Vulnerability Summary for the Week of July 29, 2019

Released
Aug 05, 2019
Document ID
SB19-217

The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High: vulnerabilities with a CVSS base score of 7.0–10.0
  • Medium: vulnerabilities with a CVSS base score of 4.0–6.9
  • Low: vulnerabilities with a CVSS base score of 0.0–3.9

Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis. 

The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.  

High Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
10web -- photo_galleryA SQL injection vulnerability exists in the 10Web Photo Gallery plugin before 1.5.31 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via filemanager/model.php.2019-07-3010.0CVE-2019-14313
MISC
CONFIRM
CONFIRM
ahsay -- cloud_backup_suiteAn issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. On the /cbs/system/ShowAdvanced.do "File Explorer" screen, it is possible to change the directory in the JavaScript code. If changed to (for example) "C:" then one can browse the whole server.2019-07-267.8CVE-2019-10265
MISC
ahsay -- cloud_backup_suiteAn issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. When sending an out-of-bounds XML document to a URL, it is possible to read the file structure and even the content of files without authentication.2019-07-267.8CVE-2019-10266
MISC
MISC
ahsay -- cloud_backup_suiteAn insecure file upload and code execution issue was discovered in Ahsay Cloud Backup Suite 8.1.0.50. It is possible to upload a file into any directory of the server. One can insert a JSP shell into the web server's directory and execute it. This leads to full access to the system, as the configured user (e.g., Administrator).2019-07-269.0CVE-2019-10267
MISC
MISC
MISC
cpanel -- cpanelcPanel before 76.0.8 allows remote attackers to execute arbitrary code via mailing-list attachments (SEC-452).2019-07-307.5CVE-2018-20863
CONFIRM
cpanel -- cpanelcPanel before 76.0.8 allows arbitrary code execution in the context of the root account via dnssec adminbin (SEC-465).2019-07-307.2CVE-2018-20869
CONFIRM
cpanel -- cpanelcPanel before 74.0.0 allows SQL injection during database backups (SEC-420).2019-08-017.5CVE-2018-20887
CONFIRM
cpanel -- cpanelcPanel before 78.0.18 allows local users to escalate to root access because of userdata cache misparsing (SEC-479).2019-07-307.2CVE-2019-14400
CONFIRM
datagrid_project -- datagridThe datagrid gem 1.0.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party.2019-07-267.5CVE-2019-14281
MISC
MISC
denx -- u-bootAn issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an nc_input_packet call.2019-07-317.5CVE-2019-14192
MISC
MISC
denx -- u-bootAn issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with an unvalidated length at nfs_readlink_reply, in the "if" block after calculating the new path length.2019-07-317.5CVE-2019-14193
MISC
MISC
denx -- u-bootAn issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv2 case.2019-07-317.5CVE-2019-14194
MISC
MISC
denx -- u-bootAn issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with unvalidated length at nfs_readlink_reply in the "else" block after calculating the new path length.2019-07-317.5CVE-2019-14195
MISC
MISC
denx -- u-bootAn issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_lookup_reply.2019-07-317.5CVE-2019-14196
MISC
MISC
denx -- u-bootAn issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv3 case.2019-07-317.5CVE-2019-14198
MISC
MISC
denx -- u-bootAn issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an *udp_packet_handler call.2019-07-317.5CVE-2019-14199
MISC
MISC
denx -- u-bootAn issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: rpc_lookup_reply.2019-07-317.5CVE-2019-14200
MISC
MISC
denx -- u-bootAn issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_lookup_reply.2019-07-317.5CVE-2019-14201
MISC
MISC
denx -- u-bootAn issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_readlink_reply.2019-07-317.5CVE-2019-14202
MISC
MISC
denx -- u-bootAn issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_mount_reply.2019-07-317.5CVE-2019-14203
MISC
MISC
denx -- u-bootAn issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_umountall_reply.2019-07-317.5CVE-2019-14204
MISC
MISC
discourse -- discourseDiscourse before v2.4.0.beta2 lacks a confirmation screen when logging in via an email link.2019-07-297.5CVE-2019-1020018
MISC
MISC
libmodbus -- libmodbusAn issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of-bounds read for the MODBUS_FC_WRITE_MULTIPLE_COILS case, aka VD-1302.2019-07-317.5CVE-2019-14462
MISC
MISC
libmodbus -- libmodbusAn issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of-bounds read for the MODBUS_FC_WRITE_MULTIPLE_REGISTERS case, aka VD-1301.2019-07-317.5CVE-2019-14463
MISC
MISC
linux -- linux_kernelIn the Linux kernel before 2.6.20, there is an off-by-one bug in net/netlabel/netlabel_cipso_v4.c where it is possible to overflow the doi_def->tags[] array.2019-07-277.5CVE-2007-6762
MISC
MISC
MISC
linux -- linux_kernelIn the Linux kernel before 2.6.34, a range check issue in drivers/gpu/drm/radeon/atombios.c could cause an off by one (buffer overflow) problem.2019-07-277.5CVE-2010-5331
MISC
MISC
MISC
linux -- linux_kernelIn the Linux kernel before 2.6.37, an out of bounds array access happened in drivers/net/mlx4/port.c. When searching for a free entry in either mlx4_register_vlan() or mlx4_register_mac(), and there is no free entry, the loop terminates without updating the local variable free thus causing out of array bounds access.2019-07-277.5CVE-2010-5332
MISC
MISC
MISC
linux -- linux_kernelIn the Linux kernel before 3.1, an off by one in the drivers/target/loopback/tcm_loop.c tcm_loop_make_naa_tpg() function could result in at least memory corruption.2019-07-277.5CVE-2011-5327
MISC
MISC
MISC
linux -- linux_kernelIn the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption.2019-07-277.5CVE-2012-6712
MISC
MISC
MISC
linux -- linux_kernelIn the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size for a DiSEqC command is 6, according to the userspace API. However, the code allows larger values such as 23.2019-07-277.5CVE-2015-9289
MISC
MISC
MISC
linux -- linux_kernelIn the Linux kernel before 4.9.6, there is an off by one in the drivers/mtd/spi-nor/cadence-quadspi.c cqspi_setup_flash() function. There are CQSPI_MAX_CHIPSELECT elements in the ->f_pdata array so the ">" should be ">=" instead.2019-07-277.5CVE-2016-10764
MISC
MISC
MISC
linux -- linux_kernelIn the Linux kernel before 4.14, an out of boundary access happened in drivers/nvme/target/fc.c.2019-07-277.5CVE-2017-18379
MISC
MISC
simple_captcha2_project -- simple_captcha2The simple_captcha2 gem 0.2.3 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party.2019-07-267.5CVE-2019-14282
MISC
MISC
veritas -- resiliency_platformAn issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. An arbitrary command execution vulnerability allows a malicious VRP user to execute commands with root privilege within the VRP virtual machine, related to resiliency plans and custom script functionality.2019-07-299.0CVE-2019-14416
MISC
FULLDISC
MISC
veritas -- resiliency_platformAn issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. An arbitrary command execution vulnerability allows a malicious VRP user to execute commands with root privilege within the VRP virtual machine, related to DNS functionality.2019-07-299.0CVE-2019-14417
MISC
FULLDISC
MISC

Back to top

 

