Les dernières vulnérabilités publiées sur la National Vulnerability Database (NVD)

CVE-2015-0841 - Off-by-one error in the readBuf function in listener.cpp in libcapsinetwork and monopd before 0.9.8, allows remote attackers to cause a denial of service (crash) via a long line.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2015-0841
Partager : LinkedIn / Twitter / Facebook

CVE-2015-1853 - chrony before 1.31.1 does not properly protect state variables in authenticated symmetric NTP associations, which allows remote attackers with knowledge of NTP peering to cause a denial of service (inability to synchronize) via random timestamps in crafted NTP data packets.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2015-1853
Partager : LinkedIn / Twitter / Facebook

CVE-2019-14251 - An issue was discovered in T24 in TEMENOS Channels R15.01. The login page presents JavaScript functions to access a document on the server once successfully authenticated. However, an attacker can leverage downloadDocServer() to traverse the file system and access files or directories that are outside of the restricted directory because WealthT24/GetImage is used with the docDownloadPath and uploadLocation parameters.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-14251
Partager : LinkedIn / Twitter / Facebook

CVE-2019-18190 - Trend Micro Security (Consumer) 2020 (v16.x) is affected by a vulnerability in where null pointer dereference errors result in the crash of application, which could potentially lead to possible unsigned code execution under certain circumstances.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-18190
Partager : LinkedIn / Twitter / Facebook

CVE-2019-18380 - Symantec Industrial Control System Protection (ICSP), versions 6.x.x, may be susceptible to an unauthorized access issue that could potentially allow a threat actor to create or modify application user accounts without proper authentication.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-18380
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19603 - SQLite 3.30.1, during handling of CREATE TABLE and CREATE VIEW statements, does not consider confusion with a shadow table name, as demonstrated by the sqlite_ substring.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19603
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19645 - alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19645
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19646 - pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19646
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19647 - radare2 through 4.0.0 lacks validation of the content variable in the function r_asm_pseudo_incbin at libr/asm/asm.c, ultimately leading to an arbitrary write. This allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted input.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19647
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19648 - In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, command_size may be inconsistent with the real size. A specially crafted MachO file can cause an out-of-bounds memory access, resulting in Denial of Service (application crash) or potential code execution.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19648
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19678 - In "Xray Test Management for Jira" prior to version 3.5.5, remote authenticated attackers can cause XSS in the generic field entry point via the Generic Test Definition field of a new Generic Test issue.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19678
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19679 - In "Xray Test Management for Jira" prior to version 3.5.5, remote authenticated attackers can cause XSS in the Pre-Condition Summary entry point via the summary field of a Create Pre-Condition action for a new Test Issue.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19679
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19682 - nopCommerce through 4.20 allows XSS in the SaveStoreMappings of the components \Presentation\Nop.Web\Areas\Admin\Controllers\NewsController.cs and \Presentation\Nop.Web\Areas\Admin\Controllers\BlogController.cs via Body or Full to Admin/News/NewsItemEdit/[id] Admin/Blog/BlogPostEdit/[id]. NOTE: the vendor reportedly considers this a "feature" because the affected components are an HTML content editor.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19682
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19683 - RoxyFileman, as shipped with nopCommerce v4.2.0, is vulnerable to ../ path traversal via d or f to Admin/RoxyFileman/ProcessRequest because of Libraries/Nop.Services/Media/RoxyFileman/FileRoxyFilemanService.cs.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19683
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19684 - nopCommerce v4.2.0 allows privilege escalation via file upload in Presentation/Nop.Web/Admin/Areas/Controllers/PluginController.cs via Admin/FacebookAuthentication/Configure because it is possible to upload a crafted Facebook Auth plugin.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19684
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19685 - RoxyFileman, as shipped with nopCommerce v4.2.0, is vulnerable to CSRF because GET requests can be used for renames and deletions.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19685
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19687 - OpenStack Keystone 15.0.0 and 16.0.0 is affected by Data Leakage in the list credentials API. Any user with a role on a project is able to list any credentials with the /v3/credentials API when enforce_scope is false. Users with a role on a project are able to view any other users' credentials, which could (for example) leak sign-on information for Time-based One Time Passwords (TOTP). Deployments with enforce_scope set to false are affected. (There will be a slight performance impact for the list credentials API once this issue is fixed.)
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19687
Partager : LinkedIn / Twitter / Facebook

CVE-2012-1615 - A Privilege Escalation vulnerability exits in Fedoraproject Sectool due to an incorrect DBus file.
06/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2012-1615
Partager : LinkedIn / Twitter / Facebook

CVE-2012-2092 - A Security Bypass vulnerability exists in Ubuntu Cobbler before 2,2,2 in the cobbler-ubuntu-import script due to an error when verifying the GPG signature.
06/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2012-2092
Partager : LinkedIn / Twitter / Facebook

