Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-15845 | 2 Canonical, Ruby-lang | 2 Ubuntu Linux, Ruby | 2020-08-24 | 6.4 MEDIUM | 6.5 MEDIUM |
| Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions. | |||||
| CVE-2019-15846 | 2 Debian, Exim | 2 Debian Linux, Exim | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash. | |||||
| CVE-2019-15850 | 1 Eq-3 | 2 Homematic Ccu3, Homematic Ccu3 Firmware | 2020-08-24 | 9.0 HIGH | 8.8 HIGH |
| eQ-3 HomeMatic CCU3 firmware version 3.41.11 allows Remote Code Execution in the ReGa.runScript method. An authenticated attacker can easily execute code and compromise the system. | |||||
| CVE-2019-15854 | 1 Maarch | 1 Maarch Rm | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in Maarch RM before 2.5. A privilege escalation vulnerability allows an authenticated user with lowest privileges to give herself highest administration privileges via a crafted PUT request to an unauthorized resource. | |||||
| CVE-2019-15858 | 1 Webcraftic | 1 Woody Ad Snippets | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| admin/includes/class.import.snippet.php in the "Woody ad snippets" plugin before 2.2.5 for WordPress allows unauthenticated options import, as demonstrated by storing an XSS payload for remote code execution. | |||||
| CVE-2019-15859 | 1 Socomec | 2 Diris A-40, Diris A-40 Firmware | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| Password disclosure in the web interface on socomec DIRIS A-40 devices before 48250501 allows a remote attacker to get full access to a device via the /password.jsn URI. | |||||
| CVE-2019-15860 | 1 Glyphandcog | 1 Xpdfreader | 2020-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| Xpdf 2.00 allows a SIGSEGV in XRef::constructXRef in XRef.cc. NOTE: 2.00 is a version from November 2002. | |||||
| CVE-2019-15863 | 1 Convertplug | 1 Convertplus | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| The ConvertPlus plugin before 3.4.5 for WordPress has an unintended account creation (with the none role) via a request for variants. | |||||
| CVE-2019-15871 | 1 Wpbrigade | 1 Loginpress | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| The LoginPress plugin before 1.1.4 for WordPress has no capability check for updates to settings. | |||||
| CVE-2019-15893 | 1 Sonatype | 1 Nexus Repository Manager | 2020-08-24 | 6.5 MEDIUM | 7.2 HIGH |
| Sonatype Nexus Repository Manager 2.x before 2.14.15 allows Remote Code Execution. | |||||
| CVE-2019-15894 | 1 Espressif | 1 Esp-idf | 2020-08-24 | 7.2 HIGH | 6.8 MEDIUM |
| An issue was discovered in Espressif ESP-IDF 2.x, 3.0.x through 3.0.9, 3.1.x through 3.1.6, 3.2.x through 3.2.3, and 3.3.x through 3.3.1. An attacker who uses fault injection to physically disrupt the ESP32 CPU can bypass the Secure Boot digest verification at startup, and boot unverified code from flash. The fault injection attack does not disable the Flash Encryption feature, so if the ESP32 is configured with the recommended combination of Secure Boot and Flash Encryption, then the impact is minimized. If the ESP32 is configured without Flash Encryption then successful fault injection allows arbitrary code execution. To protect devices with Flash Encryption and Secure Boot enabled against this attack, a firmware change must be made to permanently enable Flash Encryption in the field if it is not already permanently enabled. | |||||
| CVE-2019-15895 | 1 Search Exclude Project | 1 Search Exclude | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| search-exclude.php in the "Search Exclude" plugin before 1.2.4 for WordPress allows unauthenticated options changes. | |||||
| CVE-2019-15897 | 1 Thinkparq | 1 Beegfs | 2020-08-24 | 8.3 HIGH | 9.6 CRITICAL |
| beegfs-ctl in ThinkParQ BeeGFS through 7.1.3 allows Authentication Bypass via communication with a BeeGFS metadata server (which is typically not exposed to external networks). | |||||
| CVE-2019-15901 | 2 Doas Project, Linux | 2 Doas, Linux Kernel | 2020-08-24 | 9.0 HIGH | 8.8 HIGH |
| An issue was discovered in slicer69 doas before 6.2 on certain platforms other than OpenBSD. A setusercontext(3) call with flags to change the UID, primary GID, and secondary GIDs was replaced (on certain platforms: Linux and possibly NetBSD) with a single setuid(2) call. This resulted in neither changing the group id nor initializing secondary group ids. | |||||
| CVE-2019-15916 | 1 Linux | 1 Linux Kernel | 2020-08-24 | 7.8 HIGH | 7.5 HIGH |
| An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service. | |||||
| CVE-2019-15921 | 2 Linux, Opensuse | 2 Linux Kernel, Leap | 2020-08-24 | 4.7 MEDIUM | 4.7 MEDIUM |
