CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-12241 2019-05-20 2019-05-20
0.0
None ??? ??? ??? ??? ??? ???
The Carts Guru plugin 1.4.5 for WordPress allows Insecure Deserialization via a cartsguru-source cookie to classes/wc-cartsguru-event-handler.php.
2 CVE-2019-12240 2019-05-20 2019-05-20
0.0
None ??? ??? ??? ??? ??? ???
The Virim plugin 0.4 for WordPress allows Insecure Deserialization via s_values, t_values, or c_values in graph.php.
3 CVE-2019-12239 Sql CSRF 2019-05-20 2019-05-20
0.0
None ??? ??? ??? ??? ??? ???
The WP Booking System plugin 1.5.1 for WordPress has no CSRF protection, which allows attackers to reach certain SQL injection issues that require administrative access.
4 CVE-2019-12222 2019-05-20 2019-05-20
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9. There is an out-of-bounds read in the function SDL_InvalidateMap at video/SDL_pixels.c.
5 CVE-2019-12221 2019-05-20 2019-05-20
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a SEGV in the SDL function SDL_free_REAL at stdlib/SDL_malloc.c.
6 CVE-2019-12220 2019-05-20 2019-05-20
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is an out-of-bounds read in the SDL function SDL_FreePalette_REAL at video/SDL_pixels.c.
7 CVE-2019-12219 2019-05-20 2019-05-20
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is an invalid free error in the SDL function SDL_SetError_REAL at SDL_error.c.
8 CVE-2019-12218 2019-05-20 2019-05-20
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL2_image function IMG_LoadPCX_RW at IMG_pcx.c.
9 CVE-2019-12217 2019-05-20 2019-05-20
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL stdio_read function in file/SDL_rwops.c.
10 CVE-2019-12216 Overflow 2019-05-20 2019-05-20
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a heap-based buffer overflow in the SDL2_image function IMG_LoadPCX_RW at IMG_pcx.c.
11 CVE-2019-12215 2019-05-20 2019-05-20
0.0
None ??? ??? ??? ??? ??? ???
** DISPUTED ** A full path disclosure vulnerability was discovered in Matomo v3.9.1 where a user can trigger a particular error to discover the full path of Matomo on the disk, because lastError.file is used in plugins/CorePluginsAdmin/templates/safemode.twig. NOTE: the vendor disputes the significance of this issue, stating "avoid reporting path disclosures, as we don't consider them as security vulnerabilities."
12 CVE-2019-12214 2019-05-20 2019-05-20
0.0
None ??? ??? ??? ??? ??? ???
In FreeImage 3.18.0, an out-of-bounds access occurs because of mishandling of the OpenJPEG j2k_read_ppm_v3 function in j2k.c. The value of l_N_ppm comes from the file read in, and the code does not consider that l_N_ppm may be greater than the size of p_header_data.
13 CVE-2019-12212 DoS 2019-05-20 2019-05-20
0.0
None ??? ??? ??? ??? ??? ???
When FreeImage 3.18.0 reads a special JXR file, the StreamCalcIFDSize function of JXRMeta.c repeatedly calls itself due to improper processing of the file, eventually causing stack exhaustion. An attacker can achieve a remote denial of service attack by sending a specially constructed file.
14 CVE-2019-12198 2019-05-20 2019-05-20
0.0
None ??? ??? ??? ??? ??? ???
In GoHttp through 2017-07-25, there is a stack-based buffer over-read via a long User-Agent header.
15 CVE-2019-12172 Exec Code 2019-05-17 2019-05-17
0.0
None ??? ??? ??? ??? ??? ???
Typora 0.9.9.21.1 (1913) allows arbitrary code execution via a modified file: URL syntax in the HREF attribute of an AREA element, as demonstrated by file:\\\ on macOS or Linux, or file://C| on Windows. This is different from CVE-2019-12137.
16 CVE-2019-12170 Exec Code 2019-05-17 2019-05-17
0.0
None ??? ??? ??? ??? ??? ???
