CVE List - 2019 / September
Showing 1 - 100 of 1531 CVEs for September 2019 (Page 1 of 16)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2015-9381 | 2019-09-03 | FreeType before 2.6.1 has a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c. |
| CVE-2015-9382 | 2019-09-03 | FreeType before 2.6.1 has a buffer over-read in skip_comment in psaux/psobjs.c because ps_parser_skip_PS_token is mishandled in an FT_New_Memory_Face operation. |
| CVE-2015-9383 | 2019-09-03 | FreeType before 2.6.2 has a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c. |
| CVE-2019-15858 | 2019-09-03 | admin/includes/class.import.snippet.php in the "Woody ad snippets" plugin before 2.2.5 for WordPress allows unauthenticated options import, as demonstrated by storing an XSS payload for remote code execution. |
| CVE-2019-15860 | 2019-09-03 | Xpdf 2.00 allows a SIGSEGV in XRef::constructXRef in XRef.cc. NOTE: 2.00 is a version from November 2002. |
| CVE-2019-15863 | 2019-09-03 | The ConvertPlus plugin before 3.4.5 for WordPress has an unintended account creation (with the none role) via a request for variants. |
| CVE-2019-15043 | 2019-09-03 | In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running... |
| CVE-2019-15864 | 2019-09-03 | The breadcrumbs-by-menu plugin before 1.0.3 for WordPress has XSS. |
| CVE-2019-15865 | 2019-09-03 | The breadcrumbs-by-menu plugin before 1.0.3 for WordPress has CSRF. |
| CVE-2019-15866 | 2019-09-03 | The crelly-slider plugin before 1.3.5 for WordPress has arbitrary file upload via a PHP file inside a ZIP archive to wp_ajax_crellyslider_importSlider. |
| CVE-2019-15867 | 2019-09-03 | The slick-popup plugin before 1.7.2 for WordPress has a hardcoded OmakPass13# password for the slickpopupteam account, after a Subscriber calls a certain AJAX action. |
| CVE-2019-15868 | 2019-09-03 | The affiliates-manager plugin before 2.6.6 for WordPress has CSRF. |
| CVE-2019-15869 | 2019-09-03 | The JobCareer theme before 2.5.1 for WordPress has stored XSS. |
| CVE-2019-15870 | 2019-09-03 | The CarSpot theme before 2.1.7 for WordPress has stored XSS via the Phone Number field. |
| CVE-2019-15872 | 2019-09-03 | The LoginPress plugin before 1.1.4 for WordPress has SQL injection via an import of settings. |
| CVE-2019-15871 | 2019-09-03 | The LoginPress plugin before 1.1.4 for WordPress has no capability check for updates to settings. |
| CVE-2019-15873 | 2019-09-03 | The profilegrid-user-profiles-groups-and-communities plugin before 2.8.6 for WordPress has remote code execution via an wp-admin/admin-ajax.php request with the action=pm_template_preview&html=<?php substring followed by PHP code. |
| CVE-2019-13156 | 2019-09-03 | NDrive(1.2.2).sys in Naver Cloud Explorer has a stack-based buffer overflow, which allows attackers to cause a denial of service when reading data from IOCTL handle. |
| CVE-2019-10197 | 2019-09-03 | A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba... |
| CVE-2019-14811 | 2019-09-03 | A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A... |
| CVE-2019-14817 | 2019-09-03 | A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER`... |
| CVE-2019-3751 | 2019-09-03 | Dell EMC Enterprise Copy Data Management (eCDM) versions 1.0, 1.1, 2.0, 2.1, and 3.0 contain a certificate validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to carry... |
| CVE-2019-3754 | 2019-09-03 | Dell EMC Unity Operating Environment versions prior to 5.0.0.0.5.116, Dell EMC UnityVSA versions prior to 5.0.0.0.5.116 and Dell EMC VNXe3200 versions prior to 3.1.10.9946299 contain a reflected cross-site scripting vulnerability... |
| CVE-2019-15889 | 2019-09-03 | The download-manager plugin before 2.9.94 for WordPress has XSS via the category shortcode feature, as demonstrated by the orderby or search[publish_date] parameter. |
| CVE-2019-1125 | 2019-09-03 | Windows Kernel Information Disclosure Vulnerability |
| CVE-2019-14261 | 2019-09-03 | An issue was discovered on ABUS Secvest FUAA50000 3.01.01 devices. Due to an insufficient implementation of jamming detection, an attacker is able to suppress correctly received RF messages sent between... |
| CVE-2019-6179 | 2019-09-03 | An XML External Entity (XXE) processing vulnerability was reported in Lenovo XClarity Administrator (LXCA) prior to version 2.5.0 , Lenovo XClarity Integrator (LXCI) for Microsoft System Center prior to version... |
