US-CERT - Vulnerability Summary for the Week of August 12, 2019
Original release date: August 19, 2019
Back to top
Back to top
Back to top
Back to top
from CISA All NCAS Products https://www.us-cert.gov/ncas/bulletins/sb19-231
The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available
High Vulnerabilities
Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
foliovision -- fv_flowplayer_video_player | The FV Flowplayer Video Player plugin before 7.3.15.727 for WordPress allows email subscription SQL injection. | 2019-08-09 | 7.5 | CVE-2019-14801 MISC |
frappe -- frappe | An issue was discovered in Frappe Framework 10 through 12 before 12.0.4. A server side template injection (SSTI) issue exists. | 2019-08-12 | 7.5 | CVE-2019-14965 MISC MISC MISC MISC MISC MISC |
hashicorp -- nomad | HashiCorp Nomad 0.9.0 through 0.9.1 has Incorrect Access Control via the exec driver. | 2019-08-12 | 10.0 | CVE-2019-12618 MISC MISC CONFIRM |
hp -- 3par_storeserv_management_console | A remote authorization bypass vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. | 2019-08-09 | 10.0 | CVE-2019-5402 CONFIRM |
hp -- 3par_storeserv_management_console | A remote script injection vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. | 2019-08-09 | 8.7 | CVE-2019-5404 CONFIRM |
hp -- 3par_storeserv_management_console | A remote session reuse vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. | 2019-08-09 | 9.0 | CVE-2019-5406 CONFIRM |
imagely -- nextgen_gallery | The nextgen-gallery plugin before 2.1.57 for WordPress has SQL injection via a gallery name. | 2019-08-14 | 7.5 | CVE-2016-10889 MISC |
microsoft -- office | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1152. | 2019-08-14 | 9.3 | CVE-2019-1151 MISC MISC |
microsoft -- windows_10 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152. | 2019-08-14 | 9.3 | CVE-2019-1144 MISC MISC |
microsoft -- windows_10 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1151, CVE-2019-1152. | 2019-08-14 | 9.3 | CVE-2019-1150 MISC MISC MISC |
microsoft -- windows_10 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151. | 2019-08-14 | 9.3 | CVE-2019-1152 MISC MISC |
newstatpress_project -- newstatpress | The newstatpress plugin before 1.0.5 for WordPress has SQL injection related to an IMG element. | 2019-08-14 | 7.5 | CVE-2015-9313 MISC |
newstatpress_project -- newstatpress | The newstatpress plugin before 1.0.1 for WordPress has SQL injection. | 2019-08-14 | 7.5 | CVE-2015-9315 MISC |
txjia -- imcat | An issue was discovered in imcat 4.9. There is SQL Injection via the index.php order parameter in a mod=faqs action. | 2019-08-12 | 7.5 | CVE-2019-14968 MISC |
veronalabs -- wp_statistics | The wp-statistics plugin before 12.0.8 for WordPress has SQL injection. | 2019-08-14 | 7.5 | CVE-2017-18515 MISC |
wp-events-plugin -- events_manager | The events-manager plugin before 5.6 for WordPress has code injection. | 2019-08-13 | 7.5 | CVE-2015-9298 MISC |
Medium Vulnerabilities
Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
10web -- photo_gallery | The 10Web Photo Gallery plugin before 1.5.25 for WordPress has Authenticated Local File Inclusion via directory traversal in the wp-admin/admin-ajax.php?action=shortcode_bwg tagtext parameter. | 2019-08-09 | 4.0 | CVE-2019-14798 MISC MISC MISC |
23systems -- lightbox_plus_colorbox | The Lightbox Plus Colorbox plugin through 2.7.2 for WordPress has cross-site request forgery (CSRF) via wp-admin/admin.php?page=lightboxplus, as demonstrated by resultant width XSS. | 2019-08-09 | 4.3 | CVE-2016-10865 MISC MISC |
atlassian -- jira | The inline-create rest resource in Jira before version 7.12.3 allows authenticated remote attackers to set the reporter in issues via a missing authorisation check. | 2019-08-09 | 4.0 | CVE-2018-20826 MISC |
axiosys -- bento4 | An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the function AP4_BitReader::SkipBits at Core/Ap4Utils.cpp. | 2019-08-14 | 6.8 | CVE-2019-15047 MISC |
axiosys -- bento4 | An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer overflow in the AP4_RtpAtom class at Core/Ap4RtpAtom.cpp. | 2019-08-14 | 6.8 | CVE-2019-15048 MISC |
axiosys -- bento4 | An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_Dec3Atom class at Core/Ap4Dec3Atom.cpp. | 2019-08-14 | 6.8 | CVE-2019-15049 MISC |
axiosys -- bento4 | An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_AvccAtom class at Core/Ap4AvccAtom.cpp. | 2019-08-14 | 6.8 | CVE-2019-15050 MISC |
backup-guard -- backup_guard | The Backup Guard plugin before 1.1.47 for WordPress has multiple XSS issues. | 2019-08-13 | 4.3 | CVE-2017-18488 MISC |
bestwebsoft -- contact_form | The contact-form-plugin plugin before 3.52 for WordPress has XSS. | 2019-08-13 | 4.3 | CVE-2013-7475 MISC |
bestwebsoft -- contact_form | The contact-form-plugin plugin before 3.96 for WordPress has XSS. | 2019-08-13 | 4.3 | CVE-2015-9295 MISC |
bestwebsoft -- contact_form | The contact-form-plugin plugin before 4.0.2 for WordPress has XSS. | 2019-08-13 | 4.3 | CVE-2016-10869 MISC |
bestwebsoft -- contact_form | The contact-form-plugin plugin before 4.0.6 for WordPress has multiple XSS issues. | 2019-08-13 | 4.3 | CVE-2017-18491 MISC |
bestwebsoft -- contact_form_to_db | The contact-form-to-db plugin before 1.5.7 for WordPress has multiple XSS issues. | 2019-08-13 | 4.3 | CVE-2017-18492 MISC |
bestwebsoft -- custom_search | The custom-search-plugin plugin before 1.36 for WordPress has multiple XSS issues. | 2019-08-13 | 4.3 | CVE-2017-18494 MISC |
bestwebsoft -- htaccess | The htaccess plugin before 1.7.6 for WordPress has multiple XSS issues. | 2019-08-13 | 4.3 | CVE-2017-18496 MISC |
bestwebsoft -- social_buttons_pack | The social-buttons-pack plugin before 1.1.1 for WordPress has multiple XSS issues. | 2019-08-12 | 4.3 | CVE-2017-18500 MISC |
bestwebsoft -- social_login | The social-login-bws plugin before 0.2 for WordPress has multiple XSS issues. | 2019-08-12 | 4.3 | CVE-2017-18501 MISC |
bestwebsoft -- subscriber | The subscriber plugin before 1.3.5 for WordPress has multiple XSS issues. | 2019-08-12 | 4.3 | CVE-2017-18502 MISC |
bestwebsoft -- twitter_button | The twitter-plugin plugin before 2.55 for WordPress has XSS. | 2019-08-12 | 4.3 | CVE-2017-18505 MISC |
codepeople -- appointment_booking_calendar | The Appointment Booking Calendar plugin 1.3.18 for WordPress allows XSS via the wp-admin/admin-post.php editionarea parameter. | 2019-08-09 | 4.3 | CVE-2019-14791 MISC MISC MISC |
codepeople -- contact_form_email | The contact-form-to-email plugin before 1.2.66 for WordPress has XSS. | 2019-08-13 | 4.3 | CVE-2018-20963 MISC |
codepeople -- contact_form_email | The contact-form-to-email plugin before 1.2.66 for WordPress has CSRF. | 2019-08-13 | 6.8 | CVE-2018-20964 MISC |
edx -- recommender | Recommender before 2018-07-18 allows XSS. | 2019-08-09 | 4.3 | CVE-2018-20858 MISC CONFIRM |
exiv2 -- exiv2 | In Exiv2 before v0.27.2, there is an integer overflow vulnerability in the WebPImage::getHeaderOffset function in webpimage.cpp. It can lead to a buffer overflow vulnerability and a crash. | 2019-08-12 | 4.3 | CVE-2019-14982 MISC MISC MISC |
flippercode -- google_map | The wp-google-map-plugin plugin before 2.3.7 for WordPress has XSS related to the add_query_arg() and remove_query_arg() functions. | 2019-08-12 | 4.3 | CVE-2015-9305 MISC |
flippercode -- google_map | The wp-google-map-plugin plugin before 3.1.2 for WordPress has XSS. | 2019-08-12 | 4.3 | CVE-2016-10878 MISC |
foliovision -- fv_flowplayer_video_player | The FV Flowplayer Video Player plugin before 7.3.14.727 for WordPress allows email subscription XSS. | 2019-08-09 | 4.3 | CVE-2019-14799 MISC MISC |
frappe -- frappe | An issue was discovered in Frappe Framework 10 through 12 before 12.0.4. There exists an authenticated SQL injection. | 2019-08-12 | 6.5 | CVE-2019-14966 MISC MISC MISC MISC MISC MISC |
frappe -- frappe | An issue was discovered in Frappe Framework 10, 11 before 11.1.46, and 12. There exists an XSS vulnerability. | 2019-08-12 | 4.3 | CVE-2019-14967 MISC MISC MISC |
hp -- 3par_storeserv_management_console | A remote authorization bypass vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. | 2019-08-09 | 5.0 | CVE-2019-5405 CONFIRM |
hp -- 3par_storeserv_management_console | A remote information disclosure vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. | 2019-08-09 | 6.5 | CVE-2019-5407 CONFIRM |
huawei -- pcmanager | PCManager 9.1.3.1 has an improper authentication vulnerability. The certain driver interface of the software does not perform a validation of user-mode data properly, successful exploit could result in malicious code execution. | 2019-08-13 | 6.8 | CVE-2019-5223 CONFIRM |
ibericode -- mailchimp | The mailchimp-for-wp plugin before 4.0.11 for WordPress has XSS on the integration settings page. | 2019-08-13 | 4.3 | CVE-2016-10871 MISC |
icmsdev -- icms | iCMS 7.0.15 allows admincp.php?app=apps XSS via the keywords parameter. | 2019-08-12 | 4.3 | CVE-2019-14976 MISC |
imagemagick -- imagemagick | In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file. | 2019-08-12 | 4.3 | CVE-2019-14980 MISC MISC MISC MISC |
imagemagick -- imagemagick | In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file. | 2019-08-12 | 4.3 | CVE-2019-14981 MISC MISC MISC |
istio -- istio | Istio before 1.1.13 and 1.2.x before 1.2.4 mishandles regular expressions for long URIs, leading to a denial of service during use of the JWT, VirtualService, HTTPAPISpecBinding, or QuotaSpecBinding API. | 2019-08-13 | 5.0 | CVE-2019-14993 MISC MISC MISC CONFIRM |
kunena -- kunena | The Kunena extension before 5.1.14 for Joomla! allows XSS via BBCode. | 2019-08-16 | 4.3 | CVE-2019-15120 MISC MISC |
lansweeper -- lansweeper | Lansweeper before 7.1.117.4 allows unauthenticated SQL injection. | 2019-08-12 | 6.4 | CVE-2019-13462 MISC MISC |
mediaburst -- gravity_forms | The gravity-forms-sms-notifications plugin before 2.4.0 for WordPress has XSS. | 2019-08-13 | 4.3 | CVE-2017-18495 MISC |
mediawiki -- mediawiki | In the MobileFrontend extension 1.31 through 1.33 for MediaWiki, XSS exists within the edit summary field in includes/specials/MobileSpecialPageFeed.php. | 2019-08-09 | 4.3 | CVE-2019-14807 CONFIRM MISC |
metabox -- meta_box | The Meta Box plugin before 4.16.3 for WordPress allows file deletion via ajax, with the wp-admin/admin-ajax.php?action=rwmb_delete_file attachment_id parameter. | 2019-08-09 | 5.5 | CVE-2019-14793 MISC MISC |
metabox -- meta_box | The Meta Box plugin before 4.16.2 for WordPress mishandles the uploading of files to custom folders. | 2019-08-09 | 5.0 | CVE-2019-14794 MISC |
netapp -- oncommand_insight | OnCommand Insight versions through 7.3.6 may disclose sensitive account information to an authenticated user. | 2019-08-09 | 4.0 | CVE-2019-5498 CONFIRM |
never5 -- download_monitor | The download-monitor plugin before 1.7.1 for WordPress has XSS related to add_query_arg. | 2019-08-13 | 4.3 | CVE-2015-9296 MISC |
newstatpress_project -- newstatpress | The newstatpress plugin before 1.0.6 for WordPress has reflected XSS. | 2019-08-14 | 4.3 | CVE-2015-9311 MISC |
newstatpress_project -- newstatpress | The newstatpress plugin before 1.0.5 for WordPress has XSS related to an IMG element. | 2019-08-14 | 4.3 | CVE-2015-9312 MISC |
newstatpress_project -- newstatpress | The newstatpress plugin before 1.0.4 for WordPress has XSS related to the Referer header. | 2019-08-14 | 4.3 | CVE-2015-9314 MISC |
palletsprojects -- werkzeug | Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker containers share the same machine id. | 2019-08-09 | 5.0 | CVE-2019-14806 MISC MISC MISC |
php -- php | When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. | 2019-08-09 | 6.8 | CVE-2019-11041 CONFIRM MLIST UBUNTU UBUNTU |
php -- php | When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. | 2019-08-09 | 6.8 | CVE-2019-11042 CONFIRM MLIST UBUNTU UBUNTU |
presstigers -- simple_job_board | The simple-job-board plugin before 2.4.4 for WordPress has reflected XSS via keyword search. | 2019-08-13 | 4.3 | CVE-2017-18498 MISC |
siemens -- siprotec_5_firmware | Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. There is an IPNET security vulnerability: Heap overflow in DHCP Offer/ACK parsing inside ipdhcpc. | 2019-08-09 | 5.8 | CVE-2019-12257 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM MISC CONFIRM |
simple-membership-plugin -- simple_membership | The simple-membership plugin before 3.5.7 for WordPress has XSS. | 2019-08-12 | 4.3 | CVE-2017-18499 MISC |
tipsandtricks-hq -- all_in_one_wp_security_&_firewall | The all-in-one-wp-security-and-firewall plugin before 3.9.8 for WordPress has XSS in the unlock request feature. | 2019-08-13 | 4.3 | CVE-2015-9293 MISC |
tipsandtricks-hq -- all_in_one_wp_security_&_firewall | The all-in-one-wp-security-and-firewall plugin before 3.9.5 for WordPress has XSS in add_query_arg and remove_query_arg function instances. | 2019-08-13 | 4.3 | CVE-2015-9294 MISC |
tipsandtricks-hq -- all_in_one_wp_security_&_firewall | The all-in-one-wp-security-and-firewall plugin before 4.2.0 for WordPress has multiple XSS issues. | 2019-08-13 | 4.3 | CVE-2016-10866 MISC |
tipsandtricks-hq -- all_in_one_wp_security_&_firewall | The all-in-one-wp-security-and-firewall plugin before 4.0.6 for WordPress has XSS in settings pages. | 2019-08-13 | 4.3 | CVE-2016-10867 MISC |
tipsandtricks-hq -- all_in_one_wp_security_&_firewall | The all-in-one-wp-security-and-firewall plugin before 4.0.5 for WordPress has XSS in the blacklist, file system, and file change detection settings pages. | 2019-08-13 | 4.3 | CVE-2016-10868 MISC |
ultimatemember -- ultimate_member | The ultimate-member plugin before 1.3.18 for WordPress has XSS via text input. | 2019-08-12 | 4.3 | CVE-2015-9304 MISC |
ultimatemember -- ultimate_member | The ultimate-member plugin before 1.3.40 for WordPress has XSS on the login form. | 2019-08-12 | 4.3 | CVE-2016-10872 MISC |
ultimatemember -- ultimate_member | The ultimate-member plugin before 2.0.4 for WordPress has XSS. | 2019-08-12 | 4.3 | CVE-2018-20965 MISC |
