CVE List - 2019 / November
Showing 601 - 700 of 1679 CVEs for November 2019 (Page 7 of 17)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2019-18929 | 2019-11-13 | Western Digital My Cloud EX2 Ultra firmware 2.31.183 allows web users (including guest accounts) to remotely execute arbitrary code via a download_mgr.cgi stack-based buffer overflow. |
| CVE-2012-4384 | 2019-11-13 | letodms has multiple XSS issues: Reflected XSS in Login Page, Stored XSS in Document Owner/User name, Stored XSS in Calendar |
| CVE-2019-5292 | 2019-11-13 | Honor 10 Lite, Honor 8A, Huawei Y6 mobile phones with the versions before 9.1.0.217(C00E215R3P1), the versions before 9.1.0.205(C00E97R1P9), the versions before 9.1.0.205(C00E97R2P2) have an information leak vulnerability. Due to improper... |
| CVE-2013-4654 | 2019-11-13 | Symlink Traversal vulnerability in TP-LINK TL-WDR4300 and TL-1043ND.. |
| CVE-2012-4385 | 2019-11-13 | letodms 3.3.6 has CSRF via change password |
| CVE-2019-5289 | 2019-11-13 | Gauss100 OLTP database in ManageOne with versions of 6.5.0 have an out-of-bounds read vulnerability due to the insufficient checks of the specific packet length. Attackers can construct invalid packets to... |
| CVE-2014-8167 | 2019-11-13 | vdsm and vdsclient does not validate certficate hostname from another vdsm which could facilitate a man-in-the-middle attack |
| CVE-2019-5294 | 2019-11-13 | There is an out of bound read vulnerability in some Huawei products. A remote, unauthenticated attacker may send a corrupt or crafted message to the affected products. Due to a... |
| CVE-2019-5293 | 2019-11-13 | Some Huawei products have a memory leak vulnerability when handling some messages. A remote attacker with operation privilege could exploit the vulnerability by sending specific messages continuously. Successful exploit may... |
| CVE-2019-16948 | 2019-11-13 | An SSRF issue was discovered in Enghouse Web Chat 6.1.300.31. In any POST request, one can replace the port number at WebServiceLocation=http://localhost:8085/UCWebServices/ with a range of ports to determine what... |
| CVE-2010-4532 | 2019-11-13 | offlineimap before 6.3.2 does not check for SSL server certificate validation when "ssl = yes" option is specified which can allow man-in-the-middle attacks. |
| CVE-2019-2192 | 2019-11-13 | In call of SliceProvider.java, there is a possible permissions bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User... |
| CVE-2019-2193 | 2019-11-13 | In WelcomeActivity.java and related files, there is a possible permissions bypass due to a partially provisioned Device Policy Client. This could lead to local escalation of privilege, leaving an Admin... |
| CVE-2019-2195 | 2019-11-13 | In tokenize of sqlite3_android.cpp, there is a possible attacker controlled INSERT statement due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges... |
| CVE-2019-2199 | 2019-11-13 | In createSessionInternal of PackageInstallerService.java, there is a possible permissions bypass. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:... |
| CVE-2013-4657 | 2019-11-13 | Symlink Traversal vulnerability in NETGEAR WNR3500U and WNR3500L due to misconfiguration in the SMB service. |
| CVE-2019-18279 | 2019-11-13 | In Phoenix SCT WinFlash 1.1.12.0 through 1.5.74.0, the included drivers could be used by a malicious Windows application to gain elevated privileges. Adverse impacts are limited to the Windows environment... |
| CVE-2019-2211 | 2019-11-13 | In createProjectionMapForQuery of TvProvider.java, there is possible SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:... |
| CVE-2019-2197 | 2019-11-13 | In processPhonebookAccess of CachedBluetoothDevice.java, there is a possible permission bypass due to an insecure default value. This could lead to local information disclosure of the user's contact list with no... |
| CVE-2019-2201 | 2019-11-13 | In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with... |
| CVE-2019-2202 | 2019-11-13 | In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution... |
| CVE-2019-2203 | 2019-11-13 | In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution... |
| CVE-2019-2204 | 2019-11-13 | In FindSharedFunctionInfo of objects.cc, there is a possible out of bounds read due to a mistake in AST traversal. This could lead to remote code execution in the pacprocessor with... |
| CVE-2019-16949 | 2019-11-13 | An issue was discovered in Enghouse Web Chat 6.1.300.31 and 6.2.284.34. A user is allowed to send an archive of their chat log to an email address specified at the... |
