CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 2 and 2.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-1020014 415 2019-07-29 2019-08-19
2.1
None Local Low Not required Partial None None
docker-credential-helpers before 0.6.3 has a double free in the List functions.
2 CVE-2019-1010208 119 Exec Code Overflow 2019-07-23 2019-08-05
2.1
None Local Low Not required Partial None None
IDRIX, Truecrypt Veracrypt, Truecrypt Prior to 1.23-Hotfix-1 (Veracrypt), all versions (Truecrypt) is affected by: Buffer Overflow. The impact is: Minor information disclosure of kernel stack. The component is: Veracrypt NT Driver (veracrypt.sys). The attack vector is: Locally executed code, IOCTL request to driver. The fixed version is: 1.23-Hotfix-1.
3 CVE-2019-1003048 255 2019-03-28 2019-10-09
2.1
None Local Low Not required Partial None None
A vulnerability in Jenkins PRQA Plugin 3.1.0 and earlier allows attackers with local file system access to the Jenkins home directory to obtain the unencrypted password from the plugin configuration.
4 CVE-2019-1003044 352 CSRF 2019-03-28 2019-10-09
2.1
None Remote High Single system Partial None None
A cross-site request forgery vulnerability in Jenkins Slack Notification Plugin 2.19 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
5 CVE-2019-1003017 352 2019-02-06 2019-10-09
2.6
None Remote High Not required None Partial None
A data modification vulnerability exists in Jenkins Job Import Plugin 3.0 and earlier in JobImportAction.java that allows attackers to copy jobs from a preconfigured other Jenkins instance, potentially installing additional plugins necessary to load the imported job's configuration.
6 CVE-2019-17401 125 2019-10-09 2019-10-11
2.1
None Local Low Not required None None Partial
** DISPUTED ** libyal liblnk 20191006 has a heap-based buffer over-read in the network_share_name_offset>20 code block of liblnk_location_information_read_data in liblnk_location_information.c, a different issue than CVE-2019-17264. NOTE: the vendor has disputed this as described in the GitHub issue.
7 CVE-2019-17263 125 2019-10-06 2019-10-14
2.1
None Local Low Not required None None Partial
** DISPUTED ** In libyal libfwsi before 20191006, libfwsi_extension_block_copy_from_byte_stream in libfwsi_extension_block.c has a heap-based buffer over-read because rejection of an unsupported size only considers values less than 6, even though values of 6 and 7 are also unsupported. NOTE: the vendor has disputed this as described in the GitHub issue.
8 CVE-2019-17056 276 2019-10-01 2019-10-08
2.1
None Local Low Not required None Partial None
llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.
9 CVE-2019-17055 20 2019-10-01 2019-10-08
2.1
None Local Low Not required None Partial None
base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.
10 CVE-2019-17054 276 2019-10-01 2019-10-08
2.1
None Local Low Not required None Partial None
atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c.
11 CVE-2019-17053 276 2019-10-01 2019-10-08
2.1
None Local Low Not required None Partial None
ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7.
12 CVE-2019-17052 276 2019-10-01 2019-10-08
2.1
None Local Low Not required None Partial None
ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768.
13 CVE-2019-16910 200 +Info 2019-09-26 2019-10-03
2.6
None Remote High Not required Partial None None
Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might allow an attacker to recover a private key via side-channel attacks if a victim signs the same message many times. (For Mbed TLS, the fix is also available in versions 2.7.12 and 2.16.3.)
14 CVE-2019-16681 79 XSS 2019-09-21 2019-09-24
2.6
None Remote High Not required None Partial None
The Traveloka application 3.14.0 for Android exports com.traveloka.android.activity.common.WebViewActivity, leading to the opening of arbitrary URLs, which can inject deceptive content into the UI. (When in physical possession of the device, opening local files is also possible.) NOTE: As of 2019-09-23, the vendor has not agreed that this issue has serious impact. The vendor states that the issue is not critical because it does not allow Elevation of Privilege, Sensitive Data Leakage, or any critical unauthorized activity from a malicious user. The vendor also states that a victim must first install a malicious APK to their application.
15 CVE-2019-16355 276 2019-09-16 2019-09-17
2.1
None Local Low Not required Partial None None
The File Session Manager in Beego 1.10.0 allows local users to read session files because of weak permissions for individual files.
16 CVE-2019-15718 284 2019-09-04 2019-09-19
2.1
None Local Low Not required None Partial None
In systemd 240, bus_open_system_watch_bind_with_description in shared/bus-util.c (as used by systemd-resolved to connect to the system D-Bus instance), calls sd_bus_set_trusted, which disables access controls for incoming D-Bus messages. An unprivileged user can exploit this by executing D-Bus methods that should be restricted to privileged users, in order to change the system's DNS resolver settings.
17 CVE-2019-15716 275 2019-08-28 2019-09-04
2.1
None Local Low Not required Partial None None
WTF before 0.19.0 does not set the permissions of config.yml, which might make it easier for local attackers to read passwords or API keys if the permissions were misconfigured or were based on unsafe OS defaults.
