Bulletin (SB19-217)

Vulnerability Summary for the Week of July 29, 2019

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0

  • Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9

  • Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.  

High Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
10web -- photo_gallery A SQL injection vulnerability exists in the 10Web Photo Gallery plugin before 1.5.31 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via filemanager/model.php. 2019-07-30 10.0 CVE-2019-14313
MISC
CONFIRM
CONFIRM
ahsay -- cloud_backup_suite An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. On the /cbs/system/ShowAdvanced.do "File Explorer" screen, it is possible to change the directory in the JavaScript code. If changed to (for example) "C:" then one can browse the whole server. 2019-07-26 7.8 CVE-2019-10265
MISC
ahsay -- cloud_backup_suite An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. When sending an out-of-bounds XML document to a URL, it is possible to read the file structure and even the content of files without authentication. 2019-07-26 7.8 CVE-2019-10266
MISC
MISC
ahsay -- cloud_backup_suite An insecure file upload and code execution issue was discovered in Ahsay Cloud Backup Suite 8.1.0.50. It is possible to upload a file into any directory of the server. One can insert a JSP shell into the web server's directory and execute it. This leads to full access to the system, as the configured user (e.g., Administrator). 2019-07-26 9.0 CVE-2019-10267
MISC
MISC
MISC
cpanel -- cpanel cPanel before 76.0.8 allows remote attackers to execute arbitrary code via mailing-list attachments (SEC-452). 2019-07-30 7.5 CVE-2018-20863
CONFIRM
cpanel -- cpanel cPanel before 76.0.8 allows arbitrary code execution in the context of the root account via dnssec adminbin (SEC-465). 2019-07-30 7.2 CVE-2018-20869
CONFIRM
cpanel -- cpanel cPanel before 74.0.0 allows SQL injection during database backups (SEC-420). 2019-08-01 7.5 CVE-2018-20887
CONFIRM
cpanel -- cpanel cPanel before 78.0.18 allows local users to escalate to root access because of userdata cache misparsing (SEC-479). 2019-07-30 7.2 CVE-2019-14400
CONFIRM
datagrid_project -- datagrid The datagrid gem 1.0.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. 2019-07-26 7.5 CVE-2019-14281
MISC
MISC
denx -- u-boot An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an nc_input_packet call. 2019-07-31 7.5 CVE-2019-14192
MISC
MISC
denx -- u-boot An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with an unvalidated length at nfs_readlink_reply, in the "if" block after calculating the new path length. 2019-07-31 7.5 CVE-2019-14193
MISC
MISC
denx -- u-boot An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv2 case. 2019-07-31 7.5 CVE-2019-14194
MISC
MISC
denx -- u-boot An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with unvalidated length at nfs_readlink_reply in the "else" block after calculating the new path length. 2019-07-31 7.5 CVE-2019-14195
MISC
MISC
denx -- u-boot An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_lookup_reply. 2019-07-31 7.5 CVE-2019-14196
MISC
MISC
denx -- u-boot An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv3 case. 2019-07-31 7.5 CVE-2019-14198
MISC
MISC
denx -- u-boot An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an *udp_packet_handler call. 2019-07-31 7.5 CVE-2019-14199
MISC
MISC
denx -- u-boot An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: rpc_lookup_reply. 2019-07-31 7.5 CVE-2019-14200
MISC
MISC
denx -- u-boot An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_lookup_reply. 2019-07-31 7.5 CVE-2019-14201
MISC
MISC
denx -- u-boot An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_readlink_reply. 2019-07-31 7.5 CVE-2019-14202
MISC
MISC
denx -- u-boot An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_mount_reply. 2019-07-31 7.5 CVE-2019-14203
MISC
MISC
denx -- u-boot An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_umountall_reply. 2019-07-31 7.5 CVE-2019-14204
MISC
MISC
discourse -- discourse Discourse before v2.4.0.beta2 lacks a confirmation screen when logging in via an email link. 2019-07-29 7.5 CVE-2019-1020018
MISC
MISC
libmodbus -- libmodbus An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of-bounds read for the MODBUS_FC_WRITE_MULTIPLE_COILS case, aka VD-1302. 2019-07-31 7.5 CVE-2019-14462
MISC
MISC
libmodbus -- libmodbus An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of-bounds read for the MODBUS_FC_WRITE_MULTIPLE_REGISTERS case, aka VD-1301. 2019-07-31 7.5 CVE-2019-14463
MISC
MISC
linux -- linux_kernel In the Linux kernel before 2.6.20, there is an off-by-one bug in net/netlabel/netlabel_cipso_v4.c where it is possible to overflow the doi_def->tags[] array. 2019-07-27 7.5 CVE-2007-6762
MISC
MISC
MISC
linux -- linux_kernel In the Linux kernel before 2.6.34, a range check issue in drivers/gpu/drm/radeon/atombios.c could cause an off by one (buffer overflow) problem. 2019-07-27 7.5 CVE-2010-5331
MISC
MISC
MISC
linux -- linux_kernel In the Linux kernel before 2.6.37, an out of bounds array access happened in drivers/net/mlx4/port.c. When searching for a free entry in either mlx4_register_vlan() or mlx4_register_mac(), and there is no free entry, the loop terminates without updating the local variable free thus causing out of array bounds access. 2019-07-27 7.5 CVE-2010-5332
MISC
MISC
MISC
linux -- linux_kernel In the Linux kernel before 3.1, an off by one in the drivers/target/loopback/tcm_loop.c tcm_loop_make_naa_tpg() function could result in at least memory corruption. 2019-07-27 7.5 CVE-2011-5327
MISC
MISC
MISC
linux -- linux_kernel In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption. 2019-07-27 7.5 CVE-2012-6712
MISC
MISC
MISC
linux -- linux_kernel In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size for a DiSEqC command is 6, according to the userspace API. However, the code allows larger values such as 23. 2019-07-27 7.5 CVE-2015-9289
MISC
MISC
MISC
linux -- linux_kernel In the Linux kernel before 4.9.6, there is an off by one in the drivers/mtd/spi-nor/cadence-quadspi.c cqspi_setup_flash() function. There are CQSPI_MAX_CHIPSELECT elements in the ->f_pdata array so the ">" should be ">=" instead. 2019-07-27 7.5 CVE-2016-10764
MISC
MISC
MISC
linux -- linux_kernel In the Linux kernel before 4.14, an out of boundary access happened in drivers/nvme/target/fc.c. 2019-07-27 7.5 CVE-2017-18379
MISC
MISC
simple_captcha2_project -- simple_captcha2 The simple_captcha2 gem 0.2.3 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. 2019-07-26 7.5 CVE-2019-14282
MISC
MISC
veritas -- resiliency_platform An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. An arbitrary command execution vulnerability allows a malicious VRP user to execute commands with root privilege within the VRP virtual machine, related to resiliency plans and custom script functionality. 2019-07-29 9.0 CVE-2019-14416
MISC
FULLDISC
MISC
veritas -- resiliency_platform An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. An arbitrary command execution vulnerability allows a malicious VRP user to execute commands with root privilege within the VRP virtual machine, related to DNS functionality. 2019-07-29 9.0 CVE-2019-14417
MISC
FULLDISC
MISC
Back to top

 

