Search
Total
9231 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-1295 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2019-09-12 | 6.5 MEDIUM | 8.8 HIGH |
| A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1257, CVE-2019-1296. | |||||
| CVE-2019-1257 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2019-09-12 | 6.5 MEDIUM | 8.8 HIGH |
| A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1295, CVE-2019-1296. | |||||
| CVE-2018-20551 | 2 Canonical, Freedesktop | 2 Ubuntu Linux, Poppler | 2019-09-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| A reachable Object::getString assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to construction of invalid rich media annotation assets in the AnnotRichMedia class in Annot.c. | |||||
| CVE-2019-15639 | 1 Digium | 1 Asterisk | 2019-09-10 | 5.0 MEDIUM | 7.5 HIGH |
| main/translate.c in Sangoma Asterisk 13.28.0 and 16.5.0 allows a remote attacker to send a specific RTP packet during a call and cause a crash in a specific scenario. | |||||
| CVE-2019-5611 | 1 Freebsd | 1 Freebsd | 2019-09-10 | 7.8 HIGH | 7.5 HIGH |
| In FreeBSD 12.0-STABLE before r350828, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r350829, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, a missing check in the function to arrange data in a chain of mbufs could cause data returned not to be contiguous. Extra checks in the IPv6 stack could catch the error condition and trigger a kernel panic, leading to a remote denial of service. | |||||
| CVE-2019-16141 | 1 Once Cell Project | 1 Once Cell | 2019-09-09 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the once_cell crate before 1.0.1 for Rust. There is a panic during initialization of Lazy. | |||||
| CVE-2019-16142 | 1 Renderdocs-rs Project | 1 Renderdocs-rs | 2019-09-09 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the renderdoc crate before 0.5.0 for Rust. Multiple exposed methods take self by immutable reference, which is incompatible with a multi-threaded application. | |||||
| CVE-2019-12588 | 1 Espressif | 2 Arduino Esp8266, Esp8266 Nonos Sdk | 2019-09-09 | 3.3 LOW | 6.5 MEDIUM |
| The client 802.11 mac implementation in Espressif ESP8266_NONOS_SDK 2.2.0 through 3.1.0 does not validate correctly the RSN AuthKey suite list count in beacon frames, probe responses, and association responses, which allows attackers in radio range to cause a denial of service (crash) via a crafted message. | |||||
| CVE-2019-13268 | 1 Tp-link | 4 Archer C2 V1, Archer C2 V1 Firmware, Archer C3200 V1 and 1 more | 2019-09-04 | 5.8 MEDIUM | 8.8 HIGH |
| TP-Link Archer C3200 V1 and Archer C2 V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. They forward ARP requests, which are sent as broadcast packets, between the host and the guest networks. To use this leakage as a direct covert channel, the sender can trivially issue an ARP request to an arbitrary computer on the network. (In general, some routers restrict ARP forwarding only to requests destined for the network's subnet mask, but these routers did not restrict this traffic in any way. Depending on this factor, one must use either the lower 8 bits of the IP address, or the entire 32 bits, as the data payload.) | |||||
| CVE-2019-13269 | 1 Edimax | 2 Br-6208ac V1, Br-6208ac V1 Firmware | 2019-09-04 | 5.8 MEDIUM | 8.8 HIGH |
| Edimax BR-6208AC V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. A DHCP Request is sent to the router with a certain Transaction ID field. Following the DHCP protocol, the router responds with an ACK or NAK message. Studying the NAK case revealed that the router erroneously sends the NAK to both Host and Guest networks with the same Transaction ID as found in the DHCP Request. This allows encoding of data to be sent cross-router into the 32-bit Transaction ID field. | |||||
| CVE-2019-13270 | 1 Edimax | 2 Br-6208ac V1, Br-6208ac V1 Firmware | 2019-09-04 | 5.8 MEDIUM | 8.8 HIGH |
| Edimax BR-6208AC V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. In order to transfer data from the host network to the guest network, the sender joins and then leaves an IGMP group. After it leaves, the router (following the IGMP protocol) creates an IGMP Membership Query packet with the Group IP and sends it to both the Host and the Guest networks. The data is transferred within the Group IP field, which is completely controlled by the sender. | |||||
| CVE-2019-15640 | 1 Limesurvey | 1 Limesurvey | 2019-09-03 | 5.0 MEDIUM | 7.5 HIGH |
| Limesurvey before 3.17.10 does not validate both the MIME type and file extension of an image. | |||||
| CVE-2019-9850 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2019-09-03 | 7.5 HIGH | 9.8 CRITICAL |
| LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from script event handers. However an insufficient url validation vulnerability in LibreOffice allowed malicious to bypass that protection and again trigger calling LibreLogo from script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6. | |||||
