Security Vulnerabilities - CVEs Published In October 2019
In JetBrains Toolbox App before 1.15.5666 for Windows, privilege escalation was possible.
CVSS Score
7.3
EPSS Score
0.0
Published
2019-10-31
In JetBrains YouTrack before 2019.2.55152, removing tags from the issues list without the corresponding permission was possible.
CVSS Score
5.3
EPSS Score
0.0
Published
2019-10-31
A security vulnerability exists in a management port in the version of ZTE's ZXMP M721V3.10P01B10_M2NCP. An attacker could exploit this vulnerability to build a link to the device and send specific packets to cause a denial of service.
CVSS Score
5.7
EPSS Score
0.001
Published
2019-10-31
The 7520V3V1.0.0B09P27 version, and all earlier versions of ZTE product ZX297520V3 are impacted by a Command Injection vulnerability. Unauthorized users can exploit this vulnerability to control the user terminal system.
CVSS Score
8.0
EPSS Score
0.008
Published
2019-10-31
overkill has buffer overflow via long player names that can corrupt data on the server machine
CVSS Score
9.8
EPSS Score
0.007
Published
2019-10-31
python-docutils allows insecure usage of temporary files
CVSS Score
9.1
EPSS Score
0.004
Published
2019-10-31
burn allows file names to escape via mishandled quotation marks
CVSS Score
9.8
EPSS Score
0.004
Published
2019-10-31
Mumble: murmur-server has DoS due to malformed client query
CVSS Score
6.5
EPSS Score
0.005
Published
2019-10-31
In JetBrains TeamCity before 2019.1.4, reverse tabnabbing was possible on several pages.
CVSS Score
4.3
EPSS Score
0.0
Published
2019-10-31
In JetBrains TeamCity before 2019.1.2, secure values could be exposed to users with the "View build runtime parameters and data" permission.
CVSS Score
5.3
EPSS Score
0.0
Published
2019-10-31