CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
51 CVE-2019-11539 77 Exec Code 2019-04-25 2019-04-29
6.5
None Remote Low Single system Partial Partial Partial
In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.3RX before 5.3R12.1, 5.2RX before 5.2R12.1, and 5.1RX before 5.1R15.1, the admin web interface allows an authenticated attacker to inject and execute commands.
52 CVE-2019-11518 89 Sql 2019-04-25 2019-04-26
6.5
None Remote Low Single system Partial Partial Partial
An issue was discovered in SEMCMS 3.8. SEMCMS_Inquiry.php allows AID[] SQL Injection because the class.phpmailer.php inject_check_sql protection mechanism is incomplete.
53 CVE-2019-11510 275 2019-05-08 2019-05-10
6.5
None Remote Low Single system Partial Partial Partial
In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability .
54 CVE-2019-11508 22 Exec Code Dir. Trav. 2019-05-08 2019-05-09
6.5
None Remote Low Single system Partial Partial Partial
In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an authenticated attacker (via the admin web interface) can exploit Directory Traversal to execute arbitrary code on the appliance.
55 CVE-2019-11506 119 DoS Overflow 2019-04-24 2019-05-22
6.8
None Remote Medium Not required Partial Partial Partial
In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to ExportRedQuantumType in magick/export.c.
56 CVE-2019-11505 119 DoS Overflow 2019-04-24 2019-05-22
6.8
None Remote Medium Not required Partial Partial Partial
In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to MagickBitStreamMSBWrite in magick/bit_stream.c.
57 CVE-2019-11493 119 Exec Code Overflow 2019-04-26 2019-04-26
6.8
None Remote Medium Not required Partial Partial Partial
VeryPDF 4.1 has a Memory Overflow leading to Code Execution because pdfocx!CxImageTIF::operator in pdfocx.ocx (used by pdfeditor.exe and pdfcmd.exe) is mishandled.
58 CVE-2019-11488 284 2019-04-25 2019-05-03
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect Access Control in the Account Access / Password Reset Link in SimplyBook.me Enterprise before 2019-04-23 allows Unauthorized Attackers to READ/WRITE Customer or Administrator data via a persistent HTTP GET Request Hash Link Replay, as demonstrated by a login-link from the browser history.
59 CVE-2019-11486 362 2019-04-23 2019-05-20
6.9
None Local Medium Not required Complete Complete Complete
The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.
60 CVE-2019-11471 416 2019-04-23 2019-04-24
6.8
None Remote Medium Not required Partial Partial Partial
libheif 1.4.0 has a use-after-free in heif::HeifContext::Image::set_alpha_channel in heif_context.h because heif_context.cc mishandles references to non-existing alpha images.
61 CVE-2019-11460 20 2019-04-22 2019-05-20
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in GNOME gnome-desktop 3.26, 3.28, and 3.30 prior to 3.30.2.2, and 3.32 prior to 3.32.1.1. A compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl to push characters into the input buffer of the thumbnailer's controlling terminal, allowing an attacker to escape the sandbox if the thumbnailer has a controlling terminal. This is due to improper filtering of the TIOCSTI ioctl on 64-bit systems, similar to CVE-2019-10063.
62 CVE-2019-11458 20 2019-05-08 2019-05-09
6.4
None Remote Low Not required None Partial Partial
An issue was discovered in SmtpTransport in CakePHP 3.7.6. An unserialized object with modified internal properties can trigger arbitrary file overwriting upon destruction.
63 CVE-2019-11456 352 CSRF 2019-04-22 2019-04-26
6.8
None Remote Medium Not required Partial Partial Partial
Gila CMS 1.10.1 allows fm/save CSRF for executing arbitrary PHP code.
64 CVE-2019-11452 89 Sql 2019-04-22 2019-04-22
6.5
None Remote Low Single system Partial Partial Partial
whatsns 4.0 allows index.php?admin_category/remove.html cid[] SQL injection.
