3s-smart_software_solutions — codesys_eni_server 3S-Smart CODESYS V2.3 ENI server V3.2.2.23 has a Buffer Overflow. 2019-10-25 not yet calculated CVE-2019-16265
CONFIRM
MISC abode — creative_cloud_desktop_application
  Creative Cloud Desktop Application version 4.6.1 and earlier versions have Security Bypass vulnerability. Successful exploitation could lead to Privilege Escalation in the context of the current user. 2019-10-23 not yet calculated CVE-2019-8236
MISC adobe — acrobat_and_reader
  Adobe Acrobat and Reader versions 2019.010.20100 and earlier; 2019.010.20099 and earlier versions; 2017.011.30140 and earlier version; 2017.011.30138 and earlier version; 2015.006.30495 and earlier versions; 2015.006.30493 and earlier versions have a Path Traversal vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user. 2019-10-23 not yet calculated CVE-2019-8238
MISC adobe — acrobat_and_reader
  Adobe Acrobat and Reader versions 2019.012.20034 and earlier; 2019.012.20035 and earlier versions; 2017.011.30142 and earlier versions; 2017.011.30143 and earlier versions; 2015.006.30497 and earlier versions; 2015.006.30498 and earlier versions have an Insufficiently Robust Encryption vulnerability. Successful exploitation could lead to Security feature bypass in the context of the current user. 2019-10-23 not yet calculated CVE-2019-8237
MISC adobe — experience_manager
  Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-10-25 not yet calculated CVE-2019-8088
CONFIRM adobe — experience_manager
  Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a cross-site request forgery vulnerability. Successful exploitation could lead to sensitive information disclosure. 2019-10-25 not yet calculated CVE-2019-8234
CONFIRM adobe — experience_manager
  Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability. Successful exploitation could lead to sensitive information disclosure. 2019-10-25 not yet calculated CVE-2019-8087
CONFIRM adobe — experience_manager
  Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a reflected cross site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. 2019-10-25 not yet calculated CVE-2019-8084
CONFIRM adobe — experience_manager
  Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a reflected cross site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. 2019-10-25 not yet calculated CVE-2019-8085
CONFIRM adobe — experience_manager
  Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability. Successful exploitation could lead to sensitive information disclosure. 2019-10-25 not yet calculated CVE-2019-8082
CONFIRM adobe — experience_manager
  Adobe Experience Manager versions 6.5, 6.4 and 6.3 have a cross site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. 2019-10-25 not yet calculated CVE-2019-8083
CONFIRM adobe — experience_manager
  Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have an authentication bypass vulnerability. Successful exploitation could lead to sensitive information disclosure. 2019-10-25 not yet calculated CVE-2019-8081
CONFIRM adobe — experience_manager
  Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a reflected cross site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. 2019-10-24 not yet calculated CVE-2019-8078
CONFIRM adobe — experience_manager
  Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. 2019-10-24 not yet calculated CVE-2019-8079
CONFIRM adobe — experience_manager
  Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability. Successful exploitation could lead to sensitive information disclosure. 2019-10-25 not yet calculated CVE-2019-8086
CONFIRM adobe — experience_manager
  Adobe Experience Manager versions 6.4 and 6.3 have a stored cross site scripting vulnerability. Successful exploitation could lead to privilege escalation. 2019-10-24 not yet calculated CVE-2019-8080
CONFIRM ant_design — ant_design_pro In Ant Design Pro 4.0.0, reflected XSS in the user/login redirect GET parameter affects the authorization component, leading to execution of JavaScript code in the login after-action script. 2019-10-23 not yet calculated CVE-2019-18350
MISC apache — poi In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to convert user-provided Microsoft Excel documents, a specially crafted document can allow an attacker to read files from the local filesystem or from internal network resources via XML External Entity (XXE) Processing. 2019-10-23 not yet calculated CVE-2019-12415
MISC avast — antivirus An issue was discovered in Avast antivirus before 19.8 and AVG antivirus before 19.8. A DLL Preloading vulnerability allows an attacker to implant %WINDIR%\system32\wbemcomn.dll, which is loaded into a protected-light process (PPL) and might bypass some of the self-defense mechanisms. This affects all components that use WMI, e.g., AVGSvc.exe 19.6.4546.0 and TuneupSmartScan.dll 19.1.884.0. 2019-10-23 not yet calculated CVE-2019-17093
MISC
