Vulnerabilities (CVE)

CWE filter

CWE-20

Filter

7801 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-17191 2019-10-11 5.0
The Signal Private Messenger application before 4.47.7 for Android allows a caller to force a call to be answered, without callee user interaction, via a connect message. The existence of the call is noticeable to the callee; however, the audio...
CVE-2019-1326 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2019-10-11 7.8
A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'.
CVE-2019-1584 1 Zingbox 1 Inspector 2019-10-11 6.8
A security vulnerability exists in Zingbox Inspector version 1.293 and earlier, that allows for remote code execution if the Inspector were sent a malicious command from the Zingbox cloud, or if the Zingbox Inspector were tampered with to connect...
CVE-2018-21020 2019-10-11 5.0
In very rare cases, a PHP type juggling vulnerability in centreonAuth.class.php in Centreon Web before 2.8.27 allows attackers to bypass authentication mechanisms in place.
CVE-2019-17370 1 Otcms 1 Otcms 2019-10-11 6.5
OTCMS v3.85 allows arbitrary PHP Code Execution because admin/sysCheckFile_deal.php blocks "into outfile" in a SELECT statement, but does not block the "into/**/outfile" manipulation. Therefore, the attacker can create a .php file.
CVE-2019-17344 1 Xen 1 Xen 2019-10-11 4.9
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service by leveraging a long-running operation that exists to support restartability of PTE updates.
CVE-2019-17348 1 Xen 1 Xen 2019-10-11 4.9
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service because of an incompatibility between Process Context Identifiers (PCID) and shadow-pagetable switching.
CVE-2019-17192 1 Signal 1 Signal Private Messenger 2019-10-10 7.5
** DISPUTED ** The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android processes videoconferencing RTP packets before a callee chooses to answer a call, which might make it easier for remote attackers to cause...
CVE-2019-12701 1 Cisco 1 Firepower Management Center 2019-10-10 5.0
A vulnerability in the file and malware inspection feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass the file and malware inspection policies on an affected system. The...
CVE-2019-6015 1 Fon 4 Fon2601e-fsw-b Firmware, Fon2601e-fsw-s Firmware, Fon2601e-re Firmware and 1 more 2019-10-10 7.8
FON2601E-SE, FON2601E-RE, FON2601E-FSW-S, and FON2601E-FSW-B with firmware versions 1.1.7 and earlier contain an issue where they may behave as open resolvers. If this vulnerability is exploited, FON routers may be leveraged for DNS amplification...
CVE-2019-17340 1 Xen 1 Xen 2019-10-10 6.1
An issue was discovered in Xen through 4.11.x allowing x86 guest OS users to cause a denial of service or gain privileges because grant-table transfer requests are mishandled.
CVE-2019-17347 1 Xen 1 Xen 2019-10-10 4.6
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because a guest can manipulate its virtualised %cr4 in a way that is incompatible with Linux (and possibly other guest kernels).
CVE-2019-15259 1 Cisco 1 Unified Contact Center Express 2019-10-10 4.3
A vulnerability in Cisco Unified Contact Center Express (UCCX) Software could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. The vulnerability is due to insufficient input validation of some parameters...
CVE-2019-17343 1 Xen 1 Xen 2019-10-10 4.6
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging incorrect use of the HVM physmap concept for PV domains.
CVE-2019-12706 1 Cisco 1 Email Security Appliance Firmware 2019-10-10 5.0
A vulnerability in the Sender Policy Framework (SPF) functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the configured user filters on an affected device. The...
CVE-2019-12689 1 Cisco 1 Firepower Management Center 2019-10-10 9.0
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system of an affected device. The...
CVE-2019-12694 1 Cisco 1 Firepower Threat Defense 2019-10-10 7.2
A vulnerability in the command line interface (CLI) of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker with administrative privileges to execute commands on the underlying operating system with root...
CVE-2019-12699 1 Cisco 2 Firepower Threat Defense, Firepower 9300 Firmware 2019-10-10 7.2
Multiple vulnerabilities in the CLI of Cisco FXOS Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute commands on the underlying operating system (OS) with root privileges. These...
CVE-2019-17345 1 Xen 1 Xen 2019-10-10 4.9
An issue was discovered in Xen 4.8.x through 4.11.x allowing x86 PV guest OS users to cause a denial of service because mishandling of failed IOMMU operations causes a bug check during the cleanup of a crashed guest.
CVE-2019-17346 1 Xen 1 Xen 2019-10-10 7.2
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because of an incompatibility between Process Context Identifiers (PCID) and TLB flushes.