петък, 8 май 2020 г.

Weekly Update: a new vulnerability is published on the National Vulnerability Database (76 items)

New vulnerabilities from the NVD: CVE-2020-10823

A stack-based buffer overflow in /cgi-bin/activate.cgi through var parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 1 of 3).
Published at: March 26, 2020 at 07:15PM
View on website

March 30, 2020 at 09:25AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-10817

The custom-searchable-data-entry-system (aka Custom Searchable Data Entry System) plugin through 1.7.1 for WordPress allows SQL Injection. NOTE: this product is discontinued.
Published at: March 27, 2020 at 09:15PM
View on website

March 30, 2020 at 09:25AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-10791 (openitcockpit)

app/Plugin/GrafanaModule/Controller/GrafanaConfigurationController.php in openITCOCKPIT before 3.7.3 allows remote authenticated users to trigger outbound TCP requests (aka SSRF) via the Test Connection feature (aka testGrafanaConnection) of the Grafana Module.
Published at: March 25, 2020 at 04:15PM
View on website

March 30, 2020 at 09:25AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-10790 (openitcockpit)

openITCOCKPIT before 3.7.3 has unnecessary files (such as Lodash files) under the web root, which leads to XSS.
Published at: March 25, 2020 at 04:15PM
View on website

March 30, 2020 at 09:25AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-10789 (openitcockpit)

openITCOCKPIT before 3.7.3 has a web-based terminal that allows attackers to execute arbitrary OS commands via shell metacharacters that are mishandled on an su command line in app/Lib/SudoMessageInterface.php.
Published at: March 25, 2020 at 04:15PM
View on website

March 30, 2020 at 09:25AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-10788

openITCOCKPIT before 3.7.3 uses the 1fea123e07f730f76e661bced33a94152378611e API key rather than generating a random API Key for WebSocket connections.
Published at: March 25, 2020 at 05:15PM
View on website

March 30, 2020 at 09:25AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-10649

DevActSvc.exe in ASUS Device Activation before 1.0.7.0 for Windows 10 notebooks and PCs could lead to unsigned code execution with no additional restrictions when a user puts an application at a particular path with a particular file name.
Published at: March 25, 2020 at 07:15PM
View on website

March 30, 2020 at 09:25AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-10607

In Advantech WebAccess, Versions 8.4.2 and prior. A stack-based buffer overflow vulnerability caused by a lack of proper validation of the length of user-supplied data may allow remote code execution.
Published at: March 27, 2020 at 04:15PM
View on website

March 30, 2020 at 09:25AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-10510

Sunnet eHRD, a human training and development management system, contains a vulnerability of Broken Access Control. After login, attackers can use a specific URL, access unauthorized functionality and data.
Published at: March 27, 2020 at 10:15AM
View on website

March 30, 2020 at 09:25AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-10509

Sunnet eHRD, a human training and development management system, contains vulnerability of Cross-Site Scripting (XSS), attackers can inject arbitrary command into the system and launch XSS attack.
Published at: March 27, 2020 at 10:15AM
View on website

March 30, 2020 at 09:25AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-10508

Sunnet eHRD, a human training and development management system, improperly stores system files. Attackers can use a specific URL and capture confidential information.
Published at: March 27, 2020 at 10:15AM
View on website

March 30, 2020 at 09:25AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-10245

CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control runtime systems, has a buffer overflow.
Published at: March 26, 2020 at 06:15AM
View on website

March 30, 2020 at 09:25AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-7630

An issue was discovered in gdrv.sys in Gigabyte APP Center before 19.0227.1. The vulnerable driver exposes a wrmsr instruction via IOCTL 0xC3502580 and does not properly filter the target Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges.
Published at: March 25, 2020 at 07:15PM
View on website

March 30, 2020 at 09:25AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-7245

An issue was discovered in GPU-Z.sys in TechPowerUp GPU-Z before 2.23.0. The vulnerable driver exposes a wrmsr instruction via an IOCTL and does not properly filter the Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges.
Published at: March 25, 2020 at 07:15PM
View on website

March 30, 2020 at 09:25AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-7244

An issue was discovered in kerneld.sys in AIDA64 before 5.99. The vulnerable driver exposes a wrmsr instruction via IOCTL 0x80112084 and does not properly filter the Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges.
Published at: March 25, 2020 at 07:15PM
View on website

March 30, 2020 at 09:25AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-7240

An issue was discovered in WinRing0x64.sys in Moo0 System Monitor 1.83. The vulnerable driver exposes a wrmsr instruction via IOCTL 0x9C402088 and does not properly filter the Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges.
Published at: March 25, 2020 at 07:15PM
View on website