| CVE-2019-9851 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2019-09-03 | 7.5 HIGH | 9.8 CRITICAL |
| LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers, e.g. mouse over. However LibreOffice also has a separate feature where documents can specify that pre-installed scripts can be executed on various global script events such as document-open, etc. In the fixed versions, global script event handlers are validated equivalently to document script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6. | |||||
| CVE-2019-1936 | 1 Cisco | 3 Integrated Management Controller Supervisor, Ucs Director, Ucs Director Express For Big Data | 2019-08-30 | 9.0 HIGH | 7.2 HIGH |
| A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an authenticated, remote attacker to execute arbitrary commands on the underlying Linux shell as the root user. Exploitation of this vulnerability requires privileged access to an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by logging in to the web-based management interface with administrator privileges and then sending a malicious request to a certain part of the interface. | |||||
| CVE-2017-3142 | 3 Debian, Isc, Redhat | 8 Debian Linux, Bind, Enterprise Linux Desktop and 5 more | 2019-08-30 | 4.3 MEDIUM | 3.7 LOW |
| An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection with no other ACL protection could be manipulated into: providing an AXFR of a zone to an unauthorized recipient or accepting bogus NOTIFY packets. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S1->9.10.5-S2. | |||||
| CVE-2017-18589 | 1 Cookie Project | 1 Cookie | 2019-08-30 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the cookie crate before 0.7.6 for Rust. Large integers in the Max-Age of a cookie cause a panic. | |||||
| CVE-2018-14671 | 1 Yandex | 1 Clickhouse | 2019-08-29 | 7.5 HIGH | 9.8 CRITICAL |
| In ClickHouse before 18.10.3, unixODBC allowed loading arbitrary shared objects from the file system which led to a Remote Code Execution vulnerability. | |||||
| CVE-2015-9348 | 1 Codepeople | 1 Sell Downloads | 2019-08-29 | 5.0 MEDIUM | 7.5 HIGH |
| The sell-downloads plugin before 1.0.8 for WordPress has insufficient restrictions on brute-force guessing of purchase IDs. | |||||
| CVE-2013-7483 | 1 Hbwsl | 1 Slidedeck 2 | 2019-08-29 | 7.5 HIGH | 9.8 CRITICAL |
| The slidedeck2 plugin before 2.3.5 for WordPress has file inclusion. | |||||
| CVE-2016-10930 | 1 Wpsupportplus | 1 Wp Support Plus Responsive Ticket System | 2019-08-29 | 7.5 HIGH | 9.8 CRITICAL |
| The wp-support-plus-responsive-ticket-system plugin before 7.1.0 for WordPress has insecure direct object reference via a ticket number. | |||||
| CVE-2015-9351 | 1 Slickremix | 1 Feed Them Social | 2019-08-28 | 7.5 HIGH | 9.8 CRITICAL |
| The feed-them-social plugin before 1.7.0 for WordPress has possible shortcode execution in the Facebook Feeds load more button. | |||||
| CVE-2015-9345 | 1 Petersplugins | 1 Link Log | 2019-08-28 | 5.0 MEDIUM | 7.5 HIGH |
| The link-log plugin before 2.0 for WordPress has HTTP Response Splitting. | |||||
| CVE-2019-11140 | 1 Intel | 8 Compute Card Cd1iv128mk, Compute Card Firmware, Compute Stick Firmware and 5 more | 2019-08-27 | 4.6 MEDIUM | 6.7 MEDIUM |
| Insufficient session validation in system firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access. | |||||
| CVE-2014-10384 | 1 Memphis Documents Library Project | 1 Memphis Documents Library | 2019-08-26 | 7.5 HIGH | 9.8 CRITICAL |
| The memphis-documents-library plugin before 3.0 for WordPress has Local File Inclusion. | |||||
| CVE-2014-10383 | 1 Memphis Documents Library Project | 1 Memphis Documents Library | 2019-08-26 | 7.5 HIGH | 9.8 CRITICAL |
| The memphis-documents-library plugin before 3.0 for WordPress has Remote File Inclusion. | |||||
| CVE-2019-15324 | 1 Ad Inserter Project | 1 Ad Inserter | 2019-08-26 | 6.5 MEDIUM | 8.8 HIGH |
| The ad-inserter plugin before 2.4.22 for WordPress has remote code execution. | |||||
| CVE-2018-20981 | 1 Ninjaforms | 1 Ninja Forms | 2019-08-26 | 6.4 MEDIUM | 9.1 CRITICAL |
| The ninja-forms plugin before 3.3.9 for WordPress has insufficient restrictions on submission-data retrieval during Export Personal Data requests. | |||||
| CVE-2018-20980 | 1 Ninjaforms | 1 Ninja Forms | 2019-08-26 | 5.0 MEDIUM | 7.5 HIGH |
| The ninja-forms plugin before 3.2.15 for WordPress has parameter tampering. | |||||
| CVE-2017-18574 | 1 Ninjaforms | 1 Ninja Forms | 2019-08-26 | 4.3 MEDIUM | 6.1 MEDIUM |
| The ninja-forms plugin before 3.0.31 for WordPress has insufficient HTML escaping in the builder. | |||||
| CVE-2018-20985 | 1 Payeezy | 1 Wp Payeezy Pay | 2019-08-26 | 7.5 HIGH | 9.8 CRITICAL |
| The wp-payeezy-pay plugin before 2.98 for WordPress has local file inclusion in pay.php, donate.php, donate-rec, and pay-rec. | |||||
