CVE List - 2019 / November
Showing 601 - 700 of 1679 CVEs for November 2019 (Page 7 of 17)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2019-18930 | 2019-11-13 | Western Digital My Cloud EX2 Ultra firmware 2.31.183 allows web... |
| CVE-2019-18929 | 2019-11-13 | Western Digital My Cloud EX2 Ultra firmware 2.31.183 allows web... |
| CVE-2012-4384 | 2019-11-13 | letodms has multiple XSS issues: Reflected XSS in Login Page,... |
| CVE-2019-5292 | 2019-11-13 | Honor 10 Lite, Honor 8A, Huawei Y6 mobile phones with... |
| CVE-2013-4654 | 2019-11-13 | Symlink Traversal vulnerability in TP-LINK TL-WDR4300 and TL-1043ND.. |
| CVE-2012-4385 | 2019-11-13 | letodms 3.3.6 has CSRF via change password |
| CVE-2019-5289 | 2019-11-13 | Gauss100 OLTP database in ManageOne with versions of 6.5.0 have... |
| CVE-2014-8167 | 2019-11-13 | vdsm and vdsclient does not validate certficate hostname from another... |
| CVE-2019-5294 | 2019-11-13 | There is an out of bound read vulnerability in some... |
| CVE-2019-5293 | 2019-11-13 | Some Huawei products have a memory leak vulnerability when handling... |
| CVE-2019-16948 | 2019-11-13 | An SSRF issue was discovered in Enghouse Web Chat 6.1.300.31.... |
| CVE-2010-4532 | 2019-11-13 | offlineimap before 6.3.2 does not check for SSL server certificate... |
| CVE-2019-2192 | 2019-11-13 | In call of SliceProvider.java, there is a possible permissions bypass... |
| CVE-2019-2193 | 2019-11-13 | In WelcomeActivity.java and related files, there is a possible permissions... |
| CVE-2019-2195 | 2019-11-13 | In tokenize of sqlite3_android.cpp, there is a possible attacker controlled... |
| CVE-2019-2199 | 2019-11-13 | In createSessionInternal of PackageInstallerService.java, there is a possible permissions bypass.... |
| CVE-2013-4657 | 2019-11-13 | Symlink Traversal vulnerability in NETGEAR WNR3500U and WNR3500L due to... |
| CVE-2019-18279 | 2019-11-13 | In Phoenix SCT WinFlash 1.1.12.0 through 1.5.74.0, the included drivers... |
| CVE-2019-2211 | 2019-11-13 | In createProjectionMapForQuery of TvProvider.java, there is possible SQL injection. This... |
| CVE-2019-2197 | 2019-11-13 | In processPhonebookAccess of CachedBluetoothDevice.java, there is a possible permission bypass... |
| CVE-2019-2201 | 2019-11-13 | In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of... |
| CVE-2019-2202 | 2019-11-13 | In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of... |
| CVE-2019-2203 | 2019-11-13 | In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of... |
| CVE-2019-2204 | 2019-11-13 | In FindSharedFunctionInfo of objects.cc, there is a possible out of... |
| CVE-2019-16949 | 2019-11-13 | An issue was discovered in Enghouse Web Chat 6.1.300.31 and... |
| CVE-2019-2205 | 2019-11-13 | In ProxyResolverV8::SetPacScript of proxy_resolver_v8.cc, there is a possible memory corruption... |
| CVE-2019-2206 | 2019-11-13 | In rw_i93_sm_set_read_only of rw_i93.cc, there is a possible out of... |
| CVE-2019-2233 | 2019-11-13 | In getUserCount and getCount of UserSwitcherController.java, there is possible new... |
| CVE-2019-2207 | 2019-11-13 | In nfa_hci_handle_admin_gate_rsp of nfa_hci_act.cc, there is a possible out of... |
| CVE-2019-2212 | 2019-11-13 | In poisson_distribution of random, there is an out of bounds... |
| CVE-2019-2208 | 2019-11-13 | In PromiseBuiltinsAssembler::NewPromiseCapability of builtins-promise.cc, there is a possible out of... |
| CVE-2019-2209 | 2019-11-13 | In BTA_DmPinReply of bta_dm_api.cc, there is a possible out of... |