CVE-2012-2130 - A Security Bypass vulnerability exists in PolarSSL 0.99pre4 through 1.1.1 due to a weak encryption error when generating Diffie-Hellman values and RSA keys.
06/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2012-2130
Partager : LinkedIn / Twitter / Facebook

CVE-2012-2148 - An issue exists in the property replacements feature in any descriptor in JBoxx AS 7.1.1 ignores java security policies
06/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2012-2148
Partager : LinkedIn / Twitter / Facebook

CVE-2018-7282 - The username parameter of the TITool PrintMonitor solution during the login request is vulnerable to and/or time-based blind SQLi.
06/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2018-7282
Partager : LinkedIn / Twitter / Facebook

CVE-2019-12734 - SiteVision 4 has Incorrect Access Control.
06/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-12734
Partager : LinkedIn / Twitter / Facebook

CVE-2019-1551 - There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e-dev (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u-dev (Affected 1.0.2-1.0.2t).
06/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-1551
Partager : LinkedIn / Twitter / Facebook

CVE-2019-16670 - An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. The Authentication mechanism has no brute-force prevention.
06/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-16670
Partager : LinkedIn / Twitter / Facebook

CVE-2019-16671 - An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. Remote authenticated users can crash a device with a special packet because of Uncontrolled Resource Consumption.
06/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-16671
Partager : LinkedIn / Twitter / Facebook

CVE-2019-16673 - An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. Passwords are stored in cleartext and can be read by anyone with access to the device.
06/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-16673
Partager : LinkedIn / Twitter / Facebook

CVE-2019-16674 - An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. Authentication Information used in a cookie is predictable and can lead to admin password compromise when captured on the network.
06/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-16674
Partager : LinkedIn / Twitter / Facebook

CVE-2019-18671 - Insufficient checks in the USB packet handling of the ShapeShift KeepKey hardware wallet before firmware 6.2.2 allow out-of-bounds writes on the stack via crafted messages. The vulnerability could allow code execution or other forms of impact. It can be triggered by unauthenticated attackers and the interface is reachable via WebUSB.
06/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-18671
Partager : LinkedIn / Twitter / Facebook

CVE-2019-18672 - Insufficient checks in the finite state machine of the ShapeShift KeepKey hardware wallet before firmware 6.2.2 allow a partial reset of cryptographic secrets to known values via crafted messages. Notably, this breaks the security of U2F for new server registrations and invalidates existing registrations. This vulnerability can be exploited by unauthenticated attackers and the interface is reachable via WebUSB.
06/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-18672
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19333 - In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of service or possibly gain code execution.
06/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19333
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19334 - In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of service or possibly gain code execution.
06/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19334
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19551 - In userman 13.0.76.43 through 15.0.20 in Sangoma FreePBX, XSS exists in the User Management screen of the Administrator web site. An attacker with access to the User Control Panel application can submit malicious values in some of the time/date formatting and time-zone fields. These fields are not being properly sanitized. If this is done and a user (such as an admin) visits the User Management screen and views that user's profile, the XSS payload will render and execute in the context of the victim user's account.
06/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19551
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19552 - In userman 13.0.76.43 through 15.0.20 in Sangoma FreePBX, XSS exists in the user management screen of the Administrator web site, i.e., the/admin/config.php?display=userman URI. An attacker with sufficient privileges can edit the Display Name of a user and embed malicious XSS code. When another user (such as an admin) visits the main User Management screen, the XSS payload will render and execute in the context of the victim user's account.
06/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19552
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19616 - An Insecure Direct Object Reference (IDOR) vulnerability in the Xtivia Web Time and Expense (WebTE) interface used for Microsoft Dynamics NAV before 2017 allows an attacker to download arbitrary files by specifying arbitrary values for the recId and filename parameters of the /Home/GetAttachment function.
06/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19616
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19617 - phpMyAdmin before 4.9.2 does not escape certain Git information, related to libraries/classes/Display/GitRevision.php and libraries/classes/Footer.php.
06/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19617
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19619 - domain/section/markdown/markdown.go in Documize before 3.5.1 mishandles untrusted Markdown content. This was addressed by adding the bluemonday HTML sanitizer to defend against XSS.
06/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19619
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19620 - In SecureWorks Red Cloak Windows Agent before 2.0.7.9, a local user can bypass the generation of telemetry alerts by removing NT AUTHORITY\SYSTEM permissions from a malicious file.
06/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19620
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19624 - An out-of-bounds read was discovered in OpenCV before 4.1.1. Specifically, variable coarsest_scale is assumed to be greater than or equal to finest_scale within the calc()/ocl_calc() functions in dis_flow.cpp. However, this is not true when dealing with small images, leading to an out-of-bounds read of the heap-allocated arrays Ux and Uy.
06/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19624
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19625 - SROS 2 0.8.1 (which provides the tools that generate and distribute keys for Robot Operating System 2 and uses the underlying security plugins of DDS from ROS 2) leaks node information due to a leaky default configuration as indicated in the policy/defaults/dds/governance.xml document.
06/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19625
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19627 - SROS 2 0.8.1 (after CVE-2019-19625 is mitigated) leaks ROS 2 node-related information regardless of the rtps_protection_kind configuration. (SROS2 provides the tools to generate and distribute keys for Robot Operating System 2 and uses the underlying security plugins of DDS from ROS 2.)
06/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19627
Partager : LinkedIn / Twitter / Facebook

