CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In December 2019

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
101 CVE-2019-19960 2019-12-25 2020-01-02
4.3
None Remote Medium Not required Partial None None
In wolfSSL before 4.3.0, wc_ecc_mulmod_ex does not properly resist side-channel attacks.
102 CVE-2019-19958 681 DoS 2019-12-24 2020-08-24
4.3
None Remote Medium Not required None None Partial
In libIEC61850 1.4.0, StringUtils_createStringFromBuffer in common/string_utilities.c has an integer signedness issue that could lead to an attempted excessive memory allocation and denial of service.
103 CVE-2019-19957 125 2019-12-24 2020-01-03
4.3
None Remote Medium Not required None None Partial
In libIEC61850 1.4.0, getNumberOfElements in mms/iso_mms/server/mms_access_result.c has an out-of-bounds read vulnerability, related to bufPos and elementLength.
104 CVE-2019-19956 772 2019-12-24 2021-07-21
5.0
None Remote Low Not required None None Partial
xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.
105 CVE-2019-19954 427 +Priv 2019-12-24 2020-08-24
6.9
None Local Medium Not required Complete Complete Complete
Signal Desktop before 1.29.1 on Windows allows local users to gain privileges by creating a Trojan horse %SYSTEMDRIVE%\node_modules\.bin\wmic.exe file.
106 CVE-2019-19953 125 2019-12-24 2020-01-15
6.4
None Remote Low Not required Partial None Partial
In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c.
107 CVE-2019-19952 416 2019-12-24 2020-01-02
7.5
None Remote Low Not required Partial Partial Partial
In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to ReadOneMNGImage.
108 CVE-2019-19951 787 Overflow 2019-12-24 2020-01-15
7.5
None Remote Low Not required Partial Partial Partial
In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c.
109 CVE-2019-19950 416 2019-12-24 2020-01-15
7.5
None Remote Low Not required Partial Partial Partial
In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c.
110 CVE-2019-19949 125 2019-12-24 2020-09-30
6.4
None Remote Low Not required Partial None Partial
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.
111 CVE-2019-19948 787 Overflow 2019-12-24 2020-09-30
7.5
None Remote Low Not required Partial Partial Partial
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.
112 CVE-2019-19947 908 +Info 2019-12-24 2020-09-15
2.1
None Local Low Not required Partial None None
In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c.
113 CVE-2019-19944 125 2019-12-23 2019-12-30
4.3
None Remote Medium Not required None None Partial
In libIEC61850 1.4.0, BerDecoder_decodeUint32 in mms/asn1/ber_decode.c has an out-of-bounds read, related to intLen and bufPos.
114 CVE-2019-19931 787 Overflow 2019-12-23 2019-12-30
6.8
None Remote Medium Not required Partial Partial Partial
In libIEC61850 1.4.0, MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c has a heap-based buffer overflow.
115 CVE-2019-19930 190 2019-12-23 2019-12-30
4.3
None Remote Medium Not required None None Partial
In libIEC61850 1.4.0, MmsValue_newOctetString in mms/iso_mms/common/mms_value.c has an integer signedness error that can lead to an attempted excessive memory allocation.
116 CVE-2019-19929 426 Exec Code 2019-12-23 2020-01-03
6.9
None Local Medium Not required Complete Complete Complete
An Untrusted Search Path vulnerability in Malwarebytes AdwCleaner before 8.0.1 could cause arbitrary code execution with SYSTEM privileges when a malicious DLL library is loaded by the product.
117 CVE-2019-19927 125 2019-12-31 2020-05-14
3.6
None Local Low Not required Partial None Partial
In the Linux kernel 5.0.0-rc7 (as distributed in ubuntu/linux.git on kernel.ubuntu.com), mounting a crafted f2fs filesystem image and performing some operations can lead to slab-out-of-bounds read access in ttm_put_pages in drivers/gpu/drm/ttm/ttm_page_alloc.c. This is related to the vmwgfx or ttm module.
118 CVE-2019-19926 476 2019-12-23 2020-08-06
5.0
None Remote Low Not required None None Partial
multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880.
119 CVE-2019-19925 434 2019-12-24 2020-01-14
5.0
None Remote Low Not required None None Partial
zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.
120 CVE-2019-19924 755 2019-12-24 2021-06-29
5.0
None Remote Low Not required None Partial None
SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling.
121 CVE-2019-19923 476 2019-12-24 2020-01-14
5.0
None Remote Low Not required None None Partial
flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).
122 CVE-2019-19922 400 DoS 2019-12-22 2021-06-14
2.1
None Local Low Not required None None Partial
kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1. (In other words, although this slice expiration would typically be seen with benign workloads, it is possible that an attacker could calculate how many stray requests are required to force an entire Kubernetes cluster into a low-performance state caused by slice expiration, and ensure that a DDoS attack sent that number of stray requests. An attack does not affect the stability of the kernel; it only causes mismanagement of application execution.)
