The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD .In some cases, the vulnerabilities in the Bulletin
High Vulnerabilities Primary
Vendor — Product Description Published CVSS Score Source & Patch Info 3s-smart_software_solutions — codesys_web_server
CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overflow.2019-11-20 7.5 CVE-2019-18858
MISC
MISC apache — solr The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLE_REMOTE_JMX_OPTS configuration option in the default solr.in.sh configuration file shipping with Solr.If you use the default solr.in.sh file from the affected releases, then JMX monitoring will be enabled and exposed on RMI_PORT (default=18983), without any authentication.If this port is opened for inbound traffic in your firewall, then anyone with network access to your Solr nodes will be able to access JMX, which may in turn allow them to upload malicious code for execution on the Solr server.2019-11-18 7.5 CVE-2019-12409
MLIST chicken — chicken
Buffer overflow in CHICKEN 4.9.0 and 4.9.0.1 may allow remote attackers to execute arbitrary code via the ‘select’ function.2019-11-22 7.5 CVE-2014-6310
MISC
MISC
CONFIRM
MISC clamav — clamav
ClamAV before 0.97.7 has buffer overflow in the libclamav component 2019-11-15 7.5 CVE-2013-7088
MISC
MISC
MISC
MISC
MISC clamav — clamav
ClamAV before 0.97.7 has WWPack corrupt heap memory 2019-11-15 7.5 CVE-2013-7087
MISC
MISC
MISC
MISC
MISC cobbler — cobbler
cobbler has local privilege escalation via the use of insecure location for PYTHON_EGG_CACHE 2019-11-19 7.2 CVE-2011-4954
MISC
MISC
MISC
MISC
MISC cyrus — imap
Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived over the same connection.
2019-11-15 7.5 CVE-2019-18928
MISC
MISC dolibarr — dolibarr
SQL injection vulnerability in Dolibarr ERP/CRM 3.3.1 allows remote attackers to execute arbitrary SQL commands via the ‘pays’ parameter in fiche.php.2019-11-20 7.5 CVE-2013-2091
MISC
MISC
CONFIRM
MISC dolibarr — dolibarr
Dolibarr ERP/CRM 3.3.1 does not properly validate user input in viewimage.php and barcode.lib.php which allows remote attackers to execute arbitrary commands.2019-11-20 10 CVE-2013-2093
MISC
MISC
CONFIRM
MISC druby — druby
Distributed Ruby (aka DRuby) 1.8 mishandles instance_eval.2019-11-18 7.5 CVE-2011-5331
MISC druby — druby
Distributed Ruby (aka DRuby) 1.8 mishandles the sending of syscalls.2019-11-18 7.5 CVE-2011-5330
MISC eclipse — jetty Jetty 6.x through 6.1.22 suffers from an escape sequence injection vulnerability from an attack vector by means of: 1) “Cookie Dump Servlet” and 2) Http Content-Length header.1) A POST request to the form at “/test/cookie/” with the “Age” parameter set to a string throws a “java.lang.NumberFormatException” which reflects binary characters including ESC.These characters could be used to execute arbitrary commands or buffer dumps in the terminal.
2) The attack vector in 1) can be exploited by requesting a page using an HTTP request “Content-Length” header set to a consonant string (string including only letters).
2019-11-15 7.5 CVE-2009-5047
MISC
MISC
MLIST google — chrome Unspecified vulnerabilities in Google Chrome before 54.0.2840.59.
2019-11-20 10 CVE-2016-5194
CONFIRM google — chrome Unspecified vulnerabilities in Google Chrome before 55.0.2883.75.2019-11-20 10 CVE-2016-9652
CONFIRM hhvm — hhvm
hhvm before 3.12.11 has a use-after-free in the serialize_memoize_param() and ResourceBundle::__construct() functions.2019-11-19 7.5 CVE-2016-1 6
MISC
MISC
MISC ibm — security_identity_manager
IBM Security Identity Manager 6.0.0 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data.By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system.
