jell.ie CVEs

Read at: 2019-11-17T16:21:21+00:00

CVE-2019-19010

Eval injection in the Math plugin of Limnoria (before 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands.

Source: National Vulnerability Database | 16 Nov 2019 | 1:15 am GMT

CVE-2019-16761

A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the slp-validate@1.0.0 npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. All versions >1.0.0 have been patched.

Source: National Vulnerability Database | 15 Nov 2019 | 11:15 pm GMT

CVE-2019-16762

A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the slpjs npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. Affected users can upgrade to any version >= 0.21.4.

Source: National Vulnerability Database | 15 Nov 2019 | 11:15 pm GMT

CVE-2019-6661

When the BIG-IP APM 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.4.1, or 11.5.1-11.6.5 system processes certain requests, the APD/APMD daemon may consume excessive resources.

Source: National Vulnerability Database | 15 Nov 2019 | 9:15 pm GMT

CVE-2019-6660

On BIG-IP 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.1, undisclosed HTTP requests may consume excessive amounts of systems resources which may lead to a denial of service.

Source: National Vulnerability Database | 15 Nov 2019 | 9:15 pm GMT

CVE-2019-13582

An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A stack overflow could lead to denial of service or arbitrary code execution.

Source: National Vulnerability Database | 15 Nov 2019 | 9:15 pm GMT

CVE-2019-13581

An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A heap-based buffer overflow allows remote attackers to cause a denial of service or execute arbitrary code via malformed Wi-Fi packets.

Source: National Vulnerability Database | 15 Nov 2019 | 9:15 pm GMT

CVE-2019-6664

On BIG-IP 15.0.0 and 14.1.0-14.1.0.6, under certain conditions, network protections on the management port do not follow current best practices.

Source: National Vulnerability Database | 15 Nov 2019 | 9:15 pm GMT

CVE-2019-6663

The BIG-IP 15.0.0-15.0.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5.1, BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1 configuration utility is vulnerable to Anti DNS Pinning (DNS Rebinding) attack.

Source: National Vulnerability Database | 15 Nov 2019 | 9:15 pm GMT

CVE-2019-6659

On version 14.0.0-14.1.0.1, BIG-IP virtual servers with TLSv1.3 enabled may experience a denial of service due to undisclosed incoming messages.

Source: National Vulnerability Database | 15 Nov 2019 | 9:15 pm GMT

CVE-2019-6662

On BIG-IP 13.1.0-13.1.1.4, sensitive information is logged into the local log files and/or remote logging targets when restjavad processes an invalid request. Users with access to the log files would be able to view that data.

Source: National Vulnerability Database | 15 Nov 2019 | 9:15 pm GMT

CVE-2019-12758

Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual to execute code without a resident proper digital signature.

Source: National Vulnerability Database | 15 Nov 2019 | 6:15 pm GMT

CVE-2019-18372

Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.

Source: National Vulnerability Database | 15 Nov 2019 | 6:15 pm GMT

CVE-2011-2916

qtnx 0.9 stores non-custom SSH keys in a world-readable configuration file. If a user has a world-readable or world-executable home directory, another local system user could obtain the private key used to connect to remote NX sessions.

Source: National Vulnerability Database | 15 Nov 2019 | 6:15 pm GMT

CVE-2019-12759

Symantec Endpoint Protection Manager (SEPM) and Symantec Mail Security for MS Exchange (SMSMSE), prior to versions 14.2 RU2 and 7.5.x respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.

Source: National Vulnerability Database | 15 Nov 2019 | 6:15 pm GMT

CVE-2019-12757

Symantec Endpoint Protection (SEP), prior to 14.2 RU2 & 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to 12.1 RU6 MP10d (12.1.7510.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.

Source: National Vulnerability Database | 15 Nov 2019 | 6:15 pm GMT

CVE-2018-18368

Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU1, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.

Source: National Vulnerability Database | 15 Nov 2019 | 5:15 pm GMT

CVE-2019-12756

Symantec Endpoint Protection (SEP), prior to 14.2 RU2 may be susceptible to a password protection bypass vulnerability whereby the secondary layer of password protection could by bypassed for individuals with local administrator rights.