| CVE-2019-2205 | 2019-11-13 | In ProxyResolverV8::SetPacScript of proxy_resolver_v8.cc, there is a possible memory corruption due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User... |
| CVE-2019-2206 | 2019-11-13 | In rw_i93_sm_set_read_only of rw_i93.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional... |
| CVE-2019-2233 | 2019-11-13 | In getUserCount and getCount of UserSwitcherController.java, there is possible new user creation due to a logic error. This could lead to local escalation of privilege for an attacker who has... |
| CVE-2019-2207 | 2019-11-13 | In nfa_hci_handle_admin_gate_rsp of nfa_hci_act.cc, there is a possible out of bound write due to missing bounds checks. This could lead to local escalation of privilege with system execution privileges needed.... |
| CVE-2019-2212 | 2019-11-13 | In poisson_distribution of random, there is an out of bounds read. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for... |
| CVE-2019-2208 | 2019-11-13 | In PromiseBuiltinsAssembler::NewPromiseCapability of builtins-promise.cc, there is a possible out of bounds read in v8 JIT code due to a bug in code generation. This could lead to remote information disclosure... |
| CVE-2019-2209 | 2019-11-13 | In BTA_DmPinReply of bta_dm_api.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed.... |
| CVE-2019-2196 | 2019-11-13 | In Download Provider, there is possible SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0... |
| CVE-2019-2198 | 2019-11-13 | In Download Provider, there is a possible SQL injection vulnerability. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:... |
| CVE-2019-2036 | 2019-11-13 | In okToConnect of HidHostService.java, there is a possible permission bypass due to an incorrect state check. This could lead to remote escalation of privilege with no additional execution privileges needed.... |
| CVE-2019-2213 | 2019-11-13 | In binder_free_transaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction... |
| CVE-2019-2214 | 2019-11-13 | In binder_transaction of binder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution... |
| CVE-2013-3517 | 2019-11-13 | Cross-site scripting (XSS) vulnerability in NETGEAR WNR3500U and WNR3500L. |
| CVE-2019-16950 | 2019-11-13 | An XSS issue was discovered in Enghouse Web Chat 6.1.300.31 and 6.2.284.34. The QueueName parameter of a GET request allows for insertion of user-supplied JavaScript. |
| CVE-2010-4533 | 2019-11-13 | offlineimap before 6.3.4 added support for SSL server certificate validation but it is still possible to use SSL v2 protocol, which is a flawed protocol with multiple security deficiencies. |
| CVE-2019-16951 | 2019-11-13 | A remote file include (RFI) issue was discovered in Enghouse Web Chat 6.2.284.34. One can replace the localhost attribute with one's own domain name. When the product calls this domain... |
| CVE-2012-2237 | 2019-11-13 | Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.4.x before 1.4.3 and 1.5.x before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) javascript... |
| CVE-2019-18844 | 2019-11-13 | The Device Model in ACRN before 2019w25.5-140000p relies on assert calls in devicemodel/hw/pci/core.c and devicemodel/include/pci_core.h (instead of other mechanisms for propagating error information or diagnostic information), which might allow attackers... |
| CVE-2010-4653 | 2019-11-13 | An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts. |
| CVE-2019-18793 | 2019-11-13 | Parallels Plesk Panel 9.5 allows XSS in target/locales/tr-TR/help/index.htm? via the "fileName" parameter. |
| CVE-2013-3516 | 2019-11-13 | NETGEAR WNR3500U and WNR3500L routers uses form tokens abased solely on router's current date and time, which allows attackers to guess the CSRF tokens. |
| CVE-2010-4654 | 2019-11-13 | poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack. |
| CVE-2019-2210 | 2019-11-13 | In load_logging_config of qmi_vs_service.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution... |
| CVE-2019-9467 | 2019-11-13 | In the Bootloader, there is a possible kernel command injection due to missing command sanitization. This could lead to a local elevation of privilege with System execution privileges needed. User... |
| CVE-2019-18884 | 2019-11-13 | index.php/team_members/add_team_member in RISE Ultimate Project Manager 2.3 has CSRF for adding authorized users. |
| CVE-2019-18883 | 2019-11-13 | XSS exists in Lavalite CMS 5.7 via the admin/profile name or designation field. |
