# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
951 |
CVE-2019-15326 |
22 |
|
Dir. Trav. |
2019-08-22 |
2019-08-23 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
The import-users-from-csv-with-meta plugin before 1.14.2.1 for WordPress has directory traversal. |
952 |
CVE-2019-15325 |
254 |
|
|
2019-08-22 |
2019-08-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
In GalliumOS 3.0, CONFIG_SECURITY_YAMA is disabled but /etc/sysctl.d/10-ptrace.conf tries to set /proc/sys/kernel/yama/ptrace_scope to 1, which might increase risk because of the appearance that a protection mechanism is present when actually it is not. |
953 |
CVE-2019-15324 |
20 |
|
Exec Code |
2019-08-22 |
2019-08-26 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
The ad-inserter plugin before 2.4.22 for WordPress has remote code execution. |
954 |
CVE-2019-15323 |
22 |
|
Dir. Trav. |
2019-08-22 |
2019-09-06 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
The ad-inserter plugin before 2.4.20 for WordPress has path traversal. |
955 |
CVE-2019-15322 |
20 |
|
File Inclusion |
2019-08-22 |
2019-08-26 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The shortcode-factory plugin before 2.8 for WordPress has Local File Inclusion. |
956 |
CVE-2019-15321 |
74 |
|
|
2019-08-22 |
2019-08-26 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The option-tree plugin before 2.7.3 for WordPress has Object Injection because serialized classes are mishandled. |
957 |
CVE-2019-15320 |
74 |
|
|
2019-08-22 |
2019-08-26 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The option-tree plugin before 2.7.3 for WordPress has Object Injection because the + character is mishandled. |
958 |
CVE-2019-15319 |
74 |
|
|
2019-08-22 |
2019-08-26 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The option-tree plugin before 2.7.0 for WordPress has Object Injection by leveraging a valid nonce. |
959 |
CVE-2019-15318 |
79 |
|
XSS |
2019-08-22 |
2019-08-26 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The yikes-inc-easy-mailchimp-extender plugin before 6.5.3 for WordPress has code injection via the admin input field. |
960 |
CVE-2019-15316 |
264 |
|
|
2019-08-21 |
2019-08-30 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
Valve Steam Client for Windows through 2019-08-20 has weak folder permissions, leading to privilege escalation (to NT AUTHORITY\SYSTEM) via crafted use of CreateMountPoint.exe and SetOpLock.exe to leverage a TOCTOU race condition. |
961 |
CVE-2019-15315 |
264 |
|
|
2019-08-21 |
2019-08-30 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Valve Steam Client for Windows through 2019-08-16 allows privilege escalation (to NT AUTHORITY\SYSTEM) because local users can replace the current versions of SteamService.exe and SteamService.dll with older versions that lack the CVE-2019-14743 patch. |
962 |
CVE-2019-15304 |
255 |
|
DoS |
2019-08-26 |
2019-09-03 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
Lierda Grill Temperature Monitor V1.00_50006 has a default password of admin for the admin account, which allows an attacker to cause a Denial of Service or Information Disclosure via the undocumented access-point configuration page located on the device. NOTE: this device also ships with ProGrade branding. |
963 |
CVE-2019-15302 |
20 |
|
|
2019-09-11 |
2019-09-13 |
5.5 |
None |
Remote |
Low |
Single system |
None |
Partial |
Partial |
The pad management logic in XWiki labs CryptPad before 3.0.0 allows a remote attacker (who has access to a Rich Text pad with editing rights for the URL) to corrupt it (i.e., cause data loss) via a trivial URL modification. |
964 |
CVE-2019-15301 |
89 |
|
Exec Code Sql |
2019-09-18 |
2019-09-19 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
A SQL injection vulnerability in the method Terrasoft.Core.DB.Column.Const() in Terrasoft Bpm'online CRM-System SDK 7.13 allows attackers to execute arbitrary SQL commands via the value parameter. |
965 |
CVE-2019-15297 |
476 |
|
|
2019-09-09 |
2019-09-11 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
res_pjsip_t38 in Sangoma Asterisk 13.21-cert4, 15.7.3, and 16.5.0 allows an attacker to trigger a crash by sending a declined stream in a response to a T.38 re-invite initiated by Asterisk. |
966 |
CVE-2019-15296 |
119 |
|
Overflow |
2019-08-21 |
