Search
Total
9231 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-19580 | 1 Gitlab | 1 Gitlab | 2019-07-11 | 5.0 MEDIUM | 5.3 MEDIUM |
| All versions of GitLab prior to 11.5.1, 11.4.8, and 11.3.11 do not send an email to the old email address when an email address change is made. | |||||
| CVE-2011-3872 | 2 Puppet, Puppetlabs | 4 Puppet, Puppet Enterprise, Puppet and 1 more | 2019-07-11 | 2.6 LOW | N/A |
| Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and 1.2 before 1.2.4, when signing an agent certificate, adds the Puppet master's certdnsnames values to the X.509 Subject Alternative Name field of the certificate, which allows remote attackers to spoof a Puppet master via a man-in-the-middle (MITM) attack against an agent that uses an alternate DNS name for the master, aka "AltNames Vulnerability." | |||||
| CVE-2013-3567 | 4 Canonical, Novell, Puppet and 1 more | 6 Ubuntu Linux, Suse Linux Enterprise Desktop, Suse Linux Enterprise Server and 3 more | 2019-07-10 | 7.5 HIGH | N/A |
| Puppet 2.7.x before 2.7.22 and 3.2.x before 3.2.2, and Puppet Enterprise before 2.8.2, deserializes untrusted YAML, which allows remote attackers to instantiate arbitrary Ruby classes and execute arbitrary code via a crafted REST API call. | |||||
| CVE-2013-4762 | 1 Puppet | 1 Puppet Enterprise | 2019-07-10 | 5.8 MEDIUM | N/A |
| Puppet Enterprise before 3.0.1 does not sufficiently invalidate a session when a user logs out, which might allow remote attackers to hijack sessions by obtaining an old session ID. | |||||
| CVE-2013-4955 | 1 Puppet | 1 Puppet Enterprise | 2019-07-10 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in the login page in Puppet Enterprise before 3.0.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the service parameter. | |||||
| CVE-2013-1655 | 3 Puppet, Puppetlabs, Ruby-lang | 4 Puppet, Puppet Enterprise, Puppet and 1 more | 2019-07-10 | 7.5 HIGH | N/A |
| Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, when running Ruby 1.9.3 or later, allows remote attackers to execute arbitrary code via vectors related to "serialized attributes." | |||||
| CVE-2016-9686 | 1 Puppet | 1 Puppet Enterprise | 2019-07-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| The Puppet Communications Protocol (PCP) Broker incorrectly validates message header sizes. An attacker could use this to crash the PCP Broker, preventing commands from being sent to agents. This is resolved in Puppet Enterprise 2016.4.3 and 2016.5.2. | |||||
| CVE-2019-12841 | 1 Jetbrains | 1 Teamcity | 2019-07-09 | 5.0 MEDIUM | 7.5 HIGH |
| Incorrect handling of user input in ZIP extraction was detected in JetBrains TeamCity. The issue was fixed in TeamCity 2018.2.2. | |||||
| CVE-2018-14733 | 1 Odoo | 1 Odoo | 2019-07-09 | 5.0 MEDIUM | 7.5 HIGH |
| The Odoo Community Association (OCA) dbfilter_from_header module makes Odoo 8.x, 9.x, 10.x, and 11.x vulnerable to ReDoS (regular expression denial of service) under certain circumstances. | |||||
| CVE-2018-11686 | 1 Flowpaper | 1 Flexpaper | 2019-07-05 | 7.5 HIGH | 9.8 CRITICAL |
| The Publish Service in FlexPaper (later renamed FlowPaper) 2.3.6 allows remote code execution via setup.php and change_config.php. | |||||
| CVE-2018-14887 | 1 Odoo | 1 Odoo | 2019-07-05 | 5.8 MEDIUM | 6.5 MEDIUM |
| Improper Host header sanitization in the dbfilter routing component in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier allows a remote attacker to deny access to the service and to disclose database names via a crafted request. | |||||
| CVE-2018-20809 | 1 Pulsesecure | 2 Pulse Connect Secure, Pulse Policy Secure | 2019-07-03 | 5.0 MEDIUM | 7.5 HIGH |
| A crafted message can cause the web server to crash with Pulse Secure Pulse Connect Secure (PCS) 8.3RX before 8.3R5 and Pulse Policy Secure 5.4RX before 5.4R5. This is not applicable to PCS 8.1RX. | |||||
| CVE-2018-20813 | 1 Pulsesecure | 1 Pulse Connect Secure | 2019-07-03 | 7.5 HIGH | 9.8 CRITICAL |
| An input validation issue has been found with login_meeting.cgi in Pulse Secure Pulse Connect Secure 8.3RX before 8.3R2. | |||||
| CVE-2008-4767 | 2 Php-nuke, Phpnuke | 2 Downloadsplus Module, Php-nuke | 2019-07-01 | 9.0 HIGH | N/A |
| Unrestricted file upload vulnerability in the DownloadsPlus module in PHP-Nuke allows remote attackers to execute arbitrary code by uploading a file with (1) .htm, (2) .html, or (3) .txt extensions, then accessing it via a direct request to the file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: it is unclear how allowing the upload of .html or .txt files supports arbitrary code execution; this might be legitimate functionality. | |||||
| CVE-2018-6121 | 1 Google | 1 Chrome | 2019-07-01 | 6.8 MEDIUM | 8.8 HIGH |
| Insufficient validation of input in Blink in Google Chrome prior to 66.0.3359.170 allowed a remote attacker to perform privilege escalation via a crafted HTML page. | |||||
| CVE-2019-5801 | 2 Apple, Google | 2 Iphone Os, Chrome | 2019-06-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| Incorrect eliding of URLs in Omnibox in Google Chrome on iOS prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. | |||||
