Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-7286 | 1 Apple | 2 Iphone Os, Mac Os X | 2020-08-24 | 6.8 MEDIUM | 7.8 HIGH |
| A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4, macOS Mojave 10.14.3 Supplemental Update. An application may be able to gain elevated privileges. | |||||
| CVE-2019-7287 | 1 Apple | 1 Iphone Os | 2020-08-24 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2019-7300 | 1 Articatech | 1 Artica Proxy | 2020-08-24 | 9.0 HIGH | 7.2 HIGH |
| Artica Proxy 3.06.200056 allows remote attackers to execute arbitrary commands as root by reading the ressources/settings.inc ldap_admin and ldap_password fields, using these credentials at logon.php, and then entering the commands in the admin.index.php command-line field. | |||||
| CVE-2019-7301 | 1 Zevenet | 1 Zen Load Balancer | 2020-08-24 | 9.0 HIGH | 7.2 HIGH |
| Zen Load Balancer 3.10.1 allows remote authenticated admin users to execute arbitrary commands as root via shell metacharacters in the index.cgi?action=View_Cert certname parameter. | |||||
| CVE-2019-7319 | 1 Cloudera | 1 Cdh | 2020-08-24 | 6.5 MEDIUM | 8.3 HIGH |
| An issue was discovered in Cloudera Hue 6.0.0 through 6.1.0. When using one of following authentication backends: LdapBackend, PamBackend, SpnegoDjangoBackend, RemoteUserDjangoBackend, SAML2Backend, OpenIDBackend, or OAuthBackend, external users are created with superuser privileges. | |||||
| CVE-2019-7323 | 1 Logmx | 1 Logmx | 2020-08-24 | 5.1 MEDIUM | 7.5 HIGH |
| GUP (generic update process) in LightySoft LogMX before 7.4.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update. The update process relies on cleartext HTTP. The attacker could replace the LogMXUpdater.class file. | |||||
| CVE-2019-7347 | 1 Zoneminder | 1 Zoneminder | 2020-08-24 | 6.0 MEDIUM | 7.5 HIGH |
| A Time-of-check Time-of-use (TOCTOU) Race Condition exists in ZoneMinder through 1.32.3 as a session remains active for an authenticated user even after deletion from the users table. This allows a nonexistent user to access and modify records (add/delete Monitors, Users, etc.). | |||||
| CVE-2019-7358 | 1 Autodesk | 11 Advance Steel, Autocad, Autocad Architecture and 8 more | 2020-08-24 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable heap overflow vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file may cause a heap overflow, resulting in code execution. | |||||
| CVE-2019-7359 | 1 Autodesk | 11 Advance Steel, Autocad, Autocad Architecture and 8 more | 2020-08-24 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable heap overflow vulnerability in the AcCellMargin handling code in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file with too many cell margins populating an AcCellMargin object may cause a heap overflow, resulting in code execution. | |||||
| CVE-2019-7383 | 1 Systrome | 6 Cumilon Isg-600c, Cumilon Isg-600c Firmware, Cumilon Isg-600h and 3 more | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| An issue was discovered on Systrome Cumilon ISG-600C, ISG-600H, and ISG-800W devices with firmware V1.1-R2.1_TRUNK-20181105.bin. A shell command injection occurs by editing the description of an ISP file. The file network/isp/isp_update_edit.php does not properly validate user input, which leads to shell command injection via the des parameter. | |||||
| CVE-2019-7384 | 1 Raisecom | 8 Iscom Ht803g-1ge, Iscom Ht803g-1ge Firmware, Iscom Ht803g-u and 5 more | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| An authenticated shell command injection issue has been discovered in Raisecom ISCOM HT803G-U, HT803G-W, HT803G-1GE, and HT803G GPON products with the firmware version ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 or below. The value of the fmgpon_loid parameter is used in a system call inside the boa binary. Because there is no user input validation, this leads to authenticated code execution on the device. | |||||
| CVE-2019-7385 | 1 Raisecom | 8 Iscom Ht803g-1ge, Iscom Ht803g-1ge Firmware, Iscom Ht803g-u and 5 more | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| An authenticated shell command injection issue has been discovered in Raisecom ISCOM HT803G-U, HT803G-W, HT803G-1GE, and HT803G GPON products with the firmware version ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 or below, The values of the newpass and confpass parameters in /bin/WebMGR are used in a system call in the firmware. Because there is no user input validation, this leads to authenticated code execution on the device. | |||||
| CVE-2019-7388 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to get sensitive information (such as MAC address) about all clients in the WLAN via the GetClientInfo HNAP API. Consequently, an attacker can achieve information disclosure without authentication. | |||||
| CVE-2019-7389 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2020-08-24 | 7.8 HIGH | 7.5 HIGH |
| An issue was discovered in /bin/goahead on D-Link DIR-823G devices with the firmware 1.02B03. There is incorrect access control allowing remote attackers to reset the router without authentication via the SetFactoryDefault HNAP API. Consequently, an attacker can achieve a denial-of-service attack without authentication. | |||||
| CVE-2019-7390 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2020-08-24 | 5.0 MEDIUM | 8.6 HIGH |
| An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to hijack the DNS service configuration of all clients in the WLAN, without authentication, via the SetWanSettings HNAP API. | |||||
