CVE List - 2019 / November
Showing 1101 - 1200 of 1679 CVEs for November 2019 (Page 12 of 17)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2019-10083 | 2019-11-19 | When updating a Process Group via the API in NiFi... |
| CVE-2011-3349 | 2019-11-19 | lightdm before 0.9.6 writes in .dmrc and Xauthority files using... |
| CVE-2011-3350 | 2019-11-19 | masqmail 0.2.21 through 0.2.30 improperly calls seteuid() in src/log.c and... |
| CVE-2011-3352 | 2019-11-19 | Zikula 1.3.0 build #3168 and probably prior has XSS flaw... |
| CVE-2019-6176 | 2019-11-20 | A potential vulnerability reported in ThinkPad USB-C Dock Firmware version... |
| CVE-2019-6184 | 2019-11-20 | A potential vulnerability in the discontinued Customer Engagement Service (CCSDK)... |
| CVE-2019-6186 | 2019-11-20 | A potential vulnerability was reported in Lenovo System Interface Foundation... |
| CVE-2019-6187 | 2019-11-20 | A stored CSV Injection vulnerability was reported in Lenovo XClarity... |
| CVE-2019-6189 | 2019-11-20 | A potential vulnerability was reported in Lenovo System Interface Foundation... |
| CVE-2019-6191 | 2019-11-20 | A potential vulnerability in the discontinued LenovoPaper software version 1.0.0.22... |
| CVE-2019-15071 | 2019-11-20 | Openfind MAIL2000 Webmail Pre-Auth Cross-Site Scripting |
| CVE-2019-15073 | 2019-11-20 | Openfind MAIL2000 Webmail Pre-Auth Open Redirect |
| CVE-2019-15072 | 2019-11-20 | Openfind MAIL2000 Webmail Post-Auth Cross-Site Scripting |
| CVE-2019-16200 | 2019-11-20 | GNU Serveez through 0.2.2 has an Information Leak. An attacker... |
| CVE-2012-6136 | 2019-11-20 | tuned 2.10.0 creates its PID file with insecure permissions which... |
| CVE-2013-0193 | 2019-11-20 | Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attackers... |
| CVE-2013-0194 | 2019-11-20 | Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attackers... |
| CVE-2013-0195 | 2019-11-20 | Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attackers... |
| CVE-2011-1028 | 2019-11-20 | The $smarty.template variable in Smarty3 allows attackers to possibly execute... |
| CVE-2016-5194 | 2019-11-20 | Unspecified vulnerabilities in Google Chrome before 54.0.2840.59. |
| CVE-2016-9652 | 2019-11-20 | Multiple unspecified vulnerabilities in Google Chrome before 55.0.2883.75. |
| CVE-2019-5540 | 2019-11-20 | VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1)... |
| CVE-2019-5541 | 2019-11-20 | VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1)... |
| CVE-2019-5542 | 2019-11-20 | VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1)... |
| CVE-2011-0529 | 2019-11-20 | Weborf before 0.12.5 is affected by a Denial of Service... |
| CVE-2019-10765 | 2019-11-20 | iobroker.admin before 3.6.12 allows attacker to include file contents from... |
| CVE-2010-4660 | 2019-11-20 | Unspecified vulnerability in statusnet through 2010 due to the way... |
| CVE-2019-4530 | 2019-11-20 | IBM Maximo Asset Management 7.6, 7.6.1, and 7.6.1.1 could allow... |
| CVE-2019-4561 | 2019-11-20 | IBM Security Identity Manager 6.0.0 could allow a remote attacker... |
| CVE-2010-4659 | 2019-11-20 | Cross-site scripting (XSS) vulnerability in statusnet through 2010 in error... |
| CVE-2019-18858 | 2019-11-20 | CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS... |
| CVE-2019-3466 | 2019-11-20 | The pg_ctlcluster script in postgresql-common in versions prior to 210... |