MISC avstar — pe204_ip_camera_devices An issue was discovered on AVStar PE204 3.10.70 IP camera devices. A denial of service can occur on open TCP port 23456. After a TELNET connection, no TCP ports are open. 2019-10-23 not yet calculated CVE-2019-18382
MISC clonos — web_control_panel A cross-site scripting (XSS) vulnerability in index.php in ClonOS WEB control panel 19.09 allows remote attackers to inject arbitrary web script or HTML via the lang parameter. 2019-10-24 not yet calculated CVE-2019-18419
MISC clonos — web_control_panel clonos.php in ClonOS WEB control panel 19.09 allows remote attackers to gain full access via change password requests because there is no session management. 2019-10-24 not yet calculated CVE-2019-18418
MISC cloud_foundry — smb_volume Cloud Foundry SMB Volume, versions prior to v2.0.3, accidentally outputs sensitive information to the logs. A remote user with access to the SMB Volume logs can discover the username and password for volumes that have been recently created, allowing the user to take control of the SMB Volume. 2019-10-23 not yet calculated CVE-2019-11283
CONFIRM cloud_foundry — uaa Cloud Foundry UAA, versions prior to v74.3.0, contains an endpoint that is vulnerable to SCIM injection attack. A remote authenticated malicious user with scim.invite scope can craft a request with malicious content which can leak information about users of the UAA. 2019-10-23 not yet calculated CVE-2019-11282
CONFIRM corehr — core_portal CoreHR Core Portal before 27.0.7 allows stored XSS. 2019-10-25 not yet calculated CVE-2019-18221
MISC
MISC craft_cms — craft_cms In Craft CMS through 3.1.7, the elevated session password prompt was not being rate limited like normal login forms, leading to the possibility of a brute force attempt on them. 2019-10-24 not yet calculated CVE-2019-15929
MISC d-link — dir-865l_wireless_routers D-Link DIR-865L has Information Disclosure. 2019-10-25 not yet calculated CVE-2013-4856
MISC
MISC
MISC d-link — dir-865l_wireless_routers D-Link DIR-865L has SMB Symlink Traversal due to misconfiguration in the SMB service allowing symbolic links to be created to locations outside of the Samba share. 2019-10-25 not yet calculated CVE-2013-4855
MISC
MISC
MISC d-link — dir-865l_wireless_routers D-Link DIR-865L has PHP File Inclusion in the router xml file. 2019-10-25 not yet calculated CVE-2013-4857
MISC
MISC darktrace — enterprise_immune_system Darktrace Enterprise Immune System before 3.1 allows CSRF via the /config endpoint. 2019-10-23 not yet calculated CVE-2019-9597
MISC
MISC
BUGTRAQ
MISC darktrace — enterprise_immune_system
  Darktrace Enterprise Immune System before 3.1 allows CSRF via the /whitelisteddomains endpoint. 2019-10-23 not yet calculated CVE-2019-9596
MISC
MISC
BUGTRAQ
MISC forcepoint — one_endpoint
  This vulnerability allows a normal (non-admin) user to disable the Forcepoint One Endpoint (versions 19.04 through 19.08) and bypass DLP and Web protection. 2019-10-23 not yet calculated CVE-2019-6144
MISC fortinet — forticlient_for_windows
  A malicious DLL preload vulnerability in Fortinet FortiClient for Windows 6.2.0 and below allows a privileged attacker to perform arbitrary code execution via forging that DLL. 2019-10-24 not yet calculated CVE-2019-6692
MISC fortinet — fortios An Insufficient Entropy in PRNG vulnerability in Fortinet FortiOS 6.2.1 and below for device not enable hardware TRNG token and models not support builtin TRNG seed allows attacker to theoretically recover the long term ECDSA secret in a TLS client with a RSA handshake and mutual ECDSA authentication via the help of flush+reload side channel attacks in FortiGate VM models only. 2019-10-24 not yet calculated CVE-2019-15703
MISC foxit_software — phantompdf This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion of DXF files to PDF. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9276. 2019-10-25 not yet calculated CVE-2019-17145
MISC foxit_software — phantompdf This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of Javascript in the HTML2PDF plugin. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8692. 2019-10-25 not yet calculated CVE-2019-17139
MISC
MISC foxit_software — phantompdf This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of script within a Keystroke action of a listbox field. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9081. 2019-10-25 not yet calculated CVE-2019-17142
MISC
MISC foxit_software — phantompdf This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of script within a Calculate action of a text field. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9044. 2019-10-25 not yet calculated CVE-2019-17141
MISC
MISC foxit_software — phantompdf This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the OnFocus event. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9091. 2019-10-25 not yet calculated CVE-2019-17140
MISC
MISC foxit_software — phantompdf This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-9273. 2019-10-25 not yet calculated CVE-2019-17143