| CVE-2019-2196 | 2019-11-13 | In Download Provider, there is possible SQL injection. This could... |
| CVE-2019-2198 | 2019-11-13 | In Download Provider, there is a possible SQL injection vulnerability.... |
| CVE-2019-2036 | 2019-11-13 | In okToConnect of HidHostService.java, there is a possible permission bypass... |
| CVE-2019-2213 | 2019-11-13 | In binder_free_transaction of binder.c, there is a possible use-after-free due... |
| CVE-2019-2214 | 2019-11-13 | In binder_transaction of binder.c, there is a possible out of... |
| CVE-2013-3517 | 2019-11-13 | Cross-site scripting (XSS) vulnerability in NETGEAR WNR3500U and WNR3500L. |
| CVE-2019-16950 | 2019-11-13 | An XSS issue was discovered in Enghouse Web Chat 6.1.300.31... |
| CVE-2010-4533 | 2019-11-13 | offlineimap before 6.3.4 added support for SSL server certificate validation... |
| CVE-2019-16951 | 2019-11-13 | A remote file include (RFI) issue was discovered in Enghouse... |
| CVE-2012-2237 | 2019-11-13 | Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.4.x before 1.4.3... |
| CVE-2019-18844 | 2019-11-13 | The Device Model in ACRN before 2019w25.5-140000p relies on assert... |
| CVE-2010-4653 | 2019-11-13 | An integer overflow condition in poppler before 0.16.3 can occur... |
| CVE-2019-18793 | 2019-11-13 | Parallels Plesk Panel 9.5 allows XSS in target/locales/tr-TR/help/index.htm? via the... |
| CVE-2013-3516 | 2019-11-13 | NETGEAR WNR3500U and WNR3500L routers uses form tokens abased solely... |
| CVE-2010-4654 | 2019-11-13 | poppler before 0.16.3 has malformed commands that may cause corruption... |
| CVE-2019-2210 | 2019-11-13 | In load_logging_config of qmi_vs_service.cc, there is a possible out of... |
| CVE-2019-9467 | 2019-11-13 | In the Bootloader, there is a possible kernel command injection... |
| CVE-2019-18884 | 2019-11-13 | index.php/team_members/add_team_member in RISE Ultimate Project Manager 2.3 has CSRF for... |
| CVE-2019-18883 | 2019-11-13 | XSS exists in Lavalite CMS 5.7 via the admin/profile name... |
| CVE-2019-18837 | 2019-11-13 | An issue was discovered in crun before 0.10.5. With a... |
| CVE-2010-4657 | 2019-11-13 | PHP5 before 5.4.4 allows passing invalid utf-8 strings via the... |
| CVE-2019-17515 | 2019-11-13 | The CleanTalk cleantalk-spam-protect plugin before 5.127.4 for WordPress is affected... |
| CVE-2019-17550 | 2019-11-13 | The Blog2Social plugin before 5.9.0 for WordPress is affected by:... |
| CVE-2012-5193 | 2019-11-13 | Multiple cross-site scripting (XSS) vulnerabilities in Bitweaver 2.8.1 and earlier... |
| CVE-2014-1214 | 2019-11-13 | views/upload.php in the ProJoom Smart Flash Header (NovaSFH) component 3.0.2... |
| CVE-2013-3367 | 2019-11-13 | Undocumented TELNET service in TRENDnet TEW-691GR and TEW-692GR when a... |
| CVE-2013-4275 | 2019-11-13 | Cross-site scripting (XSS) vulnerability in the zen_breadcrumb function in template.php... |
| CVE-2011-4972 | 2019-11-13 | hook_file_download in the CKEditor module 7.x-1.4 for Drupal does not... |
| CVE-2010-4661 | 2019-11-13 | udisks before 1.0.3 allows a local user to load arbitrary... |
| CVE-2013-3366 | 2019-11-13 | Undocumented TELNET service in TRENDnet TEW-812DRU when a web page... |
| CVE-2019-18923 | 2019-11-13 | Insufficient content type validation of proxied resources in go-camo before... |
| CVE-2010-4664 | 2019-11-13 | In ConsoleKit before 0.4.2, an intended security policy restriction bypass... |
| CVE-2010-4817 | 2019-11-13 | pithos before 0.3.5 allows overwrite of arbitrary files via symlinks. |
| CVE-2013-3097 | 2019-11-13 | Unspecified Cross-site scripting (XSS) vulnerability in the Verizon FIOS Actiontec... |
