CVE List - 2019 / September
Showing 601 - 700 of 1531 CVEs for September 2019 (Page 7 of 16)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2019-16307 | 2019-09-14 | A Reflected Cross-Site Scripting (XSS) vulnerability in the webEx module in webExMeetingLogin.jsp and deleteWebExMeetingCheck.jsp in Fuji Xerox DocuShare through 7.0.0.C1.609 allows remote attackers to inject arbitrary web script or HTML... |
| CVE-2019-16318 | 2019-09-14 | In Pimcore before 5.7.1, an attacker with limited privileges can bypass file-extension restrictions via a 256-character filename, as demonstrated by the failure of automatic renaming of .php to .php.txt for... |
| CVE-2019-16317 | 2019-09-14 | In Pimcore before 5.7.1, an attacker with limited privileges can trigger execution of a .phar file via a phar:// URL in a filename parameter, because PHAR uploads are not blocked... |
| CVE-2019-16319 | 2019-09-15 | In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon dissector could go into an infinite loop. This was addressed in plugins/epan/gryphon/packet-gryphon.c by checking for a message length of... |
| CVE-2019-16321 | 2019-09-15 | ScadaBR 1.0CE, and 1.1.x through 1.1.0-RC, has XSS via a request for a nonexistent resource, as demonstrated by the dwr/test/ PATH_INFO. |
| CVE-2019-16320 | 2019-09-15 | Cobham Sea Tel v170 224521 through v194 225444 devices allow attackers to obtain potentially sensitive information, such as a vessel's latitude and longitude, via the public SNMP community. |
| CVE-2019-16332 | 2019-09-15 | In the api-bearer-auth plugin before 20190907 for WordPress, the server parameter is not correctly filtered in the swagger-config.yaml.php file, and it is possible to inject JavaScript code, aka XSS. |
| CVE-2019-16334 | 2019-09-15 | In Bludit v3.9.2, there is a persistent XSS vulnerability in the Categories -> Add New Category -> Name field. NOTE: this may overlap CVE-2017-16636. |
| CVE-2019-16333 | 2019-09-15 | GetSimple CMS v3.3.15 has Persistent Cross-Site Scripting (XSS) in admin/theme-edit.php. |
| CVE-2019-14540 | 2019-09-15 | A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig. |
| CVE-2019-16335 | 2019-09-15 | A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540. |
| CVE-2019-13474 | 2019-09-16 | TELESTAR Bobs Rock Radio, Dabman D10, Dabman i30 Stereo, Imperial i110, Imperial i150, Imperial i200, Imperial i200-cd, Imperial i400, Imperial i450, Imperial i500-bt, and Imperial i600 TN81HH96-g102h-g102 devices have insufficient... |
| CVE-2017-18634 | 2019-09-16 | The newspaper theme before 6.7.2 for WordPress has script injection via td_ads[header] to admin-ajax.php. |
| CVE-2016-10956 | 2019-09-16 | The mail-masta plugin 1.0 for WordPress has local file inclusion in count_of_send.php and csvexport.php. |
| CVE-2019-16057 | 2019-09-16 | The login_mgr.cgi script in D-Link DNS-320 through 2.05.B10 is vulnerable to remote command injection. |
| CVE-2019-16170 | 2019-09-16 | An issue was discovered in GitLab Enterprise Edition 11.x and 12.x before 12.0.9, 12.1.x before 12.1.9, and 12.2.x before 12.2.5. It has Incorrect Access Control. |
| CVE-2019-16197 | 2019-09-16 | In htdocs/societe/card.php in Dolibarr 10.0.1, the value of the User-Agent HTTP header is copied into the HTML document as plain text between tags, leading to XSS. |
| CVE-2019-16264 | 2019-09-16 | In Escuela de Gestion Publica Plurinacional (EGPP) Sistema Integrado de Gestion Academica (GESAC) v1, the username parameter of the authentication form is vulnerable to SQL injection, allowing attackers to access... |
| CVE-2016-10957 | 2019-09-16 | The Akal theme through 2016-08-22 for WordPress has XSS via the framework/brad-shortcodes/tinymce/preview.php sc parameter. |
| CVE-2016-10958 | 2019-09-16 | The estatik plugin before 2.3.0 for WordPress has unauthenticated arbitrary file upload via es_media_images[] to wp-admin/admin-ajax.php. |
| CVE-2016-10959 | 2019-09-16 | The estatik plugin before 2.3.1 for WordPress has authenticated arbitrary file upload (exploitable with CSRF) via es_media_images[] to wp-admin/admin-ajax.php. |
| CVE-2016-10960 | 2019-09-16 | The wsecure plugin before 2.4 for WordPress has remote code execution via shell metacharacters in the wsecure-config.php publish parameter. |
| CVE-2016-10961 | 2019-09-16 | The colorway theme before 3.4.2 for WordPress has XSS via the contactName parameter. |
