Published Advisories

 

Our dedicated security labs help vendors improve the security of their solutions, that allows users to avoid cyber-attacks from the vulnerabilities that exist. The vulnerabilities are reported to vendors, and later released to the public through coordinated disclosure. The following is a list of all publicly disclosed vulnerabilities discovered by xen1thLabs researchers.

 

XID

CVE

Affected Vendor(s)

Published

 

XL-19-001

CVE-2019-1716

Cisco Systems

26 March 2019

                         Cisco IP Phone WebUI Remote Code Execution Vulnerability

 

XL-19-002

CVE-2019-10886

Sony

23 April 2019

                         Sony Smart TV Photo Sharing Plus Arbitrary File Read Vulnerability

 

XL-19-003

CVE-2019-11336

Sony

23 April 2019

                         Sony Smart TV Photo Sharing Plus Information Disclosure Vulnerability

 

XL-19-004

CVE-2019-7230

ABB (new.abb.com)

17 June 2019

                         ABB IDAL FTP Server Uncontrolled Format String Vulnerability

 

XL-19-005

CVE-2019-7229

ABB (new.abb.com)

17 June 2019

                         ABB HMI Absence of Signature Verification Vulnerability

​ 

XL-19-006

Multiple

ABB (new.abb.com)

17 June 2019

                         ABB HMI Outdated Software Components

 

XL-19-007

CVE-2019-7231

ABB (new.abb.com)

17 June 2019

                         ABB IDAL FTP Server Buffer Overflow Vulnerability

 

XL-19-008

CVE-2019-7227

ABB (new.abb.com)

17 June 2019

                         ABB IDAL FTP Server Path Traversal Vulnerability

 

XL-19-009

CVE-2019-7225

ABB (new.abb.com)

17 June 2019

                         ABB HMI Hardcoded Credentials Vulnerability

 

XL-19-010

CVE-2019-7226

ABB (new.abb.com)

17 June 2019

                         ABB IDAL HTTP Server Authentication Bypass Vulnerability

 

XL-19-011

CVE-2019-7232

ABB (new.abb.com)

17 June 2019

                         ABB IDAL HTTP Server Stack-Based Buffer Overflow Vulnerability

 

XL-19-012

CVE-2019-7228

ABB (new.abb.com)

17 June 2019

                         ABB IDAL HTTP Server Uncontrolled Format String Vulnerability 

XL-19-013

CVE-2019-11890

Sony

2 July 2019

                        Sony Remote Denial-of-Service Over Wifi / LAN / Internet Vulnerability

 

XL-19-014

CVE-2019-11889

Sony

2 July 2019

                        Sony Remote Denial-of-Service Triggered Over HbbTV Vulnerability

 

XL-19-015

CVE-2019-1922

Cisco Systems

9 July 2019

                        Cisco IP Phone SIP Denial of Service Vulnerability

 

XL-19-016

CVE-2019-10668

LibreNMS (www.librenms.org)

15 July 2019

                        LibreNMS Authentication Bypass Vulnerability

 

XL-19-017

CVE-2019-10669

LibreNMS (www.librenms.org)

15 July 2019

                        LibreNMS Command Injection Vulnerability

 

XL-19-018

CVE-2019-10667

LibreNMS (www.librenms.org)

15 July 2019

                        LibreNMS Information Disclosure Vulnerability

 

XL-19-019

CVE-2019-12464

LibreNMS (www.librenms.org)

15 July 2019

                        LibreNMS Limited Local File Inclusion via Directory Traversal Vulnerability

 

XL-19-020

CVE-2019-10666

LibreNMS (www.librenms.org)

15 July 2019

                        LibreNMS Limited Local File Inclusion via Directory Traversal Vulnerability

 

XL-19-021

CVE-2019-10670

LibreNMS (www.librenms.org)

15 July 2019

                        LibreNMS Multiple Reflected Cross Site Scripting Vulnerability

 

XL-19-022

CVE-2019-12463

LibreNMS (www.librenms.org)

15 July 2019

                        LibreNMS RRDtool Injection Vulnerability

 

XL-19-023

CVE-2019-10665

LibreNMS (www.librenms.org)

15 July 2019

                        LibreNMS RRDtool Injection Vulnerability

 

XL-19-024

CVE-2019-12465

LibreNMS (www.librenms.org)

15 July 2019

                        LibreNMS SQL Injection Vulnerability

 

XL-19-025

CVE-2019-10671

LibreNMS (www.librenms.org)

15 July 2019

                        LibreNMS Multiple SQL Injection Vulnerability