Total
304 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-13603 | 1 Hidglobal | 2 Digital Persona U.are.u 4500, Digital Persona U.are.u 4500 Driver Firmware | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue was discovered in the HID Global DigitalPersona (formerly Crossmatch) U.are.U 4500 Fingerprint Reader Windows Biometric Framework driver 5.0.0.5. It has a statically coded initialization vector to encrypt a user's fingerprint image, resulting in weak encryption of that. This, in combination with retrieving an encrypted fingerprint image and encryption key (through another vulnerability), allows an attacker to obtain a user's fingerprint image. | |||||
| CVE-2019-12821 | 1 Jisiwei | 2 I3, I3 Firmware | 2024-11-21 | 5.8 MEDIUM | 4.8 MEDIUM |
| A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner, while adding a device to the account using a QR-code. The QR-code follows an easily predictable pattern that depends only on the specific device ID of the robot vacuum cleaner. By generating a QR-code containing information about the device ID, it is possible to connect an arbitrary device and gain full access to it. The device ID has an initial "JSW" substring followed by a six digit number that depends on the specific device. | |||||
| CVE-2019-12434 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| An issue was discovered in GitLab Community and Enterprise Edition 10.6 through 11.11. Users could guess the URL slug of private projects through the contrast of the destination URLs of issues linked in comments. It allows Information Disclosure. | |||||
| CVE-2019-11840 | 2 Debian, Golang | 2 Debian Linux, Crypto | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue was discovered in the supplementary Go cryptography library, golang.org/x/crypto, before v0.0.0-20190320223903-b7391e95e576. A flaw was found in the amd64 implementation of the golang.org/x/crypto/salsa20 and golang.org/x/crypto/salsa20/salsa packages. If more than 256 GiB of keystream is generated, or if the counter otherwise grows greater than 32 bits, the amd64 implementation will first generate incorrect output, and then cycle back to previously generated keystream. Repeated keystream bytes can lead to loss of confidentiality in encryption applications, or to predictability in CSPRNG applications. | |||||
| CVE-2019-11690 | 1 Denx | 1 U-boot | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| gen_rand_uuid in lib/uuid.c in Das U-Boot v2014.04 through v2019.04 lacks an srand call, which allows attackers to determine UUID values in scenarios where CONFIG_RANDOM_UUID is enabled, and Das U-Boot is relied upon for UUID values of a GUID Partition Table of a boot device. | |||||
| CVE-2019-11641 | 1 Anomali | 1 Agave | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Anomali Agave (formerly Drupot) through 1.0.0 fails to avoid fingerprinting by including predictable data and minimal variation in size within HTML templates, giving attackers the ability to detect and avoid this system. | |||||
| CVE-2019-11219 | 1 Ilnkp2p Project | 1 Ilnkp2p | 2024-11-21 | 6.4 MEDIUM | 8.2 HIGH |
| The algorithm used to generate device IDs (UIDs) for devices that utilize Shenzhen Yunni Technology iLnkP2P suffers from a predictability flaw that allows remote attackers to establish direct connections to arbitrary devices. | |||||
| CVE-2019-10084 | 1 Apache | 1 Impala | 2024-11-21 | 4.6 MEDIUM | 7.5 HIGH |
| In Apache Impala 2.7.0 to 3.2.0, an authenticated user with access to the IDs of active Impala queries or sessions can interact with those sessions or queries via a specially-constructed request and thereby potentially bypass authorization and audit mechanisms. Session and query IDs are unique and random, but have not been documented or consistently treated as sensitive secrets. Therefore they may be exposed in logs or interfaces. They were also not generated with a cryptographically secure random number generator, so are vulnerable to random number generator attacks that predict future IDs based on past IDs. Impala deployments with Apache Sentry or Apache Ranger authorization enabled may be vulnerable to privilege escalation if an authenticated attacker is able to hijack a session or query from another authenticated user with privileges not assigned to the attacker. Impala deployments with audit logging enabled may be vulnerable to incorrect audit logging as a user could undertake actions that were logged under the name of a different authenticated user. Constructing an attack requires a high degree of technical sophistication and access to the Impala system as an authenticated user. | |||||
| CVE-2019-1010025 | 1 Gnu | 1 Glibc | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability. | |||||
| CVE-2019-0729 | 1 Microsoft | 1 Java Software Development Kit | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An Elevation of Privilege vulnerability exists in the way Azure IoT Java SDK generates symmetric keys for encryption, allowing an attacker to predict the randomness of the key, aka 'Azure IoT Java SDK Elevation of Privilege Vulnerability'. | |||||
