Security Vulnerabilities - CVEs Published In December 2019
wolfSSL and wolfCrypt 4.1.0 and earlier (formerly known as CyaSSL) generate biased DSA nonces. This allows a remote attacker to compute the long term private key from several hundred DSA signatures via a lattice attack. The issue occurs because dsa.c fixes two bits of the generated nonces.
CVSS Score
5.3
EPSS Score
0.004
Published
2019-12-11
Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
CVSS Score
7.2
EPSS Score
0.011
Published
2019-12-11
Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to potentially bypass access controls such as the same-origin policy.
CVSS Score
4.8
EPSS Score
0.003
Published
2019-12-11
Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a server-side request forgery (SSRF) exploit, which is a type of issue that can let an attacker send crafted requests from the backend server of a vulnerable web application or access services available through the loopback interface.
CVSS Score
7.3
EPSS Score
0.009
Published
2019-12-11
Openshift has shell command injection flaws due to unsanitized data being passed into shell commands.
CVSS Score
8.8
EPSS Score
0.018
Published
2019-12-11
It is possible to bypass enshrined/svg-sanitize before 0.13.1 using the "xlink:href" attribute due to mishandling of the xlink namespace by the sanitizer.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-12-11
Foreman has improper input validation which could lead to partial Denial of Service
CVSS Score
5.3
EPSS Score
0.005
Published
2019-12-11
A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. This provides everything that is needed for an attacker to hijack active connections inside the VPN tunnel.
CVSS Score
7.4
EPSS Score
0.001
Published
2019-12-11
The review resource in Atlassian Fisheye and Crucible before version 4.7.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the name of a missing branch.
CVSS Score
4.8
EPSS Score
0.002
Published
2019-12-11
The /plugins/servlet/branchreview resource in Atlassian Fisheye and Crucible before version 4.7.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the reviewedBranch parameter.
CVSS Score
6.1
EPSS Score
0.005
Published
2019-12-11