CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 10 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-1010298 119 Exec Code Overflow 2019-07-15 2019-07-16
10.0
None Remote Low Not required Complete Complete Complete
Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Code execution in the context of TEE core (kernel). The component is: optee_os. The fixed version is: 3.4.0 and later.
2 CVE-2019-1010297 119 Exec Code Overflow 2019-07-15 2019-07-16
10.0
None Remote Low Not required Complete Complete Complete
Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Execution of code in TEE core (kernel) context. The component is: optee_os. The fixed version is: 3.4.0 and later.
3 CVE-2019-1010296 119 Exec Code Overflow 2019-07-15 2019-07-16
10.0
None Remote Low Not required Complete Complete Complete
Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Code execution in context of TEE core (kernel). The component is: optee_os. The fixed version is: 3.4.0 and later.
4 CVE-2019-1010200 78 Exec Code 2019-07-23 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
Voice Builder Prior to commit c145d4604df67e6fc625992412eef0bf9a85e26b and f6660e6d8f0d1d931359d591dbdec580fef36d36 is affected by: CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'). The impact is: Remote code execution with the same privileges as the servers. The component is: Two web servers in the projects expose three vulnerable endpoints that can be accessed remotely. The endpoints are defined at: - /tts: https://github.com/google/voice-builder/blob/3a449a3e8d5100ff323161c89b897f6d5ccdb6f9/merlin_model_server/api.js#L34 - /alignment: https://github.com/google/voice-builder/blob/3a449a3e8d5100ff323161c89b897f6d5ccdb6f9/festival_model_server/api.js#L28 - /tts: https://github.com/google/voice-builder/blob/3a449a3e8d5100ff323161c89b897f6d5ccdb6f9/festival_model_server/api.js#L65. The attack vector is: Attacker sends a GET request to the vulnerable endpoint with a specially formatted query parameter. The fixed version is: After commit f6660e6d8f0d1d931359d591dbdec580fef36d36.
5 CVE-2019-17600 352 2019-10-15 2019-10-15
10.0
None Remote Low Not required Complete Complete Complete
Intelbras IWR 1000N 1.6.4 devices allows disclosure of the administrator login name and password because v1/system/user is mishandled.
6 CVE-2019-17510 78 Exec Code 2019-10-11 2019-10-15
10.0
None Remote Low Not required Complete Complete Complete
D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary OS commands as root by leveraging admin access and sending a /HNAP1/ request for SetWizardConfig with shell metacharacters to /squashfs-root/www/HNAP1/control/SetWizardConfig.php.
7 CVE-2019-17509 78 Exec Code 2019-10-11 2019-10-15
10.0
None Remote Low Not required Complete Complete Complete
D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary OS commands as root by leveraging admin access and sending a /HNAP1/ request for SetMasterWLanSettings with shell metacharacters to /squashfs-root/www/HNAP1/control/SetMasterWLanSettings.php.
8 CVE-2019-17269 78 Exec Code 2019-10-06 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
Intellian Remote Access 3.18 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the Ping Test field.
9 CVE-2019-17124 276 2019-10-09 2019-10-15
10.0
None Remote Low Not required Complete Complete Complete
Kramer VIAware 2.5.0719.1034 has Incorrect Access Control.
10 CVE-2019-16920 78 Exec Code 2019-09-27 2019-10-10
10.0
None Remote Low Not required Complete Complete Complete
Unauthenticated remote code execution occurs in D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565. The issue occurs when the attacker sends an arbitrary input to a "PingTest" device common gateway interface that could lead to common injection. An attacker who successfully triggers the command injection could achieve full system compromise. Later, it was independently found that these are also affected: DIR-855L, DAP-1533, DIR-862L, DIR-615, DIR-835, and DIR-825.
11 CVE-2019-16057 78 2019-09-16 2019-09-16
10.0
None Remote Low Not required Complete Complete Complete
The login_mgr.cgi script in D-Link DNS-320 through 2.05.B10 is vulnerable to remote command injection.
12 CVE-2019-15940 306 2019-10-01 2019-10-04
10.0
None Remote Low Not required Complete Complete Complete
Victure PC530 devices allow unauthenticated TELNET access as root.
13 CVE-2019-15859 522 2019-10-09 2019-10-10
10.0
None Remote Low Not required Complete Complete Complete
Password disclosure in the web interface on socomec DIRIS A-40 devices before 48250501 allows a remote attacker to get full access to a device via the /password.jsn URI.
14 CVE-2019-15846 119 Exec Code Overflow 2019-09-06 2019-09-06
10.0
None Remote Low Not required Complete Complete Complete
Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash.
15 CVE-2019-15751 434 Exec Code 2019-10-07 2019-10-08
10.0
None Remote Low Not required Complete Complete Complete
An unrestricted file upload vulnerability in SITOS six Build v6.2.1 allows remote attackers to execute arbitrary code by uploading a SCORM file with an executable extension. This allows an unauthenticated attacker to upload a malicious file (containing PHP code to execute operating system commands) to the web root of the application.
