# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
901 |
CVE-2019-14994 |
22 |
|
Dir. Trav. |
2019-09-19 |
2019-09-23 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before version 3.9.16, from version 3.10.0 before version 3.16.8, from version 4.0.0 before version 4.1.3, from version 4.2.0 before version 4.2.5, from version 4.3.0 before version 4.3.4, and version 4.4.0 allows remote attackers with portal access to view arbitrary issues in Jira Service Desk projects via a path traversal vulnerability. Note that when the 'Anyone can email the service desk or raise a request in the portal' setting is enabled, an attacker can grant themselves portal access, allowing them to exploit the vulnerability. |
902 |
CVE-2019-14993 |
185 |
|
DoS |
2019-08-13 |
2019-08-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Istio before 1.1.13 and 1.2.x before 1.2.4 mishandles regular expressions for long URIs, leading to a denial of service during use of the JWT, VirtualService, HTTPAPISpecBinding, or QuotaSpecBinding API. |
903 |
CVE-2019-14987 |
79 |
|
XSS |
2019-08-13 |
2019-08-15 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
Adive Framework through 2.0.7 is affected by XSS in the Create New Table and Create New Navigation Link functions. |
904 |
CVE-2019-14984 |
77 |
|
Exec Code |
2019-08-13 |
2019-08-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
eQ-3 Homematic CCU2 and CCU3 with the XML-API through 1.2.0 AddOn installed allow Remote Code Execution by unauthenticated attackers with access to the web interface, because the undocumented addons/xmlapi/exec.cgi script uses CMD_EXEC to execute TCL code from a POST request. |
905 |
CVE-2019-14982 |
190 |
|
Overflow |
2019-08-12 |
2019-08-16 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
In Exiv2 before v0.27.2, there is an integer overflow vulnerability in the WebPImage::getHeaderOffset function in webpimage.cpp. It can lead to a buffer overflow vulnerability and a crash. |
906 |
CVE-2019-14981 |
369 |
|
DoS |
2019-08-12 |
2019-08-16 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file. |
907 |
CVE-2019-14980 |
416 |
|
DoS |
2019-08-12 |
2019-08-16 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file. |
908 |
CVE-2019-14979 |
20 |
|
|
2019-08-29 |
2019-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
** DISPUTED ** cgi-bin/webscr?cmd=_cart in the WooCommerce PayPal Checkout Payment Gateway plugin 1.6.17 for WordPress allows Parameter Tampering in an amount parameter (such as amount_1), as demonstrated by purchasing an item for lower than the intended price. NOTE: The plugin author states it is true that the amount can be manipulated in the PayPal payment flow. However, the amount is validated against the WooCommerce order total before completing the order, and if it doesn?t match then the order will be left in an ?On Hold? state. |
909 |
CVE-2019-14978 |
20 |
|
|
2019-08-29 |
2019-08-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
/payu/icpcheckout/ in the WooCommerce PayU India Payment Gateway plugin 2.1.1 for WordPress allows Parameter Tampering in the purchaseQuantity=1 parameter, as demonstrated by purchasing an item for lower than the intended price. |
910 |
CVE-2019-14977 |
20 |
|
|
2019-08-29 |
2019-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
** DISPUTED ** card/pay/.../amount in the WooCommerce Instamojo Payment Gateway plugin 1.0.7 for WordPress allows Parameter Tampering in the sign parameter, as demonstrated by purchasing an item for lower than the intended price. NOTE: The vendor disputes this vulnerability stating, "Validation is happening as expected on the data in POST body. The URL parameters are completely unused in this POST." |
911 |
CVE-2019-14976 |
79 |
|
XSS |
2019-08-12 |
2019-08-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
iCMS 7.0.15 allows admincp.php?app=apps XSS via the keywords parameter. |
912 |
CVE-2019-14975 |
125 |
|
|
2019-08-14 |
2019-08-26 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
None |
Partial |
Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_chartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string. |
913 |
CVE-2019-14974 |
79 |
|
XSS |
2019-08-14 |
2019-08-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
SugarCRM Enterprise 9.0.0 allows mobile/error-not-supported-platform.html?desktop_url= XSS. |
914 |
CVE-2019-14973 |
190 |
|
Overflow |
2019-08-14 |
2019-08-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application crash. |
915 |
CVE-2019-14970 |
119 |
|
Overflow |
2019-08-29 |
2019-09-06 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A vulnerability in mkv::event_thread_t in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer overflow via a crafted .mkv file. |
916 |
CVE-2019-14969 |
