CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In January 2019

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-1003004 2019-01-22 2021-11-02
6.5
None Remote Low ??? Partial Partial Partial
An improper authorization vulnerability exists in Jenkins 2.158 and earlier, LTS 2.150.1 and earlier in core/src/main/java/hudson/security/AuthenticationProcessingFilter2.java that allows attackers to extend the duration of active HTTP sessions indefinitely even though the user account may have been deleted in the mean time.
2 CVE-2019-1003003 2019-01-22 2021-11-02
6.5
None Remote Low ??? Partial Partial Partial
An improper authorization vulnerability exists in Jenkins 2.158 and earlier, LTS 2.150.1 and earlier in core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java that allows attackers with Overall/RunScripts permission to craft Remember Me cookies that would never expire, allowing e.g. to persist access to temporarily compromised user accounts.
3 CVE-2019-1003002 Exec Code Bypass 2019-01-22 2020-09-29
6.5
None Remote Low ??? Partial Partial Partial
A sandbox bypass vulnerability exists in Pipeline: Declarative Plugin 1.3.3 and earlier in pipeline-model-definition/src/main/groovy/org/jenkinsci/plugins/pipeline/modeldefinition/parser/Converter.groovy that allows attackers with Overall/Read permission to provide a pipeline script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.
4 CVE-2019-1003001 Exec Code Bypass 2019-01-22 2020-09-29
6.5
None Remote Low ??? Partial Partial Partial
A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.61 and earlier in src/main/java/org/jenkinsci/plugins/workflow/cps/CpsFlowDefinition.java, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShellFactory.java that allows attackers with Overall/Read permission to provide a pipeline script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.
5 CVE-2019-1003000 Exec Code Bypass 2019-01-22 2020-09-29
6.5
None Remote Low ??? Partial Partial Partial
A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the Jenkins master JVM.
6 CVE-2019-7297 78 Exec Code 2019-01-31 2019-02-19
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on D-Link DIR-823G devices with firmware through 1.02B03. A command Injection vulnerability allows attackers to execute arbitrary OS commands via shell metacharacters in a crafted /HNAP1 request. This occurs when the GetNetworkTomographyResult function calls the system function with an untrusted input parameter named Address. Consequently, an attacker can execute any command remotely when they control this input.
7 CVE-2019-7296 79 Exec Code XSS 2019-01-31 2019-02-01
4.3
None Remote Medium Not required None Partial None
typora through 0.9.64 has XSS, with resultant remote command execution, during inline rendering of a mathematical formula.
8 CVE-2019-7295 79 Exec Code XSS 2019-01-31 2019-02-01
4.3
None Remote Medium Not required None Partial None
typora through 0.9.63 has XSS, with resultant remote command execution, during block rendering of a mathematical formula.
9 CVE-2019-7283 2019-01-31 2021-11-23
5.8
None Remote Medium Not required None Partial Partial
An issue was discovered in rcp in NetKit through 0.17. For an rcp operation, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned. A malicious rsh server (or Man-in-The-Middle attacker) can overwrite arbitrary files in a directory on the rcp client machine. This is similar to CVE-2019-6111.
10 CVE-2019-7282 Bypass 2019-01-31 2021-11-23
4.3
None Remote Medium Not required None Partial None
In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. This is similar to CVE-2018-20685.
11 CVE-2019-7250 79 XSS 2019-01-31 2019-02-01
4.3
None Remote Medium Not required None Partial None
An issue was discovered in the Cross Reference Add-on 36 for Google Docs. Stored XSS in the preview boxes in the configuration panel may allow a malicious user to use both label text and references text to inject arbitrary JavaScript code (via SCRIPT elements, event handlers, etc.). Since this code is stored by the plugin, the attacker may be able to target anyone who opens the configuration panel of the plugin.
12 CVE-2019-7249 367 2019-01-31 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
In Keybase before 2.12.6 on macOS, the move RPC to the Helper was susceptible to time-to-check-time-to-use bugs and would also allow one user of the system (who didn't have root access) to tamper with another's installs.
