Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-1335 | 1 Microsoft | 5 Chakracore, Edge, Windows 10 and 2 more | 2020-08-24 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1307, CVE-2019-1308, CVE-2019-1366. | |||||
| CVE-2019-13351 | 2 Alsa-project, Jackaudio | 2 Alsa, Jack2 | 2020-08-24 | 6.8 MEDIUM | 8.1 HIGH |
| posix/JackSocket.cpp in libjack in JACK2 1.9.1 through 1.9.12 (as distributed with alsa-plugins 1.1.7 and later) has a "double file descriptor close" issue during a failed connection attempt when jackd2 is not running. Exploitation success depends on multithreaded timing of that double close, which can result in unintended information disclosure, crashes, or file corruption due to having the wrong file associated with the file descriptor. | |||||
| CVE-2019-13355 | 1 Totaldefense | 1 Anti-virus | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| In Total Defense Anti-virus 9.0.0.773, insecure access control for the directory %PROGRAMDATA%\TotalDefense\Consumer\ISS\9\ used by ccschedulersvc.exe allows local attackers to hijack dotnetproxy.exe, which leads to privilege escalation when the ccSchedulerSVC service runs the executable. | |||||
| CVE-2019-13356 | 1 Totaldefense | 1 Anti-virus | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| In Total Defense Anti-virus 9.0.0.773, insecure access control for the directory %PROGRAMDATA%\TotalDefense\Consumer\ISS\9\bd\TDUpdate2\ used by AMRT.exe allows local attackers to hijack bdcore.dll, which leads to privilege escalation when the AMRT service loads the DLL. | |||||
| CVE-2019-1336 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists in the Microsoft Windows Update Client when it does not properly handle privileges, aka 'Microsoft Windows Update Client Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1323. | |||||
| CVE-2019-13360 | 1 Centos-webpanel | 1 Centos Web Panel | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, remote attackers can bypass authentication in the login process by leveraging knowledge of a valid username. | |||||
| CVE-2019-13362 | 1 Codedoc Project | 1 Codedoc | 2020-08-24 | 6.8 MEDIUM | 7.8 HIGH |
| Codedoc v3.2 has a stack-based buffer overflow in add_variable in codedoc.c, related to codedoc_strlcpy. | |||||
| CVE-2019-13363 | 1 Piwigo | 1 Piwigo | 2020-08-24 | 6.8 MEDIUM | 9.6 CRITICAL |
| admin.php?page=notification_by_mail in Piwigo 2.9.5 has XSS via the nbm_send_html_mail, nbm_send_mail_as, nbm_send_detailed_content, nbm_complementary_mail_content, nbm_send_recent_post_dates, or param_submit parameter. This is exploitable via CSRF. | |||||
| CVE-2019-13364 | 1 Piwigo | 1 Piwigo | 2020-08-24 | 6.8 MEDIUM | 9.6 CRITICAL |
| admin.php?page=account_billing in Piwigo 2.9.5 has XSS via the vat_number, billing_name, company, or billing_address parameter. This is exploitable via CSRF. | |||||
| CVE-2019-13372 | 1 Dlink | 1 Central Wifimanager | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| /web/Lib/Action/IndexAction.class.php in D-Link Central WiFi Manager CWM(100) before v1.03R0100_BETA6 allows remote attackers to execute arbitrary PHP code via a cookie because a cookie's username field allows eval injection, and an empty password bypasses authentication. | |||||
| CVE-2019-13376 | 1 Phpbb | 1 Phpbb | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| phpBB version 3.2.7 allows the stealing of an Administration Control Panel session id by leveraging CSRF in the Remote Avatar feature. The CSRF Token Hijacking leads to stored XSS | |||||
| CVE-2019-13379 | 1 Avtech | 2 Room Alert 3e, Room Alert 3e Firmware | 2020-08-24 | 9.0 HIGH | 8.8 HIGH |
| On AVTECH Room Alert 3E devices before 2.2.5, an attacker with access to the device's web interface may escalate privileges from an unauthenticated user to administrator by performing a cmd.cgi?action=ResetDefaults&src=RA reset and using the default credentials to get in. | |||||
| CVE-2019-13382 | 2 Microsoft, Techsmith | 2 Windows, Snagit | 2020-08-24 | 9.3 HIGH | 7.8 HIGH |
