CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 3 and 3.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-1003050 79 XSS 2019-04-10 2019-04-12
3.5
None Remote Medium Single system None Partial None
The f:validateButton form control for the Jenkins UI did not properly escape job URLs in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, resulting in a cross-site scripting (XSS) vulnerability exploitable by users with the ability to control job names.
2 CVE-2019-1003043 255 2019-03-28 2019-04-02
3.5
None Remote Medium Single system Partial None None
A missing permission check in Jenkins Slack Notification Plugin 2.19 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
3 CVE-2019-1003042 79 XSS 2019-03-28 2019-06-10
3.5
None Remote Medium Single system None Partial None
A cross site scripting vulnerability in Jenkins Lockable Resources Plugin 2.4 and earlier allows attackers able to control resource names to inject arbitrary JavaScript in web pages rendered by the plugin.
4 CVE-2019-1003014 79 XSS 2019-02-06 2019-04-26
3.5
None Remote Medium Single system None Partial None
An cross-site scripting vulnerability exists in Jenkins Config File Provider Plugin 3.4.1 and earlier in src/main/resources/lib/configfiles/configfiles.jelly that allows attackers with permission to define shared configuration files to execute arbitrary JavaScript when a user attempts to delete the shared configuration file.
5 CVE-2019-1003013 79 XSS 2019-02-06 2019-04-26
3.5
None Remote Medium Single system None Partial None
An cross-site scripting vulnerability exists in Jenkins Blue Ocean Plugins 1.10.1 and earlier in blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/Export.java, blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/export/ExportConfig.java, blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/export/JSONDataWriter.java, blueocean-rest-impl/src/main/java/io/jenkins/blueocean/service/embedded/UserStatePreloader.java, blueocean-web/src/main/resources/io/jenkins/blueocean/PageStatePreloadDecorator/header.jelly that allows attackers with permission to edit a user's description in Jenkins to have Blue Ocean render arbitrary HTML when using it as that user.
6 CVE-2019-12749 287 Bypass 2019-06-11 2019-06-14
3.6
None Local Low Not required Partial Partial None
dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. (This only affects the DBUS_COOKIE_SHA1 authentication mechanism.) A malicious client with write access to its own home directory could manipulate a ~/.dbus-keyrings symlink to cause a DBusServer with a different uid to read and write in unintended locations. In the worst case, this could result in the DBusServer reusing a cookie that is known to the malicious client, and treating that cookie as evidence that a subsequent client connection came from an attacker-chosen uid, allowing authentication bypass.
7 CVE-2019-12566 79 XSS 2019-06-02 2019-06-03
3.5
None Remote Medium Single system None Partial None
The WP Statistics plugin through 12.6.5 for Wordpress has stored XSS in includes/class-wp-statistics-pages.php. This is related to an account with the Editor role creating a post with a title that contains JavaScript, to attack an admin user.
8 CVE-2019-12500 285 2019-05-31 2019-05-31
3.3
None Local Network Low Not required None Partial None
The Xiaomi M365 scooter 2019-02-12 before 1.5.1 allows spoofing of "suddenly accelerate" commands. This occurs because Bluetooth Low Energy commands have no server-side authentication check. Other affected commands include suddenly braking, locking, and unlocking.
9 CVE-2019-12452 255 2019-05-29 2019-05-30
3.5
None Remote Medium Single system Partial None None
types/types.go in Containous Traefik 1.7.x through 1.7.11, when the --api flag is used and the API is publicly reachable and exposed without sufficient access control (which is contrary to the API documentation), allows remote authenticated users to discover password hashes by reading the Basic HTTP Authentication or Digest HTTP Authentication section, or discover a key by reading the ClientTLS section. These can be found in the JSON response to a /api request.
10 CVE-2019-12376 798 2019-06-03 2019-06-04
3.5
None Remote Medium Single system Partial None None
Use of a hard-coded encryption key in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Service Update 5 may lead to full managed endpoint compromise by an authenticated user with read privileges.
11 CVE-2019-12195 79 XSS 2019-05-24 2019-05-29
3.5
None Remote Medium Single system None Partial None
TP-Link TL-WR840N v5 00000005 devices allow XSS via the network name. The attacker must log into the router by breaking the password and going to the admin login page by THC-HYDRA to get the network name. With an XSS payload, the network name changed automatically and the internet connection was disconnected. All the users become disconnected from the internet.
