Vulnerabilities (CVE)

CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-1580 1 Paloaltonetworks 1 Pan-os 2020-08-24 10.0 HIGH 9.8 CRITICAL
Memory corruption in PAN-OS 7.1.24 and earlier, PAN-OS 8.0.19 and earlier, PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier will allow a remote, unauthenticated user to craft a message to Secure Shell Daemon (SSHD) and corrupt arbitrary memory.
CVE-2019-2309 1 Qualcomm 48 Mdm9150, Mdm9150 Firmware, Mdm9206 and 45 more 2020-08-24 7.5 HIGH 9.8 CRITICAL
While storing calibrated data from firmware in cache, An integer overflow may occur since data length received may exceed real data length. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 425, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820A, SD 845 / SD 850, SDM660, SDX20
CVE-2019-2302 1 Qualcomm 60 Apq8017, Apq8017 Firmware, Apq8053 and 57 more 2020-08-24 7.5 HIGH 9.8 CRITICAL
While processing vendor command which contains corrupted channel count, an integer overflow occurs and finally will lead to heap overflow. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8976, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA845, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM8150
CVE-2019-15800 1 Zyxel 18 Gs1900-10hp, Gs1900-10hp Firmware, Gs1900-16 and 15 more 2020-08-24 10.0 HIGH 9.8 CRITICAL
An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. Due to lack of input validation in the cmd_sys_traceroute_exec(), cmd_sys_arp_clear(), and cmd_sys_ping_exec() functions in the libclicmd.so library contained in the firmware, an attacker could leverage these functions to call system() and execute arbitrary commands on the switches. (Note that these functions are currently not called in this version of the firmware, however an attacker could use other vulnerabilities to finally use these vulnerabilities to gain code execution.)
CVE-2019-2279 1 Qualcomm 76 Mdm9150, Mdm9150 Firmware, Mdm9607 and 73 more 2020-08-24 7.5 HIGH 9.8 CRITICAL
Shared memory gets updated with invalid data and may lead to access beyond the allocated memory. in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCA6574AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, Snapdragon_High_Med_2016
CVE-2019-2256 1 Qualcomm 70 Mdm9650, Mdm9650 Firmware, Msm8909w and 67 more 2020-08-24 10.0 HIGH 9.8 CRITICAL
An unprivileged user can craft a bitstream such that the payload encoded in the bitstream gains code execution in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130
CVE-2018-17462 3 Debian, Google, Redhat 5 Debian Linux, Chrome, Linux Desktop and 2 more 2020-08-24 6.8 MEDIUM 9.6 CRITICAL
Incorrect refcounting in AppCache in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform a sandbox escape via a crafted HTML page.
CVE-2019-2255 1 Qualcomm 70 Msm8909w, Msm8909w Firmware, Msm8996au and 67 more 2020-08-24 10.0 HIGH 9.8 CRITICAL
An unprivileged user can craft a bitstream such that the payload encoded in the bitstream gains code execution in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130
CVE-2019-2253 1 Qualcomm 86 Mdm9150, Mdm9150 Firmware, Mdm9206 and 83 more 2020-08-24 7.5 HIGH 9.8 CRITICAL
Buffer over-read can occur while parsing an ogg file with a corrupted comment block. in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20
CVE-2018-17456 4 Canonical, Debian, Git-scm and 1 more 11 Ubuntu Linux, Debian Linux, Git and 8 more 2020-08-24 7.5 HIGH 9.8 CRITICAL
Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.
CVE-2018-17448 1 Citrix 2 Netscaler Sd-wan, Sd-wan 2020-08-24 7.5 HIGH 9.8 CRITICAL
An Incorrect Access Control issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.
CVE-2019-2130 1 Google 1 Android 2020-08-24 10.0 HIGH 9.8 CRITICAL
In CompilationJob::FinalizeJob of compiler.cc, there is a possible remote code execution due to type confusion. This could lead to escalation of privilege from a malicious proxy configuration with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-132073833.
CVE-2019-15543 1 Slice-deque Project 1 Slice-deque 2020-08-24 7.5 HIGH 9.8 CRITICAL
An issue was discovered in the slice-deque crate before 0.2.0 for Rust. There is memory corruption in certain allocation cases.