| CVE-2019-0385 | 2019-11-13 | SAP Enable Now, before version 1908, does not sufficiently encode... |
| CVE-2019-0389 | 2019-11-13 | An administrator of SAP NetWeaver Application Server Java (J2EE-Framework), (corrected... |
| CVE-2019-0382 | 2019-11-13 | A Cross-Site Scripting vulnerability exists in SAP BusinessObjects Business Intelligence... |
| CVE-2019-0393 | 2019-11-13 | An SQL Injection vulnerability in SAP Quality Management (corrected in... |
| CVE-2019-0390 | 2019-11-13 | Under certain conditions SAP Data Hub (corrected in DH_Foundation version... |
| CVE-2019-0391 | 2019-11-13 | Under certain conditions SAP NetWeaver AS Java (corrected in 7.10,... |
| CVE-2019-0388 | 2019-11-13 | SAP UI5 HTTP Handler (corrected in SAP_UI versions 7.5, 7.51,... |
| CVE-2019-0396 | 2019-11-13 | SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), corrected... |
| CVE-2019-0386 | 2019-11-13 | Order processing in SAP ERP Sales (corrected in SAP_APPL 6.0,... |
| CVE-2019-18240 | 2019-11-13 | In Fuji Electric V-Server 4.0.6 and prior, several heap-based buffer... |
| CVE-2019-13555 | 2019-11-13 | In Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial number 21081 and... |
| CVE-2019-3420 | 2019-11-13 | All versions up to V2.5.0_EG1T5_TED of ZTE ZXHN H108N product... |
| CVE-2019-3649 | 2019-11-13 | Advanced Threat Defense (ATD) - Information Disclosure vulnerability |
| CVE-2010-5108 | 2019-11-13 | Trac 0.11.6 does not properly check workflow permissions before modifying... |
| CVE-2019-5029 | 2019-11-13 | An exploitable command injection vulnerability exists in the Config editor... |
| CVE-2019-18951 | 2019-11-13 | SibSoft Xfilesharing through 2.5.1 allows op=page&tmpl=../ directory traversal to read... |
| CVE-2019-18952 | 2019-11-13 | SibSoft Xfilesharing through 2.5.1 allows cgi-bin/up.cgi arbitrary file upload. This... |
| CVE-2019-3651 | 2019-11-13 | Advanced Threat Defense (ATD) - Information Disclosure vulnerability |
| CVE-2019-3650 | 2019-11-13 | Advanced Threat Defense (ATD) - Information Disclosure vulnerability |
| CVE-2011-0544 | 2019-11-13 | phpbb 3.0.x-3.0.6 has an XSS vulnerability via the [flash] BB... |
| CVE-2019-3660 | 2019-11-13 | Advanced Threat Defense (ATD) - Improper Neutralization of HTTP requests |
| CVE-2019-18954 | 2019-11-13 | Pomelo v2.2.5 allows external control of critical state data. A... |
| CVE-2019-3661 | 2019-11-13 | Advanced Threat Defense (ATD) - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') |
| CVE-2019-3662 | 2019-11-13 | Advanced Threat Defense (ATD) - Path Traversal: '/absolute/pathname/here' vulnerability |
| CVE-2019-3663 | 2019-11-13 | Advanced Threat Defense (ATD) - Unprotected storage of shared credentials vulnerability |
| CVE-2019-14818 | 2019-11-14 | A flaw was found in all dpdk version 17.x.x before... |
| CVE-2019-3640 | 2019-11-14 | Data Loss Prevention - Unprotected Transport of Credentials |
| CVE-2011-1070 | 2019-11-14 | v86d before 0.1.10 do not verify if received netlink messages... |
| CVE-2011-1136 | 2019-11-14 | In tesseract 2.03 and 2.04, an attacker can rewrite an... |
| CVE-2011-1145 | 2019-11-14 | The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible... |
| CVE-2011-1488 | 2019-11-14 | A memory leak in rsyslog before 5.7.6 was found in... |
| CVE-2011-1489 | 2019-11-14 | A memory leak in rsyslog before 5.7.6 was found in... |
| CVE-2011-1490 | 2019-11-14 | A memory leak in rsyslog before 5.7.6 was found in... |
| CVE-2011-1588 | 2019-11-14 | Thunar before 1.3.1 could crash when copy and pasting a... |