13 CVE-2019-7237 22 Dir. Trav. 2019-01-30 2019-01-31
5.0
None Remote Low Not required Partial None None
An issue was discovered in idreamsoft iCMS 7.0.13 on Windows. editor/editor.admincp.php allows admincp.php?app=files&do=browse ..\ Directory Traversal.
14 CVE-2019-7236 22 Dir. Trav. 2019-01-30 2019-01-31
5.0
None Remote Low Not required Partial None None
An issue was discovered in idreamsoft iCMS 7.0.13. editor/editor.admincp.php allows admincp.php?app=editor&do=fileManager dir=../ Directory Traversal.
15 CVE-2019-7235 22 Dir. Trav. 2019-01-30 2019-02-01
6.4
None Remote Low Not required None Partial Partial
An issue was discovered in idreamsoft iCMS 7.0.13. admincp.php?app=apps&do=save allows directory traversal via _app=/../ to designate an arbitrary directory because of an apps.admincp.php error. This directory can then be deleted via an admincp.php?app=apps&do=uninstall request.
16 CVE-2019-7234 22 Dir. Trav. 2019-01-30 2019-02-05
6.4
None Remote Low Not required Partial Partial None
An issue was discovered in idreamsoft iCMS 7.0.13. admincp.php?app=apps&do=save allows directory traversal via _app=/../ to begin the process of creating a ZIP archive file with the complete contents of any directory because of an apps.admincp.php error. This ZIP archive file can then be downloaded via an admincp.php?app=apps&do=pack request.
17 CVE-2019-7233 476 2019-01-30 2019-02-01
6.8
None Remote Medium Not required Partial Partial Partial
In libdoc through 2019-01-28, doc2text in catdoc.c has a NULL pointer dereference.
18 CVE-2019-7216 Bypass 2019-01-31 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in FileChucker 4.99e-free-e02. filechucker.cgi has a filter bypass that allows a malicious user to upload any type of file by using % characters within the extension, e.g., file.%ph%p becomes file.php.
19 CVE-2019-7173 79 Exec Code XSS 2019-01-29 2019-01-29
3.5
None Remote Medium ??? None Partial None
A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/file-manager/attachments/edit/4.
20 CVE-2019-7172 79 Exec Code XSS 2019-01-29 2019-01-29
4.3
None Remote Medium Not required None Partial None
A stored-self XSS exists in ATutor through v2.2.4, allowing an attacker to execute HTML or JavaScript code in a vulnerable Real Name field to /mods/_core/users/admins/my_edit.php.
21 CVE-2019-7171 79 Exec Code XSS 2019-01-29 2019-01-29
3.5
None Remote Medium ??? None Partial None
A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/blocks/blocks/edit/8.
22 CVE-2019-7170 79 Exec Code XSS 2019-01-29 2019-01-29
3.5
None Remote Medium ??? None Partial None
A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/taxonomy/vocabularies.
23 CVE-2019-7169 79 Exec Code XSS 2019-01-29 2019-01-29
3.5
None Remote Medium ??? None Partial None
A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/menus/menus/edit/3.
24 CVE-2019-7168 79 Exec Code XSS 2019-01-29 2019-01-29
3.5
None Remote Medium ??? None Partial None
A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Blog field to /admin/nodes/nodes/add/blog.
25 CVE-2019-7160 22 Exec Code Dir. Trav. 2019-01-29 2019-02-04
7.5
None Remote Low Not required Partial Partial Partial
idreamsoft iCMS 7.0.13 allows admincp.php?app=files ../ Directory Traversal via the udir parameter to files.admincp.php, resulting in execution of arbitrary PHP code from a ZIP file via the admincp.php?app=apps zipfile parameter to apps.admincp.php.
26 CVE-2019-7156 369 2019-01-29 2019-02-27
4.3
None Remote Medium Not required None None Partial
In libdoc through 2019-01-28, calcFileBlockOffset in ole.c allows division by zero.
