Lista CVE - 2019 / Settembre
Visualizzazione 901 - 1000 di 1531 CVE per Settembre 2019 (Pagina 10 di 16)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2019-16665 | 2019-09-21 | An issue was discovered in ThinkSAAS 2.91. There is XSS via the content to the index.php?app=group&ac=comment&ts=do&js=1 URI, as demonstrated by a crafted SVG document in the SRC attribute of an... |
| CVE-2019-16664 | 2019-09-21 | An issue was discovered in ThinkSAAS 2.91. There is XSS via the index.php?app=group&ac=create&ts=do groupname parameter. |
| CVE-2019-16669 | 2019-09-21 | The Reset Password feature in Pagekit 1.0.17 gives a different response depending on whether the e-mail address of a valid user account is entered, which might make it easier for... |
| CVE-2019-16678 | 2019-09-21 | admin/urlrule/add.html in YzmCMS 5.3 allows CSRF with a resultant denial of service by adding a superseding route. |
| CVE-2019-16677 | 2019-09-21 | An issue was discovered in idreamsoft iCMS V7.0. admincp.php?app=members&do=del allows CSRF. |
| CVE-2019-16679 | 2019-09-21 | Gila CMS before 1.11.1 allows admin/fm/?f=../ directory traversal, leading to Local File Inclusion. |
| CVE-2019-16680 | 2019-09-21 | An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possibly overwriting a file during extraction. |
| CVE-2019-16681 | 2019-09-21 | The Traveloka application 3.14.0 for Android exports com.traveloka.android.activity.common.WebViewActivity, leading to the opening of arbitrary URLs, which can inject deceptive content into the UI. (When in physical possession of the device,... |
| CVE-2018-21018 | 2019-09-22 | Mastodon before 2.6.3 mishandles timeouts of incompletely established sessions. |
| CVE-2019-16696 | 2019-09-22 | phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit.php table parameter when action=add is used. |
| CVE-2019-16695 | 2019-09-22 | phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter.php table parameter when action=add is used. |
| CVE-2019-16694 | 2019-09-22 | phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit-result.php table parameter when action=add is used. |
| CVE-2019-16693 | 2019-09-22 | phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/order.php table parameter when action=add is used. |
| CVE-2019-16692 | 2019-09-22 | phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter-result.php table parameter when action=add is used. |
| CVE-2019-16702 | 2019-09-23 | Integard Pro 2.2.0.9026 allows remote attackers to execute arbitrary code via a buffer overflow involving a long NoJs parameter to the /LoginAdmin URI. |
| CVE-2019-16703 | 2019-09-23 | admin/infolist_add.php in PHPMyWind 5.6 has stored XSS. |
| CVE-2019-16704 | 2019-09-23 | admin/infoclass_update.php in PHPMyWind 5.6 has stored XSS. |
| CVE-2019-16705 | 2019-09-23 | Ming (aka libming) 0.4.8 has an out of bounds read vulnerability in the function OpCode() in the decompile.c file in libutil.a. |
| CVE-2019-16706 | 2019-09-23 | kkcms v1.3 has a CSRF vulnerablity that can add an user account via admin/cms_user_add.php. |
| CVE-2019-16714 | 2019-09-23 | In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized. |
| CVE-2019-16713 | 2019-09-23 | ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c. |
| CVE-2019-16712 | 2019-09-23 | ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image. |
| CVE-2019-16711 | 2019-09-23 | ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c. |
| CVE-2019-16710 | 2019-09-23 | ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c. |
| CVE-2019-16709 | 2019-09-23 | ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage. |
| CVE-2019-16708 | 2019-09-23 | ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage. |
| CVE-2019-16707 | 2019-09-23 | Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx. |
| CVE-2019-16718 | 2019-09-23 | In radare2 before 3.9.0, a command injection vulnerability exists in bin_symbols() in libr/core/cbin.c. By using a crafted executable file, it's possible to execute arbitrary shell commands with the permissions of... |
| CVE-2019-16720 | 2019-09-23 | ZZZCMS zzzphp v1.7.2 does not properly restrict file upload in plugins/ueditor/php/controller.php?upfolder=news&action=catchimage, as demonstrated by uploading a .htaccess or .php5 file. |
| CVE-2019-16722 | 2019-09-23 | ZZZCMS zzzphp v1.7.2 has an insufficient protection mechanism against PHP Code Execution, because passthru bypasses an str_ireplace operation. |
