Total
10666 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-1910 | 1 Cisco | 2 Carrier Routing System, Ios Xr | 2023-11-07 | 6.1 MEDIUM | 7.4 HIGH |
| A vulnerability in the implementation of the Intermediate System–to–Intermediate System (IS–IS) routing protocol functionality in Cisco IOS XR Software could allow an unauthenticated attacker who is in the same IS–IS area to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of crafted IS–IS link-state protocol data units (PDUs). An attacker could exploit this vulnerability by sending a crafted link-state PDU to an affected system to be processed. A successful exploit could allow the attacker to cause all routers within the IS–IS area to unexpectedly restart the IS–IS process, resulting in a DoS condition. This vulnerability affects Cisco devices if they are running a vulnerable release of Cisco IOS XR Software earlier than Release 6.6.3 and are configured with the IS–IS routing protocol. Cisco has confirmed that this vulnerability affects both Cisco IOS XR 32-bit Software and Cisco IOS XR 64-bit Software. | |||||
| CVE-2019-1354 | 1 Microsoft | 2 Visual Studio 2017, Visual Studio 2019 | 2023-11-07 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1352, CVE-2019-1387. | |||||
| CVE-2019-1352 | 1 Microsoft | 2 Visual Studio 2017, Visual Studio 2019 | 2023-11-07 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387. | |||||
| CVE-2019-1350 | 1 Microsoft | 2 Visual Studio 2017, Visual Studio 2019 | 2023-11-07 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387. | |||||
| CVE-2019-1349 | 1 Microsoft | 2 Visual Studio 2017, Visual Studio 2019 | 2023-11-07 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387. | |||||
| CVE-2019-19579 | 2 Fedoraproject, Xen | 2 Fedora, Xen | 2023-11-07 | 7.2 HIGH | 6.8 MEDIUM |
| An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device (and assignable-add is not used), because of an incomplete fix for CVE-2019-18424. XSA-302 relies on the use of libxl's "assignable-add" feature to prepare devices to be assigned to untrusted guests. Unfortunately, this is not considered a strictly required step for device assignment. The PCI passthrough documentation on the wiki describes alternate ways of preparing devices for assignment, and libvirt uses its own ways as well. Hosts where these "alternate" methods are used will still leave the system in a vulnerable state after the device comes back from a guest. An untrusted domain with access to a physical device can DMA into host memory, leading to privilege escalation. Only systems where guests are given direct access to physical devices capable of DMA (PCI pass-through) are vulnerable. Systems which do not use PCI pass-through are not vulnerable. | |||||
| CVE-2019-17042 | 4 Debian, Fedoraproject, Opensuse and 1 more | 4 Debian Linux, Fedora, Leap and 1 more | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon), but fails to account for strings that do not satisfy this constraint. If the string does not match, then the variable lenMsg will reach the value zero and will skip the sanity check that detects invalid log messages. The message will then be considered valid, and the parser will eat up the nonexistent colon delimiter. In doing so, it will decrement lenMsg, a signed integer, whose value was zero and now becomes minus one. The following step in the parser is to shift left the contents of the message. To do this, it will call memmove with the right pointers to the target and destination strings, but the lenMsg will now be interpreted as a huge value, causing a heap overflow. | |||||
| CVE-2019-14905 | 3 Fedoraproject, Opensuse, Redhat | 8 Fedora, Backports Sle, Leap and 5 more | 2023-11-07 | 4.6 MEDIUM | 5.6 MEDIUM |
| A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craft the filename parameter to perform OS command injections. This could result in a loss of confidentiality of the system among other issues. | |||||
| CVE-2019-14904 | 2 Debian, Redhat | 2 Debian Linux, Ansible | 2023-11-07 | 6.1 MEDIUM | 7.3 HIGH |
| A flaw was found in the solaris_zone module from the Ansible Community modules. When setting the name for the zone on the Solaris host, the zone name is checked by listing the process with the 'ps' bare command on the remote machine. An attacker could take advantage of this flaw by crafting the name of the zone and executing arbitrary commands in the remote host. Ansible Engine 2.7.15, 2.8.7, and 2.9.2 as well as previous versions are affected. | |||||