MISC foxit_software — phantompdf This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion of DWG files to PDF. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9274. 2019-10-25 not yet calculated CVE-2019-17144
MISC foxit_software — photo_studio This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.909. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion from JPEG to EPS. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-8809. 2019-10-25 not yet calculated CVE-2019-17138
MISC
MISC fujitsu — wireless_keyboard_set_lx390_gk381_devices An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices. Because of the lack of proper encryption of 2.4 GHz communication, an attacker is able to eavesdrop on sensitive data such as passwords. 2019-10-24 not yet calculated CVE-2019-18201
MISC
MISC
MISC fujitsu — wireless_keyboard_set_lx390_gk381_devices An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices. Because of the lack of proper encryption of 2.4 GHz communication, they are prone to keystroke injection attacks. 2019-10-24 not yet calculated CVE-2019-18200
MISC
MISC
MISC fujitsu — wireless_keyboard_set_lx390_gk381_devices An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices. Because of the lack of proper encryption of 2.4 GHz communication, and because of password-based authentication, they are vulnerable to replay attacks. 2019-10-24 not yet calculated CVE-2019-18199
MISC
MISC
MISC fusionpbx — fusionpbx In FusionPBX up to 4.5.7, the file app\destinations\destination_imports.php uses an unsanitized “query_string” variable coming from the URL, which is reflected on 2 occasions in HTML, leading to XSS. 2019-10-23 not yet calculated CVE-2019-16976
MISC
MISC fusionpbx — fusionpbx In FusionPBX up to 4.5.7, the file app\extensions\extension_imports.php uses an unsanitized “query_string” variable coming from the URL, which is reflected in HTML, leading to XSS. 2019-10-23 not yet calculated CVE-2019-16977
MISC
MISC gnu_project — gcc Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impacts. 2019-10-23 not yet calculated CVE-2002-2439
MISC
MISC
CONFIRM
MISC golang — go Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates. 2019-10-24 not yet calculated CVE-2019-17596
CONFIRM
CONFIRM
DEBIAN google — chrome browser/extensions/api/dial/dial_registry.cc in Google Chrome before 54.0.2840.98 on macOS, before 54.0.2840.99 on Windows, and before 54.0.2840.100 on Linux neglects to copy a device ID before an erase() call, which causes the erase operation to access data that that erase operation will destroy. 2019-10-25 not yet calculated CVE-2016-5202
MISC
MISC
MISC
MISC
MISC honeywell — ip-ak2_access_control_panel In IP-AK2 Access Control Panel Version 1.04.07 and prior, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data, which can be accessed without authentication over the network. 2019-10-25 not yet calculated CVE-2019-13525
MISC horde — groupware_webmail_edition Horde Groupware Webmail Edition through 5.2.22 allows XSS via an admin/user.php?form=update_f&user_name= or admin/user.php?form=remove_f&user_name= or admin/config/diff.php?app= URI, related to the Tag Cloud feature. 2019-10-24 not yet calculated CVE-2019-12094
MISC
MISC
MISC
MISC
MISC
MISC horde — groupware_webmail_edition Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 and other products, allows CSRF, as demonstrated by the treanBookmarkTags parameter to the trean/ URI on a webmail server. 2019-10-24 not yet calculated CVE-2019-12095
MISC
MISC
MISC
MISC
MISC
MISC
MISC ibm — cloud_orchestrator
  IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 contain APIs that could be used by a local user to send email. IBM X-Force ID: 162232. 2019-10-25 not yet calculated CVE-2019-4394
XF
CONFIRM ibm — cloud_orchestrator
  IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 could allow a local user to obtain sensitive information from temporary script files. IBM X-Force ID: 162333. 2019-10-25 not yet calculated CVE-2019-4395
XF
CONFIRM ibm — cloud_orchestrator
  IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 162260. 2019-10-25 not yet calculated CVE-2019-4399
XF
CONFIRM ibm — cloud_orchestrator
  IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing “dot dot” sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 162261. 2019-10-25 not yet calculated CVE-2019-4400
XF
CONFIRM ibm — cloud_orchestrator
  IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject arbitrary HTTP headers and cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting, and possibly obtain sensitive information. IBM X-Force ID: 162236. 2019-10-25 not yet calculated CVE-2019-4396
XF
CONFIRM ibm — cloud_orchestrator
  IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 is vulnerable to HTTP Response Splitting caused by improper caching of content. This would allow the attacker to perform further attacks, such as Web Cache poisoning, cross-site scripting and possibly obtain sensitive information. IBM X-Force ID: 163682. 2019-10-25 not yet calculated CVE-2019-4461
XF
