Vulnerability Summary for the Week of August 12, 2019

Released
Aug 19, 2019
Document ID
SB19-231

The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High: vulnerabilities with a CVSS base score of 7.0–10.0
  • Medium: vulnerabilities with a CVSS base score of 4.0–6.9
  • Low: vulnerabilities with a CVSS base score of 0.0–3.9

Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis. 

 

The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available

High Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
foliovision -- fv_flowplayer_video_playerThe FV Flowplayer Video Player plugin before 7.3.15.727 for WordPress allows email subscription SQL injection.2019-08-097.5CVE-2019-14801
MISC
frappe -- frappeAn issue was discovered in Frappe Framework 10 through 12 before 12.0.4. A server side template injection (SSTI) issue exists.2019-08-127.5CVE-2019-14965
MISC
MISC
MISC
MISC
MISC
MISC
hashicorp -- nomadHashiCorp Nomad 0.9.0 through 0.9.1 has Incorrect Access Control via the exec driver.2019-08-1210.0CVE-2019-12618
MISC
MISC
CONFIRM
hp -- 3par_storeserv_management_consoleA remote authorization bypass vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1.2019-08-0910.0CVE-2019-5402
CONFIRM
hp -- 3par_storeserv_management_consoleA remote script injection vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1.2019-08-098.7CVE-2019-5404
CONFIRM
hp -- 3par_storeserv_management_consoleA remote session reuse vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1.2019-08-099.0CVE-2019-5406
CONFIRM
imagely -- nextgen_galleryThe nextgen-gallery plugin before 2.1.57 for WordPress has SQL injection via a gallery name.2019-08-147.5CVE-2016-10889
MISC
microsoft -- officeA remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1152.2019-08-149.3CVE-2019-1151
MISC
MISC
microsoft -- windows_10A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152.2019-08-149.3CVE-2019-1144
MISC
MISC
microsoft -- windows_10A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1151, CVE-2019-1152.2019-08-149.3CVE-2019-1150
MISC
MISC
MISC
microsoft -- windows_10A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151.2019-08-149.3CVE-2019-1152
MISC
MISC
newstatpress_project -- newstatpressThe newstatpress plugin before 1.0.5 for WordPress has SQL injection related to an IMG element.2019-08-147.5CVE-2015-9313
MISC
newstatpress_project -- newstatpressThe newstatpress plugin before 1.0.1 for WordPress has SQL injection.2019-08-147.5CVE-2015-9315
MISC
txjia -- imcatAn issue was discovered in imcat 4.9. There is SQL Injection via the index.php order parameter in a mod=faqs action.2019-08-127.5CVE-2019-14968
MISC
veronalabs -- wp_statisticsThe wp-statistics plugin before 12.0.8 for WordPress has SQL injection.2019-08-147.5CVE-2017-18515
MISC
wp-events-plugin -- events_managerThe events-manager plugin before 5.6 for WordPress has code injection.2019-08-137.5CVE-2015-9298
MISC

Back to top

 

Medium Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
10web -- photo_galleryThe 10Web Photo Gallery plugin before 1.5.25 for WordPress has Authenticated Local File Inclusion via directory traversal in the wp-admin/admin-ajax.php?action=shortcode_bwg tagtext parameter.2019-08-094.0CVE-2019-14798
MISC
MISC
MISC
23systems -- lightbox_plus_colorboxThe Lightbox Plus Colorbox plugin through 2.7.2 for WordPress has cross-site request forgery (CSRF) via wp-admin/admin.php?page=lightboxplus, as demonstrated by resultant width XSS.2019-08-094.3CVE-2016-10865
MISC
MISC
atlassian -- jiraThe inline-create rest resource in Jira before version 7.12.3 allows authenticated remote attackers to set the reporter in issues via a missing authorisation check.2019-08-094.0CVE-2018-20826
MISC
axiosys -- bento4An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the function AP4_BitReader::SkipBits at Core/Ap4Utils.cpp.2019-08-146.8CVE-2019-15047
MISC
axiosys -- bento4An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer overflow in the AP4_RtpAtom class at Core/Ap4RtpAtom.cpp.2019-08-146.8CVE-2019-15048
MISC
axiosys -- bento4An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_Dec3Atom class at Core/Ap4Dec3Atom.cpp.2019-08-146.8CVE-2019-15049
MISC
axiosys -- bento4An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_AvccAtom class at Core/Ap4AvccAtom.cpp.2019-08-146.8CVE-2019-15050
MISC
backup-guard -- backup_guardThe Backup Guard plugin before 1.1.47 for WordPress has multiple XSS issues.2019-08-134.3CVE-2017-18488
MISC
bestwebsoft -- contact_formThe contact-form-plugin plugin before 3.52 for WordPress has XSS.2019-08-134.3CVE-2013-7475
MISC
bestwebsoft -- contact_formThe contact-form-plugin plugin before 3.96 for WordPress has XSS.2019-08-134.3CVE-2015-9295
MISC
bestwebsoft -- contact_formThe contact-form-plugin plugin before 4.0.2 for WordPress has XSS.2019-08-134.3CVE-2016-10869
MISC
bestwebsoft -- contact_formThe contact-form-plugin plugin before 4.0.6 for WordPress has multiple XSS issues.2019-08-134.3CVE-2017-18491
MISC
bestwebsoft -- contact_form_to_dbThe contact-form-to-db plugin before 1.5.7 for WordPress has multiple XSS issues.2019-08-134.3CVE-2017-18492
MISC
bestwebsoft -- custom_searchThe custom-search-plugin plugin before 1.36 for WordPress has multiple XSS issues.2019-08-134.3CVE-2017-18494
MISC
bestwebsoft -- htaccessThe htaccess plugin before 1.7.6 for WordPress has multiple XSS issues.2019-08-134.3CVE-2017-18496
MISC
bestwebsoft -- social_buttons_packThe social-buttons-pack plugin before 1.1.1 for WordPress has multiple XSS issues.2019-08-124.3CVE-2017-18500
MISC
bestwebsoft -- social_loginThe social-login-bws plugin before 0.2 for WordPress has multiple XSS issues.2019-08-124.3CVE-2017-18501
MISC
bestwebsoft -- subscriberThe subscriber plugin before 1.3.5 for WordPress has multiple XSS issues.2019-08-124.3CVE-2017-18502
MISC
bestwebsoft -- twitter_buttonThe twitter-plugin plugin before 2.55 for WordPress has XSS.2019-08-124.3CVE-2017-18505
MISC
codepeople -- appointment_booking_calendarThe Appointment Booking Calendar plugin 1.3.18 for WordPress allows XSS via the wp-admin/admin-post.php editionarea parameter.2019-08-094.3CVE-2019-14791
MISC
MISC
MISC
codepeople -- contact_form_emailThe contact-form-to-email plugin before 1.2.66 for WordPress has XSS.2019-08-134.3CVE-2018-20963
MISC
codepeople -- contact_form_emailThe contact-form-to-email plugin before 1.2.66 for WordPress has CSRF.2019-08-136.8CVE-2018-20964
MISC
edx -- recommenderRecommender before 2018-07-18 allows XSS.2019-08-094.3CVE-2018-20858
MISC
CONFIRM
exiv2 -- exiv2In Exiv2 before v0.27.2, there is an integer overflow vulnerability in the WebPImage::getHeaderOffset function in webpimage.cpp. It can lead to a buffer overflow vulnerability and a crash.2019-08-124.3CVE-2019-14982
MISC
MISC
MISC
flippercode -- google_mapThe wp-google-map-plugin plugin before 2.3.7 for WordPress has XSS related to the add_query_arg() and remove_query_arg() functions.2019-08-124.3CVE-2015-9305
MISC
flippercode -- google_mapThe wp-google-map-plugin plugin before 3.1.2 for WordPress has XSS.2019-08-124.3CVE-2016-10878
MISC
foliovision -- fv_flowplayer_video_playerThe FV Flowplayer Video Player plugin before 7.3.14.727 for WordPress allows email subscription XSS.2019-08-094.3CVE-2019-14799
MISC
MISC
frappe -- frappeAn issue was discovered in Frappe Framework 10 through 12 before 12.0.4. There exists an authenticated SQL injection.2019-08-126.5CVE-2019-14966
MISC
MISC
MISC
MISC
MISC
MISC
frappe -- frappeAn issue was discovered in Frappe Framework 10, 11 before 11.1.46, and 12. There exists an XSS vulnerability.2019-08-124.3CVE-2019-14967
MISC
MISC
MISC
hp -- 3par_storeserv_management_consoleA remote authorization bypass vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1.2019-08-095.0CVE-2019-5405
CONFIRM
hp -- 3par_storeserv_management_consoleA remote information disclosure vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1.2019-08-096.5CVE-2019-5407
CONFIRM
huawei -- pcmanagerPCManager 9.1.3.1 has an improper authentication vulnerability. The certain driver interface of the software does not perform a validation of user-mode data properly, successful exploit could result in malicious code execution.2019-08-136.8CVE-2019-5223
CONFIRM
ibericode -- mailchimpThe mailchimp-for-wp plugin before 4.0.11 for WordPress has XSS on the integration settings page.2019-08-134.3CVE-2016-10871
MISC
icmsdev -- icmsiCMS 7.0.15 allows admincp.php?app=apps XSS via the keywords parameter.2019-08-124.3CVE-2019-14976
MISC
imagemagick -- imagemagickIn ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file.2019-08-124.3CVE-2019-14980
MISC
MISC
MISC
MISC
imagemagick -- imagemagickIn ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.2019-08-124.3CVE-2019-14981
MISC
MISC
MISC
istio -- istioIstio before 1.1.13 and 1.2.x before 1.2.4 mishandles regular expressions for long URIs, leading to a denial of service during use of the JWT, VirtualService, HTTPAPISpecBinding, or QuotaSpecBinding API.2019-08-135.0CVE-2019-14993
MISC
MISC
MISC
CONFIRM
kunena -- kunenaThe Kunena extension before 5.1.14 for Joomla! allows XSS via BBCode.2019-08-164.3CVE-2019-15120
MISC
MISC
lansweeper -- lansweeperLansweeper before 7.1.117.4 allows unauthenticated SQL injection.2019-08-126.4CVE-2019-13462
MISC
MISC
mediaburst -- gravity_formsThe gravity-forms-sms-notifications plugin before 2.4.0 for WordPress has XSS.2019-08-134.3CVE-2017-18495
MISC
mediawiki -- mediawikiIn the MobileFrontend extension 1.31 through 1.33 for MediaWiki, XSS exists within the edit summary field in includes/specials/MobileSpecialPageFeed.php.2019-08-094.3CVE-2019-14807
CONFIRM
MISC
metabox -- meta_boxThe Meta Box plugin before 4.16.3 for WordPress allows file deletion via ajax, with the wp-admin/admin-ajax.php?action=rwmb_delete_file attachment_id parameter.2019-08-095.5CVE-2019-14793
MISC
MISC
metabox -- meta_boxThe Meta Box plugin before 4.16.2 for WordPress mishandles the uploading of files to custom folders.2019-08-095.0CVE-2019-14794
MISC
netapp -- oncommand_insightOnCommand Insight versions through 7.3.6 may disclose sensitive account information to an authenticated user.2019-08-094.0CVE-2019-5498
CONFIRM
never5 -- download_monitorThe download-monitor plugin before 1.7.1 for WordPress has XSS related to add_query_arg.2019-08-134.3CVE-2015-9296
MISC
newstatpress_project -- newstatpressThe newstatpress plugin before 1.0.6 for WordPress has reflected XSS.2019-08-144.3CVE-2015-9311
MISC
newstatpress_project -- newstatpressThe newstatpress plugin before 1.0.5 for WordPress has XSS related to an IMG element.2019-08-144.3CVE-2015-9312
MISC
newstatpress_project -- newstatpressThe newstatpress plugin before 1.0.4 for WordPress has XSS related to the Referer header.2019-08-144.3CVE-2015-9314
MISC
palletsprojects -- werkzeugPallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker containers share the same machine id.2019-08-095.0CVE-2019-14806
MISC
MISC
MISC
php -- phpWhen PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.2019-08-096.8CVE-2019-11041
CONFIRM
MLIST
UBUNTU
UBUNTU
php -- phpWhen PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.2019-08-096.8CVE-2019-11042
CONFIRM
MLIST
UBUNTU
UBUNTU
presstigers -- simple_job_boardThe simple-job-board plugin before 2.4.4 for WordPress has reflected XSS via keyword search.2019-08-134.3CVE-2017-18498
MISC
siemens -- siprotec_5_firmwareWind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. There is an IPNET security vulnerability: Heap overflow in DHCP Offer/ACK parsing inside ipdhcpc.2019-08-095.8CVE-2019-12257
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
CONFIRM
simple-membership-plugin -- simple_membershipThe simple-membership plugin before 3.5.7 for WordPress has XSS.2019-08-124.3CVE-2017-18499
MISC
tipsandtricks-hq -- all_in_one_wp_security_&_firewallThe all-in-one-wp-security-and-firewall plugin before 3.9.8 for WordPress has XSS in the unlock request feature.2019-08-134.3CVE-2015-9293
MISC
tipsandtricks-hq -- all_in_one_wp_security_&_firewallThe all-in-one-wp-security-and-firewall plugin before 3.9.5 for WordPress has XSS in add_query_arg and remove_query_arg function instances.2019-08-134.3CVE-2015-9294
MISC
tipsandtricks-hq -- all_in_one_wp_security_&_firewallThe all-in-one-wp-security-and-firewall plugin before 4.2.0 for WordPress has multiple XSS issues.2019-08-134.3CVE-2016-10866
MISC
tipsandtricks-hq -- all_in_one_wp_security_&_firewallThe all-in-one-wp-security-and-firewall plugin before 4.0.6 for WordPress has XSS in settings pages.2019-08-134.3CVE-2016-10867
MISC
tipsandtricks-hq -- all_in_one_wp_security_&_firewallThe all-in-one-wp-security-and-firewall plugin before 4.0.5 for WordPress has XSS in the blacklist, file system, and file change detection settings pages.2019-08-134.3CVE-2016-10868
MISC
ultimatemember -- ultimate_memberThe ultimate-member plugin before 1.3.18 for WordPress has XSS via text input.2019-08-124.3CVE-2015-9304
MISC
ultimatemember -- ultimate_memberThe ultimate-member plugin before 1.3.40 for WordPress has XSS on the login form.2019-08-124.3CVE-2016-10872
MISC
ultimatemember -- ultimate_memberThe ultimate-member plugin before 2.0.4 for WordPress has XSS.2019-08-124.3CVE-2018-20965
MISC
w3eden -- live_formsThe liveforms plugin before 3.4.0 for WordPress has XSS.2019-08-134.3CVE-2017-18497
MISC
webkul -- bagistoBagisto 0.1.5 allows CSRF under /admin URIs.2019-08-116.8CVE-2019-14933
MISC
MISC
wp-events-plugin -- events_managerThe events-manager plugin before 5.6 for WordPress has XSS.2019-08-134.3CVE-2015-9297
MISC
wp-events-plugin -- events_managerThe events-manager plugin before 5.5.7.1 for WordPress has DOM XSS.2019-08-134.3CVE-2015-9299
MISC
wp-events-plugin -- events_managerThe events-manager plugin before 5.5.7 for WordPress has multiple XSS issues.2019-08-134.3CVE-2015-9300
MISC
wp-jobmanager -- job_managerThe job-manager plugin before 0.7.19 for WordPress has multiple XSS issues.2019-08-134.3CVE-2012-6713
MISC
wp-livechat -- wp_live_chat_supportThe wp-live-chat-support plugin before 6.2.02 for WordPress has XSS.2019-08-124.3CVE-2016-10879
MISC
wp-livechat -- wp_live_chat_supportThe wp-live-chat-support plugin before 7.1.05 for WordPress has XSS.2019-08-134.3CVE-2017-18507
MISC
wp-livechat -- wp_live_chat_supportThe wp-live-chat-support plugin before 7.1.03 for WordPress has XSS.2019-08-124.3CVE-2017-18508
MISC
wp-livechat -- wp_live_chat_supportThe wp-live-chat-support plugin before 8.0.27 for WordPress has XSS via the GDPR page.2019-08-124.3CVE-2019-14950
MISC
wp_editor_project -- wp_editorThe wp-editor plugin before 1.2.6.3 for WordPress has multiple XSS issues.2019-08-124.3CVE-2016-10877
MISC
wpdeveloper -- twitter_cards_metaThe twitter-cards-meta plugin before 2.5.0 for WordPress has XSS.2019-08-124.3CVE-2017-18503
MISC
wpdeveloper -- twitter_cards_metaThe twitter-cards-meta plugin before 2.5.0 for WordPress has CSRF.2019-08-126.8CVE-2017-18504
MISC
wpseeds -- wp_database_backupThe wp-database-backup plugin before 4.3.3 for WordPress has XSS.2019-08-124.3CVE-2016-10873
MISC
wpseeds -- wp_database_backupThe wp-database-backup plugin before 4.3.3 for WordPress has CSRF.2019-08-126.8CVE-2016-10874
MISC
wpseeds -- wp_database_backupThe wp-database-backup plugin before 4.3.1 for WordPress has XSS.2019-08-124.3CVE-2016-10875
MISC
wpseeds -- wp_database_backupThe wp-database-backup plugin before 4.3.1 for WordPress has CSRF.2019-08-126.8CVE-2016-10876
MISC
wpseeds -- wp_database_backupThe wp-database-backup plugin before 5.1.2 for WordPress has XSS.2019-08-124.3CVE-2019-14949
MISC

