Vulnerability Summary for the Week of August 5, 2019

Original release date: August 12, 2019

 

The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available

High Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
beardev -- joomsport The BearDev JoomSport plugin 3.3 for WordPress allows SQL injection to steal, modify, or delete database information via the joomsport_season/new-yorkers/?action=playerlist sid parameter. 2019-08-05 7.5 CVE-2019-14348
MISC
MISC
MISC
cpanel -- cpanel cPanel before 60.0.25 allows arbitrary code execution via Maketext in PostgreSQL adminbin (SEC-188). 2019-08-06 9.0 CVE-2016-10788
CONFIRM
cpanel -- cpanel The SQLite journal feature in cPanel before 57.9999.54 allows arbitrary file-overwrite operations during Horde Restore (SEC-58). 2019-08-07 8.7 CVE-2016-10804
CONFIRM
MISC
cpanel -- cpanel In cPanel before 57.9999.54, /scripts/checkinfopages exposed a TTY to an unprivileged process (SEC-114). 2019-08-07 9.0 CVE-2016-10809
CONFIRM
MISC
cpanel -- cpanel In cPanel before 57.9999.54, /scripts/maildir_converter exposed a TTY to an unprivileged process (SEC-115). 2019-08-07 9.0 CVE-2016-10810
CONFIRM
MISC
cpanel -- cpanel In cPanel before 57.9999.54, /scripts/unsuspendacct exposed TTYs (SEC-116). 2019-08-07 9.0 CVE-2016-10811
CONFIRM
MISC
cpanel -- cpanel cPanel before 68.0.15 allows arbitrary code execution via Maketext injection in PostgresAdmin (SEC-313). 2019-08-02 9.0 CVE-2017-18386
CONFIRM
MISC
cpanel -- cpanel cPanel before 68.0.15 can perform unsafe file operations because Jailshell does not set the umask (SEC-315). 2019-08-02 7.2 CVE-2017-18388
CONFIRM
MISC
cpanel -- cpanel cPanel before 68.0.15 allows code execution in the context of the root account because of weak permissions on incremental backups (SEC-322). 2019-08-02 7.2 CVE-2017-18390
CONFIRM
MISC
cpanel -- cpanel cPanel before 64.0.21 allows code execution by webmail and demo accounts via a store_filter API call (SEC-236). 2019-08-02 9.0 CVE-2017-18433
CONFIRM
MISC
cpanel -- cpanel cPanel before 64.0.21 allows code execution in the context of the root account via a SET_VHOST_LANG_PACKAGE multilang adminbin call (SEC-237). 2019-08-02 7.2 CVE-2017-18434
CONFIRM
MISC
cpanel -- cpanel cPanel before 64.0.21 allows demo accounts to execute code via the BoxTrapper API (SEC-238). 2019-08-02 7.5 CVE-2017-18435
CONFIRM
MISC
cpanel -- cpanel cPanel before 62.0.17 allows arbitrary code execution during account modification (SEC-220). 2019-08-02 7.2 CVE-2017-18459
CONFIRM
MISC
cpanel -- cpanel cPanel before 62.0.17 allows arbitrary code execution during automatic SSL installation (SEC-221). 2019-08-02 7.2 CVE-2017-18460
CONFIRM
MISC
cpanel -- cpanel cPanel before 62.0.17 allows code execution in the context of the root account via a long DocumentRoot path (SEC-225). 2019-08-02 7.2 CVE-2017-18463
CONFIRM
MISC
fedoraproject -- 389_directory_server It was found that the fix for CVE-2018-14648 in 389-ds-base, versions 1.4.0.x before 1.4.0.17, was incorrectly applied in RHEL 7.5. An attacker would still be able to provoke excessive CPU consumption leading to a denial of service. 2019-08-02 7.8 CVE-2019-10171
CONFIRM
magento -- magento An Insecure Direct Object Reference (IDOR) vulnerability exists in the order processing workflow of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can lead to unauthorized access to order details. 2019-08-02 7.5 CVE-2019-7890
CONFIRM
magento -- magento A file upload restriction bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges to the import feature can make modifications to a configuration file, resulting in potentially unauthorized removal of file upload restrictions. This can result in arbitrary code execution when a malicious file is then uploaded and executed on the system. 2019-08-02 9.0 CVE-2019-7930
CONFIRM
open-emr -- openemr OpenEMR before 5.0.2 allows SQL Injection in interface/forms/eye_mag/save.php. 2019-08-02 7.5 CVE-2019-14529
MISC
sygnoos -- popup_builder A SQL injection vulnerability exists in the Sygnoos Popup Builder plugin before 3.45 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via com/libs/Table.php because Subscribers Table ordering is mishandled. 2019-08-06 7.5 CVE-2019-14695
MISC
MISC
Back to top

 

Medium Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
adplug -- adplug AdPlug 2.3.1 has a heap-based buffer overflow in CxadbmfPlayer::__bmf_convert_stream() in bmf.cpp. 2019-08-06 6.8 CVE-2019-14690
MISC
adplug -- adplug AdPlug 2.3.1 has a heap-based buffer overflow in CdtmLoader::load() in dtm.cpp. 2019-08-06 6.8 CVE-2019-14691
MISC
adplug -- adplug AdPlug 2.3.1 has a heap-based buffer overflow in CmkjPlayer::load() in mkj.cpp. 2019-08-06 6.8 CVE-2019-14692
MISC
adplug -- adplug AdPlug 2.3.1 has multiple heap-based buffer overflows in CradLoader::load() in rad.cpp. 2019-08-06 6.8 CVE-2019-14733
MISC
adplug -- adplug AdPlug 2.3.1 has multiple heap-based buffer overflows in CmtkLoader::load() in mtk.cpp. 2019-08-06 6.8 CVE-2019-14734
MISC
brandy_project -- brandy Brandy 1.20.1 has a stack-based buffer overflow in fileio_openout in fileio.c via crafted BASIC source code. 2019-08-05 4.3 CVE-2019-14662
MISC
brandy_project -- brandy Brandy 1.20.1 has a stack-based buffer overflow in fileio_openin in fileio.c via crafted BASIC source code. 2019-08-05 4.3 CVE-2019-14663
MISC
brandy_project -- brandy Brandy 1.20.1 has a heap-based buffer overflow in define_array in variables.c via crafted BASIC source code. 2019-08-05 4.3 CVE-2019-14665
MISC
cpanel -- cpanel cPanel before 60.0.25 allows file-overwrite operations during preparation for MySQL upgrades (SEC-161). 2019-08-05 5.5 CVE-2016-10768
CONFIRM
cpanel -- cpanel cPanel before 60.0.25 allows an open redirect via /cgi-sys/FormMail-clone.cgi (SEC-162). 2019-08-05 5.8 CVE-2016-10769
CONFIRM
cpanel -- cpanel cPanel before 60.0.25 allows arbitrary file-overwrite operations during a Roundcube update (SEC-164). 2019-08-05 5.5 CVE-2016-10770
CONFIRM
cpanel -- cpanel cPanel before 60.0.25 allows file-create and file-chmod operations during ModSecurity Audit logfile processing (SEC-165). 2019-08-05 5.5 CVE-2016-10771
CONFIRM
cpanel -- cpanel cPanel before 60.0.25 allows format-string injection in exception-message handling (SEC-171). 2019-08-05 6.5 CVE-2016-10773
CONFIRM
cpanel -- cpanel cPanel before 60.0.25 allows attackers to discover file contents during file copy operations (SEC-185). 2019-08-06 4.0 CVE-2016-10785
CONFIRM
cpanel -- cpanel cPanel before 60.0.25 allows members of the nobody group to read Apache HTTP Server SSL keys (SEC-186). 2019-08-06 4.0 CVE-2016-10786
CONFIRM
cpanel -- cpanel The Host Access Control feature in cPanel before 60.0.25 mishandles actionless host.deny entries (SEC-187). 2019-08-06 5.5 CVE-2016-10787
CONFIRM
cpanel -- cpanel cPanel before 60.0.25 allows code execution via the cpsrvd 403 error response handler (SEC-191). 2019-08-06 6.5 CVE-2016-10789
CONFIRM
cpanel -- cpanel cPanel before 58.0.4 allows code execution in the context of other user accounts through the PHP CGI handler (SEC-142). 2019-08-07 6.5 CVE-2016-10802
CONFIRM
MISC
cpanel -- cpanel cPanel before 57.9999.54 allows demo accounts to execute arbitrary code via ajax_maketext_syntax_util.pl (SEC-109). 2019-08-07 6.5 CVE-2016-10805
CONFIRM
MISC
cpanel -- cpanel cPanel before 57.9999.54 allows certain denial-of-service outcomes via /scripts/killpvhost (SEC-112). 2019-08-07 4.0 CVE-2016-10807
CONFIRM
MISC
cpanel -- cpanel cPanel before 68.0.15 allows use of an unreserved e-mail address in DNS zone SOA records (SEC-306). 2019-08-02 4.0 CVE-2017-18382
CONFIRM
MISC
cpanel -- cpanel cPanel before 68.0.15 writes home-directory backups to an incorrect location (SEC-309). 2019-08-02 4.6 CVE-2017-18383
CONFIRM
MISC
cpanel -- cpanel cPanel before 68.0.15 allows string format injection in dovecot-xaps-plugin (SEC-318). 2019-08-02 6.5 CVE-2017-18389
CONFIRM
MISC
cpanel -- cpanel cPanel before 66.0.2 allows resellers to read other accounts' domain log files (SEC-288). 2019-08-02 4.0 CVE-2017-18426
CONFIRM
cpanel -- cpanel In cPanel before 66.0.2, user and group ownership may be incorrectly set when using reassign_post_terminate_cruft (SEC-294). 2019-08-02 4.6 CVE-2017-18430
CONFIRM
MISC
cpanel -- cpanel cPanel before 64.0.21 allows demo accounts to execute code via Encoding API calls (SEC-242). 2019-08-02 6.5 CVE-2017-18438
CONFIRM
MISC
cpanel -- cpanel cPanel before 64.0.21 allows demo accounts to execute code via an ImageManager_dimensions API call (SEC-243). 2019-08-02 6.5 CVE-2017-18439
CONFIRM
MISC
cpanel -- cpanel cPanel before 64.0.21 allows demo users to execute traceroute via api2 (SEC-244). 2019-08-02 4.0 CVE-2017-18440
CONFIRM
MISC
cpanel -- cpanel cPanel before 64.0.21 allows demo accounts to redirect web traffic (SEC-245). 2019-08-02 4.0 CVE-2017-18441
CONFIRM
MISC
cpanel -- cpanel cPanel before 64.0.21 allows demo accounts to execute Cpanel::SPFUI API commands (SEC-246). 2019-08-02 5.0 CVE-2017-18442
CONFIRM
MISC
cpanel -- cpanel cPanel before 64.0.21 allows demo and suspended accounts to use SSH port forwarding (SEC-247). 2019-08-02 5.0 CVE-2017-18443
CONFIRM
MISC
cpanel -- cpanel cPanel before 64.0.21 allows demo accounts to execute SSH API commands (SEC-248). 2019-08-02 5.0 CVE-2017-18444
CONFIRM
MISC
cpanel -- cpanel cPanel before 64.0.21 does not enforce demo restrictions for SSL API calls (SEC-249). 2019-08-02 4.0 CVE-2017-18445
CONFIRM
MISC
cpanel -- cpanel cPanel before 64.0.21 allows file-read and file-write operations for demo accounts via the SourceIPCheck API (SEC-250). 2019-08-02 6.5 CVE-2017-18446
CONFIRM
MISC
cpanel -- cpanel cPanel before 64.0.21 allows demo accounts to execute code via the ClamScanner_getsocket API (SEC-251). 2019-08-02 6.5 CVE-2017-18447
CONFIRM
MISC
cpanel -- cpanel cPanel before 64.0.21 allows certain file-read operations via a Serverinfo_manpage API call (SEC-252). 2019-08-02 5.0 CVE-2017-18448
CONFIRM
MISC
cpanel -- cpanel cPanel before 64.0.21 allows certain file-chmod operations via /scripts/convert_roundcube_mysql2sqlite (SEC-255). 2019-08-02 4.4 CVE-2017-18450
CONFIRM
MISC
cpanel -- cpanel cPanel before 64.0.21 allows attackers to read a user's crontab file during a short time interval upon a cPAddon upgrade (SEC-257). 2019-08-02 5.0 CVE-2017-18451
CONFIRM
MISC
cpanel -- cpanel cPanel before 64.0.21 allows code execution via Rails configuration files (SEC-259). 2019-08-02 4.6 CVE-2017-18452
CONFIRM
MISC
cpanel -- cpanel cPanel before 64.0.21 does not preserve supplemental groups across account renames (SEC-260). 2019-08-02 4.0 CVE-2017-18453
CONFIRM
MISC
cpanel -- cpanel In cPanel before 62.0.17, addon domain conversion did not require a package for resellers (SEC-208). 2019-08-02 4.0 CVE-2017-18455
CONFIRM
MISC
cpanel -- cpanel cPanel before 62.0.17 allows self XSS in the WHM cPAddons showsecurity interface (SEC-217). 2019-08-02 4.3 CVE-2017-18456
CONFIRM
MISC
cpanel -- cpanel cPanel before 62.0.17 allows arbitrary file-read operations via WHM /styled/ URLs (SEC-218). 2019-08-02 4.9 CVE-2017-18457
CONFIRM
MISC
cpanel -- cpanel cPanel before 62.0.17 allows does not preserve security policy questions across an account rename (SEC-223). 2019-08-02 5.0 CVE-2017-18461
CONFIRM
MISC
cpanel -- cpanel cPanel before 62.0.17 allows demo accounts to execute code via an NVData_fetchinc API call (SEC-233). 2019-08-05 6.5 CVE-2017-18469
CONFIRM
cpanel -- cpanel cPanel before 62.0.4 allows reflected XSS in reset-password interfaces (SEC-198). 2019-08-05 4.3 CVE-2017-18472
CONFIRM
MISC
dlink -- dva-5592_firmware The web interface of the D-Link DVA-5592 20180823 is vulnerable to XSS because HTML form parameters are directly reflected. 2019-08-02 4.3 CVE-2019-6968
MISC
dlink -- dva-5592_firmware The web interface of the D-Link DVA-5592 20180823 is vulnerable to an authentication bypass that allows an unauthenticated user to have access to sensitive information such as the Wi-Fi password and the phone number (if VoIP is in use). 2019-08-02 5.0 CVE-2019-6969
MISC
firefly-iii -- flrefly_iii Firefly III 4.7.17.4 is vulnerable to multiple stored XSS issues due to the lack of filtration of user-supplied data in the transaction description field and the asset account name. The JavaScript code is executed during a convert transaction action. 2019-08-05 4.3 CVE-2019-14667
MISC
MISC
MISC
gnucobol_project -- gnucobol GnuCOBOL 2.2 has a stack-based buffer overflow in cb_encode_program_id in cobc/typeck.c via crafted COBOL source code. 2019-08-02 6.8 CVE-2019-14541
MISC
ibm -- websphere_mq IBM WebSphere MQ V7.1, 7.5, IBM MQ V8, IBM MQ V9.0LTS, IBM MQ V9.1 LTS, and IBM MQ V9.1 CD are vulnerable to a denial of service attack caused by specially crafted messages. IBM X-Force ID: 160013. 2019-08-05 4.0 CVE-2019-4261
XF
CONFIRM
ipandao -- editor.md pandao Editor.md 1.5.0 allows XSS via an attribute of an ABBR or SUP element. 2019-08-03 4.3 CVE-2019-14653
MISC
joomla -- joomla! In Joomla! 3.9.7 and 3.9.8, inadequate filtering allows users authorised to create custom fields to manipulate the filtering options and inject an unvalidated option. In other words, the filter attribute in subform fields allows remote code execution. This is fixed in 3.9.9. 2019-08-04 6.5 CVE-2019-14654
MISC
liblouis -- liblouis A vulnerability was found in liblouis, versions 2.5.x before 2.5.4. A stack-based buffer overflow was found in findTable() in liblouis. An attacker could create a malicious file that would cause applications that use liblouis (such as Orca) to crash, or potentially execute arbitrary code when opened. 2019-08-02 6.8 CVE-2014-8184
CONFIRM
MISC
magento -- magento A defense-in-depth check was added to mitigate inadequate session validation handling by 3rd party checkout modules. This impacts Magento 1.x prior to 1.9.4.2, Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9 and Magento 2.3 prior to 2.3.2. 2019-08-02 5.0 CVE-2019-7849
CONFIRM
magento -- magento A cross-site request forgery vulnerability in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 can lead to unintended data deletion from customer pages. 2019-08-02 5.8 CVE-2019-7851
CONFIRM
magento -- magento A path disclosure vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. Requests for a specific file path could result in a redirect to the URL of the Magento admin panel, disclosing its location to potentially unauthorized parties. 2019-08-02 5.0 CVE-2019-7852
CONFIRM
magento -- magento An insecure direct object reference (IDOR) vulnerability in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 can lead to unauthorized disclosure of company credit history details. 2019-08-02 5.0 CVE-2019-7854
CONFIRM
magento -- magento A cryptograhic flaw in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 could be abused by an unauthenticated user to discover an invariant used in gift card generation. 2019-08-02 5.0 CVE-2019-7855
CONFIRM
magento -- magento A cross-site request forgery vulnerability in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 can cause unwanted items to be added to a shopper's cart due to an insufficiently robust anti-CSRF token implementation. 2019-08-02 4.3 CVE-2019-7857
CONFIRM
magento -- magento A cryptographic flaw in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9 and Magento 2.3 prior to 2.3.2 resulted in storage of sensitive information with an algorithm that is insufficiently resistant to brute force attacks. 2019-08-02 5.0 CVE-2019-7858
CONFIRM
magento -- magento A path traversal vulnerability in the WYSIWYG editor for Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 could result in unauthorized access to uploaded images due to insufficient access control. 2019-08-02 5.0 CVE-2019-7859
MISC
CONFIRM
magento -- magento A cryptographically weak pseudo-rando number generator is used in multiple security relevant contexts in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. 2019-08-02 5.0 CVE-2019-7860
CONFIRM