IBM X-Force ID: 166456.2019-11-20 9.3 CVE-2019-4561
XF
CONFIRM iobroker — iobroker.admin
iobroker.admin before 3.6.12 allows attacker to include file contents from outside the `/log/file1/` directory.2019-11-20 7.5 CVE-2019-10765
MISC
MISC ktsuss — ktsuss ktsuss versions 1.4 and prior spawns the GTK interface to run as root.This can allow a local attacker to escalate privileges to root and use the “GTK_MODULES” environment variable to possibly execute arbitrary code.
2019-11-19 7.2 CVE-2011-2922
MISC
MISC
MISC
MISC
MISC
MISC
MISC ktsuss — ktsuss
ktsuss versions 1.4 and prior has the uid set to root and does not drop privileges prior to executing user specified commands, which can result in command execution with root privileges.2019-11-19 10 CVE-2011-2921
MISC
MISC
MISC limnoria_and_supybot — limnoria_and_supybot
Eval injection in the Math plugin of Limnoria (before 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands.2019-11-16 7.5 CVE-2019-19010
MISC
MISC
FEDORA
FEDORA
FEDORA linux — linux_kernel Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering iwl_pcie_init_fw_sec() or dma_alloc_coherent() failures, aka CID-0f4f199443fa.2019-11-18 7.8 CVE-2019-19059
MISC linux — linux_kernel A memory leak in the rsi_send_beacon() function in drivers/net/wireless/rsi/rsi_91x_mgmt.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering rsi_prepare_beacon() failures, aka CID-d563131ef23c.2019-11-18 7.8 CVE-2019-19071
MISC linux — linux_kernel Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e.2019-11-18 7.8 CVE-2019-19057
MISC linux — linux_kernel A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering alloc_page() failures, aka CID-b4b814fec1a5.
2019-11-18 7.8 CVE-2019-19058
MISC linux — linux_kernel A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-96c5c6e6a5b6.2019-11-18 7.8 CVE-2019-19072
MISC linux — linux_kernel
A memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering ca8210_get_platform_data() failures, aka CID-6402939ec86e.2019-11-18 7.8 CVE-2019-19075
MISC
MISC linux — linux_kernel
A memory leak in the mlx5_fw_fatal_reporter_dump() function in drivers/net/ethernet/mellanox/mlx5/core/health.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mlx5_crdump_collect() failures, aka CID-c7ed6d0183d5.2019-11-18 7.8 CVE-2019-19047
MISC
MISC linux — linux_kernel
A memory leak in the nfp_abm_u32_knode_replace() function in drivers/net/ethernet/netronome/nfp/abm/cls.c in the Linux kernel before 5.3.6 allows attackers to cause a denial of service (memory consumption), aka CID-78beef629fd9.2019-11-18 7.8 CVE-2019-19076
MISC
MISC linux — linux_kernel
Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113.
2019-11-18 7.8 CVE-2019-19063
MISC linux — linux_kernel
A memory leak in the crypto_reportstat() function in drivers/virt/vboxguest/vboxguest_utils.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering copy_form_user() failures, aka CID-e0b0cb938864.
2019-11-18 7.8 CVE-2019-19048
MISC
MISC linux — linux_kernel
Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption).This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, the dce100_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, the dcn20_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn20/dcn20_resource.c, the dce120_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, and the dce80_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce80/dce80_resource.c, aka CID-055e547478a1.2019-11-18 7.8 CVE-2019-19083
MISC
MISC linux — linux_kernel
A memory leak in the mlx5_fpga_conn_create_cq() function in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mlx5_vector2eqn() failures, aka CID-c8c2a057fdc7.2019-11-18 7.8 CVE-2019-19045
MISC
MISC linux — linux_kernel
A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4.
2019-11-18 7.8 CVE-2019-19074
MISC linux — linux_kernel
A memory leak in the i40e_setup_macvlans() function in drivers/net/ethernet/intel/i40e/i40e_main.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering i40e_setup_channel() failures, aka CID-27d461333459.2019-11-18 7.8 CVE-2019-19043
MISC linux — linux_kernel
A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_reportstat_alg() failures, aka CID-c03b04dcdba1.
