CVE List - 2019 / November
Showing 301 - 400 of 1679 CVEs for November 2019 (Page 4 of 17)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2018-20853 | 2019-11-06 | An issue was discovered in the MailPoet Newsletters (aka wysija-newsletters)... |
| CVE-2014-3180 | 2019-11-06 | In kernel/compat.c in the Linux kernel before 3.17, as used... |
| CVE-2019-5084 | 2019-11-06 | An exploitable heap out-of-bounds write vulnerability exists in the TIF-parsing... |
| CVE-2019-5099 | 2019-11-06 | An exploitable integer underflow vulnerability exists in the CMP-parsing functionality... |
| CVE-2019-5125 | 2019-11-06 | An exploitable heap overflow vulnerability exists in the JPEG2000 parsing... |
| CVE-2019-5100 | 2019-11-06 | An exploitable integer overflow vulnerability exists in the BMP header... |
| CVE-2009-5045 | 2019-11-06 | Dump Servlet information leak in jetty before 6.1.22. |
| CVE-2009-5046 | 2019-11-06 | JSP Dump and Session Dump Servlet XSS in jetty before... |
| CVE-2019-12406 | 2019-11-06 | Apache CXF before 3.3.4 and 3.2.11 does not restrict the... |
| CVE-2011-2808 | 2019-11-06 | A stale layout root is set as an input element... |
| CVE-2019-12419 | 2019-11-06 | Apache CXF before 3.3.4 and 3.2.11 provides all of the... |
| CVE-2014-9014 | 2019-11-06 | Directory traversal vulnerability in the ajaxinit function in wpmarketplace/libs/cart.php in... |
| CVE-2014-9013 | 2019-11-06 | The ajaxinit function in wpmarketplace/libs/cart.php in the WP Marketplace plugin... |
| CVE-2019-18411 | 2019-11-06 | Zoho ManageEngine ADSelfService Plus 5.x through 5803 has CSRF on... |
| CVE-2019-16400 | 2019-11-06 | Samsung Galaxy S8 plus (Android version: 8.0.0, Build Number: R16NW.G955USQU5CRG3,... |
| CVE-2019-16401 | 2019-11-06 | Samsung Galaxy S8 plus (Android version: 8.0.0, Build Number: R16NW.G955USQU5CRG3,... |
| CVE-2019-15003 | 2019-11-07 | The Customer Context Filter in Atlassian Jira Service Desk Server... |
| CVE-2019-15004 | 2019-11-07 | The Customer Context Filter in Atlassian Jira Service Desk Server... |
| CVE-2019-18804 | 2019-11-07 | DjVuLibre 3.5.27 has a NULL pointer dereference in the function... |
| CVE-2019-18805 | 2019-11-07 | An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel... |
| CVE-2019-12331 | 2019-11-07 | PHPOffice PhpSpreadsheet before 1.8.0 has an XXE issue. The XmlScanner... |
| CVE-2019-6337 | 2019-11-07 | For the printers listed a maliciously crafted print file might... |
| CVE-2019-16873 | 2019-11-07 | Portainer before 1.22.1 has XSS (issue 1 of 2). |
| CVE-2019-16874 | 2019-11-07 | Portainer before 1.22.1 has Incorrect Access Control (issue 2 of... |
| CVE-2019-17222 | 2019-11-07 | An issue was discovered on Intelbras WRN 150 1.0.17 devices.... |
| CVE-2019-16872 | 2019-11-07 | Portainer before 1.22.1 has Incorrect Access Control (issue 1 of... |
| CVE-2019-16876 | 2019-11-07 | Portainer before 1.22.1 allows Directory Traversal. |
| CVE-2019-16878 | 2019-11-07 | Portainer before 1.22.1 has XSS (issue 2 of 2). |
| CVE-2019-16877 | 2019-11-07 | Portainer before 1.22.1 has Incorrect Access Control (issue 4 of... |
| CVE-2019-17605 | 2019-11-07 | A mass assignment vulnerability in eyecomms eyeCMS through 2019-10-15 allows... |
| CVE-2019-17604 | 2019-11-07 | An Insecure Direct Object Reference (IDOR) vulnerability in eyecomms eyeCMS... |
| CVE-2019-18814 | 2019-11-07 | An issue was discovered in the Linux kernel through 5.3.9.... |
| CVE-2019-18813 | 2019-11-07 | A memory leak in the dwc3_pci_probe() function in drivers/usb/dwc3/dwc3-pci.c in... |
| CVE-2019-18812 | 2019-11-07 | A memory leak in the sof_dfsentry_write() function in sound/soc/sof/debug.c in... |
