| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2019-1000020 |
400 |
|
|
2019-02-04 |
2019-04-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onwards (version v2.8.0 onwards) contains a CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ISO9660 parser, archive_read_support_format_iso9660.c, read_CE()/parse_rockridge() that can result in DoS by infinite loop. This attack appears to be exploitable via the victim opening a specially crafted ISO9660 file. |
|
2 |
CVE-2019-1000019 |
125 |
|
DoS |
2019-02-04 |
2019-04-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onwards (release v3.0.2 onwards) contains a CWE-125: Out-of-bounds Read vulnerability in 7zip decompression, archive_read_support_format_7zip.c, header_bytes() that can result in a crash (denial of service). This attack appears to be exploitable via the victim opening a specially crafted 7zip file. |
|
3 |
CVE-2019-1000018 |
77 |
|
Exec Code |
2019-02-04 |
2019-04-11 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
rssh version 2.3.4 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in allowscp permission that can result in Local command execution. This attack appear to be exploitable via An authorized SSH user with the allowscp permission. |
|
4 |
CVE-2019-15902 |
200 |
|
+Info |
2019-09-04 |
2019-10-10 |
4.7 |
None |
Local |
Medium |
Not required |
Complete |
None |
None |
|
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" commit reintroduced the Spectre vulnerability that it aimed to eliminate. This occurred because the backport process depends on cherry picking specific commits, and because two (correctly ordered) code lines were swapped. |
|
5 |
CVE-2019-14534 |
476 |
|
DoS |
2019-08-29 |
2019-09-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In VideoLAN VLC media player 3.0.7.1, there is a NULL pointer dereference at the function SeekPercent of demux/asf/asf.c that will lead to a denial of service attack. |
|
6 |
CVE-2019-13458 |
255 |
|
|
2019-08-21 |
2019-10-09 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8, and Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. An attacker who is logged into OTRS as an agent user with appropriate permissions can leverage OTRS notification tags in templates in order to disclose hashed user passwords. |
|
7 |
CVE-2019-13345 |
79 |
|
XSS |
2019-07-05 |
2019-07-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter. |
|
8 |
CVE-2019-13274 |
79 |
|
XSS |
2019-08-27 |
2019-08-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
In Xymon through 4.3.28, an XSS vulnerability exists in the csvinfo CGI script due to insufficient filtering of the db parameter. |
|
9 |
CVE-2019-12814 |
200 |
|
+Info |
2019-06-19 |
2019-09-05 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x through 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has JDOM 1.x or 2.x jar in the classpath, an attacker can send a specifically crafted JSON message that allows them to read arbitrary local files on the server. |
|
10 |
CVE-2019-12746 |
200 |
|
+Info |
2019-08-21 |
2019-08-29 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
An issue was discovered in Open Ticket Request System (OTRS) Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. A user logged into OTRS as an agent might unknowingly disclose their session ID by sharing the link of an embedded ticket article with third parties. This identifier can be then be potentially abused in order to impersonate the agent user. |
|
11 |
CVE-2019-12471 |
79 |
|
XSS |
2019-07-10 |
2019-07-16 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Wikimedia MediaWiki 1.30.0 through 1.32.1 has XSS. Loading user JavaScript from a non-existent account allows anyone to create the account, and perform XSS on users loading that script. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6. |
|
12 |
CVE-2019-12470 |
284 |
|
|
2019-07-10 |
2019-07-16 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
Wikimedia MediaWiki through 1.32.1 has Incorrect Access Control. Suppressed log in RevisionDelete page is exposed. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6. |
|
13 |
CVE-2019-12469 |
284 |
|
|
2019-07-10 |
2019-07-16 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
MediaWiki through 1.32.1 has Incorrect Access Control. Suppressed username or log in Special:EditTags are exposed. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6. |
|
14 |
CVE-2019-12384 |
502 |
|
Exec Code |
2019-06-24 |
2019-09-05 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to have a variety of impacts by leveraging failure to block the logback-core class from polymorphic deserialization. Depending on the classpath content, remote code execution may be possible. |
