CVE List - 2019 / September
Showing 801 - 900 of 1531 CVEs for September 2019 (Page 9 of 16)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2019-14994 | 2019-09-19 | The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before version 3.9.16, from version 3.10.0 before version 3.16.8, from version 4.0.0 before version... |
| CVE-2019-15000 | 2019-09-19 | The commit diff rest endpoint in Bitbucket Server and Data Center before 5.16.10 (the fixed version for 5.16.x ), from 6.0.0 before 6.0.10 (the fixed version for 6.0.x), from 6.1.0... |
| CVE-2019-15001 | 2019-09-19 | The Jira Importers Plugin in Atlassian Jira Server and Data Cente from version with 7.0.10 before 7.6.16, from 7.7.0 before 7.13.8, from 8.0.0 before 8.1.3, from 8.2.0 before 8.2.5, from... |
| CVE-2019-16398 | 2019-09-19 | On Keeper K5 20.1.0.25 and 20.1.0.63 devices, remote code execution can occur by inserting an SD card containing a file named zskj_script_run.sh that executes a reverse shell. |
| CVE-2019-16412 | 2019-09-19 | In goform/setSysTools on Tenda N301 wireless routers, attackers can trigger a device crash via a zero wanMTU value. (Prohibition of this zero value is only enforced within the GUI.) |
| CVE-2019-16510 | 2019-09-19 | libIEC61850 through 1.3.3 has a use-after-free in MmsServer_waitReady in mms/iso_mms/server/mms_server.c, as demonstrated by server_example_goose. |
| CVE-2019-16511 | 2019-09-19 | An issue was discovered in DTF in FireGiant WiX Toolset before 3.11.2. Microsoft.Deployment.Compression.Cab.dll and Microsoft.Deployment.Compression.Zip.dll allow directory traversal during CAB or ZIP archive extraction, because the full name of an... |
| CVE-2019-15032 | 2019-09-19 | Pydio 6.0.8 mishandles error reporting when a directory allows unauthenticated uploads, and the remote-upload option is used with the http://localhost:22 URL. The attacker can obtain sensitive information such as the... |
| CVE-2019-15033 | 2019-09-19 | Pydio 6.0.8 allows Authenticated SSRF during a Remote Link Feature download. An attacker can specify an intranet address in the file parameter to index.php, when sending a file to a... |
| CVE-2019-14821 | 2019-09-19 | An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on... |
| CVE-2019-16525 | 2019-09-19 | An XSS issue was discovered in the checklist plugin before 1.1.9 for WordPress. The fill parameter is not correctly filtered in the checklist-icon.php file, and it is possible to inject... |
| CVE-2019-9717 | 2019-09-19 | In Libav 12.3, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c has... |
| CVE-2019-9719 | 2019-09-19 | A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses... |
| CVE-2019-9720 | 2019-09-19 | A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses... |
| CVE-2019-16531 | 2019-09-20 | LayerBB before 1.1.4 has multiple CSRF issues, as demonstrated by changing the System Settings via admin/general.php. |
| CVE-2019-14911 | 2019-09-20 | An issue was discovered in PRiSE adAS 1.7.0. The OPENSSO module does not properly escape output on error, leading to reflected XSS. |
| CVE-2019-14912 | 2019-09-20 | An issue was discovered in PRiSE adAS 1.7.0. The OPENSSO module does not properly check the goto parameter, leading to an open redirect that leaks the session cookie. |
| CVE-2019-14913 | 2019-09-20 | An issue was discovered in PRiSE adAS 1.7.0. Log data are not properly escaped, leading to persistent XSS in the administration panel. |
| CVE-2019-14914 | 2019-09-20 | An issue was discovered in PRiSE adAS 1.7.0. The path is not properly escaped in the medatadata_del method, leading to an arbitrary file read and deletion via Directory Traversal. |
| CVE-2019-14915 | 2019-09-20 | An issue was discovered in PRiSE adAS 1.7.0. Certificate data are not properly escaped. This leads to XSS when submitting a rogue certificate. |
