|
|
Security Vulnerabilities Published
In July 2020
| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2014-1422 |
732 |
|
|
2020-07-22 |
2020-08-09 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
In Ubuntu's trust-store, if a user revokes location access from an application, the location is still available to the application because the application will honour incorrect, cached permissions. This is because the cache was not ordered by creation time by the Select struct in src/core/trust/impl/sqlite3/store.cpp. Fixed in trust-store (Ubuntu) version 1.1.0+15.04.20150123-0ubuntu1 and trust-store (Ubuntu RTM) version 1.1.0+15.04.20150123~rtm-0ubuntu1. |
|
2 |
CVE-2016-7063 |
22 |
|
Dir. Trav. |
2020-07-21 |
2020-07-23 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A flaw was found in pritunl-client before version 1.0.1116.6. Arbitrary write to user specified path may lead to privilege escalation. |
|
3 |
CVE-2016-7064 |
347 |
|
+Info |
2020-07-21 |
2020-07-23 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A flaw was found in pritunl-client before version 1.0.1116.6. A lack of signature verification leads to sensitive information leakage |
|
4 |
CVE-2017-1659 |
79 |
|
XSS |
2020-07-01 |
2020-07-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
"HCL iNotes is susceptible to a Cross-Site Scripting (XSS) Vulnerability. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials." |
|
5 |
CVE-2017-1712 |
326 |
|
|
2020-07-01 |
2020-07-10 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
"A vulnerability in the TLS protocol implementation of the Domino server could allow an unauthenticated, remote attacker to access sensitive information, aka a Return of Bleichenbacher's Oracle Threat (ROBOT) attack. An attacker could iteratively query a server running a vulnerable TLS stack implementation to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions." |
|
6 |
CVE-2017-18923 |
74 |
|
|
2020-07-29 |
2020-08-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
beroNet VoIP Gateways before 3.0.16 have a PHP script that allows downloading arbitrary files, including ones with credentials. |
|
7 |
CVE-2018-12371 |
190 |
|
Overflow |
2020-07-09 |
2020-07-13 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 16 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 60.1, Thunderbird < 60, and Firefox < 61. |
|
8 |
CVE-2018-21036 |
20 |
|
DoS |
2020-07-21 |
2020-07-23 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Sails.js before v1.0.0-46 allows attackers to cause a denial of service with a single request because there is no error handler in sails-hook-sockets to handle an empty pathname in a WebSocket request. |
|
9 |
CVE-2019-4090 |
79 |
|
XSS |
2020-07-17 |
2020-07-22 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
"HCL Campaign is vulnerable to cross-site scripting when a user provides XSS scripts in Campaign Description field." |
|
10 |
CVE-2019-4091 |
79 |
|
XSS |
2020-07-17 |
2020-07-22 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
"HCL Marketing Platform is vulnerable to cross-site scripting during addition of new users and also while searching for users in Dashboard, potentially giving an attacker ability to inject malicious code into the system. " |
|
11 |
CVE-2019-4323 |
1021 |
|
|
2020-07-07 |
2020-07-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
"HCL AppScan Enterprise advisory API documentation is susceptible to clickjacking, which could allow an attacker to embed the contents of untrusted web pages in a frame." |
|
12 |
CVE-2019-4324 |
79 |
|
XSS |
2020-07-07 |
2020-07-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
"HCL AppScan Enterprise is susceptible to Cross-Site Scripting while importing a specially crafted test policy." |
|
13 |
CVE-2019-4591 |
384 |
|
|
2020-07-13 |
2020-07-14 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
IBM Maximo Asset Management 7.6.0 and 7.6.1 does not invalidate session after logout which could allow a local user to impersonate another user on the system. IBM X-Force ID: 167451. |
|
14 |
CVE-2019-4676 |
312 |
|
|
2020-07-01 |
2020-07-02 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
IBM Security Identity Manager Virtual Appliance 7.0.2 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 171512. |
|
15 |
CVE-2019-4704 |
863 |
|
|
2020-07-01 |
2021-07-21 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
IBM Security Identity Manager Virtual Appliance 7.0.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 172014. |
|
16 |
CVE-2019-4705 |
200 |
|
+Info |
2020-07-01 |
2021-07-21 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
IBM Security Identity Manager Virtual Appliance 7.0.2 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 172015. |
|
17 |
CVE-2019-4706 |
532 |
|
|
2020-07-01 |
2020-07-02 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
IBM Security Identity Manager Virtual Appliance 7.0.2 writes information to log files which can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information. IBM X-Force ID: 172016. |
|
18 |
CVE-2019-4731 |
200 |
|
+Info |
2020-07-28 |
2020-07-28 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
IBM MQ Appliance 9.1.4.CD could allow a local attacker to obtain highly sensitive information by inclusion of sensitive data within trace. IBM X-Force ID: 172616. |
|
19 |
CVE-2019-4747 |
79 |
|
XSS |
2020-07-16 |
2020-07-23 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
IBM Team Concert (RTC) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 172887. |
|
20 |
CVE-2019-4748 |
79 |
|
XSS |
2020-07-16 |
2020-07-21 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 173174. |
|
21 |
CVE-2019-8066 |
787 |
|
Exec Code Overflow |
2020-07-06 |
2021-09-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution . |
|
22 |
