# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2019-1010298 |
119 |
|
Exec Code Overflow |
2019-07-15 |
2019-07-16 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Code execution in the context of TEE core (kernel). The component is: optee_os. The fixed version is: 3.4.0 and later. |
2 |
CVE-2019-1010297 |
119 |
|
Exec Code Overflow |
2019-07-15 |
2019-07-16 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Execution of code in TEE core (kernel) context. The component is: optee_os. The fixed version is: 3.4.0 and later. |
3 |
CVE-2019-1010296 |
119 |
|
Exec Code Overflow |
2019-07-15 |
2019-07-16 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Code execution in context of TEE core (kernel). The component is: optee_os. The fixed version is: 3.4.0 and later. |
4 |
CVE-2019-1010200 |
78 |
|
Exec Code |
2019-07-23 |
2019-10-09 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Voice Builder Prior to commit c145d4604df67e6fc625992412eef0bf9a85e26b and f6660e6d8f0d1d931359d591dbdec580fef36d36 is affected by: CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'). The impact is: Remote code execution with the same privileges as the servers. The component is: Two web servers in the projects expose three vulnerable endpoints that can be accessed remotely. The endpoints are defined at: - /tts: https://github.com/google/voice-builder/blob/3a449a3e8d5100ff323161c89b897f6d5ccdb6f9/merlin_model_server/api.js#L34 - /alignment: https://github.com/google/voice-builder/blob/3a449a3e8d5100ff323161c89b897f6d5ccdb6f9/festival_model_server/api.js#L28 - /tts: https://github.com/google/voice-builder/blob/3a449a3e8d5100ff323161c89b897f6d5ccdb6f9/festival_model_server/api.js#L65. The attack vector is: Attacker sends a GET request to the vulnerable endpoint with a specially formatted query parameter. The fixed version is: After commit f6660e6d8f0d1d931359d591dbdec580fef36d36. |
5 |
CVE-2019-17600 |
352 |
|
|
2019-10-15 |
2019-10-15 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Intelbras IWR 1000N 1.6.4 devices allows disclosure of the administrator login name and password because v1/system/user is mishandled. |
6 |
CVE-2019-17510 |
78 |
|
Exec Code |
2019-10-11 |
2019-10-15 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary OS commands as root by leveraging admin access and sending a /HNAP1/ request for SetWizardConfig with shell metacharacters to /squashfs-root/www/HNAP1/control/SetWizardConfig.php. |
7 |
CVE-2019-17509 |
78 |
|
Exec Code |
2019-10-11 |
2019-10-15 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary OS commands as root by leveraging admin access and sending a /HNAP1/ request for SetMasterWLanSettings with shell metacharacters to /squashfs-root/www/HNAP1/control/SetMasterWLanSettings.php. |
8 |
CVE-2019-17269 |
78 |
|
Exec Code |
2019-10-06 |
2019-10-09 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Intellian Remote Access 3.18 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the Ping Test field. |
9 |
CVE-2019-17124 |
276 |
|
|
2019-10-09 |
2019-10-15 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Kramer VIAware 2.5.0719.1034 has Incorrect Access Control. |
10 |
CVE-2019-16920 |
78 |
|
Exec Code |
2019-09-27 |
2019-10-10 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Unauthenticated remote code execution occurs in D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565. The issue occurs when the attacker sends an arbitrary input to a "PingTest" device common gateway interface that could lead to common injection. An attacker who successfully triggers the command injection could achieve full system compromise. Later, it was independently found that these are also affected: DIR-855L, DAP-1533, DIR-862L, DIR-615, DIR-835, and DIR-825. |
11 |
CVE-2019-16057 |
78 |
|
|
2019-09-16 |
2019-09-16 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
The login_mgr.cgi script in D-Link DNS-320 through 2.05.B10 is vulnerable to remote command injection. |
12 |
CVE-2019-15940 |
306 |
|
|
2019-10-01 |
2019-10-04 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Victure PC530 devices allow unauthenticated TELNET access as root. |
13 |
CVE-2019-15859 |
522 |
|
|
2019-10-09 |
2019-10-10 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Password disclosure in the web interface on socomec DIRIS A-40 devices before 48250501 allows a remote attacker to get full access to a device via the /password.jsn URI. |
14 |
CVE-2019-15846 |
119 |
|
Exec Code Overflow |
2019-09-06 |
2019-09-06 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash. |
15 |
CVE-2019-15751 |
434 |
|
Exec Code |
2019-10-07 |
2019-10-08 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
An unrestricted file upload vulnerability in SITOS six Build v6.2.1 allows remote attackers to execute arbitrary code by uploading a SCORM file with an executable extension. This allows an unauthenticated attacker to upload a malicious file (containing PHP code to execute operating system commands) to the web root of the application. |
16 |
CVE-2019-15746 |
74 |
|
Exec Code |
2019-10-07 |
2019-10-08 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