12 CVE-2019-12190 79 XSS 2019-05-21 2019-05-21
3.5
None Remote Medium Single system None Partial None
XSS was discovered in CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.747 via the testacc/fileManager2.php fm_current_dir or filename parameter.
13 CVE-2019-12184 79 XSS 2019-05-19 2019-05-20
3.5
None Remote Medium Single system None Partial None
There is XSS in browser/components/MarkdownPreview.js in BoostIO Boostnote 0.11.15 via a label named flowchart, sequence, gallery, or chart, as demonstrated by a crafted SRC attribute of an IFRAME element, a different vulnerability than CVE-2019-12136.
14 CVE-2019-12136 79 XSS 2019-05-15 2019-05-16
3.5
None Remote Medium Single system None Partial None
There is XSS in BoostIO Boostnote 0.11.15 via a label named mermaid, as demonstrated by a crafted SRC attribute of an IFRAME element.
15 CVE-2019-11878 190 Overflow 2019-05-10 2019-05-13
3.3
None Local Network Low Not required None None Partial
An issue was discovered on XiongMai Besder IP20H1 V4.02.R12.00035520.12012.047500.00200 cameras. An attacker on the same local network as the camera can craft a message with a size field larger than 0x80000000 and send it to the camera, related to an integer overflow or use of a negative number. This then crashes the camera for about 120 seconds.
16 CVE-2019-11871 79 XSS 2019-05-09 2019-06-17
3.5
None Remote Medium Single system None Partial None
The Custom Field Suite plugin before 2.5.15 for WordPress has XSS for editors or admins.
17 CVE-2019-11513 79 XSS 2019-04-24 2019-04-26
3.5
None Remote Medium Single system None Partial None
The File Manager in CMS Made Simple through 2.2.10 has Reflected XSS via the "New name" field in a Rename action.
18 CVE-2019-11504 79 XSS 2019-04-24 2019-05-06
3.5
None Remote Medium Single system None Partial None
Zotonic before version 0.47 has mod_admin XSS.
19 CVE-2019-11429 79 XSS 2019-05-13 2019-05-15
3.5
None Remote Medium Single system None Partial None
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.793 (Free/Open Source Version), 0.9.8.753 (Pro) and 0.9.8.807 (Pro) is vulnerable to Reflected XSS for the "Domain" field on the "DNS Functions > "Add DNS Zone" screen.
20 CVE-2019-11370 79 XSS 2019-06-03 2019-06-04
3.5
None Remote Medium Single system None Partial None
Stored XSS was discovered in Carel pCOWeb prior to B1.2.4, as demonstrated by the config/pw_snmp.html "System contact" field.
21 CVE-2019-11368 79 XSS 2019-06-03 2019-06-05
3.5
None Remote Medium Single system None Partial None
Stored XSS was discovered in AUO Solar Data Recorder before 1.3.0 via the protect/config.htm addr parameter.
22 CVE-2019-11226 79 XSS 2019-06-05 2019-06-05
3.5
None Remote Medium Single system None Partial None
CMS Made Simple 2.2.10 has XSS via the m1_name parameter in "Add Article" under Content -> Content Manager -> News.
23 CVE-2019-11092 254 2019-06-13 2019-06-14
3.6
None Local Low Not required Partial Partial None
Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.
24 CVE-2019-11025 79 XSS 2019-04-08 2019-04-16
3.5
None Remote Medium Single system None Partial None
In clearFilter() in utilities.php in Cacti before 1.2.3, no escaping occurs before printing out the value of the SNMP community string (SNMP Options) in the View poller cache, leading to XSS.
25 CVE-2019-11017 79 XSS 2019-04-18 2019-04-19
3.5
None Remote Medium Single system None Partial None
On D-Link DI-524 V2.06RU devices, multiple Stored and Reflected XSS vulnerabilities were found in the Web Configuration: /spap.htm, /smap.htm, and /cgi-bin/smap, as demonstrated by the cgi-bin/smap RC parameter.
