CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
601 CVE-2019-14823 2019-10-14 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly verify the chain and could be vulnerable to attacks such as Man in the Middle.
602 CVE-2019-14832 2019-10-15 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found in the Keycloak REST API before version 8.0.0 where it would permit user access from a realm the user was not configured. An authenticated attacker with knowledge of a user id could use this flaw to access unauthorized information or to carry out further attacks.
603 CVE-2019-14838 2019-10-14 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server
604 CVE-2019-14845 Bypass 2019-10-08 2019-10-08
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability was found in OpenShift builds, versions 4.1 up to 4.3. Builds that extract source from a container image, bypass the TLS hostname verification. An attacker can take advantage of this flaw by launching a man-in-the-middle attack and injecting malicious content.
605 CVE-2019-14846 2019-10-08 2019-10-08
0.0
None ??? ??? ??? ??? ??? ???
Ansible, all ansible_engine-2.x versions and ansible_engine-3.x up to ansible_engine-3.5, was logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process.
606 CVE-2019-14858 2019-10-14 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argument_spec with sub parameters marked as no_log, passing an invalid parameter name to the module will cause the task to fail before the no_log options in the sub parameters are processed. As a result, data in the sub parameter fields will not be masked and will be displayed if Ansible is run with increased verbosity and present in the module invocation arguments for the task.
607 CVE-2019-15015 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
In the Zingbox Inspector, versions 1.294 and earlier, hardcoded credentials for root and inspector user accounts are present in the system software, which can result in unauthorized users gaining access to the system.
608 CVE-2019-15226 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
Upon receiving each incoming request header data, Envoy will iterate over existing request headers to verify that the total size of the headers stays below a maximum limit. The implementation in versions 1.10.0 through 1.11.1 for HTTP/1.x traffic and all versions of Envoy for HTTP/2 traffic had O(n^2) performance characteristics. A remote attacker may craft a request that stays below the maximum request header size but consists of many thousands of small headers to consume CPU and result in a denial-of-service attack.
609 CVE-2019-15231 Exec Code 2019-08-19 2019-08-21
0.0
None ??? ??? ??? ??? ??? ???
Webmin 1.890, in a default installation, contains a backdoor that allows an unauthenticated attacker to remotely execute commands. This CVE only refers to the backdoor that was enabled by default, and therefore is a separate CVE from CVE-2019-15107. NOTE: although the vendor's build infrastructure was compromised in 2018, the compromise is not known to affect any GitHub repository. Thus, the relatively uncommon case of an end user building their own copy of Webmin (from the 1.890 tag on GitHub) is thought to be safe.
610 CVE-2019-15715 Exec Code 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
MantisBT before 1.3.20 and 2.22.1 allows Post Authentication Command Injection, leading to Remote Code Execution.
611 CVE-2019-15719 Exec Code 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
Altair PBS Professional through 19.1.2 allows Privilege Escalation because an attacker can send a message directly to pbs_mom, which fails to properly authenticate the message. This results in code execution as an arbitrary user.
612 CVE-2019-15809 2019-10-03 2019-10-03
0.0
None ??? ??? ??? ??? ??? ???
Smart cards from the Athena SCS manufacturer, based on the Atmel Toolbox 00.03.11.05 and the AT90SC chip, contain a timing side channel in ECDSA signature generation. This allows a local attacker, able to measure the duration of hundreds to thousands of signing operations, to compute the private key used. The issue occurs because the Atmel Toolbox 00.03.11.05 contains two versions of ECDSA signature functions, described as fast and secure, but the affected cards chose to use the fast version, which leaks the bit length of the random nonce via timing. This affects Athena IDProtect 010b.0352.0005, Athena IDProtect 010e.1245.0002, Athena IDProtect 0106.0130.0401, Athena IDProtect 010e.1245.0002, Valid S/A IDflex V 010b.0352.0005, SafeNet eToken 4300 010e.1245.0002, TecSec Armored Card 010e.0264.0001, and TecSec Armored Card 108.0264.0001.
613 CVE-2019-16278 Exec Code Dir. Trav. 2019-10-14 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
Directory Traversal in the function http_verify in nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code execution via a crafted HTTP request.
614 CVE-2019-16279 DoS Dir. Trav. 2019-10-14 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
Directory Traversal in the function SSL_accept in nostromo nhttpd through 1.9.6 allows an attacker to trigger a denial of service via a crafted HTTP request.
615 CVE-2019-16282 XSS 2019-10-14 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
In NCH Express Invoice v7.12, persistent cross site scripting (XSS) exists via the Invoices/Items/Customers/Quotes input field. An authenticated unprivileged user can add/modify the Invoices/Items/Customers fields parameter to inject arbitrary JavaScript.
