# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
8951 |
CVE-2019-16091 |
125 |
|
|
2019-09-08 |
2020-09-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Symonics libmysofa 0.7 has an out-of-bounds read in directblockRead in hdf/fractalhead.c. |
8952 |
CVE-2019-16067 |
319 |
|
|
2020-03-19 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
NETSAS Enigma NMS 65.0.0 and prior utilises basic authentication over HTTP for enforcing access control to the web application. The use of weak authentication transmitted over cleartext protocols can allow an attacker to steal username and password combinations by intercepting authentication traffic in transit. |
8953 |
CVE-2019-16064 |
22 |
|
Dir. Trav. |
2020-03-19 |
2020-03-23 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
None |
NETSAS Enigma NMS 65.0.0 and prior suffers from a directory traversal vulnerability that can allow an authenticated user to access files and directories stored outside of the web root folder. By exploiting this vulnerability, it is possible for an attacker to list operating-system directory contents on the server, create directories and upload files in permissible locations, and modify filenames and delete files that are accessible by the user running the web server instance. |
8954 |
CVE-2019-16063 |
311 |
|
|
2020-03-19 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
NETSAS Enigma NMS 65.0.0 and prior does not encrypt sensitive data rendered within web pages. It is possible for an attacker to expose unencrypted sensitive data. |
8955 |
CVE-2019-16060 |
|
|
|
2019-09-06 |
2020-08-24 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
The Airbrake Ruby notifier 4.2.3 for Airbrake mishandles the blacklist_keys configuration option and consequently may disclose passwords to unauthorized actors. This is fixed in 4.2.4 (also, 4.2.2 and earlier are unaffected). |
8956 |
CVE-2019-16058 |
119 |
|
Overflow |
2019-09-06 |
2019-09-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
An issue was discovered in the pam_p11 component 0.2.0 and 0.3.0 for OpenSC. If a smart card creates a signature with a length longer than 256 bytes, this triggers a buffer overflow. This may be the case for RSA keys with 4096 bits depending on the signature scheme. |
8957 |
CVE-2019-16056 |
|
|
|
2019-09-06 |
2020-08-24 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally. |
8958 |
CVE-2019-16023 |
|
|
DoS |
2020-09-23 |
2021-11-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer. |
8959 |
CVE-2019-16022 |
400 |
|
DoS |
2020-01-26 |
2020-01-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer. |
8960 |
CVE-2019-16021 |
|
|
DoS |
2020-09-23 |
2021-10-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer. |
8961 |
CVE-2019-16020 |
400 |
|
DoS |
2020-01-26 |
2020-01-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer. |
8962 |
CVE-2019-16019 |
|
|
DoS |
2020-09-23 |
2020-10-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer. |
8963 |
CVE-2019-16007 |
345 |
|
DoS |
2020-09-23 |
2020-09-28 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
None |
Partial |
A vulnerability in the inter-service communication of Cisco AnyConnect Secure Mobility Client for Android could allow an unauthenticated, local attacker to perform a service hijack attack on an affected device or cause a denial of service (DoS) condition. The vulnerability is due to the use of implicit service invocations. An attacker could exploit this vulnerability by persuading a user to install a malicious application. A successful exploit could allow the attacker to access confidential user information or cause a DoS condition on the AnyConnect application. |
8964 |
CVE-2019-16003 |
306 |
|
|
2020-01-26 |
2020-01-27 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
A vulnerability in the web-based management interface of Cisco UCS Director could allow an unauthenticated, remote attacker to download system log files from an affected device. The vulnerability is due to an issue in the authentication logic of the web-based management interface. An attacker could exploit this vulnerability by sending a crafted request to the web interface. A successful exploit could allow the attacker to download log files if they were previously generated by an administrator. |
8965 |
CVE-2019-15998 |
862 |
|
|
2019-11-26 |
2020-10-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
A vulnerability in the access-control logic of the NETCONF over Secure Shell (SSH) of Cisco IOS XR Software may allow connections despite an access control list (ACL) that is configured to deny access to the NETCONF over SSH of an affected device. The vulnerability is due to a missing check in the NETCONF over SSH access control list (ACL). An attacker could exploit this vulnerability by connecting to an affected device using NETCONF over SSH. A successful exploit could allow the attacker to connect to the device on the NETCONF port. Valid credentials are required to access the device. This vulnerability does not affect connections to the default SSH process on the device. |
8966 |
CVE-2019-15995 |
89 |
|
Sql |
2019-11-26 |
2019-12-09 |
5.5 |
None |
Remote |
Low |
??? |
None |
Partial |
Partial |
A vulnerability in the web UI of Cisco DNA Spaces: Connector could allow an authenticated, remote attacker to execute arbitrary SQL queries. The vulnerability exists because the web UI does not properly validate user-supplied input. An attacker could exploit this vulnerability by entering malicious SQL statements in an affected field in the web UI. A successful exploit could allow the attacker to remove the SQL database, which would require the reinstallation of the Connector VM. |
