CVE List - 2019 / July
Showing 401 - 500 of 1618 CVEs for July 2019 (Page 5 of 17)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2019-13397 | 2019-07-09 | Unauthenticated Stored XSS in osTicket 1.10.1 allows a remote attacker... |
| CVE-2019-11020 | 2019-07-09 | Lack of authentication in file-viewing components in DDRT Dashcom Live... |
| CVE-2019-8920 | 2019-07-09 | iart.php in XAMPP 1.7.0 has XSS, a related issue to... |
| CVE-2019-3949 | 2019-07-09 | Arlo Basestation firmware 1.12.0.1_27940 and prior firmware contain a networking... |
| CVE-2019-3950 | 2019-07-09 | Arlo Basestation firmware 1.12.0.1_27940 and prior contain a hardcoded username... |
| CVE-2019-13461 | 2019-07-09 | In PrestaShop before 1.7.6.0 RC2, the id_address_delivery and id_address_invoice parameters... |
| CVE-2019-13142 | 2019-07-09 | The RzSurroundVADStreamingService (RzSurroundVADStreamingService.exe) in Razer Surround 1.1.63.0 runs as the... |
| CVE-2019-13146 | 2019-07-09 | The field_test gem 0.3.0 for Ruby has unvalidated input. A... |
| CVE-2019-13070 | 2019-07-09 | A stored XSS vulnerability in the Agent/Center component of CyberPower... |
| CVE-2019-13464 | 2019-07-09 | An issue was discovered in OWASP ModSecurity Core Rule Set... |
| CVE-2019-11991 | 2019-07-09 | HPE has identified a vulnerability in HPE 3PAR Service Processor... |
| CVE-2019-13280 | 2019-07-09 | TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains... |
| CVE-2019-13338 | 2019-07-09 | In WESEEK GROWI before 3.5.0, a remote attacker can obtain... |
| CVE-2019-13337 | 2019-07-09 | In WESEEK GROWI before 3.5.0, the site-wide basic authentication can... |
| CVE-2019-9147 | 2019-07-09 | Mailvelope prior to 3.1.0 is vulnerable to a clickjacking attack... |
| CVE-2019-13277 | 2019-07-09 | TRENDnet TEW-827DRU with firmware up to and including 2.04B03 allows... |
| CVE-2019-11512 | 2019-07-09 | Contao 4.x allows SQL Injection. Fixed in Contao 4.4.39 and... |
| CVE-2019-13380 | 2019-07-09 | KEYNTO Team Password Manager 1.5.0 allows XSS because data saved... |
| CVE-2019-9148 | 2019-07-09 | Mailvelope prior to 3.3.0 accepts or operates with invalid PGP... |
| CVE-2019-9149 | 2019-07-09 | Mailvelope prior to 3.3.0 allows private key operations without user... |
| CVE-2019-9150 | 2019-07-09 | Mailvelope prior to 3.3.0 does not require user interaction to... |
| CVE-2019-13470 | 2019-07-09 | MatrixSSL before 4.2.1 has an out-of-bounds read during ASN.1 handling. |
| CVE-2019-13472 | 2019-07-09 | PHPWind 9.1.0 has XSS vulnerabilities in the c and m... |
| CVE-2019-13475 | 2019-07-09 | In MobaXterm 11.1, the mobaxterm: URI handler has an argument... |
| CVE-2019-13478 | 2019-07-09 | The Yoast SEO plugin before 11.6-RC5 for WordPress does not... |
| CVE-2018-14550 | 2019-07-10 | An issue has been found in third-party PNM decoding associated... |
| CVE-2019-13132 | 2019-07-10 | In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x... |
| CVE-2018-12622 | 2019-07-10 | An issue was discovered in Eventum 3.5.0. htdocs/ajax/update.php has XSS... |
| CVE-2018-12623 | 2019-07-10 | An issue was discovered in Eventum 3.5.0. htdocs/switch.php has XSS... |
| CVE-2018-12625 | 2019-07-10 | An issue was discovered in Eventum 3.5.0. /htdocs/validate.php has XSS... |
| CVE-2018-12626 | 2019-07-10 | An issue was discovered in Eventum 3.5.0. /htdocs/popup.php has XSS... |
| CVE-2018-12627 | 2019-07-10 | An issue was discovered in Eventum 3.5.0. /htdocs/list.php has XSS... |
