Search
Total
46623 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-15468 | 1 Xen | 1 Xen | 2019-10-03 | 4.9 MEDIUM | 6.0 MEDIUM |
| An issue was discovered in Xen through 4.11.x. The DEBUGCTL MSR contains several debugging features, some of which virtualise cleanly, but some do not. In particular, Branch Trace Store is not virtualised by the processor, and software has to be careful to configure it suitably not to lock up the core. As a result, it must only be available to fully trusted guests. Unfortunately, in the case that vPMU is disabled, all value checking was skipped, allowing the guest to choose any MSR_DEBUGCTL setting it likes. A malicious or buggy guest administrator (on Intel x86 HVM or PVH) can lock up the entire host, causing a Denial of Service. | |||||
| CVE-2018-15572 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2019-10-03 | 2.1 LOW | 6.5 MEDIUM |
| The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks. | |||||
| CVE-2018-15692 | 1 Inova-software | 1 Inova Partner | 2019-10-03 | 3.5 LOW | 6.4 MEDIUM |
| Inova Partner 5.0.5-RELEASE, Build 0510-0906 and earlier allows authenticated users authorization bypass and data manipulation in certain functions. | |||||
| CVE-2018-15693 | 1 Inova-software | 1 Inova Partner | 2019-10-03 | 3.5 LOW | 6.4 MEDIUM |
| Inova Partner 5.0.5-RELEASE, Build 0510-0906 and earlier allows authenticated users authorization bypass via insecure direct object reference. | |||||
| CVE-2018-16048 | 1 Gitlab | 1 Gitlab | 2019-10-03 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in GitLab Community and Enterprise Edition before 11.0.6, 11.1.x before 11.1.5, and 11.2.x before 11.2.2. There is Missing Authorization Control for API Repository Storage. | |||||
| CVE-2018-16072 | 1 Google | 1 Chrome | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| A missing origin check related to HLS manifests in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass same origin policy via a crafted HTML page. | |||||
| CVE-2018-16242 | 1 O.bike | 3 Obike-stationless Bike Sharing, Smart Locker, Smart Locker Firmware | 2019-10-03 | 2.9 LOW | 5.3 MEDIUM |
| oBike relies on Hangzhou Luoping Smart Locker to lock bicycles, which allows attackers to bypass the locking mechanism by using Bluetooth Low Energy (BLE) to replay ciphertext based on a predictable nonce used in the locking protocol. | |||||
| CVE-2018-16261 | 1 Pulsesecure | 1 Pulse Secure Desktop Client | 2019-10-03 | 4.6 MEDIUM | 6.8 MEDIUM |
| In Pulse Secure Pulse Desktop Client 5.3RX before 5.3R5 and 9.0R1, there is a Privilege Escalation Vulnerability with Dynamic Certificate Trust. | |||||
| CVE-2018-16368 | 1 Xpdfreader | 1 Xpdf | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. | |||||
| CVE-2018-16369 | 1 Xpdfreader | 1 Xpdf | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (stack consumption) via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml. NOTE: this might overlap CVE-2018-7453. | |||||
| CVE-2018-16636 | 1 Nucleuscms | 1 Nucleus Cms | 2019-10-03 | 4.0 MEDIUM | 6.5 MEDIUM |
| Nucleus CMS 3.70 allows HTML Injection via the index.php body parameter. | |||||
| CVE-2018-16640 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| ImageMagick 7.0.8-5 has a memory leak vulnerability in the function ReadOneJNGImage in coders/png.c. | |||||
| CVE-2018-16641 | 1 Imagemagick | 1 Imagemagick | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| ImageMagick 7.0.8-6 has a memory leak vulnerability in the TIFFWritePhotoshopLayers function in coders/tiff.c. | |||||
| CVE-2018-16758 | 2 Debian, Tinc-vpn | 2 Debian Linux, Tinc | 2019-10-03 | 4.3 MEDIUM | 5.9 MEDIUM |
| Missing message authentication in the meta-protocol in Tinc VPN version 1.0.34 and earlier allows a man-in-the-middle attack to disable the encryption of VPN packets. | |||||
| CVE-2018-18647 | 1 Gitlab | 1 Gitlab | 2019-10-03 | 5.5 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It has Missing Authorization. | |||||
| CVE-2018-16806 | 1 Pektron | 2 Passive Keyless Entry And Start System, Passive Keyless Entry And Start System Firmware | 2019-10-03 | 3.3 LOW | 6.5 MEDIUM |
| A Pektron Passive Keyless Entry and Start (PKES) system, as used on the Tesla Model S and possibly other vehicles, relies on the DST40 cipher, which makes it easier for attackers to obtain access via an approach involving a 5.4 TB precomputation, followed by wake-frame reception and two challenge/response operations, to clone a key fob within a few seconds. | |||||
