CVE List - 2019 / August
Showing 1701 - 1800 of 2001 CVEs for August 2019 (Page 18 of 21)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2019-7969 | 2019-08-26 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2019-7973 | 2019-08-26 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2019-7974 | 2019-08-26 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2019-7976 | 2019-08-26 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2019-7977 | 2019-08-26 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak. |
| CVE-2019-7979 | 2019-08-26 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2019-7978 | 2019-08-26 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2019-7975 | 2019-08-26 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2019-7980 | 2019-08-26 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2019-7981 | 2019-08-26 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak. |
| CVE-2019-7983 | 2019-08-26 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2019-7982 | 2019-08-26 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2019-7984 | 2019-08-26 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2019-7985 | 2019-08-26 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2019-7986 | 2019-08-26 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2019-7987 | 2019-08-26 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak. |
| CVE-2019-7988 | 2019-08-26 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2019-7991 | 2019-08-26 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak. |
| CVE-2019-7990 | 2019-08-26 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2019-7989 | 2019-08-26 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2019-7992 | 2019-08-26 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2019-7993 | 2019-08-26 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2019-7995 | 2019-08-26 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak. |
| CVE-2019-7994 | 2019-08-26 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2019-7996 | 2019-08-26 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak. |
| CVE-2019-7997 | 2019-08-26 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2019-7998 | 2019-08-26 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2019-7999 | 2019-08-26 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak. |
| CVE-2019-8001 | 2019-08-26 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2019-8000 | 2019-08-26 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak. |
| CVE-2019-8460 | 2019-08-26 | OpenBSD kernel version <= 6.5 can be forced to create long chains of TCP SACK holes that causes very expensive calls to tcp_sack_option() for every incoming SACK packet which can... |
| CVE-2019-9569 | 2019-08-26 | Buffer Overflow in dactetra in Delta Controls enteliBUS Manager V3.40_B-571848 allows remote unauthenticated users to execute arbitrary code and possibly cause a denial of service via unspecified vectors. |
| CVE-2018-18668 | 2019-08-26 | GNUBOARD5 before 5.3.2.0 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "homepage title" parameter, aka the adm/config_form_update.php cf_title parameter. |
| CVE-2019-15055 | 2019-08-26 | MikroTik RouterOS through 6.44.5 and 6.45.x through 6.45.3 improperly handles the disk name, which allows authenticated users to delete arbitrary files. Attackers can exploit this vulnerability to reset credential storage,... |
| CVE-2019-15497 | 2019-08-26 | Black Box iCOMPEL 9.2.3 through 11.1.4, as used in ONELAN Net-Top-Box 9.2.3 through 11.1.4 and other products, has default credentials that allow remote attackers to access devices remotely via SSH,... |
| CVE-2019-15651 | 2019-08-26 | wolfSSL 4.1.0 has a one-byte heap-based buffer over-read in DecodeCertExtensions in wolfcrypt/src/asn.c because reading the ASN_BOOLEAN byte is mishandled for a crafted DER certificate in GetLength_ex. |
| CVE-2019-15658 | 2019-08-26 | connect-pg-simple before 6.0.1 allows SQL injection if tableName or schemaName is untrusted data. |
| CVE-2019-15657 | 2019-08-26 | In eslint-utils before 1.4.1, the getStaticValue function can execute arbitrary code. |
| CVE-2019-15666 | 2019-08-27 | An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in __xfrm_policy_unlink, which will cause denial of service, because verify_newpolicy_info in net/xfrm/xfrm_user.c mishandles directory... |