123 CVE-2019-19920 78 Exec Code 2019-12-22 2020-09-22
9.0
None Remote Low ??? Complete Complete Complete
sa-exim 4.2.1 allows attackers to execute arbitrary code if they can write a .cf file or a rule. This occurs because Greylisting.pm relies on eval (rather than direct parsing and/or use of the taint feature). This issue is similar to CVE-2018-11805.
124 CVE-2019-19919 74 Exec Code 2019-12-20 2021-07-22
7.5
None Remote Low Not required Partial Partial Partial
Versions of handlebars prior to 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Object's __proto__ and __defineGetter__ properties, which may allow an attacker to execute arbitrary code through crafted payloads.
125 CVE-2019-19918 787 Overflow 2019-12-20 2020-11-02
6.8
None Remote Medium Not required Partial Partial Partial
Lout 3.40 has a heap-based buffer overflow in the srcnext() function in z02.c.
126 CVE-2019-19917 120 Overflow 2019-12-20 2020-11-05
6.8
None Remote Medium Not required Partial Partial Partial
Lout 3.40 has a buffer overflow in the StringQuotedWord() function in z39.c.
127 CVE-2019-19916 79 XSS 2019-12-20 2020-01-14
4.3
None Remote Medium Not required None Partial None
In Midori Browser 0.5.11 (on Windows 10), Content Security Policy (CSP) is not applied correctly to all parts of multipart content sent with the multipart/x-mixed-replace MIME type. This could result in script running where CSP should have blocked it, allowing for cross-site scripting (XSS) and other attacks when the product renders the content as HTML. Remediating this would also need to consider the polyglot case, e.g., a file that is a valid GIF image and also valid JavaScript.
128 CVE-2019-19915 352 XSS CSRF 2019-12-19 2020-08-24
6.0
None Remote Medium ??? Partial Partial Partial
The "301 Redirects - Easy Redirect Manager" plugin before 2.45 for WordPress allows users (with subscriber or greater access) to modify, delete, or inject redirect rules, and exploit XSS, with the /admin-ajax.php?action=eps_redirect_save and /admin-ajax.php?action=eps_redirect_delete actions. This could result in a loss of site availability, malicious redirects, and user infections. This could also be exploited via CSRF.
129 CVE-2019-19910 79 XSS 2019-12-19 2019-12-31
4.3
None Remote Medium Not required None Partial None
The MinervaNeue Skin in MediaWiki from 2019-11-05 to 2019-12-13 (1.35 and/or 1.34) mishandles certain HTML attributes, as demonstrated by IMG onmouseover= (impact is XSS) and IMG src=http (impact is disclosing the client's IP address). This can occur within a talk page topical header that is viewed within a mobile (MobileFrontend) context.
130 CVE-2019-19909 94 2019-12-19 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Public Knowledge Project (PKP) pkp-lib before 3.1.2-2, as used in Open Journal Systems (OJS) before 3.1.2-2. Code injection can occur in the OJS report generator if an authenticated Journal Manager user visits a crafted URL, because unserialize is used.
131 CVE-2019-19908 79 XSS 2019-12-20 2019-12-31
4.3
None Remote Medium Not required None Partial None
phpMyChat-Plus 1.98 is vulnerable to reflected XSS via JavaScript injection into the password reset URL. In the URL, the pmc_username parameter to pass_reset.php is vulnerable.
132 CVE-2019-19907 120 2019-12-19 2020-01-02
7.5
None Remote Low Not required Partial Partial Partial
HrAddFBBlock in libfreebusy/freebusyutil.cpp in Kopano Groupware Core before 8.7.7 allows out-of-bounds access, as demonstrated by mishandling of an array copy during parsing of ICal data.
133 CVE-2019-19906 787 2019-12-19 2021-07-21
5.0
None Remote Low Not required None None Partial
cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.
134 CVE-2019-19905 120 Overflow 2019-12-19 2019-12-27
7.5
None Remote Low Not required Partial Partial Partial
NetHack 3.6.x before 3.6.4 is prone to a buffer overflow vulnerability when reading very long lines from configuration files. This affects systems that have NetHack installed suid/sgid, and shared systems that allow users to upload their own configuration files.
135 CVE-2019-19903 79 XSS 2019-12-19 2019-12-27
3.5
None Remote Medium ??? None Partial None
An issue was discovered in Backdrop CMS 1.14.x before 1.14.2. It doesn't sufficiently filter output when displaying file type descriptions created by administrators. An attacker could potentially craft a specialized description, then have an administrator execute scripting when viewing the list of file types, aka XSS. This vulnerability is mitigated by the fact that an attacker must have a role with the "Administer file types" permission.