| CVE-2018-17096 | 1 Surina | 1 Soundtouch | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| The BPMDetect class in BPMDetect.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch. | |||||
| CVE-2018-17197 | 1 Apache | 1 Tika | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| A carefully crafted or corrupt sqlite file can cause an infinite loop in Apache Tika's SQLite3Parser in versions 1.8-1.19.1 of Apache Tika. | |||||
| CVE-2018-17368 | 1 Publiccms | 1 Publiccms | 2019-10-03 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in PublicCMS V4.0.180825. For an invalid login attempt, the response length is different depending on whether the username is valid, which makes it easier to conduct brute-force attacks. | |||||
| CVE-2018-17974 | 1 Appneta | 1 Tcpreplay | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based buffer over-read was triggered in the function dlt_en10mb_encode() of the file plugins/dlt_en10mb/en10mb.c, due to inappropriate values in the function memmove(). The length (pktlen + ctx -> l2len) can be larger than source value (packet + ctx->l2len) because the function fails to ensure the length of a packet is valid. This leads to Denial of Service. | |||||
| CVE-2018-18016 | 1 Imagemagick | 1 Imagemagick | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePCXImage in coders/pcx.c. | |||||
| CVE-2018-18353 | 3 Debian, Google, Redhat | 6 Debian Linux, Android, Chrome and 3 more | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| Failure to dismiss http auth dialogs on navigation in Network Authentication in Google Chrome on Android prior to 71.0.3578.80 allowed a remote attacker to confuse the user about the origin of an auto dialog via a crafted HTML page. | |||||
| CVE-2018-18651 | 1 Xpdfreader | 1 Xpdf | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Xpdf 4.00. catalog->getNumPages() in AcroForm.cc allows attackers to launch a denial of service (hang caused by large loop) via a specific pdf file, as demonstrated by pdftohtml. This is mainly caused by a large number after the /Count field in the file. | |||||
| CVE-2018-19068 | 2 Foscam, Opticam | 6 C2, C2 Application Firmware, C2 System Firmware and 3 more | 2019-10-03 | 4.0 MEDIUM | 4.9 MEDIUM |
| An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The CGIProxy.fcgi?cmd=setTelnetSwitch feature is authorized for hidden factory credentials. | |||||
| CVE-2018-18893 | 1 Hubspot | 1 Jinjava | 2019-10-03 | 5.0 MEDIUM | 5.3 MEDIUM |
| Jinjava before 2.4.6 does not block the getClass method, related to com/hubspot/jinjava/el/ext/JinjavaBeanELResolver.java. | |||||
| CVE-2018-19072 | 2 Foscam, Opticam | 6 C2, C2 Application Firmware, C2 System Firmware and 3 more | 2019-10-03 | 3.6 LOW | 5.5 MEDIUM |
| An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. /mnt/mtd/app has 0777 permissions, allowing local users to replace an archive file (within that directory) to control what is extracted to RAM at boot time. | |||||
| CVE-2018-19108 | 2 Debian, Exiv2 | 2 Debian Linux, Exiv2 | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file. | |||||
| CVE-2018-19111 | 1 Google | 1 Cardboard | 2019-10-03 | 5.0 MEDIUM | 5.3 MEDIUM |
| The Google Cardboard application 1.8 for Android and 1.2 for iOS sends potentially private cleartext information to the Unity 3D Stats web site, as demonstrated by device make, model, and OS. | |||||
| CVE-2018-19213 | 1 Nasm | 1 Netwide Assembler | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| Netwide Assembler (NASM) through 2.14rc16 has memory leaks that may lead to DoS, related to nasm_malloc in nasmlib/malloc.c. | |||||
| CVE-2018-19279 | 2 Microsoft, Primx | 2 Windows, Zonecentral | 2019-10-03 | 2.1 LOW | 4.3 MEDIUM |
| PRIMX ZoneCentral before 6.1.2236 on Windows sometimes leaks the plaintext of NTFS files. On non-SSD devices, this is limited to a 5-second window and file sizes less than 600 bytes. The effect on SSD devices may be greater. | |||||
