CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In January 2019

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-1003004 613 2019-01-22 2019-10-09
6.5
None Remote Low Single system Partial Partial Partial
An improper authorization vulnerability exists in Jenkins 2.158 and earlier, LTS 2.150.1 and earlier in core/src/main/java/hudson/security/AuthenticationProcessingFilter2.java that allows attackers to extend the duration of active HTTP sessions indefinitely even though the user account may have been deleted in the mean time.
2 CVE-2019-1003003 613 2019-01-22 2019-10-09
6.5
None Remote Low Single system Partial Partial Partial
An improper authorization vulnerability exists in Jenkins 2.158 and earlier, LTS 2.150.1 and earlier in core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java that allows attackers with Overall/RunScripts permission to craft Remember Me cookies that would never expire, allowing e.g. to persist access to temporarily compromised user accounts.
3 CVE-2019-1003002 254 Exec Code Bypass 2019-01-22 2019-10-09
6.5
None Remote Low Single system Partial Partial Partial
A sandbox bypass vulnerability exists in Pipeline: Declarative Plugin 1.3.3 and earlier in pipeline-model-definition/src/main/groovy/org/jenkinsci/plugins/pipeline/modeldefinition/parser/Converter.groovy that allows attackers with Overall/Read permission to provide a pipeline script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.
4 CVE-2019-1003001 254 Exec Code Bypass 2019-01-22 2019-10-09
6.5
None Remote Low Single system Partial Partial Partial
A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.61 and earlier in src/main/java/org/jenkinsci/plugins/workflow/cps/CpsFlowDefinition.java, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShellFactory.java that allows attackers with Overall/Read permission to provide a pipeline script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.
5 CVE-2019-1003000 254 Exec Code Bypass 2019-01-22 2019-05-17
6.5
None Remote Low Single system Partial Partial Partial
A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the Jenkins master JVM.
6 CVE-2019-7150 125 2019-01-28 2019-06-10
4.3
None Remote Medium Not required None None Partial
An issue was discovered in elfutils 0.175. A segmentation fault can occur in the function elf64_xlatetom in libelf/elf32_xlatetom.c, due to dwfl_segment_report_module not checking whether the dyn data read from a core file is truncated. A crafted input can cause a program crash, leading to denial-of-service, as demonstrated by eu-stack.
7 CVE-2019-7149 125 2019-01-28 2019-06-10
4.3
None Remote Medium Not required None None Partial
A heap-based buffer over-read was discovered in the function read_srclines in dwarf_getsrclines.c in libdw in elfutils 0.175. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by eu-nm.
8 CVE-2019-7148 119 Overflow 2019-01-28 2019-03-28
4.3
None Remote Medium Not required None None Partial
**DISPUTED** An attempted excessive memory allocation was discovered in the function read_long_names in elf_begin.c in libelf in elfutils 0.174. Remote attackers could leverage this vulnerability to cause a denial-of-service via crafted elf input, which leads to an out-of-memory exception. NOTE: The maintainers believe this is not a real issue, but instead a "warning caused by ASAN because the allocation is big. By setting ASAN_OPTIONS=allocator_may_return_null=1 and running the reproducer, nothing happens."
9 CVE-2019-6978 415 2019-01-28 2019-04-04
7.5
None Remote Low Not required Partial Partial Partial
The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is unaffected.
10 CVE-2019-6977 119 Overflow 2019-01-26 2019-04-10
6.8
None Remote Medium Not required Partial Partial Partial
gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger imagecolormatch calls with crafted image data.
11 CVE-2019-6976 200 +Info 2019-01-26 2019-04-26
5.0
None Remote Low Not required Partial None None
libvips before 8.7.4 generates output images from uninitialized memory locations when processing corrupted input image data because iofuncs/memory.c does not zero out allocated memory. This can result in leaking raw process memory contents through the output image.
12 CVE-2019-6956 125 2019-01-25 2019-08-28
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. It is a buffer over-read in ps_mix_phase in libfaad/ps_dec.c.
13 CVE-2019-6780 2019-01-24 2019-01-24
0.0
None ??? ??? ??? ??? ??? ???
The Wise Chat plugin before 2.7 for WordPress mishandles external links because rendering/filters/post/WiseChatLinksPostFilter.php omits noopener and noreferrer.
14 CVE-2019-6779 CSRF 2019-01-24 2019-01-24
0.0
None ??? ??? ??? ??? ??? ???
Cscms 4.1.8 allows admin.php/links/save CSRF to add, modify, or delete friend links.
15 CVE-2019-6777 79 XSS 2019-01-24 2019-01-24
4.3
None Remote Medium Not required None Partial None
An issue was discovered in ZoneMinder v1.32.3. Reflected XSS exists in web/skins/classic/views/plugin.php via the zm/index.php?view=plugin pl parameter.
16 CVE-2019-6719 2019-01-23 2019-01-23
0.0
None ??? ??? ??? ??? ??? ???
