US-CERT - Vulnerability Summary for the Week of August 12, 2019

Original release date: August 19, 2019

The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available

High Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
foliovision -- fv_flowplayer_video_player The FV Flowplayer Video Player plugin before 7.3.15.727 for WordPress allows email subscription SQL injection. 2019-08-09 7.5 CVE-2019-14801
MISC
frappe -- frappe An issue was discovered in Frappe Framework 10 through 12 before 12.0.4. A server side template injection (SSTI) issue exists. 2019-08-12 7.5 CVE-2019-14965
MISC
MISC
MISC
MISC
MISC
MISC
hashicorp -- nomad HashiCorp Nomad 0.9.0 through 0.9.1 has Incorrect Access Control via the exec driver. 2019-08-12 10.0 CVE-2019-12618
MISC
MISC
CONFIRM
hp -- 3par_storeserv_management_console A remote authorization bypass vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. 2019-08-09 10.0 CVE-2019-5402
CONFIRM
hp -- 3par_storeserv_management_console A remote script injection vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. 2019-08-09 8.7 CVE-2019-5404
CONFIRM
hp -- 3par_storeserv_management_console A remote session reuse vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. 2019-08-09 9.0 CVE-2019-5406
CONFIRM
imagely -- nextgen_gallery The nextgen-gallery plugin before 2.1.57 for WordPress has SQL injection via a gallery name. 2019-08-14 7.5 CVE-2016-10889
MISC
microsoft -- office A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1152. 2019-08-14 9.3 CVE-2019-1151
MISC
MISC
microsoft -- windows_10 A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152. 2019-08-14 9.3 CVE-2019-1144
MISC
MISC
microsoft -- windows_10 A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1151, CVE-2019-1152. 2019-08-14 9.3 CVE-2019-1150
MISC
MISC
MISC
microsoft -- windows_10 A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151. 2019-08-14 9.3 CVE-2019-1152
MISC
MISC
newstatpress_project -- newstatpress The newstatpress plugin before 1.0.5 for WordPress has SQL injection related to an IMG element. 2019-08-14 7.5 CVE-2015-9313
MISC
newstatpress_project -- newstatpress The newstatpress plugin before 1.0.1 for WordPress has SQL injection. 2019-08-14 7.5 CVE-2015-9315
MISC
txjia -- imcat An issue was discovered in imcat 4.9. There is SQL Injection via the index.php order parameter in a mod=faqs action. 2019-08-12 7.5 CVE-2019-14968
MISC
veronalabs -- wp_statistics The wp-statistics plugin before 12.0.8 for WordPress has SQL injection. 2019-08-14 7.5 CVE-2017-18515
MISC
wp-events-plugin -- events_manager The events-manager plugin before 5.6 for WordPress has code injection. 2019-08-13 7.5 CVE-2015-9298
MISC
Back to top

 

Medium Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
10web -- photo_gallery The 10Web Photo Gallery plugin before 1.5.25 for WordPress has Authenticated Local File Inclusion via directory traversal in the wp-admin/admin-ajax.php?action=shortcode_bwg tagtext parameter. 2019-08-09 4.0 CVE-2019-14798
MISC
MISC
MISC
23systems -- lightbox_plus_colorbox The Lightbox Plus Colorbox plugin through 2.7.2 for WordPress has cross-site request forgery (CSRF) via wp-admin/admin.php?page=lightboxplus, as demonstrated by resultant width XSS. 2019-08-09 4.3 CVE-2016-10865
MISC
MISC
atlassian -- jira The inline-create rest resource in Jira before version 7.12.3 allows authenticated remote attackers to set the reporter in issues via a missing authorisation check. 2019-08-09 4.0 CVE-2018-20826
MISC
axiosys -- bento4 An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the function AP4_BitReader::SkipBits at Core/Ap4Utils.cpp. 2019-08-14 6.8 CVE-2019-15047
MISC
axiosys -- bento4 An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer overflow in the AP4_RtpAtom class at Core/Ap4RtpAtom.cpp. 2019-08-14 6.8 CVE-2019-15048
MISC
axiosys -- bento4 An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_Dec3Atom class at Core/Ap4Dec3Atom.cpp. 2019-08-14 6.8 CVE-2019-15049
MISC
axiosys -- bento4 An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_AvccAtom class at Core/Ap4AvccAtom.cpp. 2019-08-14 6.8 CVE-2019-15050
MISC
backup-guard -- backup_guard The Backup Guard plugin before 1.1.47 for WordPress has multiple XSS issues. 2019-08-13 4.3 CVE-2017-18488
MISC
bestwebsoft -- contact_form The contact-form-plugin plugin before 3.52 for WordPress has XSS. 2019-08-13 4.3 CVE-2013-7475
MISC
bestwebsoft -- contact_form The contact-form-plugin plugin before 3.96 for WordPress has XSS. 2019-08-13 4.3 CVE-2015-9295
MISC
bestwebsoft -- contact_form The contact-form-plugin plugin before 4.0.2 for WordPress has XSS. 2019-08-13 4.3 CVE-2016-10869
MISC
bestwebsoft -- contact_form The contact-form-plugin plugin before 4.0.6 for WordPress has multiple XSS issues. 2019-08-13 4.3 CVE-2017-18491
MISC
bestwebsoft -- contact_form_to_db The contact-form-to-db plugin before 1.5.7 for WordPress has multiple XSS issues. 2019-08-13 4.3 CVE-2017-18492
MISC
bestwebsoft -- custom_search The custom-search-plugin plugin before 1.36 for WordPress has multiple XSS issues. 2019-08-13 4.3 CVE-2017-18494
MISC
bestwebsoft -- htaccess The htaccess plugin before 1.7.6 for WordPress has multiple XSS issues. 2019-08-13 4.3 CVE-2017-18496
MISC
bestwebsoft -- social_buttons_pack The social-buttons-pack plugin before 1.1.1 for WordPress has multiple XSS issues. 2019-08-12 4.3 CVE-2017-18500
MISC
bestwebsoft -- social_login The social-login-bws plugin before 0.2 for WordPress has multiple XSS issues. 2019-08-12 4.3 CVE-2017-18501
MISC
bestwebsoft -- subscriber The subscriber plugin before 1.3.5 for WordPress has multiple XSS issues. 2019-08-12 4.3 CVE-2017-18502
MISC
bestwebsoft -- twitter_button The twitter-plugin plugin before 2.55 for WordPress has XSS. 2019-08-12 4.3 CVE-2017-18505
MISC
codepeople -- appointment_booking_calendar The Appointment Booking Calendar plugin 1.3.18 for WordPress allows XSS via the wp-admin/admin-post.php editionarea parameter. 2019-08-09 4.3 CVE-2019-14791
MISC
MISC
MISC
codepeople -- contact_form_email The contact-form-to-email plugin before 1.2.66 for WordPress has XSS. 2019-08-13 4.3 CVE-2018-20963
MISC
codepeople -- contact_form_email The contact-form-to-email plugin before 1.2.66 for WordPress has CSRF. 2019-08-13 6.8 CVE-2018-20964
MISC
edx -- recommender Recommender before 2018-07-18 allows XSS. 2019-08-09 4.3 CVE-2018-20858
MISC
CONFIRM
exiv2 -- exiv2 In Exiv2 before v0.27.2, there is an integer overflow vulnerability in the WebPImage::getHeaderOffset function in webpimage.cpp. It can lead to a buffer overflow vulnerability and a crash. 2019-08-12 4.3 CVE-2019-14982
MISC
MISC
MISC
flippercode -- google_map The wp-google-map-plugin plugin before 2.3.7 for WordPress has XSS related to the add_query_arg() and remove_query_arg() functions. 2019-08-12 4.3 CVE-2015-9305
MISC
flippercode -- google_map The wp-google-map-plugin plugin before 3.1.2 for WordPress has XSS. 2019-08-12 4.3 CVE-2016-10878
MISC
foliovision -- fv_flowplayer_video_player The FV Flowplayer Video Player plugin before 7.3.14.727 for WordPress allows email subscription XSS. 2019-08-09 4.3 CVE-2019-14799
MISC
MISC
frappe -- frappe An issue was discovered in Frappe Framework 10 through 12 before 12.0.4. There exists an authenticated SQL injection. 2019-08-12 6.5 CVE-2019-14966
MISC
MISC
MISC
MISC
MISC
MISC
frappe -- frappe An issue was discovered in Frappe Framework 10, 11 before 11.1.46, and 12. There exists an XSS vulnerability. 2019-08-12 4.3 CVE-2019-14967
MISC
MISC
MISC
hp -- 3par_storeserv_management_console A remote authorization bypass vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. 2019-08-09 5.0 CVE-2019-5405
CONFIRM
hp -- 3par_storeserv_management_console A remote information disclosure vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. 2019-08-09 6.5 CVE-2019-5407
CONFIRM
huawei -- pcmanager PCManager 9.1.3.1 has an improper authentication vulnerability. The certain driver interface of the software does not perform a validation of user-mode data properly, successful exploit could result in malicious code execution. 2019-08-13 6.8 CVE-2019-5223
CONFIRM
ibericode -- mailchimp The mailchimp-for-wp plugin before 4.0.11 for WordPress has XSS on the integration settings page. 2019-08-13 4.3 CVE-2016-10871
MISC
icmsdev -- icms iCMS 7.0.15 allows admincp.php?app=apps XSS via the keywords parameter. 2019-08-12 4.3 CVE-2019-14976
MISC
imagemagick -- imagemagick In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file. 2019-08-12 4.3 CVE-2019-14980
MISC
MISC
MISC
MISC
imagemagick -- imagemagick In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file. 2019-08-12 4.3 CVE-2019-14981
MISC
MISC
MISC
istio -- istio Istio before 1.1.13 and 1.2.x before 1.2.4 mishandles regular expressions for long URIs, leading to a denial of service during use of the JWT, VirtualService, HTTPAPISpecBinding, or QuotaSpecBinding API. 2019-08-13 5.0 CVE-2019-14993
MISC
MISC
MISC
CONFIRM
kunena -- kunena The Kunena extension before 5.1.14 for Joomla! allows XSS via BBCode. 2019-08-16 4.3 CVE-2019-15120
MISC
MISC
lansweeper -- lansweeper Lansweeper before 7.1.117.4 allows unauthenticated SQL injection. 2019-08-12 6.4 CVE-2019-13462
MISC
MISC
mediaburst -- gravity_forms The gravity-forms-sms-notifications plugin before 2.4.0 for WordPress has XSS. 2019-08-13 4.3 CVE-2017-18495
MISC
mediawiki -- mediawiki In the MobileFrontend extension 1.31 through 1.33 for MediaWiki, XSS exists within the edit summary field in includes/specials/MobileSpecialPageFeed.php. 2019-08-09 4.3 CVE-2019-14807
CONFIRM
MISC
metabox -- meta_box The Meta Box plugin before 4.16.3 for WordPress allows file deletion via ajax, with the wp-admin/admin-ajax.php?action=rwmb_delete_file attachment_id parameter. 2019-08-09 5.5 CVE-2019-14793
MISC
MISC
metabox -- meta_box The Meta Box plugin before 4.16.2 for WordPress mishandles the uploading of files to custom folders. 2019-08-09 5.0 CVE-2019-14794
MISC
netapp -- oncommand_insight OnCommand Insight versions through 7.3.6 may disclose sensitive account information to an authenticated user. 2019-08-09 4.0 CVE-2019-5498
CONFIRM
never5 -- download_monitor The download-monitor plugin before 1.7.1 for WordPress has XSS related to add_query_arg. 2019-08-13 4.3 CVE-2015-9296
MISC
newstatpress_project -- newstatpress The newstatpress plugin before 1.0.6 for WordPress has reflected XSS. 2019-08-14 4.3 CVE-2015-9311
MISC
newstatpress_project -- newstatpress The newstatpress plugin before 1.0.5 for WordPress has XSS related to an IMG element. 2019-08-14 4.3 CVE-2015-9312
MISC
newstatpress_project -- newstatpress The newstatpress plugin before 1.0.4 for WordPress has XSS related to the Referer header. 2019-08-14 4.3 CVE-2015-9314
MISC
palletsprojects -- werkzeug Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker containers share the same machine id. 2019-08-09 5.0 CVE-2019-14806
MISC
MISC
MISC
php -- php When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. 2019-08-09 6.8 CVE-2019-11041
CONFIRM
MLIST
UBUNTU
UBUNTU
php -- php When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. 2019-08-09 6.8 CVE-2019-11042
CONFIRM
MLIST
UBUNTU
UBUNTU
presstigers -- simple_job_board The simple-job-board plugin before 2.4.4 for WordPress has reflected XSS via keyword search. 2019-08-13 4.3 CVE-2017-18498
MISC
siemens -- siprotec_5_firmware Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. There is an IPNET security vulnerability: Heap overflow in DHCP Offer/ACK parsing inside ipdhcpc. 2019-08-09 5.8 CVE-2019-12257
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
CONFIRM
simple-membership-plugin -- simple_membership The simple-membership plugin before 3.5.7 for WordPress has XSS. 2019-08-12 4.3 CVE-2017-18499
MISC
tipsandtricks-hq -- all_in_one_wp_security_&_firewall The all-in-one-wp-security-and-firewall plugin before 3.9.8 for WordPress has XSS in the unlock request feature. 2019-08-13 4.3 CVE-2015-9293
MISC
tipsandtricks-hq -- all_in_one_wp_security_&_firewall The all-in-one-wp-security-and-firewall plugin before 3.9.5 for WordPress has XSS in add_query_arg and remove_query_arg function instances. 2019-08-13 4.3 CVE-2015-9294
MISC
tipsandtricks-hq -- all_in_one_wp_security_&_firewall The all-in-one-wp-security-and-firewall plugin before 4.2.0 for WordPress has multiple XSS issues. 2019-08-13 4.3 CVE-2016-10866
MISC
tipsandtricks-hq -- all_in_one_wp_security_&_firewall The all-in-one-wp-security-and-firewall plugin before 4.0.6 for WordPress has XSS in settings pages. 2019-08-13 4.3 CVE-2016-10867
MISC
tipsandtricks-hq -- all_in_one_wp_security_&_firewall The all-in-one-wp-security-and-firewall plugin before 4.0.5 for WordPress has XSS in the blacklist, file system, and file change detection settings pages. 2019-08-13 4.3 CVE-2016-10868
MISC
ultimatemember -- ultimate_member The ultimate-member plugin before 1.3.18 for WordPress has XSS via text input. 2019-08-12 4.3 CVE-2015-9304
MISC
ultimatemember -- ultimate_member The ultimate-member plugin before 1.3.40 for WordPress has XSS on the login form. 2019-08-12 4.3 CVE-2016-10872
MISC
ultimatemember -- ultimate_member The ultimate-member plugin before 2.0.4 for WordPress has XSS. 2019-08-12 4.3 CVE-2018-20965
MISC
w3eden -- live_forms The liveforms plugin before 3.4.0 for WordPress has XSS. 2019-08-13 4.3 CVE-2017-18497
MISC
webkul -- bagisto Bagisto 0.1.5 allows CSRF under /admin URIs. 2019-08-11 6.8 CVE-2019-14933
MISC
MISC
wp-events-plugin -- events_manager The events-manager plugin before 5.6 for WordPress has XSS. 2019-08-13 4.3 CVE-2015-9297
MISC
wp-events-plugin -- events_manager The events-manager plugin before 5.5.7.1 for WordPress has DOM XSS. 2019-08-13 4.3 CVE-2015-9299
MISC
wp-events-plugin -- events_manager The events-manager plugin before 5.5.7 for WordPress has multiple XSS issues. 2019-08-13 4.3 CVE-2015-9300
MISC
wp-jobmanager -- job_manager The job-manager plugin before 0.7.19 for WordPress has multiple XSS issues. 2019-08-13 4.3 CVE-2012-6713
MISC
wp-livechat -- wp_live_chat_support The wp-live-chat-support plugin before 6.2.02 for WordPress has XSS. 2019-08-12 4.3 CVE-2016-10879
MISC
wp-livechat -- wp_live_chat_support The wp-live-chat-support plugin before 7.1.05 for WordPress has XSS. 2019-08-13 4.3 CVE-2017-18507
MISC
wp-livechat -- wp_live_chat_support The wp-live-chat-support plugin before 7.1.03 for WordPress has XSS. 2019-08-12 4.3 CVE-2017-18508
MISC
wp-livechat -- wp_live_chat_support The wp-live-chat-support plugin before 8.0.27 for WordPress has XSS via the GDPR page. 2019-08-12 4.3 CVE-2019-14950
MISC
wp_editor_project -- wp_editor The wp-editor plugin before 1.2.6.3 for WordPress has multiple XSS issues. 2019-08-12 4.3 CVE-2016-10877
MISC
wpdeveloper -- twitter_cards_meta The twitter-cards-meta plugin before 2.5.0 for WordPress has XSS. 2019-08-12 4.3 CVE-2017-18503
MISC
wpdeveloper -- twitter_cards_meta The twitter-cards-meta plugin before 2.5.0 for WordPress has CSRF. 2019-08-12 6.8 CVE-2017-18504
MISC
wpseeds -- wp_database_backup The wp-database-backup plugin before 4.3.3 for WordPress has XSS. 2019-08-12 4.3 CVE-2016-10873
MISC
wpseeds -- wp_database_backup The wp-database-backup plugin before 4.3.3 for WordPress has CSRF. 2019-08-12 6.8 CVE-2016-10874
MISC
wpseeds -- wp_database_backup The wp-database-backup plugin before 4.3.1 for WordPress has XSS. 2019-08-12 4.3 CVE-2016-10875
MISC
wpseeds -- wp_database_backup The wp-database-backup plugin before 4.3.1 for WordPress has CSRF. 2019-08-12 6.8 CVE-2016-10876
MISC
wpseeds -- wp_database_backup The wp-database-backup plugin before 5.1.2 for WordPress has XSS. 2019-08-12 4.3 CVE-2019-14949
MISC
Back to top