w3eden -- live_forms | The liveforms plugin before 3.4.0 for WordPress has XSS. | 2019-08-13 | 4.3 | CVE-2017-18497 MISC |
webkul -- bagisto | Bagisto 0.1.5 allows CSRF under /admin URIs. | 2019-08-11 | 6.8 | CVE-2019-14933 MISC MISC |
wp-events-plugin -- events_manager | The events-manager plugin before 5.6 for WordPress has XSS. | 2019-08-13 | 4.3 | CVE-2015-9297 MISC |
wp-events-plugin -- events_manager | The events-manager plugin before 5.5.7.1 for WordPress has DOM XSS. | 2019-08-13 | 4.3 | CVE-2015-9299 MISC |
wp-events-plugin -- events_manager | The events-manager plugin before 5.5.7 for WordPress has multiple XSS issues. | 2019-08-13 | 4.3 | CVE-2015-9300 MISC |
wp-jobmanager -- job_manager | The job-manager plugin before 0.7.19 for WordPress has multiple XSS issues. | 2019-08-13 | 4.3 | CVE-2012-6713 MISC |
wp-livechat -- wp_live_chat_support | The wp-live-chat-support plugin before 6.2.02 for WordPress has XSS. | 2019-08-12 | 4.3 | CVE-2016-10879 MISC |
wp-livechat -- wp_live_chat_support | The wp-live-chat-support plugin before 7.1.05 for WordPress has XSS. | 2019-08-13 | 4.3 | CVE-2017-18507 MISC |
wp-livechat -- wp_live_chat_support | The wp-live-chat-support plugin before 7.1.03 for WordPress has XSS. | 2019-08-12 | 4.3 | CVE-2017-18508 MISC |
wp-livechat -- wp_live_chat_support | The wp-live-chat-support plugin before 8.0.27 for WordPress has XSS via the GDPR page. | 2019-08-12 | 4.3 | CVE-2019-14950 MISC |
wp_editor_project -- wp_editor | The wp-editor plugin before 1.2.6.3 for WordPress has multiple XSS issues. | 2019-08-12 | 4.3 | CVE-2016-10877 MISC |
wpdeveloper -- twitter_cards_meta | The twitter-cards-meta plugin before 2.5.0 for WordPress has XSS. | 2019-08-12 | 4.3 | CVE-2017-18503 MISC |
wpdeveloper -- twitter_cards_meta | The twitter-cards-meta plugin before 2.5.0 for WordPress has CSRF. | 2019-08-12 | 6.8 | CVE-2017-18504 MISC |
wpseeds -- wp_database_backup | The wp-database-backup plugin before 4.3.3 for WordPress has XSS. | 2019-08-12 | 4.3 | CVE-2016-10873 MISC |
wpseeds -- wp_database_backup | The wp-database-backup plugin before 4.3.3 for WordPress has CSRF. | 2019-08-12 | 6.8 | CVE-2016-10874 MISC |
wpseeds -- wp_database_backup | The wp-database-backup plugin before 4.3.1 for WordPress has XSS. | 2019-08-12 | 4.3 | CVE-2016-10875 MISC |
wpseeds -- wp_database_backup | The wp-database-backup plugin before 4.3.1 for WordPress has CSRF. | 2019-08-12 | 6.8 | CVE-2016-10876 MISC |
wpseeds -- wp_database_backup | The wp-database-backup plugin before 5.1.2 for WordPress has XSS. | 2019-08-12 | 4.3 | CVE-2019-14949 MISC |
Low Vulnerabilities
Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
10web -- photo_gallery | The 10Web Photo Gallery plugin before 1.5.23 for WordPress has authenticated stored XSS. | 2019-08-09 | 3.5 | CVE-2019-14797 MISC |
atlassian -- jira | The activity stream gadget in Jira before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the country parameter. | 2019-08-09 | 3.5 | CVE-2018-20827 MISC |
codecabin -- wp_google_maps | The WP Google Maps plugin before 7.11.35 for WordPress allows XSS via the wp-admin/ rectangle_name or rectangle_opacity parameter. | 2019-08-09 | 3.5 | CVE-2019-14792 MISC MISC MISC |
codepeople -- cp_contact_form_with_paypal | The "CP Contact Form with PayPal" plugin before 1.2.99 for WordPress has XSS in the publishing wizard via the wp-admin/admin.php?page=cp_contact_form_paypal.php&pwizard=1 cp_contactformpp_id parameter. | 2019-08-09 | 3.5 | CVE-2019-14785 MISC MISC |
hp -- 3par_storeserv_management_console | A remote multiple cross-site scripting vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. | 2019-08-09 | 3.5 | CVE-2019-5403 CONFIRM |
mq-woocommerce-products-price-bulk-edit_project -- mq-woocommerce-products-price-bulk-edit | The mq-woocommerce-products-price-bulk-edit (aka Woocommerce Products Price Bulk Edit) plugin 2.0 for WordPress allows XSS via the wp-admin/admin-ajax.php?action=update_options show_products_page_limit parameter. | 2019-08-09 | 3.5 | CVE-2019-14796 MISC MISC |
schben -- framework | Adive Framework through 2.0.7 is affected by XSS in the Create New Table and Create New Navigation Link functions. | 2019-08-13 | 3.5 | CVE-2019-14987 MISC |
tribulant -- newsletters | The Tribulant Newsletters plugin before 4.6.19 for WordPress allows XSS via the wp-admin/admin-ajax.php?action=newsletters_load_new_editor contentarea parameter. | 2019-08-09 | 3.5 | CVE-2019-14787 MISC MISC |
ultimatemember -- ultimate_member | The ultimate-member plugin before 2.0.54 for WordPress has XSS. | 2019-08-12 | 3.5 | CVE-2019-14945 MISC MISC |
ultimatemember -- ultimate_member | The ultimate-member plugin before 2.0.52 for WordPress has XSS related to UM Roles create and edit operations. | 2019-08-12 | 3.5 | CVE-2019-14946 MISC MISC |
ultimatemember -- ultimate_member | The ultimate-member plugin before 2.0.52 for WordPress has XSS during an account upgrade. | 2019-08-12 | 3.5 | CVE-2019-14947 MISC MISC |
una -- una | studio/polyglot.php?page=etemplates in UNA 10.0.0-RC1 allows XSS via the System Name field under Emails during template editing. | 2019-08-09 | 3.5 | CVE-2019-14804 MISC MISC MISC |
una -- una | studio/builder_menu.php?page=sets in UNA 10.0.0-RC1 allows XSS via the System Name field under Sets during set editing. | 2019-08-09 | 3.5 | CVE-2019-14805 MISC MISC |
Severity Not Yet Assigned
Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
20-20 -- storage | An issue was discovered in 20|20 Storage 2.11.0. A Path Traversal vulnerability in the TwentyTwenty.Storage library in the LocalStorageProvider allows creating and reading files outside of the specified basepath. If the application using this library does not sanitize user-supplied filenames, then this issue may be exploited to read or write arbitrary files. This affects LocalStorageProvider.cs. | 2019-08-13 | not yet calculated | CVE-2019-12479 MISC |
3cx -- 3cx_windows_client | 3CX Phone 15 on Windows has insecure permissions on the "%PROGRAMDATA%\3CXPhone for Windows\PhoneApp" installation directory, allowing Full Control access for Everyone, and leading to privilege escalation because of a StartUp link. | 2019-08-11 | not yet calculated | CVE-2019-14935 MISC |
3s-smart_software_solutions -- codesys_products | An issue was discovered in 3S-Smart CODESYS V3 products. The CODESYS Gateway does not correctly verify the ownership of a communication channel. All variants of the following CODESYS V3 products in all versions prior to v3.5.14.20 that contain the CmpGateway component are affected, regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control V3 Runtime System Toolkit, CODESYS Gateway V3, CODESYS V3 Development System. | 2019-08-15 | not yet calculated | CVE-2019-9010 MISC |
3s-smart_software_solutions -- codesys_products | An issue was discovered in 3S-Smart CODESYS V3 products. A crafted communication request may cause uncontrolled memory allocations in the affected CODESYS products and may result in a denial-of-service condition. All variants of the following CODESYS V3 products in all versions prior to v3.5.14.20 that contain the CmpGateway component are affected, regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control V3 Runtime System Toolkit, CODESYS Gateway V3, CODESYS V3 Development System. | 2019-08-15 | not yet calculated | CVE-2019-9012 MISC |
3s-smart_software_solutions -- codesys_products | An issue was discovered in 3S-Smart CODESYS V3 products. The application may utilize non-TLS based encryption, which results in user credentials being insufficiently protected during transport. All variants of the following CODESYS V3 products in all versions containing the CmpUserMgr component are affected regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control RTE V3, CODESYS Control RTE V3 (for Beckhoff CX), CODESYS Control Win V3 (also part of the CODESYS Development System setup), CODESYS V3 Simulation Runtime (part of the CODESYS Development System), CODESYS Control V3 Runtime System Toolkit, CODESYS HMI V3. | 2019-08-15 | not yet calculated | CVE-2019-9013 MISC |
adobe -- after_effects | Adobe After Effects versions 16 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to arbitrary code execution. | 2019-08-14 | not yet calculated | CVE-2019-8062 CONFIRM |
adobe -- character_animator | Adobe Character Animator versions 2.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to arbitrary code execution. | 2019-08-14 | not yet calculated | CVE-2019-7870 CONFIRM |
adobe -- creative_cloud_desktop_application | Creative Cloud Desktop Application 4.6.1 and earlier versions have an insecure transmission of sensitive data vulnerability. Successful exploitation could lead to information leakage. | 2019-08-16 | not yet calculated | CVE-2019-8063 CONFIRM |
adobe -- creative_cloud_desktop_application | Creative Cloud Desktop Application versions 4.6.1 and earlier have a security bypass vulnerability. Successful exploitation could lead to denial of service. | 2019-08-16 | not yet calculated | CVE-2019-7957 CONFIRM |
adobe -- creative_cloud_desktop_application | Creative Cloud Desktop Application versions 4.6.1 and earlier have an insecure inherited permissions vulnerability. Successful exploitation could lead to privilege escalation. | 2019-08-16 | not yet calculated | CVE-2019-7958 CONFIRM |
adobe -- creative_cloud_desktop_application | Creative Cloud Desktop Application versions 4.6.1 and earlier have a using components with known vulnerabilities vulnerability. Successful exploitation could lead to arbitrary code execution. | 2019-08-16 | not yet calculated | CVE-2019-7959 CONFIRM |
adobe -- experience_manager | Adobe Experience Manager versions 6.5, and 6.4 have an authentication bypass vulnerability. Successful exploitation could lead to remote code execution. | 2019-08-16 | not yet calculated | CVE-2019-7964 CONFIRM |
adobe -- prelude_cc | Adobe Prelude CC versions 8.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to arbitrary code execution. | 2019-08-14 | not yet calculated | CVE-2019-7961 CONFIRM |
adobe -- premiere_pro_cc | Adobe Premiere Pro CC versions 13.1.2 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to arbitrary code execution. | 2019-08-14 | not yet calculated | CVE-2019-7931 CONFIRM |
altools -- altools_update_service | ALTOOLS update service 18.1 and earlier versions contains a local privilege escalation vulnerability due to insecure permission. An attacker can overwrite an executable that is launched as a service to exploit this vulnerability and execute arbitrary code with system privileges. | 2019-08-13 | not yet calculated | CVE-2019-12808 MISC |
alzip -- alzip | Alzip 10.83 and earlier version contains a stack-based buffer overflow vulnerability, caused by improper bounds checking during the parsing of crafted ISO archive file format. By persuading a victim to open a specially-crafted ISO archive file, an attacker could execution arbitrary code. | 2019-08-13 | not yet calculated | CVE-2019-12807 MISC MISC |
arista -- cloudvision_portal | Arista CloudVision Portal through 2018.1.1 has Incorrect Permissions. | 2019-08-15 | not yet calculated | CVE-2018-12357 MISC CONFIRM |
arista -- eos | Arista EOS through 4.21.0F allows a crash because 802.1x authentication is mishandled. | 2019-08-15 | not yet calculated | CVE-2018-14008 MISC CONFIRM |
artica -- integria_ims |
filemgr.php in Artica Integria IMS 5.0.86 allows index.php?sec=wiki&sec2=operation/wiki/wiki&action=upload arbitrary file upload. | 2019-08-16 | not yet calculated | CVE-2019-15091 MISC |
artiflex -- mupdf | Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_chartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string. | 2019-08-14 | not yet calculated | CVE-2019-14975 MISC MISC |
atlassian -- confluence_server | The "HTML Include and replace macro" plugin before 1.5.0 for Confluence Server allows a bypass of the includeScripts=false XSS protection mechanism via vectors involving an IFRAME element. | 2019-08-14 | not yet calculated | CVE-2019-15053 MISC |
atlassian -- jira_server_and_data_center | There was a server-side template injection vulnerability in Jira Server and Data Center, in the ContactAdministrators and the SendBulkMail actions. An attacker is able to remotely execute code on systems that run a vulnerable version of Jira Server or Data Center. All versions of Jira Server and Data Center from 4.4.0 before 7.6.14, from 7.7.0 before 7.13.5, from 8.0.0 before 8.0.3, from 8.1.0 before 8.1.2, and from 8.2.0 before 8.2.3 are affected by this vulnerability. | 2019-08-09 | not yet calculated | CVE-2019-11581 MISC |
bluetooth -- bluetooth_br/edr | The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing. | 2019-08-14 | not yet calculated | CVE-2019-9506 FULLDISC FULLDISC FULLDISC FULLDISC MISC CONFIRM CERT-VN MISC |
cloud_foundry -- uaa | Cloud Foundry UAA, versions prior to 74.0.0, is vulnerable to an XSS attack. A remote unauthenticated malicious attacker could craft a URL that contains a SCIM filter that contains malicious JavaScript, which older browsers may execute. | 2019-08-09 | not yet calculated | CVE-2019-11274 CONFIRM |
cms_clipper -- cms_clipper | CMS Clipper 1.3.3 has XSS in the Security tab search, User Groups, Resource Groups, and User/Resource Group Links fields. | 2019-08-15 | not yet calculated | CVE-2018-12101 MISC MISC MISC |
cnlh -- nps | lib/install/install.go in cnlh nps through 0.23.2 uses 0777 permissions for /usr/local/bin/nps and/or /usr/bin/nps, leading to a file overwrite by a local user. | 2019-08-16 | not yet calculated | CVE-2019-15119 MISC MISC |
cospas-sarsat -- cospas-sarsat | The COSPAS-SARSAT protocol allows remote attackers to forge messages, replay encrypted messages, conduct denial of service attacks, and send private messages (unrelated to distress alerts) via a crafted 406 MHz digital signal. | 2019-08-15 | not yet calculated | CVE-2018-14062 MISC MISC |