8967 |
CVE-2019-15993 |
287 |
|
|
2020-09-23 |
2020-09-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to access sensitive device information. The vulnerability exists because the software lacks proper authentication controls to information accessible from the web UI. An attacker could exploit this vulnerability by sending a malicious HTTP request to the web UI of an affected device. A successful exploit could allow the attacker to access sensitive device information, which includes configuration files. |
8968 |
CVE-2019-15990 |
|
|
|
2019-11-26 |
2020-10-16 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an unauthenticated, remote attacker to view information displayed in the web-based management interface. The vulnerability is due to improper authorization of HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface of an affected device. A successful exploit could allow the attacker to view information displayed in the web-based management interface without authentication. |
8969 |
CVE-2019-15989 |
754 |
|
DoS |
2020-01-26 |
2020-01-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
A vulnerability in the implementation of the Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a BGP update message that contains a specific BGP attribute. An attacker could exploit this vulnerability by sending BGP update messages that include a specific, malformed attribute to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer or would need to be injected by the attacker into the victim’s BGP network on an existing, valid TCP connection to a BGP peer. |
8970 |
CVE-2019-15988 |
20 |
|
Bypass |
2019-11-26 |
2019-12-11 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. The vulnerability is due to insufficient input validation of URLs. An attacker could exploit this vulnerability by crafting the URL in a particular way. A successful exploit could allow the attacker to bypass the URL reputation filters that are configured for the affected device, which could allow malicious URLs to pass through the device. |
8971 |
CVE-2019-15987 |
287 |
|
|
2019-11-26 |
2019-12-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
A vulnerability in web interface of the Cisco Webex Event Center, Cisco Webex Meeting Center, Cisco Webex Support Center, and Cisco Webex Training Center could allow an unauthenticated, remote attacker to guess account usernames. The vulnerability is due to missing CAPTCHA protection in certain URLs. An attacker could exploit this vulnerability by sending a crafted request to the web interface. A successful exploit could allow the attacker to know if a given username is valid and find the real name of the user. |
8972 |
CVE-2019-15974 |
20 |
|
|
2020-09-23 |
2021-10-29 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
A vulnerability in the web interface of Cisco Managed Services Accelerator (MSX) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of the parameters of an HTTP request. An attacker could exploit this vulnerability by intercepting a user's HTTP request and modifying it into a request that causes the web interface to redirect the user to a specific malicious URL. A successful exploit could allow the attacker to redirect a user to a malicious web page. This type of vulnerability is known as an open redirect attack and is used in phishing attacks that get users to unknowingly visit malicious sites. |
8973 |
CVE-2019-15948 |
120 |
|
DoS Exec Code Overflow |
2019-11-13 |
2020-08-18 |
5.8 |
None |
Local Network |
Low |
Not required |
Partial |
Partial |
Partial |
Texas Instruments CC256x and WL18xx dual-mode Bluetooth controller devices, when LE scan mode is used, allow remote attackers to trigger a buffer overflow via a malformed Bluetooth Low Energy advertising packet, to cause a denial of service or potentially execute arbitrary code. This affects CC256xC-BT-SP 1.2, CC256xB-BT-SP 1.8, and WL18xx-BT-SP 4.4. |
8974 |
CVE-2019-15947 |
312 |
|
|
2019-09-05 |
2022-05-03 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it may dump a core file. If a user were to mishandle a core file, an attacker can reconstruct the user's wallet.dat file, including their private keys, via a grep "6231 0500" command. |
8975 |
CVE-2019-15944 |
116 |
|
|
2019-09-05 |
2019-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
In Counter-Strike: Global Offensive before 8/29/2019, community game servers can display unsafe HTML in a disconnection message. |
8976 |
CVE-2019-15929 |
640 |
|
|
2019-10-24 |
2019-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
In Craft CMS through 3.1.7, the elevated session password prompt was not being rate limited like normal login forms, leading to the possibility of a brute force attempt on them. |
8977 |
CVE-2019-15915 |
20 |
|
DoS |
2019-12-20 |
2020-01-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, RTCGQ01LM devices. Attackers can utilize the "discover ZigBee network procedure" to perform a denial of service attack. |
8978 |
CVE-2019-15914 |
20 |
|
DoS |
2019-12-20 |
2020-01-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDCGQ01LM, RTCGQ01LM devices. Attackers can use the ZigBee trust center rejoin procedure to perform mutiple denial of service attacks. |
8979 |
CVE-2019-15912 |
20 |
|
DoS |
2019-12-20 |
2020-01-07 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Attackers can use the ZigBee trust center rejoin procedure to perform mutiple denial of service attacks. |
8980 |
CVE-2019-15910 |
20 |
|
DoS |
2019-12-20 |
2020-01-15 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Attackers can utilize the "discover ZigBee network procedure" to perform a denial of service attack. |