|
15 |
CVE-2019-12248 |
20 |
|
|
2019-06-17 |
2019-06-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.7, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. An attacker could send a malicious email to an OTRS system. If a logged-in agent user quotes it, the email could cause the browser to load external image resources. |
|
16 |
CVE-2019-11730 |
200 |
|
+Info |
2019-07-23 |
2019-08-15 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and they may uploaded to a server. It was demonstrated that in combination with a popular Android messaging app, if a malicious HTML attachment is sent to a user and they opened that attachment in Firefox, due to that app's predictable pattern for locally-saved file names, it is possible to read attachments the victim received from other correspondents. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8. |
|
17 |
CVE-2019-11454 |
79 |
|
XSS |
2019-04-22 |
2019-05-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Persistent cross-site scripting (XSS) in http/cervlet.c in Tildeslash Monit before 5.25.3 allows a remote unauthenticated attacker to introduce arbitrary JavaScript via manipulation of an unsanitized user field of the Authorization header for HTTP Basic Authentication, which is mishandled during an _viewlog operation. |
|
18 |
CVE-2019-11358 |
79 |
|
XSS |
2019-04-19 |
2019-06-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype. |
|
19 |
CVE-2019-11010 |
399 |
|
DoS |
2019-04-08 |
2019-05-01 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a memory leak in the function ReadMPCImage of coders/mpc.c, which allows attackers to cause a denial of service via a crafted image file. |
|
20 |
CVE-2019-10904 |
79 |
|
XSS |
2019-04-06 |
2019-04-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Roundup 1.6 allows XSS via the URI because frontends/roundup.cgi and roundup/cgi/wsgi_handler.py mishandle 404 errors. |
|
21 |
CVE-2019-10868 |
284 |
|
|
2019-04-04 |
2019-10-09 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
In trytond/model/modelstorage.py in Tryton 4.2 before 4.2.21, 4.4 before 4.4.19, 4.6 before 4.6.14, 4.8 before 4.8.10, and 5.0 before 5.0.6, an authenticated user can order records based on a field for which he has no access right. This may allow the user to guess values. |
|
22 |
CVE-2019-9892 |
91 |
|
|
2019-05-21 |
2019-05-22 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
An issue was discovered in Open Ticket Request System (OTRS) 5.x through 5.0.34, 6.x through 6.0.17, and 7.x through 7.0.6. An attacker who is logged into OTRS as an agent user with appropriate permissions may try to import carefully crafted Report Statistics XML that will result in reading of arbitrary files on the OTRS filesystem. |
|
23 |
CVE-2019-9735 |
254 |
|
|
2019-03-12 |
2019-06-25 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
|
An issue was discovered in the iptables firewall module in OpenStack Neutron before 10.0.8, 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By setting a destination port in a security group rule along with a protocol that doesn't support that option (for example, VRRP), an authenticated user may block further application of security group rules for instances from any project/tenant on the compute hosts to which it's applied. (Only deployments using the iptables security group driver are affected.) |
|
24 |
CVE-2019-9213 |
476 |
|
|
2019-03-05 |
2019-06-17 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task. |
|
25 |
CVE-2019-8308 |
20 |
|
|
2019-02-12 |
2019-08-31 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sandbox, which allows attackers to modify a host-side executable file. |
|
26 |
CVE-2019-7665 |
119 |
|
DoS Overflow |
2019-02-09 |
2019-06-10 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service (program crash) because ebl_core_note does not reject malformed core file notes. |
|
27 |
CVE-2019-7663 |
119 |
|
Overflow |
2019-02-09 |
2019-04-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted tiff file. This is different from CVE-2018-12900. |
|
28 |
CVE-2019-7221 |
416 |
|
|
2019-03-21 |
2019-06-14 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free. |
|
29 |
CVE-2019-7150 |
125 |
|
|
2019-01-28 |
2019-06-10 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
An issue was discovered in elfutils 0.175. A segmentation fault can occur in the function elf64_xlatetom in libelf/elf32_xlatetom.c, due to dwfl_segment_report_module not checking whether the dyn data read from a core file is truncated. A crafted input can cause a program crash, leading to denial-of-service, as demonstrated by eu-stack. |
|
30 |
CVE-2019-7149 |
125 |
|
|
2019-01-28 |