dell -- dell_digital_delivery_and_alienware_digital_delivery | Dell/Alienware Digital Delivery versions prior to 4.0.41 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a Universal Windows Platform application by manipulating the install software package feature with a race condition and a path traversal exploit in order to run a malicious executable with elevated privileges. | 2019-08-09 | not yet calculated | CVE-2019-3744 FULLDISC |
dell -- dell_digital_delivery_and_alienware_digital_delivery | Dell/Alienware Digital Delivery versions prior to 3.5.2013 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a named pipe that performs binary deserialization via a process hollowing technique to inject malicous code to run an executable with elevated privileges. | 2019-08-09 | not yet calculated | CVE-2019-3742 FULLDISC |
delta_electronics -- delta_industrial_automation_dopsoft | In Delta Industrial Automation DOPSoft, Version 4.00.06.15 and prior, processing a specially crafted project file may trigger multiple out-of-bounds read vulnerabilities, which may allow information disclosure, remote code execution, or crash of the application. | 2019-08-15 | not yet calculated | CVE-2019-13513 MISC MISC MISC MISC MISC MISC |
delta_electronics -- delta_industrial_automation_dopsoft | In Delta Industrial Automation DOPSoft, Version 4.00.06.15 and prior, processing a specially crafted project file may trigger a use-after-free vulnerability, which may allow information disclosure, remote code execution, or crash of the application. | 2019-08-15 | not yet calculated | CVE-2019-13514 MISC MISC |
dolibarr -- dolibarr | An issue was discovered in Dolibarr 11.0.0-alpha. A user can store an IFRAME element (containing a user/card.php CSRF request) in his Linked Files settings page. When visited by the admin, this could completely take over the admin account. (The protection mechanism for CSRF is to check the Referer header; however, because the attack is from one of the application's own settings pages, this mechanism is bypassed.) | 2019-08-14 | not yet calculated | CVE-2019-15062 MISC MISC |
dwsurvey -- dwsurvey | DWSurvey through 2019-07-22 has reflected XSS via the design/qu-multi-fillblank!answers.action surveyId parameter. | 2019-08-15 | not yet calculated | CVE-2019-15095 MISC |
eclipse_foundation -- birt | In Eclipse BIRT versions 1.0 to 4.7, the Report Viewer allows Reflected XSS in URL parameter. Attacker can execute the payload in victim's browser context. | 2019-08-09 | not yet calculated | CVE-2019-11776 CONFIRM |
eq-3 -- homematic_ccu2_and_ccu3_devices | eQ-3 Homematic CCU2 and CCU3 obtain session IDs without login. This allows a Denial of Service and is a starting point for other attacks. Affected versions for CCU2: 2.35.16, 2.41.5, 2.41.8, 2.41.9, 2.45.6, 2.45.7, 2.47.10, 2.47.12, 2.47.15. Affected versions for CCU3: 3.41.11, 3.43.16, 3.45.5, 3.45.7, 3.47.10, 3.47.15. | 2019-08-14 | not yet calculated | CVE-2019-9583 MISC MISC |
eq-3 -- homematic_ccu2_and_ccu3_devices | eQ-3 Homematic AddOn 'CloudMatic' on CCU2 and CCU3 allows uncontrolled admin access, resulting in the ability to obtain VPN profile details, shutting down the VPN service and to delete the VPN service configuration. This is related to improper access control for all /addons/mh/ pages. | 2019-08-14 | not yet calculated | CVE-2019-9584 MISC MISC |
eq-3 -- homematic_ccu2_and_ccu3_devices | eQ-3 Homematic CCU2 and CCU3 with the CUxD AddOn installed allow Remote Code Execution by unauthenticated attackers with access to the web interface, because this interface can access the CMD_EXEC virtual device type 28. | 2019-08-13 | not yet calculated | CVE-2019-14985 MISC |
eq-3 -- homematic_ccu2_and_ccu3_devices | eQ-3 Homematic CCU2 and CCU3 with the XML-API through 1.2.0 AddOn installed allow Remote Code Execution by unauthenticated attackers with access to the web interface, because the undocumented addons/xmlapi/exec.cgi script uses CMD_EXEC to execute TCL code from a POST request. | 2019-08-13 | not yet calculated | CVE-2019-14984 MISC |
eq-3 -- homematic_ccu2_and_ccu3_devices | eQ-3 Homematic CCU2 and CCU3 with the CUxD AddOn before 2.3.0 installed allow administrative operations by unauthenticated attackers with access to the web interface, because features such as File-Browser and Shell Command (as well as "Set root password") are exposed. | 2019-08-13 | not yet calculated | CVE-2019-14986 MISC |
eq-3 -- homematic_ccu2_and_ccu3_devices | eQ-3 Homematic CCU2 prior to 2.47.10 and CCU3 prior to 3.47.10 JSON API has Improper Access Control for Interface.***Metadata related operations, resulting in the ability to read, set and deletion of Metadata. | 2019-08-14 | not yet calculated | CVE-2019-9585 MISC MISC |
eq-3 -- homematic_ccu2_devices | eQ-3 Homematic CCU2 outdated base software packages allows Denial of Service. CCU2 affected versions: 2.35.16, 2.41.5, 2.41.8, 2.41.9, 2.45.6, 2.45.7, 2.47.10, 2.47.12, 2.47.15. | 2019-08-14 | not yet calculated | CVE-2019-9582 MISC MISC |
eq-3 -- homematic_ccu3_devices | eQ-3 Homematic CCU3 AddOn 'Mediola NEO Server for Homematic CCU3' prior to 2.4.5 allows uncontrolled admin access to start or stop the Node.js process, resulting in the ability to obtain mediola configuration details. This is related to improper access control for addons configuration pages and a missing check in rc.d/97NeoServer. | 2019-08-14 | not yet calculated | CVE-2019-13030 MISC MISC |
exosip -- exosip | handle_messages in eXtl_tls.c in eXosip before 5.0.0 mishandles a negative value in a content-length header. | 2019-08-14 | not yet calculated | CVE-2014-10375 MISC |
extenua -- silvershield | extenua SilverSHielD 6.x fails to secure its ProgramData folder, leading to a Local Privilege Escalation to SYSTEM. The attacker must replace SilverShield.config.sqlite with a version containing an additional user account, and then use SSH and port forwarding to reach a 127.0.0.1 service. | 2019-08-17 | not yet calculated | CVE-2019-13069 MISC MISC |
eyesofnetwork -- eyesofnetwork | EyesOfNetwork 5.1 allows Remote Command Execution via shell metacharacters in the module/tool_all/ host field. | 2019-08-16 | not yet calculated | CVE-2019-14923 MISC MISC |
fuji_electric -- frenic_loader | Fuji Electric FRENIC Loader 3.5.0.0 and prior is vulnerable to an out-of-bounds read vulnerability, which may allow an attacker to read limited information from the device. | 2019-08-15 | not yet calculated | CVE-2019-13512 MISC |
gcdwebserver -- gcdwebserver | An issue was discovered in GCDWebServer before 3.5.3. The method moveItem in the GCDWebUploader class checks the FileExtension of newAbsolutePath but not oldAbsolutePath. By leveraging this vulnerability, an adversary can make an inaccessible file be available (the credential of the app, for instance). | 2019-08-10 | not yet calculated | CVE-2019-14924 MISC MISC MISC |
giflib -- giflib | In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c if the height field of the ImageSize data structure is equal to zero. | 2019-08-17 | not yet calculated | CVE-2019-15133 MISC |
gnu -- patch | do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter. | 2019-08-16 | not yet calculated | CVE-2018-20969 MISC MISC BUGTRAQ |
golang -- go | net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications. This is related to a Host field with a suffix appearing in neither Hostname() nor Port(), and is related to a non-numeric port number. For example, an attacker can compose a crafted javascript:// URL that results in a hostname of google.com. | 2019-08-13 | not yet calculated | CVE-2019-14809 CONFIRM MISC CONFIRM |
gonicus -- gosa | Incorrect Access Control in the LDAP class of GONICUS GOsa through 2019-04-11 allows an attacker to log into any account with a username containing the case-insensitive substring "success" when an arbitrary password is provided. | 2019-08-15 | not yet calculated | CVE-2019-11187 MISC CONFIRM |
gradle -- gradle | The HTTP client in the Build tool in Gradle before 5.6 sends authentication credentials originally destined for the configured host. If that host returns a 30x redirect, Gradle also sends those credentials to all subsequent hosts that the request redirects to. This is similar to CVE-2018-1000007. | 2019-08-14 | not yet calculated | CVE-2019-15052 MISC MISC MISC |
hewlett_packard_enterprise -- 3par_service_processor | A remote multiple multiple cross-site vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1. | 2019-08-09 | not yet calculated | CVE-2019-5398 CONFIRM |
hewlett_packard_enterprise -- 3par_service_processor | A remote authentication bypass vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1. | 2019-08-09 | not yet calculated | CVE-2019-5396 CONFIRM |
hewlett_packard_enterprise -- 3par_service_processor | A remote bypass of security restrictions vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1. | 2019-08-09 | not yet calculated | CVE-2019-5397 CONFIRM |
hewlett_packard_enterprise -- 3par_service_processor | A remote arbitrary file upload vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1. | 2019-08-09 | not yet calculated | CVE-2019-5395 CONFIRM |
hewlett_packard_enterprise -- 3par_service_processor | A remote gain authorized access vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1. | 2019-08-09 | not yet calculated | CVE-2019-5399 CONFIRM |
hewlett_packard_enterprise -- 3par_service_processor | A remote session reuse vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1. | 2019-08-09 | not yet calculated | CVE-2019-5400 CONFIRM |
hewlett_packard_enterprise -- command_view_advanced_edition | Command View Advanced Edition (CVAE) products contain a vulnerability that could expose configuration information of hosts and storage systems that are managed by Device Manager server. This problem is due to a vulnerability in Device Manager GUI. The following products are affected. DevMgr version 7.0.0-00 to earlier than 8.6.1-02 RepMgr if it is installed on the same machine as DevMgr TSMgr if it is installed on the same machine as DevMgr. The resolution is to upgrade to the fixed version as described below or later version of DevMgr 8.6.2-02 or later. RepMgr and TSMgr will be corrected by upgrading DevMgr. | 2019-08-09 | not yet calculated | CVE-2019-5408 CONFIRM |
hostapd_and_wpa_supplicant -- hostapd_and_wpa_supplicant | The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able to gain leaked information from a side-channel attack that can be used for full password recovery. | 2019-08-15 | not yet calculated | CVE-2019-13377 FEDORA CONFIRM MISC MISC |
http/2 -- http/2 | Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU. | 2019-08-13 | not yet calculated | CVE-2019-9513 MISC CERT-VN UBUNTU CONFIRM |
http/2 -- http/2 | Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. | 2019-08-13 | not yet calculated | CVE-2019-9511 MISC CERT-VN UBUNTU CONFIRM |
http/2 -- http/2 | Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. | 2019-08-13 | not yet calculated | CVE-2019-9512 FULLDISC MISC CERT-VN MLIST MLIST MLIST BUGTRAQ CONFIRM |
http/2 -- http/2 | Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. | 2019-08-13 | not yet calculated | CVE-2019-9515 FULLDISC MISC CERT-VN MLIST MLIST MLIST BUGTRAQ CONFIRM |
http/2 -- http/2 | Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends a stream of headers with a 0-length header name and 0-length header value, optionally Huffman encoded into 1-byte or greater headers. Some implementations allocate memory for these headers and keep the allocation alive until the session dies. This can consume excess memory. | 2019-08-13 | not yet calculated | CVE-2019-9516 FULLDISC MISC CERT-VN BUGTRAQ UBUNTU CONFIRM |
http/2 -- http/2 | HTTP/2 (2.4.20 through 2.4.39) very early pushes, for example configured with "H2PushResource", could lead to an overwrite of memory in the pushing request's pool, leading to crashes. The memory copied is that of the configured push link header values, not data supplied by the client. | 2019-08-15 | not yet calculated | CVE-2019-10081 MISC |
http/2 -- http/2 | Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. | 2019-08-13 | not yet calculated | CVE-2019-9514 FULLDISC MISC CERT-VN MLIST MLIST MLIST BUGTRAQ CONFIRM |
http/2 -- http/2 | Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both. | 2019-08-13 | not yet calculated | CVE-2019-9517 MLIST MISC CERT-VN MLIST MLIST MLIST MLIST CONFIRM |
http/2 -- http/2 | Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE. The peer spends time processing each frame disproportionate to attack bandwidth. This can consume excess CPU. | 2019-08-13 | not yet calculated | CVE-2019-9518 FULLDISC MISC CERT-VN BUGTRAQ CONFIRM |
huawei -- cloudlink_phone_7900 | The SIP TLS module of Huawei CloudLink Phone 7900 with V600R019C10 has a TLS certificate verification vulnerability. Due to insufficient verification of specific parameters of the TLS server certificate, attackers can perform man-in-the-middle attacks, leading to the affected phones registered abnormally, affecting the availability of IP phones. | 2019-08-13 | not yet calculated | CVE-2019-5280 CONFIRM |
huawei -- hima-al00b_smart_phones | Huawei mobile phones Hima-AL00Bhave with Versions earlier than HMA-AL00C00B175 have a signature verification bypass vulnerability. Attackers can induce users to install malicious applications. Due to a defect in the signature verification logic, the malicious applications can invoke specific interface to execute malicious code. A successful exploit may result in the execution of arbitrary code. | 2019-08-13 | not yet calculated | CVE-2019-5299 CONFIRM |
humanica -- humatrix_7 | The Recruitment module in Humanica Humatrix 7 1.0.0.681 and 1.0.0.203 allows remote attackers to access all candidates' information on the website via a modified selApp variable to personalData/resumeDetail.cfm. This includes personal information and other sensitive data. | 2019-08-12 | not yet calculated | CVE-2019-14932 MISC |
