| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2019-14744 |
77 |
|
Exec Code |
2019-08-07 |
2019-08-15 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .desktop file. |
|
2 |
CVE-2019-14439 |
200 |
|
+Info |
2019-07-30 |
2019-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. This occurs when Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the logback jar in the classpath. |
|
3 |
CVE-2019-13565 |
287 |
|
|
2019-07-26 |
2019-09-23 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs. After the first SASL bind is completed, the sasl_ssf value is retained for all new non-SASL connections. Depending on the ACL configuration, this can affect different types of operations (searches, modifications, etc.). In other words, a successful authorization step completed by one user affects the authorization requirement for a different user. |
|
4 |
CVE-2019-13232 |
400 |
|
DoS |
2019-07-04 |
2019-07-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service (resource consumption), aka a "better zip bomb" issue. |
|
5 |
CVE-2019-12854 |
119 |
|
DoS Overflow |
2019-08-15 |
2019-08-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memory. On systems with memory access protections, this can cause the CGI process to terminate unexpectedly, resulting in a denial of service for all clients using it. |
|
6 |
CVE-2019-12781 |
20 |
|
|
2019-07-01 |
2019-07-12 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1.10, and 2.2 before 2.2.3. An HTTP request is not redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings are used, and the proxy connects to Django via HTTPS. In other words, django.http.HttpRequest.scheme has incorrect behavior when a client uses HTTP. |
|
7 |
CVE-2019-12497 |
200 |
|
+Info |
2019-06-17 |
2019-06-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. In the customer or external frontend, personal information of agents (e.g., Name and mail address) can be disclosed in external notes. |
|
8 |
CVE-2019-12474 |
200 |
|
+Info |
2019-07-10 |
2019-07-11 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Wikimedia MediaWiki 1.23.0 through 1.32.1 has an information leak. Privileged API responses that include whether a recent change has been patrolled may be cached publicly. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6. |
|
9 |
CVE-2019-12473 |
20 |
|
|
2019-07-10 |
2019-07-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Wikimedia MediaWiki 1.27.0 through 1.32.1 might allow DoS. Passing invalid titles to the API could cause a DoS by querying the entire watchlist table. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6. |
|
10 |
CVE-2019-12467 |
284 |
|
|
2019-07-10 |
2019-07-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
MediaWiki through 1.32.1 has Incorrect Access Control (issue 1 of 3). A spammer can use Special:ChangeEmail to send out spam with no rate limiting or ability to block them. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6. |
|
11 |
CVE-2019-12086 |
200 |
|
+Info |
2019-05-17 |
2019-09-17 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java jar (8.0.14 or earlier) in the classpath, and an attacker can host a crafted MySQL server reachable by the victim, an attacker can send a crafted JSON message that allows them to read arbitrary local files on the server. This occurs because of missing com.mysql.cj.jdbc.admin.MiniAdmin validation. |
|
12 |
CVE-2019-11455 |
119 |
|
DoS Overflow |
2019-04-22 |
2019-05-08 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
None |
Partial |
|
A buffer over-read in Util_urlDecode in util.c in Tildeslash Monit before 5.25.3 allows a remote authenticated attacker to retrieve the contents of adjacent memory via manipulation of GET or POST parameters. The attacker can also cause a denial of service (application outage). |
|
13 |
CVE-2019-11009 |
125 |
|
DoS |
2019-04-08 |
2019-05-22 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
None |
Partial |
|
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadXWDImage of coders/xwd.c, which allows attackers to cause a denial of service or information disclosure via a crafted image file. |
|
14 |
CVE-2019-11007 |
119 |
|
DoS Overflow |
2019-04-08 |
2019-05-04 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
None |
Partial |
|
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attackers to cause a denial of service or information disclosure via an image colormap. |