ATutor through 2.2.4 is vulnerable to arbitrary file uploads via the mods/_core/backups/upload.php (aka backup) component. This may result in remote command execution. An attacker can use the instructor account to fully compromise the system using a crafted backup ZIP archive. This will allow for PHP files to be written to the web root, and for code to execute on the remote server.
17 CVE-2019-12168 Exec Code 2019-05-17 2019-05-17
0.0
None ??? ??? ??? ??? ??? ???
Four-Faith Wireless Mobile Router F3x24 v1.0 devices allow remote code execution via the Command Shell (aka Administration > Commands) screen.
18 CVE-2019-12161 2019-05-17 2019-05-17
0.0
None ??? ??? ??? ??? ??? ???
WPO WebPageTest 19.04 allows SSRF because ValidateURL in www/runtest.php does not consider octal encoding of IP addresses (such as 0300.0250 as a replacement for 192.168).
19 CVE-2019-12086 2019-05-17 2019-05-20
0.0
None ??? ??? ??? ??? ??? ???
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java jar (8.0.14 or earlier) in the classpath, and an attacker can host a crafted MySQL server reachable by the victim, an attacker can send a crafted JSON message that allows them to read arbitrary local files on the server. This occurs because of missing com.mysql.cj.jdbc.admin.MiniAdmin validation.
20 CVE-2019-11816 2019-05-20 2019-05-20
0.0
None ??? ??? ??? ??? ??? ???
Incorrect access control in the WebUI in OPNsense before version 19.1.8, and pfsense before 2.4.4-p3 allows remote authenticated users to escalate privileges to administrator via a specially crafted request.
21 CVE-2019-11644 +Priv 2019-05-17 2019-05-17
0.0
None ??? ??? ??? ??? ??? ???
In the F-Secure installer in F-Secure SAFE for Windows before 17.6, F-Secure Internet Security before 17.6, F-Secure Anti-Virus before 17.6, F-Secure Client Security Standard and Premium before 14.10, F-Secure PSB Workstation Security before 12.01, and F-Secure Computer Protection Standard and Premium before 19.3, a local user can escalate their privileges through a DLL hijacking attack against the installer. The installer writes the file rm.exe to C:\Windows\Temp and then executes it. The rm.exe process then attempts to load several DLLs from its current directory. Non-admin users are able to write to this folder, so an attacker can create a malicious C:\Windows\Temp\OLEACC.dll file. When an admin runs the installer, rm.exe will execute the attacker's DLL in an elevated security context.
22 CVE-2019-11336 Exec Code 2019-05-14 2019-05-14
0.0
None ??? ??? ??? ??? ??? ???
Sony Bravia Smart TV devices allow remote attackers to retrieve the static Wi-Fi password (used when the TV is acting as an access point) by using the Photo Sharing Plus application to execute a backdoor API command, a different vulnerability than CVE-2019-10886.
23 CVE-2019-11114 DoS 2019-05-17 2019-05-17
0.0
None ??? ??? ??? ??? ??? ???
Insufficient input validation in Intel(R) Driver & Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable denial of service via local access.
24 CVE-2019-11095 2019-05-17 2019-05-19
0.0
None ??? ??? ??? ??? ??? ???
Insufficient access control in Intel(R) Driver & Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable information disclosure via local access.
25 CVE-2019-11094 DoS 2019-05-17 2019-05-17
0.0
None ??? ??? ??? ??? ??? ???
Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access.
26 CVE-2019-11093 2019-05-17 2019-05-17
0.0
None ??? ??? ??? ??? ??? ???
Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access.
27 CVE-2019-11085 2019-05-17 2019-05-19
0.0
None ??? ??? ??? ??? ??? ???
Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
28 CVE-2019-10912 2019-05-16 2019-05-16
0.0
None ??? ??? ??? ??? ??? ???
In Symfony before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, it is possible to cache objects that may contain bad user input. On serialization or unserialization, this could result in the deletion of files that the current user has access to. This is related to symfony/cache and symfony/phpunit-bridge.
