentication, as demonstrated by retrieving password hashes via an inc/utils/REST_API.php?command=CallAPI&customurl=alladminusers call. 2019-05-31 not yet calculated CVE-2019-9105
MISC
MISC
sitecore — sitecore Deserialization of Untrusted Data in the anti CSRF module in Sitecore through 9.1 allows an authenticated attacker to execute arbitrary code by sending a serialized .NET object in an HTTP POST parameter. 2019-05-31 not yet calculated CVE-2019-9875
MISC
MISC
MISC
sitecore — sitecore_cms_and_sitecore_xp Deserialization of Untrusted Data in the Sitecore.Security.AntiCSRF (aka anti CSRF) module in Sitecore CMS 7.0 to 7.2 and Sitecore XP 7.5 to 8.2 allows an unauthenticated attacker to execute arbitrary code by sending a serialized .NET object in the HTTP POST parameter __CSRFTOKEN. 2019-05-31 not yet calculated CVE-2019-9874
MISC
MISC
MISC
sitecore — sitecore_rocks The Sitecore Rocks plugin before 2.1.149 for Sitecore allows an unauthenticated threat actor to inject malicious commands and code via the Sitecore Rocks Hard Rocks Service. 2019-05-29 not yet calculated CVE-2019-12440
MISC
MISC
MISC
synacor — zimbra_collaboration_server Synacor Zimbra Collaboration Server 8.x before 8.7.0 has Reflected XSS in admin console. 2019-05-30 not yet calculated CVE-2015-2230
MISC
MISC
the_linux_documentation_project — advanced_bash_scripting_guide The function getopt_simple as described in Advanced Bash Scripting Guide (ISBN 978-1435752184) allows privilege escalation and execution of commands when used in a shell script called, for example, via sudo. 2019-05-31 not yet calculated CVE-2019-9891
MISC
xiaomi — m365_scooter The Xiaomi M365 scooter 2019-02-12 before 1.5.1 allows spoofing of “suddenly accelerate” commands. This occurs because Bluetooth Low Energy commands have no server-side authentication check. Other affected commands include suddenly braking, locking, and unlocking. 2019-05-31 not yet calculated CVE-2019-12500
MISC
xpdf — xpdf There is an out-of-bounds read vulnerability in the function FlateStream::getChar() located at Stream.cc in Xpdf 4.01.01. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure or a denial of service. 2019-06-01 not yet calculated CVE-2019-12515
MISC
zyxel — p-660hn_t1_devices The rpWLANRedirect.asp ASP page is accessible without authentication on ZyXEL P-660HN-T1 V2 (2.00(AAKK.3)) devices. After accessing the page, the admin user’s password can be obtained by viewing the HTML source code, and the interface of the modem can be accessed as admin. 2019-05-31 not yet calculated CVE-2019-6725
BUGTRAQ

Back to top


This product is provided subject to this Notification and this Privacy & Use policy.

SB19-147: Vulnerability Summary for the Week of May 20, 2019

Original release date: May 27, 2019

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High – Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 – 10.0

  • Medium – Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 – 6.9

  • Low – Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 – 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

 

High Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 10.0 CVE-2019-7027
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-23 10.0 CVE-2019-7088
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-23 9.3 CVE-2019-7111
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-23 10.0 CVE-2019-7112
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-23 10.0 CVE-2019-7113
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-23 10.0 CVE-2019-7117
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-23 10.0 CVE-2019-7118
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-23 10.0 CVE-2019-7119
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-23 10.0 CVE-2019-7120
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-23 10.0 CVE-2019-7124
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-23 9.3 CVE-2019-7125
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-23 10.0 CVE-2019-7128
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 9.3 CVE-2019-7759
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 9.3 CVE-2019-7760
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 9.3 CVE-2019-7761
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 10.0 CVE-2019-7762
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 10.0 CVE-2019-7763
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 10.0 CVE-2019-7764
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 10.0 CVE-2019-7765
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 10.0 CVE-2019-7766
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 10.0 CVE-2019-7767
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 10.0 CVE-2019-7768
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 10.0 CVE-2019-7772
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a security bypass vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 10.0 CVE-2019-7779
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 10.0 CVE-2019-7781
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 10.0 CVE-2019-7782
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 10.0 CVE-2019-7783
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a double free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 10.0 CVE-2019-7784
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 9.3 CVE-2019-7786
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 10.0 CVE-2019-7788
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 10.0 CVE-2019-7791
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 10.0 CVE-2019-7792
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 9.3 CVE-2019-7796
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier version, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 9.3 CVE-2019-7797
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 9.3 CVE-2019-7800
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier version, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-22 10.0 CVE-2019-7804
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 10.0 CVE-2019-7805
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 10.0 CVE-2019-7806
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 10.0 CVE-2019-7807
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 10.0 CVE-2019-7808
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 7.1 CVE-2019-7809
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 9.3 CVE-2019-7814
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 9.3 CVE-2019-7817
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 9.3 CVE-2019-7818
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 9.3 CVE-2019-7820
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 7.1 CVE-2019-7821
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 9.3 CVE-2019-7822
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier version, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 7.1 CVE-2019-7823
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 9.3 CVE-2019-7824
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 9.3 CVE-2019-7825
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 9.3 CVE-2019-7827
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 9.3 CVE-2019-7828
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 9.3 CVE-2019-7829
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 9.3 CVE-2019-7830
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 9.3 CVE-2019-7831
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 10.0 CVE-2019-7832
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 10.0 CVE-2019-7833
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 10.0 CVE-2019-7834
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 10.0 CVE-2019-7835
BID
CONFIRM
adobe — bridge_cc Adobe Bridge CC versions 9.0.2 have a heap overflow vulnerability. Successful exploitation could lead to remote code execution. 2019-05-23 10.0 CVE-2019-7130
CONFIRM
adobe — bridge_cc Adobe Bridge CC versions 9.0.2 have an out-of-bounds write vulnerability. Successful exploitation could lead to remote code execution. 2019-05-23 9.3 CVE-2019-7132
CONFIRM
MISC
adobe — flash_player Adobe Flash Player versions 32.0.0.171 and earlier, 32.0.0.171 and earlier, and 32.0.0.171 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 9.3 CVE-2019-7837
BID
REDHAT
CONFIRM
MISC
adobe — indesign Adobe InDesign versions 14.0.1 and below have an unsafe hyperlink processing vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-23 10.0 CVE-2019-7107
CONFIRM
adobe — shockwave_player Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-23 10.0 CVE-2019-7104
CONFIRM
adobe — xd Adobe XD versions 16.0 and earlier have a path traversal vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-23 10.0 CVE-2019-7105
CONFIRM
adobe — xd Adobe XD versions 16.0 and earlier have a path traversal vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-23 10.0 CVE-2019-7106
CONFIRM
atutor — atutor ATutor through 2.2.4 is vulnerable to arbitrary file uploads via the mods/_core/backups/upload.php (aka backup) component. This may result in remote command execution. An attacker can use the instructor account to fully compromise the system using a crafted backup ZIP archive. This will allow for PHP files to be written to the web root, and for code to execute on the remote server. 2019-05-17 9.0 CVE-2019-12170
MISC
MISC
blogifier — blogifier Blogifier 2.3 before 2019-05-11 does not properly restrict APIs, as demonstrated by missing checks for .. in a pathname. 2019-05-22 7.5 CVE-2019-12277
MISC
bmc — patrol_agent By default, BMC PATROL Agent through 11.3.01 uses a static encryption key for encrypting/decrypting user credentials sent over the network to managed PATROL Agent services. If an attacker were able to capture this network traffic, they could decrypt these credentials and use them to execute code or escalate privileges on the network. 2019-05-20 7.5 CVE-2019-8352
MISC
carts.guru — carts_guru The Carts Guru plugin 1.4.5 for WordPress allows Insecure Deserialization via a cartsguru-source cookie to classes/wc-cartsguru-event-handler.php. 2019-05-20 7.5 CVE-2019-12241
MISC
citrix — receiver Citrix Workspace App before 1904 for Windows has Incorrect Access Control. 2019-05-22 7.5 CVE-2019-11634
CONFIRM
MISC
computrols — computrols_building_automation_software Computrols CBAS 18.0.0 has Default Credentials. 2019-05-23 10.0 CVE-2019-10850
MISC
MISC
computrols — computrols_building_automation_software Computrols CBAS 18.0.0 allows Authenticated Command Injection. 2019-05-23 9.0 CVE-2019-10854
MISC
MISC
elabftw — elabftw eLabFTW 1.8.5 is vulnerable to arbitrary file uploads via the /app/controllers/EntityController.php component. This may result in remote command execution. An attacker can use a user account to fully compromise the system using a POST request. This will allow for PHP files to be written to the web root, and for code to execute on the remote server. 2019-05-19 9.0 CVE-2019-12185
MISC
MISC
exponentcms — exponent_cms Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules/help/controllers/helpController.php. 2019-05-23 7.5 CVE-2016-8897
MISC
MISC
exponentcms — exponent_cms Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules/core/controllers/expCatController.php related to change_cats. 2019-05-23 7.5 CVE-2016-8899
MISC
MISC
falco — falco An issue was discovered in Falco through 0.14.0. A missing indicator for insufficient resources allows local users to bypass the detection engine. 2019-05-17 7.2 CVE-2019-8339
CONFIRM
CONFIRM
CONFIRM
MISC
four-faith — f3x24_firmware Four-Faith Wireless Mobile Router F3x24 v1.0 devices allow remote code execution via the Command Shell (aka Administration > Commands) screen. 2019-05-17 9.0 CVE-2019-12168
MISC
fujitsu — paperstream_ip_(twain) In PaperStream IP (TWAIN) 1.42.0.5685 (Service Update 7), the FJTWSVIC service running with SYSTEM privilege processes unauthenticated messages received over the FjtwMkic_Fjicube_32 named pipe. One of these message processing functions attempts to dynamically load the UninOldIS.dll library and executes an exported function named ChangeUninstallString. The default install does not contain this library and therefore if any DLL with that name exists in any directory listed in the PATH variable, it can be used to escalate to SYSTEM level privilege. 2019-05-17 7.2 CVE-2018-16156
MISC
gnu — wget Buffer overflow in GNU Wget 1.20.1 and earlier allows remote attackers to cause a denial-of-service (DoS) or may execute an arbitrary code via unspecified vectors. 2019-05-17 7.5 CVE-2019-5953
MISC
MISC
gohttp_project — gohttp GoHTTP through 2017-07-25 has a GetExtension heap-based buffer overflow via a long extension. 2019-05-17 7.5 CVE-2019-12158
MISC
gohttp_project — gohttp GoHTTP through 2017-07-25 has a sendHeader use-after-free. 2019-05-17 7.5 CVE-2019-12160
MISC
ibm — websphere_application_server IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 160445. 2019-05-17 10.0 CVE-2019-4279
BID
XF
CONFIRM
ibm — websphere_mq IBM WebSphere MQ 8.0.0.0 through 8.0.0.9 and 9.0.0.0 through 9.1.1 could allow a local non privileged user to execute code as an administrator due to incorrect permissions set on MQ installation directories. IBM X-Force ID: 157190. 2019-05-23 7.2 CVE-2019-4078
XF
CONFIRM
intel — converged_security_management_engine_firmware Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE before 3.1.65, 4.0.15 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. 2019-05-17 7.2 CVE-2019-0098
MISC
intel — converged_security_management_engine_firmware Buffer overflow in subsystem in Intel(R) CSME before version 12.0.35 may allow an unauthenticated user to potentially enable escalation of privilege via network access. 2019-05-17 7.5 CVE-2019-0153
MISC
intel — hns2400lp_firmware Buffer overflow vulnerability in system firmware for Intel(R) Xeon(R) Processor D Family, Intel(R) Xeon(R) Scalable Processor, Intel(R) Server Board, Intel(R) Server System and Intel(R) Compute Module may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access. 2019-05-17 7.2 CVE-2019-0119
MISC
intel — unite A logic issue in Intel Unite(R) Client for Android prior to version 4.0 may allow a remote attacker to potentially enable escalation of privilege via network access. 2019-05-17 7.5 CVE-2019-0172
MISC
intel — xeon_bronze_processors_firmware Insufficient access control in silicon reference firmware for Intel(R) Xeon(R) Scalable Processor, Intel(R) Xeon(R) Processor D Family may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access. 2019-05-17 7.2 CVE-2019-0126
MISC
kalkitech — sync3000_firmware Kalki Kalkitech SYNC3000 Substation DCU GPC v2.22.6, 2.23.0, 2.24.0, 3.0.0, 3.1.0, 3.1.16, 3.2.3, 3.2.6, 3.5.0, 3.6.0, and 3.6.1, when WebHMI is not installed, allows an attacker to inject client-side commands or scripts to be executed on the device with privileged access, aka CYB/2019/19561. The attack requires network connectivity to the device and exploits the webserver interface, typically through a browser. 2019-05-22 10.0 CVE-2019-11536
MISC
MISC
lemonldap-ng — lemonldap:: LemonLDAP::NG -2.0.3 has Incorrect Access Control. 2019-05-22 7.5 CVE-2019-12046
MISC
MISC
MISC
MISC
MISC
CONFIRM
CONFIRM
MISC
motorola — cx2_firmware An issue was discovered in scopd on Motorola routers CX2 1.01 and M2 1.01. There is a Use of an Externally Controlled Format String, reachable via TCP port 8010 or UDP port 8080. 2019-05-23 7.5 CVE-2019-12297
MISC
nagios — nagios_xi Nagios XI 5.6.1 allows SQL injection via the username parameter to login.php?forgotpass (aka the reset password form). 2019-05-22 7.5 CVE-2019-12279
MISC
BID
MISC
nginx — njs njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in nxt_utf8_encode in nxt_utf8.c. 2019-05-20 7.5 CVE-2019-12206
MISC
nginx — njs njs through 0.3.1, used in NGINX, has a heap-based buffer over-read in nxt_utf8_decode in nxt/nxt_utf8.c. 2019-05-20 7.5 CVE-2019-12207
MISC
nginx — njs njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in njs_function_native_call in njs/njs_function.c. 2019-05-20 7.5 CVE-2019-12208
MISC
open-emr — openemr An issue was discovered in OpenEMR before 5.0.1 Patch 7. There is SQL Injection in the make_task function in /interface/forms/eye_mag/php/taskman_functions.php via /interface/forms/eye_mag/taskman.php. 2019-05-17 7.5 CVE-2018-17179
MISC
MISC
open-emr — openemr An issue was discovered in OpenEMR before 5.0.1 Patch 7. SQL Injection exists in the SaveAudit function in /portal/lib/paylib.php and the portalAudit function in /portal/lib/appsql.class.php. 2019-05-17 7.5 CVE-2018-17181
MISC
MISC
open-xchange — open-xchange_appsuite OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Insecure Permissions. 2019-05-23 7.5 CVE-2017-17060
MISC
CONFIRM
open-xchange — open-xchange_appsuite Open-Xchange GmbH OX App Suite 7.8.3 is affected by: Incorrect Access Control. 2019-05-23 7.5 CVE-2017-5212
MISC
MISC
CONFIRM
open-xchange — open-xchange_appsuite Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control. 2019-05-22 7.5 CVE-2017-5863
MISC
MISC
CONFIRM
openwrt — luci In OpenWrt LuCI through 0.10, the endpoints admin/status/realtime/bandwidth_status and admin/status/realtime/wireless_status of the web application are affected by a command injection vulnerability. 2019-05-23 7.5 CVE-2019-12272
MISC
MISC
percona — percona_server The Percona Server 5.6.44-85.0-1 packages for Debian and Ubuntu suffered an issue where the server would reset the root password to a blank value upon an upgrade. This was fixed in 5.6.44-85.0-2. 2019-05-23 10.0 CVE-2019-12301
MISC
MISC
schneider-electric — modicon_m340_firmware A CWE-290: Authentication Bypass by Spoofing vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause an elevation of privilege by conducting a brute force attack on Modbus parameters sent to the controller. 2019-05-22 7.5 CVE-2018-7842
MISC
schneider-electric — modicon_m340_firmware A CWE-284: Improper Access Control vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause denial of service or potential code execution by overwriting configuration settings of the controller over Modbus. 2019-05-22 7.5 CVE-2018-7847
MISC
schneider-electric — modicon_premium_firmware A CWE-284: Improper Access Control vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a remote code execution by overwriting configuration settings of the controller over Modbus. 2019-05-22 7.5 CVE-2019-6808
MISC
schneider-electric — u.motion_builder A SQL Injection (CWE-89) vulnerability exists in U.motion Builder software version 1.3.4 which could cause unwanted code execution when an improper set of characters is entered. 2019-05-22 7.5 CVE-2018-7841
MISC
FULLDISC
CONFIRM
sensiolabs — symfony Certain Symfony products are affected by: Incorrect Access Control. This affects Symfony 2.7.30 and Symfony 2.8.23 and Symfony 3.2.10 and Symfony 3.3.3. The type of exploitation is: remote. The component is: Password validator. 2019-05-23 7.5 CVE-2017-11365
MISC
MISC
simplybook — simplybook SimplyBook.me through 2019-05-11 does not properly restrict File Upload which could allow remote code execution. 2019-05-17 7.5 CVE-2019-11887
CONFIRM
virim_project — virim The Virim plugin 0.4 for WordPress allows Insecure Deserialization via s_values, t_values, or c_values in graph.php. 2019-05-20 7.5 CVE-2019-12240
MISC
wolfssl — wolfssl wolfSSL 4.0.0 has a Buffer Overflow in DoPreSharedKeys in tls13.c when a current identity size is greater than a client identity size. An attacker sends a crafted hello client packet over the network to a TLSv1.3 wolfSSL server. The length fields of the packet: record length, client hello length, total extensions length, PSK extension length, total identity length, and identity length contain their maximum value which is 2^16. The identity data field of the PSK extension of the packet contains the attack data, to be stored in the undefined memory (RAM) of the server. The size of the data is about 65 kB. Possibly the attacker can perform a remote code execution attack. 2019-05-23 7.5 CVE-2019-11873
MISC
MISC

Back to top

 