2019-09-16 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The faad_resetbits function in libfaad/bits.c is affected by a buffer overflow vulnerability. The number of bits to be read is determined by ld->buffer_size - words*4, cast to uint32. If ld->buffer_size - words*4 is negative, a buffer overflow is later performed via getdword_n(&ld->start[words], ld->bytes_left). |
967 |
CVE-2019-15295 |
426 |
|
|
2019-08-21 |
2019-08-28 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An Untrusted Search Path vulnerability in the ServiceInstance.dll library versions 1.0.15.119 and lower, as used in Bitdefender Antivirus Free 2020 versions prior to 1.0.15.138, allows an attacker to load an arbitrary DLL file from the search path. |
968 |
CVE-2019-15294 |
255 |
|
|
2019-08-28 |
2019-09-04 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
An issue was discovered in Gallagher Command Centre 8.10 before 8.10.1092(MR2). Upon an upgrade, if a custom service account is in use and the visitor management service is installed, the Windows username and password for this service are logged in cleartext to the Command_centre.log file. |
969 |
CVE-2019-15293 |
119 |
|
Overflow |
2019-08-21 |
2019-08-30 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in ACDSee Photo Studio Standard 22.1 Build 1159. There is a User Mode Write AV starting at IDE_ACDStd!IEP_ShowPlugInDialog+0x000000000023d060. |
970 |
CVE-2019-15292 |
416 |
|
|
2019-08-21 |
2019-09-02 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalk_proc_exit, related to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and net/appletalk/sysctl_net_atalk.c. |
971 |
CVE-2019-15291 |
476 |
|
|
2019-08-20 |
2019-09-05 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver. |
972 |
CVE-2019-15290 |
476 |
|
|
2019-08-20 |
2019-09-05 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the ath6kl_usb_alloc_urb_from_pipe function in the drivers/net/wireless/ath/ath6kl/usb.c driver. |
973 |
CVE-2019-15272 |
444 |
|
Bypass |
2019-10-02 |
2019-10-09 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) could allow an unauthenticated, remote attacker to bypass security restrictions. The vulnerability is due to improper handling of malformed HTTP methods. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected system. A successful exploit could allow the attacker to gain unauthorized access to the system. |
974 |
CVE-2019-15259 |
20 |
|
XSS Http R.Spl. |
2019-10-02 |
2019-10-10 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
A vulnerability in Cisco Unified Contact Center Express (UCCX) Software could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. The vulnerability is due to insufficient input validation of some parameters that are passed to the web server of the affected system. An attacker could exploit this vulnerability by convincing a user to follow a malicious link or by intercepting a user request on an affected device. A successful exploit could allow the attacker to perform cross-site scripting attacks, web cache poisoning, access sensitive browser-based information, and similar exploits. |
975 |
CVE-2019-15256 |
400 |
|
DoS |
2019-10-02 |
2019-10-10 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper management of system memory. An attacker could exploit this vulnerability by sending malicious IKEv1 traffic to an affected device. The attacker does not need valid credentials to authenticate the VPN session, nor does the attacker's source address need to match a peer statement in the crypto map applied to the ingress interface of the affected device. An exploit could allow the attacker to exhaust system memory resources, leading to a reload of an affected device. |
976 |
CVE-2019-15239 |
416 |
|
|
2019-08-20 |
2019-09-24 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
In the Linux kernel, a certain net/ipv4/tcp_output.c change, which was properly incorporated into 4.16.12, was incorrectly backported to the earlier longterm kernels, introducing a new vulnerability that was potentially more severe than the issue that was intended to be fixed by backporting. Specifically, by adding to a write queue between disconnection and re-connection, a local attacker can trigger multiple use-after-free conditions. This can result in a kernel crash, or potentially in privilege escalation. NOTE: this affects (for example) Linux distributions that use 4.9.x longterm kernels before 4.9.190 or 4.14.x longterm kernels before 4.14.139. |
977 |
CVE-2019-15238 |
352 |
|
CSRF |
2019-08-20 |
2019-08-22 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The cforms2 plugin before 15.0.2 for WordPress has CSRF related to the IP address field. |
