jell.ie CVEs

Read at: 2019-07-22T09:39:52+01:00

CVE-2019-14230

An issue was discovered in the Viral Quiz Maker - OnionBuzz plugin before 1.2.7 for WordPress. One could exploit the id parameter in the set_count ajax nopriv handler due to there being no sanitization prior to use in a SQL query in saveQuestionVote. This allows an unauthenticated/unprivileged user to perform a SQL injection attack capable of remote code execution and information disclosure.

Source: National Vulnerability Database | 22 Jul 2019 | 12:15 am IST

CVE-2019-14231

An issue was discovered in the Viral Quiz Maker - OnionBuzz plugin before 1.2.2 for WordPress. One could exploit the points parameter in the ob_get_results ajax nopriv handler due to there being no sanitization prior to use in a SQL query in getResultByPointsTrivia. This allows an unauthenticated/unprivileged user to perform a SQL injection attack capable of remote code execution and information disclosure.

Source: National Vulnerability Database | 22 Jul 2019 | 12:15 am IST

CVE-2019-14210

An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to Memory Corruption due to the use of an invalid pointer copy, resulting from a destructed string object.

Source: National Vulnerability Database | 21 Jul 2019 | 8:15 pm IST

CVE-2019-14211

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash due to the lack of proper validation of the existence of an object prior to performing operations on that object when executing JavaScript.

Source: National Vulnerability Database | 21 Jul 2019 | 8:15 pm IST

CVE-2019-14213

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash due to the repeated release of the signature dictionary during CSG_SignatureF and CPDF_Document destruction.

Source: National Vulnerability Database | 21 Jul 2019 | 8:15 pm IST

CVE-2019-14212

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling certain XFA JavaScript due to the use of, or access to, a NULL pointer without proper validation on the object.

Source: National Vulnerability Database | 21 Jul 2019 | 8:15 pm IST

CVE-2019-14214

An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to a JavaScript Denial of Service when deleting pages in a document that contains only one page by calling a "t.hidden = true" function.

Source: National Vulnerability Database | 21 Jul 2019 | 8:15 pm IST

CVE-2019-14215

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling xfa.event.rest XFA JavaScript due to accessing a wild pointer.

Source: National Vulnerability Database | 21 Jul 2019 | 8:15 pm IST

CVE-2019-14209

An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to Heap Corruption due to data desynchrony when adding AcroForm.

Source: National Vulnerability Database | 21 Jul 2019 | 8:15 pm IST

CVE-2019-14208

An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to a NULL pointer dereference and crash when getting a PDF object from a document, or parsing a certain portfolio that contains a null dictionary.

Source: National Vulnerability Database | 21 Jul 2019 | 8:15 pm IST

CVE-2019-14207

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling the clone function due to an endless loop resulting from confusing relationships between a child and parent object (caused by an append error).

Source: National Vulnerability Database | 21 Jul 2019 | 8:15 pm IST

CVE-2019-14206

An Arbitrary File Deletion vulnerability in the Nevma Adaptive Images plugin before 0.6.67 for WordPress allows remote attackers to delete arbitrary files via the $REQUEST['adaptive-images-settings'] parameter in adaptive-images-script.php.

Source: National Vulnerability Database | 21 Jul 2019 | 7:15 pm IST

CVE-2019-14205

A Local File Inclusion vulnerability in the Nevma Adaptive Images plugin before 0.6.67 for WordPress allows remote attackers to retrieve arbitrary files via the $REQUEST['adaptive-images-settings']['source_file'] parameter in adaptive-images-script.php.

Source: National Vulnerability Database | 21 Jul 2019 | 7:15 pm IST

CVE-2002-0390

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-0639. Reason: This candidate is a reservation duplicate of CVE-2002-0639. Notes: All CVE users should reference CVE-2002-0639 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

Source: National Vulnerability Database | 21 Jul 2019 | 4:15 pm IST

CVE-2019-9229

An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions F7.20A to F7.20A.251. An internal interface exposed to the link-local address 169.254.254.253 allows attackers in the local network to access multiple quagga VTYs. Attackers can authenticate with the default 1234 password that cannot be changed, and can execute malicious and unauthorized actions.

