Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Memory corruption and disclosure of memory content. The component is: optee_os. The fixed version is: 3.4.0 and later.
Source: DWF
Max CVSS
9.8
EPSS Score
0.23%
Published
2019-07-15
Updated
2021-07-21
The Linux Foundation ONOS 2.0.0 and earlier is affected by: Poor Input-validation. The impact is: A network administrator (or attacker) can install unintended flow rules in the switch by mistake. The component is: applyFlowRules() and apply() functions in FlowRuleManager.java. The attack vector is: network management and connectivity.
Source: DWF
Max CVSS
5.5
EPSS Score
0.07%
Published
2019-07-18
Updated
2019-07-29
Open Information Security Foundation Suricata prior to version 4.1.2 is affected by: Denial of Service - DNS detection bypass. The impact is: An attacker can evade a signature detection with a specialy formed network packet. The component is: app-layer-detect-proto.c, decode.c, decode-teredo.c and decode-ipv6.c (https://github.com/OISF/suricata/pull/3590/commits/11f3659f64a4e42e90cb3c09fcef66894205aefe, https://github.com/OISF/suricata/pull/3590/commits/8357ef3f8ffc7d99ef6571350724160de356158b). The attack vector is: An attacker can trigger the vulnerability by sending a specifically crafted network request. The fixed version is: 4.1.2.
Source: DWF
Max CVSS
7.5
EPSS Score
0.21%
Published
2019-07-18
Updated
2019-07-23
The Linux Foundation ONOS 2.0.0 and earlier is affected by: Poor Input-validation. The impact is: A network administrator (or attacker) can install unintended flow rules in the switch by mistake. The component is: createFlow() and createFlows() functions in FlowWebResource.java (RESTful service). The attack vector is: network management and connectivity.
Source: DWF
Max CVSS
5.5
EPSS Score
0.07%
Published
2019-07-18
Updated
2019-07-25
The Linux Foundation ONOS SDN Controller 1.15 and earlier versions is affected by: Improper Input Validation. The impact is: A remote attacker can execute arbitrary commands on the controller. The component is: apps/yang/src/main/java/org/onosproject/yang/impl/YangLiveCompilerManager.java. The attack vector is: network connectivity. The fixed version is: 1.15.
Source: DWF
Max CVSS
9.8
EPSS Score
0.28%
Published
2019-07-19
Updated
2021-07-21
The Linux Foundation ONOS 1.15.0 and ealier is affected by: Improper Input Validation. The impact is: The attacker can remotely execute any commands by sending malicious http request to the controller. The component is: Method runJavaCompiler in YangLiveCompilerManager.java. The attack vector is: network connectivity.
Source: DWF
Max CVSS
9.8
EPSS Score
0.44%
Published
2019-07-22
Updated
2019-07-25
wp_kses_bad_protocol in wp-includes/kses.php in WordPress before 5.3.1 mishandles the HTML5 colon named entity, allowing attackers to bypass input sanitization, as demonstrated by the javascript: substring.
Source: MITRE
Max CVSS
9.8
EPSS Score
0.87%
Published
2019-12-27
Updated
2022-11-23
An issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14.x before 1.14.2. It allows the upload of entire-site configuration archives through the user interface or command line. It does not sufficiently check uploaded archives for invalid data, allowing non-configuration scripts to potentially be uploaded to the server. This issue is mitigated by the fact that the attacker would be required to have the "Synchronize, import, and export configuration" permission, a permission that only trusted administrators should be given. Other measures in the product prevent the execution of PHP scripts, so another server-side scripting language must be accessible on the server to execute code.
Source: MITRE
Max CVSS
7.2
EPSS Score
0.10%
Published
2019-12-19
Updated
2021-07-21
An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device (and assignable-add is not used), because of an incomplete fix for CVE-2019-18424. XSA-302 relies on the use of libxl's "assignable-add" feature to prepare devices to be assigned to untrusted guests. Unfortunately, this is not considered a strictly required step for device assignment. The PCI passthrough documentation on the wiki describes alternate ways of preparing devices for assignment, and libvirt uses its own ways as well. Hosts where these "alternate" methods are used will still leave the system in a vulnerable state after the device comes back from a guest. An untrusted domain with access to a physical device can DMA into host memory, leading to privilege escalation. Only systems where guests are given direct access to physical devices capable of DMA (PCI pass-through) are vulnerable. Systems which do not use PCI pass-through are not vulnerable.
Source: MITRE
Max CVSS
7.2
EPSS Score
0.32%
Published
2019-12-04
Updated
2020-01-14
M5 lite 10 with versions of 8.0.0.182(C00) have an insufficient input validation vulnerability. Due to the input validation logic is incorrect, an attacker can exploit this vulnerability to modify the memory of the device by doing a series of operations. Successful exploit may lead to malicious code execution.
Source: Huawei Technologies
Max CVSS
9.8
EPSS Score
0.18%
Published
2019-12-26
Updated
2020-01-02
illumos, as used in OmniOS Community Edition before r151030y, allows a kernel crash via an application with multiple threads calling sendmsg concurrently over a single socket, because uts/common/inet/ip/ip_attr.c mishandles conn_ixa dereferences.
