Search
Total
2662 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-9395 | 1 Google | 1 Android | 2019-09-30 | 5.0 MEDIUM | 7.5 HIGH |
| In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116267405 | |||||
| CVE-2019-9396 | 1 Google | 1 Android | 2019-09-30 | 5.0 MEDIUM | 7.5 HIGH |
| In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115747155 | |||||
| CVE-2019-9397 | 1 Google | 1 Android | 2019-09-30 | 5.0 MEDIUM | 7.5 HIGH |
| In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115747410 | |||||
| CVE-2019-9398 | 1 Google | 1 Android | 2019-09-30 | 5.0 MEDIUM | 7.5 HIGH |
| In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115745406 | |||||
| CVE-2019-9401 | 1 Google | 1 Android | 2019-09-30 | 5.0 MEDIUM | 7.5 HIGH |
| In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115375248 | |||||
| CVE-2019-9404 | 1 Google | 1 Android | 2019-09-30 | 5.0 MEDIUM | 7.5 HIGH |
| In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112923309 | |||||
| CVE-2015-9415 | 1 Angrycreative | 1 Bj Lazy Load | 2019-09-27 | 5.0 MEDIUM | 7.5 HIGH |
| The bj-lazy-load plugin before 1.0 for WordPress has Remote File Inclusion. | |||||
| CVE-2019-10937 | 1 Siemens | 2 Simatic Tdc Cp51m1, Simatic Tdc Cp51m1 Firmware | 2019-09-24 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability has been identified in SIMATIC TDC CP51M1 (All versions < V1.1.7). An attacker with network access to the device could cause a Denial-of-Service condition by sending a specially crafted UDP packet. The vulnerability affects the UDP communication of the device. The security vulnerability could be exploited without authentication. No user interaction is required to exploit this security vulnerability. Successful exploitation of the security vulnerability compromises availability of the targeted system. At the time of advisory publication no public exploitation of this security vulnerability was known. | |||||
| CVE-2019-16412 | 1 Tendacn | 2 N301, N301 Firmware | 2019-09-19 | 7.8 HIGH | 7.5 HIGH |
| In goform/setSysTools on Tenda N301 wireless routers, attackers can trigger a device crash via a zero wanMTU value. (Prohibition of this zero value is only enforced within the GUI.) | |||||
| CVE-2018-12565 | 2 Debian, Linaro | 2 Debian Linux, Lava | 2019-09-18 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in Linaro LAVA before 2018.5.post1. Because of use of yaml.load() instead of yaml.safe_load() when parsing user data, remote code execution can occur. | |||||
| CVE-2016-10991 | 1 Imdb-widget Project | 1 Imdb-widget | 2019-09-18 | 5.0 MEDIUM | 7.5 HIGH |
| The imdb-widget plugin before 1.0.9 for WordPress has Local File Inclusion. | |||||
| CVE-2016-10960 | 1 Joomlaserviceprovider | 1 Wsecure | 2019-09-17 | 6.5 MEDIUM | 8.8 HIGH |
| The wsecure plugin before 2.4 for WordPress has remote code execution via shell metacharacters in the wsecure-config.php publish parameter. | |||||
| CVE-2016-10956 | 1 Mail-masta Project | 1 Mail-masta | 2019-09-16 | 5.0 MEDIUM | 7.5 HIGH |
| The mail-masta plugin 1.0 for WordPress has local file inclusion in count_of_send.php and csvexport.php. | |||||
| CVE-2016-10948 | 1 Post Indexer Project | 1 Post Indexer | 2019-09-13 | 6.8 MEDIUM | 8.1 HIGH |
| The Post Indexer plugin before 3.0.6.2 for WordPress has incorrect handling of data passed to the unserialize function. | |||||
| CVE-2019-1302 | 1 Microsoft | 1 Asp.net Core | 2019-09-12 | 6.8 MEDIUM | 8.8 HIGH |
| An elevation of privilege vulnerability exists when a ASP.NET Core web application, created using vulnerable project templates, fails to properly sanitize web requests, aka 'ASP.NET Core Elevation Of Privilege Vulnerability'. | |||||
| CVE-2019-1264 | 1 Microsoft | 3 Office, Office 365 Proplus, Project | 2019-09-12 | 6.8 MEDIUM | 7.8 HIGH |
| A security feature bypass vulnerability exists when Microsoft Office improperly handles input, aka 'Microsoft Office Security Feature Bypass Vulnerability'. | |||||
| CVE-2019-1296 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2019-09-12 | 6.5 MEDIUM | 8.8 HIGH |
| A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1257, CVE-2019-1295. | |||||
| CVE-2019-1295 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2019-09-12 | 6.5 MEDIUM | 8.8 HIGH |
| A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1257, CVE-2019-1296. | |||||
| CVE-2019-1257 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2019-09-12 | 6.5 MEDIUM | 8.8 HIGH |
| A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1295, CVE-2019-1296. | |||||
| CVE-2019-15639 | 1 Digium | 1 Asterisk | 2019-09-10 | 5.0 MEDIUM | 7.5 HIGH |