| CVE-2019-16721 | 2019-09-23 | NoneCMS v1.3 has CSRF in public/index.php/admin/admin/dele.html, as demonstrated by deleting the admin user. |
| CVE-2019-16719 | 2019-09-23 | WTCMS 1.0 allows index.php?g=admin&m=index&a=index CSRF with resultant XSS. |
| CVE-2019-3416 | 2019-09-23 | All versions up to V81511329.1008 of ZTE ZXV10 B860A products are impacted by input validation vulnerability. Due to input validation, unauthorized users can take advantage of this vulnerability to control... |
| CVE-2019-16518 | 2019-09-23 | An issue was discovered on Swell Kit Mod devices that use the Vandy Vape platform. An attacker may be able to trigger an unintended temperature in the victim's mouth and... |
| CVE-2019-16723 | 2019-09-23 | In Cacti through 1.2.6, authenticated users may bypass authorization checks (for viewing a graph) via a direct graph_json.php request with a modified local_graph_id parameter. |
| CVE-2019-10087 | 2019-09-23 | On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the Page Revision History, which could allow... |
| CVE-2019-10089 | 2019-09-23 | On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the WYSIWYG editor, which could allow the... |
| CVE-2019-12404 | 2019-09-23 | On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to InfoContent.jsp, which could allow the attacker to... |
| CVE-2019-13063 | 2019-09-23 | Within Sahi Pro 8.0.0, an attacker can send a specially crafted URL to include any victim files on the system via the script parameter on the Script_view page. This will... |
| CVE-2019-16377 | 2019-09-23 | The makandra consul gem through 1.0.2 for Ruby has Incorrect Access Control. |
| CVE-2018-21019 | 2019-09-23 | Home Assistant before 0.67.0 was vulnerable to an information disclosure that allowed an unauthenticated attacker to read the application's error log via components/api.py. |
| CVE-2019-10090 | 2019-09-23 | On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the plain editor, which could allow the... |
| CVE-2019-12407 | 2019-09-23 | On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the remember parameter on some of the... |
| CVE-2019-10990 | 2019-09-23 | Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, uses a hard-coded password to encrypt protected files in transit and at rest, which may... |
| CVE-2019-10996 | 2019-09-23 | Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, allow multiple vulnerabilities to be exploited when a valid user opens a specially crafted, malicious... |
| CVE-2019-10978 | 2019-09-23 | Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, allow multiple vulnerabilities to be exploited when a valid user opens a specially crafted, malicious... |
| CVE-2019-10984 | 2019-09-23 | Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, allow multiple vulnerabilities to be exploited when a valid user opens a specially crafted, malicious... |
| CVE-2019-15635 | 2019-09-23 | An issue was discovered in Grafana 5.4.0. Passwords for data sources used by Grafana (e.g., MySQL) are not encrypted. An admin user can reveal passwords for any data source by... |
| CVE-2019-11277 | 2019-09-23 | Volume Services is vulnerable to an LDAP injection attack |
| CVE-2019-1255 | 2019-09-23 | A denial of service vulnerability exists when Microsoft Defender improperly handles files, aka 'Microsoft Defender Denial of Service Vulnerability'. |
| CVE-2019-1367 | 2019-09-23 | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is... |
| CVE-2019-10754 | 2019-09-23 | Multiple classes used within Apereo CAS before release 6.1.0-RC5 makes use of apache commons-lang3 RandomStringUtils for token and ID generation which makes them predictable due to RandomStringUtils PRNG's algorithm not... |
| CVE-2019-10755 | 2019-09-23 | The SAML identifier generated within SAML2Utils.java was found to make use of the apache commons-lang3 RandomStringUtils class which makes them predictable due to RandomStringUtils PRNG's algorithm not being cryptographically strong.... |
| CVE-2019-16728 | 2019-09-24 | DOMPurify before 2.0.1 allows XSS because of innerHTML mutation XSS (mXSS) for an SVG element or a MATH element, as demonstrated by Chrome and Safari. |
| CVE-2019-16729 | 2019-09-24 | pam-python before 1.0.7-1 has an issue in regard to the default environment variable handling of Python, which could allow for local root escalation in certain PAM setups. |
| CVE-2019-16746 | 2019-09-24 | An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow. |
