CVE List - 2019 / November
Showing 1201 - 1300 of 1679 CVEs for November 2019 (Page 13 of 17)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2019-16340 | 2019-11-21 | Belkin Linksys Velop 1.1.8.192419 devices allows remote attackers to discover... |
| CVE-2019-15704 | 2019-11-21 | A clear text storage of sensitive information vulnerability in FortiClient... |
| CVE-2018-9195 | 2019-11-21 | Use of a hardcoded cryptographic key in the FortiGuard services... |
| CVE-2019-17650 | 2019-11-21 | An Improper Neutralization of Special Elements used in a Command... |
| CVE-2019-6693 | 2019-11-21 | Use of a hard-coded cryptographic key to cipher sensitive data... |
| CVE-2018-8879 | 2019-11-21 | Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS devices older... |
| CVE-2019-5509 | 2019-11-21 | ONTAP Select Deploy administration utility versions 2.11.2 through 2.12.2 are... |
| CVE-2019-17272 | 2019-11-21 | All versions of ONTAP Select Deploy administration utility are susceptible... |
| CVE-2019-5086 | 2019-11-21 | An exploitable integer overflow vulnerability exists in the flattenIncrementally function... |
| CVE-2019-5087 | 2019-11-21 | An exploitable integer overflow vulnerability exists in the flattenIncrementally function... |
| CVE-2019-10767 | 2019-11-21 | An attacker can include file contents from outside the `/adapter/xxx/`... |
| CVE-2019-5071 | 2019-11-21 | An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality... |
| CVE-2019-5072 | 2019-11-21 | An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality... |
| CVE-2019-19191 | 2019-11-21 | Shibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec... |
| CVE-2019-16405 | 2019-11-21 | Centreon Web before 2.8.30, 18.10.x before 18.10.8, 19.04.x before 19.04.5... |
| CVE-2019-16406 | 2019-11-21 | Centreon Web 19.04.4 has weak permissions within the OVA (aka... |
| CVE-2019-18886 | 2019-11-21 | An issue was discovered in Symfony 4.2.0 to 4.2.11 and... |
| CVE-2019-18890 | 2019-11-21 | A SQL injection vulnerability in Redmine through 3.2.9 and 3.3.x... |
| CVE-2019-15511 | 2019-11-21 | An exploitable local privilege escalation vulnerability exists in the GalaxyClientService... |
| CVE-2019-19006 | 2019-11-21 | Sangoma FreePBX 115.0.16.26 and below, 14.0.13.11 and below, 13.0.197.13 and... |
| CVE-2019-19033 | 2019-11-21 | Jalios JCMS 10 allows attackers to access any part of... |
| CVE-2019-18349 | 2019-11-21 | HotkeyP through 4.9 r96 allows privilege escalation in the privilege... |
| CVE-2019-16758 | 2019-11-21 | In Lexmark Services Monitor 2.27.4.0.39 (running on TCP port 2070),... |
| CVE-2019-19197 | 2019-11-21 | IOCTL Handling in the kyrld.sys driver in Kyrol Internet Security... |
| CVE-2019-5636 | 2019-11-21 | Beckhoff TwinCAT Discovery Service Denial of Service |
| CVE-2019-5637 | 2019-11-21 | Beckhoff TwinCAT Profinet Driver Divide-by-Zero Denial of Service |
| CVE-2013-3314 | 2019-11-21 | The Loftek Nexus 543 IP Camera allows remote attackers to... |
| CVE-2013-3313 | 2019-11-21 | The Loftek Nexus 543 IP Camera stores passwords in cleartext,... |
| CVE-2013-3312 | 2019-11-21 | Multiple cross-site request forgery (CSRF) vulnerabilities in the Loftek Nexus... |
| CVE-2013-3311 | 2019-11-21 | Directory traversal vulnerability in the Loftek Nexus 543 IP Camera... |
| CVE-2015-2793 | 2019-11-21 | Cross-site scripting (XSS) vulnerability in templates/openid-selector.tmpl in ikiwiki before 3.20150329... |
| CVE-2019-19202 | 2019-11-21 | In Vtiger 7.x before 7.2.0, the My Preferences saving functionality... |