| CVE-2019-6180 | 2019-09-03 | A stored cross-site scripting (XSS) vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions prior to 2.5.0 that could allow an administrative user to cause JavaScript code to be stored... |
| CVE-2019-6181 | 2019-09-03 | A reflected cross-site scripting (XSS) vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions prior to 2.5.0 that could allow a crafted URL, if visited, to cause JavaScript code to... |
| CVE-2019-6182 | 2019-09-03 | A stored CSV Injection vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions prior to 2.5.0 that could allow an administrative user to store malformed data in LXCA Jobs and... |
| CVE-2019-5475 | 2019-09-03 | The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability. |
| CVE-2019-5479 | 2019-09-03 | An unintended require vulnerability in <v0.5.5 larvitbase-api may allow an attacker to load arbitrary non-production code (JavaScript file). |
| CVE-2019-5478 | 2019-09-03 | A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an adversary being able to modify the control fields of the boot image... |
| CVE-2019-5480 | 2019-09-03 | A path traversal vulnerability in <= v0.9.7 of statichttpserver npm module allows attackers to list files in arbitrary folders. |
| CVE-2019-15892 | 2019-09-03 | An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and 6.2.x before 6.2.1. An HTTP/1 parsing failure allows a remote attacker to trigger an assert by sending... |
| CVE-2019-15898 | 2019-09-03 | Nagios Log Server before 2.0.8 allows Reflected XSS via the username on the Login page. |
| CVE-2019-15902 | 2019-09-04 | A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream... |
| CVE-2019-15903 | 2019-09-04 | In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted... |
| CVE-2019-15718 | 2019-09-04 | In systemd 240, bus_open_system_watch_bind_with_description in shared/bus-util.c (as used by systemd-resolved to connect to the system D-Bus instance), calls sd_bus_set_trusted, which disables access controls for incoming D-Bus messages. An unprivileged user... |
| CVE-2019-10709 | 2019-09-04 | AsusPTPFilter.sys on Asus Precision TouchPad 11.0.0.25 hardware has a Pool Overflow associated with the \\.\AsusTP device, leading to a DoS or potentially privilege escalation via a crafted DeviceIoControl call. |
| CVE-2019-12588 | 2019-09-04 | The client 802.11 mac implementation in Espressif ESP8266_NONOS_SDK 2.2.0 through 3.1.0 does not validate correctly the RSN AuthKey suite list count in beacon frames, probe responses, and association responses, which... |
| CVE-2019-12587 | 2019-09-04 | The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 allows the installation of a zero Pairwise Master Key (PMK) after the completion of any... |
| CVE-2019-10988 | 2019-09-04 | In Philips HDI 4000 Ultrasound Systems, all versions running on old, unsupported operating systems such as Windows 2000, the HDI 4000 Ultrasound System is built on an old operating system... |
| CVE-2019-13209 | 2019-09-04 | Rancher 2 through 2.2.4 is vulnerable to a Cross-Site Websocket Hijacking attack that allows an exploiter to gain access to clusters managed by Rancher. The attack requires a victim to... |
| CVE-2019-15813 | 2019-09-04 | Multiple file upload restriction bypass vulnerabilities in Sentrifugo 3.2 could allow authenticated users to execute arbitrary code via a webshell. |
| CVE-2019-15814 | 2019-09-04 | Multiple stored XSS vulnerabilities in Sentrifugo 3.2 could allow authenticated users to inject arbitrary web script or HTML. |
| CVE-2019-13522 | 2019-09-04 | An attacker could use a specially crafted project file to corrupt the memory and execute code under the privileges of the EZ PLC Editor Versions 1.8.41 and prior. |
| CVE-2019-13518 | 2019-09-04 | An attacker could use a specially crafted project file to overflow the buffer and execute code under the privileges of the EZ Touch Editor Versions 2.1.0 and prior. |
| CVE-2019-15916 | 2019-09-04 | An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service. |
| CVE-2019-13975 | 2019-09-04 | eGain Chat 15.0.3 allows HTML Injection. |
| CVE-2019-13976 | 2019-09-04 | eGain Chat 15.0.3 allows unrestricted file upload. |