Back to top

 

Low Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
10web -- photo_galleryThe 10Web Photo Gallery plugin before 1.5.23 for WordPress has authenticated stored XSS.2019-08-093.5CVE-2019-14797
MISC
atlassian -- jiraThe activity stream gadget in Jira before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the country parameter.2019-08-093.5CVE-2018-20827
MISC
codecabin -- wp_google_mapsThe WP Google Maps plugin before 7.11.35 for WordPress allows XSS via the wp-admin/ rectangle_name or rectangle_opacity parameter.2019-08-093.5CVE-2019-14792
MISC
MISC
MISC
codepeople -- cp_contact_form_with_paypalThe "CP Contact Form with PayPal" plugin before 1.2.99 for WordPress has XSS in the publishing wizard via the wp-admin/admin.php?page=cp_contact_form_paypal.php&pwizard=1 cp_contactformpp_id parameter.2019-08-093.5CVE-2019-14785
MISC
MISC
hp -- 3par_storeserv_management_consoleA remote multiple cross-site scripting vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1.2019-08-093.5CVE-2019-5403
CONFIRM
mq-woocommerce-products-price-bulk-edit_project -- mq-woocommerce-products-price-bulk-editThe mq-woocommerce-products-price-bulk-edit (aka Woocommerce Products Price Bulk Edit) plugin 2.0 for WordPress allows XSS via the wp-admin/admin-ajax.php?action=update_options show_products_page_limit parameter.2019-08-093.5CVE-2019-14796
MISC
MISC
schben -- frameworkAdive Framework through 2.0.7 is affected by XSS in the Create New Table and Create New Navigation Link functions.2019-08-133.5CVE-2019-14987
MISC
tribulant -- newslettersThe Tribulant Newsletters plugin before 4.6.19 for WordPress allows XSS via the wp-admin/admin-ajax.php?action=newsletters_load_new_editor contentarea parameter.2019-08-093.5CVE-2019-14787
MISC
MISC
ultimatemember -- ultimate_memberThe ultimate-member plugin before 2.0.54 for WordPress has XSS.2019-08-123.5CVE-2019-14945
MISC
MISC
ultimatemember -- ultimate_memberThe ultimate-member plugin before 2.0.52 for WordPress has XSS related to UM Roles create and edit operations.2019-08-123.5CVE-2019-14946
MISC
MISC
ultimatemember -- ultimate_memberThe ultimate-member plugin before 2.0.52 for WordPress has XSS during an account upgrade.2019-08-123.5CVE-2019-14947
MISC
MISC
una -- unastudio/polyglot.php?page=etemplates in UNA 10.0.0-RC1 allows XSS via the System Name field under Emails during template editing.2019-08-093.5CVE-2019-14804
MISC
MISC
MISC
una -- unastudio/builder_menu.php?page=sets in UNA 10.0.0-RC1 allows XSS via the System Name field under Sets during set editing.2019-08-093.5CVE-2019-14805
MISC
MISC

Back to top

 

Severity Not Yet Assigned

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
20-20 -- storageAn issue was discovered in 20|20 Storage 2.11.0. A Path Traversal vulnerability in the TwentyTwenty.Storage library in the LocalStorageProvider allows creating and reading files outside of the specified basepath. If the application using this library does not sanitize user-supplied filenames, then this issue may be exploited to read or write arbitrary files. This affects LocalStorageProvider.cs.2019-08-13not yet calculatedCVE-2019-12479
MISC
3cx -- 3cx_windows_client3CX Phone 15 on Windows has insecure permissions on the "%PROGRAMDATA%\3CXPhone for Windows\PhoneApp" installation directory, allowing Full Control access for Everyone, and leading to privilege escalation because of a StartUp link.2019-08-11not yet calculatedCVE-2019-14935
MISC
3s-smart_software_solutions -- codesys_productsAn issue was discovered in 3S-Smart CODESYS V3 products. The CODESYS Gateway does not correctly verify the ownership of a communication channel. All variants of the following CODESYS V3 products in all versions prior to v3.5.14.20 that contain the CmpGateway component are affected, regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control V3 Runtime System Toolkit, CODESYS Gateway V3, CODESYS V3 Development System.2019-08-15not yet calculatedCVE-2019-9010
MISC
3s-smart_software_solutions -- codesys_productsAn issue was discovered in 3S-Smart CODESYS V3 products. A crafted communication request may cause uncontrolled memory allocations in the affected CODESYS products and may result in a denial-of-service condition. All variants of the following CODESYS V3 products in all versions prior to v3.5.14.20 that contain the CmpGateway component are affected, regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control V3 Runtime System Toolkit, CODESYS Gateway V3, CODESYS V3 Development System.2019-08-15not yet calculatedCVE-2019-9012
MISC
3s-smart_software_solutions -- codesys_productsAn issue was discovered in 3S-Smart CODESYS V3 products. The application may utilize non-TLS based encryption, which results in user credentials being insufficiently protected during transport. All variants of the following CODESYS V3 products in all versions containing the CmpUserMgr component are affected regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control RTE V3, CODESYS Control RTE V3 (for Beckhoff CX), CODESYS Control Win V3 (also part of the CODESYS Development System setup), CODESYS V3 Simulation Runtime (part of the CODESYS Development System), CODESYS Control V3 Runtime System Toolkit, CODESYS HMI V3.2019-08-15not yet calculatedCVE-2019-9013
MISC
adobe -- after_effectsAdobe After Effects versions 16 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to arbitrary code execution.2019-08-14not yet calculatedCVE-2019-8062
CONFIRM
adobe -- character_animatorAdobe Character Animator versions 2.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to arbitrary code execution.2019-08-14not yet calculatedCVE-2019-7870
CONFIRM
adobe -- creative_cloud_desktop_applicationCreative Cloud Desktop Application 4.6.1 and earlier versions have an insecure transmission of sensitive data vulnerability. Successful exploitation could lead to information leakage.2019-08-16not yet calculatedCVE-2019-8063
CONFIRM
adobe -- creative_cloud_desktop_applicationCreative Cloud Desktop Application versions 4.6.1 and earlier have a security bypass vulnerability. Successful exploitation could lead to denial of service.2019-08-16not yet calculatedCVE-2019-7957
CONFIRM
adobe -- creative_cloud_desktop_applicationCreative Cloud Desktop Application versions 4.6.1 and earlier have an insecure inherited permissions vulnerability. Successful exploitation could lead to privilege escalation.2019-08-16not yet calculatedCVE-2019-7958
CONFIRM
adobe -- creative_cloud_desktop_applicationCreative Cloud Desktop Application versions 4.6.1 and earlier have a using components with known vulnerabilities vulnerability. Successful exploitation could lead to arbitrary code execution.2019-08-16not yet calculatedCVE-2019-7959
CONFIRM
adobe -- experience_managerAdobe Experience Manager versions 6.5, and 6.4 have an authentication bypass vulnerability. Successful exploitation could lead to remote code execution.2019-08-16not yet calculatedCVE-2019-7964
CONFIRM
adobe -- prelude_ccAdobe Prelude CC versions 8.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to arbitrary code execution.2019-08-14not yet calculatedCVE-2019-7961
CONFIRM
adobe -- premiere_pro_ccAdobe Premiere Pro CC versions 13.1.2 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to arbitrary code execution.2019-08-14not yet calculatedCVE-2019-7931
CONFIRM
altools -- altools_update_serviceALTOOLS update service 18.1 and earlier versions contains a local privilege escalation vulnerability due to insecure permission. An attacker can overwrite an executable that is launched as a service to exploit this vulnerability and execute arbitrary code with system privileges.2019-08-13not yet calculatedCVE-2019-12808
MISC
alzip -- alzipAlzip 10.83 and earlier version contains a stack-based buffer overflow vulnerability, caused by improper bounds checking during the parsing of crafted ISO archive file format. By persuading a victim to open a specially-crafted ISO archive file, an attacker could execution arbitrary code.2019-08-13not yet calculatedCVE-2019-12807
MISC
MISC
arista -- cloudvision_portalArista CloudVision Portal through 2018.1.1 has Incorrect Permissions.2019-08-15not yet calculatedCVE-2018-12357
MISC
CONFIRM
arista -- eosArista EOS through 4.21.0F allows a crash because 802.1x authentication is mishandled.2019-08-15not yet calculatedCVE-2018-14008
MISC
CONFIRM

