CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In October 2019

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
151 CVE-2019-17546 787 Overflow 2019-10-14 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition.
152 CVE-2019-17545 415 2019-10-14 2022-01-12
7.5
None Remote Low Not required Partial Partial Partial
GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is exceeded.
153 CVE-2019-17544 125 2019-10-14 2021-08-02
6.4
None Remote Low Not required Partial None Partial
libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character.
154 CVE-2019-17543 787 Overflow 2019-10-14 2021-07-23
6.8
None Remote Medium Not required Partial Partial Partial
LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states "only a few specific / uncommon usages of the API are at risk."
155 CVE-2019-17542 129 Overflow 2019-10-14 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
FFmpeg before 4.2 has a heap-based buffer overflow in vqa_decode_chunk because of an out-of-array access in vqa_decode_init in libavcodec/vqavideo.c.
156 CVE-2019-17541 416 2019-10-14 2021-04-20
6.8
None Remote Medium Not required Partial Partial Partial
ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c.
157 CVE-2019-17540 787 Overflow 2019-10-14 2021-04-20
6.8
None Remote Medium Not required Partial Partial Partial
ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.
158 CVE-2019-17539 476 2019-10-14 2021-06-10
7.5
None Remote Low Not required Partial Partial Partial
In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer.
159 CVE-2019-17538 22 Dir. Trav. 2019-10-13 2019-10-17
5.0
None Remote Low Not required Partial None None
Jiangnan Online Judge (aka jnoj) 0.8.0 has Directory Traversal for file reading via the web/polygon/problem/viewfile?id=1&name=../ substring.
160 CVE-2019-17537 22 Dir. Trav. 2019-10-13 2019-10-17
6.4
None Remote Low Not required None Partial Partial
Jiangnan Online Judge (aka jnoj) 0.8.0 has Directory Traversal for file deletion via the web/polygon/problem/deletefile?id=1&name=../ substring.
161 CVE-2019-17536 434 2019-10-13 2019-10-17
4.0
None Remote Low ??? None Partial None
Gila CMS through 1.11.4 allows Unrestricted Upload of a File with a Dangerous Type via the moveAction function in core/controllers/fm.php. The attacker needs to use admin/media_upload and fm/move.
162 CVE-2019-17535 79 XSS 2019-10-13 2019-10-16
4.3
None Remote Medium Not required None Partial None
Gila CMS through 1.11.4 allows blog-list.php XSS, in both the gila-blog and gila-mag themes, via the search parameter, a related issue to CVE-2019-9647.
163 CVE-2019-17534 416 2019-10-13 2019-10-17
6.8
None Remote Medium Not required Partial Partial Partial
vips_foreign_load_gif_scan_image in foreign/gifload.c in libvips before 8.8.2 tries to access a color map before a DGifGetImageDesc call, leading to a use-after-free.
164 CVE-2019-17533 125 2019-10-13 2020-08-24
6.4
None Remote Low Not required Partial None Partial
Mat_VarReadNextInfo4 in mat4.c in MATIO 1.5.17 omits a certain '\0' character, leading to a heap-based buffer over-read in strdup_vprintf when uninitialized memory is accessed.
165 CVE-2019-17532 20 DoS 2019-10-12 2021-07-21
7.8
None Remote Low Not required None None Complete
An issue was discovered on Belkin Wemo Switch 28B WW_2.00.11057.PVT-OWRT-SNS devices. They allow remote attackers to cause a denial of service (persistent rules-processing outage) via a crafted ruleDbBody element in a StoreRules request to the upnp/control/rules1 URI, because database corruption occurs.
166 CVE-2019-17531 502 2019-10-12 2021-07-20
6.8
None Remote Medium Not required Partial Partial Partial
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.
167 CVE-2019-17530 125 2019-10-12 2019-10-17
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4_PrintInspector::AddField in Core/Ap4Atom.cpp when called from AP4_CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp, when called from AP4_Atom::Inspect in Core/Ap4Atom.cpp.
168 CVE-2019-17529 125 2019-10-12 2019-10-17
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4_CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp when called from AP4_Atom::Inspect in Core/Ap4Atom.cpp.
169 CVE-2019-17528 2019-10-12 2020-08-24
4.3
None Remote Medium Not required None None Partial
An issue was discovered in Bento4 1.5.1.0. There is a SEGV in the function AP4_TfhdAtom::SetDefaultSampleSize at Core/Ap4TfhdAtom.h when called from AP4_Processor::ProcessFragments in Core/Ap4Processor.cpp.
170 CVE-2019-17526 94 Exec Code 2019-10-18 2020-08-24
10.0
None Remote Low Not required Complete Complete Complete
** DISPUTED ** An issue was discovered in SageMath Sage Cell Server through 2019-10-05. Python Code Injection can occur in the context of an internet facing web application. Malicious actors can execute arbitrary commands on the underlying operating system, as demonstrated by an __import__('os').popen('whoami').read() line. NOTE: the vendor's position is that the product is "vulnerable by design" and the current behavior will be retained.