CONFIRM ibm — cloud_orchestrator_and_cloud_orchestrator_enterprise IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 through 2.5.0.9 and 2.4 through 2.4.0.5 could allow a local user to obtain sensitive information from SessionManagement cookies. IBM X-Force ID: 162259. 2019-10-24 not yet calculated CVE-2019-4398
XF
CONFIRM ibm — cloud_orchestrator_and_cloud_orchestrator_enterprise
  IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 through 2.5.0.9 and 2.4 through 2.4.0.5 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 162239 2019-10-24 not yet calculated CVE-2019-4397
XF
CONFIRM ibm — cloud_orchestrator_and_cloud_orchestrator_enterprise
  IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 through 2.5.0.9 and 2.4 through 2.4.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 163656. 2019-10-24 not yet calculated CVE-2019-4459
XF
CONFIRM ibm — maximo_asset_management
  IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 164070. 2019-10-24 not yet calculated CVE-2019-4486
XF
CONFIRM ibm — security_access_manager_appliance
  IBM Security Access Manager Appliance could allow unauthenticated attacker to cause a denial of service in the reverse proxy component. IBM X-Force ID: 156159. 2019-10-25 not yet calculated CVE-2019-4036
XF
CONFIRM ignite_realtime — openfire PluginServlet.java in Ignite Realtime Openfire through 4.4.2 does not ensure that retrieved files are located under the Openfire home directory, aka a directory traversal vulnerability. 2019-10-24 not yet calculated CVE-2019-18393
MISC ignite_realtime — openfire A Server Side Request Forgery (SSRF) vulnerability in FaviconServlet.java in Ignite Realtime Openfire through 4.4.2 allows attackers to send arbitrary HTTP GET requests. 2019-10-24 not yet calculated CVE-2019-18394
MISC labf — nfsaxe_ftp_client Buffer overflow in LabF nfsAxe FTP client 3.7 allows an attacker to execute code remotely. 2019-10-25 not yet calculated CVE-2017-14742
EXPLOIT-DB libarchive — libarchive archive_read_format_rar_read_data in archive_read_support_format_rar.c in libarchive before 3.4.0 has a use-after-free in a certain ARCHIVE_FAILED situation, related to Ppmd7_DecodeSymbol. 2019-10-24 not yet calculated CVE-2019-18408
MISC
MISC
MISC
MLIST libidn — libidn2 GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the inclusion of certain punycoded Unicode characters (that would be discarded when converted first to a Unicode label and then back to an ASCII label), arbitrary domains can be impersonated. 2019-10-22 not yet calculated CVE-2019-12290
MISC
CONFIRM
MISC linksys — ea6500_wireless_routers Linksys EA6500 has SMB Symlink Traversal allowing symbolic links to be created to locations outside of the Samba share. 2019-10-25 not yet calculated CVE-2013-4658
MISC
MISC
MISC mapr — cldb A remote code execution vulnerability exists in MapR CLDB code, specifically in the JSON framework that is used in the CLDB code that handles login and ticket issuance. An attacker can use the ‘class’ property of the JSON request sent to the CLDB to influence the JSON library’s decision on which Java class this JSON request is deserialized to. By doing so, the attacker can force the MapR CLDB to construct a URLClassLoader which loads a malicious Java class from a remote path and instantiate this object in the MapR CLDB, thus executing arbitrary code on the machine running the MapR CLDB and take over the cluster. By switching to the newer Jackson library and ensuring that all incoming JSON requests are only deserialized to the same class that it was serialized from, the vulnerability is fixed. This vulnerability affects the entire MapR core platform. 2019-10-24 not yet calculated CVE-2019-12017
MISC milesight — ip_security_cameras Milesight IP security cameras through 2016-11-14 have a buffer overflow in a web application via a long username or password. 2019-10-25 not yet calculated CVE-2016-2356
MISC
MISC
MISC milesight — ip_security_cameras Milesight IP security cameras through 2016-11-14 allow remote attackers to bypass authentication and access a protected resource by simultaneously making a request for the unprotected vb.htm resource. 2019-10-25 not yet calculated CVE-2016-2359
MISC
MISC
MISC milesight — ip_security_cameras Milesight IP security cameras through 2016-11-14 have a default set of 10 privileged accounts with hardcoded credentials. They are accessible if the customer has not configured 10 actual user accounts. 2019-10-25 not yet calculated CVE-2016-2358
MISC
MISC
MISC milesight — ip_security_cameras Milesight IP security cameras through 2016-11-14 have a hardcoded SSL private key under the /etc/config directory. 2019-10-25 not yet calculated CVE-2016-2357
MISC
MISC
MISC milesight — ip_security_cameras Milesight IP security cameras through 2016-11-14 have a default root password in /etc/shadow that is the same across different customers’ installations. 2019-10-25 not yet calculated CVE-2016-2360
MISC
MISC
MISC mp3gain_project — mp3gain A buffer over-read was discovered in ReadMP3APETag in apetag.c in MP3Gain 1.6.2. The vulnerability causes an application crash, which leads to remote denial of service. 2019-10-23 not yet calculated CVE-2019-18359
