CVE List - 2019 / April
Showing 1401 - 1500 of 1531 CVEs for April 2019 (Page 15 of 16)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2019-9805 | 2019-04-26 | A latent vulnerability exists in the Prio library where data... |
| CVE-2019-9806 | 2019-04-26 | A vulnerability exists during authorization prompting for FTP transaction where... |
| CVE-2019-2725 | 2019-04-26 | Vulnerability in the Oracle WebLogic Server component of Oracle Fusion... |
| CVE-2019-3705 | 2019-04-26 | Buffer Overflow Vulnerability |
| CVE-2019-3706 | 2019-04-26 | Web Interface Authentication Bypass Vulnerability |
| CVE-2019-3707 | 2019-04-26 | WS-MAN Authentication Bypass Vulnerability |
| CVE-2019-6689 | 2019-04-26 | An issue was discovered in Dillon Kane Tidal Workload Automation... |
| CVE-2019-11219 | 2019-04-26 | The algorithm used to generate device IDs (UIDs) for devices... |
| CVE-2019-11220 | 2019-04-26 | An authentication flaw in Shenzhen Yunni Technology iLnkP2P allows remote... |
| CVE-2018-15581 | 2019-04-26 | Cross-Site Scripting (XSS) vulnerability in adm/faqmasterformupdate.php in gnuboard5 before 5.3.1.6... |
| CVE-2018-15584 | 2019-04-26 | Cross-Site Scripting (XSS) vulnerability in adm/boardgroup_form_update.php and adm/boardgroup_list_update.php in gnuboard5... |
| CVE-2018-15580 | 2019-04-26 | Cross-Site Scripting (XSS) vulnerability in adm/contentformupdate.php in gnuboard5 before 5.3.1.6... |
| CVE-2018-15582 | 2019-04-26 | Cross-Site Scripting (XSS) vulnerability in adm/sms_admin/num_book_write.php and adm/sms_admin/num_book_update.php in gnuboard5... |
| CVE-2018-18276 | 2019-04-26 | XSS exists in the ProFiles 1.5 component for Joomla! via... |
| CVE-2019-11492 | 2019-04-26 | ProjectSend before r1070 writes user passwords to the server logs. |
| CVE-2019-11533 | 2019-04-26 | Cross-site scripting (XSS) vulnerability in ProjectSend before r1070 allows remote... |
| CVE-2019-7476 | 2019-04-26 | A vulnerability in SonicWall Global Management System (GMS), allow a... |
| CVE-2019-3844 | 2019-04-26 | It was discovered that a systemd service that uses DynamicUser... |
| CVE-2019-3843 | 2019-04-26 | It was discovered that a systemd service that uses DynamicUser... |
| CVE-2019-11555 | 2019-04-26 | The EAP-pwd implementation in hostapd (EAP server) before 2.8 and... |
| CVE-2019-11557 | 2019-04-26 | The WebDorado Contact Form Builder plugin before 1.0.69 for WordPress... |
| CVE-2019-11565 | 2019-04-27 | Server Side Request Forgery (SSRF) exists in the Print My... |
| CVE-2019-11567 | 2019-04-27 | An issue was discovered in AikCms v2.0. There is a... |
| CVE-2019-11568 | 2019-04-27 | An issue was discovered in AikCms v2.0. There is a... |
| CVE-2019-11576 | 2019-04-28 | Gitea before 1.8.0 allows 1FA for user accounts that have... |
| CVE-2019-11577 | 2019-04-28 | dhcpcd before 7.2.1 contains a buffer overflow in dhcp6_findna in... |
| CVE-2019-11578 | 2019-04-28 | auth.c in dhcpcd before 7.2.1 allowed attackers to infer secrets... |
| CVE-2019-11579 | 2019-04-28 | dhcp.c in dhcpcd before 7.2.1 contains a 1-byte read overflow... |
| CVE-2019-3560 | 2019-04-29 | An improperly performed length calculation on a buffer in PlaintextRecordLayer... |
| CVE-2019-11590 | 2019-04-29 | The 10Web Form Maker plugin before 1.13.5 for WordPress allows... |
| CVE-2019-11591 | 2019-04-29 | The WebDorado Contact Form plugin before 1.13.5 for WordPress allows... |
| CVE-2016-10749 | 2019-04-29 | parse_string in cJSON.c in cJSON before 2016-10-02 has a buffer... |
| CVE-2015-9285 | 2019-04-29 | esoTalk 1.0.0g4 has XSS via the PATH_INFO to the conversations/... |