27 CVE-2019-7154 787 Overflow 2019-01-29 2020-06-08
4.3
None Remote Medium Not required None None Partial
The main function in tools/wasm2js.cpp in Binaryen 1.38.22 has a heap-based buffer overflow because Emscripten is misused, triggering an error in cashew::JSPrinter::printAst() in emscripten-optimizer/simple_ast.h. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by wasm2js.
28 CVE-2019-7153 476 2019-01-29 2020-06-08
4.3
None Remote Medium Not required None None Partial
A NULL pointer dereference was discovered in wasm::WasmBinaryBuilder::processFunctions() in wasm/wasm-binary.cpp (when calling wasm::WasmBinaryBuilder::getFunctionIndexName) in Binaryen 1.38.22. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by wasm-opt.
29 CVE-2019-7152 125 2019-01-29 2020-06-08
4.3
None Remote Medium Not required None None Partial
A heap-based buffer over-read was discovered in wasm::WasmBinaryBuilder::processFunctions() in wasm/wasm-binary.cpp (when calling wasm::WasmBinaryBuilder::getFunctionIndexName) in Binaryen 1.38.22. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by wasm-opt.
30 CVE-2019-7151 476 2019-01-29 2020-06-08
4.3
None Remote Medium Not required None None Partial
A NULL pointer dereference was discovered in wasm::Module::getFunctionOrNull in wasm/wasm.cpp in Binaryen 1.38.22. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by wasm-opt.
31 CVE-2019-7150 125 2019-01-29 2021-11-30
4.3
None Remote Medium Not required None None Partial
An issue was discovered in elfutils 0.175. A segmentation fault can occur in the function elf64_xlatetom in libelf/elf32_xlatetom.c, due to dwfl_segment_report_module not checking whether the dyn data read from a core file is truncated. A crafted input can cause a program crash, leading to denial-of-service, as demonstrated by eu-stack.
32 CVE-2019-7149 125 2019-01-29 2019-06-10
4.3
None Remote Medium Not required None None Partial
A heap-based buffer over-read was discovered in the function read_srclines in dwarf_getsrclines.c in libdw in elfutils 0.175. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by eu-nm.
33 CVE-2019-7148 770 2019-01-29 2020-08-24
4.3
None Remote Medium Not required None None Partial
An attempted excessive memory allocation was discovered in the function read_long_names in elf_begin.c in libelf in elfutils 0.174. Remote attackers could leverage this vulnerability to cause a denial-of-service via crafted elf input, which leads to an out-of-memory exception. NOTE: The maintainers believe this is not a real issue, but instead a "warning caused by ASAN because the allocation is big. By setting ASAN_OPTIONS=allocator_may_return_null=1 and running the reproducer, nothing happens."
34 CVE-2019-7147 125 2019-01-29 2020-08-24
4.3
None Remote Medium Not required None None Partial
A buffer over-read exists in the function crc64ib in crc64.c in nasmlib in Netwide Assembler (NASM) 2.14rc16. A crafted asm input can cause segmentation faults, leading to denial-of-service.
35 CVE-2019-7146 125 2019-01-29 2020-08-24
4.3
None Remote Medium Not required None None Partial
In elfutils 0.175, there is a buffer over-read in the ebl_object_note function in eblobjnote.c in libebl. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted elf file, as demonstrated by eu-readelf.
36 CVE-2019-6992 79 Exec Code XSS 2019-01-28 2019-01-29
4.3
None Remote Medium Not required None Partial None
A stored-self XSS exists in web/skins/classic/views/controlcaps.php of ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in a vulnerable field via a long NAME or PROTOCOL to the index.php?view=controlcaps URI.
37 CVE-2019-6991 787 Exec Code Overflow 2019-01-28 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
A classic Stack-based buffer overflow exists in the zmLoadUser() function in zm_user.cpp of the zmu binary in ZoneMinder through 1.32.3, allowing an unauthenticated attacker to execute code via a long username.