artica -- integria_ims

filemgr.php in Artica Integria IMS 5.0.86 allows index.php?sec=wiki&sec2=operation/wiki/wiki&action=upload arbitrary file upload.2019-08-16not yet calculatedCVE-2019-15091
MISC
artiflex -- mupdfArtifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_chartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string.2019-08-14not yet calculatedCVE-2019-14975
MISC
MISC
atlassian -- confluence_serverThe "HTML Include and replace macro" plugin before 1.5.0 for Confluence Server allows a bypass of the includeScripts=false XSS protection mechanism via vectors involving an IFRAME element.2019-08-14not yet calculatedCVE-2019-15053
MISC
atlassian -- jira_server_and_data_centerThere was a server-side template injection vulnerability in Jira Server and Data Center, in the ContactAdministrators and the SendBulkMail actions. An attacker is able to remotely execute code on systems that run a vulnerable version of Jira Server or Data Center. All versions of Jira Server and Data Center from 4.4.0 before 7.6.14, from 7.7.0 before 7.13.5, from 8.0.0 before 8.0.3, from 8.1.0 before 8.1.2, and from 8.2.0 before 8.2.3 are affected by this vulnerability.2019-08-09not yet calculatedCVE-2019-11581
MISC
atlassian -- jiraThe login.jsp resource in Jira before version 7.13.4, and from version 8.0.0 before version 8.2.2 allows remote attackers to enumerate usernames via an information disclosure vulnerability.2019-08-13not yet calculatedCVE-2019-8448
MISC
bluetooth -- bluetooth_br/edrThe Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.2019-08-14not yet calculatedCVE-2019-9506
FULLDISC
FULLDISC
FULLDISC
FULLDISC
MISC
CONFIRM
CERT-VN
MISC
cloud_foundry -- uaaCloud Foundry UAA, versions prior to 74.0.0, is vulnerable to an XSS attack. A remote unauthenticated malicious attacker could craft a URL that contains a SCIM filter that contains malicious JavaScript, which older browsers may execute.2019-08-09not yet calculatedCVE-2019-11274
CONFIRM
cms_clipper -- cms_clipperCMS Clipper 1.3.3 has XSS in the Security tab search, User Groups, Resource Groups, and User/Resource Group Links fields.2019-08-15not yet calculatedCVE-2018-12101
MISC
MISC
MISC
cnlh -- npslib/install/install.go in cnlh nps through 0.23.2 uses 0777 permissions for /usr/local/bin/nps and/or /usr/bin/nps, leading to a file overwrite by a local user.2019-08-16not yet calculatedCVE-2019-15119
MISC
MISC
cospas-sarsat -- cospas-sarsatThe COSPAS-SARSAT protocol allows remote attackers to forge messages, replay encrypted messages, conduct denial of service attacks, and send private messages (unrelated to distress alerts) via a crafted 406 MHz digital signal.2019-08-15not yet calculatedCVE-2018-14062
MISC
MISC
dell -- dell_digital_delivery_and_alienware_digital_deliveryDell/Alienware Digital Delivery versions prior to 3.5.2013 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a named pipe that performs binary deserialization via a process hollowing technique to inject malicous code to run an executable with elevated privileges.2019-08-09not yet calculatedCVE-2019-3742
FULLDISC
dell -- dell_digital_delivery_and_alienware_digital_deliveryDell/Alienware Digital Delivery versions prior to 4.0.41 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a Universal Windows Platform application by manipulating the install software package feature with a race condition and a path traversal exploit in order to run a malicious executable with elevated privileges.2019-08-09not yet calculatedCVE-2019-3744
FULLDISC
delta_electronics -- delta_industrial_automation_dopsoftIn Delta Industrial Automation DOPSoft, Version 4.00.06.15 and prior, processing a specially crafted project file may trigger multiple out-of-bounds read vulnerabilities, which may allow information disclosure, remote code execution, or crash of the application.2019-08-15not yet calculatedCVE-2019-13513
MISC
MISC
MISC
MISC
MISC
MISC
delta_electronics -- delta_industrial_automation_dopsoftIn Delta Industrial Automation DOPSoft, Version 4.00.06.15 and prior, processing a specially crafted project file may trigger a use-after-free vulnerability, which may allow information disclosure, remote code execution, or crash of the application.2019-08-15not yet calculatedCVE-2019-13514
MISC
MISC
dolibarr -- dolibarrAn issue was discovered in Dolibarr 11.0.0-alpha. A user can store an IFRAME element (containing a user/card.php CSRF request) in his Linked Files settings page. When visited by the admin, this could completely take over the admin account. (The protection mechanism for CSRF is to check the Referer header; however, because the attack is from one of the application's own settings pages, this mechanism is bypassed.)2019-08-14not yet calculatedCVE-2019-15062
MISC
MISC
dwsurvey -- dwsurveyDWSurvey through 2019-07-22 has reflected XSS via the design/qu-multi-fillblank!answers.action surveyId parameter.2019-08-15not yet calculatedCVE-2019-15095
MISC
eclipse_foundation -- birtIn Eclipse BIRT versions 1.0 to 4.7, the Report Viewer allows Reflected XSS in URL parameter. Attacker can execute the payload in victim's browser context.2019-08-09not yet calculatedCVE-2019-11776
CONFIRM
eq-3 -- homematic_ccu2_and_ccu3_deviceseQ-3 Homematic CCU2 and CCU3 with the CUxD AddOn before 2.3.0 installed allow administrative operations by unauthenticated attackers with access to the web interface, because features such as File-Browser and Shell Command (as well as "Set root password") are exposed.2019-08-13not yet calculatedCVE-2019-14986
MISC
eq-3 -- homematic_ccu2_and_ccu3_deviceseQ-3 Homematic CCU2 prior to 2.47.10 and CCU3 prior to 3.47.10 JSON API has Improper Access Control for Interface.***Metadata related operations, resulting in the ability to read, set and deletion of Metadata.2019-08-14not yet calculatedCVE-2019-9585
MISC
MISC
eq-3 -- homematic_ccu2_and_ccu3_deviceseQ-3 Homematic AddOn 'CloudMatic' on CCU2 and CCU3 allows uncontrolled admin access, resulting in the ability to obtain VPN profile details, shutting down the VPN service and to delete the VPN service configuration. This is related to improper access control for all /addons/mh/ pages.2019-08-14not yet calculatedCVE-2019-9584
MISC
MISC
eq-3 -- homematic_ccu2_and_ccu3_deviceseQ-3 Homematic CCU2 and CCU3 with the XML-API through 1.2.0 AddOn installed allow Remote Code Execution by unauthenticated attackers with access to the web interface, because the undocumented addons/xmlapi/exec.cgi script uses CMD_EXEC to execute TCL code from a POST request.2019-08-13not yet calculatedCVE-2019-14984
MISC
eq-3 -- homematic_ccu2_and_ccu3_deviceseQ-3 Homematic CCU2 and CCU3 with the CUxD AddOn installed allow Remote Code Execution by unauthenticated attackers with access to the web interface, because this interface can access the CMD_EXEC virtual device type 28.2019-08-13not yet calculatedCVE-2019-14985
MISC
eq-3 -- homematic_ccu2_and_ccu3_deviceseQ-3 Homematic CCU2 and CCU3 obtain session IDs without login. This allows a Denial of Service and is a starting point for other attacks. Affected versions for CCU2: 2.35.16, 2.41.5, 2.41.8, 2.41.9, 2.45.6, 2.45.7, 2.47.10, 2.47.12, 2.47.15. Affected versions for CCU3: 3.41.11, 3.43.16, 3.45.5, 3.45.7, 3.47.10, 3.47.15.2019-08-14not yet calculatedCVE-2019-9583
MISC
MISC
eq-3 -- homematic_ccu2_deviceseQ-3 Homematic CCU2 outdated base software packages allows Denial of Service. CCU2 affected versions: 2.35.16, 2.41.5, 2.41.8, 2.41.9, 2.45.6, 2.45.7, 2.47.10, 2.47.12, 2.47.15.2019-08-14not yet calculatedCVE-2019-9582
MISC
MISC
eq-3 -- homematic_ccu3_deviceseQ-3 Homematic CCU3 AddOn 'Mediola NEO Server for Homematic CCU3' prior to 2.4.5 allows uncontrolled admin access to start or stop the Node.js process, resulting in the ability to obtain mediola configuration details. This is related to improper access control for addons configuration pages and a missing check in rc.d/97NeoServer.2019-08-14not yet calculatedCVE-2019-13030
MISC
MISC
exosip -- exosiphandle_messages in eXtl_tls.c in eXosip before 5.0.0 mishandles a negative value in a content-length header.2019-08-14not yet calculatedCVE-2014-10375
MISC
extenua -- silvershieldextenua SilverSHielD 6.x fails to secure its ProgramData folder, leading to a Local Privilege Escalation to SYSTEM. The attacker must replace SilverShield.config.sqlite with a version containing an additional user account, and then use SSH and port forwarding to reach a 127.0.0.1 service.2019-08-17not yet calculatedCVE-2019-13069
MISC
MISC
eyesofnetwork -- eyesofnetworkEyesOfNetwork 5.1 allows Remote Command Execution via shell metacharacters in the module/tool_all/ host field.2019-08-16not yet calculatedCVE-2019-14923
MISC
MISC
fuji_electric -- frenic_loaderFuji Electric FRENIC Loader 3.5.0.0 and prior is vulnerable to an out-of-bounds read vulnerability, which may allow an attacker to read limited information from the device.2019-08-15not yet calculatedCVE-2019-13512
MISC
gcdwebserver -- gcdwebserverAn issue was discovered in GCDWebServer before 3.5.3. The method moveItem in the GCDWebUploader class checks the FileExtension of newAbsolutePath but not oldAbsolutePath. By leveraging this vulnerability, an adversary can make an inaccessible file be available (the credential of the app, for instance).2019-08-10not yet calculatedCVE-2019-14924
MISC
MISC
MISC
giflib -- giflibIn GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c if the height field of the ImageSize data structure is equal to zero.2019-08-17not yet calculatedCVE-2019-15133
MISC
gnu -- patchdo_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.2019-08-16not yet calculatedCVE-2018-20969
MISC
MISC
BUGTRAQ
golang -- gonet/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications. This is related to a Host field with a suffix appearing in neither Hostname() nor Port(), and is related to a non-numeric port number. For example, an attacker can compose a crafted javascript:// URL that results in a hostname of google.com.2019-08-13not yet calculatedCVE-2019-14809
CONFIRM
MISC
CONFIRM
gonicus -- gosaIncorrect Access Control in the LDAP class of GONICUS GOsa through 2019-04-11 allows an attacker to log into any account with a username containing the case-insensitive substring "success" when an arbitrary password is provided.2019-08-15not yet calculatedCVE-2019-11187
MISC
CONFIRM
gradle -- gradleThe HTTP client in the Build tool in Gradle before 5.6 sends authentication credentials originally destined for the configured host. If that host returns a 30x redirect, Gradle also sends those credentials to all subsequent hosts that the request redirects to. This is similar to CVE-2018-1000007.2019-08-14not yet calculatedCVE-2019-15052
MISC
MISC
MISC
hewlett_packard_enterprise -- 3par_service_processorA remote gain authorized access vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.2019-08-09not yet calculatedCVE-2019-5399
CONFIRM
hewlett_packard_enterprise -- 3par_service_processorA remote session reuse vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.2019-08-09not yet calculatedCVE-2019-5400
CONFIRM
hewlett_packard_enterprise -- 3par_service_processorA remote bypass of security restrictions vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.2019-08-09not yet calculatedCVE-2019-5397
CONFIRM
hewlett_packard_enterprise -- 3par_service_processorA remote arbitrary file upload vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.2019-08-09not yet calculatedCVE-2019-5395
CONFIRM
hewlett_packard_enterprise -- 3par_service_processorA remote authentication bypass vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.2019-08-09not yet calculatedCVE-2019-5396
CONFIRM
hewlett_packard_enterprise -- 3par_service_processorA remote multiple multiple cross-site vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.2019-08-09not yet calculatedCVE-2019-5398
CONFIRM
hewlett_packard_enterprise -- command_view_advanced_editionCommand View Advanced Edition (CVAE) products contain a vulnerability that could expose configuration information of hosts and storage systems that are managed by Device Manager server. This problem is due to a vulnerability in Device Manager GUI. The following products are affected. DevMgr version 7.0.0-00 to earlier than 8.6.1-02 RepMgr if it is installed on the same machine as DevMgr TSMgr if it is installed on the same machine as DevMgr. The resolution is to upgrade to the fixed version as described below or later version of DevMgr 8.6.2-02 or later. RepMgr and TSMgr will be corrected by upgrading DevMgr.2019-08-09not yet calculatedCVE-2019-5408
