CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
51 CVE-2019-17503 2019-10-11 2019-10-11
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. An unauthenticated user can access /osm/REGISTER.cmd (aka /osm_tiles/REGISTER.cmd) directly: it contains sensitive information about the database through the SQL queries within this batch file. This file exposes SQL database information such as database version, table name, column name, etc.
52 CVE-2019-17502 2019-10-12 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
Hydra through 0.1.8 has a NULL pointer dereference and daemon crash when processing POST requests that lack a Content-Length header. read.c, request.c, and util.c contribute to this. The process_header_end() function calls boa_atoi(), which ultimately calls atoi() on a NULL pointer.
53 CVE-2019-17501 Exec Code 2019-10-13 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
Centreon 19.04 allows attackers to execute arbitrary OS commands via the Command Line field of main.php?p=60807&type=4 (aka the Configuration > Commands > Discovery screen).
54 CVE-2019-17499 Exec Code 2019-10-11 2019-10-11
0.0
None ??? ??? ??? ??? ??? ???
The setter.xml component of the Common Gateway Interface on Compal CH7465LG 6.12.18.25-2p4 devices does not properly validate ping command arguments, which allows remote authenticated users to execute OS commands as root via shell metacharacters in the Target_IP parameter.
55 CVE-2019-17497 2019-10-10 2019-10-11
0.0
None ??? ??? ??? ??? ??? ???
Tracker PDF-XChange Editor before 8.0.330.0 has an NTLM SSO hash theft vulnerability using crafted FDF or XFDF files (a related issue to CVE-2018-4993). For example, an NTLM hash is sent for a link to \\192.168.0.2\C$\file.pdf without user interaction.
56 CVE-2019-17495 CSRF 2019-10-10 2019-10-11
0.0
None ??? ??? ??? ??? ??? ???
A Cascading Style Sheets (CSS) injection vulnerability in Swagger UI before 3.23.11 allows attackers to use the Relative Path Overwrite (RPO) technique to perform CSS-based input field value exfiltration, such as exfiltration of a CSRF token value. In other words, this product intentionally allows the embedding of untrusted JSON data from remote servers, but it was not previously known that <style>@import within the JSON data was a functional attack method.
57 CVE-2019-17490 2019-10-10 2019-10-11
0.0
None ??? ??? ??? ??? ??? ???
app\modules\polygon\controllers\ProblemController in Jiangnan Online Judge (aka jnoj) 0.8.0 allows arbitrary file upload, as demonstrated by PHP code (with a .php filename but the image/png content type) to the web/polygon/problem/tests URI.
58 CVE-2019-17455 2019-10-10 2019-10-10
0.0
None ??? ??? ??? ??? ??? ???
Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request.
59 CVE-2019-17449 2019-10-10 2019-10-10
0.0
None ??? ??? ??? ??? ??? ???
Avira Software Updater before 2.0.6.21094 allows a DLL side-loading attack.
60 CVE-2019-17426 Bypass 2019-10-09 2019-10-10
0.0
None ??? ??? ??? ??? ??? ???
Automattic Mongoose through 5.7.4 allows attackers to bypass access control (in some applications) because any query object with a _bsontype attribute is ignored. For example, adding "_bsontype":"a" can sometimes interfere with a query filter. NOTE: this CVE is about Mongoose's failure to work around this _bsontype special case that exists in older versions of the bson parser (aka the mongodb/js-bson project).
61 CVE-2019-17420 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_header signature to not alert on a response with a single \r\n ending.
62 CVE-2019-17415 Exec Code Overflow 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
A Structured Exception Handler (SEH) based buffer overflow in File Sharing Wizard 1.5.0 26-8-2008 allows remote unauthenticated attackers to execute arbitrary code via the HTTP DELETE method, a similar issue to CVE-2019-16724 and CVE-2010-2331.
63 CVE-2019-17414 DoS 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
tinylcy Vino through 2017-12-15 allows remote attackers to cause a denial of service ("vn_get_string error: Resource temporarily unavailable" error and daemon crash) via a long URL.
64 CVE-2019-17408 Exec Code Bypass 2019-10-14 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
parserIfLabel in inc/zzz_template.php in ZZZCMS zzzphp 1.7.3 allows remote attackers to execute arbitrary code because the danger_key function can be bypassed via manipulations such as strtr.
65 CVE-2019-17398 2019-10-15 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
In the Dark Horse Comics application 1.3.21 for Android, token information (equivalent to the username and password) is stored in the log during authentication, and may be available to attackers via logcat.
66 CVE-2019-17396 2019-10-15 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
In the PowerSchool Mobile application 1.1.8 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat.
67 CVE-2019-17395 2019-10-15 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
In the Rapid Gator application 0.7.1 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat.
68 CVE-2019-17394 2019-10-15 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
In the Seesaw Parent and Family application 6.2.5 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat.
