CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In December 2019 (CVSS score >= 5)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-20197 78 Exec Code 2019-12-31 2020-01-07
9.0
None Remote Low ??? Complete Complete Complete
In Nagios XI 5.6.9, an authenticated user is able to execute arbitrary OS commands via shell metacharacters in the id parameter to schedulereport.php, in the context of the web-server user account.
2 CVE-2019-20176 400 2019-12-31 2020-02-08
5.0
None Remote Low Not required None None Partial
In Pure-FTPd 1.0.49, a stack exhaustion issue was discovered in the listdir function in ls.c.
3 CVE-2019-20175 754 2019-12-31 2020-01-15
5.0
None Remote Low Not required None None Partial
** DISPUTED ** An issue was discovered in ide_dma_cb() in hw/ide/core.c in QEMU 2.4.0 through 4.2.0. The guest system can crash the QEMU process in the host system via a special SCSI_IOCTL_SEND_COMMAND. It hits an assertion that implies that the size of successful DMA transfers there must be a multiple of 512 (the size of a sector). NOTE: a member of the QEMU security team disputes the significance of this issue because a "privileged guest user has many ways to cause similar DoS effect, without triggering this assert."
4 CVE-2019-20149 668 2019-12-30 2020-08-24
5.0
None Remote Low Not required None Partial None
ctorName in index.js in kind-of v6.0.2 allows external user input to overwrite certain internal attributes via a conflicting name, as demonstrated by 'constructor': {'name':'Symbol'}. Hence, a crafted payload can overwrite this builtin attribute to manipulate the type detection result.
5 CVE-2019-20140 787 Overflow 2019-12-30 2020-01-07
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in libsixel 1.8.4. There is a heap-based buffer overflow in the function gif_out_code at fromgif.c.
6 CVE-2019-20138 326 2019-12-30 2021-07-21
5.0
None Remote Low Not required Partial None None
The HTTP Authentication library before 2019-12-27 for Nim has weak password hashing because the default algorithm for libsodium's crypto_pwhash_str is not used.
7 CVE-2019-20094 787 Overflow 2019-12-30 2020-01-03
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in libsixel 1.8.4. There is a heap-based buffer overflow in the function gif_init_frame at fromgif.c.
8 CVE-2019-20090 416 2019-12-30 2020-01-07
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Bento4 1.5.1.0. There is a use-after-free in AP4_Sample::GetOffset in Core/Ap4Sample.h when called from Ap4LinearReader.cpp.
9 CVE-2019-20089 125 2019-12-30 2020-01-07
6.8
None Remote Medium Not required Partial Partial Partial
GoPro GPMF-parser 1.2.3 has an heap-based buffer over-read in GPMF_SeekToSamples in GPMF_parse.c for the size calculation.
10 CVE-2019-20088 125 2019-12-30 2020-01-07
6.8
None Remote Medium Not required Partial Partial Partial
GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in GetPayload in GPMF_mp4reader.c.
11 CVE-2019-20087 125 2019-12-30 2020-01-08
6.8
None Remote Medium Not required Partial Partial Partial
GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in GPMF_seekToSamples in GPMF-parse.c for the "matching tags" feature.
12 CVE-2019-20086 125 2019-12-30 2020-01-08
6.8
None Remote Medium Not required Partial Partial Partial
GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in GPMF_Next in GPMF_parser.c.
13 CVE-2019-20085 22 Dir. Trav. 2019-12-30 2020-04-14
5.0
None Remote Low Not required Partial None None
TVT NVMS-1000 devices allow GET /.. Directory Traversal
14 CVE-2019-20079 416 2019-12-30 2020-10-20
6.8
None Remote Medium Not required Partial Partial Partial
The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory.
15 CVE-2019-20071 352 CSRF 2019-12-30 2020-01-02
5.8
None Remote Medium Not required None Partial Partial
On Netis DL4323 devices, CSRF exists via form2logaction.cgi to delete all logs.
16 CVE-2019-20063 665 2019-12-29 2020-01-08
6.8
None Remote Medium Not required Partial Partial Partial
hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by mysofa2json.
