CVE List - 2019 / October
Showing 301 - 400 of 1566 CVEs for October 2019 (Page 4 of 16)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2019-17243 | 2019-10-08 | IrfanView 4.53 allows Data from a Faulting Address to control Code Flow starting at JPEG_LS+0x0000000000003155. |
| CVE-2019-17244 | 2019-10-08 | IrfanView 4.53 allows Data from a Faulting Address to control Code Flow starting at JPEG_LS+0x0000000000001d8a. |
| CVE-2019-17245 | 2019-10-08 | IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x0000000000004359. |
| CVE-2019-17246 | 2019-10-08 | IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x000000000000258c. |
| CVE-2019-17247 | 2019-10-08 | IrfanView 4.53 allows Data from a Faulting Address to control a subsequent Write Address starting at JPEG_LS+0x0000000000007da8. |
| CVE-2019-17248 | 2019-10-08 | IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x00000000000025b6. |
| CVE-2019-17249 | 2019-10-08 | IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x000000000000d57b. |
| CVE-2019-17250 | 2019-10-08 | IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x00000000000042f5. |
| CVE-2019-17251 | 2019-10-08 | IrfanView 4.53 allows a User Mode Write AV starting at FORMATS!GetPlugInInfo+0x0000000000007d43. |
| CVE-2019-17252 | 2019-10-08 | IrfanView 4.53 allows a User Mode Write AV starting at FORMATS!Read_BadPNG+0x0000000000000115. |
| CVE-2019-17253 | 2019-10-08 | IrfanView 4.53 allows a User Mode Write AV starting at JPEG_LS+0x000000000000a6b8. |
| CVE-2019-17254 | 2019-10-08 | IrfanView 4.53 allows Data from a Faulting Address to control a subsequent Write Address starting at FORMATS!Read_BadPNG+0x0000000000000101. |
| CVE-2019-17255 | 2019-10-08 | IrfanView 4.53 allows a User Mode Write AV starting at EXR!ReadEXR+0x0000000000010836. |
| CVE-2019-17256 | 2019-10-08 | IrfanView 4.53 allows a User Mode Write AV starting at DPX!ReadDPX_W+0x0000000000001203. |
| CVE-2019-17257 | 2019-10-08 | IrfanView 4.53 allows a Exception Handler Chain to be Corrupted starting at EXR!ReadEXR+0x000000000002af80. |
| CVE-2019-17258 | 2019-10-08 | IrfanView 4.53 allows Data from a Faulting Address to control a subsequent Write Address starting at JPEG_LS+0x000000000000839c. |
| CVE-2019-14656 | 2019-10-08 | Yealink phones through 2019-08-04 do not properly check user roles in POST requests. Consequently, the default User account (with a password of user) can make admin requests via HTTP. |
| CVE-2019-14657 | 2019-10-08 | Yealink phones through 2019-08-04 have an issue with OpenVPN file upload. They execute tar as root to extract files, but do not validate the extraction directory. Creating a tar file... |
| CVE-2019-16416 | 2019-10-08 | HRworks 3.36.9 allows XSS via the purpose of a travel-expense report. |
| CVE-2019-16417 | 2019-10-08 | HRworks FLOW 3.36.9 allows XSS via the purpose of a travel-expense report. |
| CVE-2019-16929 | 2019-10-08 | Auth0 auth0.net before 6.5.4 has Incorrect Access Control because IdentityTokenValidator can be accidentally used to validate untrusted ID tokens. |
| CVE-2018-21020 | 2019-10-08 | In very rare cases, a PHP type juggling vulnerability in centreonAuth.class.php in Centreon Web before 2.8.27 allows attackers to bypass authentication mechanisms in place. |
| CVE-2018-21021 | 2019-10-08 | img_gantt.php in Centreon Web before 2.8.27 allows attackers to perform SQL injections via the host_id parameter. |
| CVE-2019-17352 | 2019-10-08 | In JFinal cos before 2019-08-13, as used in JFinal 4.4, there is a vulnerability that can bypass the isSafeFile() function: one can upload any type of file. For example, a... |
| CVE-2018-21022 | 2019-10-08 | makeXML_ListServices.php in Centreon Web before 2.8.28 allows attackers to perform SQL injections via the host_id parameter. |
| CVE-2018-21023 | 2019-10-08 | getStats.php in Centreon Web before 2.8.28 allows authenticated attackers to execute arbitrary code via the ns_id parameter. |
| CVE-2018-21025 | 2019-10-08 | In Centreon VM through 19.04.3, centreon-backup.pl allows attackers to become root via a crafted script, due to incorrect rights of sourced configuration files. |
| CVE-2019-17104 | 2019-10-08 | In Centreon VM through 19.04.3, the cookie configuration within the Apache HTTP Server does not protect against theft because the HTTPOnly flag is not set. |