magento -- magento Insufficient server-side validation of user input could allow an attacker to bypass file upload restrictions in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. 2019-08-02 5.0 CVE-2019-7861
CONFIRM
magento -- magento An insecure direct object reference (IDOR) vulnerability exists in the RSS feeds of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can lead to unauthorized access to order details. 2019-08-02 5.0 CVE-2019-7864
CONFIRM
magento -- magento A cross-site request forgery (CSRF) vulnerability exists in the checkout cart item of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited at the time of editing or configuration. 2019-08-02 6.8 CVE-2019-7865
CONFIRM
magento -- magento A security bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 that could be abused to execute arbitrary PHP code. An authenticated user can bypass security protections that prevent arbitrary PHP script upload via form data injection. 2019-08-02 6.5 CVE-2019-7871
CONFIRM
magento -- magento An insecure direct object reference (IDOR) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 due to insufficient authorizations checks. This can be abused by a user with admin privileges to add users to company accounts or modify existing user details. 2019-08-02 5.5 CVE-2019-7872
CONFIRM
magento -- magento A cross-site request forgery vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can result in unintended deletion of the store design schedule. 2019-08-02 5.8 CVE-2019-7873
CONFIRM
magento -- magento A cross-site request forgery vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can result in unintended deletion of user roles. 2019-08-02 4.3 CVE-2019-7874
CONFIRM
magento -- magento A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to manipulate layouts can insert a malicious payload into the layout. 2019-08-02 6.5 CVE-2019-7876
CONFIRM
magento -- magento A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to manage orders can inject malicious javascript. 2019-08-02 4.3 CVE-2019-7877
MISC
CONFIRM
magento -- magento Insufficient input validation in the config builder of the Elastic search module could lead to remote code execution in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This vulnerability could be abused by an authenticated user with the ability to configure the catalog search. 2019-08-02 6.5 CVE-2019-7885
CONFIRM
magento -- magento A cryptograhic flaw exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. A weak cryptograhic mechanism is used to generate the intialization vector in multiple security relevant contexts. 2019-08-02 5.0 CVE-2019-7886
CONFIRM
magento -- magento An information disclosure vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to create email templates could leak sensitive data via a malicious email template. 2019-08-02 4.0 CVE-2019-7888
CONFIRM
magento -- magento An injection vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with marketing manipulation privileges can invoke methods that alter data of the underlying model followed by corresponding database modifications. 2019-08-02 4.0 CVE-2019-7889
CONFIRM
magento -- magento A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges to access shipment settings can execute arbitrary code via server-side request forgery. 2019-08-02 6.5 CVE-2019-7892
CONFIRM
magento -- magento A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to layouts can execute arbitrary code through a crafted XML layout update. 2019-08-02 6.5 CVE-2019-7895
CONFIRM
magento -- magento A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges to layouts can execute arbitrary code through a combination of product import, crafted csv file and XML layout update. 2019-08-02 6.5 CVE-2019-7896
CONFIRM
magento -- magento Samples of disabled downloadable products are accessible in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 due to inadequate validation of user input. 2019-08-02 5.0 CVE-2019-7898
CONFIRM
magento -- magento Names of disabled downloadable products could be disclosed due to inadequate validation of user input in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. 2019-08-02 5.0 CVE-2019-7899
CONFIRM
magento -- magento A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to email templates can execute arbitrary code by previewing a malicious template. 2019-08-02 6.5 CVE-2019-7903
CONFIRM
magento -- magento Insufficient enforcement of user access controls in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 could enable a low-privileged user to make unauthorized environment configuration changes. 2019-08-02 5.5 CVE-2019-7904
CONFIRM
magento -- magento A server-side request forgery (SSRF) vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with access to the admin panel to manipulate system configuration and execute arbitrary code. 2019-08-02 6.5 CVE-2019-7911
CONFIRM
magento -- magento A file upload filter bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with admin privileges to edit configuration keys to remove file extension filters, potentially resulting in the malicious upload and execution of malicious files on the server. 2019-08-02 6.5 CVE-2019-7912
CONFIRM
magento -- magento A server-side request forgery (SSRF) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with admin privileges to manipulate shipment methods to execute arbitrary code. 2019-08-02 6.5 CVE-2019-7913
CONFIRM
magento -- magento A denial-of-service vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. Under certain conditions, an unauthenticated attacker could force the Magento store's full page cache to serve a 404 page to customers. 2019-08-02 5.0 CVE-2019-7915
CONFIRM
magento -- magento A server-side request forgery (SSRF) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by authenticated user with admin privileges to manipulate shipment settings to execute arbitrary code. 2019-08-02 6.5 CVE-2019-7923
CONFIRM
magento -- magento An insecure direct object reference (IDOR) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an administrator with limited privileges to delete the downloadable products folder. 2019-08-02 5.5 CVE-2019-7925
CONFIRM
magento -- magento A denial-of-service (DoS) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. By abusing insufficient brute-forcing defenses in the token exchange protocol, an unauthenticated attacker could disrupt transactions between the Magento merchant and PayPal. 2019-08-02 5.0 CVE-2019-7928
CONFIRM
magento -- magento An information leakage vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges may be able to view metadata of a trusted device used by another administrator via a crafted http request. 2019-08-02 4.0 CVE-2019-7929
CONFIRM
magento -- magento A remote code execution vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to create sitemaps can execute arbitrary PHP code by creating a malicious sitemap file. 2019-08-02 6.5 CVE-2019-7932
CONFIRM
magento -- magento A reflected cross-site scripting vulnerability exists on the customer cart checkout page of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by sending a victim a crafted URL that results in malicious javascript execution in the victim's browser. 2019-08-02 4.3 CVE-2019-7939
CONFIRM
magento -- magento A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to create or edit a product can execute arbitrary code via malicious XML layout updates. 2019-08-02 6.5 CVE-2019-7942
CONFIRM
magento -- magento A cross-site request forgery vulnerability exists in the GiftCardAccount removal feature for Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. 2019-08-02 4.3 CVE-2019-7947
CONFIRM
magento -- magento An access control bypass vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An unauthenticated user can bypass access controls via REST API calls to assign themselves to an arbitrary company, thereby gaining read access to potentially confidental information. 2019-08-02 5.0 CVE-2019-7950
CONFIRM
magento -- magento An information leakage vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. A SOAP web service endpoint does not properly enforce parameters related to access control. This could be abused to leak customer information via crafted SOAP requests. 2019-08-02 5.0 CVE-2019-7951
CONFIRM
octopus -- octopus_deploy In Octopus Deploy 2019.4.0 through 2019.6.x before 2019.6.6, and 2019.7.x before 2019.7.6, an authenticated system administrator is able to view sensitive values by visiting a server configuration page or making an API call. 2019-08-05 4.0 CVE-2019-14525
MISC
MISC
CONFIRM
Back to top

 

Low Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
cpanel -- cpanel cPanel before 60.0.25 allows stored XSS in the WHM Repair Mailbox Permissions interface (SEC-159). 2019-08-05 3.5 CVE-2016-10767
CONFIRM
MISC
cpanel -- cpanel cPanel before 60.0.25 does not enforce feature-list restrictions when calling the multilang adminbin (SEC-168). 2019-08-05 2.1 CVE-2016-10772
CONFIRM
cpanel -- cpanel cPanel before 60.0.25 allows self XSS in the tail_ea4_migration.cgi interface (SEC-172). 2019-08-05 3.5 CVE-2016-10774
CONFIRM
MISC
cpanel -- cpanel cPanel before 60.0.25 allows stored XSS during the homedir removal phase of WHM Account termination (SEC-174). 2019-08-06 3.5 CVE-2016-10776
CONFIRM
cpanel -- cpanel cPanel before 60.0.25 allows self XSS in WHM Tweak Settings for autodiscover_host (SEC-177). 2019-08-06 3.5 CVE-2016-10777
CONFIRM
cpanel -- cpanel cPanel before 60.0.25 allows self stored XSS in the listftpstable API (SEC-178). 2019-08-06 3.5 CVE-2016-10778
CONFIRM
cpanel -- cpanel cPanel before 60.0.25 allows stored XSS in api1_listautoresponders (SEC-179). 2019-08-06 3.5 CVE-2016-10779
CONFIRM
MISC
cpanel -- cpanel cPanel before 60.0.25 allows stored XSS in the ftp_sessions API (SEC-180). 2019-08-06 3.5 CVE-2016-10780
CONFIRM
cpanel -- cpanel cPanel before 60.0.25 allows self XSS in the UI_confirm API (SEC-180). 2019-08-06 3.5 CVE-2016-10781
CONFIRM
cpanel -- cpanel cPanel before 60.0.25 allows self stored XSS in postgres API1 listdbs (SEC-181). 2019-08-06 3.5 CVE-2016-10782
CONFIRM
cpanel -- cpanel cPanel before 60.0.25 allows self stored XSS in SSL_listkeys (SEC-182). 2019-08-06 3.5 CVE-2016-10783
CONFIRM
cpanel -- cpanel cPanel before 60.0.25 allows self XSS in the alias upload interface (SEC-184). 2019-08-06 3.5 CVE-2016-10784
CONFIRM
cpanel -- cpanel cPanel before 57.9999.54 allows self XSS on the Paper Lantern Landing Page (SEC-110). 2019-08-07 3.5 CVE-2016-10806
CONFIRM
MISC
cpanel -- cpanel cPanel before 68.0.15 allows jailed accounts to restore files that are outside of the jail (SEC-310). 2019-08-02 2.1 CVE-2017-18384
CONFIRM
MISC
cpanel -- cpanel cPanel before 68.0.15 allows unprivileged users to access restricted directories during account restores (SEC-311). 2019-08-02 2.1 CVE-2017-18385
CONFIRM
MISC
cpanel -- cpanel cPanel before 68.0.15 allows attackers to read backup files because they are world-readable during a short time interval (SEC-323). 2019-08-02 1.9 CVE-2017-18391
CONFIRM
MISC
cpanel -- cpanel cPanel before 66.0.2 allows stored XSS during WHM cPAddons installation (SEC-263). 2019-08-02 3.5 CVE-2017-18417
CONFIRM
cpanel -- cpanel cPanel before 66.0.2 allows stored XSS during WHM cPAddons file operations (SEC-265). 2019-08-02 3.5 CVE-2017-18418
CONFIRM
cpanel -- cpanel cPanel before 66.0.2 allows stored XSS during WHM cPAddons uninstallation (SEC-266). 2019-08-02 3.5 CVE-2017-18419
CONFIRM
cpanel -- cpanel cPanel before 66.0.2 allows stored XSS during WHM cPAddons processing (SEC-269). 2019-08-02 3.5 CVE-2017-18420
CONFIRM
cpanel -- cpanel cPanel before 66.0.2 allows demo accounts to create databases and users (SEC-271). 2019-08-02 2.1 CVE-2017-18421
CONFIRM
cpanel -- cpanel In cPanel before 66.0.2, EasyApache 4 conversion sets weak domlog ownership and permissions (SEC-272). 2019-08-02 2.1 CVE-2017-18422
CONFIRM
cpanel -- cpanel In cPanel before 66.0.2, domain log files become readable after log processing (SEC-273). 2019-08-02 2.1 CVE-2017-18423
CONFIRM
cpanel -- cpanel In cPanel before 66.0.2, the Apache HTTP Server configuration file is changed to world-readable when rebuilt (SEC-274). 2019-08-02 2.1 CVE-2017-18424
CONFIRM
cpanel -- cpanel In cPanel before 66.0.2, the cpdavd_error_log file can be created with weak permissions (SEC-280). 2019-08-02 1.9 CVE-2017-18425
CONFIRM
MISC
cpanel -- cpanel In cPanel before 66.0.2, Apache HTTP Server SSL domain logs can persist on disk after an account termination (SEC-291). 2019-08-02 2.1 CVE-2017-18429
CONFIRM
cpanel -- cpanel cPanel before 64.0.21 allows demo accounts to read files via a Fileman::getfileactions API2 call (SEC-239). 2019-08-02 2.7 CVE-2017-18436
CONFIRM
MISC
cpanel -- cpanel cPanel before 64.0.21 allows a Webmail account to execute code via forwarders (SEC-240). 2019-08-02 3.6 CVE-2017-18437
CONFIRM
MISC
cpanel -- cpanel cPanel before 64.0.21 allows certain file-rename operations in the context of the root account via scripts/convert_roundcube_mysql2sqlite (SEC-254). 2019-08-02 2.1 CVE-2017-18449
CONFIRM
MISC
cpanel -- cpanel cPanel before 62.0.24 allows stored XSS in the WHM cPAddons install interface (SEC-262). 2019-08-02 3.5 CVE-2017-18454
CONFIRM
MISC
cpanel -- cpanel cPanel before 62.0.17 allows file overwrite when renaming an account (SEC-219). 2019-08-02 3.6 CVE-2017-18458
CONFIRM
MISC
cpanel -- cpanel cPanel before 62.0.4 allows self XSS on the paper_lantern password-change screen (SEC-197). 2019-08-05 3.5 CVE-2017-18471
CONFIRM
MISC
cpanel -- cpanel cPanel before 62.0.4 allows self XSS on the webmail Password and Security page (SEC-199). 2019-08-05 3.5 CVE-2017-18473
CONFIRM
MISC
cpanel -- cpanel cPanel before 62.0.4 allows stored XSS in the WHM Account Suspension List interface (SEC-211). 2019-08-05 3.5 CVE-2017-18481
CONFIRM
MISC
espocrm -- espocrm An issue was discovered in EspoCRM before 5.6.9. Stored XSS was executed when a attacker sends an attachment to admin with malicious JavaScript in the filename. This JavaScript executed when an admin selects the particular file from the list of all attachments. The attacker could inject the JavaScript inside the filename and send it to users, thus helping him steal victims' cookies (hence compromising their accounts). 2019-08-05 3.5 CVE-2019-14547
MISC
MISC
MISC
MISC
espocrm -- espocrm An issue was discovered in EspoCRM before 5.6.9. Stored XSS in the body of an Article was executed when a victim opens articles received through mail. This Article can be formed by an attacker using the Knowledge Base feature in the tab list. The attacker could inject malicious JavaScript inside the body of the article, thus helping him steal victims' cookies (hence compromising their accounts). 2019-08-05 3.5 CVE-2019-14548
MISC
MISC
MISC
MISC
espocrm -- espocrm An issue was discovered in EspoCRM before 5.6.9. Stored XSS was executed inside the title and breadcrumb of a newly formed entity available to all the users. A malicious user can inject JavaScript in these values of an entity, thus stealing user cookies when someone visits the publicly accessible link. 2019-08-05 3.5 CVE-2019-14549
MISC
MISC
MISC
MISC
espocrm -- espocrm An issue was discovered in EspoCRM before 5.6.9. Stored XSS was executed when a victim clicks on the Edit Dashboard feature present on the Homepage. An attacker can load malicious JavaScript inside the add tab list feature, which would fire when a user clicks on the Edit Dashboard button, thus helping him steal victims' cookies (hence compromising their accounts). 2019-08-05 3.5 CVE-2019-14550
MISC
MISC
MISC
MISC
firefly-iii -- flrefly_iii Firefly III 4.7.17.3 is vulnerable to stored XSS due to the lack of filtration of user-supplied data in the transaction description field. The JavaScript code is executed during deletion of a transaction link. 2019-08-05 3.5 CVE-2019-14668
MISC
MISC
firefly-iii -- flrefly_iii Firefly III 4.7.17.3 is vulnerable to stored XSS due to the lack of filtration of user-supplied data in the asset account name. The JavaScript code is executed during a visit to the audit account statistics page. 2019-08-05 3.5 CVE-2019-14669