16 CVE-2019-15746 74 Exec Code 2019-10-07 2019-10-08
10.0
None Remote Low Not required Complete Complete Complete
SITOS six Build v6.2.1 allows an attacker to inject arbitrary PHP commands. As a result, an attacker can compromise the running server and execute system commands in the context of the web user.
17 CVE-2019-15519 22 Dir. Trav. 2019-08-23 2019-08-30
10.0
None Remote Low Not required Complete Complete Complete
Power-Response before 2019-02-02 allows directory traversal (up to the application's main directory) via a plugin.
18 CVE-2019-15505 125 2019-08-23 2019-09-04
10.0
None Remote Low Not required Complete Complete Complete
drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir).
19 CVE-2019-15504 415 2019-08-23 2019-09-04
10.0
None Remote Low Not required Complete Complete Complete
drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2.9 has a Double Free via crafted USB device traffic (which may be remote via usbip or usbredir).
20 CVE-2019-15503 78 Exec Code 2019-08-26 2019-08-30
10.0
None Remote Low Not required Complete Complete Complete
cgi-cpn/xcoding/prontus_videocut.cgi in AltaVoz Prontus (aka ProntusCMS) through 12.0.3.0 has "Improper Neutralization of Special Elements used in an OS Command," allowing attackers to execute OS commands via an HTTP GET parameter.
21 CVE-2019-15497 798 2019-08-26 2019-09-04
10.0
None Remote Low Not required Complete Complete Complete
Black Box iCOMPEL 9.2.3 through 11.1.4, as used in ONELAN Net-Top-Box 9.2.3 through 11.1.4 and other products, has default credentials that allow remote attackers to access devices remotely via SSH, HTTP, HTTPS, and FTP.
22 CVE-2019-15292 416 2019-08-21 2019-09-02
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalk_proc_exit, related to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and net/appletalk/sysctl_net_atalk.c.
23 CVE-2019-15130 434 2019-08-18 2019-08-30
10.0
None Remote Low Not required Complete Complete Complete
The Recruitment module in Humanica Humatrix 7 1.0.0.203 and 1.0.0.681 allows an unauthenticated attacker to upload any file type to a candidate's profile picture folder via a crafted recruitment_online/personalData/act_personaltab.cfm multiple-part POST request with a predictable WRC01_USERID parameter. Moreover, the attacker can upload executable content (e.g., asp or aspx) for executing OS commands on the server.
24 CVE-2019-15107 77 2019-08-15 2019-09-16
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability.
25 CVE-2019-15068 287 2019-09-25 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
A broken access control vulnerability in Smart Battery A4, a multifunctional portable charger, firmware version ?<= r1.7.9 allows an attacker to get/reset administrator’s password without any authentication.
26 CVE-2019-15067 287 +Priv Bypass 2019-09-25 2019-10-01
10.0
None Remote Low Not required Complete Complete Complete
An authentication bypass vulnerability discovered in Smart Battery A2-25DE, a multifunctional portable charger, firmware version ?<= SECFS-2013-10-16-13:42:58-629c30ee-60c68be6. An attacker can bypass authentication and gain privilege by modifying the login page.
27 CVE-2019-15027 77 Exec Code 2019-08-14 2019-08-27
10.0
None Remote Low Not required Complete Complete Complete
The MediaTek Embedded Multimedia Card (eMMC) subsystem for Android on MT65xx, MT66xx, and MT8163 SoC devices allows attackers to execute arbitrary commands as root via shell metacharacters in a filename under /data, because clear_emmc_nomedia_entry in platform/mt6577/external/meta/emmc/meta_clr_emmc.c invokes 'system("/system/bin/rm -r /data/' followed by this filename upon an eMMC clearance from a Meta Mode boot. NOTE: compromise of Fire OS on the Amazon Echo Dot would require a second hypothetical vulnerability that allows creation of the required file under /data.
28 CVE-2019-14699 78 Exec Code 2019-08-06 2019-08-13
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker can exploit OS Command Injection in the filename parameter for remote code execution as root. This occurs in the Mainproc executable file, which can be run from the HTTPD web server.
29 CVE-2019-14527 78 Exec Code 2019-08-14 2019-08-27
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on NETGEAR Nighthawk M1 (MR1100) devices before 12.06.03. System commands can be executed, via the web interface, after authentication.
30 CVE-2019-14363 119 Exec Code Overflow 2019-07-28 2019-08-05
10.0
None Remote Low Not required Complete Complete Complete
A stack-based buffer overflow in the upnpd binary running on NETGEAR WNDR3400v3 routers with firmware version 1.0.1.18_1.0.63 allows an attacker to remotely execute arbitrary code via a crafted UPnP SSDP packet.
31 CVE-2019-14313 89 Exec Code Sql 2019-07-30 2019-08-13
10.0
None Remote Low Not required Complete Complete Complete
A SQL injection vulnerability exists in the 10Web Photo Gallery plugin before 1.5.31 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via filemanager/model.php.
32 CVE-2019-13917 19 Exec Code 2019-07-25 2019-09-06
10.0
None Remote Low Not required Complete Complete Complete
Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain).