| CVE-2019-17106 | 2019-10-08 | In Centreon Web through 2.8.29, disclosure of external components' passwords allows authenticated attackers to move laterally to external components. |
| CVE-2019-17107 | 2019-10-08 | minPlayCommand.php in Centreon Web before 2.8.27 allows authenticated attackers to execute arbitrary code via the command_hostaddress parameter. NOTE: some sources have listed CVE-2019-17017 for this, but that is incorrect. |
| CVE-2019-17108 | 2019-10-08 | Local file inclusion in brokerPerformance.php in Centreon Web before 2.8.28 allows attackers to disclose information or perform a stored XSS attack on a user. |
| CVE-2019-17271 | 2019-10-08 | vBulletin 5.5.4 allows SQL Injection via the ajax/api/hook/getHookList or ajax/api/widget/getWidgetList where parameter. |
| CVE-2019-13336 | 2019-10-08 | The dbell Wi-Fi Smart Video Doorbell DB01-S Gen 1 allows remote attackers to launch commands with no authentication verification via TCP port 81, because the loginuse and loginpass parameters to... |
| CVE-2019-17359 | 2019-10-08 | The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory allocation, and resultant OutOfMemoryError error, via crafted ASN.1 data. This is fixed in... |
| CVE-2018-21024 | 2019-10-08 | licenseUpload.php in Centreon Web before 2.8.27 allows attackers to upload arbitrary files via a POST request. |
| CVE-2019-17187 | 2019-10-08 | /var/WEB-GUI/cgi-bin/downloadfile.cgi on FiberHome HG2201T 1.00.M5007_JS_201804 devices allows pre-authentication Directory Traversal for reading arbitrary files. |
| CVE-2019-17105 | 2019-10-08 | The token generator in index.php in Centreon Web before 2.8.27 is predictable. |
| CVE-2019-17134 | 2019-10-08 | Amphora Images in OpenStack Octavia >=0.10.0 <2.1.2, >=3.0.0 <3.2.0, >=4.0.0 <4.1.0 allows anyone with access to the management network to bypass client-certificate based authentication and retrieve information or issue configuration... |
| CVE-2019-17186 | 2019-10-08 | /var/WEB-GUI/cgi-bin/telnet.cgi on FiberHome HG2201T 1.00.M5007_JS_201804 devices allows pre-authentication remote code execution. |
| CVE-2019-10969 | 2019-10-08 | Moxa EDR 810, all versions 5.1 and prior, allows an authenticated attacker to abuse the ping feature to execute unauthorized commands on the router, which may allow an attacker to... |
| CVE-2019-10963 | 2019-10-08 | Moxa EDR 810, all versions 5.1 and prior, allows an unauthenticated attacker to be able to retrieve some log files from the device, which may allow sensitive information disclosure. Log... |
| CVE-2019-14845 | 2019-10-08 | A vulnerability was found in OpenShift builds, versions 4.1 up to 4.3. Builds that extract source from a container image, bypass the TLS hostname verification. An attacker can take advantage... |
| CVE-2019-14846 | 2019-10-08 | In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin... |
| CVE-2019-10215 | 2019-10-08 | Bootstrap-3-Typeahead after version 4.0.2 is vulnerable to a cross-site scripting flaw in the highlighter() function. An attacker could exploit this via user interaction to execute code in the user's browser. |
| CVE-2019-10756 | 2019-10-08 | It is possible to inject JavaScript within node-red-dashboard versions prior to version 2.17.0 due to the ui_notification node accepting raw HTML by default. |
| CVE-2019-10757 | 2019-10-08 | knex.js versions before 0.19.5 are vulnerable to SQL Injection attack. Identifiers are escaped incorrectly as part of the MSSQL dialect, allowing attackers to craft a malicious query to the host... |
| CVE-2019-0367 | 2019-10-08 | SAP NetWeaver Process Integration (B2B Toolkit), before versions 1.0 and 2.0, does not perform necessary authorization checks for an authenticated user, allowing the import of B2B table content that leads... |
| CVE-2019-0368 | 2019-10-08 | SAP Customer Relationship Management (Email Management), versions: S4CRM before 1.0 and 2.0, BBPCRM before 7.0, 7.01, 7.02, 7.12, 7.13 and 7.14, does not sufficiently encode user-controlled inputs within the mail... |
| CVE-2019-0369 | 2019-10-08 | SAP Financial Consolidation, before versions 10.0 and 10.1, does not sufficiently encode user-controlled inputs, which allows an attacker to execute scripts by uploading files containing malicious scripts, leading to reflected... |
| CVE-2019-0370 | 2019-10-08 | Due to missing input validation, SAP Financial Consolidation, before versions 10.0 and 10.1, enables an attacker to use crafted input to interfere with the structure of the surrounding query leading... |