Medium Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
ahsay -- cloud_backup_suiteAn issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. When creating a trial account, it is possible to inject XSS in the Alias field, allowing the attacker to retrieve the admin's cookie and take over the account.2019-07-264.3CVE-2019-10263
MISC
ahsay -- cloud_backup_suiteAn issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. With a valid administrator account, the "Move / Import / Export Users" screen has an Import Users option. This option accepts a ZIP archive containing a users.xml file that can trigger XXE.2019-07-266.5CVE-2019-10264
MISC
ash-aio_project -- ash-aioASH-AIO before 2.0.0.3 allows an open redirect.2019-07-295.8CVE-2019-1020016
MISC
centos-webpanel -- centos_web_panelIn CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.840, File and Directory Information Exposure in filemanager allows attackers to enumerate users and check for active users of the application by reading /tmp/login.log.2019-07-264.0CVE-2019-13385
MISC
MISC
centos-webpanel -- centos_web_panelIn CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, a hidden action=9 feature in filemanager2.php allows attackers to execute a shell command, i.e., obtain a reverse shell with user privilege.2019-07-266.5CVE-2019-13386
MISC
MISC
centos-webpanel -- centos_web_panelIn CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, Reflected XSS in filemanager2.php (parameter fm_current_dir) allows attackers to steal a cookie or session, or redirect to a phishing website.2019-07-264.3CVE-2019-13387
MISC
MISC
central_dogma_project -- central_dogmaCross-site scripting vulnerability in Central Dogma 0.17.0 to 0.40.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.2019-07-264.3CVE-2019-6002
JVN
MISC
cpanel -- cpanelcPanel before 76.0.8 allows a persistent Virtual FTP accounts after removal of its associated domain (SEC-454).2019-07-306.4CVE-2018-20864
CONFIRM
cpanel -- cpanelcPanel before 76.0.8 has Self XSS in the WHM Additional Backup Destination field (SEC-459).2019-07-304.3CVE-2018-20865
CONFIRM
cpanel -- cpanelcPanel before 76.0.8 has Stored XSS in the WHM "Reset a DNS Zone" feature (SEC-461).2019-07-304.3CVE-2018-20866
CONFIRM
cpanel -- cpanelcPanel before 76.0.8 has an open redirect when resetting connections (SEC-462).2019-07-305.8CVE-2018-20867
CONFIRM
cpanel -- cpanelcPanel before 76.0.8 has Stored XSS in the WHM MultiPHP Manager interface (SEC-464).2019-07-304.3CVE-2018-20868
CONFIRM
cpanel -- cpanelcPanel before 74.0.8 allows demo accounts to execute arbitrary code via the Fileman::viewfile API (SEC-444).2019-08-016.5CVE-2018-20879
CONFIRM
cpanel -- cpanelcPanel before 74.0.8 allows FTP access during account suspension (SEC-449).2019-08-014.0CVE-2018-20883
CONFIRM
cpanel -- cpanelcPanel before 74.0.0 allows Apache HTTP Server configuration injection because of DocumentRoot variable interpolation (SEC-416).2019-08-015.0CVE-2018-20885
CONFIRM
cpanel -- cpanelcPanel before 71.9980.37 allows Remote-Stored XSS in WHM Save Theme Interface (SEC-400).2019-08-014.3CVE-2018-20901
CONFIRM
cpanel -- cpanelcPanel before 71.9980.37 allows self XSS in the WHM Backup Configuration interface (SEC-421).2019-08-014.3CVE-2018-20903
CONFIRM
cpanel -- cpanelcPanel before 70.0.23 allows self XSS in the WHM cPAddons showsecurity Interface (SEC-357).2019-08-014.3CVE-2018-20910
CONFIRM
cpanel -- cpanelcPanel before 70.0.23 allows code execution because "." is in @INC during a Perl syntax check of cpaddonsup (SEC-359).2019-08-016.5CVE-2018-20911
CONFIRM
cpanel -- cpanelcPanel before 70.0.23 allows demo accounts to execute code via awstats (SEC-362).2019-08-016.5CVE-2018-20912
CONFIRM
cpanel -- cpanelIn cPanel before 70.0.23, OpenID providers can inject arbitrary data into cPanel session files (SEC-368).2019-08-014.9CVE-2018-20914
CONFIRM
cpanel -- cpanelcPanel before 70.0.23 allows stored XSS in WHM DNS Cluster (SEC-372).2019-08-014.3CVE-2018-20918
CONFIRM
cpanel -- cpanelcPanel before 70.0.23 allows stored XSS via a WHM Create Account action (SEC-373).2019-08-014.3CVE-2018-20919
CONFIRM
cpanel -- cpanelcPanel before 70.0.23 allows stored XSS via a WHM Edit DNS Zone action (SEC-374).2019-08-014.3CVE-2018-20920
CONFIRM
cpanel -- cpanelcPanel before 70.0.23 allows stored XSS via a WHM "Delete a DNS Zone" action (SEC-375).2019-08-014.3CVE-2018-20921
CONFIRM
cpanel -- cpanelcPanel before 70.0.23 allows stored XSS via a WHM DNS Cleanup action (SEC-376).2019-08-014.3CVE-2018-20922
CONFIRM
cpanel -- cpanelcPanel before 70.0.23 allows stored XSS via a WHM Synchronize DNS Records action (SEC-377).2019-08-014.3CVE-2018-20923
CONFIRM
cpanel -- cpanelcPanel before 82.0.2 has Self XSS in the cPanel and webmail master templates (SEC-506).2019-07-304.3CVE-2019-14387
MISC
cpanel -- cpanelcPanel before 82.0.2 allows unauthenticated file creation because Exim log parsing is mishandled (SEC-507).2019-07-305.0CVE-2019-14388
MISC
cpanel -- cpanelcPanel before 80.0.22 allows remote code execution by a demo account because of incorrect URI dispatching (SEC-501).2019-07-306.5CVE-2019-14392
CONFIRM
cpanel -- cpanelcPanel before 80.0.5 allows local code execution in the context of a different cPanel account because of insecure cpphp execution (SEC-486).2019-07-304.6CVE-2019-14393
CONFIRM
cpanel -- cpanelcPanel before 80.0.5 allows demo accounts to modify arbitrary files via the extractfile API1 call (SEC-496).2019-07-305.0CVE-2019-14397
CONFIRM
cpanel -- cpanelcPanel before 80.0.5 allows demo accounts to execute arbitrary code via ajax_maketext_syntax_util.pl (SEC-498).2019-07-306.5CVE-2019-14398
CONFIRM
cpanel -- cpanelThe SSL certificate-storage feature in cPanel before 78.0.18 allows unsafe file operations in the context of the root account (SEC-477).2019-07-306.1CVE-2019-14399
CONFIRM
cpanel -- cpanelcPanel before 78.0.18 allows code execution via an addforward API1 call (SEC-480).2019-07-306.5CVE-2019-14401
CONFIRM
cpanel -- cpanelcPanel before 78.0.18 offers an open mail relay because of incorrect domain-redirect routing (SEC-483).2019-07-304.3CVE-2019-14403
CONFIRM
cpanel -- cpanelcPanel before 78.0.18 allows certain file-read operations in the context of the root account via the Exim virtual_user_spam router (SEC-484).2019-07-304.9CVE-2019-14404
CONFIRM
cpanel -- cpanelcPanel before 78.0.18 allows demo accounts to execute code via securitypolicy.cg (SEC-487).2019-07-306.5CVE-2019-14405
CONFIRM
cpanel -- cpanelcPanel before 78.0.18 has stored XSS in the BoxTrapper Queue Listing (SEC-493).2019-07-304.3CVE-2019-14406
CONFIRM
cpanel -- cpanelcPanel before 78.0.2 reveals internal data to OpenID providers (SEC-415).2019-07-304.0CVE-2019-14407
CONFIRM
cpanel -- cpanelcPanel before 78.0.2 allows a demo account to link with an OpenID provider (SEC-460).2019-07-304.0CVE-2019-14408
CONFIRM
cpanel -- cpanelcPanel before 78.0.2 does not properly restrict demo accounts from writing to files via the DCV UAPI (SEC-473).2019-07-305.0CVE-2019-14411
CONFIRM
cpanel -- cpanelcPanel before 78.0.2 allows certain file-write operations as shared users during connection resets (SEC-476).2019-07-304.0CVE-2019-14413
CONFIRM
craftcms -- craft_cmsIn some circumstances, Craft 2 before 2.7.10 and 3 before 3.2.6 wasn't stripping EXIF data from user-uploaded images when it was configured to do so, potentially exposing personal/geolocation data to the public.2019-07-265.0CVE-2019-14280
MISC
MISC
custom_simple_rss_project -- custom_simple_rssA CSRF vulnerability in Settings form in the Custom Simple Rss plugin 2.0.6 for WordPress allows attackers to change the plugin settings.2019-07-304.3CVE-2019-14327
MISC
MISC
denx -- u-bootA crafted self-referential DOS partition table will cause all Das U-Boot versions through 2019.07-rc4 to infinitely recurse, causing the stack to grow infinitely and eventually either crash or overwrite other data.2019-07-296.4CVE-2019-13103
MISC
MISC
denx -- u-bootAn issue was discovered in Das U-Boot through 2019.07. There is a read of out-of-bounds data at nfs_read_reply.2019-07-316.4CVE-2019-14197
MISC
MISC
discourse -- discourseDiscourse before v2.4.0.beta2 lacks a confirmation screen when logging in via a user-api OTP.2019-07-295.0CVE-2019-1020017
MISC
MISC
espocrm -- espocrmAn issue was discovered in EspoCRM before 5.6.6. There is stored XSS due to lack of filtration of user-supplied data in Create Task. A malicious attacker can modify the parameter name to contain JavaScript code.2019-07-284.3CVE-2019-14329
MISC
MISC
MISC
espocrm -- espocrmAn issue was discovered in EspoCRM before 5.6.6. Stored XSS exists due to lack of filtration of user-supplied data in Create Case. A malicious attacker can modify the firstName and lastName to contain JavaScript code.2019-07-284.3CVE-2019-14330
MISC
MISC
MISC
espocrm -- espocrmAn issue was discovered in EspoCRM before 5.6.6. Stored XSS exists due to lack of filtration of user-supplied data in Create User. A malicious attacker can modify the firstName and lastName to contain JavaScript code.2019-07-284.3CVE-2019-14331
MISC
MISC
MISC
espocrm -- espocrmEspoCRM version 5.6.4 is vulnerable to stored XSS due to lack of filtration of user-supplied data in the api/v1/Document functionality for storing documents in the account tab. An attacker can upload a crafted file that contains JavaScript code in its name. This code will be executed when a user opens a page of any profile with this.2019-07-284.3CVE-2019-14349
MISC
espocrm -- espocrmEspoCRM 5.6.4 is vulnerable to stored XSS due to lack of filtration of user-supplied data in the Knowledge base. A malicious attacker can inject JavaScript code in the body parameter during api/v1/KnowledgeBaseArticle knowledge-base record creation.2019-07-284.3CVE-2019-14350
MISC
espocrm -- espocrmEspoCRM 5.6.4 is vulnerable to user password hash enumeration. A malicious authenticated attacker can brute-force a user password hash by 1 symbol at a time using specially crafted api/v1/User?filterList filters.2019-07-284.0CVE-2019-14351
MISC
exiv2 -- exiv2Exiv2 0.27.99.0 has a heap-based buffer over-read in Exiv2::RafImage::readMetadata() in rafimage.cpp.2019-07-286.8CVE-2019-14368
MISC
exiv2 -- exiv2Exiv2::PngImage::readMetadata() in pngimage.cpp in Exiv2 0.27.99.0 allows attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file.2019-07-284.3CVE-2019-14369
MISC
exiv2 -- exiv2In Exiv2 0.27.99.0, there is an out-of-bounds read in Exiv2::MrwImage::readMetadata() in mrwimage.cpp. It could result in denial of service.2019-07-284.3CVE-2019-14370
MISC
flif -- flifAn issue was discovered in image_save_png in image/image-png.cpp in Free Lossless Image Format (FLIF) 0.3. Attackers can trigger a heap-based buffer over-read in libpng via a crafted flif file.2019-07-286.8CVE-2019-14373
MISC
glyphandcog -- xpdfreaderAn issue was discovered in Xpdf 4.01.01. There is an Integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "one byte per line" case.2019-07-274.3CVE-2019-14288
MISC
MISC
glyphandcog -- xpdfreaderAn issue was discovered in Xpdf 4.01.01. There is an integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "multiple bytes per line" case.2019-07-274.3CVE-2019-14289
MISC
MISC
glyphandcog -- xpdfreaderAn issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 2.2019-07-274.3CVE-2019-14290
MISC
MISC
glyphandcog -- xpdfreaderAn issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 3.2019-07-274.3CVE-2019-14291
MISC
MISC
glyphandcog -- xpdfreaderAn issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 1.2019-07-274.3CVE-2019-14292
MISC
MISC
glyphandcog -- xpdfreaderAn issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 2.2019-07-274.3CVE-2019-14293
MISC
MISC
glyphandcog -- xpdfreaderAn issue was discovered in Xpdf 4.01.01. There is a use-after-free in the function JPXStream::fillReadBuf at JPXStream.cc, due to an out of bounds read.2019-07-274.3CVE-2019-14294
MISC
MISC
google -- kubernetes_engineJenkins Google Kubernetes Engine Plugin 0.6.2 and earlier created a temporary file containing a temporary access token in the project workspace, where it could be accessed by users with Job/Read permission.2019-07-314.0CVE-2019-10365
MLIST
MISC
ibm -- daeja_viewoneIBM Daeja ViewONE Professional, Standard & Virtual 5.0.5 and 5.0.6 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 163620.2019-07-305.5CVE-2019-4456
XF
CONFIRM
ibm -- storediqIBM StoreIQ 7.6.0.0. through 7.6.0.18 could allow an authenticated user to obtain sensitive information that a privileged user should only be allowed to view. IBM X-Force ID: 158696.2019-07-314.0CVE-2019-4163
CONFIRM
XF
ibm -- storediqIBM StoreIQ 7.6.0.0. through 7.6.0.18 could allow a remote attacker to cause a denial of service attack using repeated requests to the server. IBM X-Force ID: 158698.2019-07-315.0CVE-2019-4165
CONFIRM
XF
icegram -- email_subscribers_&_newslettersAn XSS vulnerability in the "Email Subscribers & Newsletters" plugin 4.1.6 for WordPress allows an attacker to inject malicious JavaScript code through a publicly available subscription form using the esfpx_name wp-admin/admin-ajax.php POST parameter.2019-07-284.3CVE-2019-14364
MISC
MISC
inveniosoftware -- invenio-appinvenio-app before 1.1.1 allows host header injection.2019-07-295.8CVE-2019-1020006
CONFIRM
inveniosoftware -- invenio-previewerinvenio-previewer before 1.0.0a12 allows XSS.2019-07-294.3CVE-2019-1020019
MISC
jenkins -- configuration_as_codeMissing permission checks in Jenkins Configuration as Code Plugin 1.24 and earlier in various HTTP endpoints allowed users with Overall/Read access to access the generated schema and documentation for this plugin containing detailed information about installed plugins.2019-07-314.0CVE-2019-10344
MLIST
MISC
jenkins -- configuration_as_codeJenkins Configuration as Code Plugin 1.24 and earlier did not escape values resulting in variable interpolation during configuration import when exporting, allowing attackers with permission to change Jenkins system configuration to obtain the values of environment variables.2019-07-315.5CVE-2019-10362
MLIST
MISC
jenkins -- configuration_as_codeJenkins Configuration as Code Plugin 1.24 and earlier did not reliably identify sensitive values expected to be exported in their encrypted form.2019-07-314.0CVE-2019-10363
MLIST
MISC
jenkins -- m2releaseA cross-site request forgery vulnerability in Jenkins Maven Release Plugin 0.14.0 and earlier in the M2ReleaseAction#doSubmit method allowed attackers to perform releases with attacker-specified options.2019-07-316.8CVE-2019-10359
MLIST
MISC
jenkins -- mavenJenkins Maven Integration Plugin 3.3 and earlier did not apply build log decorators to module builds, potentially revealing sensitive build variables in the build log.2019-07-314.0CVE-2019-10358
MLIST
MISC
jenkins -- pipeline:shared_groovy_librariesA missing permission check in Jenkins Pipeline: Shared Groovy Libraries Plugin 2.14 and earlier allowed users with Overall/Read access to obtain limited information about the content of SCM repositories referenced by global libraries.2019-07-314.0CVE-2019-10357
MLIST
MISC
jenkins -- script_securityA sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of type casts allowed attackers to execute arbitrary code in sandboxed scripts.2019-07-316.5CVE-2019-10355
MLIST
MISC
jenkins -- script_securityA sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of method pointer expressions allowed attackers to execute arbitrary code in sandboxed scripts.2019-07-316.5CVE-2019-10356
MLIST
MISC
jenkins -- skytap_cloud_ciJenkins Skytap Cloud CI Plugin 2.06 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system.2019-07-314.0CVE-2019-10366
MLIST
MISC
kolide -- fleetFleet before 2.1.2 allows exposure of SMTP credentials.2019-07-295.0CVE-2019-1020009
MISC
libav -- libavAn issue was discovered in Libav 12.3. There is an infinite loop in the function mov_probe in the file libavformat/mov.c, related to offset and tag.2019-07-284.3CVE-2019-14371
MISC
libav -- libavIn Libav 12.3, there is an infinite loop in the function wv_read_block_header() in the file wvdec.c.2019-07-284.3CVE-2019-14372
MISC
libav -- libavAn issue was discovered in Libav 12.3. Division by zero in range_decode_culshift in libavcodec/apedec.c allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv.2019-07-304.3CVE-2019-14443
MISC
libsdl -- sdl2_imageAn exploitable code execution vulnerability exists in the PCX image-rendering functionality of SDL2_image 2.0.4. A specially crafted PCX image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.2019-07-316.8CVE-2019-5057
MISC
libsdl -- sdl2_imageAn exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image 2.0.4. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.2019-07-316.8CVE-2019-5058
MISC
libsdl -- sdl2_imageAn exploitable code execution vulnerability exists in the XPM image rendering functionality of SDL2_image 2.0.4. A specially crafted XPM image can cause an integer overflow, allocating too small of a buffer. This buffer can then be written out of bounds resulting in a heap overflow, ultimately ending in code execution. An attacker can display a specially crafted image to trigger this vulnerability.2019-07-316.8CVE-2019-5059
MISC
libslirp_project -- libslirpip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.2019-07-296.5CVE-2019-14378
MLIST
MISC
linux -- linux_kernelAn issue was discovered in the Linux kernel before 4.20. drivers/phy/mscc/phy-ocelot-serdes.c has an off-by-one error with a resultant ctrl->phys out-of-bounds read.2019-07-264.6CVE-2018-20854
MISC
MISC
linux -- linux_kernelAn issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled.2019-07-264.6CVE-2018-20856
MISC
MISC
MISC
linux -- linux_kernelIn the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk has been inserted. NOTE: QEMU creates the floppy device by default.2019-07-264.6CVE-2019-14283
MISC
MISC
MISC
mcpp_project -- mcppMCPP 2.7.2 has a heap-based buffer overflow in the do_msg() function in support.c.2019-07-264.3CVE-2019-14274
MISC
misp -- mispIn app/webroot/js/event-graph.js in MISP 2.4.111, a stored XSS vulnerability exists in the event-graph view when a user toggles the event graph view. A malicious MISP event must be crafted in order to trigger the vulnerability.2019-07-274.3CVE-2019-14286
MISC
moodle -- moodleA flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. A sesskey (CSRF) token was not being utilised by the XML loading/unloading admin tool.2019-07-316.8CVE-2019-10186
CONFIRM
MISC
moodle -- moodleA flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Users with permission to delete entries from a glossary were able to delete entries from other glossaries they did not have direct access to.2019-07-314.0CVE-2019-10187
CONFIRM
MISC
moodle -- moodleA flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in a quiz group could modify group overrides for other groups in the same quiz.2019-07-314.0CVE-2019-10188
CONFIRM
CONFIRM
moodle -- moodleA flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in an assignment group could modify group overrides for other groups in the same assignment.2019-07-314.0CVE-2019-10189
CONFIRM
CONFIRM
nats -- nats_serverAn integer overflow in NATS Server 2.0.0 allows a remote attacker to crash the server by sending a crafted request.2019-07-295.0CVE-2019-13126
MISC
MISC
open.edx -- edx-platformedx-platform before 2015-07-20 allows code execution by privileged users because the course import endpoint mishandles .tar.gz files.2019-07-296.5CVE-2015-5601
CONFIRM
open.edx -- edx-platformedx-platform before 2015-09-17 allows XSS via a team name.2019-07-294.3CVE-2015-6960
CONFIRM
openmpt -- libopenmptlibopenmpt before 0.3.13 allows a crash with malformed MED files.2019-07-304.3CVE-2018-20860
MISC
openmpt -- libopenmptlibopenmpt before 0.4.5 allows a crash during playback due to an out-of-bounds read in XM and MT2 files.2019-07-304.3CVE-2019-14380
MISC
parseplatform -- parse-serverparse-server before 3.4.1 allows DoS after any POST to a volatile class.2019-07-295.0CVE-2019-1020012
MISC
parseplatform -- parse-serverparse-server before 3.6.0 allows account enumeration.2019-07-295.0CVE-2019-1020013
MISC
postgresql -- postgresqlA vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. (Exploit prerequisites are the same as for CVE-2018-1052).2019-07-304.0CVE-2019-10129
CONFIRM
MISC
pterodactyl -- panelPterodactyl before 0.7.14 with 2FA allows credential sniffing.2019-07-295.0CVE-2019-1020002
CONFIRM
stacktable.js_project -- stacktable.jsstacktable.js before 1.0.4 allows XSS.2019-07-294.3CVE-2019-1020008
MISC
sunhater -- kcfinderA cross-site scripting (XSS) vulnerability in upload.php in SunHater KCFinder 3.20-test1, 3.20-test2, 3.12, and earlier allows remote attackers to inject arbitrary web script or HTML via the CKEditorFuncNum parameter.2019-07-274.3CVE-2019-14315
MISC
testlink -- testlinkTestLink 1.9.19 has XSS via the error.php message parameter.2019-08-014.3CVE-2019-14471
MISC
tridactyl_project -- tridactylTridactyl before 1.16.0 allows fake key events.2019-07-295.0CVE-2019-1020004
MISC
unity -- web_playerThe Unity Web Player plugin before 4.6.6f2 and 5.x before 5.0.3f2 allows attackers to read messages or access online services via a victim's credentials2019-07-294.0CVE-2015-9288
CONFIRM
upx_project -- upxAn Integer overflow in the getElfSections function in p_vmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an allocation of excessive memory.2019-07-274.3CVE-2019-14295
MISC
upx_project -- upxcanUnpack in p_vmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service (SEGV or buffer overflow, and application crash) or possibly have unspecified other impact via a crafted UPX packed file.2019-07-276.8CVE-2019-14296
MISC
wallaceit -- wallaceposCross-site request forgery in WallacePOS 1.4.3 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link.2019-07-316.8CVE-2019-3959
MISC
wikindx_project -- wikindxA cross-site scripting (XSS) vulnerability in getPagingStart() in core/lists/PAGING.php in WIKINDX through 5.8.1 allows remote attackers to inject arbitrary web script or HTML via the PagingStart parameter.2019-07-264.3CVE-2019-13588
CONFIRM
wpfastestcache -- wp_fastest_cacheThe WP Fastest Cache plugin through 0.8.9.0 for WordPress allows remote attackers to delete arbitrary files because wp_postratings_clear_fastest_cache and rm_folder_recursively in wpFastestCache.php mishandle ../ in an HTTP Referer header.2019-07-295.8CVE-2019-6726
MISC
MISC
MISC
MISC
MISC
xfig_project -- fig2devXfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c.2019-07-264.3CVE-2019-14275
MISC
yardoc -- yardyard before 0.9.20 allows path traversal.2019-07-295.0CVE-2019-1020001
MISC
zendesk -- samlrZendesk Samlr before 2.6.2 allows an XML nodes comment attack such as a name_id node with user@example.com followed by <!---->. and then the attacker's domain name.2019-07-265.0CVE-2018-20857
MISC

Back to top

 