33 CVE-2019-13624 19 2019-07-16 2019-07-19
10.0
None Remote Low Not required Complete Complete Complete
In ONOS 1.15.0, apps/yang/web/src/main/java/org/onosproject/yang/web/YangWebResource.java mishandles backquote characters within strings that can be used in a shell command.
34 CVE-2019-13598 78 Exec Code 2019-07-14 2019-07-15
10.0
None Remote Low Not required Complete Complete Complete
LuaUPnP in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users to execute arbitrary OS commands via the code parameter to /port_3480/data_request because the "No unsafe lua allowed" code block is skipped.
35 CVE-2019-13573 89 Exec Code Sql 2019-07-17 2019-07-31
10.0
None Remote Low Not required Complete Complete Complete
A SQL injection vulnerability exists in the FolioVision FV Flowplayer Video Player plugin before 7.3.19.727 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system.
36 CVE-2019-13569 89 Exec Code Sql 2019-07-19 2019-07-31
10.0
None Remote Low Not required Complete Complete Complete
A SQL injection vulnerability exists in the Icegram Email Subscribers & Newsletters plugin through 4.1.7 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system.
37 CVE-2019-13561 77 Exec Code 2019-07-11 2019-07-12
10.0
None Remote Low Not required Complete Complete Complete
D-Link DIR-655 C devices before 3.02B05 BETA03 allow remote attackers to execute arbitrary commands via shell metacharacters in the online_firmware_check.cgi check_fw_url parameter.
38 CVE-2019-13473 798 2019-09-11 2019-09-13
10.0
None Remote Low Not required Complete Complete Complete
TELESTAR Bobs Rock Radio, Dabman D10, Dabman i30 Stereo, Imperial i110, Imperial i150, Imperial i200, Imperial i200-cd, Imperial i400, Imperial i450, Imperial i500-bt, and Imperial i600 TN81HH96-g102h-g102 devices have an undocumented TELNET service within the BusyBox subsystem, leading to root access.
39 CVE-2019-13447 89 Sql 2019-07-17 2019-07-18
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered in Sertek Xpare 3.67. The login form does not sanitize input data. Because of this, a malicious agent could access the backend database via SQL injection.
40 CVE-2019-13405 284 2019-08-28 2019-09-05
10.0
None Remote Low Not required Complete Complete Complete
A broken access control vulnerability found in Advan VD-1 firmware version 230 leads to insecure ADB service. An attacker can send a POST request to cgibin/AdbSetting.cgi to enable ADB without any authentication then take the compromised device as a relay or to install mining software.
41 CVE-2019-13352 798 2019-07-05 2019-07-15
10.0
None Remote Low Not required Complete Complete Complete
WolfVision Cynap before 1.30j uses a static, hard-coded cryptographic secret for generating support PINs for the 'forgot password' feature. By knowing this static secret and the corresponding algorithm for calculating support PINs, an attacker can reset the ADMIN password and thus gain remote access.
42 CVE-2019-13294 284 Exec Code 2019-07-04 2019-07-10
10.0
None Remote Low Not required Complete Complete Complete
AROX School-ERP Pro has a command execution vulnerability. import_stud.php and upload_fille.php do not have session control. Therefore an unauthenticated user can execute a command on the system.
43 CVE-2019-13278 77 2019-07-10 2019-07-16
10.0
None Remote Low Not required Complete Complete Complete
TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains multiple command injections when processing user input for the setup wizard, allowing an unauthenticated user to run arbitrary commands on the device. The vulnerability can be exercised on the local intranet or remotely if remote administration is enabled.
44 CVE-2019-12990 22 Dir. Trav. 2019-07-16 2019-07-17
10.0
None Remote Low Not required Complete Complete Complete
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow Directory Traversal.
45 CVE-2019-12988 77 2019-07-16 2019-07-17
10.0
None Remote Low Not required Complete Complete Complete
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 4 of 6).
46 CVE-2019-12987 77 2019-07-16 2019-07-17
10.0
None Remote Low Not required Complete Complete Complete
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 3 of 6).
47 CVE-2019-12986 77 2019-07-16 2019-07-17
10.0
None Remote Low Not required Complete Complete Complete
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 2 of 6).
48 CVE-2019-12985 77 2019-07-16 2019-07-17
10.0
None Remote Low Not required Complete Complete Complete
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 1 of 6).
49 CVE-2019-12971 434 2019-07-05 2019-07-15
10.0
None Remote Low Not required Complete Complete Complete
BKS EBK Ethernet-Buskoppler Pro before 3.01 allows Unrestricted Upload of a File with a Dangerous Type.
50 CVE-2019-12929 78 DoS Exec Code 2019-06-24 2019-07-02
10.0
None Remote Low Not required Complete Complete Complete
** DISPUTED ** The QMP guest_exec command in QEMU 4.0.0 and earlier is prone to OS command injection, which allows the attacker to achieve code execution, denial of service, or information disclosure by sending a crafted QMP command to the listening server. Note: This has been disputed as a non-issue since QEMU's -qmp interface is meant to be used by trusted users. If one is able to access this interface via a tcp socket open to the internet, then it is an insecure configuration issue.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.