| main/translate.c in Sangoma Asterisk 13.28.0 and 16.5.0 allows a remote attacker to send a specific RTP packet during a call and cause a crash in a specific scenario. | |||||
| CVE-2019-5611 | 1 Freebsd | 1 Freebsd | 2019-09-10 | 7.8 HIGH | 7.5 HIGH |
| In FreeBSD 12.0-STABLE before r350828, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r350829, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, a missing check in the function to arrange data in a chain of mbufs could cause data returned not to be contiguous. Extra checks in the IPv6 stack could catch the error condition and trigger a kernel panic, leading to a remote denial of service. | |||||
| CVE-2019-16141 | 1 Once Cell Project | 1 Once Cell | 2019-09-09 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the once_cell crate before 1.0.1 for Rust. There is a panic during initialization of Lazy. | |||||
| CVE-2019-13268 | 1 Tp-link | 4 Archer C2 V1, Archer C2 V1 Firmware, Archer C3200 V1 and 1 more | 2019-09-04 | 5.8 MEDIUM | 8.8 HIGH |
| TP-Link Archer C3200 V1 and Archer C2 V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. They forward ARP requests, which are sent as broadcast packets, between the host and the guest networks. To use this leakage as a direct covert channel, the sender can trivially issue an ARP request to an arbitrary computer on the network. (In general, some routers restrict ARP forwarding only to requests destined for the network's subnet mask, but these routers did not restrict this traffic in any way. Depending on this factor, one must use either the lower 8 bits of the IP address, or the entire 32 bits, as the data payload.) | |||||
| CVE-2019-13269 | 1 Edimax | 2 Br-6208ac V1, Br-6208ac V1 Firmware | 2019-09-04 | 5.8 MEDIUM | 8.8 HIGH |
| Edimax BR-6208AC V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. A DHCP Request is sent to the router with a certain Transaction ID field. Following the DHCP protocol, the router responds with an ACK or NAK message. Studying the NAK case revealed that the router erroneously sends the NAK to both Host and Guest networks with the same Transaction ID as found in the DHCP Request. This allows encoding of data to be sent cross-router into the 32-bit Transaction ID field. | |||||
| CVE-2019-13270 | 1 Edimax | 2 Br-6208ac V1, Br-6208ac V1 Firmware | 2019-09-04 | 5.8 MEDIUM | 8.8 HIGH |
| Edimax BR-6208AC V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. In order to transfer data from the host network to the guest network, the sender joins and then leaves an IGMP group. After it leaves, the router (following the IGMP protocol) creates an IGMP Membership Query packet with the Group IP and sends it to both the Host and the Guest networks. The data is transferred within the Group IP field, which is completely controlled by the sender. | |||||
| CVE-2019-15640 | 1 Limesurvey | 1 Limesurvey | 2019-09-03 | 5.0 MEDIUM | 7.5 HIGH |
| Limesurvey before 3.17.10 does not validate both the MIME type and file extension of an image. | |||||
| CVE-2019-1936 | 1 Cisco | 3 Integrated Management Controller Supervisor, Ucs Director, Ucs Director Express For Big Data | 2019-08-30 | 9.0 HIGH | 7.2 HIGH |
| A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an authenticated, remote attacker to execute arbitrary commands on the underlying Linux shell as the root user. Exploitation of this vulnerability requires privileged access to an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by logging in to the web-based management interface with administrator privileges and then sending a malicious request to a certain part of the interface. | |||||
| CVE-2017-18589 | 1 Cookie Project | 1 Cookie | 2019-08-30 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the cookie crate before 0.7.6 for Rust. Large integers in the Max-Age of a cookie cause a panic. | |||||
| CVE-2015-9348 | 1 Codepeople | 1 Sell Downloads | 2019-08-29 | 5.0 MEDIUM | 7.5 HIGH |
| The sell-downloads plugin before 1.0.8 for WordPress has insufficient restrictions on brute-force guessing of purchase IDs. | |||||
| CVE-2015-9345 | 1 Petersplugins | 1 Link Log | 2019-08-28 | 5.0 MEDIUM | 7.5 HIGH |
| The link-log plugin before 2.0 for WordPress has HTTP Response Splitting. | |||||
| CVE-2019-15324 | 1 Ad Inserter Project | 1 Ad Inserter | 2019-08-26 | 6.5 MEDIUM | 8.8 HIGH |
| The ad-inserter plugin before 2.4.22 for WordPress has remote code execution. | |||||
| CVE-2018-20980 | 1 Ninjaforms | 1 Ninja Forms | 2019-08-26 | 5.0 MEDIUM | 7.5 HIGH |
