Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-4977 | 1 Pivotal | 1 Spring Security Oauth | 2019-10-16 | 6.5 MEDIUM | 8.8 HIGH |
| When processing authorization requests using the whitelabel views in Spring Security OAuth 2.0.0 to 2.0.9 and 1.0.0 to 1.0.5, the response_type parameter value was executed as Spring SpEL which enabled a malicious user to trigger remote code execution via the crafting of the value for response_type. | |||||
| CVE-2016-10906 | 1 Linux | 1 Linux Kernel | 2019-10-15 | 4.4 MEDIUM | 7.0 HIGH |
| An issue was discovered in drivers/net/ethernet/arc/emac_main.c in the Linux kernel before 4.5. A use-after-free is caused by a race condition between the functions arc_emac_tx and arc_emac_tx_clean. | |||||
| CVE-2019-17507 | 1 Dlink | 2 Dir-816 A1, Dir-816 A1 Firmware | 2019-10-15 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on D-Link DIR-816 A1 1.06 devices. An attacker could access management pages of the router via a client that ignores the 'top.location.href = "/dir_login.asp"' line in a .asp file. This provides access to d_status.asp, version.asp, d_dhcptbl.asp, and d_acl.asp. | |||||
| CVE-2015-9463 | 1 S3bubble | 1 S3bubble-amazon-s3-audio-streaming | 2019-10-15 | 5.0 MEDIUM | 7.5 HIGH |
| The s3bubble-amazon-s3-audio-streaming plugin 2.0 for WordPress has directory traversal via the adverts/assets/plugins/ultimate/content/downloader.php path parameter. | |||||
| CVE-2015-9465 | 1 Yet Another Stars Rating Project | 1 Yet Another Stars Rating | 2019-10-15 | 6.5 MEDIUM | 8.8 HIGH |
| The yet-another-stars-rating plugin before 0.9.1 for WordPress has yasr_get_multi_set_values_and_field SQL injection via the set_id parameter. | |||||
| CVE-2015-9464 | 1 S3bubble | 1 S3bubble-amazon-s3-html-5-video-with-adverts | 2019-10-15 | 5.0 MEDIUM | 7.5 HIGH |
| The s3bubble-amazon-s3-html-5-video-with-adverts plugin 0.7 for WordPress has directory traversal via the adverts/assets/plugins/ultimate/content/downloader.php path parameter. | |||||
| CVE-2015-9473 | 1 Estrutura-basica Project | 1 Estrutura-basica | 2019-10-15 | 5.0 MEDIUM | 7.5 HIGH |
| The estrutura-basica theme through 2015-09-13 for WordPress has directory traversal via the scripts/download.php arquivo parameter. | |||||
| CVE-2015-9476 | 1 Teardrop Project | 1 Teardrop | 2019-10-15 | 6.5 MEDIUM | 8.8 HIGH |
| The Teardrop theme 1.8.1 for WordPress has insufficient restrictions on option updates. | |||||
| CVE-2015-9477 | 1 Vernissage Project | 1 Vernissage | 2019-10-15 | 6.5 MEDIUM | 8.8 HIGH |
| The Vernissage theme 1.2.8 for WordPress has insufficient restrictions on option updates. | |||||
| CVE-2018-16202 | 1 Ionicframework | 1 Ionic Web View | 2019-10-15 | 5.0 MEDIUM | 8.6 HIGH |
| Directory traversal vulnerability in cordova-plugin-ionic-webview versions prior to 2.2.0 (not including 2.0.0-beta.0, 2.0.0-beta.1, 2.0.0-beta.2, and 2.1.0-0) allows remote attackers to access arbitrary files via unspecified vectors. | |||||
| CVE-2015-9480 | 1 Robot-cpa | 1 Robotcpa | 2019-10-15 | 5.0 MEDIUM | 7.5 HIGH |
| The RobotCPA plugin 5 for WordPress has directory traversal via the f.php l parameter. | |||||
| CVE-2019-11527 | 1 Softing | 2 Uagate Si, Uagate Si Firmware | 2019-10-15 | 9.0 HIGH | 8.8 HIGH |
| An issue was discovered in Softing uaGate SI 1.60.01. A CGI script is vulnerable to command injection with a maliciously crafted url parameter. | |||||
| CVE-2019-17352 | 1 Jfinal | 1 Jfinal | 2019-10-15 | 5.0 MEDIUM | 7.5 HIGH |
