# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1101 |
CVE-2019-14411 |
20 |
|
|
2019-07-30 |
2019-07-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
cPanel before 78.0.2 does not properly restrict demo accounts from writing to files via the DCV UAPI (SEC-473). |
1102 |
CVE-2019-14410 |
134 |
|
|
2019-07-30 |
2019-07-30 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
Maketext in cPanel before 78.0.2 allows format-string injection in the Email store_filter UAPI (SEC-472). |
1103 |
CVE-2019-14409 |
200 |
|
+Info |
2019-07-30 |
2019-07-30 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
cPanel before 78.0.2 allows arbitrary file-read operations via Passenger adminbin (SEC-466). |
1104 |
CVE-2019-14408 |
20 |
|
|
2019-07-30 |
2019-07-30 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
cPanel before 78.0.2 allows a demo account to link with an OpenID provider (SEC-460). |
1105 |
CVE-2019-14407 |
200 |
|
+Info |
2019-07-30 |
2019-07-30 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
cPanel before 78.0.2 reveals internal data to OpenID providers (SEC-415). |
1106 |
CVE-2019-14406 |
79 |
|
XSS |
2019-07-30 |
2019-07-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
cPanel before 78.0.18 has stored XSS in the BoxTrapper Queue Listing (SEC-493). |
1107 |
CVE-2019-14405 |
20 |
|
Exec Code |
2019-07-30 |
2019-07-30 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
cPanel before 78.0.18 allows demo accounts to execute code via securitypolicy.cg (SEC-487). |
1108 |
CVE-2019-14404 |
200 |
|
+Info |
2019-07-30 |
2019-07-30 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
cPanel before 78.0.18 allows certain file-read operations in the context of the root account via the Exim virtual_user_spam router (SEC-484). |
1109 |
CVE-2019-14403 |
601 |
|
|
2019-07-30 |
2019-07-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
cPanel before 78.0.18 offers an open mail relay because of incorrect domain-redirect routing (SEC-483). |
1110 |
CVE-2019-14402 |
20 |
|
|
2019-07-30 |
2019-07-30 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
cPanel before 78.0.18 unsafely determines terminal capabilities by using infocmp (SEC-481). |
1111 |
CVE-2019-14401 |
20 |
|
Exec Code |
2019-07-30 |
2019-07-30 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
cPanel before 78.0.18 allows code execution via an addforward API1 call (SEC-480). |
1112 |
CVE-2019-14399 |
200 |
|
+Info |
2019-07-30 |
2019-07-31 |
6.1 |
None |
Local |
Low |
Not required |
Complete |
Partial |
Partial |
The SSL certificate-storage feature in cPanel before 78.0.18 allows unsafe file operations in the context of the root account (SEC-477). |
1113 |
CVE-2019-14398 |
20 |
|
Exec Code |
2019-07-30 |
2019-07-31 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
cPanel before 80.0.5 allows demo accounts to execute arbitrary code via ajax_maketext_syntax_util.pl (SEC-498). |
1114 |
CVE-2019-14397 |
284 |
|
|
2019-07-30 |
2019-07-31 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
cPanel before 80.0.5 allows demo accounts to modify arbitrary files via the extractfile API1 call (SEC-496). |
1115 |
CVE-2019-14396 |
20 |
|
|
2019-07-30 |
2019-07-31 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
API Analytics adminbin in cPanel before 80.0.5 allows spoofed insertions of log data (SEC-495). |
1116 |
CVE-2019-14395 |
200 |
|
+Info |
2019-07-30 |
2019-07-31 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
cPanel before 80.0.5 uses world-readable permissions for the Queueprocd log (SEC-494). |
1117 |
CVE-2019-14394 |
200 |
|
+Info |
2019-07-30 |
2019-07-31 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
cPanel before 80.0.5 allows unsafe file operations in the context of the root account via the fetch_ssl_certificates_for_fqdns API (SEC-489). |
1118 |
CVE-2019-14393 |
20 |
|
Exec Code |
2019-07-30 |
2019-07-31 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
cPanel before 80.0.5 allows local code execution in the context of a different cPanel account because of insecure cpphp execution (SEC-486). |
1119 |
CVE-2019-14392 |
20 |
|
Exec Code |
2019-07-30 |
2019-07-30 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
cPanel before 80.0.22 allows remote code execution by a demo account because of incorrect URI dispatching (SEC-501). |
1120 |
CVE-2019-14391 |
264 |
|
|
2019-07-30 |
2019-07-30 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
cPanel before 82.0.2 does not properly enforce Reseller package creation ACLs (SEC-514). |
1121 |
CVE-2019-14390 |
79 |
|
XSS |
2019-07-30 |
2019-07-30 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
cPanel before 82.0.2 has stored XSS in the WHM Modify Account interface (SEC-512). |
1122 |
CVE-2019-14389 |
255 |
|
|
2019-07-30 |
2019-07-30 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
cPanel before 82.0.2 allows local users to discover the MySQL root password (SEC-510). |