MISC
MISC
firefly-iii -- flrefly_iii Firefly III 4.7.17.3 is vulnerable to stored XSS due to the lack of filtration of user-supplied data in the bill name field. The JavaScript code is executed during rule-from-bill creation. 2019-08-05 3.5 CVE-2019-14670
MISC
MISC
firefly-iii -- flrefly_iii Firefly III 4.7.17.3 is vulnerable to local file enumeration. An attacker can enumerate local files due to the lack of protocol scheme sanitization, such as for file:/// URLs. This is related to fints_url to import/job/configuration, and import/create/fints. 2019-08-05 2.1 CVE-2019-14671
MISC
MISC
firefly-iii -- flrefly_iii Firefly III 4.7.17.5 is vulnerable to stored XSS due to the lack of filtration of user-supplied data in the liability name field. The JavaScript code is executed upon an error condition during a visit to the account show page. 2019-08-05 3.5 CVE-2019-14672
MISC
MISC
ibm -- cloud_private IBM Cloud Private 2.1.0 , 3.1.0, 3.1.1, and 3.1.2 could allow a local privileged user to obtain sensitive OIDC token that is printed to log files, which could be used to log in to the system as another user. IBM X-Force ID: 160512. 2019-08-05 2.1 CVE-2019-4284
XF
CONFIRM
ibm -- jazz_for_service_management IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2 could allow an unauthorized local user to create unique catalog names that could cause a denial of service. IBM X-Force ID: 160296. 2019-08-02 2.1 CVE-2019-4275
CONFIRM
XF
magento -- magento A stored cross-site scripting vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to the tax notifications configuration in the Magento admin panel. 2019-08-02 3.5 CVE-2019-7853
MISC
CONFIRM
magento -- magento A reflected cross-site scripting vulnerability exists in the Product widget chooser functionality in the admin panel for Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. 2019-08-02 3.5 CVE-2019-7862
CONFIRM
magento -- magento A stored cross-site scripting vulnerability exists in the admin panel for Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with access to products and categories. 2019-08-02 3.5 CVE-2019-7863
CONFIRM
magento -- magento A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with access to edit Product information via the TinyMCE editor. 2019-08-02 3.5 CVE-2019-7866
CONFIRM
magento -- magento A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with access to manage orders and order status. 2019-08-02 3.5 CVE-2019-7867
CONFIRM
magento -- magento A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with permissions to manage tax rules. 2019-08-02 3.5 CVE-2019-7868
CONFIRM
magento -- magento A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with permissions to manage customer groups. 2019-08-02 3.5 CVE-2019-7869
CONFIRM
magento -- magento A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to newsletter templates. 2019-08-02 3.5 CVE-2019-7875
CONFIRM
magento -- magento A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to marketing email templates to inject malicious javascript. 2019-08-02 3.5 CVE-2019-7880
CONFIRM
magento -- magento A cross-site scripting mitigation bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user to escalate privileges (admin vs. admin XSS attack). 2019-08-02 3.5 CVE-2019-7881
CONFIRM
magento -- magento A stored cross-site scripting vulnerability exists in the WYSIWYG editor of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to the editor can inject malicious SWF files. 2019-08-02 3.5 CVE-2019-7882
CONFIRM
magento -- magento A reflected cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 when the feature that adds a secret key to the Admin URL is disabled. 2019-08-02 3.5 CVE-2019-7887
CONFIRM
magento -- magento A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to customer configurations to inject malicious javascript. 2019-08-02 3.5 CVE-2019-7897
CONFIRM
magento -- magento A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to modify product information. 2019-08-02 3.5 CVE-2019-7908
CONFIRM
magento -- magento A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to email templates. 2019-08-02 3.5 CVE-2019-7909
CONFIRM
magento -- magento A stored cross-site scripting vulnerability exists in the product catalog form of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to the product catalog to inject malicious javascript. 2019-08-02 3.5 CVE-2019-7921
CONFIRM
magento -- magento A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to modify node attributes to inject malicious javascript. 2019-08-02 3.5 CVE-2019-7926
CONFIRM
magento -- magento A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to edit product content pages to inject malicious javascript. 2019-08-02 3.5 CVE-2019-7927
CONFIRM
magento -- magento A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to edit newsletter templates to inject malicious javascript. 2019-08-02 3.5 CVE-2019-7934
CONFIRM
magento -- magento A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to modify content page titles to inject malicious javascript. 2019-08-02 3.5 CVE-2019-7935
CONFIRM
magento -- magento A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to modify content block titles to inject malicious javascript. 2019-08-02 3.5 CVE-2019-7936
CONFIRM
magento -- magento A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to store product attributes to inject malicious javascript. 2019-08-02 3.5 CVE-2019-7937
CONFIRM
magento -- magento A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to modify catalog price rules to inject malicious javascript. 2019-08-02 3.5 CVE-2019-7938
CONFIRM
magento -- magento A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to modify store currency options to inject malicious javascript. 2019-08-02 3.5 CVE-2019-7940
MISC
CONFIRM
magento -- magento A stored cross-site scripting vulnerability exists in the product comments field of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to the Return Product comments field can inject malicious javascript. 2019-08-02 3.5 CVE-2019-7944
MISC
CONFIRM
magento -- magento A stored cross-cite scripting vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to modify currency symbols can inject malicious javascript. 2019-08-02 3.5 CVE-2019-7945
CONFIRM
Back to top

 

Severity Not Yet Assigned

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
1crm -- on-premise_software 1CRM On-Premise Software 8.5.7 allows XSS via a payload that is mishandled during a Run Report operation. 2019-08-08 not yet calculated CVE-2019-14221
MISC
EXPLOIT-DB
3cx -- 3cx_phone_system_web_management_console An issue was discovered in the 3CX Phone system (web) management console 12.5.44178.1002 through 12.5 SP2. The Content.MainForm.wgx component is affected by XXE via a crafted XML document in POST data. There is potential to use this for SSRF (reading local files, outbound HTTP, and outbound DNS). 2019-08-08 not yet calculated CVE-2019-13176
MISC
6kbbs -- 6kbbs 6kbbs 7.1 and 8.0 allows CSRF via portalchannel_ajax.php (id or code parameter) or admin.php (fileids parameter). 2019-08-08 not yet calculated CVE-2015-9292
MISC
:digitallyhappy -- backpack_for_laravel The Backpack\CRUD Backpack component before 3.4.9 for Laravel allows XSS via the select field type. 2019-08-08 not yet calculated CVE-2018-20962
MISC
MISC
MISC
MISC
adplug -- adplug AdPlug 2.3.1 has multiple heap-based buffer overflows in Ca2mLoader::load() in a2m.cpp. 2019-08-06 not yet calculated CVE-2019-14732
MISC
annke -- sp1_hd_wireless_camera ANNKE SP1 HD wireless camera 3.4.1.1604071109 devices allow XSS via a crafted SSID. 2019-08-07 not yet calculated CVE-2017-18483
MISC
apache -- ranger Policy import functionality in Apache Ranger 0.7.0 to 1.2.0 is vulnerable to a cross-site scripting issue. Upgrade to 2.0.0 or later version of Apache Ranger with the fix. 2019-08-08 not yet calculated CVE-2019-12397
MLIST
CONFIRM
apache -- spark Prior to Spark 2.3.3, in certain situations Spark would write user data to local disk unencrypted, even if spark.io.encryption.enabled=true. This includes cached blocks that are fetched to disk (controlled by spark.maxRemoteBlockSizeFetchToMem); in SparkR, using parallelize; in Pyspark, using broadcast and parallelize; and use of python udfs. 2019-08-07 not yet calculated CVE-2019-10099
MISC
aptana -- jaxer Aptana Jaxer 1.0.3.4547 is vulnerable to a local file inclusion vulnerability in the wikilite source code viewer. This vulnerability allows a remote attacker to read internal files on the server via a tools/sourceViewer/index.html?filename=../ URI. 2019-08-09 not yet calculated CVE-2019-14312
MISC
MISC
atlassian -- jira The inline-create rest resource in Jira before version 7.12.3 allows authenticated remote attackers to set the reporter in issues via a missing authorisation check. 2019-08-09 not yet calculated CVE-2018-20826
MISC
atlassian -- jira The activity stream gadget in Jira before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the country parameter. 2019-08-09 not yet calculated CVE-2018-20827
MISC
atlassian -- jira_server_and_data_center There was a server-side template injection vulnerability in Jira Server and Data Center, in the ContactAdministrators and the SendBulkMail actions. An attacker is able to remotely execute code on systems that run a vulnerable version of Jira Server or Data Center. All versions of Jira Server and Data Center from 4.4.0 before 7.6.14, from 7.7.0 before 7.13.5, from 8.0.0 before 8.0.3, from 8.1.0 before 8.1.2, and from 8.2.0 before 8.2.3 are affected by this vulnerability. 2019-08-09 not yet calculated CVE-2019-11581
MISC
backdrop -- backdrop_cms In Backdrop CMS 1.12.x before 1.12.8 and 1.13.x before 1.13.3, some menu links within the administration bar may be crafted to execute JavaScript when the administrator is logged in and uses the search functionality. (This issue is mitigated by the attacker needing permissions to create administrative menu links, such as by creating a content type or layout. Such permissions are usually restricted to trusted or administrative users.) 2019-08-07 not yet calculated CVE-2019-14770
MISC
backdrop -- backdrop_cms Backdrop CMS 1.12.x before 1.12.8 and 1.13.x before 1.13.3 allows the upload of entire-site configuration archives through the user interface or command line. It does not sufficiently check uploaded archives for invalid data, potentially allowing non-configuration scripts to be uploaded to the server. (This attack is mitigated by the attacker needing the "Synchronize, import, and export configuration" permission, a permission that only trusted administrators should be given. Other preventative measures in Backdrop CMS prevent the execution of PHP scripts, so another server-side scripting language must be accessible on the server to execute code.) 2019-08-07 not yet calculated CVE-2019-14771
MISC
backdrop -- backdrop_cms Backdrop CMS 1.12.x before 1.12.8 and 1.13.x before 1.13.3 doesn't sufficiently filter output when displaying certain block labels created by administrators. An attacker could potentially craft a specialized label, then have an administrator execute scripting when administering a layout. (This issue is mitigated by the attacker needing permission to create custom blocks on the site, which is typically an administrative permission.) 2019-08-07 not yet calculated CVE-2019-14769
MISC
canon -- multiple_eos_and_powershot_products Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS 5D MARK IV firmware version 1.2.0 and earlier, EOS 5DS firmware version 1.1.2 and earlier, EOS 5DS R firmware version 1.1.2 and earlier, EOS 6D firmware version 1.1.8 and earlier, EOS 6D MARK II firmware version 1.0.4 and earlier, EOS 7D MARK II firmware version 1.1.2 and earlier, EOS 70 D firmware version 1.1.2 and earlier, EOS 80 D firmware version 1.0.2 and earlier, EOS KISS X7I / EOS D REBEL T5I / EOS 700D firmware version 1.1.5 and earlier, EOS KISS X8I / EOS D REBEL T6I / EOS 750D firmware version 1.0.0 and earlier, EOS KISS X9I / EOS D REBEL T7I / EOS 800D firmware version 1.0.1 and earlier, EOS KISS X7 / EOS D REBEL SL1 / EOS 100D firmware version 1.0.1 and earlier, EOS KISS X9 / EOS D REBEL SL2 / EOS 200D firmware version 1.0.1 and earlier, EOS KISS X10 / EOS D REBEL SL3 / EOS 200D / EOS 250D firmware version 1.0.1 and earlier, EOS 8000D / EOS D REBEL T6S / EOS 760D firmware version 1.0.0 and earlier, EOS 9000D / EOS 77D firmware version 1.0.2 and earlier, EOS KISS X70 / EOS D REBEL T5 / EOS 1200D firmware version 1.0.2 and earlier, EOS D REBEL T5 RE / EOS 1200D MG / EOS HI firmware version 1.0.2 and earlier, EOS KISS X80 / EOS D REBEL T6 / EOS 1300D firmware version 1.1.0 and earlier, EOS KISS X90 / EOS D REBEL T7 / EOS 1500D / EOS 2000D firmware version 1.0.0 and earlier, EOS D REBEL T100 / EOS 3000D / EOS 4000D firmware version 1.0.0 and earlier, EOS R firmware version 1.3.0 and earlier, EOS RP firmware version 1.2.0 and earlier, EOS RP GOLD firmware version 1.2.0 and earlier, EOS M2 firmware version 1.0.3 and earlier, EOS M3 firmware version 1.2.0 and earlier, EOS M5 firmware version 1.0.1 and earlier, EOS M6 firmware version 1.0.1 and earlier, EOS M6(China) firmware version 5.0.0 and earlier, EOS M10 firmware version 1.1.0 and earlier, EOS M100 firmware version 1.0.0 and earlier, EOS KISS M / EOS M50 firmware version 1.0.2 and earlier) and PowerShot SX740 HS firmware version 1.0.1 and earlier, PowerShot SX70 HS firmware version 1.1.0 and earlier, and PowerShot G5Xmark II firmware version 1.0.1 and earlier allows an attacker on the same network segment to trigger the affected product being unresponsive or to execute arbitrary code on the affected product via notifybtstatus command. 2019-08-06 not yet calculated CVE-2019-5998
MISC
MISC
CONFIRM
MISC
canon -- multiple_eos_and_powershot_products Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS 5D MARK IV firmware version 1.2.0 and earlier, EOS 5DS firmware version 1.1.2 and earlier, EOS 5DS R firmware version 1.1.2 and earlier, EOS 6D firmware version 1.1.8 and earlier, EOS 6D MARK II firmware version 1.0.4 and earlier, EOS 7D MARK II firmware version 1.1.2 and earlier, EOS 70 D firmware version 1.1.2 and earlier, EOS 80 D firmware version 1.0.2 and earlier, EOS KISS X7I / EOS D REBEL T5I / EOS 700D firmware version 1.1.5 and earlier, EOS KISS X8I / EOS D REBEL T6I / EOS 750D firmware version 1.0.0 and earlier, EOS KISS X9I / EOS D REBEL T7I / EOS 800D firmware version 1.0.1 and earlier, EOS KISS X7 / EOS D REBEL SL1 / EOS 100D firmware version 1.0.1 and earlier, EOS KISS X9 / EOS D REBEL SL2 / EOS 200D firmware version 1.0.1 and earlier, EOS KISS X10 / EOS D REBEL SL3 / EOS 200D / EOS 250D firmware version 1.0.1 and earlier, EOS 8000D / EOS D REBEL T6S / EOS 760D firmware version 1.0.0 and earlier, EOS 9000D / EOS 77D firmware version 1.0.2 and earlier, EOS KISS X70 / EOS D REBEL T5 / EOS 1200D firmware version 1.0.2 and earlier, EOS D REBEL T5 RE / EOS 1200D MG / EOS HI firmware version 1.0.2 and earlier, EOS KISS X80 / EOS D REBEL T6 / EOS 1300D firmware version 1.1.0 and earlier, EOS KISS X90 / EOS D REBEL T7 / EOS 1500D / EOS 2000D firmware version 1.0.0 and earlier, EOS D REBEL T100 / EOS 3000D / EOS 4000D firmware version 1.0.0 and earlier, EOS R firmware version 1.3.0 and earlier, EOS RP firmware version 1.2.0 and earlier, EOS RP GOLD firmware version 1.2.0 and earlier, EOS M2 firmware version 1.0.3 and earlier, EOS M3 firmware version 1.2.0 and earlier, EOS M5 firmware version 1.0.1 and earlier, EOS M6 firmware version 1.0.1 and earlier, EOS M6(China) firmware version 5.0.0 and earlier, EOS M10 firmware version 1.1.0 and earlier, EOS M100 firmware version 1.0.0 and earlier, EOS KISS M / EOS M50 firmware version 1.0.2 and earlier) and PowerShot SX740 HS firmware version 1.0.1 and earlier, PowerShot SX70 HS firmware version 1.1.0 and earlier, and PowerShot G5Xmark II firmware version 1.0.1 and earlier allows an attacker on the same network segment to trigger the affected product being unresponsive or to execute arbitrary code on the affected product via sendhostinfo command. 2019-08-06 not yet calculated CVE-2019-6000