| In JFinal cos before 2019-08-13, as used in JFinal 4.4, there is a vulnerability that can bypass the isSafeFile() function: one can upload any type of file. For example, a .jsp file may be stored and almost immediately deleted, but this deletion step does not occur for certain exceptions. | |||||
| CVE-2019-11077 | 1 Fastadmin | 1 Fastadmin | 2019-10-15 | 6.8 MEDIUM | 8.8 HIGH |
| FastAdmin V1.0.0.20190111_beta has a CSRF vulnerability to add a new admin user via the admin/auth/admin/add?dialog=1 URI. | |||||
| CVE-2019-13529 | 1 Sma | 2 Sunny Webbox, Sunny Webbox Firmware | 2019-10-15 | 6.8 MEDIUM | 8.8 HIGH |
| An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions with the permissions of the user on the Sunny WebBox Firmware Version 1.6 and prior. This device uses IP addresses to maintain communication after a successful login, which would increase the ease of exploitation. | |||||
| CVE-2018-21023 | 1 Centreon | 1 Centreon Web | 2019-10-15 | 6.5 MEDIUM | 8.8 HIGH |
| getStats.php in Centreon Web before 2.8.28 allows authenticated attackers to execute arbitrary code via the ns_id parameter. | |||||
| CVE-2015-9460 | 1 Pinpoint | 1 Pinpoint Booking System | 2019-10-15 | 6.5 MEDIUM | 8.8 HIGH |
| The booking-system plugin before 2.1 for WordPress has DOPBSPBackEndTranslation::display SQL injection via the language parameter. | |||||
| CVE-2019-17386 | 1 Eleopard | 1 Animate It\! | 2019-10-15 | 6.8 MEDIUM | 8.8 HIGH |
| The animate-it plugin before 2.3.6 for WordPress has CSRF in edsanimate.php. | |||||
| CVE-2015-9462 | 1 Awesome Filterable Portfolio Project | 1 Awesome Filterable Portfolio | 2019-10-15 | 6.5 MEDIUM | 7.2 HIGH |
| The awesome-filterable-portfolio plugin before 1.9 for WordPress has afp_get_new_category_page SQL injection via the cat_id parameter. | |||||
| CVE-2016-10874 | 1 Wpseeds | 1 Wp Database Backup | 2019-10-12 | 6.8 MEDIUM | 8.8 HIGH |
| The wp-database-backup plugin before 4.3.3 for WordPress has CSRF. | |||||
| CVE-2018-9009 | 2 Debian, Libming | 2 Debian Linux, Libming | 2019-10-12 | 6.8 MEDIUM | 8.8 HIGH |
| In libming 0.4.8, there is a use-after-free in the decompileJUMP function of the decompile.c file. | |||||
| CVE-2018-16300 | 1 Tcpdump | 1 Tcpdump | 2019-10-11 | 5.0 MEDIUM | 7.5 HIGH |
| The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion. | |||||
| CVE-2018-16452 | 1 Tcpdump | 1 Tcpdump | 2019-10-11 | 5.0 MEDIUM | 7.5 HIGH |
| The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion. | |||||
| CVE-2019-1060 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2019-10-11 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'. | |||||
| CVE-2019-17431 | 1 Fastadmin | 1 Fastadmin | 2019-10-11 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in fastadmin 1.0.0.20190705_beta. There is a public/index.php/admin/auth/admin/add CSRF vulnerability. | |||||
| CVE-2019-17128 | 1 Netreo | 1 Omnicenter | 2019-10-11 | 5.0 MEDIUM | 7.5 HIGH |
| Netreo OmniCenter through 12.1.1 allows unauthenticated SQL Injection (Boolean Based Blind) in the redirect parameters and parameter name of the login page through a GET request. The injection allows an attacker to read sensitive information from the database used by the application. | |||||
| CVE-2019-17187 | 1 Fiberhome | 2 Hg2201t, Hg2201t Firmware | 2019-10-11 | 5.0 MEDIUM | 7.5 HIGH |
| /var/WEB-GUI/cgi-bin/downloadfile.cgi on FiberHome HG2201T 1.00.M5007_JS_201804 devices allows pre-authentication Directory Traversal for reading arbitrary files. | |||||
| CVE-2019-3745 | 1 Dell | 2 Encryption, Endpoint Security Suite Enterprise | 2019-10-11 | 6.9 MEDIUM | 7.3 HIGH |