March 30, 2020 at 09:25AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-5105

An exploitable memory corruption vulnerability exists in the Name Service Client functionality of 3S-Smart Software Solutions CODESYS GatewayService 3.5.13.20. A specially crafted packet can cause a large memcpy, resulting in an access violation and termination of the process. An attacker can send a packet to a device running the GatewayService.exe to trigger this vulnerability.
Published at: March 26, 2020 at 05:15PM
View on website

March 30, 2020 at 09:25AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-20633

GNU patch through 2.7.6 contains a free(p_line[p_end]) Double Free vulnerability in the function another_hunk in pch.c that can cause a denial of service via a crafted patch file. NOTE: this issue exists because of an incomplete fix for CVE-2018-6952.
Published at: March 25, 2020 at 07:15PM
View on website

March 30, 2020 at 09:25AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-10560

An issue was discovered in Open Source Social Network (OSSN) through 5.3. A user-controlled file path with a weak cryptographic rand() can be used to read any file with the permissions of the webserver. This can lead to further compromise. The attacker must conduct a brute-force attack against the SiteKey to insert into a crafted URL for components/OssnComments/ossn_com.php and/or libraries/ossn.lib.upgrade.php.
Published at: March 30, 2020 at 04:15PM
View on website

March 30, 2020 at 06:25PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-7755

In webERP 4.15, the Import Bank Transactions function fails to sanitize the content of imported MT940 bank statement files, resulting in the execution of arbitrary SQL queries, aka SQL Injection.
Published at: March 30, 2020 at 08:15PM
View on website

March 30, 2020 at 10:18PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-17561

The "Apache NetBeans" autoupdate system does not fully validate code signatures. An attacker could modify the downloaded nbm and include additional code. "Apache NetBeans" versions up to and including 11.2 are affected by this vulnerability.
Published at: March 30, 2020 at 10:15PM
View on website

March 31, 2020 at 12:18AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-17560

The "Apache NetBeans" autoupdate system does not validate SSL certificates and hostnames for https based downloads. This allows an attacker to intercept downloads of autoupdates and modify the download, potentially injecting malicious code. “Apache NetBeans" versions up to and including 11.2 are affected by this vulnerability.
Published at: March 30, 2020 at 10:15PM
View on website

March 31, 2020 at 12:18AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-20634

An issue was discovered in Proofpoint Email Protection through 2019-09-08. By collecting scores from Proofpoint email headers, it is possible to build a copy-cat Machine Learning Classification model and extract insights from this model. The insights gathered allow an attacker to craft emails that receive preferable scores, with a goal of delivering malicious emails.
Published at: March 31, 2020 at 12:15AM
View on website

March 31, 2020 at 02:18AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2016-11024 (odata4j)

odata4j 0.7.0 allows ExecuteJPQLQueryCommand.java SQL injection. NOTE: this product is apparently discontinued.
Published at: March 30, 2020 at 11:15PM
View on website

March 31, 2020 at 02:18AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2016-11023 (odata4j)

odata4j 0.7.0 allows ExecuteCountQueryCommand.java SQL injection. NOTE: this product is apparently discontinued.
Published at: March 30, 2020 at 11:15PM
View on website

March 31, 2020 at 02:18AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-9508

The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to stored XSS. A remote attacker authenticated with an administrator account could store a maliciously named file within the web application that would execute each time a user browsed to the page.
Published at: March 31, 2020 at 01:15AM
View on website

March 31, 2020 at 04:18AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-9507

The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to command injection because the application incorrectly neutralizes code syntax before executing. Since all commands within the web application are executed as root, this could allow a remote attacker authenticated with an administrator account to execute arbitrary commands as root.
Published at: March 31, 2020 at 01:15AM
View on website

March 31, 2020 at 04:18AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-19913

In Intland codeBeamer ALM 9.5 and earlier, there is stored XSS via the Trackers Title parameter.
Published at: March 31, 2020 at 01:15AM
View on website

March 31, 2020 at 04:18AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-19912

In Intland codeBeamer ALM 9.5 and earlier, a cross-site scripting (XSS) vulnerability in the Upload Flash File feature allows authenticated remote attackers to inject arbitrary scripts via an active script embedded in an SWF file.
Published at: March 31, 2020 at 01:15AM
View on website

March 31, 2020 at 04:18AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-19606

X-Plane 11.41 and earlier has multiple improper path validations that could allow reading and writing files from/to arbitrary paths (or a leak of OS credentials to a remote system) via crafted network packets. This could be used to execute arbitrary commands on the system.
Published at: March 31, 2020 at 01:15AM
View on website