|
15 |
CVE-2019-10650 |
125 |
|
DoS |
2019-03-30 |
2019-05-14 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
None |
Partial |
|
In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file. |
|
16 |
CVE-2019-10081 |
119 |
|
Overflow |
2019-08-15 |
2019-08-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
HTTP/2 (2.4.20 through 2.4.39) very early pushes, for example configured with "H2PushResource", could lead to an overwrite of memory in the pushing request's pool, leading to crashes. The memory copied is that of the configured push link header values, not data supplied by the client. |
|
17 |
CVE-2019-9897 |
20 |
|
|
2019-03-21 |
2019-04-26 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Multiple denial-of-service attacks that can be triggered by writing to the terminal exist in PuTTY versions before 0.71. |
|
18 |
CVE-2019-9658 |
254 |
|
|
2019-03-11 |
2019-06-12 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Checkstyle before 8.18 loads external DTDs by default. |
|
19 |
CVE-2019-9640 |
119 |
|
Overflow |
2019-03-08 |
2019-06-03 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an Invalid Read in exif_process_SOFn. |
|
20 |
CVE-2019-9639 |
119 |
|
Overflow |
2019-03-08 |
2019-06-03 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the data_len variable. |
|
21 |
CVE-2019-9638 |
119 |
|
Overflow |
2019-03-08 |
2019-06-03 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the maker_note->offset relationship to value_len. |
|
22 |
CVE-2019-9637 |
264 |
|
|
2019-03-08 |
2019-06-03 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data. |
|
23 |
CVE-2019-9214 |
476 |
|
|
2019-02-27 |
2019-05-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector could crash. This was addressed in epan/dissectors/packet-rpcap.c by avoiding an attempted dereference of a NULL conversation. |
|
24 |
CVE-2019-9209 |
119 |
|
Overflow |
2019-02-27 |
2019-05-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in time values. |
|
25 |
CVE-2019-9208 |
476 |
|
|
2019-02-27 |
2019-05-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the TCAP dissector could crash. This was addressed in epan/dissectors/asn1/tcap/tcap.cnf by avoiding NULL pointer dereferences. |
|
26 |
CVE-2019-9024 |
125 |
|
|
2019-02-22 |
2019-06-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpc_decode() can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c. |
|
27 |
CVE-2019-9022 |
125 |
|
|
2019-02-22 |
2019-06-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. dns_get_record misparses a DNS response, which can allow a hostile DNS server to cause PHP to misuse memcpy, leading to read operations going past the buffer allocated for DNS data. This affects php_parserr in ext/standard/dns.c for DNS_CAA and DNS_ANY queries. |
|
28 |
CVE-2019-6690 |
20 |
|
|
2019-03-21 |
2019-06-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a "CWE-20: Improper Input Validation" issue affecting the affect functionality component. |
|
29 |
CVE-2019-6111 |
20 |
|
Dir. Trav. |
2019-01-31 |
2019-05-03 |
5.8 |
None |
Remote |
Medium |
Not required |
None |
Partial |
Partial |
|
An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file). |
|
30 |
CVE-2019-5755 |
189 |
|
|
2019-02-19 |
2019-04-17 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
Incorrect handling of negative zero in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. |
|
31 |
CVE-2019-5418 |
200 |
|
+Info |
2019-03-27 |
2019-10-11 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed. |
|
32 |
CVE-2019-3902 |
59 |
|
|
2019-04-22 |
2019-08-06 |
5.8 |
None |
Remote |
Medium |
Not required |
None |
Partial |
Partial |
|
A flaw was found in Mercurial before 4.9. It was possible to use symlinks and subrepositories to defeat Mercurial's path-checking logic and write files outside a repository. |
|
33 |
CVE-2019-3880 |
22 |
|
Dir. Trav. |
2019-04-09 |
2019-05-27 |
5.5 |
None |
Remote |
Low |
Single system |
None |
Partial |
Partial |
|
A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. Versions before 4.8.11, 4.9.6 and 4.10.2 are vulnerable. |
|
34 |
CVE-2019-3823 |
125 |
|
|
2019-02-06 |
2019-07-23 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller. |
|
35 |
CVE-2019-0220 |
399 |
|
|
2019-06-11 |
2019-06-25 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing will implicitly collapse them. |
|
36 |