| CVE-2019-5800 | 1 Google | 1 Chrome | 2019-06-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient policy enforcement in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. | |||||
| CVE-2019-5799 | 1 Google | 1 Chrome | 2019-06-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| Incorrect inheritance of a new document's policy in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. | |||||
| CVE-2019-5803 | 1 Google | 1 Chrome | 2019-06-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. | |||||
| CVE-2019-5793 | 1 Google | 1 Chrome | 2019-06-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient policy enforcement in extensions in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to initiate the extensions installation user interface via a crafted HTML page. | |||||
| CVE-2018-16064 | 1 Google | 1 Chrome | 2019-06-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient data validation in Extensions API in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. | |||||
| CVE-2018-17460 | 1 Google | 1 Chrome | 2019-06-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient data validation in filesystem URIs in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. | |||||
| CVE-2017-5028 | 1 Google | 1 Chrome | 2019-06-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient data validation in V8 in Google Chrome prior to 56.0.2924.76 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2018-6176 | 1 Google | 1 Chrome | 2019-06-28 | 4.6 MEDIUM | 7.8 HIGH |
| Insufficient file type enforcement in Extensions API in Google Chrome prior to 68.0.3440.75 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted Chrome Extension. | |||||
| CVE-2018-6161 | 1 Google | 1 Chrome | 2019-06-28 | 6.8 MEDIUM | 8.8 HIGH |
| Insufficient policy enforcement in Blink in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to bypass same origin policy via a crafted HTML page. | |||||
| CVE-2018-6138 | 1 Google | 1 Chrome | 2019-06-28 | 5.8 MEDIUM | 8.1 HIGH |
| Insufficient policy enforcement in Extensions API in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. | |||||
| CVE-2019-9085 | 1 Digitaldruid | 1 Hoteldruid | 2019-06-27 | 4.0 MEDIUM | 6.5 MEDIUM |
| Hoteldruid before v2.3.1 allows remote authenticated users to cause a denial of service (invoice-creation outage) via the n_file parameter to visualizza_contratto.php with invalid arguments (any non-numeric value), as demonstrated by the anno=2019&id_transazione=1&numero_contratto=1&n_file=a query string to visualizza_contratto.php. | |||||
| CVE-2018-15747 | 1 Glot | 1 Glot-www | 2019-06-27 | 7.5 HIGH | 9.8 CRITICAL |
| The default configuration of glot-www through 2018-05-19 allows remote attackers to execute arbitrary code because glot-code-runner supports os.system within a "python" "files" "content" JSON file. | |||||
| CVE-2015-6828 | 1 Securemoz | 1 Security Audit | 2019-06-26 | 6.8 MEDIUM | N/A |
| The tweet_info function in class/__functions.php in the SecureMoz Security Audit plugin 1.0.5 and earlier for WordPress does not use an HTTPS session for downloading serialized data, which allows man-in-the-middle attackers to conduct PHP object injection attacks and execute arbitrary PHP code by modifying the client-server data stream. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2018-10828 | 1 Alps | 1 Pointing-device Driver | 2019-06-25 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in Alps Pointing-device Driver 10.1.101.207. ApMsgFwd.exe allows the current user to map and write to the "ApMsgFwd File Mapping Object" section. ApMsgFwd.exe uses the data written to this section as arguments to functions. This causes a denial of service condition when invalid pointers are written to the mapped section. This driver has been used with Dell, ThinkPad, and VAIO devices. | |||||
| CVE-2019-0157 | 2 Intel, Linux | 3 Software Guard Extensions, Software Guard Extensions Data Center Attestation Primitives, Linux Kernel | 2019-06-24 | 2.1 LOW | 5.5 MEDIUM |
| Insufficient input validation in the Intel(R) SGX driver for Linux may allow an authenticated user to potentially enable a denial of service via local access. | |||||
| CVE-2019-11128 | 1 Intel | 13 Compute Card Cd1c64gk, Compute Card Cd1iv128mk, Compute Card Cd1m3128mk and 10 more | 2019-06-24 | 4.6 MEDIUM | 6.7 MEDIUM |
| Insufficient input validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access. | |||||
| CVE-2019-11123 | 1 Intel | 13 Compute Card Cd1c64gk, Compute Card Cd1iv128mk, Compute Card Cd1m3128mk and 10 more | 2019-06-24 | 4.6 MEDIUM | 6.7 MEDIUM |
| Insufficient session validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access. | |||||
| CVE-2019-11125 | 1 Intel | 13 Compute Card Cd1c64gk, Compute Card Cd1iv128mk, Compute Card Cd1m3128mk and 10 more | 2019-06-24 | 4.6 MEDIUM | 6.7 MEDIUM |
| Insufficient input validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access. | |||||
| CVE-2016-0363 | 3 Ibm, Novell, Redhat | 13 Java Sdk, Suse Linux Enterprise Module For Legacy Software, Suse Linux Enterprise Server and 10 more | 2019-06-24 | 6.8 MEDIUM | 8.1 HIGH |