| CVE-2019-14916 | 2019-09-20 | An issue was discovered in PRiSE adAS 1.7.0. A file's format is not properly checked, leading to an unrestricted file upload. |
| CVE-2019-15085 | 2019-09-20 | An issue was discovered in PRiSE adAS 1.7.0. The current database password is embedded in the change password form. |
| CVE-2019-15086 | 2019-09-20 | An issue was discovered in PRiSE adAS 1.7.0. The newentityID parameter is not properly escaped, leading to a reflected XSS in the error message. |
| CVE-2019-15087 | 2019-09-20 | An issue was discovered in PRiSE adAS 1.7.0. An authenticated user can change the function used to hash passwords to any function, leading to remote code execution. |
| CVE-2019-15088 | 2019-09-20 | An issue was discovered in PRiSE adAS 1.7.0. Password hashes are compared using the equality operator. Thus, under specific circumstances, it is possible to bypass login authentication. |
| CVE-2019-15089 | 2019-09-20 | An issue was discovered in PRiSE adAS 1.7.0. Forms have no CSRF protection, letting an attacker execute actions as the administrator. |
| CVE-2016-10996 | 2019-09-20 | The optinmonster plugin before 1.1.4.6 for WordPress has incorrect access control for shortcodes because of a nonce leak. |
| CVE-2016-10997 | 2019-09-20 | The beauty-premium theme 1.0.8 for WordPress has CSRF with resultant arbitrary file upload in includes/sendmail.php. |
| CVE-2016-10998 | 2019-09-20 | The ocim-mp3 plugin through 2016-03-07 for WordPress has wp-content/plugins/ocim-mp3/source/pages.php?id= XSS. |
| CVE-2016-10999 | 2019-09-20 | The Goodnews theme through 2016-02-28 for WordPress has XSS via the s parameter. |
| CVE-2019-16642 | 2019-09-20 | App\Mobile\Controller\ZhuantiController.class.php in TuziCMS 2.0.6 has SQL injection via the index.php/Mobile/Zhuanti/group?id= substring. |
| CVE-2016-11000 | 2019-09-20 | The wp-ultimate-exporter plugin through 1.1 for WordPress has SQL injection via the export_type_name parameter. |
| CVE-2016-11001 | 2019-09-20 | The user-submitted-posts plugin before 20160215 for WordPress has XSS via the user-submitted-content field. |
| CVE-2016-11003 | 2019-09-20 | The Elegant Themes Bloom plugin before 1.1.1 for WordPress has privilege escalation. |
| CVE-2016-11002 | 2019-09-20 | The Elegant Themes Extra theme before 1.2.4 for WordPress has privilege escalation. |
| CVE-2016-11004 | 2019-09-20 | The Elegant Themes Monarch plugin before 1.2.7 for WordPress has privilege escalation. |
| CVE-2016-11005 | 2019-09-20 | The instalinker plugin before 1.1.2 for WordPress has includes/instalinker-admin-preview.php?client_id= XSS. |
| CVE-2016-11006 | 2019-09-20 | The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control for admin_init settings changes. |
| CVE-2016-11007 | 2019-09-20 | The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_user_id for invoice retrieval. |
| CVE-2016-11008 | 2019-09-20 | The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_paypal payer metadata updates. |
| CVE-2016-11009 | 2019-09-20 | The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_interkassa payer metadata updates. |
| CVE-2016-11010 | 2019-09-20 | The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_twocheckout payer metadata updates. |
| CVE-2016-11011 | 2019-09-20 | The wp-invoice plugin before 4.1.1 for WordPress has wpi_update_user_option privilege escalation. |
| CVE-2016-11012 | 2019-09-20 | The sola-support-tickets plugin before 3.13 for WordPress has incorrect access control for /wp-admin with resultant XSS. |
| CVE-2016-11013 | 2019-09-20 | The wp-listings plugin before 2.0.2 for WordPress has includes/views/single-listing.php XSS. |
| CVE-2015-9384 | 2019-09-20 | The relevant plugin before 1.0.8 for WordPress has XSS. |
| CVE-2015-9385 | 2019-09-20 | The quotes-and-tips plugin before 1.20 for WordPress has XSS. |
| CVE-2015-9387 | 2019-09-20 | The mtouch-quiz plugin before 3.1.3 for WordPress has wp-admin/options-general.php CSRF. |