Medium Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
ahsay -- cloud_backup_suite An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. When creating a trial account, it is possible to inject XSS in the Alias field, allowing the attacker to retrieve the admin's cookie and take over the account. 2019-07-26 4.3 CVE-2019-10263
MISC
ahsay -- cloud_backup_suite An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. With a valid administrator account, the "Move / Import / Export Users" screen has an Import Users option. This option accepts a ZIP archive containing a users.xml file that can trigger XXE. 2019-07-26 6.5 CVE-2019-10264
MISC
ash-aio_project -- ash-aio ASH-AIO before 2.0.0.3 allows an open redirect. 2019-07-29 5.8 CVE-2019-1020016
MISC
centos-webpanel -- centos_web_panel In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.840, File and Directory Information Exposure in filemanager allows attackers to enumerate users and check for active users of the application by reading /tmp/login.log. 2019-07-26 4.0 CVE-2019-13385
MISC
MISC
centos-webpanel -- centos_web_panel In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, a hidden action=9 feature in filemanager2.php allows attackers to execute a shell command, i.e., obtain a reverse shell with user privilege. 2019-07-26 6.5 CVE-2019-13386
MISC
MISC
centos-webpanel -- centos_web_panel In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, Reflected XSS in filemanager2.php (parameter fm_current_dir) allows attackers to steal a cookie or session, or redirect to a phishing website. 2019-07-26 4.3 CVE-2019-13387
MISC
MISC
central_dogma_project -- central_dogma Cross-site scripting vulnerability in Central Dogma 0.17.0 to 0.40.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2019-07-26 4.3 CVE-2019-6002
JVN
MISC
cpanel -- cpanel cPanel before 76.0.8 allows a persistent Virtual FTP accounts after removal of its associated domain (SEC-454). 2019-07-30 6.4 CVE-2018-20864
CONFIRM
cpanel -- cpanel cPanel before 76.0.8 has Self XSS in the WHM Additional Backup Destination field (SEC-459). 2019-07-30 4.3 CVE-2018-20865
CONFIRM
cpanel -- cpanel cPanel before 76.0.8 has Stored XSS in the WHM "Reset a DNS Zone" feature (SEC-461). 2019-07-30 4.3 CVE-2018-20866
CONFIRM
cpanel -- cpanel cPanel before 76.0.8 has an open redirect when resetting connections (SEC-462). 2019-07-30 5.8 CVE-2018-20867
CONFIRM
cpanel -- cpanel cPanel before 76.0.8 has Stored XSS in the WHM MultiPHP Manager interface (SEC-464). 2019-07-30 4.3 CVE-2018-20868
CONFIRM
cpanel -- cpanel cPanel before 74.0.8 allows demo accounts to execute arbitrary code via the Fileman::viewfile API (SEC-444). 2019-08-01 6.5 CVE-2018-20879
CONFIRM
cpanel -- cpanel cPanel before 74.0.8 allows FTP access during account suspension (SEC-449). 2019-08-01 4.0 CVE-2018-20883
CONFIRM
cpanel -- cpanel cPanel before 74.0.0 allows Apache HTTP Server configuration injection because of DocumentRoot variable interpolation (SEC-416). 2019-08-01 5.0 CVE-2018-20885
CONFIRM
cpanel -- cpanel cPanel before 71.9980.37 allows Remote-Stored XSS in WHM Save Theme Interface (SEC-400). 2019-08-01 4.3 CVE-2018-20901
CONFIRM
cpanel -- cpanel cPanel before 71.9980.37 allows self XSS in the WHM Backup Configuration interface (SEC-421). 2019-08-01 4.3 CVE-2018-20903
CONFIRM
cpanel -- cpanel cPanel before 70.0.23 allows self XSS in the WHM cPAddons showsecurity Interface (SEC-357). 2019-08-01 4.3 CVE-2018-20910
CONFIRM
cpanel -- cpanel cPanel before 70.0.23 allows code execution because "." is in @INC during a Perl syntax check of cpaddonsup (SEC-359). 2019-08-01 6.5 CVE-2018-20911
CONFIRM
cpanel -- cpanel cPanel before 70.0.23 allows demo accounts to execute code via awstats (SEC-362). 2019-08-01 6.5 CVE-2018-20912
CONFIRM
cpanel -- cpanel In cPanel before 70.0.23, OpenID providers can inject arbitrary data into cPanel session files (SEC-368). 2019-08-01 4.9 CVE-2018-20914
CONFIRM
cpanel -- cpanel cPanel before 70.0.23 allows stored XSS in WHM DNS Cluster (SEC-372). 2019-08-01 4.3 CVE-2018-20918
CONFIRM
cpanel -- cpanel cPanel before 70.0.23 allows stored XSS via a WHM Create Account action (SEC-373). 2019-08-01 4.3 CVE-2018-20919
CONFIRM
cpanel -- cpanel cPanel before 70.0.23 allows stored XSS via a WHM Edit DNS Zone action (SEC-374). 2019-08-01 4.3 CVE-2018-20920
CONFIRM
cpanel -- cpanel cPanel before 70.0.23 allows stored XSS via a WHM "Delete a DNS Zone" action (SEC-375). 2019-08-01 4.3 CVE-2018-20921
CONFIRM
cpanel -- cpanel cPanel before 70.0.23 allows stored XSS via a WHM DNS Cleanup action (SEC-376). 2019-08-01 4.3 CVE-2018-20922
CONFIRM
cpanel -- cpanel cPanel before 70.0.23 allows stored XSS via a WHM Synchronize DNS Records action (SEC-377). 2019-08-01 4.3 CVE-2018-20923
CONFIRM
cpanel -- cpanel cPanel before 82.0.2 has Self XSS in the cPanel and webmail master templates (SEC-506). 2019-07-30 4.3 CVE-2019-14387
MISC
cpanel -- cpanel cPanel before 82.0.2 allows unauthenticated file creation because Exim log parsing is mishandled (SEC-507). 2019-07-30 5.0 CVE-2019-14388
MISC
cpanel -- cpanel cPanel before 80.0.22 allows remote code execution by a demo account because of incorrect URI dispatching (SEC-501). 2019-07-30 6.5 CVE-2019-14392
CONFIRM
cpanel -- cpanel cPanel before 80.0.5 allows local code execution in the context of a different cPanel account because of insecure cpphp execution (SEC-486). 2019-07-30 4.6 CVE-2019-14393
CONFIRM
cpanel -- cpanel cPanel before 80.0.5 allows demo accounts to modify arbitrary files via the extractfile API1 call (SEC-496). 2019-07-30 5.0 CVE-2019-14397
CONFIRM
cpanel -- cpanel cPanel before 80.0.5 allows demo accounts to execute arbitrary code via ajax_maketext_syntax_util.pl (SEC-498). 2019-07-30 6.5 CVE-2019-14398
CONFIRM
cpanel -- cpanel The SSL certificate-storage feature in cPanel before 78.0.18 allows unsafe file operations in the context of the root account (SEC-477). 2019-07-30 6.1 CVE-2019-14399
CONFIRM
cpanel -- cpanel cPanel before 78.0.18 allows code execution via an addforward API1 call (SEC-480). 2019-07-30 6.5 CVE-2019-14401
CONFIRM
cpanel -- cpanel cPanel before 78.0.18 offers an open mail relay because of incorrect domain-redirect routing (SEC-483). 2019-07-30 4.3 CVE-2019-14403
CONFIRM
cpanel -- cpanel cPanel before 78.0.18 allows certain file-read operations in the context of the root account via the Exim virtual_user_spam router (SEC-484). 2019-07-30 4.9 CVE-2019-14404
CONFIRM
cpanel -- cpanel cPanel before 78.0.18 allows demo accounts to execute code via securitypolicy.cg (SEC-487). 2019-07-30 6.5 CVE-2019-14405
CONFIRM
cpanel -- cpanel cPanel before 78.0.18 has stored XSS in the BoxTrapper Queue Listing (SEC-493). 2019-07-30 4.3 CVE-2019-14406
CONFIRM
cpanel -- cpanel cPanel before 78.0.2 reveals internal data to OpenID providers (SEC-415). 2019-07-30 4.0 CVE-2019-14407
CONFIRM
cpanel -- cpanel cPanel before 78.0.2 allows a demo account to link with an OpenID provider (SEC-460). 2019-07-30 4.0 CVE-2019-14408
CONFIRM
cpanel -- cpanel cPanel before 78.0.2 does not properly restrict demo accounts from writing to files via the DCV UAPI (SEC-473). 2019-07-30 5.0 CVE-2019-14411
CONFIRM
cpanel -- cpanel cPanel before 78.0.2 allows certain file-write operations as shared users during connection resets (SEC-476). 2019-07-30 4.0 CVE-2019-14413
CONFIRM
craftcms -- craft_cms In some circumstances, Craft 2 before 2.7.10 and 3 before 3.2.6 wasn't stripping EXIF data from user-uploaded images when it was configured to do so, potentially exposing personal/geolocation data to the public. 2019-07-26 5.0 CVE-2019-14280
MISC
MISC
custom_simple_rss_project -- custom_simple_rss A CSRF vulnerability in Settings form in the Custom Simple Rss plugin 2.0.6 for WordPress allows attackers to change the plugin settings. 2019-07-30 4.3 CVE-2019-14327
MISC
MISC
denx -- u-boot A crafted self-referential DOS partition table will cause all Das U-Boot versions through 2019.07-rc4 to infinitely recurse, causing the stack to grow infinitely and eventually either crash or overwrite other data. 2019-07-29 6.4 CVE-2019-13103
MISC
MISC
denx -- u-boot An issue was discovered in Das U-Boot through 2019.07. There is a read of out-of-bounds data at nfs_read_reply. 2019-07-31 6.4 CVE-2019-14197
MISC
MISC
discourse -- discourse Discourse before v2.4.0.beta2 lacks a confirmation screen when logging in via a user-api OTP. 2019-07-29 5.0 CVE-2019-1020017
MISC
MISC
espocrm -- espocrm An issue was discovered in EspoCRM before 5.6.6. There is stored XSS due to lack of filtration of user-supplied data in Create Task. A malicious attacker can modify the parameter name to contain JavaScript code. 2019-07-28 4.3 CVE-2019-14329
MISC
MISC
MISC
espocrm -- espocrm An issue was discovered in EspoCRM before 5.6.6. Stored XSS exists due to lack of filtration of user-supplied data in Create Case. A malicious attacker can modify the firstName and lastName to contain JavaScript code. 2019-07-28 4.3 CVE-2019-14330
MISC
MISC
MISC
espocrm -- espocrm An issue was discovered in EspoCRM before 5.6.6. Stored XSS exists due to lack of filtration of user-supplied data in Create User. A malicious attacker can modify the firstName and lastName to contain JavaScript code. 2019-07-28 4.3 CVE-2019-14331
MISC
MISC
MISC
espocrm -- espocrm EspoCRM version 5.6.4 is vulnerable to stored XSS due to lack of filtration of user-supplied data in the api/v1/Document functionality for storing documents in the account tab. An attacker can upload a crafted file that contains JavaScript code in its name. This code will be executed when a user opens a page of any profile with this. 2019-07-28 4.3 CVE-2019-14349
MISC
espocrm -- espocrm EspoCRM 5.6.4 is vulnerable to stored XSS due to lack of filtration of user-supplied data in the Knowledge base. A malicious attacker can inject JavaScript code in the body parameter during api/v1/KnowledgeBaseArticle knowledge-base record creation. 2019-07-28 4.3 CVE-2019-14350
MISC
espocrm -- espocrm EspoCRM 5.6.4 is vulnerable to user password hash enumeration. A malicious authenticated attacker can brute-force a user password hash by 1 symbol at a time using specially crafted api/v1/User?filterList filters. 2019-07-28 4.0 CVE-2019-14351
MISC
exiv2 -- exiv2 Exiv2 0.27.99.0 has a heap-based buffer over-read in Exiv2::RafImage::readMetadata() in rafimage.cpp. 2019-07-28 6.8 CVE-2019-14368
MISC
exiv2 -- exiv2 Exiv2::PngImage::readMetadata() in pngimage.cpp in Exiv2 0.27.99.0 allows attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file. 2019-07-28 4.3 CVE-2019-14369
MISC
exiv2 -- exiv2 In Exiv2 0.27.99.0, there is an out-of-bounds read in Exiv2::MrwImage::readMetadata() in mrwimage.cpp. It could result in denial of service. 2019-07-28 4.3 CVE-2019-14370
MISC
flif -- flif An issue was discovered in image_save_png in image/image-png.cpp in Free Lossless Image Format (FLIF) 0.3. Attackers can trigger a heap-based buffer over-read in libpng via a crafted flif file. 2019-07-28 6.8 CVE-2019-14373
MISC
glyphandcog -- xpdfreader An issue was discovered in Xpdf 4.01.01. There is an Integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "one byte per line" case. 2019-07-27 4.3 CVE-2019-14288
MISC
MISC
glyphandcog -- xpdfreader An issue was discovered in Xpdf 4.01.01. There is an integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "multiple bytes per line" case. 2019-07-27 4.3 CVE-2019-14289
MISC
MISC
glyphandcog -- xpdfreader An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 2. 2019-07-27 4.3 CVE-2019-14290
MISC
MISC
glyphandcog -- xpdfreader An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 3. 2019-07-27 4.3 CVE-2019-14291
MISC
MISC
glyphandcog -- xpdfreader An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 1. 2019-07-27 4.3 CVE-2019-14292
MISC
MISC
glyphandcog -- xpdfreader An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 2. 2019-07-27 4.3 CVE-2019-14293
MISC
MISC
glyphandcog -- xpdfreader An issue was discovered in Xpdf 4.01.01. There is a use-after-free in the function JPXStream::fillReadBuf at JPXStream.cc, due to an out of bounds read. 2019-07-27 4.3 CVE-2019-14294
MISC
MISC
google -- kubernetes_engine Jenkins Google Kubernetes Engine Plugin 0.6.2 and earlier created a temporary file containing a temporary access token in the project workspace, where it could be accessed by users with Job/Read permission. 2019-07-31 4.0 CVE-2019-10365
MLIST
MISC
ibm -- daeja_viewone IBM Daeja ViewONE Professional, Standard & Virtual 5.0.5 and 5.0.6 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 163620. 2019-07-30 5.5 CVE-2019-4456
XF
CONFIRM
ibm -- storediq IBM StoreIQ 7.6.0.0. through 7.6.0.18 could allow an authenticated user to obtain sensitive information that a privileged user should only be allowed to view. IBM X-Force ID: 158696. 2019-07-31 4.0 CVE-2019-4163
CONFIRM
XF
ibm -- storediq IBM StoreIQ 7.6.0.0. through 7.6.0.18 could allow a remote attacker to cause a denial of service attack using repeated requests to the server. IBM X-Force ID: 158698. 2019-07-31 5.0 CVE-2019-4165
CONFIRM
XF
icegram -- email_subscribers_&_newsletters An XSS vulnerability in the "Email Subscribers & Newsletters" plugin 4.1.6 for WordPress allows an attacker to inject malicious JavaScript code through a publicly available subscription form using the esfpx_name wp-admin/admin-ajax.php POST parameter. 2019-07-28 4.3 CVE-2019-14364
MISC
MISC
inveniosoftware -- invenio-app invenio-app before 1.1.1 allows host header injection. 2019-07-29 5.8 CVE-2019-1020006
CONFIRM
inveniosoftware -- invenio-previewer invenio-previewer before 1.0.0a12 allows XSS. 2019-07-29 4.3 CVE-2019-1020019
MISC
jenkins -- configuration_as_code Missing permission checks in Jenkins Configuration as Code Plugin 1.24 and earlier in various HTTP endpoints allowed users with Overall/Read access to access the generated schema and documentation for this plugin containing detailed information about installed plugins. 2019-07-31 4.0 CVE-2019-10344
MLIST
MISC
jenkins -- configuration_as_code Jenkins Configuration as Code Plugin 1.24 and earlier did not escape values resulting in variable interpolation during configuration import when exporting, allowing attackers with permission to change Jenkins system configuration to obtain the values of environment variables. 2019-07-31 5.5 CVE-2019-10362
MLIST
MISC
jenkins -- configuration_as_code Jenkins Configuration as Code Plugin 1.24 and earlier did not reliably identify sensitive values expected to be exported in their encrypted form. 2019-07-31 4.0 CVE-2019-10363
MLIST
MISC
jenkins -- m2release A cross-site request forgery vulnerability in Jenkins Maven Release Plugin 0.14.0 and earlier in the M2ReleaseAction#doSubmit method allowed attackers to perform releases with attacker-specified options. 2019-07-31 6.8 CVE-2019-10359
MLIST
MISC
jenkins -- maven Jenkins Maven Integration Plugin 3.3 and earlier did not apply build log decorators to module builds, potentially revealing sensitive build variables in the build log. 2019-07-31 4.0 CVE-2019-10358
MLIST
MISC
jenkins -- pipeline:shared_groovy_libraries A missing permission check in Jenkins Pipeline: Shared Groovy Libraries Plugin 2.14 and earlier allowed users with Overall/Read access to obtain limited information about the content of SCM repositories referenced by global libraries. 2019-07-31 4.0 CVE-2019-10357
MLIST
MISC
jenkins -- script_security A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of type casts allowed attackers to execute arbitrary code in sandboxed scripts. 2019-07-31 6.5 CVE-2019-10355
MLIST
MISC
jenkins -- script_security A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of method pointer expressions allowed attackers to execute arbitrary code in sandboxed scripts. 2019-07-31 6.5 CVE-2019-10356
MLIST
MISC
jenkins -- skytap_cloud_ci Jenkins Skytap Cloud CI Plugin 2.06 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system. 2019-07-31 4.0 CVE-2019-10366
MLIST
MISC
kolide -- fleet Fleet before 2.1.2 allows exposure of SMTP credentials. 2019-07-29 5.0 CVE-2019-1020009
MISC
libav -- libav An issue was discovered in Libav 12.3. There is an infinite loop in the function mov_probe in the file libavformat/mov.c, related to offset and tag. 2019-07-28 4.3 CVE-2019-14371
MISC
libav -- libav In Libav 12.3, there is an infinite loop in the function wv_read_block_header() in the file wvdec.c. 2019-07-28 4.3 CVE-2019-14372
MISC
libav -- libav An issue was discovered in Libav 12.3. Division by zero in range_decode_culshift in libavcodec/apedec.c allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv. 2019-07-30 4.3 CVE-2019-14443
MISC
libsdl -- sdl2_image An exploitable code execution vulnerability exists in the PCX image-rendering functionality of SDL2_image 2.0.4. A specially crafted PCX image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. 2019-07-31 6.8 CVE-2019-5057
MISC
libsdl -- sdl2_image An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image 2.0.4. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. 2019-07-31 6.8 CVE-2019-5058
MISC
libsdl -- sdl2_image An exploitable code execution vulnerability exists in the XPM image rendering functionality of SDL2_image 2.0.4. A specially crafted XPM image can cause an integer overflow, allocating too small of a buffer. This buffer can then be written out of bounds resulting in a heap overflow, ultimately ending in code execution. An attacker can display a specially crafted image to trigger this vulnerability. 2019-07-31 6.8 CVE-2019-5059
MISC
libslirp_project -- libslirp ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment. 2019-07-29 6.5 CVE-2019-14378
MLIST
MISC
linux -- linux_kernel An issue was discovered in the Linux kernel before 4.20. drivers/phy/mscc/phy-ocelot-serdes.c has an off-by-one error with a resultant ctrl->phys out-of-bounds read. 2019-07-26 4.6 CVE-2018-20854
MISC
MISC
linux -- linux_kernel An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled. 2019-07-26 4.6 CVE-2018-20856
MISC
MISC
MISC
linux -- linux_kernel In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk has been inserted. NOTE: QEMU creates the floppy device by default. 2019-07-26 4.6 CVE-2019-14283
MISC
MISC
MISC
mcpp_project -- mcpp MCPP 2.7.2 has a heap-based buffer overflow in the do_msg() function in support.c. 2019-07-26 4.3 CVE-2019-14274
MISC
misp -- misp In app/webroot/js/event-graph.js in MISP 2.4.111, a stored XSS vulnerability exists in the event-graph view when a user toggles the event graph view. A malicious MISP event must be crafted in order to trigger the vulnerability. 2019-07-27 4.3 CVE-2019-14286
MISC
moodle -- moodle A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. A sesskey (CSRF) token was not being utilised by the XML loading/unloading admin tool. 2019-07-31 6.8 CVE-2019-10186
CONFIRM
MISC
moodle -- moodle A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Users with permission to delete entries from a glossary were able to delete entries from other glossaries they did not have direct access to. 2019-07-31 4.0 CVE-2019-10187
CONFIRM
MISC
moodle -- moodle A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in a quiz group could modify group overrides for other groups in the same quiz. 2019-07-31 4.0 CVE-2019-10188
CONFIRM
CONFIRM
moodle -- moodle A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in an assignment group could modify group overrides for other groups in the same assignment. 2019-07-31 4.0 CVE-2019-10189
CONFIRM
CONFIRM
nats -- nats_server An integer overflow in NATS Server 2.0.0 allows a remote attacker to crash the server by sending a crafted request. 2019-07-29 5.0 CVE-2019-13126
MISC
MISC
open.edx -- edx-platform edx-platform before 2015-07-20 allows code execution by privileged users because the course import endpoint mishandles .tar.gz files. 2019-07-29 6.5 CVE-2015-5601
CONFIRM
open.edx -- edx-platform edx-platform before 2015-09-17 allows XSS via a team name. 2019-07-29 4.3 CVE-2015-6960
CONFIRM
openmpt -- libopenmpt libopenmpt before 0.3.13 allows a crash with malformed MED files. 2019-07-30 4.3 CVE-2018-20860
MISC
openmpt -- libopenmpt libopenmpt before 0.4.5 allows a crash during playback due to an out-of-bounds read in XM and MT2 files. 2019-07-30 4.3 CVE-2019-14380
MISC
parseplatform -- parse-server parse-server before 3.4.1 allows DoS after any POST to a volatile class. 2019-07-29 5.0 CVE-2019-1020012
MISC
parseplatform -- parse-server parse-server before 3.6.0 allows account enumeration. 2019-07-29 5.0 CVE-2019-1020013
MISC
postgresql -- postgresql A vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. (Exploit prerequisites are the same as for CVE-2018-1052). 2019-07-30 4.0 CVE-2019-10129
CONFIRM
MISC
pterodactyl -- panel Pterodactyl before 0.7.14 with 2FA allows credential sniffing. 2019-07-29 5.0 CVE-2019-1020002
CONFIRM
stacktable.js_project -- stacktable.js stacktable.js before 1.0.4 allows XSS. 2019-07-29 4.3 CVE-2019-1020008
MISC
sunhater -- kcfinder A cross-site scripting (XSS) vulnerability in upload.php in SunHater KCFinder 3.20-test1, 3.20-test2, 3.12, and earlier allows remote attackers to inject arbitrary web script or HTML via the CKEditorFuncNum parameter. 2019-07-27 4.3 CVE-2019-14315
MISC
testlink -- testlink TestLink 1.9.19 has XSS via the error.php message parameter. 2019-08-01 4.3 CVE-2019-14471
MISC
tridactyl_project -- tridactyl Tridactyl before 1.16.0 allows fake key events. 2019-07-29 5.0 CVE-2019-1020004
MISC
unity -- web_player The Unity Web Player plugin before 4.6.6f2 and 5.x before 5.0.3f2 allows attackers to read messages or access online services via a victim's credentials 2019-07-29 4.0 CVE-2015-9288
CONFIRM
upx_project -- upx An Integer overflow in the getElfSections function in p_vmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an allocation of excessive memory. 2019-07-27 4.3 CVE-2019-14295
MISC
upx_project -- upx canUnpack in p_vmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service (SEGV or buffer overflow, and application crash) or possibly have unspecified other impact via a crafted UPX packed file. 2019-07-27 6.8 CVE-2019-14296
MISC
wallaceit -- wallacepos Cross-site request forgery in WallacePOS 1.4.3 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link. 2019-07-31 6.8 CVE-2019-3959
MISC
wikindx_project -- wikindx A cross-site scripting (XSS) vulnerability in getPagingStart() in core/lists/PAGING.php in WIKINDX through 5.8.1 allows remote attackers to inject arbitrary web script or HTML via the PagingStart parameter. 2019-07-26 4.3 CVE-2019-13588
CONFIRM
wpfastestcache -- wp_fastest_cache The WP Fastest Cache plugin through 0.8.9.0 for WordPress allows remote attackers to delete arbitrary files because wp_postratings_clear_fastest_cache and rm_folder_recursively in wpFastestCache.php mishandle ../ in an HTTP Referer header. 2019-07-29 5.8 CVE-2019-6726
MISC
MISC
MISC
MISC
MISC
xfig_project -- fig2dev Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c. 2019-07-26 4.3 CVE-2019-14275
MISC
yardoc -- yard yard before 0.9.20 allows path traversal. 2019-07-29 5.0 CVE-2019-1020001
MISC
zendesk -- samlr Zendesk Samlr before 2.6.2 allows an XML nodes comment attack such as a name_id node with user@example.com followed by <!---->. and then the attacker's domain name. 2019-07-26 5.0 CVE-2018-20857
MISC
Back to top

 