2019-11-18 7.8 CVE-2019-19050
MISC linux — linux_kernel
A memory leak in the i2400m_op_rfkill_sw_toggle() function in drivers/net/wimax/i2400m/op-rfkill.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-6f3ef5c25cc7.2019-11-18 7.8 CVE-2019-19051
MISC
MISC linux — linux_kernel
Two memory leaks in the v3d_submit_cl_ioctl() function in drivers/gpu/drm/v3d/v3d_gem.c in the Linux kernel before 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering kcalloc() or v3d_job_init() failures, aka CID-29cd13cfd762.2019-11-18 7.8 CVE-2019-19044
MISC
MISC linux — linux_kernel
A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering rhashtable_init() failures, aka CID-34b3be18a04e.2019-11-18 7.8 CVE-2019-19065
MISC
MISC linux — linux_kernel
A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486.2019-11-18 7.8 CVE-2019-19052
MISC
MISC linux — linux_kernel
A memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy to udata failures, aka CID-4a9d46a9fe14.2019-11-18 7.8 CVE-2019-19077
MISC linux — linux_kernel
A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-db8fd2cde932.
2019-11-18 7.8 CVE-2019-19056
MISC linux — linux_kernel
A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b.
2019-11-18 7.8 CVE-2019-19054
MISC linux — linux_kernel
A memory leak in the nfp_flower_spawn_vnic_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allows attackers to cause a denial of service (memory consumption), aka CID-8ce39eb5a67a.2019-11-18 7.8 CVE-2019-19081
MISC
MISC linux — linux_kernel
A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy_from_iter_full() failures, aka CID-bbe692e349e2.2019-11-18 7.8 CVE-2019-19053
MISC linux — linux_kernel
A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-a2cdd07488e6.2019-11-18 7.8 CVE-2019-19068
MISC linux — linux_kernel
A memory leak in the bfad_im_get_stats() function in drivers/scsi/bfa/bfad_attr.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering bfa_port_get_stats() failures, aka CID-0e62395da2bd.2019-11-18 7.8 CVE-2019-19066
MISC linux — linux_kernel
Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures.This affects the htc_config_pipe_credits() function, the htc_setup_complete() function, and the htc_connect_service() function, aka CID-853acf7caf10.2019-11-18 7.8 CVE-2019-19073
MISC linux — linux_kernel
A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-9c0530e898f3.
2019-11-18 7.8 CVE-2019-19061
MISC
MISC linux — linux_kernel
A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042.2019-11-18 7.8 CVE-2019-19062
MISC linux — linux_kernel
A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41.2019-11-18 7.8 CVE-2019-19060
MISC
MISC linux — linux_kernel
Memory leaks in *create_resource_pool() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption).This affects the dce120_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, the dce100_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, and the dce112_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, aka CID-104c307147ad.
2019-11-18 7.8 CVE-2019-19082
MISC linux — linux_kernel
A memory leak in the ath10k_usb_hif_tx_sg() function in drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-b8d17e7d93d2.2019-11-18 7.8 CVE-2019-19078
MISC linux — linux_kernel
A memory leak in the qrtr_tun_write_iter() function in net/qrtr/tun.c in the Linux kernel before 5.3 allows attackers to cause a denial of service (memory consumption), aka CID-a21b7f0cff19.2019-11-18 7.8 CVE-2019-19079
MISC
MISC linux — linux_kernel
Four memory leaks in the nfp_flower_spawn_phy_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allow attackers to cause a denial of service (memory consumption), aka CID-8572cea1461a.2019-11-18 7.8 CVE-2019-19080
MISC
MISC linux — linux_kernel
A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc/fastrpc.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering dma_get_sgtable() failures, aka CID-fc739a058d99.