26 CVE-2019-10909 79 XSS 2019-05-16 2019-05-20
3.5
None Remote Medium Single system None Partial None
In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, validation messages are not escaped, which can lead to XSS when user input is included. This is related to symfony/framework-bundle.
27 CVE-2019-10893 79 XSS 2019-04-18 2019-05-02
3.5
None Remote Medium Single system None Partial None
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.793 (Free/Open Source Version) and 0.9.8.753 (Pro) is vulnerable to Stored/Persistent XSS for Admin Email fields on the "CWP Settings > "Edit Settings" screen. By changing the email ID to any XSS Payload and clicking on Save Changes, the XSS Payload will execute.
28 CVE-2019-10634 79 XSS 2019-04-09 2019-04-09
3.5
None Remote Medium Single system None Partial None
An XSS vulnerability in the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to inject arbitrary JavaScript or HTML via the user, group, and file-share description fields.
29 CVE-2019-10335 79 XSS 2019-06-11 2019-06-13
3.5
None Remote Medium Single system None Partial None
A stored cross site scripting vulnerability in Jenkins ElectricFlow Plugin 1.1.5 and earlier allowed attackers able to configure jobs in Jenkins or control the output of the ElectricFlow API to inject arbitrary HTML and JavaScript in the plugin-provided output on build status pages.
30 CVE-2019-10325 79 XSS 2019-05-31 2019-06-03
3.5
None Remote Medium Single system None Partial None
A cross-site scripting vulnerability in Jenkins Warnings NG Plugin 5.0.0 and earlier allowed attacker with Job/Configure permission to inject arbitrary JavaScript in build overview pages.
31 CVE-2019-10300 352 CSRF 2019-04-18 2019-05-06
3.5
None Remote Medium Single system Partial None None
A cross-site request forgery vulnerability in Jenkins GitLab Plugin 1.5.11 and earlier in the GitLabConnectionConfig#doTestConnection form validation method allowed attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
32 CVE-2019-10261 79 XSS 2019-04-03 2019-05-06
3.5
None Remote Medium Single system None Partial None
CentOS Web Panel (CWP) 0.9.8.789 is vulnerable to Stored/Persistent XSS for the "Name Server 1" and "Name Server 2" fields via a "DNS Functions" "Edit Nameservers IPs" action.
33 CVE-2019-10155 20 2019-06-12 2019-06-14
3.5
None Remote Medium Single system None None Partial
The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This issue affects versions before 3.29.
34 CVE-2019-10131 119 Overflow 2019-04-30 2019-05-21
3.6
None Local Low Not required Partial None Partial
An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program.
35 CVE-2019-10111 79 XSS 2019-05-15 2019-05-15
3.5
None Remote Medium Single system None Partial None
An issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. It allows persistent XSS in the merge request "resolve conflicts" page.
36 CVE-2019-10067 79 XSS 2019-05-21 2019-05-22
3.5
None Remote Medium Single system None Partial None
An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6 and Community Edition 5.0.x through 5.0.35 and 6.0.x through 6.0.17. An attacker who is logged into OTRS as an agent user with appropriate permissions may manipulate the URL to cause execution of JavaScript in the context of OTRS.
37 CVE-2019-10066 79 XSS 2019-05-21 2019-05-22
3.5
None Remote Medium Single system None Partial None
An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6, Community Edition 6.0.x through 6.0.17, and OTRSAppointmentCalendar 5.0.x through 5.0.12. An attacker who is logged into OTRS as an agent with appropriate permissions may create a carefully crafted calendar appointment in order to cause execution of JavaScript in the context of OTRS.
38 CVE-2019-10047 79 Exec Code XSS 2019-05-31 2019-06-03
3.5
None Remote Medium Single system None Partial None
A stored XSS vulnerability exists in the web application of Pydio through 8.2.2 that can be exploited by levering the file upload and file preview features of the application. An authenticated attacker can upload an HTML file containing JavaScript code and afterwards a file preview URL can be used to access the uploaded file. If a malicious user shares an uploaded HTML file containing JavaScript code with another user of the application, and tricks an authenticated victim into accessing a URL that results in the HTML code being interpreted by the web browser, then the included JavaScript code is executed under the context of the victim user session.