| CVE-2019-0007 | 1 Juniper | 17 Junos, Mx10, Mx10003 and 14 more | 2024-11-21 | 7.5 HIGH | 9.3 CRITICAL |
| The vMX Series software uses a predictable IP ID Sequence Number. This leaves the system as well as clients connecting through the device susceptible to a family of attacks which rely on the use of predictable IP ID sequence numbers as their base method of attack. This issue was found during internal product security testing. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F5 on vMX Series. | |||||
| CVE-2018-20025 | 1 Codesys | 15 Control For Beaglebone Sl, Control For Empc-a\/imx6 Sl, Control For Iot2000 Sl and 12 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Use of Insufficiently Random Values exists in CODESYS V3 products versions prior V3.5.14.0. | |||||
| CVE-2018-1279 | 1 Pivotal Software | 1 Rabbitmq | 2024-11-21 | 3.3 LOW | 8.5 HIGH |
| Pivotal RabbitMQ for PCF, all versions, uses a deterministically generated cookie that is shared between all machines when configured in a multi-tenant cluster. A remote attacker who can gain information about the network topology can guess this cookie and, if they have access to the right ports on any server in the MQ cluster can use this cookie to gain full control over the entire cluster. | |||||
| CVE-2018-1266 | 1 Cloudfoundry | 1 Capi-release | 2024-11-21 | 6.5 MEDIUM | 8.1 HIGH |
| Cloud Foundry Cloud Controller, versions prior to 1.52.0, contains information disclosure and path traversal vulnerabilities. An authenticated malicious user can predict the location of application blobs and leverage path traversal to create a malicious application that has the ability to overwrite arbitrary files on the Cloud Controller instance. | |||||
| CVE-2018-1108 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated. | |||||
| CVE-2018-19983 | 1 Silabs | 4 Z-wave S0, Z-wave S0 Firmware, Z-wave S2 and 1 more | 2024-11-21 | 6.1 MEDIUM | 6.5 MEDIUM |
| An issue was discovered on Sigma Design Z-Wave S0 through S2 devices. An attacker first prepares a Z-Wave frame-transmission program (e.g., Z-Wave PC Controller, OpenZWave, CC1110, etc.). Next, the attacker conducts a DoS attack against the Z-Wave S0 Security version product by continuously sending divided "Nonce Get (0x98 0x81)" frames. The reason for dividing the "Nonce Get" frame is that, in security version S0, when a node receives a "Nonce Get" frame, the node produces a random new nonce and sends it to the Src node of the received "Nonce Get" frame. After the nonce value is generated and transmitted, the node transitions to wait mode. At this time, when "Nonce Get" is received again, the node discards the previous nonce value and generates a random nonce again. Therefore, because the frame is encrypted with previous nonce value, the received normal frame cannot be decrypted. | |||||
| CVE-2018-19441 | 1 Neatorobotics | 2 Botvac Connected, Botvac Connected Firmware | 2024-11-21 | 1.9 LOW | 4.7 MEDIUM |
| An issue was discovered in Neato Botvac Connected 2.2.0. The GenerateRobotPassword function of the NeatoCrypto library generates insufficiently random numbers for robot secret_key values used for local and cloud authentication/authorization. If an attacker knows the serial number and is able to estimate the time of first provisioning of a robot, he is able to brute force the generated secret_key of the robot. This is because the entropy of the secret_key exclusively relies on these two values, due to not seeding the random generator and using several constant inputs for secret_key computation. Serial numbers are printed on the packaging and equal the MAC address of the robot. | |||||
| CVE-2018-18602 | 1 Guardzilla | 12 180 Indoor, 180 Indoor Firmware, 180 Outdoor and 9 more | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| The Cloud API on Guardzilla smart cameras allows user enumeration, with resultant arbitrary camera access and monitoring. | |||||
| CVE-2018-18531 | 1 Kaptcha Project | 1 Kaptcha | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| text/impl/DefaultTextCreator.java, text/impl/ChineseTextProducer.java, and text/impl/FiveLetterFirstNameTextCreator.java in kaptcha 2.3.2 use the Random (rather than SecureRandom) function for generating CAPTCHA values, which makes it easier for remote attackers to bypass intended access restrictions via a brute-force approach. | |||||
| CVE-2018-18425 | 1 Primeo Project | 1 Primeo | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| The doAirdrop function of a smart contract implementation for Primeo (PEO), an Ethereum token, does not check the numerical relationship between the amount of the air drop and the token's total supply, which lets the owner of the contract issue an arbitrary amount of currency. (Increasing the total supply by using 'doAirdrop' ignores the hard cap written in the contract and devalues the token.) | |||||