CVE-2019-5544 - OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.
06/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-5544
Partager : LinkedIn / Twitter / Facebook

CVE-2013-0163 - OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS
05/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2013-0163
Partager : LinkedIn / Twitter / Facebook

CVE-2013-0243 - haskell-tls-extra before 0.6.1 has Basic Constraints attribute vulnerability may lead to Man in the Middle attacks on TLS connections
05/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2013-0243
Partager : LinkedIn / Twitter / Facebook

CVE-2018-1002102 - Improper validation of URL redirection in the Kubernetes API server in versions prior to v1.14.0 allows an attacker-controlled Kubelet to redirect API server requests from streaming endpoints to arbitrary hosts. Impacted API servers will follow the redirect as a GET request with client-certificate credentials for authenticating to the Kubelet.
05/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2018-1002102
Partager : LinkedIn / Twitter / Facebook

CVE-2019-11255 - Improper input validation in Kubernetes CSI sidecar containers for external-provisioner (
05/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-11255
Partager : LinkedIn / Twitter / Facebook

CVE-2019-14910 - A vulnerability was found in keycloak 7.x, when keycloak is configured with LDAP user federation and StartTLS is used instead of SSL/TLS from the LDAP server (ldaps), in this case user authentication succeeds even if invalid password has entered.
05/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-14910
Partager : LinkedIn / Twitter / Facebook

CVE-2019-15897 - beegfs-ctl in ThinkParQ BeeGFS through 7.1.3 allows Authentication Bypass via communication with a BeeGFS metadata server (which is typically not exposed to external networks).
05/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-15897
Partager : LinkedIn / Twitter / Facebook

CVE-2019-17437 - An improper authentication check in Palo Alto Networks PAN-OS may allow an authenticated low privileged non-superuser custom role user to elevate privileges and become superuser. This issue affects PAN-OS 7.1 versions prior to 7.1.25; 8.0 versions prior to 8.0.20; 8.1 versions prior to 8.1.11; 9.0 versions prior to 9.0.5. PAN-OS version 7.0 and prior EOL versions have not been evaluated for this issue.
05/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-17437
Partager : LinkedIn / Twitter / Facebook

CVE-2019-18180 - Improper Check for filenames with overly long extensions in PostMaster (sending in email) or uploading files (e.g. attaching files to mails) of ((OTRS)) Community Edition and OTRS allows an remote attacker to cause an endless loop. This issue affects: OTRS AG: ((OTRS)) Community Edition 5.0.x version 5.0.38 and prior versions; 6.0.x version 6.0.23 and prior versions. OTRS AG: OTRS 7.0.x version 7.0.12 and prior versions.
05/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-18180
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19007 - Intelbras IWR 3000N 1.8.7 devices allow disclosure of the administrator login name and password because v1/system/user is mishandled, a related issue to CVE-2019-17600.
05/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19007
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19519 - In OpenBSD 6.6, local users can use the su -L option to achieve any login class (often excluding root) because there is a logic error in the main function in su/su.c.
05/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19519
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19520 - xlock in OpenBSD 6.6 allows local users to gain the privileges of the auth group by providing a LIBGL_DRIVERS_PATH environment variable, because xenocara/lib/mesa/src/loader/loader.c mishandles dlopen.
05/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19520
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19521 - libc in OpenBSD 6.6 allows authentication bypass via the -schallenge username, as demonstrated by smtpd, ldapd, or radiusd. This is related to gen/auth_subr.c and gen/authenticate.c in libc (and login/login.c and xenocara/app/xenodm/greeter/verify.c).
05/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19521
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19522 - OpenBSD 6.6, in a non-default configuration where S/Key or YubiKey authentication is enabled, allows local users to become root by leveraging membership in the auth group. This occurs because root's file can be written to /etc/skey or /var/db/yubikey, and need not be owned by root.
05/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19522
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19589 - The Lever PDF Embedder plugin 4.4 for WordPress does not block the distribution of polyglot PDF documents that are valid JAR archives.
05/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19589
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19590 - In radare2 through 4.0, there is an integer overflow for the variable new_token_size in the function r_asm_massemble at libr/asm/asm.c. This integer overflow will result in a Use-After-Free for the buffer tokens, which can be filled with arbitrary malicious data after the free. This allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted input.
05/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19590
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19597 - D-Link DAP-1860 devices before v1.04b03 Beta allow arbitrary remote code execution as root without authentication via shell metacharacters within an HNAP_AUTH HTTP header.
05/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19597
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19598 - D-Link DAP-1860 devices before v1.04b03 Beta allow access to administrator functions without authentication via the HNAP_AUTH header timestamp value. In HTTP requests, part of the HNAP_AUTH header is the timestamp used to determine the time when the user sent the request. If this value is equal to the value stored in the device's /var/hnap/timestamp file, the request will pass the HNAP_AUTH check function.
05/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19598
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19601 - OpenDetex 2.8.5 has a Buffer Overflow in TexOpen in detex.l because of an incorrect sprintf.
05/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19601
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19602 - fpregs_state_valid in arch/x86/include/asm/fpu/internal.h in the Linux kernel before 5.4.2, when GCC 9 is used, allows context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact because of incorrect fpu_fpregs_owner_ctx caching, as demonstrated by mishandling of signal-based non-cooperative preemption in Go 1.14 prereleases on amd64, aka CID-59c4bd853abc.
05/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19602
Partager : LinkedIn / Twitter / Facebook