 

Low Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
10web -- photo_gallery The 10Web Photo Gallery plugin before 1.5.23 for WordPress has authenticated stored XSS. 2019-08-09 3.5 CVE-2019-14797
MISC
atlassian -- jira The activity stream gadget in Jira before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the country parameter. 2019-08-09 3.5 CVE-2018-20827
MISC
codecabin -- wp_google_maps The WP Google Maps plugin before 7.11.35 for WordPress allows XSS via the wp-admin/ rectangle_name or rectangle_opacity parameter. 2019-08-09 3.5 CVE-2019-14792
MISC
MISC
MISC
codepeople -- cp_contact_form_with_paypal The "CP Contact Form with PayPal" plugin before 1.2.99 for WordPress has XSS in the publishing wizard via the wp-admin/admin.php?page=cp_contact_form_paypal.php&pwizard=1 cp_contactformpp_id parameter. 2019-08-09 3.5 CVE-2019-14785
MISC
MISC
hp -- 3par_storeserv_management_console A remote multiple cross-site scripting vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. 2019-08-09 3.5 CVE-2019-5403
CONFIRM
mq-woocommerce-products-price-bulk-edit_project -- mq-woocommerce-products-price-bulk-edit The mq-woocommerce-products-price-bulk-edit (aka Woocommerce Products Price Bulk Edit) plugin 2.0 for WordPress allows XSS via the wp-admin/admin-ajax.php?action=update_options show_products_page_limit parameter. 2019-08-09 3.5 CVE-2019-14796
MISC
MISC
schben -- framework Adive Framework through 2.0.7 is affected by XSS in the Create New Table and Create New Navigation Link functions. 2019-08-13 3.5 CVE-2019-14987
MISC
tribulant -- newsletters The Tribulant Newsletters plugin before 4.6.19 for WordPress allows XSS via the wp-admin/admin-ajax.php?action=newsletters_load_new_editor contentarea parameter. 2019-08-09 3.5 CVE-2019-14787
MISC
MISC
ultimatemember -- ultimate_member The ultimate-member plugin before 2.0.54 for WordPress has XSS. 2019-08-12 3.5 CVE-2019-14945
MISC
MISC
ultimatemember -- ultimate_member The ultimate-member plugin before 2.0.52 for WordPress has XSS related to UM Roles create and edit operations. 2019-08-12 3.5 CVE-2019-14946
MISC
MISC
ultimatemember -- ultimate_member The ultimate-member plugin before 2.0.52 for WordPress has XSS during an account upgrade. 2019-08-12 3.5 CVE-2019-14947
MISC
MISC
una -- una studio/polyglot.php?page=etemplates in UNA 10.0.0-RC1 allows XSS via the System Name field under Emails during template editing. 2019-08-09 3.5 CVE-2019-14804
MISC
MISC
MISC
una -- una studio/builder_menu.php?page=sets in UNA 10.0.0-RC1 allows XSS via the System Name field under Sets during set editing. 2019-08-09 3.5 CVE-2019-14805
MISC
MISC
Back to top

 

Severity Not Yet Assigned

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
20-20 -- storage An issue was discovered in 20|20 Storage 2.11.0. A Path Traversal vulnerability in the TwentyTwenty.Storage library in the LocalStorageProvider allows creating and reading files outside of the specified basepath. If the application using this library does not sanitize user-supplied filenames, then this issue may be exploited to read or write arbitrary files. This affects LocalStorageProvider.cs. 2019-08-13 not yet calculated CVE-2019-12479
MISC
3cx -- 3cx_windows_client 3CX Phone 15 on Windows has insecure permissions on the "%PROGRAMDATA%\3CXPhone for Windows\PhoneApp" installation directory, allowing Full Control access for Everyone, and leading to privilege escalation because of a StartUp link. 2019-08-11 not yet calculated CVE-2019-14935
MISC
3s-smart_software_solutions -- codesys_products An issue was discovered in 3S-Smart CODESYS V3 products. The CODESYS Gateway does not correctly verify the ownership of a communication channel. All variants of the following CODESYS V3 products in all versions prior to v3.5.14.20 that contain the CmpGateway component are affected, regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control V3 Runtime System Toolkit, CODESYS Gateway V3, CODESYS V3 Development System. 2019-08-15 not yet calculated CVE-2019-9010
MISC
3s-smart_software_solutions -- codesys_products An issue was discovered in 3S-Smart CODESYS V3 products. A crafted communication request may cause uncontrolled memory allocations in the affected CODESYS products and may result in a denial-of-service condition. All variants of the following CODESYS V3 products in all versions prior to v3.5.14.20 that contain the CmpGateway component are affected, regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control V3 Runtime System Toolkit, CODESYS Gateway V3, CODESYS V3 Development System. 2019-08-15 not yet calculated CVE-2019-9012
MISC
3s-smart_software_solutions -- codesys_products An issue was discovered in 3S-Smart CODESYS V3 products. The application may utilize non-TLS based encryption, which results in user credentials being insufficiently protected during transport. All variants of the following CODESYS V3 products in all versions containing the CmpUserMgr component are affected regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control RTE V3, CODESYS Control RTE V3 (for Beckhoff CX), CODESYS Control Win V3 (also part of the CODESYS Development System setup), CODESYS V3 Simulation Runtime (part of the CODESYS Development System), CODESYS Control V3 Runtime System Toolkit, CODESYS HMI V3. 2019-08-15 not yet calculated CVE-2019-9013
MISC
adobe -- after_effects Adobe After Effects versions 16 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-08-14 not yet calculated CVE-2019-8062
CONFIRM
adobe -- character_animator Adobe Character Animator versions 2.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-08-14 not yet calculated CVE-2019-7870
CONFIRM
adobe -- creative_cloud_desktop_application Creative Cloud Desktop Application 4.6.1 and earlier versions have an insecure transmission of sensitive data vulnerability. Successful exploitation could lead to information leakage. 2019-08-16 not yet calculated CVE-2019-8063
CONFIRM
adobe -- creative_cloud_desktop_application Creative Cloud Desktop Application versions 4.6.1 and earlier have a security bypass vulnerability. Successful exploitation could lead to denial of service. 2019-08-16 not yet calculated CVE-2019-7957
CONFIRM
adobe -- creative_cloud_desktop_application Creative Cloud Desktop Application versions 4.6.1 and earlier have an insecure inherited permissions vulnerability. Successful exploitation could lead to privilege escalation. 2019-08-16 not yet calculated CVE-2019-7958
CONFIRM
adobe -- creative_cloud_desktop_application Creative Cloud Desktop Application versions 4.6.1 and earlier have a using components with known vulnerabilities vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-08-16 not yet calculated CVE-2019-7959
CONFIRM
adobe -- experience_manager Adobe Experience Manager versions 6.5, and 6.4 have an authentication bypass vulnerability. Successful exploitation could lead to remote code execution. 2019-08-16 not yet calculated CVE-2019-7964
CONFIRM
adobe -- prelude_cc Adobe Prelude CC versions 8.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-08-14 not yet calculated CVE-2019-7961
CONFIRM
adobe -- premiere_pro_cc Adobe Premiere Pro CC versions 13.1.2 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to arbitrary code execution. 2019-08-14 not yet calculated CVE-2019-7931
CONFIRM
altools -- altools_update_service ALTOOLS update service 18.1 and earlier versions contains a local privilege escalation vulnerability due to insecure permission. An attacker can overwrite an executable that is launched as a service to exploit this vulnerability and execute arbitrary code with system privileges. 2019-08-13 not yet calculated CVE-2019-12808
MISC
alzip -- alzip Alzip 10.83 and earlier version contains a stack-based buffer overflow vulnerability, caused by improper bounds checking during the parsing of crafted ISO archive file format. By persuading a victim to open a specially-crafted ISO archive file, an attacker could execution arbitrary code. 2019-08-13 not yet calculated CVE-2019-12807
MISC
MISC
arista -- cloudvision_portal Arista CloudVision Portal through 2018.1.1 has Incorrect Permissions. 2019-08-15 not yet calculated CVE-2018-12357
MISC
CONFIRM
arista -- eos Arista EOS through 4.21.0F allows a crash because 802.1x authentication is mishandled. 2019-08-15 not yet calculated CVE-2018-14008
MISC
CONFIRM