Source: National Vulnerability Database | 20 Jul 2019 | 1:15 am IST

CVE-2019-12934

An issue was discovered in the wp-code-highlightjs plugin through 0.6.2 for WordPress. wp-admin/options-general.php?page=wp-code-highlight-js allows CSRF, as demonstrated by an XSS payload in the hljs_additional_css parameter.

Source: National Vulnerability Database | 20 Jul 2019 | 1:15 am IST

CVE-2018-17210

An issue was discovered in PrinterOn Central Print Services (CPS) through 4.1.4. The core components that create and launch a print job do not perform complete verification of the session cookie that is supplied to them. As a result, an attacker with guest/pseudo-guest level permissions can bypass the session checks (that would otherwise logout a low-privileged user) by calling the core print job components directly via crafted HTTP GET and POST requests.

Source: National Vulnerability Database | 20 Jul 2019 | 1:15 am IST

CVE-2019-13569

A SQL injection vulnerability exists in the Icegram Email Subscribers & Newsletters plugin through 4.1.7 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system.

Source: National Vulnerability Database | 20 Jul 2019 | 12:15 am IST

CVE-2019-9228

** DISPUTED ** An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions F7.20A at least to 7.20A.252.062. The (1) management SSH and (2) management TELNET features allow remote attackers to cause a denial of service (connection slot exhaustion) via 5 unauthenticated connection attempts, because the maximum number of unauthenticated clients that can be configured is 5. NOTE: the vendor's position is that this is a "design choice."

Source: National Vulnerability Database | 20 Jul 2019 | 12:15 am IST

CVE-2019-12815

An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.

Source: National Vulnerability Database | 20 Jul 2019 | 12:15 am IST

CVE-2019-12725

Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web application mishandles a few HTTP parameters. An unauthenticated attacker can exploit this issue by injecting OS commands inside the vulnerable parameters.

Source: National Vulnerability Database | 20 Jul 2019 | 12:15 am IST

CVE-2019-11989

A security vulnerability in HPE IceWall SSO Agent Option and IceWall MFA (Agent module ) could be exploited remotely to cause a denial of service. The versions and platforms of Agent Option modules that are impacted are as follows: 10.0 for Apache 2.2 on RHEL 5 and 6, 10.0 for Apache 2.4 on RHEL 7, 10.0 for Apache 2.4 on HP-UX 11i v3, 10.0 for IIS on Windows, 11.0 for Apache 2.4 on RHEL 7, MFA Proxy 4.0 (Agent module only) for Apache 2.4 on RHEL 7.

Source: National Vulnerability Database | 19 Jul 2019 | 11:15 pm IST

CVE-2019-1579

Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11 and earlier, and PAN-OS 8.1.2 and earlier with GlobalProtect Portal or GlobalProtect Gateway Interface enabled may allow an unauthenticated remote attacker to execute arbitrary code.

Source: National Vulnerability Database | 19 Jul 2019 | 11:15 pm IST

CVE-2019-11990

A security vulnerability in HPE IceWall SSO Agent Option and IceWall MFA (Agent module ) could be exploited remotely to cause a denial of service. The versions and platforms of Agent Option modules that are impacted are as follows: 10.0 for Apache 2.2 on RHEL 5 and 6, 10.0 for Apache 2.4 on RHEL 7, 10.0 for Apache 2.4 on HP-UX 11i v3, 10.0 for IIS on Windows, 11.0 for Apache 2.4 on RHEL 7, MFA Proxy 4.0 (Agent module only) for Apache 2.4 on RHEL 7.

Source: National Vulnerability Database | 19 Jul 2019 | 11:15 pm IST

CVE-2019-7590

ExacqVision Server?s services 'exacqVisionServer', 'dvrdhcpserver' and 'mdnsresponder' have an unquoted service path. If an authenticated user is able to insert code in their system root path it potentially can be executed during the application startup. This could allow the authenticated user to elevate privileges on the system. This issue affects: Exacq Technologies, Inc. exacqVision Server 9.6; 9.8. This issue does not affect: Exacq Technologies, Inc. exacqVision Server version 9.4 and prior versions; 19.03. It is not known whether this issue affects: Exacq Technologies, Inc. exacqVision Server versions prior to 8.4.