| UploaderService in SnagIT 2019.1.2 allows elevation of privilege by placing an invalid presentation file in %PROGRAMDATA%\TechSmith\TechSmith Recorder\QueuedPresentations and then creating a symbolic link in %PROGRAMDATA%\Techsmith\TechSmith Recorder\InvalidPresentations that points to an arbitrary folder with an arbitrary file name. TechSmith Relay Classic Recorder prior to 5.2.1 on Windows is vulnerable. The vulnerability was introduced in SnagIT Windows 12.4.1. | |||||
| CVE-2019-13386 | 1 Centos-webpanel | 1 Centos Web Panel | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, a hidden action=9 feature in filemanager2.php allows attackers to execute a shell command, i.e., obtain a reverse shell with user privilege. | |||||
| CVE-2019-1339 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1315, CVE-2019-1342. | |||||
| CVE-2019-13393 | 1 Netgear | 2 Cg3700b, Cg3700b Firmware | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| The Voo branded NETGEAR CG3700b custom firmware V2.02.03 uses the same default 8 character passphrase for the administrative console and the WPA2 pre-shared key. Either an attack against HTTP Basic Authentication or an attack against WPA2 could be used to determine this passphrase. | |||||
| CVE-2019-13398 | 1 Fortinet | 2 Fcm-mb40, Fcm-mb40 Firmware | 2020-08-24 | 9.0 HIGH | 7.2 HIGH |
| Dynacolor FCM-MB40 v1.2.0.0 devices allow remote attackers to execute arbitrary commands via a crafted parameter to a CGI script, as demonstrated by sed injection in cgi-bin/camctrl_save_profile.cgi (save parameter) and cgi-bin/ddns.cgi. | |||||
| CVE-2019-1340 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists in Windows AppX Deployment Server that allows file creation in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1320, CVE-2019-1322. | |||||
| CVE-2019-13400 | 1 Fortinet | 2 Fcm-mb40, Fcm-mb40 Firmware | 2020-08-24 | 5.0 MEDIUM | 9.8 CRITICAL |
| Dynacolor FCM-MB40 v1.2.0.0 use /etc/appWeb/appweb.pass to store administrative web-interface credentials in cleartext. These credentials can be retrieved via cgi-bin/getuserinfo.cgi?mode=info. | |||||
| CVE-2019-13402 | 1 Fortinet | 2 Fcm-mb40, Fcm-mb40 Firmware | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| /usr/sbin/default.sh and /usr/apache/htdocs/cgi-bin/admin/hardfactorydefault.cgi on Dynacolor FCM-MB40 v1.2.0.0 devices implement an incomplete factory-reset process. A backdoor can persist because neither system accounts nor the set of services is reset. | |||||
| CVE-2019-13403 | 1 Temenos | 1 Cwx | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Temenos CWX version 8.9 has an Broken Access Control vulnerability in the module /CWX/Employee/EmployeeEdit2.aspx, leading to the viewing of user information. | |||||
| CVE-2019-13404 | 2 Microsoft, Python | 2 Windows, Python | 2020-08-24 | 9.3 HIGH | 7.8 HIGH |
| ** DISPUTED ** The MSI installer for Python through 2.7.16 on Windows defaults to the C:\Python27 directory, which makes it easier for local users to deploy Trojan horse code. (This also affects old 3.x releases before 3.5.) NOTE: the vendor's position is that it is the user's responsibility to ensure C:\Python27 access control or choose a different directory, because backwards compatibility requires that C:\Python27 remain the default for 2.7.x. | |||||
| CVE-2019-13405 | 1 Androvideo | 2 Vd 1, Vd 1 Firmware | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| A broken access control vulnerability found in Advan VD-1 firmware version 230 leads to insecure ADB service. An attacker can send a POST request to cgibin/AdbSetting.cgi to enable ADB without any authentication then take the compromised device as a relay or to install mining software. | |||||
| CVE-2019-13406 | 1 Androvideo | 2 Vd 1, Vd 1 Firmware | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| A broken access control vulnerability found in Advan VD-1 firmware versions up to 230. An attacker can send a POST request to cgibin/ApkUpload.cgi to install arbitrary APK without any authentication. | |||||