| CVE-2019-6645 | 2019-09-04 | On BIG-IP 14.0.0-14.1.0.5, 13.0.0-13.1.2, 12.1.0-12.1.4.1, 11.5.2-11.6.4, FTP traffic passing through a Virtual Server with both an active FTP profile associated and connection mirroring configured may lead to a TMM crash... |
| CVE-2019-6648 | 2019-09-04 | On version 1.9.0, If DEBUG logging is enable, F5 Container Ingress Service (CIS) for Kubernetes and Red Hat OpenShift (k8s-bigip-ctlr) log files may contain BIG-IP secrets such as SSL Private... |
| CVE-2019-6647 | 2019-09-04 | On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, 12.1.0-12.1.4.1, 11.5.2-11.6.4, when processing authentication attempts for control-plane users MCPD leaks a small amount of memory. Under rare conditions attackers with access to the management... |
| CVE-2019-6644 | 2019-09-04 | Similar to the issue identified in CVE-2018-12120, on versions 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, and 12.1.0-12.1.4 BIG-IP will bind a debug nodejs process to all interfaces when invoked. This may expose the... |
| CVE-2019-6646 | 2019-09-04 | On BIG-IP 11.5.2-11.6.4 and Enterprise Manager 3.1.1, REST users with guest privileges may be able to escalate their privileges and run commands with admin privileges. |
| CVE-2019-6643 | 2019-09-04 | On versions 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, 12.1.0-12.1.4.1, and 11.5.2-11.6.4, an attacker sending specifically crafted DHCPv6 requests through a BIG-IP virtual server configured with a DHCPv6 profile may be able to cause... |
| CVE-2019-15924 | 2019-09-04 | An issue was discovered in the Linux kernel before 5.0.11. fm10k_init_module in drivers/net/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer dereference because there is no -ENOMEM upon an alloc_workqueue failure. |
| CVE-2019-15923 | 2019-09-04 | An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a cd data structure if alloc_disk fails in drivers/block/paride/pf.c. |
| CVE-2019-15922 | 2019-09-04 | An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a pf data structure if alloc_disk fails in drivers/block/paride/pf.c. |
| CVE-2019-15921 | 2019-09-04 | An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c. |
| CVE-2019-15920 | 2019-09-04 | An issue was discovered in the Linux kernel before 5.0.10. SMB2_read in fs/cifs/smb2pdu.c has a use-after-free. NOTE: this was not fixed correctly in 5.0.10; see the 5.0.11 ChangeLog, which documents... |
| CVE-2019-15919 | 2019-09-04 | An issue was discovered in the Linux kernel before 5.0.10. SMB2_write in fs/cifs/smb2pdu.c has a use-after-free. |
| CVE-2019-15918 | 2019-09-04 | An issue was discovered in the Linux kernel before 5.0.10. SMB2_negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21. |
| CVE-2019-15917 | 2019-09-04 | An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c. |
| CVE-2019-14470 | 2019-09-04 | cosenary Instagram-PHP-API (aka Instagram PHP API V2), as used in the UserPro plugin through 4.9.32 for WordPress, has XSS via the example/success.php error_description parameter. |
| CVE-2019-14319 | 2019-09-04 | The TikTok (formerly Musical.ly) application 12.2.0 for Android and iOS performs unencrypted transmission of images, videos, and likes. This allows an attacker to extract private sensitive information by sniffing network... |
| CVE-2019-12586 | 2019-09-04 | The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 processes EAP Success messages before any EAP method completion or failure, which allows attackers in... |
| CVE-2019-15927 | 2019-09-04 | An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c. |
| CVE-2018-21008 | 2019-09-04 | An issue was discovered in the Linux kernel before 4.16.7. A use-after-free can be caused by the function rsi_mac80211_detach in the file drivers/net/wireless/rsi/rsi_91x_mac80211.c. |
| CVE-2019-15926 | 2019-09-04 | An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c. |
| CVE-2019-15925 | 2019-09-04 | An issue was discovered in the Linux kernel before 5.2.3. An out of bounds access exists in the function hclge_tm_schd_mode_vnet_base_cfg in the file drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_tm.c. |
| CVE-2017-18595 | 2019-09-04 | An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c. |
| CVE-2019-12633 | 2019-09-05 | Cisco Unified Contact Center Express Request Processing Server-Side Request Forgery Vulnerability |
| CVE-2019-12632 | 2019-09-05 | Cisco Finesse Request Processing Server-Side Request Forgery Vulnerability |