Medium Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . 2019-05-23 5.0 CVE-2019-7061
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . 2019-05-23 4.3 CVE-2019-7109
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . 2019-05-23 4.3 CVE-2019-7110
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . 2019-05-23 5.0 CVE-2019-7114
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . 2019-05-23 5.0 CVE-2019-7115
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . 2019-05-23 5.0 CVE-2019-7116
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . 2019-05-23 5.0 CVE-2019-7121
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . 2019-05-23 5.0 CVE-2019-7122
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . 2019-05-23 5.0 CVE-2019-7123
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . 2019-05-23 4.3 CVE-2019-7127
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . 2019-05-22 4.3 CVE-2019-7140
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . 2019-05-22 4.3 CVE-2019-7141
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . 2019-05-22 5.0 CVE-2019-7142
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . 2019-05-22 6.8 CVE-2019-7143
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . 2019-05-22 4.3 CVE-2019-7144
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-22 4.3 CVE-2019-7145
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier version, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . 2019-05-22 4.3 CVE-2019-7758
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . 2019-05-22 5.0 CVE-2019-7769
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-22 5.0 CVE-2019-7770
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-22 5.0 CVE-2019-7771
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-22 5.0 CVE-2019-7773
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-22 5.0 CVE-2019-7774
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-22 5.0 CVE-2019-7775
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-22 5.0 CVE-2019-7776
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-22 5.0 CVE-2019-7777
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-22 5.0 CVE-2019-7778
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier version, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . 2019-05-22 5.0 CVE-2019-7780
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-22 4.3 CVE-2019-7785
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-22 4.3 CVE-2019-7787
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-22 5.0 CVE-2019-7789
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-22 5.0 CVE-2019-7790
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-22 5.0 CVE-2019-7793
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-22 4.3 CVE-2019-7794
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-22 5.0 CVE-2019-7795
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-22 6.8 CVE-2019-7798
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier version, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-22 4.3 CVE-2019-7799
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-22 4.3 CVE-2019-7801
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-22 4.3 CVE-2019-7802
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-22 4.3 CVE-2019-7803
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . 2019-05-22 4.3 CVE-2019-7810
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-22 5.0 CVE-2019-7811
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-22 5.0 CVE-2019-7812
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-22 5.0 CVE-2019-7813
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-22 6.8 CVE-2019-7826
BID
CONFIRM
MISC
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-22 5.0 CVE-2019-7836
BID
CONFIRM
adobe — acrobat Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-22 5.0 CVE-2019-7841
BID
CONFIRM
adobe — bridge_cc Adobe Bridge CC versions 9.0.2 have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-23 4.3 CVE-2019-7133
CONFIRM
adobe — bridge_cc Adobe Bridge CC versions 9.0.2 have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-23 4.3 CVE-2019-7134
CONFIRM
MISC
adobe — bridge_cc Adobe Bridge CC versions 9.0.2 have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-23 4.3 CVE-2019-7135
CONFIRM
MISC
adobe — bridge_cc Adobe Bridge CC versions 9.0.2 have an use after free vulnerability. Successful exploitation could lead to information disclosure. 2019-05-23 4.3 CVE-2019-7136
CONFIRM
MISC
adobe — bridge_cc Adobe Bridge CC versions 9.0.2 have a memory corruption vulnerability. Successful exploitation could lead to information disclosure. 2019-05-23 4.3 CVE-2019-7137
CONFIRM
MISC
adobe — bridge_cc Adobe Bridge CC versions 9.0.2 have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-23 4.3 CVE-2019-7138
CONFIRM
MISC
adobe — dreamweaver Adobe Dreamweaver versions 19.0 and earlier have an insecure protocol implementation vulnerability. Successful exploitation could lead to sensitive data disclosure if smb request is subject to a relay attack. 2019-05-23 5.0 CVE-2019-7097
CONFIRM
adobe — media_encoder Adobe Media Encoder version 13.0.2 has a use-after-free vulnerability. Successful exploitation could lead to remote code execution. 2019-05-22 6.8 CVE-2019-7842
BID
CONFIRM
MISC
adobe — media_encoder Adobe Media Encoder version 13.0.2 has an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-22 4.3 CVE-2019-7844
BID
CONFIRM
MISC
apache — jspwiki A carefully crafted malicious attachment could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking. 2019-05-20 4.3 CVE-2019-10076
MLIST
BID
CONFIRM
MLIST
apache — jspwiki A carefully crafted InterWiki link could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking. 2019-05-20 4.3 CVE-2019-10077
MLIST
BID
CONFIRM
MLIST
apache — jspwiki A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking. Initial reporting indicated ReferredPagesPlugin, but further analysis showed that multiple plugins were vulnerable. 2019-05-20 4.3 CVE-2019-10078
MLIST
BID
CONFIRM
MLIST
MLIST
MLIST
apache — zookeeper An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. ZooKeeper?s getACL() command doesn?t check any permission when retrieves the ACLs of the requested node and returns all information contained in the ACL Id field as plaintext string. DigestAuthenticationProvider overloads the Id field with the hash value that is used for user authentication. As a consequence, if Digest Authentication is in use, the unsalted hash value will be disclosed by getACL() request for unauthenticated or unprivileged users. 2019-05-23 4.3 CVE-2019-0201
BID
MISC
MLIST
CONFIRM
artifex — ghostscript Artifex Ghostscript 9.22 is affected by: Obtain Information. The impact is: obtain sensitive information. The component is: affected source code file, affected function, affected executable, affected libga (imagemagick used that). The attack vector is: Someone must open a postscript file though ghostscript. Because of imagemagick also use libga, so it was affected as well. 2019-05-23 4.3 CVE-2017-15652
CONFIRM
BID
MISC
atlassian — jira The ManageFilters.jspa resource in Jira before version 7.13.3 and from version 8.0.0 before version 8.1.1 allows remote attackers to enumerate usernames via an incorrect authorisation check. 2019-05-22 5.0 CVE-2019-3401
MISC
atlassian — jira The ConfigurePortalPages.jspa resource in Jira before version 7.13.3 and from version 8.0.0 before version 8.1.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the searchOwnerUserName parameter. 2019-05-22 4.3 CVE-2019-3402
MISC
atlassian — jira The /rest/api/2/user/picker rest resource in Jira before version 7.13.3, from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers to enumerate usernames via an incorrect authorisation check. 2019-05-22 5.0 CVE-2019-3403
MISC
atlassian — jira The CachingResourceDownloadRewriteRule class in Jira before version 7.13.4, and from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers to access files in the Jira webroot under the META-INF directory via a lax path access check. 2019-05-22 5.0 CVE-2019-8442
BID
MISC
atlassian — jira The ViewUpgrades resource in Jira before version 7.13.4, from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers who have obtained access to administrator’s session to access the ViewUpgrades administrative resource without needing to re-authenticate to pass “WebSudo” through an improper access control vulnerability. 2019-05-22 6.8 CVE-2019-8443
BID
MISC
buildbot — buildbot Buildbot before 1.8.2 and 2.x before 2.3.1 accepts a user-submitted authorization token from OAuth and uses it to authenticate a user. If an attacker has a token allowing them to read the user details of a victim, they can login as the victim. 2019-05-23 5.0 CVE-2019-12300
MISC
citrix — netscaler_application_delivery_controller_firmware A Buffer Overflow exists in Citrix NetScaler Gateway 10.5.x before 10.5.70.x, 11.1.x before 11.1.59.10, 12.0.x before 12.0.59.8, and 12.1.x before 12.1.49.23 and Citrix Application Delivery Controller 10.5.x before 10.5.70.x, 11.1.x before 11.1.59.10, 12.0.x before 12.0.59.8, and 12.1.x before 12.1.49.23. 2019-05-22 5.0 CVE-2019-12044
CONFIRM
MISC
commsy — commsy CommSy through 8.6.5 has SQL Injection via the cid parameter. This is fixed in 9.2. 2019-05-22 5.0 CVE-2019-11880
MISC
MISC
computrols — computrols_building_automation_software Computrols CBAS 18.0.0 allows Unauthenticated Reflected Cross-Site Scripting vulnerabilities in the login page and password reset page via the username GET parameter. 2019-05-23 4.3 CVE-2019-10846
MISC
MISC
computrols — computrols_building_automation_software Computrols CBAS 18.0.0 allows unprotected Subversion (SVN) directory / source code disclosure. 2019-05-23 5.0 CVE-2019-10849
MISC
MISC
computrols — computrols_building_automation_software Computrols CBAS 18.0.0 has hard-coded encryption keys. 2019-05-23 4.0 CVE-2019-10851
MISC
MISC
computrols — computrols_building_automation_software Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers&a=start_pulling&id= substring. 2019-05-23 6.5 CVE-2019-10852
MISC
MISC
computrols — computrols_building_automation_software Computrols CBAS 18.0.0 mishandles password hashes. The approach is MD5 with a pw prefix, e.g., if the password is admin, it will calculate the MD5 hash of pwadmin and store it in a MySQL database. 2019-05-23 5.0 CVE-2019-10855
MISC
MISC
create-sd — create_sd CREATE SD official App for Android version 1.0.2 and earlier allows remote attackers to bypass access restriction to lead a user to access an arbitrary website via vulnerable application and conduct phishing attacks. 2019-05-17 5.8 CVE-2019-5955
MISC
MISC
cybozu — garoon Cybozu Garoon 4.0.0 to 4.6.3 allows remote attackers to bypass access restriction to browse unauthorized pages via the application ‘Management of Basic System’. 2019-05-17 4.0 CVE-2019-5930
MISC
MISC
cybozu — garoon Cybozu Garoon 4.0.0 to 4.6.3 allows authenticated attackers to alter the information with privileges invoking the installer via unspecified vectors. 2019-05-17 5.5 CVE-2019-5931
MISC
MISC
cybozu — garoon Cybozu Garoon 4.0.0 to 4.10.0 allows remote authenticated attackers to bypass access restriction to view the Bulletin Board without view privileges via the application ‘Bulletin’. 2019-05-17 4.0 CVE-2019-5933
MISC
MISC
cybozu — garoon SQL injection vulnerability in the Cybozu Garoon 4.0.0 to 4.10.0 allows attacker with administrator rights to execute arbitrary SQL commands via the Log Search function of application ‘logging’. 2019-05-17 6.5 CVE-2019-5934
MISC
MISC
cybozu — garoon Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to bypass access restriction to change user information without access privileges via the Item function of User Information. 2019-05-17 4.0 CVE-2019-5935
MISC
MISC
cybozu — garoon Directory traversal vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to obtain files without access privileges via the application ‘Work Flow’. 2019-05-17 5.5 CVE-2019-5936
MISC
MISC
cybozu — garoon Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to bypass access restriction alter the Report without access privileges via the application ‘Multi Report’. 2019-05-17 4.0 CVE-2019-5941
MISC
MISC
cybozu — garoon Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to bypass access restriction to obtain files without access privileges via the Multiple Files Download function of application ‘Cabinet’. 2019-05-17 4.0 CVE-2019-5942
MISC
MISC
cybozu — garoon Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to bypass access restriction to view the information without view privileges via the application ‘Bulletin’ and the application ‘Cabinet’. 2019-05-17 4.0 CVE-2019-5943
MISC
MISC
cybozu — garoon Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to bypass access restriction alter the contents of application ‘Address’ without modify privileges via the application ‘Address’. 2019-05-17 4.0 CVE-2019-5944
MISC
MISC
cybozu — garoon Cybozu Garoon 4.2.4 to 4.10.1 allow remote attackers to obtain the users’ credential information via the authentication of Cybozu Garoon. 2019-05-17 5.0 CVE-2019-5945
MISC
MISC
cybozu — garoon Open redirect vulnerability in Cybozu Garoon 4.2.4 to 4.10.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the Login Screen. 2019-05-17 5.8 CVE-2019-5946
MISC
MISC
digium — asterisk asterisk 13.10.0 is affected by: denial of service issues in asterisk. The impact is: cause a denial of service (remote). 2019-05-23 5.0 CVE-2016-7550
MISC
dotcms — dotcms dotCMS before 5.1.0 has a path traversal vulnerability exploitable by an administrator to create files. The vulnerability is caused by the insecure extraction of a ZIP archive. 2019-05-23 4.0 CVE-2019-12309
MISC
MISC
eaton — halo_home The Android mobile application Halo Home before 1.11.0 stores OAuth authentication and refresh access tokens in a clear text file. This file persists until the user logs out of the application and reboots the device. This vulnerability can allow an attacker to impersonate the legitimate user by reusing the stored OAuth token, thus allowing them to view and change the user’s personal information stored in the backend cloud service. The attacker would first need to gain physical control of the Android device or compromise it with a malicious app. 2019-05-22 4.3 CVE-2019-5625
MISC
MISC
emerson — liebert_challenger_firmware httpGetSet/httpGet.htm on Emerson Network Power Liebert Challenger 5.1E0.5 devices allows XSS via the statusstr parameter. 2019-05-22 4.3 CVE-2019-12167
BID
MISC
MISC
enigmail — enigmail Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PGP message, an attacker can cause the product to display a “correctly signed” message indication, but display different unauthenticated text. 2019-05-21 5.0 CVE-2019-12269
MISC
MISC
f-secure — psb_workstation_security In the F-Secure installer in F-Secure SAFE for Windows before 17.6, F-Secure Internet Security before 17.6, F-Secure Anti-Virus before 17.6, F-Secure Client Security Standard and Premium before 14.10, F-Secure PSB Workstation Security before 12.01, and F-Secure Computer Protection Standard and Premium before 19.3, a local user can escalate their privileges through a DLL hijacking attack against the installer. The installer writes the file rm.exe to C:\Windows\Temp and then executes it. The rm.exe process then attempts to load several DLLs from its current directory. Non-admin users are able to write to this folder, so an attacker can create a malicious C:\Windows\Temp\OLEACC.dll file. When an admin runs the installer, rm.exe will execute the attacker’s DLL in an elevated security context. 2019-05-17 6.8 CVE-2019-11644
CONFIRM
fasterxml — jackson-databind A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java jar (8.0.14 or earlier) in the classpath, and an attacker can host a crafted MySQL server reachable by the victim, an attacker can send a crafted JSON message that allows them to read arbitrary local files on the server. This occurs because of missing com.mysql.cj.jdbc.admin.MiniAdmin validation. 2019-05-17 5.0 CVE-2019-12086
MISC
MISC
CONFIRM
MLIST
MLIST
MISC
DEBIAN
freedesktop — poppler In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths. 2019-05-23 6.8 CVE-2019-12293
BID
MISC
freedesktop — systemd systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled. 2019-05-17 5.0 CVE-2018-20839
BID
MISC
MISC
MISC
freeimage_project — freeimage When FreeImage 3.18.0 reads a tiff file, it will be handed to the Load function of the PluginTIFF.cpp file, but a memcpy occurs in which the destination address and the size of the copied data are not considered, resulting in a heap overflow. 2019-05-20 5.0 CVE-2019-12211
MISC
freeimage_project — freeimage When FreeImage 3.18.0 reads a special JXR file, the StreamCalcIFDSize function of JXRMeta.c repeatedly calls itself due to improper processing of the file, eventually causing stack exhaustion. An attacker can achieve a remote denial of service attack by sending a specially constructed file. 2019-05-20 5.0 CVE-2019-12212
MISC
freeimage_project — freeimage When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp always returns 1, leading to stack exhaustion. 2019-05-20 4.3 CVE-2019-12213
MISC
freeimage_project — freeimage In FreeImage 3.18.0, an out-of-bounds access occurs because of mishandling of the OpenJPEG j2k_read_ppm_v3 function in j2k.c. The value of l_N_ppm comes from the file read in, and the code does not consider that l_N_ppm may be greater than the size of p_header_data. 2019-05-20 5.0 CVE-2019-12214
MISC
gatship — web_module GAT-Ship Web Module through 1.30 allows remote attackers to obtain potentially sensitive information via {} in a ws/gatshipWs.asmx/SqlVersion request. 2019-05-17 5.0 CVE-2019-12163
MISC
FULLDISC
MISC
get-simple — getsimple_cms An issue was discovered in GetSimple CMS through 3.3.15. insufficient input sanitation in the theme-edit.php file allows upload of files with arbitrary content (PHP code, for example). This vulnerability is triggered by an authenticated user; however, authentication can be bypassed. According to the official documentation for installation step 10, an admin is required to upload all the files, including the .htaccess files, and run a health check. However, what is overlooked is that the Apache HTTP Server by default no longer enables the AllowOverride directive, leading to data/users/admin.xml password exposure. The passwords are hashed but this can be bypassed by starting with the data/other/authorization.xml API key. This allows one to target the session state, since they decided to roll their own implementation. The cookie_name is crafted information that can be leaked from the frontend (site name and version). If a someone leaks the API key and the admin username, then they can bypass authentication. To do so, they need to supply a cookie based on an SHA-1 computation of this known information. The vulnerability exists in the admin/theme-edit.php file. This file checks for forms submissions via POST requests, and for the csrf nonce. If the nonce sent is correct, then the file provided by the user is uploaded. There is a path traversal allowing write access outside the jailed themes directory root. Exploiting the traversal is not necessary because the .htaccess file is ignored. A contributing factor is that there isn’t another check on the extension before saving the file, with the assumption that the parameter content is safe. This allows the creation of web accessible and executable files with arbitrary content. 2019-05-22 5.0 CVE-2019-11231
MISC
MISC
gitlab — gitlab GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1 have CRLF Injection in Project Mirroring when using the Git protocol. 2019-05-17 5.0 CVE-2018-19585
MISC
MISC
gitlab — gitlab An insecure permissions issue was discovered in GitLab Community and Enterprise Edition 9.4 and later but before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. The runner registration token in the CI/CD settings could not be reset. This was a security risk if one of the maintainers leaves the group and they know the token. 2019-05-17 5.0 CVE-2018-20500
MISC
MISC
gitlab — gitlab An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition 6.0 and later but before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. The issue comments feature could allow a user to comment on an issue which they shouldn’t be allowed to. 2019-05-17 6.4 CVE-2019-5883
MISC
gitlab — gitlab An Improper Input Validation issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It was possible to use the profile name to inject a potentially malicious link into notification emails. 2019-05-17 5.0 CVE-2019-6781
MISC
MISC
gitlab — gitlab An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. The GitLab API allowed project Maintainers and Owners to view the trigger tokens of other project users. 2019-05-17 4.0 CVE-2019-6787
MISC
MISC
gitlab — gitlab An Incorrect Access Control (issue 2 of 3) issue was discovered in GitLab Community and Enterprise Edition 8.14 and later but before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. Guest users were able to view the list of a group’s merge requests. 2019-05-17 4.0 CVE-2019-6790
MISC
MISC
gitlab — gitlab An information disclosure issue was discovered in GitLab Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. The GitHub token used in CI/CD for External Repos was being leaked to project maintainers in the UI. 2019-05-17 5.0 CVE-2019-6797
MISC
MISC
gitlab — gitlab An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition 11.7.x before 11.7.4. GitLab Releases were vulnerable to an authorization issue that allowed users to view confidential issue and merge request titles of other projects. 2019-05-17 6.4 CVE-2019-7353
MISC
MISC
gnu — gcc stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against. 2019-05-22 6.8 CVE-2018-12886
CONFIRM
MISC
gohttp_project — gohttp GoHTTP through 2017-07-25 has a stack-based buffer over-read in the scan function (when called from getRequestType) via a long URL. 2019-05-17 5.0 CVE-2019-12159
MISC
gohttp_project — gohttp In GoHttp through 2017-07-25, there is a stack-based buffer over-read via a long User-Agent header. 2019-05-20 5.0 CVE-2019-12198
MISC
golang — crypto A message-forgery issue was discovered in crypto/openpgp/clearsign/clearsign.go in supplementary Go cryptography libraries 2019-03-25. According to the OpenPGP Message Format specification in RFC 4880 chapter 7, a cleartext signed message can contain one or more optional “Hash” Armor Headers. The “Hash” Armor Header specifies the message digest algorithm(s) used for the signature. However, the Go clearsign package ignores the value of this header, which allows an attacker to spoof it. Consequently, an attacker can lead a victim to believe the signature was generated using a different message digest algorithm than what was actually used. Moreover, since the library skips Armor Header parsing in general, an attacker can not only embed arbitrary Armor Headers, but also prepend arbitrary text to cleartext messages without invalidating the signatures. 2019-05-22 4.3 CVE-2019-11841
MISC
MISC
MISC
MISC
google — chrome Incorrect inheritance of a new document’s policy in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. 2019-05-23 4.3 CVE-2019-5799
MISC
MISC
google — chrome Insufficient policy enforcement in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. 2019-05-23 4.3 CVE-2019-5800
MISC
MISC
google — chrome Incorrect eliding of URLs in Omnibox in Google Chrome on iOS prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. 2019-05-23 4.3 CVE-2019-5801
MISC
MISC