18 CVE-2019-14939 200 +Info 2019-08-11 2019-08-22
2.1
None Local Low Not required Partial None None
An issue was discovered in the mysql (aka mysqljs) module 2.17.1 for Node.js. The LOAD DATA LOCAL INFILE option is open by default.
19 CVE-2019-14826 613 2019-09-17 2019-10-09
2.1
None Local Low Not required Partial None None
A flaw was found in FreeIPA versions 4.5.0 and later. Session cookies were retained in the cache after logout. An attacker could abuse this flaw if they obtain previously valid session cookies and can use this to gain access to the session.
20 CVE-2019-14783 264 2019-08-08 2019-09-25
2.1
None Local Low Not required None Partial None
On Samsung mobile devices with N(7.x), and O(8.x), P(9.0) software, FotaAgent allows a malicious application to create privileged files. The Samsung ID is SVE-2019-14764.
21 CVE-2019-14671 200 +Info 2019-08-05 2019-08-09
2.1
None Local Low Not required Partial None None
Firefly III 4.7.17.3 is vulnerable to local file enumeration. An attacker can enumerate local files due to the lack of protocol scheme sanitization, such as for file:/// URLs. This is related to fints_url to import/job/configuration, and import/create/fints.
22 CVE-2019-14414 20 2019-07-30 2019-07-30
2.1
None Local Low Not required None Partial None
In cPanel before 78.0.2, a Userdata cache temporary file can conflict with domains (SEC-478).
23 CVE-2019-14412 134 2019-07-30 2019-07-30
2.1
None Local Low Not required None Partial None
Maketext in cPanel before 78.0.2 allows format-string injection in the DCV check_domains_via_dns UAPI (SEC-474).
24 CVE-2019-14410 134 2019-07-30 2019-07-30
2.1
None Local Low Not required None Partial None
Maketext in cPanel before 78.0.2 allows format-string injection in the Email store_filter UAPI (SEC-472).
25 CVE-2019-14409 200 +Info 2019-07-30 2019-07-30
2.1
None Local Low Not required Partial None None
cPanel before 78.0.2 allows arbitrary file-read operations via Passenger adminbin (SEC-466).
26 CVE-2019-14402 20 2019-07-30 2019-07-30
2.1
None Local Low Not required None Partial None
cPanel before 78.0.18 unsafely determines terminal capabilities by using infocmp (SEC-481).
27 CVE-2019-14396 20 2019-07-30 2019-07-31
2.1
None Local Low Not required None Partial None
API Analytics adminbin in cPanel before 80.0.5 allows spoofed insertions of log data (SEC-495).
28 CVE-2019-14395 200 +Info 2019-07-30 2019-07-31
2.1
None Local Low Not required Partial None None
cPanel before 80.0.5 uses world-readable permissions for the Queueprocd log (SEC-494).
29 CVE-2019-14394 200 +Info 2019-07-30 2019-07-31
2.1
None Local Low Not required Partial None None
cPanel before 80.0.5 allows unsafe file operations in the context of the root account via the fetch_ssl_certificates_for_fqdns API (SEC-489).
30 CVE-2019-14391 264 2019-07-30 2019-07-30
2.1
None Local Low Not required None Partial None
cPanel before 82.0.2 does not properly enforce Reseller package creation ACLs (SEC-514).
31 CVE-2019-14389 255 2019-07-30 2019-07-30
2.1
None Local Low Not required Partial None None
cPanel before 82.0.2 allows local users to discover the MySQL root password (SEC-510).
32 CVE-2019-14359 200 +Info 2019-08-12 2019-08-21
2.1
None Local Low Not required Partial None None
** DISPUTED ** On BC Vault devices, a side channel for the row-based SSD1309 OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might be able to leverage this behavior to recover a data value. In other words, the side channel is relevant only if the attacker has enough control over the device's USB connection to make power-consumption measurements at a time when secret data is displayed. The side channel is not relevant in other circumstances, such as a stolen device that is not currently displaying secret data. NOTE: the vendor's position is that there is no security impact: the only potentially leaked information is the number of characters in the PIN.
33 CVE-2019-14337 264 2019-08-01 2019-08-09
2.1
None Local Low Not required Partial None None
An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is an ability to escape to a shell in the restricted command line interface, as demonstrated by the `/bin/sh -c wget` sequence.
34 CVE-2019-14336 20 2019-08-01 2019-08-09
2.1
None Local Low Not required Partial None None
An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is post-authenticated dump of all of the config files through a certain admin.cgi?action= insecure HTTP request.
35 CVE-2019-14334 295 2019-08-01 2019-08-05
2.1
None Local Low Not required Partial None None
An issue was discovered on D-Link 6600-AP, DWL-3600AP, and DWL-8610AP Ax 4.2.0.14 21/03/2019 devices. There is post-authenticated Certificate and RSA Private Key extraction through an insecure sslcert-get.cgi HTTP command.
