Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-18810 | 1 Linux | 1 Linux Kernel | 2020-08-24 | 7.8 HIGH | 7.5 HIGH |
| A memory leak in the komeda_wb_connector_add() function in drivers/gpu/drm/arm/display/komeda/komeda_wb_connector.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering drm_writeback_connector_init() failures, aka CID-a0ecd6fdbf5d. | |||||
| CVE-2019-18811 | 3 Fedoraproject, Linux, Redhat | 3 Fedora, Linux Kernel, Enterprise Linux | 2020-08-24 | 4.9 MEDIUM | 5.5 MEDIUM |
| A memory leak in the sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering sof_get_ctrl_copy_params() failures, aka CID-45c1380358b1. | |||||
| CVE-2019-18812 | 1 Linux | 1 Linux Kernel | 2020-08-24 | 7.8 HIGH | 7.5 HIGH |
| A memory leak in the sof_dfsentry_write() function in sound/soc/sof/debug.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-c0a333d842ef. | |||||
| CVE-2019-18813 | 1 Linux | 1 Linux Kernel | 2020-08-24 | 7.8 HIGH | 7.5 HIGH |
| A memory leak in the dwc3_pci_probe() function in drivers/usb/dwc3/dwc3-pci.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering platform_device_add_properties() failures, aka CID-9bbfceea12a8. | |||||
| CVE-2019-18828 | 1 Barco | 8 Clickshare Cs-100, Clickshare Cs-100 Firmware, Clickshare Cse-200 and 5 more | 2020-08-24 | 7.2 HIGH | 6.8 MEDIUM |
| Barco ClickShare Button R9861500D01 devices before 1.9.0 have Insufficiently Protected Credentials. The root account (present for access via debug interfaces, which are by default not enabled on production devices) of the embedded Linux on the ClickShare Button is using a weak password. | |||||
| CVE-2019-18831 | 1 Barco | 8 Clickshare Cs-100, Clickshare Cs-100 Firmware, Clickshare Cse-200 and 5 more | 2020-08-24 | 3.5 LOW | 5.3 MEDIUM |
| Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information Exposure. The encrypted ClickShare Button firmware contains the private key of a test device-certificate. | |||||
| CVE-2019-18835 | 1 Matrix | 1 Synapse | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| Matrix Synapse before 1.5.0 mishandles signature checking on some federation APIs. Events sent over /send_join, /send_leave, and /invite may not be correctly signed, or may not come from the expected servers. | |||||
| CVE-2019-18841 | 1 Chartkick | 1 Chartkick.js | 2020-08-24 | 7.5 HIGH | 7.3 HIGH |
| Chartkick.js 3.1.0 through 3.1.3, as used in the Chartkick gem before 3.3.0 for Ruby, allows prototype pollution. | |||||
| CVE-2019-18852 | 1 Dlink | 14 Dir-600 B1, Dir-600 B1 Firmware, Dir-615 J1 and 11 more | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| Certain D-Link devices have a hardcoded Alphanetworks user account with TELNET access because of /etc/config/image_sign or /etc/alpha_config/image_sign. This affects DIR-600 B1 V2.01 for WW, DIR-890L A1 v1.03, DIR-615 J1 v100 (for DCN), DIR-645 A1 v1.03, DIR-815 A1 v1.01, DIR-823 A1 v1.01, and DIR-842 C1 v3.00. | |||||
| CVE-2019-18855 | 1 Safe Svg Project | 1 Safe Svg | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for WordPress, related to potentially unwanted elements or attributes. | |||||
| CVE-2019-18856 | 1 Drupal | 1 Svg Sanitizer | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| A Denial Of Service vulnerability exists in the SVG Sanitizer module through 8.x-1.0-alpha1 for Drupal because access to external resources with an SVG use element is mishandled. | |||||
| CVE-2019-18857 | 1 Svg-sanitizer Project | 1 Svg-sanitizer | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| darylldoyle svg-sanitizer before 0.12.0 mishandles script and data values in attributes, as demonstrated by unexpected whitespace such as in the javascript	:alert substring. | |||||
| CVE-2019-18862 | 1 Gnu | 1 Mailutils | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode. | |||||
| CVE-2019-18887 | 2 Fedoraproject, Sensiolabs | 2 Fedora, Symfony | 2020-08-24 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. The UriSigner was subject to timing attacks. This is related to symfony/http-kernel. | |||||
| CVE-2019-18889 | 2 Fedoraproject, Sensiolabs | 2 Fedora, Symfony | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache. | |||||
| CVE-2019-18913 | 1 Hp | 66 Elite Dragonfly, Elite Dragonfly Firmware, Elite X2 G4 and 63 more | 2020-08-24 | 7.2 HIGH | 6.8 MEDIUM |