CVE-2018-17564 1 Grandstream 12 Gxp1610, Gxp1610 Firmware, Gxp1615 and 9 more 2020-08-24 7.5 HIGH 9.8 CRITICAL
A Malformed Input String to /cgi-bin/delete_CA on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to delete configuration parameters and gain admin access to the device.
CVE-2018-17190 1 Apache 1 Spark 2020-08-24 7.5 HIGH 9.8 CRITICAL
In all versions of Apache Spark, its standalone resource manager accepts code to execute on a 'master' host, that then runs that code on 'worker' hosts. The master itself does not, by design, execute user code. A specially-crafted request to the master can, however, cause the master to execute code too. Note that this does not affect standalone clusters with authentication enabled. While the master host typically has less outbound access to other resources than a worker, the execution of code on the master is nevertheless unexpected.
CVE-2019-20646 1 Netgear 2 Rax40, Rax40 Firmware 2020-08-24 5.0 MEDIUM 9.8 CRITICAL
NETGEAR RAX40 devices before 1.0.3.64 are affected by disclosure of administrative credentials.
CVE-2018-17174 1 Nmealib Project 1 Nmealib 2020-08-24 7.5 HIGH 9.8 CRITICAL
A stack-based buffer overflow was discovered in the xtimor NMEA library (aka nmealib) 0.5.3. nmea_parse() in parser.c allows an attacker to trigger denial of service (even arbitrary code execution in a certain context) in a product using this library via malformed data.
CVE-2018-17141 2 Debian, Hylafax 3 Debian Linux, Hylafax, Hylafax\+ 2020-08-24 7.5 HIGH 9.8 CRITICAL
HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData() in the faxd/CopyQuality.c++ file.
CVE-2018-17160 1 Freebsd 1 Freebsd 2020-08-24 10.0 HIGH 10.0 CRITICAL
In FreeBSD before 11.2-STABLE(r341486) and 11.2-RELEASE-p6, insufficient bounds checking in one of the device models provided by bhyve can permit a guest operating system to overwrite memory in the bhyve host possibly permitting arbitrary code execution. A guest OS using a firmware image can cause the bhyve process to crash, or possibly execute arbitrary code on the host as root.
CVE-2018-16591 1 Furuno 4 Felcom 250, Felcom 250 Firmware, Felcom 500 and 1 more 2020-08-24 10.0 HIGH 9.8 CRITICAL
FURUNO FELCOM 250 and 500 devices allow unauthenticated users to change the password for the Admin, Log and Service accounts, as well as the password for the protected "SMS" panel via /cgi-bin/sm_changepassword.cgi and /cgi-bin/sm_sms_changepasswd.cgi.
CVE-2019-20553 3 Google, Qualcomm, Samsung 7 Android, Sm6150, Sm8150 and 4 more 2020-08-24 7.5 HIGH 9.8 CRITICAL
An issue was discovered on Samsung mobile devices with P(9.0) (SM6150, SM8150, SM8150_FUSION, exynos7885, exynos9610, and exynos9820 chipsets) software. Arbitrary memory read and write operations can occur in RKP. The Samsung ID is SVE-2019-15143 (October 2019).
CVE-2019-15784 1 Srtalliance 1 Secure Reliable Transport 2020-08-24 7.5 HIGH 9.8 CRITICAL
Secure Reliable Transport (SRT) through 1.3.4 has a CSndUList array overflow if there are many SRT connections.
CVE-2018-16281 1 Deiser 1 Profields-project Custom Fields 2020-08-24 7.5 HIGH 9.8 CRITICAL
The DEISER "Profields - Project Custom Fields" app before 6.0.2 for Jira has Incorrect Access Control.
CVE-2019-15823 1 Wpserveur 1 Wps Hide Login 2020-08-24 7.5 HIGH 9.8 CRITICAL
The wps-hide-login plugin before 1.5.3 for WordPress has an action=confirmaction protection bypass.
CVE-2019-1584 1 Zingbox 1 Inspector 2020-08-24 6.8 MEDIUM 9.8 CRITICAL
A security vulnerability exists in Zingbox Inspector version 1.293 and earlier, that allows for remote code execution if the Inspector were sent a malicious command from the Zingbox cloud, or if the Zingbox Inspector were tampered with to connect to an attacker's cloud endpoint.
