| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
951 |
CVE-2019-11189 |
290 |
|
Bypass |
2020-02-20 |
2020-02-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Authentication Bypass by Spoofing in org.onosproject.acl (access control) and org.onosproject.mobility (host mobility) in ONOS v2.0 and earlier allows attackers to bypass network access control via data plane packet injection. To exploit the vulnerability, an attacker sends a gratuitous ARP reply that causes the host mobility application to remove existing access control flow denial rules in the network. The access control application does not re-install flow deny rules, so the attacker can bypass the intended access control policy. |
|
952 |
CVE-2019-10805 |
668 |
|
Bypass |
2020-02-28 |
2020-03-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
valib through 2.0.0 allows Internal Property Tampering. A maliciously crafted JavaScript object can bypass several inspection functions provided by valib. Valib uses a built-in function (hasOwnProperty) from the unsafe user-input to examine an object. It is possible for a crafted payload to overwrite this function to manipulate the inspection results to bypass security checks. |
|
953 |
CVE-2019-10804 |
78 |
|
Exec Code |
2020-02-28 |
2020-08-24 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
serial-number through 1.3.0 allows execution of arbritary commands. The "cmdPrefix" argument in serialNumber function is used by the "exec" function without any validation. |
|
954 |
CVE-2019-10803 |
78 |
|
Exec Code |
2020-02-28 |
2020-03-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
push-dir through 0.4.1 allows execution of arbritary commands. Arguments provided as part of the variable "opt.branch" is not validated before being provided to the "git" command within "index.js#L139". This could be abused by an attacker to inject arbitrary commands. |
|
955 |
CVE-2019-10802 |
78 |
|
Exec Code |
2020-02-28 |
2020-03-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
giting version prior to 0.0.8 allows execution of arbritary commands. The first argument "repo" of function "pull()" is executed by the package without any validation. |
|
956 |
CVE-2019-10801 |
78 |
|
Exec Code |
2020-02-28 |
2020-08-24 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
enpeem through 2.2.0 allows execution of arbitrary commands. The "options.dir" argument is provided to the "exec" function without any sanitization. |
|
957 |
CVE-2019-10799 |
78 |
|
Exec Code |
2020-02-24 |
2022-01-01 |
8.5 |
None |
Remote |
Low |
Not required |
Complete |
Partial |
None |
|
compile-sass prior to 1.0.5 allows execution of arbritary commands. The function "setupCleanupOnExit(cssPath)" within "dist/index.js" is executed as part of the "rm" command without any sanitization. |
|
958 |
CVE-2019-10798 |
|
|
|
2020-02-24 |
2020-03-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
rdf-graph-array through 0.3.0-rc6 manipulation of JavaScript objects resutling in Prototype Pollution. The rdf.Graph.prototype.add method could be tricked into adding or modifying properties of Object.prototype. |
|
959 |
CVE-2019-10797 |
|
|
Http R.Spl. |
2020-02-19 |
2020-03-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Netty in WSO2 transport-http before v6.3.1 is vulnerable to HTTP Response Splitting due to HTTP Header validation being disabled. |
|
960 |
CVE-2019-10796 |
78 |
|
Exec Code |
2020-02-24 |
2020-08-24 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
rpi through 0.0.3 allows execution of arbritary commands. The variable pinNumbver in function GPIO within src/lib/gpio.js is used as part of the arguement of exec function without any sanitization. |
|
961 |
CVE-2019-10795 |
74 |
|
|
2020-02-18 |
2020-02-27 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
undefsafe before 2.0.3 is vulnerable to Prototype Pollution. The 'a' function could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload. |
|
962 |
CVE-2019-10794 |
74 |
|
|
2020-02-18 |
2020-03-06 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
All versions of component-flatten are vulnerable to Prototype Pollution. The a function could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload. |
|
963 |
CVE-2019-10793 |
74 |
|
|
2020-02-18 |
2020-02-27 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
dot-object before 2.1.3 is vulnerable to Prototype Pollution. The set function could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload. |
|
964 |
CVE-2019-10792 |
74 |
|
|
2020-02-18 |
2020-02-27 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
bodymen before 1.1.1 is vulnerable to Prototype Pollution. The handler function could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload. |
