| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
951 |
CVE-2019-15233 |
79 |
|
XSS |
2019-08-20 |
2019-08-26 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The Live:Text Box macro in the Old Street Live Input Macros app before 2.11 for Confluence has XSS, leading to theft of the Administrator Session Cookie. |
|
952 |
CVE-2019-15232 |
416 |
|
|
2019-08-19 |
2019-09-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Live555 before 2019.08.16 has a Use-After-Free because GenericMediaServer::createNewClientSessionWithId can generate the same client session ID in succession, which is mishandled by the MPEG1or2 and Matroska file demultiplexors. |
|
953 |
CVE-2019-15229 |
352 |
|
CSRF |
2019-08-19 |
2019-08-26 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
FUEL CMS 1.4.4 has CSRF in the blocks/create/ Create Blocks section of the Admin console. This could lead to an attacker tricking the administrator into executing arbitrary code via a specially crafted HTML page. |
|
954 |
CVE-2019-15227 |
79 |
|
XSS |
2019-08-20 |
2019-08-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
FlightPath 4.8.3 has XSS in the Content, Edit urgent message, and Users sections of the Admin Console. This could lead to cookie stealing and other malicious actions. |
|
955 |
CVE-2019-15225 |
400 |
|
DoS |
2019-08-19 |
2019-08-27 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In Envoy through 1.11.1, users may configure a route to match incoming path headers via the libstdc++ regular expression implementation. A remote attacker may send a request with a very long URI to result in a denial of service (memory consumption). This is a related issue to CVE-2019-14993. |
|
956 |
CVE-2019-15224 |
94 |
|
Exec Code |
2019-08-19 |
2019-08-29 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The rest-client gem 1.6.10 through 1.6.13 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Versions <=1.6.9 and >=1.6.14 are unaffected. |
|
957 |
CVE-2019-15223 |
476 |
|
|
2019-08-19 |
2019-09-05 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/driver.c driver. |
|
958 |
CVE-2019-15222 |
476 |
|
|
2019-08-19 |
2019-09-05 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
An issue was discovered in the Linux kernel before 5.2.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/helper.c (motu_microbookii) driver. |
|
959 |
CVE-2019-15221 |
476 |
|
|
2019-08-19 |
2019-09-02 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver. |
|
960 |
CVE-2019-15220 |
416 |
|
|
2019-08-19 |
2019-09-02 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver. |
|
961 |
CVE-2019-15219 |
476 |
|
|
2019-08-19 |
2019-08-22 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver. |
|
962 |
CVE-2019-15218 |
476 |
|
|
2019-08-19 |
2019-08-22 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver. |
|
963 |
CVE-2019-15217 |
476 |
|
|
2019-08-19 |
2019-09-05 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver. |
|
964 |
CVE-2019-15216 |
476 |
|
|
2019-08-19 |
2019-09-02 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver. |
|
965 |
CVE-2019-15215 |
416 |
|
|
2019-08-19 |
2019-09-02 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver. |
|
966 |
CVE-2019-15214 |
416 |
|
|
2019-08-19 |
2019-09-02 |
4.7 |
None |
Local |
Medium |
Not required |
None |
None |
Complete |
|
An issue was discovered in the Linux kernel before 5.0.10. There is a use-after-free in the sound subsystem because card disconnection causes certain data structures to be deleted too early. This is related to sound/core/init.c and sound/core/info.c. |
|
967 |
CVE-2019-15213 |
416 |
|
|
2019-08-19 |
2019-09-05 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver. |
|
968 |
CVE-2019-15212 |
415 |
|
|
2019-08-19 |
2019-09-02 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver. |
|
969 |
CVE-2019-15211 |
416 |
|
|
2019-08-19 |
2019-09-02 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver because drivers/media/radio/radio-raremono.c does not properly allocate memory. |
|
970 |
CVE-2019-15166 |
20 |
|
|
2019-10-03 |
2019-10-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. |
|
971 |
CVE-2019-15165 |
20 |
|
|
2019-10-03 |
2019-10-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory. |
|