CVE-2019-3690 - The chkstat tool in the permissions package followed symlinks before commit a9e1d26cd49ef9ee0c2060c859321128a6dd4230 (please also check the additional hardenings after this fix). This allowed local attackers with control over a path that is traversed by chkstat to escalate privileges.
05/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-3690
Partager : LinkedIn / Twitter / Facebook

CVE-2018-0730 - This command injection vulnerability in File Station allows attackers to execute commands on the affected device. To fix the vulnerability, QNAP recommend updating QTS to their latest versions.
04/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2018-0730
Partager : LinkedIn / Twitter / Facebook

CVE-2019-11923 - In Mcrouter prior to v0.41.0, the deprecated ASCII parser would allocate a buffer to a user-specified length with no maximum length enforced, allowing for resource exhaustion or denial of service.
04/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-11923
Partager : LinkedIn / Twitter / Facebook

CVE-2019-11930 - An invalid free in mb_detect_order can cause the application to crash or potentially result in remote code execution. This issue affects HHVM versions prior to 3.30.12, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.23.1, as well as 4.24.0, 4.25.0, 4.26.0, 4.27.0, 4.28.0, and 4.28.1.
04/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-11930
Partager : LinkedIn / Twitter / Facebook

CVE-2019-11934 - Improper handling of close_notify alerts can result in an out-of-bounds read in AsyncSSLSocket. This issue affects folly prior to v2019.11.04.00.
04/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-11934
Partager : LinkedIn / Twitter / Facebook

CVE-2019-11935 - Insufficient boundary checks when processing a string in mb_ereg_replace allows access to out-of-bounds memory. This issue affects HHVM versions prior to 3.30.12, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.23.1, as well as 4.24.0, 4.25.0, 4.26.0, 4.27.0, 4.28.0, and 4.28.1.
04/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-11935
Partager : LinkedIn / Twitter / Facebook

CVE-2019-11936 - Various APC functions accept keys containing null bytes as input, leading to premature truncation of input. This issue affects HHVM versions prior to 3.30.12, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.23.1, as well as 4.24.0, 4.25.0, 4.26.0, 4.27.0, 4.28.0, and 4.28.1.
04/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-11936
Partager : LinkedIn / Twitter / Facebook

CVE-2019-11937 - In Mcrouter prior to v0.41.0, a large struct input provided to the Carbon protocol reader could result in stack exhaustion and denial of service.
04/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-11937
Partager : LinkedIn / Twitter / Facebook

CVE-2019-11940 - In the course of decompressing HPACK inside the HTTP2 protocol, an unexpected sequence of header table resize operations can place the header table into a corrupted state, leading to a use-after-free condition and undefined behavior. This issue affects Proxygen from v0.29.0 until v2017.04.03.00.
04/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-11940
Partager : LinkedIn / Twitter / Facebook

CVE-2019-14909 - A vulnerability was found in Keycloak 7.x where the user federation LDAP bind type is none (LDAP anonymous bind), any password, invalid or valid will be accepted.
04/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-14909
Partager : LinkedIn / Twitter / Facebook

CVE-2019-15638 - COPA-DATA zenone32 zenon Editor through 8.10 has an Uncontrolled Search Path Element.
04/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-15638
Partager : LinkedIn / Twitter / Facebook

