CVE List - 2019 / August
Showing 1501 - 1600 of 2001 CVEs for August 2019 (Page 16 of 21)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2019-9155 | 2019-08-22 | A cryptographic issue in OpenPGP.js <=4.2.0 allows an attacker who... |
| CVE-2019-14751 | 2019-08-22 | NLTK Downloader before 3.4.5 is vulnerable to a directory traversal,... |
| CVE-2019-7617 | 2019-08-22 | When the Elastic APM agent for Python versions before 5.1.0... |
| CVE-2019-14469 | 2019-08-22 | In Nexus Repository Manager before 3.18.0, users with elevated privileges... |
| CVE-2019-12385 | 2019-08-22 | An issue was discovered in Ampache through 3.9.1. The search... |
| CVE-2019-12386 | 2019-08-22 | An issue was discovered in Ampache through 3.9.1. A stored... |
| CVE-2014-10394 | 2019-08-22 | The rich-counter plugin before 1.2.0 for WordPress has JavaScript injection... |
| CVE-2017-18586 | 2019-08-22 | The insert-pages plugin before 3.2.4 for WordPress has directory traversal... |
| CVE-2014-10392 | 2019-08-22 | The cforms2 plugin before 10.2 for WordPress has XSS. |
| CVE-2018-20988 | 2019-08-22 | The wpgform plugin before 0.94 for WordPress has eval injection... |
| CVE-2014-10391 | 2019-08-22 | The wp-support-plus-responsive-ticket-system plugin before 4.1 for WordPress has JavaScript injection. |
| CVE-2014-10390 | 2019-08-22 | The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has directory traversal. |
| CVE-2014-10389 | 2019-08-22 | The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has incorrect authentication. |
| CVE-2014-10388 | 2019-08-22 | The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has full path... |
| CVE-2014-10387 | 2019-08-22 | The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has SQL injection. |
| CVE-2019-15060 | 2019-08-22 | The traceroute function on the TP-Link TL-WR840N v4 router with... |
| CVE-2016-10930 | 2019-08-22 | The wp-support-plus-responsive-ticket-system plugin before 7.1.0 for WordPress has insecure direct... |
| CVE-2019-15331 | 2019-08-22 | The wp-support-plus-responsive-ticket-system plugin before 9.1.2 for WordPress has HTML injection. |
| CVE-2019-15330 | 2019-08-22 | The webp-express plugin before 0.14.11 for WordPress has insufficient protection... |
| CVE-2015-9341 | 2019-08-22 | The wp-file-upload plugin before 3.4.1 for WordPress has insufficient restrictions... |
| CVE-2015-9340 | 2019-08-22 | The wp-file-upload plugin before 3.0.0 for WordPress has insufficient restrictions... |
| CVE-2015-9339 | 2019-08-22 | The wp-file-upload plugin before 2.7.1 for WordPress has insufficient restrictions... |
| CVE-2015-9338 | 2019-08-22 | The wp-file-upload plugin before 2.5.0 for WordPress has insufficient restrictions... |
| CVE-2018-20987 | 2019-08-22 | The newsletters-lite plugin before 4.6.8.6 for WordPress has PHP object... |
| CVE-2014-10386 | 2019-08-22 | The wp-live-chat-support plugin before 4.1.0 for WordPress has JavaScript injections. |
| CVE-2019-15329 | 2019-08-22 | The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has CSRF. |
| CVE-2019-15328 | 2019-08-22 | The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has XSS. |
| CVE-2019-15327 | 2019-08-22 | The import-users-from-csv-with-meta plugin before 1.14.1.3 for WordPress has XSS via... |
| CVE-2019-15326 | 2019-08-22 | The import-users-from-csv-with-meta plugin before 1.14.2.1 for WordPress has directory traversal. |
| CVE-2019-15325 | 2019-08-22 | In GalliumOS 3.0, CONFIG_SECURITY_YAMA is disabled but /etc/sysctl.d/10-ptrace.conf tries to... |
