CVE List - 2019 / August
Showing 1401 - 1500 of 2001 CVEs for August 2019 (Page 15 of 21)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2016-10890 | 2019-08-21 | The aryo-activity-log plugin before 2.3.2 for WordPress has XSS. |
| CVE-2019-15074 | 2019-08-21 | The Timeline feature in my_view_page.php in MantisBT through 2.21.1 has... |
| CVE-2019-1937 | 2019-08-21 | Cisco Integrated Management Controller Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Authentication Bypass Vulnerability |
| CVE-2019-1936 | 2019-08-21 | Cisco Integrated Management Controller Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Command Injection Vulnerability |
| CVE-2019-1935 | 2019-08-21 | Cisco Integrated Management Controller Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data SCP User Default Credentials Vulnerability |
| CVE-2019-1908 | 2019-08-21 | Cisco Integrated Management Controller Information Disclosure Vulnerability |
| CVE-2019-1907 | 2019-08-21 | Cisco Integrated Management Controller Substring Comparison Privilege Escalation Vulnerability |
| CVE-2019-15045 | 2019-08-21 | AjaxDomainServlet in Zoho ManageEngine ServiceDesk Plus 10 allows User Enumeration.... |
| CVE-2019-1984 | 2019-08-21 | Cisco Enterprise Network Functions Virtualization Infrastructure Software Arbitrary File Write Vulnerability |
| CVE-2019-1974 | 2019-08-21 | Cisco IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Authentication Bypass Vulnerability |
| CVE-2019-1948 | 2019-08-21 | Cisco Webex Meetings Mobile (iOS) SSL Certificate Validation Vulnerability |
| CVE-2019-1938 | 2019-08-21 | Cisco UCS Director and Cisco UCS Director Express for Big Data API Authentication Bypass Vulnerability |
| CVE-2019-14258 | 2019-08-21 | The XML-RPC subsystem in Zenoss 2.5.3 allows XXE attacks that... |
| CVE-2019-14257 | 2019-08-21 | pyraw in Zenoss 2.5.3 allows local privilege escalation by modifying... |
| CVE-2019-14246 | 2019-08-21 | In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure... |
| CVE-2019-14245 | 2019-08-21 | In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure... |
| CVE-2019-13599 | 2019-08-21 | In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.848, the Login... |
| CVE-2019-13477 | 2019-08-21 | In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.837, CSRF in... |
| CVE-2019-13476 | 2019-08-21 | In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.837, XSS in... |
| CVE-2019-11601 | 2019-08-21 | Path traversal in the backup & restore functionality of ProSyst mBS SDK and Bosch IoT Gateway Software |
| CVE-2019-10687 | 2019-08-21 | KBPublisher 6.0.2.1 has SQL Injection via the admin/index.php?module=report entry_id[0] parameter,... |
| CVE-2019-11602 | 2019-08-21 | Leakage of stack traces in the backup & restore functionality of ProSyst mBS SDK and Bosch IoT Gateway Software |
| CVE-2018-17791 | 2019-08-21 | Newgen OmniFlow Intelligent Business Process Suite (iBPS) 7.0 has an... |
| CVE-2019-11603 | 2019-08-21 | Path traversal in ProSyst mBS SDK and Bosch IoT Gateway Software |
| CVE-2019-15315 | 2019-08-21 | Valve Steam Client for Windows through 2019-08-16 allows privilege escalation... |
| CVE-2019-15316 | 2019-08-21 | Valve Steam Client for Windows through 2019-08-20 has weak folder... |
| CVE-2019-5638 | 2019-08-21 | Rapid7 Nexpose Insufficient Session Management |
| CVE-2019-14685 | 2019-08-21 | A local privilege escalation vulnerability exists in Trend Micro Security... |
| CVE-2019-14686 | 2019-08-21 | A DLL hijacking vulnerability exists in the Trend Micro Security's... |
| CVE-2019-6177 | 2019-08-21 | A vulnerability reported in Lenovo Solution Center version 03.12.003, which... |