Source: MITRE
Max CVSS
7.8
EPSS Score
0.12%
Published
2019-11-29
Updated
2019-12-16
In Octopus Deploy before 2019.10.6, an authenticated user with TeamEdit permission could send a malformed Team API request that bypasses input validation and causes an application level denial of service condition. (The fix for this was also backported to LTS 2019.9.8 and LTS 2019.6.14.)
Source: MITRE
Max CVSS
6.5
EPSS Score
0.08%
Published
2019-11-28
Updated
2021-07-21
A flaw was found in Red Hat Ceph Storage version 3 in the way the Ceph RADOS Gateway daemon handles S3 requests. An authenticated attacker can abuse this flaw by causing a remote denial of service by sending a specially crafted HTTP Content-Length header to the Ceph RADOS Gateway server.
Source: Red Hat, Inc.
Max CVSS
6.5
EPSS Score
0.09%
Published
2019-12-23
Updated
2021-10-29
Controllers/InvitationsController.cs in QueryTree before 3.0.99-beta mishandles invitations.
Source: MITRE
Max CVSS
9.8
EPSS Score
0.24%
Published
2019-11-25
Updated
2019-12-11
The HMISimulator component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier fails to validate the content-length field for HTTP requests, exposing HMISimulator to denial of service via crafted HTTP requests manipulating the content-length setting.
Source: Asea Brown Boveri Ltd. (ABB)
Max CVSS
5.3
EPSS Score
0.10%
Published
2019-12-18
Updated
2019-12-31
Due to a lack of file length check, the HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier crashes when trying to load an empty *.JPR application file. An attacker with access to the file system might be able to cause application malfunction such as denial of service.
Source: Asea Brown Boveri Ltd. (ABB)
Max CVSS
6.5
EPSS Score
0.10%
Published
2019-12-18
Updated
2019-12-31
An attacker may use a specially crafted message to force Relion 650 series (versions 1.3.0.5 and prior) or Relion 670 series (versions 1.2.3.18, 2.0.0.11, 2.1.0.1 and prior) to reboot, which could cause a denial of service.
Source: ICS-CERT
Max CVSS
7.8
EPSS Score
0.10%
Published
2019-11-27
Updated
2023-05-16
Honeywell equIP series IP cameras Multiple equIP Series Cameras, A vulnerability exists in the affected products where a specially crafted HTTP packet request could result in a denial of service.
Source: ICS-CERT
Max CVSS
7.5
EPSS Score
0.11%
Published
2019-10-31
Updated
2020-09-29
The AsyncResponseWrapperImpl class in Apache Olingo versions 4.0.0 to 4.6.0 reads the Retry-After header and passes it to the Thread.sleep() method without any check. If a malicious server returns a huge value in the header, then it can help to implement a DoS attack.
Source: Apache Software Foundation
Max CVSS
7.5
EPSS Score
0.09%
Published
2019-12-04
Updated
2019-12-13
An issue was discovered on D-Link DIR-816 A1 1.06 devices. An attacker could access management pages of the router via a client that ignores the 'top.location.href = "/dir_login.asp"' line in a .asp file. This provides access to d_status.asp, version.asp, d_dhcptbl.asp, and d_acl.asp.
Source: MITRE
Max CVSS
7.5
EPSS Score
0.36%
Published
2019-10-11
Updated
2019-10-15
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service because of an incompatibility between Process Context Identifiers (PCID) and shadow-pagetable switching.
Source: MITRE
Max CVSS
6.5
EPSS Score
0.05%
Published
2019-10-08
Updated
2023-02-03
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because a guest can manipulate its virtualised %cr4 in a way that is incompatible with Linux (and possibly other guest kernels).
Source: MITRE
Max CVSS
7.8
EPSS Score
0.05%
Published
2019-10-08
Updated
2023-02-03
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because of an incompatibility between Process Context Identifiers (PCID) and TLB flushes.
Source: MITRE
Max CVSS
8.8
EPSS Score
0.05%
Published
2019-10-08
Updated
2023-02-03
A denial-of-service issue was discovered in the MQTT library in Arm Mbed OS 2017-11-02. The function readMQTTLenString() is called by the function MQTTDeserialize_publish() to get the length and content of the MQTT topic name. In the function readMQTTLenString(), mqttstring->lenstring.len is a part of user input, which can be manipulated. An attacker can simply change it to a larger value to invalidate the if statement so that the statements inside the if statement are skipped, letting the value of mqttstring->lenstring.data default to zero. Later, curn is accessed, which points to mqttstring->lenstring.data. On an Arm Cortex-M chip, the value at address 0x0 is actually the initialization value for the MSP register. It is highly dependent on the actual firmware. Therefore, the behavior of the program is unpredictable from this time on.
Source: MITRE
Max CVSS
7.5
EPSS Score
0.09%
Published
2019-11-04
Updated
2019-11-13
vBulletin through 5.5.4 mishandles custom avatars.
Source: MITRE
Max CVSS
9.8
EPSS Score
14.27%
Published
2019-10-04
Updated
2021-07-21
918 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!