The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2019-17560 | The Apache NetBeans autoupdate system does not validate SSL certificates and hostnames for https based downloads. This allows an attacker to intercept downloads of autoupdates and modify the download, potentially injecting malicious code. “Apache NetBeans versions up to and including 11.2 are affected by this vulnerability. | MEDIUM | Apr 1, 2020 | n/a |
| CVE-2019-17559 | There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8.0.5 with a smuggling attack and scheme parsing. Upgrade to versions 7.1.9 and 8.0.6 or later versions. | HIGH | Mar 25, 2020 | n/a |
| CVE-2019-17558 | Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset `velocity/` directory or as a parameter. A user defined configset could contain renderable, potentially malicious, templates. Parameter provided templates are disabled by default, but can be enabled by setting `params.resource.loader.enabled` by defining a response writer with that setting set to `true`. Defining a response writer requires configuration API access. Solr 8.4 removed the params resource loader entirely, and only enables the configset-provided template rendering when the configset is `trusted` (has been uploaded by an authenticated user). | MEDIUM | Jan 16, 2020 | n/a |
| CVE-2019-17557 | It was found that the Apache Syncope EndUser UI login page prio to 2.0.15 and 2.1.6 reflects the successMessage parameters. By this mean, a user accessing the Enduser UI could execute javascript code from URL query string. | LOW | May 4, 2020 | n/a |
| CVE-2019-17556 | Apache Olingo versions 4.0.0 to 4.6.0 provide the AbstractService class, which is public API, uses ObjectInputStream and doesn\'t check classes being deserialized. If an attacker can feed malicious metadata to the class, then it may result in running attacker\'s code in the worse case. | HIGH | Dec 13, 2019 | n/a |
| CVE-2019-17555 | The AsyncResponseWrapperImpl class in Apache Olingo versions 4.0.0 to 4.6.0 reads the Retry-After header and passes it to the Thread.sleep() method without any check. If a malicious server returns a huge value in the header, then it can help to implement a DoS attack. | MEDIUM | Dec 13, 2019 | n/a |
| CVE-2019-17554 | The XML content type entity deserializer in Apache Olingo versions 4.0.0 to 4.6.0 is not configured to deny the resolution of external entities. Request with content type application/xml, which trigger the deserialization of entities, can be used to trigger XXE attacks. | MEDIUM | Dec 13, 2019 | n/a |
| CVE-2019-17553 | An issue was discovered in MetInfo v7.0.0 beta. There is SQL Injection via the admin/?n=tags&c=index&a=doSaveTags URI. | HIGH | Oct 17, 2019 | n/a |
| CVE-2019-17552 | An issue was discovered in idreamsoft iCMS v7.0.14. There is a spider_project.admincp.php SQL injection vulnerability in the \'upload spider project scheme\' feature via a two-dimensional payload. | HIGH | Oct 16, 2019 | n/a |
| CVE-2019-17551 | In Apak Wholesale Floorplanning Finance 6.31.8.3 and 6.31.8.5, an attacker can send an authenticated POST request with a malicious payload to /WFS/agreementView.faces allowing a stored XSS via the mainForm:loanNotesnotes:0:rich_text_editor_note_text parameter in the Notes section. Although versions 6.31.8.3 and 6.31.8.5 are confirmed to be affected, all versions with the vulnerable WYSIWYG editor in the Notes section are likely affected. | MEDIUM | Oct 31, 2019 | n/a |
| CVE-2019-17550 | The Blog2Social plugin before 5.9.0 for WordPress is affected by: Cross Site Scripting (XSS). The impact is: Allows an attacker to execute arbitrary HTML and JavaScript code via the b2s_id parameter. The component is: views/b2s/post.calendar.php. The attack vector is: When the Administrator is logged in, a reflected XSS may execute upon a click on a malicious URL. | MEDIUM | Nov 13, 2019 | n/a |
| CVE-2019-17549 | ESET Cyber Security before 6.8.1.0 is vulnerable to a denial-of-service allowing any user to stop (kill) ESET processes. An attacker can abuse this bug to stop the protection from ESET and launch his attack. | MEDIUM | Mar 4, 2020 | n/a |
| CVE-2019-17547 | In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a use-after-free. | MEDIUM | Oct 18, 2019 | n/a |
| CVE-2019-17546 | tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a Negative-size-param condition. | MEDIUM | Oct 20, 2019 | n/a |
| CVE-2019-17545 | GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is exceeded. | HIGH | Oct 21, 2019 | n/a |
| CVE-2019-17544 | libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \\ character. | MEDIUM | Oct 19, 2019 | n/a |