17 CVE-2019-20055 918 2019-12-29 2020-01-02
6.4
None Remote Low Not required Partial Partial None
LuquidPixels LiquiFire OS 4.8.0 allows SSRF via the call%3Durl substring followed by a URL in square brackets.
18 CVE-2019-20049 Exec Code Dir. Trav. Bypass 2019-12-27 2020-01-07
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Alcatel-Lucent OmniVista 4760 devices. A remote unauthenticated attacker can chain a directory traversal (which helps to bypass authentication) with an insecure file upload to achieve Remote Code Execution as SYSTEM. The directory traversal is in the __construct() whereas the insecure file upload is in SetSkinImages().
19 CVE-2019-20048 434 Exec Code 2019-12-27 2020-01-07
9.0
None Remote Low ??? Complete Complete Complete
An issue was discovered on Alcatel-Lucent OmniVista 8770 devices before 4.1.2. An authenticated remote attacker, with elevated privileges in the Web Directory component on port 389, may upload a PHP file to achieve Remote Code Execution as SYSTEM.
20 CVE-2019-20047 522 2019-12-27 2020-01-07
5.0
None Remote Low Not required Partial None None
An issue was discovered on Alcatel-Lucent OmniVista 4760 devices, and 8770 devices before 4.1.2. An incorrect web server configuration allows a remote unauthenticated attacker to retrieve the content of its own session files. Every session file contains the administrative LDAP credentials encoded in a reversible format. Sessions are stored in /sessions/sess_<sessionid>.
21 CVE-2019-20043 269 Bypass 2019-12-27 2020-01-10
5.0
None Remote Low Not required None Partial None
In in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in WordPress 3.7 to 5.3.0, authenticated users who do not have the rights to publish a post are able to mark posts as sticky or unsticky via the REST API. For example, the contributor role does not have such rights, but this allowed them to bypass that. This has been patched in WordPress 5.3.1, along with all the previous WordPress versions from 3.7 to 5.3 via a minor release.
22 CVE-2019-20041 20 Bypass 2019-12-27 2020-01-08
7.5
None Remote Low Not required Partial Partial Partial
wp_kses_bad_protocol in wp-includes/kses.php in WordPress before 5.3.1 mishandles the HTML5 colon named entity, allowing attackers to bypass input sanitization, as demonstrated by the javascript&colon; substring.
23 CVE-2019-20014 415 2019-12-27 2020-05-22
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c.
24 CVE-2019-20011 125 2019-12-27 2020-05-22
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decode_R13_R2000 in decode.c.
25 CVE-2019-20010 416 2019-12-27 2020-05-22
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolve_objectref_vector in decode.c.
26 CVE-2019-20006 416 2019-12-26 2020-01-02
5.0
None Remote Low Not required None None Partial
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_char_content puts a pointer to the internal address of a larger block as xml->txt. This is later deallocated (using free), leading to a segmentation fault.
27 CVE-2019-20000 367 2019-12-26 2020-01-08
5.8
None Remote Medium Not required None Partial Partial
The malware scan function in BullGuard Premium Protection 20.0.371.8 has a TOCTOU issue that enables a symbolic link attack, allowing privileged files to be deleted.
28 CVE-2019-19999 918 2019-12-26 2020-01-08
6.5
None Remote Low ??? Partial Partial Partial
Halo before 1.2.0-beta.1 allows Server Side Template Injection (SSTI) because TemplateClassResolver.SAFER_RESOLVER is not used in the FreeMarker configuration.
29 CVE-2019-19998 611 2019-12-26 2020-01-07
5.0
None Remote Low Not required Partial None None
Xiuno BBS 4.0 allows XXE via plugin/xn_wechat_public/route/token.php.
30 CVE-2019-19996 20 DoS 2019-12-26 2021-07-21
7.8
None Remote Low Not required None None Complete
An issue was discovered on Intelbras IWR 3000N 1.8.7 devices. A malformed login request allows remote attackers to cause a denial of service (reboot), as demonstrated by JSON misparsing of the \""} string to v1/system/login.
31 CVE-2019-19995 352 CSRF 2019-12-26 2020-01-15
9.3
None Remote Medium Not required Complete Complete Complete
A CSRF issue was discovered on Intelbras IWR 3000N 1.8.7 devices, leading to complete control of the router, as demonstrated by v1/system/user.
