CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In October 2019

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
401 CVE-2019-17110 200 +Info 2019-10-03 2019-10-10
5.0
None Remote Low Not required Partial None None
A security issue was discovered in kube-state-metrics 1.7.x before 1.7.2. An experimental feature was added to v1.7.0 and v1.7.1 that enabled annotations to be exposed as metrics. By default, kube-state-metrics metrics only expose metadata about Secrets. However, a combination of the default kubectl behavior and this new feature can cause the entire secret content to end up in metric labels, thus inadvertently exposing the secret content in metrics.
402 CVE-2019-17109 22 Dir. Trav. 2019-10-09 2019-10-25
4.0
None Remote Low ??? None Partial None
Koji through 1.18.0 allows remote Directory Traversal, with resultant Privilege Escalation.
403 CVE-2019-17108 79 XSS File Inclusion 2019-10-08 2019-10-15
4.3
None Remote Medium Not required None Partial None
Local file inclusion in brokerPerformance.php in Centreon Web before 2.8.28 allows attackers to disclose information or perform a stored XSS attack on a user.
404 CVE-2019-17107 94 Exec Code 2019-10-08 2021-07-21
6.5
None Remote Low ??? Partial Partial Partial
minPlayCommand.php in Centreon Web before 2.8.27 allows authenticated attackers to execute arbitrary code via the command_hostaddress parameter. NOTE: some sources have listed CVE-2019-17017 for this, but that is incorrect.
405 CVE-2019-17106 312 2019-10-08 2019-10-10
4.0
None Remote Low ??? Partial None None
In Centreon Web through 2.8.29, disclosure of external components' passwords allows authenticated attackers to move laterally to external components.
406 CVE-2019-17105 330 2019-10-08 2019-10-15
5.0
None Remote Low Not required Partial None None
The token generator in index.php in Centreon Web before 2.8.27 is predictable.
407 CVE-2019-17104 565 2019-10-08 2019-10-11
5.0
None Remote Low Not required Partial None None
In Centreon VM through 19.04.3, the cookie configuration within the Apache HTTP Server does not protect against theft because the HTTPOnly flag is not set.
408 CVE-2019-17093 426 Bypass 2019-10-23 2021-07-21
4.4
None Local Medium Not required Partial Partial Partial
An issue was discovered in Avast antivirus before 19.8 and AVG antivirus before 19.8. A DLL Preloading vulnerability allows an attacker to implant %WINDIR%\system32\wbemcomn.dll, which is loaded into a protected-light process (PPL) and might bypass some of the self-defense mechanisms. This affects all components that use WMI, e.g., AVGSvc.exe 19.6.4546.0 and TuneupSmartScan.dll 19.1.884.0.
409 CVE-2019-17092 79 XSS 2019-10-09 2019-10-14
4.3
None Remote Medium Not required None Partial None
An XSS vulnerability in project list in OpenProject before 9.0.4 and 10.x before 10.0.2 allows remote attackers to inject arbitrary web script or HTML via the sortBy parameter because error messages are mishandled.
410 CVE-2019-17091 79 XSS 2019-10-02 2021-01-20
4.3
None Remote Medium Not required None Partial None
faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used in Mojarra for Eclipse EE4J before 2.3.10 and Mojarra JavaServer Faces before 2.2.20, allows Reflected XSS because a client window field is mishandled.
411 CVE-2019-17080 502 Exec Code 2019-10-02 2019-10-08
6.8
None Remote Medium Not required Partial Partial Partial
mintinstall (aka Software Manager) 7.9.9 for Linux Mint allows code execution if a REVIEWS_CACHE file is controlled by an attacker, because an unpickle occurs. This is resolved in 8.0.0 and backports.
412 CVE-2019-17075 DoS 2019-10-01 2021-06-14
7.1
None Remote Medium Not required None None Complete
An issue was discovered in write_tpt_entry in drivers/infiniband/hw/cxgb4/mem.c in the Linux kernel through 5.3.2. The cxgb4 driver is directly calling dma_map_single (a DMA function) from a stack variable. This could allow an attacker to trigger a Denial of Service, exploitable if this driver is used on an architecture for which this stack/DMA interaction has security relevance.
413 CVE-2019-17074 79 XSS 2019-10-01 2019-10-07
3.5
None Remote Medium ??? None Partial None
An issue was discovered in XunRuiCMS 4.3.1. There is a stored XSS in the module_category area.
414 CVE-2019-17073 22 Dir. Trav. 2019-10-01 2019-10-04
5.5
None Remote Low ??? None Partial Partial
emlog through 6.0.0beta allows remote authenticated users to delete arbitrary files via admin/template.php?action=del&tpl=../ directory traversal.
