Security Vulnerabilities - CVEs Published In November 2019
Mutt before 1.5.20 patch 7 allows an attacker to cause a denial of service via a series of requests to mutt temporary files.
CVSS Score
5.5
EPSS Score
0.001
Published
2019-11-01
cartridges/openshift-origin-cartridge-mongodb-2.2/info/bin/dump.sh in OpenShift does not properly create files in /tmp.
CVSS Score
7.3
EPSS Score
0.003
Published
2019-11-01
Insecure temporary file vulnerability in Redis before 2.6 related to /tmp/redis-%p.vm.
CVSS Score
5.5
EPSS Score
0.001
Published
2019-11-01
Insecure temporary file vulnerability in Redis 2.6 related to /tmp/redis.ds.
CVSS Score
5.5
EPSS Score
0.0
Published
2019-11-01
Multiple cross-site scripting (XSS) vulnerabilities in ManageIQ EVM allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.004
Published
2019-11-01
HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates.
CVSS Score
5.9
EPSS Score
0.004
Published
2019-11-01
Cross-site scripting (XSS) vulnerability in websieve v0.62 allows remote attackers to inject arbitrary web script or HTML code in the web user interface.
CVSS Score
6.1
EPSS Score
0.004
Published
2019-11-01
TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS on the backend.
CVSS Score
5.4
EPSS Score
0.005
Published
2019-11-01
TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Open Redirection on the backend.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-11-01
ovirt-engine 3.2 running on Linux kernel 3.1 and newer creates certain files world-writeable due to an upstream kernel change which impacted how python's os.chmod() works when passed a mode of '-1'.
CVSS Score
7.8
EPSS Score
0.001
Published
2019-11-01