| CVE-2016-10916 | 2019-08-22 | The appointment-booking-calendar plugin before 1.1.24 for WordPress has SQL injection,... |
| CVE-2017-18570 | 2019-08-22 | The cforms2 plugin before 14.13 for WordPress has SQL injection... |
| CVE-2015-9333 | 2019-08-22 | The cforms2 plugin before 14.6.10 for WordPress has SQL injection. |
| CVE-2019-15314 | 2019-08-22 | tiki/tiki-upload_file.php in Tiki 18.4 allows remote attackers to upload JavaScript... |
| CVE-2015-9335 | 2019-08-22 | The limit-attempts plugin before 1.1.1 for WordPress has SQL injection... |
| CVE-2016-10917 | 2019-08-22 | The search-everything plugin before 8.1.6 for WordPress has SQL injection... |
| CVE-2017-18571 | 2019-08-22 | The search-everything plugin before 8.1.7 for WordPress has SQL injection... |
| CVE-2015-9336 | 2019-08-22 | The clean-login plugin before 1.5.1 for WordPress has reflected XSS. |
| CVE-2019-15317 | 2019-08-22 | The give plugin before 2.4.7 for WordPress has XSS via... |
| CVE-2016-10918 | 2019-08-22 | The gallery-by-supsystic plugin before 1.8.6 for WordPress has CSRF. |
| CVE-2016-10919 | 2019-08-22 | The wassup plugin before 1.9.1 for WordPress has XSS via... |
| CVE-2013-7477 | 2019-08-22 | The events-manager plugin before 5.5.2 for WordPress has XSS in... |
| CVE-2019-14511 | 2019-08-22 | Sphinx Technologies Sphinx 3.1.1 by default has no authentication and... |
| CVE-2013-7478 | 2019-08-22 | The events-manager plugin before 5.5 for WordPress has XSS via... |
| CVE-2013-7479 | 2019-08-22 | The events-manager plugin before 5.3.9 for WordPress has XSS in... |
| CVE-2013-7480 | 2019-08-22 | The events-manager plugin before 5.3.6.1 for WordPress has XSS via... |
| CVE-2012-6716 | 2019-08-22 | The events-manager plugin before 5.1.7 for WordPress has XSS via... |
| CVE-2017-18572 | 2019-08-22 | The gnucommerce plugin before 1.4.2 for WordPress has XSS. |
| CVE-2016-10920 | 2019-08-22 | The gnucommerce plugin before 0.5.7-BETA for WordPress has XSS. |
| CVE-2016-10921 | 2019-08-22 | The gallery-photo-gallery plugin before 1.0.1 for WordPress has SQL injection. |
| CVE-2017-18573 | 2019-08-22 | The simple-login-log plugin before 1.1.2 for WordPress has SQL injection. |
| CVE-2018-20979 | 2019-08-22 | The contact-form-7 plugin before 5.0.4 for WordPress has privilege escalation... |
| CVE-2018-20980 | 2019-08-22 | The ninja-forms plugin before 3.2.15 for WordPress has parameter tampering. |
| CVE-2009-5158 | 2019-08-22 | The google-analyticator plugin before 5.2.1 for WordPress has insufficient HTML... |
| CVE-2018-20981 | 2019-08-22 | The ninja-forms plugin before 3.3.9 for WordPress has insufficient restrictions... |
| CVE-2017-18574 | 2019-08-22 | The ninja-forms plugin before 3.0.31 for WordPress has insufficient HTML... |
| CVE-2019-15318 | 2019-08-22 | The yikes-inc-easy-mailchimp-extender plugin before 6.5.3 for WordPress has code injection... |
| CVE-2013-7481 | 2019-08-22 | The contact-form-plugin plugin before 3.3.5 for WordPress has XSS. |
| CVE-2018-20982 | 2019-08-22 | The media-library-assistant plugin before 2.74 for WordPress has XSS via... |
| CVE-2017-18575 | 2019-08-22 | The newstatpress plugin before 1.2.5 for WordPress has multiple stored... |
| CVE-2016-10922 | 2019-08-22 | The woocommerce-store-toolkit plugin before 1.5.7 for WordPress has privilege escalation. |
| CVE-2016-10923 | 2019-08-22 | The woocommerce-store-toolkit plugin before 1.5.8 for WordPress has privilege escalation. |
| CVE-2017-18576 | 2019-08-22 | The event-notifier plugin before 1.2.1 for WordPress has XSS via... |
| CVE-2016-10924 | 2019-08-22 | The ebook-download plugin before 1.2 for WordPress has directory traversal. |