| CVE-2016-10962 | 2019-09-16 | The icegram plugin before 1.9.19 for WordPress has CSRF via the wp-admin/edit.php option_name parameter. |
| CVE-2016-10963 | 2019-09-16 | The icegram plugin before 1.9.19 for WordPress has XSS. |
| CVE-2016-10964 | 2019-09-16 | The dwnldr plugin before 1.01 for WordPress has XSS via the User-Agent HTTP header. |
| CVE-2016-10965 | 2019-09-16 | The real3d-flipbook-lite plugin 1.0 for WordPress has deleteBook=../ directory traversal for file deletion. |
| CVE-2016-10966 | 2019-09-16 | The real3d-flipbook-lite plugin 1.0 for WordPress has bookName=../ directory traversal for file upload. |
| CVE-2016-10967 | 2019-09-16 | The real3d-flipbook-lite plugin 1.0 for WordPress has XSS via the wp-content/plugins/real3d-flipbook/includes/flipbooks.php bookId parameter. |
| CVE-2016-10968 | 2019-09-16 | The peepso-core plugin before 1.6.1 for WordPress has PeepSoProfilePreferencesAjax->save() privilege escalation. |
| CVE-2016-10969 | 2019-09-16 | The supportflow plugin before 0.7 for WordPress has XSS via a discussion ticket title. |
| CVE-2016-10970 | 2019-09-16 | The supportflow plugin before 0.7 for WordPress has XSS via a ticket excerpt. |
| CVE-2016-10971 | 2019-09-16 | The MemberSonic Lite plugin before 1.302 for WordPress has incorrect login access control because only knowlewdge of an e-mail address is required. |
| CVE-2019-16352 | 2019-09-16 | ffjpeg before 2019-08-21 has a heap-based buffer overflow in jfif_load() at jfif.c. |
| CVE-2019-16351 | 2019-09-16 | ffjpeg before 2019-08-18 has a NULL pointer dereference in huffman_decode_step() at huffman.c. |
| CVE-2019-16350 | 2019-09-16 | ffjpeg before 2019-08-18 has a NULL pointer dereference in idct2d8x8() at dct.c. |
| CVE-2019-16349 | 2019-09-16 | Bento4 1.5.1-628 has a NULL pointer dereference in AP4_ByteStream::ReadUI32 in Core/Ap4ByteStream.cpp when called from the AP4_TrunAtom class. |
| CVE-2019-16348 | 2019-09-16 | marc-q libwav through 2017-04-20 has a NULL pointer dereference in gain_file() at wav_gain.c. |
| CVE-2019-16347 | 2019-09-16 | ngiflib 0.4 has a heap-based buffer overflow in WritePixels() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled. |
| CVE-2019-16346 | 2019-09-16 | ngiflib 0.4 has a heap-based buffer overflow in WritePixel() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled. |
| CVE-2018-21017 | 2019-09-16 | GPAC 0.7.1 has a memory leak in dinf_Read in isomedia/box_code_base.c. |
| CVE-2018-21016 | 2019-09-16 | audio_sample_entry_AddBox() at isomedia/box_code_base.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. |
| CVE-2018-21015 | 2019-09-16 | AVC_DuplicateConfig() at isomedia/avc_ext.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. There is "cfg_new->AVCLevelIndication = cfg->AVCLevelIndication;"... |
| CVE-2019-16353 | 2019-09-16 | Emerson GE Automation Proficy Machine Edition 8.0 allows an access violation and application crash via crafted traffic from a remote device, as demonstrated by an RX7i device. |
| CVE-2019-16354 | 2019-09-16 | The File Session Manager in Beego 1.10.0 allows local users to read session files because there is a race condition involving file creation within a directory with weak permissions. |
| CVE-2019-16355 | 2019-09-16 | The File Session Manager in Beego 1.10.0 allows local users to read session files because of weak permissions for individual files. |
| CVE-2019-0195 | 2019-09-16 | Manipulating classpath asset file URLs, an attacker could guess the path to a known file in the classpath and have it downloaded. If the attacker found the file with the... |
| CVE-2019-15950 | 2019-09-16 | The CRM Plugin before 4.2.4 for Redmine allows XSS via crafted vCard data. |
| CVE-2019-11166 | 2019-09-16 | Improper file permissions in the installer for Intel(R) Easy Streaming Wizard before version 2.1.0731 may allow an authenticated user to potentially enable escalation of privilege via local attack. |
| CVE-2019-11184 | 2019-09-16 | A race condition in specific microprocessors using Intel (R) DDIO cache allocation and RDMA may allow an authenticated user to potentially enable partial information disclosure via adjacent access. |