| CVE-2019-19204 | 2019-11-21 | An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In... |
| CVE-2019-19203 | 2019-11-21 | An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In... |
| CVE-2019-19207 | 2019-11-21 | rConfig 3.9.2 allows devices.php?searchColumn= SQL injection. |
| CVE-2015-3140 | 2019-11-21 | Multiple cross-site request forgery (CSRF) vulnerabilities in Synametrics Technologies SynaMan... |
| CVE-2014-8356 | 2019-11-21 | The web administrative portal in Zhone zNID 2426A before S3.0.501... |
| CVE-2012-1001 | 2019-11-21 | Multiple cross-site scripting (XSS) vulnerabilities in Chyrp before 2.1.2 and... |
| CVE-2014-2901 | 2019-11-21 | wolfssl before 3.2.0 does not properly issue certificates for a... |
| CVE-2014-2902 | 2019-11-21 | wolfssl before 3.2.0 does not properly authorize CA certificate for... |
| CVE-2014-2904 | 2019-11-21 | wolfssl before 3.2.0 has a server certificate that is not... |
| CVE-2019-11325 | 2019-11-21 | An issue was discovered in Symfony before 4.2.12 and 4.3.x... |
| CVE-2019-18887 | 2019-11-21 | An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0... |
| CVE-2019-18888 | 2019-11-21 | An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0... |
| CVE-2019-18889 | 2019-11-21 | An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0... |
| CVE-2014-5254 | 2019-11-21 | xcfa before 5.0.1 creates temporary files insecurely which could allow... |
| CVE-2014-5255 | 2019-11-21 | xcfa before 5.0.1 creates temporary files insecurely which could allow... |
| CVE-2019-18933 | 2019-11-21 | In Zulip Server versions from 1.7.0 to before 2.0.7, a... |
| CVE-2012-1637 | 2019-11-21 | Cross-site scripting vulnerability (XSS) in the Quick Tabs module 6.x-2.x... |
| CVE-2012-2078 | 2019-11-21 | Cross-site scripting (XSS) vulnerability in the Activity module 6.x-1.x for... |
| CVE-2012-2079 | 2019-11-21 | A cross-site request forgery (CSRF) vulnerability in the Activity module... |
| CVE-2019-10206 | 2019-11-22 | ansible-playbook -k and ansible cli tools, all versions 2.8.x before... |
| CVE-2019-13157 | 2019-11-22 | nsGreen.dll in Naver Vaccine 2.1.4 allows remote attackers to overwrite... |
| CVE-2018-10854 | 2019-11-22 | cloudforms version, cloudforms 5.8 and cloudforms 5.9, is vulnerable to... |
| CVE-2019-10203 | 2019-11-22 | PowerDNS Authoritative daemon , pdns versions 4.0.x before 4.0.9, 4.1.x... |
| CVE-2019-19227 | 2019-11-22 | In the AppleTalk subsystem in the Linux kernel before 5.1,... |
| CVE-2015-5694 | 2019-11-22 | Designate does not enforce the DNS protocol limit concerning record... |
| CVE-2015-1780 | 2019-11-22 | oVirt users with MANIPULATE_STORAGE_DOMAIN permissions can attach a storage domain... |
| CVE-2015-7810 | 2019-11-22 | libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when... |
| CVE-2012-3407 | 2019-11-22 | plow has local buffer overflow vulnerability |
| CVE-2014-3585 | 2019-11-22 | redhat-upgrade-tool: Does not check GPG signatures when upgrading versions |
| CVE-2019-4214 | 2019-11-22 | IBM SmartCloud Analytics 1.3.1 through 1.3.5 does not set the... |
| CVE-2019-4215 | 2019-11-22 | IBM SmartCloud Analytics 1.3.1 through 1.3.5 could allow a remote... |
| CVE-2019-4216 | 2019-11-22 | IBM SmartCloud Analytics 1.3.1 through 1.3.5 is vulnerable to possible... |
| CVE-2019-4243 | 2019-11-22 | IBM SmartCloud Analytics 1.3.1 through 1.3.5 allows unauthorized disclosure of... |
| CVE-2019-4569 | 2019-11-22 | IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.16 is vulnerable to... |