616 CVE-2019-16344 XSS 2019-10-14 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
A cross-site scripting (XSS) vulnerability in the login form (/ScadaBR/login.htm) in ScadaBR 1.0CE allows a remote attacker to inject arbitrary web script or HTML via the username or password parameter.
617 CVE-2019-16519 Exec Code 2019-10-14 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
ESET Cyber Security 6.7.900.0 for macOS allows a local attacker to execute unauthorized commands as root by abusing an undocumented feature in scheduled tasks.
618 CVE-2019-16905 Exec Code Overflow Mem. Corr. 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and remote code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.
619 CVE-2019-16929 2019-10-08 2019-10-08
0.0
None ??? ??? ??? ??? ??? ???
Auth0 auth0.net before 6.5.4 has Incorrect Access Control because IdentityTokenValidator can be accidentally used to validate untrusted ID tokens.
620 CVE-2019-17043 2019-10-14 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in BMC Patrol Agent 9.0.10i. Weak execution permissions on the best1collect.exe SUID binary could allow an attacker to elevate his/her privileges to the ones of the "patrol" user by specially crafting a shared library .so file that will be loaded during execution.
621 CVE-2019-17044 2019-10-14 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in BMC Patrol Agent 9.0.10i. Weak execution permissions on the PatrolAgent SUID binary could allow an attacker with "patrol" privileges to elevate his/her privileges to the ones of the "root" user by specially crafting a shared library .so file that will be loaded during execution.
622 CVE-2019-17059 Exec Code 2019-10-11 2019-10-11
0.0
None ??? ??? ??? ??? ??? ???
A shell injection vulnerability on the Sophos Cyberoam firewall appliance with CyberoamOS before 10.6.6 MR-6 allows remote attackers to execute arbitrary commands via the Web Admin and SSL VPN consoles.
623 CVE-2019-17091 XSS 2019-10-02 2019-10-02
0.0
None ??? ??? ??? ??? ??? ???
faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used in Mojarra for Eclipse EE4J before 2.3.10 and Mojarra JavaServer Faces before 2.2.20, allows Reflected XSS because a client window field is mishandled.
624 CVE-2019-17176 XSS 2019-10-11 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
Genesys PureEngage Digital (eServices) 8.1.x allows XSS via HtmlChatPanel.jsp or HtmlChatFrameSet.jsp (ActionColor, ClientNickNameColor, Email, email, or email_address parameter).
625 CVE-2019-17186 Exec Code 2019-10-08 2019-10-08
0.0
None ??? ??? ??? ??? ??? ???
/var/WEB-GUI/cgi-bin/telnet.cgi on FiberHome HG2201T 1.00.M5007_JS_201804 devices allows pre-authentication remote code execution.
626 CVE-2019-17195 Bypass 2019-10-15 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authentication bypass.
627 CVE-2019-17320 Exec Code Overflow 2019-10-10 2019-10-10
0.0
None ??? ??? ??? ??? ??? ???
NetSarang XFTP Client 6.0149 and earlier version contains a buffer overflow vulnerability caused by improper boundary checks when copying file name from an attacker controlled FTP server. That leads attacker to execute arbitrary code by sending a crafted filename.
628 CVE-2019-17355 2019-10-15 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
In the Orbitz application 19.31.1 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat.
629 CVE-2019-17356 2019-10-15 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
The Infinite Design application 3.4.12 for Android sends a username and password via TCP without any encryption during login, as demonstrated by sniffing of a public Wi-Fi network.
630 CVE-2019-17366 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
Citrix Application Delivery Management (ADM) 12.1 before build 54.13 has Incorrect Access Control.
631 CVE-2019-17369 CSRF 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
OTCMS v3.85 has CSRF in the admin/member_deal.php Admin Panel page, leading to creation of a new management group account, as demonstrated by superadmin.
632 CVE-2019-17372 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
Certain NETGEAR devices allow remote attackers to disable all authentication requirements by visiting genieDisableLanChanged.cgi. The attacker can then, for example, visit MNU_accessPassword_recovered.html to obtain a valid new admin password. This affects AC1450, D8500, DC112A, JNDR3000, LG2200D, R4500, R6200, R6200V2, R6250, R6300, R6300v2, R6400, R6700, R6900P, R6900, R7000P, R7000, R7100LG, R7300, R7900, R8000, R8300, R8500, WGR614v10, WN2500RPv2, WNDR3400v2, WNDR3700v3, WNDR4000, WNDR4500, WNDR4500v2, WNR1000, WNR1000v3, WNR3500L, and WNR3500L.
633 CVE-2019-17373 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
Certain NETGEAR devices allow unauthenticated access to critical .cgi and .htm pages via a substring ending with .jpg, such as by appending ?x=1.jpg to a URL. This affects MBR1515, MBR1516, DGN2200, DGN2200M, DGND3700, WNR2000v2, WNDR3300, WNDR3400, WNR3500, and WNR834Bv2.