| CVE-2015-9386 | 2019-09-20 | The mtouch-quiz plugin before 3.1.3 for WordPress has XSS via the quiz parameter during a Quiz Manage operation. |
| CVE-2015-9388 | 2019-09-20 | The mtouch-quiz plugin before 3.1.3 for WordPress has wp-admin/edit.php CSRF with resultant XSS. |
| CVE-2015-9389 | 2019-09-20 | The mtouch-quiz plugin before 3.1.3 for WordPress has XSS via a quiz name. |
| CVE-2015-9390 | 2019-09-20 | The admin-management-xtended plugin before 2.4.0.1 for WordPress has privilege escalation because wp_ajax functions are mishandled. |
| CVE-2015-9391 | 2019-09-20 | The yawpp plugin through 1.2.2 for WordPress has XSS via the field1 parameter. |
| CVE-2015-9392 | 2019-09-20 | The users-ultra plugin before 1.5.63 for WordPress has XSS via the p_name parameter. |
| CVE-2015-9393 | 2019-09-20 | The users-ultra plugin before 1.5.63 for WordPress has XSS via the p_desc parameter. |
| CVE-2015-9394 | 2019-09-20 | The users-ultra plugin before 1.5.63 for WordPress has CSRF via action=package_add_new to wp-admin/admin-ajax.php. |
| CVE-2015-9395 | 2019-09-20 | The users-ultra plugin before 1.5.64 for WordPress has SQL Injection via an ajax action. |
| CVE-2015-9396 | 2019-09-20 | The auto-thickbox-plus plugin through 1.9 for WordPress has wp-content/plugins/auto-thickbox-plus/download.min.php?file= XSS. |
| CVE-2019-16643 | 2019-09-20 | An issue was discovered in ZrLog 2.1.1. There is a Stored XSS vulnerability in the article_edit area. |
| CVE-2015-9397 | 2019-09-20 | The gocodes plugin through 1.3.5 for WordPress has wp-admin/tools.php deletegc XSS. |
| CVE-2015-9398 | 2019-09-20 | The gocodes plugin through 1.3.5 for WordPress has wp-admin/tools.php gcid SQL injection. |
| CVE-2015-9399 | 2019-09-20 | The wp-stats-dashboard plugin through 2.9.4 for WordPress has admin/graph_trend.php type SQL injection. |
| CVE-2015-9400 | 2019-09-20 | The wordpress-meta-robots plugin through 2.1 for WordPress has wp-admin/post-new.php text SQL injection. |
| CVE-2015-9401 | 2019-09-20 | The websimon-tables plugin through 1.3.4 for WordPress has wp-admin/tools.php edit_style id XSS. |
| CVE-2015-9402 | 2019-09-20 | The users-ultra plugin before 1.5.59 for WordPress has uultra-form-cvs-form-conf arbitrary file upload. |
| CVE-2015-9403 | 2019-09-20 | The neuvoo-jobroll plugin 2.0 for WordPress has neuvoo_location XSS. |
| CVE-2015-9404 | 2019-09-20 | The neuvoo-jobroll plugin 2.0 for WordPress has neuvoo_keywords XSS. |
| CVE-2015-9405 | 2019-09-20 | The wp-piwik plugin before 1.0.5 for WordPress has XSS. |
| CVE-2019-16644 | 2019-09-20 | App\Home\Controller\ZhuantiController.class.php in TuziCMS 2.0.6 has SQL injection via the index.php/Zhuanti/group?id= substring. |
| CVE-2015-9407 | 2019-09-20 | The xpinner-lite plugin through 2.2 for WordPress has xpinner-lite.php XSS. |
| CVE-2015-9408 | 2019-09-20 | The xpinner-lite plugin through 2.2 for WordPress has wp-admin/options-general.php CSRF with resultant XSS. |
| CVE-2019-16533 | 2019-09-20 | On DrayTek Vigor2925 devices with firmware 3.8.4.3, Incorrect Access Control exists in loginset.htm, and can be used to trigger XSS. NOTE: this is an end-of-life product. |
| CVE-2019-16534 | 2019-09-20 | On DrayTek Vigor2925 devices with firmware 3.8.4.3, XSS exists via a crafted WAN name on the General Setup screen. NOTE: this is an end-of-life product. |
| CVE-2019-4505 | 2019-09-20 | IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Network Deployment could allow a remote attacker to obtain sensitive information, caused by sending a specially-crafted URL. This can lead the... |
| CVE-2019-4565 | 2019-09-20 | IBM Security Key Lifecycle Manager 3.0 and 3.0.1 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM... |
| CVE-2018-11200 | 2019-09-20 | An issue was discovered in Mautic 2.13.1. It has Stored XSS via the company name field. |
| CVE-2019-5521 | 2019-09-20 | VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6) and Fusion (11.x before 11.0.3 and 10.x before 10.1.6) contain an out-of-bounds read... |
