CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In December 2019

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
301 CVE-2019-19526 416 2019-12-03 2020-01-07
4.9
None Local Low Not required None None Complete
In the Linux kernel before 5.3.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/nfc/pn533/usb.c driver, aka CID-6af3aa57a098.
302 CVE-2019-19525 416 2019-12-03 2020-03-02
4.9
None Local Low Not required None None Complete
In the Linux kernel before 5.3.6, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035.
303 CVE-2019-19524 416 2019-12-03 2020-01-07
4.9
None Local Low Not required None None Complete
In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9.
304 CVE-2019-19523 416 2019-12-03 2020-01-18
4.9
None Local Low Not required None None Complete
In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79.
305 CVE-2019-19522 732 2019-12-05 2020-08-24
7.2
None Local Low Not required Complete Complete Complete
OpenBSD 6.6, in a non-default configuration where S/Key or YubiKey authentication is enabled, allows local users to become root by leveraging membership in the auth group. This occurs because root's file can be written to /etc/skey or /var/db/yubikey, and need not be owned by root.
306 CVE-2019-19521 287 Bypass 2019-12-05 2019-12-12
7.5
None Remote Low Not required Partial Partial Partial
libc in OpenBSD 6.6 allows authentication bypass via the -schallenge username, as demonstrated by smtpd, ldapd, or radiusd. This is related to gen/auth_subr.c and gen/authenticate.c in libc (and login/login.c and xenocara/app/xenodm/greeter/verify.c).
307 CVE-2019-19520 863 +Priv 2019-12-05 2020-08-24
4.6
None Local Low Not required Partial Partial Partial
xlock in OpenBSD 6.6 allows local users to gain the privileges of the auth group by providing a LIBGL_DRIVERS_PATH environment variable, because xenocara/lib/mesa/src/loader/loader.c mishandles dlopen.
308 CVE-2019-19519 20 2019-12-05 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
In OpenBSD 6.6, local users can use the su -L option to achieve any login class (often excluding root) because there is a logic error in the main function in su/su.c.
309 CVE-2019-19516 352 CSRF 2019-12-02 2019-12-13
4.3
None Remote Medium Not required None Partial None
Intelbras WRN 150 1.0.18 devices allow CSRF via GO=system_password.asp to the goform/SysToolChangePwd URI to change a password.
310 CVE-2019-19507 287 Bypass 2019-12-02 2019-12-19
5.0
None Remote Low Not required None Partial None
In jpv (aka Json Pattern Validator) before 2.1.1, compareCommon() can be bypassed because certain internal attributes can be overwritten via a conflicting name, as demonstrated by 'constructor': {'name':'Array'}. This affects validate(). Hence, a crafted payload can overwrite this builtin attribute to manipulate the type detection result.
311 CVE-2019-19502 94 Exec Code 2019-12-02 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
Code injection in pluginconfig.php in Image Uploader and Browser for CKEditor before 4.1.9 allows remote authenticated users to execute arbitrary PHP code.
312 CVE-2019-19501 2019-12-13 2020-08-24
4.6
None Local Low Not required Partial Partial Partial
VeraCrypt 1.24 allows Local Privilege Escalation during execution of VeraCryptExpander.exe.
313 CVE-2019-19497 79 XSS 2019-12-17 2019-12-20
3.5
None Remote Medium ??? None Partial None
MDaemon Email Server 17.5.1 allows XSS via the filename of an attachment to an email message.
314 CVE-2019-19496 79 XSS 2019-12-02 2019-12-11
3.5
None Remote Medium ??? None Partial None
Alfresco Enterprise before 5.2.5 allows stored XSS via an uploaded HTML document.
315 CVE-2019-19493 434 XSS 2019-12-02 2021-07-21
4.3
None Remote Medium Not required None Partial None
Kentico before 12.0.50 allows file uploads in which the Content-Type header is inconsistent with the file extension, leading to XSS.
316 CVE-2019-19492 798 2019-12-02 2019-12-16
7.5
None Remote Low Not required Partial Partial Partial
FreeSWITCH 1.6.10 through 1.10.1 has a default password in event_socket.conf.xml.
317 CVE-2019-19491 79 XSS 2019-12-02 2019-12-04
4.3
None Remote Medium Not required None Partial None
TestLink 1.9.19 has XSS via the lib/testcases/archiveData.php edit parameter, the index.php reqURI parameter, or the URI in a lib/testcases/tcEdit.php?doAction=doDeleteStep request.
318 CVE-2019-19490 276 2019-12-02 2019-12-18
4.4
None Local Medium Not required Partial Partial Partial
LiteManager 4.5.0 has weak permissions (Everyone: Full Control) in the "LiteManagerFree - Server" folder, as demonstrated by ROMFUSClient.exe.