264 |
|
Exec Code |
2019-08-12 |
2019-08-21 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
Netwrix Auditor before 9.8 has insecure permissions on %PROGRAMDATA%\Netwrix Auditor\Logs\ActiveDirectory\ and sub-folders. In addition, the service Netwrix.ADA.StorageAuditService (which writes to that directory) does not perform proper impersonation, and thus the target file will have the same permissions as the invoking process (in this case, granting Authenticated Users full access over the target file). This vulnerability can be triggered by a low-privileged user to perform DLL Hijacking/Binary Planting attacks and ultimately execute code as NT AUTHORITY\SYSTEM with the help of Symbolic Links. |
917 |
CVE-2019-14967 |
79 |
|
XSS |
2019-08-12 |
2019-08-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
An issue was discovered in Frappe Framework 10, 11 before 11.1.46, and 12. There exists an XSS vulnerability. |
918 |
CVE-2019-14966 |
89 |
|
Sql |
2019-08-12 |
2019-08-16 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
An issue was discovered in Frappe Framework 10 through 12 before 12.0.4. There exists an authenticated SQL injection. |
919 |
CVE-2019-14961 |
79 |
|
XSS |
2019-10-01 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
JetBrains Upsource before 2019.1.1412 was not properly escaping HTML tags in a code block comments, leading to XSS. |
920 |
CVE-2019-14960 |
426 |
|
|
2019-10-01 |
2019-10-08 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
JetBrains Rider before 2019.1.2 was using an unsigned JetBrains.Rider.Unity.Editor.Plugin.Repacked.dll file. |
921 |
CVE-2019-14959 |
311 |
|
|
2019-10-02 |
2019-10-04 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection. |
922 |
CVE-2019-14958 |
400 |
|
|
2019-10-02 |
2019-10-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
JetBrains PyCharm before 2019.2 was allocating a buffer of unknown size for one of the connection processes. In a very specific situation, it could lead to a remote invocation of an OOM error message because of Uncontrolled Memory Allocation. |
923 |
CVE-2019-14957 |
922 |
|
|
2019-10-01 |
2019-10-08 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
The JetBrains Vim plugin before version 0.52 was storing individual project data in the global vim_settings.xml file. This xml file could be synchronized to a publicly accessible GitHub repository. |
924 |
CVE-2019-14956 |
281 |
|
|
2019-10-02 |
2019-10-03 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
JetBrains YouTrack before 2019.2.53938 was using incorrect settings, allowing a user without necessary permissions to get other project names. |
925 |
CVE-2019-14955 |
640 |
|
|
2019-10-01 |
2019-10-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
In JetBrains Hub versions earlier than 2018.4.11436, there was no option to force a user to change the password and no password expiration policy was implemented. |
926 |
CVE-2019-14954 |
311 |
|
|
2019-10-01 |
2019-10-08 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
JetBrains IntelliJ IDEA before 2019.2 was resolving the markdown plantuml artifact download link via a cleartext http connection. |
927 |
CVE-2019-14953 |
79 |
|
XSS |
2019-10-01 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
JetBrains YouTrack versions before 2019.2.53938 had a possible XSS through issue attachments when using the Firefox browser. |
928 |
CVE-2019-14952 |
79 |
|
XSS |
2019-10-01 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
JetBrains YouTrack versions before 2019.1.52584 had a possible XSS in the issue titles. |
929 |
CVE-2019-14951 |
254 |
|
|
2019-08-12 |
2019-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
The Telenav Scout GPS Link app 1.x for iOS, as used with Toyota and Lexus vehicles, has an incorrect protection mechanism against brute-force attacks on the authentication process, which makes it easier for attackers to obtain multimedia-screen access via port 7050 on the cellular network, as demonstrated by a DrivingRestriction method call to uma/jsonrpc/mobile. |
930 |
CVE-2019-14950 |
79 |
|
XSS |
2019-08-12 |
2019-08-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
The wp-live-chat-support plugin before 8.0.27 for WordPress has XSS via the GDPR page. |
931 |
CVE-2019-14949 |
79 |
|
XSS |
2019-08-12 |
2019-08-21 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
The wp-database-backup plugin before 5.1.2 for WordPress has XSS. |
932 |
CVE-2019-14948 |
79 |
|
XSS |
2019-08-12 |
2019-08-21 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
The woocommerce-product-addon plugin before 18.4 for WordPress has XSS via an import of a new meta data structure. |
933 |
CVE-2019-14947 |
79 |
|
XSS |
2019-08-12 |
2019-08-14 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