An issue has been found in libIEC61850 v1.3.1. There is a use-after-free in the getState function in mms/iso_server/iso_server.c, as demonstrated by examples/server_example_goose/server_example_goose.c and examples/server_example_61400_25/server_example_61400_25.c.
17 CVE-2019-6713 94 Exec Code 2019-01-23 2019-04-12
7.5
None Remote Low Not required Partial Partial Partial
app\admin\controller\RouteController.php in ThinkCMF 5.0.190111 allows remote attackers to execute arbitrary PHP code by using vectors involving portal/List/index and list/:id to inject this code into data\conf\route.php, as demonstrated by a file_put_contents call.
18 CVE-2019-6708 94 Sql 2019-01-23 2019-01-24
6.5
None Remote Low Single system Partial Partial Partial
PHPSHE 1.7 has SQL injection via the admin.php?mod=order state parameter.
19 CVE-2019-6707 94 Sql 2019-01-23 2019-01-24
6.5
None Remote Low Single system Partial Partial Partial
PHPSHE 1.7 has SQL injection via the admin.php?mod=product&act=state product_id[] parameter.
20 CVE-2019-6706 416 2019-01-23 2019-04-22
5.0
None Remote Low Not required None None Partial
Lua 5.3.5 has a use-after-free in lua_upvaluejoin in lapi.c. For example, a crash outcome might be achieved by an attacker who is able to trigger a debug.upvaluejoin call in which the arguments have certain relationships.
21 CVE-2019-6691 Sql 2019-01-23 2019-01-23
0.0
None ??? ??? ??? ??? ??? ???
phpwind 9.0.2.170426 UTF8 allows SQL Injection via the admin.php?m=backup&c=backup&a=doback tabledb[] parameter, related to the "--backup database" option.
22 CVE-2019-6510 352 CSRF 2019-01-22 2019-01-23
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in creditease-sec insight through 2018-09-11. user_delete in srcpm/app/admin/views.py allows CSRF.
23 CVE-2019-6509 352 CSRF 2019-01-22 2019-01-23
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in creditease-sec insight through 2018-09-11. depart_delete in srcpm/app/admin/views.py allows CSRF.
24 CVE-2019-6508 352 CSRF 2019-01-22 2019-01-23
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in creditease-sec insight through 2018-09-11. role_perm_delete in srcpm/app/admin/views.py allows CSRF.
25 CVE-2019-6507 352 CSRF 2019-01-22 2019-01-23
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in creditease-sec insight through 2018-09-11. login_user_delete in srcpm/app/admin/views.py allows CSRF.
26 CVE-2019-6503 Exec Code 2019-01-22 2019-01-22
0.0
None ??? ??? ??? ??? ??? ???
There is a deserialization vulnerability in Chatopera cosin v3.10.0. An attacker can execute commands during server-side deserialization by uploading maliciously constructed files. This is related to the TemplateController.java impsave method and the MainUtils toObject method.
27 CVE-2019-6502 399 2019-01-22 2019-04-11
5.0
None Remote Low Not required None None Partial
sc_context_create in ctx.c in libopensc in OpenSC 0.19.0 has a memory leak, as demonstrated by a call from eidenv.
28 CVE-2019-6500 Dir. Trav. 2019-01-21 2019-01-21
0.0
None ??? ??? ??? ??? ??? ???
In Axway File Transfer Direct 2.7.1, an unauthenticated Directory Traversal vulnerability can be exploited by issuing a specially crafted HTTP GET request with %2e instead of '.' characters, as demonstrated by an initial /h2hdocumentation//%2e%2e/ substring.
29 CVE-2019-6499 2019-01-21 2019-01-21
0.0
None ??? ??? ??? ??? ??? ???
Teradata Viewpoint before 14.0 and 16.20.00.02-b80 contains a hardcoded password of TDv1i2e3w4 for the viewpoint database account (in viewpoint-portal\conf\server.xml) that could potentially be exploited by malicious users to compromise the affected system.
30 CVE-2019-6498 119 Overflow 2019-01-21 2019-01-22
5.8
None Local Network Low Not required Partial Partial Partial
GattLib 0.2 has a stack-based buffer over-read in gattlib_connect in dbus/gattlib.c because strncpy is misused.
31 CVE-2019-6497 89 Sql 2019-01-20 2019-01-23
7.5
None Remote Low Not required Partial Partial Partial
Hotels_Server through 2018-11-05 has SQL Injection via the controller/fetchpwd.php username parameter.
32 CVE-2019-6496 DoS Exec Code Overflow 2019-01-20 2019-01-20
0.0
None ??? ??? ??? ??? ??? ???
The ThreadX-based firmware on Marvell Avastar Wi-Fi devices allows remote attackers to execute arbitrary code or cause a denial of service (block pool overflow) via malformed Wi-Fi packets during identification of available Wi-Fi networks. Exploitation of the Wi-Fi device can lead to exploitation of the host application processor in some cases, but this depends on several factors including host OS hardening and the availability of DMA.