| CVE-2019-17543 | LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states only a few specific / uncommon usages of the API are at risk. | MEDIUM | Oct 24, 2019 | n/a |
| CVE-2019-17542 | FFmpeg before 4.2 has a heap-based buffer overflow in vqa_decode_chunk because of an out-of-array access in vqa_decode_init in libavcodec/vqavideo.c. | HIGH | Oct 18, 2019 | n/a |
| CVE-2019-17541 | ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c. | MEDIUM | Oct 18, 2019 | n/a |
| CVE-2019-17540 | ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c. | MEDIUM | Oct 23, 2019 | n/a |
| CVE-2019-17539 | In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer. | HIGH | Oct 17, 2019 | n/a |
| CVE-2019-17538 | Jiangnan Online Judge (aka jnoj) 0.8.0 has Directory Traversal for file reading via the web/polygon/problem/viewfile?id=1&name=../ substring. | MEDIUM | Oct 17, 2019 | n/a |
| CVE-2019-17537 | Jiangnan Online Judge (aka jnoj) 0.8.0 has Directory Traversal for file deletion via the web/polygon/problem/deletefile?id=1&name=../ substring. | MEDIUM | Oct 17, 2019 | n/a |
| CVE-2019-17536 | Gila CMS through 1.11.4 allows Unrestricted Upload of a File with a Dangerous Type via the moveAction function in core/controllers/fm.php. The attacker needs to use admin/media_upload and fm/move. | MEDIUM | Oct 17, 2019 | n/a |
| CVE-2019-17535 | Gila CMS through 1.11.4 allows blog-list.php XSS, in both the gila-blog and gila-mag themes, via the search parameter, a related issue to CVE-2019-9647. | MEDIUM | Oct 16, 2019 | n/a |
| CVE-2019-17534 | vips_foreign_load_gif_scan_image in foreign/gifload.c in libvips before 8.8.2 tries to access a color map before a DGifGetImageDesc call, leading to a use-after-free. | MEDIUM | Oct 17, 2019 | n/a |
| CVE-2019-17533 | Mat_VarReadNextInfo4 in mat4.c in MATIO 1.5.17 omits a certain \'\\0\' character, leading to a heap-based buffer over-read in strdup_vprintf when uninitialized memory is accessed. | MEDIUM | Oct 17, 2019 | n/a |
| CVE-2019-17532 | An issue was discovered on Belkin Wemo Switch 28B WW_2.00.11057.PVT-OWRT-SNS devices. They allow remote attackers to cause a denial of service (persistent rules-processing outage) via a crafted ruleDbBody element in a StoreRules request to the upnp/control/rules1 URI, because database corruption occurs. | HIGH | Oct 17, 2019 | n/a |
| CVE-2019-17531 | A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload. | HIGH | Oct 24, 2019 | n/a |
| CVE-2019-17530 | An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4_PrintInspector::AddField in Core/Ap4Atom.cpp when called from AP4_CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp, when called from AP4_Atom::Inspect in Core/Ap4Atom.cpp. | MEDIUM | Oct 17, 2019 | n/a |
| CVE-2019-17529 | An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4_CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp when called from AP4_Atom::Inspect in Core/Ap4Atom.cpp. | MEDIUM | Oct 17, 2019 | n/a |
| CVE-2019-17528 | An issue was discovered in Bento4 1.5.1.0. There is a SEGV in the function AP4_TfhdAtom::SetDefaultSampleSize at Core/Ap4TfhdAtom.h when called from AP4_Processor::ProcessFragments in Core/Ap4Processor.cpp. | MEDIUM | Oct 17, 2019 | n/a |
| CVE-2019-17527 | dataForDepandantField in models/custormfields.php in the JS JOBS FREE extension before 1.2.7 for Joomla! allows SQL Injection via the index.php?option=com_jsjobs&task=customfields.getfieldtitlebyfieldandfieldfo child parameter. | HIGH | Dec 19, 2019 | n/a |
| CVE-2019-17526 | An issue was discovered in SageMath Sage Cell Server through 2019-10-05. Python Code Injection can occur in the context of an internet facing web application. Malicious actors can execute arbitrary commands on the underlying operating system, as demonstrated by an __import__(\'os\').popen(\'whoami\').read() line. NOTE: the vendor\'s position is that the product is vulnerable by design and the current behavior will be retained | HIGH | Oct 24, 2019 | n/a |
| CVE-2019-17525 | The login page on D-Link DIR-615 T1 20.10 devices allows remote attackers to bypass the CAPTCHA protection mechanism and conduct brute-force attacks. | MEDIUM | Apr 21, 2020 | n/a |
| CVE-2019-17524 | An XSS vulnerability on Technicolor TC7300 STFA.51.20 devices allows remote attackers to inject arbitrary web script via the Connected Clients field to /wlanAccess.asp. An intranet host can use a crafted hostname to exploit this. | LOW | Nov 13, 2019 | n/a |
| CVE-2019-17523 | An XSS vulnerability on Technicolor TC7300 STFA.51.20 devices allows remote attackers to inject arbitrary web script via the FileName parameter to /FTPDiag.asp. | LOW | Nov 13, 2019 | n/a |