| A potential security vulnerability with pre-boot DMA may allow unauthorized UEFI code execution using open-case attacks. This industry-wide issue requires physically accessing internal expansion slots with specialized hardware and software tools to modify UEFI code in memory. This affects HP Intel-based Business PCs that support Microsoft Windows 10 Kernel DMA protection. Affected versions depend on platform (prior to 01.04.02; or prior to 02.04.01; or prior to 02.04.02). | |||||
| CVE-2019-18917 | 1 Hp | 16 Deskjet Ink Advantage 5000 M2u86a, Deskjet Ink Advantage 5000 M2u86a Firmware, Deskjet Ink Advantage 5000 M2u89b and 13 more | 2020-08-24 | 6.4 MEDIUM | 6.5 MEDIUM |
| A potential security vulnerability has been identified for certain HP Printers and All-in-Ones that would allow bypassing account lockout. | |||||
| CVE-2019-18925 | 1 Systematic | 1 Iris Webforms | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| Systematic IRIS WebForms 5.4 and its functionalities can be accessed and used without any form of authentication. | |||||
| CVE-2019-18933 | 1 Zulip | 1 Zulip Server | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| In Zulip Server versions from 1.7.0 to before 2.0.7, a bug in the new user signup process meant that users who registered their account using social authentication (e.g., GitHub or Google SSO) in an organization that also allows password authentication could have their personal API key stolen by an unprivileged attacker, allowing nearly full access to the user's account. | |||||
| CVE-2019-18936 | 1 Bloq | 1 Univalue | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| UniValue::read() in UniValue before 1.0.5 allow attackers to cause a denial of service (the class internal data reaches an inconsistent state) via input data that triggers an error. | |||||
| CVE-2019-18954 | 1 Netease | 1 Pomelo | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| Pomelo v2.2.5 allows external control of critical state data. A malicious user input can corrupt arbitrary methods and attributes in template/game-server/app/servers/connector/handler/entryHandler.js because certain internal attributes can be overwritten via a conflicting name. Hence, a malicious attacker can manipulate internal attributes by adding additional attributes to user input. | |||||
| CVE-2019-18979 | 1 Claranova | 1 Adaware Antivirus | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| Adaware antivirus 12.6.1005.11662 and 12.7.1055.0 has a quarantine flaw that allows privilege escalation. Exploitation uses an NTFS directory junction to restore a malicious DLL from quarantine into the system32 folder. | |||||
| CVE-2019-18980 | 1 Philips | 2 Taolight Smart Wi-fi Wiz Connected Led Bulb 9290022656, Taolight Smart Wi-fi Wiz Connected Led Bulb 9290022656 Firmware | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| On Signify Philips Taolight Smart Wi-Fi Wiz Connected LED Bulb 9290022656 devices, an unprotected API lets remote users control the bulb's operation. Anyone can turn the bulb on or off, or change its color or brightness remotely. There is no authentication or encryption to use the control API. The only requirement is that the attacker have network access to the bulb. | |||||
| CVE-2019-19064 | 1 Linux | 1 Linux Kernel | 2020-08-24 | 7.8 HIGH | 7.5 HIGH |
| ** DISPUTED ** A memory leak in the fsl_lpspi_probe() function in drivers/spi/spi-fsl-lpspi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering pm_runtime_get_sync() failures, aka CID-057b8945f78f. NOTE: third parties dispute the relevance of this because an attacker cannot realistically control these failures at probe time. | |||||
| CVE-2019-19065 | 3 Canonical, Linux, Opensuse | 3 Ubuntu Linux, Linux Kernel, Leap | 2020-08-24 | 4.7 MEDIUM | 4.7 MEDIUM |
| ** DISPUTED ** A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering rhashtable_init() failures, aka CID-34b3be18a04e. NOTE: This has been disputed as not a vulnerability because "rhashtable_init() can only fail if it is passed invalid values in the second parameter's struct, but when invoked from sdma_init() that is a pointer to a static const struct, so an attacker could only trigger failure if they could corrupt kernel memory (in which case a small memory leak is not a significant problem)." | |||||