Source: National Vulnerability Database | 19 Jul 2019 | 10:15 pm IST

CVE-2019-13991

Embedded systems based on Arduino before Rev3 allow remote attackers to send data to LEDs (directly connected to GPIO pins) via a laser, because of LED photosensitivity.

Source: National Vulnerability Database | 19 Jul 2019 | 10:15 pm IST

CVE-2019-13989

dpic 2019.06.20 has a Stack-based Buffer Overflow in the wfloat() function in main.c.

Source: National Vulnerability Database | 19 Jul 2019 | 9:15 pm IST

CVE-2019-5680

In NVIDIA Jetson TX1 L4T R32 version branch prior to R32.2, Tegra bootloader contains a vulnerability in nvtboot in which the nvtboot-cpu image is loaded without the load address first being validated, which may lead to code execution, denial of service, or escalation of privileges.

Source: National Vulnerability Database | 19 Jul 2019 | 9:15 pm IST

CVE-2019-12821

A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner, while adding a device to the account using a QR-code. The QR-code follows an easily predictable pattern that depends only on the specific device ID of the robot vacuum cleaner. By generating a QR-code containing information about the device ID, it is possible to connect an arbitrary device and gain full access to it. The device ID has an initial "JSW" substring followed by a six digit number that depends on the specific device.

Source: National Vulnerability Database | 19 Jul 2019 | 7:15 pm IST

CVE-2019-12820

A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner. Actions performed on the app such as changing a password, and personal information it communicates with the server, use unencrypted HTTP. As an example, while logging in through the app to a Jisiwei account, the login request is being sent in cleartext. The vulnerability exists in both the Android and iOS version of the app. An attacker could exploit this by using an MiTM attack on the local network to obtain someone's login credentials, which gives them full access to the robot vacuum cleaner.

Source: National Vulnerability Database | 19 Jul 2019 | 7:15 pm IST

CVE-2019-12945

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

Source: National Vulnerability Database | 19 Jul 2019 | 6:15 pm IST

CVE-2019-12453

In MicroStrategy Web before 10.1 patch 10, stored XSS is possible in the FLTB parameter due to missing input validation.

Source: National Vulnerability Database | 19 Jul 2019 | 6:15 pm IST

CVE-2019-1010241

Jenkins Credentials Binding Plugin Jenkins 1.17 is affected by: CWE-257: Storing Passwords in a Recoverable Format. The impact is: Authenticated users can recover credentials. The component is: config-variables.jelly line #30 (passwordVariable). The attack vector is: Attacker creates and executes a Jenkins job.

Source: National Vulnerability Database | 19 Jul 2019 | 6:15 pm IST

CVE-2018-17792 (mdaemon_webmail)

MDaemon Webmail (formerly WorldClient) has CSRF.

Source: National Vulnerability Database | 19 Jul 2019 | 6:15 pm IST

CVE-2019-11553

Code42 for Enterprise through 6.8.4 has Incorrect Access Control.

Source: National Vulnerability Database | 19 Jul 2019 | 6:15 pm IST

CVE-2019-1010239

DaveGamble/cJSON cJSON 1.7.8 is affected by: Improper Check for Unusual or Exceptional Conditions. The impact is: Null dereference, so attack can cause denial of service. The component is: cJSON_GetObjectItemCaseSensitive() function. The attack vector is: crafted json file. The fixed version is: 1.7.9 and later.

Source: National Vulnerability Database | 19 Jul 2019 | 6:15 pm IST

CVE-2019-1010238

Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize.

Source: National Vulnerability Database | 19 Jul 2019 | 6:15 pm IST

CVE-2019-1010113

Premium Software CLEditor 1.4.5 and earlier is affected by: Cross Site Scripting (XSS). The impact is: An attacker might be able to inject arbitrary html and script code into the web site. The component is: jQuery plug-in. The attack vector is: the victim must open a crafted href attribute of a link (A) element.