artica -- integria_ims

filemgr.php in Artica Integria IMS 5.0.86 allows index.php?sec=wiki&sec2=operation/wiki/wiki&action=upload arbitrary file upload. 2019-08-16 not yet calculated CVE-2019-15091
MISC
artiflex -- mupdf Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_chartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string. 2019-08-14 not yet calculated CVE-2019-14975
MISC
MISC
atlassian -- confluence_server The "HTML Include and replace macro" plugin before 1.5.0 for Confluence Server allows a bypass of the includeScripts=false XSS protection mechanism via vectors involving an IFRAME element. 2019-08-14 not yet calculated CVE-2019-15053
MISC
atlassian -- jira_server_and_data_center There was a server-side template injection vulnerability in Jira Server and Data Center, in the ContactAdministrators and the SendBulkMail actions. An attacker is able to remotely execute code on systems that run a vulnerable version of Jira Server or Data Center. All versions of Jira Server and Data Center from 4.4.0 before 7.6.14, from 7.7.0 before 7.13.5, from 8.0.0 before 8.0.3, from 8.1.0 before 8.1.2, and from 8.2.0 before 8.2.3 are affected by this vulnerability. 2019-08-09 not yet calculated CVE-2019-11581
MISC
bluetooth -- bluetooth_br/edr The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing. 2019-08-14 not yet calculated CVE-2019-9506
FULLDISC
FULLDISC
FULLDISC
FULLDISC
MISC
CONFIRM
CERT-VN
MISC
cloud_foundry -- uaa Cloud Foundry UAA, versions prior to 74.0.0, is vulnerable to an XSS attack. A remote unauthenticated malicious attacker could craft a URL that contains a SCIM filter that contains malicious JavaScript, which older browsers may execute. 2019-08-09 not yet calculated CVE-2019-11274
CONFIRM
cms_clipper -- cms_clipper CMS Clipper 1.3.3 has XSS in the Security tab search, User Groups, Resource Groups, and User/Resource Group Links fields. 2019-08-15 not yet calculated CVE-2018-12101
MISC
MISC
MISC
cnlh -- nps lib/install/install.go in cnlh nps through 0.23.2 uses 0777 permissions for /usr/local/bin/nps and/or /usr/bin/nps, leading to a file overwrite by a local user. 2019-08-16 not yet calculated CVE-2019-15119
MISC
MISC
cospas-sarsat -- cospas-sarsat The COSPAS-SARSAT protocol allows remote attackers to forge messages, replay encrypted messages, conduct denial of service attacks, and send private messages (unrelated to distress alerts) via a crafted 406 MHz digital signal. 2019-08-15 not yet calculated CVE-2018-14062
MISC
MISC
dell -- dell_digital_delivery_and_alienware_digital_delivery Dell/Alienware Digital Delivery versions prior to 4.0.41 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a Universal Windows Platform application by manipulating the install software package feature with a race condition and a path traversal exploit in order to run a malicious executable with elevated privileges. 2019-08-09 not yet calculated CVE-2019-3744
FULLDISC
dell -- dell_digital_delivery_and_alienware_digital_delivery Dell/Alienware Digital Delivery versions prior to 3.5.2013 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a named pipe that performs binary deserialization via a process hollowing technique to inject malicous code to run an executable with elevated privileges. 2019-08-09 not yet calculated CVE-2019-3742
FULLDISC
delta_electronics -- delta_industrial_automation_dopsoft In Delta Industrial Automation DOPSoft, Version 4.00.06.15 and prior, processing a specially crafted project file may trigger multiple out-of-bounds read vulnerabilities, which may allow information disclosure, remote code execution, or crash of the application. 2019-08-15 not yet calculated CVE-2019-13513
MISC
MISC
MISC
MISC
MISC
MISC
delta_electronics -- delta_industrial_automation_dopsoft In Delta Industrial Automation DOPSoft, Version 4.00.06.15 and prior, processing a specially crafted project file may trigger a use-after-free vulnerability, which may allow information disclosure, remote code execution, or crash of the application. 2019-08-15 not yet calculated CVE-2019-13514
MISC
MISC
dolibarr -- dolibarr An issue was discovered in Dolibarr 11.0.0-alpha. A user can store an IFRAME element (containing a user/card.php CSRF request) in his Linked Files settings page. When visited by the admin, this could completely take over the admin account. (The protection mechanism for CSRF is to check the Referer header; however, because the attack is from one of the application's own settings pages, this mechanism is bypassed.) 2019-08-14 not yet calculated CVE-2019-15062
MISC
MISC
dwsurvey -- dwsurvey DWSurvey through 2019-07-22 has reflected XSS via the design/qu-multi-fillblank!answers.action surveyId parameter. 2019-08-15 not yet calculated CVE-2019-15095
MISC
eclipse_foundation -- birt In Eclipse BIRT versions 1.0 to 4.7, the Report Viewer allows Reflected XSS in URL parameter. Attacker can execute the payload in victim's browser context. 2019-08-09 not yet calculated CVE-2019-11776
CONFIRM
eq-3 -- homematic_ccu2_and_ccu3_devices eQ-3 Homematic CCU2 and CCU3 obtain session IDs without login. This allows a Denial of Service and is a starting point for other attacks. Affected versions for CCU2: 2.35.16, 2.41.5, 2.41.8, 2.41.9, 2.45.6, 2.45.7, 2.47.10, 2.47.12, 2.47.15. Affected versions for CCU3: 3.41.11, 3.43.16, 3.45.5, 3.45.7, 3.47.10, 3.47.15. 2019-08-14 not yet calculated CVE-2019-9583
MISC
MISC
eq-3 -- homematic_ccu2_and_ccu3_devices eQ-3 Homematic AddOn 'CloudMatic' on CCU2 and CCU3 allows uncontrolled admin access, resulting in the ability to obtain VPN profile details, shutting down the VPN service and to delete the VPN service configuration. This is related to improper access control for all /addons/mh/ pages. 2019-08-14 not yet calculated CVE-2019-9584
MISC
MISC
eq-3 -- homematic_ccu2_and_ccu3_devices eQ-3 Homematic CCU2 and CCU3 with the CUxD AddOn installed allow Remote Code Execution by unauthenticated attackers with access to the web interface, because this interface can access the CMD_EXEC virtual device type 28. 2019-08-13 not yet calculated CVE-2019-14985
MISC
eq-3 -- homematic_ccu2_and_ccu3_devices eQ-3 Homematic CCU2 and CCU3 with the XML-API through 1.2.0 AddOn installed allow Remote Code Execution by unauthenticated attackers with access to the web interface, because the undocumented addons/xmlapi/exec.cgi script uses CMD_EXEC to execute TCL code from a POST request. 2019-08-13 not yet calculated CVE-2019-14984
MISC
eq-3 -- homematic_ccu2_and_ccu3_devices eQ-3 Homematic CCU2 and CCU3 with the CUxD AddOn before 2.3.0 installed allow administrative operations by unauthenticated attackers with access to the web interface, because features such as File-Browser and Shell Command (as well as "Set root password") are exposed. 2019-08-13 not yet calculated CVE-2019-14986
MISC
eq-3 -- homematic_ccu2_and_ccu3_devices eQ-3 Homematic CCU2 prior to 2.47.10 and CCU3 prior to 3.47.10 JSON API has Improper Access Control for Interface.***Metadata related operations, resulting in the ability to read, set and deletion of Metadata. 2019-08-14 not yet calculated CVE-2019-9585
MISC
MISC
eq-3 -- homematic_ccu2_devices eQ-3 Homematic CCU2 outdated base software packages allows Denial of Service. CCU2 affected versions: 2.35.16, 2.41.5, 2.41.8, 2.41.9, 2.45.6, 2.45.7, 2.47.10, 2.47.12, 2.47.15. 2019-08-14 not yet calculated CVE-2019-9582
MISC
MISC
eq-3 -- homematic_ccu3_devices eQ-3 Homematic CCU3 AddOn 'Mediola NEO Server for Homematic CCU3' prior to 2.4.5 allows uncontrolled admin access to start or stop the Node.js process, resulting in the ability to obtain mediola configuration details. This is related to improper access control for addons configuration pages and a missing check in rc.d/97NeoServer. 2019-08-14 not yet calculated CVE-2019-13030
MISC
MISC
exosip -- exosip handle_messages in eXtl_tls.c in eXosip before 5.0.0 mishandles a negative value in a content-length header. 2019-08-14 not yet calculated CVE-2014-10375
MISC
extenua -- silvershield extenua SilverSHielD 6.x fails to secure its ProgramData folder, leading to a Local Privilege Escalation to SYSTEM. The attacker must replace SilverShield.config.sqlite with a version containing an additional user account, and then use SSH and port forwarding to reach a 127.0.0.1 service. 2019-08-17 not yet calculated CVE-2019-13069
MISC
MISC
eyesofnetwork -- eyesofnetwork EyesOfNetwork 5.1 allows Remote Command Execution via shell metacharacters in the module/tool_all/ host field. 2019-08-16 not yet calculated CVE-2019-14923
MISC
MISC
fuji_electric -- frenic_loader Fuji Electric FRENIC Loader 3.5.0.0 and prior is vulnerable to an out-of-bounds read vulnerability, which may allow an attacker to read limited information from the device. 2019-08-15 not yet calculated CVE-2019-13512
MISC
gcdwebserver -- gcdwebserver An issue was discovered in GCDWebServer before 3.5.3. The method moveItem in the GCDWebUploader class checks the FileExtension of newAbsolutePath but not oldAbsolutePath. By leveraging this vulnerability, an adversary can make an inaccessible file be available (the credential of the app, for instance). 2019-08-10 not yet calculated CVE-2019-14924
MISC
MISC
MISC
giflib -- giflib In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c if the height field of the ImageSize data structure is equal to zero. 2019-08-17 not yet calculated CVE-2019-15133
MISC
gnu -- patch do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter. 2019-08-16 not yet calculated CVE-2018-20969
MISC
MISC
BUGTRAQ
golang -- go net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications. This is related to a Host field with a suffix appearing in neither Hostname() nor Port(), and is related to a non-numeric port number. For example, an attacker can compose a crafted javascript:// URL that results in a hostname of google.com. 2019-08-13 not yet calculated CVE-2019-14809
CONFIRM
MISC
CONFIRM
gonicus -- gosa Incorrect Access Control in the LDAP class of GONICUS GOsa through 2019-04-11 allows an attacker to log into any account with a username containing the case-insensitive substring "success" when an arbitrary password is provided. 2019-08-15 not yet calculated CVE-2019-11187
MISC
CONFIRM
gradle -- gradle The HTTP client in the Build tool in Gradle before 5.6 sends authentication credentials originally destined for the configured host. If that host returns a 30x redirect, Gradle also sends those credentials to all subsequent hosts that the request redirects to. This is similar to CVE-2018-1000007. 2019-08-14 not yet calculated CVE-2019-15052
MISC
MISC
MISC
hewlett_packard_enterprise -- 3par_service_processor A remote multiple multiple cross-site vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1. 2019-08-09 not yet calculated CVE-2019-5398
CONFIRM
hewlett_packard_enterprise -- 3par_service_processor A remote authentication bypass vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1. 2019-08-09 not yet calculated CVE-2019-5396
CONFIRM
hewlett_packard_enterprise -- 3par_service_processor A remote bypass of security restrictions vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1. 2019-08-09 not yet calculated CVE-2019-5397
CONFIRM
hewlett_packard_enterprise -- 3par_service_processor A remote arbitrary file upload vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1. 2019-08-09 not yet calculated CVE-2019-5395
CONFIRM
hewlett_packard_enterprise -- 3par_service_processor A remote gain authorized access vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1. 2019-08-09 not yet calculated CVE-2019-5399
CONFIRM
hewlett_packard_enterprise -- 3par_service_processor A remote session reuse vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1. 2019-08-09 not yet calculated CVE-2019-5400
CONFIRM
hewlett_packard_enterprise -- command_view_advanced_edition Command View Advanced Edition (CVAE) products contain a vulnerability that could expose configuration information of hosts and storage systems that are managed by Device Manager server. This problem is due to a vulnerability in Device Manager GUI. The following products are affected. DevMgr version 7.0.0-00 to earlier than 8.6.1-02 RepMgr if it is installed on the same machine as DevMgr TSMgr if it is installed on the same machine as DevMgr. The resolution is to upgrade to the fixed version as described below or later version of DevMgr 8.6.2-02 or later. RepMgr and TSMgr will be corrected by upgrading DevMgr. 2019-08-09 not yet calculated CVE-2019-5408
CONFIRM
hostapd_and_wpa_supplicant -- hostapd_and_wpa_supplicant The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able to gain leaked information from a side-channel attack that can be used for full password recovery. 2019-08-15 not yet calculated CVE-2019-13377
FEDORA
CONFIRM
MISC
MISC
http/2 -- http/2 Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU. 2019-08-13 not yet calculated CVE-2019-9513
MISC
