CVE List - 2019 / July
Showing 1301 - 1400 of 1618 CVEs for July 2019 (Page 14 of 17)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2019-5604 | 2019-07-26 | In FreeBSD 12.0-STABLE before r350246, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r350247, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, the emulated XHCI device included with the bhyve hypervisor did not properly... |
| CVE-2019-5607 | 2019-07-26 | In FreeBSD 12.0-STABLE before r350222, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r350223, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, rights transmitted over a domain socket did not properly release a reference... |
| CVE-2019-5606 | 2019-07-26 | In FreeBSD 12.0-STABLE before r349805, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r349806, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, code which handles close of a descriptor created by posix_openpt fails to... |
| CVE-2019-14274 | 2019-07-26 | MCPP 2.7.2 has a heap-based buffer overflow in the do_msg() function in support.c. |
| CVE-2019-14275 | 2019-07-26 | Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c. |
| CVE-2019-14277 | 2019-07-26 | Axway SecureTransport 5.x through 5.3 (or 5.x through 5.5 with certain API configuration) is vulnerable to unauthenticated blind XML injection (and XXE) in the resetPassword functionality via the REST API.... |
| CVE-2019-14280 | 2019-07-26 | In some circumstances, Craft 2 before 2.7.10 and 3 before 3.2.6 wasn't stripping EXIF data from user-uploaded images when it was configured to do so, potentially exposing personal/geolocation data to... |
| CVE-2019-14281 | 2019-07-26 | The datagrid gem 1.0.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. |
| CVE-2019-14282 | 2019-07-26 | The simple_captcha2 gem 0.2.3 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. |
| CVE-2018-20854 | 2019-07-26 | An issue was discovered in the Linux kernel before 4.20. drivers/phy/mscc/phy-ocelot-serdes.c has an off-by-one error with a resultant ctrl->phys out-of-bounds read. |
| CVE-2018-20855 | 2019-07-26 | An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace. |
| CVE-2018-20856 | 2019-07-26 | An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled. |
| CVE-2018-20857 | 2019-07-26 | Zendesk Samlr before 2.6.2 allows an XML nodes comment attack such as a name_id node with [email protected] followed by <!---->. and then the attacker's domain name. |
| CVE-2019-13385 | 2019-07-26 | In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.840, File and Directory Information Exposure in filemanager allows attackers to enumerate users and check for active users of the application by reading... |
| CVE-2019-13386 | 2019-07-26 | In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, a hidden action=9 feature in filemanager2.php allows attackers to execute a shell command, i.e., obtain a reverse shell with user privilege. |
| CVE-2019-13387 | 2019-07-26 | In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, Reflected XSS in filemanager2.php (parameter fm_current_dir) allows attackers to steal a cookie or session, or redirect to a phishing website. |
| CVE-2019-13955 | 2019-07-26 | Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to stack exhaustion. By sending a crafted HTTP request, an authenticated remote attacker can crash the HTTP server via recursive parsing... |
| CVE-2019-13954 | 2019-07-26 | Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to memory exhaustion. By sending a crafted HTTP request, an authenticated remote attacker can crash the HTTP server and in some... |
| CVE-2019-13057 | 2019-07-26 | An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certain databases but wants to maintain isolation (e.g., for... |
| CVE-2019-13638 | 2019-07-26 | GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell... |
| CVE-2019-14283 | 2019-07-26 | In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered... |
| CVE-2019-14284 | 2019-07-26 | In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry... |
| CVE-2019-13382 | 2019-07-26 | UploaderService in SnagIT 2019.1.2 allows elevation of privilege by placing an invalid presentation file in %PROGRAMDATA%\TechSmith\TechSmith Recorder\QueuedPresentations and then creating a symbolic link in %PROGRAMDATA%\Techsmith\TechSmith Recorder\InvalidPresentations that points to an... |