69 CVE-2019-17389 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
In RIOT 2019.07, the MQTT-SN implementation (asymcute) mishandles errors occurring during a read operation on a UDP socket. The receive loop ends. This allows an attacker (via a large packet) to prevent a RIOT MQTT-SN client from working until the device is restarted.
70 CVE-2019-17382 Bypass 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in zabbix.php?action=dashboard.view&dashboardid=1 in Zabbix through 4.4. An attacker can bypass the login page and access the dashboard page, and then create a Dashboard, Report, Screen, or Map without any Username/Password (i.e., anonymously). All created elements (Dashboard/Report/Screen/Map) are accessible by other users and by an admin.
71 CVE-2019-17373 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
Certain NETGEAR devices allow unauthenticated access to critical .cgi and .htm pages via a substring ending with .jpg, such as by appending ?x=1.jpg to a URL. This affects MBR1515, MBR1516, DGN2200, DGN2200M, DGND3700, WNR2000v2, WNDR3300, WNDR3400, WNR3500, and WNR834Bv2.
72 CVE-2019-17372 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
Certain NETGEAR devices allow remote attackers to disable all authentication requirements by visiting genieDisableLanChanged.cgi. The attacker can then, for example, visit MNU_accessPassword_recovered.html to obtain a valid new admin password. This affects AC1450, D8500, DC112A, JNDR3000, LG2200D, R4500, R6200, R6200V2, R6250, R6300, R6300v2, R6400, R6700, R6900P, R6900, R7000P, R7000, R7100LG, R7300, R7900, R8000, R8300, R8500, WGR614v10, WN2500RPv2, WNDR3400v2, WNDR3700v3, WNDR4000, WNDR4500, WNDR4500v2, WNR1000, WNR1000v3, WNR3500L, and WNR3500L.
73 CVE-2019-17369 CSRF 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
OTCMS v3.85 has CSRF in the admin/member_deal.php Admin Panel page, leading to creation of a new management group account, as demonstrated by superadmin.
74 CVE-2019-17366 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
Citrix Application Delivery Management (ADM) 12.1 before build 54.13 has Incorrect Access Control.
75 CVE-2019-17356 2019-10-15 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
The Infinite Design application 3.4.12 for Android sends a username and password via TCP without any encryption during login, as demonstrated by sniffing of a public Wi-Fi network.
76 CVE-2019-17355 2019-10-15 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
In the Orbitz application 19.31.1 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat.
77 CVE-2019-17320 Exec Code Overflow 2019-10-10 2019-10-10
0.0
None ??? ??? ??? ??? ??? ???
NetSarang XFTP Client 6.0149 and earlier version contains a buffer overflow vulnerability caused by improper boundary checks when copying file name from an attacker controlled FTP server. That leads attacker to execute arbitrary code by sending a crafted filename.
78 CVE-2019-17195 Bypass 2019-10-15 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authentication bypass.
79 CVE-2019-17186 Exec Code 2019-10-08 2019-10-08
0.0
None ??? ??? ??? ??? ??? ???
/var/WEB-GUI/cgi-bin/telnet.cgi on FiberHome HG2201T 1.00.M5007_JS_201804 devices allows pre-authentication remote code execution.
80 CVE-2019-17176 XSS 2019-10-11 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
Genesys PureEngage Digital (eServices) 8.1.x allows XSS via HtmlChatPanel.jsp or HtmlChatFrameSet.jsp (ActionColor, ClientNickNameColor, Email, email, or email_address parameter).
81 CVE-2019-17091 XSS 2019-10-02 2019-10-02
0.0
None ??? ??? ??? ??? ??? ???
faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used in Mojarra for Eclipse EE4J before 2.3.10 and Mojarra JavaServer Faces before 2.2.20, allows Reflected XSS because a client window field is mishandled.
82 CVE-2019-17059 Exec Code 2019-10-11 2019-10-11
0.0
None ??? ??? ??? ??? ??? ???
A shell injection vulnerability on the Sophos Cyberoam firewall appliance with CyberoamOS before 10.6.6 MR-6 allows remote attackers to execute arbitrary commands via the Web Admin and SSL VPN consoles.
83 CVE-2019-17044 2019-10-14 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in BMC Patrol Agent 9.0.10i. Weak execution permissions on the PatrolAgent SUID binary could allow an attacker with "patrol" privileges to elevate his/her privileges to the ones of the "root" user by specially crafting a shared library .so file that will be loaded during execution.
84 CVE-2019-17043 2019-10-14 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in BMC Patrol Agent 9.0.10i. Weak execution permissions on the best1collect.exe SUID binary could allow an attacker to elevate his/her privileges to the ones of the "patrol" user by specially crafting a shared library .so file that will be loaded during execution.
85 CVE-2019-16929 2019-10-08 2019-10-08
0.0
None ??? ??? ??? ??? ??? ???
Auth0 auth0.net before 6.5.4 has Incorrect Access Control because IdentityTokenValidator can be accidentally used to validate untrusted ID tokens.
86 CVE-2019-16905 Exec Code Overflow Mem. Corr. 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and remote code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.