CVE-2019-15859 1 Socomec 2 Diris A-40, Diris A-40 Firmware 2020-08-24 10.0 HIGH 9.8 CRITICAL
Password disclosure in the web interface on socomec DIRIS A-40 devices before 48250501 allows a remote attacker to get full access to a device via the /password.jsn URI.
CVE-2019-15932 1 Intesync 1 Solismed 2020-08-24 7.5 HIGH 9.8 CRITICAL
Intesync Solismed 3.3sp has Incorrect Access Control.
CVE-2019-16060 1 Airbrake 1 Airbrake Ruby 2020-08-24 5.0 MEDIUM 9.8 CRITICAL
The Airbrake Ruby notifier 4.2.3 for Airbrake mishandles the blacklist_keys configuration option and consequently may disclose passwords to unauthorized actors. This is fixed in 4.2.4 (also, 4.2.2 and earlier are unaffected).
CVE-2017-2235 1 Toshiba 4 Hem-gw16a, Hem-gw16a Firmware, Hem-gw26a and 1 more 2020-08-24 5.0 MEDIUM 9.8 CRITICAL
Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier. Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier allows an attacker to bypass access restriction to change the administrator account password via unspecified vectors.
CVE-2017-2277 1 Sony 2 Wg-c10, Wg-c10 Firmware 2020-08-24 7.5 HIGH 9.1 CRITICAL
WG-C10 v3.0.79 and earlier allows an attacker to bypass access restrictions to obtain or alter information stored in the external storage connected to the product via unspecified vectors.
CVE-2019-20488 1 Netgear 2 Wnr1000, Wnr1000 Firmware 2020-08-24 7.5 HIGH 9.8 CRITICAL
An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. Multiple actions within the web management interface (setup.cgi) are vulnerable to command injection, allowing remote attackers to execute arbitrary commands, as demonstrated by shell metacharacters in the sysDNSHost parameter.
CVE-2019-20481 1 Miele 2 Xgw 3000 Zigbee Gateway, Xgw 3000 Zigbee Gateway Firmware 2020-08-24 5.0 MEDIUM 9.8 CRITICAL
In MIELE XGW 3000 ZigBee Gateway before 2.4.0, the Password Change Function does not require knowledge of the old password. This can be exploited in conjunction with CVE-2019-20480.
CVE-2019-20489 1 Netgear 2 Wnr1000, Wnr1000 Firmware 2020-08-24 5.0 MEDIUM 9.8 CRITICAL
An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. The web management interface (setup.cgi) has an authentication bypass and other problems that ultimately allow an attacker to remotely compromise the device from a malicious webpage. The attacker sends an FW_remote.htm&todo=cfg_init request without a cookie, reads the Set-Cookie header in the 401 Unauthorized response, and then repeats the FW_remote.htm&todo=cfg_init request with the specified cookie.
CVE-2018-14999 1 Leagoo 2 P1, P1 Firmware 2020-08-24 9.4 HIGH 9.1 CRITICAL
The Leagoo P1 device with a build fingerprint of sp7731c_1h10_32v4_bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed platform app with a package name of com.wtk.factory (versionCode=1, versionName=1.0) that contains an exported broadcast receiver named com.wtk.factory.MMITestReceiver allows any app co-located on the device to programmatically initiate a factory reset. In addition, the app initiating the factory reset does not require any permissions. A factory reset will remove all user data and apps from the device. This will result in the loss of any data that have not been backed up or synced externally. The capability to perform a factory reset is not directly available to third-party apps (those that the user installs themselves with the exception of enabled Mobile Device Management (MDM) apps), although this capability can be obtained by leveraging an unprotected app component of a pre-installed platform app.
CVE-2019-2036 1 Google 1 Android 2020-08-24 10.0 HIGH 9.8 CRITICAL
In okToConnect of HidHostService.java, there is a possible permission bypass due to an incorrect state check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-79703832
CVE-2019-16124 1 Youphptube 1 Youphptube 2020-08-24 7.5 HIGH 9.8 CRITICAL
In YouPHPTube 7.4, the file install/checkConfiguration.php has no access control, which leads to everyone being able to edit the configuration file, and insert malicious PHP code.
CVE-2018-14599 4 Canonical, Debian, Fedoraproject and 1 more 4 Ubuntu Linux, Debian Linux, Fedora and 1 more 2020-08-24 7.5 HIGH 9.8 CRITICAL
An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact.