| CVE-2019-13565 | 2019-07-26 | An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible... |
| CVE-2019-14228 | 2019-07-26 | Xavier PHP Management Panel 3.0 is vulnerable to Reflected POST-based XSS via the username parameter when registering a new user at admin/includes/adminprocess.php. If there is an error when registering the... |
| CVE-2019-6002 | 2019-07-26 | Cross-site scripting vulnerability in Central Dogma 0.17.0 to 0.40.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
| CVE-2019-9492 | 2019-07-26 | A DLL side-loading vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow an authenticated attacker to gain code execution and terminate the product's process - disabling endpoint protection.... |
| CVE-2019-10263 | 2019-07-26 | An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. When creating a trial account, it is possible to inject XSS in the Alias field, allowing the attacker to... |
| CVE-2019-10264 | 2019-07-26 | An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. With a valid administrator account, the "Move / Import / Export Users" screen has an Import Users option. This... |
| CVE-2019-10265 | 2019-07-26 | An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. On the /cbs/system/ShowAdvanced.do "File Explorer" screen, it is possible to change the directory in the JavaScript code. If changed... |
| CVE-2019-10266 | 2019-07-26 | An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. When sending an out-of-bounds XML document to a URL, it is possible to read the file structure and even... |
| CVE-2019-10267 | 2019-07-26 | An insecure file upload and code execution issue was discovered in Ahsay Cloud Backup Suite 8.1.0.50. It is possible to upload a file into any directory of the server. One... |
| CVE-2019-13588 | 2019-07-26 | A cross-site scripting (XSS) vulnerability in getPagingStart() in core/lists/PAGING.php in WIKINDX before 5.8.2 allows remote attackers to inject arbitrary web script or HTML via the PagingStart parameter. |
| CVE-2019-14286 | 2019-07-27 | In app/webroot/js/event-graph.js in MISP 2.4.111, a stored XSS vulnerability exists in the event-graph view when a user toggles the event graph view. A malicious MISP event must be crafted in... |
| CVE-2019-14288 | 2019-07-27 | An issue was discovered in Xpdf 4.01.01. There is an Integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "one byte per line" case. |
| CVE-2019-14289 | 2019-07-27 | An issue was discovered in Xpdf 4.01.01. There is an integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "multiple bytes per line" case. |
| CVE-2019-14290 | 2019-07-27 | An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 2. |
| CVE-2019-14291 | 2019-07-27 | An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 3. |
| CVE-2019-14292 | 2019-07-27 | An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 1. |
| CVE-2019-14293 | 2019-07-27 | An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 2. |
| CVE-2019-14294 | 2019-07-27 | An issue was discovered in Xpdf 4.01.01. There is a use-after-free in the function JPXStream::fillReadBuf at JPXStream.cc, due to an out of bounds read. |
| CVE-2019-14295 | 2019-07-27 | An Integer overflow in the getElfSections function in p_vmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size... |
| CVE-2019-14296 | 2019-07-27 | canUnpack in p_vmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service (SEGV or buffer overflow, and application crash) or possibly have unspecified other impact via a... |
| CVE-2010-5331 | 2019-07-27 | In the Linux kernel before 2.6.34, a range check issue in drivers/gpu/drm/radeon/atombios.c could cause an off by one (buffer overflow) problem. NOTE: At least one Linux maintainer believes that this... |
| CVE-2010-5332 | 2019-07-27 | In the Linux kernel before 2.6.37, an out of bounds array access happened in drivers/net/mlx4/port.c. When searching for a free entry in either mlx4_register_vlan() or mlx4_register_mac(), and there is no... |
