Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-5974 | 1 Contest-gallery | 1 Contest Gallery | 2019-07-15 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-site request forgery (CSRF) vulnerability in Contest Gallery versions prior to 10.4.5 allows remote attackers to hijack the authentication of administrators via unspecified vectors. | |||||
| CVE-2018-1252 | 1 Rsa | 1 Web Threat Detection | 2019-07-15 | 6.5 MEDIUM | 8.8 HIGH |
| RSA Web Threat Detection versions prior to 6.4, contain an SQL injection vulnerability in the Administration and Forensics applications. An authenticated malicious user with low privileges could potentially exploit this vulnerability to execute SQL commands on the back-end database to gain unauthorized access to the tool's monitoring and user information by supplying specially crafted input data to the affected application. | |||||
| CVE-2017-11579 | 1 Blipcare | 2 Wi-fi Blood Pressure Monitor, Wi-fi Blood Pressure Monitor Firmware | 2019-07-15 | 4.8 MEDIUM | 7.1 HIGH |
| In the most recent firmware for Blipcare, the device provides an open Wireless network called "Blip" for communicating with the device. The user connects to this open Wireless network and uses the web management interface of the device to provide the user's Wi-Fi credentials so that the device can connect to it and have Internet access. This device acts as a Wireless Blood pressure monitor and is used to measure blood pressure levels of a person. This allows an attacker who is in vicinity of Wireless signal generated by the Blipcare device to easily sniff the credentials. Also, an attacker can connect to the open wireless network "Blip" exposed by the device and modify the HTTP response presented to the user by the device to execute other attacks such as convincing the user to download and execute a malicious binary that would infect a user's computer or mobile device with malware. | |||||
| CVE-2018-20801 | 1 Highcharts | 1 Highcharts | 2019-07-15 | 5.0 MEDIUM | 7.5 HIGH |
| In js/parts/SvgRenderer.js in Highcharts JS before 6.1.0, the use of backtracking regular expressions permitted an attacker to conduct a denial of service attack against the SVGRenderer component, aka ReDoS. | |||||
| CVE-2019-4193 | 1 Ibm | 1 Jazz For Service Management | 2019-07-15 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Jazz for Service Management 1.1.3 and 1.1.3.2 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-force ID: 159032. | |||||
| CVE-2019-1010316 | 1 Pyxtrlock Project | 1 Pyxtrlock | 2019-07-14 | 4.6 MEDIUM | 7.8 HIGH |
| pyxtrlock 0.3 and earlier is affected by: Incorrect Access Control. The impact is: False locking impression when run in a non-X11 session. The fixed version is: 0.4. | |||||
| CVE-2019-11503 | 1 Canonical | 1 Snapd | 2019-07-13 | 5.0 MEDIUM | 7.5 HIGH |
| snap-confine as included in snapd before 2.39 did not guard against symlink races when performing the chdir() to the current working directory of the calling user, aka a "cwd restore permission bypass." | |||||
| CVE-2019-10912 | 1 Sensiolabs | 1 Symfony | 2019-07-12 | 6.5 MEDIUM | 7.1 HIGH |
| In Symfony before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, it is possible to cache objects that may contain bad user input. On serialization or unserialization, this could result in the deletion of files that the current user has access to. This is related to symfony/cache and symfony/phpunit-bridge. | |||||
| CVE-2019-13503 | 1 Cesanta | 1 Mongoose | 2019-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| mq_parse_http in mongoose.c in Mongoose 6.15 has a heap-based buffer over-read. | |||||
| CVE-2019-12466 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2019-07-11 | 6.8 MEDIUM | 8.8 HIGH |
| Wikimedia MediaWiki through 1.32.1 allows CSRF. | |||||
| CVE-2018-19576 | 1 Gitlab | 1 Gitlab | 2019-07-11 | 6.4 MEDIUM | 8.1 HIGH |
| GitLab CE/EE, versions 8.6 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an access control issue that allows a Guest user to make changes to or delete their own comments on an issue, after the issue was made Confidential. | |||||