|
965 |
CVE-2019-10791 |
78 |
|
|
2020-02-18 |
2020-08-24 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
promise-probe before 0.10.0 allows remote attackers to perform a command injection attack. The file, outputFile and options functions can be controlled by users without any sanitization. |
|
966 |
CVE-2019-10790 |
20 |
|
|
2020-02-17 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
taffy through 2.6.2 allows attackers to forge adding additional properties into user-input processed by taffy which can allow access to any data items in the DB. taffy sets an internal index for each data item in its DB. However, it is found that the internal index can be forged by adding additional properties into user-input. If index is found in the query, taffyDB will ignore other query conditions and directly return the indexed data item. Moreover, the internal index is in an easily-guessable format (e.g., T000002R000001). As such, attackers can use this vulnerability to access any data items in the DB. |
|
967 |
CVE-2019-10789 |
78 |
|
|
2020-02-06 |
2020-02-07 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
All versions of curling.js are vulnerable to Command Injection via the run function. The command argument can be controlled by users without any sanitization. |
|
968 |
CVE-2019-10788 |
78 |
|
Exec Code |
2020-02-04 |
2020-08-24 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
im-metadata through 3.0.1 allows remote attackers to execute arbitrary commands via the "exec" argument. It is possible to inject arbitrary commands as part of the metadata options which is given to the "exec" function. |
|
969 |
CVE-2019-10787 |
78 |
|
Exec Code |
2020-02-04 |
2020-08-24 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
im-resize through 2.3.2 allows remote attackers to execute arbitrary commands via the "exec" argument. The cmd argument used within index.js, can be controlled by user without any sanitization. |
|
970 |
CVE-2019-10786 |
20 |
|
Exec Code |
2020-02-04 |
2021-07-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
network-manager through 1.0.2 allows remote attackers to execute arbitrary commands via the "execSync()" argument. |
|
971 |
CVE-2019-10785 |
79 |
|
XSS |
2020-02-13 |
2020-04-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
dojox is vulnerable to Cross-site Scripting in all versions before version 1.16.1, 1.15.2, 1.14.5, 1.13.6, 1.12.7 and 1.11.9. This is due to dojox.xmpp.util.xmlEncode only encoding the first occurrence of each character, not all of them. |
|
972 |
CVE-2019-10784 |
352 |
|
Exec Code CSRF |
2020-02-04 |
2020-02-12 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
phppgadmin through 7.12.1 allows sensitive actions to be performed without validating that the request originated from the application. One such area, "database.php" does not verify the source of an HTTP request. This can be leveraged by a remote attacker to trick a logged-in administrator to visit a malicious page with a CSRF exploit and execute arbitrary system commands on the server. |
|
973 |
CVE-2019-10590 |
129 |
|
|
2020-02-07 |
2020-02-10 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Out of bound access while parsing dts atom, which is non-standard as it does not have valid number of tracks in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 |
|
974 |
CVE-2019-10567 |
|
|
Exec Code |
2020-02-07 |
2020-02-10 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
There is a way to deceive the GPU kernel driver into thinking there is room in the GPU ringbuffer and overwriting existing commands could allow unintended GPU opcodes to be executed in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 |
|
975 |
CVE-2019-10064 |
331 |
|
|
2020-02-28 |
2022-01-01 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743. |
|
976 |
CVE-2019-9674 |
400 |
|
DoS |
2020-02-04 |
2020-07-27 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb. |
|
977 |
CVE-2019-9502 |
787 |
|
Exec Code Overflow |
2020-02-03 |
2020-02-10 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. If the vendor information element data length is larger than 164 bytes, a heap buffer overflow is triggered in wlc_wpa_plumb_gtk. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions. |
|
978 |
CVE-2019-9501 |
787 |
|
Exec Code Overflow |
2020-02-03 |
2020-02-10 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. By supplying a vendor information element with a data length larger than 32 bytes, a heap buffer overflow is triggered in wlc_wpa_sup_eapol. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions. |
|
979 |
CVE-2019-8741 |
835 |
|
DoS |
2020-02-28 |
2020-04-01 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