36 CVE-2019-14284 369 DoS 2019-07-26 2019-08-11
2.1
None Local Low Not required None None Partial
In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make F_SECT_PER_TRACK be zero. Next, the floppy format operation should be called. It can be triggered by an unprivileged local user even when a floppy disk has not been inserted. NOTE: QEMU creates the floppy device by default.
37 CVE-2019-13528 287 +Priv 2019-09-24 2019-10-09
2.1
None Local Low Not required Partial None None
A specific utility may allow an attacker to gain read access to privileged files in the Niagara AX 3.8u4 (JACE 3e, JACE 6e, JACE 7, JACE-8000), Niagara 4.4u3 (JACE 3e, JACE 6e, JACE 7, JACE-8000), and Niagara 4.7u1 (JACE-8000, Edge 10).
38 CVE-2019-13314 255 2019-07-05 2019-07-18
2.1
None Local Low Not required Partial None None
virt-bootstrap 1.1.0 allows local users to discover a root password by listing a process, because this password may be present in the --root-password option to virt_bootstrap.py.
39 CVE-2019-13313 255 2019-07-05 2019-07-18
2.1
None Local Low Not required Partial None None
libosinfo 1.5.0 allows local users to discover credentials by listing a process, because credentials are passed to osinfo-install-script via the command line.
40 CVE-2019-12943 640 2019-09-10 2019-09-12
2.6
None Remote High Not required Partial None None
TTLock devices do not properly restrict password-reset attempts, leading to incorrect access control and disclosure of sensitive information about valid account names.
41 CVE-2019-12919 200 +Info 2019-06-20 2019-06-27
2.1
None Local Low Not required Partial None None
On Shenzhen Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4 devices, an attacker on the local network has unauthenticated access to the internal SD card via the HTTP service on port 8000. The HTTP web server on the camera allows anyone to view or download the video archive recorded and saved on the external memory card attached to the device.
42 CVE-2019-12913 254 2019-07-17 2019-07-19
2.1
None Local Low Not required Partial None None
Redbrick Shift through 3.4.3 allows an attacker to extract emails of services (such as Gmail, Outlook, etc.) used in the application.
43 CVE-2019-12912 426 2019-07-17 2019-07-19
2.1
None Local Low Not required Partial None None
Redbrick Shift through 3.4.3 allows an attacker to extract emails of services (such as Gmail, Outlook, etc.) used in the application.
44 CVE-2019-12819 416 DoS 2019-06-13 2019-06-18
2.1
None Local Low Not required None None Partial
An issue was discovered in the Linux kernel before 5.0. The function __mdiobus_register() in drivers/net/phy/mdio_bus.c calls put_device(), which will trigger a fixed_mdio_bus_init use-after-free. This will cause a denial of service.
45 CVE-2019-12755 200 +Info 2019-09-17 2019-09-18
2.1
None Local Low Not required Partial None None
Norton Password Manager, prior to 6.5.0.2104, may be susceptible to an information disclosure issue, which is a type of vulnerability whereby there is an unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.
46 CVE-2019-12732 79 XSS 2019-06-06 2019-07-16
2.6
None Remote High Not required None Partial None
The Chartkick gem through 3.1.0 for Ruby allows XSS.
47 CVE-2019-12477 22 Dir. Trav. File Inclusion 2019-06-07 2019-06-11
2.1
None Local Low Not required None Partial None
Supra Smart Cloud TV allows remote file inclusion in the openLiveURL function, which allows a local attacker to broadcast fake video without any authentication via a /remote/media_control?action=setUri&uri= URI.
48 CVE-2019-12380 388 2019-05-27 2019-10-10
2.1
None Local Low Not required None None Partial
**DISPUTED** An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. phys_efi_set_virtual_address_map in arch/x86/platform/efi/efi.c and efi_call_phys_prolog in arch/x86/platform/efi/efi_64.c mishandle memory allocation failures. NOTE: This id is disputed as not being an issue because ?All the code touched by the referenced commit runs only at boot, before any user processes are started. Therefore, there is no possibility for an unprivileged user to control it.?.
49 CVE-2019-11894 284 2019-05-29 2019-10-09
2.9
None Local Network Medium Not required Partial None None
A potential improper access control vulnerability exists in the backup mechanism of the Bosch Smart Home Controller (SHC) before 9.8.905 that may result in unauthorized download of a backup. In order to exploit the vulnerability, the adversary needs to download the backup directly after a backup triggered by a legitimate user has been completed.
50 CVE-2019-11885 255 2019-05-12 2019-05-16
2.1
None Local Low Not required Partial None None
eyeDisk implements the unlock feature by sending a cleartext password. The password can be discovered by sniffing USB traffic or by sending a 06 05 52 41 01 b0 00 00 00 00 00 00 SCSI command.
Total number of vulnerabilities : 4868   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.