google — chrome Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. 2019-05-23 4.3 CVE-2019-5803
MISC
MISC
ibm — api_connect IBM API Connect 5.0.0.0, and 5.0.8.6 could could return sensitive information that could provide critical information as to the underlying software stack in CMC UI headers. IBM X-Force ID: 154284. 2019-05-22 4.0 CVE-2018-1991
XF
CONFIRM
ibm — bigfix_platform IBM BigFix Platform 9.2 and 9.5 could allow a low-privilege user to manipulate the UI into exposing interface elements and information normally restricted to administrators. IBM X-Force ID: 156570. 2019-05-20 4.0 CVE-2019-4058
XF
CONFIRM
ibm — cloud_private IBM Cloud Private Kubernetes API server 2.1.0, 3.1.0, 3.1.1, and 3.1.2 can be used as an HTTP proxy to not only cluster internal but also external target IP addresses. IBM X-Force ID: 158145. 2019-05-17 5.0 CVE-2019-4119
CONFIRM
XF
identityserver — identityserver4 IdentityServer IdentityServer4 through 2.4 has stored XSS via the httpContext to the host/Extensions/RequestLoggerMiddleware.cs LogForErrorContext method, which can be triggered by viewing a log. 2019-05-21 4.3 CVE-2019-12250
MISC
intel — active_management_technology Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. 2019-05-17 4.6 CVE-2019-0092
MISC
intel — active_management_technology Out of bound write vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an authenticated user to potentially enable escalation of privilege via adjacent network access. 2019-05-17 5.2 CVE-2019-0096
MISC
intel — acu_wizard Improper directory permissions in Intel(R) ACU Wizard version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access. 2019-05-17 4.6 CVE-2019-0138
MISC
intel — converged_security_management_engine_firmware Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access. 2019-05-17 4.6 CVE-2019-0086
MISC
intel — converged_security_management_engine_firmware Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access. 2019-05-17 4.6 CVE-2019-0170
MISC
intel — nuc_kit_firmware Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access. 2019-05-17 4.6 CVE-2019-11094
MISC
intel — proset/wireless_wifi Improper directory permissions in the installer for Intel(R) PROSet/Wireless WiFi Software version 20.100 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access. 2019-05-17 4.6 CVE-2018-3701
BID
CONFIRM
MISC
intel — scs_discovery_utility Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access. 2019-05-17 4.6 CVE-2019-11093
MISC
intel — unite Data Corruption in Intel Unite(R) Client before version 3.3.176.13 may allow an unauthenticated user to potentially cause a denial of service via network access. 2019-05-17 5.0 CVE-2019-0132
BID
MISC
jenkins — credentials Jenkins Credentials Plugin 2.1.18 and earlier allowed users with permission to create or update credentials to confirm the existence of files on the Jenkins master with an attacker-specified path, and obtain the certificate content of files containing a PKCS#12 certificate. 2019-05-21 4.0 CVE-2019-10320
FULLDISC
MLIST
MISC
jenkins — pluggable_authentication_module A missing permission check in Jenkins PAM Authentication Plugin 1.5 and earlier, except 1.4.1 in PamSecurityRealm.DescriptorImpl#doTest allowed users with Overall/Read permission to obtain limited information about the file /etc/shadow and the user Jenkins is running as. 2019-05-21 4.0 CVE-2019-10319
MLIST
MISC
joomla — joomla! An issue was discovered in Joomla! before 3.9.6. The debug views of com_users do not properly escape user supplied data, which leads to a potential XSS attack vector. 2019-05-20 4.3 CVE-2019-11809
MISC
jreast — jr_east_japan JR East Japan train operation information push notification App for Android version 1.2.4 and earlier allows remote attackers to bypass access restriction to obtain or alter the user’s registered information via unspecified vectors. 2019-05-17 6.4 CVE-2019-5954
MISC
MISC
kentico — kentico Kentico 11 through 12 lets attackers upload and explore files without authentication via the cmsmodules/medialibrary/formcontrols/liveselectors/insertimageormedia/tabs_media.aspx URI. 2019-05-22 6.4 CVE-2019-12102
MISC
MISC
MISC
leanify_project — leanify Leanify 0.4.3 allows remote attackers to trigger an out-of-bounds write (1024 bytes) via a modified input file. 2019-05-23 4.3 CVE-2019-12298
MISC
libav — libav In libavcodec in Libav 9.21, ff_h264_execute_ref_pic_marking() has a heap-based buffer over-read. 2019-05-22 4.3 CVE-2017-5984
MISC
MISC
libsdl — sdl2_image An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a heap-based buffer overflow in the SDL2_image function IMG_LoadPCX_RW at IMG_pcx.c. 2019-05-20 4.3 CVE-2019-12216
MISC
libsdl — sdl2_image An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL stdio_read function in file/SDL_rwops.c. 2019-05-20 4.3 CVE-2019-12217
MISC
libsdl — sdl2_image An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL2_image function IMG_LoadPCX_RW at IMG_pcx.c. 2019-05-20 4.3 CVE-2019-12218
MISC
libsdl — sdl2_image An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is an invalid free error in the SDL function SDL_SetError_REAL at SDL_error.c. 2019-05-20 6.8 CVE-2019-12219
MISC
libsdl — sdl2_image An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is an out-of-bounds read in the SDL function SDL_FreePalette_REAL at video/SDL_pixels.c. 2019-05-20 4.3 CVE-2019-12220
MISC
libsdl — sdl2_image An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a SEGV in the SDL function SDL_free_REAL at stdlib/SDL_malloc.c. 2019-05-20 4.3 CVE-2019-12221
MISC
libsdl — simple_directmedia_layer An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9. There is an out-of-bounds read in the function SDL_InvalidateMap at video/SDL_pixels.c. 2019-05-20 4.3 CVE-2019-12222
MISC
linux — linux_kernel In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. This is similar to CVE-2013-4343. 2019-05-17 4.9 CVE-2018-7191
BID
MISC
MISC
MISC
MISC
MISC
MISC
MISC
macdown_project — macdown MacDown 0.7.1 (870) allows remote code execution via a file:\\\ URI, with a .app pathname, in the HREF attribute of an A element. This is different from CVE-2019-12138. 2019-05-17 6.8 CVE-2019-12173
MISC
matomo — matomo ** DISPUTED ** A full path disclosure vulnerability was discovered in Matomo v3.9.1 where a user can trigger a particular error to discover the full path of Matomo on the disk, because lastError.file is used in plugins/CorePluginsAdmin/templates/safemode.twig. NOTE: the vendor disputes the significance of this issue, stating “avoid reporting path disclosures, as we don’t consider them as security vulnerabilities.” 2019-05-20 4.0 CVE-2019-12215
MISC
mylittleforum — my_little_forum my little forum before 2.4.20 allows CSRF to delete posts, as demonstrated by mode=posting&delete_posting. 2019-05-21 5.8 CVE-2019-12253
MISC
MISC
odoo — odoo Odoo Version <= 8.0-20160726 and Version 9 is affected by: CWE-601: Open redirection. The impact is: obtain sensitive information (remote). 2019-05-22 5.8 CVE-2017-5871
MISC
MISC
open-emr — openemr An issue was discovered in OpenEMR before 5.0.1 Patch 7. Directory Traversal exists via docid=../ to /portal/lib/download_template.php. 2019-05-17 5.0 CVE-2018-17180
MISC
MISC
open-xchange — open-xchange_appsuite Open-Xchange GmbH OX App Suite 7.8.4 and earlier is affected by: SSRF. 2019-05-23 4.0 CVE-2017-15029
MISC
MISC
CONFIRM
open-xchange — open-xchange_appsuite Open-Xchange GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS). 2019-05-23 4.3 CVE-2017-15030
MISC
MISC
CONFIRM
open-xchange — open-xchange_appsuite Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Information Exposure. 2019-05-23 5.0 CVE-2017-5210
MISC
MISC
CONFIRM
open-xchange — open-xchange_appsuite Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Content Spoofing. 2019-05-23 5.0 CVE-2017-5211
MISC
MISC
CONFIRM
open-xchange — open-xchange_appsuite Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Cross Site Scripting (XSS). 2019-05-23 4.3 CVE-2017-5213
MISC
MISC
CONFIRM
open-xchange — open-xchange_appsuite Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Cross Site Scripting (XSS). 2019-05-22 4.3 CVE-2017-5864
MISC
MISC
CONFIRM
open-xchange — open-xchange_appsuite Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control. 2019-05-22 6.5 CVE-2017-6912
MISC
MISC
CONFIRM
open-xchange — open-xchange_appsuite Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control. 2019-05-22 6.5 CVE-2017-8340
MISC
MISC
CONFIRM
open-xchange — open-xchange_appsuite Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Content Spoofing. 2019-05-22 5.0 CVE-2017-8341
MISC
MISC
CONFIRM
open-xchange — open-xchange_appsuite OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS). 2019-05-22 4.3 CVE-2017-9808
MISC
CONFIRM
open-xchange — open-xchange_appsuite OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Information Exposure. 2019-05-22 5.0 CVE-2017-9809
MISC
CONFIRM
open-xchange — ox_cloud Open-Xchange GmbH OX Cloud Plugins 1.4.0 and earlier is affected by: Missing Authorization. 2019-05-22 6.5 CVE-2017-8777
MISC
CONFIRM
otrs — otrs An issue was discovered in Open Ticket Request System (OTRS) 5.x through 5.0.34, 6.x through 6.0.17, and 7.x through 7.0.6. An attacker who is logged into OTRS as an agent user with appropriate permissions may try to import carefully crafted Report Statistics XML that will result in reading of arbitrary files on the OTRS filesystem. 2019-05-21 4.0 CVE-2019-9892
CONFIRM
MISC
pfsense — pfsense Incorrect access control in the WebUI in OPNsense before version 19.1.8, and pfsense before 2.4.4-p3 allows remote authenticated users to escalate privileges to administrator via a specially crafted request. 2019-05-20 6.5 CVE-2019-11816
CONFIRM
CONFIRM
projectsend — projectsend CSV Injection was discovered in ProjectSend before r1053, affecting victims who import the data into Microsoft Excel. 2019-05-22 6.8 CVE-2018-7201
MISC
projectsend — projectsend An issue was discovered in ProjectSend before r1053. XSS exists in the “Name” field on the My Account page. 2019-05-22 4.3 CVE-2018-7202
MISC
qemu — qemu interface_release_resource in hw/display/qxl.c in QEMU 4.0.0 has a NULL pointer dereference. 2019-05-24 5.0 CVE-2019-12155
CONFIRM
MISC
qemu — qemu QEMU 3.0.0 has an Integer Overflow because the qga/commands*.c files do not check the length of the argument list or the number of environment variables. 2019-05-22 5.0 CVE-2019-12247
BID
MISC
MISC
redhat — libvirt A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the virtlockd and virtlogd daemons. 2019-05-22 6.5 CVE-2019-10132
REDHAT
REDHAT
CONFIRM
FEDORA
MISC
schneider-electric — 140cra312xxx_firmware CWE-119: Buffer errors vulnerability exists in Modicon M580 with firmware prior to V2.50, Modicon M340 with firmware prior to V3.01, BMxCRA312xx with firmware prior to V2.40, All firmware versions of Modicon Premium and 140CRA312xxx when sending a specially crafted Modbus packet, which could cause a denial of service to the device that would force a restart to restore availability. 2019-05-22 6.8 CVE-2018-7851
MISC
schneider-electric — atv_imc_drive_controller_firmware A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a modification of device IP configuration (IP address, network mask and gateway IP address) when a specific Ethernet frame is received in all versions of: Modicon M100, Modicon M200, Modicon M221, ATV IMC drive controller, Modicon M241, Modicon M251, Modicon M258, Modicon LMC058, Modicon LMC078, PacDrive Eco ,PacDrive Pro, PacDrive Pro2 2019-05-22 6.4 CVE-2019-6820
MISC
schneider-electric — bmx-nor-0200h_firmware A CWE-798 use of hardcoded credentials vulnerability exists in BMX-NOR-0200H with firmware versions prior to V1.7 IR 19 which could cause a confidentiality issue when using FTP protocol. 2019-05-22 4.0 CVE-2019-6812
MISC
schneider-electric — modicon_m340_firmware A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause denial of service when reading memory blocks with an invalid data size or with an invalid data offset in the controller over Modbus. 2019-05-22 5.0 CVE-2018-7843
MISC
schneider-electric — modicon_m340_firmware A CWE-200: Information Exposure vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause the disclosure of SNMP information when reading memory blocks from the controller over Modbus. 2019-05-22 5.0 CVE-2018-7844
MISC
schneider-electric — modicon_m340_firmware A CWE-125: Out-of-bounds Read vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause the disclosure of unexpected data from the controller when reading specific memory blocks in the controller over Modbus. 2019-05-22 5.0 CVE-2018-7845
MISC
schneider-electric — modicon_m340_firmware A CWE-501: Trust Boundary Violation vulnerability on connection to the Controller exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium which could cause unauthorized access by conducting a brute force attack on Modbus protocol to the controller. 2019-05-22 5.0 CVE-2018-7846
MISC
schneider-electric — modicon_m340_firmware A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium which could cause a possible Denial of Service due to improper data integrity check when sending files the controller over Modbus. 2019-05-22 5.0 CVE-2018-7849
MISC
schneider-electric — modicon_m340_firmware A CWE-807: Reliance on Untrusted Inputs in a Security Decision vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause invalid information displayed in Unity Pro software. 2019-05-22 5.0 CVE-2018-7850
MISC
schneider-electric — modicon_m340_firmware A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause denial of service when an invalid private command parameter is sent to the controller over Modbus. 2019-05-22 5.0 CVE-2018-7852
MISC
schneider-electric — modicon_m340_firmware CWE-330: Use of Insufficiently Random Values vulnerability, which could cause the hijacking of the TCP connection when using Ethernet communication in Modicon M580 firmware versions prior to V2.30, and all firmware versions of Modicon M340, Modicon Premium, Modicon Quantum. 2019-05-22 5.0 CVE-2019-6821
MISC
schneider-electric — modicon_premium_firmware A CWE-200: Information Exposure vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause the disclosure of SNMP information when reading files from the controller over Modbus 2019-05-22 5.0 CVE-2018-7848
MISC
schneider-electric — modicon_premium_firmware A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause denial of service when reading invalid physical memory blocks in the controller over Modbus 2019-05-22 5.0 CVE-2018-7853
MISC
schneider-electric — modicon_premium_firmware A CWE-248 Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a denial of Service when sending invalid debug parameters to the controller over Modbus. 2019-05-22 5.0 CVE-2018-7854
MISC
schneider-electric — modicon_premium_firmware A CWE-248 Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a Denial of Service when sending invalid breakpoint parameters to the controller over Modbus 2019-05-22 5.0 CVE-2018-7855
MISC
schneider-electric — modicon_premium_firmware A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a possible denial of Service when writing invalid memory blocks to the controller over Modbus. 2019-05-22 5.0 CVE-2018-7856
MISC
schneider-electric — modicon_premium_firmware A CWE-200: Information Exposure vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause the disclosure of SNMP information when reading variables in the controller using Modbus. 2019-05-22 5.0 CVE-2019-6806
MISC
schneider-electric — modicon_premium_firmware A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a possible denial of service when writing sensitive application variables to the controller over Modbus. 2019-05-22 5.0 CVE-2019-6807
MISC
schneider-electric — modicon_premium_firmware A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a possible Denial of Service when specific Modbus frames are sent to the controller in the products: Modicon M340 – firmware versions prior to V3.01, Modicon M580 – firmware versions prior to V2.80, All firmware versions of Modicon Quantum and Modicon Premium. 2019-05-22 5.0 CVE-2019-6819
MISC
schneider-electric — modicon_quantum_firmware In Modicon Quantum all firmware versions, CWE-264: Permissions, Privileges, and Access Control vulnerabilities could cause a denial of service or unauthorized modifications of the PLC configuration when using Ethernet/IP protocol. 2019-05-22 6.4 CVE-2019-6815
MISC
schneider-electric — modicon_quantum_firmware In Modicon Quantum all firmware versions, a CWE-94: Code Injection vulnerability could cause an unauthorized firmware modification with possible Denial of Service when using Modbus protocol. 2019-05-22 6.4 CVE-2019-6816
MISC
schneider-electric — somachine_basic An Environment (CWE-2) vulnerability exists in SoMachine Basic, all versions, and Modicon M221(all references, all versions prior to firmware V1.10.0.0) which could cause cycle time impact when flooding the M221 ethernet interface while the Ethernet/IP adapter is activated. 2019-05-22 5.0 CVE-2018-7821
MISC
schneider-electric — somachine_basic A Environment (CWE-2) vulnerability exists in SoMachine Basic, all versions, and Modicon M221(all references, all versions prior to firmware V1.10.0.0) which could cause remote launch of SoMachine Basic when sending crafted ethernet message. 2019-05-22 5.0 CVE-2018-7823
MISC
schneider-electric — triconex_tristation_emulator A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex TriStation Emulator V1.2.0, which could cause the emulator to crash when sending a specially crafted packet. The emulator is used infrequently for application logic testing. It is susceptible to an attack only while running in off-line mode. This vulnerability does not exist in Triconex hardware products and therefore has no effect on the operating safety functions in a plant. 2019-05-22 4.3 CVE-2018-7803
MISC
schneider-electric — tsxetg100_firmware A CWE-79 Cross-Site Scripting vulnerability exists in all versions of the TSXETG100 allowing an attacker to send a specially crafted URL with an embedded script to a user that would then be executed within the context of that user. 2019-05-22 4.3 CVE-2018-7834
MISC
soumu — electronic_reception_and_examination_of_application_for_radio_licenses Untrusted search path vulnerability in Installer of Electronic reception and examination of application for radio licenses Online 1.0.9.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. 2019-05-17 6.8 CVE-2019-5957
MISC
MISC
soumu — electronic_reception_and_examination_of_application_for_radio_licenses Untrusted search path vulnerability in Electronic reception and examination of application for radio licenses Offline 1.0.9.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. 2019-05-17 6.8 CVE-2019-5958
MISC
MISC
typora — typora Typora 0.9.9.21.1 (1913) allows arbitrary code execution via a modified file: URL syntax in the HREF attribute of an AREA element, as demonstrated by file:\\\ on macOS or Linux, or file://C| on Windows. This is different from CVE-2019-12137. 2019-05-17 6.8 CVE-2019-12172
MISC
ucms_project — ucms sadmin/ceditpost.php in UCMS 1.4.7 allows SQL Injection via the index.php?do=sadmin_ceditpost cvalue parameter. 2019-05-21 6.5 CVE-2019-12251
MISC
valvesoftware — steam In Valve Steam 1528829181 BETA, it is possible to perform a homograph / homoglyph attack to create fake URLs in the client, which may trick users into visiting unintended web sites. 2019-05-20 5.8 CVE-2018-12270
MISC
vtiger — vtiger_crm SQL injection vulnerability in Vtiger CRM before 7.1.0 hotfix3 allows authenticated users to execute arbitrary SQL commands. 2019-05-17 6.5 CVE-2019-11057
MLIST
MISC
webpagetest — webpagetest WPO WebPageTest 19.04 allows SSRF because ValidateURL in www/runtest.php does not consider octal encoding of IP addresses (such as 0300.0250 as a replacement for 192.168). 2019-05-17 4.0 CVE-2019-12161
MISC
westermo — dr-250_firmware XSS exists in the /cmdexec/cmdexe?cmd= function in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers. 2019-05-23 4.3 CVE-2018-19614
MISC
MISC
wireshark — wireshark In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could crash. This was addressed in epan/packet.c by restricting the number of layers and consequently limiting recursion. 2019-05-23 5.0 CVE-2019-12295
MISC
MISC
MISC
wordpress — wordpress WordPress 4.7.2 mishandles listings of post authors, which allows remote attackers to obtain sensitive information (Path Disclosure) via a /wp-json/oembed/1.0/embed?url= request, related to the “author_name”:” substring. 2019-05-22 5.0 CVE-2017-6514
BID
MISC
MISC
wpbookingsystem — wp_booking_system The WP Booking System plugin 1.5.1 for WordPress has no CSRF protection, which allows attackers to reach certain SQL injection issues that require administrative access. 2019-05-20 6.5 CVE-2019-12239
MISC
MISC
wso2 — api_manager An issue was discovered in WSO2 API Manager 2.6.0. It is possible for a logged-in user to upload, as API documentation, any type of file by changing the extension to an allowed one. 2019-05-21 5.5 CVE-2019-6513
MISC
MISC
zohocorp — manageengine_applications_manager An issue was discovered in ZOHO ManageEngine Applications Manager 12.3. It is possible for an unauthenticated user to view the list of domain names and usernames used in a company’s network environment via a userconfiguration.do?method=editUser request. 2019-05-23 5.0 CVE-2017-11557
MISC
MISC
MISC
MISC
zohocorp — manageengine_applications_manager In Zoho ManageEngine Application Manager 13.1 Build 13100, the ‘haid’ parameter of the ‘/auditLogAction.do’ module is vulnerable to a Time-based Blind SQL Injection attack. 2019-05-23 6.8 CVE-2017-11738
MISC
MISC
MISC
zohocorp — manageengine_applications_manager In Zoho ManageEngine Application Manager 13.1 Build 13100, an authenticated user, with administrative privileges, has the ability to add a widget on any dashboard. This widget can be a “Utility Widget” with a “Custom HTML or Text” field. Once this widget is created, it will be loaded on the dashboard where it was added. An attacker can abuse this functionality by creating a “Utility Widget” that contains malicious JavaScript code, aka XSS. 2019-05-23 4.3 CVE-2017-11739
MISC
MISC
zohocorp — manageengine_applications_manager In Zoho ManageEngine Application Manager 13.1 Build 13100, the administrative user has the ability to upload files/binaries that can be executed upon the occurrence of an alarm. An attacker can abuse this functionality by uploading a malicious script that can be executed on the remote system. 2019-05-23 6.8 CVE-2017-11740
MISC
MISC
zohocorp — manageengine_opmanager An issue was discovered in ZOHO ManageEngine OpManager 12.2. The ‘apiKey’ parameter of “/api/json/admin/getmailserversettings” and “/api/json/dashboard/gotoverviewlist” is vulnerable to a Blind SQL Injection attack. 2019-05-23 5.0 CVE-2017-11559
MISC
MISC
MISC
zohocorp — manageengine_opmanager An issue was discovered in ZOHO ManageEngine OpManager 12.2. An authenticated user can upload any file they want to share in the “Group Chat” or “Alarm” section. This functionality can be abused by a malicious user by uploading a web shell. 2019-05-23 4.0 CVE-2017-11561
MISC
MISC
MISC
zohocorp — manageengine_servicedesk_plus An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SearchN.do search field. 2019-05-21 4.3 CVE-2019-12189
MISC
MISC
MISC
zohocorp — manageengine_servicedesk_plus In Zoho ManageEngine ServiceDesk Plus through 10.5, users with the lowest privileges (guest) can view an arbitrary post by appending its number to the SDNotify.do?notifyModule=Solution&mode=E-Mail&notifyTo=SOLFORWARD&id= substring. 2019-05-21 4.0 CVE-2019-12252
MISC
BID
MISC
MISC

