Archive for November, 2019

CVE-2019-19269

An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. A dereference of a NULL pointer may occur. This pointer is returned by the OpenSSL sk_X509_REVOKED_value() function when encountering an empty CRL installed by a system administrator. The dereference occurs when validating the certificate of a client connecting to the server in a TLS client/server mutual-authentication setup.
Source: NIST
CVE-2019-19269

CVE-2019-19468

Free Photo Viewer 1.3 allows remote attackers to execute arbitrary code via a crafted BMP and/or TIFF file that triggers a malformed SEH, as demonstrated by a 0012ECB4 FreePhot.00425642 42200008 corrupt entry.
Source: NIST
CVE-2019-19468

CVE-2019-19464

The CBC Gem application before 9.24.1 for Android and before 9.26.0 for iOS has Unencrypted Analytics.
Source: NIST
CVE-2019-19464

CVE-2019-19463

The Anhui Huami Mi Fit application before 4.0.11 for Android has an Unencrypted Update Check.
Source: NIST
CVE-2019-19463

CVE-2013-7484

Zabbix before 5.0 represents passwords in the users table with unsalted MD5.
Source: NIST
CVE-2013-7484

CVE-2019-19462

relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result.
Source: NIST
CVE-2019-19462

CVE-2019-19451

When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid codepoint in the current encoding, it enters an endless loop, thus endlessly writing text to stdout. If this launch is from a thumbnailer service, this output will usually be written to disk via the system’s logging facility (potentially with elevated privileges), thus filling up the disk and eventually rendering the system unusable. (The filename can be for a nonexistent file.) NOTE: this does not affect an upstream release, but affects certain Linux distribution packages with version numbers such as 0.97.3.
Source: NIST
CVE-2019-19451

CVE-2019-19396

illumos, as used in OmniOS Community Edition before r151030y, allows a kernel crash via an application with multiple threads calling sendmsg concurrently over a single socket, because uts/common/inet/ip/ip_attr.c mishandles conn_ixa dereferences.
Source: NIST
CVE-2019-19396

CVE-2014-3591

Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server’s private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during multiplication.
Source: NIST
CVE-2014-3591

CVE-2015-0837

The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during modular exponentiation, related to a “Last-Level Cache Side-Channel Attack.”
Source: NIST
CVE-2015-0837