| CVE-2018-19569 | 1 Gitlab | 1 Gitlab | 2019-07-11 | 6.5 MEDIUM | 8.8 HIGH |
| GitLab CE/EE, versions 8.8 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an authorization vulnerability that allows access to the web-UI as a user using a Personal Access Token of any scope. | |||||
| CVE-2018-14529 | 1 Invoxia | 2 Nvx220, Nvx220 Firmware | 2019-07-11 | 5.0 MEDIUM | 7.5 HIGH |
| Invoxia NVX220 devices allow access to /bin/sh via escape from a restricted CLI, leading to disclosure of password hashes. | |||||
| CVE-2018-19581 | 1 Gitlab | 1 Gitlab | 2019-07-11 | 5.0 MEDIUM | 7.5 HIGH |
| GitLab EE, versions 8.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, is vulnerable to an insecure object reference vulnerability that allows a Guest user to set the weight of an issue they create. | |||||
| CVE-2017-9326 | 1 Cloudera | 1 Cloudera Manager | 2019-07-11 | 3.5 LOW | 7.5 HIGH |
| The keystore password for the Spark History Server may be exposed in unsecured files under the /var/run/cloudera-scm-agent directory managed by Cloudera Manager. The keystore file itself is not exposed. | |||||
| CVE-2017-9325 | 1 Cloudera | 1 Cdh | 2019-07-11 | 6.4 MEDIUM | 7.5 HIGH |
| The provided secure solrconfig.xml sample configuration does not enforce Sentry authorization on /update/json/docs. | |||||
| CVE-2018-12628 | 1 Eventum Project | 1 Eventum | 2019-07-11 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in Eventum 3.5.0. CSRF in htdocs/manage/users.php allows creating another user with admin privileges. | |||||
| CVE-2016-10073 | 1 Vanillaforums | 1 Vanilla | 2019-07-11 | 5.0 MEDIUM | 7.5 HIGH |
| The from method in library/core/class.email.php in Vanilla Forums before 2.3.1 allows remote attackers to spoof the email domain in sent messages and potentially obtain sensitive information via a crafted HTTP Host header, as demonstrated by a password reset request. | |||||
| CVE-2017-8230 | 1 Amcrest | 2 Ipm-721s, Ipm-721s Firmware | 2019-07-11 | 4.0 MEDIUM | 8.8 HIGH |
| On Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices, the users on the device are divided into 2 groups "admin" and "user". However, as a part of security analysis it was identified that a low privileged user who belongs to the "user" group and who has access to login in to the web administrative interface of the device can add a new administrative user to the interface using HTTP APIs provided by the device and perform all the actions as an administrative user by using that account. If the firmware version V2.420.AC00.16.R 9/9/2016 is dissected using binwalk tool, one obtains a _user-x.squashfs.img.extracted archive which contains the filesystem set up on the device that many of the binaries in the /usr folder. The binary "sonia" is the one that has the vulnerable functions that performs the various action described in HTTP APIs. If one opens this binary in IDA-pro one will notice that this follows a ARM little endian format. The function at address 0x00429084 in IDA pro is the one that processes the HTTP API request for "addUser" action. If one traces the calls to this function, it can be clearly seen that the function sub_ 41F38C at address 0x0041F588 parses the call received from the browser and passes it to the "addUser" function without any authorization check. | |||||
| CVE-2017-8228 | 1 Amcrest | 2 Ipm-721s, Ipm-721s Firmware | 2019-07-11 | 6.8 MEDIUM | 8.8 HIGH |
| Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices mishandle reboots within the past two hours. Amcrest cloud services does not perform a thorough verification when allowing the user to add a new camera to the user's account to ensure that the user actually owns the camera other than knowing the serial number of the camera. This can allow an attacker who knows the serial number to easily add another user's camera to an attacker's cloud account and control it completely. This is possible in case of any camera that is currently not a part of an Amcrest cloud account or has been removed from the user's cloud