65 CVE-2019-11451 89 Sql 2019-04-22 2019-04-22
6.5
None Remote Low Single system Partial Partial Partial
whatsns 4.0 allows index.php?inform/add.html qid SQL injection.
66 CVE-2019-11447 434 Exec Code Bypass 2019-04-22 2019-04-26
6.5
None Remote Low Single system Partial Partial Partial
An issue was discovered in CutePHP CuteNews 2.1.2. An attacker can infiltrate the server through the avatar upload process in the profile area via the avatar_file field to index.php?mod=main&opt=personal. There is no effective control of $imgsize in /core/modules/dashboard.php. The header content of a file can be changed and the control can be bypassed for code execution. (An attacker can use the GIF header for this.)
67 CVE-2019-11446 434 Bypass 2019-04-22 2019-04-26
6.5
None Remote Low Single system Partial Partial Partial
An issue was discovered in ATutor through 2.2.4. It allows the user to run commands on the server with the teacher user privilege. The Upload Files section in the File Manager field contains an arbitrary file upload vulnerability via upload.php. The $IllegalExtensions value only lists lowercase (and thus .phP is a bypass), and omits .shtml and .phtml.
68 CVE-2019-11401 434 Exec Code 2019-04-22 2019-04-24
6.5
None Remote Low Single system Partial Partial Partial
A issue was discovered in SiteServer CMS 6.9.0. It allows remote attackers to execute arbitrary code because an administrator can add the permitted file extension .aassp, which is converted to .asp because the "as" substring is deleted.
69 CVE-2019-11378 434 Dir. Trav. 2019-04-20 2019-05-10
6.5
None Remote Low Single system Partial Partial Partial
An issue was discovered in ProjectSend r1053. upload-process-form.php allows finished_files[]=../ directory traversal. It is possible for users to read arbitrary files and (potentially) access the supporting database, delete arbitrary files, access user passwords, or run arbitrary code.
70 CVE-2019-11377 434 2019-04-20 2019-04-22
6.5
None Remote Low Single system Partial Partial Partial
wcms/wex/finder/action.php in WCMS v0.3.2 has a Arbitrary File Upload Vulnerability via developer/finder because .php is a valid extension according to the fm_get_text_exts function.
71 CVE-2019-11376 94 Exec Code 2019-04-20 2019-04-22
6.5
None Remote Low Single system Partial Partial Partial
** DISPUTED ** SOY CMS v3.0.2 allows remote attackers to execute arbitrary PHP code via a <?php substring in the second text box. NOTE: the vendor indicates that there was an assumption that the content is "made editable on its own."
72 CVE-2019-11374 352 CSRF 2019-04-20 2019-04-26
6.8
None Remote Medium Not required Partial Partial Partial
74CMS v5.0.1 has a CSRF vulnerability to add a new admin user via the index.php?m=Admin&c=admin&a=add URI.
73 CVE-2019-11354 94 Exec Code 2019-04-19 2019-04-22
6.8
None Remote Medium Not required Partial Partial Partial
The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. This can be used to escape the underlying AngularJS sandbox and achieve remote code execution via an origin2://game/launch URL for QtApplication QDesktopServices communication.
74 CVE-2019-11339 125 DoS 2019-04-18 2019-05-06
6.8
None Remote Medium Not required Partial Partial Partial
The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 before 4.0.4 and 4.1 before 4.1.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via crafted MPEG-4 video data.
75 CVE-2019-11338 476 DoS 2019-04-18 2019-05-23
6.8
None Remote Medium Not required Partial Partial Partial
libavcodec/hevcdec.c in FFmpeg 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL pointer dereference and out-of-array access) or possibly have unspecified other impact via crafted HEVC data.
76 CVE-2019-11332 287 2019-04-18 2019-04-22
6.8
None Remote Medium Not required Partial Partial Partial
MKCMS 5.0 allows remote attackers to take over arbitrary user accounts by posting a username and e-mail address to ucenter/repass.php, which triggers e-mail transmission with the password, as demonstrated by 123456.