| CVE-2019-4570 | 2019-11-22 | IBM Tivoli Netcool Impact 7.1.0 through 7.1.0.16 generates an error... |
| CVE-2019-3427 | 2019-11-22 | The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted... |
| CVE-2019-3428 | 2019-11-22 | The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted... |
| CVE-2019-19013 | 2019-11-22 | A CSRF vulnerability in Pagekit 1.0.17 allows an attacker to... |
| CVE-2012-0812 | 2019-11-22 | PostfixAdmin 2.3.4 has multiple XSS vulnerabilities |
| CVE-2012-0877 | 2019-11-22 | PyXML: Hash table collisions CPU usage Denial of Service |
| CVE-2019-18790 | 2019-11-22 | An issue was discovered in channels/chan_sip.c in Sangoma Asterisk 13.x... |
| CVE-2019-18976 | 2019-11-22 | An issue was discovered in res_pjsip_t38.c in Sangoma Asterisk through... |
| CVE-2019-17445 | 2019-11-22 | An issue was discovered in Eracent EDA, EPA, EPM, EUA,... |
| CVE-2019-15652 | 2019-11-22 | The web interface for NSSLGlobal SatLink VSAT Modem Unit (VMU)... |
| CVE-2019-18610 | 2019-11-22 | An issue was discovered in manager.c in Sangoma Asterisk through... |
| CVE-2019-17446 | 2019-11-22 | An issue was discovered in Eracent EPA Agent through 10.2.26.... |
| CVE-2013-6880 | 2019-11-22 | Open redirect in proxy.php in FlashCanvas before 1.6 allows remote... |
| CVE-2019-9536 | 2019-11-22 | Apple iPhone 3GS bootrom malloc implementation returns a non-NULL pointer... |
| CVE-2013-6811 | 2019-11-22 | Multiple cross-site request forgery (CSRF) vulnerabilities in the D-Link DSL-6740U... |
| CVE-2014-6310 | 2019-11-22 | Buffer overflow in CHICKEN 4.9.0 and 4.9.0.1 may allow remote... |
| CVE-2013-6239 | 2019-11-22 | Cross-site scripting (XSS) vulnerability in the photo gallery model in... |
| CVE-2013-6879 | 2019-11-22 | The Mijosoft MijoSearch component 2.0.1 and earlier for Joomla! allows... |
| CVE-2013-6878 | 2019-11-22 | Cross-site scripting (XSS) vulnerability in the Mijosoft MijoSearch component 2.0.4... |
| CVE-2014-6311 | 2019-11-22 | generate_doygen.pl in ace before 6.2.7+dfsg-2 creates predictable file names in... |
| CVE-2014-1238 | 2019-11-22 | Cross-site scripting (XSS) vulnerability in ui/common/managedlistdialog.aspx in Gael Q-Pulse 0.6... |
| CVE-2019-16763 | 2019-11-22 | XSS in Pannellum from 2.5.0 through 2.5.4 |
| CVE-2014-2213 | 2019-11-22 | Open redirect vulnerability in the password reset functionality in POSH... |
| CVE-2014-2214 | 2019-11-22 | Multiple cross-site scripting (XSS) vulnerabilities in POSH (aka Posh portal... |
| CVE-2012-6077 | 2019-11-22 | W3 Total Cache before 0.9.2.5 allows remote attackers to retrieve... |
| CVE-2019-19240 | 2019-11-22 | Embedthis GoAhead before 5.0.1 mishandles redirected HTTP requests with a... |
| CVE-2013-6234 | 2019-11-22 | Unrestricted file upload vulnerability in the Worksheet designer in SpagoBI... |
| CVE-2012-6078 | 2019-11-22 | W3 Total Cache before 0.9.2.5 generates hash keys insecurely which... |
| CVE-2013-0202 | 2019-11-22 | Cross-site scripting (XSS) vulnerability in ownCloud 4.5.5, 4.0.10, and earlier... |
| CVE-2013-0203 | 2019-11-22 | Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.5, 4.0.10, and... |
| CVE-2012-6079 | 2019-11-22 | W3 Total Cache before 0.9.2.5 exposes sensitive cached database information... |
| CVE-2019-3654 | 2019-11-22 | Client Proxy (MCP) - Authentication Bypass vulnerability |
| CVE-2019-13566 | 2019-11-22 | An issue was discovered in the ROS communications-related packages (aka... |
| CVE-2019-18622 | 2019-11-22 | An issue was discovered in phpMyAdmin before 4.9.2. A crafted... |