Security Vulnerabilities - CVEs Published In November 2019
Pimcore before 6.2.2 allow attackers to brute-force (guess) valid usernames by using the 'forgot password' functionality as it returns distinct messages for invalid password and non-existing users.
CVSS Score
7.5
EPSS Score
0.0
Published
2019-11-15
Pimcore before 6.2.2 lacks an Access Denied outcome for a certain scenario of an incorrect recipient ID of a notification.
CVSS Score
9.8
EPSS Score
0.0
Published
2019-11-15
bundles/AdminBundle/Controller/Admin/EmailController.php in Pimcore before 6.3.0 allows script execution in the Email Log preview window because of the lack of a Content-Security-Policy header.
CVSS Score
6.1
EPSS Score
0.0
Published
2019-11-15
Pimcore before 6.2.2 lacks brute force protection for the 2FA token.
CVSS Score
9.8
EPSS Score
0.0
Published
2019-11-15
Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived over the same connection.
CVSS Score
9.8
EPSS Score
0.005
Published
2019-11-15
A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS or RCE. This affects Android versions prior to 2.19.274, iOS versions prior to 2.19.100, Enterprise Client versions prior to 2.25.3, Business for Android versions prior to 2.19.104 and Business for iOS versions prior to 2.19.100.
CVSS Score
7.8
EPSS Score
0.005
Published
2019-11-14
On Signify Philips Taolight Smart Wi-Fi Wiz Connected LED Bulb 9290022656 devices, an unprotected API lets remote users control the bulb's operation. Anyone can turn the bulb on or off, or change its color or brightness remotely. There is no authentication or encryption to use the control API. The only requirement is that the attacker have network access to the bulb.
CVSS Score
7.5
EPSS Score
0.001
Published
2019-11-14
An issue was discovered in the Espressif ESP32 mask ROM code 2016-06-08 0 through 2. Lack of anti-glitch mitigations in the first stage bootloader of the ESP32 chip allows an attacker (with physical access to the device) to read the contents of read-protected eFuses, such as flash encryption and secure boot keys, by injecting a glitch into the power supply of the chip shortly after reset.
CVSS Score
4.6
EPSS Score
0.002
Published
2019-11-14
A cross-site request forgery (CSRF) vulnerability in 3xLogic Infinias Access Control through 6.6.9586.0 allows remote attackers to execute malicious and unauthorized actions (e.g., delete application users) by sending a crafted HTML document or encoded URL to a user that the website trusts. The user needs to have an active privileged session.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-11-14
An issue was discovered in the rack-cors (aka Rack CORS Middleware) gem before 1.0.4 for Ruby. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format.
CVSS Score
5.3
EPSS Score
0.01
Published
2019-11-14