634 CVE-2019-17382 Bypass 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in zabbix.php?action=dashboard.view&dashboardid=1 in Zabbix through 4.4. An attacker can bypass the login page and access the dashboard page, and then create a Dashboard, Report, Screen, or Map without any Username/Password (i.e., anonymously). All created elements (Dashboard/Report/Screen/Map) are accessible by other users and by an admin.
635 CVE-2019-17389 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
In RIOT 2019.07, the MQTT-SN implementation (asymcute) mishandles errors occurring during a read operation on a UDP socket. The receive loop ends. This allows an attacker (via a large packet) to prevent a RIOT MQTT-SN client from working until the device is restarted.
636 CVE-2019-17394 2019-10-15 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
In the Seesaw Parent and Family application 6.2.5 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat.
637 CVE-2019-17395 2019-10-15 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
In the Rapid Gator application 0.7.1 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat.
638 CVE-2019-17396 2019-10-15 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
In the PowerSchool Mobile application 1.1.8 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat.
639 CVE-2019-17398 2019-10-15 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
In the Dark Horse Comics application 1.3.21 for Android, token information (equivalent to the username and password) is stored in the log during authentication, and may be available to attackers via logcat.
640 CVE-2019-17408 Exec Code Bypass 2019-10-14 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
parserIfLabel in inc/zzz_template.php in ZZZCMS zzzphp 1.7.3 allows remote attackers to execute arbitrary code because the danger_key function can be bypassed via manipulations such as strtr.
641 CVE-2019-17414 DoS 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
tinylcy Vino through 2017-12-15 allows remote attackers to cause a denial of service ("vn_get_string error: Resource temporarily unavailable" error and daemon crash) via a long URL.
642 CVE-2019-17415 Exec Code Overflow 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
A Structured Exception Handler (SEH) based buffer overflow in File Sharing Wizard 1.5.0 26-8-2008 allows remote unauthenticated attackers to execute arbitrary code via the HTTP DELETE method, a similar issue to CVE-2019-16724 and CVE-2010-2331.
643 CVE-2019-17420 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_header signature to not alert on a response with a single \r\n ending.
644 CVE-2019-17426 Bypass 2019-10-09 2019-10-10
0.0
None ??? ??? ??? ??? ??? ???
Automattic Mongoose through 5.7.4 allows attackers to bypass access control (in some applications) because any query object with a _bsontype attribute is ignored. For example, adding "_bsontype":"a" can sometimes interfere with a query filter. NOTE: this CVE is about Mongoose's failure to work around this _bsontype special case that exists in older versions of the bson parser (aka the mongodb/js-bson project).
645 CVE-2019-17449 2019-10-10 2019-10-10
0.0
None ??? ??? ??? ??? ??? ???
Avira Software Updater before 2.0.6.21094 allows a DLL side-loading attack.
646 CVE-2019-17455 2019-10-10 2019-10-10
0.0
None ??? ??? ??? ??? ??? ???
Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request.
647 CVE-2019-17490 2019-10-10 2019-10-11
0.0
None ??? ??? ??? ??? ??? ???
app\modules\polygon\controllers\ProblemController in Jiangnan Online Judge (aka jnoj) 0.8.0 allows arbitrary file upload, as demonstrated by PHP code (with a .php filename but the image/png content type) to the web/polygon/problem/tests URI.
648 CVE-2019-17495 CSRF 2019-10-10 2019-10-11
0.0
None ??? ??? ??? ??? ??? ???
A Cascading Style Sheets (CSS) injection vulnerability in Swagger UI before 3.23.11 allows attackers to use the Relative Path Overwrite (RPO) technique to perform CSS-based input field value exfiltration, such as exfiltration of a CSRF token value. In other words, this product intentionally allows the embedding of untrusted JSON data from remote servers, but it was not previously known that <style>@import within the JSON data was a functional attack method.
649 CVE-2019-17497 2019-10-10 2019-10-11
0.0
None ??? ??? ??? ??? ??? ???
Tracker PDF-XChange Editor before 8.0.330.0 has an NTLM SSO hash theft vulnerability using crafted FDF or XFDF files (a related issue to CVE-2018-4993). For example, an NTLM hash is sent for a link to \\192.168.0.2\C$\file.pdf without user interaction.
650 CVE-2019-17499 Exec Code 2019-10-11 2019-10-11
0.0
None ??? ??? ??? ??? ??? ???
The setter.xml component of the Common Gateway Interface on Compal CH7465LG 6.12.18.25-2p4 devices does not properly validate ping command arguments, which allows remote authenticated users to execute OS commands as root via shell metacharacters in the Target_IP parameter.
Total number of vulnerabilities : 994   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 (This Page)14 15 16 17 18 19 20
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.