The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2019-7254 | Linear eMerge E3-Series devices allow File Inclusion. | HIGH | Jul 5, 2019 |
| CVE-2019-7253 | Linear eMerge E3-Series devices allow Directory Traversal. | HIGH | Jul 3, 2019 |
| CVE-2019-7252 | Linear eMerge E3-Series devices have Default Credentials. | MEDIUM | Jul 3, 2019 |
| CVE-2019-7251 | An Integer Signedness issue (for a return code) in the res_pjsip_sdp_rtp module in Digium Asterisk versions 15.7.1 and earlier and 16.1.1 and earlier allows remote authenticated users to crash Asterisk via a specially crafted SDP protocol violation. | MEDIUM | Mar 28, 2019 |
| CVE-2019-7251 | An Integer Signedness issue (for a return code) in the res_pjsip_sdp_rtp module in Digium Asterisk versions 15.7.1 and earlier and 16.1.1 and earlier allows remote authenticated users to crash Asterisk via a specially crafted SDP protocol violation. | MEDIUM | Apr 1, 2019 |
| CVE-2019-7250 | An issue was discovered in the Cross Reference Add-on 36 for Google Docs. Stored XSS in the preview boxes in the configuration panel may allow a malicious user to use both label text and references text to inject arbitrary JavaScript code (via SCRIPT elements, event handlers, etc.). Since this code is stored by the plugin, the attacker may be able to target anyone who opens the configuration panel of the plugin. | Medium | Jan 31, 2019 |
| CVE-2019-7249 | In Keybase before 2.12.6 on macOS, the move RPC to the Helper was susceptible to time-to-check-time-to-use bugs and would also allow one user of the system (who didn\'t have root access) to tamper with another\'s installs. | High | Feb 5, 2019 |
| CVE-2019-7247 | An issue was discovered in AODDriver2.sys in AMD OverDrive. The vulnerable driver exposes a wrmsr instruction via IOCTL 0x81112ee0 and does not properly filter the Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges. | HIGH | May 20, 2020 |
| CVE-2019-7246 | An issue was discovered in atillk64.sys in AMD ATI Diagnostics Hardware Abstraction Sys/Overclocking Utility 5.11.9.0. The vulnerable driver exposes a wrmsr instruction and does not properly filter the Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges. | MEDIUM | May 20, 2020 |
| CVE-2019-7245 | An issue was discovered in GPU-Z.sys in TechPowerUp GPU-Z before 2.23.0. The vulnerable driver exposes a wrmsr instruction via an IOCTL and does not properly filter the Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges. | HIGH | Mar 25, 2020 |
| CVE-2019-7244 | An issue was discovered in kerneld.sys in AIDA64 before 5.99. The vulnerable driver exposes a wrmsr instruction via IOCTL 0x80112084 and does not properly filter the Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges. | HIGH | Mar 25, 2020 |
| CVE-2019-7240 | An issue was discovered in WinRing0x64.sys in Moo0 System Monitor 1.83. The vulnerable driver exposes a wrmsr instruction via IOCTL 0x9C402088 and does not properly filter the Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges. | HIGH | Mar 25, 2020 |
| CVE-2019-7238 | Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control. | HIGH | Mar 27, 2019 |
| CVE-2019-7237 | An issue was discovered in idreamsoft iCMS 7.0.13 on Windows. editor/editor.admincp.php allows admincp.php?app=files&do=browse ..\\ Directory Traversal. | Medium | Jan 31, 2019 |
| CVE-2019-7236 | An issue was discovered in idreamsoft iCMS 7.0.13. editor/editor.admincp.php allows admincp.php?app=editor&do=fileManager dir=../ Directory Traversal. | Medium | Jan 31, 2019 |
| CVE-2019-7235 | An issue was discovered in idreamsoft iCMS 7.0.13. admincp.php?app=apps&do=save allows directory traversal via _app=/../ to designate an arbitrary directory because of an apps.admincp.php error. This directory can then be deleted via an admincp.php?app=apps&do=uninstall request. | Medium | Jan 31, 2019 |
| CVE-2019-7234 | An issue was discovered in idreamsoft iCMS 7.0.13. admincp.php?app=apps&do=save allows directory traversal via _app=/../ to begin the process of creating a ZIP archive file with the complete contents of any directory because of an apps.admincp.php error. This ZIP archive file can then be downloaded via an admincp.php?app=apps&do=pack request. | Medium | Feb 5, 2019 |
| CVE-2019-7233 | In libdoc through 2019-01-28, doc2text in catdoc.c has a NULL pointer dereference. | Medium | Jan 31, 2019 |
| CVE-2019-7232 | The ABB IDAL HTTP server is vulnerable to a buffer overflow when a long Host header is sent in a web request. The Host header value overflows a buffer and overwrites a Structured Exception Handler (SEH) address. An unauthenticated attacker can submit a Host header value of 2047 bytes or more to overflow the buffer and overwrite the SEH address, which can then be leveraged to execute attacker-controlled code on the server. | MEDIUM | Jul 2, 2019 |