136 CVE-2019-19902 200 Exec Code +Info 2019-12-19 2021-07-21
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14.x before 1.14.2. It allows the upload of entire-site configuration archives through the user interface or command line. It does not sufficiently check uploaded archives for invalid data, allowing non-configuration scripts to potentially be uploaded to the server. This issue is mitigated by the fact that the attacker would be required to have the "Synchronize, import, and export configuration" permission, a permission that only trusted administrators should be given. Other measures in the product prevent the execution of PHP scripts, so another server-side scripting language must be accessible on the server to execute code.
137 CVE-2019-19901 79 XSS 2019-12-19 2019-12-27
3.5
None Remote Medium ??? None Partial None
An issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14.x before 1.14.2. It doesn't sufficiently filter output when displaying certain block descriptions created by administrators. An attacker could potentially craft a specialized description, then have an administrator execute scripting when configuring a layout, aka XSS. This issue is mitigated by the fact that the attacker would be required to have the permission to create custom blocks, which is typically an administrative task.
138 CVE-2019-19900 79 XSS 2019-12-19 2019-12-27
3.5
None Remote Medium ??? None Partial None
An issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14.x before 1.14.2. It doesn't sufficiently filter output when displaying content type names in the content creation interface. An attacker could potentially craft a specialized content type name, then have an editor execute scripting when creating content, aka XSS. This vulnerability is mitigated by the fact that an attacker must have a role with the "Administer content types" permission.
139 CVE-2019-19899 20 Bypass 2019-12-19 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
Pebble Templates 3.1.2 allows attackers to bypass a protection mechanism (intended to block access to instances of java.lang.Class) because getClass is accessible via the public static java.lang.Class java.lang.Class.forName(java.lang.Module,java.lang.String) signature.
140 CVE-2019-19890 319 2019-12-18 2021-07-21
5.0
None Remote Low Not required Partial None None
An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160817_1855 devices. Admin credentials are sent over cleartext HTTP.
141 CVE-2019-19889 319 2019-12-18 2021-06-21
5.0
None Remote Low Not required Partial None None
An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160817_1855 devices. The attacker can discover admin credentials in the backup file, aka backupsettings.conf.
142 CVE-2019-19888 369 2019-12-18 2019-12-23
4.3
None Remote Medium Not required None None Partial
jfif_decode in jfif.c in ffjpeg through 2019-08-21 has a divide-by-zero error.
143 CVE-2019-19887 476 2019-12-18 2019-12-23
4.3
None Remote Medium Not required None None Partial
bitstr_tell at bitstr.c in ffjpeg through 2019-08-21 has a NULL pointer dereference related to jfif_encode.
144 CVE-2019-19882 732 2019-12-18 2020-08-25
6.9
None Local Medium Not required Complete Complete Complete
shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).
145 CVE-2019-19880 476 2019-12-18 2020-01-14
5.0
None Remote Low Not required None None Partial
exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.
146 CVE-2019-19850 89 Sql 2019-12-17 2019-12-20
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. Because escaping of user-submitted content is mishandled, the class QueryGenerator is vulnerable to SQL injection. Exploitation requires having the system extension ext:lowlevel installed, and a valid backend user who has administrator privileges.
147 CVE-2019-19849 502 2019-12-17 2019-12-23
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. It has been discovered that the classes QueryGenerator and QueryView are vulnerable to insecure deserialization. One exploitable scenario requires having the system extension ext:lowlevel (Backend Module: DB Check) installed, with a valid backend user who has administrator privileges. The other exploitable scenario requires having the system extension ext:sys_action installed, with a valid backend user who has limited privileges.
148 CVE-2019-19848 22 Dir. Trav. 2019-12-17 2019-12-23
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. It has been discovered that the extraction of manually uploaded ZIP archives in Extension Manager is vulnerable to directory traversal. Admin privileges are required in order to exploit this vulnerability. (In v9 LTS and later, System Maintainer privileges are also required.)
149 CVE-2019-19847 787 Overflow 2019-12-17 2020-01-08
6.8
None Remote Medium Not required Partial Partial Partial
Libspiro through 20190731 has a stack-based buffer overflow in the spiro_to_bpath0() function in spiro.c.
150 CVE-2019-19846 89 Sql 2019-12-18 2019-12-18
7.5
None Remote Low Not required Partial Partial Partial
In Joomla! before 3.9.14, the lack of validation of configuration parameters used in SQL queries caused various SQL injection vectors.
Total number of vulnerabilities : 1577   Page : 1 2 3 (This Page)4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.