CVE-2019-8249 |
843 |
|
Exec Code |
2020-07-06 |
2021-09-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution . |
|
23 |
CVE-2019-8250 |
843 |
|
Exec Code |
2020-07-06 |
2021-09-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution . |
|
24 |
CVE-2019-8251 |
843 |
|
|
2020-07-06 |
2021-09-08 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a type confusion vulnerability. Successful exploitation could lead to information disclosure. |
|
25 |
CVE-2019-8252 |
843 |
|
|
2020-07-06 |
2021-09-08 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a type confusion vulnerability. Successful exploitation could lead to information disclosure. |
|
26 |
CVE-2019-10580 |
416 |
|
|
2020-07-30 |
2020-07-31 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
When kernel thread unregistered listener, Use after free issue happened as the listener client`s private data has been already freed in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9607, MSM8909W, Nicobar, QCM2150, QCS405, QCS605, Saipan, SC8180X, SDM429W, SDX55, SM8150, SM8250, SXR2130 |
|
27 |
CVE-2019-11252 |
209 |
|
|
2020-07-23 |
2020-07-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The Kubernetes kube-controller-manager in versions v1.0-v1.17 is vulnerable to a credential leakage via error messages in mount failure logs and events for AzureFile and CephFS volumes. |
|
28 |
CVE-2019-11286 |
502 |
|
Exec Code |
2020-07-31 |
2020-08-11 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
VMware GemFire versions prior to 9.10.0, 9.9.1, 9.8.5, and 9.7.5, and VMware Tanzu GemFire for VMs versions prior to 1.11.0, 1.10.1, 1.9.2, and 1.8.2, contain a JMX service available to the network which does not properly restrict input. A remote authenticated malicious user may request against the service with a crafted set of credentials leading to remote code execution. |
|
29 |
CVE-2019-12000 |
20 |
|
Bypass |
2020-07-17 |
2021-07-21 |
5.4 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
|
HPE has found a potential Remote Access Restriction Bypass in HPE MSE Msg Gw application E-LTU prior to version 3.2 when HTTPS is used between the USSD and an external USSD service logic application. Update to version 3.2 and update the HTTPS configuration as described in the HPE MSE Messaging Gateway Configuration and Operations Guide. |
|
30 |
CVE-2019-12773 |
79 |
|
XSS |
2020-07-14 |
2020-07-16 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in Verint Impact 360 15.1. At wfo/help/help_popup.jsp, the helpURL parameter can be changed to embed arbitrary content inside of an iFrame. Attackers may use this in conjunction with social engineering to embed malicious scripts or phishing pages on a site where this product is installed, given the attacker can convince a victim to visit a crafted link. |
|
31 |
CVE-2019-12783 |
601 |
|
|
2020-07-14 |
2020-07-16 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
An issue was discovered in Verint Impact 360 15.1. At wfo/control/signin, the rd parameter can accept a URL, to which users will be redirected after a successful login. In conjunction with CVE-2019-12784, this can be used by attackers to "crowdsource" bruteforce login attempts on the target site, allowing them to guess and potentially compromise valid credentials without ever sending any traffic from their own machine to the target site. |
|
32 |
CVE-2019-12784 |
352 |
|
|
2020-07-14 |
2020-07-16 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in Verint Impact 360 15.1. At wfo/control/signin, the login form can accept submissions from external websites. In conjunction with CVE-2019-12783, this can be used by attackers to "crowdsource" bruteforce login attempts on the target site, allowing them to guess and potentially compromise valid credentials without ever sending any traffic from their own machine to the target site. |
|
33 |
CVE-2019-14037 |
416 |
|
|
2020-07-30 |
2020-07-31 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Close and bind operations done on a socket can lead to a Use-After-Free condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8996, MSM8996AU, QCN7605, QCN7606, QCS605, SC8180X, SDA660, SDA845, SDM439, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM8150, SXR1130 |
|
34 |
CVE-2019-14093 |
129 |
|
|
2020-07-30 |
2020-07-31 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Array out of bound access can occur in display module due to lack of bound check on input parcel received in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, QCM2150, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM636, SDM660, SDX20 |
|
35 |
CVE-2019-14099 |
120 |
|
|
2020-07-30 |
2020-07-31 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Device misbehavior may be observed when incorrect offset, length or number of buffers is passed by user space in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, MDM9206, MDM9207C, MDM9607, MSM8909W, MSM8917, MSM8953, Nicobar, QCM2150, QCS405, QCS605, QM215, Saipan, SC8180X, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 |
|
36 |
CVE-2019-14100 |
20 |
|
|
2020-07-30 |
2021-07-21 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Register write via debugfs is disabled by default to prevent register writing via debugfs. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9206, MDM9207C, MDM9607, Nicobar, QCS405, SA6155P, SC8180X, SDX55, SM8150 |
|
37 |
CVE-2019-14101 |
125 |
|
|
2020-07-30 |
2020-07-31 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
None |
Partial |
|
Out of bounds read can happen in diag event set mask command handler when user provided length in the command request is less than expected length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8096, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCM2150, QCN7605, QCS404, QCS405, QCS605, QM215, Rennell, SA415M, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130 |