| CVE-2013-7483 | 2019-08-22 | The slidedeck2 plugin before 2.3.5 for WordPress has file inclusion. |
| CVE-2017-18585 | 2019-08-22 | The posts-in-page plugin before 1.3.0 for WordPress has ic_add_posts template='../... |
| CVE-2018-20986 | 2019-08-22 | The advanced-custom-fields (aka Elliot Condon Advanced Custom Fields) plugin before... |
| CVE-2016-10929 | 2019-08-22 | The advanced-ajax-page-loader plugin before 2.7.7 for WordPress has no protection... |
| CVE-2016-10928 | 2019-08-22 | The onelogin-saml-sso plugin before 2.2.0 for WordPress has a hardcoded... |
| CVE-2014-10382 | 2019-08-22 | The feature-comments plugin before 1.2.5 for WordPress has CSRF for... |
| CVE-2017-18579 | 2019-08-22 | The corner-ad plugin before 1.0.8 for WordPress has XSS. |
| CVE-2017-18578 | 2019-08-22 | The crafty-social-buttons plugin before 1.5.8 for WordPress has XSS. |
| CVE-2015-9334 | 2019-08-22 | The email-newsletter plugin through 20.15 for WordPress has SQL injection. |
| CVE-2019-13139 | 2019-08-22 | In Docker before 18.09.4, an attacker who is capable of... |
| CVE-2014-10393 | 2019-08-22 | The cforms2 plugin before 10.5 for WordPress has XSS. |
| CVE-2019-15498 | 2019-08-23 | cgi-bin/cmh/webcam.sh in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated... |
| CVE-2019-15499 | 2019-08-23 | CodiMD 1.3.1, when Safari is used, allows XSS via an... |
| CVE-2019-15504 | 2019-08-23 | drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2.9 has a Double... |
| CVE-2019-15505 | 2019-08-23 | drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds... |
| CVE-2019-15508 | 2019-08-23 | In Octopus Tentacle versions 3.0.8 to 5.0.0, when a web... |
| CVE-2019-15507 | 2019-08-23 | In Octopus Deploy versions 2018.8.4 to 2019.7.6, when a web... |
| CVE-2019-15513 | 2019-08-23 | An issue was discovered in OpenWrt libuci (aka Library for... |
| CVE-2019-15514 | 2019-08-23 | The Privacy > Phone Number feature in the Telegram app... |
| CVE-2019-15476 | 2019-08-23 | Former before 4.2.1 has XSS via a checkbox value. |
| CVE-2019-15477 | 2019-08-23 | Jooby before 1.6.4 has XSS via the default error handler. |
| CVE-2019-15480 | 2019-08-23 | Domoticz 4.10717 has XSS via item.Name. |
| CVE-2019-15481 | 2019-08-23 | Kimai v2 before 1.1 has XSS via a timesheet description. |
| CVE-2019-15483 | 2019-08-23 | Bolt before 3.6.10 has XSS via a title that is... |
| CVE-2019-15484 | 2019-08-23 | Bolt before 3.6.10 has XSS via an image's alt or... |
| CVE-2019-15485 | 2019-08-23 | Bolt before 3.6.10 has XSS via createFolder or createFile in... |
| CVE-2019-15486 | 2019-08-23 | django-js-reverse (aka Django JS Reverse) before 0.9.1 has XSS via... |
| CVE-2019-15487 | 2019-08-23 | DfE School Experience before v16333-GA has XSS via a teacher... |
| CVE-2019-15488 | 2019-08-23 | Ignite Realtime Openfire before 4.4.1 has reflected XSS via an... |
| CVE-2019-15490 | 2019-08-23 | openITCOCKPIT before 3.7.1 allows code injection, aka RVID 1-445b21. |
| CVE-2019-15491 | 2019-08-23 | openITCOCKPIT before 3.7.1 has CSRF, aka RVID 2-445b21. |
| CVE-2019-15492 | 2019-08-23 | openITCOCKPIT before 3.7.1 has reflected XSS, aka RVID 3-445b21. |
| CVE-2019-15493 | 2019-08-23 | openITCOCKPIT before 3.7.1 allows deletion of files, aka RVID 4-445b21. |
| CVE-2019-15494 | 2019-08-23 | openITCOCKPIT before 3.7.1 allows SSRF, aka RVID 5-445b21. |
| CVE-2019-15482 | 2019-08-23 | selectize-plugin-a11y before 1.1.0 has XSS via the msg field. |
| CVE-2019-13421 | 2019-08-23 | Search Guard versions before 23.1 had an issue that an... |
| CVE-2019-13423 | 2019-08-23 | Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12... |
