Security Vulnerabilities, CVEs, Published In December 2019 CVSS score >= 8
In Nagios XI 5.6.9, an authenticated user is able to execute arbitrary OS commands via shell metacharacters in the id parameter to schedulereport.php, in the context of the web-server user account.
Max CVSS
9.0
EPSS Score
0.76%
Published
2019-12-31
Updated
2020-01-07
An issue was discovered in libsixel 1.8.4. There is a heap-based buffer overflow in the function gif_out_code at fromgif.c.
Max CVSS
8.8
EPSS Score
0.30%
Published
2019-12-30
Updated
2020-01-07
An issue was discovered in libsixel 1.8.4. There is a heap-based buffer overflow in the function gif_init_frame at fromgif.c.
Max CVSS
8.8
EPSS Score
0.20%
Published
2019-12-30
Updated
2020-01-03
GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in GPMF_seekToSamples in GPMF-parse.c for the "matching tags" feature.
Max CVSS
8.8
EPSS Score
0.21%
Published
2019-12-30
Updated
2020-01-08
GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in GPMF_Next in GPMF_parser.c.
Max CVSS
8.8
EPSS Score
0.21%
Published
2019-12-30
Updated
2020-01-08
On Netis DL4323 devices, any user role can view sensitive information, such as a user password or the FTP password, via the form2saveConf.cgi page.
Max CVSS
8.8
EPSS Score
0.10%
Published
2019-12-30
Updated
2020-08-24
hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by mysofa2json.
Max CVSS
8.8
EPSS Score
0.17%
Published
2019-12-29
Updated
2020-01-08
An issue was discovered on Alcatel-Lucent OmniVista 4760 devices. A remote unauthenticated attacker can chain a directory traversal (which helps to bypass authentication) with an insecure file upload to achieve Remote Code Execution as SYSTEM. The directory traversal is in the __construct() whereas the insecure file upload is in SetSkinImages().
Max CVSS
10.0
EPSS Score
10.69%
Published
2019-12-27
Updated
2020-01-07
An issue was discovered on Alcatel-Lucent OmniVista 8770 devices before 4.1.2. An authenticated remote attacker, with elevated privileges in the Web Directory component on port 389, may upload a PHP file to achieve Remote Code Execution as SYSTEM.
Max CVSS
9.0
EPSS Score
22.28%
Published
2019-12-27
Updated
2020-01-07
wp_kses_bad_protocol in wp-includes/kses.php in WordPress before 5.3.1 mishandles the HTML5 colon named entity, allowing attackers to bypass input sanitization, as demonstrated by the javascript: substring.
Max CVSS
9.8
EPSS Score
0.87%
Published
2019-12-27
Updated
2022-11-23
An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c.
Max CVSS
8.8
EPSS Score
0.14%
Published
2019-12-27
Updated
2020-05-22
An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decode_R13_R2000 in decode.c.
Max CVSS
8.8
EPSS Score
0.27%
Published
2019-12-27
Updated
2020-05-22
An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolve_objectref_vector in decode.c.
Max CVSS
8.8
EPSS Score
0.27%
Published
2019-12-27
Updated
2020-05-22
A CSRF issue was discovered on Intelbras IWR 3000N 1.8.7 devices, leading to complete control of the router, as demonstrated by v1/system/user.
Max CVSS
9.3
EPSS Score
0.07%
Published
2019-12-26
Updated
2020-01-15
A flaw in the WordPress plugin, WP Maintenance before 5.0.6, allowed attackers to enable a vulnerable site's maintenance mode and inject malicious code affecting site visitors. There was CSRF with resultant XSS.
Max CVSS
8.8
EPSS Score
0.37%
Published
2019-12-26
Updated
2020-08-24
libESMTP through 1.0.6 mishandles domain copying into a fixed-size buffer in ntlm_build_type_2 in ntlm/ntlmstruct.c, as demonstrated by a stack-based buffer over-read.
Max CVSS
9.8
EPSS Score
0.99%
Published
2019-12-26
Updated
2020-01-03
In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c.
Max CVSS
9.1
EPSS Score
0.31%
Published
2019-12-24
Updated
2022-10-31
In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to ReadOneMNGImage.
Max CVSS
9.8
EPSS Score
0.47%
Published
2019-12-24
Updated
2020-01-02
In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c.
Max CVSS
9.8
EPSS Score
1.21%
Published
2019-12-24
Updated
2022-10-31
In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c.
Max CVSS
9.8
EPSS Score
0.71%
Published
2019-12-24
Updated
2022-10-31
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.
Max CVSS
9.1
EPSS Score
0.33%
Published
2019-12-24
Updated
2022-10-31
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.
Max CVSS
9.8
EPSS Score
0.93%
Published
2019-12-24
Updated
2022-10-31
In libIEC61850 1.4.0, MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c has a heap-based buffer overflow.
Max CVSS
8.8
EPSS Score
0.23%
Published
2019-12-23
Updated
2019-12-30
sa-exim 4.2.1 allows attackers to execute arbitrary code if they can write a .cf file or a rule. This occurs because Greylisting.pm relies on eval (rather than direct parsing and/or use of the taint feature). This issue is similar to CVE-2018-11805.
Max CVSS
9.0
EPSS Score
0.17%
Published
2019-12-22
Updated
2022-12-14
Versions of handlebars prior to 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Object's __proto__ and __defineGetter__ properties, which may allow an attacker to execute arbitrary code through crafted payloads.
Max CVSS
9.8
EPSS Score
0.92%
Published
2019-12-20
Updated
2022-06-03