29 CVE-2019-10139 2019-05-17 2019-05-17
0.0
None ??? ??? ??? ??? ??? ???
During HE deployment via cockpit-ovirt, cockpit-ovirt generates an ansible variable file `/var/lib/ovirt-hosted-engine-setup/cockpit/ansibleVarFileXXXXXX.var` which contains the admin and the appliance passwords as plain-text. At the of the deployment procedure, these files are deleted.
30 CVE-2019-10078 XSS 2019-05-20 2019-05-20
0.0
None ??? ??? ??? ??? ??? ???
A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking. Initial reporting indicated ReferredPagesPlugin, but further analysis showed that multiple plugins were vulnerable.
31 CVE-2019-10077 XSS 2019-05-20 2019-05-20
0.0
None ??? ??? ??? ??? ??? ???
A carefully crafted InterWiki link could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking.
32 CVE-2019-10076 XSS 2019-05-20 2019-05-20
0.0
None ??? ??? ??? ??? ??? ???
A carefully crafted malicious attachment could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking.
33 CVE-2019-8404 2019-05-14 2019-05-14
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Webiness Inventory 2.3. The ProductModel component allows Arbitrary File Upload via a crafted product image during the creation of a new product. Consequently, an attacker can steal information from the site with the help of an installed executable file, or change the contents of pages.
34 CVE-2019-8352 Exec Code 2019-05-20 2019-05-20
0.0
None ??? ??? ??? ??? ??? ???
By default, BMC PATROL Agent through 11.3.01 uses a static encryption key for encrypting/decrypting user credentials sent over the network to managed PATROL Agent services. If an attacker were able to capture this network traffic, they could decrypt these credentials and use them to execute code or escalate privileges on the network.
35 CVE-2019-8339 Bypass 2019-05-17 2019-05-20
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Sysdig through 0.24.2, as used in Falco through 0.14.0 and other products. A bypass allows local users to run malicious code without being detected because record_event_consumer in driver/main.c in sysdig-probe.ko (and falco-probe.ko) mishandles a free space calculation.
36 CVE-2019-8338 2019-05-16 2019-05-16
0.0
None ??? ??? ??? ??? ??? ???
The signature verification routine in the Airmail GPG-PGP Plugin, versions 1.0 (9) and earlier, does not verify the status of the signature at all, which allows remote attackers to spoof arbitrary email signatures by crafting a signed email with an invalid signature. Also, it does not verify the validity of the signing key, which allows remote attackers to spoof arbitrary email signatures by crafting a key with a fake user ID (email address) and injecting it into the user's keyring.
37 CVE-2019-6780 2019-01-24 2019-01-24
0.0
None ??? ??? ??? ??? ??? ???
The Wise Chat plugin before 2.7 for WordPress mishandles external links because rendering/filters/post/WiseChatLinksPostFilter.php omits noopener and noreferrer.
38 CVE-2019-6779 CSRF 2019-01-24 2019-01-24
0.0
None ??? ??? ??? ??? ??? ???
Cscms 4.1.8 allows admin.php/links/save CSRF to add, modify, or delete friend links.
39 CVE-2019-6719 2019-01-23 2019-01-23
0.0
None ??? ??? ??? ??? ??? ???
An issue has been found in libIEC61850 v1.3.1. There is a use-after-free in the getState function in mms/iso_server/iso_server.c, as demonstrated by examples/server_example_goose/server_example_goose.c and examples/server_example_61400_25/server_example_61400_25.c.
40 CVE-2019-6691 Sql 2019-01-23 2019-01-23
0.0
None ??? ??? ??? ??? ??? ???
phpwind 9.0.2.170426 UTF8 allows SQL Injection via the admin.php?m=backup&c=backup&a=doback tabledb[] parameter, related to the "--backup database" option.
