The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2019-20092 | An issue was discovered in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4_Descriptor::GetTag in mp42ts when called from AP4_EsDescriptor::GetDecoderConfigDescriptor in Ap4EsDescriptor.cpp. | MEDIUM | Jan 7, 2020 | n/a |
| CVE-2019-20091 | An issue was discovered in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4_Descriptor::GetTag in mp42ts when called from AP4_DecoderConfigDescriptor::GetDecoderSpecificInfoDescriptor in Ap4DecoderConfigDescriptor.cpp. | MEDIUM | Jan 7, 2020 | n/a |
| CVE-2019-20090 | An issue was discovered in Bento4 1.5.1.0. There is a use-after-free in AP4_Sample::GetOffset in Core/Ap4Sample.h when called from Ap4LinearReader.cpp. | MEDIUM | Jan 7, 2020 | n/a |
| CVE-2019-20089 | GoPro GPMF-parser 1.2.3 has an heap-based buffer over-read in GPMF_SeekToSamples in GPMF_parse.c for the size calculation. | MEDIUM | Jan 7, 2020 | n/a |
| CVE-2019-20088 | GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in GetPayload in GPMF_mp4reader.c. | MEDIUM | Jan 7, 2020 | n/a |
| CVE-2019-20087 | GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in GPMF_seekToSamples in GPMF-parse.c for the matching tags feature. | MEDIUM | Jan 8, 2020 | n/a |
| CVE-2019-20086 | GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in GPMF_Next in GPMF_parser.c. | MEDIUM | Jan 8, 2020 | n/a |
| CVE-2019-20085 | TVT NVMS-1000 devices allow GET /.. Directory Traversal | MEDIUM | Jan 7, 2020 | n/a |
| CVE-2019-20082 | ASUS RT-N53 3.0.0.4.376.3754 devices have a buffer overflow via a long lan_dns1_x or lan_dns2_x parameter to Advanced_LAN_Content.asp. | HIGH | Dec 28, 2021 | n/a |
| CVE-2019-20079 | The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory. | HIGH | Jan 8, 2020 | n/a |
| CVE-2019-20077 | The Typesetter CMS 5.1 logout functionality is affected by a CSRF vulnerability. The logout function of the admin panel is not protected by any CSRF tokens. An attacker can logout the user using this vulnerability. | MEDIUM | Jan 9, 2020 | n/a |
| CVE-2019-20076 | On Netis DL4323 devices, XSS exists via the form2Ddns.cgi username parameter (DynDns settings of the Dynamic DNS Configuration). | MEDIUM | Jan 2, 2020 | n/a |
| CVE-2019-20075 | On Netis DL4323 devices, pingrtt_v6.html has XSS (Ping6 Diagnostic). | MEDIUM | Jan 2, 2020 | n/a |
| CVE-2019-20074 | On Netis DL4323 devices, any user role can view sensitive information, such as a user password or the FTP password, via the form2saveConf.cgi page. | MEDIUM | Jan 2, 2020 | n/a |
| CVE-2019-20073 | On Netis DL4323 devices, XSS exists via the form2userconfig.cgi username parameter (User Account Configuration). | MEDIUM | Jan 2, 2020 | n/a |
| CVE-2019-20072 | On Netis DL4323 devices, XSS exists via the form2Ddns.cgi hostname parameter (Dynamic DNS Configuration). | MEDIUM | Jan 2, 2020 | n/a |
| CVE-2019-20071 | On Netis DL4323 devices, CSRF exists via form2logaction.cgi to delete all logs. | MEDIUM | Jan 2, 2020 | n/a |
| CVE-2019-20070 | On Netis DL4323 devices, XSS exists via the urlFQDN parameter to form2url.cgi (aka the Keyword field of the URL Blocking Configuration). | MEDIUM | Jan 2, 2020 | n/a |
| CVE-2019-20063 | hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by mysofa2json. | MEDIUM | Jan 8, 2020 | n/a |
| CVE-2019-20062 | MFScripts YetiShare v3.5.2 through v4.5.4 might allow an attacker to reset a password by using a leaked hash (the hash never expires until used). | MEDIUM | Feb 10, 2020 | n/a |
| CVE-2019-20061 | The user-introduction email in MFScripts YetiShare v3.5.2 through v4.5.4 may leak the (system-picked) password if this email is sent in cleartext. In other words, the user is not allowed to choose their own initial password. | MEDIUM | Feb 11, 2020 | n/a |
| CVE-2019-20060 | MFScripts YetiShare v3.5.2 through v4.5.4 places sensitive information in the Referer header. If this leaks, then third parties may discover password-reset hashes, file-delete links, or other sensitive information. | MEDIUM | Feb 11, 2020 | n/a |