Low Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
cpanel -- cpanelcPanel before 76.0.8 unsafely performs PostgreSQL password changes (SEC-366).2019-07-302.1CVE-2018-20862
CONFIRM
cpanel -- cpanelThe WebDAV transport feature in cPanel before 76.0.8 enables debug logging (SEC-467).2019-07-302.1CVE-2018-20870
CONFIRM
cpanel -- cpanelcPanel before 74.0.8 allows self XSS in the WHM Security Questions interface (SEC-433).2019-08-013.5CVE-2018-20875
CONFIRM
cpanel -- cpanelcPanel before 74.0.8 allows self XSS in the Site Software Moderation interface (SEC-434).2019-08-013.5CVE-2018-20876
CONFIRM
cpanel -- cpanelcPanel before 74.0.8 allows self XSS in WHM Style Upload interface (SEC-437).2019-08-013.5CVE-2018-20877
CONFIRM
cpanel -- cpanelcPanel before 74.0.8 allows stored XSS in WHM "File and Directory Restoration" interface (SEC-441).2019-08-013.5CVE-2018-20878
CONFIRM
cpanel -- cpanelcPanel before 74.0.8 mishandles account suspension because of an invalid email_accounts.json file (SEC-445).2019-08-012.1CVE-2018-20880
CONFIRM
cpanel -- cpanelcPanel before 74.0.8 allows self stored XSS on the Security Questions login page (SEC-446).2019-08-013.5CVE-2018-20881
CONFIRM
cpanel -- cpanelcPanel before 74.0.0 allows stored XSS in the WHM File Restoration interface (SEC-367).2019-08-013.5CVE-2018-20884
CONFIRM
cpanel -- cpanelcPanel before 71.9980.37 allows attackers to read root's crontab file by leveraging ClamAV installation (SEC-408).2019-08-012.1CVE-2018-20902
CONFIRM
cpanel -- cpanelcPanel before 70.0.23 allows attackers to read the root accesshash via the WHM /cgi/trustclustermaster.cgi (SEC-364).2019-08-013.5CVE-2018-20913
CONFIRM
cpanel -- cpanelcPanel before 70.0.23 allows stored XSS via a WHM Edit DNS Zone action (SEC-369).2019-08-013.5CVE-2018-20915
CONFIRM
cpanel -- cpanelcPanel before 70.0.23 allows Stored XSS via a WHM Edit MX Entry (SEC-370).2019-08-013.5CVE-2018-20916
CONFIRM
cpanel -- cpanelcPanel before 70.0.23 allows any user to disable Solr (SEC-371).2019-08-012.1CVE-2018-20917
CONFIRM
cpanel -- cpanelcPanel before 82.0.2 has stored XSS in the WHM Tomcat Manager interface (SEC-504).2019-07-303.5CVE-2019-14386
MISC
cpanel -- cpanelcPanel before 82.0.2 allows local users to discover the MySQL root password (SEC-510).2019-07-302.1CVE-2019-14389
MISC
cpanel -- cpanelcPanel before 82.0.2 has stored XSS in the WHM Modify Account interface (SEC-512).2019-07-303.5CVE-2019-14390
MISC
cpanel -- cpanelcPanel before 82.0.2 does not properly enforce Reseller package creation ACLs (SEC-514).2019-07-302.1CVE-2019-14391
MISC
cpanel -- cpanelcPanel before 80.0.5 allows unsafe file operations in the context of the root account via the fetch_ssl_certificates_for_fqdns API (SEC-489).2019-07-302.1CVE-2019-14394
CONFIRM
cpanel -- cpanelcPanel before 80.0.5 uses world-readable permissions for the Queueprocd log (SEC-494).2019-07-302.1CVE-2019-14395
CONFIRM
cpanel -- cpanelAPI Analytics adminbin in cPanel before 80.0.5 allows spoofed insertions of log data (SEC-495).2019-07-302.1CVE-2019-14396
CONFIRM
cpanel -- cpanelcPanel before 78.0.18 unsafely determines terminal capabilities by using infocmp (SEC-481).2019-07-302.1CVE-2019-14402
CONFIRM
cpanel -- cpanelcPanel before 78.0.2 allows arbitrary file-read operations via Passenger adminbin (SEC-466).2019-07-302.1CVE-2019-14409
CONFIRM
cpanel -- cpanelMaketext in cPanel before 78.0.2 allows format-string injection in the Email store_filter UAPI (SEC-472).2019-07-302.1CVE-2019-14410
CONFIRM
cpanel -- cpanelMaketext in cPanel before 78.0.2 allows format-string injection in the DCV check_domains_via_dns UAPI (SEC-474).2019-07-302.1CVE-2019-14412
CONFIRM
cpanel -- cpanelIn cPanel before 78.0.2, a Userdata cache temporary file can conflict with domains (SEC-478).2019-07-302.1CVE-2019-14414
CONFIRM
dependencytrack -- dependency-trackDependency-Track before 3.5.1 allows XSS.2019-07-293.5CVE-2019-1020007
CONFIRM
http-file-server_project -- http-file-serverCross-site scripting (XSS) vulnerability in http-file-server (all versions) allows an attacker with access to the server file system to execute arbitrary JavaScript code in victim's browser.2019-07-303.5CVE-2019-5458
MISC
ibm -- websphere_application_serverIBM WebSphere Application Server - Liberty Admin Center could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could send a specially-crafted HTTP request to hijack the victim's click actions or launch other client-side browser attacks. IBM X-Force ID: 160513.2019-07-303.5CVE-2019-4285
XF
CONFIRM
inveniosoftware -- invenio-communitiesinvenio-communities before 1.0.0a20 allows XSS.2019-07-293.5CVE-2019-1020005
MISC
inveniosoftware -- invenio-recordsinvenio-records before 1.2.2 allows XSS.2019-07-293.5CVE-2019-1020003
MISC
jenkins -- configuration_as_codeJenkins Configuration as Code Plugin 1.24 and earlier did not properly apply masking to values expected to be hidden when logging the configuration being applied.2019-07-312.1CVE-2019-10343
MLIST
MISC
jenkins -- configuration_as_codeJenkins Configuration as Code Plugin 1.20 and earlier did not treat the proxy password as a secret to be masked when logging or encrypted for export.2019-07-312.1CVE-2019-10345
MLIST
MISC
jenkins -- ec2Jenkins Amazon EC2 Plugin 1.43 and earlier wrote the beginning of private keys to the Jenkins system log.2019-07-312.1CVE-2019-10364
MLIST
MISC
jenkins -- m2_releaseA stored cross site scripting vulnerability in Jenkins Maven Release Plugin 0.14.0 and earlier allowed attackers to inject arbitrary HTML and JavaScript in the plugin-provided web pages in Jenkins.2019-07-313.5CVE-2019-10360
MLIST
MISC
jenkins -- m2releaseJenkins Maven Release Plugin 0.14.0 and earlier stored credentials unencrypted on the Jenkins master where they could be viewed by users with access to the master file system.2019-07-312.1CVE-2019-10361
MLIST
MISC
linux -- linux_kernelAn issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace.2019-07-262.1CVE-2018-20855
MISC
MISC
MISC
linux -- linux_kernelIn the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make F_SECT_PER_TRACK be zero. Next, the floppy format operation should be called. It can be triggered by an unprivileged local user even when a floppy disk has not been inserted. NOTE: QEMU creates the floppy device by default.2019-07-262.1CVE-2019-14284
MISC
MISC
MISC
microsoft -- outlookA spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages, aka 'Outlook for Android Spoofing Vulnerability'.2019-07-293.5CVE-2019-1105
N/A
min-http-server_project -- min-http-serverCross-site scripting (XSS) vulnerability in min-http-server (all versions) allows an attacker with access to the server file system to execute arbitrary JavaScript code in victim's browser.2019-07-303.5CVE-2019-5457
MISC
open.edx -- edx-platformedx-platform before 2015-08-17 allows XSS in the Studio listing of courses.2019-07-293.5CVE-2015-6253
CONFIRM
MISC
veeam -- one_reporterVeeam ONE Reporter 9.5.0.3201 allows XSS via the Add/Edit Widget with a crafted Caption field to setDashboardWidget in CommonDataHandlerReadOnly.ashx.2019-07-273.5CVE-2019-14297
MISC
veeam -- one_reporterVeeam ONE Reporter 9.5.0.3201 allows XSS via a crafted Description(config) field to addDashboard or editDashboard in CommonDataHandlerReadOnly.ashx.2019-07-273.5CVE-2019-14298
MISC
veritas -- resiliency_platformAn issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. A persistent cross-site scripting (XSS) vulnerability allows a malicious VRP user to inject malicious script into another user's browser, related to resiliency plans functionality. A victim must open a resiliency plan that an attacker has access to.2019-07-293.5CVE-2019-14415
MISC
FULLDISC
MISC
wallaceit -- wallaceposInsufficient output sanitization in WallacePOS 1.4.3 allows a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks via a crafted sales transaction.2019-07-313.5CVE-2019-3958
MISC

Back to top

 

Severity Not Yet Assigned

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
3proxy -- 3proxywebadmin.c in 3proxy before 0.8.13 has an out-of-bounds write in the admin interface.2019-08-01not yet calculatedCVE-2019-14495
MISC
MISC
MISC
adoptopenjdk -- icedtea-webIt was found that icedtea-web though 1.7.2 and 1.8.2 did not properly sanitize paths from <jar/> elements in JNLP files. An attacker could trick a victim into running a specially crafted application and use this flaw to upload arbitrary files to arbitrary locations in the context of the user.2019-07-31not yet calculatedCVE-2019-10182
CONFIRM
CONFIRM
CONFIRM
adoptopenjdk -- icedtea-webIt was found that icedtea-web up to and including 1.7.2 and 1.8.2 was vulnerable to a zip-slip attack during auto-extraction of a JAR file. An attacker could use this flaw to write files to arbitrary locations. This could also be used to replace the main running application and, possibly, break out of the sandbox.2019-07-31not yet calculatedCVE-2019-10185
CONFIRM
CONFIRM
CONFIRM
adoptopenjdk -- icedtea-webIt was found that in icedtea-web up to and including 1.7.2 and 1.8.2 executable code could be injected in a JAR file without compromising the signature verification. An attacker could use this flaw to inject code in a trusted JAR. The code would be executed inside the sandbox.2019-07-31not yet calculatedCVE-2019-10181
CONFIRM
CONFIRM
CONFIRM
advantech -- webaccess_hmi_designerIn Advantech WebAccess HMI Designer Version 2.1.9.23 and prior, processing specially crafted MCR files lacking proper validation of user supplied data may cause the system to write outside the intended buffer area, allowing remote code execution.2019-08-02not yet calculatedCVE-2019-10961
MISC