Low Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
cpanel -- cpanel cPanel before 76.0.8 unsafely performs PostgreSQL password changes (SEC-366). 2019-07-30 2.1 CVE-2018-20862
CONFIRM
cpanel -- cpanel The WebDAV transport feature in cPanel before 76.0.8 enables debug logging (SEC-467). 2019-07-30 2.1 CVE-2018-20870
CONFIRM
cpanel -- cpanel cPanel before 74.0.8 allows self XSS in the WHM Security Questions interface (SEC-433). 2019-08-01 3.5 CVE-2018-20875
CONFIRM
cpanel -- cpanel cPanel before 74.0.8 allows self XSS in the Site Software Moderation interface (SEC-434). 2019-08-01 3.5 CVE-2018-20876
CONFIRM
cpanel -- cpanel cPanel before 74.0.8 allows self XSS in WHM Style Upload interface (SEC-437). 2019-08-01 3.5 CVE-2018-20877
CONFIRM
cpanel -- cpanel cPanel before 74.0.8 allows stored XSS in WHM "File and Directory Restoration" interface (SEC-441). 2019-08-01 3.5 CVE-2018-20878
CONFIRM
cpanel -- cpanel cPanel before 74.0.8 mishandles account suspension because of an invalid email_accounts.json file (SEC-445). 2019-08-01 2.1 CVE-2018-20880
CONFIRM
cpanel -- cpanel cPanel before 74.0.8 allows self stored XSS on the Security Questions login page (SEC-446). 2019-08-01 3.5 CVE-2018-20881
CONFIRM
cpanel -- cpanel cPanel before 74.0.0 allows stored XSS in the WHM File Restoration interface (SEC-367). 2019-08-01 3.5 CVE-2018-20884
CONFIRM
cpanel -- cpanel cPanel before 71.9980.37 allows attackers to read root's crontab file by leveraging ClamAV installation (SEC-408). 2019-08-01 2.1 CVE-2018-20902
CONFIRM
cpanel -- cpanel cPanel before 70.0.23 allows attackers to read the root accesshash via the WHM /cgi/trustclustermaster.cgi (SEC-364). 2019-08-01 3.5 CVE-2018-20913
CONFIRM
cpanel -- cpanel cPanel before 70.0.23 allows stored XSS via a WHM Edit DNS Zone action (SEC-369). 2019-08-01 3.5 CVE-2018-20915
CONFIRM
cpanel -- cpanel cPanel before 70.0.23 allows Stored XSS via a WHM Edit MX Entry (SEC-370). 2019-08-01 3.5 CVE-2018-20916
CONFIRM
cpanel -- cpanel cPanel before 70.0.23 allows any user to disable Solr (SEC-371). 2019-08-01 2.1 CVE-2018-20917
CONFIRM
cpanel -- cpanel cPanel before 82.0.2 has stored XSS in the WHM Tomcat Manager interface (SEC-504). 2019-07-30 3.5 CVE-2019-14386
MISC
cpanel -- cpanel cPanel before 82.0.2 allows local users to discover the MySQL root password (SEC-510). 2019-07-30 2.1 CVE-2019-14389
MISC
cpanel -- cpanel cPanel before 82.0.2 has stored XSS in the WHM Modify Account interface (SEC-512). 2019-07-30 3.5 CVE-2019-14390
MISC
cpanel -- cpanel cPanel before 82.0.2 does not properly enforce Reseller package creation ACLs (SEC-514). 2019-07-30 2.1 CVE-2019-14391
MISC
cpanel -- cpanel cPanel before 80.0.5 allows unsafe file operations in the context of the root account via the fetch_ssl_certificates_for_fqdns API (SEC-489). 2019-07-30 2.1 CVE-2019-14394
CONFIRM
cpanel -- cpanel cPanel before 80.0.5 uses world-readable permissions for the Queueprocd log (SEC-494). 2019-07-30 2.1 CVE-2019-14395
CONFIRM
cpanel -- cpanel API Analytics adminbin in cPanel before 80.0.5 allows spoofed insertions of log data (SEC-495). 2019-07-30 2.1 CVE-2019-14396
CONFIRM
cpanel -- cpanel cPanel before 78.0.18 unsafely determines terminal capabilities by using infocmp (SEC-481). 2019-07-30 2.1 CVE-2019-14402
CONFIRM
cpanel -- cpanel cPanel before 78.0.2 allows arbitrary file-read operations via Passenger adminbin (SEC-466). 2019-07-30 2.1 CVE-2019-14409
CONFIRM
cpanel -- cpanel Maketext in cPanel before 78.0.2 allows format-string injection in the Email store_filter UAPI (SEC-472). 2019-07-30 2.1 CVE-2019-14410
CONFIRM
cpanel -- cpanel Maketext in cPanel before 78.0.2 allows format-string injection in the DCV check_domains_via_dns UAPI (SEC-474). 2019-07-30 2.1 CVE-2019-14412
CONFIRM
cpanel -- cpanel In cPanel before 78.0.2, a Userdata cache temporary file can conflict with domains (SEC-478). 2019-07-30 2.1 CVE-2019-14414
CONFIRM
dependencytrack -- dependency-track Dependency-Track before 3.5.1 allows XSS. 2019-07-29 3.5 CVE-2019-1020007
CONFIRM
http-file-server_project -- http-file-server Cross-site scripting (XSS) vulnerability in http-file-server (all versions) allows an attacker with access to the server file system to execute arbitrary JavaScript code in victim's browser. 2019-07-30 3.5 CVE-2019-5458
MISC
ibm -- websphere_application_server IBM WebSphere Application Server - Liberty Admin Center could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could send a specially-crafted HTTP request to hijack the victim's click actions or launch other client-side browser attacks. IBM X-Force ID: 160513. 2019-07-30 3.5 CVE-2019-4285
XF
CONFIRM
inveniosoftware -- invenio-communities invenio-communities before 1.0.0a20 allows XSS. 2019-07-29 3.5 CVE-2019-1020005
MISC
inveniosoftware -- invenio-records invenio-records before 1.2.2 allows XSS. 2019-07-29 3.5 CVE-2019-1020003
MISC
jenkins -- configuration_as_code Jenkins Configuration as Code Plugin 1.24 and earlier did not properly apply masking to values expected to be hidden when logging the configuration being applied. 2019-07-31 2.1 CVE-2019-10343
MLIST
MISC
jenkins -- configuration_as_code Jenkins Configuration as Code Plugin 1.20 and earlier did not treat the proxy password as a secret to be masked when logging or encrypted for export. 2019-07-31 2.1 CVE-2019-10345
MLIST
MISC
jenkins -- ec2 Jenkins Amazon EC2 Plugin 1.43 and earlier wrote the beginning of private keys to the Jenkins system log. 2019-07-31 2.1 CVE-2019-10364
MLIST
MISC
jenkins -- m2_release A stored cross site scripting vulnerability in Jenkins Maven Release Plugin 0.14.0 and earlier allowed attackers to inject arbitrary HTML and JavaScript in the plugin-provided web pages in Jenkins. 2019-07-31 3.5 CVE-2019-10360
MLIST
MISC
jenkins -- m2release Jenkins Maven Release Plugin 0.14.0 and earlier stored credentials unencrypted on the Jenkins master where they could be viewed by users with access to the master file system. 2019-07-31 2.1 CVE-2019-10361
MLIST
MISC
linux -- linux_kernel An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace. 2019-07-26 2.1 CVE-2018-20855
MISC
MISC
MISC
linux -- linux_kernel In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make F_SECT_PER_TRACK be zero. Next, the floppy format operation should be called. It can be triggered by an unprivileged local user even when a floppy disk has not been inserted. NOTE: QEMU creates the floppy device by default. 2019-07-26 2.1 CVE-2019-14284
MISC
MISC
MISC
microsoft -- outlook A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages, aka 'Outlook for Android Spoofing Vulnerability'. 2019-07-29 3.5 CVE-2019-1105
N/A
min-http-server_project -- min-http-server Cross-site scripting (XSS) vulnerability in min-http-server (all versions) allows an attacker with access to the server file system to execute arbitrary JavaScript code in victim's browser. 2019-07-30 3.5 CVE-2019-5457
MISC
open.edx -- edx-platform edx-platform before 2015-08-17 allows XSS in the Studio listing of courses. 2019-07-29 3.5 CVE-2015-6253
CONFIRM
MISC
veeam -- one_reporter Veeam ONE Reporter 9.5.0.3201 allows XSS via the Add/Edit Widget with a crafted Caption field to setDashboardWidget in CommonDataHandlerReadOnly.ashx. 2019-07-27 3.5 CVE-2019-14297
MISC
veeam -- one_reporter Veeam ONE Reporter 9.5.0.3201 allows XSS via a crafted Description(config) field to addDashboard or editDashboard in CommonDataHandlerReadOnly.ashx. 2019-07-27 3.5 CVE-2019-14298
MISC
veritas -- resiliency_platform An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. A persistent cross-site scripting (XSS) vulnerability allows a malicious VRP user to inject malicious script into another user's browser, related to resiliency plans functionality. A victim must open a resiliency plan that an attacker has access to. 2019-07-29 3.5 CVE-2019-14415
MISC
FULLDISC
MISC
wallaceit -- wallacepos Insufficient output sanitization in WallacePOS 1.4.3 allows a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks via a crafted sales transaction. 2019-07-31 3.5 CVE-2019-3958
MISC
Back to top

 

Severity Not Yet Assigned

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
3proxy -- 3proxy webadmin.c in 3proxy before 0.8.13 has an out-of-bounds write in the admin interface. 2019-08-01 not yet calculated CVE-2019-14495
MISC
MISC
MISC
adoptopenjdk -- icedtea-web It was found that icedtea-web though 1.7.2 and 1.8.2 did not properly sanitize paths from <jar/> elements in JNLP files. An attacker could trick a victim into running a specially crafted application and use this flaw to upload arbitrary files to arbitrary locations in the context of the user. 2019-07-31 not yet calculated CVE-2019-10182
CONFIRM
CONFIRM
CONFIRM
adoptopenjdk -- icedtea-web It was found that icedtea-web up to and including 1.7.2 and 1.8.2 was vulnerable to a zip-slip attack during auto-extraction of a JAR file. An attacker could use this flaw to write files to arbitrary locations. This could also be used to replace the main running application and, possibly, break out of the sandbox. 2019-07-31 not yet calculated CVE-2019-10185
CONFIRM
CONFIRM
CONFIRM
adoptopenjdk -- icedtea-web It was found that in icedtea-web up to and including 1.7.2 and 1.8.2 executable code could be injected in a JAR file without compromising the signature verification. An attacker could use this flaw to inject code in a trusted JAR. The code would be executed inside the sandbox. 2019-07-31 not yet calculated CVE-2019-10181
CONFIRM
CONFIRM
CONFIRM
advantech -- webaccess_hmi_designer In Advantech WebAccess HMI Designer Version 2.1.9.23 and prior, processing specially crafted MCR files lacking proper validation of user supplied data may cause the system to write outside the intended buffer area, allowing remote code execution. 2019-08-02 not yet calculated CVE-2019-10961
MISC

