Total
412 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-0128 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2019-09-27 | 5.8 MEDIUM | 6.8 MEDIUM |
The SAM and LSAD protocol implementations in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 do not properly establish an RPC channel, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "Windows SAM and LSAD Downgrade Vulnerability" or "BADLOCK." | |||||
CVE-2017-18429 | 1 Cpanel | 1 Cpanel | 2019-09-24 | 2.1 LOW | 3.3 LOW |
In cPanel before 66.0.2, Apache HTTP Server SSL domain logs can persist on disk after an account termination (SEC-291). | |||||
CVE-2019-10059 | 1 Lexmark | 142 6500e, 6500e Firmware, C734 and 139 more | 2019-09-03 | 5.0 MEDIUM | 5.3 MEDIUM |
The legacy finger service (TCP port 79) is enabled by default on various older Lexmark devices. | |||||
CVE-2019-15149 | 1 Networkgenomics | 1 Mitogen | 2019-08-30 | 6.8 MEDIUM | 9.8 CRITICAL |
** DISPUTED ** core.py in Mitogen before 0.2.8 has a typo that drops the unidirectional-routing protection mechanism in the case of a child that is initiated by another child. The Ansible extension is unaffected. NOTE: the vendor disputes this issue because it is exploitable only in conjunction with hypothetical other factors, i.e., an affected use case within a library caller, and a bug in the message receiver policy code that led to reliance on this extra protection mechanism. | |||||
CVE-2016-10933 | 1 Portaudio Project | 1 Portaudio | 2019-08-29 | 4.3 MEDIUM | 5.9 MEDIUM |
An issue was discovered in the portaudio crate through 0.7.0 for Rust. There is a man-in-the-middle issue because the source code is downloaded over cleartext HTTP. | |||||
CVE-2015-9331 | 1 Soflyy | 1 Wp All Import | 2019-08-22 | 5.0 MEDIUM | 7.5 HIGH |
The wp-all-import plugin before 3.2.4 for WordPress has no prevention of unauthenticated requests to adminInit. | |||||
CVE-2015-9318 | 1 Getawesomesupport | 1 Awesome Support | 2019-08-22 | 5.0 MEDIUM | 7.5 HIGH |
The awesome-support plugin before 3.1.7 for WordPress has a security issue in which shortcodes are allowed in replies. | |||||
CVE-2017-18462 | 1 Cpanel | 1 Cpanel | 2019-08-12 | 5.0 MEDIUM | 7.5 HIGH |
cPanel before 62.0.17 allows a CPHulk one-day ban bypass when IP based protection is enabled (SEC-224). | |||||
CVE-2017-18476 | 1 Cpanel | 1 Cpanel | 2019-08-12 | 5.0 MEDIUM | 7.5 HIGH |
Leech Protect in cPanel before 62.0.4 does not protect certain directories (SEC-205). | |||||
CVE-2017-18467 | 1 Cpanel | 1 Cpanel | 2019-08-12 | 4.0 MEDIUM | 4.3 MEDIUM |
cPanel before 62.0.17 allows access to restricted resources because of a URL filtering error (SEC-229). | |||||
CVE-2017-18480 | 1 Cpanel | 1 Cpanel | 2019-08-12 | 4.0 MEDIUM | 6.5 MEDIUM |
cPanel before 62.0.4 does not enforce account ownership for has_mycnf_for_cpuser WHM API calls (SEC-210). | |||||
CVE-2017-18477 | 1 Cpanel | 1 Cpanel | 2019-08-12 | 4.0 MEDIUM | 6.5 MEDIUM |
In cPanel before 62.0.4, Exim transports could execute in the context of the nobody account (SEC-206). | |||||
CVE-2016-10772 | 1 Cpanel | 1 Cpanel | 2019-08-09 | 2.1 LOW | 3.3 LOW |
cPanel before 60.0.25 does not enforce feature-list restrictions when calling the multilang adminbin (SEC-168). | |||||
CVE-2015-7576 | 1 Rubyonrails | 2 Rails, Ruby On Rails | 2019-08-08 | 4.3 MEDIUM | 3.7 LOW |
The http_basic_authenticate_with method in actionpack/lib/action_controller/metal/http_authentication.rb in the Basic Authentication implementation in Action Controller in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not use a constant-time algorithm for verifying credentials, which makes it easier for remote attackers to bypass authentication by measuring timing differences. | |||||
CVE-2017-18445 | 1 Cpanel | 1 Cpanel | 2019-08-08 | 4.0 MEDIUM | 4.3 MEDIUM |
cPanel before 64.0.21 does not enforce demo restrictions for SSL API calls (SEC-249). | |||||
CVE-2008-1195 | 2 Canonical, Sun | 4 Ubuntu Linux, Jdk, Jre and 1 more | 2019-07-31 | 9.3 HIGH | N/A |
Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java APIs. | |||||
CVE-2008-1192 | 1 Sun | 3 Jdk, Jre, Sdk | 2019-07-31 | 6.8 MEDIUM | N/A |
Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier, and 1.3.1_21 and earlier; allows remote attackers to bypass the same origin policy and "execute local applications" via unknown vectors. | |||||
CVE-2017-11579 | 1 Blipcare | 2 Wi-fi Blood Pressure Monitor, Wi-fi Blood Pressure Monitor Firmware | 2019-07-15 | 4.8 MEDIUM | 7.1 HIGH |
In the most recent firmware for Blipcare, the device provides an open Wireless network called "Blip" for communicating with the device. The user connects to this open Wireless network and uses the web management interface of the device to provide the user's Wi-Fi credentials so that the device can connect to it and have Internet access. This device acts as a Wireless Blood pressure monitor and is used to measure blood pressure levels of a person. This allows an attacker who is in vicinity of Wireless signal generated by the Blipcare device to easily sniff the credentials. Also, an attacker can connect to the open wireless network "Blip" exposed by the device and modify the HTTP response presented to the user by the device to execute other attacks such as convincing the user to download and execute a malicious binary that would infect a user's computer or mobile device with malware. | |||||
CVE-2017-8227 | 1 Amcrest | 2 Ipm-721s, Ipm-721s Firmware | 2019-07-10 | 5.0 MEDIUM | 9.8 CRITICAL |
Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have a timeout policy to wait for 5 minutes in case 30 incorrect password attempts are detected using the Web and HTTP API interface provided by the device. However, if the same brute force attempt is performed using the ONVIF specification (which is supported by the same binary) then there is no account lockout or timeout executed. This can allow an attacker to circumvent the account protection mechanism and brute force the credentials. If the firmware version V2.420.AC00.16.R 9/9/2016 is dissected using binwalk tool, one obtains a _user-x.squashfs.img.extracted archive which contains the filesystem set up on the device that many of the binaries in the /usr folder. The binary "sonia" is the one that has the vulnerable function that performs the credential check in the binary for the ONVIF specification. If one opens this binary in IDA-pro one will notice that this follows a ARM little endian format. The function at address 00671618 in IDA pro is parses the WSSE security token header. The sub_ 603D8 then performs the authentication check and if it is incorrect passes to the function sub_59F4C which prints the value "Sender not authorized." | |||||
CVE-2016-10321 | 1 Web2py | 1 Web2py | 2019-06-21 | 5.0 MEDIUM | 9.8 CRITICAL |
web2py before 2.14.6 does not properly check if a host is denied before verifying passwords, allowing a remote attacker to perform brute-force attacks. |