CVE & Exploit Intelligence Database

CVE-2019-10222 7.5 HIGH EPSS 0.03

A flaw was found in the Ceph RGW configuration with Beast as the front end handling client requests. An unauthenticated attacker could crash the Ceph RGW server by sending valid HTTP headers and terminating the connection, resulting in a remote denial of service for Ceph RGW clients.

CWE-755 Nov 08, 2019

CVE-2011-2336 6.5 MEDIUM EPSS 0.00

An issue exists in WebKit in Google Chrome before Blink M12. when clearing lists in AnimationControllerPrivate that signal when a hardware animation starts.

CWE-755 Nov 07, 2019

CVE-2011-2807 6.5 MEDIUM EPSS 0.00

Incorrect handling of timer information in Timer.cpp in WebKit in Google Chrome before Blink M13.

CWE-755 Nov 07, 2019

CVE-2011-4625 7.5 HIGH EPSS 0.00

simplesamlphp before 1.6.3 (squeeze) and before 1.8.2 (sid) incorrectly handles XML encryption which could allow remote attackers to decrypt or forge messages.

CWE-755 Nov 06, 2019

CVE-2019-18668 6.5 MEDIUM EPSS 0.01

An issue was discovered in the Currency Switcher addon before 2.11.2 for WooCommerce if a user provides a currency that was not added by the administrator. In this case, even though the currency does not exist, it will be selected, but a price amount will fall back to the default currency. This means that if an attacker provides a currency that does not exist and is worth less than this default, the attacker can eventually purchase an item for a significantly cheaper price.

CWE-755 Nov 02, 2019

CVE-2009-5043 9.8 CRITICAL EPSS 0.00

burn allows file names to escape via mishandled quotation marks

CWE-755 Oct 31, 2019

CVE-2019-6848 8.6 HIGH EPSS 0.00

A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580 CPU (BMEx58*) and Modicon M580 communication module (BMENOC0311, BMENOC0321) (see notification for version info), which could cause a Denial of Service attack on the PLC when sending specific data on the REST API of the controller/communication module.

CWE-755 Oct 29, 2019

CVE-2019-6847 4.9 MEDIUM EPSS 0.00

A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service attack on the FTP service when upgrading the firmware with a version incompatible with the application in the controller using FTP protocol.

CWE-755 Oct 29, 2019

CVE-2019-6844 4.9 MEDIUM EPSS 0.00

A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service atack on the PLC when upgrading the controller with a firmware package containing an invalid web server image using FTP protocol.

CWE-755 Oct 29, 2019

CVE-2019-6843 4.9 MEDIUM EPSS 0.00

A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580 with firmware (version prior to V3.10), Modicon M340 (all firmware versions), and Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service attack on the PLC when upgrading the controller with an empty firmware package using FTP protocol.

CWE-755 Oct 29, 2019

CVE-2019-6842 4.9 MEDIUM EPSS 0.00

A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service attack on the PLC when upgrading the firmware with a missing web server image inside the package using FTP protocol.

CWE-755 Oct 29, 2019

CVE-2019-6841 4.9 MEDIUM EPSS 0.00

A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580 with firmware (version prior to V3.10), Modicon M340 (all firmware versions), and Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service attack on the PLC when upgrading the firmware with no firmware image inside the package using FTP protocol.

CWE-755 Oct 29, 2019

CVE-2019-14287 8.8 HIGH 28 PoCs Analysis NUCLEI EPSS 0.86

In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command.

CWE-755 Oct 17, 2019

CVE-2019-17195 9.8 CRITICAL 1 PoC Analysis EPSS 0.05

Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authentication bypass.

CWE-755 Oct 15, 2019

CVE-2019-1376 6.5 MEDIUM EPSS 0.08

An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when it improperly enforces permissions, aka 'SQL Server Management Studio Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1313.

CWE-755 Oct 10, 2019

CVE-2019-1342 7.8 HIGH EPSS 0.01

An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles a process crash, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1315, CVE-2019-1339.

CWE-755 Oct 10, 2019

CVE-2019-1313 6.5 MEDIUM EPSS 0.08

An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when it improperly enforces permissions, aka 'SQL Server Management Studio Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1376.

CWE-755 Oct 10, 2019

CVE-2019-0060 7.5 HIGH EPSS 0.00

The flowd process, responsible for forwarding traffic in SRX Series services gateways, may crash and restart when processing specific transit IP packets through an IPSec tunnel. Continued processing of these packets may result in an extended Denial of Service (DoS) condition. This issue only occurs when IPSec tunnels are configured. Systems without IPSec tunnel configurations are not vulnerable to this issue. This issue affects Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180 on SRX Series; 18.2 versions 18.2R2-S1 and later, prior to 18.2R3 on SRX Series; 18.4 versions prior to 18.4R2 on SRX Series.

CWE-755 Oct 09, 2019

CVE-2019-0051 6.5 MEDIUM EPSS 0.00

SSL-Proxy feature on SRX devices fails to handle a hardware resource limitation which can be exploited by remote SSL/TLS servers to crash the flowd daemon. Repeated crashes of the flowd daemon can result in an extended denial of service condition. For this issue to occur, clients protected by the SRX device must initiate a connection to the malicious server. This issue affects: Juniper Networks Junos OS on SRX5000 Series: 12.3X48 versions prior to 12.3X48-D85; 15.1X49 versions prior to 15.1X49-D180; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R2-S6, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R2.

CWE-755 Oct 09, 2019

CVE-2019-15894 6.8 MEDIUM EPSS 0.00

An issue was discovered in Espressif ESP-IDF 2.x, 3.0.x through 3.0.9, 3.1.x through 3.1.6, 3.2.x through 3.2.3, and 3.3.x through 3.3.1. An attacker who uses fault injection to physically disrupt the ESP32 CPU can bypass the Secure Boot digest verification at startup, and boot unverified code from flash. The fault injection attack does not disable the Flash Encryption feature, so if the ESP32 is configured with the recommended combination of Secure Boot and Flash Encryption, then the impact is minimized. If the ESP32 is configured without Flash Encryption then successful fault injection allows arbitrary code execution. To protect devices with Flash Encryption and Secure Boot enabled against this attack, a firmware change must be made to permanently enable Flash Encryption in the field if it is not already permanently enabled.

CWE-755 Oct 07, 2019