CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1701 CVE-2019-4424 611 2019-08-20 2019-10-09
6.4
None Remote Low Not required Partial None Partial
IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, and 19.0.0.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 162770.
1702 CVE-2019-4422 287 2019-10-03 2019-10-09
6.5
None Remote Low Single system Partial Partial Partial
IBM Security Guardium 9.0, 9.5, and 10.6 are vulnerable to a privilege escalation which could allow an authenticated user to change the accessmgr password. IBM X-Force ID: 162768.
1703 CVE-2019-4419 611 2019-08-20 2019-10-09
6.4
None Remote Low Not required Partial None Partial
IBM Intelligent Operations Center V5.1.0 through V5.2.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 162737.
1704 CVE-2019-4340 611 2019-08-20 2019-10-09
6.4
None Remote Low Not required Partial None Partial
IBM Security Guardium Big Data Intelligence 4.0 (SonarG) is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 161419.
1705 CVE-2019-4304 384 Bypass 2019-09-30 2019-10-09
6.5
None Remote Low Single system Partial Partial Partial
IBM WebSphere Application Server - Liberty could allow a remote attacker to bypass security restrictions caused by improper session validation. IBM X-Force ID: 160950.
1706 CVE-2019-4292 434 Exec Code 2019-07-02 2019-07-03
6.5
None Remote Low Single system Partial Partial Partial
IBM Security Guardium 10.5 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable web server. IBM X-Force ID: 160698.
1707 CVE-2019-4224 89 Sql 2019-06-26 2019-10-09
6.5
None Remote Low Single system Partial Partial Partial
IBM PureApplication System 2.2.3.0 through 2.2.5.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 159240.
1708 CVE-2019-4212 352 CSRF 2019-07-25 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 159132.
1709 CVE-2019-4178 22 Dir. Trav. 2019-04-15 2019-05-09
6.4
None Remote Low Not required Partial Partial None
IBM Cognos Analytics 11 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request to write or view arbitrary files on the system. IBM X-Force ID: 158919.
1710 CVE-2019-4169 255 2019-08-26 2019-10-09
6.4
None Remote Low Not required Partial Partial None
IBM Open Power Firmware OP910 and OP920 could allow access to BMC via IPMI using default OpenBMC password even after BMC password was changed away from the default password. IBM X-Force ID: 158702.
1711 CVE-2019-4147 89 Sql 2019-09-16 2019-10-09
6.5
None Remote Low Single system Partial Partial Partial
IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 158413.
1712 CVE-2019-4142 352 CSRF 2019-06-18 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
IBM Cloud Private 2.1.0, 3.1.0, 3.1.1, and 3.1.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 158338.
1713 CVE-2019-4135 264 2019-06-25 2019-10-09
6.5
None Remote Low Single system Partial Partial Partial
IBM Security Access Manager 9.0.1 through 9.0.6 is affected by a security vulnerability that could allow authenticated users to impersonate other users. IBM X-Force ID: 158331.
1714 CVE-2019-4117 352 CSRF 2019-08-20 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
IBM Cloud Private 3.1.1 and 3.1.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 158116.
1715 CVE-2019-4080 400 DoS 2019-04-02 2019-10-09
6.8
None Remote Low Single system None None Complete
IBM WebSphere Application Server Admin Console 7.5, 8.0, 8.5, and 9.0 is vulnerable to a potential denial of service, caused by improper parameter parsing. A remote attacker could exploit this to consume all available CPU resources. IBM X-Force ID: 157380.
1716 CVE-2019-4072 613 2019-05-09 2019-10-09
6.5
None Remote Low Single system Partial Partial Partial
IBM Tivoli Storage Productivity Center (IBM Spectrum Control Standard Edition 5.2.1 through 5.2.17) allows users to remain idle within the application even when a user has logged out. Utilizing the application back button users can remain logged in as the current user for a short period of time, therefore users are presented with information for Spectrum Control Application. IBM X-Force ID: 157064.
1717 CVE-2019-4069 434 2019-06-07 2019-10-09
6.5
None Remote Low Single system Partial Partial Partial
IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 does not properly validate file types, allowing an attacker to upload malicious content. IBM X-Force ID: 157014.
1718 CVE-2019-4066 20 Exec Code 2019-06-07 2019-10-09
6.5
None Remote Low Single system Partial Partial Partial
IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 could allow an authenciated user to create arbitrary users which could cause ID management issues and result in code execution. IBM X-Force ID: 157011.