| CVE-2017-18577 | 2019-08-22 | The mailchimp-for-wp plugin before 4.1.8 for WordPress has XSS via... |
| CVE-2016-10925 | 2019-08-22 | The peters-login-redirect plugin before 2.9.1 for WordPress has XSS during... |
| CVE-2013-7482 | 2019-08-22 | The reflex-gallery plugin before 1.4.3 for WordPress has XSS. |
| CVE-2008-7321 | 2019-08-22 | The tubepress plugin before 1.6.5 for WordPress has XSS. |
| CVE-2018-20983 | 2019-08-22 | The wp-retina-2x plugin before 5.2.3 for WordPress has XSS. |
| CVE-2014-10383 | 2019-08-22 | The memphis-documents-library plugin before 3.0 for WordPress has Remote File... |
| CVE-2014-10384 | 2019-08-22 | The memphis-documents-library plugin before 3.0 for WordPress has Local File... |
| CVE-2014-10385 | 2019-08-22 | The memphis-documents-library plugin before 3.0 for WordPress has XSS via... |
| CVE-2016-10926 | 2019-08-22 | The nelio-ab-testing plugin before 4.5.9 for WordPress has SSRF in... |
| CVE-2016-10927 | 2019-08-22 | The nelio-ab-testing plugin before 4.5.11 for WordPress has SSRF in... |
| CVE-2019-15319 | 2019-08-22 | The option-tree plugin before 2.7.0 for WordPress has Object Injection... |
| CVE-2019-15320 | 2019-08-22 | The option-tree plugin before 2.7.3 for WordPress has Object Injection... |
| CVE-2019-15321 | 2019-08-22 | The option-tree plugin before 2.7.3 for WordPress has Object Injection... |
| CVE-2018-20984 | 2019-08-22 | The patreon-connect plugin before 1.2.2 for WordPress has Object Injection. |
| CVE-2019-15322 | 2019-08-22 | The shortcode-factory plugin before 2.8 for WordPress has Local File... |
| CVE-2017-18580 | 2019-08-22 | The shortcodes-ultimate plugin before 5.0.1 for WordPress has remote code... |
| CVE-2018-20985 | 2019-08-22 | The wp-payeezy-pay plugin before 2.98 for WordPress has local file... |
| CVE-2017-18581 | 2019-08-22 | The time-sheets plugin before 1.5.0 for WordPress has XSS via... |
| CVE-2017-18582 | 2019-08-22 | The time-sheets plugin before 1.5.2 for WordPress has multiple XSS... |
| CVE-2019-15323 | 2019-08-22 | The ad-inserter plugin before 2.4.20 for WordPress has path traversal. |
| CVE-2019-15324 | 2019-08-22 | The ad-inserter plugin before 2.4.22 for WordPress has remote code... |
| CVE-2015-9337 | 2019-08-22 | The profile-builder plugin before 2.1.4 for WordPress has no access... |
| CVE-2017-18583 | 2019-08-22 | The post-pay-counter plugin before 2.731 for WordPress has PHP Object... |
| CVE-2017-18584 | 2019-08-22 | The post-pay-counter plugin before 2.731 for WordPress has no permissions... |
| CVE-2019-5632 | 2019-08-22 | Hickory Smart Lock Insecure Storage on Android |
| CVE-2019-5633 | 2019-08-22 | Hickory Smart Lock Insecure Storage on iOS |
| CVE-2019-5634 | 2019-08-22 | Hickory Smart Lock Insecure Logging on Android |
| CVE-2019-5635 | 2019-08-22 | Hickory Smart Lock Cleartext Password |
| CVE-2018-18572 | 2019-08-22 | osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in... |
| CVE-2018-18573 | 2019-08-22 | osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in... |
| CVE-2019-11013 | 2019-08-22 | Nimble Streamer 3.0.2-2 through 3.5.4-9 has a ../ directory traversal... |
| CVE-2019-11029 | 2019-08-22 | Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the... |
| CVE-2019-11030 | 2019-08-22 | Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the... |
| CVE-2019-11031 | 2019-08-22 | Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the... |
| CVE-2019-9153 | 2019-08-22 | Improper Verification of a Cryptographic Signature in OpenPGP.js <=4.1.2 allows... |
| CVE-2019-9154 | 2019-08-22 | Improper Verification of a Cryptographic Signature in OpenPGP.js <=4.1.2 allows... |