jasper -- jasper | The read_chunk function in flif-dec.cpp in Free Lossless Image Format (FLIF) 0.3 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted flif file. | 2019-08-15 | not yet calculated | CVE-2017-14232 CONFIRM |
jira -- jira | The login.jsp resource in Jira before version 7.13.4, and from version 8.0.0 before version 8.2.2 allows remote attackers to enumerate usernames via an information disclosure vulnerability. | 2019-08-13 | not yet calculated | CVE-2019-8448 MISC |
joomla! -- joomla! | In Joomla! before 3.9.11, inadequate checks in com_contact could allow mail submission in disabled forms. | 2019-08-14 | not yet calculated | CVE-2019-15028 MISC |
keycloak -- keycloak | It was found that Keycloak's account console, up to 6.0.1, did not perform adequate header checks in some requests. An attacker could use this flaw to trick an authenticated user into performing operations via request from an untrusted domain. | 2019-08-14 | not yet calculated | CVE-2019-10199 CONFIRM |
keycloak -- keycloak | It was found that Keycloak's SAML broker, versions up to 6.0.1, did not verify missing message signatures. If an attacker modifies the SAML Response and removes the <Signature> sections, the message is still accepted, and the message can be modified. An attacker could use this flaw to impersonate other users and gain access to sensitive information. | 2019-08-14 | not yet calculated | CVE-2019-10201 CONFIRM |
leaf_admin -- leaf_admin | The profile photo upload feature in Leaf Admin 61.9.0212.10 f allows Unrestricted Upload of a File with a Dangerous Type. | 2019-08-15 | not yet calculated | CVE-2019-14755 MISC MISC MISC |
ledger -- nano_2_and_nano_x_devices | On Ledger Nano S and Nano X devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might be able to leverage this behavior to recover confidential secrets such as the PIN and BIP39 mnemonic. In other words, the side channel is relevant only if the attacker has enough control over the device's USB connection to make power-consumption measurements at a time when secret data is displayed. The side channel is not relevant in other circumstances, such as a stolen device that is not currently displaying secret data. | 2019-08-10 | not yet calculated | CVE-2019-14354 MISC |
libreoffice -- document_foundation_libreoffice | LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice install. Protection was added, to address CVE-2018-16858, to avoid a directory traversal attack where scripts in arbitrary locations on the file system could be executed. However this new protection could be bypassed by a URL encoding attack. In the fixed versions, the parsed url describing the script location is correctly encoded before further processing. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6. | 2019-08-15 | not yet calculated | CVE-2019-9852 BUGTRAQ DEBIAN MISC |
libreoffice -- document_foundation_libreoffice | LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from script event handers. However an insufficient url validation vulnerability in LibreOffice allowed malicious to bypass that protection and again trigger calling LibreLogo from script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6. | 2019-08-15 | not yet calculated | CVE-2019-9850 FEDORA BUGTRAQ DEBIAN CONFIRM |
libreoffice -- document_foundation_libreoffice | LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers, e.g. mouse over. However LibreOffice also has a separate feature where documents can specify that pre-installed scripts can be executed on various global script events such as document-open, etc. In the fixed versions, global script event handlers are validated equivalently to document script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6. | 2019-08-15 | not yet calculated | CVE-2019-9851 BUGTRAQ DEBIAN CONFIRM |
libtiff -- libtiff | _TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application crash. | 2019-08-14 | not yet calculated | CVE-2019-14973 CONFIRM |
linux -- linux_kernel | drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. | 2019-08-15 | not yet calculated | CVE-2019-15099 MISC |
linux -- linux_kernel | An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read. | 2019-08-15 | not yet calculated | CVE-2019-15090 MISC MISC MISC |
linux -- linux_kernel | parse_audio_mixer_unit in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles a short descriptor, leading to out-of-bounds memory access. | 2019-08-16 | not yet calculated | CVE-2019-15117 MISC MISC |
linux -- linux_kernel | check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion. | 2019-08-16 | not yet calculated | CVE-2019-15118 MISC MISC |
linux -- linux_kernel | drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. | 2019-08-15 | not yet calculated | CVE-2019-15098 MISC |
linux -- linux_kernel | A vulnerability was found in Linux kernel's, versions up to 3.10, implementation of overlayfs. An attacker with local access can create a denial of service situation via NULL pointer dereference in ovl_posix_acl_create function in fs/overlayfs/dir.c. This can allow attackers with ability to create directories on overlayfs to crash the kernel creating a denial of service (DOS). | 2019-08-15 | not yet calculated | CVE-2019-10140 CONFIRM |
linux -- linux_kernel | An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circumstances. The issue can be triggered as root (e.g., inside a default LXC container or with the CAP_NET_ADMIN capability) or after namespace unsharing. This occurs because sk_type and protocol are not checked in the appropriate part of the ip6_mroute_* functions. NOTE: this affects Linux distributions that use 4.9.x longterm kernels before 4.9.187. | 2019-08-13 | not yet calculated | CVE-2017-18509 MISC MISC MISC MLIST MLIST MISC MISC MISC BUGTRAQ DEBIAN |
maadhaar -- maadhaar_application | The mAadhaar application 1.2.7 for Android lacks SSL Certificate Validation, leading to man-in-the-middle attacks against requests for FAQs or Help. | 2019-08-13 | not yet calculated | CVE-2019-14516 MISC MISC |
mcafee -- frp | Privilege Escalation vulnerability in McAfee FRP 5.x prior to 5.1.0.209 allows local users to gain elevated privileges via running McAfee Tray with elevated privileges. | 2019-08-14 | not yet calculated | CVE-2019-3637 CONFIRM |
mcafee -- web_gateway | Clickjack vulnerability in Adminstrator web console in McAfee Web Gateway (MWG) 7.8.2.x prior to 7.8.2.12 allows remote attackers to conduct clickjacking attacks via a crafted web page that contains an iframe via does not send an X-Frame-Options HTTP header. | 2019-08-14 | not yet calculated | CVE-2019-3639 CONFIRM |
mcafee -- web_gateway | Exfiltration of Data in McAfee Web Gateway (MWG) 7.8.2.x prior to 7.8.2.12 allows attackers to obtain sensitive data via crafting a complex webpage that will trigger the Web Gateway to block the user accessing an iframe. | 2019-08-14 | not yet calculated | CVE-2019-3635 CONFIRM |
mediatek -- emmc_for_android | The MediaTek Embedded Multimedia Card (eMMC) subsystem for Android on MT65xx, MT66xx, and MT8163 SoC devices allows attackers to execute arbitrary commands as root via shell metacharacters in a filename under /data, because clear_emmc_nomedia_entry in platform/mt6577/external/meta/emmc/meta_clr_emmc.c invokes 'system("/system/bin/rm -r /data/' followed by this filename upon an eMMC clearance from a Meta Mode boot. NOTE: compromise of Fire OS on the Amazon Echo Dot would require a second hypothetical vulnerability that allows creation of the required file under /data. | 2019-08-14 | not yet calculated | CVE-2019-15027 MISC MISC |
micro_focus -- self_service_password_reset | A potential authorization bypass issue was found in Micro Focus Self Service Password Reset (SSPR) versions prior to: 4.4.0.3, 4.3.0.6, and 4.2.0.6. Upgrade to Micro Focus Self Service Password Reset (SSPR) SSPR versions 4.4.0.3, 4.3.0.6, or 4.2.0.6 as appropriate. | 2019-08-14 | not yet calculated | CVE-2019-11652 CONFIRM CONFIRM CONFIRM |
microsoft -- azure_active_directory_authentication_library | An elevation of privilege vulnerability exists in Azure Active Directory Authentication Library On-Behalf-Of flow, in the way the library caches tokens, aka 'Azure Active Directory Authentication Library Elevation of Privilege Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-1258 MISC |
microsoft -- azure_active_directory_microsoft_account | An information disclosure vulnerability exists in Azure Active Directory (AAD) Microsoft Account (MSA) during the login request session, aka 'Windows Information Disclosure Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-1172 MISC |
microsoft -- defender | An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Defender Elevation of Privilege Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-1161 MISC |
microsoft -- dhcp_client | A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka 'Windows DHCP Client Remote Code Execution Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-0736 MISC |
microsoft -- directx | An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-1176 MISC |
microsoft -- dynamics_on-premise | An elevation of privilege vulnerability exists in Dynamics On-Premise v9, aka 'Dynamics On-Premise Elevation of Privilege Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-1229 MISC |
microsoft -- edge | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1131, CVE-2019-1139, CVE-2019-1140, CVE-2019-1195, CVE-2019-1196, CVE-2019-1197. | 2019-08-14 | not yet calculated | CVE-2019-1141 MISC |
microsoft -- edge | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1139, CVE-2019-1140, CVE-2019-1141, CVE-2019-1195, CVE-2019-1196, CVE-2019-1197. | 2019-08-14 | not yet calculated | CVE-2019-1131 MISC |
microsoft -- edge | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1131, CVE-2019-1139, CVE-2019-1141, CVE-2019-1195, CVE-2019-1196, CVE-2019-1197. | 2019-08-14 | not yet calculated | CVE-2019-1140 MISC |
microsoft -- edge | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1131, CVE-2019-1139, CVE-2019-1140, CVE-2019-1141, CVE-2019-1195, CVE-2019-1196. | 2019-08-14 | not yet calculated | CVE-2019-1197 MISC |
microsoft -- edge | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1131, CVE-2019-1139, CVE-2019-1140, CVE-2019-1141, CVE-2019-1195, CVE-2019-1197. | 2019-08-14 | not yet calculated | CVE-2019-1196 MISC |
microsoft -- edge | An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka 'Microsoft Edge Information Disclosure Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-1030 MISC |
microsoft -- edge | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1131, CVE-2019-1140, CVE-2019-1141, CVE-2019-1195, CVE-2019-1196, CVE-2019-1197. | 2019-08-14 | not yet calculated | CVE-2019-1139 MISC |
microsoft -- edge | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1131, CVE-2019-1139, CVE-2019-1140, CVE-2019-1141, CVE-2019-1196, CVE-2019-1197. | 2019-08-14 | not yet calculated | CVE-2019-1195 MISC |
microsoft -- git_for_visual_studio | An elevation of privilege vulnerability exists in Git for Visual Studio when it improperly parses configuration files, aka 'Git for Visual Studio Elevation of Privilege Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-1211 MISC |
microsoft -- hyper-v | A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-0965 MISC |
microsoft -- hyper-v_network_switch | A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0714, CVE-2019-0715, CVE-2019-0717, CVE-2019-0718. | 2019-08-14 | not yet calculated | CVE-2019-0723 MISC |
microsoft -- hyper-v_network_switch | A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0714, CVE-2019-0715, CVE-2019-0718, CVE-2019-0723. | 2019-08-14 | not yet calculated | CVE-2019-0717 MISC |
microsoft -- hyper-v_network_switch | A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0715, CVE-2019-0717, CVE-2019-0718, CVE-2019-0723. | 2019-08-14 | not yet calculated | CVE-2019-0714 MISC |
microsoft -- hyper-v_network_switch | A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V Remote Code Execution Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-0720 MISC |
microsoft -- hyper-v_network_switch | A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0714, CVE-2019-0717, CVE-2019-0718, CVE-2019-0723. | 2019-08-14 | not yet calculated | CVE-2019-0715 MISC |
microsoft -- hyper-v_network_switch | A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0714, CVE-2019-0715, CVE-2019-0717, CVE-2019-0723. | 2019-08-14 | not yet calculated | CVE-2019-0718 MISC |
microsoft -- internet_explorer | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1194. | 2019-08-14 | not yet calculated | CVE-2019-1133 MISC |
microsoft -- internet_explorer | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1133. | 2019-08-14 | not yet calculated | CVE-2019-1194 MISC |
microsoft -- internet_explorer_and_edge | A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-1193 MISC |
microsoft -- internet_explorer_and_edge | A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of different origins, aka 'Microsoft Browsers Security Feature Bypass Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-1192 MISC |
microsoft -- multiple_windows_operating_systems | An elevation of privilege vulnerability exists in the way that the PsmServiceExtHost.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1174, CVE-2019-1175, CVE-2019-1177, CVE-2019-1178, CVE-2019-1179, CVE-2019-1180, CVE-2019-1184, CVE-2019-1186. | 2019-08-14 | not yet calculated | CVE-2019-1173 MISC |
microsoft -- multiple_windows_operating_systems | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1146, CVE-2019-1147, CVE-2019-1156, CVE-2019-1157. | 2019-08-14 | not yet calculated | CVE-2019-1155 MISC |
microsoft -- multiple_windows_operating_systems | An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, CVE-2019-1177, CVE-2019-1178, CVE-2019-1179, CVE-2019-1180, CVE-2019-1184. | 2019-08-14 | not yet calculated | CVE-2019-1186 MISC |
microsoft -- multiple_windows_operating_systems | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1146, CVE-2019-1147, CVE-2019-1155, CVE-2019-1156. | 2019-08-14 | not yet calculated | CVE-2019-1157 MISC |