CONFIRM
hostapd_and_wpa_supplicant -- hostapd_and_wpa_supplicantThe implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able to gain leaked information from a side-channel attack that can be used for full password recovery.2019-08-15not yet calculatedCVE-2019-13377
FEDORA
CONFIRM
MISC
MISC
http/2 -- http/2Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE. The peer spends time processing each frame disproportionate to attack bandwidth. This can consume excess CPU.2019-08-13not yet calculatedCVE-2019-9518
FULLDISC
MISC
CERT-VN
BUGTRAQ
CONFIRM
http/2 -- http/2Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both.2019-08-13not yet calculatedCVE-2019-9517
MLIST
MISC
CERT-VN
MLIST
MLIST
MLIST
MLIST
CONFIRM
http/2 -- http/2Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.2019-08-13not yet calculatedCVE-2019-9514
FULLDISC
MISC
CERT-VN
MLIST
MLIST
MLIST
BUGTRAQ
CONFIRM
http/2 -- http/2HTTP/2 (2.4.20 through 2.4.39) very early pushes, for example configured with "H2PushResource", could lead to an overwrite of memory in the pushing request's pool, leading to crashes. The memory copied is that of the configured push link header values, not data supplied by the client.2019-08-15not yet calculatedCVE-2019-10081
MISC
http/2 -- http/2Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends a stream of headers with a 0-length header name and 0-length header value, optionally Huffman encoded into 1-byte or greater headers. Some implementations allocate memory for these headers and keep the allocation alive until the session dies. This can consume excess memory.2019-08-13not yet calculatedCVE-2019-9516
FULLDISC
MISC
CERT-VN
BUGTRAQ
UBUNTU
CONFIRM
http/2 -- http/2Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.2019-08-13not yet calculatedCVE-2019-9515
FULLDISC
MISC
CERT-VN
MLIST
MLIST
MLIST
BUGTRAQ
CONFIRM
http/2 -- http/2Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.2019-08-13not yet calculatedCVE-2019-9512
FULLDISC
MISC
CERT-VN
MLIST
MLIST
MLIST
BUGTRAQ
CONFIRM
http/2 -- http/2Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.2019-08-13not yet calculatedCVE-2019-9511
MISC
CERT-VN
UBUNTU
CONFIRM
http/2 -- http/2Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU.2019-08-13not yet calculatedCVE-2019-9513
MISC
CERT-VN
UBUNTU
CONFIRM
huawei -- cloudlink_phone_7900The SIP TLS module of Huawei CloudLink Phone 7900 with V600R019C10 has a TLS certificate verification vulnerability. Due to insufficient verification of specific parameters of the TLS server certificate, attackers can perform man-in-the-middle attacks, leading to the affected phones registered abnormally, affecting the availability of IP phones.2019-08-13not yet calculatedCVE-2019-5280
CONFIRM
huawei -- hima-al00b_smart_phonesHuawei mobile phones Hima-AL00Bhave with Versions earlier than HMA-AL00C00B175 have a signature verification bypass vulnerability. Attackers can induce users to install malicious applications. Due to a defect in the signature verification logic, the malicious applications can invoke specific interface to execute malicious code. A successful exploit may result in the execution of arbitrary code.2019-08-13not yet calculatedCVE-2019-5299
CONFIRM
humanica -- humatrix_7The Recruitment module in Humanica Humatrix 7 1.0.0.681 and 1.0.0.203 allows remote attackers to access all candidates' information on the website via a modified selApp variable to personalData/resumeDetail.cfm. This includes personal information and other sensitive data.2019-08-12not yet calculatedCVE-2019-14932
MISC
jasper -- jasperThe read_chunk function in flif-dec.cpp in Free Lossless Image Format (FLIF) 0.3 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted flif file.2019-08-15not yet calculatedCVE-2017-14232
CONFIRM
joomla! -- joomla!In Joomla! before 3.9.11, inadequate checks in com_contact could allow mail submission in disabled forms.2019-08-14not yet calculatedCVE-2019-15028
MISC
keycloak -- keycloakIt was found that Keycloak's account console, up to 6.0.1, did not perform adequate header checks in some requests. An attacker could use this flaw to trick an authenticated user into performing operations via request from an untrusted domain.2019-08-14not yet calculatedCVE-2019-10199
CONFIRM
keycloak -- keycloakIt was found that Keycloak's SAML broker, versions up to 6.0.1, did not verify missing message signatures. If an attacker modifies the SAML Response and removes the <Signature> sections, the message is still accepted, and the message can be modified. An attacker could use this flaw to impersonate other users and gain access to sensitive information.2019-08-14not yet calculatedCVE-2019-10201
CONFIRM
leaf_admin -- leaf_adminThe profile photo upload feature in Leaf Admin 61.9.0212.10 f allows Unrestricted Upload of a File with a Dangerous Type.2019-08-15not yet calculatedCVE-2019-14755
MISC
MISC
MISC
ledger -- nano_2_and_nano_x_devicesOn Ledger Nano S and Nano X devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might be able to leverage this behavior to recover confidential secrets such as the PIN and BIP39 mnemonic. In other words, the side channel is relevant only if the attacker has enough control over the device's USB connection to make power-consumption measurements at a time when secret data is displayed. The side channel is not relevant in other circumstances, such as a stolen device that is not currently displaying secret data.2019-08-10not yet calculatedCVE-2019-14354
MISC
libreoffice -- document_foundation_libreofficeLibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice install. Protection was added, to address CVE-2018-16858, to avoid a directory traversal attack where scripts in arbitrary locations on the file system could be executed. However this new protection could be bypassed by a URL encoding attack. In the fixed versions, the parsed url describing the script location is correctly encoded before further processing. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6.2019-08-15not yet calculatedCVE-2019-9852
BUGTRAQ
DEBIAN
MISC
libreoffice -- document_foundation_libreofficeLibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from script event handers. However an insufficient url validation vulnerability in LibreOffice allowed malicious to bypass that protection and again trigger calling LibreLogo from script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6.2019-08-15not yet calculatedCVE-2019-9850
FEDORA
BUGTRAQ
DEBIAN
CONFIRM
libreoffice -- document_foundation_libreofficeLibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers, e.g. mouse over. However LibreOffice also has a separate feature where documents can specify that pre-installed scripts can be executed on various global script events such as document-open, etc. In the fixed versions, global script event handlers are validated equivalently to document script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6.2019-08-15not yet calculatedCVE-2019-9851
BUGTRAQ
DEBIAN
CONFIRM
libtiff -- libtiff_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application crash.2019-08-14not yet calculatedCVE-2019-14973
CONFIRM
linux -- linux_kernelAn issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circumstances. The issue can be triggered as root (e.g., inside a default LXC container or with the CAP_NET_ADMIN capability) or after namespace unsharing. This occurs because sk_type and protocol are not checked in the appropriate part of the ip6_mroute_* functions. NOTE: this affects Linux distributions that use 4.9.x longterm kernels before 4.9.187.2019-08-13not yet calculatedCVE-2017-18509
MISC
MISC
MISC
MLIST
MLIST
MISC
MISC
MISC
BUGTRAQ
DEBIAN
linux -- linux_kerneldrivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.2019-08-15not yet calculatedCVE-2019-15098
MISC
linux -- linux_kernelA vulnerability was found in Linux kernel's, versions up to 3.10, implementation of overlayfs. An attacker with local access can create a denial of service situation via NULL pointer dereference in ovl_posix_acl_create function in fs/overlayfs/dir.c. This can allow attackers with ability to create directories on overlayfs to crash the kernel creating a denial of service (DOS).2019-08-15not yet calculatedCVE-2019-10140
CONFIRM
linux -- linux_kernelAn issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read.2019-08-15not yet calculatedCVE-2019-15090
MISC
MISC
MISC
linux -- linux_kernelcheck_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.2019-08-16not yet calculatedCVE-2019-15118
MISC
MISC
linux -- linux_kernelparse_audio_mixer_unit in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles a short descriptor, leading to out-of-bounds memory access.2019-08-16not yet calculatedCVE-2019-15117
MISC
MISC
linux -- linux_kerneldrivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.2019-08-15not yet calculatedCVE-2019-15099
MISC
maadhaar -- maadhaar_applicationThe mAadhaar application 1.2.7 for Android lacks SSL Certificate Validation, leading to man-in-the-middle attacks against requests for FAQs or Help.2019-08-13not yet calculatedCVE-2019-14516
MISC
MISC
mcafee -- frpPrivilege Escalation vulnerability in McAfee FRP 5.x prior to 5.1.0.209 allows local users to gain elevated privileges via running McAfee Tray with elevated privileges.2019-08-14not yet calculatedCVE-2019-3637
CONFIRM
mcafee -- web_gatewayClickjack vulnerability in Adminstrator web console in McAfee Web Gateway (MWG) 7.8.2.x prior to 7.8.2.12 allows remote attackers to conduct clickjacking attacks via a crafted web page that contains an iframe via does not send an X-Frame-Options HTTP header.2019-08-14not yet calculatedCVE-2019-3639
CONFIRM
mcafee -- web_gatewayExfiltration of Data in McAfee Web Gateway (MWG) 7.8.2.x prior to 7.8.2.12 allows attackers to obtain sensitive data via crafting a complex webpage that will trigger the Web Gateway to block the user accessing an iframe.2019-08-14not yet calculatedCVE-2019-3635
CONFIRM
mediatek -- emmc_for_androidThe MediaTek Embedded Multimedia Card (eMMC) subsystem for Android on MT65xx, MT66xx, and MT8163 SoC devices allows attackers to execute arbitrary commands as root via shell metacharacters in a filename under /data, because clear_emmc_nomedia_entry in platform/mt6577/external/meta/emmc/meta_clr_emmc.c invokes 'system("/system/bin/rm -r /data/' followed by this filename upon an eMMC clearance from a Meta Mode boot. NOTE: compromise of Fire OS on the Amazon Echo Dot would require a second hypothetical vulnerability that allows creation of the required file under /data.2019-08-14not yet calculatedCVE-2019-15027
MISC
MISC
micro_focus -- self_service_password_resetA potential authorization bypass issue was found in Micro Focus Self Service Password Reset (SSPR) versions prior to: 4.4.0.3, 4.3.0.6, and 4.2.0.6. Upgrade to Micro Focus Self Service Password Reset (SSPR) SSPR versions 4.4.0.3, 4.3.0.6, or 4.2.0.6 as appropriate.2019-08-14not yet calculatedCVE-2019-11652
CONFIRM
CONFIRM
CONFIRM
microsoft -- azure_active_directory_authentication_libraryAn elevation of privilege vulnerability exists in Azure Active Directory Authentication Library On-Behalf-Of flow, in the way the library caches tokens, aka 'Azure Active Directory Authentication Library Elevation of Privilege Vulnerability'.2019-08-14not yet calculatedCVE-2019-1258
MISC
microsoft -- azure_active_directory_microsoft_accountAn information disclosure vulnerability exists in Azure Active Directory (AAD) Microsoft Account (MSA) during the login request session, aka 'Windows Information Disclosure Vulnerability'.2019-08-14not yet calculatedCVE-2019-1172
MISC
microsoft -- defenderAn elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Defender Elevation of Privilege Vulnerability'.2019-08-14not yet calculatedCVE-2019-1161
MISC
microsoft -- dhcp_clientA memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka 'Windows DHCP Client Remote Code Execution Vulnerability'.2019-08-14not yet calculatedCVE-2019-0736
MISC
microsoft -- directxAn elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'.2019-08-14not yet calculatedCVE-2019-1176
MISC
microsoft -- dynamics_on-premiseAn elevation of privilege vulnerability exists in Dynamics On-Premise v9, aka 'Dynamics On-Premise Elevation of Privilege Vulnerability'.2019-08-14not yet calculatedCVE-2019-1229
MISC