| CVE-2015-1606 | 2019-11-20 | The keyring DB in GnuPG before 2.1.2 does not properly... |
| CVE-2015-1607 | 2019-11-20 | kbx/keybox-search.c in GnuPG before 1.4.19, 2.0.x before 2.0.27, and 2.1.x... |
| CVE-2011-4454 | 2019-11-20 | Multiple cross-site scripting vulnerabilities in Tiki 8.0 RC1 and earlier... |
| CVE-2011-4455 | 2019-11-20 | Multiple cross-site scripting vulnerabilities in Tiki 7.2 and earlier allow... |
| CVE-2013-1816 | 2019-11-20 | MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers... |
| CVE-2012-1257 | 2019-11-20 | Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows... |
| CVE-2013-1817 | 2019-11-20 | MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error... |
| CVE-2013-2091 | 2019-11-20 | SQL injection vulnerability in Dolibarr ERP/CRM 3.3.1 allows remote attackers... |
| CVE-2013-2092 | 2019-11-20 | Cross-site Scripting (XSS) in Dolibarr ERP/CRM 3.3.1 allows remote attackers... |
| CVE-2013-2093 | 2019-11-20 | Dolibarr ERP/CRM 3.3.1 does not properly validate user input in... |
| CVE-2015-3167 | 2019-11-20 | contrib/pgcrypto in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before... |
| CVE-2015-3166 | 2019-11-20 | The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16,... |
| CVE-2019-6853 | 2019-11-20 | A CWE-79: Failure to Preserve Web Page Structure vulnerability exists... |
| CVE-2019-6852 | 2019-11-20 | A CWE-200: Information Exposure vulnerability exists in Modicon Controllers (M340... |
| CVE-2019-19221 | 2019-11-21 | In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c has an out-of-bounds read... |
| CVE-2019-19039 | 2019-11-21 | __btrfs_free_extent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls... |
| CVE-2019-19036 | 2019-11-21 | btrfs_root_node in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows... |
| CVE-2019-19037 | 2019-11-21 | ext4_empty_dir in fs/ext4/namei.c in the Linux kernel through 5.3.12 allows... |
| CVE-2013-7171 | 2019-11-21 | Slackware 14.0 and 14.1, and Slackware LLVM 3.0-i486-2 and 3.3-i486-2,... |
| CVE-2012-2238 | 2019-11-21 | trytond 2.4: ModelView.button fails to validate authorization |
| CVE-2013-7172 | 2019-11-21 | Slackware 13.1, 13.37, 14.0 and 14.1 contain world-writable permissions on... |
| CVE-2012-2350 | 2019-11-21 | pam_shield before 0.9.4: Default configuration does not perform protective action |
| CVE-2014-0083 | 2019-11-21 | The Ruby net-ldap gem before 0.11 uses a weak salt... |
| CVE-2012-3543 | 2019-11-21 | mono 2.10.x ASP.NET Web Form Hash collision DoS |
| CVE-2012-3460 | 2019-11-21 | cumin: At installation postgresql database user created without password |
| CVE-2014-0084 | 2019-11-21 | Ruby gem openshift-origin-node before 2014-02-14 does not contain a cronjob... |
| CVE-2019-18958 | 2019-11-21 | Nitro Pro before 13.2 creates a debug.log file in the... |
| CVE-2019-16538 | 2019-11-21 | A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.67... |
| CVE-2019-16539 | 2019-11-21 | A missing permission check in Jenkins Support Core Plugin 2.63... |
| CVE-2019-16540 | 2019-11-21 | A path traversal vulnerability in Jenkins Support Core Plugin 2.63... |
| CVE-2019-16541 | 2019-11-21 | Jenkins JIRA Plugin 3.0.10 and earlier does not declare the... |
| CVE-2019-16542 | 2019-11-21 | Jenkins Anchore Container Image Scanner Plugin 1.0.19 and earlier stores... |
| CVE-2019-16543 | 2019-11-21 | Jenkins Spira Importer Plugin 3.2.2 and earlier stores credentials unencrypted... |
