CVE List - 2019 / October
Showing 401 - 500 of 1566 CVEs for October 2019 (Page 5 of 16)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2019-13529 | 2019-10-09 | An attacker could send a malicious link to an authenticated... |
| CVE-2019-17384 | 2019-10-09 | The animate-it plugin before 2.3.4 for WordPress has XSS. |
| CVE-2019-17385 | 2019-10-09 | The animate-it plugin before 2.3.5 for WordPress has XSS. |
| CVE-2019-17124 | 2019-10-09 | Kramer VIAware 2.5.0719.1034 has Incorrect Access Control. |
| CVE-2019-17389 | 2019-10-09 | In RIOT 2019.07, the MQTT-SN implementation (asymcute) mishandles errors occurring... |
| CVE-2019-17399 | 2019-10-09 | The Shack Forms Pro extension before 4.0.32 for Joomla! allows... |
| CVE-2019-5506 | 2019-10-09 | Clustered Data ONTAP versions 9.0 and higher do not enforce... |
| CVE-2019-17401 | 2019-10-09 | libyal liblnk 20191006 has a heap-based buffer over-read in the... |
| CVE-2019-17092 | 2019-10-09 | An XSS vulnerability in project list in OpenProject before 9.0.4... |
| CVE-2019-5507 | 2019-10-09 | SnapManager for Oracle prior to version 3.4.2P1 are susceptible to... |
| CVE-2019-9535 | 2019-10-09 | iTerm2, up to and including version 3.3.5, with tmux integration is vulnerable to remote command execution |
| CVE-2019-15715 | 2019-10-09 | MantisBT before 1.3.20 and 2.22.1 allows Post Authentication Command Injection,... |
| CVE-2019-3765 | 2019-10-09 | Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and... |
| CVE-2019-0047 | 2019-10-09 | Junos OS: Persistent XSS vulnerability in J-Web |
| CVE-2019-0050 | 2019-10-09 | Junos OS: SRX1500: Denial of service due to crash of srxpfe process under heavy traffic conditions. |
| CVE-2019-0051 | 2019-10-09 | SRX5000 Series: Denial of Service vulnerability in SSL-Proxy feature. |
| CVE-2019-0054 | 2019-10-09 | Junos OS: SRX Series: An attacker may be able to perform Man-in-the-Middle (MitM) attacks during app-id signature updates. |
| CVE-2019-0055 | 2019-10-09 | Junos OS: SRX Series: An attacker may cause flowd to crash by sending certain valid SIP traffic to a device with SIP ALG enabled. |
| CVE-2019-0056 | 2019-10-09 | Junos OS: MX Series: An MPC10 Denial of Service (DoS) due to OSPF states transitioning to Down, causes traffic to stop forwarding through the device. |
| CVE-2019-0057 | 2019-10-09 | NFX Series: An attacker may be able to take control of the JDM application and subsequently the entire system. |
| CVE-2019-0058 | 2019-10-09 | Junos OS: SRX Series: A weakness in the Veriexec subsystem may allow privilege escalation. |
| CVE-2019-0059 | 2019-10-09 | Junos OS: The routing protocol process (rpd) may crash and generate core files upon receipt of specific valid BGP states from a peered host. |
| CVE-2019-0060 | 2019-10-09 | Junos OS: SRX Series: flowd process crash due to processing of specific transit IP packets |
| CVE-2019-0061 | 2019-10-09 | Junos OS: Insecure management daemon (MGD) configuration may allow local privilege escalation |
| CVE-2019-0062 | 2019-10-09 | Junos OS: Session fixation vulnerability in J-Web |
| CVE-2019-0063 | 2019-10-09 | Junos OS: MX Series: jdhcpd crash when receiving a specific crafted DHCP response message |
| CVE-2019-0064 | 2019-10-09 | Junos OS: SRX5000 Series: flowd process crash due to receipt of specific TCP packet |
| CVE-2019-0065 | 2019-10-09 | Junos OS: MX Series: Denial of Service vulnerability in MS-PIC component on MS-MIC or MS-MPC |
| CVE-2019-0066 | 2019-10-09 | Junos OS: A malformed IPv4 packet received by Junos in an NG-mVPN scenario may cause the routing protocol daemon (rpd) process to core |
| CVE-2019-0067 | 2019-10-09 | Junos OS: Kernel crash (vmcore) upon receipt of a specific link-local IPv6 packet on devices configured with Multi-Chassis Link Aggregation Group (MC-LAG) |