| CVE-2019-13234 | 2019-08-27 | In the Alkacon OpenCms Apollo Template 10.5.4 and 10.5.5, there is XSS in the search engine. |
| CVE-2019-13235 | 2019-08-27 | In the Alkacon OpenCms Apollo Template 10.5.4 and 10.5.5, there is XSS in the Login form. |
| CVE-2019-13236 | 2019-08-27 | In system/workplace/ in Alkacon OpenCms 10.5.4 and 10.5.5, there are multiple Reflected and Stored XSS issues in the management interface. |
| CVE-2019-13237 | 2019-08-27 | In Alkacon OpenCms 10.5.4 and 10.5.5, there are multiple resources vulnerable to Local File Inclusion that allow an attacker to access server resources: clearhistory.jsp, convertxml.jsp, group_new.jsp, loginmessage.jsp, xmlcontentrepair.jsp, and /system/workplace/admin/history/settings/index.jsp. |
| CVE-2018-21001 | 2019-08-27 | The anycomment plugin before 0.0.33 for WordPress has XSS. |
| CVE-2019-15643 | 2019-08-27 | The ultimate-faqs plugin before 1.8.22 for WordPress has XSS. |
| CVE-2015-9342 | 2019-08-27 | The wp-rollback plugin before 1.2.3 for WordPress has XSS. |
| CVE-2015-9343 | 2019-08-27 | The wp-rollback plugin before 1.2.3 for WordPress has CSRF. |
| CVE-2019-15644 | 2019-08-27 | The zoho-salesiq plugin before 1.0.9 for WordPress has stored XSS. |
| CVE-2019-15645 | 2019-08-27 | The zoho-salesiq plugin before 1.0.9 for WordPress has CSRF. |
| CVE-2018-21002 | 2019-08-27 | The js-support-ticket plugin before 2.0.6 for WordPress has CSRF. |
| CVE-2018-21003 | 2019-08-27 | The buddyforms plugin before 2.2.8 for WordPress has SQL injection. |
| CVE-2015-9344 | 2019-08-27 | The link-log plugin before 2.1 for WordPress has SQL injection. |
| CVE-2015-9345 | 2019-08-27 | The link-log plugin before 2.0 for WordPress has HTTP Response Splitting. |
| CVE-2019-15646 | 2019-08-27 | The rsvpmaker plugin before 6.2 for WordPress has SQL injection. |
| CVE-2018-21004 | 2019-08-27 | The rsvpmaker plugin before 5.6.4 for WordPress has SQL injection. |
| CVE-2019-15647 | 2019-08-27 | The groundhogg plugin before 1.3.5 for WordPress has wp-admin/admin-ajax.php?action=bulk_action_listener remote code execution. |
| CVE-2019-15648 | 2019-08-27 | The insert-or-embed-articulate-content-into-wordpress plugin before 4.29991 for WordPress has insufficient restrictions on deleting or renaming by a Subscriber. |
| CVE-2019-15649 | 2019-08-27 | The insert-or-embed-articulate-content-into-wordpress plugin before 4.2999 for WordPress has insufficient restrictions on file upload. |
| CVE-2016-10934 | 2019-08-27 | The check-email plugin before 0.5.2 for WordPress has XSS. |
| CVE-2015-9346 | 2019-08-27 | The cp-polls plugin before 1.0.5 for WordPress has XSS. |
| CVE-2014-10395 | 2019-08-27 | The cp-polls plugin before 1.0.1 for WordPress has XSS in the votes list. |
| CVE-2015-9347 | 2019-08-27 | The wp-plotly plugin before 1.0.3 for WordPress has XSS by authors. |
| CVE-2017-18590 | 2019-08-27 | The timesheet plugin before 0.1.5 for WordPress has multiple XSS issues. |
| CVE-2018-21005 | 2019-08-27 | The bbp-move-topics plugin before 1.1.6 for WordPress has code injection. |
| CVE-2019-15659 | 2019-08-27 | The pie-register plugin before 3.1.2 for WordPress has SQL injection, a different issue than CVE-2018-10969. |
| CVE-2018-21006 | 2019-08-27 | The bbp-move-topics plugin before 1.1.6 for WordPress has CSRF. |
| CVE-2016-10935 | 2019-08-27 | The woocommerce-exporter plugin before 1.8.4 for WordPress has privilege escalation. |
| CVE-2015-9349 | 2019-08-27 | The ckeditor-for-wordpress plugin before 4.5.3.1 for WordPress has reflected XSS in the "built-in (old)" file browser. |
| CVE-2015-9351 | 2019-08-27 | The feed-them-social plugin before 1.7.0 for WordPress has possible shortcode execution in the Facebook Feeds load more button. |
| CVE-2015-9350 | 2019-08-27 | The feed-them-social plugin before 1.7.0 for WordPress has reflected XSS in the Facebook Feeds load more button. |
| CVE-2017-18591 | 2019-08-27 | The gd-rating-system plugin before 2.1 for WordPress has XSS in log.php. |
| CVE-2016-10936 | 2019-08-27 | The wp-polls plugin before 2.73.1 for WordPress has XSS via the Poll bar option. |
| CVE-2019-15660 | 2019-08-27 | The wp-members plugin before 3.2.8 for WordPress has CSRF. |
| CVE-2015-9352 | 2019-08-27 | The wp-polls plugin before 2.72 for WordPress has SQL injection. |
| CVE-2017-18592 | 2019-08-27 | The woocommerce-catalog-enquiry plugin before 3.1.0 for WordPress has an incorrect wp_upload directory for file uploads. |