MISC
MISC
CONFIRM
MISC
canon -- multiple_eos_and_powershot_products Missing authorization vulnerability exists in EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS 5D MARK IV firmware version 1.2.0 and earlier, EOS 5DS firmware version 1.1.2 and earlier, EOS 5DS R firmware version 1.1.2 and earlier, EOS 6D firmware version 1.1.8 and earlier, EOS 6D MARK II firmware version 1.0.4 and earlier, EOS 7D MARK II firmware version 1.1.2 and earlier, EOS 70 D firmware version 1.1.2 and earlier, EOS 80 D firmware version 1.0.2 and earlier, EOS KISS X7I / EOS D REBEL T5I / EOS 700D firmware version 1.1.5 and earlier, EOS KISS X8I / EOS D REBEL T6I / EOS 750D firmware version 1.0.0 and earlier, EOS KISS X9I / EOS D REBEL T7I / EOS 800D firmware version 1.0.1 and earlier, EOS KISS X7 / EOS D REBEL SL1 / EOS 100D firmware version 1.0.1 and earlier, EOS KISS X9 / EOS D REBEL SL2 / EOS 200D firmware version 1.0.1 and earlier, EOS KISS X10 / EOS D REBEL SL3 / EOS 200D / EOS 250D firmware version 1.0.1 and earlier, EOS 8000D / EOS D REBEL T6S / EOS 760D firmware version 1.0.0 and earlier, EOS 9000D / EOS 77D firmware version 1.0.2 and earlier, EOS KISS X70 / EOS D REBEL T5 / EOS 1200D firmware version 1.0.2 and earlier, EOS D REBEL T5 RE / EOS 1200D MG / EOS HI firmware version 1.0.2 and earlier, EOS KISS X80 / EOS D REBEL T6 / EOS 1300D firmware version 1.1.0 and earlier, EOS KISS X90 / EOS D REBEL T7 / EOS 1500D / EOS 2000D firmware version 1.0.0 and earlier, EOS D REBEL T100 / EOS 3000D / EOS 4000D firmware version 1.0.0 and earlier, EOS R firmware version 1.3.0 and earlier, EOS RP firmware version 1.2.0 and earlier, EOS RP GOLD firmware version 1.2.0 and earlier, EOS M2 firmware version 1.0.3 and earlier, EOS M3 firmware version 1.2.0 and earlier, EOS M5 firmware version 1.0.1 and earlier, EOS M6 firmware version 1.0.1 and earlier, EOS M6(China) firmware version 5.0.0 and earlier, EOS M10 firmware version 1.1.0 and earlier, EOS M100 firmware version 1.0.0 and earlier, EOS KISS M / EOS M50 firmware version 1.0.2 and earlier) and PowerShot SX740 HS firmware version 1.0.1 and earlier, PowerShot SX70 HS firmware version 1.1.0 and earlier, and PowerShot G5Xmark II firmware version 1.0.1 and earlier. A successful exploitation may result in a specially crafted firmware update or unofficial firmware update being applied without user's consent via unspecified vector. 2019-08-06 not yet calculated CVE-2019-5995
MISC
MISC
CONFIRM
MISC
canon -- multiple_eos_and_powershot_products Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS 5D MARK IV firmware version 1.2.0 and earlier, EOS 5DS firmware version 1.1.2 and earlier, EOS 5DS R firmware version 1.1.2 and earlier, EOS 6D firmware version 1.1.8 and earlier, EOS 6D MARK II firmware version 1.0.4 and earlier, EOS 7D MARK II firmware version 1.1.2 and earlier, EOS 70 D firmware version 1.1.2 and earlier, EOS 80 D firmware version 1.0.2 and earlier, EOS KISS X7I / EOS D REBEL T5I / EOS 700D firmware version 1.1.5 and earlier, EOS KISS X8I / EOS D REBEL T6I / EOS 750D firmware version 1.0.0 and earlier, EOS KISS X9I / EOS D REBEL T7I / EOS 800D firmware version 1.0.1 and earlier, EOS KISS X7 / EOS D REBEL SL1 / EOS 100D firmware version 1.0.1 and earlier, EOS KISS X9 / EOS D REBEL SL2 / EOS 200D firmware version 1.0.1 and earlier, EOS KISS X10 / EOS D REBEL SL3 / EOS 200D / EOS 250D firmware version 1.0.1 and earlier, EOS 8000D / EOS D REBEL T6S / EOS 760D firmware version 1.0.0 and earlier, EOS 9000D / EOS 77D firmware version 1.0.2 and earlier, EOS KISS X70 / EOS D REBEL T5 / EOS 1200D firmware version 1.0.2 and earlier, EOS D REBEL T5 RE / EOS 1200D MG / EOS HI firmware version 1.0.2 and earlier, EOS KISS X80 / EOS D REBEL T6 / EOS 1300D firmware version 1.1.0 and earlier, EOS KISS X90 / EOS D REBEL T7 / EOS 1500D / EOS 2000D firmware version 1.0.0 and earlier, EOS D REBEL T100 / EOS 3000D / EOS 4000D firmware version 1.0.0 and earlier, EOS R firmware version 1.3.0 and earlier, EOS RP firmware version 1.2.0 and earlier, EOS RP GOLD firmware version 1.2.0 and earlier, EOS M2 firmware version 1.0.3 and earlier, EOS M3 firmware version 1.2.0 and earlier, EOS M5 firmware version 1.0.1 and earlier, EOS M6 firmware version 1.0.1 and earlier, EOS M6(China) firmware version 5.0.0 and earlier, EOS M10 firmware version 1.1.0 and earlier, EOS M100 firmware version 1.0.0 and earlier, EOS KISS M / EOS M50 firmware version 1.0.2 and earlier) and PowerShot SX740 HS firmware version 1.0.1 and earlier, PowerShot SX70 HS firmware version 1.1.0 and earlier, and PowerShot G5Xmark II firmware version 1.0.1 and earlier allows an attacker on the same network segment to trigger the affected product being unresponsive or to execute arbitrary code on the affected product via blerequest command. 2019-08-06 not yet calculated CVE-2019-5999
MISC
MISC
CONFIRM
MISC
canon -- multiple_eos_and_powershot_products Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS 5D MARK IV firmware version 1.2.0 and earlier, EOS 5DS firmware version 1.1.2 and earlier, EOS 5DS R firmware version 1.1.2 and earlier, EOS 6D firmware version 1.1.8 and earlier, EOS 6D MARK II firmware version 1.0.4 and earlier, EOS 7D MARK II firmware version 1.1.2 and earlier, EOS 70 D firmware version 1.1.2 and earlier, EOS 80 D firmware version 1.0.2 and earlier, EOS KISS X7I / EOS D REBEL T5I / EOS 700D firmware version 1.1.5 and earlier, EOS KISS X8I / EOS D REBEL T6I / EOS 750D firmware version 1.0.0 and earlier, EOS KISS X9I / EOS D REBEL T7I / EOS 800D firmware version 1.0.1 and earlier, EOS KISS X7 / EOS D REBEL SL1 / EOS 100D firmware version 1.0.1 and earlier, EOS KISS X9 / EOS D REBEL SL2 / EOS 200D firmware version 1.0.1 and earlier, EOS KISS X10 / EOS D REBEL SL3 / EOS 200D / EOS 250D firmware version 1.0.1 and earlier, EOS 8000D / EOS D REBEL T6S / EOS 760D firmware version 1.0.0 and earlier, EOS 9000D / EOS 77D firmware version 1.0.2 and earlier, EOS KISS X70 / EOS D REBEL T5 / EOS 1200D firmware version 1.0.2 and earlier, EOS D REBEL T5 RE / EOS 1200D MG / EOS HI firmware version 1.0.2 and earlier, EOS KISS X80 / EOS D REBEL T6 / EOS 1300D firmware version 1.1.0 and earlier, EOS KISS X90 / EOS D REBEL T7 / EOS 1500D / EOS 2000D firmware version 1.0.0 and earlier, EOS D REBEL T100 / EOS 3000D / EOS 4000D firmware version 1.0.0 and earlier, EOS R firmware version 1.3.0 and earlier, EOS RP firmware version 1.2.0 and earlier, EOS RP GOLD firmware version 1.2.0 and earlier, EOS M2 firmware version 1.0.3 and earlier, EOS M3 firmware version 1.2.0 and earlier, EOS M5 firmware version 1.0.1 and earlier, EOS M6 firmware version 1.0.1 and earlier, EOS M6(China) firmware version 5.0.0 and earlier, EOS M10 firmware version 1.1.0 and earlier, EOS M100 firmware version 1.0.0 and earlier, EOS KISS M / EOS M50 firmware version 1.0.2 and earlier) and PowerShot SX740 HS firmware version 1.0.1 and earlier, PowerShot SX70 HS firmware version 1.1.0 and earlier, and PowerShot G5Xmark II firmware version 1.0.1 and earlier allows an attacker on the same network segment to trigger the affected product being unresponsive or to execute arbitrary code on the affected product via setadapterbatteryreport command. 2019-08-06 not yet calculated CVE-2019-6001
MISC
MISC
CONFIRM
MISC
canon -- multiple_eos_and_powershot_products
 
Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS 5D MARK IV firmware version 1.2.0 and earlier, EOS 5DS firmware version 1.1.2 and earlier, EOS 5DS R firmware version 1.1.2 and earlier, EOS 6D firmware version 1.1.8 and earlier, EOS 6D MARK II firmware version 1.0.4 and earlier, EOS 7D MARK II firmware version 1.1.2 and earlier, EOS 70 D firmware version 1.1.2 and earlier, EOS 80 D firmware version 1.0.2 and earlier, EOS KISS X7I / EOS D REBEL T5I / EOS 700D firmware version 1.1.5 and earlier, EOS KISS X8I / EOS D REBEL T6I / EOS 750D firmware version 1.0.0 and earlier, EOS KISS X9I / EOS D REBEL T7I / EOS 800D firmware version 1.0.1 and earlier, EOS KISS X7 / EOS D REBEL SL1 / EOS 100D firmware version 1.0.1 and earlier, EOS KISS X9 / EOS D REBEL SL2 / EOS 200D firmware version 1.0.1 and earlier, EOS KISS X10 / EOS D REBEL SL3 / EOS 200D / EOS 250D firmware version 1.0.1 and earlier, EOS 8000D / EOS D REBEL T6S / EOS 760D firmware version 1.0.0 and earlier, EOS 9000D / EOS 77D firmware version 1.0.2 and earlier, EOS KISS X70 / EOS D REBEL T5 / EOS 1200D firmware version 1.0.2 and earlier, EOS D REBEL T5 RE / EOS 1200D MG / EOS HI firmware version 1.0.2 and earlier, EOS KISS X80 / EOS D REBEL T6 / EOS 1300D firmware version 1.1.0 and earlier, EOS KISS X90 / EOS D REBEL T7 / EOS 1500D / EOS 2000D firmware version 1.0.0 and earlier, EOS D REBEL T100 / EOS 3000D / EOS 4000D firmware version 1.0.0 and earlier, EOS R firmware version 1.3.0 and earlier, EOS RP firmware version 1.2.0 and earlier, EOS RP GOLD firmware version 1.2.0 and earlier, EOS M2 firmware version 1.0.3 and earlier, EOS M3 firmware version 1.2.0 and earlier, EOS M5 firmware version 1.0.1 and earlier, EOS M6 firmware version 1.0.1 and earlier, EOS M6(China) firmware version 5.0.0 and earlier, EOS M10 firmware version 1.1.0 and earlier, EOS M100 firmware version 1.0.0 and earlier, EOS KISS M / EOS M50 firmware version 1.0.2 and earlier) and PowerShot SX740 HS firmware version 1.0.1 and earlier, PowerShot SX70 HS firmware version 1.1.0 and earlier, and PowerShot G5Xmark II firmware version 1.0.1 and earlier allows an attacker on the same network segment to trigger the affected product being unresponsive or to execute arbitrary code on the affected product via SendObjectInfo command. 2019-08-06 not yet calculated CVE-2019-5994
MISC
MISC
CONFIRM
MISC
cisco -- enterprise_nfv_infrastructure_software A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to overwrite or read arbitrary files. The attacker would need valid administrator privilege-level credentials. This vulnerability is due to improper input validation of CLI command arguments. An attacker could exploit this vulnerability by using directory traversal techniques when executing a vulnerable command. A successful exploit could allow the attacker to overwrite or read arbitrary files on an affected device. 2019-08-08 not yet calculated CVE-2019-1952
CISCO
cisco -- enterprise_nfv_infrastructure_software A vulnerability in the Virtual Network Computing (VNC) console implementation of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to access the VNC console session of an administrative user on an affected device. The vulnerability is due to an insufficient authentication mechanism used to establish a VNC session. An attacker could exploit this vulnerability by intercepting an administrator VNC session request prior to login. A successful exploit could allow the attacker to watch the administrator console session or interact with it, allowing admin access to the affected device. 2019-08-07 not yet calculated CVE-2019-1895
CISCO
cisco -- enterprise_nfv_infrastructure_software A vulnerability in the web portal framework of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due to improper input validation of log file content stored on the affected device. An attacker could exploit this vulnerability by modifying a log file with malicious code and getting a user to view the modified log file. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or to access sensitive, browser-based information. 2019-08-08 not yet calculated CVE-2019-1973
CISCO
cisco -- enterprise_nfv_infrastructure_software A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to bypass authentication and get limited access to the web-based management interface. The vulnerability is due to an incorrect implementation of authentication in the web-based management interface. An attacker could exploit this vulnerability by sending a crafted authentication request to the web-based management interface on an affected system. A successful exploit could allow the attacker to view limited configuration details and potentially upload a virtual machine image. 2019-08-08 not yet calculated CVE-2019-1946
CISCO
cisco -- enterprise_nfv_infrastructure_software Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to read arbitrary files on the underlying operating system (OS) of an affected device. For more information about these vulnerabilities, see the Details section of this advisory. 2019-08-08 not yet calculated CVE-2019-1959
CISCO
cisco -- enterprise_nfv_infrastructure_software A vulnerability in the web portal of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to view a password in clear text. The vulnerability is due to incorrectly logging the admin password when a user is forced to modify the default password when logging in to the web portal for the first time. Subsequent password changes are not logged and other accounts are not affected. An attacker could exploit this vulnerability by viewing the admin clear text password and using it to access the affected system. The attacker would need a valid user account to exploit this vulnerability. 2019-08-08 not yet calculated CVE-2019-1953
CISCO
cisco -- enterprise_nfv_infrastructure_software A vulnerability the Cisco Enterprise NFV Infrastructure Software (NFVIS) restricted CLI could allow an authenticated, local attacker with valid administrator-level credentials to elevate privileges and execute arbitrary commands on the underlying operating system as root. The vulnerability is due to insufficient restrictions during the execution of an affected CLI command. An attacker could exploit this vulnerability by leveraging the insufficient restrictions during the execution of an affected command. A successful exploit could allow the attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root. 2019-08-08 not yet calculated CVE-2019-1972
CISCO
cisco -- enterprise_nfv_infrastructure_software Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to read arbitrary files on the underlying operating system (OS) of an affected device. For more information about these vulnerabilities, see the Details section of this advisory. 2019-08-08 not yet calculated CVE-2019-1960
CISCO
cisco -- enterprise_nfv_infrastructure_software A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system (OS) of an affected device. The vulnerability is due to the improper input validation of tar packages uploaded through the Web Portal to the Image Repository. An attacker could exploit this vulnerability by uploading a crafted tar package and viewing the log entries that are generated. A successful exploit could allow the attacker to read arbitrary files on the underlying OS. 2019-08-08 not yet calculated CVE-2019-1961
CISCO
cisco -- enterprise_nfv_infrastructure_software A vulnerability in the web portal of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to perform a command injection attack and execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation by the web portal framework. An attacker could exploit this vulnerability by providing malicious input during web portal authentication. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. 2019-08-08 not yet calculated CVE-2019-1971
CISCO
cisco -- ios_xr_software A vulnerability in the implementation of the Intermediate System–to–Intermediate System (IS–IS) routing protocol functionality in Cisco IOS XR Software could allow an unauthenticated attacker who is in the same IS–IS area to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of crafted IS–IS link-state protocol data units (PDUs). An attacker could exploit this vulnerability by sending a crafted link-state PDU to an affected system to be processed. A successful exploit could allow the attacker to cause all routers within the IS–IS area to unexpectedly restart the IS–IS process, resulting in a DoS condition. This vulnerability affects Cisco devices if they are running a vulnerable release of Cisco IOS XR Software earlier than Release 6.6.3 and are configured with the IS–IS routing protocol. Cisco has confirmed that this vulnerability affects both Cisco IOS XR 32-bit Software and Cisco IOS XR 64-bit Software. 2019-08-07 not yet calculated CVE-2019-1910
