CVE List - 2019 / December
Showing 501 - 600 of 1578 CVEs for December 2019 (Page 6 of 16)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2019-13942 | 2019-12-12 | A vulnerability has been identified in EN100 Ethernet module DNP3 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.37), EN100 Ethernet module IEC104 variant (All versions),... |
| CVE-2019-13943 | 2019-12-12 | A vulnerability has been identified in EN100 Ethernet module DNP3 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.37), EN100 Ethernet module IEC104 variant (All versions),... |
| CVE-2019-13944 | 2019-12-12 | A vulnerability has been identified in EN100 Ethernet module DNP3 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.37), EN100 Ethernet module IEC104 variant (All versions),... |
| CVE-2019-13947 | 2019-12-12 | A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The user configuration menu in the web interface of the Control Center Server (CCS) transfers user... |
| CVE-2019-18283 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). The AdminService is available without authentication on the Application Server. An attacker can gain... |
| CVE-2019-18284 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). The AdminService is available without authentication on the Application Server. An attacker can use... |
| CVE-2019-18285 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). The RMI communication between the client and the Application Server is unencrypted. An attacker... |
| CVE-2019-18286 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). The Application Server exposes directory listings and files containing sensitive information. This vulnerability is... |
| CVE-2019-18287 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). The Application Server exposes directory listings and files containing sensitive information. This vulnerability is... |
| CVE-2019-18288 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with valid authentication at the RMI interface could be able to gain... |
| CVE-2019-18289 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition and potentially gain remote... |
| CVE-2019-18290 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted... |
| CVE-2019-18291 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted... |
| CVE-2019-18292 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted... |
| CVE-2019-18293 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition and potentially gain remote... |
| CVE-2019-18294 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted... |
| CVE-2019-18295 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition and potentially gain remote... |
| CVE-2019-18296 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition and potentially gain remote... |
| CVE-2019-18297 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with local access to the MS3000 Server and low privileges could gain root privileges by sending... |
| CVE-2019-18298 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted... |
| CVE-2019-18299 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a Denial-of-Service condition by sending specifically crafted... |
| CVE-2019-18300 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a Denial-of-Service condition by sending specifically crafted... |
| CVE-2019-18301 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a Denial-of-Service condition by sending specifically crafted... |
| CVE-2019-18302 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a Denial-of-Service condition by sending specifically crafted... |
| CVE-2019-18303 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a Denial-of-Service condition by sending specifically crafted... |
| CVE-2019-18304 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a Denial-of-Service condition by sending specifically crafted... |
| CVE-2019-18305 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted... |
| CVE-2019-18306 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted... |
| CVE-2019-18307 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted... |
| CVE-2019-18308 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with local access to the MS3000 Server and a low privileged user account could gain root... |
| CVE-2019-18309 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with local access to the MS3000 Server and a low privileged user account could gain root... |
| CVE-2019-18310 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted... |
| CVE-2019-18311 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted... |
| CVE-2019-18312 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could be able to enumerate running RPC services. Please... |
| CVE-2019-18313 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could gain remote code execution by sending specifically crafted... |
| CVE-2019-18314 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could gain remote code execution... |
| CVE-2019-18315 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could gain remote code execution... |
| CVE-2019-18316 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could gain remote code execution... |