| CVE-2019-19068 | 6 Canonical, Debian, Fedoraproject and 3 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2020-08-24 | 4.9 MEDIUM | 4.6 MEDIUM |
| A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-a2cdd07488e6. | |||||
| CVE-2019-19071 | 1 Linux | 1 Linux Kernel | 2020-08-24 | 7.8 HIGH | 7.5 HIGH |
| A memory leak in the rsi_send_beacon() function in drivers/net/wireless/rsi/rsi_91x_mgmt.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering rsi_prepare_beacon() failures, aka CID-d563131ef23c. | |||||
| CVE-2019-19072 | 4 Canonical, Fedoraproject, Linux and 1 more | 4 Ubuntu Linux, Fedora, Linux Kernel and 1 more | 2020-08-24 | 4.9 MEDIUM | 4.4 MEDIUM |
| A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-96c5c6e6a5b6. | |||||
| CVE-2019-19075 | 1 Linux | 1 Linux Kernel | 2020-08-24 | 7.8 HIGH | 7.5 HIGH |
| A memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering ca8210_get_platform_data() failures, aka CID-6402939ec86e. | |||||
| CVE-2019-19076 | 3 Canonical, Linux, Redhat | 3 Ubuntu Linux, Linux Kernel, Enterprise Linux | 2020-08-24 | 7.1 HIGH | 5.9 MEDIUM |
| ** DISPUTED ** A memory leak in the nfp_abm_u32_knode_replace() function in drivers/net/ethernet/netronome/nfp/abm/cls.c in the Linux kernel before 5.3.6 allows attackers to cause a denial of service (memory consumption), aka CID-78beef629fd9. NOTE: This has been argued as not a valid vulnerability. The upstream commit 78beef629fd9 was reverted. | |||||
| CVE-2019-19077 | 3 Canonical, Linux, Opensuse | 3 Ubuntu Linux, Linux Kernel, Leap | 2020-08-24 | 4.9 MEDIUM | 5.5 MEDIUM |
| A memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy to udata failures, aka CID-4a9d46a9fe14. | |||||
| CVE-2019-19079 | 1 Linux | 1 Linux Kernel | 2020-08-24 | 7.8 HIGH | 7.5 HIGH |
| A memory leak in the qrtr_tun_write_iter() function in net/qrtr/tun.c in the Linux kernel before 5.3 allows attackers to cause a denial of service (memory consumption), aka CID-a21b7f0cff19. | |||||
| CVE-2019-19080 | 2 Linux, Opensuse | 2 Linux Kernel, Leap | 2020-08-24 | 7.1 HIGH | 5.9 MEDIUM |
| Four memory leaks in the nfp_flower_spawn_phy_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allow attackers to cause a denial of service (memory consumption), aka CID-8572cea1461a. | |||||
| CVE-2019-19081 | 3 Linux, Opensuse, Redhat | 3 Linux Kernel, Leap, Enterprise Linux | 2020-08-24 | 7.1 HIGH | 5.9 MEDIUM |
| A memory leak in the nfp_flower_spawn_vnic_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allows attackers to cause a denial of service (memory consumption), aka CID-8ce39eb5a67a. | |||||
| CVE-2019-19082 | 3 Canonical, Linux, Opensuse | 3 Ubuntu Linux, Linux Kernel, Leap | 2020-08-24 | 4.7 MEDIUM | 4.7 MEDIUM |
| Memory leaks in *create_resource_pool() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption). This affects the dce120_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, the dce100_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, and the dce112_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, aka CID-104c307147ad. | |||||
| CVE-2019-19083 | 3 Canonical, Linux, Opensuse | 3 Ubuntu Linux, Linux Kernel, Leap | 2020-08-24 | 4.7 MEDIUM | 4.7 MEDIUM |
| Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, the dce100_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, the dcn20_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn20/dcn20_resource.c, the dce120_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, and the dce80_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce80/dce80_resource.c, aka CID-055e547478a1. | |||||
| CVE-2019-19086 | 1 Gitlab | 1 Gitlab | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| Gitlab Enterprise Edition (EE) before 12.5.1 has Insecure Permissions (issue 1 of 2). | |||||
| CVE-2019-19087 | 1 Gitlab | 1 Gitlab | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| Gitlab Enterprise Edition (EE) before 12.5.1 has Insecure Permissions (issue 2 of 2). | |||||
| CVE-2019-19117 | 1 Phicomm | 2 K2\(psg1218\), K2\(psg1218\) Firmware | 2020-08-24 | 9.0 HIGH | 8.8 HIGH |
| /usr/lib/lua/luci/controller/admin/autoupgrade.lua on PHICOMM K2(PSG1218) V22.5.9.163 devices allows remote authenticated users to execute any command via shell metacharacters in the cgi-bin/luci autoUpTime parameter. | |||||
