| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
701 |
CVE-2019-15946 |
119 |
|
Overflow |
2019-09-05 |
2019-09-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry in libopensc/asn1.c. |
|
702 |
CVE-2019-15945 |
119 |
|
Overflow |
2019-09-05 |
2019-09-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Bitstring in decode_bit_string in libopensc/asn1.c. |
|
703 |
CVE-2019-15944 |
116 |
|
|
2019-09-05 |
2019-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
In Counter-Strike: Global Offensive before 8/29/2019, community game servers can display unsafe HTML in a disconnection message. |
|
704 |
CVE-2019-15943 |
20 |
|
DoS Exec Code |
2019-09-19 |
2019-10-02 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
vphysics.dll in Counter-Strike: Global Offensive before 1.37.1.1 allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is mishandled during a memset call. |
|
705 |
CVE-2019-15942 |
119 |
|
Overflow |
2019-09-05 |
2019-09-06 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645_parse because alloc_rbsp_buffer in libavcodec/h2645_parse.c mishandles rbsp_buffer. |
|
706 |
CVE-2019-15941 |
863 |
|
Bypass |
2019-09-25 |
2019-10-01 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may allow an attacker to bypass access control rules via a crafted OpenID Connect authorization request. To be vulnerable, there must exist an OIDC Relaying party within the LemonLDAP configuration with weaker access control rules than the target RP, and no filtering on redirection URIs. |
|
707 |
CVE-2019-15940 |
306 |
|
|
2019-10-01 |
2019-10-04 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Victure PC530 devices allow unauthenticated TELNET access as root. |
|
708 |
CVE-2019-15939 |
369 |
|
|
2019-09-05 |
2019-09-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in OpenCV 4.1.0. There is a divide-by-zero error in cv::HOGDescriptor::getDescriptorSize in modules/objdetect/src/hog.cpp. |
|
709 |
CVE-2019-15938 |
119 |
|
Overflow |
2019-09-05 |
2019-09-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Pengutronix barebox through 2019.08.1 has a remote buffer overflow in nfs_readlink_req in fs/nfs.c because a length field is directly used for a memcpy. |
|
710 |
CVE-2019-15937 |
119 |
|
Overflow |
2019-09-05 |
2019-09-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Pengutronix barebox through 2019.08.1 has a remote buffer overflow in nfs_readlink_reply in net/nfs.c because a length field is directly used for a memcpy. |
|
711 |
CVE-2019-15927 |
125 |
|
|
2019-09-04 |
2019-09-24 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c. |
|
712 |
CVE-2019-15926 |
125 |
|
|
2019-09-04 |
2019-09-14 |
9.4 |
None |
Remote |
Low |
Not required |
Complete |
None |
Complete |
|
An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c. |
|
713 |
CVE-2019-15925 |
125 |
|
|
2019-09-04 |
2019-10-04 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in the Linux kernel before 5.2.3. An out of bounds access exists in the function hclge_tm_schd_mode_vnet_base_cfg in the file drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_tm.c. |
|
714 |
CVE-2019-15924 |
476 |
|
|
2019-09-04 |
2019-09-14 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
An issue was discovered in the Linux kernel before 5.0.11. fm10k_init_module in drivers/net/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer dereference because there is no -ENOMEM upon an alloc_workqueue failure. |
|
715 |
CVE-2019-15923 |
476 |
|
|
2019-09-04 |
2019-10-04 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a cd data structure if alloc_disk fails in drivers/block/paride/pf.c. |
|
716 |
CVE-2019-15922 |
476 |
|
|
2019-09-04 |
2019-10-04 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a pf data structure if alloc_disk fails in drivers/block/paride/pf.c. |
|
717 |
CVE-2019-15921 |
399 |
|
|
2019-09-04 |
2019-09-24 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c. |
|
718 |
CVE-2019-15920 |
416 |
|
|
2019-09-04 |
2019-09-24 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in the Linux kernel before 5.0.10. SMB2_read in fs/cifs/smb2pdu.c has a use-after-free. NOTE: this was not fixed correctly in 5.0.10; see the 5.0.11 ChangeLog, which documents a memory leak. |
|
719 |
CVE-2019-15919 |
416 |
|
|