Source: National Vulnerability Database | 15 Nov 2019 | 5:15 pm GMT

CVE-2011-2910

The AX.25 daemon (ax25d) in ax25-tools before 0.0.8-13 does not check the return value of a setuid call. The setuid call is responsible for dropping privileges but if the call fails the daemon would continue to run with root privileges which can allow possible privilege escalation.

Source: National Vulnerability Database | 15 Nov 2019 | 5:15 pm GMT

CVE-2011-2726

An access bypass issue was found in Drupal 7.x before version 7.5. If a Drupal site has the ability to attach File upload fields to any entity type in the system or has the ability to point individual File upload fields to the private file directory in comments, and the parent node is denied access, non-privileged users can still download the file attached to the comment if they know or guess its direct URL.

Source: National Vulnerability Database | 15 Nov 2019 | 5:15 pm GMT

CVE-2011-0703

In gksu-polkit before 0.0.3, the source file for xauth may contain arbitrary commands that may allow an attacker to overtake an administrator X11 session.

Source: National Vulnerability Database | 15 Nov 2019 | 5:15 pm GMT

CVE-2016-5285

Null pointer dereference vulnerability exists in K11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime in NSS before 3.26, which causes the TLS/SSL server using NSS to crash.

Source: National Vulnerability Database | 15 Nov 2019 | 4:15 pm GMT

CVE-2009-5047

Jetty 6.x before 6.1.22 suffers from an escape sequence injection vulnerability from two different vectors: 1) "Cookie Dump Servlet" and 2) Http Content-Length header. 1) A POST request to the form at "/test/cookie/" with the "Age" parameter set to a string throws a "java.lang.NumberFormatException" which reflects binary characters including ESC. These characters could be used to execute arbitrary commands or buffer dumps in the terminal. 2) The same attack in 1) can be exploited by requesting a page using an HTTP request "Content-Length" header set to a letteral string.

Source: National Vulnerability Database | 15 Nov 2019 | 4:15 pm GMT

CVE-2014-0023

OpenShift: Install script has temporary file creation vulnerability which can result in arbitrary code execution

Source: National Vulnerability Database | 15 Nov 2019 | 3:15 pm GMT

CVE-2013-7087

ClamAV before 0.97.7 has WWPack corrupt heap memory

Source: National Vulnerability Database | 15 Nov 2019 | 3:15 pm GMT

CVE-2013-7088

ClamAV before 0.97.7 has buffer overflow in the libclamav component

Source: National Vulnerability Database | 15 Nov 2019 | 3:15 pm GMT

CVE-2013-7089

ClamAV before 0.97.7: dbg_printhex possible information leak

Source: National Vulnerability Database | 15 Nov 2019 | 3:15 pm GMT

CVE-2013-4584

Perdition before 2.2 may have weak security when handling outbound connections, caused by an error in the STARTTLS IMAP and POP server. ssl_outgoing_ciphers not being applied to STARTTLS connections

Source: National Vulnerability Database | 15 Nov 2019 | 3:15 pm GMT

CVE-2014-0021

Chrony before 1.29.1 has traffic amplification in cmdmon protocol

Source: National Vulnerability Database | 15 Nov 2019 | 3:15 pm GMT

CVE-2019-14345

TemaTres 3.0 allows remote unprivileged users to create an administrator account

Source: National Vulnerability Database | 15 Nov 2019 | 2:15 pm GMT

CVE-2019-14343

TemaTres 3.0 has stored XSS via the value parameter to the vocab/admin.php?vocabulario_id=list URI.

Source: National Vulnerability Database | 15 Nov 2019 | 1:15 pm GMT

CVE-2019-14869

A flaw was found in all versions of ghostscript 9.x before 9.28, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges within the Ghostscript and access files outside of restricted areas or execute commands.

Source: National Vulnerability Database | 15 Nov 2019 | 12:15 pm GMT

CVE-2019-18987

An issue was discovered in the AbuseFilter extension through 1.34 for MediaWiki. Once a specific abuse filter has (accidentally or otherwise) been made public, its previous versions can be exposed, thus potentially disclosing private or sensitive information within the filter's definition.