1719 CVE-2019-4035 20 2019-03-22 2019-10-09
6.4
None Remote Low Not required Partial Partial None
IBM Content Navigator 3.0CD could allow attackers to direct web traffic to a malicious site. If attackers make a fake IBM Content Navigator site, they can send a link to ICN users to send request to their Edit client directly. Then Edit client will download documents from the fake ICN website. IBM X-Force ID: 156001.
1720 CVE-2019-4034 20 Exec Code 2019-03-14 2019-10-09
6.5
None Remote Low Single system Partial Partial Partial
IBM Content Navigator 3.0CD is could allow an attacker to execute arbitrary code on a user's workstation. When editing an executable file in ICN with Edit service, it will be executed on the user's workstation. IBM X-Force ID: 156000.
1721 CVE-2019-3960 434 Exec Code 2019-07-31 2019-08-06
6.5
None Remote Low Single system Partial Partial Partial
Unrestricted upload of file with dangerous type in WallacePOS 1.4.3 allows a remote, authenticated attacker to execute arbitrary code by uploading a malicious PHP file.
1722 CVE-2019-3959 352 CSRF 2019-07-31 2019-08-02
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery in WallacePOS 1.4.3 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link.
1723 CVE-2019-3941 284 2019-04-09 2019-05-06
6.4
None Remote Low Not required None Partial Partial
Advantech WebAccess 8.3.4 allows unauthenticated, remote attackers to delete arbitrary files via IOCTL 10005 RPC.
1724 CVE-2019-3935 287 2019-04-30 2019-10-09
6.4
None Remote Low Not required None Partial Partial
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to act as a moderator to a slide show via crafted HTTP POST requests to conference.cgi. A remote, unauthenticated attacker can use this vulnerability to start, stop, and disconnect active slideshows.
1725 CVE-2019-3921 119 Exec Code Overflow 2019-03-05 2019-10-09
6.5
None Remote Low Single system Partial Partial Partial
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, authenticated attacker to /GponForm/usb_Form?script/. An attacker can leverage this vulnerability to potentially execute arbitrary code.
1726 CVE-2019-3920 77 2019-03-05 2019-10-09
6.5
None Remote Low Single system Partial Partial Partial
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to authenticated command injection via crafted HTTP request sent by a remote, authenticated attacker to /GponForm/device_Form?script/.
1727 CVE-2019-3919 77 2019-03-05 2019-10-09
6.5
None Remote Low Single system Partial Partial Partial
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to command injection via crafted HTTP request sent by a remote, authenticated attacker to /GponForm/usb_restore_Form?script/.
1728 CVE-2019-3900 400 2019-04-25 2019-05-17
6.8
None Remote Low Single system None None Complete
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could use this flaw to stall the vhost_net kernel thread, resulting in a DoS scenario.
1729 CVE-2019-3895 284 2019-06-03 2019-07-02
6.8
None Remote Medium Not required Partial Partial Partial
An access-control flaw was found in the Octavia service when the cloud platform was deployed using Red Hat OpenStack Platform Director. An attacker could cause new amphorae to run based on any arbitrary image. This meant that a remote attacker could upload a new amphorae image and, if requested to spawn new amphorae, Octavia would then pick up the compromised image.
1730 CVE-2019-3894 264 2019-05-03 2019-05-17
6.5
None Remote Low Single system Partial Partial Partial
It was discovered that the ElytronManagedThread in Wildfly's Elytron subsystem in versions from 11 to 16 stores a SecurityIdentity to run the thread as. These threads do not necessarily terminate if the keep alive time has not expired. This could allow a shared thread to use the wrong security identity when executing.
1731 CVE-2019-3878 287 Bypass 2019-03-26 2019-05-07
6.8
None Remote Medium Not required Partial Partial Partial
A vulnerability was found in mod_auth_mellon before v0.14.2. If Apache is configured as a reverse proxy and mod_auth_mellon is configured to only let through authenticated users (with the require valid-user directive), adding special HTTP headers that are normally used to start the special SAML ECP (non-browser based) can be used to bypass authentication.
1732 CVE-2019-3873 79 XSS 2019-06-12 2019-07-06
6.0
None Remote Medium Single system Partial Partial Partial
It was found that Picketlink as shipped with Jboss Enterprise Application Platform 7.2 would accept an xinclude parameter in SAMLresponse XML. An attacker could use this flaw to send a URL to achieve cross-site scripting or possibly conduct further attacks.
1733 CVE-2019-3871 20 DoS 2019-03-21 2019-04-05
6.5
None Remote Low Single system Partial Partial Partial
A vulnerability was found in PowerDNS Authoritative Server before 4.0.7 and before 4.1.7. An insufficient validation of data coming from the user when building a HTTP request from a DNS query in the HTTP Connector of the Remote backend, allowing a remote user to cause a denial of service by making the server connect to an invalid endpoint, or possibly information disclosure by making the server connect to an internal endpoint and somehow extracting meaningful information about the response
1734 CVE-2019-3863 787 2019-03-25 2019-05-14
6.8
None Remote Medium Not required Partial Partial Partial
A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.