33 CVE-2019-6488 2019-01-18 2019-01-23
0.0
None ??? ??? ??? ??? ??? ???
The string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which can lead to a segmentation fault or possibly unspecified other impact, as demonstrated by a crash in __memmove_avx_unaligned_erms in sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S during a memcpy.
34 CVE-2019-6487 Exec Code 2019-01-18 2019-01-18
0.0
None ??? ??? ??? ??? ??? ???
TP-Link WDR Series devices through firmware v3 (such as TL-WDR5620 V3.0) are affected by command injection (after login) leading to remote code execution, because shell metacharacters can be included in the weather get_weather_observe citycode field.
35 CVE-2019-6486 400 DoS 2019-01-24 2019-06-03
6.4
None Remote Low Not required Partial None Partial
Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 elliptic curves, which allows attackers to cause a denial of service (CPU consumption) or possibly conduct ECDH private key recovery attacks.
36 CVE-2019-6462 400 2019-01-16 2019-01-18
4.3
None Remote Medium Not required None None Partial
An issue was discovered in cairo 1.16.0. There is an infinite loop in the function _arc_error_normalized in the file cairo-arc.c, related to _arc_max_angle_for_tolerance_normalized.
37 CVE-2019-6461 20 2019-01-16 2019-01-18
4.3
None Remote Medium Not required None None Partial
An issue was discovered in cairo 1.16.0. There is an assertion problem in the function _cairo_arc_in_direction in the file cairo-arc.c.
38 CVE-2019-6460 476 2019-01-16 2019-01-17
4.3
None Remote Medium Not required None None Partial
An issue was discovered in GNU Recutils 1.8. There is a NULL pointer dereference in the function rec_field_set_name() in the file rec-field.c in librec.a.
39 CVE-2019-6459 399 2019-01-16 2019-01-17
4.3
None Remote Medium Not required None None Partial
An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_extract_type in rec-utils.c in librec.a.
40 CVE-2019-6458 399 2019-01-16 2019-01-17
4.3
None Remote Medium Not required None None Partial
An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_buf_new in rec-buf.c when called from rec_parse_rset in rec-parser.c in librec.a.
41 CVE-2019-6457 399 2019-01-16 2019-01-17
4.3
None Remote Medium Not required None None Partial
An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_aggregate_reg_new in rec-aggregate.c in librec.a.
42 CVE-2019-6456 476 2019-01-16 2019-01-17
4.3
None Remote Medium Not required None None Partial
An issue was discovered in GNU Recutils 1.8. There is a NULL pointer dereference in the function rec_fex_size() in the file rec-fex.c of librec.a.
43 CVE-2019-6455 415 2019-01-16 2019-01-17
4.3
None Remote Medium Not required None None Partial
An issue was discovered in GNU Recutils 1.8. There is a double-free problem in the function rec_mset_elem_destroy() in the file rec-mset.c.
44 CVE-2019-6447 2019-01-16 2019-01-16
0.0
None ??? ??? ??? ??? ??? ???
The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network. This TCP port remains open after the ES application has been launched once, and responds to unauthenticated application/json data over HTTP.
45 CVE-2019-6446 502 Exec Code 2019-01-16 2019-09-30
7.5
None Remote Low Not required Partial Partial Partial
** DISPUTED ** An issue was discovered in NumPy 1.16.0 and earlier. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call. NOTE: third parties dispute this issue because it is a behavior that might have legitimate applications in (for example) loading serialized Python object arrays from trusted and authenticated sources.
46 CVE-2019-6445 476 2019-01-16 2019-01-22
4.0
None Remote Low Single system None None Partial
An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntp_control.c, related to ctl_getitem.
47 CVE-2019-6444 125 2019-01-16 2019-01-22
6.4
None Remote Low Not required Partial None Partial
An issue was discovered in NTPsec before 1.1.3. process_control() in ntp_control.c has a stack-based buffer over-read because attacker-controlled data is dereferenced by ntohl() in ntpd.
48 CVE-2019-6443 125 2019-01-16 2019-01-22
6.4
None Remote Low Not required Partial None Partial
An issue was discovered in NTPsec before 1.1.3. Because of a bug in ctl_getitem, there is a stack-based buffer over-read in read_sysvars in ntp_control.c in ntpd.
49 CVE-2019-6442 787 2019-01-16 2019-01-22
4.0
None Remote Low Single system None None Partial
An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can write one byte out of bounds in ntpd via a malformed config request, related to config_remotely in ntp_config.c, yyparse in ntp_parser.tab.c, and yyerror in ntp_parser.y.
50 CVE-2019-6440 2019-01-15 2019-01-15
0.0
None ??? ??? ??? ??? ??? ???
Zemana AntiMalware before 3.0.658 Beta mishandles update logic.
Total number of vulnerabilities : 1137   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.