account. Also, another requirement for a successful attack is that the user should have rebooted the camera in the last two hours. However, both of these conditions are very likely for new cameras that are sold over the Internet at many ecommerce websites or vendors that sell the Amcrest products. The successful attack results in an attacker being able to completely control the camera which includes being able to view and listen on what the camera can see, being able to change the motion detection settings and also be able to turn the camera off without the user being aware of it. Note: The same attack can be executed using the Amcrest Cloud mobile application. | |||||
| CVE-2018-14859 | 1 Odoo | 1 Odoo | 2019-07-10 | 5.5 MEDIUM | 8.1 HIGH |
| Incorrect access control in the password reset component in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier allows authenticated users to reset the password of other users by being the first party to use the secure token. | |||||
| CVE-2019-10717 | 1 Dotnetblogengine | 1 Blogengine.net | 2019-07-10 | 5.5 MEDIUM | 7.1 HIGH |
| BlogEngine.NET 3.3.7.0 allows /api/filemanager Directory Traversal via the path parameter. | |||||
| CVE-2016-5716 | 1 Puppet | 1 Puppet Enterprise | 2019-07-10 | 6.5 MEDIUM | 8.8 HIGH |
| The console in Puppet Enterprise 2015.x and 2016.x prior to 2016.4.0 includes unsafe string reads that potentially allows for remote code execution on the console node. | |||||
| CVE-2019-13125 | 1 Tencent | 1 Habomalhunter | 2019-07-10 | 6.8 MEDIUM | 7.8 HIGH |
| HaboMalHunter through 2.0.0.3 in Tencent Habo allows attackers to evade dynamic malware analysis via PIE compilation. | |||||
| CVE-2019-12851 | 1 Jetbrains | 1 Youtrack | 2019-07-10 | 6.8 MEDIUM | 8.8 HIGH |
| A CSRF vulnerability was detected in one of the admin endpoints of JetBrains YouTrack. The issue was fixed in YouTrack 2018.4.49852. | |||||
| CVE-2019-5961 | 1 Mastodon-tootdon | 1 Tootdon For Mastodon | 2019-07-10 | 5.8 MEDIUM | 7.4 HIGH |
| The Android App 'Tootdon for Mastodon' version 3.4.1 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2019-5964 | 1 Idoors | 1 Idoors Reader | 2019-07-10 | 5.8 MEDIUM | 8.8 HIGH |
| iDoors Reader 2.10.17 and earlier allows an attacker on the same network segment to bypass authentication to access the management console and operate the product via unspecified vectors. | |||||
| CVE-2018-11423 | 1 Moxa | 4 Oncell G3150-hspa, Oncell G3150-hspa-t, Oncell G3150-hspa-t Firmware and 1 more | 2019-07-10 | 7.8 HIGH | 7.5 HIGH |
| There is Memory corruption in the web interface Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior, different vulnerability than CVE-2018-11420. | |||||
| CVE-2018-11427 | 1 Moxa | 4 Oncell G3150-hspa, Oncell G3150-hspa-t, Oncell G3150-hspa-t Firmware and 1 more | 2019-07-10 | 6.8 MEDIUM | 8.8 HIGH |
| CSRF tokens are not used in the web application of Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior, which makes it possible to perform CSRF attacks on the device administrator. | |||||
| CVE-2019-13401 | 1 Fortinet | 2 Fcm-mb40, Fcm-mb40 Firmware | 2019-07-09 | 6.8 MEDIUM | 8.8 HIGH |
| Dynacolor FCM-MB40 v1.2.0.0 devices have CSRF in all scripts under cgi-bin/. | |||||
| CVE-2019-12841 | 1 Jetbrains | 1 Teamcity | 2019-07-09 | 5.0 MEDIUM | 7.5 HIGH |
| Incorrect handling of user input in ZIP extraction was detected in JetBrains TeamCity. The issue was fixed in TeamCity 2018.2.2. | |||||
| CVE-2019-13370 | 1 Ignitedcms Project | 1 Ignitedcms | 2019-07-09 | 6.8 MEDIUM | 8.8 HIGH |
| index.php/admin/permissions in Ignited CMS through 2017-02-19 allows CSRF to add an administrator. | |||||
| CVE-2019-13289 | 1 Glyphandcog | 1 Xpdfreader | 2019-07-09 | 6.8 MEDIUM | 7.8 HIGH |
| In Xpdf 4.01.01, there is a use-after-free vulnerability in the function JBIG2Stream::close() located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. | |||||
| CVE-2018-14733 | 1 Odoo | 1 Odoo | 2019-07-09 | 5.0 MEDIUM | 7.5 HIGH |
| The Odoo Community Association (OCA) dbfilter_from_header module makes Odoo 8.x, 9.x, 10.x, and 11.x vulnerable to ReDoS (regular expression denial of service) under certain circumstances. | |||||