| CVE-2019-13422 | 2019-08-23 | Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12... |
| CVE-2019-11584 | 2019-08-23 | The MigratePriorityScheme resource in Jira before version 8.3.2 allows remote... |
| CVE-2019-11585 | 2019-08-23 | The startup.jsp resource in Jira before version 7.13.6, from version... |
| CVE-2019-11586 | 2019-08-23 | The AddResolution.jspa resource in Jira before version 7.13.6, from version... |
| CVE-2019-11587 | 2019-08-23 | Various exposed resources of the ViewLogging class in Jira before... |
| CVE-2019-11588 | 2019-08-23 | The ViewSystemInfo class doGarbageCollection method in Jira before version 7.13.6,... |
| CVE-2019-11589 | 2019-08-23 | The ChangeSharedFilterOwner resource in Jira before version 7.13.6, from version... |
| CVE-2019-14999 | 2019-08-23 | The Uninstall REST endpoint in Atlassian Universal Plugin Manager before... |
| CVE-2019-8444 | 2019-08-23 | The wikirenderer component in Jira before version 7.13.6, and from... |
| CVE-2019-8445 | 2019-08-23 | Several worklog rest resources in Jira before version 7.13.7, and... |
| CVE-2019-8446 | 2019-08-23 | The /rest/issueNav/1/issueTable resource in Jira before version 8.3.2 allows remote... |
| CVE-2019-8447 | 2019-08-23 | The ServiceExecutor resource in Jira before version 8.3.2 allows remote... |
| CVE-2019-15516 | 2019-08-23 | Cuberite before 2019-06-11 allows webadmin directory traversal via ....// because... |
| CVE-2019-15519 | 2019-08-23 | Power-Response before 2019-02-02 allows directory traversal (up to the application's... |
| CVE-2019-15518 | 2019-08-23 | Swoole before 4.2.13 allows directory traversal in swPort_http_static_handler. |
| CVE-2019-15517 | 2019-08-23 | jc21 Nginx Proxy Manager before 2.0.13 allows %2e%2e%2f directory traversal. |
| CVE-2019-15520 | 2019-08-23 | comelz Quark before 2019-03-26 allows directory traversal to locations outside... |
| CVE-2019-15525 | 2019-08-23 | There is Missing SSL Certificate Validation in the pw3270 terminal... |
| CVE-2019-15531 | 2019-08-23 | GNU Libextractor through 1.9 has a heap-based buffer over-read in... |
| CVE-2019-15530 | 2019-08-23 | An issue was discovered on D-Link DIR-823G devices with firmware... |
| CVE-2019-15529 | 2019-08-23 | An issue was discovered on D-Link DIR-823G devices with firmware... |
| CVE-2019-15528 | 2019-08-23 | An issue was discovered on D-Link DIR-823G devices with firmware... |
| CVE-2019-15527 | 2019-08-23 | An issue was discovered on D-Link DIR-823G devices with firmware... |
| CVE-2019-15526 | 2019-08-23 | An issue was discovered on D-Link DIR-823G devices with firmware... |
| CVE-2019-10751 | 2019-08-23 | All versions of the HTTPie package prior to version 1.0.3... |
| CVE-2019-10746 | 2019-08-23 | mixin-deep is vulnerable to Prototype Pollution in versions before 1.3.2... |
| CVE-2019-10747 | 2019-08-23 | set-value is vulnerable to Prototype Pollution in versions lower than... |
| CVE-2019-10750 | 2019-08-23 | deeply is vulnerable to Prototype Pollution in versions before 3.1.0.... |
| CVE-2019-13014 | 2019-08-23 | Little Snitch versions 4.4.0 fixes a vulnerability in a privileged... |
| CVE-2019-13013 | 2019-08-23 | Little Snitch versions 4.3.0 to 4.3.2 have a local privilege... |
| CVE-2019-1580 | 2019-08-23 | Memory corruption in PAN-OS 7.1.24 and earlier, PAN-OS 8.0.19 and... |
| CVE-2019-1581 | 2019-08-23 | PAN-OS: Remote code execution vulnerability in the PAN-OS SSH device management interface |
| CVE-2019-1582 | 2019-08-23 | Memory corruption in PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3... |