Source: National Vulnerability Database | 19 Jul 2019 | 5:15 pm IST

CVE-2019-1010142

scapy 2.4.0 is affected by: Denial of Service. The impact is: infinite loop, resource consumption and program unresponsive. The component is: _RADIUSAttrPacketListField.getfield(self..). The attack vector is: over the network or in a pcap. both work.

Source: National Vulnerability Database | 19 Jul 2019 | 5:15 pm IST

CVE-2019-12193

H3C H3Cloud OS all versions allows SQL injection via the ear/grid_event sidx parameter.

Source: National Vulnerability Database | 19 Jul 2019 | 5:15 pm IST

CVE-2019-1010101

Akeo Consulting Rufus 3.0 and earlier is affected by: Insecure Permissions. The impact is: arbitrary code execution with escalation of privilege. The component is: Executable installer, portable executable (ALL executables available). The attack vector is: CWE-29, CWE-377, CWE-379.

Source: National Vulnerability Database | 19 Jul 2019 | 5:15 pm IST

CVE-2019-1010136

ChinaMobile GPN2.4P21-C-CN W2001EN-00 is affected by: Incorrect Access Control - Unauthenticated Remote Reboot. The impact is: PLC Wireless Router's are vulnerable to an unauthenticated remote reboot due. The component is: Reboot settings are available to unauthenticated users instead of only authenticaed users. The attack vector is: Remote.

Source: National Vulnerability Database | 19 Jul 2019 | 5:15 pm IST

CVE-2019-1010100

Akeo Consulting Rufus 3.0 and earlier is affected by: DLL search order hijacking. The impact is: Arbitrary code execution WITH escalation of privilege. The component is: Executable installers, portable executables (ALL executables on the web site). The attack vector is: CAPEC-471, CWE-426, CWE-427.

Source: National Vulnerability Database | 19 Jul 2019 | 5:15 pm IST

CVE-2015-7882

Improper handling of LDAP authentication in MongoDB Server versions 3.0.0 to 3.0.6 allows an unauthenticated client to gain unauthorized access.

Source: National Vulnerability Database | 19 Jul 2019 | 5:15 pm IST

CVE-2019-13984

Directus 7 API before 2.3.0 does not validate uploaded files. Regardless of the file extension or MIME type, there is a direct link to each uploaded file, accessible by unauthenticated users, as demonstrated by the EICAR Anti-Virus Test File.

Source: National Vulnerability Database | 19 Jul 2019 | 4:15 pm IST

CVE-2019-13982

interfaces/markdown/input.vue in Directus 7 Application before 7.7.0 does not sanitize Markdown text before rendering a preview.

Source: National Vulnerability Database | 19 Jul 2019 | 4:15 pm IST

CVE-2019-1010247

ZmartZone IAM mod_auth_openidc 2.3.10.1 and earlier is affected by: Cross Site Scripting (XSS). The impact is: Redirecting the user to a phishing page or interacting with the application on behalf of the user. The component is: File: src/mod_auth_openidc.c, Line: 3109. The fixed version is: 2.3.10.2.

Source: National Vulnerability Database | 19 Jul 2019 | 4:15 pm IST

CVE-2019-13983

Directus 7 API before 2.2.2 has insufficient anti-automation, as demonstrated by lack of a CAPTCHA in core/Directus/Services/AuthService.php and endpoints/Auth.php.

Source: National Vulnerability Database | 19 Jul 2019 | 4:15 pm IST

CVE-2019-13981

In Directus 7 API through 2.3.0, remote attackers can read image files via a direct request for a filename under the uploads/_/originals/ directory. This is related to a configuration option in which the file collection can be non-public, but this option does not apply to the thumbnailer.

Source: National Vulnerability Database | 19 Jul 2019 | 4:15 pm IST

CVE-2019-13980

In Directus 7 API through 2.3.0, uploading of PHP files is blocked only when the Apache HTTP Server is used, leading to uploads/_/originals remote code execution with nginx.

Source: National Vulnerability Database | 19 Jul 2019 | 4:15 pm IST

CVE-2019-13979

In Directus 7 API before 2.2.1, uploading of PHP files is not blocked, leading to uploads/_/originals remote code execution.

Source: National Vulnerability Database | 19 Jul 2019 | 4:15 pm IST

CVE-2019-1167

A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'.