2019-11-18 7.8 CVE-2019-19069
MISC
MISC nvidia — nvflash_and_nvuflash_tool_and_gpumodeswitch_tool
NVIDIA NVFlash, NVUFlash Tool prior to v5.588.0 and GPUModeSwitch Tool prior to 2019-11, NVIDIA kernel mode driver (nvflash.sys, nvflsh32.sys, and nvflsh64.sys) contains a vulnerability in which authenticated users with administrative privileges can gain access to device memory and registers of other devices not managed by NVIDIA, which may lead to escalation of privileges, information disclosure, or denial of service.2019-11-18 7.2 CVE-2019-5688
MISC oniguruma — oniguruma
An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker.(This only affects the 32-bit compiled version).Remote attackers can cause a denial-of-service or information disclosure, or possibly have unspecified other impact, via a crafted regular expression.
2019-11-17 7.5 CVE-2019-19012
MISC
MISC
MISC phicomm — k2_psg1218_routers
/usr/lib/lua/luci/controller/admin/autoupgrade.lua on PHICOMM K2(PSG1218) V22.5.9.163 devices allows remote authenticated users to execute any command via shell metacharacters in the cgi-bin/luci autoUpTime parameter.2019-11-18 9 CVE-2019-19117
MISC pimcore — pimcore
Pimcore before 6.2.2 lacks an Access Denied outcome for a certain scenario of an incorrect recipient ID of a notification.2019-11-15 7.5 CVE-2019-18981
MISC
MISC pixie — pixie
Pixie versions 1.0.x before 1.0.3, and 2.0.x before 2.0.2 allow SQL Injection in the limit() function due to improper sanitization.2019-11-19 7.5 CVE-2019-10766
MISC postgresql — postgresql
The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified impact via unknown vectors, as demonstrated by an out-of-memory error.
2019-11-20 7.5 CVE-2015-3166
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC postgresql-common — postgresql-common
The pg_ctlcluster script in postgresql-common in versions prior to 210 didn’t drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation.2019-11-20 7.2 CVE-2019-3466
MISC raritan — commandcenter_secure_gateway
An XML external entity (XXE) vulnerability in CommandCenterWebServices/.*?wsdl in Raritan CommandCenter Secure Gateway before 8.0.0 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.2019-11-18 7.5 CVE-2018-20687
MISC
FULLDISC sandline — centraleyezer
Sandline Centraleyezer (On Premises) allows unrestricted File Upload with a dangerous type, because the feature of adding “.jpg” to any uploaded filename is not enforced on the server side.2019-11-18 7.5 CVE-2019-12271
MISC
MISC smarty — smarty The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smarty_internal_compile_private_special_variable.php file.2019-11-20 7.5 CVE-2011-1028
MISC
MISC
MISC statusnet — statusnet
Unspecified vulnerability in statusnet through 2010 due to the way addslashes are used in SQL string escapes..2019-11-20 7.5 CVE-2010-4660
MISC
MISC symantec — endpoint_protection Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.2019-11-15 7.2 CVE-2019-18372
MISC symantec — endpoint_protection
Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual to execute code without a resident proper digital signature.2019-11-15 7.2 CVE-2019-12758
MISC
MISC symantec — endpoint_protection_manager_and_mail_security_for_ms_exchange
Symantec Endpoint Protection Manager (SEPM) and Symantec Mail Security for MS Exchange (SMSMSE), prior to versions 14.2 RU2 and 7.5.x respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
2019-11-15 7.2 CVE-2019-12759
MISC tematres — tematres
TemaTres 3.0 allows remote unprivileged users to create an administrator account 2019-11-15 7.5 CVE-2019-14345
MISC
MISC
MISC
MISC xorus — lpar2rrd_and_stor2rrd
An issue was discovered in Xorux Lpar2RRD 6.11 and Stor2RRD 2.61, as distributed in Xorux 2.41.They do not correctly verify the integrity of an upgrade package before processing it.As a result, official upgrade packages can be modified to inject an arbitrary Bash script that will be executed by the underlying system.It is possible to achieve this by modifying the values in the files.SUM file (which are used for integrity control) and injecting malicious code into the upgrade.sh file.2019-11-17 9 CVE-2019-19041
apache — atlas
Apache Atlas versions 0.8.3 and 1.1.0 were found vulnerable to Stored Cross-Site Scripting in the search functionality 2019-11-18 4.3 CVE-2019-10070
MLIST apache — nifi The XMLFileLookupService in NiFi versions 1.3.0 to 1.9.2 allowed trusted users to inadvertently configure a potentially malicious XML file.