microsoft -- multiple_windows_operating_systems | An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1159. | 2019-08-14 | not yet calculated | CVE-2019-1164 MISC |
microsoft -- multiple_windows_operating_systems | An elevation of privilege vulnerability exists when Windows Core Shell COM Server Registrar improperly handles COM calls, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, CVE-2019-1177, CVE-2019-1178, CVE-2019-1179, CVE-2019-1180, CVE-2019-1186. | 2019-08-14 | not yet calculated | CVE-2019-1184 MISC |
microsoft -- multiple_windows_operating_systems | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1228. | 2019-08-14 | not yet calculated | CVE-2019-1227 MISC |
microsoft -- multiple_windows_operating_systems | A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-1188 MISC |
microsoft -- multiple_windows_operating_systems | An information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory, aka 'Remote Desktop Protocol Server Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1224. | 2019-08-14 | not yet calculated | CVE-2019-1225 MISC |
microsoft -- multiple_windows_operating_systems | An information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory, aka 'Remote Desktop Protocol Server Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1225. | 2019-08-14 | not yet calculated | CVE-2019-1224 MISC |
microsoft -- multiple_windows_operating_systems | A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services? Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1181, CVE-2019-1182, CVE-2019-1222. | 2019-08-14 | not yet calculated | CVE-2019-1226 MISC |
microsoft -- multiple_windows_operating_systems | A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services? Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1181, CVE-2019-1182, CVE-2019-1226. | 2019-08-14 | not yet calculated | CVE-2019-1222 MISC |
microsoft -- multiple_windows_operating_systems | An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, CVE-2019-1177, CVE-2019-1178, CVE-2019-1179, CVE-2019-1184, CVE-2019-1186. | 2019-08-14 | not yet calculated | CVE-2019-1180 MISC |
microsoft -- multiple_windows_operating_systems | An elevation of privilege vulnerability exists in the way that the PsmServiceExtHost.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1175, CVE-2019-1177, CVE-2019-1178, CVE-2019-1179, CVE-2019-1180, CVE-2019-1184, CVE-2019-1186. | 2019-08-14 | not yet calculated | CVE-2019-1174 MISC |
microsoft -- multiple_windows_operating_systems | An information disclosure vulnerability exists in SymCrypt during the OAEP decryption stage, aka 'SymCrypt Information Disclosure Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-1171 MISC |
microsoft -- multiple_windows_operating_systems | An elevation of privilege vulnerability exists in the way that the psmsrv.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1177, CVE-2019-1178, CVE-2019-1179, CVE-2019-1180, CVE-2019-1184, CVE-2019-1186. | 2019-08-14 | not yet calculated | CVE-2019-1175 MISC |
microsoft -- multiple_windows_operating_systems | An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system, aka 'Windows ALPC Elevation of Privilege Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-1162 MISC |
microsoft -- multiple_windows_operating_systems | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152. | 2019-08-14 | not yet calculated | CVE-2019-1149 MISC MISC |
microsoft -- multiple_windows_operating_systems | A security feature bypass exists when Windows incorrectly validates CAB file signatures, aka 'Windows File Signature Security Feature Bypass Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-1163 MISC |
microsoft -- multiple_windows_operating_systems | An elevation of privilege exists in the p2pimsvc service where an attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit this vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows p2pimsvc Elevation of Privilege Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-1168 MISC |
microsoft -- multiple_windows_operating_systems | An elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory.An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.The security update addresses the vulnerability by ensuring the Windows kernel image properly handles objects in memory., aka 'Windows Image Elevation of Privilege Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-1190 MISC |
microsoft -- multiple_windows_operating_systems | An elevation of privilege vulnerability exists in the way that the unistore.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, CVE-2019-1177, CVE-2019-1178, CVE-2019-1180, CVE-2019-1184, CVE-2019-1186. | 2019-08-14 | not yet calculated | CVE-2019-1179 MISC |
microsoft -- multiple_windows_operating_systems | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152. | 2019-08-14 | not yet calculated | CVE-2019-1145 MISC MISC |
microsoft -- multiple_windows_operating_systems | An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1078, CVE-2019-1148. | 2019-08-14 | not yet calculated | CVE-2019-1153 MISC MISC |
microsoft -- multiple_windows_operating_systems | An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1078, CVE-2019-1153. | 2019-08-14 | not yet calculated | CVE-2019-1148 MISC MISC |
microsoft -- multiple_windows_operating_systems | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1146, CVE-2019-1155, CVE-2019-1156, CVE-2019-1157. | 2019-08-14 | not yet calculated | CVE-2019-1147 MISC |
microsoft -- multiple_windows_operating_systems | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1143, CVE-2019-1154. | 2019-08-14 | not yet calculated | CVE-2019-1158 MISC |
microsoft -- multiple_windows_operating_systems | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1154, CVE-2019-1158. | 2019-08-14 | not yet calculated | CVE-2019-1143 MISC |
microsoft -- multiple_windows_operating_systems | An elevation of privilege vulnerability exists in the way that the rpcss.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, CVE-2019-1178, CVE-2019-1179, CVE-2019-1180, CVE-2019-1184, CVE-2019-1186. | 2019-08-14 | not yet calculated | CVE-2019-1177 MISC |
microsoft -- multiple_windows_operating_systems | A denial of service vulnerability exists when the XmlLite runtime (XmlLite.dll) improperly parses XML input, aka 'XmlLite Runtime Denial of Service Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-1187 MISC |
microsoft -- multiple_windows_operating_systems | An elevation of privilege exists in SyncController.dll, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-1198 MISC |
microsoft -- multiple_windows_operating_systems | An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1164. | 2019-08-14 | not yet calculated | CVE-2019-1159 MISC |
microsoft -- multiple_windows_operating_systems | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1146, CVE-2019-1147, CVE-2019-1155, CVE-2019-1157. | 2019-08-14 | not yet calculated | CVE-2019-1156 MISC |
microsoft -- multiple_windows_operating_systems | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1147, CVE-2019-1155, CVE-2019-1156, CVE-2019-1157. | 2019-08-14 | not yet calculated | CVE-2019-1146 MISC |
microsoft -- multiple_windows_operating_systems | An elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, CVE-2019-1177, CVE-2019-1179, CVE-2019-1180, CVE-2019-1184, CVE-2019-1186. | 2019-08-14 | not yet calculated | CVE-2019-1178 MISC |
microsoft -- multiple_windows_operating_systems | A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services? Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1181, CVE-2019-1222, CVE-2019-1226. | 2019-08-14 | not yet calculated | CVE-2019-1182 MISC |
microsoft -- multiple_windows_operating_systems | An elevation of privilege vulnerability exists when reparse points are created by sandboxed processes allowing sandbox escape, aka 'Windows NTFS Elevation of Privilege Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-1170 MISC |
microsoft -- multiple_windows_products | A memory corruption vulnerability exists in the Windows Server DHCP service when processing specially crafted packets, aka 'Windows DHCP Server Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-1206. | 2019-08-14 | not yet calculated | CVE-2019-1212 MISC |
microsoft -- multiple_windows_products | A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP failover server, aka 'Windows DHCP Server Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-1212. | 2019-08-14 | not yet calculated | CVE-2019-1206 MISC |
microsoft -- multiple_windows_products | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1205. | 2019-08-14 | not yet calculated | CVE-2019-1201 MISC |
microsoft -- multiple_windows_products | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1201. | 2019-08-14 | not yet calculated | CVE-2019-1205 MISC |
microsoft -- multiple_windows_products | A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-1057 MISC |
microsoft -- multiple_windows_products |
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-1169 MISC |
microsoft -- multiple_windows_products | A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services? Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1182, CVE-2019-1222, CVE-2019-1226. | 2019-08-14 | not yet calculated | CVE-2019-1181 MISC |
microsoft -- multiple_windows_products | A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-0716 MISC |
microsoft -- multiple_windows_products | A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-1183 MISC |
microsoft -- multple_windows_products | An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1148, CVE-2019-1153. | 2019-08-14 | not yet calculated | CVE-2019-1078 MISC |
microsoft -- outlook | An elevation of privilege vulnerability exists when Microsoft Outlook initiates processing of incoming messages without sufficient validation of the formatting of the messages, aka 'Microsoft Outlook Elevation of Privilege Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-1204 MISC |
microsoft -- outlook_and_office365_proplus | A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory, aka 'Microsoft Outlook Memory Corruption Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-1199 MISC |
microsoft -- outlook_and_office365_proplus | A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka 'Microsoft Outlook Remote Code Execution Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-1200 MISC |
microsoft -- outlook_ios | A spoofing vulnerability exists in the way Microsoft Outlook iOS software parses specifically crafted email messages, aka 'Outlook iOS Spoofing Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-1218 MISC |
microsoft -- remote_desktop_protocol | A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-1223 MISC |
microsoft -- sharepoint | An information disclosure vulnerability exists in the way Microsoft SharePoint handles session objects, aka 'Microsoft SharePoint Information Disclosure Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-1202 MISC |
microsoft -- sharepoint_server | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-1203 MISC |
microsoft -- windows_10_and_windows_server | An elevation of privilege vulnerability exists due to a stack corruption in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-1185 MISC |
microsoft -- windows_7_and_windows_server_2008 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1143, CVE-2019-1158. | 2019-08-14 | not yet calculated | CVE-2019-1154 MISC |
microsoft -- windows_7_and_windows_server_2008 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1227. | 2019-08-14 | not yet calculated | CVE-2019-1228 MISC |
microsoft -- windows_server_2008 | A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server, aka 'Windows DHCP Server Remote Code Execution Vulnerability'. | 2019-08-14 | not yet calculated | CVE-2019-1213 MISC |
netgear -- nighthawk_m1_devices | An issue was discovered on NETGEAR Nighthawk M1 (MR1100) devices before 12.06.03. System commands can be executed, via the web interface, after authentication. | 2019-08-14 | not yet calculated | CVE-2019-14527 MISC |
netgear -- nighthawk_m1_devices | An issue was discovered on NETGEAR Nighthawk M1 (MR1100) devices before 12.06.03. The web-interface Cross-Site Request Forgery token is stored in a dynamically generated JavaScript file, and therefore can be embedded in third party pages, and re-used against the Nighthawk web interface. This entirely bypasses the intended security benefits of the use of a CSRF-protection token. | 2019-08-14 | not yet calculated | CVE-2019-14526 MISC |
netwrix -- auditor | Netwrix Auditor before 9.8 has insecure permissions on %PROGRAMDATA%\Netwrix Auditor\Logs\ActiveDirectory\ and sub-folders. In addition, the service Netwrix.ADA.StorageAuditService (which writes to that directory) does not perform proper impersonation, and thus the target file will have the same permissions as the invoking process (in this case, granting Authenticated Users full access over the target file). This vulnerability can be triggered by a low-privileged user to perform DLL Hijacking/Binary Planting attacks and ultimately execute code as NT AUTHORITY\SYSTEM with the help of Symbolic Links. | 2019-08-12 | not yet calculated | CVE-2019-14969 MISC |
node.js -- node.js | An issue was discovered in the mysql (aka mysqljs) module 2.17.1 for Node.js. The LOAD DATA LOCAL INFILE option is open by default. | 2019-08-11 | not yet calculated | CVE-2019-14939 MISC |
nvidia -- shield_tv | NVIDIA Shield TV Experience prior to v8.0, contains a vulnerability in the custom NVIDIA API used in the mount system service where user data could be overridden, which may lead to code execution, denial of service, or information disclosure. | 2019-08-13 | not yet calculated | CVE-2019-5681 CONFIRM |
opencart -- opencart | OpenCart 3.x, when the attacker has login access to the admin panel, allows stored XSS within the Source/HTML editing feature of the Categories, Product, and Information pages. | 2019-08-15 | not yet calculated | CVE-2019-15081 MISC |