| CVE-2019-18317 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could cause a Denial-of-Service condition... |
| CVE-2019-18318 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server can cause a Denial-of-Service condition... |
| CVE-2019-18319 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could cause a Denial-of-Service condition... |
| CVE-2019-18320 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could be able to upload... |
| CVE-2019-18321 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could be able to read and write arbitrary files... |
| CVE-2019-18322 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could be able to read and write arbitrary files... |
| CVE-2019-18323 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could cause a Denial-of-Service condition and potentially gain remote... |
| CVE-2019-18324 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can cause a Denial-of-Service condition and potentially gain remote... |
| CVE-2019-18325 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can cause a Denial-of-Service condition and potentially gain remote... |
| CVE-2019-18326 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can cause a Denial-of-Service condition and potentially gain remote... |
| CVE-2019-18327 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can cause a Denial-of-Service condition and potentially gain remote... |
| CVE-2019-18328 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can cause a Denial-of-Service condition and potentially gain remote... |
| CVE-2019-18329 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can cause a Denial-of-Service condition and potentially gain remote... |
| CVE-2019-18330 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could cause a Denial-of-Service condition and potentially gain remote... |
| CVE-2019-18331 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could gain access to path... |
| CVE-2019-18332 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could gain access to directory... |
| CVE-2019-18333 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could gain access to filenames... |
| CVE-2019-18334 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could be able to enumerate... |
| CVE-2019-18335 | 2019-12-12 | A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could be able to gain... |
| CVE-2019-18337 | 2019-12-12 | A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center Server (CCS) contains an authentication bypass vulnerability in its XML-based communication protocol as... |
| CVE-2019-18338 | 2019-12-12 | A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center Server (CCS) contains a directory traversal vulnerability in its XML-based communication protocol as... |
| CVE-2019-18339 | 2019-12-12 | A vulnerability has been identified in SiNVR/SiVMS Video Server (All versions < V5.0.0). The HTTP service (default port 5401/tcp) of the SiVMS/SiNVR Video Server contains an authentication bypass vulnerability, even... |
| CVE-2019-18340 | 2019-12-12 | A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0), Control Center Server (CCS) (All versions >= V1.5.0), SiNVR/SiVMS Video Server (All versions < V5.0.0), SiNVR/SiVMS... |
| CVE-2019-18341 | 2019-12-12 | A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The SFTP service (default port 22/tcp) of the Control Center Server (CCS) contains an authentication bypass... |
| CVE-2019-18342 | 2019-12-12 | A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The SFTP service (default port 22/tcp) of the Control Center Server (CCS) does not properly limit... |
| CVE-2019-19768 | 2019-12-12 | In the Linux kernel 5.4.0-rc2, there is a use-after-free (read) in the __blk_add_trace function in kernel/trace/blktrace.c (which is used to fill out a blk_io_trace structure and place it in a... |
| CVE-2019-19770 | 2019-12-12 | In the Linux kernel 4.19.83, there is a use-after-free (read) in the debugfs_remove function in fs/debugfs/inode.c (which is used to remove a file or directory in debugfs that was previously... |
| CVE-2019-19769 | 2019-12-12 | In the Linux kernel 5.3.10, there is a use-after-free (read) in the perf_trace_lock_acquire function (related to include/trace/events/lock.h). |
| CVE-2019-19767 | 2019-12-12 | The Linux kernel before 5.4.2 mishandles ext4_expand_extra_isize, as demonstrated by use-after-free errors in __ext4_expand_extra_isize and ext4_xattr_set_entry, related to fs/ext4/inode.c and fs/ext4/super.c, aka CID-4ea99936a163. |
| CVE-2019-19771 | 2019-12-12 | The lodahs package 0.0.1 for Node.js is a Trojan horse, and may have been installed by persons who mistyped the lodash package name. In particular, the Trojan horse finds and... |
| CVE-2019-3951 | 2019-12-12 | Advantech WebAccess before 8.4.3 allows unauthenticated remote attackers to execute arbitrary code or cause a denial of service (memory corruption) due to a stack-based buffer overflow when handling IOCTL 70533... |