Source: National Vulnerability Database | 15 Nov 2019 | 6:15 am GMT

CVE-2019-18986

Pimcore before 6.2.2 allow attackers to brute-force (guess) valid usernames by using the 'forgot password' functionality as it returns distinct messages for invalid password and non-existing users.

Source: National Vulnerability Database | 15 Nov 2019 | 5:15 am GMT

CVE-2019-18985

Pimcore before 6.2.2 lacks brute force protection for the 2FA token.

Source: National Vulnerability Database | 15 Nov 2019 | 5:15 am GMT

CVE-2019-18981

Pimcore before 6.2.2 lacks an Access Denied outcome for a certain scenario of an incorrect recipient ID of a notification.

Source: National Vulnerability Database | 15 Nov 2019 | 5:15 am GMT

CVE-2019-18982

bundles/AdminBundle/Controller/Admin/EmailController.php in Pimcore before 6.3.0 allows script execution in the Email Log preview window because of the lack of a Content-Security-Policy header.

Source: National Vulnerability Database | 15 Nov 2019 | 5:15 am GMT

CVE-2019-18928

Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived over the same connection.

Source: National Vulnerability Database | 15 Nov 2019 | 4:15 am GMT

CVE-2019-11931

A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS or RCE. This affects Android versions prior to 2.19.274, iOS versions prior to 2.19.100, Enterprise Client versions prior to 2.25.3, Business for Android versions prior to 2.19.104 and Business for iOS versions prior to 2.19.100.

Source: National Vulnerability Database | 14 Nov 2019 | 11:15 pm GMT

CVE-2019-18980

On Signify Philips Taolight Smart Wi-Fi Wiz Connected LED Bulb 9290022656 devices, an unprotected API lets remote users control the bulb's operation. Anyone can turn the bulb on or off, or change its color or brightness remotely. There is no authentication or encryption to use the control API. The only requirement is that the attacker have network access to the bulb.

Source: National Vulnerability Database | 14 Nov 2019 | 10:15 pm GMT

CVE-2019-18651

A cross-site request forgery (CSRF) vulnerability in 3xLogic Infinias Access Control through 6.6.9586.0 allows remote attackers to execute malicious and unauthorized actions (e.g., delete application users) by sending a crafted HTML document to a user that the website trusts. The user needs to have an active privileged session.

Source: National Vulnerability Database | 14 Nov 2019 | 9:15 pm GMT

CVE-2019-18978

An issue was discovered in the rack-cors (aka Rack CORS Middleware) gem before 1.0.4 for Ruby. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format.

Source: National Vulnerability Database | 14 Nov 2019 | 9:15 pm GMT

CVE-2019-17391

An issue was discovered in the Espressif ESP32 mask ROM code 2016-06-08 0 through 2. Lack of anti-glitch mitigations in the first stage bootloader of the ESP32 chip allows an attacker (with physical access to the device) to read the contents of read-protected eFuses, such as flash encryption and secure boot keys, by injecting a glitch into the power supply of the chip shortly after reset.

Source: National Vulnerability Database | 14 Nov 2019 | 9:15 pm GMT

CVE-2019-15800

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. Due to lack of input validation in the cmd_sys_traceroute_exec(), cmd_sys_arp_clear(), and cmd_sys_ping_exec() functions in the libclicmd.so library contained in the firmware, an attacker could leverage these functions to call system() and execute arbitrary commands on the switches. (Note that these functions are currently not called in this version of the firmware, however an attacker could use other vulnerabilities to finally use these vulnerabilities to gain code execution.)

Source: National Vulnerability Database | 14 Nov 2019 | 9:15 pm GMT

CVE-2019-15804

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. By sending a signal to the CLI process, undocumented functionality is triggered. Specifically, a menu can be triggered by sending the SIGQUIT signal to the CLI application (e.g., through CTRL+\ via SSH). The access control check for this menu does work and prohibits accessing the menu, which contains "Password recovery for specific user" options. The menu is believed to be accessible using a serial console.