| An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c. | |||||
| CVE-2019-15932 | 1 Intesync | 1 Solismed | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| Intesync Solismed 3.3sp has Incorrect Access Control. | |||||
| CVE-2019-15937 | 1 Pengutronix | 1 Barebox | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| Pengutronix barebox through 2019.08.1 has a remote buffer overflow in nfs_readlink_reply in net/nfs.c because a length field is directly used for a memcpy. | |||||
| CVE-2019-15938 | 1 Pengutronix | 1 Barebox | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| Pengutronix barebox through 2019.08.1 has a remote buffer overflow in nfs_readlink_req in fs/nfs.c because a length field is directly used for a memcpy. | |||||
| CVE-2019-13131 | 1 Supermicro | 1 Superdoctor 5 | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| Super Micro SuperDoctor 5, when restrictions are not implemented in agent.cfg, allows remote attackers to execute arbitrary commands via NRPE. | |||||
| CVE-2019-13132 | 3 Canonical, Debian, Zeromq | 3 Ubuntu Linux, Debian Linux, Libzmq | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due to a buffer overflow in the library. Users running public servers with the above configuration are highly encouraged to upgrade as soon as possible, as there are no known mitigations. | |||||
| CVE-2019-13139 | 1 Docker | 1 Docker | 2020-08-24 | 4.6 MEDIUM | 8.4 HIGH |
| In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs, and results in command injection into the underlying "git clone" command, leading to code execution in the context of the user executing the "docker build" command. This occurs because git ref can be misinterpreted as a flag. | |||||
| CVE-2019-1314 | 1 Microsoft | 1 Windows 10 Mobile | 2020-08-24 | 4.6 MEDIUM | 6.8 MEDIUM |
| A security feature bypass vulnerability exists in Windows 10 Mobile when Cortana allows a user to access files and folders through the locked screen, aka 'Windows 10 Mobile Security Feature Bypass Vulnerability'. | |||||
| CVE-2019-13142 | 1 Razer | 1 Surround | 2020-08-24 | 6.6 MEDIUM | 5.5 MEDIUM |
| The RzSurroundVADStreamingService (RzSurroundVADStreamingService.exe) in Razer Surround 1.1.63.0 runs as the SYSTEM user using an executable located in %PROGRAMDATA%\Razer\Synapse\Devices\Razer Surround\Driver\. The DACL on this folder allows any user to overwrite contents of files in this folder, resulting in Elevation of Privilege. | |||||
| CVE-2019-13143 | 1 Shenzhen Dragon Brothers | 2 Fb50, Fb50 Firmware | 2020-08-24 | 9.0 HIGH | 9.8 CRITICAL |
| An HTTP parameter pollution issue was discovered on Shenzhen Dragon Brothers Fingerprint Bluetooth Round Padlock FB50 2.3. With the user ID, user name, and the lock's MAC address, anyone can unbind the existing owner of the lock, and bind themselves instead. This leads to complete takeover of the lock. The user ID, name, and MAC address are trivially obtained from APIs found within the Android or iOS application. With only the MAC address of the lock, any attacker can transfer ownership of the lock from the current user, over to the attacker's account. Thus rendering the lock completely inaccessible to the current user. | |||||
| CVE-2019-13144 | 1 Mytinytodo | 1 Mytinytodo | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| myTinyTodo 1.3.3 through 1.4.3 allows CSV Injection. This is fixed in 1.5. | |||||
| CVE-2019-13146 | 1 Field Test Project | 1 Field Test | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| The field_test gem 0.3.0 for Ruby has unvalidated input. A method call that is expected to return a value from a certain set of inputs can be made to return any input, which can be dangerous depending on how applications use it. If an application treats arbitrary variants as trusted, this can lead to a variety of potential vulnerabilities like SQL injection or cross-site scripting (XSS). | |||||
| CVE-2019-13149 | 1 Trendnet | 2 Tew-827dru, Tew-827dru Firmware | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection in apply.cgi (exploitable with authentication) via the key passwd in Routing RIP Settings. | |||||
| CVE-2019-1315 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1339, CVE-2019-1342. | |||||
| CVE-2019-13151 | 1 Trendnet | 2 Tew-827dru, Tew-827dru Firmware | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection in apply.cgi (exploitable with authentication) via the action set_sta_enrollee_pin_5g and the key wps_sta_enrollee_pin. | |||||
| CVE-2019-13153 | 1 Trendnet | 2 Tew-827dru, Tew-827dru Firmware | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection in apply.cgi (exploitable with authentication) via the Private Port in Add Virtual Server. | |||||