77 CVE-2019-11331 254 2019-04-18 2019-05-10
6.8
None Remote Medium Not required Partial Partial Partial
Network Time Protocol (NTP), as specified in RFC 5905, uses port 123 even for modes where a fixed port number is not required, which makes it easier for remote attackers to conduct off-path attacks.
78 CVE-2019-11224 78 2019-05-15 2019-05-15
6.5
None Remote Low Single system Partial Partial Partial
HARMAN AMX MVP5150 v2.87.13 devices allow remote OS Command Injection.
79 CVE-2019-11222 119 Overflow 2019-04-15 2019-05-10
6.8
None Remote Medium Not required Partial Partial Partial
gf_bin128_parse in utils/os_divers.c in GPAC 0.7.1 has a buffer overflow issue for the crypt feature when encountering a crafted_drm_file.xml file.
80 CVE-2019-11221 119 Overflow 2019-04-15 2019-05-10
6.8
None Remote Medium Not required Partial Partial Partial
GPAC 0.7.1 has a buffer overflow issue in gf_import_message() in media_import.c.
81 CVE-2019-11219 310 2019-04-26 2019-05-02
6.4
None Remote Low Not required Partial Partial None
The algorithm used to generate device IDs (UIDs) for devices that utilize Shenzhen Yunni Technology iLnkP2P suffers from a predictability flaw that allows remote attackers to establish direct connections to arbitrary devices.
82 CVE-2019-11218 19 +Priv 2019-04-24 2019-05-01
6.5
None Remote Low Single system Partial Partial Partial
Improper handling of extra parameters in the AccountController (User Profile edit) in Jakub Chodounsky Bonobo Git Server before 6.5.0 allows authenticated users to gain application administrator privileges via additional form parameter submissions.
83 CVE-2019-11213 384 2019-04-12 2019-04-24
6.8
None Remote Medium Not required Partial Partial Partial
In Pulse Secure Pulse Desktop Client and Network Connect, an attacker could access session tokens to replay and spoof sessions, and as a result, gain unauthorized access as an end user, a related issue to CVE-2019-1573. (The endpoint would need to be already compromised for exploitation to succeed.) This affects Pulse Desktop Client 5.x before Secure Desktop 5.3R7 and Pulse Desktop Client 9.x before Secure Desktop 9.0R3. It also affects (for Network Connect customers) Pulse Connect Secure 8.1 before 8.1R14, 8.3 before 8.3R7, and 9.0 before 9.0R3.
84 CVE-2019-11193 352 XSS Bypass CSRF 2019-04-30 2019-05-03
6.8
None Remote Medium Not required Partial Partial Partial
The FileManager in InfinitumIT DirectAdmin through v1.561 has XSS via CMD_FILE_MANAGER, CMD_SHOW_USER, and CMD_SHOW_RESELLER; an attacker can bypass the CSRF protection with this, and take over the administration panel.
85 CVE-2019-11082 22 Dir. Trav. 2019-05-10 2019-05-10
6.4
None Remote Low Not required None Partial Partial
core/api/datasets/internal/actions/Explode.java in the Dataset API in DKPro Core through 1.10.0 allows Directory Traversal, resulting in the overwrite of local files with the contents of an archive.
86 CVE-2019-11078 352 CSRF 2019-04-10 2019-04-11
6.8
None Remote Medium Not required Partial Partial Partial
MKCMS V5.0 has a CSRF vulnerability to add a new admin user via the ucenter/userinfo.php URI.
87 CVE-2019-11077 352 CSRF 2019-04-10 2019-04-11
6.0
None Remote Medium Single system Partial Partial Partial
FastAdmin V1.0.0.20190111_beta has a CSRF vulnerability to add a new admin user via the admin/auth/admin/add?dialog=1 URI.