|
38 |
CVE-2019-14123 |
20 |
|
Overflow |
2020-07-30 |
2021-07-21 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Possible buffer overflow and over read possible due to missing bounds checks for fixed limits if we consider widevine HLOS client as non-trustable in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130 |
|
39 |
CVE-2019-14124 |
824 |
|
|
2020-07-30 |
2020-07-30 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Memory failure in content protection module due to not having pointer within the scope in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130 |
|
40 |
CVE-2019-14130 |
119 |
|
Overflow Mem. Corr. |
2020-07-30 |
2021-07-21 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Memory corruption can occurs in trusted application if offset size from HLOS is more than actual mapped buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130 |
|
41 |
CVE-2019-14900 |
89 |
|
Sql |
2020-07-06 |
2022-04-29 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. |
|
42 |
CVE-2019-15310 |
639 |
|
Exec Code |
2020-07-01 |
2021-07-21 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered on various devices via the Linkplay firmware. There is WAN remote code execution without user interaction. An attacker could retrieve the AWS key from the firmware and obtain full control over Linkplay's AWS estate, including S3 buckets containing device firmware. When combined with an OS command injection vulnerability within the XML Parsing logic of the firmware update process, an attacker would be able to gain code execution on any device that attempted to update. Note that by default all devices tested had automatic updates enabled. |
|
43 |
CVE-2019-15311 |
522 |
|
Exec Code |
2020-07-01 |
2021-07-21 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered on Zolo Halo devices via the Linkplay firmware. There is Zolo Halo LAN remote code execution. The Zolo Halo Bluetooth speaker had a GoAhead web server listening on the port 80. The /httpapi.asp endpoint of the GoAhead web server was also vulnerable to multiple command execution vulnerabilities. |
|
44 |
CVE-2019-15312 |
20 |
|
Exec Code |
2020-07-01 |
2021-07-21 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered on Zolo Halo devices via the Linkplay firmware. There is a Zolo Halo DNS rebinding attack. The device was found to be vulnerable to DNS rebinding. Combined with one of the many /httpapi.asp endpoint command-execution security issues, the DNS rebinding attack could allow an attacker to compromise the victim device from the Internet. |
|
45 |
CVE-2019-16244 |
863 |
|
Bypass |
2020-07-22 |
2021-07-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
OMERO.server before 5.6.1 allows attackers to bypass the security filters and access hidden objects via a crafted query. |
|
46 |
CVE-2019-17637 |
611 |
|
|
2020-07-15 |
2020-10-10 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
In all versions of Eclipse Web Tools Platform through release 3.18 (2020-06), XML and DTD files referring to external entities could be exploited to send the contents of local files to a remote server when edited or validated, even when external entity resolution is disabled in the user preferences. |
|
47 |
CVE-2019-17638 |
672 |
|
|
2020-07-09 |
2021-06-14 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In Eclipse Jetty, versions 9.4.27.v20200227 to 9.4.29.v20200521, in case of too large response headers, Jetty throws an exception to produce an HTTP 431 error. When this happens, the ByteBuffer containing the HTTP response headers is released back to the ByteBufferPool twice. Because of this double release, two threads can acquire the same ByteBuffer from the pool and while thread1 is about to use the ByteBuffer to write response1 data, thread2 fills the ByteBuffer with other data. Thread1 then proceeds to write the buffer that now contains different data. This results in client1, which issued request1 seeing data from another request or response which could contain sensitive data belonging to client2 (HTTP session ids, authentication credentials, etc.). If the Jetty version cannot be upgraded, the vulnerability can be significantly reduced by configuring a responseHeaderSize significantly larger than the requestHeaderSize (12KB responseHeaderSize and 8KB requestHeaderSize). |
|
48 |
CVE-2019-17639 |
843 |
|
|
2020-07-15 |
2020-08-12 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In Eclipse OpenJ9 prior to version 0.21 on Power platforms, calling the System.arraycopy method with a length longer than the length of the source or destination array can, in certain specially crafted code patterns, cause the current method to return prematurely with an undefined return value. This allows whatever value happens to be in the return register at that time to be used as if it matches the method's declared return type. |
|
49 |
CVE-2019-18618 |
|
|
|
2020-07-22 |
2020-07-30 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
None |
|
Incorrect access control in the firmware of Synaptics VFS75xx family fingerprint sensors that include external flash (all versions prior to 2019-11-15) allows a local administrator or physical attacker to compromise the confidentiality of sensor data via injection of an unverified partition table. |
|
50 |
CVE-2019-18619 |
763 |
|
Exec Code |
2020-07-22 |
2020-07-30 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Incorrect parameter validation in the synaTee component of Synaptics WBF drivers using an SGX enclave (all versions prior to 2019-11-15) allows a local user to execute arbitrary code in the enclave (that can compromise confidentiality of enclave data) via APIs that accept invalid pointers. |
|
|