CISCO
cisco -- ios_xr_software
 
A vulnerability in the implementation of Intermediate System–to–Intermediate System (IS–IS) routing protocol functionality in Cisco IOS XR Software could allow an unauthenticated attacker who is in the same IS-IS area to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of IS–IS link-state protocol data units (PDUs). An attacker could exploit this vulnerability by sending specific link-state PDUs to an affected system to be processed. A successful exploit could allow the attacker to cause incorrect calculations used in the weighted remote shared risk link groups (SRLG) or in the IGP Flexible Algorithm. It could also cause tracebacks to the logs or potentially cause the receiving device to crash the IS–IS process, resulting in a DoS condition. 2019-08-07 not yet calculated CVE-2019-1918
CISCO
cisco -- adaptive_security_appliance A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to elevate privileges and execute administrative functions on an affected device. The vulnerability is due to insufficient authorization validation. An attacker could exploit this vulnerability by logging in to an affected device as a low-privileged user and then sending specific HTTPS requests to execute administrative functions using the information retrieved during initial login. 2019-08-07 not yet calculated CVE-2019-1934
CISCO
cisco -- adaptive_security_appliance Multiple vulnerabilities in the smart tunnel functionality of Cisco Adaptive Security Appliance (ASA) could allow an authenticated, local attacker to elevate privileges to the root user or load a malicious library file while the tunnel is being established. For more information about these vulnerabilities, see the Details section of this security advisory. 2019-08-07 not yet calculated CVE-2019-1944
CISCO
cisco -- adaptive_security_appliance Multiple vulnerabilities in the smart tunnel functionality of Cisco Adaptive Security Appliance (ASA) could allow an authenticated, local attacker to elevate privileges to the root user or load a malicious library file while the tunnel is being established. For more information about these vulnerabilities, see the Details section of this security advisory. 2019-08-07 not yet calculated CVE-2019-1945
CISCO
cisco -- asyncos_software_for_cisco_email_security_appliances  A vulnerability in the Sender Policy Framework (SPF) functionality of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device. The vulnerability is due to incomplete input and validation checking mechanisms for certain SPF messages that are sent to an affected device. An attacker could exploit this vulnerability by sending a customized SPF packet to an affected device. A successful exploit could allow the attacker to bypass the header filters that are configured for the affected device, which could allow malicious content to pass through the device. 2019-08-08 not yet calculated CVE-2019-1955
CISCO
cisco -- firepower_management_center A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected system. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. 2019-08-08 not yet calculated CVE-2019-1949
CISCO
cisco -- firepower_threat_defense A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors when handling specific SSL/TLS messages. An attacker could exploit this vulnerability by sending crafted HTTP packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured file policies and deliver a malicious payload to the protected network. 2019-08-08 not yet calculated CVE-2019-1970
CISCO
cisco -- hyperflex_software A vulnerability in the web-based management interface of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web UI on an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user. 2019-08-08 not yet calculated CVE-2019-1958
CISCO
cisco -- iot_field_network_director A vulnerability in the web interface of Cisco IoT Field Network Director could allow an unauthenticated, remote attacker to trigger high CPU usage, resulting in a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of Transport Layer Security (TLS) renegotiation requests. An attacker could exploit this vulnerability by sending renegotiation requests at a high rate. A successful exploit could increase the resource usage on the system, eventually leading to a DoS condition. 2019-08-08 not yet calculated CVE-2019-1957
CISCO
cisco -- sd-wan_solution A vulnerability in the packet filtering features of Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to bypass L3 and L4 traffic filters. The vulnerability is due to improper traffic filtering conditions on an affected device. An attacker could exploit this vulnerability by crafting a malicious TCP packet with specific characteristics and sending it to a target device. A successful exploit could allow the attacker to bypass the L3 and L4 traffic filters and inject an arbitrary packet in the network. 2019-08-08 not yet calculated CVE-2019-1951
CISCO
cisco -- small_business_220_series_smart_switches A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a malicious request to certain parts of the web management interface. To send the malicious request, the attacker needs a valid login session in the web management interface as a privilege level 15 user. Depending on the configuration of the affected switch, the malicious request must be sent via HTTP or HTTPS. A successful exploit could allow the attacker to execute arbitrary shell commands with the privileges of the root user. 2019-08-07 not yet calculated CVE-2019-1914
CISCO
cisco -- small_business_220_series_smart_switches A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an unauthenticated, remote attacker to upload arbitrary files. The vulnerability is due to incomplete authorization checks in the web management interface. An attacker could exploit this vulnerability by sending a malicious request to certain parts of the web management interface. Depending on the configuration of the affected switch, the malicious request must be sent via HTTP or HTTPS. A successful exploit could allow the attacker to modify the configuration of an affected device or to inject a reverse shell. This vulnerability affects Cisco Small Business 220 Series Smart Switches running firmware versions prior to 1.1.4.4 with the web management interface enabled. The web management interface is enabled via both HTTP and HTTPS by default. 2019-08-07 not yet calculated CVE-2019-1912
CISCO
cisco -- small_business_220_series_smart_switches Multiple vulnerabilities in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an unauthenticated, remote attacker to overflow a buffer, which then allows the execution of arbitrary code with root privileges on the underlying operating system. The vulnerabilities are due to insufficient validation of user-supplied input and improper boundary checks when reading data into an internal buffer. An attacker could exploit these vulnerabilities by sending malicious requests to the web management interface of an affected device. Depending on the configuration of the affected switch, the malicious requests must be sent via HTTP or HTTPS. 2019-08-07 not yet calculated CVE-2019-1913
CISCO
cisco -- spa112_2-port_phone_adapter A vulnerability in the web-based interface of the Cisco SPA112 2-Port Phone Adapter could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against another user of the device. The vulnerability is due to insufficient validation of user-supplied input by the web-based interface of the affected device. An attacker could exploit this vulnerability by inserting malicious code in one of the configuration fields. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. 2019-08-08 not yet calculated CVE-2019-1956
CISCO
cisco -- webex_meetings_server_software A vulnerability in the web-based management interface of Cisco Webex Meetings Server Software could allow an unauthenticated, remote attacker to redirect a user to an undesired web page. The vulnerability is due to improper input validation of the URL parameters in an HTTP request that is sent to an affected device. An attacker could exploit this vulnerability by crafting an HTTP request that could cause the web application to redirect the request to a specified malicious URL. A successful exploit could allow the attacker to redirect a user to a malicious website. 2019-08-08 not yet calculated CVE-2019-1954
CISCO
cisco -- webex_network_recording_player_for_microsoft_windows_and_webex_ player_for_microsoft_windows Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. 2019-08-07 not yet calculated CVE-2019-1924
CISCO
cisco -- webex_network_recording_player_for_microsoft_windows_and_webex_ player_for_microsoft_windows Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. 2019-08-07 not yet calculated CVE-2019-1926
CISCO
cisco -- webex_network_recording_player_for_microsoft_windows_and_webex_ player_for_microsoft_windows Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. 2019-08-07 not yet calculated CVE-2019-1929
CISCO
cisco -- webex_network_recording_player_for_microsoft_windows_and_webex_ player_for_microsoft_windows Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. 2019-08-07 not yet calculated CVE-2019-1928
CISCO
cisco -- webex_network_recording_player_for_microsoft_windows_and_webex_ player_for_microsoft_windows Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. 2019-08-07 not yet calculated CVE-2019-1927
CISCO
cisco -- webex_network_recording_player_for_microsoft_windows_and_webex_ player_for_microsoft_windows Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. 2019-08-07 not yet calculated CVE-2019-1925
CISCO
cloud_foundry -- multiple_products CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag. A local authenticated malicious user with access to the CF CLI config file can act as that client, who is the owner of the leaked credentials. 2019-08-05 not yet calculated CVE-2019-3800
CONFIRM
CONFIRM
cloud_foundry -- uaa Cloud Foundry UAA, versions prior to 74.0.0, is vulnerable to an XSS attack. A remote unauthenticated malicious attacker could craft a URL that contains a SCIM filter that contains malicious JavaScript, which older browsers may execute. 2019-08-09 not yet calculated CVE-2019-11274
CONFIRM
cloud_foundry -- uaa_and_pivotal_application services_and_pivotal_ops_manager Cloud Foundry UAA versions prior to v73.4.0 contain a vulnerability where a malicious client possessing the ?clients.write? authority or scope can bypass the restrictions imposed on clients created via ?clients.write? and create clients with arbitrary scopes that he does not possess. 2019-08-05 not yet calculated CVE-2019-11270
CONFIRM
CONFIRM
cognitoys -- dino_devices Cognitoys Dino devices allow profiles_add.html CSRF. 2019-08-08 not yet calculated CVE-2017-18485
MISC
cognitoys -- dino_devices Cognitoys Dino devices allow XSS via the SSID. 2019-08-08 not yet calculated CVE-2017-18484
MISC
cpanel -- cpanel cPanel before 59.9999.145 allows arbitrary file-read operations because of a multipart form processing error (SEC-154). 2019-08-06 not yet calculated CVE-2016-10794
CONFIRM
cpanel -- cpanel cPanel before 62.0.17 allows demo accounts to execute code via the Htaccess::setphppreference API (SEC-232). 2019-08-05 not yet calculated CVE-2017-18468
CONFIRM
cpanel -- cpanel In cPanel before 62.0.4, Exim piped filters ran in the context of an incorrect user account when delivering to a system user (SEC-204). 2019-08-05 not yet calculated CVE-2017-18475
CONFIRM
cpanel -- cpanel cPanel before 62.0.4 allows resellers to use the WHM enqueue_transfer_item API for queueing non-rearrange modules (SEC-213). 2019-08-05 not yet calculated CVE-2017-18482
CONFIRM
cpanel -- cpanel cPanel before 57.9999.105 allows newline injection via LOC records (CPANEL-6923). 2019-08-07 not yet calculated CVE-2016-10803
CONFIRM
cpanel -- cpanel cPanel before 62.0.17 does not have a sufficient list of reserved usernames (SEC-227). 2019-08-05 not yet calculated CVE-2017-18465
CONFIRM
cpanel -- cpanel cPanel before 62.0.17 does not properly recognize domain ownership during addition of parked domains to a mail configuration (SEC-228). 2019-08-05 not yet calculated CVE-2017-18466
CONFIRM
cpanel -- cpanel cPanel before 60.0.25 allows arbitrary file-chown operations via reassign_post_terminate_cruft (SEC-173). 2019-08-05 not yet calculated CVE-2016-10775
CONFIRM
cpanel -- cpanel cPanel before 62.0.17 allows arbitrary file-overwrite operations via the WHM Zone Template editor (SEC-226). 2019-08-05 not yet calculated CVE-2017-18464
CONFIRM
cpanel -- cpanel In cPanel before 57.9999.54, /scripts/enablefileprotect exposed TTYs (SEC-117). 2019-08-07 not yet calculated CVE-2016-10812
CONFIRM
cpanel -- cpanel cPanel before 58.0.4 has improper session handling for shared users (SEC-139). 2019-08-07 not yet calculated CVE-2016-10801
CONFIRM
cpanel -- cpanel cPanel before 58.0.4 allows demo-mode escape via Site Templates and Boxtrapper API calls (SEC-138). 2019-08-07 not yet calculated CVE-2016-10800
CONFIRM
cpanel -- cpanel cPanel before 58.0.4 initially uses weak permissions for Apache HTTP Server log files (SEC-130). 2019-08-06 not yet calculated CVE-2016-10796
CONFIRM
cpanel -- cpanel cPanel before 62.0.17 allows a CPHulk one-day ban bypass when IP based protection is enabled (SEC-224). 2019-08-05 not yet calculated CVE-2017-18462
CONFIRM
cpanel -- cpanel cPanel before 60.0.25 does not use TLS for HTTP POSTs to listinput.cpanel.net (SEC-192). 2019-08-06 not yet calculated CVE-2016-10790
CONFIRM
cpanel -- cpanel cPanel before 60.0.15 does not ensure that system accounts lack a valid password, so that logins are impossible (CPANEL-9559). 2019-08-06 not yet calculated CVE-2016-10791
CONFIRM
cpanel -- cpanel In cPanel before 62.0.4, Exim transports could execute in the context of the nobody account (SEC-206). 2019-08-05 not yet calculated CVE-2017-18477
CONFIRM
cpanel -- cpanel cPanel before 62.0.17 allows access to restricted resources because of a URL filtering error (SEC-229). 2019-08-05 not yet calculated CVE-2017-18467
CONFIRM
cpanel -- cpanel cPanel before 62.0.4 does not enforce account ownership for has_mycnf_for_cpuser WHM API calls (SEC-210). 2019-08-05 not yet calculated CVE-2017-18480
CONFIRM
cpanel -- cpanel cPanel before 58.0.4 allows WHM "Purchase and Install an SSL Certificate" page visitors to list all server domains (SEC-133). 2019-08-06 not yet calculated CVE-2016-10797
CONFIRM
cpanel -- cpanel cPanel before 58.0.4 allows a file-ownership change (to nobody) via rearrangeacct (SEC-134). 2019-08-07 not yet calculated CVE-2016-10798
CONFIRM
cpanel -- cpanel In cPanel before 62.0.4, WHM SSL certificate generation uses an unreserved e-mail address (SEC-209). 2019-08-05 not yet calculated CVE-2017-18479
CONFIRM
cpanel -- cpanel In cPanel before 62.0.4 incorrect ACL checks could occur in xml-api for Rearrange Account actions (SEC-207). 2019-08-05 not yet calculated CVE-2017-18478
CONFIRM
cpanel -- cpanel cPanel before 59.9999.145 allows code execution in the context of other accounts via mailman list archives (SEC-141). 2019-08-06 not yet calculated CVE-2016-10792
CONFIRM
cpanel -- cpanel Leech Protect in cPanel before 62.0.4 does not protect certain directories (SEC-205). 2019-08-05 not yet calculated CVE-2017-18476
CONFIRM
cpanel -- cpanel cPanel before 58.0.4 does not set the Pear tmp directory during a PHP installation (SEC-137). 2019-08-07 not yet calculated CVE-2016-10799
CONFIRM
cpanel -- cpanel In cPanel before 57.9999.54, /scripts/addpop and /scripts/delpop exposed TTYs (SEC-113). 2019-08-07 not yet calculated CVE-2016-10808
CONFIRM
cpanel -- cpanel cPanel before 59.9999.145 allows arbitrary code execution due to an incorrect #! in Mail::SPF scripts (SEC-152). 2019-08-06 not yet calculated CVE-2016-10793