| CVE-2009-5158 | 1 Sumo | 1 Google Analyticator | 2019-08-26 | 4.3 MEDIUM | 6.1 MEDIUM |
| The google-analyticator plugin before 5.2.1 for WordPress has insufficient HTML sanitization for Google Analytics API text. | |||||
| CVE-2017-18580 | 1 Getshortcodes | 1 Shortcodes Ultimate | 2019-08-23 | 7.5 HIGH | 9.8 CRITICAL |
| The shortcodes-ultimate plugin before 5.0.1 for WordPress has remote code execution via a filter in a meta, post, or user shortcode. | |||||
| CVE-2016-0785 | 1 Apache | 1 Struts | 2019-08-23 | 9.0 HIGH | 8.8 HIGH |
| Apache Struts 2.x before 2.3.28 allows remote attackers to execute arbitrary code via a "%{}" sequence in a tag attribute, aka forced double OGNL evaluation. | |||||
| CVE-2016-10899 | 1 Fabrix | 1 Total Security | 2019-08-22 | 5.0 MEDIUM | 5.3 MEDIUM |
| The total-security plugin before 3.4.1 for WordPress has a settings-change vulnerability. | |||||
| CVE-2019-7959 | 3 Adobe, Apple, Microsoft | 3 Creative Cloud, Mac Os X, Windows | 2019-08-21 | 10.0 HIGH | 9.8 CRITICAL |
| Creative Cloud Desktop Application versions 4.6.1 and earlier have a using components with known vulnerabilities vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-18545 | 1 Invite Anyone Project | 1 Invite Anyone | 2019-08-21 | 5.0 MEDIUM | 7.5 HIGH |
| The invite-anyone plugin before 1.3.16 for WordPress has incorrect escaping of untrusted Dashboard and front-end input. | |||||
| CVE-2018-20973 | 1 Codeermeneer | 1 Companion Auto Update | 2019-08-21 | 7.5 HIGH | 9.8 CRITICAL |
| The companion-auto-update plugin before 3.2.1 for WordPress has local file inclusion. | |||||
| CVE-2013-7338 | 2 Apple, Python | 2 Mac Os X, Python | 2019-08-21 | 7.1 HIGH | N/A |
| Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function. | |||||
| CVE-2018-3634 | 1 Intel | 1 Online Connect Access | 2019-08-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| Parameter corruption in NDIS filter driver in Intel Online Connect Access 1.9.22.0 allows an attacker to cause a denial of service via local access. | |||||
| CVE-2019-0720 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2019-08-20 | 7.7 HIGH | 8.4 HIGH |
| A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V Remote Code Execution Vulnerability'. | |||||
| CVE-2019-0714 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2019-08-20 | 5.5 MEDIUM | 6.2 MEDIUM |
| A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0715, CVE-2019-0717, CVE-2019-0718, CVE-2019-0723. | |||||
| CVE-2019-0715 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2019-08-20 | 5.5 MEDIUM | 6.2 MEDIUM |
| A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0714, CVE-2019-0717, CVE-2019-0718, CVE-2019-0723. | |||||
| CVE-2019-0717 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2019-08-20 | 5.5 MEDIUM | 6.2 MEDIUM |
| A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0714, CVE-2019-0715, CVE-2019-0718, CVE-2019-0723. | |||||
| CVE-2019-0723 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2019-08-20 | 5.5 MEDIUM | 6.2 MEDIUM |
| A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0714, CVE-2019-0715, CVE-2019-0717, CVE-2019-0718. | |||||
| CVE-2019-0718 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2019-08-20 | 5.5 MEDIUM | 6.2 MEDIUM |
| A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0714, CVE-2019-0715, CVE-2019-0717, CVE-2019-0723. | |||||
| CVE-2019-14771 | 1 Backdropcms | 1 Backdrop Cms | 2019-08-19 | 9.3 HIGH | 9.8 CRITICAL |
| Backdrop CMS 1.12.x before 1.12.8 and 1.13.x before 1.13.3 allows the upload of entire-site configuration archives through the user interface or command line. It does not sufficiently check uploaded archives for invalid data, potentially allowing non-configuration scripts to be uploaded to the server. (This attack is mitigated by the attacker needing the "Synchronize, import, and export configuration" permission, a permission that only trusted administrators should be given. Other preventative measures in Backdrop CMS prevent the execution of PHP scripts, so another server-side scripting language must be accessible on the server to execute code.) | |||||
| CVE-2019-0965 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2019-08-19 | 7.7 HIGH | 8.4 HIGH |
| A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'. | |||||
| CVE-2018-18351 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2019-08-17 | 4.3 MEDIUM | 6.5 MEDIUM |
| Lack of proper validation of ancestor frames site when sending lax cookies in Navigation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass SameSite cookie policy via a crafted HTML page. | |||||
| CVE-2018-18358 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2019-08-17 | 2.9 LOW | 5.7 MEDIUM |
| Lack of special casing of localhost in WPAD files in Google Chrome prior to 71.0.3578.80 allowed an attacker on the local network segment to proxy resources on localhost via a crafted WPAD file. | |||||