March 31, 2020 at 04:18AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-19605

X-Plane 11.41 and earlier allows Arbitrary Memory Write via crafted network packets, which could cause a denial of service or arbitrary code execution.
Published at: March 31, 2020 at 01:15AM
View on website

March 31, 2020 at 04:18AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-2391

Incorrect parsing of certain JSON input may result in js-bson not correctly serializing BSON. This may cause unexpected application behaviour including data disclosure.
Published at: March 31, 2020 at 05:15PM
View on website

March 31, 2020 at 08:18PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-14905

A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craft the filename parameter to perform OS command injections. This could result in a loss of confidentiality of the system among other issues.
Published at: March 31, 2020 at 08:15PM
View on website

March 31, 2020 at 10:18PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-14880

A vulnerability was found in Moodle versions 3.7 before 3.7.3, 3.6 before 3.6.7, 3.5 before 3.5.9 and earlier. OAuth 2 providers who do not verify users' email address changes require additional verification during sign-up to reduce the risk of account compromise.
Published at: March 31, 2020 at 07:15PM
View on website

March 31, 2020 at 10:18PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-10180

A vulnerability was found in all pki-core 10.x.x version, where the Token Processing Service (TPS) did not properly sanitize several parameters stored for the tokens, possibly resulting in a Stored Cross Site Scripting (XSS) vulnerability. An attacker able to modify the parameters of any token could use this flaw to trick an authenticated user into executing arbitrary JavaScript code.
Published at: March 31, 2020 at 08:15PM
View on website

March 31, 2020 at 10:18PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-13495

In firmware version 4.50 of Zyxel XGS2210-52HP, multiple stored cross-site scripting (XSS) issues allows remote authenticated users to inject arbitrary web script via an rpSys.html Name or Location field.
Published at: March 31, 2020 at 09:15PM
View on website

April 01, 2020 at 12:18AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2020-10231

TP-Link NC200 through 2.1.8_Build_171109, NC210 through 1.0.9_Build_171214, NC220 through 1.3.0_Build_180105, NC230 through 1.3.0_Build_171205, NC250 through 1.3.0_Build_171205, NC260 through 1.5.1_Build_190805, and NC450 through 1.5.0_Build_181022 devices allow a remote NULL Pointer Dereference.
Published at: April 01, 2020 at 05:15PM
View on website

April 01, 2020 at 08:18PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-3945

Web server running on Parrot ANAFI can be crashed due to the SDK command "Common_CurrentDateTime" being sent to control service with larger than expected date length.
Published at: April 01, 2020 at 08:15PM
View on website

April 01, 2020 at 10:18PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-3944

Parrot ANAFI is vulnerable to Wi-Fi deauthentication attack, allowing remote and unauthenticated attackers to disconnect drone from controller during mid-flight.
Published at: April 01, 2020 at 08:15PM
View on website

April 01, 2020 at 10:18PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-3942

Advantech WebAccess 8.3.4 does not properly restrict an RPC call that allows unauthenticated, remote users to read files. An attacker can use this vulnerability to recover the administrator password.
Published at: April 01, 2020 at 08:15PM
View on website

April 01, 2020 at 10:18PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-11106

NETGEAR has released fixes for a pre-authentication command injection in request_handler.php security vulnerability on the following product models: WC7500, running firmware versions prior to 6.5.3.5; WC7520, running firmware versions prior to 2.5.0.46; WC7600v1, running firmware versions prior to 6.5.3.5; WC7600v2, running firmware versions prior to 6.5.3.5; and WC9500, running firmware versions prior to 6.5.3.5.
Published at: April 01, 2020 at 08:15PM
View on website

April 01, 2020 at 10:18PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-9163

The connection initiation process in March Networks Command Client before 2.7.2 allows remote attackers to execute arbitrary code via crafted XAML objects.
Published at: April 02, 2020 at 12:15AM
View on website

April 02, 2020 at 02:18AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-11254

The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML.
Published at: April 02, 2020 at 12:15AM
View on website

April 02, 2020 at 02:18AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-17564

Unsafe deserialization occurs within a Dubbo application which has HTTP remoting enabled. An attacker may submit a POST request with a Java object in it to completely compromise a Provider instance of Apache Dubbo, if this instance enables HTTP. This issue affected Apache Dubbo 2.7.0 to 2.7.4, 2.6.0 to 2.6.7, and all 2.5.x versions.
Published at: April 02, 2020 at 01:15AM
View on website

April 02, 2020 at 04:18AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-11802