alcatel-lucent_enterprise -- 8008_cloud_edition_deskphone_voip_phone

On the Alcatel-Lucent Enterprise (ALE) 8008 Cloud Edition Deskphone VoIP phone with firmware 1.50.13, a command injection (missing input validation) issue in the password change field for the Change Password interface allows an authenticated remote attacker in the same network to trigger OS commands via shell commands in a POST request.2019-08-01not yet calculatedCVE-2019-14260
MISC
alcatel -- linkzone_mw40-v-v1.0_mw40_02.00_02_devicesThe web interface of Alcatel LINKZONE MW40-V-V1.0 MW40_LU_02.00_02 devices is vulnerable to an authentication bypass that allows an unauthenticated user to have access to the web interface without knowing the administrator's password.2019-08-02not yet calculatedCVE-2019-7163
MISC
amcrest -- ip2m-841b_ip_cameraThe Amcrest IP2M-841B IP camera firmware version V2.520.AC00.18.R does not require authentication to access the HTTP endpoint /videotalk. An unauthenticated, remote person can connect to this endpoint and listen to the audio the camera is capturing.2019-07-29not yet calculatedCVE-2019-3948
MISC
MISC
ansible -- ansibleA flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variable may be disclosed.2019-07-30not yet calculatedCVE-2019-10156
CONFIRM
CONFIRM
apache -- activemq_clientIt was found that the Apache ActiveMQ client before 5.15.5 exposed a remote shutdown command in the ActiveMQConnection class. An attacker logged into a compromised broker could use this flaw to achieve denial of service on a connected client.2019-08-01not yet calculatedCVE-2015-7559
CONFIRM
CONFIRM
apache -- solrIn Apache Solr, the DataImportHandler, an optional but popular module to pull in data from databases and other sources, has a feature in which the whole DIH configuration can come from a request's "dataConfig" parameter. The debug mode of the DIH admin screen uses this to allow convenient debugging / development of a DIH config. Since a DIH config can contain scripts, this parameter is a security risk. Starting with version 8.2.0 of Solr, use of this parameter requires setting the Java System property "enable.dih.dataConfigParam" to true.2019-08-01not yet calculatedCVE-2019-0193
CONFIRM
apache -- tikaA carefully crafted or corrupt zip file can cause an OOM in Apache Tika's RecursiveParserWrapper in versions 1.7-1.21. Users should upgrade to 1.22 or later.2019-08-02not yet calculatedCVE-2019-10088
CONFIRM
apache -- tikaIn Apache Tika 1.19 to 1.21, a carefully crafted 2003ml or 2006ml file could consume all available SAXParsers in the pool and lead to very long hangs. Apache Tika users should upgrade to 1.22 or later.2019-08-02not yet calculatedCVE-2019-10093
CONFIRM
apache -- tikaA carefully crafted package/compressed file that, when unzipped/uncompressed yields the same file (a quine), causes a StackOverflowError in Apache Tika's RecursiveParserWrapper in versions 1.7-1.21. Apache Tika users should upgrade to 1.22 or later.2019-08-02not yet calculatedCVE-2019-10094
CONFIRM
apache -- vclApache VCL versions 2.1 through 2.5 do not properly validate cookie input when determining what node (if any) was previously selected in the privilege tree. The cookie data is then used in an SQL statement. This allows for an SQL injection attack. Access to this portion of a VCL system requires admin level rights. Other layers of security seem to protect against malicious attack. However, all VCL systems running versions earlier than 2.5.1 should be upgraded or patched. This vulnerability was found and reported to the Apache VCL project by ADLab of Venustech.2019-07-29not yet calculatedCVE-2018-11772
MLIST
MLIST
apache -- vclApache VCL versions 2.1 through 2.5 do not properly validate form input when processing a submitted block allocation. The form data is then used as an argument to the php built in function strtotime. This allows for an attack against the underlying implementation of that function. The implementation of strtotime at the time the issue was discovered appeared to be resistant to a malicious attack. However, all VCL systems running versions earlier than 2.5.1 should be upgraded or patched. This vulnerability was found and reported to the Apache VCL project by ADLab of Venustech.2019-07-29not yet calculatedCVE-2018-11773
MLIST
MLIST
apache -- vclApache VCL versions 2.1 through 2.5 do not properly validate form input when adding and removing VMs to and from hosts. The form data is then used in SQL statements. This allows for an SQL injection attack. Access to this portion of a VCL system requires admin level rights. Other layers of security seem to protect against malicious attack. However, all VCL systems running versions earlier than 2.5.1 should be upgraded or patched. This vulnerability was found and reported to the Apache VCL project by ADLab of Venustech.2019-07-29not yet calculatedCVE-2018-11774
MLIST
MLIST
avaya -- aura_conferencingA Cross-Site Scripting (XSS) vulnerability in the Web UI of Avaya Aura Conferencing may allow code execution and potentially disclose sensitive information. Affected versions of Avaya Aura Conferencing include all 8.x versions prior to 8.0 SP14 (8.0.14). Prior versions not listed were not evaluated.2019-07-31not yet calculatedCVE-2019-7000
CONFIRM
bitdefender -- multiple_productsAn issue was discovered in Bitdefender products for Windows (Bitdefender Endpoint Security Tool versions prior to 6.6.8.115; and Bitdefender Antivirus Plus, Bitdefender Internet Security, and Bitdefender Total Security versions prior to 23.0.24.120) that can lead to local code injection. A local attacker with administrator privileges can create a malicious DLL file in %SystemRoot%\System32\ that will be executed with local user privileges.2019-07-30not yet calculatedCVE-2019-14242
CONFIRM
cisco -- nexus_9000_series_aci_mode_switch_softwareA vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an adjacent, unauthenticated attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges. The vulnerability is due to improper input validation of certain type, length, value (TLV) fields of the LLDP frame header. An attacker could exploit this vulnerability by sending a crafted LLDP packet to the targeted device. A successful exploit may lead to a buffer overflow condition that could either cause a DoS condition or allow the attacker to execute arbitrary code with root privileges. Note: This vulnerability cannot be exploited by transit traffic through the device; the crafted packet must be targeted to a directly connected interface. This vulnerability affects Cisco Nexus 9000 Series Fabric Switches in ACI mode if they are running a Cisco Nexus 9000 Series ACI Mode Switch Software release prior to 13.2(7f) or any 14.x release.2019-07-31not yet calculatedCVE-2019-1901
CISCO
clmg -- clmgCImg through 2.6.7 has a heap-based buffer overflow in _load_bmp in CImg.h because of erroneous memory allocation for a malformed BMP image.2019-07-31not yet calculatedCVE-2019-13568
MISC
MISC
MISC
clusterlabs -- fence-agentsA flaw was discovered in fence-agents, prior to version 4.3.4, where using non-ASCII characters in a guest VM's comment or other fields would cause fence_rhevm to exit with an exception. In cluster environments, this could lead to preventing automated recovery or otherwise denying service to clusters of which that VM is a member.2019-07-30not yet calculatedCVE-2019-10153
CONFIRM
CONFIRM
CONFIRM
cpanel -- cpanelcPanel before 57.9999.54 allows arbitrary file-read operations for Webmail accounts via Branding APIs (SEC-120).2019-08-01not yet calculatedCVE-2016-10815
MISC
cpanel -- cpanelcPanel before 11.52.0.13 does not prevent arbitrary file-read operations via get_information_for_applications (CPANEL-1221).2019-08-01not yet calculatedCVE-2015-9291
MISC
cpanel -- cpanelcPanel before 55.9999.141 allows arbitrary code execution in the context of the root account because of MakeText interpolation (SEC-89).2019-08-01not yet calculatedCVE-2016-10823
MISC
cpanel -- cpanelcPanel before 57.9999.54 allows Webmail accounts to execute arbitrary code through forwarders (SEC-121).2019-08-01not yet calculatedCVE-2016-10816
MISC
cpanel -- cpanelcPanel before 57.9999.54 allows SQL Injection via the ModSecurity TailWatch log file (SEC-123).2019-08-01not yet calculatedCVE-2016-10817
MISC
cpanel -- cpanelcPanel before 57.9999.54 incorrectly sets log-file permissions in dnsadmin-startup and spamd-startup (SEC-124).2019-08-01not yet calculatedCVE-2016-10818
MISC
cpanel -- cpanelIn cPanel before 57.9999.54, user log files become world-readable when rotated by cpanellogd (SEC-125).2019-08-01not yet calculatedCVE-2016-10819
MISC
cpanel -- cpanelcPanel before 55.9999.141 allows daemons to access their controlling TTYs (SEC-31).2019-08-01not yet calculatedCVE-2016-10820
MISC
cpanel -- cpanelIn cPanel before 55.9999.141, Scripts/addpop reveals a command-line password in a process list (SEC-75).2019-08-01not yet calculatedCVE-2016-10821
MISC
cpanel -- cpanelcPanel before 55.9999.141 allows ACL bypass for AppConfig applications via magic_revision (SEC-100).2019-08-01not yet calculatedCVE-2016-10830
MISC
cpanel -- cpanelcPanel before 55.9999.141 allows a POP/IMAP cPHulk bypass via account name munging (SEC-107).2019-08-01not yet calculatedCVE-2016-10835
MISC
cpanel -- cpanelcPanel before 55.9999.141 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-90).2019-08-01not yet calculatedCVE-2016-10824
MISC
cpanel -- cpanelcPanel before 55.9999.141 allows attackers to bypass a Security Policy by faking static documents (SEC-92).2019-08-01not yet calculatedCVE-2016-10825
MISC
cpanel -- cpanelcPanel before 55.9999.141 allows attackers to bypass Two Factor Authentication via DNS clustering requests (SEC-93).2019-08-01not yet calculatedCVE-2016-10826
MISC
cpanel -- cpanelcPanel before 55.9999.141 allows self stored XSS in WHM Edit System Mail Preferences (SEC-96).2019-08-01not yet calculatedCVE-2016-10827
MISC
cpanel -- cpanelcPanel before 55.9999.141 allows arbitrary code execution because of an unsafe @INC path (SEC-97).2019-08-01not yet calculatedCVE-2016-10828
MISC
cpanel -- cpanelcPanel before 55.9999.141 allows arbitrary file-read operations because of a multipart form processing error (SEC-99).2019-08-01not yet calculatedCVE-2016-10829
MISC
cpanel -- cpanelcPanel before 66.0.2 allows resellers to read other accounts' domain log files (SEC-288).2019-08-02not yet calculatedCVE-2017-18426
CONFIRM
cpanel -- cpanelcPanel before 55.9999.141 does not perform as two-factor authentication check when possessing another account (SEC-101).2019-08-01not yet calculatedCVE-2016-10831
MISC
cpanel -- cpanelcPanel before 57.9999.54 allows demo-mode escape via show_template.stor (SEC-119).2019-08-01not yet calculatedCVE-2016-10814
MISC
cpanel -- cpanelcPanel before 11.54.0.0 allows subaccounts to discover sensitive data through comet feeds (SEC-29).2019-08-01not yet calculatedCVE-2016-10856
MISC
cpanel -- cpanelcPanel before 55.9999.141 allows self XSS in X3 Reseller Branding Images (SEC-88).2019-08-01not yet calculatedCVE-2016-10822
MISC
cpanel -- cpanelcPanel before 11.54.0.4 allows stored XSS in the WHM Feature Manager interface (SEC-86).2019-08-01not yet calculatedCVE-2016-10853
MISC
cpanel -- cpanelcPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/check_system_storable (SEC-78).2019-08-01not yet calculatedCVE-2016-10845
MISC
cpanel -- cpanelcPanel before 11.54.0.4 allows arbitrary file-chown and file-chmod operations during Roundcube database conversions (SEC-79).2019-08-01not yet calculatedCVE-2016-10846
MISC
cpanel -- cpanelcPanel before 11.54.0.4 allows arbitrary file-read and file-write operations via scripts/fixmailboxpath (SEC-80).2019-08-01not yet calculatedCVE-2016-10847
MISC
cpanel -- cpanelcPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/quotacheck (SEC-81).2019-08-01not yet calculatedCVE-2016-10848
MISC
cpanel -- cpanelcPanel before 11.54.0.4 allows arbitrary code execution via scripts/synccpaddonswithsqlhost (SEC-83).2019-08-01not yet calculatedCVE-2016-10850
MISC
cpanel -- cpanelcPanel before 11.54.0.4 allows arbitrary code execution because of an unsafe @INC path (SEC-46).2019-08-01not yet calculatedCVE-2016-10837
MISC
cpanel -- cpanelcPanel before 11.54.0.4 allows self XSS in the WHM PHP Configuration editor interface (SEC-84).2019-08-01not yet calculatedCVE-2016-10851
MISC
cpanel -- cpanelcPanel before 11.54.0.4 lacks ACL enforcement in the AppConfig subsystem (SEC-85).2019-08-01not yet calculatedCVE-2016-10852
MISC
cpanel -- cpanelcPanel before 11.54.0.4 allows self XSS in the X3 Entropy Banner interface (SEC-87).2019-08-01not yet calculatedCVE-2016-10854
MISC
cpanel -- cpanelcPanel before 68.0.15 allows jailed accounts to restore files that are outside of the jail (SEC-310).2019-08-02not yet calculatedCVE-2017-18384
CONFIRM
cpanel -- cpanelcPanel before 11.54.0.4 allows unauthenticated arbitrary code execution via cpsrvd (SEC-91).2019-08-01not yet calculatedCVE-2016-10855
MISC
cpanel -- cpanelcPanel before 55.9999.141 mishandles username-based blocking for PRE requests in cPHulkd (SEC-104).2019-08-01not yet calculatedCVE-2016-10833
MISC
cpanel -- cpanelcPanel before 11.54.0.0 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-64).2019-08-01not yet calculatedCVE-2016-10858
MISC
cpanel -- cpanelcPanel before 11.54.0.0 allows unauthorized password changes via Webmail API commands (SEC-65).2019-08-01not yet calculatedCVE-2016-10859
MISC
cpanel -- cpanelcPanel before 11.54.0.0 allows unauthorized zone modification via the WHM API (SEC-66).2019-08-01not yet calculatedCVE-2016-10860
MISC
cpanel -- cpanelcPanel before 68.0.15 allows use of an unreserved e-mail address in DNS zone SOA records (SEC-306).2019-08-02not yet calculatedCVE-2017-18382
CONFIRM
cpanel -- cpanelcPanel before 11.54.0.4 allows arbitrary file-read operations via the bin/fmq script (SEC-70).2019-08-01not yet calculatedCVE-2016-10838
MISC
cpanel -- cpanelcPanel before 55.9999.141 allows arbitrary file-read operations during authentication with caldav (SEC-108).2019-08-01not yet calculatedCVE-2016-10836
MISC
cpanel -- cpanelcPanel before 55.9999.141 allows FTP cPHulk bypass via account name munging (SEC-102).2019-08-01not yet calculatedCVE-2016-10832
MISC
cpanel -- cpanelcPanel before 68.0.15 allows arbitrary code execution via Maketext injection in PostgresAdmin (SEC-313).2019-08-02not yet calculatedCVE-2017-18386
CONFIRM
cpanel -- cpanelcPanel before 55.9999.141 allows account-suspension bypass via ftp (SEC-105).2019-08-01not yet calculatedCVE-2016-10834
MISC
cpanel -- cpanelcPanel before 68.0.15 can perform unsafe file operations because Jailshell does not set the umask (SEC-315).2019-08-02not yet calculatedCVE-2017-18388
CONFIRM
cpanel -- cpanelIn cPanel before 66.0.2, domain log files become readable after log processing (SEC-273).2019-08-02not yet calculatedCVE-2017-18423
CONFIRM
cpanel -- cpanelIn cPanel before 66.0.2, the Apache HTTP Server configuration file is changed to world-readable when rebuilt (SEC-274).2019-08-02not yet calculatedCVE-2017-18424
CONFIRM
cpanel -- cpanelIn cPanel before 66.0.2, the cpdavd_error_log file can be created with weak permissions (SEC-280).2019-08-02not yet calculatedCVE-2017-18425
CONFIRM
cpanel -- cpanelcPanel before 68.0.15 allows user accounts to be partially created with invalid username formats (SEC-334).2019-08-02not yet calculatedCVE-2017-18401
CONFIRM
cpanel -- cpanelcPanel before 68.0.15 allows arbitrary file-read operations because of the backup .htaccess modification logic (SEC-345).2019-08-02not yet calculatedCVE-2017-18405
CONFIRM
cpanel -- cpanelcPanel before 68.0.15 allows attackers to read root's crontab file during a short time interval upon enabling or disabling sqloptimizer (SEC-332).2019-08-02not yet calculatedCVE-2017-18399
CONFIRM
cpanel -- cpanelcPanel before 68.0.15 allows collisions because PostgreSQL databases can be assigned to multiple accounts (SEC-325).2019-08-02not yet calculatedCVE-2017-18392
CONFIRM
cpanel -- cpanelcPanel before 68.0.15 allows arbitrary code execution via Maketext injection in a Reseller style upload (SEC-314).2019-08-02not yet calculatedCVE-2017-18387
CONFIRM
cpanel -- cpanelcPanel before 68.0.15 allows string format injection in dovecot-xaps-plugin (SEC-318).2019-08-02not yet calculatedCVE-2017-18389
CONFIRM
cpanel -- cpanelcPanel before 66.0.2 allows demo accounts to create databases and users (SEC-271).2019-08-02not yet calculatedCVE-2017-18421
CONFIRM
cpanel -- cpanelDnsUtils in cPanel before 68.0.15 allows zone creation for hostname and account subdomains (SEC-331).2019-08-02not yet calculatedCVE-2017-18398
CONFIRM
cpanel -- cpanelcPanel before 68.0.15 allows code execution in the context of the root account because of weak permissions on incremental backups (SEC-322).2019-08-02not yet calculatedCVE-2017-18390
CONFIRM
cpanel -- cpanelcPanel before 68.0.15 allows attackers to read backup files because they are world-readable during a short time interval (SEC-323).2019-08-02not yet calculatedCVE-2017-18391
CONFIRM
cpanel -- cpanelcPanel before 57.9999.54 allows self XSS during ftp account creation under addon domains (SEC-118).2019-08-01not yet calculatedCVE-2016-10813
MISC
cpanel -- cpanelcPanel before 68.0.15 does not have a sufficient list of reserved usernames (SEC-327).2019-08-02not yet calculatedCVE-2017-18394
CONFIRM
cpanel -- cpanelcPanel before 68.0.15 does not preserve permissions for local backup transport (SEC-330).2019-08-02not yet calculatedCVE-2017-18397
CONFIRM
cpanel -- cpanelcPanel before 68.0.15 allows arbitrary file-read operations via Exim vdomainaliases (SEC-329).2019-08-02not yet calculatedCVE-2017-18396
CONFIRM
cpanel -- cpanelcPanel before 68.0.15 does not block a username of postmaster, which might allow reception of private e-mail (SEC-326).2019-08-02not yet calculatedCVE-2017-18393
CONFIRM
cpanel -- cpanelcPanel before 68.0.15 does not block a username of ssl (SEC-328).2019-08-02not yet calculatedCVE-2017-18395
CONFIRM
cpanel -- cpanelIn cPanel before 66.0.2, EasyApache 4 conversion sets weak domlog ownership and permissions (SEC-272).2019-08-02not yet calculatedCVE-2017-18422
CONFIRM
cpanel -- cpanelcPanel before 66.0.2 allows stored XSS during WHM cPAddons processing (SEC-269).2019-08-02not yet calculatedCVE-2017-18420
CONFIRM
cpanel -- cpanelcPanel before 68.0.15 writes home-directory backups to an incorrect location (SEC-309).2019-08-02not yet calculatedCVE-2017-18383
CONFIRM
cpanel -- cpanelcPanel before 67.9999.103 allows stored XSS in WHM MySQL Password Change interfaces (SEC-282).2019-08-02not yet calculatedCVE-2017-18408
CONFIRM
cpanel -- cpanelcPanel before 11.54.0.0 allows a bypass of the e-mail sending limit (SEC-60).2019-08-01not yet calculatedCVE-2016-10857
MISC
cpanel -- cpanelcPanel before 68.0.15 allows unprivileged users to access restricted directories during account restores (SEC-311).2019-08-02not yet calculatedCVE-2017-18385
CONFIRM
cpanel -- cpanelIn cPanel before 67.9999.103, the backup system overwrites root's home directory when a mount disappears (SEC-299).2019-08-02not yet calculatedCVE-2017-18413
CONFIRM
cpanel -- cpanelcPanel before 68.0.15 allows stored XSS during a cpaddons moderated upgrade (SEC-336).2019-08-02not yet calculatedCVE-2017-18402
CONFIRM
cpanel -- cpanelcPanel before 68.0.15 allows code execution in the context of the nobody account via Mailman archives (SEC-337).2019-08-02not yet calculatedCVE-2017-18403
CONFIRM
cpanel -- cpanelcPanel before 68.0.15 allows domain data to be deleted for domains with the .lock TLD (SEC-341).2019-08-02not yet calculatedCVE-2017-18404
CONFIRM
cpanel -- cpanelcPanel before 11.54.0.4 allows code execution in the context of shared users via JSON-API (SEC-76).2019-08-01not yet calculatedCVE-2016-10843
MISC
cpanel -- cpanelcPanel before 67.9999.103 allows SQL injection during eximstats processing (SEC-276).2019-08-02not yet calculatedCVE-2017-18406
CONFIRM
cpanel -- cpanelcPanel before 67.9999.103 does not enforce SSL hostname verification for the support-agreement download (SEC-279).2019-08-02not yet calculatedCVE-2017-18407
CONFIRM
cpanel -- cpanelIn cPanel before 67.9999.103, the backup interface could return a backup archive with all MySQL databases (SEC-283).2019-08-02not yet calculatedCVE-2017-18409
CONFIRM
cpanel -- cpanelcPanel before 66.0.2 allows stored XSS during WHM cPAddons uninstallation (SEC-266).2019-08-02not yet calculatedCVE-2017-18419
CONFIRM
cpanel -- cpanelIn cPanel before 67.9999.103, a user account's backup archive could contain all MySQL databases on the server (SEC-284).2019-08-02not yet calculatedCVE-2017-18410
CONFIRM
cpanel -- cpanelThe "addon domain conversion" feature in cPanel before 67.9999.103 can copy all MySQL databases to the new account (SEC-285).2019-08-02not yet calculatedCVE-2017-18411
CONFIRM
cpanel -- cpanelcPanel before 67.9999.103 allows Apache HTTP Server log files to become world-readable because of mishandling on an account rename (SEC-296).2019-08-02not yet calculatedCVE-2017-18412
CONFIRM
cpanel -- cpanelcPanel before 67.9999.103 allows an open redirect in /unprotected/redirect.html (SEC-300).2019-08-02not yet calculatedCVE-2017-18414
CONFIRM
cpanel -- cpanelcPanel before 68.0.15 allows local root code execution via cpdavd (SEC-333).2019-08-02not yet calculatedCVE-2017-18400
CONFIRM
cpanel -- cpanelcPanel before 67.9999.103 allows code execution in the context of the mailman account because of incorrect environment-variable filtering (SEC-302).2019-08-02not yet calculatedCVE-2017-18415
CONFIRM
cpanel -- cpanelcPanel before 67.9999.103 allows arbitrary file-overwrite operations during a Roundcube SQLite schema update (SEC-303).2019-08-02not yet calculatedCVE-2017-18416
CONFIRM
cpanel -- cpanelcPanel before 66.0.2 allows stored XSS during WHM cPAddons installation (SEC-263).2019-08-02not yet calculatedCVE-2017-18417
CONFIRM
cpanel -- cpanelcPanel before 66.0.2 allows stored XSS during WHM cPAddons file operations (SEC-265).2019-08-02not yet calculatedCVE-2017-18418
CONFIRM
cpanel -- cpanelThe chcpass script in cPanel before 11.54.0.4 reveals a password hash (SEC-77).2019-08-01not yet calculatedCVE-2016-10844
MISC
cpanel -- cpanelcPanel before 11.54.0.4 allows certain file-chmod operations in scripts/secureit (SEC-82).2019-08-01not yet calculatedCVE-2016-10849
MISC
cpanel -- cpanelcPanel before 11.54.0.4 allows certain file-read operations in bin/setup_global_spam_filter.pl (SEC-74).2019-08-01not yet calculatedCVE-2016-10842
MISC
cpanel -- cpanelcPanel before 64.0.21 allows demo accounts to redirect web traffic (SEC-245).2019-08-02not yet calculatedCVE-2017-18441
CONFIRM
cpanel -- cpanelcPanel before 64.0.21 allows code execution by webmail and demo accounts via a store_filter API call (SEC-236).2019-08-02not yet calculatedCVE-2017-18433
CONFIRM
cpanel -- cpanelcPanel before 64.0.21 allows code execution in the context of the root account via a SET_VHOST_LANG_PACKAGE multilang adminbin call (SEC-237).2019-08-02not yet calculatedCVE-2017-18434
CONFIRM
cpanel -- cpanelcPanel before 64.0.21 allows demo accounts to execute code via the BoxTrapper API (SEC-238).2019-08-02not yet calculatedCVE-2017-18435
CONFIRM
cpanel -- cpanelcPanel before 64.0.21 allows demo accounts to read files via a Fileman::getfileactions API2 call (SEC-239).2019-08-02not yet calculatedCVE-2017-18436
CONFIRM
cpanel -- cpanelcPanel before 64.0.21 allows a Webmail account to execute code via forwarders (SEC-240).2019-08-02not yet calculatedCVE-2017-18437
CONFIRM
cpanel -- cpanelcPanel before 64.0.21 allows demo accounts to execute code via an ImageManager_dimensions API call (SEC-243).2019-08-02not yet calculatedCVE-2017-18439
CONFIRM
cpanel -- cpanelcPanel before 64.0.21 allows certain file-rename operations in the context of the root account via scripts/convert_roundcube_mysql2sqlite (SEC-254).2019-08-02not yet calculatedCVE-2017-18449
CONFIRM
cpanel -- cpanelcPanel before 64.0.21 allows demo users to execute traceroute via api2 (SEC-244).2019-08-02not yet calculatedCVE-2017-18440
CONFIRM
cpanel -- cpanelcPanel before 64.0.21 allows demo accounts to execute Cpanel::SPFUI API commands (SEC-246).2019-08-02not yet calculatedCVE-2017-18442
CONFIRM
cpanel -- cpanelcPanel before 66.0.1 does not reliably perform suspend/unsuspend operations on accounts (CPANEL-13941).2019-08-02not yet calculatedCVE-2017-18431
CONFIRM
cpanel -- cpanelcPanel before 74.0.0 allows arbitrary file-read operations during File Restoration (SEC-436).2019-08-01not yet calculatedCVE-2018-20891
CONFIRM
cpanel -- cpanelcPanel before 64.0.21 allows demo accounts to execute SSH API commands (SEC-248).2019-08-02not yet calculatedCVE-2017-18444