| CVE-2016-10764 | 2019-07-27 | In the Linux kernel before 4.9.6, there is an off by one in the drivers/mtd/spi-nor/cadence-quadspi.c cqspi_setup_flash() function. There are CQSPI_MAX_CHIPSELECT elements in the ->f_pdata array so the ">" should be... |
| CVE-2017-18379 | 2019-07-27 | In the Linux kernel before 4.14, an out of boundary access happened in drivers/nvme/target/fc.c. |
| CVE-2015-9289 | 2019-07-27 | In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size for a DiSEqC command is 6, according to the userspace API.... |
| CVE-2012-6712 | 2019-07-27 | In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption. |
| CVE-2011-5327 | 2019-07-27 | In the Linux kernel before 3.1, an off by one in the drivers/target/loopback/tcm_loop.c tcm_loop_make_naa_tpg() function could result in at least memory corruption. |
| CVE-2007-6762 | 2019-07-27 | In the Linux kernel before 2.6.20, there is an off-by-one bug in net/netlabel/netlabel_cipso_v4.c where it is possible to overflow the doi_def->tags[] array. |
| CVE-2019-14297 | 2019-07-27 | Veeam ONE Reporter 9.5.0.3201 allows XSS via the Add/Edit Widget with a crafted Caption field to setDashboardWidget in CommonDataHandlerReadOnly.ashx. |
| CVE-2019-14298 | 2019-07-27 | Veeam ONE Reporter 9.5.0.3201 allows XSS via a crafted Description(config) field to addDashboard or editDashboard in CommonDataHandlerReadOnly.ashx. |
| CVE-2019-14369 | 2019-07-28 | Exiv2::PngImage::readMetadata() in pngimage.cpp in Exiv2 0.27.99.0 allows attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file. |
| CVE-2019-14370 | 2019-07-28 | In Exiv2 0.27.99.0, there is an out-of-bounds read in Exiv2::MrwImage::readMetadata() in mrwimage.cpp. It could result in denial of service. |
| CVE-2019-14315 | 2019-07-28 | A cross-site scripting (XSS) vulnerability in upload.php in SunHater KCFinder 3.20-test1, 3.20-test2, 3.12, and earlier allows remote attackers to inject arbitrary web script or HTML via the CKEditorFuncNum parameter. |
| CVE-2019-14322 | 2019-07-28 | In Pallets Werkzeug before 0.15.5, SharedDataMiddleware mishandles drive names (such as C:) in Windows pathnames. |
| CVE-2019-14323 | 2019-07-28 | SSDP Responder 1.x through 1.5 mishandles incoming network messages, leading to a stack-based buffer overflow by 1 byte. This results in a crash of the server, but only when strict... |
| CVE-2019-14328 | 2019-07-28 | The Simple Membership plugin before 3.8.5 for WordPress has CSRF affecting the Bulk Operation section. |
| CVE-2019-14329 | 2019-07-28 | An issue was discovered in EspoCRM before 5.6.6. There is stored XSS due to lack of filtration of user-supplied data in Create Task. A malicious attacker can modify the parameter... |
| CVE-2019-14330 | 2019-07-28 | An issue was discovered in EspoCRM before 5.6.6. Stored XSS exists due to lack of filtration of user-supplied data in Create Case. A malicious attacker can modify the firstName and... |
| CVE-2019-14331 | 2019-07-28 | An issue was discovered in EspoCRM before 5.6.6. Stored XSS exists due to lack of filtration of user-supplied data in Create User. A malicious attacker can modify the firstName and... |
| CVE-2019-14349 | 2019-07-28 | EspoCRM version 5.6.4 is vulnerable to stored XSS due to lack of filtration of user-supplied data in the api/v1/Document functionality for storing documents in the account tab. An attacker can... |
| CVE-2019-14350 | 2019-07-28 | EspoCRM 5.6.4 is vulnerable to stored XSS due to lack of filtration of user-supplied data in the Knowledge base. A malicious attacker can inject JavaScript code in the body parameter... |
| CVE-2019-14351 | 2019-07-28 | EspoCRM 5.6.4 is vulnerable to user password hash enumeration. A malicious authenticated attacker can brute-force a user password hash by 1 symbol at a time using specially crafted api/v1/User?filterList filters. |
| CVE-2019-14352 | 2019-07-28 | In Joget Workflow 6.0.20, CSV Injection, also known as Formula Injection, exists, as demonstrated by jw/web/userview/crm_community/crm_userview_sales/_/account_new with the Account ID or Account Name field. NOTE: the vendor disputes the relevance... |
| CVE-2019-14362 | 2019-07-28 | Openbravo ERP before 3.0PR19Q1.3 is affected by Directory Traversal. This vulnerability could allow remote authenticated attackers to replace a file on the server via the getAttachmentDirectoryForNewAttachment inpKey value. |