alcatel-lucent_enterprise -- 8008_cloud_edition_deskphone_voip_phone

On the Alcatel-Lucent Enterprise (ALE) 8008 Cloud Edition Deskphone VoIP phone with firmware 1.50.13, a command injection (missing input validation) issue in the password change field for the Change Password interface allows an authenticated remote attacker in the same network to trigger OS commands via shell commands in a POST request. 2019-08-01 not yet calculated CVE-2019-14260
MISC
alcatel -- linkzone_mw40-v-v1.0_mw40_02.00_02_devices The web interface of Alcatel LINKZONE MW40-V-V1.0 MW40_LU_02.00_02 devices is vulnerable to an authentication bypass that allows an unauthenticated user to have access to the web interface without knowing the administrator's password. 2019-08-02 not yet calculated CVE-2019-7163
MISC
amcrest -- ip2m-841b_ip_camera The Amcrest IP2M-841B IP camera firmware version V2.520.AC00.18.R does not require authentication to access the HTTP endpoint /videotalk. An unauthenticated, remote person can connect to this endpoint and listen to the audio the camera is capturing. 2019-07-29 not yet calculated CVE-2019-3948
MISC
MISC
ansible -- ansible A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variable may be disclosed. 2019-07-30 not yet calculated CVE-2019-10156
CONFIRM
CONFIRM
apache -- activemq_client It was found that the Apache ActiveMQ client before 5.15.5 exposed a remote shutdown command in the ActiveMQConnection class. An attacker logged into a compromised broker could use this flaw to achieve denial of service on a connected client. 2019-08-01 not yet calculated CVE-2015-7559
CONFIRM
CONFIRM
apache -- solr In Apache Solr, the DataImportHandler, an optional but popular module to pull in data from databases and other sources, has a feature in which the whole DIH configuration can come from a request's "dataConfig" parameter. The debug mode of the DIH admin screen uses this to allow convenient debugging / development of a DIH config. Since a DIH config can contain scripts, this parameter is a security risk. Starting with version 8.2.0 of Solr, use of this parameter requires setting the Java System property "enable.dih.dataConfigParam" to true. 2019-08-01 not yet calculated CVE-2019-0193
CONFIRM
apache -- tika A carefully crafted or corrupt zip file can cause an OOM in Apache Tika's RecursiveParserWrapper in versions 1.7-1.21. Users should upgrade to 1.22 or later. 2019-08-02 not yet calculated CVE-2019-10088
CONFIRM
apache -- tika In Apache Tika 1.19 to 1.21, a carefully crafted 2003ml or 2006ml file could consume all available SAXParsers in the pool and lead to very long hangs. Apache Tika users should upgrade to 1.22 or later. 2019-08-02 not yet calculated CVE-2019-10093
CONFIRM
apache -- tika A carefully crafted package/compressed file that, when unzipped/uncompressed yields the same file (a quine), causes a StackOverflowError in Apache Tika's RecursiveParserWrapper in versions 1.7-1.21. Apache Tika users should upgrade to 1.22 or later. 2019-08-02 not yet calculated CVE-2019-10094
CONFIRM
apache -- vcl Apache VCL versions 2.1 through 2.5 do not properly validate cookie input when determining what node (if any) was previously selected in the privilege tree. The cookie data is then used in an SQL statement. This allows for an SQL injection attack. Access to this portion of a VCL system requires admin level rights. Other layers of security seem to protect against malicious attack. However, all VCL systems running versions earlier than 2.5.1 should be upgraded or patched. This vulnerability was found and reported to the Apache VCL project by ADLab of Venustech. 2019-07-29 not yet calculated CVE-2018-11772
MLIST
MLIST
apache -- vcl Apache VCL versions 2.1 through 2.5 do not properly validate form input when processing a submitted block allocation. The form data is then used as an argument to the php built in function strtotime. This allows for an attack against the underlying implementation of that function. The implementation of strtotime at the time the issue was discovered appeared to be resistant to a malicious attack. However, all VCL systems running versions earlier than 2.5.1 should be upgraded or patched. This vulnerability was found and reported to the Apache VCL project by ADLab of Venustech. 2019-07-29 not yet calculated CVE-2018-11773
MLIST
MLIST
apache -- vcl Apache VCL versions 2.1 through 2.5 do not properly validate form input when adding and removing VMs to and from hosts. The form data is then used in SQL statements. This allows for an SQL injection attack. Access to this portion of a VCL system requires admin level rights. Other layers of security seem to protect against malicious attack. However, all VCL systems running versions earlier than 2.5.1 should be upgraded or patched. This vulnerability was found and reported to the Apache VCL project by ADLab of Venustech. 2019-07-29 not yet calculated CVE-2018-11774
MLIST
MLIST
avaya -- aura_conferencing A Cross-Site Scripting (XSS) vulnerability in the Web UI of Avaya Aura Conferencing may allow code execution and potentially disclose sensitive information. Affected versions of Avaya Aura Conferencing include all 8.x versions prior to 8.0 SP14 (8.0.14). Prior versions not listed were not evaluated. 2019-07-31 not yet calculated CVE-2019-7000
CONFIRM
bitdefender -- multiple_products An issue was discovered in Bitdefender products for Windows (Bitdefender Endpoint Security Tool versions prior to 6.6.8.115; and Bitdefender Antivirus Plus, Bitdefender Internet Security, and Bitdefender Total Security versions prior to 23.0.24.120) that can lead to local code injection. A local attacker with administrator privileges can create a malicious DLL file in %SystemRoot%\System32\ that will be executed with local user privileges. 2019-07-30 not yet calculated CVE-2019-14242
CONFIRM
cisco -- nexus_9000_series_aci_mode_switch_software A vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an adjacent, unauthenticated attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges. The vulnerability is due to improper input validation of certain type, length, value (TLV) fields of the LLDP frame header. An attacker could exploit this vulnerability by sending a crafted LLDP packet to the targeted device. A successful exploit may lead to a buffer overflow condition that could either cause a DoS condition or allow the attacker to execute arbitrary code with root privileges. Note: This vulnerability cannot be exploited by transit traffic through the device; the crafted packet must be targeted to a directly connected interface. This vulnerability affects Cisco Nexus 9000 Series Fabric Switches in ACI mode if they are running a Cisco Nexus 9000 Series ACI Mode Switch Software release prior to 13.2(7f) or any 14.x release. 2019-07-31 not yet calculated CVE-2019-1901
CISCO
clmg -- clmg CImg through 2.6.7 has a heap-based buffer overflow in _load_bmp in CImg.h because of erroneous memory allocation for a malformed BMP image. 2019-07-31 not yet calculated CVE-2019-13568
MISC
MISC
MISC
clusterlabs -- fence-agents A flaw was discovered in fence-agents, prior to version 4.3.4, where using non-ASCII characters in a guest VM's comment or other fields would cause fence_rhevm to exit with an exception. In cluster environments, this could lead to preventing automated recovery or otherwise denying service to clusters of which that VM is a member. 2019-07-30 not yet calculated CVE-2019-10153
CONFIRM
CONFIRM
CONFIRM
cpanel -- cpanel cPanel before 57.9999.54 allows arbitrary file-read operations for Webmail accounts via Branding APIs (SEC-120). 2019-08-01 not yet calculated CVE-2016-10815
MISC
cpanel -- cpanel cPanel before 11.52.0.13 does not prevent arbitrary file-read operations via get_information_for_applications (CPANEL-1221). 2019-08-01 not yet calculated CVE-2015-9291
MISC
cpanel -- cpanel cPanel before 55.9999.141 allows arbitrary code execution in the context of the root account because of MakeText interpolation (SEC-89). 2019-08-01 not yet calculated CVE-2016-10823
MISC
cpanel -- cpanel cPanel before 57.9999.54 allows Webmail accounts to execute arbitrary code through forwarders (SEC-121). 2019-08-01 not yet calculated CVE-2016-10816
MISC
cpanel -- cpanel cPanel before 57.9999.54 allows SQL Injection via the ModSecurity TailWatch log file (SEC-123). 2019-08-01 not yet calculated CVE-2016-10817
MISC
cpanel -- cpanel cPanel before 57.9999.54 incorrectly sets log-file permissions in dnsadmin-startup and spamd-startup (SEC-124). 2019-08-01 not yet calculated CVE-2016-10818
MISC
cpanel -- cpanel In cPanel before 57.9999.54, user log files become world-readable when rotated by cpanellogd (SEC-125). 2019-08-01 not yet calculated CVE-2016-10819
MISC
cpanel -- cpanel cPanel before 55.9999.141 allows daemons to access their controlling TTYs (SEC-31). 2019-08-01 not yet calculated CVE-2016-10820
MISC
cpanel -- cpanel In cPanel before 55.9999.141, Scripts/addpop reveals a command-line password in a process list (SEC-75). 2019-08-01 not yet calculated CVE-2016-10821
MISC
cpanel -- cpanel cPanel before 55.9999.141 allows ACL bypass for AppConfig applications via magic_revision (SEC-100). 2019-08-01 not yet calculated CVE-2016-10830
MISC
cpanel -- cpanel cPanel before 55.9999.141 allows a POP/IMAP cPHulk bypass via account name munging (SEC-107). 2019-08-01 not yet calculated CVE-2016-10835
MISC
cpanel -- cpanel cPanel before 55.9999.141 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-90). 2019-08-01 not yet calculated CVE-2016-10824
MISC
cpanel -- cpanel cPanel before 55.9999.141 allows attackers to bypass a Security Policy by faking static documents (SEC-92). 2019-08-01 not yet calculated CVE-2016-10825
MISC
cpanel -- cpanel cPanel before 55.9999.141 allows attackers to bypass Two Factor Authentication via DNS clustering requests (SEC-93). 2019-08-01 not yet calculated CVE-2016-10826
MISC
cpanel -- cpanel cPanel before 55.9999.141 allows self stored XSS in WHM Edit System Mail Preferences (SEC-96). 2019-08-01 not yet calculated CVE-2016-10827
MISC
cpanel -- cpanel cPanel before 55.9999.141 allows arbitrary code execution because of an unsafe @INC path (SEC-97). 2019-08-01 not yet calculated CVE-2016-10828
MISC
cpanel -- cpanel cPanel before 55.9999.141 allows arbitrary file-read operations because of a multipart form processing error (SEC-99). 2019-08-01 not yet calculated CVE-2016-10829
MISC
cpanel -- cpanel cPanel before 66.0.2 allows resellers to read other accounts' domain log files (SEC-288). 2019-08-02 not yet calculated CVE-2017-18426
CONFIRM
cpanel -- cpanel cPanel before 55.9999.141 does not perform as two-factor authentication check when possessing another account (SEC-101). 2019-08-01 not yet calculated CVE-2016-10831
MISC
cpanel -- cpanel cPanel before 57.9999.54 allows demo-mode escape via show_template.stor (SEC-119). 2019-08-01 not yet calculated CVE-2016-10814
MISC
cpanel -- cpanel cPanel before 11.54.0.0 allows subaccounts to discover sensitive data through comet feeds (SEC-29). 2019-08-01 not yet calculated CVE-2016-10856
MISC
cpanel -- cpanel cPanel before 55.9999.141 allows self XSS in X3 Reseller Branding Images (SEC-88). 2019-08-01 not yet calculated CVE-2016-10822
MISC
cpanel -- cpanel cPanel before 11.54.0.4 allows stored XSS in the WHM Feature Manager interface (SEC-86). 2019-08-01 not yet calculated CVE-2016-10853
MISC
cpanel -- cpanel cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/check_system_storable (SEC-78). 2019-08-01 not yet calculated CVE-2016-10845
MISC
cpanel -- cpanel cPanel before 11.54.0.4 allows arbitrary file-chown and file-chmod operations during Roundcube database conversions (SEC-79). 2019-08-01 not yet calculated CVE-2016-10846
MISC
cpanel -- cpanel cPanel before 11.54.0.4 allows arbitrary file-read and file-write operations via scripts/fixmailboxpath (SEC-80). 2019-08-01 not yet calculated CVE-2016-10847
MISC
cpanel -- cpanel cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/quotacheck (SEC-81). 2019-08-01 not yet calculated CVE-2016-10848
MISC
cpanel -- cpanel cPanel before 11.54.0.4 allows arbitrary code execution via scripts/synccpaddonswithsqlhost (SEC-83). 2019-08-01 not yet calculated CVE-2016-10850
MISC
cpanel -- cpanel cPanel before 11.54.0.4 allows arbitrary code execution because of an unsafe @INC path (SEC-46). 2019-08-01 not yet calculated CVE-2016-10837
MISC
cpanel -- cpanel cPanel before 11.54.0.4 allows self XSS in the WHM PHP Configuration editor interface (SEC-84). 2019-08-01 not yet calculated CVE-2016-10851
MISC
cpanel -- cpanel cPanel before 11.54.0.4 lacks ACL enforcement in the AppConfig subsystem (SEC-85). 2019-08-01 not yet calculated CVE-2016-10852
MISC
cpanel -- cpanel cPanel before 11.54.0.4 allows self XSS in the X3 Entropy Banner interface (SEC-87). 2019-08-01 not yet calculated CVE-2016-10854
MISC
cpanel -- cpanel cPanel before 68.0.15 allows jailed accounts to restore files that are outside of the jail (SEC-310). 2019-08-02 not yet calculated CVE-2017-18384
CONFIRM
cpanel -- cpanel cPanel before 11.54.0.4 allows unauthenticated arbitrary code execution via cpsrvd (SEC-91). 2019-08-01 not yet calculated CVE-2016-10855
MISC
cpanel -- cpanel cPanel before 55.9999.141 mishandles username-based blocking for PRE requests in cPHulkd (SEC-104). 2019-08-01 not yet calculated CVE-2016-10833
MISC
cpanel -- cpanel cPanel before 11.54.0.0 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-64). 2019-08-01 not yet calculated CVE-2016-10858
MISC
cpanel -- cpanel cPanel before 11.54.0.0 allows unauthorized password changes via Webmail API commands (SEC-65). 2019-08-01 not yet calculated CVE-2016-10859
MISC
cpanel -- cpanel cPanel before 11.54.0.0 allows unauthorized zone modification via the WHM API (SEC-66). 2019-08-01 not yet calculated CVE-2016-10860
MISC
cpanel -- cpanel cPanel before 68.0.15 allows use of an unreserved e-mail address in DNS zone SOA records (SEC-306). 2019-08-02 not yet calculated CVE-2017-18382
CONFIRM
cpanel -- cpanel cPanel before 11.54.0.4 allows arbitrary file-read operations via the bin/fmq script (SEC-70). 2019-08-01 not yet calculated CVE-2016-10838
MISC
cpanel -- cpanel cPanel before 55.9999.141 allows arbitrary file-read operations during authentication with caldav (SEC-108). 2019-08-01 not yet calculated CVE-2016-10836
MISC
cpanel -- cpanel cPanel before 55.9999.141 allows FTP cPHulk bypass via account name munging (SEC-102). 2019-08-01 not yet calculated CVE-2016-10832
MISC
cpanel -- cpanel cPanel before 68.0.15 allows arbitrary code execution via Maketext injection in PostgresAdmin (SEC-313). 2019-08-02 not yet calculated CVE-2017-18386
CONFIRM
cpanel -- cpanel cPanel before 55.9999.141 allows account-suspension bypass via ftp (SEC-105). 2019-08-01 not yet calculated CVE-2016-10834
MISC
cpanel -- cpanel cPanel before 68.0.15 can perform unsafe file operations because Jailshell does not set the umask (SEC-315). 2019-08-02 not yet calculated CVE-2017-18388
CONFIRM
cpanel -- cpanel In cPanel before 66.0.2, domain log files become readable after log processing (SEC-273). 2019-08-02 not yet calculated CVE-2017-18423
CONFIRM
cpanel -- cpanel In cPanel before 66.0.2, the Apache HTTP Server configuration file is changed to world-readable when rebuilt (SEC-274). 2019-08-02 not yet calculated CVE-2017-18424
CONFIRM
cpanel -- cpanel In cPanel before 66.0.2, the cpdavd_error_log file can be created with weak permissions (SEC-280). 2019-08-02 not yet calculated CVE-2017-18425
CONFIRM
cpanel -- cpanel cPanel before 68.0.15 allows user accounts to be partially created with invalid username formats (SEC-334). 2019-08-02 not yet calculated CVE-2017-18401
CONFIRM
cpanel -- cpanel cPanel before 68.0.15 allows arbitrary file-read operations because of the backup .htaccess modification logic (SEC-345). 2019-08-02 not yet calculated CVE-2017-18405
CONFIRM
cpanel -- cpanel cPanel before 68.0.15 allows attackers to read root's crontab file during a short time interval upon enabling or disabling sqloptimizer (SEC-332). 2019-08-02 not yet calculated CVE-2017-18399
CONFIRM
cpanel -- cpanel cPanel before 68.0.15 allows collisions because PostgreSQL databases can be assigned to multiple accounts (SEC-325). 2019-08-02 not yet calculated CVE-2017-18392
CONFIRM
cpanel -- cpanel cPanel before 68.0.15 allows arbitrary code execution via Maketext injection in a Reseller style upload (SEC-314). 2019-08-02 not yet calculated CVE-2017-18387
CONFIRM
cpanel -- cpanel cPanel before 68.0.15 allows string format injection in dovecot-xaps-plugin (SEC-318). 2019-08-02 not yet calculated CVE-2017-18389
CONFIRM
cpanel -- cpanel cPanel before 66.0.2 allows demo accounts to create databases and users (SEC-271). 2019-08-02 not yet calculated CVE-2017-18421
CONFIRM
cpanel -- cpanel DnsUtils in cPanel before 68.0.15 allows zone creation for hostname and account subdomains (SEC-331). 2019-08-02 not yet calculated CVE-2017-18398
CONFIRM
cpanel -- cpanel cPanel before 68.0.15 allows code execution in the context of the root account because of weak permissions on incremental backups (SEC-322). 2019-08-02 not yet calculated CVE-2017-18390
CONFIRM
cpanel -- cpanel cPanel before 68.0.15 allows attackers to read backup files because they are world-readable during a short time interval (SEC-323). 2019-08-02 not yet calculated CVE-2017-18391
CONFIRM
cpanel -- cpanel cPanel before 57.9999.54 allows self XSS during ftp account creation under addon domains (SEC-118). 2019-08-01 not yet calculated CVE-2016-10813
MISC
cpanel -- cpanel cPanel before 68.0.15 does not have a sufficient list of reserved usernames (SEC-327). 2019-08-02 not yet calculated CVE-2017-18394
CONFIRM
cpanel -- cpanel cPanel before 68.0.15 does not preserve permissions for local backup transport (SEC-330). 2019-08-02 not yet calculated CVE-2017-18397
CONFIRM
cpanel -- cpanel cPanel before 68.0.15 allows arbitrary file-read operations via Exim vdomainaliases (SEC-329). 2019-08-02 not yet calculated CVE-2017-18396
CONFIRM
cpanel -- cpanel cPanel before 68.0.15 does not block a username of postmaster, which might allow reception of private e-mail (SEC-326). 2019-08-02 not yet calculated CVE-2017-18393
CONFIRM
cpanel -- cpanel cPanel before 68.0.15 does not block a username of ssl (SEC-328). 2019-08-02 not yet calculated CVE-2017-18395
CONFIRM
cpanel -- cpanel In cPanel before 66.0.2, EasyApache 4 conversion sets weak domlog ownership and permissions (SEC-272). 2019-08-02 not yet calculated CVE-2017-18422
CONFIRM
cpanel -- cpanel cPanel before 66.0.2 allows stored XSS during WHM cPAddons processing (SEC-269). 2019-08-02 not yet calculated CVE-2017-18420
CONFIRM
cpanel -- cpanel cPanel before 68.0.15 writes home-directory backups to an incorrect location (SEC-309). 2019-08-02 not yet calculated CVE-2017-18383
CONFIRM
cpanel -- cpanel cPanel before 67.9999.103 allows stored XSS in WHM MySQL Password Change interfaces (SEC-282). 2019-08-02 not yet calculated CVE-2017-18408
CONFIRM
cpanel -- cpanel cPanel before 11.54.0.0 allows a bypass of the e-mail sending limit (SEC-60). 2019-08-01 not yet calculated CVE-2016-10857
MISC
cpanel -- cpanel cPanel before 68.0.15 allows unprivileged users to access restricted directories during account restores (SEC-311). 2019-08-02 not yet calculated CVE-2017-18385
CONFIRM
cpanel -- cpanel In cPanel before 67.9999.103, the backup system overwrites root's home directory when a mount disappears (SEC-299). 2019-08-02 not yet calculated CVE-2017-18413
CONFIRM
cpanel -- cpanel cPanel before 68.0.15 allows stored XSS during a cpaddons moderated upgrade (SEC-336). 2019-08-02 not yet calculated CVE-2017-18402
CONFIRM
cpanel -- cpanel cPanel before 68.0.15 allows code execution in the context of the nobody account via Mailman archives (SEC-337). 2019-08-02 not yet calculated CVE-2017-18403
CONFIRM
cpanel -- cpanel cPanel before 68.0.15 allows domain data to be deleted for domains with the .lock TLD (SEC-341). 2019-08-02 not yet calculated CVE-2017-18404
CONFIRM
cpanel -- cpanel cPanel before 11.54.0.4 allows code execution in the context of shared users via JSON-API (SEC-76). 2019-08-01 not yet calculated CVE-2016-10843
MISC
cpanel -- cpanel cPanel before 67.9999.103 allows SQL injection during eximstats processing (SEC-276). 2019-08-02 not yet calculated CVE-2017-18406
CONFIRM
cpanel -- cpanel cPanel before 67.9999.103 does not enforce SSL hostname verification for the support-agreement download (SEC-279). 2019-08-02 not yet calculated CVE-2017-18407
CONFIRM
cpanel -- cpanel In cPanel before 67.9999.103, the backup interface could return a backup archive with all MySQL databases (SEC-283). 2019-08-02 not yet calculated CVE-2017-18409
CONFIRM
cpanel -- cpanel cPanel before 66.0.2 allows stored XSS during WHM cPAddons uninstallation (SEC-266). 2019-08-02 not yet calculated CVE-2017-18419
CONFIRM
cpanel -- cpanel In cPanel before 67.9999.103, a user account's backup archive could contain all MySQL databases on the server (SEC-284). 2019-08-02 not yet calculated CVE-2017-18410
CONFIRM
cpanel -- cpanel The "addon domain conversion" feature in cPanel before 67.9999.103 can copy all MySQL databases to the new account (SEC-285). 2019-08-02 not yet calculated CVE-2017-18411
CONFIRM
cpanel -- cpanel cPanel before 67.9999.103 allows Apache HTTP Server log files to become world-readable because of mishandling on an account rename (SEC-296). 2019-08-02 not yet calculated CVE-2017-18412
CONFIRM
cpanel -- cpanel cPanel before 67.9999.103 allows an open redirect in /unprotected/redirect.html (SEC-300). 2019-08-02 not yet calculated CVE-2017-18414
CONFIRM
cpanel -- cpanel cPanel before 68.0.15 allows local root code execution via cpdavd (SEC-333). 2019-08-02 not yet calculated CVE-2017-18400
CONFIRM
cpanel -- cpanel cPanel before 67.9999.103 allows code execution in the context of the mailman account because of incorrect environment-variable filtering (SEC-302). 2019-08-02 not yet calculated CVE-2017-18415
CONFIRM
cpanel -- cpanel cPanel before 67.9999.103 allows arbitrary file-overwrite operations during a Roundcube SQLite schema update (SEC-303). 2019-08-02 not yet calculated CVE-2017-18416
CONFIRM
cpanel -- cpanel cPanel before 66.0.2 allows stored XSS during WHM cPAddons installation (SEC-263). 2019-08-02 not yet calculated CVE-2017-18417
CONFIRM
cpanel -- cpanel cPanel before 66.0.2 allows stored XSS during WHM cPAddons file operations (SEC-265). 2019-08-02 not yet calculated CVE-2017-18418
CONFIRM
cpanel -- cpanel The chcpass script in cPanel before 11.54.0.4 reveals a password hash (SEC-77). 2019-08-01 not yet calculated CVE-2016-10844
MISC
cpanel -- cpanel cPanel before 11.54.0.4 allows certain file-chmod operations in scripts/secureit (SEC-82). 2019-08-01 not yet calculated CVE-2016-10849
MISC
cpanel -- cpanel cPanel before 11.54.0.4 allows certain file-read operations in bin/setup_global_spam_filter.pl (SEC-74). 2019-08-01 not yet calculated CVE-2016-10842
MISC
cpanel -- cpanel cPanel before 64.0.21 allows demo accounts to redirect web traffic (SEC-245). 2019-08-02 not yet calculated CVE-2017-18441
CONFIRM
cpanel -- cpanel cPanel before 64.0.21 allows code execution by webmail and demo accounts via a store_filter API call (SEC-236). 2019-08-02 not yet calculated CVE-2017-18433
CONFIRM
cpanel -- cpanel cPanel before 64.0.21 allows code execution in the context of the root account via a SET_VHOST_LANG_PACKAGE multilang adminbin call (SEC-237). 2019-08-02 not yet calculated CVE-2017-18434
CONFIRM
cpanel -- cpanel cPanel before 64.0.21 allows demo accounts to execute code via the BoxTrapper API (SEC-238). 2019-08-02 not yet calculated CVE-2017-18435
CONFIRM
cpanel -- cpanel cPanel before 64.0.21 allows demo accounts to read files via a Fileman::getfileactions API2 call (SEC-239). 2019-08-02 not yet calculated CVE-2017-18436
CONFIRM
cpanel -- cpanel cPanel before 64.0.21 allows a Webmail account to execute code via forwarders (SEC-240). 2019-08-02 not yet calculated CVE-2017-18437
CONFIRM
cpanel -- cpanel cPanel before 64.0.21 allows demo accounts to execute code via an ImageManager_dimensions API call (SEC-243). 2019-08-02 not yet calculated CVE-2017-18439
CONFIRM
cpanel -- cpanel cPanel before 64.0.21 allows certain file-rename operations in the context of the root account via scripts/convert_roundcube_mysql2sqlite (SEC-254). 2019-08-02 not yet calculated CVE-2017-18449
CONFIRM
cpanel -- cpanel cPanel before 64.0.21 allows demo users to execute traceroute via api2 (SEC-244). 2019-08-02 not yet calculated CVE-2017-18440
CONFIRM
cpanel -- cpanel cPanel before 64.0.21 allows demo accounts to execute Cpanel::SPFUI API commands (SEC-246). 2019-08-02 not yet calculated CVE-2017-18442
CONFIRM
cpanel -- cpanel cPanel before 66.0.1 does not reliably perform suspend/unsuspend operations on accounts (CPANEL-13941). 2019-08-02 not yet calculated CVE-2017-18431
CONFIRM
cpanel -- cpanel cPanel before 74.0.0 allows arbitrary file-read operations during File Restoration (SEC-436). 2019-08-01 not yet calculated CVE-2018-20891
CONFIRM
cpanel -- cpanel cPanel before 64.0.21 allows demo accounts to execute SSH API commands (SEC-248). 2019-08-02 not yet calculated CVE-2017-18444