CONFIRM
cpanel -- cpanelcPanel before 64.0.21 does not enforce demo restrictions for SSL API calls (SEC-249).2019-08-02not yet calculatedCVE-2017-18445
CONFIRM
cpanel -- cpanelcPanel before 64.0.21 allows file-read and file-write operations for demo accounts via the SourceIPCheck API (SEC-250).2019-08-02not yet calculatedCVE-2017-18446
CONFIRM
cpanel -- cpanelcPanel before 64.0.21 allows demo accounts to execute code via the ClamScanner_getsocket API (SEC-251).2019-08-02not yet calculatedCVE-2017-18447
CONFIRM
cpanel -- cpanelcPanel before 64.0.21 allows certain file-read operations via a Serverinfo_manpage API call (SEC-252).2019-08-02not yet calculatedCVE-2017-18448
CONFIRM
cpanel -- cpanelcPanel before 74.0.0 allows arbitrary zone file modifications during record edits (SEC-426).2019-08-01not yet calculatedCVE-2018-20890
CONFIRM
cpanel -- cpanelThe bin/mkvhostspasswd script in cPanel before 11.54.0.4 discloses password hashes (SEC-73).2019-08-01not yet calculatedCVE-2016-10841
MISC
cpanel -- cpanelcPanel before 74.0.0 allows arbitrary zone file modifications because of incorrect CAA record handling (SEC-439).2019-08-01not yet calculatedCVE-2018-20892
CONFIRM
cpanel -- cpanelIn cPanel before 64.0.21, Horde MySQL to SQLite conversion can leak a database password (SEC-234).2019-08-02not yet calculatedCVE-2017-18432
CONFIRM
cpanel -- cpanelIn cPanel before 66.0.2, user and group ownership may be incorrectly set when using reassign_post_terminate_cruft (SEC-294).2019-08-02not yet calculatedCVE-2017-18430
CONFIRM
cpanel -- cpanelcPanel before 70.0.23 does not prevent e-mail account suspensions from being applied to unowned accounts (SEC-411).2019-08-01not yet calculatedCVE-2018-20934
CONFIRM
cpanel -- cpanelcPanel before 62.0.17 allows does not preserve security policy questions across an account rename (SEC-223).2019-08-02not yet calculatedCVE-2017-18461
CONFIRM
cpanel -- cpanelIn cPanel before 62.0.17, addon domain conversion did not require a package for resellers (SEC-208).2019-08-02not yet calculatedCVE-2017-18455
CONFIRM
cpanel -- cpanelcPanel before 62.0.17 allows self XSS in the WHM cPAddons showsecurity interface (SEC-217).2019-08-02not yet calculatedCVE-2017-18456
CONFIRM
cpanel -- cpanelcPanel before 62.0.17 allows arbitrary file-read operations via WHM /styled/ URLs (SEC-218).2019-08-02not yet calculatedCVE-2017-18457
CONFIRM
cpanel -- cpanelcPanel before 62.0.17 allows file overwrite when renaming an account (SEC-219).2019-08-02not yet calculatedCVE-2017-18458
CONFIRM
cpanel -- cpanelcPanel before 62.0.24 allows stored XSS in the WHM cPAddons install interface (SEC-262).2019-08-02not yet calculatedCVE-2017-18454
CONFIRM
cpanel -- cpanelcPanel before 64.0.21 does not preserve supplemental groups across account renames (SEC-260).2019-08-02not yet calculatedCVE-2017-18453
CONFIRM
cpanel -- cpanelcPanel before 62.0.17 allows arbitrary code execution during automatic SSL installation (SEC-221).2019-08-02not yet calculatedCVE-2017-18460
CONFIRM
cpanel -- cpanelcPanel before 62.0.17 allows arbitrary code execution during account modification (SEC-220).2019-08-02not yet calculatedCVE-2017-18459
CONFIRM
cpanel -- cpanelcPanel before 74.0.0 allows file modification in the context of the root account because of incorrect HTTP authentication (SEC-424).2019-08-01not yet calculatedCVE-2018-20888
CONFIRM
cpanel -- cpanelcPanel before 62.0.17 allows code execution in the context of the root account via a long DocumentRoot path (SEC-225).2019-08-02not yet calculatedCVE-2017-18463
CONFIRM
cpanel -- cpanelcPanel before 64.0.21 allows demo accounts to execute code via Encoding API calls (SEC-242).2019-08-02not yet calculatedCVE-2017-18438
CONFIRM
cpanel -- cpanelcPanel before 74.0.8 allows local users to disable the ClamAV daemon (SEC-409).2019-08-01not yet calculatedCVE-2018-20873
CONFIRM
cpanel -- cpanelcPanel before 74.0.8 allows self XSS in the WHM "Create a New Account" interface (SEC-428).2019-08-01not yet calculatedCVE-2018-20874
CONFIRM
cpanel -- cpanelcPanel before 74.0.8 allows arbitrary file-write operations in the context of the root account during WHM Force Password Change (SEC-447).2019-08-01not yet calculatedCVE-2018-20882
CONFIRM
cpanel -- cpanelcPanel before 74.0.0 insecurely stores phpMyAdmin session files (SEC-418).2019-08-01not yet calculatedCVE-2018-20886
CONFIRM
cpanel -- cpanelcPanel before 64.0.21 allows attackers to read a user's crontab file during a short time interval upon a cPAddon upgrade (SEC-257).2019-08-02not yet calculatedCVE-2017-18451
CONFIRM
cpanel -- cpanelcPanel before 74.0.0 allows certain file-read operations via password file caching (SEC-425).2019-08-01not yet calculatedCVE-2018-20889
CONFIRM
cpanel -- cpanelcPanel before 64.0.21 allows code execution via Rails configuration files (SEC-259).2019-08-02not yet calculatedCVE-2017-18452
CONFIRM
cpanel -- cpanelcPanel before 64.0.21 allows demo and suspended accounts to use SSH port forwarding (SEC-247).2019-08-02not yet calculatedCVE-2017-18443
CONFIRM
cpanel -- cpanelcPanel before 64.0.21 allows certain file-chmod operations via /scripts/convert_roundcube_mysql2sqlite (SEC-255).2019-08-02not yet calculatedCVE-2017-18450
CONFIRM
cpanel -- cpanelcPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon a post-update task (SEC-352).2019-08-01not yet calculatedCVE-2018-20943
CONFIRM
cpanel -- cpanelcPanel before 71.9980.37 allows stored XSS in the WHM cPAddons installation interface (SEC-398).2019-08-01not yet calculatedCVE-2018-20899
CONFIRM
cpanel -- cpanelcPanel before 70.0.23 allows stored XSS in via a WHM "Reset a DNS Zone" action (SEC-412).2019-08-01not yet calculatedCVE-2018-20935
CONFIRM
cpanel -- cpanelcPanel before 70.0.23 allows arbitrary file-chmod operations during legacy incremental backups (SEC-338).2019-08-01not yet calculatedCVE-2018-20909
CONFIRM
cpanel -- cpanelcPanel before 68.0.27 allows attackers to read the SRS secret via exim.conf (SEC-308).2019-08-01not yet calculatedCVE-2018-20936
CONFIRM
cpanel -- cpanelIn cPanel before 66.0.2, Apache HTTP Server domlogs become temporarily world-readable during log processing (SEC-290).2019-08-02not yet calculatedCVE-2017-18428
CONFIRM
cpanel -- cpanelcPanel before 71.9980.37 allows stored XSS in the YUM autorepair functionality (SEC-399).2019-08-01not yet calculatedCVE-2018-20900
CONFIRM
cpanel -- cpanelcPanel before 71.9980.37 allows attackers to make API calls that bypass the cron feature restriction (SEC-427).2019-08-01not yet calculatedCVE-2018-20904
CONFIRM
cpanel -- cpanelcPanel before 71.9980.37 allows attackers to make API calls that bypass the images feature restriction (SEC-430).2019-08-01not yet calculatedCVE-2018-20906
CONFIRM
cpanel -- cpanelcPanel before 70.0.23 allows .htaccess restrictions bypass when Htaccess Optimization is enabled (SEC-401).2019-08-01not yet calculatedCVE-2018-20930
CONFIRM
cpanel -- cpanelcPanel before 71.9980.37 does not enforce the Mime::list_hotlinks API feature restriction (SEC-432).2019-08-01not yet calculatedCVE-2018-20907
CONFIRM
cpanel -- cpanelcPanel before 71.9980.37 allows arbitrary file-read operations during pkgacct custom template handling (SEC-435).2019-08-01not yet calculatedCVE-2018-20908
CONFIRM
cpanel -- cpanelcPanel before 70.0.23 allows arbitrary file-read and file-unlink operations via WHM style uploads (SEC-378).2019-08-01not yet calculatedCVE-2018-20924
CONFIRM
cpanel -- cpanelcPanel before 71.9980.37 allows code injection in the WHM cPAddons interface (SEC-394).2019-08-01not yet calculatedCVE-2018-20896
CONFIRM
cpanel -- cpanelcPanel before 70.0.23 allows local privilege escalation via the WHM Legacy Language File Upload interface (SEC-379).2019-08-01not yet calculatedCVE-2018-20925
CONFIRM
cpanel -- cpanelcPanel before 70.0.23 allows local privilege escalation via the WHM Locale XML Upload interface (SEC-380).2019-08-01not yet calculatedCVE-2018-20926
CONFIRM
cpanel -- cpanelcPanel before 70.0.23 allows jailshell escape because of incorrect crontab parsing (SEC-382).2019-08-01not yet calculatedCVE-2018-20927
CONFIRM
cpanel -- cpanelcPanel before 70.0.23 allows stored XSS via the cpaddons vendor interface (SEC-391).2019-08-01not yet calculatedCVE-2018-20928
CONFIRM
cpanel -- cpanelcPanel before 70.0.23 allows an open redirect via the /unprotected/redirect.html endpoint (SEC-392).2019-08-01not yet calculatedCVE-2018-20929
CONFIRM
cpanel -- cpanelIn cPanel before 66.0.2, Apache HTTP Server SSL domain logs can persist on disk after an account termination (SEC-291).2019-08-02not yet calculatedCVE-2017-18429
CONFIRM
cpanel -- cpanelIn cPanel before 66.0.2, weak log-file permissions can occur after account modification (SEC-289).2019-08-02not yet calculatedCVE-2017-18427
CONFIRM
cpanel -- cpanelcPanel before 11.54.0.4 allows SQL injection in bin/horde_update_usernames (SEC-71).2019-08-01not yet calculatedCVE-2016-10839
MISC
cpanel -- cpanelcPanel before 11.54.0.4 allows arbitrary code execution during locale duplication (SEC-72).2019-08-01not yet calculatedCVE-2016-10840
MISC
cpanel -- cpanelcPanel before 71.9980.37 allows arbitrary file-unlink operations via the cPAddons moderation system (SEC-395).2019-08-01not yet calculatedCVE-2018-20897
CONFIRM
cpanel -- cpanelcPanel before 71.9980.37 allows e-mail injection during cPAddons moderation (SEC-396).2019-08-01not yet calculatedCVE-2018-20898
CONFIRM
cpanel -- cpanelIn cPanel before 71.9980.37, API tokens retain ACLs after those ACLs are removed from the corresponding accounts (SEC-393).2019-08-01not yet calculatedCVE-2018-20895
CONFIRM
cpanel -- cpanelcPanel before 68.0.27 allows certain file-write operations via the telnetcrt script (SEC-356).2019-08-01not yet calculatedCVE-2018-20947
CONFIRM
cpanel -- cpanelcPanel before 68.0.27 does not validate database and dbuser names during renames (SEC-321).2019-08-01not yet calculatedCVE-2018-20937
CONFIRM
cpanel -- cpanelcPanel before 68.0.27 allows a user to discover contents of directories (that are not owned by that user) by leveraging backups (SEC-339).2019-08-01not yet calculatedCVE-2018-20939
CONFIRM
cpanel -- cpanelcPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon the enabling of backups (SEC-342).2019-08-01not yet calculatedCVE-2018-20940
CONFIRM
cpanel -- cpanelcPanel before 68.0.27 allows arbitrary file-read operations via restore adminbin (SEC-349).2019-08-01not yet calculatedCVE-2018-20941
CONFIRM
cpanel -- cpanelcPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon configuring crontab (SEC-351).2019-08-01not yet calculatedCVE-2018-20942
CONFIRM
cpanel -- cpanelcPanel before 68.0.27 allows attackers to read a copy of httpd.conf that is created during a syntax test (SEC-353).2019-08-01not yet calculatedCVE-2018-20944
CONFIRM
cpanel -- cpanelcPanel before 74.0.0 makes web-site contents accessible to other local users via Git repositories (SEC-443).2019-08-01not yet calculatedCVE-2018-20894
CONFIRM
cpanel -- cpanelbin/csvprocess in cPanel before 68.0.27 allows insecure file operations (SEC-354).2019-08-01not yet calculatedCVE-2018-20945
CONFIRM
cpanel -- cpanelcPanel before 68.0.27 allows attackers to read zone information because a world-readable archive is created by the archive_sync_zones script (SEC-355).2019-08-01not yet calculatedCVE-2018-20946
CONFIRM
cpanel -- cpanelcPanel before 70.0.23 exposes Apache HTTP Server logs after creation of certain domains (SEC-406).2019-08-01not yet calculatedCVE-2018-20932
CONFIRM
cpanel -- cpanelcPanel before 68.0.27 allows self XSS in cPanel Backup Restoration (SEC-383).2019-08-01not yet calculatedCVE-2018-20948
CONFIRM
cpanel -- cpanelcPanel before 70.0.23 allows demo accounts to execute code via the Landing Page (SEC-405).2019-08-01not yet calculatedCVE-2018-20931
CONFIRM
cpanel -- cpanelcPanel before 71.9980.37 allows attackers to make API calls that bypass the backup feature restriction (SEC-429).2019-08-01not yet calculatedCVE-2018-20905
CONFIRM
cpanel -- cpanelcPanel before 74.0.0 allows file-rename operations during account renames (SEC-442).2019-08-01not yet calculatedCVE-2018-20893
CONFIRM
cpanel -- cpanelcPanel before 68.0.27 allows self XSS in WHM Apache Configuration Include Editor (SEC-385).2019-08-01not yet calculatedCVE-2018-20949
CONFIRM
cpanel -- cpanelcPanel before 68.0.27 does not enforce ownership during addpkgext and delpkgext WHM API calls (SEC-324).2019-08-01not yet calculatedCVE-2018-20938
CONFIRM
cpanel -- cpanelcPanel before 70.0.23 has Stored XSS via an WHM Edit DNS Zone action (SEC-410).2019-08-01not yet calculatedCVE-2018-20933
CONFIRM
cpanel -- cpanelcPanel before 68.0.27 allows self XSS in the WHM listips interface (SEC-389).2019-08-01not yet calculatedCVE-2018-20953
CONFIRM
cpanel -- cpanelcPanel before 68.0.27 creates world-readable files during use of WHM Apache Includes Editor (SEC-388).2019-08-01not yet calculatedCVE-2018-20952
CONFIRM
cpanel -- cpanelcPanel before 68.0.27 allows self XSS in WHM Spamd Startup Config (SEC-387).2019-08-01not yet calculatedCVE-2018-20951
CONFIRM
cpanel -- cpanelcPanel before 68.0.27 allows self stored XSS in WHM Account Transfer (SEC-386).2019-08-01not yet calculatedCVE-2018-20950
CONFIRM
crypto++ -- crypto++Crypto++ 8.3.0 and earlier contains a timing side channel in ECDSA signature generation. This allows a local or remote attacker, able to measure the duration of hundreds to thousands of signing operations, to compute the private key used. The issue occurs because scalar multiplication in ecp.cpp (prime field curves, small leakage) and algebra.cpp (binary field curves, large leakage) is not constant time and leaks the bit length of the scalar among other information.2019-07-30not yet calculatedCVE-2019-14318
MISC
MISC
d-link -- 6600-ap_and_dwl_3600ap_ax_and_dwl-8610ap_ax_devicesAn issue was discovered on D-Link 6600-AP, DWL-3600AP, and DWL-8610AP Ax 4.2.0.14 21/03/2019 devices. There is post-authenticated Certificate and RSA Private Key extraction through an insecure sslcert-get.cgi HTTP command.2019-08-01not yet calculatedCVE-2019-14334
MISC
MISC
MISC
d-link -- 6600-ap_and_dwl_3600ap_ax_devicesAn issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is post-authenticated dump of all of the config files through a certain admin.cgi?action= insecure HTTP request.2019-08-01not yet calculatedCVE-2019-14336
MISC
MISC
MISC
d-link -- 6600-ap_and_dwl_3600ap_ax_devicesAn issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is a pre-authenticated denial of service attack against the access point via a long action parameter to admin.cgi.2019-08-01not yet calculatedCVE-2019-14333
MISC
MISC
MISC
d-link -- 6600-ap_and_dwl_3600ap_ax_devicesAn issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is an ability to escape to a shell in the restricted command line interface, as demonstrated by the `/bin/sh -c wget` sequence.2019-08-01not yet calculatedCVE-2019-14337
MISC
MISC
MISC
d-link -- 6600-ap_and_dwl_3600ap_ax_devicesAn issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is use of weak ciphers for SSH such as diffie-hellman-group1-sha1.2019-08-01not yet calculatedCVE-2019-14332
MISC
MISC
MISC
d-link -- 6600-ap_and_dwl_3600ap_ax_devicesAn issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is a post-authentication admin.cgi?action= XSS vulnerability on the management interface.2019-08-01not yet calculatedCVE-2019-14338
MISC
MISC
MISC
d-link -- dva-5592The web interface of the D-Link DVA-5592 20180823 is vulnerable to XSS because HTML form parameters are directly reflected.2019-08-02not yet calculatedCVE-2019-6968
MISC
d-link -- dva-5592The web interface of the D-Link DVA-5592 20180823 is vulnerable to an authentication bypass that allows an unauthenticated user to have access to sensitive information such as the Wi-Fi password and the phone number (if VoIP is in use).2019-08-02not yet calculatedCVE-2019-6969
MISC
das_q -- das_qDas Q before 2019-08-02 allows web sites to execute arbitrary code on client machines, as demonstrated by a cross-origin /install request with an attacker-controlled releaseUrl, which triggers download and execution of code within a ZIP archive.2019-08-02not yet calculatedCVE-2019-14551
MISC
django -- djangoAn issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable.2019-08-02not yet calculatedCVE-2019-14232
MISC
MISC
CONFIRM
django -- djangoAn issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If passed certain inputs, django.utils.encoding.uri_to_iri could lead to significant memory usage due to a recursion when repercent-encoding invalid UTF-8 octet sequences.2019-08-02not yet calculatedCVE-2019-14235
MISC
MISC
CONFIRM
django -- djangoAn issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to the behaviour of the underlying HTMLParser, django.utils.html.strip_tags would be extremely slow to evaluate certain inputs containing large sequences of nested incomplete HTML entities.2019-08-02not yet calculatedCVE-2019-14233
MISC
MISC
CONFIRM
dnsmasq -- dnsmasqImproper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491.2019-08-01not yet calculatedCVE-2019-14513
MISC
docker -- dockerIn Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container.2019-07-29not yet calculatedCVE-2019-14271
CONFIRM
MISC
docker -- docker-credential-helpersdocker-credential-helpers before 0.6.3 has a double free in the List functions.2019-07-29not yet calculatedCVE-2019-1020014
MISC
MISC
dolibarr_foundation -- dolibarr_erp_and_crmDolibarr ERP/CRM 9.0.1 provides a module named website that provides for creation of public websites with a WYSIWYG editor. It was identified that the editor also allowed inclusion of dynamic code, which can lead to code execution on the host machine. An attacker has to check a setting on the same page, which specifies the inclusion of dynamic content. Thus, a lower privileged user of the application can execute code under the context and permissions of the underlying web server.2019-07-29not yet calculatedCVE-2019-11201
MISC
dolibarr_foundation -- dolibarr_erp_and_crmDolibarr ERP/CRM 9.0.1 provides a web-based functionality that backs up the database content to a dump file. However, the application performs insufficient checks on the export parameters to mysqldump, which can lead to execution of arbitrary binaries on the server. (Malicious binaries can be uploaded by abusing other functionalities of the application.)2019-07-29not yet calculatedCVE-2019-11200
MISC
dolibarr_foundation -- dolibarr_erp_and_crmDolibarr ERP/CRM 9.0.1 was affected by stored XSS within uploaded files. These vulnerabilities allowed the execution of a JavaScript payload each time any regular user or administrative user clicked on the malicious link hosted on the same domain. The vulnerabilities could be exploited by low privileged users to target administrators. The viewimage.php page did not perform any contextual output encoding and would display the content within the uploaded file with a user-requested MIME type.2019-07-29not yet calculatedCVE-2019-11199
MISC
draytek -- draytek_routersDrayTek routers before 2018-05-23 allow CSRF attacks to change DNS or DHCP settings, a related issue to CVE-2017-11649.2019-07-31not yet calculatedCVE-2018-20872
MISC
eclipse -- openj9All builds of Eclipse OpenJ9 prior to 0.15 contain a bug where the loop versioner may fail to privatize a value that is pulled out of the loop by versioning - for example if there is a condition that is moved out of the loop that reads a field we may not privatize the value of that field in the modified copy of the loop allowing the test to see one value of the field and subsequently the loop to see a modified field value without retesting the condition moved out of the loop. This can lead to a variety of different issues but read out of array bounds is one major consequence of these problems.2019-07-30not yet calculatedCVE-2019-11775
CONFIRM
edx -- edx-platformedx-platform before 2016-06-06 allows CSRF.2019-07-29not yet calculatedCVE-2016-10766
MISC
CONFIRM
edx -- edx-platformedx-platform before 2018-07-18 allows XSS via a response to a Chemical Equation advanced problem.2019-07-30not yet calculatedCVE-2018-20859
MISC
MISC
MISC
edx -- edx-platformedx-platform before 2017-08-03 allows attackers to trigger password-reset e-mail messages in which the reset link has an attacker-controlled domain name.2019-07-30not yet calculatedCVE-2017-18380
MISC
CONFIRM
edx -- edx-platformedx-platform before 2016-06-10 allows account activation with a spoofed e-mail address.2019-07-29not yet calculatedCVE-2016-10765
CONFIRM
edx -- open_edxThe installation process in Open edX before 2017-01-10 exposes a MongoDB instance to external connections with default credentials.2019-07-30not yet calculatedCVE-2017-18381
MISC
MISC
elastic -- apmA TLS certificate validation flaw was found in Elastic APM agent for Ruby versions before 2.9.0. When specifying a trusted server CA certificate via the 'server_ca_cert' setting, the Ruby agent would not properly verify the certificate returned by the APM server. This could result in a man in the middle style attack against the Ruby agent.2019-07-30not yet calculatedCVE-2019-7615
MISC
elastic -- elasticsearchA race condition flaw was found in the response headers Elasticsearch versions before 7.2.1 and 6.8.2 returns to a request. On a system with multiple users submitting requests, it could be possible for an attacker to gain access to response header containing sensitive data from another user.2019-07-30not yet calculatedCVE-2019-7614
MISC
elastic -- kibanaKibana versions before 6.8.2 and 7.2.1 contain a server side request forgery (SSRF) flaw in the graphite integration for Timelion visualizer. An attacker with administrative Kibana access could set the timelion:graphite.url configuration option to an arbitrary URL. This could possibly lead to an attacker accessing external URL resources as the Kibana process on the host system.2019-07-30not yet calculatedCVE-2019-7616
MISC
elm327 -- obd2_bluetooth_deviceA clone version of an ELM327 OBD2 Bluetooth device has a hardcoded PIN, leading to arbitrary commands to an OBD-II bus of a vehicle, as demonstrated by turning off the vehicle's lights.2019-07-31not yet calculatedCVE-2019-12797
MISC
MISC
MISC
fasterxml -- jackson-databindSubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used, leading to remote code execution.2019-07-29not yet calculatedCVE-2019-14379
MISC
MISC
fasterxml -- jackson-databindA Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. This occurs when Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the logback jar in the classpath.2019-07-30not yet calculatedCVE-2019-14439
MISC
MISC
MISC
foreman -- foreman-tasksAn authentication bypass vulnerability was discovered in foreman-tasks before 0.15.7. Previously, commit tasks were searched through find_resource, which performed authorization checks. After the change to Foreman, an unauthenticated user can view the details of a task through the web UI or API, if they can discover or guess the UUID of the task.2019-07-31not yet calculatedCVE-2019-10198
CONFIRM
MISC
freetype -- freetypeIn FreeType before 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1_Get_Private_Dict where there is no check that the new values of cur and limit are sensible before going to Again.2019-07-30not yet calculatedCVE-2015-9290
MISC
MISC
gnome -- evolution-ewsIt was discovered evolution-ews before 3.31.3 does not check the validity of SSL certificates. An attacker could abuse this flaw to get confidential information by tricking the user into connecting to a fake server without the user noticing the difference.2019-08-01not yet calculatedCVE-2019-3890
CONFIRM
CONFIRM
gnucobol -- gnucobolGnuCOBOL 2.2 has a buffer overflow in cb_evaluate_expr in cobc/field.c via crafted COBOL source code.2019-08-01not yet calculatedCVE-2019-14486
MISC
gnucobol -- gnucobolGnuCOBOL 2.2 has a stack-based buffer overflow in cb_encode_program_id in cobc/typeck.c via crafted COBOL source code.2019-08-02not yet calculatedCVE-2019-14541
MISC
gnucobol -- gnucobolGnuCOBOL 2.2 has a heap-based buffer overflow in read_literal in cobc/scanner.l via crafted COBOL source code.2019-08-02not yet calculatedCVE-2019-14528
MISC
gnucobol -- gnucobolGnuCOBOL 2.2 has a buffer overflow in cb_push_op in cobc/field.c via crafted COBOL source code.2019-08-01not yet calculatedCVE-2019-14468
MISC
gnu -- binutilsapply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf.2019-07-30not yet calculatedCVE-2019-14444
MISC
gogs -- gogsroutes/api/v1/api.go in Gogs 0.11.86 lacks permission checks for routes: deploy keys, collaborators, and hooks.2019-08-02not yet calculatedCVE-2019-14544
MISC
happypoint -- happypoint_mobile_app
 