MISC netapp — clustered_data_ontap
  Clustered Data ONTAP versions 9.2 through 9.6 are susceptible to a vulnerability which allows an attacker to use l2ping to cause a Denial of Service (DoS). 2019-10-25 not yet calculated CVE-2019-5508
MISC nipper-ng — nipper-ng A stack-based buffer overflow in the processPrivilage() function in IOS/process-general.c in nipper-ng 0.11.10 allows remote attackers (serving firewall configuration files) to achieve Remote Code Execution or Denial Of Service via a crafted file. 2019-10-22 not yet calculated CVE-2019-17424
MISC
MISC
MISC
MISC node.js — node.js The Post editor functionality in the hexo-admin plugin versions 2.3.0 and earlier for Node.js is vulnerable to stored XSS via the content of a post. 2019-10-23 not yet calculated CVE-2019-17606
MISC
MISC
MISC
CONFIRM philips — intellispace_perinatal In IntelliSpace Perinatal, Versions K and prior, a vulnerability within the IntelliSpace Perinatal application environment could enable an unauthorized attacker with physical access to a locked application screen, or an authorized remote desktop session host application user to break-out from the containment of the application and access unauthorized resources from the Windows operating system as the limited-access Windows user. Due to potential Windows vulnerabilities, it may be possible for additional attack methods to be used to escalate privileges on the operating system. 2019-10-25 not yet calculated CVE-2019-13546
MISC

project_floodlight — open_floodlight_sdn_controller_software

A vulnerability in version 0.90 of the Open Floodlight SDN controller software could result in a denial of service attack and crashing of the controller service. This effect is the result of a flaw in OpenFlow protocol processing, where specific malformed and mistimed FEATURES_REPLY messages cause the controller service to not delete switch and port data from its internal tracking structures. 2019-10-23 not yet calculated CVE-2014-2304
MISC python — python An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in the host component of a URL) followed by an HTTP header. This is similar to the CVE-2019-9740 query string issue and the CVE-2019-9947 path string issue. (This is not exploitable when glibc has CVE-2016-10739 fixed.) 2019-10-23 not yet calculated CVE-2019-18348
MISC
MISC repetier-server — repetier-server RepetierServer.exe in Repetier-Server 0.8 through 0.91 does not properly validate the XML data structure provided when uploading a new printer configuration. When this is combined with CVE-2019-14450, an attacker can upload an “external command” configuration as a printer configuration, and achieve remote code execution. After exploitation, loading of the external command configuration is dependent on a system reboot or service restart. 2019-10-25 not yet calculated CVE-2019-14451
CONFIRM
MISC rittal — rittal_chiller_sk_3232-series Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 ? B1.2.4. The authentication mechanism on affected systems is configured using hard-coded credentials. These credentials could allow attackers to influence the primary operations of the affected systems, namely turning the cooling unit on and off and setting the temperature set point. 2019-10-25 not yet calculated CVE-2019-13553
MISC rittal — rittal_chiller_sk_3232-series Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 ? B1.2.4. The authentication mechanism on affected systems does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning the cooling unit on and off and setting the temperature set point, can be modified without authentication. 2019-10-25 not yet calculated CVE-2019-13549
MISC ruby_parser-legacy_gem_for_ruby_on_rails — ruby_parser-legacy_gem_for_ruby_on_rails The ruby_parser-legacy (aka legacy) gem 1.0.0 for Ruby allows local privilege escalation because of world-writable files. For example, if the brakeman gem (which has a legacy dependency) 4.5.0 through 4.7.0 is used, a local user can insert malicious code into the ruby_parser-legacy-1.0.0/lib/ruby_parser/legacy/ruby_parser.rb file. 2019-10-24 not yet calculated CVE-2019-18409
MISC sangoma — session_border_controller The Sangoma Session Border Controller (SBC) 2.3.23-119 GA web interface is vulnerable to an authentication bypass via an argument injection vulnerability involving special characters in the username field. Upon successful exploitation, a remote unauthenticated user can login into the device’s admin web portal without providing any credentials. This affects /var/webconfig/gui/Webconfig.inc.php. 2019-10-22 not yet calculated CVE-2019-12148
MISC
FULLDISC sangoma — session_border_controller The Sangoma Session Border Controller (SBC) 2.3.23-119 GA web interface is vulnerable to Argument Injection via special characters in the username field. Upon successful exploitation, a remote unauthenticated user can create a local system user with sudo privileges, and use that user to login to the system (either via the web interface or via SSH) to achieve complete compromise of the device. This affects /var/webconfig/gui/Webconfig.inc.php and /usr/local/sng/bin/sng-user-mgmt. 2019-10-22 not yet calculated CVE-2019-12147