415 CVE-2019-17072 89 Sql 2019-10-10 2019-10-10
7.5
None Remote Low Not required Partial Partial Partial
The new-contact-form-widget (aka Contact Form Widget - Contact Query, Form Maker) plugin 1.0.9 for WordPress has SQL Injection via all-query-page.php.
416 CVE-2019-17071 79 XSS 2019-10-10 2019-10-10
4.3
None Remote Medium Not required None Partial None
The client-dash (aka Client Dash) plugin 2.1.4 for WordPress allows XSS.
417 CVE-2019-17070 79 XSS 2019-10-10 2019-10-21
4.3
None Remote Medium Not required None Partial None
The liquid-speech-balloon (aka LIQUID SPEECH BALLOON) plugin before 1.0.7 for WordPress allows XSS with Internet Explorer.
418 CVE-2019-17069 20 DoS 2019-10-01 2021-07-21
5.0
None Remote Low Not required None None Partial
PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1_MSG_DISCONNECT message.
419 CVE-2019-17068 74 2019-10-01 2019-11-27
5.0
None Remote Low Not required None Partial None
PuTTY before 0.73 mishandles the "bracketed paste mode" protection mechanism, which may allow a session to be affected by malicious clipboard content.
420 CVE-2019-17067 770 2019-10-01 2019-11-27
7.5
None Remote Low Not required Partial Partial Partial
PuTTY before 0.73 on Windows improperly opens port-forwarding listening sockets, which allows attackers to listen on the same port to steal an incoming connection.
421 CVE-2019-17064 476 2019-10-01 2019-12-10
4.3
None Remote Medium Not required None None Partial
Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog.pageLabels is initialized too late in the Catalog constructor.
422 CVE-2019-17063 20 2019-10-01 2021-07-21
4.3
None Remote Medium Not required None None Partial
In Snowtide PDFxStream before 3.7.1 (for Java), a crafted PDF file can trigger an extremely long running computation because of page-tree mishandling.
423 CVE-2019-17059 78 Exec Code 2019-10-11 2020-08-24
10.0
None Remote Low Not required Complete Complete Complete
A shell injection vulnerability on the Sophos Cyberoam firewall appliance with CyberoamOS before 10.6.6 MR-6 allows remote attackers to execute arbitrary commands via the Web Admin and SSL VPN consoles.
424 CVE-2019-17056 276 2019-10-01 2019-10-25
2.1
None Local Low Not required None Partial None
llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.
425 CVE-2019-17055 20 2019-10-01 2021-07-21
2.1
None Local Low Not required None Partial None
base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.
426 CVE-2019-17054 276 2019-10-01 2019-10-25
2.1
None Local Low Not required None Partial None
atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c.
427 CVE-2019-17053 276 2019-10-01 2019-10-25
2.1
None Local Low Not required None Partial None
ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7.
428 CVE-2019-17052 276 2019-10-01 2021-01-04
2.1
None Local Low Not required None Partial None
ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768.
429 CVE-2019-17044 276 2019-10-14 2019-10-18
7.2
None Local Low Not required Complete Complete Complete
An issue was discovered in BMC Patrol Agent 9.0.10i. Weak execution permissions on the PatrolAgent SUID binary could allow an attacker with "patrol" privileges to elevate his/her privileges to the ones of the "root" user by specially crafting a shared library .so file that will be loaded during execution.
430 CVE-2019-17043 276 2019-10-14 2019-10-18
4.6
None Local Low Not required Partial Partial Partial
An issue was discovered in BMC Patrol Agent 9.0.10i. Weak execution permissions on the best1collect.exe SUID binary could allow an attacker to elevate his/her privileges to the ones of the "patrol" user by specially crafting a shared library .so file that will be loaded during execution.
431 CVE-2019-17042 20 Overflow 2019-10-07 2021-12-06
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon), but fails to account for strings that do not satisfy this constraint. If the string does not match, then the variable lenMsg will reach the value zero and will skip the sanity check that detects invalid log messages. The message will then be considered valid, and the parser will eat up the nonexistent colon delimiter. In doing so, it will decrement lenMsg, a signed integer, whose value was zero and now becomes minus one. The following step in the parser is to shift left the contents of the message. To do this, it will call memmove with the right pointers to the target and destination strings, but the lenMsg will now be interpreted as a huge value, causing a heap overflow.
432 CVE-2019-17041 787 Overflow 2019-10-07 2021-12-06
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon) but fails to account for strings that do not satisfy this constraint. If the string does not match, then the variable lenMsg will reach the value zero and will skip the sanity check that detects invalid log messages. The message will then be considered valid, and the parser will eat up the nonexistent colon delimiter. In doing so, it will decrement lenMsg, a signed integer, whose value was zero and now becomes minus one. The following step in the parser is to shift left the contents of the message. To do this, it will call memmove with the right pointers to the target and destination strings, but the lenMsg will now be interpreted as a huge value, causing a heap overflow.