When processing Deeplink scheme, Happypoint mobile app 6.3.19 and earlier versions doesn't check Deeplink URL correctly. This could lead to javascript code execution, url redirection, sensitive information disclosure. An attacker can exploit this issue by enticing an unsuspecting user to open a specific malicious URL.2019-08-01not yet calculatedCVE-2019-9140
CONFIRM
hasura -- graphql_enginegraphql-engine (aka Hasura GraphQL Engine) before 1.0.0-beta.3 mishandles the audience check while verifying JWT.2019-07-29not yet calculatedCVE-2019-1020015
MISC
hewlett_packard_enterprise -- hp2910al-48g_switchesA potential security vulnerability has been identified in HP2910al-48G version W.15.14.0016. The attack exploits an xss injection by setting the attack vector in one of the switch persistent configuration fields (management URL, location, contact). But admin privileges are required to configure these fields thereby reducing the likelihood of exploit. HPE Aruba has provided firmware updates to resolve the vulnerability in HP 2910-48G al Switch. Please update to W.15.14.0017.2019-08-01not yet calculatedCVE-2019-5401
CONFIRM
humhub -- humhubHumHub Social Network Kit Enterprise v1.3.13 allows remote attackers to find the user accounts existing on any Social Network Kits (including self-hosted ones) by brute-forcing the username after the /u/ initial URI substring, aka Response Discrepancy Information Exposure.2019-07-29not yet calculatedCVE-2019-12743
MISC
MISC
ibm -- i2_intelligent_analysis_platformIBM i2 Intelligent Analyis Platform 9.0.0 through 9.1.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 157007.2019-07-30not yet calculatedCVE-2019-4062
CONFIRM
XF
ibm -- jazz_for_service_managementIBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2 could allow an unauthorized local user to create unique catalog names that could cause a denial of service. IBM X-Force ID: 160296.2019-08-02not yet calculatedCVE-2019-4275
CONFIRM
XF
ibm -- spectrum_protect_for_enterprise_resource_planningIBM Spectrum Protect for Enterprise Resource Planning 7.1 and 8.1, if tracing is activated, the IBM Spectrum Protect node password may be displayed in plain text in the ERP trace file. IBM X-Force ID: 154280.2019-08-02not yet calculatedCVE-2018-1987
CONFIRM
XF
imgix -- imgixImgix through 2019-06-19 allows remote attackers to cause a denial of service (resource consumption) by manipulating a small JPEG file to specify dimensions of 64250x64250 pixels, which is mishandled during an attempt to load the 'whole image' into memory.2019-07-29not yet calculatedCVE-2019-13655
MISC
jolokia -- jolokiaA flaw was found in Jolokia versions from 1.2 to before 1.6.1. Affected versions are vulnerable to a system-wide CSRF. This holds true for properly configured instances with strict checking for origin and referrer headers. This could result in a Remote Code Execution attack.2019-08-01not yet calculatedCVE-2018-10899
CONFIRM
CONFIRM
libav -- libavAn issue was discovered in Libav 12.3. An access violation allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv. This is related to ff_mpa_synth_filter_float in avcodec/mpegaudiodsp_template.c.2019-07-30not yet calculatedCVE-2019-14441
MISC
libav -- libavIn mpc8_read_header in libavformat/mpc8.c in Libav 12.3, an input file can result in an avio_seek infinite loop and hang, with 100% CPU consumption. Attackers could leverage this vulnerability to cause a denial of service via a crafted file.2019-07-30not yet calculatedCVE-2019-14442
MISC
liblouis -- liblouisA vulnerability was found in liblouis, versions 2.5.x before 2.5.4. A stack-based buffer overflow was found in findTable() in liblouis. An attacker could create a malicious file that would cause applications that use liblouis (such as Orca) to crash, or potentially execute arbitrary code when opened.2019-08-02not yet calculatedCVE-2014-8184
CONFIRM
MISC
libopenmpt -- libopenmptJ2B in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs.2019-07-30not yet calculatedCVE-2019-14383
MISC
libopenmpt -- libopenmptlibopenmpt before 0.3.11 allows a crash with certain malformed custom tunings in MPTM files.2019-07-30not yet calculatedCVE-2018-20861
MISC
libopenmpt -- libopenmptDSM in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs.2019-07-30not yet calculatedCVE-2019-14382
MISC
libopenmpt -- libopenmptlibopenmpt before 0.4.3 allows a crash due to a NULL pointer dereference when doing a portamento from an OPL instrument to an empty instrument note map slot.2019-07-30not yet calculatedCVE-2019-14381
CONFIRM
libvirtd -- libvirtdIt was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use this to probe the existence of arbitrary files, cause denial of service or cause libvirtd to execute arbitrary programs.2019-07-30not yet calculatedCVE-2019-10161
CONFIRM
CONFIRM
CONFIRM
libvirtd -- libvirtdIt was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would execute an arbitrary program when the domain was resumed.2019-08-02not yet calculatedCVE-2019-10166
CONFIRM
CONFIRM
libvirt -- libvirtThe virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges.2019-08-02not yet calculatedCVE-2019-10168
CONFIRM
CONFIRM
libvirt -- libvirtThe virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges.2019-08-02not yet calculatedCVE-2019-10167
CONFIRM
CONFIRM
linux -- linux_kernelA flaw was found in the Linux kernel's freescale hypervisor manager implementation, kernel versions 5.0.x up to, excluding 5.0.17. A parameter passed to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw to crash the system, corrupt memory, or create other adverse security affects.2019-07-30not yet calculatedCVE-2019-10142
CONFIRM
linux -- linux_kernelA flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.2019-07-30not yet calculatedCVE-2018-16871
CONFIRM
magento -- magentoA file upload filter bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with admin privileges to edit configuration keys to remove file extension filters, potentially resulting in the malicious upload and execution of malicious files on the server.2019-08-02not yet calculatedCVE-2019-7912
CONFIRM
magento -- magentoAn insecure direct object reference (IDOR) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 due to insufficient authorizations checks. This can be abused by a user with admin privileges to add users to company accounts or modify existing user details.2019-08-02not yet calculatedCVE-2019-7872
CONFIRM
magento -- magentoA cross-site request forgery vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can result in unintended deletion of user roles.2019-08-02not yet calculatedCVE-2019-7874
CONFIRM
magento -- magentoAn access control bypass vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An unauthenticated user can bypass access controls via REST API calls to assign themselves to an arbitrary company, thereby gaining read access to potentially confidental information.2019-08-02not yet calculatedCVE-2019-7950
CONFIRM
magento -- magentoA cross-site request forgery vulnerability in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 can lead to unintended data deletion from customer pages.2019-08-02not yet calculatedCVE-2019-7851
CONFIRM
magento -- magentoA denial-of-service vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. Under certain conditions, an unauthenticated attacker could force the Magento store's full page cache to serve a 404 page to customers.2019-08-02not yet calculatedCVE-2019-7915
CONFIRM
magento -- magento