Back to top

 

Low Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
boostio — boostnote There is XSS in browser/components/MarkdownPreview.js in BoostIO Boostnote 0.11.15 via a label named flowchart, sequence, gallery, or chart, as demonstrated by a crafted SRC attribute of an IFRAME element, a different vulnerability than CVE-2019-12136. 2019-05-19 3.5 CVE-2019-12184
MISC
centos-webpanel — centos_web_panel XSS was discovered in CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.747 via the testacc/fileManager2.php fm_current_dir or filename parameter. 2019-05-21 3.5 CVE-2019-12190
MISC
ibm — bigfix_platform IBM BigFix Platform 9.2 and 9.5 stores potentially sensitive information in process memory that could be read by a local attacker with elevated permissions. IBM X-Force ID: 155007 2019-05-20 2.1 CVE-2018-2005
XF
CONFIRM
ibm — bigfix_platform IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 155885. 2019-05-20 3.5 CVE-2019-4011
XF
CONFIRM
ibm — websphere_mq IBM WebSphere MQ 8.0.0.0 through 8.0.0.9 and 9.0.0.0 through 9.1.1 could allow a local attacker to cause a denial of service within the error log reporting system. IBM X-Force ID: 156163. 2019-05-23 2.1 CVE-2019-4039
XF
CONFIRM
intel — active_management_technology Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable denial of service via adjacent network access. 2019-05-17 3.3 CVE-2019-0094
MISC
intel — atom_230_firmware Insufficient key protection vulnerability in silicon reference firmware for Intel(R) Pentium(R) Processor J Series, Intel(R) Pentium(R) Processor N Series, Intel(R) Celeron(R) J Series, Intel(R) Celeron(R) N Series, Intel(R) Atom(R) Processor A Series, Intel(R) Atom(R) Processor E3900 Series, Intel(R) Pentium(R) Processor Silver Series may allow a privileged user to potentially enable denial of service via local access. 2019-05-17 2.1 CVE-2019-0120
MISC
intel — driver_&_support_assistant Insufficient access control in Intel(R) Driver & Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable information disclosure via local access. 2019-05-17 2.1 CVE-2019-11095
CONFIRM
MISC
intel — driver_&_support_assistant Insufficient input validation in Intel(R) Driver & Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable denial of service via local access. 2019-05-17 2.1 CVE-2019-11114
MISC
intel — graphics_driver Insufficient bounds checking in Intel(R) Graphics Drivers before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable a denial of service via local access. 2019-05-17 2.1 CVE-2019-0113
BID
MISC
intel — graphics_driver A race condition in Intel(R) Graphics Drivers before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable a denial of service via local access. 2019-05-17 1.9 CVE-2019-0114
BID
MISC
intel — graphics_driver Insufficient input validation in KMD module for Intel(R) Graphics Driver before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable denial of service via local access. 2019-05-17 2.1 CVE-2019-0115
BID
MISC
intel — graphics_driver An out of bound read in KMD module for Intel(R) Graphics Driver before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow a privileged user to potentially enable denial of service via local access. 2019-05-17 2.1 CVE-2019-0116
BID
MISC
open-xchange — open-xchange_appsuite OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS). 2019-05-23 3.5 CVE-2017-13668
MISC
CONFIRM
open-xchange — open-xchange_appsuite OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS). 2019-05-23 3.5 CVE-2017-17061
MISC
CONFIRM
otrs — otrs An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6, Community Edition 6.0.x through 6.0.17, and OTRSAppointmentCalendar 5.0.x through 5.0.12. An attacker who is logged into OTRS as an agent with appropriate permissions may create a carefully crafted calendar appointment in order to cause execution of JavaScript in the context of OTRS. 2019-05-21 3.5 CVE-2019-10066
CONFIRM
otrs — otrs An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6 and Community Edition 5.0.x through 5.0.35 and 6.0.x through 6.0.17. An attacker who is logged into OTRS as an agent user with appropriate permissions may manipulate the URL to cause execution of JavaScript in the context of OTRS. 2019-05-21 3.5 CVE-2019-10067
CONFIRM
ovirt — cockpit-ovirt During HE deployment via cockpit-ovirt, cockpit-ovirt generates an ansible variable file `/var/lib/ovirt-hosted-engine-setup/cockpit/ansibleVarFileXXXXXX.var` which contains the admin and the appliance passwords as plain-text. At the of the deployment procedure, these files are deleted. 2019-05-17 2.1 CVE-2019-10139
BID
CONFIRM
schneider-electric — somachine_basic An Incorrect Default Permissions (CWE-276) vulnerability exists in SoMachine Basic, all versions, and Modicon M221(all references, all versions prior to firmware V1.10.0.0) which could cause unauthorized access to SoMachine Basic resource files when logged on the system hosting SoMachine Basic. 2019-05-22 2.1 CVE-2018-7822
MISC
zohocorp — manageengine_opmanager An issue was discovered in ZOHO ManageEngine OpManager 12.2. By adding a Google Map to the application, an authenticated user can upload an HTML file. This HTML file is then rendered in various locations of the application. JavaScript inside the uploaded HTML is also interpreted by the application. Thus, an attacker can inject a malicious JavaScript payload inside the HTML file and upload it to the application. 2019-05-23 3.5 CVE-2017-11560
MISC
MISC
MISC

Back to top

 

Severity Not Yet Assigned

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7023
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7046
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7029
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7047
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7048
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7049
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7050
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7051
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7052
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7053
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7054
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7056
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7044
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7057
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7024
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a buffer errors vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7085
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7062
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an integer overflow vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7030
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7031
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7064
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7065
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7066
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7045
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7043
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7068
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7019
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7022
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7021
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a buffer errors vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7020
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7063
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7025
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7026
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7028
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7060
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7059
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a data leakage (sensitive) vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7089
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7084
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7042
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7034
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7035
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7036
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7037
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7038
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7039
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7040
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a security bypass vulnerability. Successful exploitation could lead to privilege escalation. 2019-05-24 not yet calculated CVE-2019-7041
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7067
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7058
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7083
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7086
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7055
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7033
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7032
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7082
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7081
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a double free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7080
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7079
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7075
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7077
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7087
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7078
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7076
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7074
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7073
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7072
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7071
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7070
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7069
CONFIRM
adobe — acrobat_and_reader
 
Adobe Acrobat and Reader versions 2019.010.20091 and earlier, 2019.010.20091 and earlier, 2017.011.30120 and earlier version, and 2015.006.30475 and earlier have a data leakage (sensitive) vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7815
CONFIRM
adobe — acrobat_and_reader
 
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2019-05-24 not yet calculated CVE-2019-7018
CONFIRM
adobe — coldfusion ColdFusion versions Update 1 and earlier, Update 7 and earlier, and Update 15 and earlier have a cross site scripting vulnerability. Successful exploitation could lead to information disclosure . 2019-05-24 not yet calculated CVE-2019-7092
CONFIRM
adobe — coldfusion
 
ColdFusion versions Update 1 and earlier, Update 7 and earlier, and Update 15 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-24 not yet calculated CVE-2019-7091
CONFIRM
adobe — coldfusion
 
ColdFusion versions Update 2 and earlier, Update 9 and earlier, and Update 17 and earlier have a file upload restriction bypass vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-24 not yet calculated CVE-2019-7816
CONFIRM
adobe — creative_cloud_desktop_application
 
Creative Cloud Desktop Application (installer) versions 4.7.0.400 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation. 2019-05-24 not yet calculated CVE-2019-7093
CONFIRM
adobe — digital_editions
 
Adobe Digital Editions versions 4.5.10.185749 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-24 not yet calculated CVE-2019-7095
CONFIRM
adobe — flash_player Flash Player Desktop Runtime versions 32.0.0.114 and earlier, Flash Player for Google Chrome versions 32.0.0.114 and earlier, and Flash Player for Microsoft Edge and Internet Explorer 11 versions 32.0.0.114 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2019-05-24 not yet calculated CVE-2019-7090
CONFIRM
adobe — flash_player
 
Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . 2019-05-23 not yet calculated CVE-2019-7108
CONFIRM
adobe — flash_player
 
Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-23 not yet calculated CVE-2019-7096
CONFIRM
adobe — photoshop_cc
 
Adobe Photoshop CC 19.1.7 and earlier, and 20.0.2 and earlier have a heap corruption vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-24 not yet calculated CVE-2019-7094
CONFIRM
adobe — shockwave_player Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-23 not yet calculated CVE-2019-7101
CONFIRM
adobe — shockwave_player Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-23 not yet calculated CVE-2019-7102
CONFIRM
adobe — shockwave_player Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-23 not yet calculated CVE-2019-7103
CONFIRM
adobe — shockwave_player Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-23 not yet calculated CVE-2019-7100
CONFIRM
adobe — shockwave_player Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-23 not yet calculated CVE-2019-7098
CONFIRM
adobe — shockwave_player Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-05-23 not yet calculated CVE-2019-7099
CONFIRM
ampache — ampache Ampache 3.8.3 allows PHP Object Instantiation via democratic.ajax.php and democratic.class.php. 2019-05-24 not yet calculated CVE-2017-18375
MISC
b2evolution — b2evolution b2evolution 6.7.6 suffer from an Object Injection vulnerability in /htsrv/call_plugin.php. 2019-05-23 not yet calculated CVE-2016-8901
MISC
MISC
MISC
belavier_commerce — abantecart
 
AbanteCart 1.2.8 allows SQL Injection via the source_language parameter to admin/controller/pages/localisation/language.php and core/lib/language_manager.php, or via POST data to admin/controller/pages/tool/backup.php and admin/model/tool/backup.php. 2019-05-24 not yet calculated CVE-2016-10755
MISC
MISC
bitdefender — bitdefender_engines An issue was discovered in Bitdefender Engines before 7.76675. A vulnerability has been discovered in the rar.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. Paired with other vulnerabilities, this can result in denial-of-service. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. 2019-05-24 not yet calculated CVE-2018-18059
MISC
MISC
bitdefender — bitdefender_engines An issue was discovered in Bitdefender Engines before 7.76808. A vulnerability has been discovered in the dalvik.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. Paired with other vulnerabilities, this can result in denial-of-service. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. 2019-05-24 not yet calculated CVE-2018-18060
MISC
MISC
bitdefender — bitdefender_engines An issue was discovered in Bitdefender Engines before 7.76662. A vulnerability has been discovered in the iso.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a division-by-zero circumstance. Paired with other vulnerabilities, this can result in denial-of-service. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. 2019-05-24 not yet calculated CVE-2018-18058
MISC
MISC
blue_prism — robotic_process_automation
 
In AutomateAppCore.dll in Blue Prism Robotic Process Automation 6.4.0.8445, a vulnerability in access control can be exploited to escalate privileges. The vulnerability allows for abusing the application for fraud or unauthorized access to certain information. The attack requires a valid user account to connect to the Blue Prism server, but the roles associated to this account are not required to have any permissions. First of all, the application files are modified to grant full permissions on the client side. In a test environment (or his own instance of the software) an attacker is able to grant himself full privileges also on the server side. He can then, for instance, create a process with malicious behavior and export it to disk. With the modified client, it is possible to import the exported file as a release and overwrite any existing process in the database. Eventually, the bots execute the malicious process. The server does not check the user’s permissions for the aforementioned actions, such that a modification of the client software enables this kind of attack. Possible scenarios may involve changing bank accounts or setting passwords. 2019-05-24 not yet calculated CVE-2019-11875
MISC
MISC
bluecats — bluecats_reveal_for_ios The iOS mobile application BlueCats Reveal before 5.14 stores the username and password in the app cache as base64 encoded strings, i.e. clear text. These persist in the cache even if the user logs out. This can allow an attacker to compromise the affected BlueCats network implementation. The attacker would first need to gain physical control of the iOS device or compromise it with a malicious app. 2019-05-22 not yet calculated CVE-2019-5627
MISC
MISC
bluecats — bluecats_reveal
 
The Android mobile application BlueCats Reveal before 3.0.19 stores the username and password in a clear text file. This file persists until the user logs out or the session times out from non-usage (30 days of no user activity). This can allow an attacker to compromise the affected BlueCats network implementation. The attacker would first need to gain physical control of the Android device or compromise it with a malicious app. 2019-05-22 not yet calculated CVE-2019-5626
MISC
MISC
cloudera — cloudera_manager
 
An issue was discovered in Cloudera Manager before 5.13.4, 5.14.x before 5.14.4, and 5.15.x before 5.15.1. A read-only user can access sensitive cluster information. 2019-05-24 not yet calculated CVE-2018-10815
MISC
CONFIRM
computrols — computrols_building_automation_software Computrols CBAS 18.0.0 allows Authentication Bypass. 2019-05-23 not yet calculated CVE-2019-10853
MISC
MISC
computrols — computrols_building_automation_software Computrols CBAS 18.0.0 allows Username Enumeration. 2019-05-24 not yet calculated CVE-2019-10848
MISC
MISC
computrols — computrols_building_automation_software Computrols CBAS 18.0.0 allows Cross-Site Request Forgery. 2019-05-24 not yet calculated CVE-2019-10847
MISC
MISC
comsenz — discuz!
 