openemr -- openemr | An issue was discovered in custom/ajax_download.php in OpenEMR before 5.0.2 via the fileName parameter. An attacker can download any file (that is readable by the user www-data) from server storage. If the requested file is writable for the www-data user and the directory /var/www/openemr/sites/default/documents/cqm_qrda/ exists, it will be deleted from server. | 2019-08-13 | not yet calculated | CVE-2019-14530 MISC MISC |
openstack -- nova | An issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2. If an API request from an authenticated user ends in a fault condition due to an external exception, details of the underlying environment may be leaked in the response, and could include sensitive configuration or other data. | 2019-08-09 | not yet calculated | CVE-2019-14433 MLIST MISC CONFIRM |
osisoft -- osisoft_pi_web_api | In OSIsoft PI Web API and prior, the affected product is vulnerable to a direct attack due to a cross-site request forgery protection setting that has not taken effect. | 2019-08-15 | not yet calculated | CVE-2019-13516 MISC |
osisoft -- osisoft_pi_web_api | OSIsoft PI Web API 2018 and prior may allow disclosure of sensitive information. | 2019-08-15 | not yet calculated | CVE-2019-13515 MISC |
pdfresurrect -- pdfresurrect | An issue was discovered in PDFResurrect before 0.18. pdf_load_pages_kids in pdf.c doesn't validate a certain size value, which leads to a malloc failure and out-of-bounds write. | 2019-08-11 | not yet calculated | CVE-2019-14934 MISC MISC |
project_redcap -- redcap | REDCap before 9.3.0 allows time-based SQL injection in the edit calendar event via the cal_id parameter, such as cal_id=55 and sleep(3) to Calendar/calendar_popup_ajax.php. The attacker can obtain a user's login sessionid from the database, and then re-login into REDCap to compromise all data. | 2019-08-17 | not yet calculated | CVE-2019-14937 MISC MISC CONFIRM |
prospecta -- master_data_online | Prospecta Master Data Online (MDO) 2.0 has Stored XSS. | 2019-08-15 | not yet calculated | CVE-2018-17790 MISC |
realtek -- waves_maxxaudio_driver | Realtek Waves MaxxAudio driver 1.6.2.0, as used on Dell laptops, installs with incorrect file permissions. As a result, a local attacker can escalate to SYSTEM. | 2019-08-15 | not yet calculated | CVE-2019-15084 MISC |
riot -- riot | RIOT through 2019.07 contains a memory leak in the TCP implementation (gnrc_tcp), allowing an attacker to consume all memory available for network packets and thus effectively stopping all network threads from working. This is related to _receive in sys/net/gnrc/transport_layer/tcp/gnrc_tcp_eventloop.c upon receiving an ACK before a SYN. | 2019-08-17 | not yet calculated | CVE-2019-15134 MISC |
rockwell_automation -- arena_simulation_software | Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain an INFORMATION EXPOSURE CWE-200. A maliciously crafted Arena file opened by an unsuspecting user may result in the limited exposure of information related to the targeted workstation. | 2019-08-15 | not yet calculated | CVE-2019-13511 MISC |
rockwell_automation -- arena_simulation_software | Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain a USE AFTER FREE CWE-416. A maliciously crafted Arena file opened by an unsuspecting user may result in the application crashing or the execution of arbitrary code. | 2019-08-15 | not yet calculated | CVE-2019-13510 MISC |
sap -- businessobjects_business_intelligence_platform | In some situations, when a client cancels a query in SAP BusinessObjects Business Intelligence Platform (Web Intelligence), versions 4.2, 4.3, the attacker can then query and receive the whole data set instead of just what is part of their authorized security profile, resulting in Information Disclosure. | 2019-08-14 | not yet calculated | CVE-2019-0333 MISC MISC |
sap -- businessobjects_business_intelligence_platform | When creating a module in SAP BusinessObjects Business Intelligence Platform (BI Workspace), versions 4.1, 4.2, 4.3, it is possible to store a malicious script which when executed later could potentially allow a user to escalate privileges via session hijacking. The attacker could also access other sensitive information, leading to Stored Cross Site Scripting. | 2019-08-14 | not yet calculated | CVE-2019-0334 MISC MISC |
sap -- businessobjects_business_intelligence_platform | Under certain conditions, SAP BusinessObjects Business Intelligence Platform (BI Workspace), versions 4.1, 4.2, 4.3, allows an attacker to access sensitive data such as directory structure, leading to Information Disclosure. | 2019-08-14 | not yet calculated | CVE-2019-0331 MISC MISC |
sap -- businessobjects_business_intelligence_platform | SAP BusinessObjects Business Intelligence Platform (Info View), versions 4.1, 4.2, 4.3, allows an attacker to give some payload for keyword in the search and it will be executed while search performs its action, resulting in Cross-Site Scripting (XSS) vulnerability. | 2019-08-14 | not yet calculated | CVE-2019-0332 MISC MISC |
sap -- businessobjects_business_intelligence_platform | Under certain conditions SAP BusinessObjects Business Intelligence Platform (Central Management Console), versions 4.1, 4.2, 4.3, allows an attacker to store a malicious payload within the description field of a user account. The payload is triggered when the mouse cursor is moved over the description field in the list, when generating the little yellow informational pop up box, resulting in Stored Cross Site Scripting Attack. | 2019-08-14 | not yet calculated | CVE-2019-0335 MISC MISC |
sap -- businessobjects_business_intelligence_platform | SAP BusinessObjects Business Intelligence Platform (Web Intelligence), versions 4.1, 4.2, can access database with unencrypted connection, even if the quality of protection should be encrypted. | 2019-08-14 | not yet calculated | CVE-2019-0348 MISC MISC |
sap -- businessobjects_business_intelligence_platform | Unencrypted communication error in SAP Business Objects Business Intelligence Platform (Central Management Console), version 4.2, leads to disclosure of list of user names and roles imported from SAP NetWeaver BI systems, resulting in Information Disclosure. | 2019-08-14 | not yet calculated | CVE-2019-0346 MISC MISC |
sap -- commerce_cloud | Due to unsafe deserialization used in SAP Commerce Cloud (virtualjdbc extension), versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, it is possible to execute arbitrary code on a target machine with 'Hybris' user rights, resulting in Code Injection. | 2019-08-14 | not yet calculated | CVE-2019-0344 MISC MISC |
sap -- commerce_cloud | SAP Commerce Cloud (Mediaconversion Extension), versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, allows an authenticated Backoffice/HMC user to inject code that can be executed by the application, leading to Code Injection. An attacker could thereby control the behavior of the application. | 2019-08-14 | not yet calculated | CVE-2019-0343 MISC MISC |
sap -- enable_now | The session cookie used by SAP Enable Now, version 1902, does not have the HttpOnly flag set. If an attacker runs script code in the context of the application, he could get access to the session cookie. The session cookie could then be abused to gain access to the application. | 2019-08-14 | not yet calculated | CVE-2019-0341 MISC MISC |
sap -- enable_now | The XML parser, which is being used by SAP Enable Now, before version 1902, has not been hardened correctly, leading to Missing XML Validation vulnerability. This issue affects the file upload at multiple locations. An attacker can read local XXE files. | 2019-08-14 | not yet calculated | CVE-2019-0340 MISC MISC |
sap -- gateway | During an OData V2/V4 request in SAP Gateway, versions 750, 751, 752, 753, the HTTP Header attributes cache-control and pragma were not properly set, allowing an attacker to access restricted information, resulting in Information Disclosure. | 2019-08-14 | not yet calculated | CVE-2019-0338 MISC MISC |
sap -- kernel | SAP Kernel (ABAP Debugger), versions KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73, KERNEL 7.21, 7.49, 7.53, 7.73, 7.75, 7.76, 7.77, allows a user to execute ?Go to statement? without possessing the authorization S_DEVELOP DEBUG 02, resulting in Missing Authorization Check | 2019-08-14 | not yet calculated | CVE-2019-0349 MISC MISC |
sap -- netweaver_application_server | A remote unauthenticated attacker can abuse a web service in SAP NetWeaver Application Server for Java (Administrator System Overview), versions 7.30, 7.31, 7.40, 7.50, by sending a specially crafted XML file and trick the application server into leaking authentication credentials for its own SAP Management console, resulting in Server-Side Request Forgery. | 2019-08-14 | not yet calculated | CVE-2019-0345 MISC MISC |
sap -- netweaver_process_integration | Java Proxy Runtime of SAP NetWeaver Process Integration, versions 7.10, 7.11, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs and allows an attacker to execute malicious scripts in the url thereby resulting in Reflected Cross-Site Scripting (XSS) vulnerability | 2019-08-14 | not yet calculated | CVE-2019-0337 MISC MISC |
sap -- netweaver_uddi_server | A remote code execution vulnerability exists in the SAP NetWeaver UDDI Server (Services Registry), versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50. Because of this, an attacker can exploit Services Registry potentially enabling them to take complete control of the product, including viewing, changing, or deleting data by injecting code into the working memory which is subsequently executed by the application. It can also be used to cause a general fault in the product, causing the product to terminate. | 2019-08-14 | not yet calculated | CVE-2019-0351 MISC MISC |
search_guard -- search_guard | Search Guard versions before 24.3 had an issue when Cross Cluster Search (CCS) was enabled, authenticated users can gain read access to data they are not authorized to see. | 2019-08-13 | not yet calculated | CVE-2019-13415 CONFIRM MISC |
search_guard -- search_guard | Search Guard versions before 23.1 had an issue that for aggregations clear text values of anonymised fields were leaked. | 2019-08-13 | not yet calculated | CVE-2019-13419 CONFIRM MISC |
search_guard -- search_guard | Search Guard versions before 24.3 had an issue when Cross Cluster Search (CCS) was enabled, authenticated users are always authorized on the local cluster ignoring their roles on the remote cluster(s). | 2019-08-13 | not yet calculated | CVE-2019-13416 CONFIRM MISC |
search_guard -- search_guard | Search Guard versions before 24.0 had an issue that values of string arrays in documents are not properly anonymized. | 2019-08-12 | not yet calculated | CVE-2019-13418 CONFIRM MISC |
search_guard -- search_guard | Search Guard versions before 21.0 had an timing side channel issue when using the internal user database. | 2019-08-13 | not yet calculated | CVE-2019-13420 CONFIRM MISC |
search_guard -- search_guard | Search Guard versions before 24.0 had an issue that field caps and mapping API leak field names (but not values) for fields which are not allowed for the user when field level security (FLS) is activated. | 2019-08-12 | not yet calculated | CVE-2019-13417 CONFIRM MISC |
siemens -- multiple_scalance_products | A vulnerability has been identified in SCALANCE X-200 (All versions), SCALANCE X-200IRT (All versions), SCALANCE X-200RNA (All versions). The device contains a vulnerability that could allow an attacker to trigger a denial-of-service condition by sending large message packages repeatedly to the telnet service. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known. | 2019-08-13 | not yet calculated | CVE-2019-10942 CONFIRM |
siemens -- multiple_scalance_products | A vulnerability has been identified in SCALANCE SC-600 (V2.0), SCALANCE XB-200 (V4.1), SCALANCE XC-200 (V4.1), SCALANCE XF-200BA (V4.1), SCALANCE XP-200 (V4.1), SCALANCE XR-300WG (V4.1). An authenticated attacker with network access to to port 22/tcp of an affected device may cause a Denial-of-Service condition. The security vulnerability could be exploited by an authenticated attacker with network access to the affected device. No user interaction is required to exploit this vulnerability. The vulnerability impacts the availability of the affected device. | 2019-08-13 | not yet calculated | CVE-2019-10927 CONFIRM |
siemens -- multiple_simatic_products | A vulnerability has been identified in SIMATIC ET 200SP Open Controller CPU 1515SP PC (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (All versions), SIMATIC S7-1200 CPU family (All versions >= V4.0), SIMATIC S7-1500 CPU family (All versions), SIMATIC S7-1500 Software Controller (All versions), SIMATIC S7-PLCSIM Advanced (All versions). An attacker with network access to port 102/tcp could potentially modify the user program on the PLC in a way that the running code is different from the source code which is stored on the device. An attacker must have network access to affected devices and must be able to perform changes to the user program. The vulnerability could impact the perceived integrity of the user program stored on the CPU. An engineer that tries to obtain the code of the user program running on the device, can receive different source code that is not actually running on the device. No public exploitation of the vulnerability was known at the time of advisory publication. | 2019-08-13 | not yet calculated | CVE-2019-10943 CONFIRM |