171 CVE-2019-17522 79 XSS 2019-10-12 2019-10-17
3.5
None Remote Medium ??? None Partial None
A stored XSS vulnerability was discovered in Hotaru CMS v1.7.2 via the admin_index.php?page=settings SITE NAME field (aka SITE_NAME), a related issue to CVE-2011-4709.1.
172 CVE-2019-17521 352 CSRF 2019-10-12 2019-10-17
4.3
None Remote Medium Not required None Partial None
An issue was discovered in Landing-CMS 0.0.6. There is a CSRF vulnerability that can change the admin's password via the password/ URI,
173 CVE-2019-17514 2019-10-12 2020-07-27
5.0
None Remote Low Not required None Partial None
library/glob.html in the Python 2 and 3 documentation before 2016 has potentially misleading information about whether sorting occurs, as demonstrated by irreproducible cancer-research results. NOTE: the effects of this documentation cross application domains, and thus it is likely that security-relevant code elsewhere is affected. This issue is not a Python implementation bug, and there are no reports that NMR researchers were specifically relying on library/glob.html. In other words, because the older documentation stated "finds all the pathnames matching a specified pattern according to the rules used by the Unix shell," one might have incorrectly inferred that the sorting that occurs in a Unix shell also occurred for glob.glob. There is a workaround in newer versions of Willoughby nmr-data_compilation-p2.py and nmr-data_compilation-p3.py, which call sort() directly.
174 CVE-2019-17513 74 Http R.Spl. 2019-10-18 2020-08-24
5.0
None Remote Low Not required None Partial None
An issue was discovered in Ratpack before 1.7.5. Due to a misuse of the Netty library class DefaultHttpHeaders, there is no validation that headers lack HTTP control characters. Thus, if untrusted data is used to construct HTTP headers with Ratpack, HTTP Response Splitting can occur.
175 CVE-2019-17512 306 2019-10-16 2020-08-24
6.4
None Remote Low Not required Partial Partial None
There are some web interfaces without authentication requirements on D-Link DIR-412 A1-1.14WW routers. An attacker can clear the router's log file via act=clear&logtype=sysact to log_clear.php, which could be used to erase attack traces.
176 CVE-2019-17511 306 2019-10-14 2020-08-24
5.0
None Remote Low Not required Partial None None
There are some web interfaces without authentication requirements on D-Link DIR-412 A1-1.14WW routers. An attacker can get the router's log file via log_get.php, which could be used to discover the intranet network structure.
177 CVE-2019-17510 78 Exec Code 2019-10-11 2019-10-15
10.0
None Remote Low Not required Complete Complete Complete
D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary OS commands as root by leveraging admin access and sending a /HNAP1/ request for SetWizardConfig with shell metacharacters to /squashfs-root/www/HNAP1/control/SetWizardConfig.php.
178 CVE-2019-17509 78 Exec Code 2019-10-11 2019-10-15
10.0
None Remote Low Not required Complete Complete Complete
D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary OS commands as root by leveraging admin access and sending a /HNAP1/ request for SetMasterWLanSettings with shell metacharacters to /squashfs-root/www/HNAP1/control/SetMasterWLanSettings.php.
179 CVE-2019-17508 78 2019-10-11 2019-10-16
10.0
None Remote Low Not required Complete Complete Complete
On D-Link DIR-859 A3-1.06 and DIR-850 A1.13 devices, /etc/services/DEVICE.TIME.php allows command injection via the $SERVER variable.
180 CVE-2019-17507 20 2019-10-11 2019-10-15
5.0
None Remote Low Not required Partial None None
An issue was discovered on D-Link DIR-816 A1 1.06 devices. An attacker could access management pages of the router via a client that ignores the 'top.location.href = "/dir_login.asp"' line in a .asp file. This provides access to d_status.asp, version.asp, d_dhcptbl.asp, and d_acl.asp.
181 CVE-2019-17506 306 2019-10-11 2020-08-24
10.0
None Remote Low Not required Complete Complete Complete
There are some web interfaces without authentication requirements on D-Link DIR-868L B1-2.03 and DIR-817LW A1-1.04 routers. An attacker can get the router's username and password (and other information) via a DEVICE.ACCOUNT value for SERVICES in conjunction with AUTHORIZED_GROUP=1%0a to getcfg.php. This could be used to control the router remotely.
182 CVE-2019-17505 306 2019-10-11 2020-08-24
5.0
None Remote Low Not required Partial None None
D-Link DAP-1320 A2-V1.21 routers have some web interfaces without authentication requirements, as demonstrated by uplink_info.xml. An attacker can remotely obtain a user's Wi-Fi SSID and password, which could be used to connect to Wi-Fi or perform a dictionary attack.
183 CVE-2019-17504 79 XSS 2019-10-11 2019-10-16
4.3
None Remote Medium Not required None Partial None
An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. A reflected Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script via the /osm/report/ password parameter.
184 CVE-2019-17503 200 +Info 2019-10-11 2021-07-21
5.0
None Remote Low Not required Partial None None
An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. An unauthenticated user can access /osm/REGISTER.cmd (aka /osm_tiles/REGISTER.cmd) directly: it contains sensitive information about the database through the SQL queries within this batch file. This file exposes SQL database information such as database version, table name, column name, etc.