Source: National Vulnerability Database | 14 Nov 2019 | 9:15 pm GMT

CVE-2019-15801

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. The firmware image contains encrypted passwords that are used to authenticate users wishing to access a diagnostics or password-recovery menu. Using the hardcoded cryptographic key found elsewhere in the firmware, these passwords can be decrypted. This is related to fds_sys_passDebugPasswd_ret() and fds_sys_passRecoveryPasswd_ret() in libfds.so.0.0.

Source: National Vulnerability Database | 14 Nov 2019 | 9:15 pm GMT

CVE-2019-14678

SAS XML Mapper 9.45 has an XML External Entity (XXE) vulnerability that can be leveraged by malicious attackers in multiple ways. Examples are Local File Reading, Out Of Band File Exfiltration, Server Side Request Forgery, and/or Potential Denial of Service attacks. This vulnerability also affects the XMLV2 LIBNAME engine when the AUTOMAP option is used.

Source: National Vulnerability Database | 14 Nov 2019 | 9:15 pm GMT

CVE-2019-15803

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. Through an undocumented sequence of keypresses, undocumented functionality is triggered. A diagnostics shell is triggered via CTRL-ALT-t, which prompts for the password returned by fds_sys_passDebugPasswd_ret(). The firmware contains access control checks that determine if remote users are allowed to access this functionality. The function that performs this check (fds_sys_remoteDebugEnable_ret in libfds.so) always return TRUE with no actual checks performed. The diagnostics menu allows for reading/writing arbitrary registers and various other configuration parameters which are believed to be related to the network interface chips.

Source: National Vulnerability Database | 14 Nov 2019 | 9:15 pm GMT

CVE-2019-15802

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. The firmware hashes and encrypts passwords using a hardcoded cryptographic key in sal_util_str_encrypt() in libsal.so.0.0. The parameters (salt, IV, and key data) are used to encrypt and decrypt all passwords using AES256 in CBC mode. With the parameters known, all previously encrypted passwords can be decrypted. This includes the passwords that are part of configuration backups or otherwise embedded as part of the firmware.

Source: National Vulnerability Database | 14 Nov 2019 | 9:15 pm GMT

CVE-2019-15799

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. User accounts created through the web interface of the device, when given non-admin level privileges, have the same level of privileged access as administrators when connecting to the device via SSH (while their permissions via the web interface are in fact restricted). This allows normal users to obtain the administrative password by running the tech-support command via the CLI: this contains the encrypted passwords for all users on the device. As these passwords are encrypted using well-known and static parameters, they can be decrypted and the original passwords (including the administrator password) can be obtained.

Source: National Vulnerability Database | 14 Nov 2019 | 9:15 pm GMT

CVE-2019-0151

Insufficient memory protection in Intel(R) TXT for certain Intel(R) Core Processors and Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Source: National Vulnerability Database | 14 Nov 2019 | 8:15 pm GMT

CVE-2018-12207

Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.

Source: National Vulnerability Database | 14 Nov 2019 | 8:15 pm GMT

CVE-2019-11113

Buffer overflow in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6618 (DCH) or 21.20.x.5077 (aka15.45.5077) may allow a privileged user to potentially enable information disclosure via local access.

Source: National Vulnerability Database | 14 Nov 2019 | 8:15 pm GMT

CVE-2019-0152

Insufficient memory protection in System Management Mode (SMM) and Intel(R) TXT for certain Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Source: National Vulnerability Database | 14 Nov 2019 | 8:15 pm GMT

CVE-2019-11089

Insufficient input validation in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6519 may allow an authenticated user to potentially enable denial of service via local access.

Source: National Vulnerability Database | 14 Nov 2019 | 8:15 pm GMT

CVE-2019-11111

Pointer corruption in the Unified Shader Compiler in Intel(R) Graphics Drivers before 10.18.14.5074 (aka 15.36.x.5074) may allow an authenticated user to potentially enable escalation of privilege via local access.

Source: National Vulnerability Database | 14 Nov 2019 | 8:15 pm GMT

CVE-2019-0184

Insufficient access control in protected memory subsystem for Intel(R) TXT for 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 Families; Intel(R) Xeon(R) E-2100 and E-2200 Processor Families with Intel(R) Processor Graphics and Intel(R) TXT may allow a privileged user to potentially enable information disclosure via local access.