siemens -- multiple_simatic_products | A vulnerability has been identified in SIMATIC ET 200SP Open Controller CPU 1515SP PC (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (All versions), SIMATIC S7-1200 CPU family (All versions >= V4.0), SIMATIC S7-1500 CPU family (All versions), SIMATIC S7-1500 Software Controller (All versions), SIMATIC S7-PLCSIM Advanced (All versions). An attacker in a Man-in-the-Middle position could potentially modify network traffic exchanged on port 102/tcp, due to certain properties in the calculation used for integrity protection. In order to exploit the vulnerability, an attacker must be able to perform a Man-in-the-Middle attack. The vulnerability could impact the integrity of the communication. No public exploitation of the vulnerability was known at the time of advisory publication. | 2019-08-13 | not yet calculated | CVE-2019-10929 CONFIRM |
siemens -- scalance_sc-600 | A vulnerability has been identified in SCALANCE SC-600 (V2.0). An authenticated attacker with access to port 22/tcp as well as physical access to an affected device may trigger the device to allow execution of arbitrary commands. The security vulnerability could be exploited by an authenticated attacker with physical access to the affected device. No user interaction is required to exploit this vulnerability. The vulnerability impacts the confidentiality, integrity and availability of the affected device. | 2019-08-13 | not yet calculated | CVE-2019-10928 CONFIRM |
solarwinds -- database_performance_analyzer | SolarWinds Database Performance Analyzer 11.1.457 contains an instance of Reflected XSS in its idcStateError component, where the page parameter is reflected into the HREF of the 'Try Again' Button on the page, aka a /iwc/idcStateError.iwc?page= URI. | 2019-08-14 | not yet calculated | CVE-2018-19386 MISC MISC |
squid -- squid | Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memory. On systems with memory access protections, this can cause the CGI process to terminate unexpectedly, resulting in a denial of service for all clients using it. | 2019-08-15 | not yet calculated | CVE-2019-12854 MISC MISC MISC CONFIRM |
stb_image_loader -- stb_image_loader | stb_image.h (aka the stb image loader) 2.23 has a heap-based buffer over-read in stbi__tga_load, leading to Information Disclosure or Denial of Service. | 2019-08-14 | not yet calculated | CVE-2019-15058 MISC |
stb_vorbis -- stb_vorbis | A NULL pointer dereference in the get_window function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file. | 2019-08-15 | not yet calculated | CVE-2019-13219 MISC CONFIRM MISC |
stb_vorbis -- stb_vorbis | Use of uninitialized stack variables in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a crafted Ogg Vorbis file. | 2019-08-15 | not yet calculated | CVE-2019-13220 MISC CONFIRM MISC |
stb_vorbis -- stb_vorbis | An out-of-bounds read of a global buffer in the draw_line function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a crafted Ogg Vorbis file. | 2019-08-15 | not yet calculated | CVE-2019-13222 MISC CONFIRM MISC |
stb_vorbis -- stb_vorbis | A heap buffer overflow in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file. | 2019-08-15 | not yet calculated | CVE-2019-13217 MISC CONFIRM MISC |
stb_vorbis -- stb_vorbis | A reachable assertion in the lookup1_values function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file. | 2019-08-15 | not yet calculated | CVE-2019-13223 MISC CONFIRM MISC |
stb_vorbis -- stb_vorbis | Division by zero in the predict_point function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file. | 2019-08-15 | not yet calculated | CVE-2019-13218 MISC CONFIRM MISC |
stb_vorbis -- stb_vorbis | A stack buffer overflow in the compute_codewords function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file. | 2019-08-15 | not yet calculated | CVE-2019-13221 MISC CONFIRM MISC |
storage_performance_development_kit -- storage_performance_development_kit | In Storage Performance Development Kit (SPDK) before 19.07, a user of a vhost can cause a crash if the target is sent invalid input. | 2019-08-11 | not yet calculated | CVE-2019-14940 MISC |
sugarcrm -- sugarcrm | SugarCRM Enterprise 9.0.0 allows mobile/error-not-supported-platform.html?desktop_url= XSS. | 2019-08-14 | not yet calculated | CVE-2019-14974 MISC |
telenav -- scout_gps_link_app | The Telenav Scout GPS Link app 1.x for iOS, as used with Toyota and Lexus vehicles, has an incorrect protection mechanism against brute-force attacks on the authentication process, which makes it easier for attackers to obtain multimedia-screen access via port 7050 on the cellular network, as demonstrated by a DrivingRestriction method call to uma/jsonrpc/mobile. | 2019-08-12 | not yet calculated | CVE-2019-14951 MISC |
tenable -- nessus | Nessus 8.5.2 and earlier on Windows platforms were found to contain an issue where certain system files could be overwritten arbitrarily, potentially creating a denial of service condition. | 2019-08-15 | not yet calculated | CVE-2019-3974 MISC |
tibco -- multiple_products | The web server component of TIBCO Software Inc.'s TIBCO LogLogic Enterprise Virtual Appliance, and TIBCO LogLogic Log Management Intelligence contains multiple vulnerabilities that theoretically allow persistent and reflected cross-site scripting (XSS) attacks, as well as cross-site request forgery (CSRF) attacks. This issue affects: TIBCO Software Inc. TIBCO LogLogic Enterprise Virtual Appliance version 6.2.1 and prior versions. TIBCO Software Inc. TIBCO LogLogic Log Management Intelligence 6.2.1. TIBCO LogLogic LX825 Appliance 0.0.004, TIBCO LogLogic LX1025 Appliance 0.0.004, TIBCO LogLogic LX4025 Appliance 0.0.004, TIBCO LogLogic MX3025 Appliance 0.0.004, TIBCO LogLogic MX4025 Appliance 0.0.004, TIBCO LogLogic ST1025 Appliance 0.0.004, TIBCO LogLogic ST2025-SAN Appliance 0.0.004, and TIBCO LogLogic ST4025 Appliance 0.0.004 using TIBCO LogLogic Log Management Intelligence versions 6.2.1 and below. TIBCO LogLogic LX1035 Appliance 0.0.005, TIBCO LogLogic LX1025R1 Appliance 0.0.004, TIBCO LogLogic LX1025R2 Appliance 0.0.004, TIBCO LogLogic LX4025R1 Appliance 0.0.004, TIBCO LogLogic LX4025R2 Appliance 0.0.004, TIBCO LogLogic LX4035 Appliance 0.0.005, TIBCO LogLogic ST2025-SANR1 Appliance 0.0.004, TIBCO LogLogic ST2025-SANR2 Appliance 0.0.004, TIBCO LogLogic ST2035-SAN Appliance 0.0.005, TIBCO LogLogic ST4025R1 Appliance 0.0.004, TIBCO LogLogic ST4025R2 Appliance 0.0.004, and TIBCO LogLogic ST4035 Appliance 0.0.005 using TIBCO LogLogic Log Management Intelligence versions 6.2.1 and below. | 2019-08-13 | not yet calculated | CVE-2019-11207 CONFIRM CONFIRM |
tortoisesvn -- tortoisesvn | An issue was discovered in in TortoiseSVN 1.12.1. The Tsvncmd: URI handler allows a customised diff operation on Excel workbooks, which could be used to open remote workbooks without protection from macro security settings to execute arbitrary code. A tsvncmd:command:diff?path:[file1]?path2:[file2] URI will execute a customised diff on [file1] and [file2] based on the file extension. For xls files, it will execute the script diff-xls.js using wscript, which will open the two files for analysis without any macro security warning. An attacker can exploit this by putting a macro virus in a network drive, and force the victim to open the workbooks and execute the macro inside. | 2019-08-15 | not yet calculated | CVE-2019-14422 FULLDISC MISC |
tp-link -- m7350_devices | The web-based configuration interface of the TP-Link M7350 V3 with firmware before 190531 is affected by a pre-authentication command injection vulnerability. | 2019-08-14 | not yet calculated | CVE-2019-12103 MISC MISC |
tp-link -- m7350_devices | The web-based configuration interface of the TP-Link M7350 V3 with firmware before 190531 is affected by several post-authentication command injection vulnerabilities. | 2019-08-14 | not yet calculated | CVE-2019-12104 MISC MISC |
unisign -- unisign | UniSign 2.0.4.0 and earlier version contains a stack-based buffer overflow vulnerability which can overwrite the stack with arbitrary data, due to a buffer overflow in a library. That leads remote attacker to execute arbitrary code via crafted https packets. | 2019-08-13 | not yet calculated | CVE-2019-12806 MISC |
vesta -- control_panel | A command injection vulnerability in UploadHandler.php in Vesta Control Panel 0.9.8-24 allows remote attackers to escalate from regular registered users to root. | 2019-08-15 | not yet calculated | CVE-2019-12792 MISC CONFIRM |
vesta -- control_panel | A directory traversal vulnerability in the v-list-user script in Vesta Control Panel 0.9.8-24 allows remote attackers to escalate from regular registered users to root via the password reset form. | 2019-08-15 | not yet calculated | CVE-2019-12791 MISC CONFIRM |
web_studio -- ultimate_loan_manager | XSS exists in WEB STUDIO Ultimate Loan Manager 2.0 by adding a branch under the Branches button that sets the notes parameter with crafted JavaScript code. | 2019-08-14 | not yet calculated | CVE-2019-14427 EXPLOIT-DB |
webmin -- webmin | An issue was discovered in Webmin through 1.920. The parameter old in password_change.cgi contains a command injection vulnerability. | 2019-08-15 | not yet calculated | CVE-2019-15107 MISC MISC |
wind_river -- vxworks | Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option. | 2019-08-09 | not yet calculated | CVE-2019-12260 CONFIRM CONFIRM CONFIRM CONFIRM MISC MISC CONFIRM |
wind_river -- vxworks | Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing. | 2019-08-09 | not yet calculated | CVE-2019-12259 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM MISC CONFIRM |
wind_river -- vxworks | Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability: DoS of TCP connection via malformed TCP options. | 2019-08-09 | not yet calculated | CVE-2019-12258 CONFIRM CONFIRM CONFIRM CONFIRM MISC MISC CONFIRM |
wind_river -- vxworks | Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets? IP options. | 2019-08-09 | not yet calculated | CVE-2019-12256 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM MISC CONFIRM |
wind_river -- vxworks | Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow. | 2019-08-09 | not yet calculated | CVE-2019-12255 MISC CONFIRM CONFIRM CONFIRM CONFIRM MISC MISC CONFIRM |
wind_river -- vxworks | Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Control in the RARP client component. IPNET security vulnerability: Handling of unsolicited Reverse ARP replies (Logical Flaw). | 2019-08-14 | not yet calculated | CVE-2019-12262 CONFIRM CONFIRM |
wind_river -- vxworks | Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client component. There is an IPNET security vulnerability: IGMP Information leak via IGMPv3 specific membership report. | 2019-08-09 | not yet calculated | CVE-2019-12265 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM MISC CONFIRM |
wind_river -- vxworks | Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition. | 2019-08-09 | not yet calculated | CVE-2019-12263 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM MISC CONFIRM |
wind_river -- vxworks | Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host. | 2019-08-09 | not yet calculated | CVE-2019-12261 CONFIRM CONFIRM CONFIRM CONFIRM MISC MISC CONFIRM |
wordpress -- wordpress | The woocommerce-product-addon plugin before 18.4 for WordPress has XSS via an import of a new meta data structure. | 2019-08-12 | not yet calculated | CVE-2019-14948 MISC MISC |
wordpress -- wordpress | The wp-editor plugin before 1.2.6 for WordPress has incorrect permissions. | 2019-08-14 | not yet calculated | CVE-2016-10886 MISC |
wordpress -- wordpress | The i-recommend-this plugin before 3.7.3 for WordPress has SQL injection. | 2019-08-16 | not yet calculated | CVE-2014-10376 MISC |
wordpress -- wordpress | The all-in-one-wp-security-and-firewall plugin before 4.0.9 for WordPress has multiple SQL injection issues. | 2019-08-14 | not yet calculated | CVE-2016-10887 MISC |
wordpress -- wordpress | The all-in-one-wp-security-and-firewall plugin before 4.0.7 for WordPress has multiple SQL injection issues. | 2019-08-14 | not yet calculated | CVE-2016-10888 MISC |
wordpress -- wordpress | The olimometer plugin before 2.57 for WordPress has SQL injection. | 2019-08-16 | not yet calculated | CVE-2016-10904 MISC |
wordpress -- wordpress | The simple-share-buttons-adder plugin before 6.0.0 for WordPress has XSS. | 2019-08-12 | not yet calculated | CVE-2015-9303 MISC |
wordpress -- wordpress | The contact-form-multi plugin before 1.2.1 for WordPress has multiple XSS issues. | 2019-08-13 | not yet calculated | CVE-2017-18490 MISC |
wordpress -- wordpress | The simple-membership plugin before 3.3.3 for WordPress has multiple CSRF issues. | 2019-08-14 | not yet calculated | CVE-2016-10884 MISC |
wordpress -- wordpress | The wp-fastest-cache plugin before 0.8.4.9 for WordPress has SQL injection in wp-admin/admin-ajax.php?action=wpfc_wppolls_ajax_request via the poll_id parameter. | 2019-08-14 | not yet calculated | CVE-2015-9316 MISC MISC |
wordpress -- wordpress | The custom-sidebars plugin before 3.1.0 for WordPress has CSRF related to set location, import actions, and export actions. | 2019-08-14 | not yet calculated | CVE-2017-18510 MISC |
wordpress -- wordpress | The invite-anyone plugin before 1.3.16 for WordPress has incorrect access control for email-based invitations. | 2019-08-16 | not yet calculated | CVE-2017-18543 MISC |
wordpress -- wordpress | The custom-sidebars plugin before 3.0.8.1 for WordPress has CSRF. | 2019-08-14 | not yet calculated | CVE-2017-18511 MISC |
wordpress -- wordpress | The wp-ultimate-csv-importer plugin before 3.8.1 for WordPress has XSS. | 2019-08-12 | not yet calculated | CVE-2015-9306 MISC |
wordpress -- wordpress | The adsense-plugin (aka Google AdSense) plugin before 1.44 for WordPress has multiple XSS issues. | 2019-08-13 | not yet calculated | CVE-2017-18487 MISC |
wordpress -- wordpress | The simple-add-pages-or-posts plugin before 1.7 for WordPress has CSRF for deleting users. | 2019-08-14 | not yet calculated | CVE-2016-10883 MISC |
wordpress -- wordpress | The erident-custom-login-and-dashboard plugin before 3.5 for WordPress has CSRF. | 2019-08-16 | not yet calculated | CVE-2015-9322 MISC |