41 CVE-2019-6578 DoS 2019-05-14 2019-05-15
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability has been identified in SINAMICS PERFECT HARMONY GH180 with NXG I control, MLFBs: 6SR2...-, 6SR3...-, 6SR4...- (All Versions with option G28), SINAMICS PERFECT HARMONY GH180 with NXG II control, MLFBs: 6SR2...-, 6SR3...-, 6SR4...- (All Versions with option G28). A denial of service vulnerability exists in the affected products. The vulnerability could be exploited by an attacker with network access to the device. Successful exploitation requires no privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.
42 CVE-2019-6574 2019-05-14 2019-05-14
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability has been identified in SINAMICS PERFECT HARMONY GH180 with NXG I control, MLFBs: 6SR2...-, 6SR3...-, 6SR4...- (All Versions with option G21, G22, G23, G26, G28, G31, G32, G38, G43 or G46), SINAMICS PERFECT HARMONY GH180 with NXG II control, MLFBs: 6SR2...-, 6SR3...-, 6SR4...- (All Versions with option G21, G22, G23, G26, G28, G31, G32, G38, G43 or G46). An improperly configured Parameter Read/Write execution via Field bus network may cause the controller to restart. The vulnerability could be exploited by an attacker with network access to the device. Successful exploitation requires no privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.
43 CVE-2019-6503 Exec Code 2019-01-22 2019-01-22
0.0
None ??? ??? ??? ??? ??? ???
There is a deserialization vulnerability in Chatopera cosin v3.10.0. An attacker can execute commands during server-side deserialization by uploading maliciously constructed files. This is related to the TemplateController.java impsave method and the MainUtils toObject method.
44 CVE-2019-6500 Dir. Trav. 2019-01-21 2019-01-21
0.0
None ??? ??? ??? ??? ??? ???
In Axway File Transfer Direct 2.7.1, an unauthenticated Directory Traversal vulnerability can be exploited by issuing a specially crafted HTTP GET request with %2e instead of '.' characters, as demonstrated by an initial /h2hdocumentation//%2e%2e/ substring.
45 CVE-2019-6499 2019-01-21 2019-01-21
0.0
None ??? ??? ??? ??? ??? ???
Teradata Viewpoint before 14.0 and 16.20.00.02-b80 contains a hardcoded password of TDv1i2e3w4 for the viewpoint database account (in viewpoint-portal\conf\server.xml) that could potentially be exploited by malicious users to compromise the affected system.
46 CVE-2019-6496 DoS Exec Code Overflow 2019-01-20 2019-01-20
0.0
None ??? ??? ??? ??? ??? ???
The ThreadX-based firmware on Marvell Avastar Wi-Fi devices allows remote attackers to execute arbitrary code or cause a denial of service (block pool overflow) via malformed Wi-Fi packets during identification of available Wi-Fi networks. Exploitation of the Wi-Fi device can lead to exploitation of the host application processor in some cases, but this depends on several factors including host OS hardening and the availability of DMA.
47 CVE-2019-6488 2019-01-18 2019-01-23
0.0
None ??? ??? ??? ??? ??? ???
The string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which can lead to a segmentation fault or possibly unspecified other impact, as demonstrated by a crash in __memmove_avx_unaligned_erms in sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S during a memcpy.
48 CVE-2019-6487 Exec Code 2019-01-18 2019-01-18
0.0
None ??? ??? ??? ??? ??? ???
TP-Link WDR Series devices through firmware v3 (such as TL-WDR5620 V3.0) are affected by command injection (after login) leading to remote code execution, because shell metacharacters can be included in the weather get_weather_observe citycode field.
49 CVE-2019-6447 2019-01-16 2019-01-16
0.0
None ??? ??? ??? ??? ??? ???
The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network. This TCP port remains open after the ES application has been launched once, and responds to unauthenticated application/json data over HTTP.
50 CVE-2019-6440 2019-01-15 2019-01-15
0.0
None ??? ??? ??? ??? ??? ???
Zemana AntiMalware before 3.0.658 Beta mishandles update logic.
Total number of vulnerabilities : 986   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.