CVE-2019-17554 - The XML content type entity deserializer in Apache Olingo versions 4.0.0 to 4.6.0 is not configured to deny the resolution of external entities. Request with content type "application/xml", which trigger the deserialization of entities, can be used to trigger XXE attacks.
04/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-17554
Partager : LinkedIn / Twitter / Facebook

CVE-2019-17555 - The AsyncResponseWrapperImpl class in Apache Olingo versions 4.0.0 to 4.6.0 reads the Retry-After header and passes it to the Thread.sleep() method without any check. If a malicious server returns a huge value in the header, then it can help to implement a DoS attack.
04/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-17555
Partager : LinkedIn / Twitter / Facebook

CVE-2019-17556 - Apache Olingo versions 4.0.0 to 4.6.0 provide the AbstractService class, which is public API, uses ObjectInputStream and doesn't check classes being deserialized. If an attacker can feed malicious metadata to the class, then it may result in running attacker's code in the worse case.
04/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-17556
Partager : LinkedIn / Twitter / Facebook

CVE-2019-18346 - A CSRF issue was discovered in DAViCal through 1.1.8. If an authenticated user visits an attacker-controlled webpage, the attacker can send arbitrary requests in the name of the user to the application. If the attacked user is an administrator, the attacker could for example add a new admin user.
04/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-18346
Partager : LinkedIn / Twitter / Facebook

CVE-2019-18347 - A stored XSS issue was discovered in DAViCal through 1.1.8. It does not adequately sanitize output of various fields that can be set by unprivileged users, making it possible for JavaScript stored in those fields to be executed by another (possibly privileged) user. Affected database fields include Username, Display Name, and Email.
04/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-18347
Partager : LinkedIn / Twitter / Facebook

CVE-2019-18850 - TrevorC2 v1.1/v1.2 fails to prevent fingerprinting primarily via a discrepancy between response headers when responding to different HTTP methods, also via predictible responses when accessing and interacting with the "SITE_PATH_QUERY".
04/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-18850
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19228 - Fronius Solar Inverter devices before 3.14.1 (HM 1.12.1) allow attackers to bypass authentication because the password for the today account is stored in the /tmp/web_users.conf file.
04/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19228
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19229 - admincgi-bin/service.fcgi on Fronius Solar Inverter devices before 3.14.1 (HM 1.12.1) allows action=download&filename= Directory Traversal.
04/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19229
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19364 - In Sony Catalyst Production Suite through 2019.1 (1.1.0.21) and Catalyst Browse through 2019.1 (1.1.0.21), an unprivileged user can obtain admin privileges, and execute a program as admin, after DLL hijacking of a DLL that is loaded during setup (installation).
04/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19364
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19555 - read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf.
04/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19555
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19576 - class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions.
04/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19576
Partager : LinkedIn / Twitter / Facebook

CVE-2013-2101 - Katello has multiple XSS issues in various entities
03/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2013-2101
Partager : LinkedIn / Twitter / Facebook

CVE-2013-2103 - OpenShift cartridge allows remote URL retrieval
03/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2013-2103
Partager : LinkedIn / Twitter / Facebook

CVE-2013-2106 - webauth before 4.6.1 has authentication credential disclosure
03/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2013-2106
Partager : LinkedIn / Twitter / Facebook

CVE-2013-2228 - SaltStack RSA Key Generation allows remote users to decrypt communications
03/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2013-2228
Partager : LinkedIn / Twitter / Facebook

CVE-2013-4235 - shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees
03/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2013-4235
Partager : LinkedIn / Twitter / Facebook

CVE-2013-4411 - Review Board: URL processing gives unauthorized users access to review lists
03/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2013-4411
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19523 - In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79.
03/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19523
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19524 - In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9.
03/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19524
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19525 - In the Linux kernel before 5.3.6, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035.
03/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19525
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19526 - In the Linux kernel before 5.3.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/nfc/pn533/usb.c driver, aka CID-6af3aa57a098.
03/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19526
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19527 - In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver, aka CID-9c09b214f30e.
03/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19527
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19528 - In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d.
03/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19528
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19529 - In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41.
03/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19529
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19530 - In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef.
03/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19530
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19531 - In the Linux kernel before 5.2.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca.
03/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19531
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19532 - In the Linux kernel before 5.3.9, there are multiple out-of-bounds write bugs that can be caused by a malicious USB device in the Linux kernel HID drivers, aka CID-d9d4b1e46d95. This affects drivers/hid/hid-axff.c, drivers/hid/hid-dr.c, drivers/hid/hid-emsff.c, drivers/hid/hid-gaff.c, drivers/hid/hid-holtekff.c, drivers/hid/hid-lg2ff.c, drivers/hid/hid-lg3ff.c, drivers/hid/hid-lg4ff.c, drivers/hid/hid-lgff.c, drivers/hid/hid-logitech-hidpp.c, drivers/hid/hid-microsoft.c, drivers/hid/hid-sony.c, drivers/hid/hid-tmff.c, and drivers/hid/hid-zpff.c.
03/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19532
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19533 - In the Linux kernel before 5.3.4, there is an info-leak bug that can be caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c driver, aka CID-a10feaf8c464.
03/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19533
Partager : LinkedIn / Twitter / Facebook