972 |
CVE-2019-15164 |
918 |
|
|
2019-10-03 |
2019-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source. |
|
973 |
CVE-2019-15163 |
476 |
|
DoS |
2019-10-03 |
2019-10-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
rpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service (NULL pointer dereference and daemon crash) if a crypt() call fails. |
|
974 |
CVE-2019-15162 |
345 |
|
|
2019-10-03 |
2019-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames. |
|
975 |
CVE-2019-15161 |
20 |
|
|
2019-10-03 |
2019-10-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request. |
|
976 |
CVE-2019-15160 |
611 |
|
DoS |
2019-08-19 |
2019-08-23 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The SweetXml (aka sweet_xml) package through 0.6.6 for Erlang and Elixir allows attackers to cause a denial of service (resource consumption) via an XML entity expansion attack with an inline DTD. |
|
977 |
CVE-2019-15151 |
415 |
|
|
2019-08-18 |
2019-08-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
AdPlug 2.3.1 has a double free in the Cu6mPlayer class in u6m.h. |
|
978 |
CVE-2019-15150 |
352 |
|
CSRF |
2019-08-19 |
2019-08-26 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In the OAuth2 Client extension before 0.4 for MediaWiki, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function. |
|
979 |
CVE-2019-15149 |
254 |
|
|
2019-08-18 |
2019-08-30 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
** DISPUTED ** core.py in Mitogen before 0.2.8 has a typo that drops the unidirectional-routing protection mechanism in the case of a child that is initiated by another child. The Ansible extension is unaffected. NOTE: the vendor disputes this issue because it is exploitable only in conjunction with hypothetical other factors, i.e., an affected use case within a library caller, and a bug in the message receiver policy code that led to reliance on this extra protection mechanism. |
|
980 |
CVE-2019-15148 |
787 |
|
|
2019-08-18 |
2019-08-22 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
GoPro GPMF-parser 1.2.2 has an out-of-bounds write in OpenMP4Source in demo/GPMF_mp4reader.c. |
|
981 |
CVE-2019-15147 |
125 |
|
|
2019-08-18 |
2019-08-22 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
GoPro GPMF-parser 1.2.2 has an out-of-bounds read and SEGV in GPMF_Next in GPMF_parser.c. |
|
982 |
CVE-2019-15146 |
125 |
|
|
2019-08-18 |
2019-08-22 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
GoPro GPMF-parser 1.2.2 has a heap-based buffer over-read (4 bytes) in GPMF_Next in GPMF_parser.c. |
|
983 |
CVE-2019-15145 |
125 |
|
|
2019-08-18 |
2019-08-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack (application crash via an out-of-bounds read) by crafting a corrupted JB2 image file that is mishandled in JB2Dict::JB2Codec::get_direct_context in libdjvu/JB2Image.h because of a missing zero-bytes check in libdjvu/GBitmap.h. |
|
984 |
CVE-2019-15144 |
400 |
|
|
2019-08-18 |
2019-08-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate<TYPE>::sort) allows attackers to cause a denial-of-service (application crash due to an Uncontrolled Recursion) by crafting a PBM image file that is mishandled in libdjvu/GContainer.h. |
|
985 |
CVE-2019-15143 |
400 |
|
|
2019-08-18 |
2019-08-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In DjVuLibre 3.5.27, the bitmap reader component allows attackers to cause a denial-of-service error (resource exhaustion caused by a GBitmap::read_rle_raw infinite loop) by crafting a corrupted image file, related to libdjvu/DjVmDir.cpp and libdjvu/GBitmap.cpp. |
|
986 |
CVE-2019-15142 |
119 |
|
Overflow |
2019-08-18 |
2019-08-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows attackers to cause a denial-of-service (application crash in GStringRep::strdup in libdjvu/GString.cpp caused by a heap-based buffer over-read) by crafting a DJVU file. |
|
987 |
CVE-2019-15141 |
125 |
|
|
2019-08-18 |
2019-08-22 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. NOTE: this occurs because of an incomplete fix for CVE-2019-11597. |
|
988 |
CVE-2019-15140 |
416 |
|
DoS |
2019-08-18 |
2019-08-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c. |
|
989 |
CVE-2019-15139 |
125 |
|
|
2019-08-18 |