Source: National Vulnerability Database | 19 Jul 2019 | 4:15 pm IST

CVE-2019-1010245

The Linux Foundation ONOS SDN Controller 1.15 and earlier versions is affected by: Improper Input Validation. The impact is: A remote attacker can execute arbitrary commands on the controller. The component is: apps/yang/src/main/java/org/onosproject/yang/impl/YangLiveCompilerManager.java. The attack vector is: network connectivity. The fixed version is: 1.15.

Source: National Vulnerability Database | 19 Jul 2019 | 4:15 pm IST

CVE-2019-12946

Elcom CMS before 10.7 has SQL Injection via EventSearchByState.aspx and EventSearchAdv.aspx.

Source: National Vulnerability Database | 19 Jul 2019 | 3:15 pm IST

CVE-2019-11552

Code42 Enterprise and Crashplan for Small Business Client version 6.7 before 6.7.5, 6.8 before 6.8.8, and 6.9 before 6.9.4 allows eval injection. A proxy auto-configuration file, crafted by a lesser privileged user, may be used to execute arbitrary code at a higher privilege as the service user.

Source: National Vulnerability Database | 19 Jul 2019 | 3:15 pm IST

CVE-2019-1010151

zzcms zzmcms 8.3 and earlier is affected by: File Delete to getshell. The impact is: getshell. The component is: /user/ppsave.php.

Source: National Vulnerability Database | 19 Jul 2019 | 3:15 pm IST

CVE-2019-13648

In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a crafted signal frame. This affects arch/powerpc/kernel/signal_32.c and arch/powerpc/kernel/signal_64.c.

Source: National Vulnerability Database | 19 Jul 2019 | 2:15 pm IST

CVE-2019-13971

OTCMS 3.81 allows XSS via the mode parameter in an apiRun.php?mudi=autoRun request.

Source: National Vulnerability Database | 19 Jul 2019 | 8:15 am IST

CVE-2019-13972 (layerbb)

LayerBB 1.1.3 allows XSS via the application/commands/new.php pm_title variable, a related issue to CVE-2019-17997.

Source: National Vulnerability Database | 19 Jul 2019 | 8:15 am IST

CVE-2019-13973 (layerbb)

LayerBB 1.1.3 allows admin/general.php arbitrary file upload because the custom_logo filename suffix is not restricted, and .php may be used.

Source: National Vulnerability Database | 19 Jul 2019 | 8:15 am IST

CVE-2019-13974 (layerbb)

LayerBB 1.1.3 allows conversations.php/cmd/new CSRF.

Source: National Vulnerability Database | 19 Jul 2019 | 8:15 am IST

CVE-2019-13977 (ovidentia)

index.php in Ovidentia 8.4.3 has XSS via tg=groups, tg=maildoms&idx=create&userid=0&bgrp=y, tg=delegat, tg=site&idx=create, tg=site&item=4, tg=admdir&idx=mdb&id=1, tg=notes&idx=Create, tg=admfaqs&idx=Add, or tg=admoc&idx=addoc&item=.

Source: National Vulnerability Database | 19 Jul 2019 | 8:15 am IST

CVE-2019-13978 (ovidentia)

Ovidentia 8.4.3 has SQL Injection via the id parameter in an index.php?tg=delegat&idx=mem request.

Source: National Vulnerability Database | 19 Jul 2019 | 8:15 am IST

CVE-2019-13970

In antSword before 2.1.0, self-XSS in the database configuration leads to code execution via modules/database/asp/index.js, modules/database/custom/index.js, modules/database/index.js, or modules/database/php/index.js.

Source: National Vulnerability Database | 19 Jul 2019 | 7:15 am IST

CVE-2019-13969 (metinfo)

Metinfo 6.x allows SQL Injection via the id parameter in an admin/index.php?n=ui_set&m=admin&c=index&a=doget_text_content&table=lang&field=1 request.

Source: National Vulnerability Database | 19 Jul 2019 | 7:15 am IST

CVE-2019-7850 (campaign)

Adobe Campaign Classic version 18.10.5-8984 and earlier versions have a Command injection vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.