88 CVE-2019-11071 20 Exec Code 2019-04-10 2019-05-02
6.5
None Remote Low Single system Partial Partial Partial
SPIP 3.1 before 3.1.10 and 3.2 before 3.2.4 allows authenticated visitors to execute arbitrary code on the host server because var_memotri is mishandled.
89 CVE-2019-11057 89 Exec Code Sql 2019-05-17 2019-05-20
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in Vtiger CRM before 7.1.0 hotfix3 allows authenticated users to execute arbitrary SQL commands.
90 CVE-2019-11036 119 Overflow 2019-05-03 2019-05-22
6.4
None Remote Low Not required Partial None Partial
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.
91 CVE-2019-11035 119 Overflow 2019-04-18 2019-05-14
6.4
None Remote Low Not required Partial None Partial
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. This may lead to information disclosure or crash.
92 CVE-2019-11034 119 Overflow 2019-04-18 2019-05-14
6.4
None Remote Low Not required Partial None Partial
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.
93 CVE-2019-11028 434 2019-04-09 2019-05-03
6.5
None Remote Low Single system Partial Partial Partial
GAT-Ship Web Module before 1.40 suffers from a vulnerability allowing authenticated attackers to upload any file type to the server via the "Documents" area. This vulnerability is related to "uploadDocFile.aspx".
94 CVE-2019-11023 476 2019-04-08 2019-05-22
6.8
None Remote Medium Not required Partial Partial Partial
The agroot() function in cgraph\obj.c in libcgraph.a in Graphviz 2.39.20160612.1140 has a NULL pointer dereference, as demonstrated by graphml2gv.
95 CVE-2019-11008 119 DoS Overflow 2019-04-08 2019-05-22
6.8
None Remote Medium Not required Partial Partial Partial
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file.
96 CVE-2019-11006 119 DoS Overflow 2019-04-08 2019-05-01
6.4
None Remote Low Not required Partial None Partial
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadMIFFImage of coders/miff.c, which allows attackers to cause a denial of service or information disclosure via an RLE packet.
97 CVE-2019-10999 119 Exec Code Overflow 2019-05-06 2019-05-07
6.5
None Remote Low Single system Partial Partial Partial
The D-Link DCS series of Wi-Fi cameras contains a stack-based buffer overflow in alphapd, the camera's web server. The overflow allows a remotely authenticated attacker to execute arbitrary code by providing a long string in the WEPEncryption parameter when requesting wireless.htm. Vulnerable devices include DCS-5009L (1.08.11 and below), DCS-5010L (1.14.09 and below), DCS-5020L (1.15.12 and below), DCS-5025L (1.03.07 and below), DCS-5030L (1.04.10 and below), DCS-930L (2.16.01 and below), DCS-931L (1.14.11 and below), DCS-932L (2.17.01 and below), DCS-933L (1.14.11 and below), and DCS-934L (1.05.04 and below).
98 CVE-2019-10951 119 Exec Code Overflow 2019-04-17 2019-04-18
6.8
None Remote Medium Not required Partial Partial Partial
Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.88 and prior. Multiple heap-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, allowing an attacker to remotely execute arbitrary code. There is a lack of user input validation before copying data from project files onto the heap.
99 CVE-2019-10947 119 Exec Code Overflow 2019-04-17 2019-04-18
6.8
None Remote Medium Not required Partial Partial Partial
Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.88 and prior. Multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, allowing an attacker to remotely execute arbitrary code. This may occur because CNCSoft lacks user input validation before copying data from project files onto the stack.
100 CVE-2019-10924 284 Exec Code 2019-05-14 2019-05-17
6.8
None Remote Medium Not required Partial Partial Partial
A vulnerability has been identified in LOGO! Soft Comfort (All versions). The vulnerability could allow an attacker to execute arbitrary code if the attacker tricks a legitimate user to open a manipulated project. In order to exploit the vulnerability, a valid user must open a manipulated project file. No further privileges are required on the target system. The vulnerability could compromise the confidentiality, integrity and availability of the engineering station. At the time of advisory publication no public exploitation of this security vulnerability was known.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.