CERT-VN
UBUNTU
CONFIRM
http/2 -- http/2 Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. 2019-08-13 not yet calculated CVE-2019-9511
MISC
CERT-VN
UBUNTU
CONFIRM
http/2 -- http/2 Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. 2019-08-13 not yet calculated CVE-2019-9512
FULLDISC
MISC
CERT-VN
MLIST
MLIST
MLIST
BUGTRAQ
CONFIRM
http/2 -- http/2 Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. 2019-08-13 not yet calculated CVE-2019-9515
FULLDISC
MISC
CERT-VN
MLIST
MLIST
MLIST
BUGTRAQ
CONFIRM
http/2 -- http/2 Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends a stream of headers with a 0-length header name and 0-length header value, optionally Huffman encoded into 1-byte or greater headers. Some implementations allocate memory for these headers and keep the allocation alive until the session dies. This can consume excess memory. 2019-08-13 not yet calculated CVE-2019-9516
FULLDISC
MISC
CERT-VN
BUGTRAQ
UBUNTU
CONFIRM
http/2 -- http/2 HTTP/2 (2.4.20 through 2.4.39) very early pushes, for example configured with "H2PushResource", could lead to an overwrite of memory in the pushing request's pool, leading to crashes. The memory copied is that of the configured push link header values, not data supplied by the client. 2019-08-15 not yet calculated CVE-2019-10081
MISC
http/2 -- http/2 Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. 2019-08-13 not yet calculated CVE-2019-9514
FULLDISC
MISC
CERT-VN
MLIST
MLIST
MLIST
BUGTRAQ
CONFIRM
http/2 -- http/2 Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both. 2019-08-13 not yet calculated CVE-2019-9517
MLIST
MISC
CERT-VN
MLIST
MLIST
MLIST
MLIST
CONFIRM
http/2 -- http/2 Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE. The peer spends time processing each frame disproportionate to attack bandwidth. This can consume excess CPU. 2019-08-13 not yet calculated CVE-2019-9518
FULLDISC
MISC
CERT-VN
BUGTRAQ
CONFIRM
huawei -- cloudlink_phone_7900 The SIP TLS module of Huawei CloudLink Phone 7900 with V600R019C10 has a TLS certificate verification vulnerability. Due to insufficient verification of specific parameters of the TLS server certificate, attackers can perform man-in-the-middle attacks, leading to the affected phones registered abnormally, affecting the availability of IP phones. 2019-08-13 not yet calculated CVE-2019-5280
CONFIRM
huawei -- hima-al00b_smart_phones Huawei mobile phones Hima-AL00Bhave with Versions earlier than HMA-AL00C00B175 have a signature verification bypass vulnerability. Attackers can induce users to install malicious applications. Due to a defect in the signature verification logic, the malicious applications can invoke specific interface to execute malicious code. A successful exploit may result in the execution of arbitrary code. 2019-08-13 not yet calculated CVE-2019-5299
CONFIRM
humanica -- humatrix_7 The Recruitment module in Humanica Humatrix 7 1.0.0.681 and 1.0.0.203 allows remote attackers to access all candidates' information on the website via a modified selApp variable to personalData/resumeDetail.cfm. This includes personal information and other sensitive data. 2019-08-12 not yet calculated CVE-2019-14932
MISC
jasper -- jasper The read_chunk function in flif-dec.cpp in Free Lossless Image Format (FLIF) 0.3 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted flif file. 2019-08-15 not yet calculated CVE-2017-14232
CONFIRM
jira -- jira The login.jsp resource in Jira before version 7.13.4, and from version 8.0.0 before version 8.2.2 allows remote attackers to enumerate usernames via an information disclosure vulnerability. 2019-08-13 not yet calculated CVE-2019-8448
MISC
joomla! -- joomla! In Joomla! before 3.9.11, inadequate checks in com_contact could allow mail submission in disabled forms. 2019-08-14 not yet calculated CVE-2019-15028
MISC
keycloak -- keycloak It was found that Keycloak's account console, up to 6.0.1, did not perform adequate header checks in some requests. An attacker could use this flaw to trick an authenticated user into performing operations via request from an untrusted domain. 2019-08-14 not yet calculated CVE-2019-10199
CONFIRM
keycloak -- keycloak It was found that Keycloak's SAML broker, versions up to 6.0.1, did not verify missing message signatures. If an attacker modifies the SAML Response and removes the <Signature> sections, the message is still accepted, and the message can be modified. An attacker could use this flaw to impersonate other users and gain access to sensitive information. 2019-08-14 not yet calculated CVE-2019-10201
CONFIRM
leaf_admin -- leaf_admin The profile photo upload feature in Leaf Admin 61.9.0212.10 f allows Unrestricted Upload of a File with a Dangerous Type. 2019-08-15 not yet calculated CVE-2019-14755
MISC
MISC
MISC
ledger -- nano_2_and_nano_x_devices On Ledger Nano S and Nano X devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might be able to leverage this behavior to recover confidential secrets such as the PIN and BIP39 mnemonic. In other words, the side channel is relevant only if the attacker has enough control over the device's USB connection to make power-consumption measurements at a time when secret data is displayed. The side channel is not relevant in other circumstances, such as a stolen device that is not currently displaying secret data. 2019-08-10 not yet calculated CVE-2019-14354
MISC
libreoffice -- document_foundation_libreoffice LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice install. Protection was added, to address CVE-2018-16858, to avoid a directory traversal attack where scripts in arbitrary locations on the file system could be executed. However this new protection could be bypassed by a URL encoding attack. In the fixed versions, the parsed url describing the script location is correctly encoded before further processing. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6. 2019-08-15 not yet calculated CVE-2019-9852
BUGTRAQ
DEBIAN
MISC
libreoffice -- document_foundation_libreoffice LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from script event handers. However an insufficient url validation vulnerability in LibreOffice allowed malicious to bypass that protection and again trigger calling LibreLogo from script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6. 2019-08-15 not yet calculated CVE-2019-9850
FEDORA
BUGTRAQ
DEBIAN
CONFIRM
libreoffice -- document_foundation_libreoffice LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers, e.g. mouse over. However LibreOffice also has a separate feature where documents can specify that pre-installed scripts can be executed on various global script events such as document-open, etc. In the fixed versions, global script event handlers are validated equivalently to document script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6. 2019-08-15 not yet calculated CVE-2019-9851
BUGTRAQ
DEBIAN
CONFIRM
libtiff -- libtiff _TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application crash. 2019-08-14 not yet calculated CVE-2019-14973
CONFIRM
linux -- linux_kernel drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. 2019-08-15 not yet calculated CVE-2019-15099
MISC
linux -- linux_kernel An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read. 2019-08-15 not yet calculated CVE-2019-15090
MISC
MISC
MISC
linux -- linux_kernel parse_audio_mixer_unit in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles a short descriptor, leading to out-of-bounds memory access. 2019-08-16 not yet calculated CVE-2019-15117
MISC
MISC
linux -- linux_kernel check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion. 2019-08-16 not yet calculated CVE-2019-15118
MISC
MISC
linux -- linux_kernel drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. 2019-08-15 not yet calculated CVE-2019-15098
MISC
linux -- linux_kernel A vulnerability was found in Linux kernel's, versions up to 3.10, implementation of overlayfs. An attacker with local access can create a denial of service situation via NULL pointer dereference in ovl_posix_acl_create function in fs/overlayfs/dir.c. This can allow attackers with ability to create directories on overlayfs to crash the kernel creating a denial of service (DOS). 2019-08-15 not yet calculated CVE-2019-10140
CONFIRM
linux -- linux_kernel An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circumstances. The issue can be triggered as root (e.g., inside a default LXC container or with the CAP_NET_ADMIN capability) or after namespace unsharing. This occurs because sk_type and protocol are not checked in the appropriate part of the ip6_mroute_* functions. NOTE: this affects Linux distributions that use 4.9.x longterm kernels before 4.9.187. 2019-08-13 not yet calculated CVE-2017-18509
MISC
MISC
MISC
MLIST
MLIST
MISC
MISC
MISC
BUGTRAQ
DEBIAN
maadhaar -- maadhaar_application The mAadhaar application 1.2.7 for Android lacks SSL Certificate Validation, leading to man-in-the-middle attacks against requests for FAQs or Help. 2019-08-13 not yet calculated CVE-2019-14516
MISC
MISC
mcafee -- frp Privilege Escalation vulnerability in McAfee FRP 5.x prior to 5.1.0.209 allows local users to gain elevated privileges via running McAfee Tray with elevated privileges. 2019-08-14 not yet calculated CVE-2019-3637
CONFIRM
mcafee -- web_gateway Clickjack vulnerability in Adminstrator web console in McAfee Web Gateway (MWG) 7.8.2.x prior to 7.8.2.12 allows remote attackers to conduct clickjacking attacks via a crafted web page that contains an iframe via does not send an X-Frame-Options HTTP header. 2019-08-14 not yet calculated CVE-2019-3639
CONFIRM
mcafee -- web_gateway Exfiltration of Data in McAfee Web Gateway (MWG) 7.8.2.x prior to 7.8.2.12 allows attackers to obtain sensitive data via crafting a complex webpage that will trigger the Web Gateway to block the user accessing an iframe. 2019-08-14 not yet calculated CVE-2019-3635
CONFIRM
mediatek -- emmc_for_android The MediaTek Embedded Multimedia Card (eMMC) subsystem for Android on MT65xx, MT66xx, and MT8163 SoC devices allows attackers to execute arbitrary commands as root via shell metacharacters in a filename under /data, because clear_emmc_nomedia_entry in platform/mt6577/external/meta/emmc/meta_clr_emmc.c invokes 'system("/system/bin/rm -r /data/' followed by this filename upon an eMMC clearance from a Meta Mode boot. NOTE: compromise of Fire OS on the Amazon Echo Dot would require a second hypothetical vulnerability that allows creation of the required file under /data. 2019-08-14 not yet calculated CVE-2019-15027
MISC
MISC
micro_focus -- self_service_password_reset A potential authorization bypass issue was found in Micro Focus Self Service Password Reset (SSPR) versions prior to: 4.4.0.3, 4.3.0.6, and 4.2.0.6. Upgrade to Micro Focus Self Service Password Reset (SSPR) SSPR versions 4.4.0.3, 4.3.0.6, or 4.2.0.6 as appropriate. 2019-08-14 not yet calculated CVE-2019-11652
CONFIRM
CONFIRM
CONFIRM
microsoft -- azure_active_directory_authentication_library An elevation of privilege vulnerability exists in Azure Active Directory Authentication Library On-Behalf-Of flow, in the way the library caches tokens, aka 'Azure Active Directory Authentication Library Elevation of Privilege Vulnerability'. 2019-08-14 not yet calculated CVE-2019-1258
MISC
microsoft -- azure_active_directory_microsoft_account An information disclosure vulnerability exists in Azure Active Directory (AAD) Microsoft Account (MSA) during the login request session, aka 'Windows Information Disclosure Vulnerability'. 2019-08-14 not yet calculated CVE-2019-1172
MISC
microsoft -- defender An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Defender Elevation of Privilege Vulnerability'. 2019-08-14 not yet calculated CVE-2019-1161
MISC
microsoft -- dhcp_client A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka 'Windows DHCP Client Remote Code Execution Vulnerability'. 2019-08-14 not yet calculated CVE-2019-0736
MISC
microsoft -- directx An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'. 2019-08-14 not yet calculated CVE-2019-1176
MISC
microsoft -- dynamics_on-premise An elevation of privilege vulnerability exists in Dynamics On-Premise v9, aka 'Dynamics On-Premise Elevation of Privilege Vulnerability'. 2019-08-14 not yet calculated CVE-2019-1229
MISC
microsoft -- edge A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1131, CVE-2019-1139, CVE-2019-1140, CVE-2019-1195, CVE-2019-1196, CVE-2019-1197. 2019-08-14 not yet calculated CVE-2019-1141
MISC
microsoft -- edge A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1139, CVE-2019-1140, CVE-2019-1141, CVE-2019-1195, CVE-2019-1196, CVE-2019-1197. 2019-08-14 not yet calculated CVE-2019-1131
MISC
microsoft -- edge A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1131, CVE-2019-1139, CVE-2019-1141, CVE-2019-1195, CVE-2019-1196, CVE-2019-1197. 2019-08-14 not yet calculated CVE-2019-1140
MISC