2019-08-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472. |
|
990 |
CVE-2019-15138 |
200 |
|
+Info |
2019-09-20 |
2019-09-23 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The html-pdf package 2.2.0 for Node.js has an arbitrary file read vulnerability via an HTML file that uses XMLHttpRequest to access a file:/// URL. |
|
991 |
CVE-2019-15137 |
284 |
|
|
2019-08-18 |
2019-08-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The Access Control plugin in eProsima Fast RTPS through 1.9.0 allows fnmatch pattern matches with topic name strings (instead of the permission expressions themselves), which can lead to unintended connections between participants in a Data Distribution Service (DDS) network. |
|
992 |
CVE-2019-15136 |
275 |
|
Bypass |
2019-08-18 |
2019-08-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The Access Control plugin in eProsima Fast RTPS through 1.9.0 does not check partition permissions from remote participant connections, which can lead to policy bypass for a secure Data Distribution Service (DDS) partition. |
|
993 |
CVE-2019-15135 |
200 |
|
+Info |
2019-08-18 |
2019-08-29 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The handshake protocol in Object Management Group (OMG) DDS Security 1.1 sends cleartext information about all of the capabilities of a participant (including capabilities inapplicable to the current session), which makes it easier for attackers to discover potentially sensitive reachability information on a Data Distribution Service (DDS) network. |
|
994 |
CVE-2019-15134 |
400 |
|
|
2019-08-17 |
2019-08-29 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
RIOT through 2019.07 contains a memory leak in the TCP implementation (gnrc_tcp), allowing an attacker to consume all memory available for network packets and thus effectively stopping all network threads from working. This is related to _receive in sys/net/gnrc/transport_layer/tcp/gnrc_tcp_eventloop.c upon receiving an ACK before a SYN. |
|
995 |
CVE-2019-15133 |
369 |
|
|
2019-08-17 |
2019-08-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c if the height field of the ImageSize data structure is equal to zero. |
|
996 |
CVE-2019-15132 |
200 |
|
+Info |
2019-08-17 |
2019-08-29 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Zabbix through 4.4.0alpha1 allows User Enumeration. With login requests, it is possible to enumerate application usernames based on the variability of server responses (e.g., the "Login name or password is incorrect" and "No permissions for system access" messages, or just blocking for a number of seconds). This affects both api_jsonrpc.php and index.php. |
|
997 |
CVE-2019-15131 |
434 |
|
Exec Code |
2019-09-17 |
2019-09-17 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In Code42 Enterprise 6.7.5 and earlier, 6.8.4 through 6.8.8, and 7.0.0 a vulnerability has been identified that may allow arbitrary files to be uploaded to Code42 servers and executed. This vulnerability could allow an attacker to create directories and save files on Code42 servers, which could potentially lead to code execution. |
|
998 |
CVE-2019-15130 |
434 |
|
|
2019-08-18 |
2019-08-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The Recruitment module in Humanica Humatrix 7 1.0.0.203 and 1.0.0.681 allows an unauthenticated attacker to upload any file type to a candidate's profile picture folder via a crafted recruitment_online/personalData/act_personaltab.cfm multiple-part POST request with a predictable WRC01_USERID parameter. Moreover, the attacker can upload executable content (e.g., asp or aspx) for executing OS commands on the server. |
|
999 |
CVE-2019-15129 |
200 |
|
+Info |
2019-08-18 |
2019-08-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The Recruitment module in Humanica Humatrix 7 1.0.0.203 and 1.0.0.681 allows an unauthenticated attacker to access all candidates' files in the photo folder on the website by specifying a "user id" parameter and file name, such as in a recruitment_online/upload/user/[user_id]/photo/[file_name] URI. |
|
1000 |
CVE-2019-15128 |
352 |
|
CSRF |
2019-09-06 |
2019-09-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
iF.SVNAdmin through 1.6.2 allows svnadmin/usercreate.php CSRF to create a user. |