The database backup feature in upload/source/admincp/admincp_db.php in Discuz! 2.5 and 3.4 allows remote attackers to execute arbitrary PHP code. 2019-05-22 not yet calculated CVE-2018-14729
MISC
MISC
MISC
MISC
deltek — maconomy
 
Deltek Maconomy 2.2.5 is prone to local file inclusion via absolute path traversal in the WS.macx1.W_MCS/ PATH_INFO, as demonstrated by a cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS//etc/passwd URI. 2019-05-24 not yet calculated CVE-2019-12314
MISC
docker — docker
 
In Docker through 18.06.1-ce-rc2, the API endpoints behind the ‘docker cp’ command are vulnerable to a symlink-exchange attack with Directory Traversal, giving attackers arbitrary read-write access to the host filesystem with root privileges, because daemon/archive.go does not do archive operations on a frozen filesystem (or from within a chroot). 2019-05-23 not yet calculated CVE-2018-15664
MISC
MISC
dollar_shave_club — shave
 
XSS exists in Shave before 2.5.3 because output encoding is mishandled during the overwrite of an HTML element. 2019-05-24 not yet calculated CVE-2019-12313
MISC
MISC
MISC
doxygen — doxygen
 
Insufficient sanitization of the query parameter in templates/html/search_opensearch.php could lead to reflected cross-site scripting or iframe injection. 2019-05-24 not yet calculated CVE-2016-10245
MISC
MISC
MISC
e107 — e107
 
e107 2.1.2 allows PHP Object Injection with resultant SQL injection, because usersettings.php uses unserialize without an HMAC. 2019-05-24 not yet calculated CVE-2016-10753
MISC
MISC
eventum — eventum
 
An issue was discovered in Eventum 3.5.0. /htdocs/post_note.php has XSS via the garlic_prefix parameter. 2019-05-24 not yet calculated CVE-2018-12624
MISC
CONFIRM
exponent_cms — exponent_cms Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules/core/controllers/expTagController.php related to change_tags. 2019-05-24 not yet calculated CVE-2016-8900
MISC
MISC
exponent_cms — exponent_cms Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules/ecommerce/controllers/cartController.php. 2019-05-24 not yet calculated CVE-2016-8898
MISC
MISC
freeradius_server_project — freeradius
 
It was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privileges to root, by tricking logrotate into writing a radiusd-writable file to a directory normally inaccessible by the radiusd user. 2019-05-24 not yet calculated CVE-2019-10143
CONFIRM
CONFIRM
google — chrome Incorrect command line processing in Chrome in Google Chrome prior to 73.0.3683.75 allowed a local attacker to perform domain spoofing via a crafted domain name. 2019-05-23 not yet calculated CVE-2019-5804
MISC
MISC
google — chrome Incorrect handling of download origins in Navigation in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. 2019-05-23 not yet calculated CVE-2019-5802
MISC
MISC
google — chrome An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. 2019-05-23 not yet calculated CVE-2019-5788
MISC
MISC
google — chrome Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file. 2019-05-23 not yet calculated CVE-2019-5795
MISC
MISC
google — chrome An integer overflow leading to an incorrect capacity of a buffer in JavaScript in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. 2019-05-23 not yet calculated CVE-2019-5790
MISC
MISC
google — chrome An integer overflow that leads to a use-after-free in WebMIDI in Google Chrome on Windows prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. 2019-05-23 not yet calculated CVE-2019-5789
MISC
MISC
google — chrome Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. 2019-05-23 not yet calculated CVE-2019-5798
MISC
MISC
DEBIAN
google — chrome Incorrect handling of cancelled requests in Navigation in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. 2019-05-23 not yet calculated CVE-2019-5794
MISC
MISC
google — chrome Insufficient policy enforcement in extensions in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to initiate the extensions installation user interface via a crafted HTML page. 2019-05-23 not yet calculated CVE-2019-5793
MISC
MISC
google — chrome Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file. 2019-05-23 not yet calculated CVE-2019-5792
MISC
MISC
google — chrome Inappropriate optimization in V8 in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. 2019-05-23 not yet calculated CVE-2019-5791
MISC
MISC
google — chrome Data race in extensions guest view in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2019-05-23 not yet calculated CVE-2019-5796
MISC
MISC
google — chrome
 
Use-after-garbage-collection in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2019-05-23 not yet calculated CVE-2019-5787
MISC
MISC
hazelcast — hazelcast
 
In Hazelcast before 3.11, the cluster join procedure is vulnerable to remote code execution via Java deserialization. If an attacker can reach a listening Hazelcast instance with a crafted JoinRequest, and vulnerable classes exist in the classpath, the attacker can run arbitrary code. 2019-05-22 not yet calculated CVE-2016-10750
MISC
MISC
heidelberg — prinect_archiver A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Heidelberg Prinect Archiver v2013 release 1.0. 2019-05-24 not yet calculated CVE-2019-10685
MISC
MISC
ibm — storwize_v7000
 
IBM Storwize V7000 Unified (2073) 1.6 configuration may allow an attacker to reveal the server version in default installation, which could be used in further attacks against the system. IBM X-Force ID: 160699. 2019-05-20 not yet calculated CVE-2019-4293
BID
XF
CONFIRM
intel — active_management_technology
 
Insufficient input validation vulnerability in subsystem for Intel(R) AMT before version 12.0.35 may allow a privileged user to potentially enable denial of service via network access. 2019-05-17 not yet calculated CVE-2019-0097
MISC
intel — converged_security_and_management_engine_and_server_platform_services Insufficient access control vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow unauthenticated user to potentially enable escalation of privilege via physical access. 2019-05-17 not yet calculated CVE-2019-0090
MISC
intel — csme_and_server_platform_services
 
Insufficient data sanitization vulnerability in HECI subsystem for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow a privileged user to potentially enable information disclosure via local access. 2019-05-17 not yet calculated CVE-2019-0093
MISC
intel — csme_and_txe
 
Code injection vulnerability in installer for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access. 2019-05-17 not yet calculated CVE-2019-0091
MISC
intel — i915_graphics_for_linux Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable escalation of privilege via local access. 2019-05-17 not yet calculated CVE-2019-11085
CONFIRM
MISC
intel — quartus_software
 
Improper directory permissions in the installer for Intel(R) Quartus(R) software may allow an authenticated user to potentially enable escalation of privilege via local access. 2019-05-17 not yet calculated CVE-2019-0171
CONFIRM
MISC
intel — server_platform_services
 
Insufficient access control vulnerability in subsystem in Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. 2019-05-17 not yet calculated CVE-2019-0099
MISC
intel — server_platform_services
 
Improper data sanitization vulnerability in subsystem in Intel(R) SPS before versions SPS_E5_04.00.04.381.0, SPS_E3_04.01.04.054.0, SPS_SoC-A_04.00.04.181.0, and SPS_SoC-X_04.00.04.086.0 may allow a privileged user to potentially enable escalation of privilege via local access. 2019-05-17 not yet calculated CVE-2019-0089
MISC
karamasoft — ultimateeditor
 
Karamasoft UltimateEditor 1 does not ensure that an uploaded file is an image or document (neither file types nor extensions are restricted). The attacker must use the Attach icon to perform an upload. An uploaded file is accessible under the UltimateEditorInclude/UserFiles/ URI. 2019-05-24 not yet calculated CVE-2019-12150
MISC
MISC
kliqqi — kliqqi Kliqqi 3.0.0.5 allows CSRF with resultant Arbitrary File Upload because module.php?module=upload can be used to configure the uploading of .php files, and then modules/upload/upload_main.php can be used for the upload itself. 2019-05-24 not yet calculated CVE-2016-10756
MISC
MISC
libreswan_project — libreswan
 
In Libreswan before 3.28, an assertion failure can lead to a pluto IKE daemon restart. An attacker can trigger a NULL pointer dereference by sending two IKEv2 packets (init_IKE and delete_IKE) in 3des_cbc mode to a Libreswan server. This affects send_v2N_spi_response_from_state in programs/pluto/ikev2_send.c when built with Network Security Services (NSS). 2019-05-24 not yet calculated CVE-2019-12312
MISC
MISC
MISC
medienhaus_gersoene — phpkit PHPKIT 1.6.6 allows arbitrary File Upload, as demonstrated by a .php file to pkinc/admin/mediaarchive.php and pkinc/func/default.php via the image_name parameter. 2019-05-24 not yet calculated CVE-2016-10758
MISC
MISC
mitsubishi_electric — melsec-q_series_ethernet_module
 
In Mitsubishi Electric MELSEC-Q series Ethernet module QJ71E71-100 serial number 20121 and prior, an attacker could send crafted TCP packets against the FTP service, forcing the target devices to enter an error mode and cause a denial-of-service condition. 2019-05-23 not yet calculated CVE-2019-10977
BID
MISC
mlm_software — multiple_products SQL injection exists in ADD Clicking MLM Software 1.0, Binary MLM Software 1.0, Level MLM Software 1.0, Singleleg MLM Software 1.0, Autopool MLM Software 1.0, Investment MLM Software 1.0, Bidding MLM Software 1.0, Moneyorder MLM Software 1.0, Repurchase MLM Software 1.0, and Gift MLM Software 1.0 via the member/readmsg.php msg_id parameter, the member/tree.php pid parameter, or the member/downline.php m_id parameter. 2019-05-24 not yet calculated CVE-2018-17843
MISC
MISC
open-xchange — ox_app_suite
 
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: SSRF. 2019-05-23 not yet calculated CVE-2017-13667
MISC
CONFIRM
opentext — brava!_enterprise_and_brava!_server
 
OpenText Brava! Enterprise and Brava! Server 7.5 through 16.4 configure excessive permissions by default on Windows. During installation, a displaylistcache file share is created on the Windows server with full read and write permissions for the Everyone group at both the NTFS and Share levels. The share is used to retrieve documents for processing, and to store processed documents for display in the browser. The only required share level access is read/write by the JobProcessor service account. At the local filesystem level, the only additional required permissions would be read/write from the servlet engine, such as Tomcat. (The affected server components are not installed with Content Server by default, and must be installed separately.) NOTE: the vendor’s position is that customers are not supposed to use this default setting without consulting the documentation. 2019-05-21 not yet calculated CVE-2019-12270
MISC
oracle — enterprise_manager_products_suite
 
Vulnerability in the Enterprise Manager Ops Center component of Oracle Enterprise Manager Products Suite (subcomponent: Services Integration). The supported version that is affected is 12.3.3. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Enterprise Manager Ops Center. While the vulnerability is in Enterprise Manager Ops Center, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Enterprise Manager Ops Center. CVSS 3.0 Base Score 6.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H). 2019-05-24 not yet calculated CVE-2019-2726
MISC
osclass — osclass
 
osClass 3.6.1 allows oc-admin/plugins.php Directory Traversal via the plugin parameter. This is exploitable for remote PHP code execution because an administrator can upload an image that contains PHP code in the EXIF data via index.php?page=ajax&action=ajax_upload. 2019-05-24 not yet calculated CVE-2016-10751
MISC
MISC
panda_security — multiple_products
 
Insecure permissions of the section object Global\PandaDevicesAgentSharedMemory and the event Global\PandaDevicesAgentSharedMemoryChange in Panda products before 18.07.03 allow attackers to queue an event (as an encrypted JSON string) to the system service AgentSvc.exe, which leads to privilege escalation when the CmdLineExecute event is queued. This affects Panda Antivirus, Panda Antivirus Pro, Panda Dome, Panda Global Protection, Panda Gold Protection, and Panda Internet Security. 2019-05-23 not yet calculated CVE-2019-12042
MISC
MISC
CONFIRM
precurio_software_company — precurio
 
The Xinha plugin in Precurio 2.1 allows Directory Traversal, with resultant arbitrary code execution, via ExtendedFileManager/Classes/ExtendedFileManager.php because ExtendedFileManager can be used to rename the .htaccess file that blocks .php uploads. 2019-05-24 not yet calculated CVE-2016-10759
MISC
MISC
prestashop — prestashop
 
In PrestaShop 1.7.5.2, the shop_country parameter in the install/index.php installation script/component is affected by Reflected XSS. Exploitation by a malicious actor requires the user to follow the initial stages of the setup (accepting terms and conditions) before executing the malicious link. 2019-05-24 not yet calculated CVE-2019-11876
MISC
MISC
qualcomm — multiple_products Processing messages after error may result in user after free memory fault in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, SM7150 2019-05-24 not yet calculated CVE-2018-13899
CONFIRM
qualcomm — multiple_products Signature verification of the skel library could potentially be disabled as the memory region on the remote subsystem in which the library is loaded is allocated from userspace currently in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24 2019-05-24 not yet calculated CVE-2018-11967
CONFIRM
qualcomm — multiple_products Error in parsing PMT table frees the memory allocated for the map section but does not reset the context map section reference causing heap use after free issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130 2019-05-24 not yet calculated CVE-2018-13925
CONFIRM
qualcomm — multiple_products Use-after-free condition due to Improper handling of hrtimers when the PMU driver tries to access its events in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 712 / SD 710 / SD 670, SD 820A, SD 845 / SD 850, SD 855, SDM439, SDM630, SDM660, SDX24 2019-05-24 not yet calculated CVE-2018-13920
CONFIRM
qualcomm — multiple_products Improper check before assigning value can lead to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA4020, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9980, QCN5502, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX20, SDX24, SM7150, Snapdragon_High_Med_2016, SXR1130 2019-05-24 not yet calculated CVE-2018-11968
CONFIRM
qualcomm — multiple_products Due to the missing permissions on several content providers of the RCS app in its android manifest file will lead to an unprivileged access to phone in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20 2019-05-24 not yet calculated CVE-2018-13895
CONFIRM
qualcomm — multiple_products ECDSA signature code leaks private keys from secure world to non-secure world in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA8081, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130 2019-05-24 not yet calculated CVE-2018-11976
CONFIRM
qualcomm — multiple_products An unprivileged user can issue a binder call and cause a system halt in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, SM7150 2019-05-24 not yet calculated CVE-2018-12005
CONFIRM
qualcomm — multiple_products Unchecked OTA field in GNSS XTRA3 lead to integer overflow and then buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, SM7150, Snapdragon_High_Med_2016, SXR1130 2019-05-24 not yet calculated CVE-2018-13886
CONFIRM
qualcomm — multiple_products While processing ssid IE length from remote AP, possible out-of-bounds access may occur due to crafted ssid IE length in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 650/52, SD 820, SD 820A, SDM439, SDX20 2019-05-24 not yet calculated CVE-2018-11953
CONFIRM
qualcomm — multiple_products Improper authentication in locked memory region can lead to unprivilged access to the memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MDM9655, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 636, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM630, SDM660, SXR1130 2019-05-24 not yet calculated CVE-2018-12013
CONFIRM
qualcomm — multiple_products While updating blacklisting region shared buffered memory region is not validated against newly updated black list, causing boot-up to be compromised in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MDM9655, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SD 8CX, SXR1130 2019-05-24 not yet calculated CVE-2018-12012
CONFIRM
qualcomm — multiple_products Secure keypad is unlocked with secure display still intact in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MDM9655, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 636, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM630, SDM660, SXR1130 2019-05-24 not yet calculated CVE-2018-12004
CONFIRM
qualcomm — multiple_products Untrusted header fields in GNSS XTRA3 function can lead to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8909W, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, SM7150, SXR1130 2019-05-24 not yet calculated CVE-2018-13887
CONFIRM
qualcomm — multiple_products Failure to initialize the extra buffer can lead to an out of buffer access in WLAN function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24 2019-05-24 not yet calculated CVE-2018-11949
CONFIRM
qualcomm — multiple_products Possible memory overread may be lead to access of sensitive data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9650, MDM9655, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, SM7150, SXR1130 2019-05-24 not yet calculated CVE-2018-13885
CONFIRM
qualcomm — multiple_products Kernel can write to arbitrary memory address passed by user while freeing/stopping a thread in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCS605, SD 675, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SM7150, SXR1130 2019-05-24 not yet calculated CVE-2019-2250
CONFIRM
qualcomm — multiple_products Possibility of double free issue while running multiple instances of smp2p test because of proper protection is missing while using global variable in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24 2019-05-24 not yet calculated CVE-2019-2247
CONFIRM
qualcomm — multiple_products Buffer overflow can occur if invalid header tries to overwrite the existing buffer which fix size allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 820, SD 820A, SD 845 / SD 850, SDM439, SDM660, SDX20 2019-05-24 not yet calculated CVE-2019-2248
CONFIRM
qualcomm — multiple_products Lack of check on length parameter may cause buffer overflow while processing WMI commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCS605, SD 210/SD 212/SD 205, SD 425, SD 600, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX20, SDX24, SM7150, SXR1130 2019-05-24 not yet calculated CVE-2018-11928
CONFIRM
qualcomm — multiple_products Lack of input validation before copying can lead to a buffer over read in WLAN function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24, SM7150 2019-05-24 not yet calculated CVE-2018-11937
CONFIRM
qualcomm — multiple_products Improper buffer length check before copying can lead to integer overflow and then a buffer overflow in WMA event handler in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24 2019-05-24 not yet calculated CVE-2018-11923
CONFIRM
qualcomm — multiple_products Possible integer underflow can happen when calculating length of elementary stream map from invalid packet length which is later used to read from input buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SM7150, Snapdragon_High_Med_2016 2019-05-24 not yet calculated CVE-2019-2245
CONFIRM
qualcomm — multiple_products Lack of check in length before using memcpy in WLAN function can lead to OOB access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS605, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24, SXR1130 2019-05-24 not yet calculated CVE-2018-11940
CONFIRM
qualcomm — multiple_products Improper buffer length validation in WLAN function can lead to a potential integer oveflow issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24, SM7150 2019-05-24 not yet calculated CVE-2018-11924
CONFIRM
qualcomm — multiple_products Data length received from firmware is not validated against the max allowed size which can result in buffer overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24 2019-05-24 not yet calculated CVE-2018-11925
CONFIRM
qualcomm — multiple_products Improper input validation on input which is used as an array index will lead to an out of bounds issue while processing AP find event from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 625, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 845 / SD 850, SD 855, SDX20, SDX24, SM7150 2019-05-24 not yet calculated CVE-2018-11927
CONFIRM
qualcomm — multiple_products Improper input validation on input data which is used to locate and copy the additional IEs in WLAN function can lead to potential integer truncation issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS605, Qualcomm 215, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, SM7150 2019-05-24 not yet calculated CVE-2018-11930
CONFIRM
qualcomm — multiple_products Index of array is processed in a wrong way inside a while loop and result in invalid index (-1 or something else) leads to out of bound memory access. in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9379, QCA9886, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 820, SD 820A, SD 835, SDX20, SDX24, Snapdragon_High_Med_2016 2019-05-24 not yet calculated CVE-2018-11936
CONFIRM
qualcomm — multiple_products
 
Improper authentication can happen on Remote command handling due to inappropriate handling of events in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SM7150, Snapdragon_High_Med_2016, SXR1130 2019-05-24 not yet calculated CVE-2018-11271
CONFIRM
qualcomm — multiple_products
 
Possible integer underflow can happen when calculating length of elementary stream info from invalid section length which is later used to read from input buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearable in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016 2019-05-24 not yet calculated CVE-2019-2244
CONFIRM
quest — kace_systems_management_appliance
 
An issue was discovered in Quest KACE Systems Management Appliance before 9.1. The script at /service/kbot_service_notsoap.php is vulnerable to unauthenticated reflected XSS when user-supplied input to the METHOD GET parameter is processed by the web application. Since the application does not properly validate and sanitize this parameter, it is possible to place arbitrary script code into the context of the same page. 2019-05-24 not yet calculated CVE-2019-11604
MISC
FULLDISC
MISC
redaxo — redaxo
 
In Redaxo 5.2.0, the cron management of the admin panel suffers from CSRF that leads to arbitrary Remote Code Execution via addons/cronjob/lib/types/phpcode.php. 2019-05-24 not yet calculated CVE-2016-10757
MISC
MISC
s9y — serendipity
 
serendipity_moveMediaDirectory in Serendipity 2.0.3 allows remote attackers to upload and execute arbitrary PHP code because it mishandles an extensionless filename during a rename, as demonstrated by “php” as a filename. 2019-05-24 not yet calculated CVE-2016-10752
MISC
MISC
samsung — scx-824_printers
 