2019-09-04 |
2019-09-24 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in the Linux kernel before 5.0.10. SMB2_write in fs/cifs/smb2pdu.c has a use-after-free. |
|
720 |
CVE-2019-15918 |
125 |
|
|
2019-09-04 |
2019-10-04 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in the Linux kernel before 5.0.10. SMB2_negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21. |
|
721 |
CVE-2019-15917 |
416 |
|
|
2019-09-04 |
2019-09-24 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c. |
|
722 |
CVE-2019-15916 |
119 |
|
DoS Overflow |
2019-09-04 |
2019-10-04 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service. |
|
723 |
CVE-2019-15903 |
611 |
|
|
2019-09-04 |
2019-09-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read. |
|
724 |
CVE-2019-15902 |
200 |
|
+Info |
2019-09-04 |
2019-10-10 |
4.7 |
None |
Local |
Medium |
Not required |
Complete |
None |
None |
|
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" commit reintroduced the Spectre vulnerability that it aimed to eliminate. This occurred because the backport process depends on cherry picking specific commits, and because two (correctly ordered) code lines were swapped. |
|
725 |
CVE-2019-15898 |
79 |
|
XSS |
2019-09-03 |
2019-09-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Nagios Log Server before 2.0.8 allows Reflected XSS via the username on the Login page. |
|
726 |
CVE-2019-15896 |
269 |
|
XSS |
2019-09-10 |
2019-09-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in the LifterLMS plugin through 3.34.5 for WordPress. The upload_import function in the class.llms.admin.import.php script is prone to an unauthenticated options import vulnerability that could lead to privilege escalation (administrator account creation), website redirection, and stored XSS. |
|
727 |
CVE-2019-15895 |
284 |
|
|
2019-09-09 |
2019-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
search-exclude.php in the "Search Exclude" plugin before 1.2.4 for WordPress allows unauthenticated options changes. |
|
728 |
CVE-2019-15894 |
74 |
|
Exec Code Bypass |
2019-10-07 |
2019-10-15 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in Espressif ESP-IDF 2.x, 3.0.x through 3.0.9, 3.1.x through 3.1.6, 3.2.x through 3.2.3, and 3.3.x through 3.3.1. An attacker who uses fault injection to physically disrupt the ESP32 CPU can bypass the Secure Boot digest verification at startup, and boot unverified code from flash. The fault injection attack does not disable the Flash Encryption feature, so if the ESP32 is configured with the recommended combination of Secure Boot and Flash Encryption, then the impact is minimized. If the ESP32 is configured without Flash Encryption then successful fault injection allows arbitrary code execution. To protect devices with Flash Encryption and Secure Boot enabled against this attack, a firmware change must be made to permanently enable Flash Encryption in the field if it is not already permanently enabled. |
|
729 |
CVE-2019-15892 |
20 |
|
DoS |
2019-09-03 |
2019-09-25 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and 6.2.x before 6.2.1. An HTTP/1 parsing failure allows a remote attacker to trigger an assert by sending crafted HTTP/1 requests. The assert will cause an automatic restart with a clean cache, which makes it a Denial of Service attack. |
|
730 |
CVE-2019-15891 |
200 |
|
+Info |
2019-09-26 |
2019-10-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in CKFinder through 2.6.2.1 and 3.x through 3.5.0. The documentation has misleading information that could lead to a conclusion that the application has a built-in bulletproof content sniffing protection. |
|
731 |
CVE-2019-15890 |
416 |
|
|
2019-09-06 |
2019-09-20 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c. |
|
732 |
CVE-2019-15889 |
79 |
|
XSS |
2019-09-03 |
2019-09-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The download-manager plugin before 2.9.94 for WordPress has XSS via the category shortcode feature, as demonstrated by the orderby or search[publish_date] parameter. |
|
733 |
CVE-2019-15873 |
94 |
|
Exec Code |
2019-09-03 |
2019-09-05 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
The profilegrid-user-profiles-groups-and-communities plugin before 2.8.6 for WordPress has remote code execution via an wp-admin/admin-ajax.php request with the action=pm_template_preview&html=<?php substring followed by PHP code. |