319 CVE-2019-19489 120 Overflow 2019-12-02 2019-12-09
4.3
None Remote Medium Not required None None Partial
SMPlayer 19.5.0 has a buffer overflow via a long .m3u file.
320 CVE-2019-19481 119 Overflow 2019-12-01 2020-01-24
2.1
None Local Low Not required None None Partial
An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/card-cac1.c mishandles buffer limits for CAC certificates.
321 CVE-2019-19480 672 2019-12-01 2020-01-24
2.1
None Local Low Not required None None Partial
An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/pkcs15-prkey.c has an incorrect free operation in sc_pkcs15_decode_prkdf_entry.
322 CVE-2019-19479 125 2019-12-01 2021-11-30
2.1
None Local Low Not required Partial None None
An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/card-setcos.c has an incorrect read operation during parsing of a SETCOS file attribute.
323 CVE-2019-19470 502 2019-12-30 2022-01-01
7.2
None Local Low Not required Complete Complete Complete
Unsafe usage of .NET deserialization in Named Pipe message processing allows privilege escalation to NT AUTHORITY\SYSTEM for a local attacker. Affected product is TinyWall, all versions up to and including 2.1.12. Fixed in version 2.1.13.
324 CVE-2019-19469 352 CSRF 2019-12-01 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
In Zmanda Management Console 3.3.9, ZMC_Admin_Advanced?form=adminTasks&action=Apply&command= allows CSRF, as demonstrated by command injection with shell metacharacters. This may depend on weak default credentials.
325 CVE-2019-19466 79 XSS 2019-12-05 2019-12-09
4.3
None Remote Medium Not required None Partial None
SCEditor 2.1.3 allows XSS.
326 CVE-2019-19460 276 +Priv 2019-12-03 2019-12-13
6.6
None Local Low Not required None Complete Complete
An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. The product's webserver runs as a Windows service with local SYSTEM permissions by default. This is against the principle of least privilege. An attacker who is able to exploit CVE-2019-19458 or CVE-2019-19459 is basically able to write to every single path on the file system, because the webserver is running with the highest privileges available.
327 CVE-2019-19459 20 Exec Code 2019-12-03 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. An attacker can write arbitrary content to arbitrary files, as demonstrated by CVE-2019-19458 files under the web root, or .bat files that will be used with auto start. This allows an attacker to execute arbitrary commands on the server.
328 CVE-2019-19458 22 Dir. Trav. 2019-12-03 2019-12-11
5.0
None Remote Low Not required Partial None None
SALTO ProAccess SPACE 5.4.3.0 allows Directory Traversal in the Data Export feature.
329 CVE-2019-19457 79 XSS 2019-12-03 2019-12-11
3.5
None Remote Medium ??? None Partial None
SALTO ProAccess SPACE 5.4.3.0 allows XSS.
330 CVE-2019-19449 125 2019-12-08 2020-01-03
6.8
None Remote Medium Not required Partial Partial Partial
In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated).
331 CVE-2019-19448 416 2019-12-08 2020-11-02
6.8
None Remote Medium Not required Partial Partial Partial
In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer to a left data structure can be the same as the pointer to a right data structure.
332 CVE-2019-19447 416 2019-12-08 2020-06-10
6.8
None Remote Medium Not required Partial Partial Partial
In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c.
333 CVE-2019-19398 20 Exec Code 2019-12-26 2020-01-02
7.5
None Remote Low Not required Partial Partial Partial
M5 lite 10 with versions of 8.0.0.182(C00) have an insufficient input validation vulnerability. Due to the input validation logic is incorrect, an attacker can exploit this vulnerability to modify the memory of the device by doing a series of operations. Successful exploit may lead to malicious code execution.
334 CVE-2019-19397 327 +Info 2019-12-13 2021-07-21
5.0
None Remote Low Not required Partial None None
There is a weak algorithm vulnerability in some Huawei products. The affected products use weak algorithms by default. Attackers may exploit the vulnerability to cause information leaks.
335 CVE-2019-19389 74 Http R.Spl. 2019-12-26 2020-08-24
3.5
None Remote Medium ??? None Partial None
JetBrains Ktor framework before version 1.2.6 was vulnerable to HTTP Response Splitting.
336 CVE-2019-19383 120 Overflow 2019-12-03 2019-12-12
6.5
None Remote Low ??? Partial Partial Partial
freeFTPd 1.0.8 has a Post-Authentication Buffer Overflow via a crafted SIZE command (this is exploitable even if logging is disabled).
337 CVE-2019-19382 732 2019-12-03 2019-12-13
4.6
None Local Low Not required Partial Partial Partial
Max Secure Anti Virus Plus 19.0.4.020 has Insecure Permissions on the installation directory. Local attackers can replace a .exe or .dll file to achieve privilege escalation.