| CVE-2019-11592 | 2019-04-29 | WeBid 1.2.2 has reflected XSS via the id parameter to... |
| CVE-2019-5492 | 2019-04-29 | Element Plug-in for vCenter Server versions prior to 4.2.3 may... |
| CVE-2019-5429 | 2019-04-29 | Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacker... |
| CVE-2018-12384 | 2019-04-29 | When handling a SSLv2-compatible ClientHello request, the server doesn't generate... |
| CVE-2019-11593 | 2019-04-29 | In Adblock Plus before 3.5.2, the $rewrite filter option allows... |
| CVE-2019-11594 | 2019-04-29 | In AdBlock before 3.45.0, the $rewrite filter option allows filter-list... |
| CVE-2019-11595 | 2019-04-29 | In uBlock before 0.9.5.15, the $rewrite filter option allows filter-list... |
| CVE-2019-11596 | 2019-04-29 | In memcached before 1.5.14, a NULL pointer dereference was found... |
| CVE-2019-11597 | 2019-04-29 | In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read... |
| CVE-2019-11598 | 2019-04-29 | In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read... |
| CVE-2019-8454 | 2019-04-29 | A local attacker can create a hard-link between a file... |
| CVE-2019-3561 | 2019-04-29 | Insufficient boundary checks for the strrpos and strripos functions allow... |
| CVE-2019-3562 | 2019-04-29 | A remote web page could inject arbitrary HTML code into... |
| CVE-2019-3563 | 2019-04-29 | Wangle's LineBasedFrameDecoder contains logic for identifying newlines which incorrectly advances... |
| CVE-2018-5123 | 2019-04-29 | A third party website can access information available to a... |
| CVE-2019-3493 | 2019-04-29 | A potential security vulnerability has been identified in Micro Focus... |
| CVE-2018-1961 | 2019-04-29 | IBM Emptoris Contract Management 10.0.0 and 10.1.3.0 could disclose sensitive... |
| CVE-2018-2004 | 2019-04-29 | IBM Jazz Reporting Service (JRS) 6.0 through 6.0.6 is vulnerable... |
| CVE-2018-2007 | 2019-04-29 | IBM API Connect 2018.1 and 2018.4.1.2 uses weaker than expected... |
| CVE-2019-4047 | 2019-04-29 | IBM Jazz Reporting Service (JRS) 6.0.6 could allow an authenticated... |
| CVE-2019-11599 | 2019-04-29 | The coredump implementation in the Linux kernel before 5.0.10 does... |
| CVE-2019-10307 | 2019-04-30 | A cross-site request forgery vulnerability in Jenkins Static Analysis Utilities... |
| CVE-2019-10308 | 2019-04-30 | A missing permission check in Jenkins Static Analysis Utilities Plugin... |
| CVE-2019-10309 | 2019-04-30 | Jenkins Self-Organizing Swarm Plug-in Modules Plugin clients that use UDP... |
| CVE-2019-10310 | 2019-04-30 | A cross-site request forgery vulnerability in Jenkins Ansible Tower Plugin... |
| CVE-2019-10311 | 2019-04-30 | A missing permission check in Jenkins Ansible Tower Plugin 0.9.1... |
| CVE-2019-10312 | 2019-04-30 | A missing permission check in Jenkins Ansible Tower Plugin 0.9.1... |
| CVE-2019-10313 | 2019-04-30 | Jenkins Twitter Plugin stores credentials unencrypted in its global configuration... |
| CVE-2019-10314 | 2019-04-30 | Jenkins Koji Plugin disables SSL/TLS and hostname verification globally for... |
| CVE-2019-10315 | 2019-04-30 | Jenkins GitHub Authentication Plugin 0.31 and earlier did not use... |
| CVE-2019-10316 | 2019-04-30 | Jenkins Aqua MicroScanner Plugin 1.0.5 and earlier stored credentials unencrypted... |
| CVE-2019-10317 | 2019-04-30 | Jenkins SiteMonitor Plugin 0.5 and earlier disabled SSL/TLS and hostname... |
| CVE-2019-10318 | 2019-04-30 | Jenkins Azure AD Plugin 0.3.3 and earlier stored the client... |
