CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 2 and 3.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-1020014 415 2019-07-29 2019-08-19
2.1
None Local Low Not required Partial None None
docker-credential-helpers before 0.6.3 has a double free in the List functions.
2 CVE-2019-1020007 79 XSS 2019-07-29 2019-07-30
3.5
None Remote Medium Single system None Partial None
Dependency-Track before 3.5.1 allows XSS.
3 CVE-2019-1020005 79 XSS 2019-07-29 2019-08-01
3.5
None Remote Medium Single system None Partial None
invenio-communities before 1.0.0a20 allows XSS.
4 CVE-2019-1020003 79 XSS 2019-07-29 2019-08-01
3.5
None Remote Medium Single system None Partial None
invenio-records before 1.2.2 allows XSS.
5 CVE-2019-1010310 255 2019-07-12 2019-07-18
3.5
None Remote Medium Single system None Partial None
GLPI GLPI Product 9.3.1 is affected by: Frame and Form tags Injection allowing admins to phish users by putting code in reminder description. The impact is: Admins can phish any user or group of users for credentials / credit cards. The component is: Tools > Reminder > Description .. Set the description to any iframe/form tags and apply. The attack vector is: The attacker puts a login form, the user fills it and clicks on submit .. the request is sent to the attacker domain saving the data. The fixed version is: 9.4.1.
6 CVE-2019-1010307 79 XSS 2019-07-15 2019-07-18
3.5
None Remote Medium Single system None Partial None
GLPI GLPI Product 9.3.1 is affected by: Cross Site Scripting (XSS). The impact is: All dropdown values are vulnerable to XSS leading to privilege escalation and executing js on admin. The component is: /glpi/ajax/getDropDownValue.php. The attack vector is: 1- User Create a ticket , 2- Admin opens another ticket and click on the "Link Tickets" feature, 3- a request to the endpoint fetches js and executes it.
7 CVE-2019-1010235 79 XSS 2019-07-22 2019-07-23
3.5
None Remote Medium Single system None Partial None
Frog CMS 1.1 is affected by: Cross Site Scripting (XSS). The impact is: Cookie stealing, Alert pop-up on page, Redirecting to another phishing site, Executing browser exploits. The component is: Snippets.
8 CVE-2019-1010208 119 Exec Code Overflow 2019-07-23 2019-08-05
2.1
None Local Low Not required Partial None None
IDRIX, Truecrypt Veracrypt, Truecrypt Prior to 1.23-Hotfix-1 (Veracrypt), all versions (Truecrypt) is affected by: Buffer Overflow. The impact is: Minor information disclosure of kernel stack. The component is: Veracrypt NT Driver (veracrypt.sys). The attack vector is: Locally executed code, IOCTL request to driver. The fixed version is: 1.23-Hotfix-1.
9 CVE-2019-1010147 79 XSS 2019-07-25 2019-08-05
3.5
None Remote Medium Single system None Partial None
Yellowfin Smart Reporting All Versions Prior to 7.3 is affected by: Incorrect Access Control - Privileges Escalation. The impact is: Victim attacked and access admin functionality through their browser and control browser. The component is: MIAdminStyles.i4. The attack vector is: Victims are typically lured to a web site under the attacker's control; the XSS vulnerability on the target domain is silently exploited without the victim's knowledge. The fixed version is: 7.4 and later.
10 CVE-2019-1010008 79 Exec Code XSS 2019-07-14 2019-07-18
3.5
None Remote Medium Single system None Partial None
OpenEnergyMonitor Project Emoncms 9.8.8 is affected by: Cross Site Scripting (XSS). The impact is: Theoretically low, but might potentially enable persistent XSS (user could embed mal. code). The component is: Javascript code execution in "Name", "Location", "Bio" and "Starting Page" fields in the "My Account" page. File: Lib/listjs/list.js, line 67. The attack vector is: unknown, victim must open profile page if persistent was possible.
11 CVE-2019-1010003 79 XSS 2019-07-11 2019-07-12
3.5
None Remote Medium Single system None Partial None
Leanote prior to version 2.6 is affected by: Cross Site Scripting (XSS).