338 CVE-2019-19374 22 Dir. Trav. 2019-12-11 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in core/assets/form/form_question_types/form_question_type_file_upload/form_question_type_file_upload.inc in Squiz Matrix CMS 5.5.0 prior to 5.5.0.3, 5.5.1 prior to 5.5.1.8, 5.5.2 prior to 5.5.2.4, and 5.5.3 prior to 5.5.3.3 where a user can delete arbitrary files from the server during interaction with the File Upload field type, when a custom form exists. (This is related to an information disclosure issue within the File Upload field type that allows users to view the full path to uploaded files, including the product's web root directory.)
339 CVE-2019-19373 502 Exec Code File Inclusion 2019-12-11 2019-12-19
5.0
None Remote Low Not required Partial None None
An issue was discovered in Squiz Matrix CMS 5.5.0 prior to 5.5.0.3, 5.5.1 prior to 5.5.1.8, 5.5.2 prior to 5.5.2.4, and 5.5.3 prior to 5.5.3.3 where a user can trigger arbitrary unserialization of a PHP object from a packages/cms/page_templates/page_remote_content/page_remote_content.inc POST parameter during processing of a Remote Content page type. This unserialization can be used to trigger the inclusion of arbitrary files on the filesystem (local file inclusion), and results in remote code execution.
340 CVE-2019-19368 79 XSS 2019-12-16 2019-12-23
4.3
None Remote Medium Not required None Partial None
A Reflected Cross Site Scripting was discovered in the Login page of Rumpus FTP Web File Manager 8.2.9.1. An attacker can exploit it by sending a crafted link to end users and can execute arbitrary Javascripts
341 CVE-2019-19364 427 2019-12-04 2022-01-01
4.4
None Local Medium Not required Partial Partial Partial
A weak malicious user can escalate its privilege whenever CatalystProductionSuite.2019.1.exe (version 1.1.0.21) and CatalystBrowseSuite.2019.1.exe (version 1.1.0.21) installers run. The vulnerability is in the form of DLL Hijacking. The installers try to load DLLs that don’t exist from its current directory; by doing so, an attacker can quickly escalate its privileges.
342 CVE-2019-19362 200 +Info 2019-12-02 2021-07-21
4.0
None Remote Low ??? Partial None None
An issue was discovered in the Chat functionality of the TeamViewer desktop application 14.3.4730 on Windows. (The vendor states that it was later fixed.) Upon login, every communication is saved within Windows main memory. When a user logs out or deletes conversation history (but does not exit the application), this data is not wiped from main memory, and therefore could be read by a local user with the same or greater privileges.
343 CVE-2019-19342 209 2019-12-19 2020-05-21
5.0
None Remote Low Not required Partial None None
A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.4, when /websocket is requested and the password contains the '#' character. This request would cause a socket error in RabbitMQ when parsing the password and an HTTP error code 500 and partial password disclose will occur in plaintext. An attacker could easily guess some predictable passwords or brute force the password.
344 CVE-2019-19341 732 2019-12-19 2020-12-04
2.1
None Local Low Not required Partial None None
A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2, where files in '/var/backup/tower' are left world-readable. These files include both the SECRET_KEY and the database backup. Any user with access to the Tower server, and knowledge of when a backup is run, could retrieve every credential stored in Tower. Access to data is the highest threat with this vulnerability.
345 CVE-2019-19340 1188 2019-12-19 2020-12-04
6.4
None Remote Low Not required Partial None Partial
A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.3, where enabling RabbitMQ manager by setting it with '-e rabbitmq_enable_manager=true' exposes the RabbitMQ management interface publicly, as expected. If the default admin user is still active, an attacker could guess the password and gain access to the system.
346 CVE-2019-19337 DoS 2019-12-23 2021-10-29
4.0
None Remote Low ??? None None Partial
A flaw was found in Red Hat Ceph Storage version 3 in the way the Ceph RADOS Gateway daemon handles S3 requests. An authenticated attacker can abuse this flaw by causing a remote denial of service by sending a specially crafted HTTP Content-Length header to the Ceph RADOS Gateway server.
347 CVE-2019-19334 787 DoS Exec Code Overflow 2019-12-06 2019-12-18
7.5
None Remote Low Not required Partial Partial Partial
In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of service or possibly gain code execution.
348 CVE-2019-19333 787 DoS Exec Code Overflow 2019-12-06 2019-12-18
7.5
None Remote Low Not required Partial Partial Partial
In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of service or possibly gain code execution.
349 CVE-2019-19331 404 DoS 2019-12-16 2019-12-17
5.0
None Remote Low Not required None None Partial
knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for each such uncached message. For example, a few thousand A records can be squashed into one DNS message (limit is 64kB).
350 CVE-2019-19317 681 DoS 2019-12-05 2020-11-09
7.5
None Remote Low Not required Partial Partial Partial
lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other impact.
Total number of vulnerabilities : 1577   Page : 1 2 3 4 5 6 7 (This Page)8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.