87 CVE-2019-16519 Exec Code 2019-10-14 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
ESET Cyber Security 6.7.900.0 for macOS allows a local attacker to execute unauthorized commands as root by abusing an undocumented feature in scheduled tasks.
88 CVE-2019-16344 XSS 2019-10-14 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
A cross-site scripting (XSS) vulnerability in the login form (/ScadaBR/login.htm) in ScadaBR 1.0CE allows a remote attacker to inject arbitrary web script or HTML via the username or password parameter.
89 CVE-2019-16282 XSS 2019-10-14 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
In NCH Express Invoice v7.12, persistent cross site scripting (XSS) exists via the Invoices/Items/Customers/Quotes input field. An authenticated unprivileged user can add/modify the Invoices/Items/Customers fields parameter to inject arbitrary JavaScript.
90 CVE-2019-16279 DoS Dir. Trav. 2019-10-14 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
Directory Traversal in the function SSL_accept in nostromo nhttpd through 1.9.6 allows an attacker to trigger a denial of service via a crafted HTTP request.
91 CVE-2019-16278 Exec Code Dir. Trav. 2019-10-14 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
Directory Traversal in the function http_verify in nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code execution via a crafted HTTP request.
92 CVE-2019-15809 2019-10-03 2019-10-03
0.0
None ??? ??? ??? ??? ??? ???
Smart cards from the Athena SCS manufacturer, based on the Atmel Toolbox 00.03.11.05 and the AT90SC chip, contain a timing side channel in ECDSA signature generation. This allows a local attacker, able to measure the duration of hundreds to thousands of signing operations, to compute the private key used. The issue occurs because the Atmel Toolbox 00.03.11.05 contains two versions of ECDSA signature functions, described as fast and secure, but the affected cards chose to use the fast version, which leaks the bit length of the random nonce via timing. This affects Athena IDProtect 010b.0352.0005, Athena IDProtect 010e.1245.0002, Athena IDProtect 0106.0130.0401, Athena IDProtect 010e.1245.0002, Valid S/A IDflex V 010b.0352.0005, SafeNet eToken 4300 010e.1245.0002, TecSec Armored Card 010e.0264.0001, and TecSec Armored Card 108.0264.0001.
93 CVE-2019-15719 Exec Code 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
Altair PBS Professional through 19.1.2 allows Privilege Escalation because an attacker can send a message directly to pbs_mom, which fails to properly authenticate the message. This results in code execution as an arbitrary user.
94 CVE-2019-15715 Exec Code 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
MantisBT before 1.3.20 and 2.22.1 allows Post Authentication Command Injection, leading to Remote Code Execution.
95 CVE-2019-15231 Exec Code 2019-08-19 2019-08-21
0.0
None ??? ??? ??? ??? ??? ???
Webmin 1.890, in a default installation, contains a backdoor that allows an unauthenticated attacker to remotely execute commands. This CVE only refers to the backdoor that was enabled by default, and therefore is a separate CVE from CVE-2019-15107. NOTE: although the vendor's build infrastructure was compromised in 2018, the compromise is not known to affect any GitHub repository. Thus, the relatively uncommon case of an end user building their own copy of Webmin (from the 1.890 tag on GitHub) is thought to be safe.
96 CVE-2019-15226 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
Upon receiving each incoming request header data, Envoy will iterate over existing request headers to verify that the total size of the headers stays below a maximum limit. The implementation in versions 1.10.0 through 1.11.1 for HTTP/1.x traffic and all versions of Envoy for HTTP/2 traffic had O(n^2) performance characteristics. A remote attacker may craft a request that stays below the maximum request header size but consists of many thousands of small headers to consume CPU and result in a denial-of-service attack.
97 CVE-2019-15015 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
In the Zingbox Inspector, versions 1.294 and earlier, hardcoded credentials for root and inspector user accounts are present in the system software, which can result in unauthorized users gaining access to the system.
98 CVE-2019-14858 2019-10-14 2019-10-15
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argument_spec with sub parameters marked as no_log, passing an invalid parameter name to the module will cause the task to fail before the no_log options in the sub parameters are processed. As a result, data in the sub parameter fields will not be masked and will be displayed if Ansible is run with increased verbosity and present in the module invocation arguments for the task.
99 CVE-2019-14846 2019-10-08 2019-10-08
0.0
None ??? ??? ??? ??? ??? ???
Ansible, all ansible_engine-2.x versions and ansible_engine-3.x up to ansible_engine-3.5, was logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process.
100 CVE-2019-14845 Bypass 2019-10-08 2019-10-08
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability was found in OpenShift builds, versions 4.1 up to 4.3. Builds that extract source from a container image, bypass the TLS hostname verification. An attacker can take advantage of this flaw by launching a man-in-the-middle attack and injecting malicious content.
Total number of vulnerabilities : 703   Page : 1 2 (This Page)3 4 5 6 7 8 9 10 11 12 13 14 15
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.