Les annonces ayant été modifiées dernièrement

CVE-2013-0342 - The CreateID function in packet.py in pyrad before 2.1 uses sequential packet IDs, which makes it easier for remote attackers to spoof packets by predicting the next ID, a different vulnerability than CVE-2013-0294.
10/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2013-0342
Partager : LinkedIn / Twitter / Facebook

CVE-2014-0242 - mod_wsgi module before 3.4 for Apache, when used in embedded mode, might allow remote attackers to obtain sensitive information via the Content-Type header which is generated from memory that may have been freed and then overwritten by a separate thread.
10/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2014-0242
Partager : LinkedIn / Twitter / Facebook

CVE-2015-3424 - SQL injection vulnerability in Accentis Content Resource Management System before the October 2015 patch allows remote attackers to execute arbitrary SQL commands via the SIDX parameter.
10/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2015-3424
Partager : LinkedIn / Twitter / Facebook

CVE-2015-3425 - Cross-site scripting (XSS) vulnerability in Accentis Content Resource Management System before October 2015 patch allows remote attackers to inject arbitrary web script or HTML via the ctl00$cph_content$_uig_formState parameter.
10/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2015-3425
Partager : LinkedIn / Twitter / Facebook

CVE-2015-7892 - Stack-based buffer overflow in the m2m1shot_compat_ioctl32 function in the Samsung m2m1shot driver framework, as used in Samsung S6 Edge, allows local users to have unspecified impact via a large data.buf_out.num_planes value in an ioctl call.
10/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2015-7892
Partager : LinkedIn / Twitter / Facebook

CVE-2019-16672 - An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. Sensitive Credentials data is transmitted in cleartext.
10/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-16672
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19230 - An unsafe deserialization vulnerability exists in CA Release Automation (Nolio) 6.6 with the DataManagement component that can allow a remote attacker to execute arbitrary code.
10/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19230
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19447 - In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c.
10/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19447
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19448 - In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer to a left data structure can be the same as the pointer to a right data structure.
10/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19448
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19449 - In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated).
10/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19449
Partager : LinkedIn / Twitter / Facebook

CVE-2019-4428 - IBM Watson Assistant for IBM Cloud Pak for Data 1.0.0 through 1.3.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 162807.
10/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-4428
Partager : LinkedIn / Twitter / Facebook

CVE-2019-4611 - IBM Planning Analytics 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 168519.
10/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-4611
Partager : LinkedIn / Twitter / Facebook

CVE-2019-4612 - IBM Planning Analytics 2.0 is vulnerable to malicious file upload in the My Account Portal. Attackers can make use of this weakness and upload malicious executable files into the system and it can be sent to victim for performing further attacks. IBM X-Force ID: 168523.
10/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-4612
Partager : LinkedIn / Twitter / Facebook

CVE-2019-4621 - IBM DataPower Gateway 7.6.0.0-7 throug 6.0.14 and 2018.4.1.0 through 2018.4.1.5 have a default administrator account that is enabled if the IPMI LAN channel is enabled. A remote attacker could use this account to gain unauthorised access to the BMC. IBM X-Force ID: 168883.
10/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-4621
Partager : LinkedIn / Twitter / Facebook

CVE-2011-1933 - SQL injection vulnerability in Jifty::DBI before 0.68.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2011-1933
Partager : LinkedIn / Twitter / Facebook

CVE-2011-3624 - Various methods in WEBrick::HTTPRequest in Ruby 1.9.2 and 1.8.7 and earlier do not validate the X-Forwarded-For, X-Forwarded-Host and X-Forwarded-Server headers in requests, which might allow remote attackers to inject arbitrary text into log files or bypass intended address parsing via a crafted header.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2011-3624
Partager : LinkedIn / Twitter / Facebook

CVE-2012-1114 - A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the filter parameter to cmd.php in an export and exporter_id action. and the filteruid parameter to list.php.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2012-1114
Partager : LinkedIn / Twitter / Facebook

CVE-2012-1115 - A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the export, add_value_form, and dn parameters to cmd.php.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2012-1115
Partager : LinkedIn / Twitter / Facebook

CVE-2012-5518 - vdsm: certificate generation upon node creation allowing vdsm to start and serve requests from anyone who has a matching key (and certificate)
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2012-5518
Partager : LinkedIn / Twitter / Facebook

CVE-2012-5535 - gnome-system-log polkit policy allows arbitrary files on the system to be read
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2012-5535
Partager : LinkedIn / Twitter / Facebook

