National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

There are 122,992 matching records.
Displaying matches 561 through 580.
Vuln ID Summary CVSS Severity
CVE-2019-11495

Couchbase Server 5.1.1 generates insufficiently random numbers. The product hosts many network services by default. One of those services is an epmd service, which allows for node integration between Erlang instances. This service is protected by a single 16-character password. Unfortunately, this password is not generated securely due to an insufficient random seed, and can be reasonably brute-forced by an attacker to execute code against a remote system.

Published: September 10, 2019; 02:15:12 PM -04:00
V3.1: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2019-11467

An issue was discovered in Couchbase Server 4.6.3 and 5.5.0. A JSON document to be stored with more than 3000 '\t' characters can crash the indexing system.

Published: September 10, 2019; 02:15:12 PM -04:00
V3.1: 7.5 HIGH
    V2: 7.8 HIGH
CVE-2019-11466

An issue was discovered in Couchbase Server 5.5.0 and 6.0.0. The Eventing debug endpoint mishandles authentication and audit.

Published: September 10, 2019; 02:15:12 PM -04:00
V3.1: 5.3 MEDIUM
    V2: 5.0 MEDIUM
CVE-2019-1563

In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).

Published: September 10, 2019; 01:15:11 PM -04:00
V3.1: 3.7 LOW
    V2: 4.3 MEDIUM
CVE-2019-1549

OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. A partial mitigation for this issue is that the output from a high precision timer is mixed into the RNG state so the likelihood of a parent and child process sharing state is significantly reduced. If an application already calls OPENSSL_init_crypto() explicitly using OPENSSL_INIT_ATFORK then this problem does not occur at all. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c).

Published: September 10, 2019; 01:15:11 PM -04:00
V3.1: 5.3 MEDIUM
    V2: 5.0 MEDIUM
CVE-2019-1547

Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).

Published: September 10, 2019; 01:15:11 PM -04:00
V3.1: 4.7 MEDIUM
    V2: 1.9 LOW
CVE-2019-12105

** DISPUTED ** In Supervisor through 4.0.2, an unauthenticated user can read log files or restart a service. Note: The maintainer responded that the affected component, inet_http_server, is not enabled by default but if the user enables it and does not set a password, Supervisor logs a warning message. The maintainer indicated the ability to run an open server will not be removed but an additional warning was added to the documentation.

Published: September 10, 2019; 01:15:11 PM -04:00
V3.1: 8.2 HIGH
    V2: 6.4 MEDIUM
CVE-2019-11465

An issue was discovered in Couchbase Server 5.5.x through 5.5.3 and 6.0.0. The Memcached "connections" stat block command emits a non-redacted username. The system information submitted to Couchbase as part of a bug report included the usernames for all users currently logged into the system even if the log was redacted for privacy. This has been fixed (in 5.5.4 and 6.0.1) so that usernames are tagged properly in the logs and are hashed out when the logs are redacted.

Published: September 10, 2019; 01:15:11 PM -04:00
V3.1: 5.3 MEDIUM
    V2: 5.0 MEDIUM
CVE-2019-11464

An issue was discovered in Couchbase Server 5.1.2 and 5.5.0. The http server on port 8092 lacks an X-XSS protection header.

Published: September 10, 2019; 01:15:11 PM -04:00
V3.1: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2019-0365

SAP Kernel (RFC), KRNL32NUC, KRNL32UC and KRNL64NUC before versions 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64UC, before versions 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73 and KERNEL before versions 7.21, 7.49, 7.53, 7.73, 7.76 SAP GUI for Windows (BC-FES-GUI) before versions 7.5, 7.6, and SAP GUI for Java (BC-FES-JAV) before version 7.5, allow an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service.

Published: September 10, 2019; 01:15:11 PM -04:00
V3.1: 7.5 HIGH
    V2: 7.8 HIGH
CVE-2019-0364

Attackers may misuse an HTTP/REST endpoint of SAP HANA Extended Application Services (Advanced model), before version 1.0.118, to enumerate open ports.

Published: September 10, 2019; 01:15:11 PM -04:00
V3.1: 4.3 MEDIUM
    V2: 4.0 MEDIUM
CVE-2019-0363

Attackers may misuse an HTTP/REST endpoint of SAP HANA Extended Application Services (Advanced model), before version 1.0.118, to overload the server or retrieve information about internal network ports.

Published: September 10, 2019; 01:15:11 PM -04:00
V3.1: 7.1 HIGH
    V2: 5.5 MEDIUM
CVE-2019-0361

SAP Supplier Relationship Management (Master Data Management Catalog - SRM_MDM_CAT, before versions 3.73, 7.31, 7.32) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

Published: September 10, 2019; 01:15:11 PM -04:00
V3.1: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2019-0357

The administrator of SAP HANA database, before versions 1.0 and 2.0, can misuse HANA to execute commands with operating system "root" privileges.

Published: September 10, 2019; 01:15:11 PM -04:00
V3.1: 6.7 MEDIUM
    V2: 7.2 HIGH
CVE-2019-0356

Under certain conditions SAP NetWeaver Process Integration Runtime Workbench ? MESSAGING and SAP_XIAF (before versions 7.31, 7.40, 7.50) allows an attacker to access information which would otherwise be restricted.

Published: September 10, 2019; 01:15:11 PM -04:00
V3.1: 4.3 MEDIUM
    V2: 4.0 MEDIUM
CVE-2019-0355

SAP NetWeaver Application Server Java Web Container, ENGINEAPI (before versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50) and SAP-JEECOR (before versions 6.40, 7.0, 7.01), allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the application.

Published: September 10, 2019; 01:15:10 PM -04:00
V3.1: 7.2 HIGH
    V2: 6.5 MEDIUM
CVE-2019-0353

Under certain conditions SAP Business One client (B1_ON_HANA, SAP-M-BO), before versions 9.2 and 9.3, allows an attacker to access information which would otherwise be restricted.

Published: September 10, 2019; 01:15:10 PM -04:00
V3.1: 3.3 LOW
    V2: 2.1 LOW
CVE-2019-0352

In SAP Business Objects Business Intelligence Platform, before versions 4.1, 4.2 and 4.3, some dynamic pages (like jsp) are cached, which leads to an attacker can see the sensitive information via cache and can open the dynamic pages even after logout.

Published: September 10, 2019; 01:15:10 PM -04:00
V3.1: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2019-5503

OnCommand Workflow Automation versions prior to 5.0 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors.

Published: September 10, 2019; 12:15:12 PM -04:00
V3.1: 5.3 MEDIUM
    V2: 5.0 MEDIUM
CVE-2019-3975

Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.1 allows a remote, unauthenticated attacker to execute arbitrary code via a crafted IOCTL 70603 RPC message.

Published: September 10, 2019; 12:15:12 PM -04:00
V3.1: 9.8 CRITICAL
    V2: 7.5 HIGH