Source: National Vulnerability Database | 18 Jul 2019 | 11:15 pm IST

CVE-2019-7941 (campaign)

Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Information Exposure Through an Error Message vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.

Source: National Vulnerability Database | 18 Jul 2019 | 11:15 pm IST

CVE-2019-7955 (experience_manager)

Adobe Experience Manager version 6.4 and ealier have a Reflected Cross-site Scripting vulnerability. Successful exploitation could lead to Sensitive Information disclosure in the context of the current user.

Source: National Vulnerability Database | 18 Jul 2019 | 11:15 pm IST

CVE-2019-7848 (campaign)

Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Inadequate access control vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.

Source: National Vulnerability Database | 18 Jul 2019 | 11:15 pm IST

CVE-2019-7846 (campaign)

Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Improper error handling vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.

Source: National Vulnerability Database | 18 Jul 2019 | 11:15 pm IST

CVE-2019-7956 (dreamweaver)

Adobe Dreamweaver direct download installer versions 19.0 and below, 18.0 and below have an Insecure Library Loading (DLL hijacking) vulnerability. Successful exploitation could lead to Privilege Escalation in the context of the current user.

Source: National Vulnerability Database | 18 Jul 2019 | 11:15 pm IST

CVE-2019-7963

Adobe Bridge CC version 9.0.2 and earlier versions have an out of bound read vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.

Source: National Vulnerability Database | 18 Jul 2019 | 11:15 pm IST

CVE-2019-7843 (campaign)

Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Insufficient input validation vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.

Source: National Vulnerability Database | 18 Jul 2019 | 11:15 pm IST

CVE-2019-7953 (experience_manager)

Adobe Experience Manager version 6.4 and ealier have a Cross-Site Request Forgery vulnerability. Successful exploitation could lead to Sensitive Information disclosure in the context of the current user.

Source: National Vulnerability Database | 18 Jul 2019 | 11:15 pm IST

CVE-2019-7954

Adobe Experience Manager version 6.4 and ealier have a Stored Cross-site Scripting vulnerability. Successful exploitation could lead to Sensitive Information disclosure in the context of the current user.

Source: National Vulnerability Database | 18 Jul 2019 | 11:15 pm IST

CVE-2019-7847 (campaign)

Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Improper Restriction of XML External Entity Reference ('XXE') vulnerability. Successful exploitation could lead to Arbitrary read access to the file system in the context of the current user.

Source: National Vulnerability Database | 18 Jul 2019 | 11:15 pm IST

CVE-2019-13961 (flatcore)

A CSRF vulnerability was found in flatCore before 1.5, leading to the upload of arbitrary .php files via acp/core/files.upload-script.php.

Source: National Vulnerability Database | 18 Jul 2019 | 9:15 pm IST

CVE-2019-13962

lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height.

Source: National Vulnerability Database | 18 Jul 2019 | 9:15 pm IST

CVE-2019-1010279

Open Information Security Foundation Suricata prior to version 4.1.3 is affected by: Denial of Service - TCP/HTTP detection bypass. The impact is: An attacker can evade a signature detection with a specialy formed sequence of network packets. The component is: detect.c (https://github.com/OISF/suricata/pull/3625/commits/d8634daf74c882356659addb65fb142b738a186b). The attack vector is: An attacker can trigger the vulnerability by a specifically crafted network TCP session. The fixed version is: 4.1.3.

Source: National Vulnerability Database | 18 Jul 2019 | 8:15 pm IST

CVE-2019-8286

Information Disclosure in Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security versions up to 2019 could potentially disclose unique Product ID by forcing victim to visit a specially crafted webpage (for example, via clicking phishing link). Vulnerability has CVSS v3.0 base score 2.6

Source: National Vulnerability Database | 18 Jul 2019 | 8:15 pm IST

CVE-2019-13960

** DISPUTED ** In libjpeg-turbo 2.0.2, a large amount of memory can be used during processing of an invalid progressive JPEG image containing incorrect width and height values in the image header. NOTE: the vendor's expectation, for use cases in which this memory usage would be a denial of service, is that the application should interpret libjpeg warnings as fatal errors (aborting decompression) and/or set limits on resource consumption or image sizes.