| The vulnerability is limited to the installers of Dell Encryption Enterprise versions prior to 10.4.0 and Dell Endpoint Security Suite Enterprise versions prior to 2.4.0. This issue is exploitable only during the installation of the product by an administrator. A local authenticated low privileged user potentially could exploit this vulnerability by staging a malicious DLL in the search path of the installer prior to its execution by a local administrator. This would cause loading of the malicious DLL, which would allow the attacker to execute arbitrary code in the context of an administrator. | |||||
| CVE-2019-17104 | 1 Centreon | 1 Centreon Vm | 2019-10-11 | 5.0 MEDIUM | 7.5 HIGH |
| In Centreon VM through 19.04.3, the cookie configuration within the Apache HTTP Server does not protect against theft because the HTTPOnly flag is not set. | |||||
| CVE-2018-21020 | 1 Centreon | 1 Centreon Web | 2019-10-11 | 5.0 MEDIUM | 7.5 HIGH |
| In very rare cases, a PHP type juggling vulnerability in centreonAuth.class.php in Centreon Web before 2.8.27 allows attackers to bypass authentication mechanisms in place. | |||||
| CVE-2019-13051 | 1 Pi-hole | 1 Pi-hole | 2019-10-11 | 6.8 MEDIUM | 8.8 HIGH |
| Pi-Hole 4.3 allows Command Injection. | |||||
| CVE-2015-9461 | 1 Brinidesigner | 1 Awesome Filterable Portfolio | 2019-10-11 | 6.5 MEDIUM | 7.2 HIGH |
| The awesome-filterable-portfolio plugin before 1.9 for WordPress has afp_get_new_portfolio_item_page SQL injection via the item_id parameter. | |||||
| CVE-2015-9458 | 1 Seo Searchterms Tagging 2 Project | 1 Seo Searchterms Tagging 2 | 2019-10-11 | 6.5 MEDIUM | 7.2 HIGH |
| The searchterms-tagging-2 plugin through 1.535 for WordPress has SQL injection via the pk_stt2_db_get_popular_terms count parameter exploitable via CSRF. | |||||
| CVE-2018-14003 | 1 Wmctoken Project | 1 Wmctoken | 2019-10-11 | 5.0 MEDIUM | 7.5 HIGH |
| An integer overflow vulnerability exists in the function batchTransfer of WeMediaChain (WMC), an Ethereum token smart contract. An attacker could use it to set any user's balance. | |||||
| CVE-2019-6776 | 2 Foxitsoftware, Microsoft | 3 Phantompdf, Reader, Windows | 2019-10-11 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the removeField method when processing watermarks within AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-8801. | |||||
| CVE-2019-13317 | 2 Foxitsoftware, Microsoft | 3 Phantompdf, Reader, Windows | 2019-10-11 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Calculate actions. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8759. | |||||
| CVE-2019-4558 | 1 Ibm | 1 Spectrum Scale | 2019-10-11 | 7.2 HIGH | 7.8 HIGH |
| A security vulnerability has been identified in all levels of IBM Spectrum Scale V5.0.0.0 through V5.0.3.2 and IBM Spectrum Scale V4.2.0.0 through V4.2.3.17 that could allow a local attacker to obtain root privilege by injecting parameters into setuid files. | |||||
| CVE-2019-17375 | 1 Cpanel | 1 Cpanel | 2019-10-11 | 6.5 MEDIUM | 8.8 HIGH |
| cPanel before 82.0.15 allows API token credentials to persist after an account has been renamed or terminated (SEC-517). | |||||
| CVE-2019-1317 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2019-10-11 | 5.6 MEDIUM | 7.3 HIGH |
| A denial of service vulnerability exists when Windows improperly handles hard links, aka 'Microsoft Windows Denial of Service Vulnerability'. | |||||
| CVE-2017-18595 | 1 Linux | 1 Linux Kernel | 2019-10-11 | 7.2 HIGH | 7.8 HIGH |
| An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c. | |||||