| CVE-2019-5144 | 2019-12-12 | An exploitable heap underflow vulnerability exists in the derive_taps_and_gains function in kdu_v7ar.dll of Kakadu Software SDK 7.10.2. A specially crafted jp2 file can cause a heap overflow, which can result... |
| CVE-2019-5061 | 2019-12-12 | An exploitable denial-of-service vulnerability exists in the hostapd 2.6, where an attacker could trigger AP to send IAPP location updates for stations, before the required authentication process has completed. This... |
| CVE-2019-5062 | 2019-12-12 | An exploitable denial-of-service vulnerability exists in the 802.11w security state handling for hostapd 2.6 connected clients with valid 802.11w sessions. By simulating an incomplete new association, an attacker can trigger... |
| CVE-2018-11805 | 2019-12-12 | In Apache SpamAssassin before 3.4.3, nefarious CF files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of... |
| CVE-2019-12420 | 2019-12-12 | In Apache SpamAssassin before 3.4.3, a message can be crafted in a way to use excessive resources. Upgrading to SA 3.4.3 as soon as possible is the recommended fix but... |
| CVE-2019-16774 | 2019-12-12 | Object injection in cookie driver |
| CVE-2019-16775 | 2019-12-13 | Unauthorized File Access in npm CLI before before version 6.13.3 |
| CVE-2019-16776 | 2019-12-13 | Unauthorized File Access in npm CLI before before version 6.13.3 |
| CVE-2019-16777 | 2019-12-13 | Arbitrary File Overwrite in npm CLI |
| CVE-2019-19777 | 2019-12-13 | stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has a heap-based buffer over-read in stbi__load_main. |
| CVE-2019-19778 | 2019-12-13 | An issue was discovered in libsixel 1.8.2. There is a heap-based buffer over-read in the function load_sixel at loader.c. |
| CVE-2019-19782 | 2019-12-13 | The FTP client in AceaXe Plus 1.0 allows a buffer overflow via a long EHLO response from an FTP server. |
| CVE-2019-13347 | 2019-12-13 | An issue was discovered in the SAML Single Sign On (SSO) plugin for several Atlassian products affecting versions 3.1.0 through 3.2.2 for Jira and Confluence, versions 2.4.0 through 3.0.3 for... |
| CVE-2019-18801 | 2019-12-13 | An issue was discovered in Envoy 1.12.0. An untrusted remote client may send HTTP/2 requests that write to the heap outside of the request buffers when the upstream is HTTP/1.... |
| CVE-2019-18802 | 2019-12-13 | An issue was discovered in Envoy 1.12.0. An untrusted remote client may send an HTTP header (such as Host) with whitespace after the header content. Envoy will treat "header-value "... |
| CVE-2019-18838 | 2019-12-13 | An issue was discovered in Envoy 1.12.0. Upon receipt of a malformed HTTP request without a Host header, it sends an internally generated "Invalid request" response. This internally generated response... |
| CVE-2019-19501 | 2019-12-13 | VeraCrypt 1.24 allows Local Privilege Escalation during execution of VeraCryptExpander.exe. |
| CVE-2014-0175 | 2019-12-13 | mcollective has a default password set at install |
| CVE-2014-0197 | 2019-12-13 | CFME: CSRF protection vulnerability via permissive check of the referrer header |
| CVE-2014-0212 | 2019-12-13 | qpid-cpp: ACL policies only loaded if the acl-file option specified enabling DoS by consuming all available file descriptors |
| CVE-2014-0241 | 2019-12-13 | rubygem-hammer_cli_foreman: File /etc/hammer/cli.modules.d/foreman.yml world readable |
| CVE-2014-1867 | 2019-12-13 | suPHP before 0.7.2 source-highlighting feature allows security bypass which could lead to arbitrary code execution |
| CVE-2014-2387 | 2019-12-13 | Pen 0.18.0 has Insecure Temporary File Creation vulnerabilities |
| CVE-2014-3495 | 2019-12-13 | duplicity 0.6.24 has improper verification of SSL certificates |
| CVE-2019-17599 | 2019-12-13 | The quiz-master-next (aka Quiz And Survey Master) plugin before 6.3.5 for WordPress is affected by: Cross Site Scripting (XSS). The impact is: Allows an attacker to execute arbitrary HTML and... |
| CVE-2019-19397 | 2019-12-13 | There is a weak algorithm vulnerability in some Huawei products. The affected products use weak algorithms by default. Attackers may exploit the vulnerability to cause information leaks. |
| CVE-2019-5250 | 2019-12-13 | Mate 20 Pro smartphones with versions earlier than 9.1.0.135(C00E133R3P1) have an improper authorization vulnerability. The software does not properly restrict certain operation of certain privilege, the attacker could trick the... |
| CVE-2019-5251 | 2019-12-13 | There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing... |
| CVE-2019-5291 | 2019-12-13 | Some Huawei products have an insufficient verification of data authenticity vulnerability. A remote, unauthenticated attacker has to intercept specific packets between two devices, modify the packets, and send the modified... |
| CVE-2019-5248 | 2019-12-13 | CloudEngine 12800 has a DoS vulnerability. An attacker of a neighboring device sends a large number of specific packets. As a result, a memory leak occurs after the device uses... |
| CVE-2019-5290 | 2019-12-13 | Huawei S5700 and S6700 have a DoS security vulnerability. Attackers with certain permissions perform specific operations on affected devices. Because the pointer in the program is not processed properly, the... |