| CVE-2019-2106 | 1 Google | 1 Android | 2019-07-09 | 9.3 HIGH | 8.8 HIGH |
| In ihevcd_sao_shift_ctb of ihevcd_sao.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-130023983. | |||||
| CVE-2019-2109 | 1 Google | 1 Android | 2019-07-09 | 9.3 HIGH | 8.8 HIGH |
| In MakeMPEG4VideoCodecSpecificData of AVIExtractor.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1. Android ID: A-130651570. | |||||
| CVE-2019-13183 | 1 Flarum | 1 Flarum | 2019-07-09 | 6.8 MEDIUM | 8.8 HIGH |
| Flarum before 0.1.0-beta.9 allows CSRF against all POST endpoints, as demonstrated by changing admin settings. | |||||
| CVE-2019-2116 | 1 Google | 1 Android | 2019-07-09 | 5.0 MEDIUM | 7.5 HIGH |
| In save_attr_seq of sdp_discovery.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-117105007. | |||||
| CVE-2019-5971 | 1 Sukimalab | 1 Attendance Manager | 2019-07-09 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-site request forgery (CSRF) vulnerability in Attendance Manager 0.5.6 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | |||||
| CVE-2019-5968 | 1 Weseek | 1 Growi | 2019-07-09 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-site request forgery (CSRF) vulnerability in GROWI v3.4.6 and earlier allows remote attackers to hijack the authentication of administrators via updating user's 'Basic Info'. | |||||
| CVE-2019-5984 | 1 Waspthemes | 1 Custom Css Pro | 2019-07-09 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-site request forgery (CSRF) vulnerability in Custom CSS Pro 1.0.3 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | |||||
| CVE-2019-5983 | 1 Fla-shop | 1 Html5 Maps | 2019-07-09 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-site request forgery (CSRF) vulnerability in HTML5 Maps 1.6.5.6 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | |||||
| CVE-2017-12977 | 1 10web | 1 Photo Gallery | 2019-07-08 | 6.5 MEDIUM | 7.2 HIGH |
| The Web-Dorado "Photo Gallery by WD - Responsive Photo Gallery" plugin before 1.3.51 for WordPress has a SQL injection vulnerability related to bwg_edit_tag() in photo-gallery.php and edit_tag() in admin/controllers/BWGControllerTags_bwg.php. It is exploitable by administrators via the tag_id parameter. | |||||
| CVE-2014-9312 | 1 10web | 1 Photo Gallery | 2019-07-08 | 6.5 MEDIUM | 8.8 HIGH |
| Unrestricted File Upload vulnerability in Photo Gallery 1.2.5. | |||||
| CVE-2018-20850 | 1 Stormshield | 1 Stormshield Network Security | 2019-07-08 | 7.2 HIGH | 8.2 HIGH |
| Stormshield Network Security 2.0.0 through 2.13.0 and 3.0.0 through 3.7.1 has self-XSS in the command line interface of the SNS web server. | |||||
| CVE-2019-5960 | 1 Custom4web | 1 Wp Open Graph | 2019-07-08 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-site request forgery (CSRF) vulnerability in WP Open Graph 1.6.1 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | |||||
| CVE-2019-12448 | 1 Gnome | 1 Gvfs | 2019-07-08 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c has race conditions because the admin backend doesn't implement query_info_on_read/write. | |||||
| CVE-2019-13028 | 1 Minv | 1 Electronic Identification Cards Client | 2019-07-05 | 6.8 MEDIUM | 8.8 HIGH |
| An incorrect implementation of a local web server in eID client (Windows version before 3.1.2, Linux version before 3.0.3) allows remote attackers to execute arbitrary code (.cgi, .pl, or .php) or delete arbitrary files via a crafted HTML page. This is a product from the Ministry of Interior of the Slovak Republic. | |||||
| CVE-2018-12250 | 1 Elitecms | 1 Elite Cms | 2019-07-05 | 6.5 MEDIUM | 7.2 HIGH |
| An issue was discovered in Elite CMS Pro 2.01. In /admin/add_sidebar.php, the ?page= parameter is vulnerable to SQL injection. | |||||
| CVE-2018-14863 | 1 Odoo | 1 Odoo | 2019-07-05 | 5.5 MEDIUM | 8.1 HIGH |
| Incorrect access control in the RPC framework in Odoo Community 8.0 through 11.0 and Odoo Enterprise 9.0 through 11.0 allows authenticated users to call private functions via RPC. | |||||