| CVE-2019-16748 | 2019-09-24 | In wolfSSL through 4.1.0, there is a missing sanity check of memory accesses in parsing ASN.1 certificate data while handshaking. Specifically, there is a one-byte heap-based buffer over-read in CheckCertSignature_ex... |
| CVE-2018-9090 | 2019-09-24 | CoreOS Tectonic 1.7.x and 1.8.x before 1.8.7-tectonic.2 deploys the Grafana web application using default credentials (admin/admin) for the administrator account located at grafana-credentials secret. This occurs because CoreOS does not... |
| CVE-2019-4515 | 2019-09-24 | IBM Security Key Lifecycle Manager 3.0 and 3.0.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that... |
| CVE-2019-4566 | 2019-09-24 | IBM Security Key Lifecycle Manager 3.0 and 3.0.1 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 166627. |
| CVE-2019-13357 | 2019-09-24 | In Total Defense Anti-virus 9.0.0.773, resource acquisition from the untrusted search path C:\ used by caschelp.exe allows local attackers to hijack ccGUIFrm.dll, which leads to code execution. SYSTEM-level code execution... |
| CVE-2019-13356 | 2019-09-24 | In Total Defense Anti-virus 9.0.0.773, insecure access control for the directory %PROGRAMDATA%\TotalDefense\Consumer\ISS\9\bd\TDUpdate2\ used by AMRT.exe allows local attackers to hijack bdcore.dll, which leads to privilege escalation when the AMRT service... |
| CVE-2019-13355 | 2019-09-24 | In Total Defense Anti-virus 9.0.0.773, insecure access control for the directory %PROGRAMDATA%\TotalDefense\Consumer\ISS\9\ used by ccschedulersvc.exe allows local attackers to hijack dotnetproxy.exe, which leads to privilege escalation when the ccSchedulerSVC service... |
| CVE-2019-16383 | 2019-09-24 | MOVEit.DMZ.WebApi.dll in Progress MOVEit Transfer 2018 SP2 before 10.2.4, 2019 before 11.0.2, and 2019.1 before 11.1.1 allows an unauthenticated attacker to gain unauthorized access to the database. Depending on the... |
| CVE-2019-3726 | 2019-09-24 | An Uncontrolled Search Path Vulnerability is applicable to the following: Dell Update Package (DUP) Framework file versions prior to 19.1.0.413, and Framework file versions prior to 103.4.6.69 used in Dell... |
| CVE-2019-14753 | 2019-09-24 | SICK FX0-GPNT00000 and FX0-GENT00000 devices through 3.4.0 have a Buffer Overflow |
| CVE-2019-16751 | 2019-09-24 | An issue was discovered in Devise Token Auth through 1.1.2. The omniauth failure endpoint is vulnerable to Reflected Cross Site Scripting (XSS) through the message parameter. Unauthenticated attackers can craft... |
| CVE-2019-16754 | 2019-09-24 | RIOT 2019.07 contains a NULL pointer dereference in the MQTT-SN implementation (asymcute), potentially allowing an attacker to crash a network node running RIOT. This requires spoofing an MQTT server response.... |
| CVE-2019-14238 | 2019-09-24 | On STMicroelectronics STM32F7 devices, Proprietary Code Read Out Protection (PCROP) (a software IP protection method) can be defeated with a debug probe via the Instruction Tightly Coupled Memory (ITCM) bus. |
| CVE-2019-14239 | 2019-09-24 | On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls (FAC) (a software IP protection method for execute-only access) can be defeated by leveraging a load instruction... |
| CVE-2019-15699 | 2019-09-24 | An issue was discovered in app-layer-ssl.c in Suricata 4.1.4. Upon receiving a corrupted SSLv3 (TLS 1.2) packet, the parser function TLSDecodeHSHelloExtensions tries to access a memory region that is not... |
| CVE-2019-16411 | 2019-09-24 | An issue was discovered in Suricata 4.1.4. By sending multiple IPv4 packets that have invalid IPv4Options, the function IPV4OptValidateTimestamp in decode-ipv4.c tries to access a memory region that is not... |
| CVE-2019-16410 | 2019-09-24 | An issue was discovered in Suricata 4.1.4. By sending multiple fragmented IPv4 packets, the function Defrag4Reassemble in defrag.c tries to access a memory region that is not allocated, because of... |
| CVE-2019-5504 | 2019-09-24 | ONTAP Select Deploy administration utility versions 2.12 & 2.12.1 ship with an HTTP service bound to the network allowing unauthenticated remote attackers to perform administrative actions. |
| CVE-2019-5505 | 2019-09-24 | ONTAP Select Deploy administration utility versions 2.2 through 2.12.1 transmit credentials in plaintext. |
| CVE-2019-12068 | 2019-09-24 | In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi adapter emulator advances 's->dsp' index to read next opcode. This can lead... |
| CVE-2019-16725 | 2019-09-24 | In Joomla! 3.x before 3.9.12, inadequate escaping allowed XSS attacks using the logo parameter of the default templates. |