| CVE-2019-18837 | 2019-11-13 | An issue was discovered in crun before 0.10.5. With a crafted image, it doesn't correctly check whether a target is a symlink, resulting in access to files outside of the... |
| CVE-2010-4657 | 2019-11-13 | PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output. |
| CVE-2019-17515 | 2019-11-13 | The CleanTalk cleantalk-spam-protect plugin before 5.127.4 for WordPress is affected by: Cross Site Scripting (XSS). The impact is: Allows an attacker to execute arbitrary HTML and JavaScript code via the... |
| CVE-2019-17550 | 2019-11-13 | The Blog2Social plugin before 5.9.0 for WordPress is affected by: Cross Site Scripting (XSS). The impact is: Allows an attacker to execute arbitrary HTML and JavaScript code via the b2s_id... |
| CVE-2012-5193 | 2019-11-13 | Multiple cross-site scripting (XSS) vulnerabilities in Bitweaver 2.8.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the path info to (1) stats/index.php or (2) newsletters/edition.php... |
| CVE-2014-1214 | 2019-11-13 | views/upload.php in the ProJoom Smart Flash Header (NovaSFH) component 3.0.2 and earlier for Joomla! allows remote attackers to upload and execute arbitrary files via a crafted (1) dest parameter and... |
| CVE-2013-3367 | 2019-11-13 | Undocumented TELNET service in TRENDnet TEW-691GR and TEW-692GR when a web page named backdoor contains an HTML parameter of password and a value of j78G¬DFdg_24Mhw3. |
| CVE-2013-4275 | 2019-11-13 | Cross-site scripting (XSS) vulnerability in the zen_breadcrumb function in template.php in the Zen theme 6.x-1.x, 7.x-3.x before 7.x-3.2, and 7.x-5.x before 7.x-5.4 for Drupal allows remote authenticated users with the... |
| CVE-2011-4972 | 2019-11-13 | hook_file_download in the CKEditor module 7.x-1.4 for Drupal does not properly restrict access to private files, which allows remote attackers to read private files via a direct request. |
| CVE-2010-4661 | 2019-11-13 | udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules. |
| CVE-2013-3366 | 2019-11-13 | Undocumented TELNET service in TRENDnet TEW-812DRU when a web page named backdoor contains an HTML parameter of password and a value of j78G¬DFdg_24Mhw3. |
| CVE-2019-18923 | 2019-11-13 | Insufficient content type validation of proxied resources in go-camo before 2.1.1 allows a remote attacker to serve arbitrary content from go-camo's origin. |
| CVE-2010-4664 | 2019-11-13 | In ConsoleKit before 0.4.2, an intended security policy restriction bypass was found. This flaw allows an authenticated system user to escalate their privileges by initiating a remote VNC session. |
| CVE-2010-4817 | 2019-11-13 | pithos before 0.3.5 allows overwrite of arbitrary files via symlinks. |
| CVE-2013-3097 | 2019-11-13 | Unspecified Cross-site scripting (XSS) vulnerability in the Verizon FIOS Actiontec MI424WR-GEN3I router. |
| CVE-2019-0385 | 2019-11-13 | SAP Enable Now, before version 1908, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. |
| CVE-2019-0389 | 2019-11-13 | An administrator of SAP NetWeaver Application Server Java (J2EE-Framework), (corrected in versions 7.1, 7.2, 7.3, 7.31, 7.4, 7.5), may change privileges for all or some functions in Java Server, and... |
| CVE-2019-0382 | 2019-11-13 | A Cross-Site Scripting vulnerability exists in SAP BusinessObjects Business Intelligence Platform (Web Intelligence-Publication related pages); corrected in version 4.2. Privileges are required in order to exploit this vulnerability. |
| CVE-2019-0393 | 2019-11-13 | An SQL Injection vulnerability in SAP Quality Management (corrected in S4CORE versions 1.0, 1.01, 1.02, 1.03) allows an attacker to carry out targeted database queries that can read individual fields... |
| CVE-2019-0390 | 2019-11-13 | Under certain conditions SAP Data Hub (corrected in DH_Foundation version 2) allows an attacker to access information which would otherwise be restricted. Connection details that are maintained in Connection Manager... |
| CVE-2019-0391 | 2019-11-13 | Under certain conditions SAP NetWeaver AS Java (corrected in 7.10, 7.20, 7.30, 7.31, 7.40, 7.50) allows an attacker to access information which would otherwise be restricted. |
| CVE-2019-0388 | 2019-11-13 | SAP UI5 HTTP Handler (corrected in SAP_UI versions 7.5, 7.51, 7.52, 7.53, 7.54 and SAP UI_700 version 2.0) allows an attacker to manipulate content due to insufficient URL validation. |
| CVE-2019-0396 | 2019-11-13 | SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), corrected in versions 4.1 and 4.2, does not sufficiently validate an XML document accepted from an untrusted source. An attacker can... |