CVE-2012-5582 - opendnssec misuses libcurl API
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2012-5582
Partager : LinkedIn / Twitter / Facebook

CVE-2012-5631 - ipa 3.0 does not properly check server identity before sending credential containing cookies
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2012-5631
Partager : LinkedIn / Twitter / Facebook

CVE-2013-0283 - Katello: Username in Notification page has cross site scripting
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2013-0283
Partager : LinkedIn / Twitter / Facebook

CVE-2015-1396 - A Directory Traversal vulnerability exists in the GNU patch before 2.7.4. A remote attacker can write to arbitrary files via a symlink attack in a patch file. NOTE: this issue exists because of an incomplete fix for CVE-2015-1196.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2015-1396
Partager : LinkedIn / Twitter / Facebook

CVE-2018-0728 - This improper access control vulnerability in Helpdesk allows attackers to access the system logs. To fix the vulnerability, QNAP recommend updating QTS and Helpdesk to their latest versions.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2018-0728
Partager : LinkedIn / Twitter / Facebook

CVE-2018-0729 - This command injection vulnerability in Music Station allows attackers to execute commands on the affected device. To fix the vulnerability, QNAP recommend updating Music Station to their latest versions.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2018-0729
Partager : LinkedIn / Twitter / Facebook

CVE-2019-10206 - ansible-playbook -k and ansible cli tools, all versions 2.8.x before 2.8.4, all 2.7.x before 2.7.13 and all 2.6.x before 2.6.19, prompt passwords by expanding them from templates as they could contain special characters. Passwords should be wrapped to prevent templates trigger and exposing them.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-10206
Partager : LinkedIn / Twitter / Facebook

CVE-2019-12733 - SiteVision 4 allows Remote Code Execution.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-12733
Partager : LinkedIn / Twitter / Facebook

CVE-2019-13566 - An issue was discovered in the ROS communications-related packages (aka ros_comm or ros-melodic-ros-comm) through 1.14.3. A buffer overflow allows attackers to cause a denial of service and possibly execute arbitrary code via an IP address with a long hostname.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-13566
Partager : LinkedIn / Twitter / Facebook

CVE-2019-15300 - A problem was found in Centreon Web through 19.04.3. An authenticated SQL injection is present in the page include/Administration/parameters/ldap/xml/ldap_host.php. The arId parameter is not properly filtered before being passed to the SQL query.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-15300
Partager : LinkedIn / Twitter / Facebook

CVE-2019-15845 - Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-15845
Partager : LinkedIn / Twitter / Facebook

CVE-2019-15956 - A vulnerability in the web management interface of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform an unauthorized system reset on an affected device. The vulnerability is due to improper authorization controls for a specific URL in the web management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could have a twofold impact: the attacker could either change the administrator password, gaining privileged access, or reset the network configuration details, causing a denial of service (DoS) condition. In both scenarios, manual intervention is required to restore normal operations.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-15956
Partager : LinkedIn / Twitter / Facebook

CVE-2019-15958 - A vulnerability in the REST API of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network Manager (EPNM) could allow an unauthenticated remote attacker to execute arbitrary code with root privileges on the underlying operating system. The vulnerability is due to insufficient input validation during the initial High Availability (HA) configuration and registration process of an affected device. An attacker could exploit this vulnerability by uploading a malicious file during the HA registration period. A successful exploit could allow the attacker to execute arbitrary code with root-level privileges on the underlying operating system. Note: This vulnerability can only be exploited during the HA registration period. See the Details section for more information.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-15958
Partager : LinkedIn / Twitter / Facebook

CVE-2019-15972 - A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management interface improperly validates SQL values. An attacker could exploit this vulnerability by authenticating to the application and sending malicious requests to an affected system. A successful exploit could allow the attacker to modify values on or return values from the underlying database.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-15972
Partager : LinkedIn / Twitter / Facebook

CVE-2019-15986 - A vulnerability in the CLI of Cisco Unity Express could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. To exploit this vulnerability, an attacker would need valid administrator credentials. The vulnerability is due to improper input validation for certain CLI commands that are executed on a vulnerable system. An attacker could exploit this vulnerability by logging in to the system and sending crafted CLI commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-15986
Partager : LinkedIn / Twitter / Facebook

CVE-2019-15987 - A vulnerability in web interface of the Cisco Webex Event Center, Cisco Webex Meeting Center, Cisco Webex Support Center, and Cisco Webex Training Center could allow an unauthenticated, remote attacker to guess account usernames. The vulnerability is due to missing CAPTCHA protection in certain URLs. An attacker could exploit this vulnerability by sending a crafted request to the web interface. A successful exploit could allow the attacker to know if a given username is valid and find the real name of the user.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-15987
Partager : LinkedIn / Twitter / Facebook