| CVE-2019-17522 | A stored XSS vulnerability was discovered in Hotaru CMS v1.7.2 via the admin_index.php?page=settings SITE NAME field (aka SITE_NAME), a related issue to CVE-2011-4709.1. | LOW | Oct 17, 2019 | n/a |
| CVE-2019-17521 | An issue was discovered in Landing-CMS 0.0.6. There is a CSRF vulnerability that can change the admin\'s password via the password/ URI, | MEDIUM | Oct 17, 2019 | n/a |
| CVE-2019-17520 | The Bluetooth Low Energy implementation on Texas Instruments SDK through 3.30.00.20 for CC2640R2 devices does not properly restrict the SM Public Key packet on reception, allowing attackers in radio range to cause a denial of service (crash) via crafted packets. | MEDIUM | Feb 14, 2020 | n/a |
| CVE-2019-17519 | The Bluetooth Low Energy implementation on NXP SDK through 2.2.1 for KW41Z devices does not properly restrict the Link Layer payload length, allowing attackers in radio range to cause a buffer overflow via a crafted packet. | MEDIUM | Feb 12, 2020 | n/a |
| CVE-2019-17518 | The Bluetooth Low Energy implementation on Dialog Semiconductor SDK through 1.0.14.1081 for DA1468x devices responds to link layer packets with a payload length larger than expected, allowing attackers in radio range to cause a buffer overflow via a crafted packet. This affects, for example, August Smart Lock. | MEDIUM | Feb 14, 2020 | n/a |
| CVE-2019-17517 | The Bluetooth Low Energy implementation on Dialog Semiconductor SDK through 5.0.4 for DA14580/1/2/3 devices does not properly restrict the L2CAP payload length, allowing attackers in radio range to cause a buffer overflow via a crafted Link Layer packet. | MEDIUM | Feb 14, 2020 | n/a |
| CVE-2019-17515 | The CleanTalk cleantalk-spam-protect plugin before 5.127.4 for WordPress is affected by: Cross Site Scripting (XSS). The impact is: Allows an attacker to execute arbitrary HTML and JavaScript code via the from or till parameter. The component is: inc/cleantalk-users.php and inc/cleantalk-comments.php. The attack vector is: When the Administrator is logged in, a reflected XSS may execute upon a click on a malicious URL. | MEDIUM | Nov 13, 2019 | n/a |
| CVE-2019-17514 | library/glob.html in the Python 2 and 3 documentation before 2016 has potentially misleading information about whether sorting occurs, as demonstrated by irreproducible cancer-research results. NOTE: the effects of this documentation cross application domains, and thus it is likely that security-relevant code elsewhere is affected. This issue is not a Python implementation bug, and there are no reports that NMR researchers were specifically relying on library/glob.html. In other words, because the older documentation stated finds all the pathnames matching a specified pattern according to the rules used by the Unix shell, one might have incorrectly inferred that the sorting that occurs in a Unix shell also occurred for glob.glob. There is a workaround in newer versions of Willoughby nmr-data_compilation-p2.py and nmr-data_compilation-p3.py, which call sort() directly. | MEDIUM | Oct 25, 2019 | n/a |
| CVE-2019-17513 | An issue was discovered in Ratpack before 1.7.5. Due to a misuse of the Netty library class DefaultHttpHeaders, there is no validation that headers lack HTTP control characters. Thus, if untrusted data is used to construct HTTP headers with Ratpack, HTTP Response Splitting can occur. | MEDIUM | Oct 24, 2019 | n/a |
| CVE-2019-17512 | There are some web interfaces without authentication requirements on D-Link DIR-412 A1-1.14WW routers. An attacker can clear the router\'s log file via act=clear&logtype=sysact to log_clear.php, which could be used to erase attack traces. | MEDIUM | Oct 21, 2019 | n/a |
| CVE-2019-17511 | There are some web interfaces without authentication requirements on D-Link DIR-412 A1-1.14WW routers. An attacker can get the router\'s log file via log_get.php, which could be used to discover the intranet network structure. | MEDIUM | Oct 17, 2019 | n/a |
| CVE-2019-17510 | D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary OS commands as root by leveraging admin access and sending a /HNAP1/ request for SetWizardConfig with shell metacharacters to /squashfs-root/www/HNAP1/control/SetWizardConfig.php. | HIGH | Oct 15, 2019 | n/a |
| CVE-2019-17509 | D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary OS commands as root by leveraging admin access and sending a /HNAP1/ request for SetMasterWLanSettings with shell metacharacters to /squashfs-root/www/HNAP1/control/SetMasterWLanSettings.php. | HIGH | Oct 15, 2019 | n/a |