CVE-2019-16192 1 Doccms 1 Doccms 2020-08-24 7.5 HIGH 9.8 CRITICAL
upload_model() in /admini/controllers/system/managemodel.php in DocCms 2016.5.17 allow remote attackers to execute arbitrary PHP code through module management files, as demonstrated by a .php file in a ZIP archive.
CVE-2019-17662 1 Cybelsoft 1 Thinvnc 2020-08-24 5.0 MEDIUM 9.8 CRITICAL
ThinVNC 1.0b1 is vulnerable to arbitrary file read, which leads to a compromise of the VNC server. The vulnerability exists even when authentication is turned on during the deployment of the VNC server. The password for authentication is stored in cleartext in a file that can be read via a ../../ThinVnc.ini directory traversal attack vector.
CVE-2019-16382 1 Ivanti 1 Workspace Control 2020-08-24 7.5 HIGH 9.8 CRITICAL
An issue was discovered in Ivanti Workspace Control 10.3.110.0. One is able to bypass Ivanti's FileGuard folder protection by renaming the WMTemp work folder used by PowerGrid. A malicious PowerGrid XML file can then be created, after which the folder is renamed back to its original value. Also, CVE-2018-15591 exploitation can consequently be achieved by using PowerGrid with the /SEE parameter to execute the arbitrary command specified in the XML file.
CVE-2018-13924 1 Qualcomm 112 Ipq8074, Ipq8074 Firmware, Mdm9150 and 109 more 2020-08-24 10.0 HIGH 9.8 CRITICAL
Lack of check to prevent the buffer length taking negative values can lead to stack overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA6174A, QCA8081, QCS404, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130
CVE-2018-13876 1 Hdfgroup 1 Hdf5 2020-08-24 7.5 HIGH 9.8 CRITICAL
An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer overflow in the function H5FD_sec2_read in H5FDsec2.c, related to HDread.
CVE-2018-13874 1 Hdfgroup 1 Hdf5 2020-08-24 7.5 HIGH 9.8 CRITICAL
An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer overflow in the function H5FD_sec2_read in H5FDsec2.c, related to HDmemset.
CVE-2019-16399 1 Westerndigital 2 Wd My Book, Wd My Book Firmware 2020-08-24 7.5 HIGH 9.8 CRITICAL
Western Digital WD My Book World through II 1.02.12 suffers from Broken Authentication, which allows an attacker to access the /admin/ directory without credentials. An attacker can easily enable SSH from /admin/system_advanced.php?lang=en and login with the default root password welc0me.
CVE-2019-16650 1 Supermicro 526 A1sa2-2750f, A1sa2-2750f Firmware, A1sai-2550f and 523 more 2020-08-24 7.5 HIGH 10.0 CRITICAL
On Supermicro X10 and X11 products, a client's access privileges may be transferred to a different client that later has the same socket file descriptor number. In opportunistic circumstances, an attacker can simply connect to the virtual media service, and then connect virtual USB devices to the server managed by the BMC.
CVE-2018-12814 1 Adobe 1 Digital Editions 2020-08-24 10.0 HIGH 9.8 CRITICAL
Adobe Digital Editions versions 4.5.8 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2018-12813 1 Adobe 1 Digital Editions 2020-08-24 10.0 HIGH 9.8 CRITICAL
Adobe Digital Editions versions 4.5.8 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2018-12798 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more 2020-08-24 10.0 HIGH 9.8 CRITICAL
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
CVE-2019-19676 1 Arxes-tolina 1 Arxes-tolina 2020-08-24 9.3 HIGH 9.6 CRITICAL
A CSV injection in arxes-tolina 3.0.0 allows malicious users to gain remote control of other computers. By entering formula code in the following columns: Kundennummer, Firma, Street, PLZ, Ort, Zahlziel, and Bemerkung, an attacker can create a user with a name that contains malicious code. Other users might download this data as a CSV file and corrupt their PC by opening it in a tool such as Microsoft Excel. The attacker could gain remote access to the user's PC.
CVE-2018-12578 1 Sam2p Project 1 Sam2p 2020-08-24 7.5 HIGH 9.8 CRITICAL
There is a heap-based buffer overflow in bmp_compress1_row in appliers.cpp in sam2p 0.49.4 that leads to a denial of service or possibly unspecified other impact.