CVE-2019-15995 - A vulnerability in the web UI of Cisco DNA Spaces: Connector could allow an authenticated, remote attacker to execute arbitrary SQL queries. The vulnerability exists because the web UI does not properly validate user-supplied input. An attacker could exploit this vulnerability by entering malicious SQL statements in an affected field in the web UI. A successful exploit could allow the attacker to remove the SQL database, which would require the reinstallation of the Connector VM.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-15995
Partager : LinkedIn / Twitter / Facebook

CVE-2019-15996 - A vulnerability in Cisco DNA Spaces: Connector could allow an authenticated, local attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root. The vulnerability is due to insufficient restrictions during the execution of an affected CLI command. An attacker could exploit this vulnerability by leveraging the insufficient restrictions to modify sensitive files. A successful exploit could allow the attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-15996
Partager : LinkedIn / Twitter / Facebook

CVE-2019-15997 - A vulnerability in Cisco DNA Spaces: Connector could allow an authenticated, local attacker to perform a command injection attack and execute arbitrary commands on the underlying operating system as root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command. An attacker could exploit this vulnerability by including malicious input during the execution of the affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system as root.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-15997
Partager : LinkedIn / Twitter / Facebook

CVE-2019-16201 - WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Service cause by looping/backtracking. A victim must expose a WEBrick server that uses DigestAuth to the Internet or a untrusted network.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-16201
Partager : LinkedIn / Twitter / Facebook

CVE-2019-16254 - Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows HTTP Response Splitting. If a program using WEBrick inserts untrusted input into the response header, an attacker can exploit it to insert a newline character to split a header, and inject malicious content to deceive clients. NOTE: this issue exists because of an incomplete fix for CVE-2017-17742, which addressed the CRLF vector, but did not address an isolated CR or an isolated LF.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-16254
Partager : LinkedIn / Twitter / Facebook

CVE-2019-16255 - Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the "command" argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. An attacker can exploit this to call an arbitrary Ruby method.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-16255
Partager : LinkedIn / Twitter / Facebook

CVE-2019-16386 - PEGA Platform 7.x and 8.x is vulnerable to Information disclosure via a direct prweb/sso/random_token/!STANDARD?pyActivity=GetWebInfo&target=popup&pzHarnessID=random_harness_id request to get database schema information while using a low-privilege account.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-16386
Partager : LinkedIn / Twitter / Facebook

CVE-2019-16772 - The serialize-to-js NPM package before version 3.0.1 is vulnerable to Cross-site Scripting (XSS). It does not properly mitigate against unsafe characters in serialized regular expressions. This vulnerability is not affected on Node.js environment since Node.js's implementation of RegExp.prototype.toString() backslash-escapes all forward slashes in regular expressions. If serialized data of regular expression objects are used in an environment other than Node.js, it is affected by this vulnerability.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-16772
Partager : LinkedIn / Twitter / Facebook

CVE-2019-18675 - The Linux kernel through 5.3.13 has a start_offset+size Integer Overflow in cpia2_remap_buffer in drivers/media/usb/cpia2/cpia2_core.c because cpia2 has its own mmap implementation. This allows local users (with /dev/video0 access) to obtain read and write permissions on kernel physical pages, which can possibly result in a privilege escalation.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-18675
Partager : LinkedIn / Twitter / Facebook

CVE-2019-18676 - An issue was discovered in Squid 3.x and 4.x through 4.8. Due to incorrect input validation, there is a heap-based buffer overflow that can result in Denial of Service to all clients using the proxy. Severity is high due to this vulnerability occurring before normal security checks; any remote client that can reach the proxy port can trivially perform the attack via a crafted URI scheme.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-18676
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19017 - An issue was discovered in TitanHQ WebTitan before 5.18. The appliance has a hard-coded root password set during installation. An attacker could utilize this to gain root privileges on the system.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19017
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19018 - An issue was discovered in TitanHQ WebTitan before 5.18. It exposes a database configuration file under /include/dbconfig.ini in the web administration interface, revealing what database the web application is using.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19018
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19019 - An issue was discovered in TitanHQ WebTitan before 5.18. It contains a Remote Code Execution issue through which an attacker can execute arbitrary code as root. The issue stems from the hotfix download mechanism, which downloads a shell script via HTTP, and then executes it as root. This is analogous to CVE-2019-6800 but for a different product.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19019
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19020 - An issue was discovered in TitanHQ WebTitan before 5.18. In the administration web interface it is possible to upload a crafted backup file that enables an attacker to execute arbitrary code by overwriting existing files or adding new PHP files under the web root. This requires the attacker to have access to a valid web interface account.
09/12/2019 | https://nvd.nist.gov/vuln/detail/CVE-2019-19020
Partager : LinkedIn / Twitter / Facebook