Export limit exceeded: 10276 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10276 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-1649 | 1 Cisco | 193 1120 Connected Grid Router, 1240 Connected Grid Router, 15454-m-wse-k9 and 190 more | 2024-11-21 | 6.7 Medium |
| A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot hardware implementation. An attacker with elevated privileges and access to the underlying operating system that is running on the affected device could exploit this vulnerability by writing a modified firmware image to the FPGA. A successful exploit could either cause the device to become unusable (and require a hardware replacement) or allow tampering with the Secure Boot verification process, which under some circumstances may allow the attacker to install and boot a malicious software image. An attacker will need to fulfill all the following conditions to attempt to exploit this vulnerability: Have privileged administrative access to the device. Be able to access the underlying operating system running on the device; this can be achieved either by using a supported, documented mechanism or by exploiting another vulnerability that would provide an attacker with such access. Develop or have access to a platform-specific exploit. An attacker attempting to exploit this vulnerability across multiple affected platforms would need to research each one of those platforms and then develop a platform-specific exploit. Although the research process could be reused across different platforms, an exploit developed for a given hardware platform is unlikely to work on a different hardware platform. | ||||
| CVE-2019-1547 | 2 Openssl, Redhat | 3 Openssl, Enterprise Linux, Jboss Core Services | 2024-11-21 | 4.7 Medium |
| Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s). | ||||
| CVE-2019-1486 | 1 Microsoft | 2 Visual Studio 2019, Visual Studio Live Share | 2024-11-21 | 6.1 Medium |
| A spoofing vulnerability exists in Visual Studio Live Share when a guest connected to a Live Share session is redirected to an arbitrary URL specified by the session host, aka 'Visual Studio Live Share Spoofing Vulnerability'. | ||||
| CVE-2019-1409 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 5.5 Medium |
| An information disclosure vulnerability exists when the Windows Remote Procedure Call (RPC) runtime improperly initializes objects in memory, aka 'Windows Remote Procedure Call Information Disclosure Vulnerability'. | ||||
| CVE-2019-1299 | 1 Microsoft | 3 Edge, Windows 10, Windows Server 2019 | 2024-11-21 | 6.5 Medium |
| An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory, aka 'Microsoft Edge based on Edge HTML Information Disclosure Vulnerability'. | ||||
| CVE-2019-1274 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 5.5 Medium |
| An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'. | ||||
| CVE-2019-1075 | 1 Microsoft | 1 Asp.net Core | 2024-11-21 | N/A |
| A spoofing vulnerability exists in ASP.NET Core that could lead to an open redirect, aka 'ASP.NET Core Spoofing Vulnerability'. | ||||
| CVE-2019-1060 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2024-11-21 | 8.8 High |
| A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'. | ||||
| CVE-2019-19998 | 1 Xiuno | 1 Xiunobbs | 2024-11-21 | 7.5 High |
| Xiuno BBS 4.0 allows XXE via plugin/xn_wechat_public/route/token.php. | ||||
| CVE-2019-19959 | 3 Canonical, Redhat, Sqlite | 3 Ubuntu Linux, Enterprise Linux, Sqlite | 2024-11-21 | 7.5 High |
| ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind. | ||||
| CVE-2019-19958 | 1 Mz-automation | 1 Libiec61850 | 2024-11-21 | 6.5 Medium |
| In libIEC61850 1.4.0, StringUtils_createStringFromBuffer in common/string_utilities.c has an integer signedness issue that could lead to an attempted excessive memory allocation and denial of service. | ||||
| CVE-2019-19946 | 1 Dradisframework | 1 Dradis | 2024-11-21 | 6.5 Medium |
| The API in Dradis Pro 3.4.1 allows any user to extract the content of a project, even if this user is not part of the project team. | ||||
| CVE-2019-19945 | 1 Openwrt | 1 Openwrt | 2024-11-21 | 7.5 High |
| uhttpd in OpenWrt through 18.06.5 and 19.x through 19.07.0-rc2 has an integer signedness error. This leads to out-of-bounds access to a heap buffer and a subsequent crash. It can be triggered with an HTTP POST request to a CGI script, specifying both "Transfer-Encoding: chunked" and a large negative Content-Length value. | ||||
| CVE-2019-19866 | 1 Atos | 1 Unify Openscape Uc Web Client | 2024-11-21 | 7.5 High |
| Atos Unify OpenScape UC Web Client V9 before version V9 R4.31.0 and V10 before version V10 R0.6.0 allows remote attackers to obtain sensitive information. By iterating the value of conferenceId to getMailFunction in the JSON API, one can enumerate all conferences scheduled on the platform, with their numbers and access PINs. | ||||
| CVE-2019-19844 | 2 Canonical, Djangoproject | 2 Ubuntu Linux, Django | 2024-11-21 | 9.8 Critical |
| Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of Unicode characters) would allow an attacker to be sent a password reset token for the matched user account. (One mitigation in the new releases is to send password reset tokens only to the registered user email address.) | ||||
| CVE-2019-19775 | 1 Zulip | 1 Zulip Server | 2024-11-21 | 6.1 Medium |
| The image thumbnailing handler in Zulip Server versions 1.9.0 to before 2.0.8 allowed an open redirect that was visible to logged-in users. | ||||
| CVE-2019-19758 | 1 Lenovo | 4 Ez Media \& Backup Center Ix2, Ez Media \& Backup Center Ix2-dl, Ez Media \& Backup Center Ix2-dl Firmware and 1 more | 2024-11-21 | 6.1 Medium |
| A vulnerability in the web interface of Lenovo EZ Media & Backup Center, ix2 & ix2-dl version 4.1.406.34763 and prior could allow an unauthenticated, remote attacker to redirect a user to an untrusted web page. | ||||
| CVE-2019-19755 | 1 Ethos | 1 Ethos | 2024-11-21 | 9.1 Critical |
| ethOS through 1.3.3 ships with SSH host keys baked into the installation image, which allows man-in-the-middle attacks and makes identification of all public IPv4 nodes trivial with Shodan.io. NOTE: as of 2019-12-01, the vendor indicated that they plan to fix this. | ||||
| CVE-2019-19729 | 1 Bson-objectid Project | 1 Bson-objectid | 2024-11-21 | 7.5 High |
| An issue was discovered in the BSON ObjectID (aka bson-objectid) package 1.3.0 for Node.js. ObjectID() allows an attacker to generate a malformed objectid by inserting an additional property to the user-input, because bson-objectid will return early if it detects _bsontype==ObjectID in the user-input object. As a result, objects in arbitrary forms can bypass formatting if they have a valid bsontype. | ||||
| CVE-2019-19725 | 3 Canonical, Debian, Sysstat Project | 3 Ubuntu Linux, Debian Linux, Sysstat | 2024-11-21 | 9.8 Critical |
| sysstat through 12.2.0 has a double free in check_file_actlst in sa_common.c. | ||||