| CVE-2019-20059 | payment_manage.ajax.php and various *_manage.ajax.php in MFScripts YetiShare 3.5.2 through 4.5.4 directly insert values from the sSortDir_0 parameter into a SQL string. This allows an attacker to inject their own SQL and manipulate the query, typically extracting data from the database, aka SQL Injection. NOTE: this issue exists because of an incomplete fix for CVE-2019-19732. | MEDIUM | Feb 11, 2020 | n/a |
| CVE-2019-20058 | Bolt 3.7.0, if Symfony Web Profiler is used, allows XSS because unsanitized search?search= input is shown on the _profiler page. NOTE: this is disputed because profiling was never intended for use in production. This is related to CVE-2018-12040 | MEDIUM | Jan 8, 2020 | n/a |
| CVE-2019-20057 | com.proxyman.NSProxy.HelperTool in Privileged Helper Tool in Proxyman for macOS 1.11.0 and earlier allows an attacker to change the System Proxy and redirect all traffic to an attacker-controlled computer, enabling MITM attacks. | MEDIUM | Jan 2, 2020 | n/a |
| CVE-2019-20056 | stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has an assertion failure in stbi__shiftsigned. | MEDIUM | Jan 8, 2020 | n/a |
| CVE-2019-20055 | LuquidPixels LiquiFire OS 4.8.0 allows SSRF via the call%3Durl substring followed by a URL in square brackets. | MEDIUM | Jan 2, 2020 | n/a |
| CVE-2019-20054 | In the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka CID-23da9588037e. | MEDIUM | Jan 8, 2020 | n/a |
| CVE-2019-20053 | An invalid memory address dereference was discovered in the canUnpack function in p_mach.cpp in UPX 3.95 via a crafted Mach-O file. | MEDIUM | Jan 8, 2020 | n/a |
| CVE-2019-20052 | A memory leak was discovered in Mat_VarCalloc in mat.c in matio 1.5.17 because SafeMulDims does not consider the rank==0 case. | MEDIUM | Jan 8, 2020 | n/a |
| CVE-2019-20051 | A floating-point exception was discovered in PackLinuxElf::elf_hash in p_lx_elf.cpp in UPX 3.95. The vulnerability causes an application crash, which leads to denial of service. | MEDIUM | Jan 8, 2020 | n/a |
| CVE-2019-20050 | Pandora FMS = 7.42 suffers from a remote code execution vulnerability. To exploit the vulnerability, an authenticated user should create a new folder with a tricky name in the filemanager. The exploit works when the php-fileinfo extension is disabled on the host system. The attacker must include shell metacharacters in the content type. | HIGH | Feb 10, 2020 | n/a |
| CVE-2019-20049 | An issue was discovered on Alcatel-Lucent OmniVista 4760 devices. A remote unauthenticated attacker can chain a directory traversal (which helps to bypass authentication) with an insecure file upload to achieve Remote Code Execution as SYSTEM. The directory traversal is in the __construct() whereas the insecure file upload is in SetSkinImages(). | HIGH | Jan 7, 2020 | n/a |
| CVE-2019-20048 | An issue was discovered on Alcatel-Lucent OmniVista 8770 devices before 4.1.2. An authenticated remote attacker, with elevated privileges in the Web Directory component on port 389, may upload a PHP file to achieve Remote Code Execution as SYSTEM. | HIGH | Jan 7, 2020 | n/a |
| CVE-2019-20047 | An issue was discovered on Alcatel-Lucent OmniVista 4760 devices, and 8770 devices before 4.1.2. An incorrect web server configuration allows a remote unauthenticated attacker to retrieve the content of its own session files. Every session file contains the administrative LDAP credentials encoded in a reversible format. Sessions are stored in /sessions/sess_<sessionid>. | MEDIUM | Jan 7, 2020 | n/a |
| CVE-2019-20046 | The Synergy Systems & Solutions PLC & RTU system has a vulnerability in HUSKY RTU 6049-E70 firmware versions 5.0 and prior. The affected product does not require adequate authentication, which may allow an attacker to read sensitive information or execute arbitrary code. This is a different issue than CVE-2019-16879 and CVE-2019-20045. | HIGH | Feb 14, 2020 | n/a |
| CVE-2019-20045 | The Synergy Systems & Solutions PLC & RTU system has a vulnerability in HUSKY RTU 6049-E70 firmware versions 5.0 and prior. Specially crafted malicious packets could cause disconnection of active authentic connections or reboot of device. This is a different issue than CVE-2019-16879 and CVE-2019-20046. | HIGH | Feb 14, 2020 | n/a |
| CVE-2019-20044 | In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. Zsh fails to overwrite the saved uid, so the original privileges can be restored by executing MODULE_PATH=/dir/with/module zmodload with a module that calls setuid(). | HIGH | Feb 27, 2020 | n/a |