| CVE-2019-19127 | 1 Tribalgroup | 1 Sits\ | 2020-08-24 | 6.8 MEDIUM | 8.1 HIGH |
| An authentication bypass vulnerability is present in the standalone SITS:Vision 9.7.0 component of Tribal SITS in its default configuration, related to unencrypted communications sent by the client each time it is launched. This occurs because the Uniface TLS Driver is not enabled by default. This vulnerability allows attackers to gain access to credentials or execute arbitrary SQL queries on the SITS backend as long as they have access to the client executable or can intercept traffic from a user who does. | |||||
| CVE-2019-19142 | 1 Intelbras | 2 Wrn 240, Wrn 240 Firmware | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Intelbras WRN240 devices do not require authentication to replace the firmware via a POST request to the incoming/Firmware.cfg URI. | |||||
| CVE-2019-19143 | 1 Tp-link | 2 Tl-wr849n, Tl-wr849n Firmware | 2020-08-24 | 4.1 MEDIUM | 6.1 MEDIUM |
| TP-LINK TL-WR849N 0.9.1 4.16 devices do not require authentication to replace the firmware via a POST request to the cgi/softup URI. | |||||
| CVE-2019-19148 | 1 Tellabs | 2 Optical Line Terminal 1150, Optical Line Terminal 1150 Firmware | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| Tellabs Optical Line Terminal (OLT) 1150 devices allow Remote Command Execution via the -l option to TELNET or SSH. Tellabs has addressed this issue in the SR30.1 and SR31.1 release on February 18, 2020. | |||||
| CVE-2019-19194 | 1 Telink-semi | 10 Tlsr8232, Tlsr8232 Ble Sdk, Tlsr8251 and 7 more | 2020-08-24 | 5.8 MEDIUM | 8.8 HIGH |
| The Bluetooth Low Energy Secure Manager Protocol (SMP) implementation on Telink Semiconductor BLE SDK versions before November 2019 for TLSR8x5x through 3.4.0, TLSR823x through 1.3.0, and TLSR826x through 3.3 devices installs a zero long term key (LTK) if an out-of-order link-layer encryption request is received during Secure Connections pairing. An attacker in radio range can have arbitrary read/write access to protected GATT service data, cause a device crash, or possibly control a device's function by establishing an encrypted session with the zero LTK. | |||||
| CVE-2019-19212 | 1 Dolibarr | 1 Dolibarr | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| Dolibarr ERP/CRM 3.0 through 10.0.3 allows XSS via the qty parameter to product/fournisseurs.php (product price screen). | |||||
| CVE-2019-19224 | 1 D-link | 2 Dsl-2680, Dsl-2680 Firmware | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to download the configuration (binary file) settings by submitting a rom-0 GET request without being authenticated on the admin interface. | |||||
| CVE-2019-19225 | 1 D-link | 2 Dsl-2680, Dsl-2680 Firmware | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to change DNS servers without being authenticated on the admin interface by submitting a crafted Forms/dns_1 POST request. | |||||
| CVE-2019-19226 | 1 D-link | 2 Dsl-2680, Dsl-2680 Firmware | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to enable or disable MAC address filtering by submitting a crafted Forms/WlanMacFilter_1 POST request without being authenticated on the admin interface. | |||||
| CVE-2019-19240 | 1 Embedthis | 1 Goahead | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| Embedthis GoAhead before 5.0.1 mishandles redirected HTTP requests with a large Host header. The GoAhead WebsRedirect uses a static host buffer that has a limited length and can overflow. This can cause a copy of the Host header to fail, leaving that buffer uninitialized, which may leak uninitialized data in a response. | |||||
| CVE-2019-19241 | 1 Linux | 1 Linux Kernel | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| In the Linux kernel before 5.4.2, the io_uring feature leads to requests that inadvertently have UID 0 and full capabilities, aka CID-181e448d8709. This is related to fs/io-wq.c, fs/io_uring.c, and net/socket.c. For example, an attacker can bypass intended restrictions on adding an IPv4 address to the loopback interface. This occurs because IORING_OP_SENDMSG operations, although requested in the context of an unprivileged user, are sometimes performed by a kernel worker thread without considering that context. | |||||