39 CVE-2019-9919 79 XSS 2019-03-29 2019-04-01
3.5
None Remote Medium Single system None Partial None
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to craft messages in a way that JavaScript gets executed on the side of the receiving user when the message is opened, aka XSS.
40 CVE-2019-9862 200 +Info 2019-03-27 2019-03-28
3.3
None Local Network Low Not required Partial None None
An issue was discovered on ABUS Secvest wireless alarm system FUAA50000 3.01.01 in conjunction with Secvest remote control FUBE50014 or FUBE50015. Because "encrypted signal transmission" is missing, an attacker is able to eavesdrop sensitive data as cleartext (for instance, the current rolling code state).
41 CVE-2019-9709 79 XSS 2019-05-07 2019-05-07
3.5
None Remote Medium Single system None Partial None
An issue was discovered in Mahara 17.10 before 17.10.8, 18.04 before 18.04.4, and 18.10 before 18.10.1. The collection title is vulnerable to Cross Site Scripting (XSS) due to not escaping it when viewing the collection's SmartEvidence overview page (if that feature is turned on). This can be exploited by any logged-in user.
42 CVE-2019-9698 264 2019-05-08 2019-05-09
3.6
None Local Low Not required None Partial Partial
Symantec AV Engine, prior to 13.0.9r17, may be susceptible to an arbitrary file deletion issue, which is a type of vulnerability that could allow an attacker to delete files on the resident system without elevated privileges.
43 CVE-2019-9605 79 XSS 2019-03-29 2019-04-01
3.5
None Remote Medium Single system None Partial None
PHP Scripts Mall Online Lottery PHP Readymade Script 1.7.0 has Reflected Cross-site Scripting (XSS) via the err value in a .ico picture upload.
44 CVE-2019-8987 79 +Priv XSS 2019-03-26 2019-04-01
3.5
None Remote Medium Single system None Partial None
The application server component of TIBCO Software Inc.'s TIBCO Data Science for AWS, and TIBCO Spotfire Data Science contains a persistent cross-site scripting vulnerability that theoretically allows an authenticated user to gain access to all the capabilities of the web interface available to more privileged users. Affected releases are TIBCO Software Inc.'s TIBCO Data Science for AWS: versions up to and including 6.4.0, and TIBCO Spotfire Data Science: versions up to and including 6.4.0.
45 CVE-2019-8455 275 +Priv 2019-04-17 2019-05-03
3.6
None Local Low Not required Partial Partial None
A hard-link created from the log file of Check Point ZoneAlarm up to 15.4.062 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gains the local attacker higher privileges to the file.
46 CVE-2019-7671 79 XSS 2019-06-05 2019-06-06
3.5
None Remote Medium Single system None Partial None
Prima Systems FlexAir devices allow Authenticated Stored XSS.
47 CVE-2019-7553 79 XSS 2019-06-06 2019-06-09
3.5
None Remote Medium Single system None Partial None
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has Stored XSS in the Profile Update page via the My Name field.
48 CVE-2019-7552 79 XSS 2019-06-06 2019-06-09
3.5
None Remote Medium Single system None Partial None
An issue was discovered in PHP Scripts Mall Investment MLM Software 2.0.2. Stored XSS was found in the the My Profile Section. This is due to lack of sanitization in the Edit Name section.
49 CVE-2019-7432 74 2019-03-21 2019-04-05
3.5
None Remote Medium Single system None Partial None
PHP Scripts Mall Rental Bike Script 2.0.3 has HTML injection via the STREET field in the Profile Edit section.
50 CVE-2019-7411 79 XSS 2019-05-13 2019-05-14
3.5
None Remote Medium Single system None Partial None
Multiple stored cross-site scripting (XSS) in the MyThemeShop Launcher plugin 1.0.8 for WordPress allow remote authenticated users to inject arbitrary web script or HTML via fields as follows: (1) Title, (2) Favicon, (3) Meta Description, (4) Subscribe Form (Name field label, Last name field label, Email field label), (5) Contact Form (Name field label and Email field label), and (6) Social Links (Facebook Page URL, Twitter Page URL, Instagram Page URL, YouTube Page URL, Linkedin Page URL, Google+ Page URL, RSS URL).
Total number of vulnerabilities : 4066   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.