12 CVE-2019-1003050 79 XSS 2019-04-10 2019-04-12
3.5
None Remote Medium Single system None Partial None
The f:validateButton form control for the Jenkins UI did not properly escape job URLs in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, resulting in a cross-site scripting (XSS) vulnerability exploitable by users with the ability to control job names.
13 CVE-2019-1003048 255 2019-03-28 2019-04-01
2.1
None Local Low Not required Partial None None
A vulnerability in Jenkins PRQA Plugin 3.1.0 and earlier allows attackers with local file system access to the Jenkins home directory to obtain the unencrypted password from the plugin configuration.
14 CVE-2019-1003044 352 CSRF 2019-03-28 2019-04-02
2.1
None Remote High Single system Partial None None
A cross-site request forgery vulnerability in Jenkins Slack Notification Plugin 2.19 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
15 CVE-2019-1003043 255 2019-03-28 2019-04-02
3.5
None Remote Medium Single system Partial None None
A missing permission check in Jenkins Slack Notification Plugin 2.19 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
16 CVE-2019-1003042 79 XSS 2019-03-28 2019-06-10
3.5
None Remote Medium Single system None Partial None
A cross site scripting vulnerability in Jenkins Lockable Resources Plugin 2.4 and earlier allows attackers able to control resource names to inject arbitrary JavaScript in web pages rendered by the plugin.
17 CVE-2019-1003014 79 XSS 2019-02-06 2019-04-26
3.5
None Remote Medium Single system None Partial None
An cross-site scripting vulnerability exists in Jenkins Config File Provider Plugin 3.4.1 and earlier in src/main/resources/lib/configfiles/configfiles.jelly that allows attackers with permission to define shared configuration files to execute arbitrary JavaScript when a user attempts to delete the shared configuration file.
18 CVE-2019-1003013 79 XSS 2019-02-06 2019-04-26
3.5
None Remote Medium Single system None Partial None
An cross-site scripting vulnerability exists in Jenkins Blue Ocean Plugins 1.10.1 and earlier in blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/Export.java, blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/export/ExportConfig.java, blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/export/JSONDataWriter.java, blueocean-rest-impl/src/main/java/io/jenkins/blueocean/service/embedded/UserStatePreloader.java, blueocean-web/src/main/resources/io/jenkins/blueocean/PageStatePreloadDecorator/header.jelly that allows attackers with permission to edit a user's description in Jenkins to have Blue Ocean render arbitrary HTML when using it as that user.
19 CVE-2019-16643 79 XSS 2019-09-20 2019-09-20
3.5
None Remote Medium Single system None Partial None
An issue was discovered in ZrLog 2.1.1. There is a Stored XSS vulnerability in the article_edit area.
20 CVE-2019-16355 276 2019-09-16 2019-09-17
2.1
None Local Low Not required Partial None None
The File Session Manager in Beego 1.10.0 allows local users to read session files because of weak permissions for individual files.
21 CVE-2019-16334 79 XSS 2019-09-15 2019-09-16
3.5
None Remote Medium Single system None Partial None
In Bludit v3.9.2, there is a persistent XSS vulnerability in the Categories -> Add New Category -> Name field. NOTE: this may overlap CVE-2017-16636.
22 CVE-2019-16333 79 XSS 2019-09-15 2019-09-19
3.5
None Remote Medium Single system None Partial None
GetSimple CMS v3.3.15 has Persistent Cross-Site Scripting (XSS) in admin/theme-edit.php.
23 CVE-2019-16310 79 XSS 2019-09-14 2019-09-16
3.5
None Remote Medium Single system None Partial None
NIUSHOP V1.11 has XSS via the index.php?s=/admin URI.
24 CVE-2019-16289 79 XSS 2019-09-13 2019-09-16
3.5
None Remote Medium Single system None Partial None
The insert-php (aka Woody ad snippets) plugin before 2.2.8 for WordPress allows authenticated XSS via the winp_item parameter.