| CVE-2018-12628 | 2019-07-10 | An issue was discovered in Eventum 3.5.0. CSRF in htdocs/manage/users.php... |
| CVE-2019-10120 | 2019-07-10 | On eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices... |
| CVE-2019-10119 | 2019-07-10 | eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before... |
| CVE-2019-10121 | 2019-07-10 | eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before... |
| CVE-2019-10122 | 2019-07-10 | eQ-3 HomeMatic CCU2 devices before 2.41.9 and CCU3 devices before... |
| CVE-2019-12723 | 2019-07-10 | An issue was discovered in the Teclib Fields plugin through... |
| CVE-2018-14494 | 2019-07-10 | Vivotek FD8136 devices allow Remote Command Injection, related to BusyBox... |
| CVE-2018-14495 | 2019-07-10 | Vivotek FD8136 devices allow Remote Command Injection, aka "another command... |
| CVE-2018-14496 | 2019-07-10 | Vivotek FD8136 devices allow remote memory corruption and remote code... |
| CVE-2018-20851 | 2019-07-10 | Helpy before 2.2.0 allows agents to edit admins. |
| CVE-2019-13396 | 2019-07-10 | FlightPath 4.x and 5.0-x allows directory traversal and Local File... |
| CVE-2019-13071 | 2019-07-10 | CSRF in the Agent/Center component of CyberPower PowerPanel Business Edition... |
| CVE-2019-13240 | 2019-07-10 | An issue was discovered in GLPI before 9.4.1. After a... |
| CVE-2019-13225 | 2019-07-10 | A NULL Pointer Dereference in match_at() in regexec.c in Oniguruma... |
| CVE-2019-13224 | 2019-07-10 | A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows... |
| CVE-2019-12724 | 2019-07-10 | An issue was discovered in the Teclib News plugin through... |
| CVE-2018-17147 | 2019-07-10 | Nagios XI before 5.5.4 has XSS in the auto login... |
| CVE-2019-10653 | 2019-07-10 | An issue was discovered in Hsycms V1.1. There is a... |
| CVE-2017-12652 | 2019-07-10 | libpng before 1.6.32 does not properly check the length of... |
| CVE-2017-6217 | 2019-07-10 | paypal/adaptivepayments-sdk-php v3.9.2 is vulnerable to a reflected XSS in the... |
| CVE-2018-14831 | 2019-07-10 | An arbitrary file read vulnerability in DamiCMS v6.0.0 allows remote... |
| CVE-2017-7189 | 2019-07-10 | main/streams/xp_socket.c in PHP 7.x before 2017-03-07 misparses fsockopen calls, such... |
| CVE-2018-19493 | 2019-07-10 | An issue was discovered in GitLab Community and Enterprise Edition... |
| CVE-2019-12467 | 2019-07-10 | MediaWiki through 1.32.1 has Incorrect Access Control (issue 1 of... |
| CVE-2018-19494 | 2019-07-10 | An issue was discovered in GitLab Community and Enterprise Edition... |
| CVE-2018-19495 | 2019-07-10 | An issue was discovered in GitLab Community and Enterprise Edition... |
| CVE-2018-19496 | 2019-07-10 | An issue was discovered in GitLab Community and Enterprise Edition... |
| CVE-2019-12468 | 2019-07-10 | An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki... |
| CVE-2018-19577 | 2019-07-10 | Gitlab CE/EE, versions 8.6 up to 11.x before 11.3.11, 11.4... |
| CVE-2018-19573 | 2019-07-10 | GitLab CE/EE, versions 10.3 up to 11.x before 11.3.11, 11.4... |
| CVE-2018-19570 | 2019-07-10 | GitLab CE/EE, versions 11.3 before 11.3.11, 11.4 before 11.4.8, and... |
| CVE-2019-12466 | 2019-07-10 | Wikimedia MediaWiki through 1.32.1 allows CSRF. |
| CVE-2018-19572 | 2019-07-10 | GitLab CE 8.17 and later and EE 8.3 and later... |
| CVE-2018-10531 | 2019-07-10 | An issue was discovered in the America's Army Proving Grounds... |