microsoft -- edge A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1131, CVE-2019-1139, CVE-2019-1140, CVE-2019-1141, CVE-2019-1195, CVE-2019-1196. 2019-08-14 not yet calculated CVE-2019-1197
MISC
microsoft -- edge A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1131, CVE-2019-1139, CVE-2019-1140, CVE-2019-1141, CVE-2019-1195, CVE-2019-1197. 2019-08-14 not yet calculated CVE-2019-1196
MISC
microsoft -- edge An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka 'Microsoft Edge Information Disclosure Vulnerability'. 2019-08-14 not yet calculated CVE-2019-1030
MISC
microsoft -- edge A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1131, CVE-2019-1140, CVE-2019-1141, CVE-2019-1195, CVE-2019-1196, CVE-2019-1197. 2019-08-14 not yet calculated CVE-2019-1139
MISC
microsoft -- edge A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1131, CVE-2019-1139, CVE-2019-1140, CVE-2019-1141, CVE-2019-1196, CVE-2019-1197. 2019-08-14 not yet calculated CVE-2019-1195
MISC
microsoft -- git_for_visual_studio An elevation of privilege vulnerability exists in Git for Visual Studio when it improperly parses configuration files, aka 'Git for Visual Studio Elevation of Privilege Vulnerability'. 2019-08-14 not yet calculated CVE-2019-1211
MISC
microsoft -- hyper-v A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'. 2019-08-14 not yet calculated CVE-2019-0965
MISC
microsoft -- hyper-v_network_switch A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0714, CVE-2019-0715, CVE-2019-0717, CVE-2019-0718. 2019-08-14 not yet calculated CVE-2019-0723
MISC
microsoft -- hyper-v_network_switch A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0714, CVE-2019-0715, CVE-2019-0718, CVE-2019-0723. 2019-08-14 not yet calculated CVE-2019-0717
MISC
microsoft -- hyper-v_network_switch A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0715, CVE-2019-0717, CVE-2019-0718, CVE-2019-0723. 2019-08-14 not yet calculated CVE-2019-0714
MISC
microsoft -- hyper-v_network_switch A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V Remote Code Execution Vulnerability'. 2019-08-14 not yet calculated CVE-2019-0720
MISC
microsoft -- hyper-v_network_switch A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0714, CVE-2019-0717, CVE-2019-0718, CVE-2019-0723. 2019-08-14 not yet calculated CVE-2019-0715
MISC
microsoft -- hyper-v_network_switch A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0714, CVE-2019-0715, CVE-2019-0717, CVE-2019-0723. 2019-08-14 not yet calculated CVE-2019-0718
MISC
microsoft -- internet_explorer A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1194. 2019-08-14 not yet calculated CVE-2019-1133
MISC
microsoft -- internet_explorer A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1133. 2019-08-14 not yet calculated CVE-2019-1194
MISC
microsoft -- internet_explorer_and_edge A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'. 2019-08-14 not yet calculated CVE-2019-1193
MISC
microsoft -- internet_explorer_and_edge A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of different origins, aka 'Microsoft Browsers Security Feature Bypass Vulnerability'. 2019-08-14 not yet calculated CVE-2019-1192
MISC
microsoft -- multiple_windows_operating_systems An elevation of privilege vulnerability exists in the way that the PsmServiceExtHost.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1174, CVE-2019-1175, CVE-2019-1177, CVE-2019-1178, CVE-2019-1179, CVE-2019-1180, CVE-2019-1184, CVE-2019-1186. 2019-08-14 not yet calculated CVE-2019-1173
MISC
microsoft -- multiple_windows_operating_systems A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1146, CVE-2019-1147, CVE-2019-1156, CVE-2019-1157. 2019-08-14 not yet calculated CVE-2019-1155
MISC
microsoft -- multiple_windows_operating_systems An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, CVE-2019-1177, CVE-2019-1178, CVE-2019-1179, CVE-2019-1180, CVE-2019-1184. 2019-08-14 not yet calculated CVE-2019-1186
MISC
microsoft -- multiple_windows_operating_systems A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1146, CVE-2019-1147, CVE-2019-1155, CVE-2019-1156. 2019-08-14 not yet calculated CVE-2019-1157
MISC
microsoft -- multiple_windows_operating_systems An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1159. 2019-08-14 not yet calculated CVE-2019-1164
MISC
microsoft -- multiple_windows_operating_systems An elevation of privilege vulnerability exists when Windows Core Shell COM Server Registrar improperly handles COM calls, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, CVE-2019-1177, CVE-2019-1178, CVE-2019-1179, CVE-2019-1180, CVE-2019-1186. 2019-08-14 not yet calculated CVE-2019-1184
MISC
microsoft -- multiple_windows_operating_systems An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1228. 2019-08-14 not yet calculated CVE-2019-1227
MISC
microsoft -- multiple_windows_operating_systems A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'. 2019-08-14 not yet calculated CVE-2019-1188
MISC
microsoft -- multiple_windows_operating_systems An information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory, aka 'Remote Desktop Protocol Server Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1224. 2019-08-14 not yet calculated CVE-2019-1225
MISC
microsoft -- multiple_windows_operating_systems An information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory, aka 'Remote Desktop Protocol Server Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1225. 2019-08-14 not yet calculated CVE-2019-1224
MISC
microsoft -- multiple_windows_operating_systems A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services? Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1181, CVE-2019-1182, CVE-2019-1222. 2019-08-14 not yet calculated CVE-2019-1226
MISC
microsoft -- multiple_windows_operating_systems A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services? Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1181, CVE-2019-1182, CVE-2019-1226. 2019-08-14 not yet calculated CVE-2019-1222
MISC
microsoft -- multiple_windows_operating_systems An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, CVE-2019-1177, CVE-2019-1178, CVE-2019-1179, CVE-2019-1184, CVE-2019-1186. 2019-08-14 not yet calculated CVE-2019-1180
MISC
microsoft -- multiple_windows_operating_systems An elevation of privilege vulnerability exists in the way that the PsmServiceExtHost.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1175, CVE-2019-1177, CVE-2019-1178, CVE-2019-1179, CVE-2019-1180, CVE-2019-1184, CVE-2019-1186. 2019-08-14 not yet calculated CVE-2019-1174
MISC
microsoft -- multiple_windows_operating_systems An information disclosure vulnerability exists in SymCrypt during the OAEP decryption stage, aka 'SymCrypt Information Disclosure Vulnerability'. 2019-08-14 not yet calculated CVE-2019-1171
MISC
microsoft -- multiple_windows_operating_systems An elevation of privilege vulnerability exists in the way that the psmsrv.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1177, CVE-2019-1178, CVE-2019-1179, CVE-2019-1180, CVE-2019-1184, CVE-2019-1186. 2019-08-14 not yet calculated CVE-2019-1175
MISC
microsoft -- multiple_windows_operating_systems An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system, aka 'Windows ALPC Elevation of Privilege Vulnerability'. 2019-08-14 not yet calculated CVE-2019-1162
MISC
microsoft -- multiple_windows_operating_systems A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152. 2019-08-14 not yet calculated CVE-2019-1149
MISC
MISC
microsoft -- multiple_windows_operating_systems A security feature bypass exists when Windows incorrectly validates CAB file signatures, aka 'Windows File Signature Security Feature Bypass Vulnerability'. 2019-08-14 not yet calculated CVE-2019-1163
MISC
microsoft -- multiple_windows_operating_systems An elevation of privilege exists in the p2pimsvc service where an attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit this vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows p2pimsvc Elevation of Privilege Vulnerability'. 2019-08-14 not yet calculated CVE-2019-1168
MISC
microsoft -- multiple_windows_operating_systems An elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory.An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.The security update addresses the vulnerability by ensuring the Windows kernel image properly handles objects in memory., aka 'Windows Image Elevation of Privilege Vulnerability'. 2019-08-14 not yet calculated CVE-2019-1190
MISC
microsoft -- multiple_windows_operating_systems An elevation of privilege vulnerability exists in the way that the unistore.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, CVE-2019-1177, CVE-2019-1178, CVE-2019-1180, CVE-2019-1184, CVE-2019-1186. 2019-08-14 not yet calculated CVE-2019-1179
MISC
microsoft -- multiple_windows_operating_systems A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152. 2019-08-14 not yet calculated CVE-2019-1145
MISC
MISC
microsoft -- multiple_windows_operating_systems An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1078, CVE-2019-1148. 2019-08-14 not yet calculated CVE-2019-1153
MISC
MISC
microsoft -- multiple_windows_operating_systems An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1078, CVE-2019-1153. 2019-08-14 not yet calculated CVE-2019-1148
MISC
MISC
microsoft -- multiple_windows_operating_systems A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1146, CVE-2019-1155, CVE-2019-1156, CVE-2019-1157. 2019-08-14 not yet calculated CVE-2019-1147
MISC
microsoft -- multiple_windows_operating_systems An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1143, CVE-2019-1154. 2019-08-14 not yet calculated CVE-2019-1158
MISC
microsoft -- multiple_windows_operating_systems An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1154, CVE-2019-1158. 2019-08-14 not yet calculated CVE-2019-1143
MISC
microsoft -- multiple_windows_operating_systems An elevation of privilege vulnerability exists in the way that the rpcss.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, CVE-2019-1178, CVE-2019-1179, CVE-2019-1180, CVE-2019-1184, CVE-2019-1186. 2019-08-14 not yet calculated CVE-2019-1177
MISC
microsoft -- multiple_windows_operating_systems A denial of service vulnerability exists when the XmlLite runtime (XmlLite.dll) improperly parses XML input, aka 'XmlLite Runtime Denial of Service Vulnerability'. 2019-08-14 not yet calculated CVE-2019-1187
MISC
microsoft -- multiple_windows_operating_systems An elevation of privilege exists in SyncController.dll, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. 2019-08-14 not yet calculated CVE-2019-1198
MISC
microsoft -- multiple_windows_operating_systems An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1164. 2019-08-14 not yet calculated CVE-2019-1159
MISC
microsoft -- multiple_windows_operating_systems A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1146, CVE-2019-1147, CVE-2019-1155, CVE-2019-1157. 2019-08-14 not yet calculated CVE-2019-1156
MISC
microsoft -- multiple_windows_operating_systems A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1147, CVE-2019-1155, CVE-2019-1156, CVE-2019-1157. 2019-08-14 not yet calculated CVE-2019-1146
MISC
microsoft -- multiple_windows_operating_systems An elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, CVE-2019-1177, CVE-2019-1179, CVE-2019-1180, CVE-2019-1184, CVE-2019-1186. 2019-08-14 not yet calculated CVE-2019-1178
MISC
microsoft -- multiple_windows_operating_systems A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services? Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1181, CVE-2019-1222, CVE-2019-1226. 2019-08-14 not yet calculated CVE-2019-1182
MISC
microsoft -- multiple_windows_operating_systems An elevation of privilege vulnerability exists when reparse points are created by sandboxed processes allowing sandbox escape, aka 'Windows NTFS Elevation of Privilege Vulnerability'. 2019-08-14 not yet calculated CVE-2019-1170
MISC
microsoft -- multiple_windows_products A memory corruption vulnerability exists in the Windows Server DHCP service when processing specially crafted packets, aka 'Windows DHCP Server Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-1206. 2019-08-14 not yet calculated CVE-2019-1212
MISC
microsoft -- multiple_windows_products A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP failover server, aka 'Windows DHCP Server Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-1212. 2019-08-14 not yet calculated CVE-2019-1206
MISC
microsoft -- multiple_windows_products A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1205. 2019-08-14 not yet calculated CVE-2019-1201
MISC
microsoft -- multiple_windows_products A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1201. 2019-08-14 not yet calculated CVE-2019-1205
MISC
microsoft -- multiple_windows_products A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'. 2019-08-14 not yet calculated CVE-2019-1057
MISC