 

An information disclosure vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to create email templates could leak sensitive data via a malicious email template.2019-08-02not yet calculatedCVE-2019-7888
CONFIRM
magento -- magento

 

A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges to access shipment settings can execute arbitrary code via server-side request forgery.2019-08-02not yet calculatedCVE-2019-7892
CONFIRM
magento -- magento

 

An Insecure Direct Object Reference (IDOR) vulnerability exists in the order processing workflow of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can lead to unauthorized access to order details.2019-08-02not yet calculatedCVE-2019-7890
CONFIRM
magento -- magento

 

A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges to layouts can execute arbitrary code through a combination of product import, crafted csv file and XML layout update.2019-08-02not yet calculatedCVE-2019-7896
CONFIRM
magento -- magento

 

A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to layouts can execute arbitrary code through a crafted XML layout update.2019-08-02not yet calculatedCVE-2019-7895
CONFIRM
magento -- magento
 
A cross-site request forgery vulnerability in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 can cause unwanted items to be added to a shopper's cart due to an insufficiently robust anti-CSRF token implementation.2019-08-02not yet calculatedCVE-2019-7857
CONFIRM
magento -- magento
 
A cryptograhic flaw in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 could be abused by an unauthenticated user to discover an invariant used in gift card generation.2019-08-02not yet calculatedCVE-2019-7855
CONFIRM
magento -- magento
 
A path disclosure vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. Requests for a specific file path could result in a redirect to the URL of the Magento admin panel, disclosing its location to potentially unauthorized parties.2019-08-02not yet calculatedCVE-2019-7852
CONFIRM
magento -- magento
 
An insecure direct object reference (IDOR) vulnerability in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 can lead to unauthorized disclosure of company credit history details.2019-08-02not yet calculatedCVE-2019-7854
CONFIRM
magento -- magento
 
A path traversal vulnerability in the WYSIWYG editor for Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 could result in unauthorized access to uploaded images due to insufficient access control.2019-08-02not yet calculatedCVE-2019-7859
CONFIRM
magento -- magento
 
A server-side request forgery (SSRF) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by authenticated user with admin privileges to manipulate shipment settings to execute arbitrary code.2019-08-02not yet calculatedCVE-2019-7923
CONFIRM
magento -- magento
 
A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to email templates can execute arbitrary code by previewing a malicious template.2019-08-02not yet calculatedCVE-2019-7903
CONFIRM
magento -- magento
 
A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to create or edit a product can execute arbitrary code via malicious XML layout updates.2019-08-02not yet calculatedCVE-2019-7942
CONFIRM
magento -- magento
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to edit product content pages to inject malicious javascript.2019-08-02not yet calculatedCVE-2019-7927
CONFIRM
magento -- magento
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to modify node attributes to inject malicious javascript.2019-08-02not yet calculatedCVE-2019-7926
CONFIRM
magento -- magento
 
An information leakage vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. A SOAP web service endpoint does not properly enforce parameters related to access control. This could be abused to leak customer information via crafted SOAP requests.2019-08-02not yet calculatedCVE-2019-7951
CONFIRM
magento -- magento
 
Insufficient enforcement of user access controls in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 could enable a low-privileged user to make unauthorized environment configuration changes.2019-08-02not yet calculatedCVE-2019-7904
CONFIRM
magento -- magento
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to modify content block titles to inject malicious javascript.2019-08-02not yet calculatedCVE-2019-7936
CONFIRM
magento -- magento
 
An insecure direct object reference (IDOR) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an administrator with limited privileges to delete the downloadable products folder.2019-08-02not yet calculatedCVE-2019-7925
CONFIRM
magento -- magento
 
A reflected cross-site scripting vulnerability exists on the customer cart checkout page of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by sending a victim a crafted URL that results in malicious javascript execution in the victim's browser.2019-08-02not yet calculatedCVE-2019-7939
CONFIRM
magento -- magento
 
An information leakage vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges may be able to view metadata of a trusted device used by another administrator via a crafted http request.2019-08-02not yet calculatedCVE-2019-7929
CONFIRM
magento -- magento
 
A denial-of-service (DoS) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. By abusing insufficient brute-forcing defenses in the token exchange protocol, an unauthenticated attacker could disrupt transactions between the Magento merchant and PayPal.2019-08-02not yet calculatedCVE-2019-7928
CONFIRM
magento -- magento
 
A file upload restriction bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges to the import feature can make modifications to a configuration file, resulting in potentially unauthorized removal of file upload restrictions. This can result in arbitrary code execution when a malicious file is then uploaded and executed on the system.2019-08-02not yet calculatedCVE-2019-7930
CONFIRM
magento -- magento
 
A cryptographic flaw in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9 and Magento 2.3 prior to 2.3.2 resulted in storage of sensitive information with an algorithm that is insufficiently resistant to brute force attacks.2019-08-02not yet calculatedCVE-2019-7858
CONFIRM
magento -- magento
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to store product attributes to inject malicious javascript.2019-08-02not yet calculatedCVE-2019-7937
CONFIRM
magento -- magento
 
A cryptographically weak pseudo-rando number generator is used in multiple security relevant contexts in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2.2019-08-02not yet calculatedCVE-2019-7860
CONFIRM
magento -- magento
 
A security bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 that could be abused to execute arbitrary PHP code. An authenticated user can bypass security protections that prevent arbitrary PHP script upload via form data injection.2019-08-02not yet calculatedCVE-2019-7871
CONFIRM
magento -- magento
 
Insufficient server-side validation of user input could allow an attacker to bypass file upload restrictions in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2.2019-08-02not yet calculatedCVE-2019-7861
CONFIRM
magento -- magento
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with access to edit Product information via the TinyMCE editor.2019-08-02not yet calculatedCVE-2019-7866
CONFIRM
magento -- magento
 
A cryptograhic flaw exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. A weak cryptograhic mechanism is used to generate the intialization vector in multiple security relevant contexts.2019-08-02not yet calculatedCVE-2019-7886
CONFIRM
magento -- magento
 
Insufficient input validation in the config builder of the Elastic search module could lead to remote code execution in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This vulnerability could be abused by an authenticated user with the ability to configure the catalog search.2019-08-02not yet calculatedCVE-2019-7885
CONFIRM
magento -- magento
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to marketing email templates to inject malicious javascript.2019-08-02not yet calculatedCVE-2019-7880
CONFIRM
magento -- magento
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to manage orders can inject malicious javascript.2019-08-02not yet calculatedCVE-2019-7877
CONFIRM
magento -- magento
 
A stored cross-site scripting vulnerability exists in the product catalog form of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to the product catalog to inject malicious javascript.2019-08-02not yet calculatedCVE-2019-7921
CONFIRM
magento -- magento
 
A cross-site request forgery vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can result in unintended deletion of the store design schedule.2019-08-02not yet calculatedCVE-2019-7873
CONFIRM
magento -- magento
 
A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to manipulate layouts can insert a malicious payload into the layout.2019-08-02not yet calculatedCVE-2019-7876
CONFIRM
magento -- magento
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with permissions to manage customer groups.2019-08-02not yet calculatedCVE-2019-7869
CONFIRM
magento -- magento
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with permissions to manage tax rules.2019-08-02not yet calculatedCVE-2019-7868
CONFIRM
magento -- magento
 
A server-side request forgery (SSRF) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with admin privileges to manipulate shipment methods to execute arbitrary code.2019-08-02not yet calculatedCVE-2019-7913
CONFIRM
magento -- magento
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with access to manage orders and order status.2019-08-02not yet calculatedCVE-2019-7867
CONFIRM
magento -- magento
 
A reflected cross-site scripting vulnerability exists in the Product widget chooser functionality in the admin panel for Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2.2019-08-02not yet calculatedCVE-2019-7862
CONFIRM
magento -- magento
 
A cross-site request forgery (CSRF) vulnerability exists in the checkout cart item of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited at the time of editing or configuration.2019-08-02not yet calculatedCVE-2019-7865
CONFIRM
magento -- magento
 
A stored cross-site scripting vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to the tax notifications configuration in the Magento admin panel.2019-08-02not yet calculatedCVE-2019-7853
CONFIRM
magento -- magento
 
An insecure direct object reference (IDOR) vulnerability exists in the RSS feeds of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can lead to unauthorized access to order details.2019-08-02not yet calculatedCVE-2019-7864
CONFIRM
magento -- magento
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to modify product information.2019-08-02not yet calculatedCVE-2019-7908
CONFIRM
magento -- magento
 
A stored cross-site scripting vulnerability exists in the admin panel for Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with access to products and categories.2019-08-02not yet calculatedCVE-2019-7863
CONFIRM
magento -- magento_and_magento_commerceA defense-in-depth check was added to mitigate inadequate session validation handling by 3rd party checkout modules. This impacts Magento 1.x prior to 1.9.4.2, Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9 and Magento 2.3 prior to 2.3.2.2019-08-02not yet calculatedCVE-2019-7849
CONFIRM
magento -- multiple_productsA stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to customer configurations to inject malicious javascript.2019-08-02not yet calculatedCVE-2019-7897
CONFIRM
magento -- multiple_products

 

A stored cross-site scripting vulnerability exists in the WYSIWYG editor of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to the editor can inject malicious SWF files.2019-08-02not yet calculatedCVE-2019-7882
CONFIRM
magento -- multiple_products
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to email templates.2019-08-02not yet calculatedCVE-2019-7909
CONFIRM
magento -- multiple_products
 
A server-side request forgery (SSRF) vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with access to the admin panel to manipulate system configuration and execute arbitrary code.2019-08-02not yet calculatedCVE-2019-7911
CONFIRM
magento -- multiple_products
 
A remote code execution vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to create sitemaps can execute arbitrary PHP code by creating a malicious sitemap file.2019-08-02not yet calculatedCVE-2019-7932
CONFIRM
magento -- multiple_products
 
A cross-site scripting mitigation bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user to escalate privileges (admin vs. admin XSS attack).2019-08-02not yet calculatedCVE-2019-7881
CONFIRM
magento -- multiple_products
 
Names of disabled downloadable products could be disclosed due to inadequate validation of user input in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2.2019-08-02not yet calculatedCVE-2019-7899
CONFIRM
magento -- multiple_products
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to edit newsletter templates to inject malicious javascript.2019-08-02not yet calculatedCVE-2019-7934
CONFIRM
magento -- multiple_products
 
Samples of disabled downloadable products are accessible in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 due to inadequate validation of user input.2019-08-02not yet calculatedCVE-2019-7898
CONFIRM
magento -- multiple_products
 
A stored cross-cite scripting vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to modify currency symbols can inject malicious javascript.2019-08-02not yet calculatedCVE-2019-7945
CONFIRM
magento -- multiple_products
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to modify content page titles to inject malicious javascript.2019-08-02not yet calculatedCVE-2019-7935
CONFIRM
magento -- multiple_products
 
A cross-site request forgery vulnerability exists in the GiftCardAccount removal feature for Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2.2019-08-02not yet calculatedCVE-2019-7947
CONFIRM
magento -- multiple_products
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to modify catalog price rules to inject malicious javascript.2019-08-02not yet calculatedCVE-2019-7938
CONFIRM
magento -- multiple_products
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to modify store currency options to inject malicious javascript.2019-08-02not yet calculatedCVE-2019-7940
CONFIRM
magento -- multiple_products
 
An injection vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with marketing manipulation privileges can invoke methods that alter data of the underlying model followed by corresponding database modifications.2019-08-02not yet calculatedCVE-2019-7889
CONFIRM
magento -- multiple_products
 
A reflected cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 when the feature that adds a secret key to the Admin URL is disabled.2019-08-02not yet calculatedCVE-2019-7887
CONFIRM
magento -- multiple_products
 
A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to newsletter templates.2019-08-02not yet calculatedCVE-2019-7875
CONFIRM
magento -- multiple_products
 
A stored cross-site scripting vulnerability exists in the product comments field of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to the Return Product comments field can inject malicious javascript.2019-08-02not yet calculatedCVE-2019-7944
CONFIRM
matrixssl -- matrixsslIn MatrixSSL 3.8.3 Open through 4.2.1 Open, the DTLS server mishandles incoming network messages leading to a heap-based buffer overflow of up to 256 bytes and possible Remote Code Execution in parseSSLHandshake in sslDecode.c. During processing of a crafted packet, the server mishandles the fragment length value provided in the DTLS message.2019-07-29not yet calculatedCVE-2019-14431
MISC
milkytracker -- milkytrackerModuleEditor::convertInstrument in tracker/ModuleEditor.cpp in MilkyTracker 1.02.00 has a heap-based buffer overflow.2019-08-01not yet calculatedCVE-2019-14497
MISC
milkytracker -- milkytrackerLoaderXM::load in LoaderXM.cpp in milkyplay in MilkyTracker 1.02.00 has a stack-based buffer overflow.2019-08-01not yet calculatedCVE-2019-14496
MISC
milkytracker -- milkytrackerXMFile::read in XMFile.cpp in milkyplay in MilkyTracker 1.02.00 has a heap-based buffer overflow.2019-07-31not yet calculatedCVE-2019-14464
MISC
misskey -- misskeyMisskey before 10.102.4 allows hijacking a user's token.2019-07-29not yet calculatedCVE-2019-1020010
MISC
netapp -- data_ontap_7-modeData ONTAP operating in 7-Mode versions prior to 8.2.5P3 may disclose sensitive LDAP account information to unauthenticated remote attackers.2019-08-02not yet calculatedCVE-2019-5501
CONFIRM
netapp -- data_ontap_7-modeData ONTAP operating in 7-Mode versions prior to 8.2.5P3 are susceptible to a vulnerability which discloses information to an unauthenticated attacker. A successful attack requires that multiple non-default options be enabled.2019-08-02not yet calculatedCVE-2019-5493
CONFIRM
netgear -- n600_wifi_dual_band_routerA stack-based buffer overflow in the upnpd binary running on NETGEAR WNDR3400v3 routers with firmware version 1.0.1.18_1.0.63 allows an attacker to remotely execute arbitrary code via a crafted UPnP SSDP packet.2019-07-28not yet calculatedCVE-2019-14363
MISC
nextcloud -- nextcloud_android_applicationBypass lock protection in the Nextcloud Android app prior to version 3.6.2 causes leaking of thumbnails when requesting the Android content provider although the lock protection was not solved.2019-07-30not yet calculatedCVE-2019-5452
MISC
nextcloud -- nextcloud_android_applicationBypassing lock protection exists in Nextcloud Android app 3.6.0 when creating a multi-account and aborting the process.2019-07-30not yet calculatedCVE-2019-5455
MISC
nextcloud -- nextcloud_android_applicationSQL Injection in the Nextcloud Android app prior to version 3.0.0 allows to destroy a local cache when a harmful query is executed requiring to resetup the account.2019-07-30not yet calculatedCVE-2019-5454
MISC
nextcloud -- nextcloud_android_applicationBypass lock protection in the Nextcloud Android app prior to version 3.3.0 allowed access to files when being prompted for the lock protection and switching to the Nextcloud file provider.2019-07-30not yet calculatedCVE-2019-5453
MISC
nextcloud -- nextcloud_android_applicationImproper sanitization of HTML in directory names in the Nextcloud Android app prior to version 3.7.0 allowed to style the directory name in the header bar when using basic HTML.2019-07-30not yet calculatedCVE-2019-5450
MISC
nextcloud -- nextcloud_android_applicationBypass lock protection in the Nextcloud Android app prior to version 3.6.1 allows accessing the files when repeatedly opening and closing the app in a very short time.2019-07-30not yet calculatedCVE-2019-5451
MISC
nextcloud -- nextcloud_serverA missing check in the Nextcloud Server prior to version 15.0.1 causes leaking of calendar event names when adding or modifying confidential or private events.2019-07-30not yet calculatedCVE-2019-5449
MISC
nfdump -- nfdumpnfdump 1.6.17 and earlier is affected by an integer overflow in the function Process_ipfix_template_withdraw in ipfix.c that can be abused in order to crash the process remotely (denial of service).2019-07-31not yet calculatedCVE-2019-14459
MISC
MISC
one_identity -- cloud_access_managerOne Identity Cloud Access Manager 8.1.3 does not use HTTP Strict Transport Security (HSTS), which may allow man-in-the-middle (MITM) attacks. This issue is fixed in version 8.1.4.2019-07-29not yet calculatedCVE-2019-13498
CONFIRM
openbravo -- openbravo_erpOpenbravo ERP before 3.0PR19Q1.3 is affected by Directory Traversal. This vulnerability could allow remote authenticated attackers to replace a file on the server via the getAttachmentDirectoryForNewAttachment inpKey value.2019-07-28not yet calculatedCVE-2019-14362
MISC
MISC
MISC
opencv -- opencvAn issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read in the function cv::predictOrdered<cv::HaarEvaluator> in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.2019-08-01not yet calculatedCVE-2019-14491
MISC
MISC
MISC
opencv -- opencvAn issue was discovered in OpenCV before 4.1.1. There is a NULL pointer dereference in the function cv::XMLParser::parse at modules/core/src/persistence.cpp.2019-08-01not yet calculatedCVE-2019-14493
MISC
MISC
opencv -- opencvAn issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read/write in the function HaarEvaluator::OptFeature::calc in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.2019-08-01not yet calculatedCVE-2019-14492
MISC
MISC
MISC
openemr -- openemrOpenEMR before 5.0.2 allows SQL Injection in interface/forms/eye_mag/save.php.2019-08-02not yet calculatedCVE-2019-14529
MISC
opengear -- console_serverOpengear console server firmware releases prior to 4.5.0 have a stored XSS vulnerability related to serial port logging. If a malicious user of an external system (connected to a serial port on an Opengear console server) sends crafted text to a serial port (that has logging enabled), the text will be replayed when the logs are viewed. Exploiting this vulnerability requires access to the serial port and/or console server.2019-07-31not yet calculatedCVE-2019-14456
MISC