| CVE-2019-0374 | 2019-10-08 | SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), before versions 4.2 and 4.3, does not sufficiently encode user-controlled inputs and allows execution of scripts in the chart title resulting... |
| CVE-2019-0375 | 2019-10-08 | SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), before versions 4.2 and 4.3, does not sufficiently encode user-controlled inputs and allows execution of scripts in the export dialog box... |
| CVE-2019-0376 | 2019-10-08 | SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), before versions 4.2 and 4.3, does not sufficiently encode user-controlled inputs and allows an attacker to save malicious scripts in the... |
| CVE-2019-0377 | 2019-10-08 | SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), before versions 4.2, does not sufficiently encode user-controlled inputs and allows an attacker to store malicious scripts in the input controls,... |
| CVE-2019-0378 | 2019-10-08 | SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), before version 4.2, does not sufficiently encode user-controlled inputs and allows an attacker to store malicious scripts in the file name... |
| CVE-2019-0379 | 2019-10-08 | SAP Process Integration, business-to-business add-on, versions 1.0, 2.0, does not perform authentication check properly when the default security provider is changed to BouncyCastle (BC), leading to Missing Authentication Check |
| CVE-2019-0381 | 2019-10-08 | A binary planting in SAP SQL Anywhere, before version 17.0, SAP IQ, before version 16.1, and SAP Dynamic Tier, before versions 1.0 and 2.0, can result in the inadvertent access... |
| CVE-2019-0380 | 2019-10-08 | Under certain conditions, SAP Landscape Management enterprise edition, before version 3.0, allows custom secure parameters’ default values to be part of the application logs leading to Information Disclosure. |
| CVE-2019-3980 | 2019-10-08 | The Solarwinds Dameware Mini Remote Client agent v12.1.0.89 supports smart card authentication which can allow a user to upload an executable to be executed on the DWRCS.exe host. An unauthenticated,... |
| CVE-2019-17362 | 2019-10-09 | In LibTomCrypt through 1.18.2, the der_decode_utf8_string function (in der_decode_utf8_string.c) does not properly detect certain invalid UTF-8 sequences. This allows context-dependent attackers to cause a denial of service (out-of-bounds read and... |
| CVE-2019-17382 | 2019-10-09 | An issue was discovered in zabbix.php?action=dashboard.view&dashboardid=1 in Zabbix through 4.4. An attacker can bypass the login page and access the dashboard page, and then create a Dashboard, Report, Screen, or... |
| CVE-2019-17402 | 2019-10-09 | Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimage_int.cpp, because there is no validation of the relationship of the total size... |
| CVE-2019-16905 | 2019-10-09 | OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a... |
| CVE-2019-17368 | 2019-10-09 | S-CMS v1.5 has XSS in tpl.php via the member/member_login.php from parameter. |
| CVE-2019-17369 | 2019-10-09 | OTCMS v3.85 has CSRF in the admin/member_deal.php Admin Panel page, leading to creation of a new management group account, as demonstrated by superadmin. |
| CVE-2019-17370 | 2019-10-09 | OTCMS v3.85 allows arbitrary PHP Code Execution because admin/sysCheckFile_deal.php blocks "into outfile" in a SELECT statement, but does not block the "into/**/outfile" manipulation. Therefore, the attacker can create a .php... |
| CVE-2019-13051 | 2019-10-09 | Pi-Hole 4.3 allows Command Injection. |
| CVE-2019-15719 | 2019-10-09 | Altair PBS Professional through 19.1.2 allows Privilege Escalation because an attacker can send a message directly to pbs_mom, which fails to properly authenticate the message. This results in code execution... |
| CVE-2019-17353 | 2019-10-09 | An issue discovered on D-Link DIR-615 devices with firmware version 20.05 and 20.07. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN,... |
| CVE-2019-17354 | 2019-10-09 | wan.htm page on Zyxel NBG-418N v2 with firmware version V1.00(AARP.9)C0 can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be... |
| CVE-2019-17372 | 2019-10-09 | Certain NETGEAR devices allow remote attackers to disable all authentication requirements by visiting genieDisableLanChanged.cgi. The attacker can then, for example, visit MNU_accessPassword_recovered.html to obtain a valid new admin password. This... |