Source: National Vulnerability Database | 18 Jul 2019 | 8:15 pm IST

CVE-2019-13959 (bento4)

In Bento4 1.5.1-627, AP4_DataBuffer::SetDataSize does not handle reallocation failures, leading to a memory copy into a NULL pointer. This is different from CVE-2018-20186.

Source: National Vulnerability Database | 18 Jul 2019 | 8:15 pm IST

CVE-2019-1010112

OECMS v4.3.R60321 and v4.3 later is affected by: Cross Site Request Forgery (CSRF). The impact is: The victim clicks on adding an administrator account. The component is: admincp.php. The attack vector is: network connectivity. The fixed version is: v4.3.

Source: National Vulnerability Database | 18 Jul 2019 | 8:15 pm IST

CVE-2019-1010246

MailCleaner before c888fbb6aaa7c5f8400f637bcf1cbb844de46cd9 is affected by: Unauthenticated MySQL database password information disclosure. The impact is: MySQL database content disclosure (e.g. username, password). The component is: The API call in the function allowAction() in NewslettersController.php. The attack vector is: HTTP Get request. The fixed version is: c888fbb6aaa7c5f8400f637bcf1cbb844de46cd9.

Source: National Vulnerability Database | 18 Jul 2019 | 8:15 pm IST

CVE-2019-1010252

The Linux Foundation ONOS 2.0.0 and earlier is affected by: Poor Input-validation. The impact is: A network administrator (or attacker) can install unintended flow rules in the switch by mistake. The component is: applyFlowRules() and apply() functions in FlowRuleManager.java. The attack vector is: network management and connectivity.

Source: National Vulnerability Database | 18 Jul 2019 | 7:15 pm IST

CVE-2019-13956

Discuz!ML 3.2 through 3.4 allows remote attackers to execute arbitrary PHP code via a modified language cookie, as demonstrated by changing 4gH4_0df5_language=en to 4gH4_0df5_language=en'.phpinfo().'; (if the random prefix 4gH4_0df5_ were used).

Source: National Vulnerability Database | 18 Jul 2019 | 7:15 pm IST

CVE-2019-3592

Privilege escalation vulnerability in McAfee Agent (MA) before 5.6.1 HF3, allows local administrator users to potentially disable some McAfee processes by manipulating the MA directory control and placing a carefully constructed file in the MA directory.

Source: National Vulnerability Database | 18 Jul 2019 | 7:15 pm IST

CVE-2019-1010248

Synetics GmbH I-doit 1.12 and earlier is affected by: SQL Injection. The impact is: Unauthenticated mysql database access. The component is: Web login form. The attack vector is: An attacker can exploit the vulnerability by sending a malicious HTTP POST request. The fixed version is: 1.12.1.

Source: National Vulnerability Database | 18 Jul 2019 | 7:15 pm IST

CVE-2019-1010250

The Linux Foundation ONOS 2.0.0 and earlier is affected by: Poor Input-validation. The impact is: A network administrator (or attacker) can install unintended flow rules in the switch by mistake. The component is: createFlow() and createFlows() functions in FlowWebResource.java (RESTful service). The attack vector is: network management and connectivity.

Source: National Vulnerability Database | 18 Jul 2019 | 7:15 pm IST

CVE-2019-1010249

The Linux Foundation ONOS 2.0.0 and earlier is affected by: Integer Overflow. The impact is: A network administrator (or attacker) can install unintended flow rules in the switch by mistake. The component is: createFlow() and createFlows() functions in FlowWebResource.java (RESTful service). The attack vector is: network management and connectivity.

Source: National Vulnerability Database | 18 Jul 2019 | 7:15 pm IST

CVE-2019-1010251

Open Information Security Foundation Suricata prior to version 4.1.2 is affected by: Denial of Service - DNS detection bypass. The impact is: An attacker can evade a signature detection with a specialy formed network packet. The component is: app-layer-detect-proto.c, decode.c, decode-teredo.c and decode-ipv6.c (https://github.com/OISF/suricata/pull/3590/commits/11f3659f64a4e42e90cb3c09fcef66894205aefe, https://github.com/OISF/suricata/pull/3590/commits/8357ef3f8ffc7d99ef6571350724160de356158b). The attack vector is: An attacker can trigger the vulnerability by sending a specifically crafted network request. The fixed version is: 4.1.2.