| CVE-2018-19576 | 2019-07-10 | GitLab CE/EE, versions 8.6 up to 11.x before 11.3.11, 11.4... |
| CVE-2019-12473 | 2019-07-10 | Wikimedia MediaWiki 1.27.0 through 1.32.1 might allow DoS. Passing invalid... |
| CVE-2019-12471 | 2019-07-10 | Wikimedia MediaWiki 1.30.0 through 1.32.1 has XSS. Loading user JavaScript... |
| CVE-2018-19575 | 2019-07-10 | GitLab CE/EE, versions 10.1 up to 11.x before 11.3.11, 11.4... |
| CVE-2019-12472 | 2019-07-10 | An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki... |
| CVE-2018-19569 | 2019-07-10 | GitLab CE/EE, versions 8.8 up to 11.x before 11.3.11, 11.4... |
| CVE-2019-12474 | 2019-07-10 | Wikimedia MediaWiki 1.23.0 through 1.32.1 has an information leak. Privileged... |
| CVE-2018-19574 | 2019-07-10 | GitLab CE/EE, versions 7.6 up to 11.x before 11.3.11, 11.4... |
| CVE-2018-19571 | 2019-07-10 | GitLab CE/EE, versions 8.18 up to 11.x before 11.3.11, 11.4... |
| CVE-2019-12469 | 2019-07-10 | MediaWiki through 1.32.1 has Incorrect Access Control. Suppressed username or... |
| CVE-2018-19580 | 2019-07-10 | All versions of GitLab prior to 11.5.1, 11.4.8, and 11.3.11... |
| CVE-2019-12470 | 2019-07-10 | Wikimedia MediaWiki through 1.32.1 has Incorrect Access Control. Suppressed log... |
| CVE-2019-13276 | 2019-07-10 | TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains... |
| CVE-2019-13278 | 2019-07-10 | TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains... |
| CVE-2019-13279 | 2019-07-10 | TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains... |
| CVE-2019-13122 | 2019-07-10 | A Cross Site Scripting (XSS) vulnerability exists in the template... |
| CVE-2018-19583 | 2019-07-10 | GitLab CE/EE, versions 8.0 up to 11.x before 11.3.11, 11.4... |
| CVE-2018-19582 | 2019-07-10 | GitLab EE, versions 11.4 before 11.4.8 and 11.5 before 11.5.1,... |
| CVE-2018-19581 | 2019-07-10 | GitLab EE, versions 8.3 up to 11.x before 11.3.11, 11.4... |
| CVE-2018-19584 | 2019-07-10 | GitLab EE, versions 11.x before 11.3.11, 11.4 before 11.4.8, and... |
| CVE-2018-19579 | 2019-07-10 | GitLab EE version 11.5 is vulnerable to a persistent XSS... |
| CVE-2018-19578 | 2019-07-10 | GitLab EE, version 11.5 before 11.5.1, is vulnerable to an... |
| CVE-2018-11734 | 2019-07-10 | In e107 v2.1.7, output without filtering results in XSS. |
| CVE-2019-1873 | 2019-07-10 | Cisco ASA and FTD Software Cryptographic TLS and SSL Driver Denial of Service Vulnerability |
| CVE-2019-5220 | 2019-07-10 | There is a Factory Reset Protection (FRP) bypass vulnerability on... |
| CVE-2019-5221 | 2019-07-10 | There is a path traversal vulnerability on Huawei Share. The... |
| CVE-2019-10966 | 2019-07-10 | In GE Aestiva and Aespire versions 7100 and 7900, a... |
| CVE-2019-11650 | 2019-07-10 | A potential Man in the Middle attack (MITM) was found... |
| CVE-2019-0281 | 2019-07-10 | SAPUI5 and OpenUI5, before versions 1.38.39, 1.44.39, 1.52.25, 1.60.6 and... |
| CVE-2019-0318 | 2019-07-10 | Under certain conditions SAP NetWeaver Application Server for Java (Startup... |
| CVE-2019-0319 | 2019-07-10 | The SAP Gateway, versions 7.5, 7.51, 7.52 and 7.53, allows... |
| CVE-2019-0321 | 2019-07-10 | ABAP Server and ABAP Platform (SAP Basis), versions, 7.31, 7.4,... |
| CVE-2019-0322 | 2019-07-10 | SAP Commerce Cloud (previously known as SAP Hybris Commerce), (HY_COM,... |
| CVE-2019-0325 | 2019-07-10 | SAP ERP HCM (SAP_HRCES) , version 3, does not perform... |