|
734 |
CVE-2019-15872 |
89 |
|
Sql |
2019-09-03 |
2019-09-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The LoginPress plugin before 1.1.4 for WordPress has SQL injection via an import of settings. |
|
735 |
CVE-2019-15871 |
275 |
|
|
2019-09-03 |
2019-09-04 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
|
The LoginPress plugin before 1.1.4 for WordPress has no capability check for updates to settings. |
|
736 |
CVE-2019-15868 |
352 |
|
CSRF |
2019-09-03 |
2019-09-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The affiliates-manager plugin before 2.6.6 for WordPress has CSRF. |
|
737 |
CVE-2019-15867 |
798 |
|
|
2019-09-03 |
2019-09-06 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
The slick-popup plugin before 1.7.2 for WordPress has a hardcoded OmakPass13# password for the slickpopupteam account, after a Subscriber calls a certain AJAX action. |
|
738 |
CVE-2019-15866 |
434 |
|
|
2019-09-03 |
2019-09-05 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
The crelly-slider plugin before 1.3.5 for WordPress has arbitrary file upload via a PHP file inside a ZIP archive to wp_ajax_crellyslider_importSlider. |
|
739 |
CVE-2019-15865 |
352 |
|
CSRF |
2019-09-03 |
2019-09-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The breadcrumbs-by-menu plugin before 1.0.3 for WordPress has CSRF. |
|
740 |
CVE-2019-15864 |
79 |
|
XSS |
2019-09-03 |
2019-09-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The breadcrumbs-by-menu plugin before 1.0.3 for WordPress has XSS. |
|
741 |
CVE-2019-15863 |
20 |
|
|
2019-09-03 |
2019-09-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The ConvertPlus plugin before 3.4.5 for WordPress has an unintended account creation (with the none role) via a request for variants. |
|
742 |
CVE-2019-15862 |
434 |
|
|
2019-09-26 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
An issue was discovered in CKFinder through 2.6.2.1. Improper checks of file names allows remote attackers to upload files without any extension (even if the application was configured to accept files only with a defined set of extensions). This affects CKFinder for ASP, CKFinder for ASP.NET, CKFinder for ColdFusion, and CKFinder for PHP. |
|
743 |
CVE-2019-15860 |
20 |
|
|
2019-09-03 |
2019-09-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Xpdf 2.00 allows a SIGSEGV in XRef::constructXRef in XRef.cc. NOTE: 2.00 is a version from November 2002. |
|
744 |
CVE-2019-15859 |
522 |
|
|
2019-10-09 |
2019-10-10 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Password disclosure in the web interface on socomec DIRIS A-40 devices before 48250501 allows a remote attacker to get full access to a device via the /password.jsn URI. |
|
745 |
CVE-2019-15858 |
20 |
|
Exec Code XSS |
2019-09-03 |
2019-09-19 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
admin/includes/class.import.snippet.php in the "Woody ad snippets" plugin before 2.2.5 for WordPress allows unauthenticated options import, as demonstrated by storing an XSS payload for remote code execution. |
|
746 |
CVE-2019-15848 |
79 |
|
XSS |
2019-09-05 |
2019-09-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
JetBrains TeamCity 2019.1 and 2019.1.1 allows cross-site scripting (XSS), potentially making it possible to send an arbitrary HTTP request to a TeamCity server under the name of the currently logged-in user. |
|
747 |
CVE-2019-15847 |
331 |
|
|
2019-09-02 |
2019-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same. |
|
748 |
CVE-2019-15846 |
119 |
|
Exec Code Overflow |
2019-09-06 |
2019-09-06 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash. |
|
749 |
CVE-2019-15843 |
434 |
|
|
2019-09-18 |
2019-09-20 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
A malicious file upload vulnerability was discovered in Xiaomi Millet mobile phones 1-6.3.9.3. A particular condition involving a man-in-the-middle attack may lead to partial data leakage or malicious file writing. |
|
750 |
CVE-2019-15842 |
79 |
|
XSS |
2019-08-30 |
2019-09-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The easy-pdf-restaurant-menu-upload plugin before 1.1.2 for WordPress has XSS. |