Source: National Vulnerability Database | 18 Jul 2019 | 7:15 pm IST

CVE-2019-13952 (gdnsd)

The set_ipv6() function in zscan_rfc1035.rl in gdnsd before 2.4.3 and 3.x before 3.2.1 has a stack-based buffer overflow via a long and malformed IPv6 address in zone data.

Source: National Vulnerability Database | 18 Jul 2019 | 6:15 pm IST

CVE-2019-13951 (gdnsd)

The set_ipv4() function in zscan_rfc1035.rl in gdnsd 3.x before 3.2.1 has a stack-based buffer overflow via a long and malformed IPv4 address in zone data.

Source: National Vulnerability Database | 18 Jul 2019 | 6:15 pm IST

CVE-2019-1010259 (salt_2018, salt_2019)

SaltStack Salt 2018.3, 2019.2 is affected by: SQL Injection. The impact is: An attacker could escalate privileges on MySQL server deployed by cloud provider. It leads to RCE. The component is: The mysql.user_chpass function from the MySQL module for Salt (https://github.com/saltstack/salt/blob/develop/salt/modules/mysql.py#L1462). The attack vector is: specially crafted password string. The fixed version is: 2018.3.4.

Source: National Vulnerability Database | 18 Jul 2019 | 6:15 pm IST

CVE-2019-1010065

The Sleuth Kit 4.6.0 and earlier is affected by: Integer Overflow. The impact is: Opening crafted disk image triggers crash in tsk/fs/hfs_dent.c:237. The component is: Overflow in fls tool used on HFS image. Bug is in tsk/fs/hfs.c file in function hfs_cat_traverse() in lines: 952, 1062. The attack vector is: Victim must open a crafted HFS filesystem image.

Source: National Vulnerability Database | 18 Jul 2019 | 6:15 pm IST

CVE-2019-1010268

Ladon since 0.6.1 (since ebef0aae48af78c159b6fce81bc6f5e7e0ddb059) is affected by: XML External Entity (XXE). The impact is: Information Disclosure, reading files and reaching internal network endpoints. The component is: SOAP request handlers. For instance: https://bitbucket.org/jakobsg/ladon/src/42944fc012a3a48214791c120ee5619434505067/src/ladon/interfaces/soap.py#lines-688. The attack vector is: Send a specially crafted SOAP call.

Source: National Vulnerability Database | 18 Jul 2019 | 6:15 pm IST

CVE-2019-11230

In Avast Antivirus before 19.4, a local administrator can trick the product into renaming arbitrary files by replacing the Logs\Update.log file with a symlink. The next time the product attempts to write to the log file, the target of the symlink is renamed. This defect can be exploited to rename a critical product file (e.g., AvastSvc.exe), causing the product to fail to start on the next system restart.

Source: National Vulnerability Database | 18 Jul 2019 | 6:15 pm IST

CVE-2019-1010262

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-1010142. Reason: This candidate is a reservation duplicate of CVE-2019-1010142. Notes: All CVE users should reference CVE-2019-1010142 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

Source: National Vulnerability Database | 18 Jul 2019 | 6:15 pm IST

CVE-2019-1010261 (gitea)

Gitea 1.7.0 and earlier is affected by: Cross Site Scripting (XSS). The impact is: Attacker is able to have victim execute arbitrary JS in browser. The component is: go-get URL generation - PR to fix: https://github.com/go-gitea/gitea/pull/5905. The attack vector is: victim must open a specifically crafted URL. The fixed version is: 1.7.1 and later.

Source: National Vulnerability Database | 18 Jul 2019 | 6:15 pm IST

CVE-2019-9231

An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions before 7.20A.202.307. A Cross-Site Request Forgery (CSRF) vulnerability in the management web interface allows remote attackers to execute malicious and unauthorized actions, because CSRFProtection=1 is not a default and is not documented.

Source: National Vulnerability Database | 18 Jul 2019 | 5:15 pm IST

count: 100