A denial of service issue was addressed with improved input validation. |
|
980 |
CVE-2019-7007 |
22 |
|
Dir. Trav. |
2020-02-28 |
2020-03-06 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A directory traversal vulnerability has been found in the Avaya Equinox Management(iView)versions R9.1.9.0 and earlier. Successful exploitation could potentially allow an unauthenticated attacker to access files that are outside the restricted directory on the remote server. |
|
981 |
CVE-2019-6744 |
287 |
|
+Info |
2020-02-10 |
2020-10-19 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
This vulnerability allows local attackers to disclose sensitive information on affected installations of Samsung Knox 1.2.02.39 on Samsung Galaxy S9 build G9600ZHS3ARL1 Secure Folder. An attacker must first obtain physical access to the device in order to exploit this vulnerability. The specific flaws exists within the the handling of the lock screen for Secure Folder. The issue results from the lack of proper validation that a user has correctly authenticated. An attacker can leverage this vulnerability to disclose the contents of the secure container. Was ZDI-CAN-7381. |
|
982 |
CVE-2019-6195 |
269 |
|
Bypass |
2020-02-14 |
2020-03-04 |
2.1 |
None |
Remote |
High |
??? |
Partial |
None |
None |
|
An authorization bypass exists in Lenovo XClarity Controller (XCC) versions prior to 3.08 CDI340V, 3.01 TEI392O, 1.71 PSI328N where a valid authenticated user with lesser privileges may be granted read-only access to higher-privileged information if 1) “LDAP Authentication Only with Local Authorization” mode is configured and used by XCC, and 2) a lesser privileged user logs into XCC within 1 minute of a higher privileged user logging out. The authorization bypass does not exist when “Local Authentication and Authorization” or “LDAP Authentication and Authorization” modes are configured and used by XCC. |
|
983 |
CVE-2019-6194 |
611 |
|
|
2020-02-14 |
2020-02-21 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
An XML External Entity (XXE) processing vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions prior to 2.6.6 that could allow information disclosure. |
|
984 |
CVE-2019-6193 |
200 |
|
+Info |
2020-02-14 |
2020-02-24 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An information disclosure vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions prior to 2.6.6 that could allow unauthenticated access to some configuration files which may contain usernames, license keys, IP addresses, and encrypted password hashes. |
|
985 |
CVE-2019-6190 |
665 |
|
DoS |
2020-02-14 |
2020-03-16 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Lenovo was notified of a potential denial of service vulnerability, affecting various versions of BIOS for Lenovo Desktop, Desktop - All in One, and ThinkStation, that could cause PCRs to be cleared intermittently after resuming from sleep (S3) on systems with Intel TXT enabled. |
|
986 |
CVE-2019-5613 |
345 |
|
|
2020-02-18 |
2020-03-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In FreeBSD 12.0-RELEASE before 12.0-RELEASE-p13, a missing check in the ipsec packet processor allows reinjection of an old packet to be accepted by the ipsec endpoint. Depending on the higher-level protocol in use over ipsec, this could allow an action to be repeated. |
|
987 |
CVE-2019-5326 |
502 |
|
Exec Code |
2020-02-27 |
2020-03-03 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An administrative application user of or application user with write access to Aruba Airwave VisualRF is able to obtain code execution on the AMP platform. This is possible due to the ability to overwrite a file on disk which is subsequently deserialized by the Java application component. |
|
988 |
CVE-2019-5323 |
77 |
|
Exec Code |
2020-02-27 |
2020-08-24 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
There are command injection vulnerabilities present in the AirWave application. Certain input fields controlled by an administrative user are not properly sanitized before being parsed by AirWave. If conditions are met, an attacker can obtain command execution on the host. |
|
989 |
CVE-2019-5322 |
|
|
|
2020-02-13 |
2020-08-24 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A remotely exploitable information disclosure vulnerability is present in Aruba Intelligent Edge Switch models 5400, 3810, 2920, 2930, 2530 with GigT port, 2530 10/100 port, or 2540. The vulnerability impacts firmware 16.08.* before 16.08.0009, 16.09.* before 16.09.0007 and 16.10.* before 16.10.0003. The vulnerability allows an attacker to retrieve sensitive system information. This attack can be carried out without user authentication under very specific conditions. |
|
990 |