| CVE-2019-1341 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists when umpo.dll of the Power Service, improperly handles a Registry Restore Key function, aka 'Windows Power Service Elevation of Privilege Vulnerability'. | |||||
| CVE-2019-13411 | 1 Hinet | 2 Gpon, Gpon Firmware | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| An “invalid command” handler issue was discovered in HiNet GPON firmware < I040GWR190731. It allows an attacker to execute arbitrary command through port 3097. CVSS 3.0 Base score 10.0. CVSS vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). | |||||
| CVE-2019-1342 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles a process crash, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1315, CVE-2019-1339. | |||||
| CVE-2019-1343 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2020-08-24 | 7.1 HIGH | 6.5 MEDIUM |
| A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-1346, CVE-2019-1347. | |||||
| CVE-2019-1344 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| An information disclosure vulnerability exists in the way that the Windows Code Integrity Module handles objects in memory, aka 'Windows Code Integrity Module Information Disclosure Vulnerability'. | |||||
| CVE-2019-1345 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1334. | |||||
| CVE-2019-13450 | 2 Ringcentral, Zoom | 2 Ringcentral, Zoom | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| In the Zoom Client through 4.4.4 and RingCentral 7.0.136380.0312 on macOS, remote attackers can force a user to join a video call with the video camera active. This occurs because any web site can interact with the Zoom web server on localhost port 19421 or 19424. NOTE: a machine remains vulnerable if the Zoom Client was installed in the past and then uninstalled. Blocking exploitation requires additional steps, such as the ZDisableVideo preference and/or killing the web server, deleting the ~/.zoomus directory, and creating a ~/.zoomus plain file. | |||||
| CVE-2019-13455 | 2 Debian, Xymon | 2 Debian Linux, Xymon | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the alert acknowledgment CGI tool because of expansion in acknowledge.c. | |||||
| CVE-2019-1346 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 7.1 HIGH | 6.5 MEDIUM |
| A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-1343, CVE-2019-1347. | |||||
| CVE-2019-13461 | 1 Prestashop | 1 Prestashop | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| In PrestaShop before 1.7.6.0 RC2, the id_address_delivery and id_address_invoice parameters are affected by an Insecure Direct Object Reference vulnerability due to a guessable value sent to the web application during checkout. An attacker could leak personal customer information. This is PrestaShop bug #14444. | |||||
| CVE-2019-13465 | 1 Ros | 1 Ros-comm | 2020-08-24 | 5.0 MEDIUM | 8.6 HIGH |
| An issue was discovered in the ROS communications-related packages (aka ros_comm or ros-melodic-ros-comm) through 1.14.3. ROS_ASSERT_MSG only works when ROS_ASSERT_ENABLED is defined. This leads to a problem in the remove() function in clients/roscpp/src/libros/spinner.cpp. When ROS_ASSERT_ENABLED is not defined, the iterator loop will run out of the scope of the array, and cause denial of service for other components (that depend on the communication-related functions of this package). NOTE: The reporter of this issue now believes it was a false alarm. | |||||
| CVE-2019-13466 | 2 Sandisk, Westerndigital | 2 Ssd Dashboard, Ssd Dashboard | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 have Incorrect Access Control. The “generate reports” archive is protected with a hard-coded password. An application update that addresses the protection of archive encryption is available. | |||||
| CVE-2019-13467 | 2 Sandisk, Westerndigital | 2 Ssd Dashboard, Ssd Dashboard | 2020-08-24 | 4.3 MEDIUM | 5.9 MEDIUM |