The XML file has the ability to make external calls to services (via XXE) and reveal information such as the versions of Java, Jersey, and Apache that the NiFI instance uses.2019-11-19 4 CVE-2019-10080
CONFIRM apache — nifi
When using an authentication mechanism other than PKI, when the user clicks Log Out in NiFi versions 1.0.0 to 1.9.2, NiFi invalidates the authentication token on the client side but not on the server side.This permits the user’s client-side token to be used for up to 12 hours after logging out to make API requests to NiFi.2019-11-19 6.5 CVE-2019-12421
CONFIRM apache — shiro
Apache Shiro before 1.4.2, when using the default “remember me” configuration, cookies could be susceptible to a padding attack.2019-11-18 5 CVE-2019-12422
MLIST artifex — ghostscript
A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions.
An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges within the Ghostscript and access files outside of restricted areas or execute commands.2019-11-15 6.8 CVE-2019-14869
SUSE
SUSE
MLIST
CONFIRM
CONFIRM
CONFIRM
FEDORA
FEDORA
FEDORA
BUGTRAQ clamav — clamav
ClamAV before 0.97.7: dbg_printhex possible information leak 2019-11-15 5 CVE-2013-7089
MISC
MISC
MISC
MISC cobbler — cobbler
cobbler: Web interface lacks CSRF protection when using Django framework 2019-11-19 6.8 CVE-2011-4952
MISC
MISC
MISC
MISC code42 — code42 Code42 server through 7.0.2 for Windows has an Untrusted Search Path.In certain situations, a non-administrative attacker on the local server could create or modify a dynamic-link library (DLL).The Code42 service could then load it at runtime, and potentially execute arbitrary code at an elevated privilege on the local server.2019-11-19 6.9 CVE-2019-16861
CONFIRM
MISC code42 — code42
Code42 app through version 7.0.2 for Windows has an Untrusted Search Path.In certain situations, a non-administrative attacker on the local machine could create or modify a dynamic-link library (DLL).
The Code42 service could then load it at runtime, and potentially execute arbitrary code at an elevated privilege on the local machine.2019-11-19 6.9 CVE-2019-16860
MISC
CONFIRM comodo_security_solutions — comodo_internet_security
An issue was discovered in signmgr.dll 6.5.0.819 in Comodo Internet Security through 12.0.A DLL Preloading vulnerability allows an attacker to implant an unsigned DLL named iLog.dll in a partially unprotected product directory.This DLL is then loaded into a high-privileged service before the binary signature validation logic is loaded, and might bypass some of the self-defense mechanisms.
2019-11-18 4.4 CVE-2019-18215
MISC
MISC
MISC dolibarr — dolibarr Cross-site Scripting (XSS) in Dolibarr ERP/CRM 3.3.1 allows remote attackers to inject arbitrary web script or HTML in functions.lib.php.2019-11-20 4.3 CVE-2013-2092
MISC
CONFIRM
MISC f5 — big-ip
On BIG-IP 13.1.0-13.1.1.4, sensitive information is logged into the local log files and/or remote logging targets when restjavad processes an invalid request.Users with access to the log files would be able to view that data.2019-11-15 4 CVE-2019-6662
MISC f5 — big-ip
On version 14.0.0-14.1.0.1, BIG-IP virtual servers with TLSv1.3 enabled may experience a denial of service due to undisclosed incoming messages.2019-11-15 5 CVE-2019-6659
MISC f5 — big-ip
On BIG-IP 15.0.0 and 14.1.0-14.1.0.6, under certain conditions, network protections on the management port do not follow current best practices.