CONFIRM
cpanel -- cpanel cPanel before 64.0.21 does not enforce demo restrictions for SSL API calls (SEC-249). 2019-08-02 not yet calculated CVE-2017-18445
CONFIRM
cpanel -- cpanel cPanel before 64.0.21 allows file-read and file-write operations for demo accounts via the SourceIPCheck API (SEC-250). 2019-08-02 not yet calculated CVE-2017-18446
CONFIRM
cpanel -- cpanel cPanel before 64.0.21 allows demo accounts to execute code via the ClamScanner_getsocket API (SEC-251). 2019-08-02 not yet calculated CVE-2017-18447
CONFIRM
cpanel -- cpanel cPanel before 64.0.21 allows certain file-read operations via a Serverinfo_manpage API call (SEC-252). 2019-08-02 not yet calculated CVE-2017-18448
CONFIRM
cpanel -- cpanel cPanel before 74.0.0 allows arbitrary zone file modifications during record edits (SEC-426). 2019-08-01 not yet calculated CVE-2018-20890
CONFIRM
cpanel -- cpanel The bin/mkvhostspasswd script in cPanel before 11.54.0.4 discloses password hashes (SEC-73). 2019-08-01 not yet calculated CVE-2016-10841
MISC
cpanel -- cpanel cPanel before 74.0.0 allows arbitrary zone file modifications because of incorrect CAA record handling (SEC-439). 2019-08-01 not yet calculated CVE-2018-20892
CONFIRM
cpanel -- cpanel In cPanel before 64.0.21, Horde MySQL to SQLite conversion can leak a database password (SEC-234). 2019-08-02 not yet calculated CVE-2017-18432
CONFIRM
cpanel -- cpanel In cPanel before 66.0.2, user and group ownership may be incorrectly set when using reassign_post_terminate_cruft (SEC-294). 2019-08-02 not yet calculated CVE-2017-18430
CONFIRM
cpanel -- cpanel cPanel before 70.0.23 does not prevent e-mail account suspensions from being applied to unowned accounts (SEC-411). 2019-08-01 not yet calculated CVE-2018-20934
CONFIRM
cpanel -- cpanel cPanel before 62.0.17 allows does not preserve security policy questions across an account rename (SEC-223). 2019-08-02 not yet calculated CVE-2017-18461
CONFIRM
cpanel -- cpanel In cPanel before 62.0.17, addon domain conversion did not require a package for resellers (SEC-208). 2019-08-02 not yet calculated CVE-2017-18455
CONFIRM
cpanel -- cpanel cPanel before 62.0.17 allows self XSS in the WHM cPAddons showsecurity interface (SEC-217). 2019-08-02 not yet calculated CVE-2017-18456
CONFIRM
cpanel -- cpanel cPanel before 62.0.17 allows arbitrary file-read operations via WHM /styled/ URLs (SEC-218). 2019-08-02 not yet calculated CVE-2017-18457
CONFIRM
cpanel -- cpanel cPanel before 62.0.17 allows file overwrite when renaming an account (SEC-219). 2019-08-02 not yet calculated CVE-2017-18458
CONFIRM
cpanel -- cpanel cPanel before 62.0.24 allows stored XSS in the WHM cPAddons install interface (SEC-262). 2019-08-02 not yet calculated CVE-2017-18454
CONFIRM
cpanel -- cpanel cPanel before 64.0.21 does not preserve supplemental groups across account renames (SEC-260). 2019-08-02 not yet calculated CVE-2017-18453
CONFIRM
cpanel -- cpanel cPanel before 62.0.17 allows arbitrary code execution during automatic SSL installation (SEC-221). 2019-08-02 not yet calculated CVE-2017-18460
CONFIRM
cpanel -- cpanel cPanel before 62.0.17 allows arbitrary code execution during account modification (SEC-220). 2019-08-02 not yet calculated CVE-2017-18459
CONFIRM
cpanel -- cpanel cPanel before 74.0.0 allows file modification in the context of the root account because of incorrect HTTP authentication (SEC-424). 2019-08-01 not yet calculated CVE-2018-20888
CONFIRM
cpanel -- cpanel cPanel before 62.0.17 allows code execution in the context of the root account via a long DocumentRoot path (SEC-225). 2019-08-02 not yet calculated CVE-2017-18463
CONFIRM
cpanel -- cpanel cPanel before 64.0.21 allows demo accounts to execute code via Encoding API calls (SEC-242). 2019-08-02 not yet calculated CVE-2017-18438
CONFIRM
cpanel -- cpanel cPanel before 74.0.8 allows local users to disable the ClamAV daemon (SEC-409). 2019-08-01 not yet calculated CVE-2018-20873
CONFIRM
cpanel -- cpanel cPanel before 74.0.8 allows self XSS in the WHM "Create a New Account" interface (SEC-428). 2019-08-01 not yet calculated CVE-2018-20874
CONFIRM
cpanel -- cpanel cPanel before 74.0.8 allows arbitrary file-write operations in the context of the root account during WHM Force Password Change (SEC-447). 2019-08-01 not yet calculated CVE-2018-20882
CONFIRM
cpanel -- cpanel cPanel before 74.0.0 insecurely stores phpMyAdmin session files (SEC-418). 2019-08-01 not yet calculated CVE-2018-20886
CONFIRM
cpanel -- cpanel cPanel before 64.0.21 allows attackers to read a user's crontab file during a short time interval upon a cPAddon upgrade (SEC-257). 2019-08-02 not yet calculated CVE-2017-18451
CONFIRM
cpanel -- cpanel cPanel before 74.0.0 allows certain file-read operations via password file caching (SEC-425). 2019-08-01 not yet calculated CVE-2018-20889
CONFIRM
cpanel -- cpanel cPanel before 64.0.21 allows code execution via Rails configuration files (SEC-259). 2019-08-02 not yet calculated CVE-2017-18452
CONFIRM
cpanel -- cpanel cPanel before 64.0.21 allows demo and suspended accounts to use SSH port forwarding (SEC-247). 2019-08-02 not yet calculated CVE-2017-18443
CONFIRM
cpanel -- cpanel cPanel before 64.0.21 allows certain file-chmod operations via /scripts/convert_roundcube_mysql2sqlite (SEC-255). 2019-08-02 not yet calculated CVE-2017-18450
CONFIRM
cpanel -- cpanel cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon a post-update task (SEC-352). 2019-08-01 not yet calculated CVE-2018-20943
CONFIRM
cpanel -- cpanel cPanel before 71.9980.37 allows stored XSS in the WHM cPAddons installation interface (SEC-398). 2019-08-01 not yet calculated CVE-2018-20899
CONFIRM
cpanel -- cpanel cPanel before 70.0.23 allows stored XSS in via a WHM "Reset a DNS Zone" action (SEC-412). 2019-08-01 not yet calculated CVE-2018-20935
CONFIRM
cpanel -- cpanel cPanel before 70.0.23 allows arbitrary file-chmod operations during legacy incremental backups (SEC-338). 2019-08-01 not yet calculated CVE-2018-20909
CONFIRM
cpanel -- cpanel cPanel before 68.0.27 allows attackers to read the SRS secret via exim.conf (SEC-308). 2019-08-01 not yet calculated CVE-2018-20936
CONFIRM
cpanel -- cpanel In cPanel before 66.0.2, Apache HTTP Server domlogs become temporarily world-readable during log processing (SEC-290). 2019-08-02 not yet calculated CVE-2017-18428
CONFIRM
cpanel -- cpanel cPanel before 71.9980.37 allows stored XSS in the YUM autorepair functionality (SEC-399). 2019-08-01 not yet calculated CVE-2018-20900
CONFIRM
cpanel -- cpanel cPanel before 71.9980.37 allows attackers to make API calls that bypass the cron feature restriction (SEC-427). 2019-08-01 not yet calculated CVE-2018-20904
CONFIRM
cpanel -- cpanel cPanel before 71.9980.37 allows attackers to make API calls that bypass the images feature restriction (SEC-430). 2019-08-01 not yet calculated CVE-2018-20906
CONFIRM
cpanel -- cpanel cPanel before 70.0.23 allows .htaccess restrictions bypass when Htaccess Optimization is enabled (SEC-401). 2019-08-01 not yet calculated CVE-2018-20930
CONFIRM
cpanel -- cpanel cPanel before 71.9980.37 does not enforce the Mime::list_hotlinks API feature restriction (SEC-432). 2019-08-01 not yet calculated CVE-2018-20907
CONFIRM
cpanel -- cpanel cPanel before 71.9980.37 allows arbitrary file-read operations during pkgacct custom template handling (SEC-435). 2019-08-01 not yet calculated CVE-2018-20908
CONFIRM
cpanel -- cpanel cPanel before 70.0.23 allows arbitrary file-read and file-unlink operations via WHM style uploads (SEC-378). 2019-08-01 not yet calculated CVE-2018-20924
CONFIRM
cpanel -- cpanel cPanel before 71.9980.37 allows code injection in the WHM cPAddons interface (SEC-394). 2019-08-01 not yet calculated CVE-2018-20896
CONFIRM
cpanel -- cpanel cPanel before 70.0.23 allows local privilege escalation via the WHM Legacy Language File Upload interface (SEC-379). 2019-08-01 not yet calculated CVE-2018-20925
CONFIRM
cpanel -- cpanel cPanel before 70.0.23 allows local privilege escalation via the WHM Locale XML Upload interface (SEC-380). 2019-08-01 not yet calculated CVE-2018-20926
CONFIRM
cpanel -- cpanel cPanel before 70.0.23 allows jailshell escape because of incorrect crontab parsing (SEC-382). 2019-08-01 not yet calculated CVE-2018-20927
CONFIRM
cpanel -- cpanel cPanel before 70.0.23 allows stored XSS via the cpaddons vendor interface (SEC-391). 2019-08-01 not yet calculated CVE-2018-20928
CONFIRM
cpanel -- cpanel cPanel before 70.0.23 allows an open redirect via the /unprotected/redirect.html endpoint (SEC-392). 2019-08-01 not yet calculated CVE-2018-20929
CONFIRM
cpanel -- cpanel In cPanel before 66.0.2, Apache HTTP Server SSL domain logs can persist on disk after an account termination (SEC-291). 2019-08-02 not yet calculated CVE-2017-18429
CONFIRM
cpanel -- cpanel In cPanel before 66.0.2, weak log-file permissions can occur after account modification (SEC-289). 2019-08-02 not yet calculated CVE-2017-18427
CONFIRM
cpanel -- cpanel cPanel before 11.54.0.4 allows SQL injection in bin/horde_update_usernames (SEC-71). 2019-08-01 not yet calculated CVE-2016-10839
MISC
cpanel -- cpanel cPanel before 11.54.0.4 allows arbitrary code execution during locale duplication (SEC-72). 2019-08-01 not yet calculated CVE-2016-10840
MISC
cpanel -- cpanel cPanel before 71.9980.37 allows arbitrary file-unlink operations via the cPAddons moderation system (SEC-395). 2019-08-01 not yet calculated CVE-2018-20897
CONFIRM
cpanel -- cpanel cPanel before 71.9980.37 allows e-mail injection during cPAddons moderation (SEC-396). 2019-08-01 not yet calculated CVE-2018-20898
CONFIRM
cpanel -- cpanel In cPanel before 71.9980.37, API tokens retain ACLs after those ACLs are removed from the corresponding accounts (SEC-393). 2019-08-01 not yet calculated CVE-2018-20895
CONFIRM
cpanel -- cpanel cPanel before 68.0.27 allows certain file-write operations via the telnetcrt script (SEC-356). 2019-08-01 not yet calculated CVE-2018-20947
CONFIRM
cpanel -- cpanel cPanel before 68.0.27 does not validate database and dbuser names during renames (SEC-321). 2019-08-01 not yet calculated CVE-2018-20937
CONFIRM
cpanel -- cpanel cPanel before 68.0.27 allows a user to discover contents of directories (that are not owned by that user) by leveraging backups (SEC-339). 2019-08-01 not yet calculated CVE-2018-20939
CONFIRM
cpanel -- cpanel cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon the enabling of backups (SEC-342). 2019-08-01 not yet calculated CVE-2018-20940
CONFIRM
cpanel -- cpanel cPanel before 68.0.27 allows arbitrary file-read operations via restore adminbin (SEC-349). 2019-08-01 not yet calculated CVE-2018-20941
CONFIRM
cpanel -- cpanel cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon configuring crontab (SEC-351). 2019-08-01 not yet calculated CVE-2018-20942
CONFIRM
cpanel -- cpanel cPanel before 68.0.27 allows attackers to read a copy of httpd.conf that is created during a syntax test (SEC-353). 2019-08-01 not yet calculated CVE-2018-20944
CONFIRM
cpanel -- cpanel cPanel before 74.0.0 makes web-site contents accessible to other local users via Git repositories (SEC-443). 2019-08-01 not yet calculated CVE-2018-20894
CONFIRM
cpanel -- cpanel bin/csvprocess in cPanel before 68.0.27 allows insecure file operations (SEC-354). 2019-08-01 not yet calculated CVE-2018-20945
CONFIRM
cpanel -- cpanel cPanel before 68.0.27 allows attackers to read zone information because a world-readable archive is created by the archive_sync_zones script (SEC-355). 2019-08-01 not yet calculated CVE-2018-20946
CONFIRM
cpanel -- cpanel cPanel before 70.0.23 exposes Apache HTTP Server logs after creation of certain domains (SEC-406). 2019-08-01 not yet calculated CVE-2018-20932
CONFIRM
cpanel -- cpanel cPanel before 68.0.27 allows self XSS in cPanel Backup Restoration (SEC-383). 2019-08-01 not yet calculated CVE-2018-20948
CONFIRM
cpanel -- cpanel cPanel before 70.0.23 allows demo accounts to execute code via the Landing Page (SEC-405). 2019-08-01 not yet calculated CVE-2018-20931
CONFIRM
cpanel -- cpanel cPanel before 71.9980.37 allows attackers to make API calls that bypass the backup feature restriction (SEC-429). 2019-08-01 not yet calculated CVE-2018-20905
CONFIRM
cpanel -- cpanel cPanel before 74.0.0 allows file-rename operations during account renames (SEC-442). 2019-08-01 not yet calculated CVE-2018-20893
CONFIRM
cpanel -- cpanel cPanel before 68.0.27 allows self XSS in WHM Apache Configuration Include Editor (SEC-385). 2019-08-01 not yet calculated CVE-2018-20949
CONFIRM
cpanel -- cpanel cPanel before 68.0.27 does not enforce ownership during addpkgext and delpkgext WHM API calls (SEC-324). 2019-08-01 not yet calculated CVE-2018-20938
CONFIRM
cpanel -- cpanel cPanel before 70.0.23 has Stored XSS via an WHM Edit DNS Zone action (SEC-410). 2019-08-01 not yet calculated CVE-2018-20933
CONFIRM
cpanel -- cpanel cPanel before 68.0.27 allows self XSS in the WHM listips interface (SEC-389). 2019-08-01 not yet calculated CVE-2018-20953
CONFIRM
cpanel -- cpanel cPanel before 68.0.27 creates world-readable files during use of WHM Apache Includes Editor (SEC-388). 2019-08-01 not yet calculated CVE-2018-20952
CONFIRM
cpanel -- cpanel cPanel before 68.0.27 allows self XSS in WHM Spamd Startup Config (SEC-387). 2019-08-01 not yet calculated CVE-2018-20951
CONFIRM
cpanel -- cpanel cPanel before 68.0.27 allows self stored XSS in WHM Account Transfer (SEC-386). 2019-08-01 not yet calculated CVE-2018-20950
CONFIRM
crypto++ -- crypto++ Crypto++ 8.3.0 and earlier contains a timing side channel in ECDSA signature generation. This allows a local or remote attacker, able to measure the duration of hundreds to thousands of signing operations, to compute the private key used. The issue occurs because scalar multiplication in ecp.cpp (prime field curves, small leakage) and algebra.cpp (binary field curves, large leakage) is not constant time and leaks the bit length of the scalar among other information. 2019-07-30 not yet calculated CVE-2019-14318
MISC
MISC
d-link -- 6600-ap_and_dwl_3600ap_ax_and_dwl-8610ap_ax_devices An issue was discovered on D-Link 6600-AP, DWL-3600AP, and DWL-8610AP Ax 4.2.0.14 21/03/2019 devices. There is post-authenticated Certificate and RSA Private Key extraction through an insecure sslcert-get.cgi HTTP command. 2019-08-01 not yet calculated CVE-2019-14334
MISC
MISC
MISC
d-link -- 6600-ap_and_dwl_3600ap_ax_devices An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is post-authenticated dump of all of the config files through a certain admin.cgi?action= insecure HTTP request. 2019-08-01 not yet calculated CVE-2019-14336
MISC
MISC
MISC
d-link -- 6600-ap_and_dwl_3600ap_ax_devices An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is a pre-authenticated denial of service attack against the access point via a long action parameter to admin.cgi. 2019-08-01 not yet calculated CVE-2019-14333
MISC
MISC
MISC
d-link -- 6600-ap_and_dwl_3600ap_ax_devices An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is an ability to escape to a shell in the restricted command line interface, as demonstrated by the `/bin/sh -c wget` sequence. 2019-08-01 not yet calculated CVE-2019-14337
MISC
MISC
MISC
d-link -- 6600-ap_and_dwl_3600ap_ax_devices An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is use of weak ciphers for SSH such as diffie-hellman-group1-sha1. 2019-08-01 not yet calculated CVE-2019-14332
MISC
MISC
MISC
d-link -- 6600-ap_and_dwl_3600ap_ax_devices An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is a post-authentication admin.cgi?action= XSS vulnerability on the management interface. 2019-08-01 not yet calculated CVE-2019-14338
MISC
MISC
MISC
d-link -- dva-5592 The web interface of the D-Link DVA-5592 20180823 is vulnerable to XSS because HTML form parameters are directly reflected. 2019-08-02 not yet calculated CVE-2019-6968
MISC
d-link -- dva-5592 The web interface of the D-Link DVA-5592 20180823 is vulnerable to an authentication bypass that allows an unauthenticated user to have access to sensitive information such as the Wi-Fi password and the phone number (if VoIP is in use). 2019-08-02 not yet calculated CVE-2019-6969
MISC
das_q -- das_q Das Q before 2019-08-02 allows web sites to execute arbitrary code on client machines, as demonstrated by a cross-origin /install request with an attacker-controlled releaseUrl, which triggers download and execution of code within a ZIP archive. 2019-08-02 not yet calculated CVE-2019-14551
MISC
django -- django An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable. 2019-08-02 not yet calculated CVE-2019-14232
MISC
MISC
CONFIRM
django -- django An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If passed certain inputs, django.utils.encoding.uri_to_iri could lead to significant memory usage due to a recursion when repercent-encoding invalid UTF-8 octet sequences. 2019-08-02 not yet calculated CVE-2019-14235
MISC
MISC
CONFIRM
django -- django An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to the behaviour of the underlying HTMLParser, django.utils.html.strip_tags would be extremely slow to evaluate certain inputs containing large sequences of nested incomplete HTML entities. 2019-08-02 not yet calculated CVE-2019-14233
MISC
MISC
CONFIRM
dnsmasq -- dnsmasq Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491. 2019-08-01 not yet calculated CVE-2019-14513
MISC
docker -- docker In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container. 2019-07-29 not yet calculated CVE-2019-14271
CONFIRM
MISC
docker -- docker-credential-helpers docker-credential-helpers before 0.6.3 has a double free in the List functions. 2019-07-29 not yet calculated CVE-2019-1020014
MISC
MISC
dolibarr_foundation -- dolibarr_erp_and_crm Dolibarr ERP/CRM 9.0.1 provides a module named website that provides for creation of public websites with a WYSIWYG editor. It was identified that the editor also allowed inclusion of dynamic code, which can lead to code execution on the host machine. An attacker has to check a setting on the same page, which specifies the inclusion of dynamic content. Thus, a lower privileged user of the application can execute code under the context and permissions of the underlying web server. 2019-07-29 not yet calculated CVE-2019-11201
MISC
dolibarr_foundation -- dolibarr_erp_and_crm Dolibarr ERP/CRM 9.0.1 provides a web-based functionality that backs up the database content to a dump file. However, the application performs insufficient checks on the export parameters to mysqldump, which can lead to execution of arbitrary binaries on the server. (Malicious binaries can be uploaded by abusing other functionalities of the application.) 2019-07-29 not yet calculated CVE-2019-11200
MISC
dolibarr_foundation -- dolibarr_erp_and_crm Dolibarr ERP/CRM 9.0.1 was affected by stored XSS within uploaded files. These vulnerabilities allowed the execution of a JavaScript payload each time any regular user or administrative user clicked on the malicious link hosted on the same domain. The vulnerabilities could be exploited by low privileged users to target administrators. The viewimage.php page did not perform any contextual output encoding and would display the content within the uploaded file with a user-requested MIME type. 2019-07-29 not yet calculated CVE-2019-11199
MISC
draytek -- draytek_routers DrayTek routers before 2018-05-23 allow CSRF attacks to change DNS or DHCP settings, a related issue to CVE-2017-11649. 2019-07-31 not yet calculated CVE-2018-20872
MISC
eclipse -- openj9 All builds of Eclipse OpenJ9 prior to 0.15 contain a bug where the loop versioner may fail to privatize a value that is pulled out of the loop by versioning - for example if there is a condition that is moved out of the loop that reads a field we may not privatize the value of that field in the modified copy of the loop allowing the test to see one value of the field and subsequently the loop to see a modified field value without retesting the condition moved out of the loop. This can lead to a variety of different issues but read out of array bounds is one major consequence of these problems. 2019-07-30 not yet calculated CVE-2019-11775
CONFIRM
edx -- edx-platform edx-platform before 2016-06-06 allows CSRF. 2019-07-29 not yet calculated CVE-2016-10766
MISC
CONFIRM
edx -- edx-platform edx-platform before 2018-07-18 allows XSS via a response to a Chemical Equation advanced problem. 2019-07-30 not yet calculated CVE-2018-20859
MISC
MISC
MISC
edx -- edx-platform edx-platform before 2017-08-03 allows attackers to trigger password-reset e-mail messages in which the reset link has an attacker-controlled domain name. 2019-07-30 not yet calculated CVE-2017-18380
MISC
CONFIRM
edx -- edx-platform edx-platform before 2016-06-10 allows account activation with a spoofed e-mail address. 2019-07-29 not yet calculated CVE-2016-10765
CONFIRM
edx -- open_edx The installation process in Open edX before 2017-01-10 exposes a MongoDB instance to external connections with default credentials. 2019-07-30 not yet calculated CVE-2017-18381
MISC
MISC
elastic -- apm A TLS certificate validation flaw was found in Elastic APM agent for Ruby versions before 2.9.0. When specifying a trusted server CA certificate via the 'server_ca_cert' setting, the Ruby agent would not properly verify the certificate returned by the APM server. This could result in a man in the middle style attack against the Ruby agent. 2019-07-30 not yet calculated CVE-2019-7615
MISC
elastic -- elasticsearch A race condition flaw was found in the response headers Elasticsearch versions before 7.2.1 and 6.8.2 returns to a request. On a system with multiple users submitting requests, it could be possible for an attacker to gain access to response header containing sensitive data from another user. 2019-07-30 not yet calculated CVE-2019-7614
MISC
elastic -- kibana Kibana versions before 6.8.2 and 7.2.1 contain a server side request forgery (SSRF) flaw in the graphite integration for Timelion visualizer. An attacker with administrative Kibana access could set the timelion:graphite.url configuration option to an arbitrary URL. This could possibly lead to an attacker accessing external URL resources as the Kibana process on the host system. 2019-07-30 not yet calculated CVE-2019-7616
MISC
elm327 -- obd2_bluetooth_device A clone version of an ELM327 OBD2 Bluetooth device has a hardcoded PIN, leading to arbitrary commands to an OBD-II bus of a vehicle, as demonstrated by turning off the vehicle's lights. 2019-07-31 not yet calculated CVE-2019-12797
MISC
MISC
MISC
fasterxml -- jackson-databind SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used, leading to remote code execution. 2019-07-29 not yet calculated CVE-2019-14379
MISC
MISC
fasterxml -- jackson-databind A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. This occurs when Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the logback jar in the classpath. 2019-07-30 not yet calculated CVE-2019-14439
MISC
MISC
MISC
foreman -- foreman-tasks An authentication bypass vulnerability was discovered in foreman-tasks before 0.15.7. Previously, commit tasks were searched through find_resource, which performed authorization checks. After the change to Foreman, an unauthenticated user can view the details of a task through the web UI or API, if they can discover or guess the UUID of the task. 2019-07-31 not yet calculated CVE-2019-10198
CONFIRM
MISC
freetype -- freetype In FreeType before 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1_Get_Private_Dict where there is no check that the new values of cur and limit are sensible before going to Again. 2019-07-30 not yet calculated CVE-2015-9290
MISC
MISC
gnome -- evolution-ews It was discovered evolution-ews before 3.31.3 does not check the validity of SSL certificates. An attacker could abuse this flaw to get confidential information by tricking the user into connecting to a fake server without the user noticing the difference. 2019-08-01 not yet calculated CVE-2019-3890
CONFIRM
CONFIRM
gnucobol -- gnucobol GnuCOBOL 2.2 has a buffer overflow in cb_evaluate_expr in cobc/field.c via crafted COBOL source code. 2019-08-01 not yet calculated CVE-2019-14486
MISC
gnucobol -- gnucobol GnuCOBOL 2.2 has a stack-based buffer overflow in cb_encode_program_id in cobc/typeck.c via crafted COBOL source code. 2019-08-02 not yet calculated CVE-2019-14541
MISC
gnucobol -- gnucobol GnuCOBOL 2.2 has a heap-based buffer overflow in read_literal in cobc/scanner.l via crafted COBOL source code. 2019-08-02 not yet calculated CVE-2019-14528
MISC
gnucobol -- gnucobol GnuCOBOL 2.2 has a buffer overflow in cb_push_op in cobc/field.c via crafted COBOL source code. 2019-08-01 not yet calculated CVE-2019-14468
MISC
gnu -- binutils apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf. 2019-07-30 not yet calculated CVE-2019-14444
MISC
gogs -- gogs routes/api/v1/api.go in Gogs 0.11.86 lacks permission checks for routes: deploy keys, collaborators, and hooks. 2019-08-02 not yet calculated CVE-2019-14544
MISC
happypoint -- happypoint_mobile_app
 