CONFIRM
cpanel -- cpanel cPanel before 59.9999.145 allows stored XSS in the WHM tail_upcp2.cgi interface (SEC-156). 2019-08-06 not yet calculated CVE-2016-10795
CONFIRM
cpanel -- cpanel cPanel before 62.0.4 has a fixed password for the Munin MySQL test account (SEC-196). 2019-08-05 not yet calculated CVE-2017-18470
CONFIRM
cpanel -- cpanel cPanel before 62.0.4 allows arbitrary file-read operations via Exim valiases (SEC-201). 2019-08-05 not yet calculated CVE-2017-18474
CONFIRM
d-link -- 6600-ap_and_dwl-3600ap_ax_devices An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is post-authenticated denial of service leading to the reboot of the AP via the admin.cgi?action=%s URI. 2019-08-08 not yet calculated CVE-2019-14335
MISC
MISC
d-link -- dir-600m_devices An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page. 2019-08-08 not yet calculated CVE-2019-13101
MISC
FULLDISC
MISC
MISC
MISC
das_q -- das_q Das Q before 2019-08-02 allows web sites to execute arbitrary code on client machines, as demonstrated by a cross-origin /install request with an attacker-controlled releaseUrl, which triggers download and execution of code within a ZIP archive. 2019-08-02 not yet calculated CVE-2019-14551
MISC
das -- u-boot Das U-Boot versions 2016.09 through 2019.07-rc4 can memset() too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution. 2019-08-06 not yet calculated CVE-2019-13106
MISC
MISC
MISC
das -- u-boot Das U-Boot versions 2019.07-rc1 through 2019.07-rc4 can double-free a cached block of data when listing files in a crafted ext4 filesystem. 2019-08-06 not yet calculated CVE-2019-13105
MISC
MISC
MISC
das -- u-boot In Das U-Boot versions 2016.11-rc1 through 2019.07-rc4, an underflow can cause memcpy() to overwrite a very large amount of data (including the whole stack) while reading a crafted ext4 filesystem. 2019-08-06 not yet calculated CVE-2019-13104
MISC
MISC
MISC
dell -- client_commercial_and_consumer_platforms Select Dell Client Commercial and Consumer platforms contain an Improper Access Vulnerability. An unauthenticated attacker with physical access to the system could potentially bypass intended Secure Boot restrictions to run unsigned and untrusted code on expansion cards installed in the system during platform boot. Refer to https://www.dell.com/support/article/us/en/04/sln317683/dsa-2019-043-dell-client-improper-access-control-vulnerability?lang=en for versions affected by this vulnerability. 2019-08-05 not yet calculated CVE-2019-3717
CONFIRM
dell -- dell_digital_delivery_and_alienware_digital_delivery Dell/Alienware Digital Delivery versions prior to 4.0.41 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a Universal Windows Platform application by manipulating the install software package feature with a race condition and a path traversal exploit in order to run a malicious executable with elevated privileges. 2019-08-09 not yet calculated CVE-2019-3744
FULLDISC
dell -- dell_digital_delivery_and_alienware_digital_delivery Dell/Alienware Digital Delivery versions prior to 3.5.2013 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a named pipe that performs binary deserialization via a process hollowing technique to inject malicous code to run an executable with elevated privileges. 2019-08-09 not yet calculated CVE-2019-3742
FULLDISC
django -- django An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField, were subject to SQL injection. This could, for example, be exploited via crafted use of "OR 1=1" in a key or index name to return all records, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to the QuerySet.filter() function. 2019-08-09 not yet calculated CVE-2019-14234
MISC
MISC
CONFIRM
dwsurvey -- dwsurvey DWSurvey through 2019-07-22 has stored XSS via the design/my-survey-design!copySurvey.action surveyName parameter. 2019-08-07 not yet calculated CVE-2019-14747
MISC
eclipse_foundation -- birt In Eclipse BIRT versions 1.0 to 4.7, the Report Viewer allows Reflected XSS in URL parameter. Attacker can execute the payload in victim's browser context. 2019-08-09 not yet calculated CVE-2019-11776
CONFIRM
edimax -- wi-fi_extender_devices Edimax Wi-Fi Extender devices allow goform/formwlencryptvxd CSRF with resultant PSK key disclosure. 2019-08-08 not yet calculated CVE-2016-10863
MISC
emca_software -- energy_logserver The api/admin/logoupload Logo File upload feature in EMCA Energy Logserver 6.1.2 allows attackers to send any kind of file to any location on the server via path traversal in the filename parameter. 2019-08-05 not yet calculated CVE-2019-14521
MISC
MISC
MISC
MISC
enigmail -- enigmail In Enigmail below 2.1, an attacker in possession of PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, he unknowingly leaks the plaintext of the encrypted message part(s) back to the attacker. This attack variant bypasses protection mechanisms implemented after the "EFAIL" attacks. 2019-08-05 not yet calculated CVE-2019-14664
MISC
MISC
eq-3 -- homematic_ccu2_and_ccu3 eQ-3 Homematic CCU2 2.47.15 and prior and CCU3 3.47.15 and prior use session IDs for authentication but lack authorization checks. An attacker can obtain a session ID from CVE-2019-9583, resulting in the ability to read the service messages, clear the system protocol, create a new user in the system, or modify/delete internal programs. 2019-08-05 not yet calculated CVE-2019-14475
MISC
eq-3 -- homematic_ccu2_and_ccu3 eQ-3 Homematic CCU2 and CCU3 use session IDs for authentication but lack authorization checks. Consequently, a valid guest level or user level account can create a new admin level account, read the service messages, clear the system protocol or modify/delete internal programs, etc. pp. 2019-08-06 not yet calculated CVE-2019-14473
MISC
eq-3 -- homematic_ccu3 eQ-3 Homematic CCU3 3.47.15 and prior has Improper Input Validation in function 'Call()' of ReGa core logic process, resulting in the ability to start a Denial of Service. Due to Improper Authorization an attacker can obtain a session ID from CVE-2019-9583 or a valid guest/user/admin account can start this attack too. 2019-08-07 not yet calculated CVE-2019-14474
MISC
espocrm -- espocrm An issue was discovered in EspoCRM before 5.6.9. Stored XSS was executed on the Preference page as well as while sending an email when a malicious payload was inserted inside the Email Signature in the Preference page. The attacker could insert malicious JavaScript inside his email signature, which fires when the victim replies or forwards the mail, thus helping him steal victims' cookies (hence compromising their accounts). 2019-08-05 not yet calculated CVE-2019-14546
MISC
MISC
MISC
MISC
gcdwebserver -- gcdwebserver An issue was discovered in GCDWebServer before 3.5.3. The method moveItem in the GCDWebUploader class checks the FileExtension of newAbsolutePath but not oldAbsolutePath. By leveraging this vulnerability, an adversary can make an inaccessible file be available (the credential of the app, for instance). 2019-08-10 not yet calculated CVE-2019-14924
MISC
MISC
MISC
go-camo -- go-camo A Server Side Request Forgery (SSRF) vulnerability in go-camo up to version 1.1.4 allows a remote attacker to perform HTTP requests to internal endpoints. 2019-08-08 not yet calculated CVE-2019-14255
CONFIRM
gogs -- gogs routes/api/v1/api.go in Gogs 0.11.86 lacks permission checks for routes: deploy keys, collaborators, and hooks. 2019-08-02 not yet calculated CVE-2019-14544
MISC
gree -- php_jose_library The PHP JOSE Library by Gree Inc. before version 2.2.1 is vulnerable to key confusion/algorithm substitution in the JWS component resulting in bypassing the signature verification via crafted tokens. 2019-08-07 not yet calculated CVE-2016-5431
CONFIRM
hewlett_packard_enterprise -- 3par_service_processor A remote arbitrary file upload vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1. 2019-08-09 not yet calculated CVE-2019-5395
CONFIRM
hewlett_packard_enterprise -- 3par_service_processor A remote multiple multiple cross-site vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1. 2019-08-09 not yet calculated CVE-2019-5398
CONFIRM
hewlett_packard_enterprise -- 3par_service_processor A remote authentication bypass vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1. 2019-08-09 not yet calculated CVE-2019-5396
CONFIRM
hewlett_packard_enterprise -- 3par_service_processor A remote session reuse vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1. 2019-08-09 not yet calculated CVE-2019-5400
CONFIRM
hewlett_packard_enterprise -- 3par_service_processor A remote gain authorized access vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1. 2019-08-09 not yet calculated CVE-2019-5399
CONFIRM
hewlett_packard_enterprise -- 3par_service_processor A remote bypass of security restrictions vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1. 2019-08-09 not yet calculated CVE-2019-5397
CONFIRM
hewlett_packard_enterprise -- 3par_storeserv_management_and_core_software_media A remote multiple cross-site scripting vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. 2019-08-09 not yet calculated CVE-2019-5403
CONFIRM
hewlett_packard_enterprise -- 3par_storeserv_management_and_core_software_media A remote script injection vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. 2019-08-09 not yet calculated CVE-2019-5404
CONFIRM
hewlett_packard_enterprise -- 3par_storeserv_management_and_core_software_media A remote authorization bypass vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. 2019-08-09 not yet calculated CVE-2019-5402
CONFIRM
hewlett_packard_enterprise -- 3par_storeserv_management_and_core_software_media A remote information disclosure vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. 2019-08-09 not yet calculated CVE-2019-5407
CONFIRM
hewlett_packard_enterprise -- 3par_storeserv_management_and_core_software_media A remote authorization bypass vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. 2019-08-09 not yet calculated CVE-2019-5405
CONFIRM
hewlett_packard_enterprise -- 3par_storeserv_management_and_core_software_media A remote session reuse vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. 2019-08-09 not yet calculated CVE-2019-5406
CONFIRM
hewlett_packard_enterprise -- command_view_advanced_edition Command View Advanced Edition (CVAE) products contain a vulnerability that could expose configuration information of hosts and storage systems that are managed by Device Manager server. This problem is due to a vulnerability in Device Manager GUI. The following products are affected. DevMgr version 7.0.0-00 to earlier than 8.6.1-02 RepMgr if it is installed on the same machine as DevMgr TSMgr if it is installed on the same machine as DevMgr. The resolution is to upgrade to the fixed version as described below or later version of DevMgr 8.6.2-02 or later. RepMgr and TSMgr will be corrected by upgrading DevMgr. 2019-08-09 not yet calculated CVE-2019-5408
CONFIRM
huawei -- emily-l29c_smart_phones Huawei smart phones Emily-L29C with versions of 8.1.0.132a(C432), 8.1.0.135(C782), 8.1.0.154(C10), 8.1.0.154(C461), 8.1.0.154(C635), 8.1.0.156(C185), 8.1.0.156(C605), 8.1.0.159(C636) have a double free vulnerability. An attacker can trick a user to click a URL to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal. 2019-08-08 not yet calculated CVE-2019-5236
CONFIRM
huawei -- honor_v20_smart_phones Huawei smart phones Honor V20 with the versions before 9.0.1.161(C00E161R2P2) have an information leak vulnerability. An attacker may trick a user into installing a malicious application. Due to coding error during layer information processing, attackers can exploit this vulnerability to obtain some layer information. 2019-08-08 not yet calculated CVE-2019-5301
CONFIRM
huawei -- pcmanager Huawei PCManager with the versions before 9.0.1.66 (Oversea) and versions before 9.0.1.70 (China) have a code execution vulnerability. Successful exploitation may cause the attacker to execute code and read/write information. 2019-08-08 not yet calculated CVE-2019-5237
CONFIRM
huawei -- pcmanager Huawei PCManager with the versions before 9.0.1.66 (Oversea) and versions before 9.0.1.70 (China) have a code execution vulnerability. Successful exploitation may cause the attacker to execute code and read/write information. 2019-08-08 not yet calculated CVE-2019-5238
CONFIRM
huawei -- pcmanager Huawei PCManager with the versions before 9.0.1.66 (Oversea) and versions before 9.0.1.70 (China) have an information leak vulnerability. Successful exploitation may cause the attacker to read information. 2019-08-08 not yet calculated CVE-2019-5239
CONFIRM
ibm -- aix_platform Multiple binaries in IBM SDK, Java Technology Edition 7, 7R, and 8 on the AIX platform use insecure absolute RPATHs, which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 163984. 2019-08-05 not yet calculated CVE-2019-4473
CONFIRM
XF
jenkins -- jenkins A cross-site request forgery vulnerability in Jenkins JClouds Plugin 2.14 and earlier in BlobStoreProfile.DescriptorImpl#doTestConnection and JCloudsCloud.DescriptorImpl#doTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. 2019-08-07 not yet calculated CVE-2019-10368
MLIST
MISC
jenkins -- jenkins A stored cross-site scripting vulnerability in Jenkins Build Pipeline Plugin 1.5.8 and earlier allows attackers able to edit the build pipeline description to inject arbitrary HTML and JavaScript in the plugin-provided web pages in Jenkins. 2019-08-07 not yet calculated CVE-2019-10373
MLIST
MISC
jenkins -- jenkins An open redirect vulnerability in Jenkins Gitlab Authentication Plugin 1.4 and earlier in GitLabSecurityRealm.java allows attackers to redirect users to a URL outside Jenkins after successful login. 2019-08-07 not yet calculated CVE-2019-10372
MLIST
MISC
jenkins -- jenkins A session fixation vulnerability in Jenkins Gitlab Authentication Plugin 1.4 and earlier in GitLabSecurityRealm.java allows unauthorized attackers to impersonate another user if they can control the pre-authentication session. 2019-08-07 not yet calculated CVE-2019-10371
MLIST
MISC
jenkins -- jenkins Jenkins Mask Passwords Plugin 2.12.0 and earlier transmits globally configured passwords in plain text as part of the configuration form, potentially resulting in their exposure. 2019-08-07 not yet calculated CVE-2019-10370
MLIST
MISC
jenkins -- jenkins A cross-site request forgery vulnerability in Jenkins XL TestView Plugin 1.2.0 and earlier in XLTestView.XLTestDescriptor#doTestConnection allows users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. 2019-08-07 not yet calculated CVE-2019-10386
MLIST
MISC
jenkins -- jenkins An arbitrary file read vulnerability in Jenkins File System SCM Plugin 2.1 and earlier allows attackers able to configure jobs in Jenkins to obtain the contents of any file on the Jenkins master. 2019-08-07 not yet calculated CVE-2019-10375
MLIST
MISC
jenkins -- jenkins Due to an incomplete fix of CVE-2019-10343, Jenkins Configuration as Code Plugin 1.26 and earlier did not properly apply masking to some values expected to be hidden when logging the configuration being applied. 2019-08-07 not yet calculated CVE-2019-10367
MLIST
MISC
jenkins -- jenkins A missing permission check in Jenkins XL TestView Plugin 1.2.0 and earlier in XLTestView.XLTestDescriptor#doTestConnection allows users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. 2019-08-07 not yet calculated CVE-2019-10387
MLIST
MISC
jenkins -- jenkins A stored cross-site scripting vulnerability in Jenkins PegDown Formatter Plugin 1.3 and earlier allows attackers able to edit descriptions and other fields rendered using the configured markup formatter to insert links with the javascript scheme into the Jenkins UI. 2019-08-07 not yet calculated CVE-2019-10374
MLIST
MISC
jenkins -- jenkins A missing permission check in Jenkins JClouds Plugin 2.14 and earlier in BlobStoreProfile.DescriptorImpl#doTestConnection and JCloudsCloud.DescriptorImpl#doTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. 2019-08-07 not yet calculated CVE-2019-10369