185 CVE-2019-17502 476 2019-10-12 2019-10-17
5.0
None Remote Low Not required None None Partial
Hydra through 0.1.8 has a NULL pointer dereference and daemon crash when processing POST requests that lack a Content-Length header. read.c, request.c, and util.c contribute to this. The process_header_end() function calls boa_atoi(), which ultimately calls atoi() on a NULL pointer.
186 CVE-2019-17501 78 Exec Code 2019-10-14 2019-12-18
9.0
None Remote Low ??? Complete Complete Complete
Centreon 19.04 allows attackers to execute arbitrary OS commands via the Command Line field of main.php?p=60807&type=4 (aka the Configuration > Commands > Discovery screen). CVE-2019-17501 and CVE-2019-16405 are similar to one another and may be the same.
187 CVE-2019-17499 78 Exec Code 2019-10-11 2019-10-17
9.0
None Remote Low ??? Complete Complete Complete
The setter.xml component of the Common Gateway Interface on Compal CH7465LG 6.12.18.25-2p4 devices does not properly validate ping command arguments, which allows remote authenticated users to execute OS commands as root via shell metacharacters in the Target_IP parameter.
188 CVE-2019-17498 190 DoS Overflow 2019-10-21 2021-12-18
5.8
None Remote Medium Not required Partial None Partial
In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.
189 CVE-2019-17497 522 2019-10-11 2019-10-16
4.3
None Remote Medium Not required Partial None None
Tracker PDF-XChange Editor before 8.0.330.0 has an NTLM SSO hash theft vulnerability using crafted FDF or XFDF files (a related issue to CVE-2018-4993). For example, an NTLM hash is sent for a link to \\192.168.0.2\C$\file.pdf without user interaction.
190 CVE-2019-17496 79 XSS 2019-10-11 2019-10-15
4.3
None Remote Medium Not required None Partial None
Craft CMS before 3.3.8 has stored XSS via a name field. This field is mishandled during site deletion.
191 CVE-2019-17495 79 XSS CSRF 2019-10-10 2021-09-21
7.5
None Remote Low Not required Partial Partial Partial
A Cascading Style Sheets (CSS) injection vulnerability in Swagger UI before 3.23.11 allows attackers to use the Relative Path Overwrite (RPO) technique to perform CSS-based input field value exfiltration, such as exfiltration of a CSRF token value. In other words, this product intentionally allows the embedding of untrusted JSON data from remote servers, but it was not previously known that <style>@import within the JSON data was a functional attack method.
192 CVE-2019-17494 79 XSS 2019-10-10 2019-10-15
4.3
None Remote Medium Not required None Partial None
laravel-bjyblog 6.1.1 has XSS via a crafted URL.
193 CVE-2019-17493 79 XSS 2019-10-10 2019-10-11
4.3
None Remote Medium Not required None Partial None
Jiangnan Online Judge (aka jnoj) 0.8.0 has XSS via the Problem[sample_input] parameter to web/admin/problem/create or web/polygon/problem/update.
194 CVE-2019-17491 79 XSS 2019-10-10 2019-10-11
4.3
None Remote Medium Not required None Partial None
Jiangnan Online Judge (aka jnoj) 0.8.0 has XSS via the Problem[description] parameter to web/admin/problem/create or web/polygon/problem/update.
195 CVE-2019-17490 434 2019-10-10 2019-10-16
6.5
None Remote Low ??? Partial Partial Partial
app\modules\polygon\controllers\ProblemController in Jiangnan Online Judge (aka jnoj) 0.8.0 allows arbitrary file upload, as demonstrated by PHP code (with a .php filename but the image/png content type) to the web/polygon/problem/tests URI.
196 CVE-2019-17489 79 XSS 2019-10-10 2019-10-11
4.3
None Remote Medium Not required None Partial None
Jiangnan Online Judge (aka jnoj) 0.8.0 has XSS via the Problem[title] parameter to web/polygon/problem/create or web/polygon/problem/update or web/admin/problem/create.
197 CVE-2019-17488 79 XSS 2019-10-10 2019-10-15
4.3
None Remote Medium Not required None Partial None
b3log Symphony (aka Sym) before 3.6.0 has XSS via the HTTP User-Agent header.
198 CVE-2019-17455 125 2019-10-10 2021-11-30
7.5
None Remote Low Not required Partial Partial Partial
Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request.
199 CVE-2019-17454 476 2019-10-10 2019-10-11
4.3
None Remote Medium Not required None None Partial
Bento4 1.5.1.0 has a NULL pointer dereference in AP4_Descriptor::GetTag in Core/Ap4Descriptor.h, related to AP4_StsdAtom::GetSampleDescription in Core/Ap4StsdAtom.cpp, as demonstrated by mp4info.
200 CVE-2019-17453 476 2019-10-10 2019-10-11
4.3
None Remote Medium Not required None None Partial
Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListWriter::Action in Core/Ap4Descriptor.h, related to AP4_IodsAtom::WriteFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4encrypt or mp4compact.
Total number of vulnerabilities : 1567   Page : 1 2 3 4 (This Page)5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.