| Description: Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 applications are potentially vulnerable to man-in-the-middle attacks when the applications download resources from the Dashboard web service. This vulnerability may allow an attacker to substitute downloaded resources with arbitrary files. | |||||
| CVE-2019-1347 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2020-08-24 | 7.1 HIGH | 6.5 MEDIUM |
| A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-1343, CVE-2019-1346. | |||||
| CVE-2019-13474 | 1 Telestar | 22 Bobs Rock Radio, Bobs Rock Radio Firmware, Dabman D10 and 19 more | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| TELESTAR Bobs Rock Radio, Dabman D10, Dabman i30 Stereo, Imperial i110, Imperial i150, Imperial i200, Imperial i200-cd, Imperial i400, Imperial i450, Imperial i500-bt, and Imperial i600 TN81HH96-g102h-g102 devices have insufficient access control for the /set_dname, /mylogo, /LocalPlay, /irdevice.xml, /Sendkey, /setvol, /hotkeylist, /init, /playlogo.jpg, /stop, /exit, /back, and /playinfo commands. | |||||
| CVE-2019-13478 | 1 Yoast | 1 Yoast Seo | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| The Yoast SEO plugin before 11.6-RC5 for WordPress does not properly restrict unfiltered HTML in term descriptions. | |||||
| CVE-2019-1348 | 2 Git-scm, Opensuse | 2 Git, Leap | 2020-08-24 | 3.6 LOW | 3.3 LOW |
| An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths. | |||||
| CVE-2019-13485 | 2 Debian, Xymon | 2 Debian Linux, Xymon | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the history viewer component via a long hostname or service parameter to history.c. | |||||
| CVE-2019-13486 | 2 Debian, Xymon | 2 Debian Linux, Xymon | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| In Xymon through 4.3.28, a stack-based buffer overflow exists in the status-log viewer component because of expansion in svcstatus.c. | |||||
| CVE-2019-13494 | 1 Castlerock | 1 Simple Network Management Protocol Console | 2020-08-24 | 6.8 MEDIUM | 7.8 HIGH |
| nodeimp.exe in Castle Rock SNMPc before 9.0.12.1 and 10.x before 10.0.9 has a stack-based buffer overflow via a long variable string in a Map Objects text file. | |||||
| CVE-2019-13498 | 1 Oneidentity | 1 Cloud Access Manager | 2020-08-24 | 5.8 MEDIUM | 7.4 HIGH |
| One Identity Cloud Access Manager 8.1.3 does not use HTTP Strict Transport Security (HSTS), which may allow man-in-the-middle (MITM) attacks. This issue is fixed in version 8.1.4. | |||||
| CVE-2019-1351 | 2 Microsoft, Opensuse | 3 Visual Studio 2017, Visual Studio 2019, Leap | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'. | |||||
| CVE-2019-13561 | 1 Dlink | 2 Dir-655, Dir-655 Firmware | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| D-Link DIR-655 C devices before 3.02B05 BETA03 allow remote attackers to execute arbitrary commands via shell metacharacters in the online_firmware_check.cgi check_fw_url parameter. | |||||
| CVE-2019-13567 | 1 Zoom | 1 Zoom | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| The Zoom Client before 4.4.53932.0709 on macOS allows remote code execution, a different vulnerability than CVE-2019-13450. If the ZoomOpener daemon (aka the hidden web server) is running, but the Zoom Client is not installed or can't be opened, an attacker can remotely execute code with a maliciously crafted launch URL. NOTE: ZoomOpener is removed by the Apple Malware Removal Tool (MRT) if this tool is enabled and has the 2019-07-10 MRTConfigData. | |||||
| CVE-2019-13568 | 1 Cimg | 1 Cimg | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| CImg through 2.6.7 has a heap-based buffer overflow in _load_bmp in CImg.h because of erroneous memory allocation for a malformed BMP image. | |||||
| CVE-2019-13574 | 2 Debian, Minimagick Project | 2 Debian Linux, Minimagick | 2020-08-24 | 6.8 MEDIUM | 7.8 HIGH |
| In lib/mini_magick/image.rb in MiniMagick before 4.9.4, a fetched remote image filename could cause remote command execution because Image.open input is directly passed to Kernel#open, which accepts a '|' character followed by a command. | |||||