microsoft -- edgeA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1131, CVE-2019-1139, CVE-2019-1140, CVE-2019-1195, CVE-2019-1196, CVE-2019-1197.2019-08-14not yet calculatedCVE-2019-1141
MISC
microsoft -- edgeA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1139, CVE-2019-1140, CVE-2019-1141, CVE-2019-1195, CVE-2019-1196, CVE-2019-1197.2019-08-14not yet calculatedCVE-2019-1131
MISC
microsoft -- edgeA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1131, CVE-2019-1139, CVE-2019-1141, CVE-2019-1195, CVE-2019-1196, CVE-2019-1197.2019-08-14not yet calculatedCVE-2019-1140
MISC
microsoft -- edgeA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1131, CVE-2019-1139, CVE-2019-1140, CVE-2019-1141, CVE-2019-1195, CVE-2019-1196.2019-08-14not yet calculatedCVE-2019-1197
MISC
microsoft -- edgeA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1131, CVE-2019-1139, CVE-2019-1140, CVE-2019-1141, CVE-2019-1195, CVE-2019-1197.2019-08-14not yet calculatedCVE-2019-1196
MISC
microsoft -- edgeAn information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka 'Microsoft Edge Information Disclosure Vulnerability'.2019-08-14not yet calculatedCVE-2019-1030
MISC
microsoft -- edgeA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1131, CVE-2019-1140, CVE-2019-1141, CVE-2019-1195, CVE-2019-1196, CVE-2019-1197.2019-08-14not yet calculatedCVE-2019-1139
MISC
microsoft -- edgeA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1131, CVE-2019-1139, CVE-2019-1140, CVE-2019-1141, CVE-2019-1196, CVE-2019-1197.2019-08-14not yet calculatedCVE-2019-1195
MISC
microsoft -- git_for_visual_studioAn elevation of privilege vulnerability exists in Git for Visual Studio when it improperly parses configuration files, aka 'Git for Visual Studio Elevation of Privilege Vulnerability'.2019-08-14not yet calculatedCVE-2019-1211
MISC
microsoft -- hyper-vA remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'.2019-08-14not yet calculatedCVE-2019-0965
MISC
microsoft -- hyper-v_network_switchA denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0714, CVE-2019-0717, CVE-2019-0718, CVE-2019-0723.2019-08-14not yet calculatedCVE-2019-0715
MISC
microsoft -- hyper-v_network_switchA denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0714, CVE-2019-0715, CVE-2019-0717, CVE-2019-0723.2019-08-14not yet calculatedCVE-2019-0718
MISC
microsoft -- hyper-v_network_switchA denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0714, CVE-2019-0715, CVE-2019-0718, CVE-2019-0723.2019-08-14not yet calculatedCVE-2019-0717
MISC
microsoft -- hyper-v_network_switchA denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0715, CVE-2019-0717, CVE-2019-0718, CVE-2019-0723.2019-08-14not yet calculatedCVE-2019-0714
MISC
microsoft -- hyper-v_network_switchA remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V Remote Code Execution Vulnerability'.2019-08-14not yet calculatedCVE-2019-0720
MISC
microsoft -- hyper-v_network_switchA denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0714, CVE-2019-0715, CVE-2019-0717, CVE-2019-0718.2019-08-14not yet calculatedCVE-2019-0723
MISC
microsoft -- internet_explorerA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1194.2019-08-14not yet calculatedCVE-2019-1133
MISC
microsoft -- internet_explorerA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1133.2019-08-14not yet calculatedCVE-2019-1194
MISC
microsoft -- internet_explorer_and_edgeA remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'.2019-08-14not yet calculatedCVE-2019-1193
MISC
microsoft -- internet_explorer_and_edgeA security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of different origins, aka 'Microsoft Browsers Security Feature Bypass Vulnerability'.2019-08-14not yet calculatedCVE-2019-1192
MISC
microsoft -- multiple_windows_operating_systemsAn elevation of privilege vulnerability exists in the way that the rpcss.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, CVE-2019-1178, CVE-2019-1179, CVE-2019-1180, CVE-2019-1184, CVE-2019-1186.2019-08-14not yet calculatedCVE-2019-1177
MISC
microsoft -- multiple_windows_operating_systemsAn elevation of privilege vulnerability exists in the way that the unistore.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, CVE-2019-1177, CVE-2019-1178, CVE-2019-1180, CVE-2019-1184, CVE-2019-1186.2019-08-14not yet calculatedCVE-2019-1179
MISC
microsoft -- multiple_windows_operating_systemsA remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152.2019-08-14not yet calculatedCVE-2019-1145
MISC
MISC
microsoft -- multiple_windows_operating_systemsAn information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1078, CVE-2019-1148.2019-08-14not yet calculatedCVE-2019-1153
MISC
MISC
microsoft -- multiple_windows_operating_systemsAn information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1078, CVE-2019-1153.2019-08-14not yet calculatedCVE-2019-1148
MISC
MISC
microsoft -- multiple_windows_operating_systemsA remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1146, CVE-2019-1155, CVE-2019-1156, CVE-2019-1157.2019-08-14not yet calculatedCVE-2019-1147
MISC
microsoft -- multiple_windows_operating_systemsAn information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1143, CVE-2019-1154.2019-08-14not yet calculatedCVE-2019-1158
MISC
microsoft -- multiple_windows_operating_systemsAn information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1154, CVE-2019-1158.2019-08-14not yet calculatedCVE-2019-1143
MISC
microsoft -- multiple_windows_operating_systemsAn elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1164.2019-08-14not yet calculatedCVE-2019-1159
MISC
microsoft -- multiple_windows_operating_systemsA denial of service vulnerability exists when the XmlLite runtime (XmlLite.dll) improperly parses XML input, aka 'XmlLite Runtime Denial of Service Vulnerability'.2019-08-14not yet calculatedCVE-2019-1187
MISC
microsoft -- multiple_windows_operating_systemsAn elevation of privilege exists in SyncController.dll, aka 'Microsoft Windows Elevation of Privilege Vulnerability'.2019-08-14not yet calculatedCVE-2019-1198
MISC
microsoft -- multiple_windows_operating_systemsA remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1146, CVE-2019-1147, CVE-2019-1155, CVE-2019-1157.2019-08-14not yet calculatedCVE-2019-1156
MISC
microsoft -- multiple_windows_operating_systemsA remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1147, CVE-2019-1155, CVE-2019-1156, CVE-2019-1157.2019-08-14not yet calculatedCVE-2019-1146
MISC
microsoft -- multiple_windows_operating_systemsAn elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, CVE-2019-1177, CVE-2019-1179, CVE-2019-1180, CVE-2019-1184, CVE-2019-1186.2019-08-14not yet calculatedCVE-2019-1178
MISC
microsoft -- multiple_windows_operating_systemsA remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services? Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1181, CVE-2019-1222, CVE-2019-1226.2019-08-14not yet calculatedCVE-2019-1182
MISC
microsoft -- multiple_windows_operating_systemsAn elevation of privilege vulnerability exists when reparse points are created by sandboxed processes allowing sandbox escape, aka 'Windows NTFS Elevation of Privilege Vulnerability'.2019-08-14not yet calculatedCVE-2019-1170
MISC
microsoft -- multiple_windows_operating_systemsAn elevation of privilege exists in the p2pimsvc service where an attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit this vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows p2pimsvc Elevation of Privilege Vulnerability'.2019-08-14not yet calculatedCVE-2019-1168
MISC
microsoft -- multiple_windows_operating_systemsAn elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory.An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.The security update addresses the vulnerability by ensuring the Windows kernel image properly handles objects in memory., aka 'Windows Image Elevation of Privilege Vulnerability'.2019-08-14not yet calculatedCVE-2019-1190
MISC
microsoft -- multiple_windows_operating_systemsAn information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1228.2019-08-14not yet calculatedCVE-2019-1227
MISC
microsoft -- multiple_windows_operating_systemsA security feature bypass exists when Windows incorrectly validates CAB file signatures, aka 'Windows File Signature Security Feature Bypass Vulnerability'.2019-08-14not yet calculatedCVE-2019-1163
MISC
microsoft -- multiple_windows_operating_systemsAn information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory, aka 'Remote Desktop Protocol Server Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1224.2019-08-14not yet calculatedCVE-2019-1225
MISC
microsoft -- multiple_windows_operating_systemsAn elevation of privilege vulnerability exists in the way that the PsmServiceExtHost.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1174, CVE-2019-1175, CVE-2019-1177, CVE-2019-1178, CVE-2019-1179, CVE-2019-1180, CVE-2019-1184, CVE-2019-1186.2019-08-14not yet calculatedCVE-2019-1173
MISC
microsoft -- multiple_windows_operating_systemsA remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1146, CVE-2019-1147, CVE-2019-1156, CVE-2019-1157.2019-08-14not yet calculatedCVE-2019-1155
MISC
microsoft -- multiple_windows_operating_systemsAn elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, CVE-2019-1177, CVE-2019-1178, CVE-2019-1179, CVE-2019-1180, CVE-2019-1184.2019-08-14not yet calculatedCVE-2019-1186
MISC
microsoft -- multiple_windows_operating_systemsA remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152.2019-08-14not yet calculatedCVE-2019-1149
MISC
MISC
microsoft -- multiple_windows_operating_systemsAn elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1159.2019-08-14not yet calculatedCVE-2019-1164
MISC
microsoft -- multiple_windows_operating_systemsAn elevation of privilege vulnerability exists when Windows Core Shell COM Server Registrar improperly handles COM calls, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, CVE-2019-1177, CVE-2019-1178, CVE-2019-1179, CVE-2019-1180, CVE-2019-1186.2019-08-14not yet calculatedCVE-2019-1184
MISC
microsoft -- multiple_windows_operating_systemsA remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'.2019-08-14not yet calculatedCVE-2019-1188
MISC
microsoft -- multiple_windows_operating_systemsA remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1146, CVE-2019-1147, CVE-2019-1155, CVE-2019-1156.2019-08-14not yet calculatedCVE-2019-1157
MISC
microsoft -- multiple_windows_operating_systemsAn information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory, aka 'Remote Desktop Protocol Server Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1225.2019-08-14not yet calculatedCVE-2019-1224
MISC
microsoft -- multiple_windows_operating_systemsA remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services? Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1181, CVE-2019-1182, CVE-2019-1226.2019-08-14not yet calculatedCVE-2019-1222
MISC
microsoft -- multiple_windows_operating_systemsAn elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, CVE-2019-1177, CVE-2019-1178, CVE-2019-1179, CVE-2019-1184, CVE-2019-1186.2019-08-14not yet calculatedCVE-2019-1180
MISC
microsoft -- multiple_windows_operating_systemsAn elevation of privilege vulnerability exists in the way that the PsmServiceExtHost.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1175, CVE-2019-1177, CVE-2019-1178, CVE-2019-1179, CVE-2019-1180, CVE-2019-1184, CVE-2019-1186.2019-08-14not yet calculatedCVE-2019-1174
MISC
microsoft -- multiple_windows_operating_systemsAn information disclosure vulnerability exists in SymCrypt during the OAEP decryption stage, aka 'SymCrypt Information Disclosure Vulnerability'.2019-08-14not yet calculatedCVE-2019-1171
MISC
microsoft -- multiple_windows_operating_systemsAn elevation of privilege vulnerability exists in the way that the psmsrv.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1177, CVE-2019-1178, CVE-2019-1179, CVE-2019-1180, CVE-2019-1184, CVE-2019-1186.2019-08-14not yet calculatedCVE-2019-1175
MISC
microsoft -- multiple_windows_operating_systemsAn elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system, aka 'Windows ALPC Elevation of Privilege Vulnerability'.2019-08-14not yet calculatedCVE-2019-1162
MISC
microsoft -- multiple_windows_operating_systemsA remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services? Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1181, CVE-2019-1182, CVE-2019-1222.2019-08-14not yet calculatedCVE-2019-1226
MISC