| CVE-2019-18811 | 2019-11-07 | A memory leak in the sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c in... |
| CVE-2019-18810 | 2019-11-07 | A memory leak in the komeda_wb_connector_add() function in drivers/gpu/drm/arm/display/komeda/komeda_wb_connector.c in... |
| CVE-2019-18809 | 2019-11-07 | A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in... |
| CVE-2019-18808 | 2019-11-07 | A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in... |
| CVE-2019-18807 | 2019-11-07 | Two memory leaks in the sja1105_static_config_upload() function in drivers/net/dsa/sja1105/sja1105_spi.c in... |
| CVE-2019-18806 | 2019-11-07 | A memory leak in the ql_alloc_large_buffers() function in drivers/net/ethernet/qlogic/qla3xxx.c in... |
| CVE-2019-18816 | 2019-11-07 | po-admin/route.php?mod=post&act=edit in PopojiCMS 2.0.1 allows post[1][content]= stored XSS. |
| CVE-2019-18815 | 2019-11-07 | PopojiCMS 2.0.1 allows refer= Open Redirection. |
| CVE-2011-2807 | 2019-11-07 | Incorrect handling of timer information in Timer.cpp in WebKit in... |
| CVE-2011-2353 | 2019-11-07 | Use after free vulnerability in documentloader in WebKit in Google... |
| CVE-2010-2243 | 2019-11-07 | A vulnerability exists in kernel/time/clocksource.c in the Linux kernel before... |
| CVE-2011-2337 | 2019-11-07 | A wrong type is used for a return value from... |
| CVE-2012-0049 | 2019-11-07 | OpenTTD before 1.1.5 contains a Denial of Service (slow read... |
| CVE-2012-0051 | 2019-11-07 | Tahoe-LAFS 1.9.0 fails to ensure integrity which allows remote attackers... |
| CVE-2011-2336 | 2019-11-07 | An issue exists in WebKit in Google Chrome before Blink... |
| CVE-2010-2250 | 2019-11-07 | Drupal 5.x and 6.x before 6.16 uses a user-supplied value... |
| CVE-2010-2472 | 2019-11-07 | Locale module and dependent contributed modules in Drupal 6.x before... |
| CVE-2019-3764 | 2019-11-07 | Dell EMC iDRAC7 versions prior to 2.65.65.65, iDRAC8 versions prior... |
| CVE-2010-2473 | 2019-11-07 | Drupal 6.x before 6.16 and 5.x before version 5.22 does... |
| CVE-2019-11996 | 2019-11-07 | Potential security vulnerabilities have been identified with HPE Nimble Storage... |
| CVE-2019-3465 | 2019-11-07 | Rob Richards XmlSecLibs, all versions prior to v3.0.3, as used... |
| CVE-2019-3422 | 2019-11-07 | The Sec Consult Security Lab reported an information disclosure vulnerability... |
| CVE-2010-2447 | 2019-11-07 | gitolite before 1.4.1 does not filter src/ or hooks/ from... |
| CVE-2010-2449 | 2019-11-07 | Gource through 0.26 logs to a predictable file name (/tmp/gource-$UID.tmp),... |
| CVE-2010-2450 | 2019-11-07 | The keygen.sh script in Shibboleth SP 2.0 (located in /usr/local/etc/shibboleth... |
| CVE-2010-2476 | 2019-11-07 | syscp 1.4.2.1 allows attackers to add arbitrary paths via the... |
| CVE-2013-1425 | 2019-11-07 | ldap-git-backup before 1.0.4 exposes password hashes due to incorrect directory... |
| CVE-2019-18820 | 2019-11-07 | Eximious Logo Designer 3.82 has Heap Corruption starting at ntdll!RtlpNtMakeTemporaryKey+0x0000000000001a78. |
| CVE-2019-18821 | 2019-11-07 | Eximious Logo Designer 3.82 has a User Mode Write AV... |
| CVE-2019-18819 | 2019-11-07 | Eximious Logo Designer 3.82 has a User Mode Write AV... |
| CVE-2013-1426 | 2019-11-07 | Cross-site Scripting (XSS) in Mahara before 1.5.9 and 1.6.x before... |
| CVE-2018-18674 | 2019-11-07 | GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject... |
| CVE-2019-18818 | 2019-11-07 | strapi before 3.0.0-beta.17.5 mishandles password resets within packages/strapi-admin/controllers/Auth.js and packages/strapi-plugin-users-permissions/controllers/Auth.js. |
