Total
310021 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-17207 | 1 Managewp | 1 Broken Link Checker | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
A reflected XSS vulnerability was found in includes/admin/table-printer.php in the broken-link-checker (aka Broken Link Checker) plugin 1.11.8 for WordPress. This allows unauthorized users to inject client-side JavaScript into an admin-only WordPress page via the wp-admin/tools.php?page=view-broken-links s_filter parameter in a search action. | |||||
CVE-2019-17206 | 1 Redis Wrapper Project | 1 Redis Wrapper | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Uncontrolled deserialization of a pickled object in models.py in Frost Ming rediswrapper (aka Redis Wrapper) before 0.3.0 allows attackers to execute arbitrary scripts. | |||||
CVE-2019-17205 | 1 Teampass | 1 Teampass | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
TeamPass 2.1.27.36 allows Stored XSS by placing a payload in the username field during a login attempt. When an administrator looks at the log of failed logins, the XSS payload will be executed. | |||||
CVE-2019-17204 | 1 Teampass | 1 Teampass | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
TeamPass 2.1.27.36 allows Stored XSS by setting a crafted Knowledge Base label and adding any available item. | |||||
CVE-2019-17203 | 1 Teampass | 1 Teampass | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
TeamPass 2.1.27.36 allows Stored XSS at the Search page by setting a crafted password for an item in any folder. | |||||
CVE-2019-17202 | 1 Fasttracksoftware | 1 Admin By Request | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
FastTrack Admin By Request 6.1.0.0 supports group policies that are supposed to allow only a select range of users to elevate to Administrator privilege at will. If a user does not have direct access to the elevation feature through group policies, they are prompted to enter a PIN code in a challenge-response manner upon attempting to elevate privileges. The challenge's response uses a simple algorithm that can be easily emulated via data (customer ID and device name) available to all users, and thus any user can elevate to Administrator privilege. | |||||
CVE-2019-17201 | 1 Fasttracksoftware | 1 Admin By Request | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
FastTrack Admin By Request 6.1.0.0 supports group policies that are supposed to allow only a select range of users to elevate to Administrator privilege at will. When a user requests elevation using the AdminByRequest.exe interface, the interface communicates with the underlying service (Audckq32.exe) using a .NET named pipe. If the underlying service responds that a user is permitted access to the elevation feature, the client then reinitiates communication with the underlying service and requests elevation. This elevation request has no local checks in the service, and depends on client-side validation in the AdminByRequest.exe interface, i.e., it is a vulnerable exposed functionality in the service. By communicating directly with the underlying service, any user can request elevation and obtain Administrator privilege regardless of group policies or permissions. | |||||
CVE-2019-17199 | 2 Microsoft, Webpagetest | 2 Windows, Webpagetest | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
www/getfile.php in WPO WebPageTest 19.04 on Windows allows Directory Traversal (for reading arbitrary files) because of an unanchored regular expression, as demonstrated by the a.jpg\.. substring. | |||||
CVE-2019-17197 | 1 Open-emr | 1 Openemr | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
OpenEMR through 5.0.2 has SQL Injection in the Lifestyle demographic filter criteria in library/clinical_rules.php that affects library/patient.inc. | |||||
CVE-2019-17195 | 3 Apache, Connect2id, Oracle | 15 Hadoop, Nimbus Jose\+jwt, Communications Cloud Native Core Security Edge Protection Proxy and 12 more | 2024-11-21 | 6.8 MEDIUM | 9.8 CRITICAL |
Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authentication bypass. | |||||
CVE-2019-17192 | 1 Signal | 1 Private Messenger | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
** DISPUTED ** The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android processes videoconferencing RTP packets before a callee chooses to answer a call, which might make it easier for remote attackers to cause a denial of service or possibly have unspecified other impact via malformed packets. NOTE: the vendor plans to continue this behavior for performance reasons unless a WebRTC design change occurs. | |||||
CVE-2019-17191 | 1 Signal | 1 Private Messenger | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
The Signal Private Messenger application before 4.47.7 for Android allows a caller to force a call to be answered, without callee user interaction, via a connect message. The existence of the call is noticeable to the callee; however, the audio channel may be open before the callee can block eavesdropping. | |||||
CVE-2019-17190 | 1 Avast | 1 Secure Browser | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
A Local Privilege Escalation issue was discovered in Avast Secure Browser 76.0.1659.101. The vulnerability is due to an insecure ACL set by the AvastBrowserUpdate.exe (which is running as NT AUTHORITY\SYSTEM) when AvastSecureBrowser.exe checks for new updates. When the update check is triggered, the elevated process cleans the ACL of the Update.ini file in %PROGRAMDATA%\Avast Software\Browser\Update\ and sets all privileges to group Everyone. Because any low-privileged user can create, delete, or modify the Update.ini file stored in this location, an attacker with low privileges can create a hard link named Update.ini in this folder, and make it point to a file writable by NT AUTHORITY\SYSTEM. Once AvastBrowserUpdate.exe is triggered by the update check functionality, the DACL is set to a misconfigured value on the crafted Update.ini and, consequently, to the target file that was previously not writable by the low-privileged attacker. | |||||
CVE-2019-17189 | 1 Totemo | 1 Totemodata | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
totemodata 3.0.0_b936 has XSS via a folder name. | |||||
CVE-2019-17188 | 1 Fecmall | 1 Fecmall | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
An unrestricted file upload vulnerability was discovered in catalog/productinfo/imageupload in Fecshop FecMall 2.3.4. An attacker can bypass a front-end restriction and upload PHP code to the webserver, by providing image data and the image/jpeg content type, with a .php extension. This occurs because the code relies on the getimagesize function. | |||||
CVE-2019-17187 | 1 Fiberhome | 2 Hg2201t, Hg2201t Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
/var/WEB-GUI/cgi-bin/downloadfile.cgi on FiberHome HG2201T 1.00.M5007_JS_201804 devices allows pre-authentication Directory Traversal for reading arbitrary files. | |||||
CVE-2019-17186 | 1 Fiberhome | 2 Hg2201t, Hg2201t Firmware | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
/var/WEB-GUI/cgi-bin/telnet.cgi on FiberHome HG2201T 1.00.M5007_JS_201804 devices allows pre-authentication remote code execution. | |||||
CVE-2019-17185 | 2 Freeradius, Opensuse | 2 Freeradius, Leap | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
In FreeRADIUS 3.0.x before 3.0.20, the EAP-pwd module used a global OpenSSL BN_CTX instance to handle all handshakes. This mean multiple threads use the same BN_CTX instance concurrently, resulting in crashes when concurrent EAP-pwd handshakes are initiated. This can be abused by an adversary as a Denial-of-Service (DoS) attack. | |||||
CVE-2019-17184 | 1 Xerox | 11 Atlalink B8045, Atlalink B8055, Atlalink B8065 and 8 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Xerox AtlaLink B8045/B8055/B8065/B8075/B8090 C8030/C8035/C8045/C8055/C8070 printers with software before 101.00x.089.22600 allow an attacker to gain privileges. | |||||
CVE-2019-17183 | 2 Foxitsoftware, Microsoft | 2 Reader, Windows | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
Foxit Reader before 9.7 allows an Access Violation and crash if insufficient memory exists. |