8981 |
CVE-2019-15903 |
125 |
|
|
2019-09-04 |
2022-07-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read. |
8982 |
CVE-2019-15895 |
306 |
|
|
2019-09-09 |
2020-08-24 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
search-exclude.php in the "Search Exclude" plugin before 1.2.4 for WordPress allows unauthenticated options changes. |
8983 |
CVE-2019-15891 |
200 |
|
+Info |
2019-09-26 |
2019-10-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
An issue was discovered in CKFinder through 2.6.2.1 and 3.x through 3.5.0. The documentation has misleading information that could lead to a conclusion that the application has a built-in bulletproof content sniffing protection. |
8984 |
CVE-2019-15890 |
416 |
|
|
2019-09-06 |
2019-09-20 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c. |
8985 |
CVE-2019-15879 |
362 |
|
|
2020-05-13 |
2020-05-18 |
5.8 |
None |
Remote |
Medium |
Not required |
None |
Partial |
Partial |
In FreeBSD 12.1-STABLE before r356908, 12.1-RELEASE before p5, 11.3-STABLE before r356908, and 11.3-RELEASE before p9, a race condition in the cryptodev module permitted a data structure in the kernel to be used after it was freed, allowing an unprivileged process can overwrite arbitrary kernel memory. |
8986 |
CVE-2019-15863 |
|
|
|
2019-09-03 |
2020-08-24 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
The ConvertPlus plugin before 3.4.5 for WordPress has an unintended account creation (with the none role) via a request for variants. |
8987 |
CVE-2019-15862 |
434 |
|
|
2019-09-26 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
An issue was discovered in CKFinder through 2.6.2.1. Improper checks of file names allows remote attackers to upload files without any extension (even if the application was configured to accept files only with a defined set of extensions). This affects CKFinder for ASP, CKFinder for ASP.NET, CKFinder for ColdFusion, and CKFinder for PHP. |
8988 |
CVE-2019-15847 |
331 |
|
|
2019-09-02 |
2020-09-17 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same. |
8989 |
CVE-2019-15843 |
434 |
|
|
2019-09-18 |
2019-09-20 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
A malicious file upload vulnerability was discovered in Xiaomi Millet mobile phones 1-6.3.9.3. A particular condition involving a man-in-the-middle attack may lead to partial data leakage or malicious file writing. |
8990 |
CVE-2019-15839 |
22 |
|
Dir. Trav. File Inclusion |
2019-08-30 |
2020-08-24 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
The sina-extension-for-elementor plugin before 2.2.1 for WordPress has local file inclusion. |
8991 |
CVE-2019-15821 |
|
|
|
2019-08-30 |
2020-08-24 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
The bold-page-builder plugin before 2.3.2 for WordPress has no protection against modifying settings and importing data. |
8992 |
CVE-2019-15820 |
601 |
|
|
2019-08-30 |
2019-09-04 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
The login-or-logout-menu-item plugin before 1.2.0 for WordPress has no requirement for lolmi_save_settings authentication. |
8993 |
CVE-2019-15818 |
601 |
|
|
2019-08-30 |
2019-09-05 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
The simple-301-redirects-addon-bulk-uploader plugin through 1.2.4 for WordPress has no requirement for authentication for action=bulk301export or action=bulk301clearlist. |
8994 |
CVE-2019-15816 |
79 |
|
XSS |
2019-08-30 |
2020-08-24 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
The wp-private-content-plus plugin before 2.0 for WordPress has no protection against option changes via save_settings_page and other save_ functions. |
8995 |
CVE-2019-15804 |
|
|
|
2019-11-14 |
2020-08-24 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. By sending a signal to the CLI process, undocumented functionality is triggered. Specifically, a menu can be triggered by sending the SIGQUIT signal to the CLI application (e.g., through CTRL+\ via SSH). The access control check for this menu does work and prohibits accessing the menu, which contains "Password recovery for specific user" options. The menu is believed to be accessible using a serial console. |
8996 |
CVE-2019-15801 |
522 |
|
|
2019-11-14 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. The firmware image contains encrypted passwords that are used to authenticate users wishing to access a diagnostics or password-recovery menu. Using the hardcoded cryptographic key found elsewhere in the firmware, these passwords can be decrypted. This is related to fds_sys_passDebugPasswd_ret() and fds_sys_passRecoveryPasswd_ret() in libfds.so.0.0. |
8997 |
CVE-2019-15776 |
601 |
|
|
2019-08-29 |
2019-09-04 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
The simple-301-redirects-addon-bulk-uploader plugin before 1.2.5 for WordPress has no protection against 301 redirect rule injection via a CSV file. |
8998 |
CVE-2019-15775 |
601 |
|
|
2019-08-29 |
2019-09-04 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
The nd-learning plugin before 4.8 for WordPress has a nopriv_ AJAX action that allows modification of the siteurl setting. |
8999 |
CVE-2019-15774 |
601 |
|
|
2019-08-29 |
2019-09-04 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
The nd-booking plugin before 2.5 for WordPress has a nopriv_ AJAX action that allows modification of the siteurl setting. |
9000 |
CVE-2019-15773 |
601 |
|
|
2019-08-29 |
2019-09-04 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
The nd-travel plugin before 1.7 for WordPress has a nopriv_ AJAX action that allows modification of the siteurl setting. |