| CVE-2019-0386 | 2019-11-13 | Order processing in SAP ERP Sales (corrected in SAP_APPL 6.0, 6.02, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18) and S4HANA Sales (corrected in S4CORE 1.0, 1.01, 1.02, 1.03, 1.04) does... |
| CVE-2019-18240 | 2019-11-13 | In Fuji Electric V-Server 4.0.6 and prior, several heap-based buffer overflows have been identified, which may allow an attacker to remotely execute arbitrary code. |
| CVE-2019-13555 | 2019-11-13 | In Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial number 21081 and prior, Q04/06/13/26UDPVCPU: serial number 21081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 21081 and prior, MELSEC-L Series L02/06/26CPU, L26CPU-BT: serial... |
| CVE-2019-3420 | 2019-11-13 | All versions up to V2.5.0_EG1T5_TED of ZTE ZXHN H108N product are impacted by an information leak vulnerability. An attacker could exploit the vulnerability to obtain sensitive information and perform unauthorized... |
| CVE-2019-3649 | 2019-11-13 | Advanced Threat Defense (ATD) - Information Disclosure vulnerability |
| CVE-2010-5108 | 2019-11-13 | Trac 0.11.6 does not properly check workflow permissions before modifying a ticket. This can be exploited by an attacker to change the status and resolution of tickets without having proper... |
| CVE-2019-5029 | 2019-11-13 | An exploitable command injection vulnerability exists in the Config editor of the Exhibitor Web UI versions 1.0.9 to 1.7.1. Arbitrary shell commands surrounded by backticks or $() can be inserted... |
| CVE-2019-18951 | 2019-11-13 | SibSoft Xfilesharing through 2.5.1 allows op=page&tmpl=../ directory traversal to read arbitrary files. |
| CVE-2019-18952 | 2019-11-13 | SibSoft Xfilesharing through 2.5.1 allows cgi-bin/up.cgi arbitrary file upload. This can be combined with CVE-2019-18951 to achieve remote code execution via a .html file, containing short codes, that is served... |
| CVE-2019-3651 | 2019-11-13 | Advanced Threat Defense (ATD) - Information Disclosure vulnerability |
| CVE-2019-3650 | 2019-11-13 | Advanced Threat Defense (ATD) - Information Disclosure vulnerability |
| CVE-2011-0544 | 2019-11-13 | phpbb 3.0.x-3.0.6 has an XSS vulnerability via the [flash] BB tag. |
| CVE-2019-3660 | 2019-11-13 | Advanced Threat Defense (ATD) - Improper Neutralization of HTTP requests |
| CVE-2019-18954 | 2019-11-13 | Pomelo v2.2.5 allows external control of critical state data. A malicious user input can corrupt arbitrary methods and attributes in template/game-server/app/servers/connector/handler/entryHandler.js because certain internal attributes can be overwritten via a... |
| CVE-2019-3661 | 2019-11-13 | Advanced Threat Defense (ATD) - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') |
| CVE-2019-3662 | 2019-11-13 | Advanced Threat Defense (ATD) - Path Traversal: '/absolute/pathname/here' vulnerability |
| CVE-2019-3663 | 2019-11-13 | Advanced Threat Defense (ATD) - Unprotected storage of shared credentials vulnerability |
| CVE-2019-14818 | 2019-11-14 | A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access... |
| CVE-2019-3640 | 2019-11-14 | Data Loss Prevention - Unprotected Transport of Credentials |
| CVE-2011-1070 | 2019-11-14 | v86d before 0.1.10 do not verify if received netlink messages are sent by the kernel. This could allow unprivileged users to manipulate the video mode and potentially other consequences. |
| CVE-2011-1136 | 2019-11-14 | In tesseract 2.03 and 2.04, an attacker can rewrite an arbitrary user file by guessing the PID and creating a link to the user's file. |
| CVE-2011-1145 | 2019-11-14 | The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string. |
| CVE-2011-1488 | 2019-11-14 | A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled. A local attacker could use this flaw to... |
| CVE-2011-1489 | 2019-11-14 | A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rulesets were used and some output batches contained messages belonging... |
| CVE-2011-1490 | 2019-11-14 | A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulesets were used and some output batches contained messages belonging... |
| CVE-2011-1588 | 2019-11-14 | Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error. |
| CVE-2011-1930 | 2019-11-14 | In klibc 1.5.20 and 1.5.21, the DHCP options written by ipconfig to /tmp/net-$DEVICE.conf are not properly escaped. This may allow a remote attacker to send a specially crafted DHCP reply... |