microsoft -- multiple_windows_products

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.2019-08-14not yet calculatedCVE-2019-1169
MISC
microsoft -- multiple_windows_productsA remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'.2019-08-14not yet calculatedCVE-2019-1183
MISC
microsoft -- multiple_windows_productsA denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'.2019-08-14not yet calculatedCVE-2019-0716
MISC
microsoft -- multiple_windows_productsA remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services? Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1182, CVE-2019-1222, CVE-2019-1226.2019-08-14not yet calculatedCVE-2019-1181
MISC
microsoft -- multiple_windows_productsA memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP failover server, aka 'Windows DHCP Server Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-1212.2019-08-14not yet calculatedCVE-2019-1206
MISC
microsoft -- multiple_windows_productsA remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'.2019-08-14not yet calculatedCVE-2019-1057
MISC
microsoft -- multiple_windows_productsA remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1201.2019-08-14not yet calculatedCVE-2019-1205
MISC
microsoft -- multiple_windows_productsA remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1205.2019-08-14not yet calculatedCVE-2019-1201
MISC
microsoft -- multiple_windows_productsA memory corruption vulnerability exists in the Windows Server DHCP service when processing specially crafted packets, aka 'Windows DHCP Server Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-1206.2019-08-14not yet calculatedCVE-2019-1212
MISC
microsoft -- multple_windows_productsAn information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1148, CVE-2019-1153.2019-08-14not yet calculatedCVE-2019-1078
MISC
microsoft -- outlookAn elevation of privilege vulnerability exists when Microsoft Outlook initiates processing of incoming messages without sufficient validation of the formatting of the messages, aka 'Microsoft Outlook Elevation of Privilege Vulnerability'.2019-08-14not yet calculatedCVE-2019-1204
MISC
microsoft -- outlook_and_office365_proplusA remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory, aka 'Microsoft Outlook Memory Corruption Vulnerability'.2019-08-14not yet calculatedCVE-2019-1199
MISC
microsoft -- outlook_and_office365_proplusA remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka 'Microsoft Outlook Remote Code Execution Vulnerability'.2019-08-14not yet calculatedCVE-2019-1200
MISC
microsoft -- outlook_iosA spoofing vulnerability exists in the way Microsoft Outlook iOS software parses specifically crafted email messages, aka 'Outlook iOS Spoofing Vulnerability'.2019-08-14not yet calculatedCVE-2019-1218
MISC
microsoft -- remote_desktop_protocolA denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'.2019-08-14not yet calculatedCVE-2019-1223
MISC
microsoft -- sharepointAn information disclosure vulnerability exists in the way Microsoft SharePoint handles session objects, aka 'Microsoft SharePoint Information Disclosure Vulnerability'.2019-08-14not yet calculatedCVE-2019-1202
MISC
microsoft -- sharepoint_serverA cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'.2019-08-14not yet calculatedCVE-2019-1203
MISC
microsoft -- windows_10_and_windows_serverAn elevation of privilege vulnerability exists due to a stack corruption in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'.2019-08-14not yet calculatedCVE-2019-1185
MISC
microsoft -- windows_7_and_windows_server_2008An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1143, CVE-2019-1158.2019-08-14not yet calculatedCVE-2019-1154
MISC
microsoft -- windows_7_and_windows_server_2008An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1227.2019-08-14not yet calculatedCVE-2019-1228
MISC
microsoft -- windows_server_2008A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server, aka 'Windows DHCP Server Remote Code Execution Vulnerability'.2019-08-14not yet calculatedCVE-2019-1213
MISC
netgear -- nighthawk_m1_devicesAn issue was discovered on NETGEAR Nighthawk M1 (MR1100) devices before 12.06.03. System commands can be executed, via the web interface, after authentication.2019-08-14not yet calculatedCVE-2019-14527
MISC
netgear -- nighthawk_m1_devicesAn issue was discovered on NETGEAR Nighthawk M1 (MR1100) devices before 12.06.03. The web-interface Cross-Site Request Forgery token is stored in a dynamically generated JavaScript file, and therefore can be embedded in third party pages, and re-used against the Nighthawk web interface. This entirely bypasses the intended security benefits of the use of a CSRF-protection token.2019-08-14not yet calculatedCVE-2019-14526
MISC
netwrix -- auditorNetwrix Auditor before 9.8 has insecure permissions on %PROGRAMDATA%\Netwrix Auditor\Logs\ActiveDirectory\ and sub-folders. In addition, the service Netwrix.ADA.StorageAuditService (which writes to that directory) does not perform proper impersonation, and thus the target file will have the same permissions as the invoking process (in this case, granting Authenticated Users full access over the target file). This vulnerability can be triggered by a low-privileged user to perform DLL Hijacking/Binary Planting attacks and ultimately execute code as NT AUTHORITY\SYSTEM with the help of Symbolic Links.2019-08-12not yet calculatedCVE-2019-14969
MISC
node.js -- node.jsAn issue was discovered in the mysql (aka mysqljs) module 2.17.1 for Node.js. The LOAD DATA LOCAL INFILE option is open by default.2019-08-11not yet calculatedCVE-2019-14939
MISC
nvidia -- shield_tvNVIDIA Shield TV Experience prior to v8.0, contains a vulnerability in the custom NVIDIA API used in the mount system service where user data could be overridden, which may lead to code execution, denial of service, or information disclosure.2019-08-13not yet calculatedCVE-2019-5681
CONFIRM
opencart -- opencartOpenCart 3.x, when the attacker has login access to the admin panel, allows stored XSS within the Source/HTML editing feature of the Categories, Product, and Information pages.2019-08-15not yet calculatedCVE-2019-15081
MISC
openemr -- openemrAn issue was discovered in custom/ajax_download.php in OpenEMR before 5.0.2 via the fileName parameter. An attacker can download any file (that is readable by the user www-data) from server storage. If the requested file is writable for the www-data user and the directory /var/www/openemr/sites/default/documents/cqm_qrda/ exists, it will be deleted from server.2019-08-13not yet calculatedCVE-2019-14530
MISC
MISC
openstack -- novaAn issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2. If an API request from an authenticated user ends in a fault condition due to an external exception, details of the underlying environment may be leaked in the response, and could include sensitive configuration or other data.2019-08-09not yet calculatedCVE-2019-14433
MLIST
MISC
CONFIRM
osisoft -- osisoft_pi_web_apiOSIsoft PI Web API 2018 and prior may allow disclosure of sensitive information.2019-08-15not yet calculatedCVE-2019-13515
MISC
osisoft -- osisoft_pi_web_apiIn OSIsoft PI Web API and prior, the affected product is vulnerable to a direct attack due to a cross-site request forgery protection setting that has not taken effect.2019-08-15not yet calculatedCVE-2019-13516
MISC
pdfresurrect -- pdfresurrectAn issue was discovered in PDFResurrect before 0.18. pdf_load_pages_kids in pdf.c doesn't validate a certain size value, which leads to a malloc failure and out-of-bounds write.2019-08-11not yet calculatedCVE-2019-14934
MISC
MISC
project_redcap -- redcapREDCap before 9.3.0 allows time-based SQL injection in the edit calendar event via the cal_id parameter, such as cal_id=55 and sleep(3) to Calendar/calendar_popup_ajax.php. The attacker can obtain a user's login sessionid from the database, and then re-login into REDCap to compromise all data.2019-08-17not yet calculatedCVE-2019-14937
MISC
MISC
CONFIRM
prospecta -- master_data_onlineProspecta Master Data Online (MDO) 2.0 has Stored XSS.2019-08-15not yet calculatedCVE-2018-17790
MISC
realtek -- waves_maxxaudio_driverRealtek Waves MaxxAudio driver 1.6.2.0, as used on Dell laptops, installs with incorrect file permissions. As a result, a local attacker can escalate to SYSTEM.2019-08-15not yet calculatedCVE-2019-15084
MISC
riot -- riotRIOT through 2019.07 contains a memory leak in the TCP implementation (gnrc_tcp), allowing an attacker to consume all memory available for network packets and thus effectively stopping all network threads from working. This is related to _receive in sys/net/gnrc/transport_layer/tcp/gnrc_tcp_eventloop.c upon receiving an ACK before a SYN.2019-08-17not yet calculatedCVE-2019-15134
MISC
rockwell_automation -- arena_simulation_softwareRockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain an INFORMATION EXPOSURE CWE-200. A maliciously crafted Arena file opened by an unsuspecting user may result in the limited exposure of information related to the targeted workstation.2019-08-15not yet calculatedCVE-2019-13511
MISC
rockwell_automation -- arena_simulation_softwareRockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain a USE AFTER FREE CWE-416. A maliciously crafted Arena file opened by an unsuspecting user may result in the application crashing or the execution of arbitrary code.2019-08-15not yet calculatedCVE-2019-13510
MISC
sap -- businessobjects_business_intelligence_platformUnder certain conditions SAP BusinessObjects Business Intelligence Platform (Central Management Console), versions 4.1, 4.2, 4.3, allows an attacker to store a malicious payload within the description field of a user account. The payload is triggered when the mouse cursor is moved over the description field in the list, when generating the little yellow informational pop up box, resulting in Stored Cross Site Scripting Attack.2019-08-14not yet calculatedCVE-2019-0335
MISC
MISC
sap -- businessobjects_business_intelligence_platformUnencrypted communication error in SAP Business Objects Business Intelligence Platform (Central Management Console), version 4.2, leads to disclosure of list of user names and roles imported from SAP NetWeaver BI systems, resulting in Information Disclosure.2019-08-14not yet calculatedCVE-2019-0346
MISC
MISC
sap -- businessobjects_business_intelligence_platformSAP BusinessObjects Business Intelligence Platform (Web Intelligence), versions 4.1, 4.2, can access database with unencrypted connection, even if the quality of protection should be encrypted.2019-08-14not yet calculatedCVE-2019-0348
MISC
MISC
sap -- businessobjects_business_intelligence_platformUnder certain conditions, SAP BusinessObjects Business Intelligence Platform (BI Workspace), versions 4.1, 4.2, 4.3, allows an attacker to access sensitive data such as directory structure, leading to Information Disclosure.2019-08-14not yet calculatedCVE-2019-0331
MISC
MISC
sap -- businessobjects_business_intelligence_platformSAP BusinessObjects Business Intelligence Platform (Info View), versions 4.1, 4.2, 4.3, allows an attacker to give some payload for keyword in the search and it will be executed while search performs its action, resulting in Cross-Site Scripting (XSS) vulnerability.2019-08-14not yet calculatedCVE-2019-0332
MISC
MISC
sap -- businessobjects_business_intelligence_platformWhen creating a module in SAP BusinessObjects Business Intelligence Platform (BI Workspace), versions 4.1, 4.2, 4.3, it is possible to store a malicious script which when executed later could potentially allow a user to escalate privileges via session hijacking. The attacker could also access other sensitive information, leading to Stored Cross Site Scripting.2019-08-14not yet calculatedCVE-2019-0334
MISC
MISC
sap -- businessobjects_business_intelligence_platformIn some situations, when a client cancels a query in SAP BusinessObjects Business Intelligence Platform (Web Intelligence), versions 4.2, 4.3, the attacker can then query and receive the whole data set instead of just what is part of their authorized security profile, resulting in Information Disclosure.2019-08-14not yet calculatedCVE-2019-0333
MISC
MISC
sap -- commerce_cloudDue to unsafe deserialization used in SAP Commerce Cloud (virtualjdbc extension), versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, it is possible to execute arbitrary code on a target machine with 'Hybris' user rights, resulting in Code Injection.2019-08-14not yet calculatedCVE-2019-0344
MISC
MISC
sap -- commerce_cloudSAP Commerce Cloud (Mediaconversion Extension), versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, allows an authenticated Backoffice/HMC user to inject code that can be executed by the application, leading to Code Injection. An attacker could thereby control the behavior of the application.2019-08-14not yet calculatedCVE-2019-0343
MISC
MISC
sap -- enable_nowThe session cookie used by SAP Enable Now, version 1902, does not have the HttpOnly flag set. If an attacker runs script code in the context of the application, he could get access to the session cookie. The session cookie could then be abused to gain access to the application.2019-08-14not yet calculatedCVE-2019-0341
MISC
MISC
sap -- enable_nowThe XML parser, which is being used by SAP Enable Now, before version 1902, has not been hardened correctly, leading to Missing XML Validation vulnerability. This issue affects the file upload at multiple locations. An attacker can read local XXE files.2019-08-14not yet calculatedCVE-2019-0340
MISC
MISC
sap -- kernelSAP Kernel (ABAP Debugger), versions KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73, KERNEL 7.21, 7.49, 7.53, 7.73, 7.75, 7.76, 7.77, allows a user to execute ?Go to statement? without possessing the authorization S_DEVELOP DEBUG 02, resulting in Missing Authorization Check2019-08-14not yet calculatedCVE-2019-0349
MISC
MISC
sap -- netweaver_application_serverA remote unauthenticated attacker can abuse a web service in SAP NetWeaver Application Server for Java (Administrator System Overview), versions 7.30, 7.31, 7.40, 7.50, by sending a specially crafted XML file and trick the application server into leaking authentication credentials for its own SAP Management console, resulting in Server-Side Request Forgery.2019-08-14not yet calculatedCVE-2019-0345
MISC
MISC
sap -- netweaver_process_integrationJava Proxy Runtime of SAP NetWeaver Process Integration, versions 7.10, 7.11, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs and allows an attacker to execute malicious scripts in the url thereby resulting in Reflected Cross-Site Scripting (XSS) vulnerability2019-08-14not yet calculatedCVE-2019-0337
MISC
MISC
sap -- netweaver_uddi_serverA remote code execution vulnerability exists in the SAP NetWeaver UDDI Server (Services Registry), versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50. Because of this, an attacker can exploit Services Registry potentially enabling them to take complete control of the product, including viewing, changing, or deleting data by injecting code into the working memory which is subsequently executed by the application. It can also be used to cause a general fault in the product, causing the product to terminate.2019-08-14not yet calculatedCVE-2019-0351
MISC
MISC