| CVE-2019-0068 | 2019-10-09 | Junos OS: SRX Series: Denial of Service vulnerability in flowd due to multicast packets |
| CVE-2019-0069 | 2019-10-09 | Junos OS: vSRX, SRX1500, SRX4K, ACX5K, EX4600, QFX5100, QFX5110, QFX5200, QFX10K and NFX Series: console management port device authentication credentials are logged in clear text |
| CVE-2019-0070 | 2019-10-09 | Junos OS: NFX Series: An Improper Input Validation weakness allows a malicious local attacker to elevate their permissions. |
| CVE-2019-0071 | 2019-10-09 | Junos OS: EX2300, EX3400 Series: Veriexec signature checking not enforced in specific versions of Junos OS |
| CVE-2019-0072 | 2019-10-09 | SBR Carrier: A vulnerability in the identity and access management certificate generation procedure allows a local attacker to gain access to confidential information. |
| CVE-2019-0073 | 2019-10-09 | Junos OS: PKI key pairs are exported with insecure file permissions |
| CVE-2019-0074 | 2019-10-09 | Junos OS: NFX150 Series, QFX10K Series, EX9200 Series, MX Series, PTX Series: Path traversal vulnerability in NFX150 and NG-RE leads to information disclosure. |
| CVE-2019-0075 | 2019-10-09 | Junos OS: SRX Series: Denial of Service vulnerability in srxpfe related to PIM |
| CVE-2019-17112 | 2019-10-09 | An issue was discovered in Zoho ManageEngine DataSecurity Plus before... |
| CVE-2019-15014 | 2019-10-09 | A command injection vulnerability exists in the Zingbox Inspector versions... |
| CVE-2019-15015 | 2019-10-09 | In the Zingbox Inspector, versions 1.294 and earlier, hardcoded credentials... |
| CVE-2019-15016 | 2019-10-09 | An SQL injection vulnerability exists in the management interface of... |
| CVE-2019-15017 | 2019-10-09 | The SSH service is enabled on the Zingbox Inspector versions... |
| CVE-2019-15018 | 2019-10-09 | A security vulnerability exists in the Zingbox Inspector versions 1.280... |
| CVE-2019-15019 | 2019-10-09 | A security vulnerability exists in the Zingbox Inspector versions 1.294... |
| CVE-2019-15020 | 2019-10-09 | A security vulnerability exists in the Zingbox Inspector versions 1.293... |
| CVE-2019-15021 | 2019-10-09 | A security vulnerability exists in the Zingbox Inspector versions 1.294... |
| CVE-2019-15022 | 2019-10-09 | A security vulnerability exists in Zingbox Inspector versions 1.294 and... |
| CVE-2019-15023 | 2019-10-09 | A security vulnerability exists in Zingbox Inspector versions 1.294 and... |
| CVE-2019-1584 | 2019-10-09 | A security vulnerability exists in Zingbox Inspector version 1.293 and... |
| CVE-2019-5053 | 2019-10-09 | An exploitable use-after-free vulnerability exists in the Length parsing function... |
| CVE-2019-5047 | 2019-10-09 | An exploitable Use After Free vulnerability exists in the CharProcs... |
| CVE-2019-5045 | 2019-10-09 | A specifically crafted jpeg2000 file embedded in a PDF file... |
| CVE-2019-5046 | 2019-10-09 | A specifically crafted jpeg2000 file embedded in a PDF file... |
| CVE-2019-5048 | 2019-10-09 | A specifically crafted PDF file can lead to a heap... |
| CVE-2019-5050 | 2019-10-09 | A specifically crafted PDF file can lead to a heap... |
| CVE-2019-5700 | 2019-10-09 | NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra software... |
| CVE-2019-5699 | 2019-10-09 | NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra bootloader... |
| CVE-2019-17366 | 2019-10-09 | Citrix Application Delivery Management (ADM) 12.1 before build 54.13 has... |
| CVE-2019-17365 | 2019-10-09 | Nix through 2.3 allows local users to gain access to... |
| CVE-2019-17109 | 2019-10-09 | Koji through 1.18.0 allows remote Directory Traversal, with resultant Privilege... |
| CVE-2019-17414 | 2019-10-09 | tinylcy Vino through 2017-12-15 allows remote attackers to cause a... |
| CVE-2019-17415 | 2019-10-09 | A Structured Exception Handler (SEH) based buffer overflow in File... |