978 |
CVE-2019-15237 |
20 |
|
|
2019-08-19 |
2019-09-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Roundcube Webmail through 1.3.9 mishandles Punycode xn-- domain names, leading to homograph attacks. |
979 |
CVE-2019-15233 |
79 |
|
XSS |
2019-08-20 |
2019-08-26 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
The Live:Text Box macro in the Old Street Live Input Macros app before 2.11 for Confluence has XSS, leading to theft of the Administrator Session Cookie. |
980 |
CVE-2019-15232 |
416 |
|
|
2019-08-19 |
2019-09-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Live555 before 2019.08.16 has a Use-After-Free because GenericMediaServer::createNewClientSessionWithId can generate the same client session ID in succession, which is mishandled by the MPEG1or2 and Matroska file demultiplexors. |
981 |
CVE-2019-15229 |
352 |
|
CSRF |
2019-08-19 |
2019-08-26 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
FUEL CMS 1.4.4 has CSRF in the blocks/create/ Create Blocks section of the Admin console. This could lead to an attacker tricking the administrator into executing arbitrary code via a specially crafted HTML page. |
982 |
CVE-2019-15227 |
79 |
|
XSS |
2019-08-20 |
2019-08-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
FlightPath 4.8.3 has XSS in the Content, Edit urgent message, and Users sections of the Admin Console. This could lead to cookie stealing and other malicious actions. |
983 |
CVE-2019-15225 |
400 |
|
DoS |
2019-08-19 |
2019-08-27 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
In Envoy through 1.11.1, users may configure a route to match incoming path headers via the libstdc++ regular expression implementation. A remote attacker may send a request with a very long URI to result in a denial of service (memory consumption). This is a related issue to CVE-2019-14993. |
984 |
CVE-2019-15224 |
94 |
|
Exec Code |
2019-08-19 |
2019-08-29 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The rest-client gem 1.6.10 through 1.6.13 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Versions <=1.6.9 and >=1.6.14 are unaffected. |
985 |
CVE-2019-15223 |
476 |
|
|
2019-08-19 |
2019-09-05 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/driver.c driver. |
986 |
CVE-2019-15222 |
476 |
|
|
2019-08-19 |
2019-09-05 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
An issue was discovered in the Linux kernel before 5.2.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/helper.c (motu_microbookii) driver. |
987 |
CVE-2019-15221 |
476 |
|
|
2019-08-19 |
2019-09-02 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver. |
988 |
CVE-2019-15220 |
416 |
|
|
2019-08-19 |
2019-09-02 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver. |
989 |
CVE-2019-15219 |
476 |
|
|
2019-08-19 |
2019-08-22 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver. |
990 |
CVE-2019-15218 |
476 |
|
|
2019-08-19 |
2019-08-22 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver. |
991 |
CVE-2019-15217 |
476 |
|
|
2019-08-19 |
2019-09-05 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver. |
992 |
CVE-2019-15216 |
476 |
|
|
2019-08-19 |
2019-09-02 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver. |
993 |
CVE-2019-15215 |
416 |
|
|
2019-08-19 |
2019-09-02 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver. |
994 |
CVE-2019-15214 |
416 |
|
|
2019-08-19 |
2019-09-02 |
4.7 |
None |
Local |
Medium |
Not required |
None |
None |
Complete |
An issue was discovered in the Linux kernel before 5.0.10. There is a use-after-free in the sound subsystem because card disconnection causes certain data structures to be deleted too early. This is related to sound/core/init.c and sound/core/info.c. |
995 |
CVE-2019-15213 |
416 |
|
|
2019-08-19 |
2019-09-05 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver. |
996 |
CVE-2019-15212 |
415 |
|
|
2019-08-19 |
2019-09-02 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver. |
997 |
CVE-2019-15211 |
416 |
|
|
2019-08-19 |
2019-09-02 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver because drivers/media/radio/radio-raremono.c does not properly allocate memory. |
998 |
CVE-2019-15166 |
20 |
|
|
2019-10-03 |
2019-10-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. |
999 |
CVE-2019-15165 |
20 |
|
|
2019-10-03 |
2019-10-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory. |
1000 |
CVE-2019-15164 |
918 |
|
|
2019-10-03 |
2019-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source. |