1735 CVE-2019-3862 125 DoS 2019-03-21 2019-04-15
6.4
None Remote Low Not required Partial None Partial
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
1736 CVE-2019-3861 125 DoS 2019-03-25 2019-04-15
6.4
None Remote Low Not required Partial None Partial
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
1737 CVE-2019-3860 125 DoS 2019-03-25 2019-04-15
6.4
None Remote Low Not required Partial None Partial
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
1738 CVE-2019-3859 125 DoS 2019-03-21 2019-07-25
6.4
None Remote Low Not required Partial None Partial
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
1739 CVE-2019-3858 125 DoS 2019-03-21 2019-04-15
6.4
None Remote Low Not required Partial None Partial
An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
1740 CVE-2019-3857 190 Exec Code Overflow 2019-03-25 2019-05-14
6.8
None Remote Medium Not required Partial Partial Partial
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.
1741 CVE-2019-3856 190 Exec Code Overflow 2019-03-25 2019-05-14
6.8
None Remote Medium Not required Partial Partial Partial
An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.
1742 CVE-2019-3849 264 2019-03-26 2019-10-09
6.5
None Remote Low Single system Partial Partial Partial
A vulnerability was found in moodle before versions 3.6.3, 3.5.5 and 3.4.8. Users could assign themselves an escalated role within courses or content accessed via LTI, by modifying the request to the LTI publisher site.
1743 CVE-2019-3847 20 2019-03-27 2019-04-04
6.5
None Remote Low Single system Partial Partial Partial
A vulnerability was found in moodle before versions 3.6.3, 3.5.5, 3.4.8 and 3.1.17. Users with the "login as other users" capability (such as administrators/managers) can access other users' Dashboards, but the JavaScript those other users may have added to their Dashboard was not being escaped when being viewed by the user logging in on their behalf.
1744 CVE-2019-3839 264 2019-05-16 2019-05-30
6.8
None Remote Medium Not required Partial Partial Partial
It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. Ghostscript versions before 9.27 are vulnerable.
1745 CVE-2019-3834 470 2019-10-03 2019-10-10
6.8
None Remote Medium Not required Partial Partial Partial
It was found that the fix for CVE-2014-0114 had been reverted in JBoss Operations Network 3 (JON). This flaw allows attackers to manipulate ClassLoader properties on a vulnerable server. Exploits that have been published rely on ClassLoader properties that are exposed such as those in JON 3. Additional information can be found in the Red Hat Knowledgebase article: https://access.redhat.com/site/solutions/869353. Note that while multiple products released patches for the original CVE-2014-0114 flaw, the reversion described by this CVE-2019-3834 flaw only occurred in JON 3.
1746 CVE-2019-3825 287 Bypass 2019-02-06 2019-10-09
6.9
None Local Medium Not required Complete Complete Complete
A vulnerability was discovered in gdm before 3.31.4. When timed login is enabled in configuration, an attacker could bypass the lock screen by selecting the timed login user and waiting for the timer to expire, at which time they would gain access to the logged-in user's session.
1747 CVE-2019-3817 416 Exec Code 2019-03-27 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
A use-after-free flaw has been discovered in libcomps before version 0.1.10 in the way ObjMRTrees are merged. An attacker, who is able to make an application read a crafted comps XML file, may be able to crash the application or execute malicious code.
1748 CVE-2019-3807 295 Bypass 2019-01-29 2019-10-09
6.4
None Remote Low Not required Partial Partial None
An issue has been found in PowerDNS Recursor versions 4.1.x before 4.1.9 where records in the answer section of responses received from authoritative servers with the AA flag not set were not properly validated, allowing an attacker to bypass DNSSEC validation.
1749 CVE-2019-3806 254 Bypass 2019-01-29 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
An issue has been found in PowerDNS Recursor versions after 4.1.3 before 4.1.9 where Lua hooks are not properly applied to queries received over TCP in some specific combination of settings, possibly bypassing security policies enforced using Lua.
1750 CVE-2019-3798 287 2019-04-17 2019-10-09
6.0
None Remote Medium Single system Partial Partial Partial
Cloud Foundry Cloud Controller API Release, versions prior to 1.79.0, contains improper authentication when validating user permissions. A remote authenticated malicious user with the ability to create UAA clients and knowledge of the email of a victim in the foundation may escalate their privileges to that of the victim by creating a client with a name equal to the guid of their victim.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.