MISC
FULLDISC
MISC schlix — schlix_cms admin/app/mediamanager in Schlix CMS 2.1.8-7 allows Authenticated Unrestricted File Upload, leading to remote code execution. 2019-10-24 not yet calculated CVE-2019-11021
MISC
MISC sourcecodester — restaurant_management_system Sourcecodester Restaurant Management System 1.0 allows XSS via the “send a message” screen. 2019-10-24 not yet calculated CVE-2019-18415
MISC sourcecodester — restaurant_management_system Sourcecodester Restaurant Management System 1.0 allows an authenticated attacker to upload arbitrary files that can result in code execution. The issue occurs because the application fails to adequately sanitize user-supplied input, e.g., “add a new food” allows .php files. 2019-10-24 not yet calculated CVE-2019-18417
MISC sourcecodester — restaurant_management_system Sourcecodester Restaurant Management System 1.0 allows XSS via the Last Name field of a member. 2019-10-24 not yet calculated CVE-2019-18416
MISC sourcecodester — restaurant_management_system Sourcecodester Restaurant Management System 1.0 is affected by an admin/staff-exec.php Cross Site Request Forgery vulnerability due to a lack of CSRF protection. This could lead to an attacker tricking the administrator into executing arbitrary code or adding a staff entry via a crafted HTML page. 2019-10-24 not yet calculated CVE-2019-18414
MISC sourcecodester — hotel_and_lodge_management_system Sourcecodester Hotel and Lodge Management System 1.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the id parameter to the edit page for Customer, Room, Currency, Room Booking Details, or Tax Details. 2019-10-23 not yet calculated CVE-2019-18387
MISC symantec — symantec_messaging_gateway Symantec Messaging Gateway (prior to 10.7.0), may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data. 2019-10-24 not yet calculated CVE-2019-9699
CONFIRM teamviewer — teamviewer A DLL side loading vulnerability in the Windows Service in TeamViewer versions up to 11.0.133222 (fixed in 11.0.214397), 12.0.181268 (fixed in 12.0.214399), 13.2.36215 (fixed in 13.2.36216), and 14.6.4835 (fixed in 14.7.1965) on Windows could allow an attacker to perform code execution on a target system via a service restart where the DLL was previously installed with administrative privileges. Exploitation requires that an attacker be able to create a new file in the TeamViewer application directory; directory permissions restrict that by default. 2019-10-24 not yet calculated CVE-2019-18196
CONFIRM tenable — nessus Nessus versions 8.6.0 and earlier were found to contain a Denial of Service vulnerability due to improper validation of specific imported scan types. An authenticated, remote attacker could potentially exploit this vulnerability to cause a Nessus scanner to become temporarily unresponsive. 2019-10-23 not yet calculated CVE-2019-3982
MISC terramaster — fs-210_devices An issue was discovered on TerraMaster FS-210 4.0.19 devices. An unauthenticated attacker can download log files via the include/makecvs.php?Event= substring. 2019-10-23 not yet calculated CVE-2019-18385
MISC terramaster — fs-210_devices An issue was discovered on TerraMaster FS-210 4.0.19 devices. One can download backup files remotely from terramaster_TNAS-00E43A_config_backup.bin without permission. 2019-10-23 not yet calculated CVE-2019-18383
MISC terramaster — fs-210_devices An issue was discovered on TerraMaster FS-210 4.0.19 devices. An authenticated remote non-administrative user can read unauthorized shared files, as demonstrated by the filename=*public*%25252Fadmin_OnlyRead.txt substring. 2019-10-23 not yet calculated CVE-2019-18384
MISC thycotic — secret_server An XSS issue was discovered in Thycotic Secret Server before 10.7 (issue 1 of 2). 2019-10-23 not yet calculated CVE-2019-18356
MISC thycotic — secret_server An SSRF issue was discovered in the legacy Web launcher in Thycotic Secret Server before 10.7. 2019-10-23 not yet calculated CVE-2019-18355
MISC thycotic — secret_server An XSS issue was discovered in Thycotic Secret Server before 10.7 (issue 2 of 2). 2019-10-23 not yet calculated CVE-2019-18357
MISC tonyy — dormsystem tonyy dormsystem through 1.3 allows DOM XSS. 2019-10-24 not yet calculated CVE-2019-17581
MISC
MISC tp-link — m7350_devices TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow triggerPort OS Command Injection (issue 5 of 5). 2019-10-24 not yet calculated CVE-2019-13653
MISC tp-link — m7350_devices TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow serviceName OS Command Injection (issue 4 of 5). 2019-10-24 not yet calculated CVE-2019-13652
MISC tp-link — m7350_devices TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow internalPort OS Command Injection (issue 2 of 5). 2019-10-24 not yet calculated CVE-2019-13650