Source: National Vulnerability Database | 14 Nov 2019 | 8:15 pm GMT

CVE-2019-0117

Insufficient access control in protected memory subsystem for Intel(R) SGX for 6th, 7th, 8th, 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Xeon(R) Processor E3-1500 v5, v6 Families; Intel(R) Xeon(R) E-2100 & E-2200 Processor Families with Intel(R) Processor Graphics may allow a privileged user to potentially enable information disclosure via local access.

Source: National Vulnerability Database | 14 Nov 2019 | 8:15 pm GMT

CVE-2019-14590

Improper access control in the API for the Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable information disclosure via local access.

Source: National Vulnerability Database | 14 Nov 2019 | 8:15 pm GMT

CVE-2019-0124

Insufficient memory protection in Intel(R) 6th Generation Core Processors and greater, supporting TXT, may allow a privileged user to potentially enable escalation of privilege via local access.

Source: National Vulnerability Database | 14 Nov 2019 | 8:15 pm GMT

CVE-2019-0123

Insufficient memory protection in Intel(R) 6th Generation Core Processors and greater, supporting SGX, may allow a privileged user to potentially enable escalation of privilege via local access.

Source: National Vulnerability Database | 14 Nov 2019 | 8:15 pm GMT

CVE-2019-14591

Improper input validation in the API for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access.

Source: National Vulnerability Database | 14 Nov 2019 | 8:15 pm GMT

CVE-2013-4108

Multiple unspecified vulnerabilities in Cryptocat Project Cryptocat 2.0.18 have unknown impact and attack vectors.

Source: National Vulnerability Database | 14 Nov 2019 | 8:15 pm GMT

CVE-2019-14574

Out of bounds read in a subsystem for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access.

Source: National Vulnerability Database | 14 Nov 2019 | 8:15 pm GMT

CVE-2013-4106

A Cross-site scripting (XSS) vulnerability exists in Conversation Overview Nickname in Cryptocat before 2.0.22.

Source: National Vulnerability Database | 14 Nov 2019 | 8:15 pm GMT

CVE-2019-18939

eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the HM-Print AddOn through 1.2a installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the exec.cgi and exec1.cgi scripts, which execute TCL script content from an HTTP POST request.

Source: National Vulnerability Database | 14 Nov 2019 | 7:15 pm GMT

CVE-2019-11135

TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.

Source: National Vulnerability Database | 14 Nov 2019 | 7:15 pm GMT

CVE-2019-11112

Memory corruption in Kernel Mode Driver in Intel(R) Graphics Driver before 26.20.100.6813 (DCH) or 26.20.100.6812 may allow an authenticated user to potentially enable escalation of privilege via local access.

Source: National Vulnerability Database | 14 Nov 2019 | 7:15 pm GMT

CVE-2019-11139

Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access.

Source: National Vulnerability Database | 14 Nov 2019 | 7:15 pm GMT

CVE-2019-18937

eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the Script Parser AddOn through 1.8 installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the exec.cgi script, which executes TCL script content from an HTTP POST request.

Source: National Vulnerability Database | 14 Nov 2019 | 7:15 pm GMT

CVE-2019-18938

eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the E-Mail AddOn through 1.6.8.c installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the save.cgi script for payload upload and the testtcl.cgi script for its execution.

Source: National Vulnerability Database | 14 Nov 2019 | 7:15 pm GMT

CVE-2019-0146

Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 2.8.43 may allow an authenticated user to potentially enable a denial of service via local access.

Source: National Vulnerability Database | 14 Nov 2019 | 7:15 pm GMT

CVE-2019-0143

Unhandled exception in Kernel-mode drivers for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access.

Source: National Vulnerability Database | 14 Nov 2019 | 7:15 pm GMT

CVE-2019-0148

Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access.

Source: National Vulnerability Database | 14 Nov 2019 | 7:15 pm GMT

CVE-2019-0150

Insufficient access control in firmware Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow a privileged user to potentially enable a denial of service via local access.

Source: National Vulnerability Database | 14 Nov 2019 | 7:15 pm GMT

CVE-2019-0185

Insufficient access control in protected memory subsystem for SMM for 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor families; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 families; Intel(R) Xeon(R) E-2100 and E-2200 Processor families with Intel(R) Processor Graphics may allow a privileged user to potentially enable information disclosure via local access.