| CVE-2019-12645 | 2019-09-05 | Cisco Jabber Client Framework for Mac Code Execution Vulnerability |
| CVE-2019-12644 | 2019-09-05 | Cisco Identity Services Engine Cross-Site Scripting Vulnerability |
| CVE-2019-12635 | 2019-09-05 | Cisco Content Security Management Appliance Information Disclosure Vulnerability |
| CVE-2019-1976 | 2019-09-05 | Cisco Industrial Network Director Configuration Data Information Disclosure Vulnerability |
| CVE-2019-1939 | 2019-09-05 | Cisco Webex Teams Logging Feature Command Execution Vulnerability |
| CVE-2018-21009 | 2019-09-05 | Poppler before 0.66.0 has an integer overflow in Parser::makeStream in Parser.cc. |
| CVE-2018-21010 | 2019-09-05 | OpenJPEG before 2.3.1 has a heap buffer overflow in color_apply_icc_profile in bin/common/color.c. |
| CVE-2019-10677 | 2019-09-05 | Multiple Cross-Site Scripting (XSS) issues in the web interface on DASAN Zhone ZNID GPON 2426A EU version S3.1.285 devices allow a remote attacker to execute arbitrary JavaScript via manipulation of... |
| CVE-2019-15938 | 2019-09-05 | Pengutronix barebox through 2019.08.1 has a remote buffer overflow in nfs_readlink_req in fs/nfs.c because a length field is directly used for a memcpy. |
| CVE-2019-15937 | 2019-09-05 | Pengutronix barebox through 2019.08.1 has a remote buffer overflow in nfs_readlink_reply in net/nfs.c because a length field is directly used for a memcpy. |
| CVE-2019-4149 | 2019-09-05 | IBM Business Automation Workflow V18.0.0.0 through V18.0.0.2 and IBM Business Process Manager V8.6.0.0 through V8.6.0.0 Cumulative Fix 2018.03, V8.5.7.0 through V8.5.7.0 Cumulative Fix 2017.06, and V8.5.6.0 through V8.5.6.0 CF2 is... |
| CVE-2019-4186 | 2019-09-05 | IBM Jazz for Service Management 1.1.3 is vulnerable to HTTP header injection, caused by incorrect trust in the HTTP Host header during caching. By sending a specially crafted HTTP GET... |
| CVE-2019-4321 | 2019-09-05 | IBM Intelligent Operations Center V5.1.0 - V5.2.0, IBM Intelligent Operations Center for Emergency Management V5.1.0 - V5.1.0.6, and IBM Water Operations for Waternamics V5.1.0 - V5.2.1.1 does not require that... |
| CVE-2019-12223 | 2019-09-05 | An issue was discovered in NVR WebViewer on Hanwah Techwin SRN-472s 1.07_190502 devices, and other SRN-x devices before 2019-05-03. A system crash and reboot can be achieved by submitting a... |
| CVE-2019-15939 | 2019-09-05 | An issue was discovered in OpenCV 4.1.0. There is a divide-by-zero error in cv::HOGDescriptor::getDescriptorSize in modules/objdetect/src/hog.cpp. |
| CVE-2018-11569 | 2019-09-05 | Controller/ListController.php in Eventum 3.5.0 is vulnerable to Deserialization of Untrusted Data. Fixed in version 3.5.2. |
| CVE-2019-15942 | 2019-09-05 | FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645_parse because alloc_rbsp_buffer in libavcodec/h2645_parse.c mishandles rbsp_buffer. |
| CVE-2019-15945 | 2019-09-05 | OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Bitstring in decode_bit_string in libopensc/asn1.c. |
| CVE-2019-15946 | 2019-09-05 | OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry in libopensc/asn1.c. |
| CVE-2019-5065 | 2019-09-05 | An exploitable information disclosure vulnerability exists in the packet-parsing functionality of Blynk-Library v0.6.1. A specially crafted packet can cause an unterminated strncpy, resulting in information disclosure. An attacker can send... |
| CVE-2019-15947 | 2019-09-05 | In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it may dump a core file. If a user were to mishandle a core file, an... |
| CVE-2019-13361 | 2019-09-05 | Smanos W100 1.0.0 devices have Insecure Permissions, exploitable by an attacker on the same Wi-Fi network. |
| CVE-2019-13190 | 2019-09-05 | In Knowage through 6.1.1, the sign up page does not invalidate a valid CAPTCHA token. This allows for CAPTCHA bypass in the signup page. |
| CVE-2019-15949 | 2019-09-05 | Nagios XI before 5.6.6 allows remote command execution as root. The exploit requires access to the server as the nagios user, or access as the admin user via the web... |
| CVE-2019-5069 | 2019-09-05 | A code execution vulnerability exists in Epignosis eFront LMS v5.2.12. A specially crafted web request can cause unsafe deserialization potentially resulting in PHP code being executed. An attacker can send... |