MISC tp-link — m7350_devices TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow externalPort OS Command Injection (issue 1 of 5). 2019-10-24 not yet calculated CVE-2019-13649
MISC tp-link — m7350_devices TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow portMappingProtocol OS Command Injection (issue 3 of 5). 2019-10-24 not yet calculated CVE-2019-13651
MISC
MISC tp-link — tl-wdr4300_wireless_routers TP-Link TL-WDR4300 version 3.13.31 has multiple CSRF vulnerabilities. 2019-10-25 not yet calculated CVE-2013-4848
MISC
MISC
MISC
MISC
MISC typestack — class-validator In TypeStack class-validator 0.10.2, validate() input validation can be bypassed because certain internal attributes can be overwritten via a conflicting name. Even though there is an optional forbidUnknownValues parameter that can be used to reduce the risk of this bypass, this option is not documented and thus most developers configure input validation in the vulnerable default manner. With this vulnerability, attackers can launch SQL Injection or XSS attacks by injecting arbitrary malicious input. NOTE: a software maintainer agrees with the “is not documented” finding but suggests that much of the responsibility for the risk lies in a different product. 2019-10-24 not yet calculated CVE-2019-18413
MISC wacom — update_helper_driver An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3, update helper service in the start/stopLaunchDProcess command. The command takes a user-supplied string argument and executes launchctl under root context. A user with local access can use this vulnerability to raise load arbitrary launchD agents. An attacker would need local access to the machine for a successful exploit. 2019-10-24 not yet calculated CVE-2019-5013
MISC wacom — update_helper_driver
  An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3, update helper service in the startProcess command. The command takes a user-supplied script argument and executes it under root context. A user with local access can use this vulnerability to raise their privileges to root. An attacker would need local access to the machine for a successful exploit. 2019-10-24 not yet calculated CVE-2019-5012
MISC wordpress — wordpress The Showbiz Pro plugin through 1.7.1 for WordPress has PHP code execution by uploading a .php file within a ZIP archive. 2019-10-22 not yet calculated CVE-2015-9499
MISC
MISC
EXPLOIT-DB wordpress — wordpress The Easy Digital Downloads (EDD) Recommended Products extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused. 2019-10-23 not yet calculated CVE-2015-9523
MISC wordpress — wordpress The Easy Digital Downloads (EDD) QR Code extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused. 2019-10-23 not yet calculated CVE-2015-9522
MISC wordpress — wordpress The Easy Digital Downloads (EDD) Amazon S3 extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused. 2019-10-23 not yet calculated CVE-2015-9506
MISC wordpress — wordpress The Easy Digital Downloads (EDD) Invoices extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused. 2019-10-23 not yet calculated CVE-2015-9516
MISC wordpress — wordpress The Easy Digital Downloads (EDD) Manual Purchases extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused. 2019-10-23 not yet calculated CVE-2015-9517
MISC wordpress — wordpress The Easy Digital Downloads (EDD) Per Product Emails extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused. 2019-10-23 not yet calculated CVE-2015-9520
MISC wordpress — wordpress The Easy Digital Downloads (EDD) PDF Stamper extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused. 2019-10-23 not yet calculated CVE-2015-9519
MISC wordpress — wordpress The weeklynews theme before 2.2.9 for WordPress has XSS via the s parameter. 2019-10-23 not yet calculated CVE-2015-9504
MISC wordpress — wordpress The Easy Digital Downloads (EDD) Pushover Notifications extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused. 2019-10-23 not yet calculated CVE-2015-9521
MISC wordpress — wordpress The Easy Digital Downloads (EDD) Recount Earnings extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused. 2019-10-23 not yet calculated CVE-2015-9524
MISC wordpress — wordpress The Easy Digital Downloads (EDD) PDF Invoices extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused. 2019-10-23 not yet calculated CVE-2015-9518
MISC wustl — xnat WUSTL XNAT 1.7.5.3 allows XXE attacks via a POST request body. 2019-10-23 not yet calculated CVE-2019-14276
MISC
MISC
MISC xiaomi — mi_wifi_r3g_devices An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable. The backup file is in tar.gz format. After uploading, the application uses the tar zxf command to decompress, so one can control the contents of the files in the decompressed directory. In addition, the application’s sh script for testing upload and download speeds reads a URL list from /tmp/speedtest_urls.xml, and there is a command injection vulnerability, as demonstrated by api/xqnetdetect/netspeed. 2019-10-23 not yet calculated CVE-2019-18370