The ultimate-member plugin before 2.0.52 for WordPress has XSS during an account upgrade. |
934 |
CVE-2019-14946 |
79 |
|
XSS |
2019-08-12 |
2019-08-14 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
The ultimate-member plugin before 2.0.52 for WordPress has XSS related to UM Roles create and edit operations. |
935 |
CVE-2019-14945 |
79 |
|
XSS |
2019-08-12 |
2019-08-14 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
The ultimate-member plugin before 2.0.54 for WordPress has XSS. |
936 |
CVE-2019-14940 |
20 |
|
|
2019-08-11 |
2019-08-21 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
In Storage Performance Development Kit (SPDK) before 19.07, a user of a vhost can cause a crash if the target is sent invalid input. |
937 |
CVE-2019-14939 |
200 |
|
+Info |
2019-08-11 |
2019-08-22 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An issue was discovered in the mysql (aka mysqljs) module 2.17.1 for Node.js. The LOAD DATA LOCAL INFILE option is open by default. |
938 |
CVE-2019-14937 |
89 |
|
Sql |
2019-08-17 |
2019-08-27 |
6.0 |
None |
Remote |
Medium |
Single system |
Partial |
Partial |
Partial |
REDCap before 9.3.0 allows time-based SQL injection in the edit calendar event via the cal_id parameter, such as cal_id=55 and sleep(3) to Calendar/calendar_popup_ajax.php. The attacker can obtain a user's login sessionid from the database, and then re-login into REDCap to compromise all data. |
939 |
CVE-2019-14936 |
200 |
|
+Info |
2019-09-11 |
2019-09-25 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Easy!Appointments 1.3.2 plugin for WordPress allows Sensitive Information Disclosure (Username and Password Hash). |
940 |
CVE-2019-14935 |
275 |
|
|
2019-08-11 |
2019-08-27 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
3CX Phone 15 on Windows has insecure permissions on the "%PROGRAMDATA%\3CXPhone for Windows\PhoneApp" installation directory, allowing Full Control access for Everyone, and leading to privilege escalation because of a StartUp link. |
941 |
CVE-2019-14934 |
787 |
|
|
2019-08-11 |
2019-09-06 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in PDFResurrect before 0.18. pdf_load_pages_kids in pdf.c doesn't validate a certain size value, which leads to a malloc failure and out-of-bounds write. |
942 |
CVE-2019-14933 |
352 |
|
CSRF |
2019-08-11 |
2019-08-14 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Bagisto 0.1.5 allows CSRF under /admin URIs. |
943 |
CVE-2019-14932 |
200 |
|
+Info |
2019-08-12 |
2019-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
The Recruitment module in Humanica Humatrix 7 1.0.0.681 and 1.0.0.203 allows remote attackers to access all candidates' information on the website via a modified selApp variable to personalData/resumeDetail.cfm. This includes personal information and other sensitive data. |
944 |
CVE-2019-14924 |
200 |
|
+Info |
2019-08-10 |
2019-08-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
An issue was discovered in GCDWebServer before 3.5.3. The method moveItem in the GCDWebUploader class checks the FileExtension of newAbsolutePath but not oldAbsolutePath. By leveraging this vulnerability, an adversary can make an inaccessible file be available (the credential of the app, for instance). |
945 |
CVE-2019-14923 |
77 |
|
Exec Code |
2019-08-16 |
2019-08-27 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
EyesOfNetwork 5.1 allows Remote Command Execution via shell metacharacters in the module/tool_all/ host field. |
946 |
CVE-2019-14916 |
434 |
|
|
2019-09-20 |
2019-09-27 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
An issue was discovered in PRiSE adAS 1.7.0. A file's format is not properly checked, leading to an unrestricted file upload. |
947 |
CVE-2019-14915 |
79 |
|
XSS |
2019-09-20 |
2019-09-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
An issue was discovered in PRiSE adAS 1.7.0. Certificate data are not properly escaped. This leads to XSS when submitting a rogue certificate. |
948 |
CVE-2019-14913 |
79 |
|
XSS |
2019-09-20 |
2019-09-23 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
An issue was discovered in PRiSE adAS 1.7.0. Log data are not properly escaped, leading to persistent XSS in the administration panel. |
949 |
CVE-2019-14912 |
601 |
|
|
2019-09-20 |
2019-09-23 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
An issue was discovered in PRiSE adAS 1.7.0. The OPENSSO module does not properly check the goto parameter, leading to an open redirect that leaks the session cookie. |
950 |
CVE-2019-14911 |
79 |
|
XSS |
2019-09-20 |
2019-09-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
An issue was discovered in PRiSE adAS 1.7.0. The OPENSSO module does not properly escape output on error, leading to reflected XSS. |