| CVE-2019-7399 | 1 Amazon | 1 Fire Os | 2020-08-24 | 5.8 MEDIUM | 7.4 HIGH |
| Amazon Fire OS before 5.3.6.4 allows a man-in-the-middle attack against HTTP requests for "Terms of Use" and Privacy pages. | |||||
| CVE-2019-7579 | 1 Linksys | 2 Wrt1900acs, Wrt1900acs Firmware | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Linksys WRT1900ACS 1.0.3.187766 devices. An ability exists for an unauthenticated user to browse a confidential ui/1.0.99.187766/dynamic/js/setup.js.localized file on the router's webserver, allowing for an attacker to identify possible passwords that the system uses to set the default guest network password. An attacker can use this list of 30 words along with a random 2 digit number to brute force their access onto a router's guest network. | |||||
| CVE-2019-7581 | 2 Canonical, Libming | 2 Ubuntu Linux, Libming | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| The parseSWF_ACTIONRECORD function in util/parser.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure, a different vulnerability than CVE-2018-7876. | |||||
| CVE-2019-7582 | 2 Canonical, Libming | 2 Ubuntu Linux, Libming | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| The readBytes function in util/read.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure. | |||||
| CVE-2019-7588 | 2 Exacq, Microsoft | 2 Enterprise System Manager, Windows | 2020-08-24 | 6.9 MEDIUM | 7.0 HIGH |
| A vulnerability in the exacqVision Enterprise System Manager (ESM) v5.12.2 application whereby unauthorized privilege escalation can potentially be achieved. This vulnerability impacts exacqVision ESM v5.12.2 and all prior versions of ESM running on a Windows operating system. This issue does not impact any Windows Server OSs, or Linux deployments with permissions that are not inherited from the root directory. Authorized Users have ‘modify’ permission to the ESM folders, which allows a low privilege account to modify files located in these directories. An executable can be renamed and replaced by a malicious file that could connect back to a bad actor providing system level privileges. A low privileged user is not able to restart the service, but a restart of the system would trigger the execution of the malicious file. This issue affects: Exacq Technologies, Inc. exacqVision Enterprise System Manager (ESM) Version 5.12.2 and prior versions; This issue does not affect: Exacq Technologies, Inc. exacqVision Enterprise System Manager (ESM) 19.03 and above. | |||||
| CVE-2019-7639 | 2 Fedoraproject, Gsi-openssh Project | 2 Fedora, Gsi-openssh | 2020-08-24 | 4.3 MEDIUM | 8.1 HIGH |
| An issue was discovered in gsi-openssh-server 7.9p1 on Fedora 29. If PermitPAMUserChange is set to yes in the /etc/gsissh/sshd_config file, logins succeed with a valid username and an incorrect password, even though a failure entry is recorded in the /var/log/messages file. | |||||
| CVE-2019-7648 | 1 Hotels Server Project | 1 Hotels Server | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| controller/fetchpwd.php and controller/doAction.php in Hotels_Server through 2018-11-05 rely on base64 in an attempt to protect password storage. | |||||
| CVE-2019-7651 | 1 Emsisoft | 1 Anti-malware | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| EPP.sys in Emsisoft Anti-Malware prior to version 2018.12 allows an attacker to bypass ACLs because Interpreted Device Characteristics lacks FILE_DEVICE_SECURE_OPEN and therefore files and directories "inside" the \\.\EPP device are not properly protected, leading to unintended impersonation or object creation. This vulnerability has been fixed in version 2018.12 and later. | |||||
| CVE-2019-7659 | 2 Debian, Genivia | 2 Debian Linux, Gsoap | 2020-08-24 | 6.8 MEDIUM | 8.1 HIGH |
| Genivia gSOAP 2.7.x and 2.8.x before 2.8.75 allows attackers to cause a denial of service (application abort) or possibly have unspecified other impact if a server application is built with the -DWITH_COOKIES flag. This affects the C/C++ libgsoapck/libgsoapck++ and libgsoapssl/libgsoapssl++ libraries, as these are built with that flag. | |||||
| CVE-2019-7670 | 1 Primasystems | 1 Flexair | 2020-08-24 | 9.0 HIGH | 7.2 HIGH |
| Prima Systems FlexAir, Versions 2.3.38 and prior. The application incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component, which could allow attackers to execute commands directly on the operating system. | |||||
| CVE-2019-7675 | 1 Mobotix | 2 S14, S14 Firmware | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. The default management application is delivered over cleartext HTTP with Basic Authentication, as demonstrated by the /admin/index.html URI. | |||||
| CVE-2019-7676 | 1 Enphase | 1 Envoy | 2020-08-24 | 6.5 MEDIUM | 7.2 HIGH |
| A weak password vulnerability was discovered in Enphase Envoy R3.*.*. One can login via TCP port 8888 with the admin password for the admin account. | |||||
| CVE-2019-7711 | 1 Ghs | 1 Integrity Rtos | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. The undocumented shell command "prompt" sets the (user controlled) shell's prompt value, which is used as a format string input to printf, resulting in an information leak of memory addresses. | |||||
| CVE-2019-7712 | 1 Ghs | 1 Integrity Rtos | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in handler_ipcom_shell_pwd in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. When using the pwd command, the current working directory path is used as the first argument to printf() without a proper check. An attacker may thus forge a path containing format string modifiers to get a custom format string evaluated. This results in an information leak of memory addresses. | |||||