microsoft -- multiple_windows_products

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. 2019-08-14 not yet calculated CVE-2019-1169
MISC
microsoft -- multiple_windows_products A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services? Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1182, CVE-2019-1222, CVE-2019-1226. 2019-08-14 not yet calculated CVE-2019-1181
MISC
microsoft -- multiple_windows_products A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. 2019-08-14 not yet calculated CVE-2019-0716
MISC
microsoft -- multiple_windows_products A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'. 2019-08-14 not yet calculated CVE-2019-1183
MISC
microsoft -- multple_windows_products An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1148, CVE-2019-1153. 2019-08-14 not yet calculated CVE-2019-1078
MISC
microsoft -- outlook An elevation of privilege vulnerability exists when Microsoft Outlook initiates processing of incoming messages without sufficient validation of the formatting of the messages, aka 'Microsoft Outlook Elevation of Privilege Vulnerability'. 2019-08-14 not yet calculated CVE-2019-1204
MISC
microsoft -- outlook_and_office365_proplus A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory, aka 'Microsoft Outlook Memory Corruption Vulnerability'. 2019-08-14 not yet calculated CVE-2019-1199
MISC
microsoft -- outlook_and_office365_proplus A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka 'Microsoft Outlook Remote Code Execution Vulnerability'. 2019-08-14 not yet calculated CVE-2019-1200
MISC
microsoft -- outlook_ios A spoofing vulnerability exists in the way Microsoft Outlook iOS software parses specifically crafted email messages, aka 'Outlook iOS Spoofing Vulnerability'. 2019-08-14 not yet calculated CVE-2019-1218
MISC
microsoft -- remote_desktop_protocol A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'. 2019-08-14 not yet calculated CVE-2019-1223
MISC
microsoft -- sharepoint An information disclosure vulnerability exists in the way Microsoft SharePoint handles session objects, aka 'Microsoft SharePoint Information Disclosure Vulnerability'. 2019-08-14 not yet calculated CVE-2019-1202
MISC
microsoft -- sharepoint_server A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. 2019-08-14 not yet calculated CVE-2019-1203
MISC
microsoft -- windows_10_and_windows_server An elevation of privilege vulnerability exists due to a stack corruption in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. 2019-08-14 not yet calculated CVE-2019-1185
MISC
microsoft -- windows_7_and_windows_server_2008 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1143, CVE-2019-1158. 2019-08-14 not yet calculated CVE-2019-1154
MISC
microsoft -- windows_7_and_windows_server_2008 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1227. 2019-08-14 not yet calculated CVE-2019-1228
MISC
microsoft -- windows_server_2008 A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server, aka 'Windows DHCP Server Remote Code Execution Vulnerability'. 2019-08-14 not yet calculated CVE-2019-1213
MISC
netgear -- nighthawk_m1_devices An issue was discovered on NETGEAR Nighthawk M1 (MR1100) devices before 12.06.03. System commands can be executed, via the web interface, after authentication. 2019-08-14 not yet calculated CVE-2019-14527
MISC
netgear -- nighthawk_m1_devices An issue was discovered on NETGEAR Nighthawk M1 (MR1100) devices before 12.06.03. The web-interface Cross-Site Request Forgery token is stored in a dynamically generated JavaScript file, and therefore can be embedded in third party pages, and re-used against the Nighthawk web interface. This entirely bypasses the intended security benefits of the use of a CSRF-protection token. 2019-08-14 not yet calculated CVE-2019-14526
MISC
netwrix -- auditor Netwrix Auditor before 9.8 has insecure permissions on %PROGRAMDATA%\Netwrix Auditor\Logs\ActiveDirectory\ and sub-folders. In addition, the service Netwrix.ADA.StorageAuditService (which writes to that directory) does not perform proper impersonation, and thus the target file will have the same permissions as the invoking process (in this case, granting Authenticated Users full access over the target file). This vulnerability can be triggered by a low-privileged user to perform DLL Hijacking/Binary Planting attacks and ultimately execute code as NT AUTHORITY\SYSTEM with the help of Symbolic Links. 2019-08-12 not yet calculated CVE-2019-14969
MISC
node.js -- node.js An issue was discovered in the mysql (aka mysqljs) module 2.17.1 for Node.js. The LOAD DATA LOCAL INFILE option is open by default. 2019-08-11 not yet calculated CVE-2019-14939
MISC
nvidia -- shield_tv NVIDIA Shield TV Experience prior to v8.0, contains a vulnerability in the custom NVIDIA API used in the mount system service where user data could be overridden, which may lead to code execution, denial of service, or information disclosure. 2019-08-13 not yet calculated CVE-2019-5681
CONFIRM
opencart -- opencart OpenCart 3.x, when the attacker has login access to the admin panel, allows stored XSS within the Source/HTML editing feature of the Categories, Product, and Information pages. 2019-08-15 not yet calculated CVE-2019-15081
MISC
openemr -- openemr An issue was discovered in custom/ajax_download.php in OpenEMR before 5.0.2 via the fileName parameter. An attacker can download any file (that is readable by the user www-data) from server storage. If the requested file is writable for the www-data user and the directory /var/www/openemr/sites/default/documents/cqm_qrda/ exists, it will be deleted from server. 2019-08-13 not yet calculated CVE-2019-14530
MISC
MISC
openstack -- nova An issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2. If an API request from an authenticated user ends in a fault condition due to an external exception, details of the underlying environment may be leaked in the response, and could include sensitive configuration or other data. 2019-08-09 not yet calculated CVE-2019-14433
MLIST
MISC
CONFIRM
osisoft -- osisoft_pi_web_api In OSIsoft PI Web API and prior, the affected product is vulnerable to a direct attack due to a cross-site request forgery protection setting that has not taken effect. 2019-08-15 not yet calculated CVE-2019-13516
MISC
osisoft -- osisoft_pi_web_api OSIsoft PI Web API 2018 and prior may allow disclosure of sensitive information. 2019-08-15 not yet calculated CVE-2019-13515
MISC
pdfresurrect -- pdfresurrect An issue was discovered in PDFResurrect before 0.18. pdf_load_pages_kids in pdf.c doesn't validate a certain size value, which leads to a malloc failure and out-of-bounds write. 2019-08-11 not yet calculated CVE-2019-14934
MISC
MISC
project_redcap -- redcap REDCap before 9.3.0 allows time-based SQL injection in the edit calendar event via the cal_id parameter, such as cal_id=55 and sleep(3) to Calendar/calendar_popup_ajax.php. The attacker can obtain a user's login sessionid from the database, and then re-login into REDCap to compromise all data. 2019-08-17 not yet calculated CVE-2019-14937
MISC
MISC
CONFIRM
prospecta -- master_data_online Prospecta Master Data Online (MDO) 2.0 has Stored XSS. 2019-08-15 not yet calculated CVE-2018-17790
MISC
realtek -- waves_maxxaudio_driver Realtek Waves MaxxAudio driver 1.6.2.0, as used on Dell laptops, installs with incorrect file permissions. As a result, a local attacker can escalate to SYSTEM. 2019-08-15 not yet calculated CVE-2019-15084
MISC
riot -- riot RIOT through 2019.07 contains a memory leak in the TCP implementation (gnrc_tcp), allowing an attacker to consume all memory available for network packets and thus effectively stopping all network threads from working. This is related to _receive in sys/net/gnrc/transport_layer/tcp/gnrc_tcp_eventloop.c upon receiving an ACK before a SYN. 2019-08-17 not yet calculated CVE-2019-15134
MISC
rockwell_automation -- arena_simulation_software Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain an INFORMATION EXPOSURE CWE-200. A maliciously crafted Arena file opened by an unsuspecting user may result in the limited exposure of information related to the targeted workstation. 2019-08-15 not yet calculated CVE-2019-13511
MISC
rockwell_automation -- arena_simulation_software Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain a USE AFTER FREE CWE-416. A maliciously crafted Arena file opened by an unsuspecting user may result in the application crashing or the execution of arbitrary code. 2019-08-15 not yet calculated CVE-2019-13510
MISC
sap -- businessobjects_business_intelligence_platform In some situations, when a client cancels a query in SAP BusinessObjects Business Intelligence Platform (Web Intelligence), versions 4.2, 4.3, the attacker can then query and receive the whole data set instead of just what is part of their authorized security profile, resulting in Information Disclosure. 2019-08-14 not yet calculated CVE-2019-0333
MISC
MISC
sap -- businessobjects_business_intelligence_platform When creating a module in SAP BusinessObjects Business Intelligence Platform (BI Workspace), versions 4.1, 4.2, 4.3, it is possible to store a malicious script which when executed later could potentially allow a user to escalate privileges via session hijacking. The attacker could also access other sensitive information, leading to Stored Cross Site Scripting. 2019-08-14 not yet calculated CVE-2019-0334
MISC
MISC
sap -- businessobjects_business_intelligence_platform Under certain conditions, SAP BusinessObjects Business Intelligence Platform (BI Workspace), versions 4.1, 4.2, 4.3, allows an attacker to access sensitive data such as directory structure, leading to Information Disclosure. 2019-08-14 not yet calculated CVE-2019-0331
MISC
MISC
sap -- businessobjects_business_intelligence_platform SAP BusinessObjects Business Intelligence Platform (Info View), versions 4.1, 4.2, 4.3, allows an attacker to give some payload for keyword in the search and it will be executed while search performs its action, resulting in Cross-Site Scripting (XSS) vulnerability. 2019-08-14 not yet calculated CVE-2019-0332
MISC
MISC
sap -- businessobjects_business_intelligence_platform Under certain conditions SAP BusinessObjects Business Intelligence Platform (Central Management Console), versions 4.1, 4.2, 4.3, allows an attacker to store a malicious payload within the description field of a user account. The payload is triggered when the mouse cursor is moved over the description field in the list, when generating the little yellow informational pop up box, resulting in Stored Cross Site Scripting Attack. 2019-08-14 not yet calculated CVE-2019-0335
MISC
MISC
sap -- businessobjects_business_intelligence_platform SAP BusinessObjects Business Intelligence Platform (Web Intelligence), versions 4.1, 4.2, can access database with unencrypted connection, even if the quality of protection should be encrypted. 2019-08-14 not yet calculated CVE-2019-0348
MISC
MISC
sap -- businessobjects_business_intelligence_platform Unencrypted communication error in SAP Business Objects Business Intelligence Platform (Central Management Console), version 4.2, leads to disclosure of list of user names and roles imported from SAP NetWeaver BI systems, resulting in Information Disclosure. 2019-08-14 not yet calculated CVE-2019-0346
MISC
MISC
sap -- commerce_cloud Due to unsafe deserialization used in SAP Commerce Cloud (virtualjdbc extension), versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, it is possible to execute arbitrary code on a target machine with 'Hybris' user rights, resulting in Code Injection. 2019-08-14 not yet calculated CVE-2019-0344
MISC
MISC
sap -- commerce_cloud SAP Commerce Cloud (Mediaconversion Extension), versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, allows an authenticated Backoffice/HMC user to inject code that can be executed by the application, leading to Code Injection. An attacker could thereby control the behavior of the application. 2019-08-14 not yet calculated CVE-2019-0343
MISC
MISC
sap -- enable_now The session cookie used by SAP Enable Now, version 1902, does not have the HttpOnly flag set. If an attacker runs script code in the context of the application, he could get access to the session cookie. The session cookie could then be abused to gain access to the application. 2019-08-14 not yet calculated CVE-2019-0341
MISC
MISC
sap -- enable_now The XML parser, which is being used by SAP Enable Now, before version 1902, has not been hardened correctly, leading to Missing XML Validation vulnerability. This issue affects the file upload at multiple locations. An attacker can read local XXE files. 2019-08-14 not yet calculated CVE-2019-0340
MISC
MISC
sap -- gateway During an OData V2/V4 request in SAP Gateway, versions 750, 751, 752, 753, the HTTP Header attributes cache-control and pragma were not properly set, allowing an attacker to access restricted information, resulting in Information Disclosure. 2019-08-14 not yet calculated CVE-2019-0338
MISC
MISC
sap -- kernel SAP Kernel (ABAP Debugger), versions KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73, KERNEL 7.21, 7.49, 7.53, 7.73, 7.75, 7.76, 7.77, allows a user to execute ?Go to statement? without possessing the authorization S_DEVELOP DEBUG 02, resulting in Missing Authorization Check 2019-08-14 not yet calculated CVE-2019-0349
MISC
MISC
sap -- netweaver_application_server A remote unauthenticated attacker can abuse a web service in SAP NetWeaver Application Server for Java (Administrator System Overview), versions 7.30, 7.31, 7.40, 7.50, by sending a specially crafted XML file and trick the application server into leaking authentication credentials for its own SAP Management console, resulting in Server-Side Request Forgery. 2019-08-14 not yet calculated CVE-2019-0345
MISC
MISC
sap -- netweaver_process_integration Java Proxy Runtime of SAP NetWeaver Process Integration, versions 7.10, 7.11, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs and allows an attacker to execute malicious scripts in the url thereby resulting in Reflected Cross-Site Scripting (XSS) vulnerability 2019-08-14 not yet calculated CVE-2019-0337
MISC
MISC
sap -- netweaver_uddi_server A remote code execution vulnerability exists in the SAP NetWeaver UDDI Server (Services Registry), versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50. Because of this, an attacker can exploit Services Registry potentially enabling them to take complete control of the product, including viewing, changing, or deleting data by injecting code into the working memory which is subsequently executed by the application. It can also be used to cause a general fault in the product, causing the product to terminate. 2019-08-14 not yet calculated CVE-2019-0351
MISC
MISC
search_guard -- search_guard Search Guard versions before 24.3 had an issue when Cross Cluster Search (CCS) was enabled, authenticated users can gain read access to data they are not authorized to see. 2019-08-13 not yet calculated CVE-2019-13415
CONFIRM
MISC
search_guard -- search_guard Search Guard versions before 23.1 had an issue that for aggregations clear text values of anonymised fields were leaked. 2019-08-13 not yet calculated CVE-2019-13419
CONFIRM
MISC