| CVE-2019-14566 | 3 Intel, Linux, Microsoft | 3 Software Guard Extensions Sdk, Linux Kernel, Windows | 2023-11-07 | 4.6 MEDIUM | 7.8 HIGH |
| Insufficient input validation in Intel(R) SGX SDK multiple Linux and Windows versions may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local access. | |||||
| CVE-2019-13750 | 5 Canonical, Debian, Fedoraproject and 2 more | 8 Ubuntu Linux, Debian Linux, Fedora and 5 more | 2023-11-07 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a crafted HTML page. | |||||
| CVE-2019-13707 | 2 Google, Opensuse | 2 Chrome, Backports | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| Insufficient validation of untrusted input in intents in Google Chrome on Android prior to 78.0.3904.70 allowed a local attacker to leak files via a crafted application. | |||||
| CVE-2019-13692 | 1 Google | 1 Chrome | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Insufficient policy enforcement in reader mode in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass site isolation via a crafted HTML page. | |||||
| CVE-2019-13675 | 1 Google | 1 Chrome | 2023-11-07 | 4.3 MEDIUM | 4.3 MEDIUM |
| Insufficient data validation in extensions in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to disable extensions via a crafted HTML page. | |||||
| CVE-2019-13449 | 1 Zoom | 1 Zoom | 2023-11-07 | 4.3 MEDIUM | 6.5 MEDIUM |
| In the Zoom Client before 4.4.2 on macOS, remote attackers can cause a denial of service (continual focus grabs) via a sequence of invalid launch?action=join&confno= requests to localhost port 19421. | |||||
| CVE-2019-12816 | 1 Znc | 1 Znc | 2023-11-07 | 6.5 MEDIUM | 8.8 HIGH |
| Modules.cpp in ZNC before 1.7.4-rc1 allows remote authenticated non-admin users to escalate privileges and execute arbitrary code by loading a module with a crafted name. | |||||
| CVE-2019-12400 | 3 Apache, Oracle, Redhat | 3 Santuario Xml Security For Java, Weblogic Server, Jboss Enterprise Application Platform | 2023-11-07 | 1.9 LOW | 5.5 MEDIUM |
| In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. However, if some untrusted code can register a malicious implementation with the thread context class loader first, then this implementation might be cached and re-used by Apache Santuario - XML Security for Java, leading to potential security flaws when validating signed documents, etc. The vulnerability affects Apache Santuario - XML Security for Java 2.0.x releases from 2.0.3 and all 2.1.x releases before 2.1.4. | |||||
| CVE-2019-12290 | 1 Gnu | 1 Libidn2 | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the inclusion of certain punycoded Unicode characters (that would be discarded when converted first to a Unicode label and then back to an ASCII label), arbitrary domains can be impersonated. | |||||
| CVE-2019-11687 | 1 Nema | 1 Dicom Standard | 2023-11-07 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in the DICOM Part 10 File Format in the NEMA DICOM Standard 1995 through 2019b. The preamble of a DICOM file that complies with this specification can contain the header for an executable file, such as Portable Executable (PE) malware. This space is left unspecified so that dual-purpose files can be created. (For example, dual-purpose TIFF/DICOM files are used in digital whole slide imaging for applications in medicine.) To exploit this vulnerability, someone must execute a maliciously crafted file that is encoded in the DICOM Part 10 File Format. PE/DICOM files are executable even with the .dcm file extension. Anti-malware configurations at healthcare facilities often ignore medical imagery. Also, anti-malware tools and business processes could violate regulatory frameworks (such as HIPAA) when processing suspicious DICOM files. | |||||
| CVE-2019-11460 | 1 Gnome | 1 Gnome-desktop | 2023-11-07 | 6.8 MEDIUM | 9.0 CRITICAL |
| An issue was discovered in GNOME gnome-desktop 3.26, 3.28, and 3.30 prior to 3.30.2.2, and 3.32 prior to 3.32.1.1. A compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl to push characters into the input buffer of the thumbnailer's controlling terminal, allowing an attacker to escape the sandbox if the thumbnailer has a controlling terminal. This is due to improper filtering of the TIOCSTI ioctl on 64-bit systems, similar to CVE-2019-10063. | |||||