| CVE-2019-16366 | 2019-09-16 | In XS 9.0.0 in Moddable SDK OS180329, there is a heap-based buffer overflow in fxBeginHost in xsAPI.c when called from fxRunDefine in xsRun.c, as demonstrated by crafted JavaScript code to... |
| CVE-2019-13140 | 2019-09-16 | Inteno EG200 EG200-WU7P1U_ADAMO3.16.4-190226_1650 routers have a JUCI ACL misconfiguration that allows the "user" account to extract the 3DES key via JSON commands to ubus. The 3DES key is used to... |
| CVE-2019-0207 | 2019-09-16 | Tapestry processes assets `/assets/ctx` using classes chain `StaticFilesFilter -> AssetDispatcher -> ContextResource`, which doesn't filter the character `\`, so attacker can perform a path traversal attack to read any files... |
| CVE-2016-10972 | 2019-09-16 | The newspaper theme before 6.7.2 for WordPress has a lack of options access control via td_ajax_update_panel. |
| CVE-2016-10973 | 2019-09-16 | The Brafton plugin before 3.4.8 for WordPress has XSS via the wp-admin/admin.php?page=BraftonArticleLoader tab parameter to BraftonAdminPage.php. |
| CVE-2019-15721 | 2019-09-16 | An issue was discovered in GitLab Community and Enterprise Edition 10.8 through 12.2.1. An internal endpoint unintentionally allowed group maintainers to view and edit group runner settings. |
| CVE-2019-15722 | 2019-09-16 | An issue was discovered in GitLab Community and Enterprise Edition 8.15 through 12.2.1. Particular mathematical expressions in GitLab Markdown can exhaust client resources. |
| CVE-2019-8371 | 2019-09-16 | OpenEMR v5.0.1-6 allows code execution. |
| CVE-2019-15723 | 2019-09-16 | An issue was discovered in GitLab Community and Enterprise Edition 11.9.x and 11.10.x before 11.10.1. Merge requests created by email could be used to bypass push rules in certain situations. |
| CVE-2019-15724 | 2019-09-16 | An issue was discovered in GitLab Community and Enterprise Edition 11.10 through 12.2.1. Label descriptions are vulnerable to HTML injection. |
| CVE-2019-15725 | 2019-09-16 | An issue was discovered in GitLab Community and Enterprise Edition 12.0 through 12.2.1. An IDOR in the epic notes API that could result in disclosure of private milestones, labels, and... |
| CVE-2019-15726 | 2019-09-16 | An issue was discovered in GitLab Community and Enterprise Edition through 12.2.1. Embedded images and media files in markdown could be pointed to an arbitrary server, which would reveal the... |
| CVE-2019-15727 | 2019-09-16 | An issue was discovered in GitLab Community and Enterprise Edition 11.2 through 12.2.1. Insufficient permission checks were being applied when displaying CI results, potentially exposing some CI metrics data to... |
| CVE-2019-15728 | 2019-09-16 | An issue was discovered in GitLab Community and Enterprise Edition 10.1 through 12.2.1. Protections against SSRF attacks on the Kubernetes integration are insufficient, which could have allowed an attacker to... |
| CVE-2019-15730 | 2019-09-16 | An issue was discovered in GitLab Community and Enterprise Edition 8.14 through 12.2.1. The Jira integration contains a SSRF vulnerability as a result of a bypass of the current protection... |
| CVE-2019-15731 | 2019-09-16 | An issue was discovered in GitLab Community and Enterprise Edition 12.0 through 12.2.1. Non-members were able to comment on merge requests despite the repository being set to allow only project... |
| CVE-2019-15732 | 2019-09-16 | An issue was discovered in GitLab Community and Enterprise Edition 12.2 through 12.2.1. The project import API could be used to bypass project visibility restrictions. |
| CVE-2019-15733 | 2019-09-16 | An issue was discovered in GitLab Community and Enterprise Edition 7.12 through 12.2.1. The specified default branch name could be exposed to unauthorized users. |
| CVE-2019-15734 | 2019-09-16 | An issue was discovered in GitLab Community and Enterprise Edition 8.6 through 12.2.1. Under very specific conditions, commit titles and team member comments could become viewable to users who did... |
| CVE-2019-15736 | 2019-09-16 | An issue was discovered in GitLab Community and Enterprise Edition through 12.2.1. Under certain circumstances, CI pipelines could potentially be used in a denial of service attack. |
| CVE-2019-8368 | 2019-09-16 | OpenEMR v5.0.1-6 allows XSS. |
| CVE-2019-15737 | 2019-09-16 | An issue was discovered in GitLab Community and Enterprise Edition through 12.2.1. Certain account actions needed improved authentication and session management. |