search_guard -- search_guard Search Guard versions before 24.3 had an issue when Cross Cluster Search (CCS) was enabled, authenticated users are always authorized on the local cluster ignoring their roles on the remote cluster(s). 2019-08-13 not yet calculated CVE-2019-13416
CONFIRM
MISC
search_guard -- search_guard Search Guard versions before 24.0 had an issue that values of string arrays in documents are not properly anonymized. 2019-08-12 not yet calculated CVE-2019-13418
CONFIRM
MISC
search_guard -- search_guard Search Guard versions before 21.0 had an timing side channel issue when using the internal user database. 2019-08-13 not yet calculated CVE-2019-13420
CONFIRM
MISC
search_guard -- search_guard Search Guard versions before 24.0 had an issue that field caps and mapping API leak field names (but not values) for fields which are not allowed for the user when field level security (FLS) is activated. 2019-08-12 not yet calculated CVE-2019-13417
CONFIRM
MISC
siemens -- multiple_scalance_products A vulnerability has been identified in SCALANCE X-200 (All versions), SCALANCE X-200IRT (All versions), SCALANCE X-200RNA (All versions). The device contains a vulnerability that could allow an attacker to trigger a denial-of-service condition by sending large message packages repeatedly to the telnet service. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known. 2019-08-13 not yet calculated CVE-2019-10942
CONFIRM
siemens -- multiple_scalance_products A vulnerability has been identified in SCALANCE SC-600 (V2.0), SCALANCE XB-200 (V4.1), SCALANCE XC-200 (V4.1), SCALANCE XF-200BA (V4.1), SCALANCE XP-200 (V4.1), SCALANCE XR-300WG (V4.1). An authenticated attacker with network access to to port 22/tcp of an affected device may cause a Denial-of-Service condition. The security vulnerability could be exploited by an authenticated attacker with network access to the affected device. No user interaction is required to exploit this vulnerability. The vulnerability impacts the availability of the affected device. 2019-08-13 not yet calculated CVE-2019-10927
CONFIRM
siemens -- multiple_simatic_products A vulnerability has been identified in SIMATIC ET 200SP Open Controller CPU 1515SP PC (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (All versions), SIMATIC S7-1200 CPU family (All versions >= V4.0), SIMATIC S7-1500 CPU family (All versions), SIMATIC S7-1500 Software Controller (All versions), SIMATIC S7-PLCSIM Advanced (All versions). An attacker with network access to port 102/tcp could potentially modify the user program on the PLC in a way that the running code is different from the source code which is stored on the device. An attacker must have network access to affected devices and must be able to perform changes to the user program. The vulnerability could impact the perceived integrity of the user program stored on the CPU. An engineer that tries to obtain the code of the user program running on the device, can receive different source code that is not actually running on the device. No public exploitation of the vulnerability was known at the time of advisory publication. 2019-08-13 not yet calculated CVE-2019-10943
CONFIRM
siemens -- multiple_simatic_products A vulnerability has been identified in SIMATIC ET 200SP Open Controller CPU 1515SP PC (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (All versions), SIMATIC S7-1200 CPU family (All versions >= V4.0), SIMATIC S7-1500 CPU family (All versions), SIMATIC S7-1500 Software Controller (All versions), SIMATIC S7-PLCSIM Advanced (All versions). An attacker in a Man-in-the-Middle position could potentially modify network traffic exchanged on port 102/tcp, due to certain properties in the calculation used for integrity protection. In order to exploit the vulnerability, an attacker must be able to perform a Man-in-the-Middle attack. The vulnerability could impact the integrity of the communication. No public exploitation of the vulnerability was known at the time of advisory publication. 2019-08-13 not yet calculated CVE-2019-10929
CONFIRM
siemens -- scalance_sc-600 A vulnerability has been identified in SCALANCE SC-600 (V2.0). An authenticated attacker with access to port 22/tcp as well as physical access to an affected device may trigger the device to allow execution of arbitrary commands. The security vulnerability could be exploited by an authenticated attacker with physical access to the affected device. No user interaction is required to exploit this vulnerability. The vulnerability impacts the confidentiality, integrity and availability of the affected device. 2019-08-13 not yet calculated CVE-2019-10928
CONFIRM
solarwinds -- database_performance_analyzer SolarWinds Database Performance Analyzer 11.1.457 contains an instance of Reflected XSS in its idcStateError component, where the page parameter is reflected into the HREF of the 'Try Again' Button on the page, aka a /iwc/idcStateError.iwc?page= URI. 2019-08-14 not yet calculated CVE-2018-19386
MISC
MISC
squid -- squid Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memory. On systems with memory access protections, this can cause the CGI process to terminate unexpectedly, resulting in a denial of service for all clients using it. 2019-08-15 not yet calculated CVE-2019-12854
MISC
MISC
MISC
CONFIRM
stb_image_loader -- stb_image_loader stb_image.h (aka the stb image loader) 2.23 has a heap-based buffer over-read in stbi__tga_load, leading to Information Disclosure or Denial of Service. 2019-08-14 not yet calculated CVE-2019-15058
MISC
stb_vorbis -- stb_vorbis A NULL pointer dereference in the get_window function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file. 2019-08-15 not yet calculated CVE-2019-13219
MISC
CONFIRM
MISC
stb_vorbis -- stb_vorbis Use of uninitialized stack variables in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a crafted Ogg Vorbis file. 2019-08-15 not yet calculated CVE-2019-13220
MISC
CONFIRM
MISC
stb_vorbis -- stb_vorbis An out-of-bounds read of a global buffer in the draw_line function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a crafted Ogg Vorbis file. 2019-08-15 not yet calculated CVE-2019-13222
MISC
CONFIRM
MISC
stb_vorbis -- stb_vorbis A heap buffer overflow in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file. 2019-08-15 not yet calculated CVE-2019-13217
MISC
CONFIRM
MISC
stb_vorbis -- stb_vorbis A reachable assertion in the lookup1_values function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file. 2019-08-15 not yet calculated CVE-2019-13223
MISC
CONFIRM
MISC
stb_vorbis -- stb_vorbis Division by zero in the predict_point function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file. 2019-08-15 not yet calculated CVE-2019-13218
MISC
CONFIRM
MISC
stb_vorbis -- stb_vorbis A stack buffer overflow in the compute_codewords function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file. 2019-08-15 not yet calculated CVE-2019-13221
MISC
CONFIRM
MISC
storage_performance_development_kit -- storage_performance_development_kit In Storage Performance Development Kit (SPDK) before 19.07, a user of a vhost can cause a crash if the target is sent invalid input. 2019-08-11 not yet calculated CVE-2019-14940
MISC
sugarcrm -- sugarcrm SugarCRM Enterprise 9.0.0 allows mobile/error-not-supported-platform.html?desktop_url= XSS. 2019-08-14 not yet calculated CVE-2019-14974
MISC
telenav -- scout_gps_link_app The Telenav Scout GPS Link app 1.x for iOS, as used with Toyota and Lexus vehicles, has an incorrect protection mechanism against brute-force attacks on the authentication process, which makes it easier for attackers to obtain multimedia-screen access via port 7050 on the cellular network, as demonstrated by a DrivingRestriction method call to uma/jsonrpc/mobile. 2019-08-12 not yet calculated CVE-2019-14951
MISC
tenable -- nessus Nessus 8.5.2 and earlier on Windows platforms were found to contain an issue where certain system files could be overwritten arbitrarily, potentially creating a denial of service condition. 2019-08-15 not yet calculated CVE-2019-3974
MISC
tibco -- multiple_products The web server component of TIBCO Software Inc.'s TIBCO LogLogic Enterprise Virtual Appliance, and TIBCO LogLogic Log Management Intelligence contains multiple vulnerabilities that theoretically allow persistent and reflected cross-site scripting (XSS) attacks, as well as cross-site request forgery (CSRF) attacks. This issue affects: TIBCO Software Inc. TIBCO LogLogic Enterprise Virtual Appliance version 6.2.1 and prior versions. TIBCO Software Inc. TIBCO LogLogic Log Management Intelligence 6.2.1. TIBCO LogLogic LX825 Appliance 0.0.004, TIBCO LogLogic LX1025 Appliance 0.0.004, TIBCO LogLogic LX4025 Appliance 0.0.004, TIBCO LogLogic MX3025 Appliance 0.0.004, TIBCO LogLogic MX4025 Appliance 0.0.004, TIBCO LogLogic ST1025 Appliance 0.0.004, TIBCO LogLogic ST2025-SAN Appliance 0.0.004, and TIBCO LogLogic ST4025 Appliance 0.0.004 using TIBCO LogLogic Log Management Intelligence versions 6.2.1 and below. TIBCO LogLogic LX1035 Appliance 0.0.005, TIBCO LogLogic LX1025R1 Appliance 0.0.004, TIBCO LogLogic LX1025R2 Appliance 0.0.004, TIBCO LogLogic LX4025R1 Appliance 0.0.004, TIBCO LogLogic LX4025R2 Appliance 0.0.004, TIBCO LogLogic LX4035 Appliance 0.0.005, TIBCO LogLogic ST2025-SANR1 Appliance 0.0.004, TIBCO LogLogic ST2025-SANR2 Appliance 0.0.004, TIBCO LogLogic ST2035-SAN Appliance 0.0.005, TIBCO LogLogic ST4025R1 Appliance 0.0.004, TIBCO LogLogic ST4025R2 Appliance 0.0.004, and TIBCO LogLogic ST4035 Appliance 0.0.005 using TIBCO LogLogic Log Management Intelligence versions 6.2.1 and below. 2019-08-13 not yet calculated CVE-2019-11207
CONFIRM
CONFIRM
tortoisesvn -- tortoisesvn An issue was discovered in in TortoiseSVN 1.12.1. The Tsvncmd: URI handler allows a customised diff operation on Excel workbooks, which could be used to open remote workbooks without protection from macro security settings to execute arbitrary code. A tsvncmd:command:diff?path:[file1]?path2:[file2] URI will execute a customised diff on [file1] and [file2] based on the file extension. For xls files, it will execute the script diff-xls.js using wscript, which will open the two files for analysis without any macro security warning. An attacker can exploit this by putting a macro virus in a network drive, and force the victim to open the workbooks and execute the macro inside. 2019-08-15 not yet calculated CVE-2019-14422
FULLDISC
MISC
tp-link -- m7350_devices The web-based configuration interface of the TP-Link M7350 V3 with firmware before 190531 is affected by a pre-authentication command injection vulnerability. 2019-08-14 not yet calculated CVE-2019-12103
MISC
MISC
tp-link -- m7350_devices The web-based configuration interface of the TP-Link M7350 V3 with firmware before 190531 is affected by several post-authentication command injection vulnerabilities. 2019-08-14 not yet calculated CVE-2019-12104
MISC
MISC
unisign -- unisign UniSign 2.0.4.0 and earlier version contains a stack-based buffer overflow vulnerability which can overwrite the stack with arbitrary data, due to a buffer overflow in a library. That leads remote attacker to execute arbitrary code via crafted https packets. 2019-08-13 not yet calculated CVE-2019-12806
MISC
vesta -- control_panel A command injection vulnerability in UploadHandler.php in Vesta Control Panel 0.9.8-24 allows remote attackers to escalate from regular registered users to root. 2019-08-15 not yet calculated CVE-2019-12792
MISC
CONFIRM
vesta -- control_panel A directory traversal vulnerability in the v-list-user script in Vesta Control Panel 0.9.8-24 allows remote attackers to escalate from regular registered users to root via the password reset form. 2019-08-15 not yet calculated CVE-2019-12791
MISC
CONFIRM
web_studio -- ultimate_loan_manager XSS exists in WEB STUDIO Ultimate Loan Manager 2.0 by adding a branch under the Branches button that sets the notes parameter with crafted JavaScript code. 2019-08-14 not yet calculated CVE-2019-14427
EXPLOIT-DB
webmin -- webmin An issue was discovered in Webmin through 1.920. The parameter old in password_change.cgi contains a command injection vulnerability. 2019-08-15 not yet calculated CVE-2019-15107
MISC
MISC
wind_river -- vxworks Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option. 2019-08-09 not yet calculated CVE-2019-12260
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
MISC
CONFIRM
wind_river -- vxworks Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing. 2019-08-09 not yet calculated CVE-2019-12259
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
CONFIRM
wind_river -- vxworks Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability: DoS of TCP connection via malformed TCP options. 2019-08-09 not yet calculated CVE-2019-12258
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
MISC
CONFIRM
wind_river -- vxworks Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets? IP options. 2019-08-09 not yet calculated CVE-2019-12256
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
CONFIRM
wind_river -- vxworks Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow. 2019-08-09 not yet calculated CVE-2019-12255
MISC
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
MISC
CONFIRM
wind_river -- vxworks Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Control in the RARP client component. IPNET security vulnerability: Handling of unsolicited Reverse ARP replies (Logical Flaw). 2019-08-14 not yet calculated CVE-2019-12262
CONFIRM
CONFIRM
wind_river -- vxworks Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client component. There is an IPNET security vulnerability: IGMP Information leak via IGMPv3 specific membership report. 2019-08-09 not yet calculated CVE-2019-12265
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
CONFIRM
wind_river -- vxworks Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition. 2019-08-09 not yet calculated CVE-2019-12263
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
CONFIRM
wind_river -- vxworks Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host. 2019-08-09 not yet calculated CVE-2019-12261
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
MISC
CONFIRM
wordpress -- wordpress The woocommerce-product-addon plugin before 18.4 for WordPress has XSS via an import of a new meta data structure. 2019-08-12 not yet calculated CVE-2019-14948
MISC
MISC
wordpress -- wordpress The wp-editor plugin before 1.2.6 for WordPress has incorrect permissions. 2019-08-14 not yet calculated CVE-2016-10886
MISC
wordpress -- wordpress The i-recommend-this plugin before 3.7.3 for WordPress has SQL injection. 2019-08-16 not yet calculated CVE-2014-10376
MISC
wordpress -- wordpress The all-in-one-wp-security-and-firewall plugin before 4.0.9 for WordPress has multiple SQL injection issues. 2019-08-14 not yet calculated CVE-2016-10887
MISC
wordpress -- wordpress The all-in-one-wp-security-and-firewall plugin before 4.0.7 for WordPress has multiple SQL injection issues. 2019-08-14 not yet calculated CVE-2016-10888
MISC
wordpress -- wordpress The olimometer plugin before 2.57 for WordPress has SQL injection. 2019-08-16 not yet calculated CVE-2016-10904
MISC
wordpress -- wordpress The simple-share-buttons-adder plugin before 6.0.0 for WordPress has XSS. 2019-08-12 not yet calculated CVE-2015-9303
MISC