| CVE-2019-14220 | 2019-09-24 | An issue was discovered in BlueStacks 4.110 and below on macOS and on 4.120 and below on Windows. BlueStacks employs Android running in a virtual machine (VM) to enable Android... |
| CVE-2019-16724 | 2019-09-24 | File Sharing Wizard 1.5.0 allows a remote attacker to obtain arbitrary code execution by exploiting a Structured Exception Handler (SEH) based buffer overflow in an HTTP POST parameter, a similar... |
| CVE-2019-16759 | 2019-09-24 | vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request. |
| CVE-2019-13527 | 2019-09-24 | In Rockwell Automation Arena Simulation Software Cat. 9502-Ax, Versions 16.00.00 and earlier, a maliciously crafted Arena file opened by an unsuspecting user may result in the use of a pointer... |
| CVE-2019-5094 | 2019-09-24 | An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code... |
| CVE-2019-13528 | 2019-09-24 | A specific utility may allow an attacker to gain read access to privileged files in the Niagara AX 3.8u4 (JACE 3e, JACE 6e, JACE 7, JACE-8000), Niagara 4.4u3 (JACE 3e,... |
| CVE-2019-16884 | 2019-09-25 | runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount... |
| CVE-2019-16892 | 2019-09-25 | In Rubyzip before 1.3.0, a crafted ZIP file can bypass application checks on ZIP entry sizes because data about the uncompressed size can be spoofed. This allows attackers to cause... |
| CVE-2019-16867 | 2019-09-25 | HongCMS 3.0.0 allows arbitrary file deletion via a ../ in the file parameter to admin/index.php/database/ajax?action=delete, a similar issue to CVE-2018-16774. (If the attacker deletes config.php and visits install/index.php, they can... |
| CVE-2019-16868 | 2019-09-25 | emlog through 6.0.0beta has an arbitrary file deletion vulnerability via an admin/data.php?action=dell_all_bak request with directory traversal sequences in the bak[] parameter. |
| CVE-2019-13627 | 2019-09-25 | It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7. |
| CVE-2019-10401 | 2019-09-25 | In Jenkins 2.196 and earlier, LTS 2.176.3 and earlier, the f:expandableTextBox form control interpreted its content as HTML when expanded, resulting in a stored XSS vulnerability exploitable by users with... |
| CVE-2019-10402 | 2019-09-25 | In Jenkins 2.196 and earlier, LTS 2.176.3 and earlier, the f:combobox form control interpreted its item labels as HTML, resulting in a stored XSS vulnerability exploitable by users with permission... |
| CVE-2019-10403 | 2019-09-25 | Jenkins 2.196 and earlier, LTS 2.176.3 and earlier did not escape the SCM tag name on the tooltip for SCM tag actions, resulting in a stored XSS vulnerability exploitable by... |
| CVE-2019-10404 | 2019-09-25 | Jenkins 2.196 and earlier, LTS 2.176.3 and earlier did not escape the reason why a queue items is blcoked in tooltips, resulting in a stored XSS vulnerability exploitable by users... |
| CVE-2019-10405 | 2019-09-25 | Jenkins 2.196 and earlier, LTS 2.176.3 and earlier printed the value of the "Cookie" HTTP request header on the /whoAmI/ URL, allowing attackers exploiting another XSS vulnerability to obtain the... |
| CVE-2019-10406 | 2019-09-25 | Jenkins 2.196 and earlier, LTS 2.176.3 and earlier did not restrict or filter values set as Jenkins URL in the global configuration, resulting in a stored XSS vulnerability exploitable by... |
| CVE-2019-10407 | 2019-09-25 | Jenkins Project Inheritance Plugin 2.0.0 and earlier displayed a list of environment variables passed to a build without masking sensitive variables contributed by the Mask Passwords Plugin. |
| CVE-2019-10408 | 2019-09-25 | A cross-site request forgery vulnerability in Jenkins Project Inheritance Plugin 2.0.0 and earlier allowed attackers to trigger project generation from templates. |
| CVE-2019-10409 | 2019-09-25 | A missing permission check in Jenkins Project Inheritance Plugin 2.0.0 and earlier allowed attackers with Overall/Read permission to trigger project generation from templates. |
| CVE-2019-10410 | 2019-09-25 | Jenkins Log Parser Plugin 2.0 and earlier did not escape an error message, resulting in a cross-site scripting vulnerability exploitable by users able to define log parsing rules. |
| CVE-2019-10411 | 2019-09-25 | Jenkins Inedo BuildMaster Plugin 2.4.0 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure. |
| CVE-2019-10412 | 2019-09-25 | Jenkins Inedo ProGet Plugin 1.2 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure. |