SITOS six Build v6.2.1 allows an attacker to inject arbitrary PHP commands. As a result, an attacker can compromise the running server and execute system commands in the context of the web user. |
17 |
CVE-2019-15519 |
22 |
|
Dir. Trav. |
2019-08-23 |
2019-08-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Power-Response before 2019-02-02 allows directory traversal (up to the application's main directory) via a plugin. |
18 |
CVE-2019-15505 |
125 |
|
|
2019-08-23 |
2019-09-04 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir). |
19 |
CVE-2019-15504 |
415 |
|
|
2019-08-23 |
2019-09-04 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2.9 has a Double Free via crafted USB device traffic (which may be remote via usbip or usbredir). |
20 |
CVE-2019-15503 |
78 |
|
Exec Code |
2019-08-26 |
2019-08-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
cgi-cpn/xcoding/prontus_videocut.cgi in AltaVoz Prontus (aka ProntusCMS) through 12.0.3.0 has "Improper Neutralization of Special Elements used in an OS Command," allowing attackers to execute OS commands via an HTTP GET parameter. |
21 |
CVE-2019-15497 |
798 |
|
|
2019-08-26 |
2019-09-04 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Black Box iCOMPEL 9.2.3 through 11.1.4, as used in ONELAN Net-Top-Box 9.2.3 through 11.1.4 and other products, has default credentials that allow remote attackers to access devices remotely via SSH, HTTP, HTTPS, and FTP. |
22 |
CVE-2019-15292 |
416 |
|
|
2019-08-21 |
2019-09-02 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalk_proc_exit, related to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and net/appletalk/sysctl_net_atalk.c. |
23 |
CVE-2019-15130 |
434 |
|
|
2019-08-18 |
2019-08-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
The Recruitment module in Humanica Humatrix 7 1.0.0.203 and 1.0.0.681 allows an unauthenticated attacker to upload any file type to a candidate's profile picture folder via a crafted recruitment_online/personalData/act_personaltab.cfm multiple-part POST request with a predictable WRC01_USERID parameter. Moreover, the attacker can upload executable content (e.g., asp or aspx) for executing OS commands on the server. |
24 |
CVE-2019-15107 |
77 |
|
|
2019-08-15 |
2019-09-16 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability. |
25 |
CVE-2019-15068 |
287 |
|
|
2019-09-25 |
2019-10-09 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
A broken access control vulnerability in Smart Battery A4, a multifunctional portable charger, firmware version ?<= r1.7.9 allows an attacker to get/reset administrator’s password without any authentication. |
26 |
CVE-2019-15067 |
287 |
|
+Priv Bypass |
2019-09-25 |
2019-10-01 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
An authentication bypass vulnerability discovered in Smart Battery A2-25DE, a multifunctional portable charger, firmware version ?<= SECFS-2013-10-16-13:42:58-629c30ee-60c68be6. An attacker can bypass authentication and gain privilege by modifying the login page. |
27 |
CVE-2019-15027 |
77 |
|
Exec Code |
2019-08-14 |
2019-08-27 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
The MediaTek Embedded Multimedia Card (eMMC) subsystem for Android on MT65xx, MT66xx, and MT8163 SoC devices allows attackers to execute arbitrary commands as root via shell metacharacters in a filename under /data, because clear_emmc_nomedia_entry in platform/mt6577/external/meta/emmc/meta_clr_emmc.c invokes 'system("/system/bin/rm -r /data/' followed by this filename upon an eMMC clearance from a Meta Mode boot. NOTE: compromise of Fire OS on the Amazon Echo Dot would require a second hypothetical vulnerability that allows creation of the required file under /data. |
28 |
CVE-2019-14699 |
78 |
|
Exec Code |
2019-08-06 |
2019-08-13 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker can exploit OS Command Injection in the filename parameter for remote code execution as root. This occurs in the Mainproc executable file, which can be run from the HTTPD web server. |
29 |
CVE-2019-14527 |
78 |
|
Exec Code |
2019-08-14 |
2019-08-27 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
An issue was discovered on NETGEAR Nighthawk M1 (MR1100) devices before 12.06.03. System commands can be executed, via the web interface, after authentication. |
30 |
CVE-2019-14363 |
119 |
|
Exec Code Overflow |
2019-07-28 |
2019-08-05 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
A stack-based buffer overflow in the upnpd binary running on NETGEAR WNDR3400v3 routers with firmware version 1.0.1.18_1.0.63 allows an attacker to remotely execute arbitrary code via a crafted UPnP SSDP packet. |
31 |
CVE-2019-14313 |
89 |
|
Exec Code Sql |
2019-07-30 |
2019-08-13 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
A SQL injection vulnerability exists in the 10Web Photo Gallery plugin before 1.5.31 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via filemanager/model.php. |
32 |
CVE-2019-13917 |
19 |
|
Exec Code |
2019-07-25 |
2019-09-06 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain). |
33 |
CVE-2019-13624 |
19 |
|
|