| The ninja-forms plugin before 3.2.15 for WordPress has parameter tampering. | |||||
| CVE-2016-0785 | 1 Apache | 1 Struts | 2019-08-23 | 9.0 HIGH | 8.8 HIGH |
| Apache Struts 2.x before 2.3.28 allows remote attackers to execute arbitrary code via a "%{}" sequence in a tag attribute, aka forced double OGNL evaluation. | |||||
| CVE-2017-18545 | 1 Invite Anyone Project | 1 Invite Anyone | 2019-08-21 | 5.0 MEDIUM | 7.5 HIGH |
| The invite-anyone plugin before 1.3.16 for WordPress has incorrect escaping of untrusted Dashboard and front-end input. | |||||
| CVE-2019-0720 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2019-08-20 | 7.7 HIGH | 8.4 HIGH |
| A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V Remote Code Execution Vulnerability'. | |||||
| CVE-2019-0965 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2019-08-19 | 7.7 HIGH | 8.4 HIGH |
| A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'. | |||||
| CVE-2018-18347 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Linux Desktop and 2 more | 2019-08-17 | 6.8 MEDIUM | 8.8 HIGH |
| Incorrect handling of failed navigations with invalid URLs in Navigation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to trick a user into executing javascript in an arbitrary origin via a crafted HTML page. | |||||
| CVE-2018-18354 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2019-08-17 | 6.8 MEDIUM | 8.8 HIGH |
| Insufficient validate of external protocols in Shell Integration in Google Chrome on Windows prior to 71.0.3578.80 allowed a remote attacker to launch external programs via a crafted HTML page. | |||||
| CVE-2019-14474 | 1 Eq-3 | 2 Ccu3, Ccu3 Firmware | 2019-08-16 | 5.0 MEDIUM | 7.5 HIGH |
| eQ-3 Homematic CCU3 3.47.15 and prior has Improper Input Validation in function 'Call()' of ReGa core logic process, resulting in the ability to start a Denial of Service. Due to Improper Authorization an attacker can obtain a session ID from CVE-2019-9583 or a valid guest/user/admin account can start this attack too. | |||||
| CVE-2019-11716 | 1 Mozilla | 1 Firefox | 2019-08-15 | 7.5 HIGH | 8.3 HIGH |
| Until explicitly accessed by script, window.globalThis is not enumerable and, as a result, is not visible to code such as Object.getOwnPropertyNames(window). Sites that deploy a sandboxing that depends on enumerating and freezing access to the window object may miss this, allowing their sandboxes to be bypassed. This vulnerability affects Firefox < 68. | |||||
| CVE-2016-10814 | 1 Cpanel | 1 Cpanel | 2019-08-13 | 6.5 MEDIUM | 8.8 HIGH |
| cPanel before 57.9999.54 allows demo-mode escape via show_template.stor (SEC-119). | |||||
| CVE-2017-18431 | 1 Cpanel | 1 Cpanel | 2019-08-13 | 5.0 MEDIUM | 7.5 HIGH |
| cPanel before 66.0.1 does not reliably perform suspend/unsuspend operations on accounts (CPANEL-13941). | |||||
| CVE-2017-9793 | 1 Apache | 1 Struts | 2019-08-12 | 5.0 MEDIUM | 7.5 HIGH |
| The REST Plugin in Apache Struts 2.1.x, 2.3.7 through 2.3.33 and 2.5 through 2.5.12 is using an outdated XStream library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted XML payload. | |||||
| CVE-2016-10793 | 1 Cpanel | 1 Cpanel | 2019-08-12 | 6.5 MEDIUM | 8.8 HIGH |
| cPanel before 59.9999.145 allows arbitrary code execution due to an incorrect #! in Mail::SPF scripts (SEC-152). | |||||
| CVE-2016-10800 | 1 Cpanel | 1 Cpanel | 2019-08-12 | 6.8 MEDIUM | 7.8 HIGH |
| cPanel before 58.0.4 allows demo-mode escape via Site Templates and Boxtrapper API calls (SEC-138). | |||||
| CVE-2016-10808 | 1 Cpanel | 1 Cpanel | 2019-08-12 | 9.0 HIGH | 8.8 HIGH |
| In cPanel before 57.9999.54, /scripts/addpop and /scripts/delpop exposed TTYs (SEC-113). | |||||
| CVE-2016-10812 | 1 Cpanel | 1 Cpanel | 2019-08-12 | 9.0 HIGH | 8.8 HIGH |
| In cPanel before 57.9999.54, /scripts/enablefileprotect exposed TTYs (SEC-117). | |||||
| CVE-2017-18475 | 1 Cpanel | 1 Cpanel | 2019-08-12 | 6.5 MEDIUM | 8.8 HIGH |
| In cPanel before 62.0.4, Exim piped filters ran in the context of an incorrect user account when delivering to a system user (SEC-204). | |||||
| CVE-2017-18415 | 1 Cpanel | 1 Cpanel | 2019-08-12 | 4.6 MEDIUM | 7.8 HIGH |
| cPanel before 67.9999.103 allows code execution in the context of the mailman account because of incorrect environment-variable filtering (SEC-302). | |||||
| CVE-2007-6763 | 1 Sas | 1 Sas Drug Development | 2019-08-12 | 6.5 MEDIUM | 8.8 HIGH |
| SAS Drug Development (SDD) before 32DRG02 mishandles logout actions, which allows a user (who was previously logged in) to access resources by pressing a back or forward button in a web browser. | |||||