When processing Deeplink scheme, Happypoint mobile app 6.3.19 and earlier versions doesn't check Deeplink URL correctly. This could lead to javascript code execution, url redirection, sensitive information disclosure. An attacker can exploit this issue by enticing an unsuspecting user to open a specific malicious URL. 2019-08-01 not yet calculated CVE-2019-9140
CONFIRM
hasura -- graphql_engine graphql-engine (aka Hasura GraphQL Engine) before 1.0.0-beta.3 mishandles the audience check while verifying JWT. 2019-07-29 not yet calculated CVE-2019-1020015
MISC
hewlett_packard_enterprise -- hp2910al-48g_switches A potential security vulnerability has been identified in HP2910al-48G version W.15.14.0016. The attack exploits an xss injection by setting the attack vector in one of the switch persistent configuration fields (management URL, location, contact). But admin privileges are required to configure these fields thereby reducing the likelihood of exploit. HPE Aruba has provided firmware updates to resolve the vulnerability in HP 2910-48G al Switch. Please update to W.15.14.0017. 2019-08-01 not yet calculated CVE-2019-5401
CONFIRM
humhub -- humhub HumHub Social Network Kit Enterprise v1.3.13 allows remote attackers to find the user accounts existing on any Social Network Kits (including self-hosted ones) by brute-forcing the username after the /u/ initial URI substring, aka Response Discrepancy Information Exposure. 2019-07-29 not yet calculated CVE-2019-12743
MISC
MISC
ibm -- i2_intelligent_analysis_platform IBM i2 Intelligent Analyis Platform 9.0.0 through 9.1.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 157007. 2019-07-30 not yet calculated CVE-2019-4062
CONFIRM
XF
ibm -- jazz_for_service_management IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2 could allow an unauthorized local user to create unique catalog names that could cause a denial of service. IBM X-Force ID: 160296. 2019-08-02 not yet calculated CVE-2019-4275
CONFIRM
XF
ibm -- spectrum_protect_for_enterprise_resource_planning IBM Spectrum Protect for Enterprise Resource Planning 7.1 and 8.1, if tracing is activated, the IBM Spectrum Protect node password may be displayed in plain text in the ERP trace file. IBM X-Force ID: 154280. 2019-08-02 not yet calculated CVE-2018-1987
CONFIRM
XF
imgix -- imgix Imgix through 2019-06-19 allows remote attackers to cause a denial of service (resource consumption) by manipulating a small JPEG file to specify dimensions of 64250x64250 pixels, which is mishandled during an attempt to load the 'whole image' into memory. 2019-07-29 not yet calculated CVE-2019-13655
MISC
jolokia -- jolokia A flaw was found in Jolokia versions from 1.2 to before 1.6.1. Affected versions are vulnerable to a system-wide CSRF. This holds true for properly configured instances with strict checking for origin and referrer headers. This could result in a Remote Code Execution attack. 2019-08-01 not yet calculated CVE-2018-10899
CONFIRM
CONFIRM
libav -- libav An issue was discovered in Libav 12.3. An access violation allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv. This is related to ff_mpa_synth_filter_float in avcodec/mpegaudiodsp_template.c. 2019-07-30 not yet calculated CVE-2019-14441
MISC
libav -- libav In mpc8_read_header in libavformat/mpc8.c in Libav 12.3, an input file can result in an avio_seek infinite loop and hang, with 100% CPU consumption. Attackers could leverage this vulnerability to cause a denial of service via a crafted file. 2019-07-30 not yet calculated CVE-2019-14442
MISC
liblouis -- liblouis A vulnerability was found in liblouis, versions 2.5.x before 2.5.4. A stack-based buffer overflow was found in findTable() in liblouis. An attacker could create a malicious file that would cause applications that use liblouis (such as Orca) to crash, or potentially execute arbitrary code when opened. 2019-08-02 not yet calculated CVE-2014-8184
CONFIRM
MISC
libopenmpt -- libopenmpt J2B in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs. 2019-07-30 not yet calculated CVE-2019-14383
MISC
libopenmpt -- libopenmpt libopenmpt before 0.3.11 allows a crash with certain malformed custom tunings in MPTM files. 2019-07-30 not yet calculated CVE-2018-20861
MISC
libopenmpt -- libopenmpt DSM in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs. 2019-07-30 not yet calculated CVE-2019-14382
MISC
libopenmpt -- libopenmpt libopenmpt before 0.4.3 allows a crash due to a NULL pointer dereference when doing a portamento from an OPL instrument to an empty instrument note map slot. 2019-07-30 not yet calculated CVE-2019-14381
CONFIRM
libvirtd -- libvirtd It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use this to probe the existence of arbitrary files, cause denial of service or cause libvirtd to execute arbitrary programs. 2019-07-30 not yet calculated CVE-2019-10161
CONFIRM
CONFIRM
CONFIRM
libvirtd -- libvirtd It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would execute an arbitrary program when the domain was resumed. 2019-08-02 not yet calculated CVE-2019-10166
CONFIRM
CONFIRM
libvirt -- libvirt The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges. 2019-08-02 not yet calculated CVE-2019-10168
CONFIRM
CONFIRM
libvirt -- libvirt The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges. 2019-08-02 not yet calculated CVE-2019-10167
CONFIRM
CONFIRM
linux -- linux_kernel A flaw was found in the Linux kernel's freescale hypervisor manager implementation, kernel versions 5.0.x up to, excluding 5.0.17. A parameter passed to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw to crash the system, corrupt memory, or create other adverse security affects. 2019-07-30 not yet calculated CVE-2019-10142
CONFIRM
linux -- linux_kernel A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost. 2019-07-30 not yet calculated CVE-2018-16871
CONFIRM
magento -- magento A file upload filter bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with admin privileges to edit configuration keys to remove file extension filters, potentially resulting in the malicious upload and execution of malicious files on the server. 2019-08-02 not yet calculated CVE-2019-7912
CONFIRM
magento -- magento An insecure direct object reference (IDOR) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 due to insufficient authorizations checks. This can be abused by a user with admin privileges to add users to company accounts or modify existing user details. 2019-08-02 not yet calculated CVE-2019-7872
CONFIRM
magento -- magento A cross-site request forgery vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can result in unintended deletion of user roles. 2019-08-02 not yet calculated CVE-2019-7874
CONFIRM
magento -- magento An access control bypass vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An unauthenticated user can bypass access controls via REST API calls to assign themselves to an arbitrary company, thereby gaining read access to potentially confidental information. 2019-08-02 not yet calculated CVE-2019-7950
CONFIRM
magento -- magento A cross-site request forgery vulnerability in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 can lead to unintended data deletion from customer pages. 2019-08-02 not yet calculated CVE-2019-7851
CONFIRM
magento -- magento A denial-of-service vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. Under certain conditions, an unauthenticated attacker could force the Magento store's full page cache to serve a 404 page to customers. 2019-08-02 not yet calculated CVE-2019-7915
CONFIRM
magento -- magento

