Lout 3.40 has a buffer overflow in the StringQuotedWord() function in z39.c.
CVE-2019-19918PUBLISHED: 2019-12-20Lout 3.40 has a heap-based buffer overflow in the srcnext() function in z02.c.
CVE-2019-19747PUBLISHED: 2019-12-20NeuVector 3.1 when configured to allow authentication via Active Directory, does not enforce non-empty passwords which allows an attacker with access to the Neuvector portal to authenticate as any valid LDAP user by providing a valid username and an empty password (provided that the active directory...
CVE-2019-4231PUBLISHED: 2019-12-20IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 159356.
CVE-2019-4555PUBLISHED: 2019-12-20IBM Cognos Analytics 11.0 and 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 166204.
Support the originator by clicking the read the rest link below.