In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes actually host any given collection. However, if a node receives a request for a collection it does not host, it proxies the request to a relevant node and serves the request. Solr bypasses all authorization settings for such requests. This affects all Solr versions prior to 7.7 that use the default authorization mechanism of Solr (RuleBasedAuthorizationPlugin).
Published at: April 02, 2020 at 01:15AM
View on website

April 02, 2020 at 04:18AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-7014

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.
Published at: April 02, 2020 at 05:15PM
View on website

April 02, 2020 at 08:18PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-7013

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.
Published at: April 02, 2020 at 05:15PM
View on website

April 02, 2020 at 08:18PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-7012

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.
Published at: April 02, 2020 at 05:15PM
View on website

April 02, 2020 at 08:18PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-7011

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.
Published at: April 02, 2020 at 05:15PM
View on website

April 02, 2020 at 08:18PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-7010

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.
Published at: April 02, 2020 at 05:15PM
View on website

April 02, 2020 at 08:18PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-7009

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.
Published at: April 02, 2020 at 05:15PM
View on website

April 02, 2020 at 08:18PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-7008

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.
Published at: April 02, 2020 at 05:15PM
View on website

April 02, 2020 at 08:18PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-6999

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.
Published at: April 02, 2020 at 05:15PM
View on website

April 02, 2020 at 08:18PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-13371

An external control of system vulnerability in FortiOS may allow an authenticated, regular user to change the routing settings of the device via connecting to the ZebOS component.
Published at: April 02, 2020 at 05:15PM
View on website

April 02, 2020 at 08:18PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-20635

codeBeamer before 9.5.0-RC3 does not properly restrict the ability to execute custom Java code and access the Java class loader via computed fields.
Published at: April 02, 2020 at 07:15PM
View on website

April 02, 2020 at 10:03PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-14868

In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.
Published at: April 02, 2020 at 08:15PM
View on website

April 02, 2020 at 10:03PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-19348

An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/apb-base, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.
Published at: April 02, 2020 at 11:15PM
View on website

April 03, 2020 at 02:03AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-19346

An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/mariadb-apb, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4 . An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.
Published at: April 02, 2020 at 11:15PM
View on website

April 03, 2020 at 02:03AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-19097

ABB eSOMS versions 4.0 to 6.0.3 accept connections using medium strength ciphers. If a connection is enabled using such a cipher, an attacker might be able to eavesdrop and/or intercept the connection.
Published at: April 02, 2020 at 11:15PM
View on website

April 03, 2020 at 02:03AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-19096

The Redis data structure component used in ABB eSOMS versions 6.0 to 6.0.2 stores credentials in clear text. If an attacker has file system access, this can potentially compromise the credentials' confidentiality.
Published at: April 02, 2020 at 11:15PM
View on website

April 03, 2020 at 02:03AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-19095

Lack of adequate input/output validation for ABB eSOMS versions 4.0 to 6.0.2 might allow an attacker to attack such as stored cross-site scripting by storing malicious content in the database.
Published at: April 02, 2020 at 11:15PM
View on website

April 03, 2020 at 02:03AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-19094

Lack of input checks for SQL queries in ABB eSOMS versions 3.9 to 6.0.3 might allow an attacker SQL injection attacks against the backend database.
Published at: April 02, 2020 at 11:15PM
View on website

April 03, 2020 at 02:03AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-19093

eSOMS versions 4.0 to 6.0.3 do not enforce password complexity settings, potentially resulting in lower access security due to insecure user passwords.
Published at: April 02, 2020 at 11:15PM
View on website

April 03, 2020 at 02:03AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-19092

ABB eSOMS versions 4.0 to 6.0.3 use ASP.NET Viewstate without Message Authentication Code (MAC). Alterations to Viewstate might thus not be noticed.
Published at: April 02, 2020 at 11:15PM
View on website

April 03, 2020 at 02:03AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-19091

For ABB eSOMS versions 4.0 to 6.0.3, HTTPS responses contain comments with sensitive information about the application. An attacker might use this detail information to specifically craft the attack.
Published at: April 02, 2020 at 11:15PM
View on website

April 03, 2020 at 02:03AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-19090

For ABB eSOMS versions 4.0 to 6.0.2, the Secure Flag is not set in the HTTP response header. Unencrypted connections might access the cookie information, thus making it susceptible to eavesdropping.
Published at: April 02, 2020 at 11:15PM
View on website

April 03, 2020 at 02:03AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-19089

For ABB eSOMS versions 4.0 to 6.0.3, the X-Content-Type-Options Header is missing in the HTTP response, potentially causing the response body to be interpreted and displayed as different content type other than declared. A possible attack scenario would be unauthorized code execution via text interpreted as JavaScript.
Published at: April 02, 2020 at 11:15PM
View on website