MLIST
MISC
jenkins -- jenkins A missing permission check in Jenkins Relution Enterprise Appstore Publisher Plugin 1.24 and earlier allows attackers to have Jenkins initiate an HTTP connection to an attacker-specified server. 2019-08-07 not yet calculated CVE-2019-10389
MLIST
MISC
jenkins -- jenkins A reflected cross-site scripting vulnerability in Jenkins Wall Display Plugin 0.6.34 and earlier allows attackers to inject arbitrary HTML and JavaScript into web pages provided by this plugin. 2019-08-07 not yet calculated CVE-2019-10376
MLIST
MISC
jenkins -- jenkins A missing permission check in Jenkins Avatar Plugin 1.2 and earlier allows attackers with Overall/Read access to change the avatar of any user of Jenkins. 2019-08-07 not yet calculated CVE-2019-10377
MLIST
MISC
jenkins -- jenkins Jenkins TestLink Plugin 3.16 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. 2019-08-07 not yet calculated CVE-2019-10378
MLIST
MISC
jenkins -- jenkins A cross-site request forgery vulnerability in Jenkins Relution Enterprise Appstore Publisher Plugin 1.24 and earlier allows attackers to have Jenkins initiate an HTTP connection to an attacker-specified server. 2019-08-07 not yet calculated CVE-2019-10388
MLIST
MISC
jenkins -- jenkins Jenkins Simple Travis Pipeline Runner Plugin 1.0 and earlier specifies unsafe values in its custom Script Security whitelist, allowing attackers able to execute Script Security protected scripts to execute arbitrary code. 2019-08-07 not yet calculated CVE-2019-10380
MLIST
MISC
jenkins -- jenkins Jenkins Google Cloud Messaging Notification Plugin 1.0 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. 2019-08-07 not yet calculated CVE-2019-10379
MLIST
MISC
jenkins -- jenkins Jenkins VMware Lab Manager Slaves Plugin 0.2.8 and earlier disables SSL/TLS and hostname verification globally for the Jenkins master JVM. 2019-08-07 not yet calculated CVE-2019-10382
MLIST
MISC
jenkins -- jenkins Jenkins eggPlant Plugin 2.2 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. 2019-08-07 not yet calculated CVE-2019-10385
MLIST
MISC
jenkins -- jenkins Jenkins Codefresh Integration Plugin 1.8 and earlier disables SSL/TLS and hostname verification globally for the Jenkins master JVM. 2019-08-07 not yet calculated CVE-2019-10381
MLIST
MISC
jitbit -- helpdesk Jitbit Helpdesk before 9.0.3 allows remote attackers to escalate privileges because of mishandling of the User/AutoLogin userHash parameter. By inspecting the token value provided in a password reset link, a user can leverage a weak PRNG to recover the shared secret used by the server for remote authentication. The shared secret can be used to escalate privileges by forging new tokens for any user. These tokens can be used to automatically log in as the affected user. 2019-08-09 not yet calculated CVE-2017-18486
MISC
MISC
MISC
MISC
jura -- e8_devices Jura E8 devices lack Bluetooth connection security. 2019-08-07 not yet calculated CVE-2018-20959
MISC
kde -- kde_frameworks_kconfig In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .desktop file. 2019-08-07 not yet calculated CVE-2019-14744
MISC
MISC
BUGTRAQ
DEBIAN
MISC
kuaifancms -- kuaifancms A issue was discovered in KuaiFanCMS 5.0. It allows eval injection by placing PHP code in the install.php db_name parameter and then making a config.php request. 2019-08-07 not yet calculated CVE-2019-14746
MISC
lcds -- laquis_scada Processing a specially crafted project file in LAquis SCADA 4.3.1.71 may trigger an out-of-bounds read, which may allow an attacker to obtain sensitive information. The attacker must have local access to the system. A CVSS v3 base score of 2.5 has been calculated; the CVSS vector string is (AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N). 2019-08-05 not yet calculated CVE-2019-10994
MISC
lcds -- laquis_scada A type confusion vulnerability may be exploited when LAquis SCADA 4.3.1.71 processes a specially crafted project file. This may allow an attacker to execute remote code. The attacker must have local access to the system. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). 2019-08-05 not yet calculated CVE-2019-10980
MISC
ledger -- nano_s_and_nano_x_devices On Ledger Nano S and Nano X devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might be able to leverage this behavior to recover confidential secrets such as the PIN and BIP39 mnemonic. In other words, the side channel is relevant only if the attacker has enough control over the device's USB connection to make power-consumption measurements at a time when secret data is displayed. The side channel is not relevant in other circumstances, such as a stolen device that is not currently displaying secret data. 2019-08-10 not yet calculated CVE-2019-14354
MISC
linux -- linux_kernel In the Linux kernel before 4.16.4, a double free vulnerability in the f_midi_set_alt function of drivers/usb/gadget/function/f_midi.c in the f_midi driver may allow attackers to cause a denial of service or possibly have unspecified other impact. 2019-08-07 not yet calculated CVE-2018-20961
MISC
MISC
MISC
linux -- linux_kernel In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with f_hid. 2019-08-07 not yet calculated CVE-2019-14763
MISC
MISC
MISC
MISC
MISC
MISC
MISC
loom -- loom_desktop_for_mac Incorrect authentication of application WebSocket connections in Loom Desktop for Mac up to 0.16.0 allows remote code execution from either malicious JavaScript in a browser or hosts on the same network, during periods in which a user is recording a video with the application. The same attack vector can be used to crash the application at any time. 2019-08-07 not yet calculated CVE-2019-14432
MISC
CONFIRM
mailpile -- mailpile The "Security and Privacy" Encryption feature in Mailpile before 1.0.0rc4 does not exclude disabled, revoked, and expired keys. 2019-08-08 not yet calculated CVE-2018-20954
MISC
MISC
MISC
mediawiki -- mediawiki In the MobileFrontend extension 1.31 through 1.33 for MediaWiki, XSS exists within the edit summary field in includes/specials/MobileSpecialPageFeed.php. 2019-08-09 not yet calculated CVE-2019-14807
CONFIRM
MISC
micro_focus -- content_manager Remote Access Control Bypass in Micro Focus Content Manager. versions 9.1, 9.2, 9.3. The vulnerability could be exploited to manipulate data stored during another user?s CheckIn request. 2019-08-07 not yet calculated CVE-2019-11653
MISC
CONFIRM
microdigital -- n-series_cameras A CSRF issue was discovered in webparam?user&action=set&param=add in HTTPD on MicroDigital N-series cameras with firmware through 6400.0.8.5 to create an admin account. 2019-08-06 not yet calculated CVE-2019-14703
MISC
MISC
MISC
microdigital -- n-series_cameras An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. In a CGI program running under the HTTPD web server, a buffer overflow in the param parameter leads to remote code execution in the context of the nobody account. 2019-08-06 not yet calculated CVE-2019-14698
MISC
MISC
MISC
microdigital -- n-series_cameras A cleartext password storage issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. The file in question is /usr/local/ipsca/mipsca.db. If a camera is compromised, the attacker can gain access to passwords and abuse them to compromise further systems. 2019-08-06 not yet calculated CVE-2019-14709
MISC
MISC
MISC
microdigital -- n-series_cameras An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker can trigger read operations on an arbitrary file via Path Traversal in the TZ parameter, but cannot retrieve the data that is read. This causes a denial of service if the filename is, for example, /dev/random. 2019-08-06 not yet calculated CVE-2019-14701
MISC
MISC
MISC
microdigital -- n-series_cameras An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. SQL injection vulnerabilities exist in 13 forms that are reachable through HTTPD. An attacker can, for example, create an admin account. 2019-08-06 not yet calculated CVE-2019-14702
MISC
MISC
MISC
microdigital -- n-series_cameras An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. There is disclosure of the existence of arbitrary files via Path Traversal in HTTPD. This occurs because the filename specified in the TZ parameter is accessed with a substantial delay if that file exists. 2019-08-06 not yet calculated CVE-2019-14700
MISC
MISC
MISC
microdigital -- n-series_cameras An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. A buffer overflow in the action parameter leads to remote code execution in the context of the nobody account. 2019-08-06 not yet calculated CVE-2019-14708
MISC
MISC
MISC
microdigital -- n-series_cameras An Incorrect Access Control issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5 because any valid cookie can be used to make requests as an admin. 2019-08-06 not yet calculated CVE-2019-14705
MISC
MISC
MISC
microdigital -- n-series_cameras A denial of service issue in HTTPD was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker without authorization can upload a file to upload.php with a filename longer than 256 bytes. This will be placed in the updownload area. It will not be deleted, because of a buffer overflow in a Bash command string. 2019-08-06 not yet calculated CVE-2019-14706
MISC
MISC
MISC
microdigital -- n-series_cameras An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. The firmware update process is insecure, leading to remote code execution. The attacker can provide arbitrary firmware in a .dat file via a webparam?system&action=set&upgrade URI. 2019-08-06 not yet calculated CVE-2019-14707
MISC
MISC
MISC
microdigital -- n-series_cameras An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker can exploit OS Command Injection in the filename parameter for remote code execution as root. This occurs in the Mainproc executable file, which can be run from the HTTPD web server. 2019-08-06 not yet calculated CVE-2019-14699
MISC
MISC
MISC
microdigital -- n-series_cameras An SSRF issue was discovered in HTTPD on MicroDigital N-series cameras with firmware through 6400.0.8.5 via FTP commands following a newline character in the uploadfile field. 2019-08-06 not yet calculated CVE-2019-14704
MISC
MISC
MISC
mongodb -- mongodb_server After user deletion in MongoDB Server the improper invalidation of authorization sessions allows an authenticated user's session to persist and become conflated with new accounts, if those accounts reuse the names of deleted ones. This issue affects: MongoDB Inc. MongoDB Server v4.0 versions prior to 4.0.9; v3.6 versions prior to 3.6.13; v3.4 versions prior to 3.4.22. 2019-08-06 not yet calculated CVE-2019-2386
CONFIRM
MISC
musl -- libc musl libc through 1.1.23 has an x87 floating-point stack adjustment imbalance, related to the math/i386/ directory. In some cases, use of this library could introduce out-of-bounds writes that are not present in an application's source code. 2019-08-06 not yet calculated CVE-2019-14697
MLIST
MISC
ncsoft -- nc_launcher2 NCSOFT Game Launcher, NC Launcher2 2.4.1.691 and earlier versions have a vulnerability in the custom protocol handler that could allow remote attacker to execute arbitrary command. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page. This can be leveraged for code execution in the context of the current user. 2019-08-09 not yet calculated CVE-2019-12805
CONFIRM
neet -- airstream_nas_devices Neet AirStream NAS1.1 devices have a password of ifconfig for the root account. This cannot be changed via the configuration page. 2019-08-08 not yet calculated CVE-2016-10862
MISC
neet -- airstream_nas_devices Neet AirStream NAS1.1 devices allow CSRF attacks that cause the settings binary to change the AP name and password. 2019-08-07 not yet calculated CVE-2016-10861
MISC
nespresso -- prodigio_devices Nespresso Prodigio devices lack Bluetooth connection security. 2019-08-08 not yet calculated CVE-2018-20960
MISC
netapp -- data_ontap_operating_in_7-mode SMB in Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 has weak cryptography which when exploited could lead to information disclosure or addition or modification of data. 2019-08-05 not yet calculated CVE-2019-5502
MISC
netapp -- oncommmand_insight OnCommand Insight versions through 7.3.6 may disclose sensitive account information to an authenticated user. 2019-08-09 not yet calculated CVE-2019-5498
CONFIRM
netgear -- ex7000_devices NETGEAR EX7000 V1.0.0.42_1.0.94 devices allow XSS via the SSID. 2019-08-08 not yet calculated CVE-2016-10864
MISC
nextcloud -- nextcloud_lookup-server An SQL Injection in the Nextcloud Lookup-Server < v0.3.0 (running on https://lookup.nextcloud.com) caused unauthenticated users to be able to execute arbitrary SQL commands. 2019-08-07 not yet calculated CVE-2019-5476
MISC
nvidia -- shield_tv NVIDIA Shield TV Experience prior to v8.0, NVIDIA Tegra bootloader contains a vulnerability in nvtboot where the Trusted OS image is improperly authenticated, which may lead to code execution, denial of service, escalation of privileges, and information disclosure, code execution, denial of service, or escalation of privileges 2019-08-06 not yet calculated CVE-2019-5679
CONFIRM
nvidia -- shield_tv NVIDIA Shield TV Experience prior to v8.0, contains a vulnerability in the NVIDIA Games App where it improperly exports an Activity but does not properly restrict which applications can launch the Activity, which may lead to code execution or denial of service. 2019-08-06 not yet calculated CVE-2019-5682
CONFIRM
nvidia -- windows_gpu_display_driver_software NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access of an input texture array, which may lead to denial of service or code execution. 2019-08-06 not yet calculated CVE-2019-5684
CONFIRM
CONFIRM
CONFIRM
MISC
nvidia -- windows_gpu_display_driver_software NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access to a shader local temporary array, which may lead to denial of service or code execution. 2019-08-06 not yet calculated CVE-2019-5685
CONFIRM
CONFIRM
MISC
nvidia -- windows_gpu_display_driver_software NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software uses an API function or data structure in a way that relies on properties that are not always guaranteed to be valid, which may lead to denial of service. 2019-08-06 not yet calculated CVE-2019-5686
CONFIRM
CONFIRM
nvidia -- windows_gpu_display_driver_software NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which an incorrect use of default permissions for an object exposes it to an unintended actor 2019-08-06 not yet calculated CVE-2019-5687
CONFIRM
CONFIRM
nvidia -- windows_gpu_display_driver_software NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in the user mode video driver trace logger component. When an attacker has access to the system and creates a hard link, the software does not check for hard link attacks. This behavior may lead to code execution, denial of service, or escalation of privileges. 2019-08-06 not yet calculated CVE-2019-5683
CONFIRM
CONFIRM
open_edx -- recommender Recommender before 2018-07-18 allows XSS. 2019-08-09 not yet calculated CVE-2018-20858
MISC
CONFIRM
open_school -- open_school_and_community_edition Open-School 3.0, and Community Edition 2.3, allows SQL Injection via the index.php?r=students/students/document id parameter. 2019-08-08 not yet calculated CVE-2019-14754
MISC
MISC
open_school -- open_school_and_community_edition Open-School 3.0, and Community Edition 2.3, allows XSS via the osv/index.php?r=students/guardians/create id parameter. 2019-08-06 not yet calculated CVE-2019-14696
MISC
MISC
MISC
openstack -- nova An issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2. If an API request from an authenticated user ends in a fault condition due to an external exception, details of the underlying environment may be leaked in the response, and could include sensitive configuration or other data. 2019-08-09 not yet calculated CVE-2019-14433