Samsung SCX-824 printers allow a reflected Cross-Site-Scripting (XSS) vulnerability that can be triggered by using the “print from file” feature, as demonstrated by the sws/swsAlert.sws?popupid=successMsg msg parameter. 2019-05-24 not yet calculated CVE-2019-12315
MISC
schneider_electric — modbus_serial_driver An Externally Controlled Reference to a Resource (CWE-610) vulnerability exists in Schneider Electric Modbus Serial Driver (For 64-bit Windows OS:V3.17 IE 37 and prior , For 32-bit Windows OS:V2.17 IE 27 and prior, and as part of the Driver Suite version:V14.12 and prior) which could allow write access to system files available only to users with SYSTEM privilege or other important user files. 2019-05-22 not yet calculated CVE-2018-7824
CONFIRM
schneider_electric — modicon_quantum A CWE-255 Credentials Management vulnerability exists in Modicon Quantum with firmware versions prior to V2.40. which could cause a Denial Of Service when using a Telnet connection. 2019-05-22 not yet calculated CVE-2018-7788
MISC
schneider_electric — multiple_modicon_controllers A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a possible Denial of Service when writing out of bounds variables to the controller over Modbus. 2019-05-22 not yet calculated CVE-2018-7857
MISC
schneider_electric — pelco_endura_net55xx_encoder
 
An Improper Access Control: CWE-284 vulnerability exists in the NET55XX Encoder with firmware prior to version 2.1.9.7 which could cause impact to confidentiality, integrity, and availability when a remote attacker crafts a malicious request to the encoder webUI. 2019-05-22 not yet calculated CVE-2019-6814
MISC
schneider_electric — pelco_sarix_enhanced_camera A Permissions, Privileges, and Access Control vulnerability exists in the web-based GUI of the 1st Gen Pelco Sarix Enhanced Camera that could allow a remote attacker to delete an arbitrary file. 2019-05-22 not yet calculated CVE-2018-7816
MISC
schneider_electric — pelco_sarix_enhanced_camera A Command Injection vulnerability exists in the web-based GUI of the 1st Gen PelcoSarix Enhanced Camera that could allow a remote attacker to execute arbitrary commands. 2019-05-22 not yet calculated CVE-2018-7825
MISC
schneider_electric — pelco_sarix_enhanced_camera A Command Injection vulnerability exists in the web-based GUI of the 1st Gen Pelco Sarix Enhanced Camera that could allow a remote attacker to execute arbitrary commands. 2019-05-22 not yet calculated CVE-2018-7826
MISC
schneider_electric — pelco_sarix_enhanced_camera_and_spectra_enhanced_ptz_camera A Cross-Site Scripting (XSS) vulnerability exists in the 1st Gen. Pelco Sarix Enhanced Camera and Spectra Enhanced PTZ Camera which a remote attacker can execute arbitrary HTML and script code in a user?s browser session. 2019-05-22 not yet calculated CVE-2018-7827
MISC
schneider_electric — pelco_sarix_enhanced_camera_and_spectra_enhanced_ptz_camera A Cross-Site Request Forgery (CSRF) vulnerability exists in the 1st Gen. Pelco Sarix Enhanced Camera and Spectra Enhanced PTZ Camera when an authenticated user clicks a specially crafted malicious link while logged into the camera. 2019-05-22 not yet calculated CVE-2018-7828
MISC
schneider_electric — pelco_sarix_enhanced_camera_and_spectra_enhanced_ptz_camera An Improper Neutralization of Special Elements in Query vulnerability exists in the 1st Gen. Pelco Sarix Enhanced Camera and Spectra Enhanced PTZ Camera which allows an attacker to execute arbitrary system commands. 2019-05-22 not yet calculated CVE-2018-7829
MISC
schneider_electric — pelco_videoxpert_opscenter A Uncontrolled Search Path Element (CWE-427) vulnerability exists in VideoXpert OpsCenter versions prior to 3.1 which could allow an attacker to cause the system to call an incorrect DLL. 2019-05-22 not yet calculated CVE-2018-7840
MISC
tp-link — tl-wr840n_devices
 
TP-Link TL-WR840N v5 00000005 devices allow XSS via the network name. The attacker must log into the router by breaking the password and going to the admin login page by THC-HYDRA to get the network name. With an XSS payload, the network name changed automatically and the internet connection was disconnected. All the users become disconnected from the internet. 2019-05-24 not yet calculated CVE-2019-12195
MISC
MISC
vstarcam — 100t_c7824wip_and_200v_c38s_devices An issue was discovered in upgrade_firmware.cgi on VStarcam 100T (C7824WIP) CH-sys-48.53.75.119~123 and 200V (C38S) CH-sys-48.53.203.119~123 devices. A remote command can be executed through a system firmware update without authentication. The attacker can modify the files within the internal firmware or even steal account information by executing a command. 2019-05-23 not yet calculated CVE-2019-12289
MISC
vstarcam — 100t_c7824wip_and_200v_c38s_devices
 
An issue was discovered in upgrade_htmls.cgi on VStarcam 100T (C7824WIP) KR75.8.53.20 and 200V (C38S) KR203.18.1.20 devices. The web service, network, and account files can be manipulated through a web UI firmware update without any authentication. The attacker can achieve access to the device through a manipulated web UI firmware update. 2019-05-23 not yet calculated CVE-2019-12288
MISC
vtiger — vtiger_crm
 
modules/Calendar/Activity.php in Vtiger CRM 6.5.0 allows SQL injection via the contactidlist parameter. 2019-05-24 not yet calculated CVE-2016-10754
MISC
MISC
webm_project — libwebp In libwebp 0.5.1, there is a double free bug in libwebpmux. 2019-05-23 not yet calculated CVE-2016-9969
MISC
westermo — dr-250_pre-5162_and_dr-260_pre-5162_routers Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allow CSRF. 2019-05-24 not yet calculated CVE-2018-19613
MISC
MISC
westermo — dr-250_pre-5162_and_dr-260_pre-5162_routers The /uploadfile? functionality in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allows remote users to upload malicious file types and execute ASP code. 2019-05-24 not yet calculated CVE-2018-19612
MISC
MISC
western_digital_technologies — my_cloud_products
 
Western Digital My Cloud Cloud, Mirror Gen2, EX2 Ultra, EX2100, EX4100, DL2100, DL4100, PR2100 and PR4100 before firmware 2.31.183 are affected by a code execution (as root, starting from a low-privilege user session) vulnerability. The cgi-bin/webfile_mgr.cgi file allows arbitrary file write by abusing symlinks. Specifically, this occurs by uploading a tar archive that contains a symbolic link, then uploading another archive that writes a file to the link using the “cgi_untar” command. Other commands might also be susceptible. Code can be executed because the “name” parameter passed to the cgi_unzip command is not sanitized. 2019-05-23 not yet calculated CVE-2019-9949
CONFIRM
wordpress — wordpress In the Form Maker plugin before 1.13.3 for WordPress, it’s possible to achieve SQL injection in the function get_labels_parameters in the file form-maker/admin/models/Submissions_fm.php with a crafted value of the /models/Submissioc parameter. 2019-05-23 not yet calculated CVE-2019-10866
MISC
MISC
zoho_manageengine — adselfservice_plus
 
In Zoho ManageEngine ADSelfService Plus 5.x through 5704, an authorization.do cross-site Scripting (XSS) vulnerability allows for an unauthenticated manipulation of the JavaScript code by injecting the HTTP form parameter adscsrf. An attacker can use this to capture a user’s AD self-service password reset and MFA token. 2019-05-24 not yet calculated CVE-2019-8346
MISC

Back to top


This product is provided subject to this Notification and this Privacy & Use policy.

SB19-140: Vulnerability Summary for the Week of May 13, 2019

Original release date: May 20, 2019

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High – Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 – 10.0

  • Medium – Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 – 6.9

  • Low – Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 – 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

 

High Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
anker-in — roav_dashcam_a1_firmware An exploitable code execution vulnerability exists in Wi-Fi Command 9999 of the Roav A1 Dashcam running version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability. 2019-05-13 7.5 CVE-2018-4014
MISC
anker-in — roav_dashcam_a1_firmware An exploitable code execution vulnerability exists in the URL-parsing functionality of the Roav A1 Dashcam running version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability. 2019-05-13 7.5 CVE-2018-4016
MISC
anker-in — roav_dashcam_a1_firmware An exploitable vulnerability exists in the Wi-Fi Access Point feature of the Roav A1 Dashcam running version RoavA1SWV1.9. A set of default credentials can potentially be used to connect to the device. An attacker can connect to the AP to trigger this vulnerability. 2019-05-13 8.3 CVE-2018-4017
MISC
anker-in — roav_dashcam_a1_firmware An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware, running on Anker Roav A1 Dashcam version RoavA1SWV1.9. The HTTP server allows for arbitrary firmware binaries to be uploaded which will be flashed upon next reboot. An attacker can send an HTTP PUT request or upgrade firmware request to trigger this vulnerability. 2019-05-13 10.0 CVE-2018-4018
MISC
anker-in — roav_dashcam_a1_firmware An exploitable code execution vulnerability exists in the XML_UploadFile Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. 2019-05-13 7.5 CVE-2018-4023
MISC
anker-in — roav_dashcam_a1_firmware An exploitable denial-of-service vulnerability exists in the thumbnail display functionality of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause a null pointer dereference, resulting in a device reboot. 2019-05-13 7.8 CVE-2018-4024
MISC
anker-in — roav_dashcam_a1_firmware An exploitable denial-of-service vulnerability exists in the XML_GetRawEncJpg Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause an invalid memory dereference, resulting in a device reboot. 2019-05-13 7.8 CVE-2018-4025
MISC
anker-in — roav_dashcam_a1_firmware An exploitable denial-of-service vulnerability exists in the XML_GetScreen Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted set of packets can cause an invalid memory dereference, resulting in a device reboot. 2019-05-13 7.8 CVE-2018-4026
MISC
anker-in — roav_dashcam_a1_firmware An exploitable denial-of-service vulnerability exists in the XML_UploadFile Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause a semaphore deadlock, which prevents the device from receiving any physical or network inputs. An attacker can send a specially crafted packet to trigger this vulnerability. 2019-05-13 7.8 CVE-2018-4027
MISC
anker-in — roav_dashcam_a1_firmware An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. The HTTP server could allow an attacker to overwrite the root directory of the server, resulting in a denial of service. An attacker can send an HTTP POST request to trigger this vulnerability. 2019-05-13 7.8 CVE-2018-4028
MISC
anker-in — roav_dashcam_a1_firmware An exploitable code execution vulnerability exists in the HTTP request-parsing function of the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause an unlimited and arbitrary write to memory, resulting in code execution. 2019-05-13 7.5 CVE-2018-4029
MISC
apachefriends — xampp XAMPP through 5.6.8 and previous allows SQL injection via the cds-fpdf.php jahr parameter. NOTE: This product is discontinued. 2019-05-14 7.5 CVE-2019-8923
MISC
FULLDISC
BID
MISC
MISC
MISC
EXPLOIT-DB
asus — rt-ac3200_firmware System command injection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to execute system commands via the “load_script” URL parameter. 2019-05-13 10.0 CVE-2018-14714
MISC
cisco — enterprise_network_compute_system A vulnerability in the logic that handles access control to one of the hardware components in Cisco’s proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot hardware implementation. An attacker with elevated privileges and access to the underlying operating system that is running on the affected device could exploit this vulnerability by writing a modified firmware image to the FPGA. A successful exploit could either cause the device to become unusable (and require a hardware replacement) or allow tampering with the Secure Boot verification process, which under some circumstances may allow the attacker to install and boot a malicious software image. An attacker will need to fulfill all the following conditions to attempt to exploit this vulnerability: Have privileged administrative access to the device. Be able to access the underlying operating system running on the device; this can be achieved either by using a supported, documented mechanism or by exploiting another vulnerability that would provide an attacker with such access. Develop or have access to a platform-specific exploit. An attacker attempting to exploit this vulnerability across multiple affected platforms would need to research each one of those platforms and then develop a platform-specific exploit. Although the research process could be reused across different platforms, an exploit developed for a given hardware platform is unlikely to work on a different hardware platform. 2019-05-13 7.2 CVE-2019-1649
BID
CISCO
CERT-VN
cisco — ios_xe A vulnerability in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected software improperly sanitizes user-supplied input. An attacker who has valid administrator access to an affected device could exploit this vulnerability by supplying a crafted input parameter on a form in the Web UI and then submitting that form. A successful exploit could allow the attacker to run arbitrary commands on the device with root privileges, which may lead to complete system compromise. 2019-05-13 9.0 CVE-2019-1862
BID
CISCO
CERT-VN
cisco — nx-os A vulnerability in the Python scripting subsystem of Cisco NX-OS Software could allow an authenticated, local attacker to escape the Python parser and issue arbitrary commands to elevate the attacker’s privilege level. The vulnerability is due to insufficient sanitization of user-supplied parameters that are passed to certain Python functions in the scripting sandbox of the affected device. An attacker could exploit this vulnerability to escape the scripting sandbox and execute arbitrary commands to elevate the attacker’s privilege level. To exploit this vulnerability, the attacker must have local access and be authenticated to the targeted device with administrative or Python execution privileges. These requirements could limit the possibility of a successful exploit. 2019-05-15 7.2 CVE-2019-1727
BID
CISCO
cisco — nx-os A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to run arbitrary commands at system boot time with the privileges of root. The vulnerability is due to a lack of proper validation of system files when the persistent configuration information is read from the file system. An attacker could exploit this vulnerability by authenticating to the device and overwriting the persistent configuration storage with malicious executable files. An exploit could allow the attacker to run arbitrary commands at system startup and those commands will run as the root user. The attacker must have valid administrative credentials for the device. 2019-05-15 7.2 CVE-2019-1728
CISCO
cisco — nx-os A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to the incorrect implementation of a CLI command that allows a Bash command to be incorrectly invoked on the Guest Shell CLI. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the Guest Shell prompt. A successful exploit could allow the attacker to issue commands that should be restricted by a Guest Shell account. 2019-05-15 7.2 CVE-2019-1730
CISCO
cisco — nx-os A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid user credentials to exploit this vulnerability. 2019-05-15 7.2 CVE-2019-1735
BID
CISCO
cisco — nx-os A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument of the affected CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. An attacker would need valid administrator credentials to exploit these vulnerabilities. NX-OS versions prior to 8.3(1) are affected. 2019-05-15 7.2 CVE-2019-1767
CISCO
cisco — nx-os A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. 2019-05-15 7.2 CVE-2019-1774
BID
CISCO
cisco — nx-os A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. 2019-05-15 7.2 CVE-2019-1775
BID
CISCO
cisco — nx-os A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. 2019-05-15 7.2 CVE-2019-1776
CISCO
cisco — nx-os A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. 2019-05-15 7.2 CVE-2019-1778
BID
CISCO
cisco — nx-os A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. NX-OS versions prior to 8.3(1) are affected. NX-OS versions prior to 8.3(1) are affected. 2019-05-16 7.2 CVE-2019-1780
CISCO
cisco — nx-os A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attacker could exploit this vulnerability to install an unsigned software image on an affected device. 2019-05-15 7.2 CVE-2019-1811
CISCO
cisco — nx-os A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attacker could exploit this vulnerability to install an unsigned software image on an affected device. 2019-05-15 7.2 CVE-2019-1812
CISCO
cisco — nx-os A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attacker could exploit this vulnerability to install an unsigned software image on an affected device. 2019-05-15 7.2 CVE-2019-1813
CISCO
d-link — dir-818lw_firmware In the /HNAP1/SetRouterSettings message, the RemotePort parameter is vulnerable, and the vulnerability affects D-Link DIR-818LW Rev.A 2.05.B03 and DIR-822 B1 202KRb06 devices. In the SetRouterSettings.php source code, the RemotePort parameter is saved in the $path_inf_wan1.”/web” internal configuration memory without any regex checking. And in the IPTWAN_build_command function of the iptwan.php source code, the data in $path_inf_wan1.”/web” is used with the iptables command without any regex checking. A vulnerable /HNAP1/SetRouterSettings XML message could have shell metacharacters in the RemotePort element such as the `telnetd` string. 2019-05-13 10.0 CVE-2018-19986
MISC
d-link — dir-818lw_firmware D-Link DIR-822 Rev.B 202KRb06, DIR-822 Rev.C 3.10B06, DIR-860L Rev.B 2.03.B03, DIR-868L Rev.B 2.05B02, DIR-880L Rev.A 1.20B01_01_i3se_BETA, and DIR-890L Rev.A 1.21B02_BETA devices mishandle IsAccessPoint in /HNAP1/SetAccessPointMode. In the SetAccessPointMode.php source code, the IsAccessPoint parameter is saved in the ShellPath script file without any regex checking. After the script file is executed, the command injection occurs. A vulnerable /HNAP1/SetAccessPointMode XML message could have shell metacharacters in the IsAccessPoint element such as the `telnetd` string. 2019-05-13 10.0 CVE-2018-19987
MISC
d-link — dir-822_firmware In the /HNAP1/SetQoSSettings message, the uplink parameter is vulnerable, and the vulnerability affects D-Link DIR-822 Rev.B 202KRb06 and DIR-822 Rev.C 3.10B06 devices. In the SetQoSSettings.php source code, the uplink parameter is saved in the /bwc/entry:1/bandwidth and /bwc/entry:2/bandwidth internal configuration memory without any regex checking. And in the bwc_tc_spq_start, bwc_tc_wfq_start, and bwc_tc_adb_start functions of the bwcsvcs.php source code, the data in /bwc/entry:1/bandwidth and /bwc/entry:2/bandwidth is used with the tc command without any regex checking. A vulnerable /HNAP1/SetQoSSettings XML message could have shell metacharacters in the uplink element such as the `telnetd` string. 2019-05-13 10.0 CVE-2018-19989
MISC
d-link — dir-822_firmware In the /HNAP1/SetWiFiVerifyAlpha message, the WPSPIN parameter is vulnerable, and the vulnerability affects D-Link DIR-822 B1 202KRb06 devices. In the SetWiFiVerifyAlpha.php source code, the WPSPIN parameter is saved in the $rphyinf1.”/media/wps/enrollee/pin” and $rphyinf2.”/media/wps/enrollee/pin” and $rphyinf3.”/media/wps/enrollee/pin” internal configuration memory without any regex checking. And in the do_wps function of the wps.php source code, the data in $rphyinf3.”/media/wps/enrollee/pin” is used with the wpatalk command without any regex checking. A vulnerable /HNAP1/SetWiFiVerifyAlpha XML message could have shell metacharacters in the WPSPIN element such as the `telnetd` string. 2019-05-13 10.0 CVE-2018-19990
MISC
d-link — dir-868l_firmware In the /HNAP1/SetClientInfoDemo message, the AudioMute and AudioEnable parameters are vulnerable, and the vulnerabilities affect D-Link DIR-868L Rev.B 2.05B02 devices. In the SetClientInfoDemo.php source code, the AudioMute and AudioEnble parameters are saved in the ShellPath script file without any regex checking. After the script file is executed, the command injection occurs. It needs to bypass the wget command option with a single quote. A vulnerable /HNAP1/SetClientInfoDemo XML message could have single quotes and backquotes in the AudioMute or AudioEnable element, such as the ‘`telnetd`’ string. 2019-05-13 7.5 CVE-2018-19988
MISC
denx — u-boot Das U-Boot 2016.11-rc1 through 2019.04 mishandles the ext4 64-bit extension, resulting in a buffer overflow. 2019-05-10 7.5 CVE-2019-11059
CONFIRM
MISC
emerson — ve6046_firmware Emerson VE6046 09.0.12 devices have hardcoded admin credentials allowing remote connection to the Emerson Smart Switch administrative interface via HTTP or SNMPv3. 2019-05-14 10.0 CVE-2018-11691
MISC
MISC
MISC
enghouse — contact_center:_service_provider ClientServiceConfigController.cs in Enghouse Cloud Contact Center Platform 7.2.5 has functionality for loading external XML files and parsing them, allowing an attacker to upload a malicious XML file and reference it in the URL of the application, forcing the application to load and parse the malicious XML file, aka an XXE issue. 2019-05-14 7.5 CVE-2018-8940
MISC
golang — go Go through 1.12.5 on Windows mishandles process creation with a nil environment in conjunction with a non-nil token, which allows attackers to obtain sensitive information or gain privileges. 2019-05-13 7.5 CVE-2019-11888
MISC
gracemedia_media_player_project — gracemedia_media_player The GraceMedia Media Player plugin 1.0 for WordPress allows Local File Inclusion via the “cfg” parameter. 2019-05-13 7.5 CVE-2019-9618
FULLDISC
FULLDISC
MISC
hp — synergy_firmware A security vulnerability in the HPE Virtual Connect SE 16Gb Fibre Channel Module for HPE Synergy running firmware 5.00.50, which is part of the HPE Synergy Custom SPP 2018.11.20190205, could allow local or remote unauthorized elevation of privilege. 2019-05-10 7.5 CVE-2018-7120
CONFIRM
konakart — konakart KonaKart 8.9.0.0 is vulnerable to Remote Code Execution by uploading a web shell as a product category image. 2019-05-13 7.5 CVE-2019-11680
CONFIRM
lg — n1a1_firmware LG N1A1 NAS 3718.510 is affected by: Remote Command Execution. The impact is: execute arbitrary code (remote). The attack vector is: HTTP POST with parameters. 2019-05-14 7.5 CVE-2018-14839
MISC
lightopenid_project — lightopenid openid.php in LightOpenID through 1.3.1 allows SSRF via a crafted OpenID 2.0 assertion request using the HTTP GET method. 2019-05-10 7.5 CVE-2019-11066
MISC
microsoft — chakracore A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka ‘Scripting Engine Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2019-0884, CVE-2019-0918. 2019-05-16 7.6 CVE-2019-0911
MISC
microsoft — chakracore A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka ‘Chakra Scripting Engine Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937. 2019-05-16 7.6 CVE-2019-0912
MISC
microsoft — chakracore A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka ‘Chakra Scripting Engine Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2019-0912, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937. 2019-05-16 7.6 CVE-2019-0913
MISC
microsoft — chakracore A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka ‘Chakra Scripting Engine Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937. 2019-05-16 7.6 CVE-2019-0914
MISC
microsoft — chakracore A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka ‘Chakra Scripting Engine Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937. 2019-05-16 7.6 CVE-2019-0915
MISC
microsoft — chakracore A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka ‘Chakra Scripting Engine Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937. 2019-05-16 7.6 CVE-2019-0916
MISC
microsoft — chakracore A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka ‘Chakra Scripting Engine Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937. 2019-05-16 7.6 CVE-2019-0917
MISC
microsoft — chakracore A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka ‘Chakra Scripting Engine Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937. 2019-05-16 7.6 CVE-2019-0922
MISC
microsoft — chakracore A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka ‘Chakra Scripting Engine Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937. 2019-05-16 7.6 CVE-2019-0924
MISC
microsoft — chakracore A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka ‘Chakra Scripting Engine Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937. 2019-05-16 7.6 CVE-2019-0925
MISC
microsoft — chakracore A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka ‘Chakra Scripting Engine Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0933, CVE-2019-0937. 2019-05-16 7.6 CVE-2019-0927
MISC
microsoft — chakracore A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka ‘Chakra Scripting Engine Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0937. 2019-05-16 7.6 CVE-2019-0933
MISC
microsoft — chakracore A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka ‘Chakra Scripting Engine Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933. 2019-05-16 7.6 CVE-2019-0937
MISC
microsoft — edge A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka ‘Scripting Engine Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2019-0911, CVE-2019-0918. 2019-05-16 7.6 CVE-2019-0884
MISC
microsoft — edge A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka ‘Chakra Scripting Engine Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937. 2019-05-16 7.6 CVE-2019-0923
MISC
microsoft — internet_explorer A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka ‘Scripting Engine Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2019-0884, CVE-2019-0911. 2019-05-16 7.6 CVE-2019-0918
MISC
microsoft — office A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka ‘Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-0946, CVE-2019-0947. 2019-05-16 9.3 CVE-2019-0945
MISC
microsoft — office A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka ‘Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-0945, CVE-2019-0947. 2019-05-16 9.3 CVE-2019-0946
MISC
microsoft — office A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka ‘Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-0945, CVE-2019-0946. 2019-05-16 9.3 CVE-2019-0947
MISC
microsoft — office A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka ‘Microsoft Word Remote Code Execution Vulnerability’. 2019-05-16 9.3 CVE-2019-0953
MISC
microsoft — windows_10 An elevation of privilege vulnerability exists when the Windows Kernel improperly handles key enumeration, aka ‘Windows Kernel Elevation of Privilege Vulnerability’. 2019-05-16 7.2 CVE-2019-0881
MISC
microsoft — windows_10 A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input, aka ‘Windows OLE Remote Code Execution Vulnerability’. 2019-05-16 9.3 CVE-2019-0885
MISC
microsoft — windows_10 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka ‘Jet Database Engine Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-0890, CVE-2019-0891, CVE-2019-0893, CVE-2019-0894, CVE-2019-0895, CVE-2019-0896, CVE-2019-0897, CVE-2019-0898, CVE-2019-0899, CVE-2019-0900, CVE-2019-0901, CVE-2019-0902. 2019-05-16 9.3 CVE-2019-0889
MISC
microsoft — windows_10 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka ‘Jet Database Engine Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-0889, CVE-2019-0891, CVE-2019-0893, CVE-2019-0894, CVE-2019-0895, CVE-2019-0896, CVE-2019-0897, CVE-2019-0898, CVE-2019-0899, CVE-2019-0900, CVE-2019-0901, CVE-2019-0902. 2019-05-16 9.3 CVE-2019-0890
MISC
microsoft — windows_10 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka ‘Jet Database Engine Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0893, CVE-2019-0894, CVE-2019-0895, CVE-2019-0896, CVE-2019-0897, CVE-2019-0898, CVE-2019-0899, CVE-2019-0900, CVE-2019-0901, CVE-2019-0902. 2019-05-16 9.3 CVE-2019-0891
MISC
microsoft — windows_10 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka ‘Win32k Elevation of Privilege Vulnerability’. 2019-05-16 7.2 CVE-2019-0892
MISC
microsoft — windows_10 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka ‘Jet Database Engine Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, CVE-2019-0894, CVE-2019-0895, CVE-2019-0896, CVE-2019-0897, CVE-2019-0898, CVE-2019-0899, CVE-2019-0900, CVE-2019-0901, CVE-2019-0902. 2019-05-16 9.3 CVE-2019-0893
MISC
microsoft — windows_10 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka ‘Jet Database Engine Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, CVE-2019-0893, CVE-2019-0895, CVE-2019-0896, CVE-2019-0897, CVE-2019-0898, CVE-2019-0899, CVE-2019-0900, CVE-2019-0901, CVE-2019-0902. 2019-05-16 9.3 CVE-2019-0894
MISC
microsoft — windows_10 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka ‘Jet Database Engine Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, CVE-2019-0893, CVE-2019-0894, CVE-2019-0896, CVE-2019-0897, CVE-2019-0898, CVE-2019-0899, CVE-2019-0900, CVE-2019-0901, CVE-2019-0902. 2019-05-16 9.3 CVE-2019-0895
MISC
microsoft — windows_10 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka ‘Jet Database Engine Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, CVE-2019-0893, CVE-2019-0894, CVE-2019-0895, CVE-2019-0897, CVE-2019-0898, CVE-2019-0899, CVE-2019-0900, CVE-2019-0901, CVE-2019-0902. 2019-05-16 9.3 CVE-2019-0896
MISC
microsoft — windows_10 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka ‘Jet Database Engine Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, CVE-2019-0893, CVE-2019-0894, CVE-2019-0895, CVE-2019-0896, CVE-2019-0898, CVE-2019-0899, CVE-2019-0900, CVE-2019-0901, CVE-2019-0902. 2019-05-16 9.3 CVE-2019-0897
MISC
microsoft — windows_10 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka ‘Jet Database Engine Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, CVE-2019-0893, CVE-2019-0894, CVE-2019-0895, CVE-2019-0896, CVE-2019-0897, CVE-2019-0899, CVE-2019-0900, CVE-2019-0901, CVE-2019-0902. 2019-05-16 9.3 CVE-2019-0898
MISC
microsoft — windows_10 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka ‘Jet Database Engine Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, CVE-2019-0893, CVE-2019-0894, CVE-2019-0895, CVE-2019-0896, CVE-2019-0897, CVE-2019-0898, CVE-2019-0900, CVE-2019-0901, CVE-2019-0902. 2019-05-16 9.3 CVE-2019-0899
MISC
microsoft — windows_10 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka ‘Jet Database Engine Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, CVE-2019-0893, CVE-2019-0894, CVE-2019-0895, CVE-2019-0896, CVE-2019-0897, CVE-2019-0898, CVE-2019-0899, CVE-2019-0901, CVE-2019-0902. 2019-05-16 9.3 CVE-2019-0900
MISC
microsoft — windows_10 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka ‘Jet Database Engine Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, CVE-2019-0893, CVE-2019-0894, CVE-2019-0895, CVE-2019-0896, CVE-2019-0897, CVE-2019-0898, CVE-2019-0899, CVE-2019-0900, CVE-2019-0902. 2019-05-16 9.3 CVE-2019-0901
MISC
microsoft — windows_10 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka ‘Jet Database Engine Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, CVE-2019-0893, CVE-2019-0894, CVE-2019-0895, CVE-2019-0896, CVE-2019-0897, CVE-2019-0898, CVE-2019-0899, CVE-2019-0900, CVE-2019-0901. 2019-05-16 9.3 CVE-2019-0902
MISC
microsoft — windows_10 A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka ‘GDI+ Remote Code Execution Vulnerability’. 2019-05-16 9.3 CVE-2019-0903
MISC
microsoft — windows_7 A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka ‘Remote Desktop Services Remote Code Execution Vulnerability’. 2019-05-16 10.0 CVE-2019-0708
MISC
microsoft — windows_server_2008 A memory corruption vulnerability exists in the Windows Server DHCP service when processing specially crafted packets, aka ‘Windows DHCP Server Remote Code Execution Vulnerability’. 2019-05-16 7.5 CVE-2019-0725
MISC
nvidia — gpu_driver NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the product does not properly synchronize shared data, such as static variables across threads, which can lead to undefined behavior and unpredictable data changes, which may lead to denial of service, escalation of privileges, or information disclosure. 2019-05-10 7.2 CVE-2019-5675
CONFIRM
nvidia — gpu_driver NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in which it incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), leading to escalation of privileges through code execution. 2019-05-10 7.2 CVE-2019-5676
CONFIRM
page_flip_book_project — page_flip_book Directory traversal vulnerability in pageflipbook.php script from index.php in Page Flip Book plugin for WordPress (wppageflip) allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pageflipbook_language parameter. 2019-05-13 7.5 CVE-2012-6652
MISC
MISC
MISC
MISC
php-fusion — php-fusion In PHP-Fusion 9.03.00, edit_profile.php allows remote authenticated users to execute arbitrary code because includes/dynamics/includes/form_fileinput.php and includes/classes/PHPFusion/Installer/Lib/Core.settings.inc mishandle executable files during avatar upload. 2019-05-14 9.0 CVE-2019-12099
MISC
MISC
MISC
polycom — group_series An issue was discovered in Polycom Group Series 6.1.6.1 and earlier, HDX 3.1.12 and earlier, and Pano 1.1.1 and earlier. A remote code execution vulnerability exists in the content sharing functionality because of a Buffer Overflow via crafted packets. 2019-05-13 10.0 CVE-2018-15128
MISC
seagate — nas_os SQL injection in folderViewSpecific.psp in Seagate NAS OS version 4.3.15.1 allows attackers to execute arbitrary SQL commands via the dirId URL parameter. 2019-05-13 7.5 CVE-2018-12295
MISC
sensiolabs — symfony In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, when service ids allow user input, this could allow for SQL Injection and remote code execution. This is related to symfony/dependency-injection. 2019-05-16 7.5 CVE-2019-10910
CONFIRM
CONFIRM
sensiolabs — symfony In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, HTTP Methods provided as verbs or using the override header may be treated as trusted input, but they are not validated, possibly causing SQL injection or XSS. This is related to symfony/http-foundation. 2019-05-16 7.5 CVE-2019-10913
CONFIRM
CONFIRM
sharing-file — easy_file_sharing_web_server An issue was discovered in Easy File Sharing (EFS) Web Server 7.2. A stack-based buffer overflow vulnerability occurs when a malicious POST request has been made to forum.ghp upon creating a new topic in the forums, which allows remote attackers to execute arbitrary code. 2019-05-13 7.5 CVE-2018-18912
MISC
siemens — logo!8_bm_firmware A vulnerability has been identified in LOGO!8 BM (All versions). Attackers with access to port 10005/tcp could perform device reconfigurations and obtain project files from the devices. The system manual recommends to protect access to this port. The security vulnerability could be exploited by an unauthenticated attacker with network access to port 10005/tcp. No user interaction is required to exploit this security vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known. 2019-05-14 7.5 CVE-2019-10919
MISC
siemens — simatic_pcs_7 A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions), SIMATIC WinCC (TIA Portal) V15 (All versions), SIMATIC WinCC Runtime Professional (All versions), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 Upd3). An attacker with access to the project file could run arbitrary system commands with the privileges of the local database server. The vulnerability could be exploited by an attacker with access to the project file. The vulnerability does impact the confidentiality, integrity, and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. 2019-05-14 9.0 CVE-2019-10916
MISC
siemens — simatic_pcs_7 A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions), SIMATIC WinCC (TIA Portal) V15 (All versions), SIMATIC WinCC Runtime Professional (All versions), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 Upd3). An authenticatd attacker with network access to the DCOM interface could execute arbitrary commands with SYSTEM privileges. The vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires authentication with a low-privileged user account and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. 2019-05-14 9.0 CVE-2019-10918
MISC
siemens — simatic_pcs_7 A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 and newer (All versions), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 and newer (All versions). An attacker with network access to affected installations, which are configured without “Encrypted Communication”, can execute arbitrary code. The security vulnerability could be exploited by an unauthenticated attacker with network access to the affected installation. No user interaction is required to exploit this security vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known. 2019-05-14 7.5 CVE-2019-10922
MISC
suricata-ids — suricata An issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the function SSHParseBanner is composed only of a \n character, then the program runs into a heap-based buffer over-read. This occurs because the erroneous search for \r results in an integer underflow. 2019-05-13 7.5 CVE-2019-10053
MISC
MISC
sylabs — singularity An issue was discovered in Singularity 3.1.0 to 3.2.0-rc2, a malicious user with local/network access to the host system (e.g. ssh) could exploit this vulnerability due to insecure permissions allowing a user to edit files within `/run/singularity/instances/sing/<user>/<instance>`. The manipulation of those files can change the behavior of the starter-suid program when instances are joined resulting in potential privilege escalation on the host. 2019-05-14 9.0 CVE-2019-11328
MLIST
BID
CONFIRM
tubigan — welcome_to_our_resort The Tubigan “Welcome to our Resort” 1.0 software allows SQL Injection via index.php?p=accomodation&q=[SQL], index.php?p=rooms&q=[SQL], or admin/login.php. 2019-05-14 7.5 CVE-2018-18800
MISC
EXPLOIT-DB
whatsapp — whatsapp A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of SRTCP packets sent to a target phone number. The issue affects WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp for iOS prior to v2.19.51, WhatsApp Business for iOS prior to v2.19.51, WhatsApp for Windows Phone prior to v2.18.348, and WhatsApp for Tizen prior to v2.18.15. 2019-05-14 7.5 CVE-2019-3568
BID
MISC
xstream_project — xstream Xstream API versions up to 1.4.6 and version 1.4.10, if the security framework has not been initialized, may allow a remote attacker to run arbitrary shell commands by manipulating the processed input stream when unmarshaling XML or any supported format. e.g. JSON. 2019-05-15 7.5 CVE-2013-7285
MISC
MLIST
MLIST
MLIST
CONFIRM

Back to top

 