April 03, 2020 at 02:03AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-19003

For ABB eSOMS versions 4.0 to 6.0.2, the HTTPOnly flag is not set. This can allow Javascript to access the cookie contents, which in turn might enable Cross Site Scripting.
Published at: April 02, 2020 at 11:15PM
View on website

April 03, 2020 at 02:03AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-19002

For ABB eSOMS versions 4.0 to 6.0.2, the X-XSS-Protection HTTP response header is not set in responses from the web server. For older web browser not supporting Content Security Policy, this might increase the risk of Cross Site Scripting.
Published at: April 02, 2020 at 11:15PM
View on website

April 03, 2020 at 02:03AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-19001

For ABB eSOMS versions 4.0 to 6.0.2, the X-Frame-Options header is not configured in HTTP response. This can potentially allow 'ClickJacking' attacks where an attacker can frame parts of the application on a malicious web site, revealing sensitive user information such as authentication credentials.
Published at: April 02, 2020 at 11:15PM
View on website

April 03, 2020 at 02:03AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-19000

For ABB eSOMS 4.0 to 6.0.3, the Cache-Control and Pragma HTTP header(s) have not been properly configured within the application response. This can potentially allow browsers and proxies to cache sensitive information.
Published at: April 02, 2020 at 11:15PM
View on website

April 03, 2020 at 02:03AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-18904

A Uncontrolled Resource Consumption vulnerability in rmt of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Public Cloud 15-SP1, SUSE Linux Enterprise Module for Server Applications 15, SUSE Linux Enterprise Module for Server Applications 15-SP1, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1 allows remote attackers to cause DoS against rmt by requesting migrations. This issue affects: SUSE Linux Enterprise High Performance Computing 15-ESPOS rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise High Performance Computing 15-LTSS rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise Module for Public Cloud 15-SP1 rmt-server versions prior to 2.5.2-3.9.1. SUSE Linux Enterprise Module for Server Applications 15 rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise Module for Server Applications 15-SP1 rmt-server versions prior to 2.5.2-3.9.1. SUSE Linux Enterprise Server 15-LTSS rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise Server for SAP 15 rmt-server versions prior to 2.5.2-3.26.1. openSUSE Leap 15.1 rmt-server versions prior to 2.5.2-lp151.2.9.1.
Published at: April 03, 2020 at 10:15AM
View on website

April 03, 2020 at 02:03PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-17954

A Least Privilege Violation vulnerability in crowbar of SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud 9, SUSE OpenStack Cloud Crowbar 8, SUSE OpenStack Cloud Crowbar 9 allows root users on any crowbar managed node to cause become root on any other node. This issue affects: SUSE OpenStack Cloud 7 crowbar-core versions prior to 4.0+git.1578392992.fabfd186c-9.63.1, crowbar-. SUSE OpenStack Cloud 8 ardana-cinder versions prior to 8.0+git.1579279939.ee7da88-3.39.3, ardana-. SUSE OpenStack Cloud 9 ardana-ansible versions prior to 9.0+git.1581611758.f694f7d-3.16.1, ardana-. SUSE OpenStack Cloud Crowbar 8 crowbar-core versions prior to 5.0+git.1582968668.1a55c77c5-3.35.4, crowbar-. SUSE OpenStack Cloud Crowbar 9 crowbar-core versions prior to 6.0+git.1582892022.cbd70e833-3.19.3, crowbar-.
Published at: April 03, 2020 at 10:15AM
View on website

April 03, 2020 at 02:03PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-18905

A Insufficient Verification of Data Authenticity vulnerability in autoyast2 of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allows remote attackers to MITM connections when deprecated and unused functionality of autoyast is used to create images. This issue affects: SUSE Linux Enterprise Server 12 autoyast2 version 4.1.9-3.9.1 and prior versions. SUSE Linux Enterprise Server 15 autoyast2 version 4.0.70-3.20.1 and prior versions.
Published at: April 03, 2020 at 02:15PM
View on website

April 03, 2020 at 04:03PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-17231

includes/theme-functions.php in the OneTone theme through 3.0.6 for WordPress has multiple stored XSS issues.
Published at: April 03, 2020 at 06:15PM
View on website

April 03, 2020 at 08:03PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-17230

includes/theme-functions.php in the OneTone theme through 3.0.6 for WordPress allows unauthenticated options changes.
Published at: April 03, 2020 at 06:15PM
View on website

April 03, 2020 at 08:03PM

via National Vulnerability Database


Няма коментари:

Публикуване на коментар