| CVE-2015-9454 | 1 Slidervilla | 1 Smooth Slider | 2019-10-10 | 6.5 MEDIUM | 8.8 HIGH |
| The smooth-slider plugin before 2.7 for WordPress has SQL Injection via the wp-admin/admin.php?page=smooth-slider-admin current_slider_id parameter. | |||||
| CVE-2015-9455 | 1 Incsub | 1 Buddypress-activity-plus | 2019-10-10 | 7.8 HIGH | 8.1 HIGH |
| The buddypress-activity-plus plugin before 1.6.2 for WordPress has CSRF with resultant directory traversal via the wp-admin/admin-ajax.php bpfb_photos[] parameter in a bpfb_remove_temp_images action. | |||||
| CVE-2019-16891 | 1 Liferay | 1 Liferay Portal | 2019-10-10 | 6.5 MEDIUM | 8.8 HIGH |
| Liferay Portal CE 6.2.5 allows remote command execution because of deserialization of a JSON payload. | |||||
| CVE-2019-3834 | 1 Redhat | 1 Jboss Operations Network | 2019-10-10 | 6.8 MEDIUM | 7.3 HIGH |
| It was found that the fix for CVE-2014-0114 had been reverted in JBoss Operations Network 3 (JON). This flaw allows attackers to manipulate ClassLoader properties on a vulnerable server. Exploits that have been published rely on ClassLoader properties that are exposed such as those in JON 3. Additional information can be found in the Red Hat Knowledgebase article: https://access.redhat.com/site/solutions/869353. Note that while multiple products released patches for the original CVE-2014-0114 flaw, the reversion described by this CVE-2019-3834 flaw only occurred in JON 3. | |||||
| CVE-2019-11655 | 1 Hp | 1 Arcsight Logger | 2019-10-10 | 6.5 MEDIUM | 8.8 HIGH |
| Unrestricted file upload vulnerability in Micro Focus ArcSight Logger, version 6.7.0 and later. This vulnerability could allow Unrestricted Upload of File with Dangerous type. | |||||
| CVE-2019-17217 | 1 Vzug | 2 Combi-stream Mslq, Combi-stream Mslq Firmware | 2019-10-10 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05. There is no CSRF protection established on the web service. | |||||
| CVE-2019-17188 | 1 Fecmall | 1 Fecmall | 2019-10-10 | 6.5 MEDIUM | 7.2 HIGH |
| An unrestricted file upload vulnerability was discovered in catalog/productinfo/imageupload in Fecshop FecMall 2.3.4. An attacker can bypass a front-end restriction and upload PHP code to the webserver, by providing image data and the image/jpeg content type, with a .php extension. This occurs because the code relies on the getimagesize function. | |||||
| CVE-2019-17199 | 2 Microsoft, Webpagetest | 2 Windows, Webpagetest | 2019-10-10 | 5.0 MEDIUM | 7.5 HIGH |
| www/getfile.php in WPO WebPageTest 19.04 on Windows allows Directory Traversal (for reading arbitrary files) because of an unanchored regular expression, as demonstrated by the a.jpg\.. substring. | |||||
| CVE-2019-12706 | 1 Cisco | 1 Email Security Appliance Firmware | 2019-10-10 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in the Sender Policy Framework (SPF) functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the configured user filters on an affected device. The vulnerability exists because the affected software insufficiently validates certain incoming SPF messages. An attacker could exploit this vulnerability by sending a custom SPF packet to an affected device. A successful exploit could allow the attacker to bypass the configured header filters, which could allow malicious content to pass through the device. | |||||
| CVE-2019-12689 | 1 Cisco | 1 Firepower Management Center | 2019-10-10 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system of an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending malicious commands to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device. | |||||