| CVE-2019-13154 | 1 Trendnet | 2 Tew-827dru, Tew-827dru Firmware | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection in apply.cgi (exploitable with authentication) via the TCP Ports To Open in Add Gaming Rule. | |||||
| CVE-2019-13155 | 1 Trendnet | 2 Tew-827dru, Tew-827dru Firmware | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection in apply.cgi (exploitable with authentication) via the IP Address in Add Virtual Server. | |||||
| CVE-2019-1316 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists in Microsoft Windows Setup when it does not properly handle privileges, aka 'Microsoft Windows Setup Elevation of Privilege Vulnerability'. | |||||
| CVE-2019-13166 | 1 Xerox | 2 Phaser 3320, Phaser 3320 Firmware | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Some Xerox printers (such as the Phaser 3320 V53.006.16.000) did not implement account lockout. Local account credentials may be extracted from the device via brute force guessing attacks. | |||||
| CVE-2019-13173 | 1 Fstream Project | 1 Fstream | 2020-08-24 | 6.4 MEDIUM | 7.5 HIGH |
| fstream before 1.0.12 is vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the system, and a file that matches the hardlink, will overwrite the system's file with the contents of the extracted file. The fstream.DirWriter() function is vulnerable. | |||||
| CVE-2019-13179 | 1 Calamares | 1 Calamares | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Calamares versions 3.1 through 3.2.10 copies a LUKS encryption keyfile from /crypto_keyfile.bin (mode 0600 owned by root) to /boot within a globally readable initramfs image with insecure permissions, which allows this originally protected file to be read by any user, thereby disclosing decryption keys for LUKS containers created with Full Disk Encryption. | |||||
| CVE-2019-1318 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 4.3 MEDIUM | 5.9 MEDIUM |
| A spoofing vulnerability exists when Transport Layer Security (TLS) accesses non- Extended Master Secret (EMS) sessions, aka 'Microsoft Windows Transport Layer Security Spoofing Vulnerability'. | |||||
| CVE-2019-13181 | 1 Solarwinds | 1 Serv-u Ftp Server | 2020-08-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| A CSV injection vulnerability exists in the web UI of SolarWinds Serv-U FTP Server v15.1.7. | |||||
| CVE-2019-13188 | 1 Eng | 1 Knowage | 2020-08-24 | 5.0 MEDIUM | 9.8 CRITICAL |
| In Knowage through 6.1.1, an unauthenticated user can bypass access controls and access the entire application. | |||||
| CVE-2019-1319 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. | |||||
| CVE-2019-1320 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1322, CVE-2019-1340. | |||||
| CVE-2019-13207 | 1 Nlnetlabs | 1 Name Server Daemon | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| nsd-checkzone in NLnet Labs NSD 4.2.0 has a Stack-based Buffer Overflow in the dname_concatenate() function in dname.c. | |||||
| CVE-2019-13208 | 1 Maxx | 1 Waves Maxx Audio | 2020-08-24 | 4.4 MEDIUM | 7.3 HIGH |
| WavesSysSvc in Waves MAXX Audio allows privilege escalation because the General registry key has Full Control access for the Users group, leading to DLL side loading. This affects WavesSysSvc64.exe 1.9.29.0. | |||||
| CVE-2019-1321 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists when Windows CloudStore improperly handles file Discretionary Access Control List (DACL), aka 'Microsoft Windows CloudStore Elevation of Privilege Vulnerability'. | |||||
| CVE-2019-1322 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1320, CVE-2019-1340. | |||||
| CVE-2019-13220 | 1 Stb Vorbis Project | 1 Stb Vorbis | 2020-08-24 | 5.8 MEDIUM | 7.1 HIGH |
| Use of uninitialized stack variables in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a crafted Ogg Vorbis file. | |||||
| CVE-2019-13221 | 1 Stb Vorbis Project | 1 Stb Vorbis | 2020-08-24 | 6.8 MEDIUM | 7.8 HIGH |
| A stack buffer overflow in the compute_codewords function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file. | |||||
| CVE-2019-13223 | 1 Stb Vorbis Project | 1 Stb Vorbis | 2020-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| A reachable assertion in the lookup1_values function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file. | |||||
| CVE-2019-1323 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists in the Microsoft Windows Update Client when it does not properly handle privileges, aka 'Microsoft Windows Update Client Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1336. | |||||