Source: National Vulnerability Database | 14 Nov 2019 | 7:15 pm GMT

CVE-2019-0149

Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 2.8.43 may allow an authenticated user to potentially enable a denial of service via local access.

Source: National Vulnerability Database | 14 Nov 2019 | 7:15 pm GMT

CVE-2019-0147

Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access.

Source: National Vulnerability Database | 14 Nov 2019 | 7:15 pm GMT

CVE-2019-0145

Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable an escalation of privilege via local access.

Source: National Vulnerability Database | 14 Nov 2019 | 7:15 pm GMT

CVE-2019-0144

Unhandled exception in firmware for Intel(R) Ethernet 700 Series Controllers before version 7.0 may allow an authenticated user to potentially enable a denial of service via local access.

Source: National Vulnerability Database | 14 Nov 2019 | 7:15 pm GMT

CVE-2019-0155

Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families; Intel(R) Graphics Driver for Windows before 26.20.100.6813 (DCH) or 26.20.100.6812 and before 21.20.x.5077 (aka15.45.5077), i915 Linux Driver for Intel(R) Processor Graphics before versions 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 may allow an authenticated user to potentially enable escalation of privilege via local access.

Source: National Vulnerability Database | 14 Nov 2019 | 7:15 pm GMT

CVE-2019-0154

Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 and E-2100 Processor Families may allow an authenticated user to potentially enable denial of service via local access.

Source: National Vulnerability Database | 14 Nov 2019 | 7:15 pm GMT

CVE-2013-4109

An unspecified cross-site scripting (XSS) vulnerability exists in Cryptocat Message Handling 1.1.165.

Source: National Vulnerability Database | 14 Nov 2019 | 7:15 pm GMT

CVE-2013-3072

An Authentication Bypass vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34 in http://<router_ip>/apply.cgi?/hdd_usr_setup.htm that when visited by any user, authenticated or not, causes the router to no longer require a password to access the web administration portal.

Source: National Vulnerability Database | 14 Nov 2019 | 7:15 pm GMT

CVE-2019-0142

Insufficient access control in ilp60x64.sys driver for Intel(R) Ethernet 700 Series Controllers before version 1.33.0.0 may allow a privileged user to potentially enable escalation of privilege via local access.

Source: National Vulnerability Database | 14 Nov 2019 | 7:15 pm GMT

CVE-2019-0139

Insufficient access control in firmware for Intel(R) Ethernet 700 Series Controllers before version 7.0 may allow a privileged user to potentially enable an escalation of privilege, denial of service, or information disclosure via local access.

Source: National Vulnerability Database | 14 Nov 2019 | 7:15 pm GMT

CVE-2013-3070

An Information Disclosure vulnerability exists in Netgear WNDR4700 running firmware 1.0.0.34 in the management web interface, which discloses the PSK of the wireless LAN.

Source: National Vulnerability Database | 14 Nov 2019 | 7:15 pm GMT

CVE-2019-0140

Buffer overflow in firmware for Intel(R) Ethernet 700 Series Controllers before version 7.0 may allow an unauthenticated user to potentially enable an escalation of privilege via an adjacent access.

Source: National Vulnerability Database | 14 Nov 2019 | 7:15 pm GMT

CVE-2013-3073

A Symlink Traversal vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34.

Source: National Vulnerability Database | 14 Nov 2019 | 6:15 pm GMT

CVE-2019-15469

The Xiaomi Mi Pad 4 Android device with a build fingerprint of Xiaomi/clover/clover:8.1.0/OPM1.171019.019/V9.6.26.0.ODJCNFD:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app (versionCode=27, versionName=8.1.0) that allows other pre-installed apps to perform microphone audio recording via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that export their capabilities to other pre-installed app. This app allows a third-party app to use its open interface to record telephone calls to external storage.

Source: National Vulnerability Database | 14 Nov 2019 | 5:15 pm GMT

CVE-2019-16110

The network protocol of Blade Shadow though 2.13.3 allows remote attackers to take control of a Shadow instance and execute arbitrary code by only knowing the victim's IP address, because packet data can be injected into the unencrypted UDP packet stream.

