Security Vulnerabilities - CVEs Published In July 2019
A cross-site scripting (XSS) vulnerability in upload.php in SunHater KCFinder 3.20-test1, 3.20-test2, 3.12, and earlier allows remote attackers to inject arbitrary web script or HTML via the CKEditorFuncNum parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-07-28
Veeam ONE Reporter 9.5.0.3201 allows XSS via the Add/Edit Widget with a crafted Caption field to setDashboardWidget in CommonDataHandlerReadOnly.ashx.
CVSS Score
5.4
EPSS Score
0.002
Published
2019-07-27
Veeam ONE Reporter 9.5.0.3201 allows XSS via a crafted Description(config) field to addDashboard or editDashboard in CommonDataHandlerReadOnly.ashx.
CVSS Score
5.4
EPSS Score
0.002
Published
2019-07-27
In the Linux kernel before 2.6.34, a range check issue in drivers/gpu/drm/radeon/atombios.c could cause an off by one (buffer overflow) problem. NOTE: At least one Linux maintainer believes that this CVE is incorrectly assigned and should be rejected because the value is hard coded and are not user-controllable where it is used
CVSS Score
7.8
EPSS Score
0.001
Published
2019-07-27
In the Linux kernel before 2.6.37, an out of bounds array access happened in drivers/net/mlx4/port.c. When searching for a free entry in either mlx4_register_vlan() or mlx4_register_mac(), and there is no free entry, the loop terminates without updating the local variable free thus causing out of array bounds access.
CVSS Score
5.6
EPSS Score
0.001
Published
2019-07-27
In the Linux kernel before 3.1, an off by one in the drivers/target/loopback/tcm_loop.c tcm_loop_make_naa_tpg() function could result in at least memory corruption.
CVSS Score
9.8
EPSS Score
0.006
Published
2019-07-27
In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption.
CVSS Score
9.8
EPSS Score
0.008
Published
2019-07-27
In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size for a DiSEqC command is 6, according to the userspace API. However, the code allows larger values such as 23.
CVSS Score
5.5
EPSS Score
0.001
Published
2019-07-27
In the Linux kernel before 4.9.6, there is an off by one in the drivers/mtd/spi-nor/cadence-quadspi.c cqspi_setup_flash() function. There are CQSPI_MAX_CHIPSELECT elements in the ->f_pdata array so the ">" should be ">=" instead.
CVSS Score
9.8
EPSS Score
0.008
Published
2019-07-27
In the Linux kernel before 4.14, an out of boundary access happened in drivers/nvme/target/fc.c.
CVSS Score
9.8
EPSS Score
0.008
Published
2019-07-27