 
An information disclosure vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to create email templates could leak sensitive data via a malicious email template. 2019-08-02 not yet calculated CVE-2019-7888
CONFIRM
magento -- magento

 
A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges to access shipment settings can execute arbitrary code via server-side request forgery. 2019-08-02 not yet calculated CVE-2019-7892
CONFIRM
magento -- magento

 
An Insecure Direct Object Reference (IDOR) vulnerability exists in the order processing workflow of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can lead to unauthorized access to order details. 2019-08-02 not yet calculated CVE-2019-7890
CONFIRM
magento -- magento

 
A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges to layouts can execute arbitrary code through a combination of product import, crafted csv file and XML layout update. 2019-08-02 not yet calculated CVE-2019-7896
CONFIRM
magento -- magento

 
A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to layouts can execute arbitrary code through a crafted XML layout update. 2019-08-02 not yet calculated CVE-2019-7895
CONFIRM
magento -- magento
 
A cross-site request forgery vulnerability in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 can cause unwanted items to be added to a shopper's cart due to an insufficiently robust anti-CSRF token implementation. 2019-08-02 not yet calculated CVE-2019-7857
CONFIRM
magento -- magento
 
A cryptograhic flaw in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 could be abused by an unauthenticated user to discover an invariant used in gift card generation. 2019-08-02 not yet calculated CVE-2019-7855
CONFIRM
magento -- magento
 
A path disclosure vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. Requests for a specific file path could result in a redirect to the URL of the Magento admin panel, disclosing its location to potentially unauthorized parties. 2019-08-02 not yet calculated CVE-2019-7852
CONFIRM
magento -- magento
 
An insecure direct object reference (IDOR) vulnerability in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 can lead to unauthorized disclosure of company credit history details. 2019-08-02 not yet calculated CVE-2019-7854
CONFIRM
magento -- magento
 
A path traversal vulnerability in the WYSIWYG editor for Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 could result in unauthorized access to uploaded images due to insufficient access control. 2019-08-02 not yet calculated CVE-2019-7859
CONFIRM
magento -- magento
 
A server-side request forgery (SSRF) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by authenticated user with admin privileges to manipulate shipment settings to execute arbitrary code. 2019-08-02 not yet calculated CVE-2019-7923
CONFIRM
magento -- magento
 
A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to email templates can execute arbitrary code by previewing a malicious template. 2019-08-02 not yet calculated CVE-2019-7903
CONFIRM
magento -- magento
 
A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to create or edit a product can execute arbitrary code via malicious XML layout updates. 2019-08-02 not yet calculated CVE-2019-7942
CONFIRM
magento -- magento
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to edit product content pages to inject malicious javascript. 2019-08-02 not yet calculated CVE-2019-7927
CONFIRM
magento -- magento
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to modify node attributes to inject malicious javascript. 2019-08-02 not yet calculated CVE-2019-7926
CONFIRM
magento -- magento
 
An information leakage vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. A SOAP web service endpoint does not properly enforce parameters related to access control. This could be abused to leak customer information via crafted SOAP requests. 2019-08-02 not yet calculated CVE-2019-7951
CONFIRM
magento -- magento
 
Insufficient enforcement of user access controls in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 could enable a low-privileged user to make unauthorized environment configuration changes. 2019-08-02 not yet calculated CVE-2019-7904
CONFIRM
magento -- magento
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to modify content block titles to inject malicious javascript. 2019-08-02 not yet calculated CVE-2019-7936
CONFIRM
magento -- magento
 
An insecure direct object reference (IDOR) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an administrator with limited privileges to delete the downloadable products folder. 2019-08-02 not yet calculated CVE-2019-7925
CONFIRM
magento -- magento
 
A reflected cross-site scripting vulnerability exists on the customer cart checkout page of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by sending a victim a crafted URL that results in malicious javascript execution in the victim's browser. 2019-08-02 not yet calculated CVE-2019-7939
CONFIRM
magento -- magento
 
An information leakage vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges may be able to view metadata of a trusted device used by another administrator via a crafted http request. 2019-08-02 not yet calculated CVE-2019-7929
CONFIRM
magento -- magento
 
A denial-of-service (DoS) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. By abusing insufficient brute-forcing defenses in the token exchange protocol, an unauthenticated attacker could disrupt transactions between the Magento merchant and PayPal. 2019-08-02 not yet calculated CVE-2019-7928
CONFIRM
magento -- magento
 
A file upload restriction bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges to the import feature can make modifications to a configuration file, resulting in potentially unauthorized removal of file upload restrictions. This can result in arbitrary code execution when a malicious file is then uploaded and executed on the system. 2019-08-02 not yet calculated CVE-2019-7930
CONFIRM
magento -- magento
 
A cryptographic flaw in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9 and Magento 2.3 prior to 2.3.2 resulted in storage of sensitive information with an algorithm that is insufficiently resistant to brute force attacks. 2019-08-02 not yet calculated CVE-2019-7858
CONFIRM
magento -- magento
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to store product attributes to inject malicious javascript. 2019-08-02 not yet calculated CVE-2019-7937
CONFIRM
magento -- magento
 
A cryptographically weak pseudo-rando number generator is used in multiple security relevant contexts in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. 2019-08-02 not yet calculated CVE-2019-7860
CONFIRM
magento -- magento
 
A security bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 that could be abused to execute arbitrary PHP code. An authenticated user can bypass security protections that prevent arbitrary PHP script upload via form data injection. 2019-08-02 not yet calculated CVE-2019-7871
CONFIRM
magento -- magento
 
Insufficient server-side validation of user input could allow an attacker to bypass file upload restrictions in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. 2019-08-02 not yet calculated CVE-2019-7861
CONFIRM
magento -- magento
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with access to edit Product information via the TinyMCE editor. 2019-08-02 not yet calculated CVE-2019-7866
CONFIRM
magento -- magento
 
A cryptograhic flaw exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. A weak cryptograhic mechanism is used to generate the intialization vector in multiple security relevant contexts. 2019-08-02 not yet calculated CVE-2019-7886
CONFIRM
magento -- magento
 
Insufficient input validation in the config builder of the Elastic search module could lead to remote code execution in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This vulnerability could be abused by an authenticated user with the ability to configure the catalog search. 2019-08-02 not yet calculated CVE-2019-7885
CONFIRM
magento -- magento
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to marketing email templates to inject malicious javascript. 2019-08-02 not yet calculated CVE-2019-7880
CONFIRM
magento -- magento
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to manage orders can inject malicious javascript. 2019-08-02 not yet calculated CVE-2019-7877
CONFIRM
magento -- magento
 
A stored cross-site scripting vulnerability exists in the product catalog form of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to the product catalog to inject malicious javascript. 2019-08-02 not yet calculated CVE-2019-7921
CONFIRM
magento -- magento
 
A cross-site request forgery vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can result in unintended deletion of the store design schedule. 2019-08-02 not yet calculated CVE-2019-7873
CONFIRM
magento -- magento
 
A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to manipulate layouts can insert a malicious payload into the layout. 2019-08-02 not yet calculated CVE-2019-7876
CONFIRM
magento -- magento
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with permissions to manage customer groups. 2019-08-02 not yet calculated CVE-2019-7869
CONFIRM
magento -- magento
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with permissions to manage tax rules. 2019-08-02 not yet calculated CVE-2019-7868
CONFIRM
magento -- magento
 
A server-side request forgery (SSRF) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with admin privileges to manipulate shipment methods to execute arbitrary code. 2019-08-02 not yet calculated CVE-2019-7913
CONFIRM
magento -- magento
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with access to manage orders and order status. 2019-08-02 not yet calculated CVE-2019-7867
CONFIRM
magento -- magento
 
A reflected cross-site scripting vulnerability exists in the Product widget chooser functionality in the admin panel for Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. 2019-08-02 not yet calculated CVE-2019-7862
CONFIRM
magento -- magento
 
A cross-site request forgery (CSRF) vulnerability exists in the checkout cart item of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited at the time of editing or configuration. 2019-08-02 not yet calculated CVE-2019-7865
CONFIRM
magento -- magento
 
A stored cross-site scripting vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to the tax notifications configuration in the Magento admin panel. 2019-08-02 not yet calculated CVE-2019-7853
CONFIRM
magento -- magento
 
An insecure direct object reference (IDOR) vulnerability exists in the RSS feeds of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can lead to unauthorized access to order details. 2019-08-02 not yet calculated CVE-2019-7864
CONFIRM
magento -- magento
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to modify product information. 2019-08-02 not yet calculated CVE-2019-7908
CONFIRM
magento -- magento
 
A stored cross-site scripting vulnerability exists in the admin panel for Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with access to products and categories. 2019-08-02 not yet calculated CVE-2019-7863
CONFIRM
magento -- magento_and_magento_commerce A defense-in-depth check was added to mitigate inadequate session validation handling by 3rd party checkout modules. This impacts Magento 1.x prior to 1.9.4.2, Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9 and Magento 2.3 prior to 2.3.2. 2019-08-02 not yet calculated CVE-2019-7849
CONFIRM
magento -- multiple_products A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to customer configurations to inject malicious javascript. 2019-08-02 not yet calculated CVE-2019-7897
CONFIRM
magento -- multiple_products

 
A stored cross-site scripting vulnerability exists in the WYSIWYG editor of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to the editor can inject malicious SWF files. 2019-08-02 not yet calculated CVE-2019-7882
CONFIRM
magento -- multiple_products
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to email templates. 2019-08-02 not yet calculated CVE-2019-7909
CONFIRM
magento -- multiple_products
 
A server-side request forgery (SSRF) vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with access to the admin panel to manipulate system configuration and execute arbitrary code. 2019-08-02 not yet calculated CVE-2019-7911
CONFIRM
magento -- multiple_products
 
A remote code execution vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to create sitemaps can execute arbitrary PHP code by creating a malicious sitemap file. 2019-08-02 not yet calculated CVE-2019-7932
CONFIRM
magento -- multiple_products
 
A cross-site scripting mitigation bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user to escalate privileges (admin vs. admin XSS attack). 2019-08-02 not yet calculated CVE-2019-7881
CONFIRM
magento -- multiple_products
 
Names of disabled downloadable products could be disclosed due to inadequate validation of user input in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. 2019-08-02 not yet calculated CVE-2019-7899
CONFIRM
magento -- multiple_products
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to edit newsletter templates to inject malicious javascript. 2019-08-02 not yet calculated CVE-2019-7934
CONFIRM
magento -- multiple_products
 
Samples of disabled downloadable products are accessible in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 due to inadequate validation of user input. 2019-08-02 not yet calculated CVE-2019-7898
CONFIRM
magento -- multiple_products
 
A stored cross-cite scripting vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to modify currency symbols can inject malicious javascript. 2019-08-02 not yet calculated CVE-2019-7945
CONFIRM
magento -- multiple_products
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to modify content page titles to inject malicious javascript. 2019-08-02 not yet calculated CVE-2019-7935
CONFIRM
magento -- multiple_products
 
A cross-site request forgery vulnerability exists in the GiftCardAccount removal feature for Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. 2019-08-02 not yet calculated CVE-2019-7947
CONFIRM
magento -- multiple_products
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to modify catalog price rules to inject malicious javascript. 2019-08-02 not yet calculated CVE-2019-7938
CONFIRM
magento -- multiple_products
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to modify store currency options to inject malicious javascript. 2019-08-02 not yet calculated CVE-2019-7940
CONFIRM
magento -- multiple_products
 
An injection vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with marketing manipulation privileges can invoke methods that alter data of the underlying model followed by corresponding database modifications. 2019-08-02 not yet calculated CVE-2019-7889
CONFIRM
magento -- multiple_products
 
A reflected cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 when the feature that adds a secret key to the Admin URL is disabled. 2019-08-02 not yet calculated CVE-2019-7887
CONFIRM
magento -- multiple_products
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to newsletter templates. 2019-08-02 not yet calculated CVE-2019-7875
CONFIRM
magento -- multiple_products
 
A stored cross-site scripting vulnerability exists in the product comments field of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to the Return Product comments field can inject malicious javascript. 2019-08-02 not yet calculated CVE-2019-7944
CONFIRM
matrixssl -- matrixssl In MatrixSSL 3.8.3 Open through 4.2.1 Open, the DTLS server mishandles incoming network messages leading to a heap-based buffer overflow of up to 256 bytes and possible Remote Code Execution in parseSSLHandshake in sslDecode.c. During processing of a crafted packet, the server mishandles the fragment length value provided in the DTLS message. 2019-07-29 not yet calculated CVE-2019-14431
MISC
milkytracker -- milkytracker ModuleEditor::convertInstrument in tracker/ModuleEditor.cpp in MilkyTracker 1.02.00 has a heap-based buffer overflow. 2019-08-01 not yet calculated CVE-2019-14497
MISC
milkytracker -- milkytracker LoaderXM::load in LoaderXM.cpp in milkyplay in MilkyTracker 1.02.00 has a stack-based buffer overflow. 2019-08-01 not yet calculated CVE-2019-14496
MISC
milkytracker -- milkytracker XMFile::read in XMFile.cpp in milkyplay in MilkyTracker 1.02.00 has a heap-based buffer overflow. 2019-07-31 not yet calculated CVE-2019-14464
MISC
misskey -- misskey Misskey before 10.102.4 allows hijacking a user's token. 2019-07-29 not yet calculated CVE-2019-1020010
MISC
netapp -- data_ontap_7-mode Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 may disclose sensitive LDAP account information to unauthenticated remote attackers. 2019-08-02 not yet calculated CVE-2019-5501
CONFIRM
netapp -- data_ontap_7-mode Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 are susceptible to a vulnerability which discloses information to an unauthenticated attacker. A successful attack requires that multiple non-default options be enabled. 2019-08-02 not yet calculated CVE-2019-5493
CONFIRM
netgear -- n600_wifi_dual_band_router A stack-based buffer overflow in the upnpd binary running on NETGEAR WNDR3400v3 routers with firmware version 1.0.1.18_1.0.63 allows an attacker to remotely execute arbitrary code via a crafted UPnP SSDP packet. 2019-07-28 not yet calculated CVE-2019-14363
MISC
nextcloud -- nextcloud_android_application Bypass lock protection in the Nextcloud Android app prior to version 3.6.2 causes leaking of thumbnails when requesting the Android content provider although the lock protection was not solved. 2019-07-30 not yet calculated CVE-2019-5452
MISC
nextcloud -- nextcloud_android_application Bypassing lock protection exists in Nextcloud Android app 3.6.0 when creating a multi-account and aborting the process. 2019-07-30 not yet calculated CVE-2019-5455
MISC
nextcloud -- nextcloud_android_application SQL Injection in the Nextcloud Android app prior to version 3.0.0 allows to destroy a local cache when a harmful query is executed requiring to resetup the account. 2019-07-30 not yet calculated CVE-2019-5454
MISC
nextcloud -- nextcloud_android_application Bypass lock protection in the Nextcloud Android app prior to version 3.3.0 allowed access to files when being prompted for the lock protection and switching to the Nextcloud file provider. 2019-07-30 not yet calculated CVE-2019-5453
MISC
nextcloud -- nextcloud_android_application Improper sanitization of HTML in directory names in the Nextcloud Android app prior to version 3.7.0 allowed to style the directory name in the header bar when using basic HTML. 2019-07-30 not yet calculated CVE-2019-5450
MISC
nextcloud -- nextcloud_android_application Bypass lock protection in the Nextcloud Android app prior to version 3.6.1 allows accessing the files when repeatedly opening and closing the app in a very short time. 2019-07-30 not yet calculated CVE-2019-5451
MISC
nextcloud -- nextcloud_server A missing check in the Nextcloud Server prior to version 15.0.1 causes leaking of calendar event names when adding or modifying confidential or private events. 2019-07-30 not yet calculated CVE-2019-5449
MISC
nfdump -- nfdump nfdump 1.6.17 and earlier is affected by an integer overflow in the function Process_ipfix_template_withdraw in ipfix.c that can be abused in order to crash the process remotely (denial of service). 2019-07-31 not yet calculated CVE-2019-14459
MISC
MISC
one_identity -- cloud_access_manager One Identity Cloud Access Manager 8.1.3 does not use HTTP Strict Transport Security (HSTS), which may allow man-in-the-middle (MITM) attacks. This issue is fixed in version 8.1.4. 2019-07-29 not yet calculated CVE-2019-13498
CONFIRM
openbravo -- openbravo_erp Openbravo ERP before 3.0PR19Q1.3 is affected by Directory Traversal. This vulnerability could allow remote authenticated attackers to replace a file on the server via the getAttachmentDirectoryForNewAttachment inpKey value. 2019-07-28 not yet calculated CVE-2019-14362
MISC
MISC
MISC
opencv -- opencv An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read in the function cv::predictOrdered<cv::HaarEvaluator> in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service. 2019-08-01 not yet calculated CVE-2019-14491
MISC
MISC
MISC
opencv -- opencv An issue was discovered in OpenCV before 4.1.1. There is a NULL pointer dereference in the function cv::XMLParser::parse at modules/core/src/persistence.cpp. 2019-08-01 not yet calculated CVE-2019-14493
MISC
MISC
opencv -- opencv An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read/write in the function HaarEvaluator::OptFeature::calc in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service. 2019-08-01 not yet calculated CVE-2019-14492
MISC
MISC
MISC
openemr -- openemr OpenEMR before 5.0.2 allows SQL Injection in interface/forms/eye_mag/save.php. 2019-08-02 not yet calculated CVE-2019-14529
MISC
opengear -- console_server Opengear console server firmware releases prior to 4.5.0 have a stored XSS vulnerability related to serial port logging. If a malicious user of an external system (connected to a serial port on an Opengear console server) sends crafted text to a serial port (that has logging enabled), the text will be replayed when the logs are viewed. Exploiting this vulnerability requires access to the serial port and/or console server. 2019-07-31 not yet calculated CVE-2019-14456
MISC