| CVE-2007-3732 | 2019-11-07 | In Linux 2.6 before 2.6.23, the TRACE_IRQS_ON function in iret_exc... |
| CVE-2007-3915 | 2019-11-07 | Mondo 2.24 has insecure handling of temporary files. |
| CVE-2013-1429 | 2019-11-07 | Lintian before 2.5.12 allows remote attackers to gather information about... |
| CVE-2013-1751 | 2019-11-07 | TWiki before 5.1.4 allows remote attackers to execute arbitrary shell... |
| CVE-2007-5743 | 2019-11-07 | viewvc 1.0.3 allows improper access control to files in a... |
| CVE-2013-1771 | 2019-11-07 | The web server Monkeyd produces a world-readable log (/var/log/monkeyd/master.log) on... |
| CVE-2007-6745 | 2019-11-07 | clamav 0.91.2 suffers from a floating point exception when using... |
| CVE-2013-1809 | 2019-11-07 | Gambas before 3.4.0 allows remote attackers to move or manipulate... |
| CVE-2013-1811 | 2019-11-07 | An access control issue in MantisBT before 1.2.13 allows users... |
| CVE-2008-3278 | 2019-11-07 | frysk packages through 2008-08-05 as shipped in Red Hat Enterprise... |
| CVE-2019-18835 | 2019-11-07 | Matrix Synapse before 1.5.0 mishandles signature checking on some federation... |
| CVE-2008-5083 | 2019-11-07 | In JON 2.1.x before 2.1.2 SP1, users can obtain unauthorized... |
| CVE-2008-7272 | 2019-11-07 | FireGPG before 0.6 handle user’s passphrase and decrypted cleartext insecurely... |
| CVE-2008-7291 | 2019-11-07 | gri before 2.12.18 generates temporary files in an insecure way. |
| CVE-2019-15005 | 2019-11-08 | The Atlassian Troubleshooting and Support Tools plugin prior to version... |
| CVE-2013-1820 | 2019-11-08 | tuned before 2.x allows local users to kill running processes... |
| CVE-2019-10222 | 2019-11-08 | A flaw was found in the Ceph RGW configuration with... |
| CVE-2019-14824 | 2019-11-08 | A flaw was found in the 'deref' plugin of 389-ds-base... |
| CVE-2019-14860 | 2019-11-08 | It was found that the Syndesis configuration for Cross-Origin Resource... |
| CVE-2019-3866 | 2019-11-08 | An information-exposure vulnerability was discovered where openstack-mistral's undercloud log files... |
| CVE-2019-10219 | 2019-11-08 | A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation... |
| CVE-2013-1889 | 2019-11-08 | mod_ruid2 before 0.9.8 improperly handles file descriptors which allows remote... |
| CVE-2019-16207 | 2019-11-08 | Brocade SANnav versions before v2.0 use a hard-coded password, which... |
| CVE-2019-16208 | 2019-11-08 | Password-based encryption (PBE) algorithm, of Brocade SANnav versions before v2.0,... |
| CVE-2019-16210 | 2019-11-08 | Brocade SANnav versions before v2.0, logs plain text database connection... |
| CVE-2019-16205 | 2019-11-08 | A vulnerability, in Brocade SANnav versions before v2.0, could allow... |
| CVE-2019-16206 | 2019-11-08 | The authentication mechanism, in Brocade SANnav versions before v2.0, logs... |
| CVE-2019-16209 | 2019-11-08 | A vulnerability, in The ReportsTrustManager class of Brocade SANnav versions... |
| CVE-2019-13557 | 2019-11-08 | In Tasy EMR, Tasy WebPortal Versions 3.02.1757 and prior, there... |
| CVE-2019-18623 | 2019-11-08 | Escalation of privileges in EnergyCAP 7 through 7.5.6 allows an... |
| CVE-2019-17327 | 2019-11-08 | JEUS 7 Fix#0~5 and JEUS 8Fix#0~1 versions contains a directory... |
| CVE-2019-17661 | 2019-11-08 | A CSV injection in the codepress-admin-columns (aka Admin Columns) plugin... |
| CVE-2019-12410 | 2019-11-08 | While investigating UBSAN errors in https://github.com/apache/arrow/pull/5365 it was discovered Apache... |