433 CVE-2019-16991 79 XSS 2019-10-21 2019-10-23
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to v4.5.7, the file app\edit\filedelete.php uses an unsanitized "file" variable coming from the URL, which is reflected in HTML, leading to XSS.
434 CVE-2019-16990 22 Dir. Trav. 2019-10-21 2019-10-23
4.0
None Remote Low ??? Partial None None
In FusionPBX up to v4.5.7, the file app/music_on_hold/music_on_hold.php uses an unsanitized "file" variable coming from the URL, which takes any pathname (base64 encoded) and allows a download of it.
435 CVE-2019-16989 79 XSS 2019-10-21 2019-10-23
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to v4.5.7, the file app\conferences_active\conference_interactive.php uses an unsanitized "c" variable coming from the URL, which is reflected in HTML, leading to XSS.
436 CVE-2019-16988 79 XSS 2019-10-21 2019-10-23
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to v4.5.7, the file app\basic_operator_panel\resources\content.php uses an unsanitized "eavesdrop_dest" variable coming from the URL, which is reflected on 3 occasions in HTML, leading to XSS.
437 CVE-2019-16987 79 XSS 2019-10-21 2019-10-23
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to v4.5.7, the file app\contacts\contact_import.php uses an unsanitized "query_string" variable coming from the URL, which is reflected in HTML, leading to XSS.
438 CVE-2019-16986 22 Dir. Trav. 2019-10-21 2019-10-23
4.0
None Remote Low ??? Partial None None
In FusionPBX up to v4.5.7, the file resources\download.php uses an unsanitized "f" variable coming from the URL, which takes any pathname and allows a download of it. (resources\secure_download.php is also affected.)
439 CVE-2019-16985 22 Dir. Trav. 2019-10-21 2019-10-23
8.5
None Remote Low ??? None Complete Complete
In FusionPBX up to v4.5.7, the file app\xml_cdr\xml_cdr_delete.php uses an unsanitized "rec" variable coming from the URL, which is base64 decoded and allows deletion of any file of the system.
440 CVE-2019-16984 79 XSS 2019-10-21 2019-10-23
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to v4.5.7, the file app\recordings\recording_play.php uses an unsanitized "filename" variable coming from the URL, which is base64 decoded and reflected in HTML, leading to XSS.
441 CVE-2019-16983 79 XSS 2019-10-21 2019-10-23
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to v4.5.7, the file resources\paging.php has a paging function (called by several pages of the interface), which uses an unsanitized "param" variable constructed partially from the URL args and reflected in HTML, leading to XSS.
442 CVE-2019-16982 79 XSS 2019-10-21 2019-10-23
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to v4.5.7, the file app\access_controls\access_control_nodes.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.
443 CVE-2019-16981 79 XSS 2019-10-21 2019-10-23
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to v4.5.7, the file app\conference_profiles\conference_profile_params.php uses an unsanitized "id" variable coming from the URL, which is reflected on 2 occasions in HTML, leading to XSS.
444 CVE-2019-16980 89 Sql 2019-10-21 2019-10-23
6.5
None Remote Low ??? Partial Partial Partial
In FusionPBX up to v4.5.7, the file app\call_broadcast\call_broadcast_edit.php uses an unsanitized "id" variable coming from the URL in an unparameterized SQL query, leading to SQL injection.
445 CVE-2019-16979 79 XSS 2019-10-21 2019-10-23
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to v4.5.7, the file app\contacts\contact_urls.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.
446 CVE-2019-16978 79 XSS 2019-10-21 2019-10-23
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to v4.5.7, the file app\devices\device_settings.php uses an unsanitized "id" variable coming from the URL, which is reflected on 2 occasions in HTML, leading to XSS.
447 CVE-2019-16977 79 XSS 2019-10-23 2019-10-28
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to 4.5.7, the file app\extensions\extension_imports.php uses an unsanitized "query_string" variable coming from the URL, which is reflected in HTML, leading to XSS.
448 CVE-2019-16976 79 XSS 2019-10-23 2019-10-28
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to 4.5.7, the file app\destinations\destination_imports.php uses an unsanitized "query_string" variable coming from the URL, which is reflected on 2 occasions in HTML, leading to XSS.
449 CVE-2019-16975 79 XSS 2019-10-23 2019-10-24
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to 4.5.7, the file app\contacts\contact_notes.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.
450 CVE-2019-16974 79 XSS 2019-10-21 2019-10-23
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to 4.5.7, the file app\contacts\contact_times.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.
Total number of vulnerabilities : 1567   Page : 1 2 3 4 5 6 7 8 9 (This Page)10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.