| CVE-2019-7732 | 1 Live555 | 1 Streaming Media | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| In Live555 0.95, a setup packet can cause a memory leak leading to DoS because, when there are multiple instances of a single field (username, realm, nonce, uri, or response), only the last instance can ever be freed. | |||||
| CVE-2019-7820 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2020-08-24 | 9.3 HIGH | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7824 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2020-08-24 | 9.3 HIGH | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7827 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2020-08-24 | 9.3 HIGH | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7828 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2020-08-24 | 9.3 HIGH | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7848 | 3 Adobe, Linux, Microsoft | 3 Campaign, Linux Kernel, Windows | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Inadequate access control vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user. | |||||
| CVE-2019-7854 | 1 Magento | 1 Magento | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An insecure direct object reference (IDOR) vulnerability in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 can lead to unauthorized disclosure of company credit history details. | |||||
| CVE-2019-7871 | 1 Magento | 1 Magento | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| A security bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 that could be abused to execute arbitrary PHP code. An authenticated user can bypass security protections that prevent arbitrary PHP script upload via form data injection. | |||||
| CVE-2019-7876 | 1 Magento | 1 Magento | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to manipulate layouts can insert a malicious payload into the layout. | |||||
| CVE-2019-7890 | 1 Magento | 1 Magento | 2020-08-24 | 7.5 HIGH | 7.3 HIGH |
| An Insecure Direct Object Reference (IDOR) vulnerability exists in the order processing workflow of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can lead to unauthorized access to order details. | |||||
| CVE-2019-7895 | 1 Magento | 1 Magento | 2020-08-24 | 6.5 MEDIUM | 7.2 HIGH |
| A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to layouts can execute arbitrary code through a crafted XML layout update. | |||||
| CVE-2019-7896 | 1 Magento | 1 Magento | 2020-08-24 | 6.5 MEDIUM | 7.2 HIGH |
| A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges to layouts can execute arbitrary code through a combination of product import, crafted csv file and XML layout update. | |||||
| CVE-2019-7915 | 1 Magento | 1 Magento | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| A denial-of-service vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. Under certain conditions, an unauthenticated attacker could force the Magento store's full page cache to serve a 404 page to customers. | |||||
| CVE-2019-7928 | 1 Magento | 1 Magento | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| A denial-of-service (DoS) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. By abusing insufficient brute-forcing defenses in the token exchange protocol, an unauthenticated attacker could disrupt transactions between the Magento merchant and PayPal. | |||||
| CVE-2019-7950 | 1 Magento | 1 Magento | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An access control bypass vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An unauthenticated user can bypass access controls via REST API calls to assign themselves to an arbitrary company, thereby gaining read access to potentially confidental information. | |||||
| CVE-2019-7957 | 3 Adobe, Apple, Microsoft | 3 Creative Cloud, Mac Os X, Windows | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Creative Cloud Desktop Application versions 4.6.1 and earlier have a security bypass vulnerability. Successful exploitation could lead to denial of service. | |||||
| CVE-2019-8081 | 1 Adobe | 1 Experience Manager | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have an authentication bypass vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2019-8418 | 1 Seacms | 1 Seacms | 2020-08-24 | 4.0 MEDIUM | 8.8 HIGH |
| SeaCMS 7.2 mishandles member.php?mod=repsw4 requests. | |||||
| CVE-2019-8442 | 1 Atlassian | 1 Jira | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| The CachingResourceDownloadRewriteRule class in Jira before version 7.13.4, and from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers to access files in the Jira webroot under the META-INF directory via a lax path access check. | |||||
| CVE-2019-8443 | 1 Atlassian | 1 Jira | 2020-08-24 | 6.8 MEDIUM | 8.1 HIGH |
| The ViewUpgrades resource in Jira before version 7.13.4, from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers who have obtained access to administrator's session to access the ViewUpgrades administrative resource without needing to re-authenticate to pass "WebSudo" through an improper access control vulnerability. | |||||
| CVE-2019-8514 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2020-08-24 | 6.8 MEDIUM | 7.8 HIGH |
| A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. An application may be able to gain elevated privileges. | |||||