MISC xiaomi — mi_wifi_r3g_devices An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable. There is a directory traversal vulnerability to read arbitrary files via a misconfigured NGINX alias, as demonstrated by api-third-party/download/extdisks../etc/config/account. With this vulnerability, the attacker can bypass authentication. 2019-10-23 not yet calculated CVE-2019-18371
MISC xml_language_server — xml_language_server XMLLanguageService.java in XML Language Server (aka lsp4xml) before 0.9.1, as used in Red Hat XML Language Support (aka vscode-xml) before 0.9.1 for Visual Studio and other products, allows a remote attacker to write to arbitrary files via Directory Traversal. 2019-10-23 not yet calculated CVE-2019-18212
MISC
CONFIRM
MISC
MISC
MISC
MISC xml_language_server — xml_language_server
  XML Language Server (aka lsp4xml) before 0.9.1, as used in Red Hat XML Language Support (aka vscode-xml) before 0.9.1 for Visual Studio and other products, allows XXE via a crafted XML document, with resultant SSRF (as well as SMB connection initiation that can lead to NetNTLM challenge/response capture for password cracking). This occurs in extensions/contentmodel/participants/diagnostics/LSPXMLParserConfiguration.java. 2019-10-23 not yet calculated CVE-2019-18213
MISC
CONFIRM
MISC
MISC
MISC
MISC youphptube — youphptube SQL injection vulnerabilities exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with Parameter name in /objects/pluginSwitch.json.php. 2019-10-25 not yet calculated CVE-2019-5122
MISC youphptube — youphptube
  A command injection have been found in YouPHPTube Encoder. A successful attack could allow an attacker to compromise the server. Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing encoder functionality in YouPHPTube. The parameter base64Url in /objects/getSpiritsFromVideo.php is vulnerable to a command injection attack. 2019-10-25 not yet calculated CVE-2019-5129
MISC youphptube — youphptube
  A command injection have been found in YouPHPTube Encoder. A successful attack could allow an attacker to compromise the server. Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing encoder functionality in YouPHPTube. The parameter base64Url in /objects/getImage.php is vulnerable to a command injection attack. 2019-10-25 not yet calculated CVE-2019-5127
MISC youphptube — youphptube
  Specially crafted web requests can cause SQL injections in YouPHPTube 7.6. An attacker can send a web request with Parameter dir in /objects/pluginSwitch.json.php. 2019-10-25 not yet calculated CVE-2019-5123
MISC youphptube — youphptube
  SQL injection vulnerabilities exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with Parameter uuid in /objects/pluginSwitch.json.php 2019-10-25 not yet calculated CVE-2019-5121
MISC youphptube — youphptube
  An exploitable SQL injection vulnerability exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing exfiltration of the database, user credentials and in certain configurations, access the underlying operating system. 2019-10-25 not yet calculated CVE-2019-5120
MISC youphptube — youphptube
  An exploitable SQL injection vulnerability exist in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing exfiltration of the database, user credentials and in certain configurations, access the underlying operating system. 2019-10-25 not yet calculated CVE-2019-5119
MISC youphptube — youphptube
  Exploitable SQL injection vulnerabilities exists in the authenticated portion of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing exfiltration of the database, user credentials and in certain configuration, access the underlying operating system. 2019-10-25 not yet calculated CVE-2019-5117
MISC youphptube — youphptube
  An exploitable SQL injection vulnerability exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause a SQL injection. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing exfiltration of the database, user credentials and in certain configuration, access the underlying operating system. 2019-10-25 not yet calculated CVE-2019-5116
MISC youphptube — youphptube
  An exploitable SQL injection vulnerability exists in the authenticated portion of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing exfiltration of the database, user credentials and,in certain configuration, access the underlying operating system. 2019-10-25 not yet calculated CVE-2019-5114
MISC youphptube — youphptube
  A command injection have been found in YouPHPTube Encoder. A successful attack could allow an attacker to compromise the server. Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing encoder functionality in YouPHPTube. The parameter base64Url in /objects/getImageMP4.php is vulnerable to a command injection attack. 2019-10-25 not yet calculated CVE-2019-5128
MISC zend_framework — zend_framework Zend Framework before 2.2.10 and 2.3.x before 2.3.5 has Potential SQL injection in PostgreSQL Zend\Db adapter. 2019-10-25 not yet calculated CVE-2015-0270
MISC