Recent vulnerabilities and exploits

NA
CVE-2019-16671

An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. Remote authenticated users can crash a device with a special packet because of Uncontrolled Resource Consumption....

NA
CVE-2019-16673

An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. Passwords are stored in cleartext and can be read by anyone with access to the device....

NA
CVE-2019-16670

An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. The Authentication mechanism has no brute-force prevention....

NA
CVE-2012-2148

An issue exists in the property replacements feature in any descriptor in JBoxx AS 7.1.1 ignores java security policies...

NA
CVE-2018-7282

The username parameter of the TITool PrintMonitor solution during the login request is vulnerable to and/or time-based blind SQLi....

NA
CVE-2012-2092

A Security Bypass vulnerability exists in Ubuntu Cobbler before 2,2,2 in the cobbler-ubuntu-import script due to an error when verifying the GPG signature....

NA
CVE-2019-19552

In userman 13.0.76.43 through 15.0.20 in Sangoma FreePBX, XSS exists in the user management screen of the Administrator web site, i.e., the/admin/config.php?display=userman URI. An attacker with sufficient privileges can edit the Display Name of a user and embed malicious XSS...

NA
CVE-2019-19625

SROS 2 0.8.1 (which provides the tools that generate and distribute keys for Robot Operating System 2 and uses the underlying security plugins of DDS from ROS 2) leaks node information due to a leaky default configuration as indicated in the policy/defaults/dds/governance.xml...

NA
CVE-2019-19333

In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an...

NA
CVE-2019-11554

The Audible application through 2.34.0 for Android has Missing SSL Certificate Validation for Adobe SDKs, allowing MITM attackers to cause a denial of service....