25 CVE-2019-16275 20 DoS 2019-09-12 2019-09-16
3.3
None Local Network Low Not required None None Partial
hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF (aka management frame protection). The attacker must send a crafted 802.11 frame from a location that is within the 802.11 communications range.
26 CVE-2019-16223 79 XSS 2019-09-11 2019-09-12
3.5
None Remote Medium Single system None Partial None
WordPress before 5.2.3 allows XSS in post previews by authenticated users.
27 CVE-2019-16216 79 XSS 2019-09-18 2019-09-18
3.5
None Remote Medium Single system None Partial None
Zulip server before 2.0.5 incompletely validated the MIME types of uploaded files. A user who is logged into the server could upload files of certain types to mount a stored cross-site scripting attack on other logged-in users. On a Zulip server using the default local uploads backend, the attack is only effective against browsers lacking support for Content-Security-Policy such as Internet Explorer 11. On a Zulip server using the S3 uploads backend, the attack is confined to the origin of the configured S3 uploads hostname and cannot reach the Zulip server itself.
28 CVE-2019-16214 20 Exec Code 2019-09-11 2019-09-11
3.5
None Remote Medium Single system None Partial None
Libra Core before 2019-09-03 has an erroneous regular expression for inline comments, which makes it easier for attackers to interfere with code auditing by using a nonstandard line-break character for a comment. For example, a Move module author can enter the // sequence (which introduces a single-line comment), followed by very brief comment text, the \r character, and code that has security-critical functionality. In many popular environments, this code is displayed on a separate line, and thus a reader may infer that the code is executed. However, the code is NOT executed, because language/compiler/ir_to_bytecode/src/parser.rs allows the comment to continue after the \r character.
29 CVE-2019-16193 79 XSS 2019-09-11 2019-09-12
3.5
None Remote Medium Single system None Partial None
In ArcGIS Enterprise 10.6.1, a crafted IFRAME element can be used to trigger a Cross Frame Scripting (XFS) attack through the EDIT MY PROFILE feature.
30 CVE-2019-16178 79 XSS 2019-09-09 2019-09-10
3.5
None Remote Medium Single system None Partial None
A stored cross-site scripting (XSS) vulnerability was found in Limesurvey before 3.17.14 that allows authenticated users with correct permissions to inject arbitrary web script or HTML via titles of admin box buttons on the home page.
31 CVE-2019-16173 79 XSS 2019-09-09 2019-09-12
3.5
None Remote Medium Single system None Partial None
LimeSurvey before v3.17.14 allows reflected XSS for escalating privileges from a low-privileged account to, for example, SuperAdmin. This occurs in application/core/Survey_Common_Action.php,
32 CVE-2019-16172 79 XSS 2019-09-09 2019-09-12
3.5
None Remote Medium Single system None Partial None
LimeSurvey before v3.17.14 allows stored XSS for escalating privileges from a low-privileged account to, for example, SuperAdmin. The attack uses a survey group in which the title contains JavaScript that is mishandled upon group deletion.
33 CVE-2019-16146 79 XSS 2019-09-09 2019-09-10
3.5
None Remote Medium Single system None Partial None
Gophish through 0.8.0 allows XSS via a username.
34 CVE-2019-15870 79 XSS 2019-09-03 2019-09-03
3.5
None Remote Medium Single system None Partial None
The CarSpot theme before 2.1.7 for WordPress has stored XSS via the Phone Number field.
35 CVE-2019-15869 79 XSS 2019-09-03 2019-09-03
3.5
None Remote Medium Single system None Partial None
The JobCareer theme before 2.5.1 for WordPress has stored XSS.
36 CVE-2019-15837 79 XSS 2019-08-30 2019-09-03
3.5
None Remote Medium Single system None Partial None
The webp-express plugin before 0.14.8 for WordPress has stored XSS.
37 CVE-2019-15836 79 XSS 2019-08-30 2019-09-04
3.5
None Remote Medium Single system None Partial None
The wp-ultimate-recipe plugin before 3.12.7 for WordPress has stored XSS.