| CVE-2019-15738 | 2019-09-16 | An issue was discovered in GitLab Community and Enterprise Edition 12.0 through 12.2.1. Under certain conditions, merge request IDs were being disclosed via email. |
| CVE-2019-15739 | 2019-09-16 | An issue was discovered in GitLab Community and Enterprise Edition 8.1 through 12.2.1. Certain areas displaying Markdown were not properly sanitizing some XSS payloads. |
| CVE-2019-15740 | 2019-09-16 | An issue was discovered in GitLab Community and Enterprise Edition 7.9 through 12.2.1. EXIF Geolocation data was not being removed from certain image uploads. |
| CVE-2019-15741 | 2019-09-16 | An issue was discovered in GitLab Omnibus 7.4 through 12.2.1. An unsafe interaction with logrotate could result in a privilege escalation |
| CVE-2019-10071 | 2019-09-16 | The code which checks HMAC in form submissions used String.equals() for comparisons, which results in a timing side channel for the comparison of the HMAC signatures. This could lead to... |
| CVE-2019-16370 | 2019-09-16 | The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an attacker to replace an artifact with a different one that has the same... |
| CVE-2019-16371 | 2019-09-16 | LogMeIn LastPass before 4.33.0 allows attackers to construct a crafted web site that captures the credentials for a victim's account on a previously visited web site, because do_popupregister can be... |
| CVE-2019-5481 | 2019-09-16 | Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3. |
| CVE-2019-5482 | 2019-09-16 | Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. |
| CVE-2019-4147 | 2019-09-16 | IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or... |
| CVE-2019-16378 | 2019-09-17 | OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 is prone to a signature-bypass vulnerability with multiple From: addresses, which might affect applications that consider a domain name to be relevant to... |
| CVE-2019-16239 | 2019-09-17 | process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes. |
| CVE-2019-15131 | 2019-09-17 | In Code42 Enterprise 6.7.5 and earlier, 6.8.4 through 6.8.8, and 7.0.0 a vulnerability has been identified that may allow arbitrary files to be uploaded to Code42 servers and executed. This... |
| CVE-2019-9008 | 2019-09-17 | An issue was discovered in 3S-Smart CODESYS V3 through 3.5.12.30. A user with low privileges can take full control over the runtime. |
| CVE-2016-10974 | 2019-09-17 | The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has frs_save CSRF with resultant stored XSS. |
| CVE-2016-10975 | 2019-09-17 | The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has reflected XSS via the skin parameter. |
| CVE-2016-10976 | 2019-09-17 | The safe-editor plugin before 1.2 for WordPress has no se_save authentication, with resultant XSS. |
| CVE-2016-10977 | 2019-09-17 | The nelio-ab-testing plugin before 4.5.0 for WordPress has filename=..%2f directory traversal. |
| CVE-2016-10978 | 2019-09-17 | The fossura-tag-miner plugin before 1.1.5 for WordPress has CSRF. |
| CVE-2016-10979 | 2019-09-17 | The fossura-tag-miner plugin before 1.1.5 for WordPress has XSS. |
| CVE-2016-10980 | 2019-09-17 | The kento-post-view-counter plugin through 2.8 for WordPress has XSS via kento_pvc_geo. |
| CVE-2016-10981 | 2019-09-17 | The kento-post-view-counter plugin through 2.8 for WordPress has stored XSS via kento_pvc_numbers_lang, kento_pvc_today_text, or kento_pvc_total_text. |
| CVE-2016-10982 | 2019-09-17 | The kento-post-view-counter plugin through 2.8 for WordPress has wp-admin/admin.php?page=kentopvc_settings CSRF. |
| CVE-2016-10983 | 2019-09-17 | The ghost plugin before 0.5.6 for WordPress has no access control for wp-admin/tools.php?ghostexport=true downloads of exported data. |
| CVE-2016-10984 | 2019-09-17 | The echosign plugin before 1.2 for WordPress has XSS via the inc.php page parameter. |
| CVE-2016-10985 | 2019-09-17 | The echosign plugin before 1.2 for WordPress has XSS via the templates/add_templates.php id parameter. |
| CVE-2016-10986 | 2019-09-17 | The tweet-wheel plugin before 1.0.3.3 for WordPress has XSS via consumer_key, consumer_secret, access_token, and access_token_secret. |
| CVE-2016-10987 | 2019-09-17 | The persian-woocommerce-sms plugin before 3.3.4 for WordPress has ps_sms_numbers XSS. |