| The com.ibm.CORBA.iiop.ClientDelegate class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) uses the invoke method of the java.lang.reflect.Method class in an AccessController doPrivileged block, which allows remote attackers to call setSecurityManager and bypass a sandbox protection mechanism via vectors related to a Proxy object instance implementing the java.lang.reflect.InvocationHandler interface. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-3009. | |||||
| CVE-2018-15729 | 1 Stopzilla | 1 Antimalware | 2019-06-21 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains a Denial of Service vulnerability due to not validating the output buffer address value from IOCtl 0x8000204B. | |||||
| CVE-2018-15734 | 1 Stopzilla | 1 Antimalware | 2019-06-21 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x8000206B. | |||||
| CVE-2018-15732 | 1 Stopzilla | 1 Antimalware | 2019-06-21 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x80002063. | |||||
| CVE-2018-15731 | 1 Stopzilla | 1 Antimalware | 2019-06-21 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains a Denial of Service vulnerability due to not validating the output buffer address value from IOCtl 0x8000205B. | |||||
| CVE-2018-15730 | 1 Stopzilla | 1 Antimalware | 2019-06-21 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains a Denial of Service vulnerability due to not validating the output buffer address value from IOCtl 0x80002067. | |||||
| CVE-2018-15735 | 1 Stopzilla | 1 Antimalware | 2019-06-21 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x8000206F. | |||||
| CVE-2018-15737 | 1 Stopzilla | 1 Antimalware | 2019-06-21 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains a Denial of Service vulnerability due to not validating the output buffer address value from IOCtl 0x80002043. | |||||
| CVE-2018-15736 | 1 Stopzilla | 1 Antimalware | 2019-06-21 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains a Denial of Service vulnerability due to not validating the output buffer address value from IOCtl 0x8000204F. | |||||
| CVE-2017-8330 | 1 Securifi | 6 Almond, Almond\+, Almond\+firmware and 3 more | 2019-06-21 | 3.3 LOW | 6.5 MEDIUM |
| An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a UPnP functionality for devices to interface with the router and interact with the device. It seems that the "NewInMessage" SOAP parameter passed with a huge payload results in crashing the process. If the firmware version AL-R096 is dissected using binwalk tool, we obtain a cpio-root archive which contains the filesystem set up on the device that contains all the binaries. The binary "miniupnpd" is the one that has the vulnerable function that receives the values sent by the SOAP request. If we open this binary in IDA-pro we will notice that this follows a MIPS little endian format. The function WscDevPutMessage at address 0x0041DBB8 in IDA pro is identified to be receiving the values sent in the SOAP request. The SOAP parameter "NewInMesage" received at address 0x0041DC30 causes the miniupnpd process to finally crash when a second request is sent to the same process. | |||||
| CVE-2017-7653 | 2 Debian, Eclipse | 2 Debian Linux, Mosquitto | 2019-06-20 | 3.5 LOW | 5.3 MEDIUM |
| The Eclipse Mosquitto broker up to version 1.4.15 does not reject strings that are not valid UTF-8. A malicious client could cause other clients that do reject invalid UTF-8 strings to disconnect themselves from the broker by sending a topic string which is not valid UTF-8, and so cause a denial of service for the clients. | |||||
| CVE-2019-0094 | 1 Intel | 1 Active Management Technology | 2019-06-20 | 3.3 LOW | 4.3 MEDIUM |
| Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable denial of service via adjacent network access. | |||||
| CVE-2019-0097 | 1 Intel | 1 Active Management Technology Firmware | 2019-06-20 | 4.0 MEDIUM | 4.9 MEDIUM |
| Insufficient input validation vulnerability in subsystem for Intel(R) AMT before version 12.0.35 may allow a privileged user to potentially enable denial of service via network access. | |||||
| CVE-2019-0092 | 1 Intel | 1 Active Management Technology | 2019-06-20 | 4.6 MEDIUM | 6.8 MEDIUM |
| Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | |||||
| CVE-2017-7613 | 3 Canonical, Debian, Elfutils Project | 3 Ubuntu Linux, Debian Linux, Elfutils | 2019-06-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| elflint.c in elfutils 0.168 does not validate the number of sections and the number of segments, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file. | |||||
| CVE-2019-1821 | 1 Cisco | 3 Evolved Programmable Network Manager, Network Level Service, Prime Infrastructure | 2019-06-19 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute code with root-level privileges on the underlying operating system. This vulnerability exist because the software improperly validates user-supplied input. An attacker could exploit this vulnerability by uploading a malicious file to the administrative web interface. A successful exploit could allow the attacker to execute code with root-level privileges on the underlying operating system. | |||||