| CVE-2018-17789 | 2019-09-20 | Prospecta Master Data Online (MDO) allows CSRF. |
| CVE-2019-11326 | 2019-09-20 | An issue was discovered on Topcon Positioning Net-G5 GNSS Receiver devices with firmware 5.2.2. The web interface of the product is protected by a login. A guest is allowed to... |
| CVE-2019-16645 | 2019-09-20 | An issue was discovered in Embedthis GoAhead 2.5.0. Certain pages (such as goform/login and config/log_off_page.htm) create links containing a hostname obtained from an arbitrary HTTP Host header sent by an... |
| CVE-2019-11327 | 2019-09-20 | An issue was discovered on Topcon Positioning Net-G5 GNSS Receiver devices with firmware 5.2.2. The web interface of the product has a local file inclusion vulnerability. An attacker with administrative... |
| CVE-2019-14816 | 2019-09-20 | There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial... |
| CVE-2019-14814 | 2019-09-20 | There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a... |
| CVE-2019-11280 | 2019-09-20 | Privilege escalation through the invitations service |
| CVE-2019-15138 | 2019-09-20 | The html-pdf package 2.2.0 for Node.js has an arbitrary file read vulnerability via an HTML file that uses XMLHttpRequest to access a file:/// URL. |
| CVE-2015-9406 | 2019-09-20 | Directory traversal vulnerability in the mTheme-Unus theme before 2.3 for WordPress allows an attacker to read arbitrary files via a .. (dot dot) in the files parameter to css/css.php. |
| CVE-2014-10396 | 2019-09-20 | The epic theme through 2014-09-07 for WordPress allows arbitrary file downloads via the file parameter to includes/download.php. |
| CVE-2014-10397 | 2019-09-20 | The Antioch theme through 2014-09-07 for WordPress allows arbitrary file downloads via the file parameter to lib/scripts/download.php. |
| CVE-2019-6650 | 2019-09-20 | F5 BIG-IP ASM 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.6.0-11.6.4, and 11.5.1-11.5.9 may expose sensitive information and allow the system configuration to be modified when using non-default settings. |
| CVE-2019-6649 | 2019-09-20 | F5 BIG-IP 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.6.0-11.6.4, and 11.5.1-11.5.9 and Enterprise Manager 3.1.1 may expose sensitive information and allow the system configuration to be modified when using non-default ConfigSync... |
| CVE-2019-6145 | 2019-09-20 | Forcepoint VPN Client for Windows versions lower than 6.6.1 have an unquoted search path vulnerability. This enables local privilege escalation to SYSTEM user. By default, only local administrators can write... |
| CVE-2019-16650 | 2019-09-21 | On Supermicro X10 and X11 products, a client's access privileges may be transferred to a different client that later has the same socket file descriptor number. In opportunistic circumstances, an... |
| CVE-2019-16649 | 2019-09-21 | On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination of encryption and authentication problems in the virtual media service allows capture of BMC credentials and data transferred... |
| CVE-2019-16661 | 2019-09-21 | Ogma CMS 0.5 has XSS via creation of a new blog. |
| CVE-2019-16660 | 2019-09-21 | joyplus-cms 1.6.0 has admin_ajax.php?action=savexml&tab=vodplay CSRF. |
| CVE-2019-16659 | 2019-09-21 | TuziCMS 2.0.6 has index.php/manage/link/do_add CSRF. |
| CVE-2019-16658 | 2019-09-21 | TuziCMS 2.0.6 has index.php/manage/notice/do_add CSRF. |
| CVE-2019-16657 | 2019-09-21 | TuziCMS 2.0.6 has XSS via the PATH_INFO to a group URI, as demonstrated by index.php/article/group/id/2/. |
| CVE-2019-16656 | 2019-09-21 | joyplus-cms 1.6.0 allows remote attackers to execute arbitrary PHP code via /install by placing the code in the name of an object in the database. |
| CVE-2019-16655 | 2019-09-21 | joyplus-cms 1.6.0 allows reinstallation if the install/ URI remains available. |