| CVE-2018-20164 | 1 Uaparser | 1 User Agent Parser-core | 2019-10-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in regex.yaml (aka regexes.yaml) in UA-Parser UAP-Core before 0.6.0. A Regular Expression Denial of Service (ReDoS) issue allows remote attackers to overload a server by setting the User-Agent header in an HTTP(S) request to a value containing a long digit string. (The UAP-Core project contains the vulnerability, propagating to all implementations.) | |||||
| CVE-2015-9420 | 1 Mightymess | 1 Soundcloud Is Gold | 2019-10-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| The soundcloud-is-gold plugin before 2.3.2 for WordPress has XSS via the wp-admin/admin-ajax.php?action=get_soundcloud_player id parameter. | |||||
| CVE-2019-9383 | 1 Google | 1 Android | 2019-10-02 | 1.9 LOW | 5.0 MEDIUM |
| In NFC server, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120843827 | |||||
| CVE-2019-9296 | 1 Google | 1 Android | 2019-10-02 | 1.9 LOW | 5.0 MEDIUM |
| In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112162089 | |||||
| CVE-2019-9239 | 1 Google | 1 Android | 2019-10-02 | 1.9 LOW | 5.0 MEDIUM |
| In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-121263487 | |||||
| CVE-2019-9360 | 1 Google | 1 Android | 2019-10-02 | 4.9 MEDIUM | 4.4 MEDIUM |
| In the TEE, there's a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120610663 | |||||
| CVE-2019-11741 | 1 Mozilla | 1 Firefox | 2019-10-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| A compromised sandboxed content process can perform a Universal Cross-site Scripting (UXSS) attack on content from any site it can cause to be loaded in the same process. Because addons.mozilla.org and accounts.firefox.com have close ties to the Firefox product, malicious manipulation of these sites within the browser can potentially be used to modify a user's Firefox configuration. These two sites will now be isolated into their own process and not allowed to be loaded in a standard content process. This vulnerability affects Firefox < 69. | |||||
| CVE-2019-9253 | 1 Google | 1 Android | 2019-10-02 | 4.9 MEDIUM | 4.4 MEDIUM |
| In KeyStore, there is a possible storage of symmetric keys in the TEE instead of the strongbox due to a missing strongbox flag. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-109769728 | |||||
| CVE-2019-15810 | 1 Netdisco | 1 Netdisco | 2019-10-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| Insufficient sanitization during device search in Netdisco 2.042010 allows for reflected XSS via manipulation of a URL parameter. | |||||
| CVE-2019-9249 | 1 Google | 1 Android | 2019-10-02 | 2.1 LOW | 5.5 MEDIUM |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120255805 | |||||
| CVE-2019-14752 | 1 Salesagility | 1 Suitecrm | 2019-10-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| SuiteCRM 7.10.x and 7.11.x before 7.10.20 and 7.11.8 has XSS. | |||||
| CVE-2019-9244 | 1 Google | 1 Android | 2019-10-02 | 1.9 LOW | 5.0 MEDIUM |
| In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120865977 | |||||
| CVE-2019-9344 | 1 Google | 1 Android | 2019-10-02 | 1.9 LOW | 5.0 MEDIUM |
| In NFC server, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120845341 | |||||
| CVE-2017-16808 | 1 Tcpdump | 1 Tcpdump | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c. | |||||
| CVE-2019-9380 | 1 Google | 1 Android | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| In the settings UI, there is a possible spoofing vulnerability due to a missing permission check. This could lead to a user mistakenly changing permission settings with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-123700098 | |||||
| CVE-2019-9282 | 1 Google | 1 Android | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| In skia, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113211371 | |||||
| CVE-2019-9266 | 1 Google | 1 Android | 2019-10-02 | 7.2 HIGH | 6.7 MEDIUM |
| In sensorservice, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-119501435 | |||||
| CVE-2019-14952 | 1 Jetbrains | 1 Youtrack | 2019-10-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| JetBrains YouTrack versions before 2019.1.52584 had a possible XSS in the issue titles. | |||||
| CVE-2019-9314 | 1 Google | 1 Android | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libavc, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112329563 | |||||
| CVE-2019-9315 | 1 Google | 1 Android | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libhevc, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112326216 | |||||