| CVE-2019-16544 | 2019-11-21 | Jenkins QMetry for JIRA - Test Management Plugin 1.12 and... |
| CVE-2019-16545 | 2019-11-21 | Jenkins QMetry for JIRA - Test Management Plugin transmits credentials... |
| CVE-2019-16546 | 2019-11-21 | Jenkins Google Compute Engine Plugin 4.1.1 and earlier does not... |
| CVE-2019-16547 | 2019-11-21 | Missing permission checks in various API endpoints in Jenkins Google... |
| CVE-2019-16548 | 2019-11-21 | A cross-site request forgery vulnerability in Jenkins Google Compute Engine... |
| CVE-2012-4524 | 2019-11-21 | xlockmore before 5.43 'dclock' security bypass vulnerability |
| CVE-2014-1935 | 2019-11-21 | 9base 1:6-6 and 1:6-7 insecurely creates temporary files which results... |
| CVE-2014-1936 | 2019-11-21 | rc before 1.7.1-5 insecurely creates temporary files. |
| CVE-2014-1937 | 2019-11-21 | Gamera before 3.4.1 insecurely creates temporary files. |
| CVE-2014-1938 | 2019-11-21 | python-rply before 0.7.4 insecurely creates temporary files. |
| CVE-2014-3700 | 2019-11-21 | eDeploy through at least 2014-10-14 has remote code execution due... |
| CVE-2019-17421 | 2019-11-21 | Incorrect file permissions on the packaged Nipper executable file in... |
| CVE-2018-13916 | 2019-11-21 | Out-of-bounds memory access in Qurt kernel function when using the... |
| CVE-2019-10486 | 2019-11-21 | Race condition due to the lack of resource lock which... |
| CVE-2019-10490 | 2019-11-21 | Use after free issue in Xtra daemon shutdown due to... |
| CVE-2019-10503 | 2019-11-21 | Out-of-bounds access can occur in camera driver due to improper... |
| CVE-2019-10535 | 2019-11-21 | Improper validation for loop variable received from firmware can lead... |
| CVE-2019-10563 | 2019-11-21 | Buffer over-read can occur in fast message handler due to... |
| CVE-2019-10566 | 2019-11-21 | Buffer overflow can occur in wlan module if supported rates... |
| CVE-2019-10617 | 2019-11-21 | Low privilege users can access service configuration which contains registry... |
| CVE-2019-10627 | 2019-11-21 | Integer overflow to buffer overflow vulnerability in PostScript image handling... |
| CVE-2019-2251 | 2019-11-21 | If a bitmap file is loaded from any un-authenticated source,... |
| CVE-2019-2266 | 2019-11-21 | Possible double free issue in kernel while handling the camera... |
| CVE-2019-2268 | 2019-11-21 | Possible OOB read issue in P2P action frames while handling... |
| CVE-2019-2271 | 2019-11-21 | Buffer over read can happen while parsing downlink session management... |
| CVE-2019-2289 | 2019-11-21 | Lack of integrity check allows MODEM to accept any NAS... |
| CVE-2019-2295 | 2019-11-21 | Information disclosure due to lack of address range check done... |
| CVE-2019-2297 | 2019-11-21 | Buffer overflow can occur while processing non-standard NAN message from... |
| CVE-2019-2303 | 2019-11-21 | SNDCP module may access array out side its boundary when... |
| CVE-2019-2315 | 2019-11-21 | While invoking the API to copy from fd or local... |
| CVE-2019-2318 | 2019-11-21 | Non Secure Kernel can cause Trustzone to do an arbitrary... |
| CVE-2019-2329 | 2019-11-21 | Use after free issue in cleanup routine due to missing... |
| CVE-2019-2335 | 2019-11-21 | While processing Attach Reject message, Valid exit condition is not... |
| CVE-2019-2336 | 2019-11-21 | Subsequent use of the CBO listener may result in further... |
| CVE-2019-2339 | 2019-11-21 | Out of bound access due to lack of check of... |