| CVE-2019-20043 | In in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in WordPress 3.7 to 5.3.0, authenticated users who do not have the rights to publish a post are able to mark posts as sticky or unsticky via the REST API. For example, the contributor role does not have such rights, but this allowed them to bypass that. This has been patched in WordPress 5.3.1, along with all the previous WordPress versions from 3.7 to 5.3 via a minor release. | MEDIUM | Jan 10, 2020 | n/a |
| CVE-2019-20042 | In wp-includes/formatting.php in WordPress 3.7 to 5.3.0, the function wp_targeted_link_rel() can be used in a particular way to result in a stored cross-site scripting (XSS) vulnerability. This has been patched in WordPress 5.3.1, along with all the previous WordPress versions from 3.7 to 5.3 via a minor release. | MEDIUM | Jan 10, 2020 | n/a |
| CVE-2019-20041 | wp_kses_bad_protocol in wp-includes/kses.php in WordPress before 5.3.1 mishandles the HTML5 colon named entity, allowing attackers to bypass input sanitization, as demonstrated by the javascript: substring. | HIGH | Jan 8, 2020 | n/a |
| CVE-2019-20033 | On Aspire-derived NEC PBXes, including all versions of SV8100 devices, a set of documented, static login credentials may be used to access the DIM interface. | HIGH | Jul 29, 2020 | n/a |
| CVE-2019-20032 | An attacker with access to an InMail voicemail box equipped with the find me/follow me feature on Aspire-derived NEC PBXes, including all versions of SV8100, SV9100, SL1100 and SL2100 devices, may access the system\'s administration modem. | MEDIUM | Jul 29, 2020 | n/a |
| CVE-2019-20031 | NEC UM8000, UM4730 and prior non-InMail voicemail systems with all known software versions may permit an infinite number of login attempts in the telephone user interface (TUI), effectively allowing brute force attacks. | MEDIUM | Jul 29, 2020 | n/a |
| CVE-2019-20030 | An attacker with knowledge of the modem access number on a NEC UM8000 voicemail system may use SSH tunneling or standard Linux utilities to gain access to the system\'s LAN port. All versions are affected. | MEDIUM | Jul 29, 2020 | n/a |
| CVE-2019-20029 | An exploitable privilege escalation vulnerability exists in the WebPro functionality of Aspire-derived NEC PBXes, including all versions of SV8100, SV9100, SL1100 and SL2100 devices. A specially crafted HTTP POST can cause privilege escalation resulting in a higher privileged account, including an undocumented developer level of access. | MEDIUM | Jul 29, 2020 | n/a |
| CVE-2019-20028 | Aspire-derived NEC PBXes operating InMail software, including all versions of SV8100, SV9100, SL1100 and SL2100 devices allow unauthenticated read-only access to voicemails, greetings, and voice response system content through a system\'s WebPro administration interface. | MEDIUM | Jul 29, 2020 | n/a |
| CVE-2019-20027 | Aspire-derived NEC PBXes, including the SV8100, SV9100, SL1100 and SL2100 with software releases 7.0 or higher contain the possibility if incorrectly configured to allow a blank username and password combination to be entered as a valid, successfully authenticating account. | HIGH | Jul 29, 2020 | n/a |
| CVE-2019-20026 | The WebPro interface in NEC SV9100 software releases 7.0 or higher allows unauthenticated remote attackers to reset all existing usernames and passwords to default values via a crafted request. | MEDIUM | Jul 29, 2020 | n/a |
| CVE-2019-20025 | Certain builds of NEC SV9100 software could allow an unauthenticated, remote attacker to log into a device running an affected release with a hardcoded username and password, aka a Static Credential Vulnerability. The vulnerability is due to an undocumented user account with manufacturer privilege level. An attacker could exploit this vulnerability by using this account to remotely log into an affected device. A successful exploit could allow the attacker to log into the device with manufacturer level access. This vulnerability affects SV9100 PBXes that are running software release 6.0 or higher. This vulnerability does not affect SV9100 software releases prior to 6.0. | HIGH | Jul 29, 2020 | n/a |