38 CVE-2019-15830 79 XSS 2019-08-30 2019-09-03
3.5
None Remote Medium Single system None Partial None
The icegram plugin before 1.10.29 for WordPress has ig_cat_list XSS.
39 CVE-2019-15829 79 XSS 2019-08-30 2019-09-03
3.5
None Remote Medium Single system None Partial None
The photoblocks-grid-gallery plugin before 1.1.33 for WordPress has wp-admin/admin.php?page=photoblocks-edit&id= XSS.
40 CVE-2019-15827 79 XSS 2019-08-30 2019-09-03
3.5
None Remote Medium Single system None Partial None
The onesignal-free-web-push-notifications plugin before 1.17.8 for WordPress has XSS via the subdomain parameter.
41 CVE-2019-15814 79 XSS 2019-09-04 2019-09-04
3.5
None Remote Medium Single system None Partial None
Multiple stored XSS vulnerabilities in Sentrifugo 3.2 could allow authenticated users to inject arbitrary web script or HTML.
42 CVE-2019-15778 79 XSS 2019-08-29 2019-09-03
3.5
None Remote Medium Single system None Partial None
The woo-variation-gallery plugin before 1.1.29 for WordPress has XSS.
43 CVE-2019-15777 79 XSS 2019-08-29 2019-09-03
3.5
None Remote Medium Single system None Partial None
The shapepress-dsgvo plugin before 2.2.19 for WordPress has wp-admin/admin-ajax.php?action=admin-common-settings&admin_email= XSS.
44 CVE-2019-15745 798 2019-08-29 2019-09-05
3.3
None Local Network Low Not required Partial None None
The Eques elf smart plug and the mobile app use a hardcoded AES 256 bit key to encrypt the commands and responses between the device and the app. The communication happens over UDP port 27431. An attacker on the local network can use the same key to encrypt and send commands to discover all smart plugs in a network, take over control of a device, and perform actions such as turning it on and off.
45 CVE-2019-15718 284 2019-09-04 2019-09-19
2.1
None Local Low Not required None Partial None
In systemd 240, bus_open_system_watch_bind_with_description in shared/bus-util.c (as used by systemd-resolved to connect to the system D-Bus instance), calls sd_bus_set_trusted, which disables access controls for incoming D-Bus messages. An unprivileged user can exploit this by executing D-Bus methods that should be restricted to privileged users, in order to change the system's DNS resolver settings.
46 CVE-2019-15716 275 2019-08-28 2019-09-04
2.1
None Local Low Not required Partial None None
WTF before 0.19.0 does not set the permissions of config.yml, which might make it easier for local attackers to read passwords or API keys if the permissions were misconfigured or were based on unsafe OS defaults.
47 CVE-2019-15508 532 2019-08-23 2019-08-27
3.5
None Remote Medium Single system Partial None None
In Octopus Tentacle versions 3.0.8 to 5.0.0, when a web request proxy is configured, an authenticated user (in certain limited OctopusPrintVariables circumstances) could trigger a deployment that writes the web request proxy password to the deployment log in cleartext. This is fixed in 5.0.1. The fix was back-ported to 4.0.7.
48 CVE-2019-15507 532 2019-08-23 2019-08-27
3.5
None Remote Medium Single system Partial None None
In Octopus Deploy versions 2018.8.4 to 2019.7.6, when a web request proxy is configured, an authenticated user (in certain limited special-characters circumstances) could trigger a deployment that writes the web request proxy password to the deployment log in cleartext. This is fixed in 2019.7.7. The fix was back-ported to LTS 2019.6.7 as well as LTS 2019.3.8.
49 CVE-2019-15480 79 XSS 2019-08-23 2019-08-26
3.5
None Remote Medium Single system None Partial None
Domoticz 4.10717 has XSS via item.Name.
50 CVE-2019-15317 79 XSS 2019-08-22 2019-08-26
3.5
None Remote Medium Single system None Partial None
The give plugin before 2.4.7 for WordPress has XSS via a donor name.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.