wordpress -- wordpress The contact-form-multi plugin before 1.2.1 for WordPress has multiple XSS issues. 2019-08-13 not yet calculated CVE-2017-18490
MISC
wordpress -- wordpress The simple-membership plugin before 3.3.3 for WordPress has multiple CSRF issues. 2019-08-14 not yet calculated CVE-2016-10884
MISC
wordpress -- wordpress The wp-fastest-cache plugin before 0.8.4.9 for WordPress has SQL injection in wp-admin/admin-ajax.php?action=wpfc_wppolls_ajax_request via the poll_id parameter. 2019-08-14 not yet calculated CVE-2015-9316
MISC
MISC
wordpress -- wordpress The custom-sidebars plugin before 3.1.0 for WordPress has CSRF related to set location, import actions, and export actions. 2019-08-14 not yet calculated CVE-2017-18510
MISC
wordpress -- wordpress The invite-anyone plugin before 1.3.16 for WordPress has incorrect access control for email-based invitations. 2019-08-16 not yet calculated CVE-2017-18543
MISC
wordpress -- wordpress The custom-sidebars plugin before 3.0.8.1 for WordPress has CSRF. 2019-08-14 not yet calculated CVE-2017-18511
MISC
wordpress -- wordpress The wp-ultimate-csv-importer plugin before 3.8.1 for WordPress has XSS. 2019-08-12 not yet calculated CVE-2015-9306
MISC
wordpress -- wordpress The adsense-plugin (aka Google AdSense) plugin before 1.44 for WordPress has multiple XSS issues. 2019-08-13 not yet calculated CVE-2017-18487
MISC
wordpress -- wordpress The simple-add-pages-or-posts plugin before 1.7 for WordPress has CSRF for deleting users. 2019-08-14 not yet calculated CVE-2016-10883
MISC
wordpress -- wordpress The erident-custom-login-and-dashboard plugin before 3.5 for WordPress has CSRF. 2019-08-16 not yet calculated CVE-2015-9322
MISC
wordpress -- wordpress The woocommerce-pdf-invoices-packing-slips plugin before 2.0.13 for WordPress has XSS via the tab or section variable on settings screens. 2019-08-12 not yet calculated CVE-2017-18506
MISC
wordpress -- wordpress The google-document-embedder plugin before 2.6.2 for WordPress has CSRF. 2019-08-14 not yet calculated CVE-2016-10882
MISC
wordpress -- wordpress The wp-business-intelligence-lite plugin before 1.6.3 for WordPress has SQL injection. 2019-08-16 not yet calculated CVE-2015-9326
MISC
wordpress -- wordpress The easy-digital-downloads plugin before 2.3.3 for WordPress has SQL injection. 2019-08-16 not yet calculated CVE-2015-9324
MISC
wordpress -- wordpress The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit location feature. 2019-08-14 not yet calculated CVE-2015-9307
MISC
wordpress -- wordpress The 404-to-301 plugin before 2.0.3 for WordPress has SQL injection. 2019-08-16 not yet calculated CVE-2015-9323
MISC
wordpress -- wordpress The all-in-one-wp-security-and-firewall plugin before 3.9.1 for WordPress has multiple SQL injection issues. 2019-08-14 not yet calculated CVE-2015-9310
MISC
wordpress -- wordpress The simple-fields plugin before 1.4.11 for WordPress has XSS. 2019-08-13 not yet calculated CVE-2015-9302
MISC
wordpress -- wordpress The visitors-online plugin before 0.4 for WordPress has SQL injection. 2019-08-16 not yet calculated CVE-2015-9325
MISC
wordpress -- wordpress The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit map feature. 2019-08-14 not yet calculated CVE-2015-9308
MISC
wordpress -- wordpress The liveforms plugin before 3.2.0 for WordPress has SQL injection. 2019-08-13 not yet calculated CVE-2015-9301
MISC
wordpress -- wordpress The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit category feature. 2019-08-14 not yet calculated CVE-2015-9309
MISC
wordpress -- wordpress The wp-editor plugin before 1.2.6 for WordPress has CSRF. 2019-08-14 not yet calculated CVE-2016-10885
MISC
wordpress -- wordpress The contact-form-7-sms-addon plugin before 2.4.0 for WordPress has XSS. 2019-08-13 not yet calculated CVE-2017-18489
MISC
wordpress -- wordpress The newsletter-by-supsystic plugin before 1.1.8 for WordPress has CSRF. 2019-08-14 not yet calculated CVE-2017-18512
MISC
wordpress -- wordpress The google-language-translator plugin before 5.0.06 for WordPress has XSS. 2019-08-13 not yet calculated CVE-2016-10870
MISC
wordpress -- wordpress The responsive-menu plugin before 3.1.4 for WordPress has no CSRF protection mechanism for the admin interface. 2019-08-14 not yet calculated CVE-2017-18513
MISC
wordpress -- wordpress The Custom 404 Pro plugin 3.2.8 for WordPress has XSS via the wp-admin/admin.php?page=c4p-main page parameter. 2019-08-15 not yet calculated CVE-2019-14789
MISC
MISC
wordpress -- wordpress A SQL injection vulnerability exists in the Impress GiveWP Give plugin through 2.5.0 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via includes/payments/class-payments-query.php. 2019-08-15 not yet calculated CVE-2019-13578
MISC
MISC
MISC
MISC
wordpress -- wordpress The woocommerce-jetpack plugin before 3.8.0 for WordPress has XSS in the Products Per Page feature. 2019-08-12 not yet calculated CVE-2018-20966
MISC
wordpress -- wordpress The wp-ultimate-exporter plugin before 1.4.2 for WordPress has CSRF. 2019-08-14 not yet calculated CVE-2018-20968
MISC
wordpress -- wordpress The toggle-the-title (aka Toggle The Title) plugin 1.4 for WordPress has XSS via the wp-admin/admin-ajax.php?action=update_title_options isAutoSaveValveChecked or isDisableAllPagesValveChecked parameter. 2019-08-15 not yet calculated CVE-2019-14795
MISC
MISC
wordpress -- wordpress The simple-login-log plugin before 1.1.2 for WordPress has SQL injection. 2019-08-14 not yet calculated CVE-2017-18514
MISC
wordpress -- wordpress The limb-gallery (aka Limb Gallery) plugin 1.4.0 for WordPress has XSS via the wp-admin/admin-ajax.php?action=grsGalleryAjax&grsAction=shortcode task parameter, 2019-08-15 not yet calculated CVE-2019-14790
MISC
MISC
wordpress -- wordpress The FV Flowplayer Video Player plugin before 7.3.15.727 for WordPress allows guests to obtain the email subscription list in CSV format via the wp-admin/admin-post.php?page=fvplayer&fv-email-export=1 URI. 2019-08-15 not yet calculated CVE-2019-14800
MISC
MISC
wordpress -- wordpress The custom-admin-page plugin before 0.1.2 for WordPress has multiple XSS issues. 2019-08-13 not yet calculated CVE-2017-18493
MISC
wordpress -- wordpress The companion-auto-update plugin before 3.2.1 for WordPress has CSRF. 2019-08-16 not yet calculated CVE-2018-20972
MISC
wordpress -- wordpress wp-admin/admin-ajax.php?action=newsletters_exportmultiple in the Tribulant Newsletters plugin before 4.6.19 for WordPress allows directory traversal with resultant remote PHP code execution via the subscribers[1][1] parameter in conjunction with an exportfile=../ value. 2019-08-15 not yet calculated CVE-2019-14788
MISC
MISC
wordpress -- wordpress The companion-auto-update plugin before 3.2.1 for WordPress has local file inclusion. 2019-08-16 not yet calculated CVE-2018-20973
MISC
wordpress -- wordpress The js-jobs plugin before 1.0.7 for WordPress has CSRF. 2019-08-16 not yet calculated CVE-2018-20974
MISC
wordpress -- wordpress The Rank Math SEO plugin 1.0.27 for WordPress allows non-admin users to reset the settings via the wp-admin/admin-post.php reset-cmb parameter. 2019-08-15 not yet calculated CVE-2019-14786
MISC
MISC
wordpress -- wordpress The "CP Contact Form with PayPal" plugin before 1.2.98 for WordPress has XSS in CSS edition. 2019-08-15 not yet calculated CVE-2019-14784
MISC
wordpress -- wordpress The invite-anyone plugin before 1.3.16 for WordPress has incorrect escaping of untrusted Dashboard and front-end input. 2019-08-16 not yet calculated CVE-2017-18545
MISC
wordpress -- wordpress The ninja-forms plugin before 3.3.21.2 for WordPress has SQL injection in the search filter on the submissions page. 2019-08-14 not yet calculated CVE-2019-15025
MISC
wordpress -- wordpress The google-document-embedder plugin before 2.6.2 for WordPress has XSS. 2019-08-14 not yet calculated CVE-2016-10881
MISC
wordpress -- wordpress The note-press plugin before 0.1.2 for WordPress has SQL injection. 2019-08-16 not yet calculated CVE-2017-18548
MISC
wordpress -- wordpress The google-document-embedder plugin before 2.6.1 for WordPress has XSS. 2019-08-14 not yet calculated CVE-2016-10880
MISC
wordpress -- wordpress The companion-sitemap-generator plugin before 3.7.0 for WordPress has CSRF. 2019-08-16 not yet calculated CVE-2019-15113
MISC
wordpress -- wordpress The zendesk-help-center plugin before 1.0.5 for WordPress has multiple XSS issues. 2019-08-16 not yet calculated CVE-2017-18542
MISC
wordpress -- wordpress The formcraft-form-builder plugin before 1.2.2 for WordPress has CSRF. 2019-08-16 not yet calculated CVE-2019-15114
MISC
wordpress -- wordpress The jayj-quicktag plugin before 1.3.2 for WordPress has CSRF. 2019-08-16 not yet calculated CVE-2017-18546
MISC
wordpress -- wordpress The nelio-ab-testing plugin before 4.6.4 for WordPress has CSRF in experiment forms. 2019-08-16 not yet calculated CVE-2017-18547
MISC
wordpress -- wordpress The xo-security plugin before 1.5.3 for WordPress has XSS. 2019-08-16 not yet calculated CVE-2017-18541
MISC
wordpress -- wordpress An issue was discovered in the svg-vector-icon-plugin (aka WP SVG Icons) plugin through 3.2.1 for WordPress. wp-admin/admin.php?page=wp-svg-icons-custom-set mishandles Custom Icon uploads. CSRF leads to upload of a ZIP archive containing a .php file. 2019-08-14 not yet calculated CVE-2019-14216
MISC
MISC
wordpress -- wordpress The easy-digital-downloads plugin before 2.9.16 for WordPress has XSS related to IP address logging. 2019-08-16 not yet calculated CVE-2019-15116
MISC
wordpress -- wordpress The peters-login-redirect plugin before 2.9.2 for WordPress has CSRF. 2019-08-16 not yet calculated CVE-2019-15115
MISC
wordpress -- wordpress The invite-anyone plugin before 1.3.16 for WordPress has admin-panel CSRF. 2019-08-16 not yet calculated CVE-2017-18544
MISC
wordpress -- wordpress The wp-ultimate-csv-importer plugin before 5.6.1 for WordPress has CSRF. 2019-08-14 not yet calculated CVE-2018-20967
MISC
wordpress -- wordpress The simple-fields plugin before 1.2 for WordPress has CSRF in the admin interface. 2019-08-14 not yet calculated CVE-2013-7476
MISC
wordpress -- wordpress The church-admin plugin before 1.2550 for WordPress has CSRF affecting the upload of a bible reading plan. 2019-08-16 not yet calculated CVE-2018-20971
MISC
wso2 -- api_manager An issue was discovered in WSO2 API Manager 2.6.0 before WSO2-CARBON-PATCH-4.4.0-4457. There is XSS via a crafted filename to the file-upload feature of the event simulator component. 2019-08-16 not yet calculated CVE-2019-15108
MISC
xtrlock -- xtrlock xtrlock through 2.10 does not block multitouch events. Consequently, an attacker at a locked screen can send input to (and thus control) various programs such as Chromium via events such as pan scrolling, "pinch and zoom" gestures, or even regular mouse clicks (by depressing the touchpad once and then clicking with a different finger). 2019-08-15 not yet calculated CVE-2016-10894
MISC
yandex -- clickhouse In ClickHouse before 18.12.13, functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages. 2019-08-15 not yet calculated CVE-2018-14672
MISC
yandex -- clickhouse Incorrect configuration in deb package in ClickHouse before 1.1.54131 could lead to unauthorized use of the database. 2019-08-15 not yet calculated CVE-2018-14670
CONFIRM
yandex -- clickhouse ClickHouse MySQL client before versions 1.1.54390 had "LOAD DATA LOCAL INFILE" functionality enabled that allowed a malicious MySQL database read arbitrary files from the connected ClickHouse server. 2019-08-15 not yet calculated CVE-2018-14669
MISC
yandex -- clickhouse In ClickHouse before 1.1.54388, "remote" table function allowed arbitrary symbols in "user", "password" and "default_database" fields which led to Cross Protocol Request Forgery Attacks. 2019-08-15 not yet calculated CVE-2018-14668
MISC
yandex -- clickhouse In ClickHouse before 18.10.3, unixODBC allowed loading arbitrary shared objects from the file system which led to a Remote Code Execution vulnerability. 2019-08-15 not yet calculated CVE-2018-14671
CONFIRM
yes24viewer_activex -- yes24viewer_activex Yes24ViewerX ActiveX Control 1.0.327.50126 and earlier versions contains a vulnerability that could allow remote attackers to download and execute arbitrary files by setting the arguments to the ActiveX method. This can be leveraged for code execution. 2019-08-15 not yet calculated CVE-2019-12809
MISC
zabbix -- zabbix Zabbix through 4.4.0alpha1 allows User Enumeration. With login requests, it is possible to enumerate application usernames based on the variability of server responses (e.g., the "Login name or password is incorrect" and "No permissions for system access" messages, or just blocking for a number of seconds). This affects both api_jsonrpc.php and index.php. 2019-08-17 not yet calculated CVE-2019-15132
MISC
zoho_manageengine -- _opmanager An issue was discovered in Zoho ManageEngine OpManager through 12.4x. One can bypass the user password requirement and execute commands on the server. The "username+'@opm' string is used for the password. For example, if the username is admin, the password is admin@opm. 2019-08-15 not yet calculated CVE-2019-15106
MISC
MISC
zoho_manageengine -- application_manager An issue was discovered in Zoho ManageEngine Application Manager through 14.2. There is a SQL Injection vulnerability in jsp/NewThresholdConfiguration.jsp via the resourceid parameter. Therefore, a low-authority user can gain the authority of SYSTEM on the server. One can consequently upload a malicious file using the "Execute Program Action(s)" feature. 2019-08-15 not yet calculated CVE-2019-15105
MISC
MISC
zoho_manageengine -- opmanager An issue was discovered in Zoho ManageEngine OpManager through 12.4x. There is a SQL Injection vulnerability in jsp/NewThresholdConfiguration.jsp via the resourceid parameter. Therefore, a low-authority user can gain the authority of SYSTEM on the server. One can consequently upload a malicious file using the "Execute Program Action(s)" feature. 2019-08-15 not yet calculated CVE-2019-15104
MISC
MISC
zoho_manageengine -- servicedesk_plus Zoho ManageEngine ServiceDesk Plus 10 before 10509 allows unauthenticated sensitive information leakage during Fail Over Service (FOS) replication, aka SD-79989. 2019-08-14 not yet calculated CVE-2019-15046
MISC
zte -- zxhn_f670_product All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by cross-site scripting vulnerability (XSS). Due to incomplete input validation, an authorized user can exploit this vulnerability to execute malicious scripts. 2019-08-15 not yet calculated CVE-2019-3418
CONFIRM
zte -- zxhn_f670_product All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by command injection vulnerability. Due to insufficient parameter validation check, an authorized user can exploit this vulnerability to take control of user router system. 2019-08-15 not yet calculated CVE-2019-3417
CONFIRM
Back to top

This product is provided subject to this Notification and this Privacy & Use policy.



from CISA All NCAS Products https://www.us-cert.gov/ncas/bulletins/sb19-231

Comments

Popular posts from this blog

Krebs - NY Charges First American Financial for Massive Data Leak

KnowBe4 - Scam Of The Week: "When Users Add Their Names to a Wall of Shame"