2019-11-15 5 CVE-2019-6664
MISC f5 — big-ip
On BIG-IP 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.1, undisclosed HTTP requests may consume excessive amounts of systems resources which may lead to a denial of service.2019-11-15 5 CVE-2019-6660
MISC f5 — big-ip_and_iworkflow_and_enterprise_manager
The BIG-IP 15.0.0-15.0.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5.1, BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1 configuration utility is vulnerable to Anti DNS Pinning (DNS Rebinding) attack.2019-11-15 4.3 CVE-2019-6663
MISC f5 — big-ip_apm When the BIG-IP APM 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.4.1, or 11.5.1-11.6.5 system processes certain requests, the APD/APMD daemon may consume excessive resources.
2019-11-15 5 CVE-2019-6661
MISC falconpl — falconpl
Falconpl before 0.9.6.9-git20120606 misuses the libcurl API which may allow remote attackers to interfere with security checks.2019-11-19 5 CVE-2012-6070
MISC
MISC
MISC
MISC firegpg — iceweasel-firegpg
A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling.2019-11-18 4.6 CVE-2008-7273
MISC
MISC
MISC footy_tipping_software — afl_web_edition
Footy Tipping Software AFL Web Edition 2019 allows XSS.2019-11-18 4.3 CVE-2019-17057
MISC footy_tipping_software — afl_web_edition
Footy Tipping Software AFL Web Edition 2019 allows arbitrary file upload and resultant remote code execution because a whitelist can be bypassed by an Administrator who uploads a crafted upload.dat file.
2019-11-18 6.5 CVE-2019-17058
MISC fortiguard — fortios_and_forticlient_for_windows_and_forticlient_for_mac Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge of the key to eavesdrop on and modify information (URL/SPAM services in FortiOS 5.6, and URL/SPAM/AV services in FortiOS 6.0.; URL rating in FortiClient) sent and received from Fortiguard severs by decrypting these messages.2019-11-21 4.3 CVE-2018-9195
CONFIRM gael — q-pulse Cross-site scripting (XSS) vulnerability in ui/common/managedlistdialog.aspx in Gael Q-Pulse 0.6 and earlier.2019-11-22 4.3 CVE-2014-1238
MISC gamera_project — gamera
Gamera before 3.4.1 insecurely creates temporary files.2019-11-21 5 CVE-2014-1937
MISC
MISC
MISC gnu — serveez
GNU Serveez through 0.2.2 has an Information Leak.
An attacker may send an HTTP POST request to the /cgi-bin/reader URI.The attacker must include a Content-length header with a large positive value that, when represented in 32 bit binary, evaluates to a negative number.The problem exists in the http_cgi_write function under http-cgi.c; however, exploitation might show svz_envblock_add in libserveez/passthrough.c as the location of the heap-based buffer over-read.
2019-11-20 5 CVE-2019-16200
MISC gnupg_project — gnupg
The keyring DB in GnuPG before 2.1.2 does not properly handle invalid packets, which allows remote attackers to cause a denial of service (invalid read and use-after-free) via a crafted keyring file.
2019-11-20 4.3 CVE-2015-1606
MISC
MISC
MISC
MISC
MISC
MISC gnupg_project — gnupg
kbx/keybox-search.c in GnuPG before 1.4.19, 2.0.x before 2.0.27, and 2.1.x before 2.1.2 does not properly handle bitwise left-shifts, which allows remote attackers to cause a denial of service (invalid read operation) via a crafted keyring file, related to sign extensions and “memcpy with overlapping ranges.” 2019-11-20 4.3 CVE-2015-1607
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC horms_solutions — perdition
Perdition before 2.2 may have weak security when handling outbound connections, caused by an error in the STARTTLS IMAP and POP server.ssl_outgoing_ciphers not being applied to STARTTLS connections 2019-11-15 4.3 CVE-2013-4584
MISC
MISC
MISC
MISC
MISC ibm — maximo_asset_management
IBM Maximo Asset Management 7.6, 7.6.1, and 7.6.1.1 could allow an authenticated user to delete a record that they should not normally be able to.IBM X-Force ID: 165586.2019-11-20 5.5 CVE-2019-4530
XF
CONFIRM ibm — smartcloud_analytics IBM SmartCloud Analytics 1.3.1 through 1.3.5 could allow a remote attacker to hijack the clicking action of the victim.By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim’s click actions and possibly launch further attacks against the victim.IBM X-Force ID: 159186.