wordpress -- wordpress | The woocommerce-pdf-invoices-packing-slips plugin before 2.0.13 for WordPress has XSS via the tab or section variable on settings screens. | 2019-08-12 | not yet calculated | CVE-2017-18506 MISC |
wordpress -- wordpress | The google-document-embedder plugin before 2.6.2 for WordPress has CSRF. | 2019-08-14 | not yet calculated | CVE-2016-10882 MISC |
wordpress -- wordpress | The wp-business-intelligence-lite plugin before 1.6.3 for WordPress has SQL injection. | 2019-08-16 | not yet calculated | CVE-2015-9326 MISC |
wordpress -- wordpress | The easy-digital-downloads plugin before 2.3.3 for WordPress has SQL injection. | 2019-08-16 | not yet calculated | CVE-2015-9324 MISC |
wordpress -- wordpress | The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit location feature. | 2019-08-14 | not yet calculated | CVE-2015-9307 MISC |
wordpress -- wordpress | The 404-to-301 plugin before 2.0.3 for WordPress has SQL injection. | 2019-08-16 | not yet calculated | CVE-2015-9323 MISC |
wordpress -- wordpress | The all-in-one-wp-security-and-firewall plugin before 3.9.1 for WordPress has multiple SQL injection issues. | 2019-08-14 | not yet calculated | CVE-2015-9310 MISC |
wordpress -- wordpress | The simple-fields plugin before 1.4.11 for WordPress has XSS. | 2019-08-13 | not yet calculated | CVE-2015-9302 MISC |
wordpress -- wordpress | The visitors-online plugin before 0.4 for WordPress has SQL injection. | 2019-08-16 | not yet calculated | CVE-2015-9325 MISC |
wordpress -- wordpress | The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit map feature. | 2019-08-14 | not yet calculated | CVE-2015-9308 MISC |
wordpress -- wordpress | The liveforms plugin before 3.2.0 for WordPress has SQL injection. | 2019-08-13 | not yet calculated | CVE-2015-9301 MISC |
wordpress -- wordpress | The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit category feature. | 2019-08-14 | not yet calculated | CVE-2015-9309 MISC |
wordpress -- wordpress | The wp-editor plugin before 1.2.6 for WordPress has CSRF. | 2019-08-14 | not yet calculated | CVE-2016-10885 MISC |
wordpress -- wordpress | The contact-form-7-sms-addon plugin before 2.4.0 for WordPress has XSS. | 2019-08-13 | not yet calculated | CVE-2017-18489 MISC |
wordpress -- wordpress | The newsletter-by-supsystic plugin before 1.1.8 for WordPress has CSRF. | 2019-08-14 | not yet calculated | CVE-2017-18512 MISC |
wordpress -- wordpress | The google-language-translator plugin before 5.0.06 for WordPress has XSS. | 2019-08-13 | not yet calculated | CVE-2016-10870 MISC |
wordpress -- wordpress | The responsive-menu plugin before 3.1.4 for WordPress has no CSRF protection mechanism for the admin interface. | 2019-08-14 | not yet calculated | CVE-2017-18513 MISC |
wordpress -- wordpress | The Custom 404 Pro plugin 3.2.8 for WordPress has XSS via the wp-admin/admin.php?page=c4p-main page parameter. | 2019-08-15 | not yet calculated | CVE-2019-14789 MISC MISC |
wordpress -- wordpress | A SQL injection vulnerability exists in the Impress GiveWP Give plugin through 2.5.0 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via includes/payments/class-payments-query.php. | 2019-08-15 | not yet calculated | CVE-2019-13578 MISC MISC MISC MISC |
wordpress -- wordpress | The woocommerce-jetpack plugin before 3.8.0 for WordPress has XSS in the Products Per Page feature. | 2019-08-12 | not yet calculated | CVE-2018-20966 MISC |
wordpress -- wordpress | The wp-ultimate-exporter plugin before 1.4.2 for WordPress has CSRF. | 2019-08-14 | not yet calculated | CVE-2018-20968 MISC |
wordpress -- wordpress | The toggle-the-title (aka Toggle The Title) plugin 1.4 for WordPress has XSS via the wp-admin/admin-ajax.php?action=update_title_options isAutoSaveValveChecked or isDisableAllPagesValveChecked parameter. | 2019-08-15 | not yet calculated | CVE-2019-14795 MISC MISC |
wordpress -- wordpress | The simple-login-log plugin before 1.1.2 for WordPress has SQL injection. | 2019-08-14 | not yet calculated | CVE-2017-18514 MISC |
wordpress -- wordpress | The limb-gallery (aka Limb Gallery) plugin 1.4.0 for WordPress has XSS via the wp-admin/admin-ajax.php?action=grsGalleryAjax&grsAction=shortcode task parameter, | 2019-08-15 | not yet calculated | CVE-2019-14790 MISC MISC |
wordpress -- wordpress | The FV Flowplayer Video Player plugin before 7.3.15.727 for WordPress allows guests to obtain the email subscription list in CSV format via the wp-admin/admin-post.php?page=fvplayer&fv-email-export=1 URI. | 2019-08-15 | not yet calculated | CVE-2019-14800 MISC MISC |
wordpress -- wordpress | The custom-admin-page plugin before 0.1.2 for WordPress has multiple XSS issues. | 2019-08-13 | not yet calculated | CVE-2017-18493 MISC |
wordpress -- wordpress | The companion-auto-update plugin before 3.2.1 for WordPress has CSRF. | 2019-08-16 | not yet calculated | CVE-2018-20972 MISC |
wordpress -- wordpress | wp-admin/admin-ajax.php?action=newsletters_exportmultiple in the Tribulant Newsletters plugin before 4.6.19 for WordPress allows directory traversal with resultant remote PHP code execution via the subscribers[1][1] parameter in conjunction with an exportfile=../ value. | 2019-08-15 | not yet calculated | CVE-2019-14788 MISC MISC |
wordpress -- wordpress | The companion-auto-update plugin before 3.2.1 for WordPress has local file inclusion. | 2019-08-16 | not yet calculated | CVE-2018-20973 MISC |
wordpress -- wordpress | The js-jobs plugin before 1.0.7 for WordPress has CSRF. | 2019-08-16 | not yet calculated | CVE-2018-20974 MISC |
wordpress -- wordpress | The Rank Math SEO plugin 1.0.27 for WordPress allows non-admin users to reset the settings via the wp-admin/admin-post.php reset-cmb parameter. | 2019-08-15 | not yet calculated | CVE-2019-14786 MISC MISC |
wordpress -- wordpress | The "CP Contact Form with PayPal" plugin before 1.2.98 for WordPress has XSS in CSS edition. | 2019-08-15 | not yet calculated | CVE-2019-14784 MISC |
wordpress -- wordpress | The invite-anyone plugin before 1.3.16 for WordPress has incorrect escaping of untrusted Dashboard and front-end input. | 2019-08-16 | not yet calculated | CVE-2017-18545 MISC |
wordpress -- wordpress | The ninja-forms plugin before 3.3.21.2 for WordPress has SQL injection in the search filter on the submissions page. | 2019-08-14 | not yet calculated | CVE-2019-15025 MISC |
wordpress -- wordpress | The google-document-embedder plugin before 2.6.2 for WordPress has XSS. | 2019-08-14 | not yet calculated | CVE-2016-10881 MISC |
wordpress -- wordpress | The note-press plugin before 0.1.2 for WordPress has SQL injection. | 2019-08-16 | not yet calculated | CVE-2017-18548 MISC |
wordpress -- wordpress | The google-document-embedder plugin before 2.6.1 for WordPress has XSS. | 2019-08-14 | not yet calculated | CVE-2016-10880 MISC |
wordpress -- wordpress | The companion-sitemap-generator plugin before 3.7.0 for WordPress has CSRF. | 2019-08-16 | not yet calculated | CVE-2019-15113 MISC |
wordpress -- wordpress | The zendesk-help-center plugin before 1.0.5 for WordPress has multiple XSS issues. | 2019-08-16 | not yet calculated | CVE-2017-18542 MISC |
wordpress -- wordpress | The formcraft-form-builder plugin before 1.2.2 for WordPress has CSRF. | 2019-08-16 | not yet calculated | CVE-2019-15114 MISC |
wordpress -- wordpress | The jayj-quicktag plugin before 1.3.2 for WordPress has CSRF. | 2019-08-16 | not yet calculated | CVE-2017-18546 MISC |
wordpress -- wordpress | The nelio-ab-testing plugin before 4.6.4 for WordPress has CSRF in experiment forms. | 2019-08-16 | not yet calculated | CVE-2017-18547 MISC |
wordpress -- wordpress | The xo-security plugin before 1.5.3 for WordPress has XSS. | 2019-08-16 | not yet calculated | CVE-2017-18541 MISC |
wordpress -- wordpress | An issue was discovered in the svg-vector-icon-plugin (aka WP SVG Icons) plugin through 3.2.1 for WordPress. wp-admin/admin.php?page=wp-svg-icons-custom-set mishandles Custom Icon uploads. CSRF leads to upload of a ZIP archive containing a .php file. | 2019-08-14 | not yet calculated | CVE-2019-14216 MISC MISC |
wordpress -- wordpress | The easy-digital-downloads plugin before 2.9.16 for WordPress has XSS related to IP address logging. | 2019-08-16 | not yet calculated | CVE-2019-15116 MISC |
wordpress -- wordpress | The peters-login-redirect plugin before 2.9.2 for WordPress has CSRF. | 2019-08-16 | not yet calculated | CVE-2019-15115 MISC |
wordpress -- wordpress | The invite-anyone plugin before 1.3.16 for WordPress has admin-panel CSRF. | 2019-08-16 | not yet calculated | CVE-2017-18544 MISC |
wordpress -- wordpress | The wp-ultimate-csv-importer plugin before 5.6.1 for WordPress has CSRF. | 2019-08-14 | not yet calculated | CVE-2018-20967 MISC |
wordpress -- wordpress | The simple-fields plugin before 1.2 for WordPress has CSRF in the admin interface. | 2019-08-14 | not yet calculated | CVE-2013-7476 MISC |
wordpress -- wordpress | The church-admin plugin before 1.2550 for WordPress has CSRF affecting the upload of a bible reading plan. | 2019-08-16 | not yet calculated | CVE-2018-20971 MISC |
wso2 -- api_manager | An issue was discovered in WSO2 API Manager 2.6.0 before WSO2-CARBON-PATCH-4.4.0-4457. There is XSS via a crafted filename to the file-upload feature of the event simulator component. | 2019-08-16 | not yet calculated | CVE-2019-15108 MISC |
xtrlock -- xtrlock | xtrlock through 2.10 does not block multitouch events. Consequently, an attacker at a locked screen can send input to (and thus control) various programs such as Chromium via events such as pan scrolling, "pinch and zoom" gestures, or even regular mouse clicks (by depressing the touchpad once and then clicking with a different finger). | 2019-08-15 | not yet calculated | CVE-2016-10894 MISC |
yandex -- clickhouse | In ClickHouse before 18.12.13, functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages. | 2019-08-15 | not yet calculated | CVE-2018-14672 MISC |
yandex -- clickhouse | Incorrect configuration in deb package in ClickHouse before 1.1.54131 could lead to unauthorized use of the database. | 2019-08-15 | not yet calculated | CVE-2018-14670 CONFIRM |
yandex -- clickhouse | ClickHouse MySQL client before versions 1.1.54390 had "LOAD DATA LOCAL INFILE" functionality enabled that allowed a malicious MySQL database read arbitrary files from the connected ClickHouse server. | 2019-08-15 | not yet calculated | CVE-2018-14669 MISC |
yandex -- clickhouse | In ClickHouse before 1.1.54388, "remote" table function allowed arbitrary symbols in "user", "password" and "default_database" fields which led to Cross Protocol Request Forgery Attacks. | 2019-08-15 | not yet calculated | CVE-2018-14668 MISC |
yandex -- clickhouse | In ClickHouse before 18.10.3, unixODBC allowed loading arbitrary shared objects from the file system which led to a Remote Code Execution vulnerability. | 2019-08-15 | not yet calculated | CVE-2018-14671 CONFIRM |
yes24viewer_activex -- yes24viewer_activex | Yes24ViewerX ActiveX Control 1.0.327.50126 and earlier versions contains a vulnerability that could allow remote attackers to download and execute arbitrary files by setting the arguments to the ActiveX method. This can be leveraged for code execution. | 2019-08-15 | not yet calculated | CVE-2019-12809 MISC |
zabbix -- zabbix | Zabbix through 4.4.0alpha1 allows User Enumeration. With login requests, it is possible to enumerate application usernames based on the variability of server responses (e.g., the "Login name or password is incorrect" and "No permissions for system access" messages, or just blocking for a number of seconds). This affects both api_jsonrpc.php and index.php. | 2019-08-17 | not yet calculated | CVE-2019-15132 MISC |
zoho_manageengine -- _opmanager | An issue was discovered in Zoho ManageEngine OpManager through 12.4x. One can bypass the user password requirement and execute commands on the server. The "username+'@opm' string is used for the password. For example, if the username is admin, the password is admin@opm. | 2019-08-15 | not yet calculated | CVE-2019-15106 MISC MISC |
zoho_manageengine -- application_manager | An issue was discovered in Zoho ManageEngine Application Manager through 14.2. There is a SQL Injection vulnerability in jsp/NewThresholdConfiguration.jsp via the resourceid parameter. Therefore, a low-authority user can gain the authority of SYSTEM on the server. One can consequently upload a malicious file using the "Execute Program Action(s)" feature. | 2019-08-15 | not yet calculated | CVE-2019-15105 MISC MISC |
zoho_manageengine -- opmanager | An issue was discovered in Zoho ManageEngine OpManager through 12.4x. There is a SQL Injection vulnerability in jsp/NewThresholdConfiguration.jsp via the resourceid parameter. Therefore, a low-authority user can gain the authority of SYSTEM on the server. One can consequently upload a malicious file using the "Execute Program Action(s)" feature. | 2019-08-15 | not yet calculated | CVE-2019-15104 MISC MISC |
zoho_manageengine -- servicedesk_plus | Zoho ManageEngine ServiceDesk Plus 10 before 10509 allows unauthenticated sensitive information leakage during Fail Over Service (FOS) replication, aka SD-79989. | 2019-08-14 | not yet calculated | CVE-2019-15046 MISC |
zte -- zxhn_f670_product | All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by cross-site scripting vulnerability (XSS). Due to incomplete input validation, an authorized user can exploit this vulnerability to execute malicious scripts. | 2019-08-15 | not yet calculated | CVE-2019-3418 CONFIRM |
zte -- zxhn_f670_product | All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by command injection vulnerability. Due to insufficient parameter validation check, an authorized user can exploit this vulnerability to take control of user router system. | 2019-08-15 | not yet calculated | CVE-2019-3417 CONFIRM |
This product is provided subject to this Notification and this Privacy & Use policy.
from CISA All NCAS Products https://www.us-cert.gov/ncas/bulletins/sb19-231
Comments
Post a Comment