| CVE-2019-7231 | The ABB IDAL FTP server is vulnerable to a buffer overflow when a long string is sent by an authenticated attacker. This overflow is handled, but terminates the process. An authenticated attacker can send a FTP command string of 472 bytes or more to overflow a buffer, causing an exception that terminates the server. | LOW | Jun 28, 2019 |
| CVE-2019-7230 | The ABB IDAL FTP server mishandles format strings in a username during the authentication process. Attempting to authenticate with the username %s%p%x%d will crash the server. Sending %08x.AAAA.%08x.%08x will log memory content from the stack. | MEDIUM | Jul 2, 2019 |
| CVE-2019-7229 | The ABB CP635 HMI uses two different transmission methods to upgrade its firmware and its software components: \"Utilization of USB/SD Card to flash the device\" and \"Remote provisioning process via ABB Panel Builder 600 over FTP.\" Neither of these transmission methods implements any form of encryption or authenticity checks against the new firmware HMI software binary files. | MEDIUM | Jul 3, 2019 |
| CVE-2019-7228 | The ABB IDAL HTTP server mishandles format strings in a username or cookie during the authentication process. Attempting to authenticate with the username %25s%25p%25x%25n will crash the server. Sending %08x.AAAA.%08x.%08x will log memory content from the stack. | MEDIUM | Jun 28, 2019 |
| CVE-2019-7227 | In the ABB IDAL FTP server, an authenticated attacker can traverse to arbitrary directories on the hard disk with \"CWD ../\" and then use the FTP server functionality to download and upload files. An unauthenticated attacker can take advantage of the hardcoded or default credential pair exor/exor to become an authenticated attacker. | MEDIUM | Jun 28, 2019 |
| CVE-2019-7226 | The ABB IDAL HTTP server CGI interface contains a URL that allows an unauthenticated attacker to bypass authentication and gain access to privileged functions. Specifically, /cgi/loginDefaultUser creates a session in an authenticated state and returns the session ID along with what may be the username and cleartext password of the user. An attacker can then supply an IDALToken value in a cookie, which will allow them to perform privileged operations such as restarting the service with /cgi/restart. A GET request to /cgi/loginDefaultUser may result in \"1 #S_OK IDALToken=532c8632b86694f0232a68a0897a145c admin admin\" or a similar response. | MEDIUM | Jun 28, 2019 |
| CVE-2019-7225 | The ABB HMI components implement hidden administrative accounts that are used during the provisioning phase of the HMI interface. These credentials allow the provisioning tool \"Panel Builder 600\" to flash a new interface and Tags (MODBUS coils) mapping to the HMI. These credentials are the idal123 password for the IdalMaster account, and the exor password for the exor account. These credentials are used over both HTTP(S) and FTP. There is no option to disable or change these undocumented credentials. An attacker can use these credentials to login to ABB HMI to read/write HMI configuration files and also to reset the device. This affects ABB CP635 HMI, CP600 HMIClient, Panel Builder 600, IDAL FTP server, IDAL HTTP server, and multiple other HMI components. | MEDIUM | Jul 8, 2019 |
| CVE-2019-7223 | InvoicePlane 1.5 has stored XSS via the index.php/invoices/ajax/save invoice_password parameter, aka the \"PDF password\" field to the \"Create Invoice\" option. The XSS payload is rendered at an index.php/invoices/view/## URI. NOTE: this is different from CVE-2018-12255. | LOW | Mar 26, 2019 |
| CVE-2019-7222 | The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak. | LOW | Feb 5, 2019 |
| CVE-2019-7221 | The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free. | MEDIUM | Feb 5, 2019 |
| CVE-2019-7220 | X-Cart V5 is vulnerable to XSS via the CategoryFilter2 parameter. | MEDIUM | Jun 10, 2019 |
| CVE-2019-7219 | Unauthenticated reflected cross-site scripting (XSS) exists in Zarafa Webapp 2.0.1.47791 and earlier. NOTE: this is a discontinued product. The issue was fixed in later Zarafa Webapp versions; however, some former Zarafa Webapp customers use the related Kopano product instead. | Medium | Apr 11, 2019 |
| CVE-2019-7218 | Citrix ShareFile before 19.23 allows a downgrade from two-factor authentication to one-factor authentication. An attacker with access to the offline victim\'s otp physical token or virtual app (like google authenticator) is able to bypass the first authentication phase (username/password mechanism) and log-in using username/otp combination only (phase 2 of 2FA). | Medium | May 14, 2019 |
| CVE-2019-7217 | Citrix ShareFile before 19.12 allows User Enumeration. It is possible to enumerate application username based on different server responses using the request to check the otp code. No authentication is required. | Medium | May 14, 2019 |