| CVE-2019-17417 | 2019-10-09 | PbootCMS 2.0.2 allows XSS via vectors involving the Pboot/admin.php?p=/Single/index/mcode/1 and... |
| CVE-2019-17419 | 2019-10-09 | An issue was discovered in MetInfo 7.0. There is SQL... |
| CVE-2019-17418 | 2019-10-09 | An issue was discovered in MetInfo 7.0. There is SQL... |
| CVE-2019-17420 | 2019-10-09 | In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4... |
| CVE-2019-10936 | 2019-10-10 | Affected devices improperly handle large amounts of specially crafted UDP... |
| CVE-2019-17426 | 2019-10-10 | Automattic Mongoose through 5.7.4 allows attackers to bypass access control... |
| CVE-2019-17427 | 2019-10-10 | In Redmine before 3.4.11 and 4.0.x before 4.0.4, persistent XSS... |
| CVE-2019-17430 | 2019-10-10 | EyouCms through 2019-07-11 has XSS related to the login.php web_recordnum... |
| CVE-2019-17429 | 2019-10-10 | Adhouma CMS through 2019-10-09 has SQL Injection via the post.php... |
| CVE-2019-17070 | 2019-10-10 | The liquid-speech-balloon (aka LIQUID SPEECH BALLOON) plugin before 1.0.7 for... |
| CVE-2019-17071 | 2019-10-10 | The client-dash (aka Client Dash) plugin 2.1.4 for WordPress allows... |
| CVE-2019-17072 | 2019-10-10 | The new-contact-form-widget (aka Contact Form Widget - Contact Query, Form... |
| CVE-2019-17432 | 2019-10-10 | An issue was discovered in fastadmin 1.0.0.20190705_beta. There is a... |
| CVE-2019-17431 | 2019-10-10 | An issue was discovered in fastadmin 1.0.0.20190705_beta. There is a... |
| CVE-2019-17433 | 2019-10-10 | z-song laravel-admin 1.7.3 has XSS via the Slug or Name... |
| CVE-2019-17434 | 2019-10-10 | LavaLite through 5.7 has XSS via a crafted account name... |
| CVE-2019-0608 | 2019-10-10 | A spoofing vulnerability exists when Microsoft Browsers does not properly... |
| CVE-2019-1060 | 2019-10-10 | A remote code execution vulnerability exists when the Microsoft XML... |
| CVE-2019-1070 | 2019-10-10 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does... |
| CVE-2019-1166 | 2019-10-10 | A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle... |
| CVE-2019-1230 | 2019-10-10 | An information disclosure vulnerability exists when the Windows Hyper-V Network... |
| CVE-2019-1238 | 2019-10-10 | A remote code execution vulnerability exists in the way that... |
| CVE-2019-1239 | 2019-10-10 | A remote code execution vulnerability exists in the way that... |
| CVE-2019-1307 | 2019-10-10 | A remote code execution vulnerability exists in the way that... |
| CVE-2019-1308 | 2019-10-10 | A remote code execution vulnerability exists in the way that... |
| CVE-2019-1311 | 2019-10-10 | A remote code execution vulnerability exists when the Windows Imaging... |
| CVE-2019-1313 | 2019-10-10 | An information disclosure vulnerability exists in Microsoft SQL Server Management... |
| CVE-2019-1314 | 2019-10-10 | A security feature bypass vulnerability exists in Windows 10 Mobile... |
| CVE-2019-1316 | 2019-10-10 | An elevation of privilege vulnerability exists in Microsoft Windows Setup... |
| CVE-2019-1317 | 2019-10-10 | A denial of service vulnerability exists when Windows improperly handles... |
| CVE-2019-1315 | 2019-10-10 | An elevation of privilege vulnerability exists when Windows Error Reporting... |
| CVE-2019-1318 | 2019-10-10 | A spoofing vulnerability exists when Transport Layer Security (TLS) accesses... |
| CVE-2019-1319 | 2019-10-10 | An elevation of privilege vulnerability exists in Windows Error Reporting... |
| CVE-2019-1320 | 2019-10-10 | An elevation of privilege vulnerability exists when Windows improperly handles... |
| CVE-2019-1321 | 2019-10-10 | An elevation of privilege vulnerability exists when Windows CloudStore improperly... |
| CVE-2019-1323 | 2019-10-10 | An elevation of privilege vulnerability exists in the Microsoft Windows... |
| CVE-2019-1325 | 2019-10-10 | An elevation of privilege vulnerability exists in the Windows redirected... |