sap -- sap_gatewayDuring an OData V2/V4 request in SAP Gateway, versions 750, 751, 752, 753, the HTTP Header attributes cache-control and pragma were not properly set, allowing an attacker to access restricted information, resulting in Information Disclosure.2019-08-14not yet calculatedCVE-2019-0338
MISC
MISC
search_guard -- search_guardSearch Guard versions before 24.0 had an issue that field caps and mapping API leak field names (but not values) for fields which are not allowed for the user when field level security (FLS) is activated.2019-08-12not yet calculatedCVE-2019-13417
CONFIRM
MISC
search_guard -- search_guardSearch Guard versions before 24.3 had an issue when Cross Cluster Search (CCS) was enabled, authenticated users can gain read access to data they are not authorized to see.2019-08-13not yet calculatedCVE-2019-13415
CONFIRM
MISC
search_guard -- search_guardSearch Guard versions before 23.1 had an issue that for aggregations clear text values of anonymised fields were leaked.2019-08-13not yet calculatedCVE-2019-13419
CONFIRM
MISC
search_guard -- search_guardSearch Guard versions before 24.3 had an issue when Cross Cluster Search (CCS) was enabled, authenticated users are always authorized on the local cluster ignoring their roles on the remote cluster(s).2019-08-13not yet calculatedCVE-2019-13416
CONFIRM
MISC
search_guard -- search_guardSearch Guard versions before 24.0 had an issue that values of string arrays in documents are not properly anonymized.2019-08-12not yet calculatedCVE-2019-13418
CONFIRM
MISC
search_guard -- search_guardSearch Guard versions before 21.0 had an timing side channel issue when using the internal user database.2019-08-13not yet calculatedCVE-2019-13420
CONFIRM
MISC
siemens -- multiple_scalance_productsA vulnerability has been identified in SCALANCE SC-600 (V2.0), SCALANCE XB-200 (V4.1), SCALANCE XC-200 (V4.1), SCALANCE XF-200BA (V4.1), SCALANCE XP-200 (V4.1), SCALANCE XR-300WG (V4.1). An authenticated attacker with network access to to port 22/tcp of an affected device may cause a Denial-of-Service condition. The security vulnerability could be exploited by an authenticated attacker with network access to the affected device. No user interaction is required to exploit this vulnerability. The vulnerability impacts the availability of the affected device.2019-08-13not yet calculatedCVE-2019-10927
CONFIRM
siemens -- multiple_scalance_productsA vulnerability has been identified in SCALANCE X-200 (All versions), SCALANCE X-200IRT (All versions), SCALANCE X-200RNA (All versions). The device contains a vulnerability that could allow an attacker to trigger a denial-of-service condition by sending large message packages repeatedly to the telnet service. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.2019-08-13not yet calculatedCVE-2019-10942
CONFIRM
siemens -- multiple_simatic_productsA vulnerability has been identified in SIMATIC ET 200SP Open Controller CPU 1515SP PC (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (All versions), SIMATIC S7-1200 CPU family (All versions >= V4.0), SIMATIC S7-1500 CPU family (All versions), SIMATIC S7-1500 Software Controller (All versions), SIMATIC S7-PLCSIM Advanced (All versions). An attacker with network access to port 102/tcp could potentially modify the user program on the PLC in a way that the running code is different from the source code which is stored on the device. An attacker must have network access to affected devices and must be able to perform changes to the user program. The vulnerability could impact the perceived integrity of the user program stored on the CPU. An engineer that tries to obtain the code of the user program running on the device, can receive different source code that is not actually running on the device. No public exploitation of the vulnerability was known at the time of advisory publication.2019-08-13not yet calculatedCVE-2019-10943
CONFIRM
siemens -- multiple_simatic_productsA vulnerability has been identified in SIMATIC ET 200SP Open Controller CPU 1515SP PC (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (All versions), SIMATIC S7-1200 CPU family (All versions >= V4.0), SIMATIC S7-1500 CPU family (All versions), SIMATIC S7-1500 Software Controller (All versions), SIMATIC S7-PLCSIM Advanced (All versions). An attacker in a Man-in-the-Middle position could potentially modify network traffic exchanged on port 102/tcp, due to certain properties in the calculation used for integrity protection. In order to exploit the vulnerability, an attacker must be able to perform a Man-in-the-Middle attack. The vulnerability could impact the integrity of the communication. No public exploitation of the vulnerability was known at the time of advisory publication.2019-08-13not yet calculatedCVE-2019-10929
CONFIRM
siemens -- scalance_sc-600A vulnerability has been identified in SCALANCE SC-600 (V2.0). An authenticated attacker with access to port 22/tcp as well as physical access to an affected device may trigger the device to allow execution of arbitrary commands. The security vulnerability could be exploited by an authenticated attacker with physical access to the affected device. No user interaction is required to exploit this vulnerability. The vulnerability impacts the confidentiality, integrity and availability of the affected device.2019-08-13not yet calculatedCVE-2019-10928
CONFIRM
solarwinds -- database_performance_analyzerSolarWinds Database Performance Analyzer 11.1.457 contains an instance of Reflected XSS in its idcStateError component, where the page parameter is reflected into the HREF of the 'Try Again' Button on the page, aka a /iwc/idcStateError.iwc?page= URI.2019-08-14not yet calculatedCVE-2018-19386
MISC
MISC
squid-cache -- squidDue to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memory. On systems with memory access protections, this can cause the CGI process to terminate unexpectedly, resulting in a denial of service for all clients using it.2019-08-15not yet calculatedCVE-2019-12854
MISC
MISC
MISC
CONFIRM
stb_image_loader -- stb_image_loaderstb_image.h (aka the stb image loader) 2.23 has a heap-based buffer over-read in stbi__tga_load, leading to Information Disclosure or Denial of Service.2019-08-14not yet calculatedCVE-2019-15058
MISC
stb_vorbis -- stb_vorbisA heap buffer overflow in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file.2019-08-15not yet calculatedCVE-2019-13217
MISC
CONFIRM
MISC
stb_vorbis -- stb_vorbisA stack buffer overflow in the compute_codewords function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file.2019-08-15not yet calculatedCVE-2019-13221
MISC
CONFIRM
MISC
stb_vorbis -- stb_vorbisDivision by zero in the predict_point function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file.2019-08-15not yet calculatedCVE-2019-13218
MISC
CONFIRM
MISC
stb_vorbis -- stb_vorbisUse of uninitialized stack variables in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a crafted Ogg Vorbis file.2019-08-15not yet calculatedCVE-2019-13220
MISC
CONFIRM
MISC
stb_vorbis -- stb_vorbisA reachable assertion in the lookup1_values function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file.2019-08-15not yet calculatedCVE-2019-13223
MISC
CONFIRM
MISC
stb_vorbis -- stb_vorbisAn out-of-bounds read of a global buffer in the draw_line function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a crafted Ogg Vorbis file.2019-08-15not yet calculatedCVE-2019-13222
MISC
CONFIRM
MISC
stb_vorbis -- stb_vorbisA NULL pointer dereference in the get_window function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file.2019-08-15not yet calculatedCVE-2019-13219
MISC
CONFIRM
MISC
storage_performance_development_kit -- storage_performance_development_kitIn Storage Performance Development Kit (SPDK) before 19.07, a user of a vhost can cause a crash if the target is sent invalid input.2019-08-11not yet calculatedCVE-2019-14940
MISC
sugarcrm -- sugarcrmSugarCRM Enterprise 9.0.0 allows mobile/error-not-supported-platform.html?desktop_url= XSS.2019-08-14not yet calculatedCVE-2019-14974
MISC
telenav -- scout_gps_link_app_for_iosThe Telenav Scout GPS Link app 1.x for iOS, as used with Toyota and Lexus vehicles, has an incorrect protection mechanism against brute-force attacks on the authentication process, which makes it easier for attackers to obtain multimedia-screen access via port 7050 on the cellular network, as demonstrated by a DrivingRestriction method call to uma/jsonrpc/mobile.2019-08-12not yet calculatedCVE-2019-14951
MISC
tenable -- nessusNessus 8.5.2 and earlier on Windows platforms were found to contain an issue where certain system files could be overwritten arbitrarily, potentially creating a denial of service condition.2019-08-15not yet calculatedCVE-2019-3974
MISC
tibco_software -- multiple_productsThe web server component of TIBCO Software Inc.'s TIBCO LogLogic Enterprise Virtual Appliance, and TIBCO LogLogic Log Management Intelligence contains multiple vulnerabilities that theoretically allow persistent and reflected cross-site scripting (XSS) attacks, as well as cross-site request forgery (CSRF) attacks. This issue affects: TIBCO Software Inc. TIBCO LogLogic Enterprise Virtual Appliance version 6.2.1 and prior versions. TIBCO Software Inc. TIBCO LogLogic Log Management Intelligence 6.2.1. TIBCO LogLogic LX825 Appliance 0.0.004, TIBCO LogLogic LX1025 Appliance 0.0.004, TIBCO LogLogic LX4025 Appliance 0.0.004, TIBCO LogLogic MX3025 Appliance 0.0.004, TIBCO LogLogic MX4025 Appliance 0.0.004, TIBCO LogLogic ST1025 Appliance 0.0.004, TIBCO LogLogic ST2025-SAN Appliance 0.0.004, and TIBCO LogLogic ST4025 Appliance 0.0.004 using TIBCO LogLogic Log Management Intelligence versions 6.2.1 and below. TIBCO LogLogic LX1035 Appliance 0.0.005, TIBCO LogLogic LX1025R1 Appliance 0.0.004, TIBCO LogLogic LX1025R2 Appliance 0.0.004, TIBCO LogLogic LX4025R1 Appliance 0.0.004, TIBCO LogLogic LX4025R2 Appliance 0.0.004, TIBCO LogLogic LX4035 Appliance 0.0.005, TIBCO LogLogic ST2025-SANR1 Appliance 0.0.004, TIBCO LogLogic ST2025-SANR2 Appliance 0.0.004, TIBCO LogLogic ST2035-SAN Appliance 0.0.005, TIBCO LogLogic ST4025R1 Appliance 0.0.004, TIBCO LogLogic ST4025R2 Appliance 0.0.004, and TIBCO LogLogic ST4035 Appliance 0.0.005 using TIBCO LogLogic Log Management Intelligence versions 6.2.1 and below.2019-08-13not yet calculatedCVE-2019-11207
CONFIRM
CONFIRM
tortoisesvn -- tortoisesvnAn issue was discovered in in TortoiseSVN 1.12.1. The Tsvncmd: URI handler allows a customised diff operation on Excel workbooks, which could be used to open remote workbooks without protection from macro security settings to execute arbitrary code. A tsvncmd:command:diff?path:[file1]?path2:[file2] URI will execute a customised diff on [file1] and [file2] based on the file extension. For xls files, it will execute the script diff-xls.js using wscript, which will open the two files for analysis without any macro security warning. An attacker can exploit this by putting a macro virus in a network drive, and force the victim to open the workbooks and execute the macro inside.2019-08-15not yet calculatedCVE-2019-14422
FULLDISC
MISC
tp-link -- m7350_devicesThe web-based configuration interface of the TP-Link M7350 V3 with firmware before 190531 is affected by a pre-authentication command injection vulnerability.2019-08-14not yet calculatedCVE-2019-12103
MISC
MISC
tp-link -- m7350_devicesThe web-based configuration interface of the TP-Link M7350 V3 with firmware before 190531 is affected by several post-authentication command injection vulnerabilities.2019-08-14not yet calculatedCVE-2019-12104
MISC
MISC
unisign -- unisignUniSign 2.0.4.0 and earlier version contains a stack-based buffer overflow vulnerability which can overwrite the stack with arbitrary data, due to a buffer overflow in a library. That leads remote attacker to execute arbitrary code via crafted https packets.2019-08-13not yet calculatedCVE-2019-12806
MISC
vesta -- control_panelA command injection vulnerability in UploadHandler.php in Vesta Control Panel 0.9.8-24 allows remote attackers to escalate from regular registered users to root.2019-08-15not yet calculatedCVE-2019-12792
MISC
CONFIRM
vesta -- control_panelA directory traversal vulnerability in the v-list-user script in Vesta Control Panel 0.9.8-24 allows remote attackers to escalate from regular registered users to root via the password reset form.2019-08-15not yet calculatedCVE-2019-12791
MISC
CONFIRM
web_studio -- ultimate_loan_managerXSS exists in WEB STUDIO Ultimate Loan Manager 2.0 by adding a branch under the Branches button that sets the notes parameter with crafted JavaScript code.2019-08-14not yet calculatedCVE-2019-14427
EXPLOIT-DB
webmin -- webminAn issue was discovered in Webmin through 1.920. The parameter old in password_change.cgi contains a command injection vulnerability.2019-08-15not yet calculatedCVE-2019-15107
MISC
MISC
wind_river -- vxworksWind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Control in the RARP client component. IPNET security vulnerability: Handling of unsolicited Reverse ARP replies (Logical Flaw).2019-08-14not yet calculatedCVE-2019-12262
CONFIRM
CONFIRM
wind_river -- vxworksWind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host.2019-08-09not yet calculatedCVE-2019-12261
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
MISC
CONFIRM
wind_river -- vxworksWind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client component. There is an IPNET security vulnerability: IGMP Information leak via IGMPv3 specific membership report.2019-08-09not yet calculatedCVE-2019-12265
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
CONFIRM
wind_river -- vxworksWind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition.2019-08-09not yet calculatedCVE-2019-12263
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
CONFIRM
wind_river -- vxworksWind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow.2019-08-09not yet calculatedCVE-2019-12255
MISC
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
MISC
CONFIRM
wind_river -- vxworksWind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability: DoS of TCP connection via malformed TCP options.2019-08-09not yet calculatedCVE-2019-12258
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
MISC
CONFIRM
wind_river -- vxworksWind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing.2019-08-09not yet calculatedCVE-2019-12259
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
CONFIRM
wind_river -- vxworksWind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option.2019-08-09not yet calculatedCVE-2019-12260
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
MISC
CONFIRM
wind_river -- vxworksWind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets? IP options.2019-08-09not yet calculatedCVE-2019-12256
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
CONFIRM
wordpress -- wordpressThe companion-auto-update plugin before 3.2.1 for WordPress has CSRF.2019-08-16not yet calculatedCVE-2018-20972
MISC
wordpress -- wordpressThe "CP Contact Form with PayPal" plugin before 1.2.98 for WordPress has XSS in CSS edition.2019-08-15not yet calculatedCVE-2019-14784
MISC
wordpress -- wordpressThe Rank Math SEO plugin 1.0.27 for WordPress allows non-admin users to reset the settings via the wp-admin/admin-post.php reset-cmb parameter.2019-08-15not yet calculatedCVE-2019-14786
MISC
MISC