2019-11-22 4.3 CVE-2019-4215
XF
CONFIRM ibm — smartcloud_analytics
IBM SmartCloud Analytics 1.3.1 through 1.3.5 does not set the secure attribute on authorization tokens or session cookies.This could allow an attacker to obtain sensitive information using man in the middle techniques.
IBM X-Force ID: 159185.2019-11-22 4.3 CVE-2019-4214
XF
CONFIRM ibm — smartcloud_analytics
IBM SmartCloud Analytics 1.3.1 through 1.3.5 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass.IBM X-Force ID: 159187.2019-11-22 4.9 CVE-2019-4216
XF
CONFIRM iterm2 — iterm2
iTerm2 through 3.3.6 has potentially insufficient documentation about the presence of search history in com.googlecode.iterm2.plist, which might allow remote attackers to obtain sensitive information, as demonstrated by searching for the NoSyncSearchHistory string in .plist files within public Git repositories.
2019-11-17 5 CVE-2019-19022
MISC jenkins — jenkins Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers with read access and HTTP access to Jenkins master to insert data and execute arbitrary code.2019-11-18 6.5 CVE-2012-4438
MISC
CONFIRM
MISC
MISC jenkins — jenkins Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML in the CI game plugin.2019-11-18 4.3 CVE-2012-4441
MISC
MISC
MISC jenkins — jenkins Missing permission checks in various API endpoints in Jenkins Google Compute Engine Plugin 4.1.1 and earlier allow attackers with Overall/Read permission to obtain limited information about the plugin configuration and environment.2019-11-21 4 CVE-2019-16547
MLIST
CONFIRM jenkins — jenkins
Jenkins QMetry for JIRA – Test Management Plugin 1.12 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.
2019-11-21 4 CVE-2019-16544
MLIST
CONFIRM jenkins — jenkins
Jenkins QMetry for JIRA – Test Management Plugin transmits credentials in its configuration in plain text as part of job configuration forms, potentially resulting in their exposure.2019-11-21 4 CVE-2019-16545
MLIST
CONFIRM jenkins — jenkins
A cross-site request forgery vulnerability in Jenkins Google Compute Engine Plugin 4.1.1 and earlier in ComputeEngineCloud#doProvision could be used to provision new agents.
2019-11-21 6.8 CVE-2019-16548
MLIST
CONFIRM jenkins — jenkins
A path traversal vulnerability in Jenkins Support Core Plugin 2.63 and earlier allows attackers with Overall/Read permission to delete arbitrary files on the Jenkins master.2019-11-21 5.5 CVE-2019-16540
MLIST
CONFIRM jenkins — jenkins
A missing permission check in Jenkins Support Core Plugin 2.63 and earlier allows attackers with Overall/Read permission to delete support bundles.
2019-11-21 5.5 CVE-2019-16539
MLIST
CONFIRM jenkins — jenkins
Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML in the Violations plugin.2019-11-18 4.3 CVE-2012-4440
MISC
MISC
MISC jenkins — jenkins
Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL that points to Jenkins.2019-11-18 4.3 CVE-2012-4439
MISC
CONFIRM
MISC
MISC jenkins — jenkins
Jenkins Google Compute Engine Plugin 4.1.1 and earlier does not verify SSH host keys when connecting agents created by the plugin, enabling man-in-the-middle attacks.2019-11-21 4.3 CVE-2019-16546
MLIST
CONFIRM jhead_project — jhead jhead 3.03 is affected by: heap-based buffer over-read.The impact is: Denial of service.
The component is: ReadJpegSections and process_SOFn in jpgfile.c.The attack vector is: Open a specially crafted JPEG file.2019-11-17 4.3 CVE-2019-19035
MISC kairosdb — kairosdb
KairosDB through 1.2.2 has XSS in view.html because of showErrorMessage in js/graph.js, as demonstrated by view.html?q= with a ‘”sampling”:{“value”:”