MLIST
MISC
CONFIRM
osticket -- osticket An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. The Ticket creation form allows users to upload files along with queries. It was found that the file-upload functionality has fewer (or no) mitigations implemented for file content checks; also, the output is not handled properly, causing persistent XSS that leads to cookie stealing or malicious actions. For example, a non-agent user can upload a .html file, and Content-Disposition will be set to inline instead of attachment. 2019-08-07 not yet calculated CVE-2019-14748
MISC
MISC
MISC
MISC
osticket -- osticket An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. CSV (aka Formula) injection exists in the export spreadsheets functionality. These spreadsheets are generated dynamically from unvalidated or unfiltered user input in the Name and Internal Notes fields in the Users tab, and the Issue Summary field in the tickets tab. This allows other agents to download data in a .csv file format or .xls file format. This is used as input for spreadsheet applications such as Excel and OpenOffice Calc, resulting in a situation where cells in the spreadsheets can contain input from an untrusted source. As a result, the end user who is accessing the exported spreadsheet can be affected. 2019-08-07 not yet calculated CVE-2019-14749
MISC
MISC
MISC
MISC
osticket -- osticket An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. Stored XSS exists in setup/install.php. It was observed that no input sanitization was provided in the firstname and lastname fields of the application. The insertion of malicious queries in those fields leads to the execution of those queries. This can further lead to cookie stealing or other malicious actions. 2019-08-07 not yet calculated CVE-2019-14750
MISC
MISC
MISC
MISC
php -- php When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. 2019-08-09 not yet calculated CVE-2019-11042
CONFIRM
php -- php When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. 2019-08-09 not yet calculated CVE-2019-11041
CONFIRM
qingdao_nature_easy_soft_network_technology -- zentao An issue was discovered in ZenTao 11.5.1. There is an XSS (stored) vulnerability that leads to the capture of other people's cookies via the Rich Text Box. 2019-08-06 not yet calculated CVE-2019-14731
MISC
radare2 -- radare2 In radare2 before 3.7.0, a command injection vulnerability exists in bin_symbols() in libr/core/cbin.c. By using a crafted executable file, it's possible to execute arbitrary shell commands with the permissions of the victim. This vulnerability is due to improper handling of symbol names embedded in executables. 2019-08-07 not yet calculated CVE-2019-14745
MISC
MISC
MISC
samsung -- mobile_devices On Samsung mobile devices with N(7.x), and O(8.x), P(9.0) software, FotaAgent allows a malicious application to create privileged files. The Samsung ID is SVE-2019-14764. 2019-08-08 not yet calculated CVE-2019-14783
MISC
schben -- adive Internal/Views/addUsers.php in Schben Adive 2.0.7 allows remote unprivileged users (editor or developer) to create an administrator account via admin/user/add, as demonstrated by a Python PoC script. 2019-08-06 not yet calculated CVE-2019-14347
MISC
MISC
schben -- adive Internal/Views/config.php in Schben Adive 2.0.7 allows admin/config CSRF to change a user password. 2019-08-06 not yet calculated CVE-2019-14346
MISC
MISC
MISC
shenzhen_dragon_brothers -- fingerprint_bluetooth_round_padlock_fb50 An HTTP parameter pollution issue was discovered on Shenzhen Dragon Brothers Fingerprint Bluetooth Round Padlock FB50 2.3. With the user ID, user name, and the lock's MAC address, anyone can unbind the existing owner of the lock, and bind themselves instead. This leads to complete takeover of the lock. The user ID, name, and MAC address are trivially obtained from APIs found within the Android or iOS application. With only the MAC address of the lock, any attacker can transfer ownership of the lock from the current user, over to the attacker's account. Thus rendering the lock completely inaccessible to the current user. 2019-08-06 not yet calculated CVE-2019-13143
MISC
sitecore -- sitecore_cms Multiple cross-site scripting (XSS) vulnerabilities in Sitecore CMS 9.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) #300583 - List Manager Dashboard module, (2) #307638 - Campaign Creator module, (3) #316994 - Attributes field, (4) I#316995 - Icon Selection module, (5) #317000 - Latitude field, (6) #317000 - Longitude field, (7) #317017 - UploadPackage2.aspx module, (8) #317072 - Context menu, or (9) I#317073 - Insert from Template dialog. 2019-08-05 not yet calculated CVE-2019-11198
MISC
MISC
swann -- swwhd-intcam-hd_devices Swann SWWHD-INTCAM-HD devices have the twipc root password, leading to FTP access as root. 2019-08-08 not yet calculated CVE-2018-20955
MISC
swann -- swwhd-intcam-hd_devices Swann SWWHD-INTCAM-HD devices leave the PSK in logs after a factory reset. 2019-08-08 not yet calculated CVE-2018-20956
MISC
tapplock -- tapplock_devices The Bluetooth Low Energy (BLE) subsystem on Tapplock devices before 2018-06-12 allows replay attacks. 2019-08-08 not yet calculated CVE-2018-20957
MISC
MISC
tapplock -- tapplock_devices The Bluetooth Low Energy (BLE) subsystem on Tapplock devices before 2018-06-12 relies on Key1 and SerialNo for unlock operations; however, these are derived from the MAC address, which is broadcasted by the device. 2019-08-07 not yet calculated CVE-2018-20958
CONFIRM
MISC
teampass -- teampass An issue was discovered in TeamPass 2.1.27.35. From the sources/items.queries.php "Import items" feature, it is possible to load a crafted CSV file with an XSS payload. 2019-08-06 not yet calculated CVE-2019-12950
MISC
MISC
the_pallets_project -- werkzeug Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker containers share the same machine id. 2019-08-09 not yet calculated CVE-2019-14806
MISC
MISC
MISC
tibco_software -- tibco_api_exchange_gateway_and_tibco_api_exchange_ gateway_distribution_for_tibco_silver_fabric The authorization component of TIBCO Software Inc.'s TIBCO API Exchange Gateway, and TIBCO API Exchange Gateway Distribution for TIBCO Silver Fabric contains a vulnerability that theoretically processes OAuth authorization incorrectly, leading to potential escalation of privileges for the specific customer endpoint, when the implementation uses multiple scopes. This issue affects: TIBCO Software Inc.'s TIBCO API Exchange Gateway version 2.3.1 and prior versions, and TIBCO API Exchange Gateway Distribution for TIBCO Silver Fabric version 2.3.1 and prior versions. 2019-08-08 not yet calculated CVE-2019-11208
MISC
CONFIRM
transition_technologies -- the_scheduler The Transition Technologies "The Scheduler" app 5.1.3 for Jira allows XXE due to a weakly configured/parameterized XML parser. It was fixed in the versions 5.2.1 and 3.3.7 2019-08-07 not yet calculated CVE-2018-14383
MISC
MISC
trezor -- trezor_one_devices On Trezor One devices before 1.8.2, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might be able to leverage this behavior to recover confidential secrets such as the PIN and BIP39 mnemonic. In other words, the side channel is relevant only if the attacker has enough control over the device's USB connection to make power-consumption measurements at a time when secret data is displayed. The side channel is not relevant in other circumstances, such as a stolen device that is not currently displaying secret data. NOTE: this CVE applies exclusively to the Trezor One, and does not refer to any issues with OLED displays on other devices. 2019-08-08 not yet calculated CVE-2019-14353
MISC
uipath -- orchestrator UiPath Orchestrator before 2018.3.4 allows CSV Injection, related to the Audit export, Robot log export, and Transaction log export features. 2019-08-08 not yet calculated CVE-2018-19855
MISC
MISC
una -- una studio/polyglot.php?page=etemplates in UNA 10.0.0-RC1 allows XSS via the System Name field under Emails during template editing. 2019-08-09 not yet calculated CVE-2019-14804
MISC
MISC
una -- una studio/builder_menu.php?page=sets in UNA 10.0.0-RC1 allows XSS via the System Name field under Sets during set editing. 2019-08-09 not yet calculated CVE-2019-14805
MISC
MISC
verdaccio -- verdaccio verdaccio before 3.12.0 allows XSS. 2019-08-08 not yet calculated CVE-2019-14772
MISC
wind_river -- vxworks Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option. 2019-08-09 not yet calculated CVE-2019-12260
CONFIRM
CONFIRM
CONFIRM
MISC
MISC
CONFIRM
wind_river -- vxworks Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client component. There is an IPNET security vulnerability: IGMP Information leak via IGMPv3 specific membership report. 2019-08-09 not yet calculated CVE-2019-12265
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
CONFIRM
wind_river -- vxworks Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition. 2019-08-09 not yet calculated CVE-2019-12263
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
CONFIRM
wind_river -- vxworks Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host. 2019-08-09 not yet calculated CVE-2019-12261
CONFIRM
CONFIRM
CONFIRM
MISC
MISC
CONFIRM
wind_river -- vxworks Wind River VxWorks 6.5 through 6.9.3 has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow. Affected versions: 6.6, 6.7, 6.8, 6.9 2019-08-09 not yet calculated CVE-2019-12255
CONFIRM
CONFIRM
CONFIRM
MISC
MISC
CONFIRM
wind_river -- vxworks Wind River VxWorks 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing. 2019-08-09 not yet calculated CVE-2019-12259
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
CONFIRM
wind_river -- vxworks Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4 assignment by the ipdhcpc DHCP client component. 2019-08-05 not yet calculated CVE-2019-12264
MISC
CONFIRM
wind_river -- vxworks Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the DHCP client component. There is an IPNET security vulnerability: Heap overflow in DHCP Offer/ACK parsing inside ipdhcpc. 2019-08-09 not yet calculated CVE-2019-12257
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
CONFIRM
wind_river -- vxworks Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets? IP optionss. 2019-08-09 not yet calculated CVE-2019-12256
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
CONFIRM
wind_river -- vxworks Wind River VxWorks 6.5 through 6.9 and vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability: DoS of TCP connection via malformed TCP options. 2019-08-09 not yet calculated CVE-2019-12258
CONFIRM
CONFIRM
CONFIRM
MISC
MISC
CONFIRM
wordpress -- wordpress The woo-variation-swatches (aka Variation Swatches for WooCommerce) plugin 1.0.61 for WordPress allows XSS via the wp-admin/admin.php?page=woo-variation-swatches-settings tab parameter. 2019-08-08 not yet calculated CVE-2019-14774
MISC
wordpress -- wordpress The Lightbox Plus Colorbox plugin through 2.7.2 for WordPress has cross-site request forgery (CSRF) via wp-admin/admin.php?page=lightboxplus, as demonstrated by resultant width XSS. 2019-08-09 not yet calculated CVE-2016-10865
MISC
MISC
wordpress -- wordpress The 10Web Photo Gallery plugin before 1.5.25 for WordPress has Authenticated Local File Inclusion via directory traversal in the wp-admin/admin-ajax.php?action=shortcode_bwg tagtext parameter. 2019-08-09 not yet calculated CVE-2019-14798
MISC
MISC
wordpress -- wordpress The "CP Contact Form with PayPal" plugin before 1.2.99 for WordPress has XSS in the publishing wizard via the wp-admin/admin.php?page=cp_contact_form_paypal.php&pwizard=1 cp_contactformpp_id parameter. 2019-08-09 not yet calculated CVE-2019-14785
MISC
MISC
wordpress -- wordpress The Tribulant Newsletters plugin before 4.6.19 for WordPress allows XSS via the wp-admin/admin-ajax.php?action=newsletters_load_new_editor contentarea parameter. 2019-08-09 not yet calculated CVE-2019-14787
MISC
MISC
wordpress -- wordpress The Appointment Booking Calendar plugin 1.3.18 for WordPress allows XSS via the wp-admin/admin-post.php editionarea parameter. 2019-08-09 not yet calculated CVE-2019-14791
MISC
MISC
wordpress -- wordpress The WP Google Maps plugin before 7.11.35 for WordPress allows XSS via the wp-admin/ rectangle_name or rectangle_opacity parameter. 2019-08-09 not yet calculated CVE-2019-14792
MISC
MISC
wordpress -- wordpress The Meta Box plugin before 4.16.3 for WordPress allows file deletion via ajax, with the wp-admin/admin-ajax.php?action=rwmb_delete_file attachment_id parameter. 2019-08-09 not yet calculated CVE-2019-14793
MISC
MISC
wordpress -- wordpress The Meta Box plugin before 4.16.2 for WordPress mishandles the uploading of files to custom folders. 2019-08-09 not yet calculated CVE-2019-14794
MISC
wordpress -- wordpress The mq-woocommerce-products-price-bulk-edit (aka Woocommerce Products Price Bulk Edit) plugin 2.0 for WordPress allows XSS via the wp-admin/admin-ajax.php?action=update_options show_products_page_limit parameter. 2019-08-09 not yet calculated CVE-2019-14796
MISC
MISC
wordpress -- wordpress The 10Web Photo Gallery plugin before 1.5.23 for WordPress has authenticated stored XSS. 2019-08-09 not yet calculated CVE-2019-14797
MISC
wordpress -- wordpress The FV Flowplayer Video Player plugin before 7.3.14.727 for WordPress allows email subscription XSS. 2019-08-09 not yet calculated CVE-2019-14799
MISC
MISC
wordpress -- wordpress The FV Flowplayer Video Player plugin before 7.3.15.727 for WordPress allows email subscription SQL injection. 2019-08-09 not yet calculated CVE-2019-14801
MISC
wordpress -- wordpress admin/includes/class.actions.snippet.php in the "Woody ad snippets" plugin through 2.2.5 for WordPress allows wp-admin/admin-post.php?action=close&post= deletion. 2019-08-08 not yet calculated CVE-2019-14773
MISC
MISC
wordpress -- wordpress The codection "Import users from CSV with meta" plugin before 1.14.2.2 for WordPress allows wp-admin/admin-ajax.php?action=acui_delete_attachment CSRF. 2019-08-08 not yet calculated CVE-2019-14683
MISC
MISC
MISC
wordpress -- wordpress The acf-better-search (aka ACF: Better Search) plugin before 3.3.1 for WordPress allows wp-admin/options-general.php?page=acfbs_admin_page CSRF. 2019-08-08 not yet calculated CVE-2019-14682
MISC
MISC
wordpress -- wordpress The Deny All Firewall plugin before 1.1.7 for WordPress allows wp-admin/options-general.php?page=daf_settings&daf_remove=true CSRF. 2019-08-08 not yet calculated CVE-2019-14681
MISC
MISC
wordpress -- wordpress The admin-renamer-extended (aka Admin renamer extended) plugin 3.2.1 for WordPress allows wp-admin/plugins.php?page=admin-renamer-extended/admin.php CSRF. 2019-08-08 not yet calculated CVE-2019-14680
MISC
wordpress -- wordpress core/views/arprice_import_export.php in the ARPrice Lite plugin 2.2 for WordPress allows wp-admin/admin.php?page=arplite_import_export CSRF. 2019-08-08 not yet calculated CVE-2019-14679
MISC
MISC
yourls -- yourls YOURLS through 1.7.3 is affected by a type juggling vulnerability in the api component that can result in login bypass. 2019-08-07 not yet calculated CVE-2019-14537
MISC
MISC
MISC
MISC
MISC
zoho_manageengine -- assetexplorer Server Side Request Forgery (SSRF) exists in Zoho ManageEngine AssetExplorer version 6.2.0 for the AJaxServlet servlet via a parameter in a URL. 2019-08-08 not yet calculated CVE-2019-12994
MISC
zoho_manageengine -- assetexplorer Server Side Request Forgery (SSRF) exists in Zoho ManageEngine AssetExplorer 6.2.0 and before for the ClientUtilServlet servlet via a URL in a parameter. 2019-08-08 not yet calculated CVE-2019-12959
MISC
zoho_manageengine -- assetexplorer Zoho ManageEngine AssetExplorer 6.2.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing license XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. 2019-08-08 not yet calculated CVE-2019-14693
MISC
Back to top

This product is provided subject to this Notification and this Privacy & Use policy.