openssl -- openssl

OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).2019-07-30not yet calculatedCVE-2019-1552
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
openstack -- openstack-ironic-inspectorA vulnerability was found in openstack-ironic-inspector all versions excluding 5.0.2, 6.0.3, 7.2.4, 8.0.3 and 8.2.1. A SQL-injection vulnerability was found in openstack-ironic-inspector's node_cache.find_node(). This function makes a SQL query using unfiltered data from a server reporting inspection results (by a POST to the /v1/continue endpoint). Because the API is unauthenticated, the flaw could be exploited by an attacker with access to the network on which ironic-inspector is listening. Because of how ironic-inspector uses the query results, it is unlikely that data could be obtained. However, the attacker could pass malicious data and create a denial of service.2019-07-30not yet calculatedCVE-2019-10141
CONFIRM
MISC
MISC
MISC
MISC
MISC
oxid -- oxid_eshopOXID eShop 6.0.x before 6.0.5 and 6.1.x before 6.1.4 allows SQL Injection via a crafted URL, leading to full access by an attacker. This includes all shopping cart options, customer data, and the database. No interaction between the attacker and the victim is necessary.2019-07-30not yet calculatedCVE-2019-13026
CONFIRM
pandao -- editor.mdpandao Editor.md 1.5.0 allows XSS via the Javas&#99;ript: string.2019-08-01not yet calculatedCVE-2019-14517
MISC
pandao -- editor.mdpandao Editor.md 1.5.0 allows XSS via an attribute of an ABBR or SUP element.2019-08-03not yet calculatedCVE-2019-14653
MISC
pdfresurrect -- pdfresurrectPDFResurrect 0.15 has a buffer overflow via a crafted PDF file because data associated with startxref and %%EOF is mishandled.2019-07-29not yet calculatedCVE-2019-14267
MISC
MISC
pixman -- pixmanAn integer overflow issue has been reported in the general_composite_rect() function in pixman prior to version 0.32.8. An attacker could exploit this issue to cause an application using pixman to crash or, potentially, execute arbitrary code.2019-07-31not yet calculatedCVE-2015-5297
MISC
CONFIRM
planon -- planonPlanon before Live Build 41 has XSS.2019-07-29not yet calculatedCVE-2018-18570
MISC
podman -- podmanA path traversal vulnerability has been discovered in podman before version 1.4.0 in the way it handles symlinks inside containers. An attacker who has compromised an existing container can cause arbitrary files on the host filesystem to be read/written when an administrator tries to copy a file from/to the container.2019-07-30not yet calculatedCVE-2019-10152
CONFIRM
CONFIRM
CONFIRM
CONFIRM
polycom -- multiple_productsA vulnerability in the web-based management interface of VVX, Trio, SoundStructure, SoundPoint, and SoundStation phones running Polycom UC Software, if exploited, could allow an authenticated, remote attacker with admin privileges to cause a denial of service (DoS) condition or execute arbitrary code.2019-07-29not yet calculatedCVE-2019-12948
CONFIRM
polycom -- obihai_obi1022_voip_phoneOn the Polycom Obihai Obi1022 VoIP phone with firmware 5.1.11, a command injection (missing input validation) issue in the NTP server IP address field for the "Time Service Settings web" interface allows an authenticated remote attacker in the same network to trigger OS commands via shell commands in a POST request.2019-08-01not yet calculatedCVE-2019-14259
MISC
poppler -- popplerAn issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc.2019-08-01not yet calculatedCVE-2019-14494
MISC
MISC
postgresql -- postgresqlA vulnerability was found in PostgreSQL versions 11.x up to excluding 11.3, 10.x up to excluding 10.8, 9.6.x up to, excluding 9.6.13, 9.5.x up to, excluding 9.5.17. PostgreSQL maintains column statistics for tables. Certain statistics, such as histograms and lists of most common values, contain values taken from the column. PostgreSQL does not evaluate row security policies before consulting those statistics during query planning; an attacker can exploit this to read the most common values of certain columns. Affected columns are those for which the attacker has SELECT privilege and for which, in an ordinary query, row-level security prunes the set of rows visible to the attacker.2019-07-30not yet calculatedCVE-2019-10130
CONFIRM
MISC
powerdns -- authoritative_serverA Vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.9, 4.0.8 allowing a remote, authorized master server to cause a high CPU load or even prevent any further updates to any slave zone by sending a large number of NOTIFY messages. Note that only servers configured as slaves are affected by this issue.2019-07-30not yet calculatedCVE-2019-10163
CONFIRM
CONFIRM
MISC
powerdns -- authoritative_serverA vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.10, 4.0.8 allowing an authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. The issue is due to the fact that the Authoritative Server will exit when it runs into a parsing error while looking up the NS/A/AAAA records it is about to use for an outgoing notify.2019-07-30not yet calculatedCVE-2019-10162
CONFIRM
CONFIRM
MISC
printeron -- printeron_central_print_servicesAn issue was discovered in PrinterOn Central Print Services (CPS) through 4.1.4. A user without valid credentials can bypass the authentication process, obtaining a valid session cookie with guest/pseudo-guest level privileges. This cookie can then be further used to perform other attacks.2019-07-29not yet calculatedCVE-2018-17213
MISC
printeron -- printeron_central_print_servicesAn issue was discovered in PrinterOn Central Print Services (CPS) through 4.1.4. An unauthenticated attacker can view details about the printers associated with CPS via a crafted HTTP GET request.2019-07-29not yet calculatedCVE-2018-17211
MISC
rancher -- rancherAn issue was discovered that affects the following versions of Rancher: v2.0.0 through v2.0.13, v2.1.0 through v2.1.8, and v2.2.0 through 2.2.1. When Rancher starts for the first time, it creates a default admin user with a well-known password. After initial setup, the Rancher administrator may choose to delete this default admin user. If Rancher is restarted, the default admin user will be recreated with the well-known default password. An attacker could exploit this by logging in with the default admin credentials. This can be mitigated by deactivating the default admin user rather than completing deleting them.2019-07-30not yet calculatedCVE-2019-11202
MISC
MISC
red_hat -- openshift_container_platformA flaw was found in OpenShift Container Platform, versions 3.11 and later, in which the CSRF tokens used in the cluster console component were found to remain static during a user's session. An attacker with the ability to observe the value of this token would be able to re-use the token to perform a CSRF attack.2019-08-02not yet calculatedCVE-2019-10176
CONFIRM
red_hat -- atomic-openshiftA vulnerability exists in the garbage collection mechanism of atomic-openshift. An attacker able spoof the UUID of a valid object from another namespace is able to delete children of those objects. Versions 3.6, 3.7, 3.8, 3.9, 3.10, 3.11 and 4.1 are affected.2019-08-01not yet calculatedCVE-2019-3884
CONFIRM
red_hat -- enterprise_linuxIt was found that the fix for CVE-2018-14648 in 389-ds-base, versions 1.4.0.x before 1.4.0.17, was incorrectly applied in RHEL 7.5. An attacker would still be able to provoke excessive CPU consumption leading to a denial of service.2019-08-02not yet calculatedCVE-2019-10171
CONFIRM
red_hat -- openshift_container_platformOpenShift Container Platform before version 4.1.3 writes OAuth tokens in plaintext to the audit logs for the Kubernetes API server and OpenShift API server. A user with sufficient privileges could recover OAuth tokens from these audit logs and use them to access other resources.2019-07-30not yet calculatedCVE-2019-10165
CONFIRM
CONFIRM
CONFIRM
red_hat -- openstack_platformA flaw was discovered in the python-novajoin plugin, all versions up to, excluding 1.1.1, for Red Hat OpenStack Platform. The novajoin API lacked sufficient access control, allowing any keystone authenticated user to generate FreeIPA tokens.2019-07-30not yet calculatedCVE-2019-10138
CONFIRM
MISC
red_hat -- satelliteIt was found that foreman, versions 1.x.x before 1.15.6, in Satellite 6 did not properly enforce access controls on certain resources. An attacker with access to the API and knowledge of the resource name can access resources in other organizations.2019-08-01not yet calculatedCVE-2014-8183
CONFIRM
samba -- heimdal_kdcA flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and replace the user name (principal) in the request with any desired user name (principal) that exists in the KDC effectively obtaining a ticket for that principal.2019-07-31not yet calculatedCVE-2018-16860
CONFIRM
MISC
sas -- sas_drug_developmentSAS Drug Development (SDD) before 32DRG02 mishandles logout actions, which allows a user (who was previously logged in) to access resources by pressing a back or forward button in a web browser.2019-07-31not yet calculatedCVE-2007-6763
MISC
schism_tracker -- schism_trackerfmt_mtm_load_song in fmt/mtm.c in Schism Tracker 20190722 has a heap-based buffer overflow.2019-07-31not yet calculatedCVE-2019-14465
MISC
schism_tracker -- schism_trackerAn issue was discovered in Schism Tracker through 20190722. There is a heap-based buffer overflow via a large number of song patterns in fmt_mtm_load_song in fmt/mtm.c, a different vulnerability than CVE-2019-14465.2019-08-02not yet calculatedCVE-2019-14524
MISC
schism_tracker -- schism_trackerAn issue was discovered in Schism Tracker through 20190722. There is an integer underflow via a large plen in fmt_okt_load_song in the Amiga Oktalyzer parser in fmt/okt.c.2019-08-02not yet calculatedCVE-2019-14523
MISC
sdl2_image -- sdl2_imageAn exploitable code execution vulnerability exists in the XPM image rendering function of SDL2_image 2.0.4. A specially crafted XPM image can cause an integer overflow in the colorhash function, allocating too small of a buffer. This buffer can then be written out of bounds, resulting in a heap overflow, ultimately ending in code execution. An attacker can display a specially crafted image to trigger this vulnerability.2019-07-31not yet calculatedCVE-2019-5060
MISC
siemens -- siprotec_5_devicesA vulnerability has been identified in Ethernet plug-in communication modules for SIPROTEC 5 devices with CPU variants CP200 (All versions), SIPROTEC 5 devices with CPU variants CP300 (All versions). An unauthenticated attacker with network access to the device could potentially insert arbitrary code which is executed before firmware verification in the device.2019-08-02not yet calculatedCVE-2019-10938
MISC
sigil_ebook -- sigilSigil before 0.9.16 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in a ZIP archive entry that is mishandled during extraction.2019-07-30not yet calculatedCVE-2019-14452
MISC
MISC
MISC
MISC
MISC
MISC
MISC
UBUNTU
sleuthkit -- sleuthkitAn issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an off-by-one overwrite due to an underflow on tools/hashtools/hfind.cpp while using a bogus hash table.2019-08-02not yet calculatedCVE-2019-14532
MISC
sleuthkit -- sleuthkitAn issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an out of bounds read on iso9660 while parsing System Use Sharing Protocol data in fs/iso9660.c.2019-08-02not yet calculatedCVE-2019-14531
MISC
smokedetector -- smokedetectorSmokeDetector intentionally does automatic deployments of updated copies of SmokeDetector without server operator authority.2019-07-29not yet calculatedCVE-2019-1020011
MISC
softether_vpn -- softethervpnSee.sys through 4.25 in the SoftEther VPN Server allows a user to specify any kernel address to which arbitrary bytes are written.2019-07-29not yet calculatedCVE-2019-11868
MISC
MISC
sonos -- zoneplayer
 
ZInsVX.dll ActiveX Control 2018.02 and earlier in Zoneplayer contains a vulnerability that could allow remote attackers to execute arbitrary files by setting the arguments to the ActiveX method. This can be leveraged for remote code execution.2019-08-02not yet calculatedCVE-2019-9141
CONFIRM
ssdp_responder -- ssdp_responderSSDP Responder 1.x through 1.5 mishandles incoming network messages, leading to a stack-based buffer overflow by 1 byte. This results in a crash of the server, but only when strict stack checking is enabled. This is caused by an off-by-one error in ssdp_recv in ssdpd.c.2019-07-28not yet calculatedCVE-2019-14323
MISC
MISC
symantec -- endpoint_protection_and_endpoint_protection_small_ business_editionSymantec Endpoint Protection, prior to 14.2 RU1 & 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition, prior to 12.1 RU6 MP10c (12.1.7491.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.2019-07-31not yet calculatedCVE-2019-12750
MISC
terracotta -- quartz_schedulerinitDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description.2019-07-26not yet calculatedCVE-2019-13990
MISC
the_pallets_project -- werkzeugIn Pallets Werkzeug before 0.15.5, SharedDataMiddleware mishandles drive names (such as C:) in Windows pathnames.2019-07-28not yet calculatedCVE-2019-14322
MISC
unifi -- network_controllerSMTP MITM refers to a malicious actor setting up an SMTP proxy server between the UniFi Controller version <= 5.10.21 and their actual SMTP server to record their SMTP credentials for malicious use later.2019-07-30not yet calculatedCVE-2019-5456
CONFIRM
CONFIRM
CONFIRM
MISC
univa -- grid_engineIn Univa Grid Engine before 8.6.3, when configured for Docker jobs and execd spooling on root_squash, weak file permissions ("other" write access) occur in certain cases (GE-6890).2019-07-30not yet calculatedCVE-2018-20871
MISC
veritas -- veritas_resiliency_platformAn issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. When uploading an application bundle, a directory traversal vulnerability allows a VRP user with sufficient privileges to overwrite any file in the VRP virtual machine. A malicious VRP user could use this to replace existing files to take control of the VRP virtual machine.2019-07-29not yet calculatedCVE-2019-14418
MISC
FULLDISC
MISC
vlc -- media_playerDouble Free in VLC versions <= 3.0.6 leads to a crash.2019-07-30not yet calculatedCVE-2019-5460
MISC
vlc -- media_playerAn Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read.2019-07-30not yet calculatedCVE-2019-5459
MISC
wallacepos -- wallaceposUnrestricted upload of file with dangerous type in WallacePOS 1.4.3 allows a remote, authenticated attacker to execute arbitrary code by uploading a malicious PHP file.2019-07-31not yet calculatedCVE-2019-3960
MISC
windu -- windu_cmsWindu CMS 2.2 allows CSRF via admin/users/?mn=admin.message.error to add an admin account.2019-08-01not yet calculatedCVE-2013-7473
MISC
windu -- windu_cmsWindu CMS 2.2 allows XSS via the name parameter to admin/content/edit or admin/content/add, or the username parameter to admin/users.2019-08-01not yet calculatedCVE-2013-7474
MISC
wordpress -- wordpressThe WP Fastest Cache plugin through 0.8.9.5 for WordPress allows wpFastestCache.php and inc/cache.php Directory Traversal.2019-07-30not yet calculatedCVE-2019-13635
MISC
MISC
MISC
MISC
CONFIRM
wordpress -- wordpressThe Adenion Blog2Social plugin through 5.5.0 for WordPress allows SQL Injection.2019-08-01not yet calculatedCVE-2019-13572
MISC
MISC
wordpress -- wordpressA SQL injection vulnerability exists in the Vsourz Digital Advanced CF7 DB plugin through 1.6.1 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system.2019-07-29not yet calculatedCVE-2019-13571
MISC
MISC
MISC
MISC
wordpress -- wordpressThe Simple Membership plugin before 3.8.5 for WordPress has CSRF affecting the Bulk Operation section.2019-07-28not yet calculatedCVE-2019-14328
MISC
MISC
MISC
yara -- yaraAn exploitable denial of service vulnerability exists in the object lookup functionality of Yara 3.8.1. A specially crafted binary file can cause a negative value to be read to satisfy an assert, resulting in Denial of Service. An attacker can create a malicious binary to trigger this vulnerability.2019-07-31not yet calculatedCVE-2019-5020
MISC
yarn -- yarnYarn before 1.17.3 is vulnerable to Missing Encryption of Sensitive Data due to HTTP URLs in lockfile causing unencrypted authentication data to be sent over the network.2019-07-30not yet calculatedCVE-2019-5448
MISC
MISC
CONFIRM
zurmo -- zurmoZurmo 3.2.7-2 has XSS via the app/index.php/zurmo/default PATH_INFO.2019-08-01not yet calculatedCVE-2019-14472
MISC

Back to top

Please share your thoughts

We recently updated our anonymous product survey; we’d welcome your feedback.