| CVE-2019-14363 | 2019-07-28 | A stack-based buffer overflow in the upnpd binary running on NETGEAR WNDR3400v3 routers with firmware version 1.0.1.18_1.0.63 allows an attacker to remotely execute arbitrary code via a crafted UPnP SSDP... |
| CVE-2019-14364 | 2019-07-28 | An XSS vulnerability in the "Email Subscribers & Newsletters" plugin 4.1.6 for WordPress allows an attacker to inject malicious JavaScript code through a publicly available subscription form using the esfpx_name... |
| CVE-2019-14368 | 2019-07-28 | Exiv2 0.27.99.0 has a heap-based buffer over-read in Exiv2::RafImage::readMetadata() in rafimage.cpp. |
| CVE-2019-14371 | 2019-07-28 | An issue was discovered in Libav 12.3. There is an infinite loop in the function mov_probe in the file libavformat/mov.c, related to offset and tag. |
| CVE-2019-14372 | 2019-07-28 | In Libav 12.3, there is an infinite loop in the function wv_read_block_header() in the file wvdec.c. |
| CVE-2019-14373 | 2019-07-28 | An issue was discovered in image_save_png in image/image-png.cpp in Free Lossless Image Format (FLIF) 0.3. Attackers can trigger a heap-based buffer over-read in libpng via a crafted flif file. |
| CVE-2019-1020001 | 2019-07-29 | yard before 0.9.20 allows path traversal. |
| CVE-2019-14378 | 2019-07-29 | ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment. |
| CVE-2019-14379 | 2019-07-29 | SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution. |
| CVE-2019-1020010 | 2019-07-29 | Misskey before 10.102.4 allows hijacking a user's token. |
| CVE-2019-1020011 | 2019-07-29 | SmokeDetector intentionally does automatic deployments of updated copies of SmokeDetector without server operator authority. |
| CVE-2019-1020012 | 2019-07-29 | parse-server before 3.4.1 allows DoS after any POST to a volatile class. |
| CVE-2019-1020013 | 2019-07-29 | parse-server before 3.6.0 allows account enumeration. |
| CVE-2019-1020014 | 2019-07-29 | docker-credential-helpers before 0.6.3 has a double free in the List functions. |
| CVE-2019-1020015 | 2019-07-29 | graphql-engine (aka Hasura GraphQL Engine) before 1.0.0-beta.3 mishandles the audience check while verifying JWT. |
| CVE-2019-1020016 | 2019-07-29 | ASH-AIO before 2.0.0.3 allows an open redirect. |
| CVE-2019-1020017 | 2019-07-29 | Discourse before 2.3.0 and 2.4.x before 2.4.0.beta3 lacks a confirmation screen when logging in via a user-api OTP. |
| CVE-2019-1020018 | 2019-07-29 | Discourse before 2.3.0 and 2.4.x before 2.4.0.beta3 lacks a confirmation screen when logging in via an email link. |
| CVE-2019-1020019 | 2019-07-29 | invenio-previewer before 1.0.0a12 allows XSS. |
| CVE-2019-1098 | 2019-07-29 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1094,... |
| CVE-2019-1099 | 2019-07-29 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1094,... |
| CVE-2019-1100 | 2019-07-29 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1094,... |
| CVE-2019-1101 | 2019-07-29 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1094,... |
| CVE-2019-1102 | 2019-07-29 | A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. |
| CVE-2019-1103 | 2019-07-29 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE... |
| CVE-2019-1020003 | 2019-07-29 | invenio-records before 1.2.2 allows XSS. |
| CVE-2019-1104 | 2019-07-29 | A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'. |
| CVE-2019-1020005 | 2019-07-29 | invenio-communities before 1.0.0a20 allows XSS. |
| CVE-2019-1105 | 2019-07-29 | Outlook for Android Spoofing Vulnerability |
| CVE-2019-1106 | 2019-07-29 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE... |
| CVE-2019-1107 | 2019-07-29 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE... |
| CVE-2019-1108 | 2019-07-29 | An information disclosure vulnerability exists when the Windows RDP client improperly discloses the contents of its memory, aka 'Remote Desktop Protocol Client Information Disclosure Vulnerability'. |
| CVE-2019-1109 | 2019-07-29 | A spoofing vulnerability exists when Microsoft Office Javascript does not check the validity of the web page making a request to Office documents.An attacker who successfully exploited this vulnerability could... |