| CVE-2015-9286 | 2019-04-30 | Controllers.outgoing in controllers/index.js in NodeBB before 0.7.3 has outgoing XSS. |
| CVE-2019-6494 | 2019-04-30 | IMFForceDelete.sys in IObit Malware Fighter 6.2 allows a low privileged... |
| CVE-2019-4166 | 2019-04-30 | IBM StoredIQ 7.6 could allow a remote attacker to conduct... |
| CVE-2018-20239 | 2019-04-30 | Application Links before version 5.0.11, from version 5.1.0 before 5.2.10,... |
| CVE-2019-3399 | 2019-04-30 | The BrowseProjects.jspa resource in Jira before version 7.13.2, and from... |
| CVE-2019-10948 | 2019-04-30 | Fujifilm FCR Capsula X/ Carbon X/ FCR XC-2, model versions... |
| CVE-2019-10950 | 2019-04-30 | Fujifilm FCR Capsula X/ Carbon X/ FCR XC-2, model versions... |
| CVE-2019-5624 | 2019-04-30 | Rapid7 Metasploit Framework Zip Import Directory Traversal |
| CVE-2018-20509 | 2019-04-30 | The print_binder_ref_olocked function in drivers/android/binder.c in the Linux kernel 4.14.90... |
| CVE-2018-20510 | 2019-04-30 | The print_binder_transaction_ilocked function in drivers/android/binder.c in the Linux kernel 4.14.90... |
| CVE-2018-19374 | 2019-04-30 | Zoho ManageEngine ADManager Plus 6.6 Build 6657 allows local users... |
| CVE-2019-9621 | 2019-04-30 | Zimbra Collaboration Suite before 8.6 patch 13, 8.7.x before 8.7.11... |
| CVE-2019-10272 | 2019-04-30 | An issue was discovered in Weaver e-cology 9.0. There is... |
| CVE-2019-10131 | 2019-04-30 | An off-by-one read vulnerability was discovered in ImageMagick before version... |
| CVE-2018-20834 | 2019-04-30 | A vulnerability was found in node-tar before version 4.4.2 (excluding... |
| CVE-2018-20835 | 2019-04-30 | A vulnerability was found in tar-fs before 1.16.2. An Arbitrary... |
| CVE-2019-9486 | 2019-04-30 | STRATO HiDrive Desktop Client 5.0.1.0 for Windows suffers from a... |
| CVE-2019-11193 | 2019-04-30 | The FileManager in InfinitumIT DirectAdmin through v1.561 has XSS via... |
| CVE-2018-15206 | 2019-04-30 | BPC SmartVista 2 has CSRF via SVFE2/pages/admpages/roles/createrole.jsf. |
| CVE-2018-15207 | 2019-04-30 | BPC SmartVista 2 has Improper Access Control in the SVFE... |
| CVE-2018-15208 | 2019-04-30 | BPC SmartVista 2 has Session Fixation via the JSESSIONID parameter. |
| CVE-2018-14931 | 2019-04-30 | An issue was discovered in the Core and Portal modules... |
| CVE-2018-14875 | 2019-04-30 | An issue was discovered in the Core and Portal modules... |
| CVE-2018-14874 | 2019-04-30 | An issue was discovered in the Armor module in Polaris... |
| CVE-2018-14930 | 2019-04-30 | An issue was discovered in the Armor module in Polaris... |
| CVE-2019-11606 | 2019-04-30 | doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/copyfile.php.... |
| CVE-2019-11607 | 2019-04-30 | doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/copydir.php.... |
| CVE-2019-11608 | 2019-04-30 | doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/renamefile.php.... |
| CVE-2019-11609 | 2019-04-30 | doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/movefile.php.... |
| CVE-2019-11610 | 2019-04-30 | doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/downloaddir.php.... |
| CVE-2019-11611 | 2019-04-30 | doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/download.php.... |
| CVE-2019-11612 | 2019-04-30 | doorGets 7.0 has an arbitrary file deletion vulnerability in /fileman/php/deletefile.php.... |
| CVE-2019-11613 | 2019-04-30 | doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/views/ajax/contactView.php. A... |
| CVE-2019-11614 | 2019-04-30 | doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/views/ajax/commentView.php. A... |