Medium Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
abus — secvest_wireless_alarm_system_fuaa50000_firmware Due to the use of an insecure RFID technology (MIFARE Classic), ABUS proximity chip keys (RFID tokens) of the ABUS Secvest FUAA50000 wireless alarm system can easily be cloned and used to deactivate the alarm system in an unauthorized way. 2019-05-14 4.8 CVE-2019-9861
MISC
FULLDISC
BUGTRAQ
MISC
apachefriends — xampp XAMPP through 5.6.8 allows XSS via the cds-fpdf.php interpret or titel parameter. NOTE: This product is discontinued. 2019-05-16 4.3 CVE-2019-8924
MISC
MISC
MISC
MISC
MISC
MISC
MISC
applaudsolutions — applaud_hcm Applaud HCM 4.0.42+ uses HTML tag fields for HTML inputs in a form. This leads to an XSS vulnerability with a payload starting with the <iframe./> substring. 2019-05-16 4.3 CVE-2019-11033
CONFIRM
MISC
asus — rt-ac3200_firmware Cross-site scripting in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to execute JavaScript via the “hook” URL parameter. 2019-05-13 4.3 CVE-2018-14710
MISC
asus — rt-ac3200_firmware Missing cross-site request forgery protection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to cause state-changing actions with specially crafted URLs. 2019-05-13 4.3 CVE-2018-14711
MISC
asus — rt-ac3200_firmware Buffer overflow in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to inject system commands via the “hook” URL parameter. 2019-05-13 4.0 CVE-2018-14712
MISC
asus — rt-ac3200_firmware Format string vulnerability in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to read arbitrary sections of memory and CPU registers via the “hook” URL parameter. 2019-05-13 5.5 CVE-2018-14713
MISC
aware — knomi The Face authentication component in Aware mobile liveness 2.2.1 sdk 2.2.0 for Knomi allows a Biometrical Liveness authentication bypass via parameter tampering of the /knomi/analyze security_level field. 2019-05-15 5.0 CVE-2019-9196
MISC
MISC
MISC
bibliosoft — bibliopac Cross-site scripting (XSS) vulnerability in BIBLIOsoft BIBLIOpac 2008 allows remote attackers to inject arbitrary web script or HTML via the db or action parameter to to bin/wxis.exe/bibliopac/. 2019-05-13 4.3 CVE-2018-16139
MISC
bilboplanet — bilboplanet An issue was discovered in Bilboplanet 2.0. There is a stored XSS vulnerability when adding a tag via the user/?page=tribes tags parameter. 2019-05-15 4.3 CVE-2014-9917
EXPLOIT-DB
bilboplanet — bilboplanet An issue was discovered in Bilboplanet 2.0. Stored XSS exists in the user_id parameter to signup.php. 2019-05-15 4.3 CVE-2014-9918
EXPLOIT-DB
bilboplanet — bilboplanet An issue was discovered in Bilboplanet 2.0. Stored XSS exists in the fullname parameter to signup.php. 2019-05-15 4.3 CVE-2014-9919
EXPLOIT-DB
capstone-engine — capstone Capstone 3.0.4 has an out-of-bounds vulnerability (SEGV caused by a read memory access) in X86_insn_reg_intel in arch/X86/X86Mapping.c. 2019-05-15 4.3 CVE-2016-7151
CONFIRM
CONFIRM
cisco — anyconnect_secure_mobility_client A vulnerability in the HostScan component of Cisco AnyConnect Secure Mobility Client for Linux could allow an unauthenticated, remote attacker to read sensitive information on an affected system. The vulnerability exists because the affected software performs improper bounds checks. An attacker could exploit this vulnerability by crafting HTTP traffic for the affected component to download and process. A successful exploit could allow the attacker to read sensitive information on the affected system. 2019-05-15 5.0 CVE-2019-1853
BID
CISCO
cisco — evolved_programmable_network_manager A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager software could allow an authenticated, remote attacker to download and view files within the application that should be restricted. This vulnerability is due to improper sanitization of user-supplied input in HTTP request parameters that describe filenames. An attacker could exploit this vulnerability by using directory traversal techniques to submit a path to a desired file location. A successful exploit could allow the attacker to view application files that may contain sensitive information. 2019-05-15 4.0 CVE-2019-1818
BID
CISCO
cisco — firepower_management_center A vulnerability in the detection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured access control policies. The vulnerability is due to improper validation of ICMP packets. An attacker could exploit this vulnerability by sending crafted ICMP packets to the affected device. A successful exploit could allow the attacker to bypass configured access control policies. 2019-05-15 5.0 CVE-2019-1832
BID
CISCO
cisco — firepower_management_center A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol parser of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies. The vulnerability is due to improper parsing of specific attributes in a TLS packet header. An attacker could exploit this vulnerability by sending malicious TLS messages to the affected system. A successful exploit could allow the attacker to bypass the configured policies for the system, which could allow traffic to flow through without being inspected. 2019-05-15 5.0 CVE-2019-1833
BID
CISCO
cisco — ios_xr A vulnerability in the Multiprotocol Label Switching (MPLS) Operations, Administration, and Maintenance (OAM) implementation of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to the incorrect handling of certain MPLS OAM packets. An attacker could exploit this vulnerability by sending malicious MPLS OAM packets to an affected device. A successful exploit could allow the attacker to cause the lspv_server process to crash. The crash could lead to system instability and the inability to process or forward traffic though the device, resulting in a DoS condition that require manual intervention to restore normal operating conditions. 2019-05-15 6.1 CVE-2019-1846
BID
CISCO
cisco — ios_xr A vulnerability in the Border Gateway Patrol (BGP) Multiprotocol Label Switching (MPLS)-based Ethernet VPN (EVPN) implementation of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to a logic error that occurs when the affected software processes specific EVPN routing information. An attacker could exploit this vulnerability by injecting malicious traffic patterns into the targeted EVPN network. A successful exploit could result in a crash of the l2vpn_mgr process on Provider Edge (PE) device members of the same EVPN instance (EVI). On each of the affected devices, a crash could lead to system instability and the inability to process or forward traffic through the device, resulting in a DoS condition that would require manual intervention to restore normal operating conditions. 2019-05-15 6.1 CVE-2019-1849
BID
CISCO
cisco — nx-os A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to access internal services that should be restricted on an affected device, such as the NX-API. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument to the affected command. A successful exploit could allow the attacker to bypass intended restrictions and access internal services of the device. An attacker would need valid device credentials to exploit this vulnerability. 2019-05-15 4.6 CVE-2019-1726
CISCO
cisco — nx-os A vulnerability in the CLI implementation of a specific command used for image maintenance for Cisco NX-OS Software could allow an authenticated, local attacker to overwrite any file on the file system including system files. These file overwrites by the attacker are accomplished at the root privilege level. The vulnerability occurs because there is no verification of user-input parameters and or digital-signature verification for image files when using a specific CLI command. An attacker could exploit this vulnerability by authenticating to the device and issuing a command at the CLI. Because an exploit could allow the attacker to overwrite any file on the disk, including system files, a denial of service (DoS) condition could occur. The attacker must have valid administrator credentials for the affected device to exploit this vulnerability. 2019-05-15 6.6 CVE-2019-1729
CISCO
cisco — nx-os A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital signatures for patch images. An attacker could exploit this vulnerability by crafting an unsigned software patch to bypass signature checks and loading it on an affected device. A successful exploit could allow the attacker to boot a malicious software patch image. 2019-05-15 4.6 CVE-2019-1809
CISCO
cisco — nx-os A vulnerability in the Image Signature Verification feature used in an NX-OS CLI command in Cisco Nexus 3000 Series and 9000 Series Switches could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not properly verified during CLI command execution. An attacker could exploit this vulnerability to install an unsigned software image on an affected device. Note: If the device has not been patched for the vulnerability previously disclosed in the Cisco Security Advisory cisco-sa-20190306-nxos-sig-verif, a successful exploit could allow the attacker to boot a malicious software image. 2019-05-15 4.6 CVE-2019-1810
CISCO
cisco — unified_intelligence_center A vulnerability in the dashboard gadget rendering of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to obtain or manipulate sensitive information between a user&rsquo;s browser and Cisco Unified Intelligence Center. The vulnerability is due to the lack of gadget validation. An attacker could exploit this vulnerability by forcing a user to load a malicious gadget. A successful exploit could allow the attacker to obtain sensitive information, such as current user credentials, or manipulate data between the user&rsquo;s browser and Cisco Unified Intelligence Center in the context of the malicious gadget. 2019-05-15 4.0 CVE-2019-1860
BID
CISCO
cisco — video_surveillance_manager A vulnerability in the web-based management interface of Cisco Video Surveillance Manager could allow an unauthenticated, remote attacker to access sensitive information. The vulnerability is due to improper validation of parameters handled by the web-based management interface. An attacker could exploit this vulnerability by sending malicious requests to an affected component. A successful exploit could allow the attacker to download arbitrary files from the affected device, which could contain sensitive information. 2019-05-15 5.0 CVE-2019-1717
BID
CISCO
citrix — sharefile Citrix ShareFile through 19.1 allows User Enumeration. It is possible to enumerate application username based on different server responses using the request to check the otp code. No authentication is required. 2019-05-13 5.0 CVE-2019-7217
MISC
citrix — sharefile Citrix ShareFile through 19.1 allows a downgrade from two-factor authentication to one-factor authentication. An attacker with access to the offline victim?s otp physical token or virtual app (like google authenticator) is able to bypass the first authentication phase (username/password mechanism) and log-in using username/otp combination only (phase 2 of 2FA). 2019-05-13 4.3 CVE-2019-7218
MISC
cybozu — garoon Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.6.3 allows remote attackers to inject arbitrary web script or HTML via Customize Item function. 2019-05-17 4.3 CVE-2019-5928
MISC
MISC
cybozu — garoon Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.6.3 allows remote attackers to inject arbitrary web script or HTML via the application ‘Memo’. 2019-05-17 4.3 CVE-2019-5929
MISC
MISC
cybozu — garoon Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote attackers to inject arbitrary web script or HTML via the application ‘Mail’. 2019-05-17 4.3 CVE-2019-5938
MISC
MISC
cybozu — garoon Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote attackers to inject arbitrary web script or HTML via the application ‘Portal’. 2019-05-17 4.3 CVE-2019-5939
MISC
MISC
cybozu — garoon Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote attackers to inject arbitrary web script or HTML via the application ‘Scheduler’. 2019-05-17 4.3 CVE-2019-5940
MISC
MISC
digitaldruid — hoteldruid HotelDruid 2.3.0 has XSS affecting the nsextt, cambia1, mese_fine, origine, and anno parameters in creaprezzi.php, tabella3.php, personalizza.php, and visualizza_tabelle.php. 2019-05-17 4.3 CVE-2019-8937
MISC
MISC
EXPLOIT-DB
dotcms — dotcms /servlets/ajax_file_upload?fieldName=binary3 in dotCMS 5.1.1 allows XSS and HTML Injection. 2019-05-14 4.3 CVE-2019-11846
MISC
ellucian — banner_enterprise_identity_services An improper authentication vulnerability can be exploited through a race condition that occurs in Ellucian Banner Web Tailor 8.8.3, 8.8.4, and 8.9 and Banner Enterprise Identity Services 8.3, 8.3.1, 8.3.2, and 8.4, in conjunction with SSO Manager. This vulnerability allows remote attackers to steal a victim’s session (and cause a denial of service) by repeatedly requesting the initial Banner Web Tailor main page with the IDMSESSID cookie set to the victim’s UDCID, which in the case tested is the institutional ID. During a login attempt by a victim, the attacker can leverage the race condition and will be issued the SESSID that was meant for this victim. 2019-05-14 6.8 CVE-2019-8978
MISC
FULLDISC
MISC
MISC
MISC
BUGTRAQ
eq-3 — ccu3_firmware Directory Traversal / Arbitrary File Read in eQ-3 AG Homematic CCU3 3.43.15 and earlier allows remote attackers to read arbitrary files of the device’s filesystem. This vulnerability can be exploited by unauthenticated attackers with access to the web interface. 2019-05-13 5.0 CVE-2019-9726
MISC
eq-3 — ccu3_firmware Unauthenticated password hash disclosure in the User.getUserPWD method in eQ-3 AG Homematic CCU3 3.43.15 and earlier allows remote attackers to retrieve the GUI password hashes of GUI users. This vulnerability can be exploited by unauthenticated attackers with access to the web interface. 2019-05-13 5.0 CVE-2019-9727
MISC
evernote — evernote Evernote 6.15 on Windows has an incorrectly repaired stored XSS vulnerability. An attacker can use this XSS issue to inject Node.js code under Present mode. After a victim opens an affected note under Present mode, the attacker can read the victim’s files and achieve remote execution command on the victim’s computer. 2019-05-13 4.3 CVE-2018-18524
MISC
MISC
fangfa — fdcms admin/Lib/Action/FpluginAction.class.php in FDCMS (aka Fangfa Content Manage System) 4.2 allows SQL Injection. 2019-05-16 5.0 CVE-2018-17048
MISC
MISC
MISC
foxitsoftware — foxit_reader A Local Privilege Escalation in libqcocoa.dylib in Foxit Reader 3.1.0.0111 on macOS has been discovered due to an incorrect permission set. 2019-05-13 4.6 CVE-2019-8342
MISC
gitlab — gitlab An Incorrect Access Control (issue 1 of 2) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. It allowed non-members of a private project/group to add and read labels. 2019-05-15 5.5 CVE-2019-10108
MISC
MISC
MISC
gitlab — gitlab An Information Exposure issue (issue 1 of 2) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. EXIF geolocation data were not removed from images when uploaded to GitLab. As a result, anyone with access to the uploaded image could obtain its geolocation, device, and software version data (if present). 2019-05-15 5.0 CVE-2019-10109
MISC
MISC
MISC
MISC
gitlab — gitlab An Insecure Permissions issue (issue 1 of 3) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. The “move issue” feature may allow a user to create projects under any namespace on any GitLab instance on which they hold credentials. 2019-05-15 4.0 CVE-2019-10110
MISC
MISC
MISC
gitlab — gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. The construction of the HMAC key was insecurely derived. 2019-05-16 5.0 CVE-2019-10112
MISC
MISC
MISC
gitlab — gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. Making concurrent GET /api/v4/projects/<id>/languages requests may allow Uncontrolled Resource Consumption. 2019-05-16 5.0 CVE-2019-10113
MISC
MISC
MISC
gitlab — gitlab An Information Exposure issue (issue 2 of 2) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. During the OAuth authentication process, the application attempts to validate a parameter in an insecure way, potentially exposing data. 2019-05-16 5.0 CVE-2019-10114
MISC
MISC
MISC
gitlab — gitlab An Insecure Permissions issue (issue 2 of 3) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. The GitLab Releases feature could allow guest users access to private information like release details and code information. 2019-05-16 4.0 CVE-2019-10115
MISC
MISC
MISC
gitlab — gitlab An Insecure Permissions issue (issue 3 of 3) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. Guests of a project were allowed to see Related Branches created for an issue. 2019-05-16 4.0 CVE-2019-10116
MISC
MISC
gitlab — gitlab An Open Redirect issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. A redirect is triggered after successful authentication within the Oauth/:GeoAuthController for the secondary Geo node. 2019-05-16 5.8 CVE-2019-10117
MISC
MISC
MISC
gitlab — gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.7.10, 11.8.x before 11.8.6, and 11.9.x before 11.9.4. A regex input validation issue for the .gitlab-ci.yml refs value allows Uncontrolled Resource Consumption. 2019-05-15 5.0 CVE-2019-10640
MISC
MISC
MISC
gitlab — gitlab An issue was discovered in GitLab Enterprise Edition before 11.7.11, 11.8.x before 11.8.7, and 11.9.x before 11.9.7. It allows Information Disclosure. 2019-05-10 4.0 CVE-2019-11000
BID
CONFIRM
MISC
gridea — gridea Gridea v0.8.0 has an XSS vulnerability through which the Nodejs module can be called to achieve arbitrary code execution, as demonstrated by child_process.exec and the “<img src=# onerror=’eval(new Buffer(” substring. 2019-05-13 4.3 CVE-2019-12047
MISC
harman — amx_mvp5150_firmware HARMAN AMX MVP5150 v2.87.13 devices allow remote OS Command Injection. 2019-05-15 6.5 CVE-2019-11224
MISC
MISC
harpjs — harp Information exposure through the directory listing in npm’s harp module allows to access files that are supposed to be ignored according to the harp server rules.Vulnerable versions are <= 0.29.0 and no fix was applied to our knowledge. 2019-05-10 5.0 CVE-2019-5437
MISC
harpjs — harp Path traversal using symlink in npm harp module versions <= 0.29.0. 2019-05-10 5.0 CVE-2019-5438
MISC
heimdal_project — heimdal In the client side of Heimdal before 7.6.0, failure to verify anonymous PKINIT PA-PKINIT-KX key exchange permits a man-in-the-middle attack. This issue is in krb5_init_creds_step in lib/krb5/init_creds_pw.c. 2019-05-15 5.8 CVE-2019-12098
CONFIRM
CONFIRM
MISC
MISC
ibm — cloud_app_management IBM Cloud App Management V2018.2.0, V2018.4.0, and V2018.4.1 could allow an attacker to obtain sensitive configuration information using a specially crafted HTTP request. IBM X-Force ID: 154283. 2019-05-10 5.0 CVE-2018-1990
BID
XF
CONFIRM
ipbrick — ipbrick_os An issue was discovered in the administrator interface in IPBRICK OS 6.3. The application doesn’t check for Anti-CSRF tokens, allowing the submission of multiple forms unwillingly by a victim. 2019-05-13 6.8 CVE-2018-16136
MISC
ipbrick — ipbrick_os An issue was discovered in the Web Management Console in IPBRICK OS 6.3. There are multiple SQL injections. 2019-05-13 6.5 CVE-2018-16137
MISC
kyocera — taskalfa_4002i_firmware DoBox_CstmBox_Info.model.htm on Kyocera TASKalfa 4002i and 6002i devices allows remote attackers to read the documents of arbitrary users via a modified HTTP request. 2019-05-14 5.0 CVE-2018-16656
MISC
lg — gamp-7100_firmware An issue was discovered on LG GAMP-7100, GAPM-7200, and GAPM-8000 routers. An unauthenticated user can read a log file via an HTTP request containing its full pathname, such as http://192.168.0.1/var/gapm7100_${today’s_date}.log for reading a filename such as gapm7100_190101.log. 2019-05-13 5.0 CVE-2019-7404
MISC
libnyoci_project — libnyoci coap_decode_option in coap.c in LibNyoci 0.07.00rc1 mishandles certain packets with “Uri-Path: (null)” and consequently allows remote attackers to cause a denial of service (segmentation fault). 2019-05-15 5.0 CVE-2019-12101
MISC
lifesize — icon_300_firmware A Remote Code Execution issue in the DNS Query Web UI in Lifesize Icon LS_RM3_3.7.0 (2421) allows remote authenticated attackers to execute arbitrary commands via a crafted DNS Query address field in a JSON API request. 2019-05-13 6.5 CVE-2019-3702
MISC
MISC
linux — linux_kernel In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. This is similar to CVE-2013-4343. 2019-05-17 4.9 CVE-2018-7191
MISC
MISC
MISC
MISC
MISC
MISC
MISC
macdown_project — macdown MacDown 0.7.1 allows directory traversal, for execution of arbitrary programs, via a file:/// or ../ substring in a shared note. 2019-05-16 4.6 CVE-2019-12138
MISC
metinfo — metinfo Metinfo 5.3.18 is affected by: Cross Site Request Forgery (CSRF). The impact is: Information Disclosure (remote). The component is: admin/interface/online/delete.php. The attack vector is: The administrator clicks on the malicious link in the login state. 2019-05-10 6.8 CVE-2017-12789
MISC
microsoft — .net_framework GetFile.aspx in Rapid4 RapidFlows Enterprise Application Builder 4.5M.23 (when used with .NET Framework 4.5) allows Local File Inclusion via the FileDesc parameter. 2019-05-14 4.0 CVE-2019-11397
MISC
MISC
microsoft — sharepoint_enterprise_server A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls, aka ‘Microsoft SharePoint Server Remote Code Execution Vulnerability’. 2019-05-16 6.0 CVE-2019-0952
MISC
microsoft — sharepoint_enterprise_server An information disclosure vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka ‘Microsoft SharePoint Server Information Disclosure Vulnerability’. 2019-05-16 4.0 CVE-2019-0956
MISC
microsoft — sharepoint_enterprise_server An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka ‘Microsoft SharePoint Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2019-0958. 2019-05-16 6.5 CVE-2019-0957
MISC
microsoft — sharepoint_foundation An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka ‘Microsoft SharePoint Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2019-0957. 2019-05-16 6.5 CVE-2019-0958
MISC
microsoft — windows_10 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka ‘Windows GDI Information Disclosure Vulnerability’. This CVE ID is unique from CVE-2019-0758, CVE-2019-0961. 2019-05-16 4.3 CVE-2019-0882
MISC
microstrategy — web_services An issue was discovered in MicroStrategy Web Services (the Microsoft Office plugin) before 10.4 Hotfix 7, and before 10.11. The vulnerability is unauthenticated and leads to access to the asset files with the MicroStrategy user privileges. (This includes the credentials to access the admin dashboard which may lead to RCE.) The path traversal is located in a SOAP request in the web service component. 2019-05-14 5.0 CVE-2018-6885
CONFIRM
miniupnp.free — miniupnpd The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd through 2.1 allows a remote attacker to leak information from the heap due to improper validation of an snprintf return value. 2019-05-15 5.0