| CVE-2019-7216 | An issue was discovered in FileChucker 4.99e-free-e02. filechucker.cgi has a filter bypass that allows a malicious user to upload any type of file by using % characters within the extension, e.g., file.%ph%p becomes file.php. | Medium | Jan 31, 2019 |
| CVE-2019-7215 | Progress Sitefinity 10.1.6536 does not invalidate session cookies upon logouts. It instead tries to overwrite the cookie in the browser, but it remains valid on the server side. This means the cookie can be reused to maintain access to the account, even if the account credentials and permissions are changed. | MEDIUM | Jun 10, 2019 |
| CVE-2019-7214 | SmarterTools SmarterMail 16.x before build 6985 allows deserialization of untrusted data. An unauthenticated attacker could run commands on the server when port 17001 was remotely accessible. This port is not accessible remotely by default after applying the Build 6985 patch. | HIGH | Apr 30, 2019 |
| CVE-2019-7213 | SmarterTools SmarterMail 16.x before build 6985 allows directory traversal. An authenticated user could delete arbitrary files or could create files in new folders in arbitrary locations on the mail server. This could lead to command execution on the server for instance by putting files inside the web directories. | MEDIUM | Apr 30, 2019 |
| CVE-2019-7212 | SmarterTools SmarterMail 16.x before build 6985 has hardcoded secret keys. An unauthenticated attacker could access other users’ emails and file attachments. It was also possible to interact with mailing lists. | Medium | Apr 30, 2019 |
| CVE-2019-7211 | SmarterTools SmarterMail 16.x before build 6995 has stored XSS. JavaScript code could be executed on the application by opening a malicious email or when viewing a malicious file attachment. | MEDIUM | Apr 29, 2019 |
| CVE-2019-7201 | An unquoted service path vulnerability is reported to affect the service QVssService in QNAP NetBak Replicator. This vulnerability could allow an authorized but non-privileged local user to execute arbitrary code with elevated system privileges. QNAP have already fixed this issue in QNAP NetBak Replicator 4.5.12.1108. | HIGH | Dec 9, 2019 |
| CVE-2019-7198 | This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. QNAP have already fixed this vulnerability in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 build 20201015 and later QTS 4.4.3.1354 build 20200702 and later | HIGH | Dec 10, 2020 |
| CVE-2019-7197 | A stored cross-site scripting (XSS) vulnerability has been reported to affect multiple versions of QTS. If exploited, this vulnerability may allow an attacker to inject and execute scripts on the administrator console. To fix this vulnerability, QNAP recommend updating QTS to the latest version. | LOW | Dec 6, 2019 |
| CVE-2019-7195 | This external control of file name or path vulnerability allows remote attackers to access or modify system files. To fix the vulnerability, QNAP recommend updating Photo Station to their latest versions. | HIGH | Dec 9, 2019 |
| CVE-2019-7194 | This external control of file name or path vulnerability allows remote attackers to access or modify system files. To fix the vulnerability, QNAP recommend updating Photo Station to their latest versions. | HIGH | Dec 9, 2019 |
| CVE-2019-7193 | This improper input validation vulnerability allows remote attackers to inject arbitrary code to the system. To fix the vulnerability, QNAP recommend updating QTS to their latest versions. | HIGH | Dec 10, 2019 |
| CVE-2019-7192 | This improper access control vulnerability allows remote attackers to gain unauthorized access to the system. To fix these vulnerabilities, QNAP recommend updating Photo Station to their latest versions. | HIGH | Dec 9, 2019 |
| CVE-2019-7185 | This cross-site scripting (XSS) vulnerability in Music Station allows remote attackers to inject and execute scripts on the administrator’s management console. To fix this vulnerability, QNAP recommend updating Music Station to their latest versions. | LOW | Dec 9, 2019 |
| CVE-2019-7184 | This cross-site scripting (XSS) vulnerability in Video Station allows remote attackers to inject and execute scripts on the administrator’s management console. To fix this vulnerability, QNAP recommend updating Video Station to their latest versions. | LOW | Dec 9, 2019 |
| CVE-2019-7183 | This improper link resolution vulnerability allows remote attackers to access system files. To fix this vulnerability, QNAP recommend updating QTS to their latest versions. | HIGH | Dec 10, 2019 |
| CVE-2019-7181 | Buffer Overflow vulnerability in myQNAPcloud Connect 1.3.3.0925 and earlier could allow remote attackers to crash the program. | MEDIUM | May 10, 2019 |