2019-07-16 |
2019-07-19 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
In ONOS 1.15.0, apps/yang/web/src/main/java/org/onosproject/yang/web/YangWebResource.java mishandles backquote characters within strings that can be used in a shell command. |
34 |
CVE-2019-13598 |
78 |
|
Exec Code |
2019-07-14 |
2019-07-15 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
LuaUPnP in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users to execute arbitrary OS commands via the code parameter to /port_3480/data_request because the "No unsafe lua allowed" code block is skipped. |
35 |
CVE-2019-13573 |
89 |
|
Exec Code Sql |
2019-07-17 |
2019-07-31 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
A SQL injection vulnerability exists in the FolioVision FV Flowplayer Video Player plugin before 7.3.19.727 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system. |
36 |
CVE-2019-13569 |
89 |
|
Exec Code Sql |
2019-07-19 |
2019-07-31 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
A SQL injection vulnerability exists in the Icegram Email Subscribers & Newsletters plugin through 4.1.7 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system. |
37 |
CVE-2019-13561 |
77 |
|
Exec Code |
2019-07-11 |
2019-07-12 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
D-Link DIR-655 C devices before 3.02B05 BETA03 allow remote attackers to execute arbitrary commands via shell metacharacters in the online_firmware_check.cgi check_fw_url parameter. |
38 |
CVE-2019-13473 |
798 |
|
|
2019-09-11 |
2019-09-13 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
TELESTAR Bobs Rock Radio, Dabman D10, Dabman i30 Stereo, Imperial i110, Imperial i150, Imperial i200, Imperial i200-cd, Imperial i400, Imperial i450, Imperial i500-bt, and Imperial i600 TN81HH96-g102h-g102 devices have an undocumented TELNET service within the BusyBox subsystem, leading to root access. |
39 |
CVE-2019-13447 |
89 |
|
Sql |
2019-07-17 |
2019-07-18 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in Sertek Xpare 3.67. The login form does not sanitize input data. Because of this, a malicious agent could access the backend database via SQL injection. |
40 |
CVE-2019-13405 |
284 |
|
|
2019-08-28 |
2019-09-05 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
A broken access control vulnerability found in Advan VD-1 firmware version 230 leads to insecure ADB service. An attacker can send a POST request to cgibin/AdbSetting.cgi to enable ADB without any authentication then take the compromised device as a relay or to install mining software. |
41 |
CVE-2019-13352 |
798 |
|
|
2019-07-05 |
2019-07-15 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
WolfVision Cynap before 1.30j uses a static, hard-coded cryptographic secret for generating support PINs for the 'forgot password' feature. By knowing this static secret and the corresponding algorithm for calculating support PINs, an attacker can reset the ADMIN password and thus gain remote access. |
42 |
CVE-2019-13294 |
284 |
|
Exec Code |
2019-07-04 |
2019-07-10 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
AROX School-ERP Pro has a command execution vulnerability. import_stud.php and upload_fille.php do not have session control. Therefore an unauthenticated user can execute a command on the system. |
43 |
CVE-2019-13278 |
77 |
|
|
2019-07-10 |
2019-07-16 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains multiple command injections when processing user input for the setup wizard, allowing an unauthenticated user to run arbitrary commands on the device. The vulnerability can be exercised on the local intranet or remotely if remote administration is enabled. |
44 |
CVE-2019-12990 |
22 |
|
Dir. Trav. |
2019-07-16 |
2019-07-17 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow Directory Traversal. |
45 |
CVE-2019-12988 |
77 |
|
|
2019-07-16 |
2019-07-17 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 4 of 6). |
46 |
CVE-2019-12987 |
77 |
|
|
2019-07-16 |
2019-07-17 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 3 of 6). |
47 |
CVE-2019-12986 |
77 |
|
|
2019-07-16 |
2019-07-17 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 2 of 6). |
48 |
CVE-2019-12985 |
77 |
|
|
2019-07-16 |
2019-07-17 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 1 of 6). |
49 |
CVE-2019-12971 |
434 |
|
|
2019-07-05 |
2019-07-15 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
BKS EBK Ethernet-Buskoppler Pro before 3.01 allows Unrestricted Upload of a File with a Dangerous Type. |
50 |
CVE-2019-12929 |
78 |
|
DoS Exec Code |
2019-06-24 |
2019-07-02 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
** DISPUTED ** The QMP guest_exec command in QEMU 4.0.0 and earlier is prone to OS command injection, which allows the attacker to achieve code execution, denial of service, or information disclosure by sending a crafted QMP command to the listening server. Note: This has been disputed as a non-issue since QEMU's -qmp interface is meant to be used by trusted users. If one is able to access this interface via a tcp socket open to the internet, then it is an insecure configuration issue. |