CVE-2019-5187 |
787 |
|
Exec Code |
2020-02-14 |
2022-06-13 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An exploitable out-of-bounds write vulnerability exists in the TIFreadstripdata function of the igcore19d.dll library of Accusoft ImageGear 19.5.0. A specially crafted TIFF file file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. |
|
991 |
CVE-2019-5165 |
287 |
|
Bypass |
2020-02-25 |
2022-06-13 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An exploitable authentication bypass vulnerability exists in the hostname processing of the Moxa AWK-3131A firmware version 1.13. A specially configured device hostname can cause the device to interpret select remote traffic as local traffic, resulting in a bypass of web authentication. An attacker can send authenticated SNMP requests to trigger this vulnerability. |
|
992 |
CVE-2019-5162 |
|
|
|
2020-02-25 |
2022-06-13 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
An exploitable improper access control vulnerability exists in the iw_webs account settings functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted user name entry can cause the overwrite of an existing user account password, resulting in remote shell access to the device as that user. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. |
|
993 |
CVE-2019-5153 |
787 |
|
Exec Code Overflow |
2020-02-25 |
2022-06-13 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An exploitable remote code execution vulnerability exists in the iw_webs configuration parsing functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted user name entry can cause an overflow of an error message buffer, resulting in remote code execution. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. |
|
994 |
CVE-2019-5148 |
191 |
|
|
2020-02-25 |
2022-06-13 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An exploitable denial-of-service vulnerability exists in ServiceAgent functionality of the Moxa AWK-3131A, firmware version 1.13. A specially crafted packet can cause an integer underflow, triggering a large memcpy that will access unmapped or out-of-bounds memory. An attacker can send this packet while unauthenticated to trigger this vulnerability. |
|
995 |
CVE-2019-5143 |
134 |
|
Exec Code Overflow |
2020-02-25 |
2022-06-13 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An exploitable format string vulnerability exists in the iw_console conio_writestr functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted time server entry can cause an overflow of the time server buffer, resulting in remote code execution. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. |
|
996 |
CVE-2019-5142 |
78 |
|
Exec Code |
2020-02-25 |
2022-06-13 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
An exploitable command injection vulnerability exists in the hostname functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted entry to network configuration information can cause execution of arbitrary system commands, resulting in full control of the device. An attacker can send various authenticated requests to trigger this vulnerability. |
|
997 |
CVE-2019-5141 |
78 |
|
|
2020-02-25 |
2022-06-13 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An exploitable command injection vulnerability exists in the iw_webs functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted iw_serverip parameter can cause user input to be reflected in a subsequent iw_system call, resulting in remote control over the device. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. |
|
998 |
CVE-2019-5140 |
78 |
|
|
2020-02-25 |
2022-06-13 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An exploitable command injection vulnerability exists in the iwwebs functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted diagnostic script file name can cause user input to be reflected in a subsequent iwsystem call, resulting in remote control over the device. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. |
|
999 |
CVE-2019-5139 |
798 |
|
|
2020-02-25 |
2022-06-13 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
None |
|
An exploitable use of hard-coded credentials vulnerability exists in multiple iw_* utilities of the Moxa AWK-3131A firmware version 1.13. The device operating system contains an undocumented encryption password, allowing for the creation of custom diagnostic scripts. |
|
1000 |
CVE-2019-5138 |
78 |
|
Exec Code |
2020-02-25 |
2022-06-13 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted diagnostic script file can cause arbitrary busybox commands to be executed, resulting in remote control over the device. An attacker can send diagnostic while authenticated as a low privilege user to trigger this vulnerability. |