openssl -- openssl

OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s). 2019-07-30 not yet calculated CVE-2019-1552
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
openstack -- openstack-ironic-inspector A vulnerability was found in openstack-ironic-inspector all versions excluding 5.0.2, 6.0.3, 7.2.4, 8.0.3 and 8.2.1. A SQL-injection vulnerability was found in openstack-ironic-inspector's node_cache.find_node(). This function makes a SQL query using unfiltered data from a server reporting inspection results (by a POST to the /v1/continue endpoint). Because the API is unauthenticated, the flaw could be exploited by an attacker with access to the network on which ironic-inspector is listening. Because of how ironic-inspector uses the query results, it is unlikely that data could be obtained. However, the attacker could pass malicious data and create a denial of service. 2019-07-30 not yet calculated CVE-2019-10141
CONFIRM
MISC
MISC
MISC
MISC
MISC
oxid -- oxid_eshop OXID eShop 6.0.x before 6.0.5 and 6.1.x before 6.1.4 allows SQL Injection via a crafted URL, leading to full access by an attacker. This includes all shopping cart options, customer data, and the database. No interaction between the attacker and the victim is necessary. 2019-07-30 not yet calculated CVE-2019-13026
CONFIRM
pandao -- editor.md pandao Editor.md 1.5.0 allows XSS via the Javas&#99;ript: string. 2019-08-01 not yet calculated CVE-2019-14517
MISC
pandao -- editor.md pandao Editor.md 1.5.0 allows XSS via an attribute of an ABBR or SUP element. 2019-08-03 not yet calculated CVE-2019-14653
MISC
pdfresurrect -- pdfresurrect PDFResurrect 0.15 has a buffer overflow via a crafted PDF file because data associated with startxref and %%EOF is mishandled. 2019-07-29 not yet calculated CVE-2019-14267
MISC
MISC
pixman -- pixman An integer overflow issue has been reported in the general_composite_rect() function in pixman prior to version 0.32.8. An attacker could exploit this issue to cause an application using pixman to crash or, potentially, execute arbitrary code. 2019-07-31 not yet calculated CVE-2015-5297
MISC
CONFIRM
planon -- planon Planon before Live Build 41 has XSS. 2019-07-29 not yet calculated CVE-2018-18570
MISC
podman -- podman A path traversal vulnerability has been discovered in podman before version 1.4.0 in the way it handles symlinks inside containers. An attacker who has compromised an existing container can cause arbitrary files on the host filesystem to be read/written when an administrator tries to copy a file from/to the container. 2019-07-30 not yet calculated CVE-2019-10152
CONFIRM
CONFIRM
CONFIRM
CONFIRM
polycom -- multiple_products A vulnerability in the web-based management interface of VVX, Trio, SoundStructure, SoundPoint, and SoundStation phones running Polycom UC Software, if exploited, could allow an authenticated, remote attacker with admin privileges to cause a denial of service (DoS) condition or execute arbitrary code. 2019-07-29 not yet calculated CVE-2019-12948
CONFIRM
polycom -- obihai_obi1022_voip_phone On the Polycom Obihai Obi1022 VoIP phone with firmware 5.1.11, a command injection (missing input validation) issue in the NTP server IP address field for the "Time Service Settings web" interface allows an authenticated remote attacker in the same network to trigger OS commands via shell commands in a POST request. 2019-08-01 not yet calculated CVE-2019-14259
MISC
poppler -- poppler An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc. 2019-08-01 not yet calculated CVE-2019-14494
MISC
MISC
postgresql -- postgresql A vulnerability was found in PostgreSQL versions 11.x up to excluding 11.3, 10.x up to excluding 10.8, 9.6.x up to, excluding 9.6.13, 9.5.x up to, excluding 9.5.17. PostgreSQL maintains column statistics for tables. Certain statistics, such as histograms and lists of most common values, contain values taken from the column. PostgreSQL does not evaluate row security policies before consulting those statistics during query planning; an attacker can exploit this to read the most common values of certain columns. Affected columns are those for which the attacker has SELECT privilege and for which, in an ordinary query, row-level security prunes the set of rows visible to the attacker. 2019-07-30 not yet calculated CVE-2019-10130
CONFIRM
MISC
powerdns -- authoritative_server A Vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.9, 4.0.8 allowing a remote, authorized master server to cause a high CPU load or even prevent any further updates to any slave zone by sending a large number of NOTIFY messages. Note that only servers configured as slaves are affected by this issue. 2019-07-30 not yet calculated CVE-2019-10163
CONFIRM
CONFIRM
MISC
powerdns -- authoritative_server A vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.10, 4.0.8 allowing an authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. The issue is due to the fact that the Authoritative Server will exit when it runs into a parsing error while looking up the NS/A/AAAA records it is about to use for an outgoing notify. 2019-07-30 not yet calculated CVE-2019-10162
CONFIRM
CONFIRM
MISC
printeron -- printeron_central_print_services An issue was discovered in PrinterOn Central Print Services (CPS) through 4.1.4. A user without valid credentials can bypass the authentication process, obtaining a valid session cookie with guest/pseudo-guest level privileges. This cookie can then be further used to perform other attacks. 2019-07-29 not yet calculated CVE-2018-17213
MISC
printeron -- printeron_central_print_services An issue was discovered in PrinterOn Central Print Services (CPS) through 4.1.4. An unauthenticated attacker can view details about the printers associated with CPS via a crafted HTTP GET request. 2019-07-29 not yet calculated CVE-2018-17211
MISC
rancher -- rancher An issue was discovered that affects the following versions of Rancher: v2.0.0 through v2.0.13, v2.1.0 through v2.1.8, and v2.2.0 through 2.2.1. When Rancher starts for the first time, it creates a default admin user with a well-known password. After initial setup, the Rancher administrator may choose to delete this default admin user. If Rancher is restarted, the default admin user will be recreated with the well-known default password. An attacker could exploit this by logging in with the default admin credentials. This can be mitigated by deactivating the default admin user rather than completing deleting them. 2019-07-30 not yet calculated CVE-2019-11202
MISC
MISC
red_hat -- openshift_container_platform A flaw was found in OpenShift Container Platform, versions 3.11 and later, in which the CSRF tokens used in the cluster console component were found to remain static during a user's session. An attacker with the ability to observe the value of this token would be able to re-use the token to perform a CSRF attack. 2019-08-02 not yet calculated CVE-2019-10176
CONFIRM
red_hat -- atomic-openshift A vulnerability exists in the garbage collection mechanism of atomic-openshift. An attacker able spoof the UUID of a valid object from another namespace is able to delete children of those objects. Versions 3.6, 3.7, 3.8, 3.9, 3.10, 3.11 and 4.1 are affected. 2019-08-01 not yet calculated CVE-2019-3884
CONFIRM
red_hat -- enterprise_linux It was found that the fix for CVE-2018-14648 in 389-ds-base, versions 1.4.0.x before 1.4.0.17, was incorrectly applied in RHEL 7.5. An attacker would still be able to provoke excessive CPU consumption leading to a denial of service. 2019-08-02 not yet calculated CVE-2019-10171
CONFIRM
red_hat -- openshift_container_platform OpenShift Container Platform before version 4.1.3 writes OAuth tokens in plaintext to the audit logs for the Kubernetes API server and OpenShift API server. A user with sufficient privileges could recover OAuth tokens from these audit logs and use them to access other resources. 2019-07-30 not yet calculated CVE-2019-10165
CONFIRM
CONFIRM
CONFIRM
red_hat -- openstack_platform A flaw was discovered in the python-novajoin plugin, all versions up to, excluding 1.1.1, for Red Hat OpenStack Platform. The novajoin API lacked sufficient access control, allowing any keystone authenticated user to generate FreeIPA tokens. 2019-07-30 not yet calculated CVE-2019-10138
CONFIRM
MISC
red_hat -- satellite It was found that foreman, versions 1.x.x before 1.15.6, in Satellite 6 did not properly enforce access controls on certain resources. An attacker with access to the API and knowledge of the resource name can access resources in other organizations. 2019-08-01 not yet calculated CVE-2014-8183
CONFIRM
samba -- heimdal_kdc A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and replace the user name (principal) in the request with any desired user name (principal) that exists in the KDC effectively obtaining a ticket for that principal. 2019-07-31 not yet calculated CVE-2018-16860
CONFIRM
MISC
sas -- sas_drug_development SAS Drug Development (SDD) before 32DRG02 mishandles logout actions, which allows a user (who was previously logged in) to access resources by pressing a back or forward button in a web browser. 2019-07-31 not yet calculated CVE-2007-6763
MISC
schism_tracker -- schism_tracker fmt_mtm_load_song in fmt/mtm.c in Schism Tracker 20190722 has a heap-based buffer overflow. 2019-07-31 not yet calculated CVE-2019-14465
MISC
schism_tracker -- schism_tracker An issue was discovered in Schism Tracker through 20190722. There is a heap-based buffer overflow via a large number of song patterns in fmt_mtm_load_song in fmt/mtm.c, a different vulnerability than CVE-2019-14465. 2019-08-02 not yet calculated CVE-2019-14524
MISC
schism_tracker -- schism_tracker An issue was discovered in Schism Tracker through 20190722. There is an integer underflow via a large plen in fmt_okt_load_song in the Amiga Oktalyzer parser in fmt/okt.c. 2019-08-02 not yet calculated CVE-2019-14523
MISC
sdl2_image -- sdl2_image An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2_image 2.0.4. A specially crafted XPM image can cause an integer overflow in the colorhash function, allocating too small of a buffer. This buffer can then be written out of bounds, resulting in a heap overflow, ultimately ending in code execution. An attacker can display a specially crafted image to trigger this vulnerability. 2019-07-31 not yet calculated CVE-2019-5060
MISC
siemens -- siprotec_5_devices A vulnerability has been identified in Ethernet plug-in communication modules for SIPROTEC 5 devices with CPU variants CP200 (All versions), SIPROTEC 5 devices with CPU variants CP300 (All versions). An unauthenticated attacker with network access to the device could potentially insert arbitrary code which is executed before firmware verification in the device. 2019-08-02 not yet calculated CVE-2019-10938
MISC
sigil_ebook -- sigil Sigil before 0.9.16 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in a ZIP archive entry that is mishandled during extraction. 2019-07-30 not yet calculated CVE-2019-14452
MISC
MISC
MISC
MISC
MISC
MISC
MISC
UBUNTU
sleuthkit -- sleuthkit An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an off-by-one overwrite due to an underflow on tools/hashtools/hfind.cpp while using a bogus hash table. 2019-08-02 not yet calculated CVE-2019-14532
MISC
sleuthkit -- sleuthkit An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an out of bounds read on iso9660 while parsing System Use Sharing Protocol data in fs/iso9660.c. 2019-08-02 not yet calculated CVE-2019-14531
MISC
smokedetector -- smokedetector SmokeDetector intentionally does automatic deployments of updated copies of SmokeDetector without server operator authority. 2019-07-29 not yet calculated CVE-2019-1020011
MISC
softether_vpn -- softethervpn See.sys through 4.25 in the SoftEther VPN Server allows a user to specify any kernel address to which arbitrary bytes are written. 2019-07-29 not yet calculated CVE-2019-11868
MISC
MISC
sonos -- zoneplayer
 
ZInsVX.dll ActiveX Control 2018.02 and earlier in Zoneplayer contains a vulnerability that could allow remote attackers to execute arbitrary files by setting the arguments to the ActiveX method. This can be leveraged for remote code execution. 2019-08-02 not yet calculated CVE-2019-9141
CONFIRM
ssdp_responder -- ssdp_responder SSDP Responder 1.x through 1.5 mishandles incoming network messages, leading to a stack-based buffer overflow by 1 byte. This results in a crash of the server, but only when strict stack checking is enabled. This is caused by an off-by-one error in ssdp_recv in ssdpd.c. 2019-07-28 not yet calculated CVE-2019-14323
MISC
MISC
symantec -- endpoint_protection_and_endpoint_protection_small_ business_edition Symantec Endpoint Protection, prior to 14.2 RU1 & 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition, prior to 12.1 RU6 MP10c (12.1.7491.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. 2019-07-31 not yet calculated CVE-2019-12750
MISC
terracotta -- quartz_scheduler initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description. 2019-07-26 not yet calculated CVE-2019-13990
MISC
the_pallets_project -- werkzeug In Pallets Werkzeug before 0.15.5, SharedDataMiddleware mishandles drive names (such as C:) in Windows pathnames. 2019-07-28 not yet calculated CVE-2019-14322
MISC
unifi -- network_controller SMTP MITM refers to a malicious actor setting up an SMTP proxy server between the UniFi Controller version <= 5.10.21 and their actual SMTP server to record their SMTP credentials for malicious use later. 2019-07-30 not yet calculated CVE-2019-5456
CONFIRM
CONFIRM
CONFIRM
MISC
univa -- grid_engine In Univa Grid Engine before 8.6.3, when configured for Docker jobs and execd spooling on root_squash, weak file permissions ("other" write access) occur in certain cases (GE-6890). 2019-07-30 not yet calculated CVE-2018-20871
MISC
veritas -- veritas_resiliency_platform An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. When uploading an application bundle, a directory traversal vulnerability allows a VRP user with sufficient privileges to overwrite any file in the VRP virtual machine. A malicious VRP user could use this to replace existing files to take control of the VRP virtual machine. 2019-07-29 not yet calculated CVE-2019-14418
MISC
FULLDISC
MISC
vlc -- media_player Double Free in VLC versions <= 3.0.6 leads to a crash. 2019-07-30 not yet calculated CVE-2019-5460
MISC
vlc -- media_player An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read. 2019-07-30 not yet calculated CVE-2019-5459
MISC
wallacepos -- wallacepos Unrestricted upload of file with dangerous type in WallacePOS 1.4.3 allows a remote, authenticated attacker to execute arbitrary code by uploading a malicious PHP file. 2019-07-31 not yet calculated CVE-2019-3960
MISC
windu -- windu_cms Windu CMS 2.2 allows CSRF via admin/users/?mn=admin.message.error to add an admin account. 2019-08-01 not yet calculated CVE-2013-7473
MISC
windu -- windu_cms Windu CMS 2.2 allows XSS via the name parameter to admin/content/edit or admin/content/add, or the username parameter to admin/users. 2019-08-01 not yet calculated CVE-2013-7474
MISC
wordpress -- wordpress The WP Fastest Cache plugin through 0.8.9.5 for WordPress allows wpFastestCache.php and inc/cache.php Directory Traversal. 2019-07-30 not yet calculated CVE-2019-13635
MISC
MISC
MISC
MISC
CONFIRM
wordpress -- wordpress The Adenion Blog2Social plugin through 5.5.0 for WordPress allows SQL Injection. 2019-08-01 not yet calculated CVE-2019-13572
MISC
MISC
wordpress -- wordpress A SQL injection vulnerability exists in the Vsourz Digital Advanced CF7 DB plugin through 1.6.1 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system. 2019-07-29 not yet calculated CVE-2019-13571
MISC
MISC
MISC
MISC
wordpress -- wordpress The Simple Membership plugin before 3.8.5 for WordPress has CSRF affecting the Bulk Operation section. 2019-07-28 not yet calculated CVE-2019-14328
MISC
MISC
MISC
yara -- yara An exploitable denial of service vulnerability exists in the object lookup functionality of Yara 3.8.1. A specially crafted binary file can cause a negative value to be read to satisfy an assert, resulting in Denial of Service. An attacker can create a malicious binary to trigger this vulnerability. 2019-07-31 not yet calculated CVE-2019-5020
MISC
yarn -- yarn Yarn before 1.17.3 is vulnerable to Missing Encryption of Sensitive Data due to HTTP URLs in lockfile causing unencrypted authentication data to be sent over the network. 2019-07-30 not yet calculated CVE-2019-5448
MISC
MISC
CONFIRM
zurmo -- zurmo Zurmo 3.2.7-2 has XSS via the app/index.php/zurmo/default PATH_INFO. 2019-08-01 not yet calculated CVE-2019-14472
MISC
Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No