wordpress -- wordpressThe js-jobs plugin before 1.0.7 for WordPress has CSRF.2019-08-16not yet calculatedCVE-2018-20974
MISC
wordpress -- wordpressThe companion-auto-update plugin before 3.2.1 for WordPress has local file inclusion.2019-08-16not yet calculatedCVE-2018-20973
MISC
wordpress -- wordpresswp-admin/admin-ajax.php?action=newsletters_exportmultiple in the Tribulant Newsletters plugin before 4.6.19 for WordPress allows directory traversal with resultant remote PHP code execution via the subscribers[1][1] parameter in conjunction with an exportfile=../ value.2019-08-15not yet calculatedCVE-2019-14788
MISC
MISC
wordpress -- wordpressThe limb-gallery (aka Limb Gallery) plugin 1.4.0 for WordPress has XSS via the wp-admin/admin-ajax.php?action=grsGalleryAjax&grsAction=shortcode task parameter,2019-08-15not yet calculatedCVE-2019-14790
MISC
MISC
wordpress -- wordpressThe custom-admin-page plugin before 0.1.2 for WordPress has multiple XSS issues.2019-08-13not yet calculatedCVE-2017-18493
MISC
wordpress -- wordpressThe FV Flowplayer Video Player plugin before 7.3.15.727 for WordPress allows guests to obtain the email subscription list in CSV format via the wp-admin/admin-post.php?page=fvplayer&fv-email-export=1 URI.2019-08-15not yet calculatedCVE-2019-14800
MISC
MISC
wordpress -- wordpressThe ninja-forms plugin before 3.3.21.2 for WordPress has SQL injection in the search filter on the submissions page.2019-08-14not yet calculatedCVE-2019-15025
MISC
wordpress -- wordpressThe simple-login-log plugin before 1.1.2 for WordPress has SQL injection.2019-08-14not yet calculatedCVE-2017-18514
MISC
wordpress -- wordpressThe wp-ultimate-exporter plugin before 1.4.2 for WordPress has CSRF.2019-08-14not yet calculatedCVE-2018-20968
MISC
wordpress -- wordpressThe woocommerce-jetpack plugin before 3.8.0 for WordPress has XSS in the Products Per Page feature.2019-08-12not yet calculatedCVE-2018-20966
MISC
wordpress -- wordpressThe invite-anyone plugin before 1.3.16 for WordPress has incorrect escaping of untrusted Dashboard and front-end input.2019-08-16not yet calculatedCVE-2017-18545
MISC
wordpress -- wordpressThe google-document-embedder plugin before 2.6.1 for WordPress has XSS.2019-08-14not yet calculatedCVE-2016-10880
MISC
wordpress -- wordpressThe google-document-embedder plugin before 2.6.2 for WordPress has XSS.2019-08-14not yet calculatedCVE-2016-10881
MISC
wordpress -- wordpressAn issue was discovered in the svg-vector-icon-plugin (aka WP SVG Icons) plugin through 3.2.1 for WordPress. wp-admin/admin.php?page=wp-svg-icons-custom-set mishandles Custom Icon uploads. CSRF leads to upload of a ZIP archive containing a .php file.2019-08-14not yet calculatedCVE-2019-14216
MISC
MISC
wordpress -- wordpressThe church-admin plugin before 1.2550 for WordPress has CSRF affecting the upload of a bible reading plan.2019-08-16not yet calculatedCVE-2018-20971
MISC
wordpress -- wordpressThe simple-fields plugin before 1.2 for WordPress has CSRF in the admin interface.2019-08-14not yet calculatedCVE-2013-7476
MISC
wordpress -- wordpressThe wp-ultimate-csv-importer plugin before 5.6.1 for WordPress has CSRF.2019-08-14not yet calculatedCVE-2018-20967
MISC
wordpress -- wordpressThe invite-anyone plugin before 1.3.16 for WordPress has admin-panel CSRF.2019-08-16not yet calculatedCVE-2017-18544
MISC
wordpress -- wordpressThe peters-login-redirect plugin before 2.9.2 for WordPress has CSRF.2019-08-16not yet calculatedCVE-2019-15115
MISC
wordpress -- wordpressThe easy-digital-downloads plugin before 2.9.16 for WordPress has XSS related to IP address logging.2019-08-16not yet calculatedCVE-2019-15116
MISC
wordpress -- wordpressThe xo-security plugin before 1.5.3 for WordPress has XSS.2019-08-16not yet calculatedCVE-2017-18541
MISC
wordpress -- wordpressThe note-press plugin before 0.1.2 for WordPress has SQL injection.2019-08-16not yet calculatedCVE-2017-18548
MISC
wordpress -- wordpressThe nelio-ab-testing plugin before 4.6.4 for WordPress has CSRF in experiment forms.2019-08-16not yet calculatedCVE-2017-18547
MISC
wordpress -- wordpressThe jayj-quicktag plugin before 1.3.2 for WordPress has CSRF.2019-08-16not yet calculatedCVE-2017-18546
MISC
wordpress -- wordpressThe formcraft-form-builder plugin before 1.2.2 for WordPress has CSRF.2019-08-16not yet calculatedCVE-2019-15114
MISC
wordpress -- wordpressThe zendesk-help-center plugin before 1.0.5 for WordPress has multiple XSS issues.2019-08-16not yet calculatedCVE-2017-18542
MISC
wordpress -- wordpressThe companion-sitemap-generator plugin before 3.7.0 for WordPress has CSRF.2019-08-16not yet calculatedCVE-2019-15113
MISC
wordpress -- wordpressThe Custom 404 Pro plugin 3.2.8 for WordPress has XSS via the wp-admin/admin.php?page=c4p-main page parameter.2019-08-15not yet calculatedCVE-2019-14789
MISC
MISC
wordpress -- wordpressA SQL injection vulnerability exists in the Impress GiveWP Give plugin through 2.5.0 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via includes/payments/class-payments-query.php.2019-08-15not yet calculatedCVE-2019-13578
MISC
MISC
MISC
MISC
wordpress -- wordpressThe toggle-the-title (aka Toggle The Title) plugin 1.4 for WordPress has XSS via the wp-admin/admin-ajax.php?action=update_title_options isAutoSaveValveChecked or isDisableAllPagesValveChecked parameter.2019-08-15not yet calculatedCVE-2019-14795
MISC
MISC
wordpress -- wordpressThe responsive-menu plugin before 3.1.4 for WordPress has no CSRF protection mechanism for the admin interface.2019-08-14not yet calculatedCVE-2017-18513
MISC
wordpress -- wordpressThe contact-form-multi plugin before 1.2.1 for WordPress has multiple XSS issues.2019-08-13not yet calculatedCVE-2017-18490
MISC
wordpress -- wordpressThe wp-ultimate-csv-importer plugin before 3.8.1 for WordPress has XSS.2019-08-12not yet calculatedCVE-2015-9306
MISC
wordpress -- wordpressThe custom-sidebars plugin before 3.0.8.1 for WordPress has CSRF.2019-08-14not yet calculatedCVE-2017-18511
MISC
wordpress -- wordpressThe invite-anyone plugin before 1.3.16 for WordPress has incorrect access control for email-based invitations.2019-08-16not yet calculatedCVE-2017-18543
MISC
wordpress -- wordpressThe custom-sidebars plugin before 3.1.0 for WordPress has CSRF related to set location, import actions, and export actions.2019-08-14not yet calculatedCVE-2017-18510
MISC
wordpress -- wordpressThe google-language-translator plugin before 5.0.06 for WordPress has XSS.2019-08-13not yet calculatedCVE-2016-10870
MISC
wordpress -- wordpressThe simple-membership plugin before 3.3.3 for WordPress has multiple CSRF issues.2019-08-14not yet calculatedCVE-2016-10884
MISC
wordpress -- wordpressThe simple-share-buttons-adder plugin before 6.0.0 for WordPress has XSS.2019-08-12not yet calculatedCVE-2015-9303
MISC
wordpress -- wordpressThe simple-add-pages-or-posts plugin before 1.7 for WordPress has CSRF for deleting users.2019-08-14not yet calculatedCVE-2016-10883
MISC
wordpress -- wordpressThe olimometer plugin before 2.57 for WordPress has SQL injection.2019-08-16not yet calculatedCVE-2016-10904
MISC
wordpress -- wordpressThe all-in-one-wp-security-and-firewall plugin before 4.0.7 for WordPress has multiple SQL injection issues.2019-08-14not yet calculatedCVE-2016-10888
MISC
wordpress -- wordpressThe all-in-one-wp-security-and-firewall plugin before 4.0.9 for WordPress has multiple SQL injection issues.2019-08-14not yet calculatedCVE-2016-10887
MISC
wordpress -- wordpressThe i-recommend-this plugin before 3.7.3 for WordPress has SQL injection.2019-08-16not yet calculatedCVE-2014-10376
MISC
wordpress -- wordpressThe wp-editor plugin before 1.2.6 for WordPress has incorrect permissions.2019-08-14not yet calculatedCVE-2016-10886
MISC
wordpress -- wordpressThe woocommerce-product-addon plugin before 18.4 for WordPress has XSS via an import of a new meta data structure.2019-08-12not yet calculatedCVE-2019-14948
MISC
MISC
wordpress -- wordpressThe adsense-plugin (aka Google AdSense) plugin before 1.44 for WordPress has multiple XSS issues.2019-08-13not yet calculatedCVE-2017-18487
MISC
wordpress -- wordpressThe wp-fastest-cache plugin before 0.8.4.9 for WordPress has SQL injection in wp-admin/admin-ajax.php?action=wpfc_wppolls_ajax_request via the poll_id parameter.2019-08-14not yet calculatedCVE-2015-9316
MISC
MISC
wordpress -- wordpressThe erident-custom-login-and-dashboard plugin before 3.5 for WordPress has CSRF.2019-08-16not yet calculatedCVE-2015-9322
MISC
wordpress -- wordpressThe visitors-online plugin before 0.4 for WordPress has SQL injection.2019-08-16not yet calculatedCVE-2015-9325
MISC
wordpress -- wordpressThe woocommerce-pdf-invoices-packing-slips plugin before 2.0.13 for WordPress has XSS via the tab or section variable on settings screens.2019-08-12not yet calculatedCVE-2017-18506
MISC
wordpress -- wordpressThe contact-form-7-sms-addon plugin before 2.4.0 for WordPress has XSS.2019-08-13not yet calculatedCVE-2017-18489
MISC
wordpress -- wordpressThe wp-editor plugin before 1.2.6 for WordPress has CSRF.2019-08-14not yet calculatedCVE-2016-10885
MISC
wordpress -- wordpressThe wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit category feature.2019-08-14not yet calculatedCVE-2015-9309
MISC
wordpress -- wordpressThe liveforms plugin before 3.2.0 for WordPress has SQL injection.2019-08-13not yet calculatedCVE-2015-9301
MISC
wordpress -- wordpressThe wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit map feature.2019-08-14not yet calculatedCVE-2015-9308
MISC
wordpress -- wordpressThe newsletter-by-supsystic plugin before 1.1.8 for WordPress has CSRF.2019-08-14not yet calculatedCVE-2017-18512
MISC
wordpress -- wordpressThe simple-fields plugin before 1.4.11 for WordPress has XSS.2019-08-13not yet calculatedCVE-2015-9302
MISC
wordpress -- wordpressThe all-in-one-wp-security-and-firewall plugin before 3.9.1 for WordPress has multiple SQL injection issues.2019-08-14not yet calculatedCVE-2015-9310
MISC
wordpress -- wordpressThe 404-to-301 plugin before 2.0.3 for WordPress has SQL injection.2019-08-16not yet calculatedCVE-2015-9323
MISC
wordpress -- wordpressThe wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit location feature.2019-08-14not yet calculatedCVE-2015-9307
MISC
wordpress -- wordpressThe easy-digital-downloads plugin before 2.3.3 for WordPress has SQL injection.2019-08-16not yet calculatedCVE-2015-9324
MISC
wordpress -- wordpressThe wp-business-intelligence-lite plugin before 1.6.3 for WordPress has SQL injection.2019-08-16not yet calculatedCVE-2015-9326
MISC
wordpress -- wordpressThe google-document-embedder plugin before 2.6.2 for WordPress has CSRF.2019-08-14not yet calculatedCVE-2016-10882
MISC
wso2 -- api_managerAn issue was discovered in WSO2 API Manager 2.6.0 before WSO2-CARBON-PATCH-4.4.0-4457. There is XSS via a crafted filename to the file-upload feature of the event simulator component.2019-08-16not yet calculatedCVE-2019-15108
MISC
xtrlock -- xtrlockxtrlock through 2.10 does not block multitouch events. Consequently, an attacker at a locked screen can send input to (and thus control) various programs such as Chromium via events such as pan scrolling, "pinch and zoom" gestures, or even regular mouse clicks (by depressing the touchpad once and then clicking with a different finger).2019-08-15not yet calculatedCVE-2016-10894
MISC
yandex -- clickhouseIn ClickHouse before 18.10.3, unixODBC allowed loading arbitrary shared objects from the file system which led to a Remote Code Execution vulnerability.2019-08-15not yet calculatedCVE-2018-14671
CONFIRM
yandex -- clickhouseIn ClickHouse before 1.1.54388, "remote" table function allowed arbitrary symbols in "user", "password" and "default_database" fields which led to Cross Protocol Request Forgery Attacks.2019-08-15not yet calculatedCVE-2018-14668
MISC
yandex -- clickhouseClickHouse MySQL client before versions 1.1.54390 had "LOAD DATA LOCAL INFILE" functionality enabled that allowed a malicious MySQL database read arbitrary files from the connected ClickHouse server.2019-08-15not yet calculatedCVE-2018-14669
MISC
yandex -- clickhouseIncorrect configuration in deb package in ClickHouse before 1.1.54131 could lead to unauthorized use of the database.2019-08-15not yet calculatedCVE-2018-14670
CONFIRM
yandex -- clickhouseIn ClickHouse before 18.12.13, functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages.2019-08-15not yet calculatedCVE-2018-14672
MISC
yes24viewer_activex -- yes24viewer_activexYes24ViewerX ActiveX Control 1.0.327.50126 and earlier versions contains a vulnerability that could allow remote attackers to download and execute arbitrary files by setting the arguments to the ActiveX method. This can be leveraged for code execution.2019-08-15not yet calculatedCVE-2019-12809
MISC
zabbix -- zabbixZabbix through 4.4.0alpha1 allows User Enumeration. With login requests, it is possible to enumerate application usernames based on the variability of server responses (e.g., the "Login name or password is incorrect" and "No permissions for system access" messages, or just blocking for a number of seconds). This affects both api_jsonrpc.php and index.php.2019-08-17not yet calculatedCVE-2019-15132
MISC
zoho_manageengine -- _opmanagerAn issue was discovered in Zoho ManageEngine OpManager through 12.4x. One can bypass the user password requirement and execute commands on the server. The "username+'@opm' string is used for the password. For example, if the username is admin, the password is admin@opm.2019-08-15not yet calculatedCVE-2019-15106
MISC
MISC
zoho_manageengine -- application_managerAn issue was discovered in Zoho ManageEngine Application Manager through 14.2. There is a SQL Injection vulnerability in jsp/NewThresholdConfiguration.jsp via the resourceid parameter. Therefore, a low-authority user can gain the authority of SYSTEM on the server. One can consequently upload a malicious file using the "Execute Program Action(s)" feature.2019-08-15not yet calculatedCVE-2019-15105
MISC
MISC
zoho_manageengine -- opmanagerAn issue was discovered in Zoho ManageEngine OpManager through 12.4x. There is a SQL Injection vulnerability in jsp/NewThresholdConfiguration.jsp via the resourceid parameter. Therefore, a low-authority user can gain the authority of SYSTEM on the server. One can consequently upload a malicious file using the "Execute Program Action(s)" feature.2019-08-15not yet calculatedCVE-2019-15104
MISC
MISC
zoho_manageengine -- servicedesk_plusZoho ManageEngine ServiceDesk Plus 10 before 10509 allows unauthenticated sensitive information leakage during Fail Over Service (FOS) replication, aka SD-79989.2019-08-14not yet calculatedCVE-2019-15046
MISC
zte -- zxhn_f670_productAll versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by cross-site scripting vulnerability (XSS). Due to incomplete input validation, an authorized user can exploit this vulnerability to execute malicious scripts.2019-08-15not yet calculatedCVE-2019-3418
CONFIRM
zte -- zxhn_f670_productAll versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by command injection vulnerability. Due to insufficient parameter validation check, an authorized user can exploit this vulnerability to take control of user router system.2019-08-15not yet calculatedCVE-2019-3417
CONFIRM

Back to top

Please share your thoughts

We recently updated our anonymous product survey; we’d welcome your feedback.