38 CVE-2019-6990 79 Exec Code XSS 2019-01-28 2019-01-29
3.5
None Remote Medium ??? None Partial None
A stored-self XSS exists in web/skins/classic/views/zones.php of ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in a vulnerable field via a crafted Zone NAME to the index.php?view=zones&action=zoneImage&mid=1 URI.
39 CVE-2019-6988 770 DoS 2019-01-28 2020-08-24
4.3
None Remote Medium Not required None None Partial
An issue was discovered in OpenJPEG 2.3.0. It allows remote attackers to cause a denial of service (attempted excessive memory allocation) in opj_calloc in openjp2/opj_malloc.c, when called from opj_tcd_init_tile in openjp2/tcd.c, as demonstrated by the 64-bit opj_decompress.
40 CVE-2019-6986 77 DoS 2019-01-28 2020-08-24
5.0
None Remote Low Not required None None Partial
SPARQL Injection in VIVO Vitro v1.10.0 allows a remote attacker to execute arbitrary SPARQL via the uri parameter, leading to a regular expression denial of service (ReDoS), as demonstrated by crafted use of FILTER%20regex in a /individual?uri= request.
41 CVE-2019-6985 125 Overflow 2019-01-28 2019-01-29
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF. The application could encounter an Out-of-Bounds Read in Indexing or a Heap Overflow and crash during handling of certain PDF files that embed specifically crafted 3D content, due to an array access violation.
42 CVE-2019-6984 416 2019-01-28 2021-07-21
4.3
None Remote Medium Not required None None Partial
An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF. The application could encounter a Use-After-Free or Type Confusion and crash during handling of certain PDF files that embed specifically crafted 3D content, due to the use of a wild pointer.
43 CVE-2019-6983 190 Overflow 2019-01-28 2019-01-29
4.3
None Remote Medium Not required None None Partial
An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF. The application could encounter an Integer Overflow and crash during the handling of certain PDF files that embed specifically crafted 3D content, because of a free of valid memory.
44 CVE-2019-6982 787 2019-01-28 2019-01-28
4.3
None Remote Medium Not required None None Partial
An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF. The application could encounter an Out-of-Bounds Write and crash during the handling of certain PDF files that embed specifically crafted 3D content, because of the improper handling of a logic exception in the IFXASSERT function.
45 CVE-2019-6979 79 XSS 2019-01-28 2019-01-29
4.3
None Remote Medium Not required None Partial None
An issue was discovered in the User IP History Logs (aka IP_History_Logs) plugin 1.0.2 for MyBB. There is XSS via the admin/modules/tools/ip_history_logs.php useragent field.
46 CVE-2019-6978 415 2019-01-28 2019-04-05
7.5
None Remote Low Not required Partial Partial Partial
The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is unaffected.
47 CVE-2019-6977 787 Overflow 2019-01-27 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger imagecolormatch calls with crafted image data.
48 CVE-2019-6976 908 2019-01-26 2020-08-24
5.0
None Remote Low Not required Partial None None
libvips before 8.7.4 generates output images from uninitialized memory locations when processing corrupted input image data because iofuncs/memory.c does not zero out allocated memory. This can result in leaking raw process memory contents through the output image.
49 CVE-2019-6966 770 2019-01-25 2020-08-24
4.3
None Remote Medium Not required None None Partial
An issue was discovered in Bento4 1.5.1-628. The AP4_ElstAtom class in Core/Ap4ElstAtom.cpp has an attempted excessive memory allocation related to AP4_Array<AP4_ElstEntry>::EnsureCapacity in Core/Ap4Array.h, as demonstrated by mp42hls.
50 CVE-2019-6956 125 2019-01-25 2021-11-17
5.8
None Remote Medium Not required Partial None Partial
An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. It is a buffer over-read in ps_mix_phase in libfaad/ps_dec.c.
Total number of vulnerabilities : 1212   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.