| CVE-2015-9348 | 2019-08-27 | The sell-downloads plugin before 1.0.8 for WordPress has insufficient restrictions on brute-force guessing of purchase IDs. |
| CVE-2019-15650 | 2019-08-27 | The stops-core-theme-and-plugin-updates plugin before 8.0.5 for WordPress has insufficient restrictions on option changes (such as disabling unattended theme updates) because of a nonce check error. |
| CVE-2019-11457 | 2019-08-27 | Multiple CSRF issues exist in MicroPyramid Django CRM 0.2.1 via /change-password-by-admin/, /api/settings/add/, /cases/create/, /change-password-by-admin/, /comment/add/, /documents/1/view/, /documents/create/, /opportunities/create/, and /login/. |
| CVE-2019-14314 | 2019-08-27 | A SQL injection vulnerability exists in the Imagely NextGEN Gallery plugin before 3.2.11 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands... |
| CVE-2019-13486 | 2019-08-27 | In Xymon through 4.3.28, a stack-based buffer overflow exists in the status-log viewer component because of expansion in svcstatus.c. |
| CVE-2019-13485 | 2019-08-27 | In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the history viewer component via a long hostname or service parameter to history.c. |
| CVE-2019-13484 | 2019-08-27 | In Xymon through 4.3.28, a buffer overflow exists in the status-log viewer CGI because of expansion in appfeed.c. |
| CVE-2019-13455 | 2019-08-27 | In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the alert acknowledgment CGI tool because of expansion in acknowledge.c. |
| CVE-2019-13452 | 2019-08-27 | In Xymon through 4.3.28, a buffer overflow vulnerability exists in reportlog.c. |
| CVE-2019-13451 | 2019-08-27 | In Xymon through 4.3.28, a buffer overflow vulnerability exists in history.c. |
| CVE-2019-13274 | 2019-08-27 | In Xymon through 4.3.28, an XSS vulnerability exists in the csvinfo CGI script due to insufficient filtering of the db parameter. |
| CVE-2019-13273 | 2019-08-27 | In Xymon through 4.3.28, a buffer overflow vulnerability exists in the csvinfo CGI script. The overflow may be exploited by sending a crafted GET request that triggers an sprintf of... |
| CVE-2019-15698 | 2019-08-27 | In Octopus Deploy 2019.7.3 through 2019.7.9, in certain circumstances, an authenticated user with VariableView permissions could view sensitive values. This is fixed in 2019.7.10. |
| CVE-2019-13271 | 2019-08-27 | Edimax BR-6208AC V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. They forward ARP requests, which are sent as... |
| CVE-2019-13270 | 2019-08-27 | Edimax BR-6208AC V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. In order to transfer data from the host... |
| CVE-2019-13269 | 2019-08-27 | Edimax BR-6208AC V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. A DHCP Request is sent to the router... |
| CVE-2019-13268 | 2019-08-27 | TP-Link Archer C3200 V1 and Archer C2 V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. They forward ARP... |
| CVE-2019-13267 | 2019-08-27 | TP-Link Archer C3200 V1 and Archer C2 V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. In order to... |
| CVE-2019-13266 | 2019-08-27 | TP-Link Archer C3200 V1 and Archer C2 V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. A DHCP Request... |
| CVE-2019-13265 | 2019-08-27 | D-link DIR-825AC G1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. They forward ARP requests, which are sent as... |
| CVE-2019-13264 | 2019-08-27 | D-link DIR-825AC G1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. In order to transfer data from the host... |
| CVE-2019-13263 | 2019-08-27 | D-link DIR-825AC G1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. A DHCP Request is sent to the router... |
| CVE-2019-15700 | 2019-08-27 | public/js/frappe/form/footer/timeline.js in Frappe Framework 12 through 12.0.8 does not escape HTML in the timeline and thus is affected by crafted "changed value of" text. |
| CVE-2019-15701 | 2019-08-27 | components/Modals/HelpModal.jsx in BloodHound 2.2.0 allows remote attackers to execute arbitrary OS commands (by spawning a child process as the current user on the victim's machine) when the search function's autocomplete... |
| CVE-2019-15702 | 2019-08-27 | In the TCP implementation (gnrc_tcp) in RIOT through 2019.07, the parser for TCP options does not terminate on all inputs, allowing a denial-of-service, because sys/net/gnrc/transport_layer/tcp/gnrc_tcp_option.c has an infinite loop for... |