# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2019-14813 |
863 |
|
Exec Code Bypass |
2019-09-06 |
2020-10-16 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands. |
2 |
CVE-2019-14287 |
755 |
|
Bypass |
2019-10-17 |
2022-04-18 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command. |
3 |
CVE-2019-10216 |
|
|
Bypass |
2019-11-27 |
2020-09-30 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas. |
4 |
CVE-2019-9948 |
22 |
|
Dir. Trav. Bypass |
2019-03-23 |
2022-06-30 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call. |
5 |
CVE-2019-6133 |
362 |
|
Bypass |
2019-01-11 |
2020-08-24 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c. |
6 |
CVE-2019-5779 |
862 |
|
Bypass |
2019-02-19 |
2020-08-24 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
Insufficient policy validation in ServiceWorker in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. |
7 |
CVE-2019-5778 |
79 |
|
XSS Bypass |
2019-02-19 |
2019-04-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
A missing case for handling special schemes in permission request checks in Extensions in Google Chrome prior to 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to bypass extension permission checks for privileged pages via a crafted Chrome Extension. |
8 |
CVE-2019-5773 |
20 |
|
Bypass |
2019-02-19 |
2021-07-21 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Insufficient origin validation in IndexedDB in Google Chrome prior to 72.0.3626.81 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. |
9 |
CVE-2019-3878 |
287 |
|
Bypass |
2019-03-26 |
2019-05-07 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A vulnerability was found in mod_auth_mellon before v0.14.2. If Apache is configured as a reverse proxy and mod_auth_mellon is configured to only let through authenticated users (with the require valid-user directive), adding special HTTP headers that are normally used to start the special SAML ECP (non-browser based) can be used to bypass authentication. |
10 |
CVE-2019-0217 |
362 |
|
Bypass |
2019-04-08 |
2021-06-06 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions. |
11 |
CVE-2018-12395 |
|
|
Bypass |
2019-02-28 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
By rewriting the Host: request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting. This would allow access to domains that share a host that are otherwise restricted. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63. |
12 |
CVE-2018-6114 |
20 |
|
Bypass |
2019-01-09 |
2019-01-16 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Incorrect enforcement of CSP for <object> tags in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass content security policy via a crafted HTML page. |
13 |
CVE-2018-6112 |
706 |
|
Bypass |
2019-01-09 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
Making URLs clickable and allowing them to be styled in DevTools in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. |