CVE-2019-0196 |
416 |
|
|
2019-06-11 |
2019-06-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request incorrectly. |
|
37 |
CVE-2018-1000671 |
601 |
|
XSS |
2018-09-06 |
2018-11-02 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
sympa version 6.2.16 and later contains a CWE-601: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in The "referer" parameter of the wwsympa.fcgi login action. that can result in Open redirection and reflected XSS via data URIs. This attack appear to be exploitable via Victim's browser must follow a URL supplied by the attacker. This vulnerability appears to have been fixed in none available. |
|
38 |
CVE-2018-1000180 |
327 |
|
|
2018-06-05 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fixed in versions BC 1.60 beta 4 and later, BC-FJA 1.0.2 and later. |
|
39 |
CVE-2018-1000179 |
476 |
|
DoS |
2018-05-08 |
2018-10-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A NULL Pointer Dereference of CWE-476 exists in quassel version 0.12.4 in the quasselcore void CoreAuthHandler::handle(const Login &msg) coreauthhandler.cpp line 235 that allows an attacker to cause a denial of service. |
|
40 |
CVE-2018-1000164 |
93 |
|
|
2018-04-18 |
2019-06-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
gunicorn version 19.4.5 contains a CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers vulnerability in "process_headers" function in "gunicorn/http/wsgi.py" that can result in an attacker causing the server to return arbitrary HTTP headers. This vulnerability appears to have been fixed in 19.5.0. |
|
41 |
CVE-2018-1000127 |
190 |
|
Overflow |
2018-03-13 |
2019-09-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable via network connectivity to the memcached service. This vulnerability appears to have been fixed in 1.4.37 and later. |
|
42 |
CVE-2018-1000121 |
476 |
|
DoS |
2018-03-14 |
2019-07-23 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A NULL pointer dereference exists in curl 7.21.0 to and including curl 7.58.0 in the LDAP code that allows an attacker to cause a denial of service |
|
43 |
CVE-2018-1000077 |
20 |
|
|
2018-03-13 |
2019-05-20 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Improper Input Validation vulnerability in ruby gems specification homepage attribute that can result in a malicious gem could set an invalid homepage URL. This vulnerability appears to have been fixed in 2.7.6. |
|
44 |
CVE-2018-1000075 |
835 |
|
|
2018-03-13 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a infinite loop caused by negative size vulnerability in ruby gem package tar header that can result in a negative size could cause an infinite loop.. This vulnerability appears to have been fixed in 2.7.6. |
|
45 |
CVE-2018-1000027 |
476 |
|
DoS |
2018-02-09 |
2019-07-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request. This vulnerability appears to have been fixed in 4.0.23 and later. |
|
46 |
CVE-2018-1000024 |
|
|
DoS |
2018-02-09 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server delivers an HTTP response payload containing valid but unusual ESI syntax.. This vulnerability appears to have been fixed in 4.0.23 and later. |
|
47 |
CVE-2018-1000007 |
200 |
|
+Info |
2018-01-24 |
2019-06-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the `Location:` response header value. Sending the same set of headers to subsequent hosts is in particular a problem for applications that pass on custom `Authorization:` headers, as this header often contains privacy sensitive information or data that could allow others to impersonate the libcurl-using client's request. |
|
48 |
CVE-2018-20743 |
20 |
|
DoS |
2019-01-25 |
2019-07-23 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
murmur in Mumble through 1.2.19 before 2018-08-31 mishandles multiple concurrent requests that are persisted in the database, which allows remote attackers to cause a denial of service (daemon hang or crash) via a message flood. |
|
49 |
CVE-2018-20547 |
190 |
|
|
2018-12-28 |
2019-04-04 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
None |
Partial |
|
There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for 24bpp data. |
|
50 |
CVE-2018-20546 |
190 |
|
|
2018-12-28 |
2019-04-04 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
None |
Partial |
|
There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for the default bpp case. |