2019-06-10 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A heap-based buffer over-read was discovered in the function read_srclines in dwarf_getsrclines.c in libdw in elfutils 0.175. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by eu-nm. |
|
31 |
CVE-2019-6454 |
119 |
|
DoS Overflow |
2019-03-21 |
2019-06-04 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message to PID1, causing the stack pointer to jump over the stack guard pages into an unmapped memory region and trigger a denial of service (systemd PID1 crash and kernel panic). |
|
32 |
CVE-2019-6133 |
284 |
|
Bypass |
2019-01-11 |
2019-05-28 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c. |
|
33 |
CVE-2019-6109 |
284 |
|
|
2019-01-31 |
2019-05-03 |
4.0 |
None |
Remote |
High |
Not required |
Partial |
Partial |
None |
|
An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c. |
|
34 |
CVE-2019-5798 |
125 |
|
|
2019-05-23 |
2019-06-10 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. |
|
35 |
CVE-2019-5781 |
20 |
|
|
2019-02-19 |
2019-04-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. |
|
36 |
CVE-2019-5780 |
20 |
|
|
2019-02-19 |
2019-04-18 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Insufficient restrictions on what can be done with Apple Events in Google Chrome on macOS prior to 72.0.3626.81 allowed a local attacker to execute JavaScript via Apple Events. |
|
37 |
CVE-2019-5779 |
264 |
|
Bypass |
2019-02-19 |
2019-04-18 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Insufficient policy validation in ServiceWorker in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. |
|
38 |
CVE-2019-5778 |
79 |
|
XSS Bypass |
2019-02-19 |
2019-04-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A missing case for handling special schemes in permission request checks in Extensions in Google Chrome prior to 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to bypass extension permission checks for privileged pages via a crafted Chrome Extension. |
|
39 |
CVE-2019-5777 |
20 |
|
|
2019-02-19 |
2019-04-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. |
|
40 |
CVE-2019-5776 |
20 |
|
|
2019-02-19 |
2019-04-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. |
|
41 |
CVE-2019-5775 |
20 |
|
|
2019-02-19 |
2019-04-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. |
|
42 |
CVE-2019-5773 |
20 |
|
Bypass |
2019-02-19 |
2019-04-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Insufficient origin validation in IndexedDB in Google Chrome prior to 72.0.3626.81 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. |
|
43 |
CVE-2019-5768 |
254 |
|
|
2019-02-19 |
2019-04-18 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
DevTools API not correctly gating on extension capability in DevTools in Google Chrome prior to 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to read local files via a crafted Chrome Extension. |
|
44 |
CVE-2019-5767 |
275 |
|
|
2019-02-19 |
2019-04-18 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Insufficient protection of permission UI in WebAPKs in Google Chrome on Android prior to 72.0.3626.81 allowed an attacker who convinced the user to install a malicious application to access privacy/security sensitive web APIs via a crafted APK. |
|
45 |
CVE-2019-5766 |
264 |
|
|
2019-02-19 |
2019-04-18 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Incorrect handling of origin taint checking in Canvas in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page. |
|
46 |
CVE-2019-5765 |
200 |
|
+Info |
2019-02-19 |
2019-04-18 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
An exposed debugging endpoint in the browser in Google Chrome on Android prior to 72.0.3626.81 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted Intent. |
|
47 |
CVE-2019-5754 |
310 |
|
|
2019-02-19 |
2019-04-17 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an attacker running or able to cause use of a proxy server to obtain cleartext of transport encryption via malicious network proxy. |
|
48 |
CVE-2019-5719 |
476 |
|
|
2019-01-08 |
2019-03-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. This was addressed in epan/dissectors/packet-isakmp.c by properly handling the case of a missing decryption data block. |
|
49 |
CVE-2019-5718 |
125 |
|
|
2019-01-08 |
2019-03-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissector and other ASN.1 dissectors could crash. This was addressed in epan/charsets.c by adding a get_t61_string length check. |
|
50 |
CVE-2019-5717 |
20 |
|
|
2019-01-08 |
2019-03-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL dissector could crash. This was addressed in epan/dissectors/packet-p_mul.c by rejecting the invalid sequence number of zero. |