Source: National Vulnerability Database | 14 Nov 2019 | 5:15 pm GMT

CVE-2019-15468

The Xiaomi Mi A2 Lite Android device with a build fingerprint of xiaomi/daisy/daisy_sprout:9/PKQ1.180917.001/V10.0.3.0.PDLMIXM:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app (versionCode=1, versionName=QL1715_201812071953) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device.

Source: National Vulnerability Database | 14 Nov 2019 | 5:15 pm GMT

CVE-2019-15474

The Xiaomi Cepheus Android device with a build fingerprint of Xiaomi/cepheus/cepheus:9/PKQ1.181121.001/V10.2.6.0.PFAMIXM:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app (versionCode=28, versionName=9) that allows unauthorized microphone audio recording via a confused deputy attack. This capability can be accessed by any app co-located on the device. This app allows a third-party app to use its open interface to record telephone calls to external storage.

Source: National Vulnerability Database | 14 Nov 2019 | 5:15 pm GMT

CVE-2019-15472

The Xiaomi Mi A2 Lite Android device with a build fingerprint of xiaomi/daisy/daisy_sprout:9/PKQ1.180917.001/V10.0.3.0.PDLMIXM:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app (versionCode=28, versionName=9) that allows unauthorized microphone audio recording via a confused deputy attack. This capability can be accessed by any app co-located on the device. This app allows a third-party app to use its open interface to record telephone calls to external storage.

Source: National Vulnerability Database | 14 Nov 2019 | 5:15 pm GMT

CVE-2019-15466

The Xiaomi Redmi 6 Pro Android device with a build fingerprint of xiaomi/sakura_india/sakura_india:8.1.0/OPM1.171019.019/V10.2.6.0.ODMMIXM:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app (versionCode=1, versionName=QL1715_201812191721) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device.

Source: National Vulnerability Database | 14 Nov 2019 | 5:15 pm GMT

CVE-2019-15465

The Samsung J7 Pro Android device with a build fingerprint of samsung/j7y17lteubm/j7y17lte:8.1.0/M1AJQ/J730GMUBS6BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

Source: National Vulnerability Database | 14 Nov 2019 | 5:15 pm GMT

CVE-2019-15464

The Samsung J7 Pro Android device with a build fingerprint of samsung/j7y17lteub/j7y17lte:8.1.0/M1AJQ/J730GUBS6BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.

Source: National Vulnerability Database | 14 Nov 2019 | 5:15 pm GMT

CVE-2019-15475

The Xiaomi Mi A3 Android device with a build fingerprint of xiaomi/onc_eea/onc:9/PKQ1.181021.001/V10.2.8.0.PFLEUXM:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app (versionCode=28, versionName=9) that allows unauthorized microphone audio recording via a confused deputy attack. This capability can be accessed by any app co-located on the device. This app allows a third-party app to use its open interface to record telephone calls to external storage.

Source: National Vulnerability Database | 14 Nov 2019 | 5:15 pm GMT

CVE-2019-15744

The Sony Xperia Xperia XZs Android device with a build fingerprint of Sony/keyaki_softbank/keyaki_softbank:7.1.1/TONE3-3.0.0-SOFTBANK-170517-0323/1:user/dev-keys contains a pre-installed app with a package name of jp.softbank.mb.tdrl app (versionCode=1413005, versionName=1.3.0) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device.

Source: National Vulnerability Database | 14 Nov 2019 | 5:15 pm GMT

CVE-2019-15743

The Sony Xperia Touch Android device with a build fingerprint of Sony/blanc_windy/blanc_windy:7.0/LOIRE-SMART-BLANC-1.0.0-170530-0834/1:user/dev-keys contains a pre-installed app with a package name of com.sonymobile.android.maintenancetool.testmic app (versionCode=24, versionName=7.0) that allows unauthorized microphone audio recording via a confused deputy attack. This capability can be accessed by any app co-located on the device. This app allows a third-party app to use its open interface to record audio to external storage.

Source: National Vulnerability Database | 14 Nov 2019 | 5:15 pm GMT

count: 100