| CVE-2019-17373 | 2019-10-09 | Certain NETGEAR devices allow unauthenticated access to critical .cgi and .htm pages via a substring ending with .jpg, such as by appending ?x=1.jpg to a URL. This affects MBR1515, MBR1516,... |
| CVE-2019-17371 | 2019-10-09 | gif2png 2.5.13 has a memory leak in the writefile function. |
| CVE-2019-11212 | 2019-10-09 | TIBCO MDM Exposes Cross-Site Scripting Vulnerabilities |
| CVE-2018-5732 | 2019-10-09 | A specially constructed response from a malicious server can cause a buffer overflow in dhclient |
| CVE-2018-5743 | 2019-10-09 | Limiting simultaneous TCP clients was ineffective |
| CVE-2018-5744 | 2019-10-09 | A specially crafted packet can cause named to leak memory |
| CVE-2018-5745 | 2019-10-09 | An assertion failure can occur if a trust anchor rolls over to an unsupported key algorithm when using managed-keys |
| CVE-2019-6465 | 2019-10-09 | Zone transfer controls for writable DLZ zones were not effective |
| CVE-2019-6467 | 2019-10-09 | An error in the nxdomain redirect feature can cause BIND to exit with an INSIST assertion failure in query.c |
| CVE-2019-6468 | 2019-10-09 | BIND Supported Preview Edition can exit with an assertion failure if nxdomain-redirect is used |
| CVE-2019-6469 | 2019-10-09 | BIND Supported Preview Edition can exit with an assertion failure if ECS is in use |
| CVE-2019-6471 | 2019-10-09 | A race condition when discarding malformed packets can cause BIND to exit with an assertion failure |
| CVE-2019-3652 | 2019-10-09 | ENS code injection in EPSetup.exe |
| CVE-2019-3653 | 2019-10-09 | ESConfig Tool access not controlled |
| CVE-2019-17383 | 2019-10-09 | The netaddr gem before 2.0.4 for Ruby has misconfigured file permissions, such that a gem install may result in 0777 permissions in the target filesystem. |
| CVE-2019-11341 | 2019-10-09 | On certain Samsung P(9.0) phones, an attacker with physical access can start a TCP Dump capture without the user's knowledge. This feature of the Service Mode application is available after... |
| CVE-2019-4512 | 2019-10-09 | IBM Maximo Asset Management 7.6.1.1 generates an error message that includes sensitive information that could be used in further attacks against the system. IBM X-Force ID: 164554. |
| CVE-2019-4558 | 2019-10-09 | A security vulnerability has been identified in all levels of IBM Spectrum Scale V5.0.0.0 through V5.0.3.2 and IBM Spectrum Scale V4.2.0.0 through V4.2.3.17 that could allow a local attacker to... |
| CVE-2019-14808 | 2019-10-09 | An issue was discovered in the RENPHO application 3.0.0 for iOS. It transmits JSON data unencrypted to a server without an integrity check, if a user changes personal data in... |
| CVE-2019-15859 | 2019-10-09 | Password disclosure in the web interface on socomec DIRIS A-40 devices before 48250501 allows a remote attacker to get full access to a device via the /password.jsn URI. |
| CVE-2019-17128 | 2019-10-09 | Netreo OmniCenter through 12.1.1 allows unauthenticated SQL Injection (Boolean Based Blind) in the redirect parameters and parameter name of the login page through a GET request. The injection allows an... |
| CVE-2019-17375 | 2019-10-09 | cPanel before 82.0.15 allows API token credentials to persist after an account has been renamed or terminated (SEC-517). |
| CVE-2019-17376 | 2019-10-09 | cPanel before 82.0.15 allows self XSS in the SSL Certificate Upload interface (SEC-521). |
| CVE-2019-17377 | 2019-10-09 | cPanel before 82.0.15 allows self XSS in LiveAPI example scripts (SEC-524). |
| CVE-2019-17378 | 2019-10-09 | cPanel before 82.0.15 allows self XSS in the SSL Key Delete interface (SEC-526). |
| CVE-2019-17379 | 2019-10-09 | cPanel before 82.0.15 allows self stored XSS in the WHM SSL Storage Manager interface (SEC-527). |
| CVE-2019-17380 | 2019-10-09 | cPanel before 82.0.15 allows self XSS in the WHM Update Preferences interface (SEC-528). |
| CVE-2019-15226 | 2019-10-09 | Upon receiving each incoming request header data, Envoy will iterate over existing request headers to verify that the total size of the headers stays below a maximum limit. The implementation... |
| CVE-2019-13529 | 2019-10-09 | An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions with the permissions of the user on the Sunny WebBox Firmware... |