32 CVE-2019-19985 200 +Info 2019-12-26 2021-07-21
5.0
None Remote Low Not required Partial None None
The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed unauthenticated file download with user information disclosure.
33 CVE-2019-19984 863 2019-12-26 2020-08-24
6.5
None Remote Low ??? Partial Partial Partial
The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed users with edit_post capabilities to manage plugin settings and email campaigns.
34 CVE-2019-19982 287 2019-12-26 2019-12-30
5.0
None Remote Low Not required None Partial None
The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed for unauthenticated option creation. In order to exploit this vulnerability, an attacker would need to send a /wp-admin/admin-post.php?es_skip=1&option_name= request.
35 CVE-2019-19979 352 XSS CSRF 2019-12-26 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
A flaw in the WordPress plugin, WP Maintenance before 5.0.6, allowed attackers to enable a vulnerable site's maintenance mode and inject malicious code affecting site visitors. There was CSRF with resultant XSS.
36 CVE-2019-19977 125 2019-12-26 2020-01-03
7.5
None Remote Low Not required Partial Partial Partial
libESMTP through 1.0.6 mishandles domain copying into a fixed-size buffer in ntlm_build_type_2 in ntlm/ntlmstruct.c, as demonstrated by a stack-based buffer over-read.
37 CVE-2019-19967 319 2019-12-25 2020-01-08
5.0
None Remote Low Not required Partial None None
The Administration page on Connect Box EuroDOCSIS 3.0 Voice Gateway CH7465LG-NCIP-6.12.18.25-2p6-NOSH devices accepts a cleartext password in a POST request on port 80, as demonstrated by the Password field to the xml/setter.xml URI.
38 CVE-2019-19962 327 2019-12-25 2021-07-21
5.0
None Remote Low Not required Partial None None
wolfSSL before 4.3.0 mishandles calls to wc_SignatureGenerateHash, leading to fault injection in RSA cryptography.
39 CVE-2019-19956 772 2019-12-24 2021-07-21
5.0
None Remote Low Not required None None Partial
xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.
40 CVE-2019-19954 427 +Priv 2019-12-24 2020-08-24
6.9
None Local Medium Not required Complete Complete Complete
Signal Desktop before 1.29.1 on Windows allows local users to gain privileges by creating a Trojan horse %SYSTEMDRIVE%\node_modules\.bin\wmic.exe file.
41 CVE-2019-19953 125 2019-12-24 2020-01-15
6.4
None Remote Low Not required Partial None Partial
In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c.
42 CVE-2019-19952 416 2019-12-24 2020-01-02
7.5
None Remote Low Not required Partial Partial Partial
In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to ReadOneMNGImage.
43 CVE-2019-19951 787 Overflow 2019-12-24 2020-01-15
7.5
None Remote Low Not required Partial Partial Partial
In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c.
44 CVE-2019-19950 416 2019-12-24 2020-01-15
7.5
None Remote Low Not required Partial Partial Partial
In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c.
45 CVE-2019-19949 125 2019-12-24 2020-09-30
6.4
None Remote Low Not required Partial None Partial
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.
46 CVE-2019-19948 787 Overflow 2019-12-24 2020-09-30
7.5
None Remote Low Not required Partial Partial Partial
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.
47 CVE-2019-19931 787 Overflow 2019-12-23 2019-12-30
6.8
None Remote Medium Not required Partial Partial Partial
In libIEC61850 1.4.0, MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c has a heap-based buffer overflow.
48 CVE-2019-19929 426 Exec Code 2019-12-23 2020-01-03
6.9
None Local Medium Not required Complete Complete Complete
An Untrusted Search Path vulnerability in Malwarebytes AdwCleaner before 8.0.1 could cause arbitrary code execution with SYSTEM privileges when a malicious DLL library is loaded by the product.
49 CVE-2019-19926 476 2019-12-23 2020-08-06
5.0
None Remote Low Not required None None Partial
multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880.
50 CVE-2019-19925 434 2019-12-24 2020-01-14
5.0
None Remote Low Not required None None Partial
zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.
Total number of vulnerabilities : 953   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.