1123 |
CVE-2019-14388 |
20 |
|
|
2019-07-30 |
2019-07-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
cPanel before 82.0.2 allows unauthenticated file creation because Exim log parsing is mishandled (SEC-507). |
1124 |
CVE-2019-14387 |
79 |
|
XSS |
2019-07-30 |
2019-07-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
cPanel before 82.0.2 has Self XSS in the cPanel and webmail master templates (SEC-506). |
1125 |
CVE-2019-14386 |
79 |
|
XSS |
2019-07-30 |
2019-07-30 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
cPanel before 82.0.2 has stored XSS in the WHM Tomcat Manager interface (SEC-504). |
1126 |
CVE-2019-14383 |
20 |
|
|
2019-07-30 |
2019-09-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
J2B in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs. |
1127 |
CVE-2019-14382 |
20 |
|
|
2019-07-30 |
2019-09-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
DSM in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs. |
1128 |
CVE-2019-14381 |
476 |
|
|
2019-07-30 |
2019-08-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
libopenmpt before 0.4.3 allows a crash due to a NULL pointer dereference when doing a portamento from an OPL instrument to an empty instrument note map slot. |
1129 |
CVE-2019-14380 |
125 |
|
|
2019-07-30 |
2019-08-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
libopenmpt before 0.4.5 allows a crash during playback due to an out-of-bounds read in XM and MT2 files. |
1130 |
CVE-2019-14378 |
119 |
|
Overflow |
2019-07-29 |
2019-08-10 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment. |
1131 |
CVE-2019-14373 |
125 |
|
|
2019-07-28 |
2019-08-01 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in image_save_png in image/image-png.cpp in Free Lossless Image Format (FLIF) 0.3. Attackers can trigger a heap-based buffer over-read in libpng via a crafted flif file. |
1132 |
CVE-2019-14372 |
399 |
|
|
2019-07-28 |
2019-09-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
In Libav 12.3, there is an infinite loop in the function wv_read_block_header() in the file wvdec.c. |
1133 |
CVE-2019-14371 |
399 |
|
|
2019-07-28 |
2019-07-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
An issue was discovered in Libav 12.3. There is an infinite loop in the function mov_probe in the file libavformat/mov.c, related to offset and tag. |
1134 |
CVE-2019-14370 |
125 |
|
DoS |
2019-07-28 |
2019-07-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
In Exiv2 0.27.99.0, there is an out-of-bounds read in Exiv2::MrwImage::readMetadata() in mrwimage.cpp. It could result in denial of service. |
1135 |
CVE-2019-14369 |
119 |
|
DoS Overflow |
2019-07-28 |
2019-07-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
Exiv2::PngImage::readMetadata() in pngimage.cpp in Exiv2 0.27.99.0 allows attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file. |
1136 |
CVE-2019-14368 |
125 |
|
|
2019-07-28 |
2019-08-01 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Exiv2 0.27.99.0 has a heap-based buffer over-read in Exiv2::RafImage::readMetadata() in rafimage.cpp. |
1137 |
CVE-2019-14364 |
79 |
|
XSS |
2019-07-28 |
2019-08-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
An XSS vulnerability in the "Email Subscribers & Newsletters" plugin 4.1.6 for WordPress allows an attacker to inject malicious JavaScript code through a publicly available subscription form using the esfpx_name wp-admin/admin-ajax.php POST parameter. |
1138 |
CVE-2019-14362 |
22 |
|
Dir. Trav. |
2019-07-28 |
2019-08-14 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
None |
Openbravo ERP before 3.0PR19Q1.3 is affected by Directory Traversal. This vulnerability could allow remote authenticated attackers to replace a file on the server via the getAttachmentDirectoryForNewAttachment inpKey value. |
1139 |
CVE-2019-14359 |
200 |
|
+Info |
2019-08-12 |
2019-08-21 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
** DISPUTED ** On BC Vault devices, a side channel for the row-based SSD1309 OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might be able to leverage this behavior to recover a data value. In other words, the side channel is relevant only if the attacker has enough control over the device's USB connection to make power-consumption measurements at a time when secret data is displayed. The side channel is not relevant in other circumstances, such as a stolen device that is not currently displaying secret data. NOTE: the vendor's position is that there is no security impact: the only potentially leaked information is the number of characters in the PIN. |
1140 |
CVE-2019-14357 |
200 |
|
+Info |
2019-08-10 |
2019-08-21 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
** DISPUTED ** On Mooltipass Mini devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might be able to leverage this behavior to recover confidential secrets such as the PIN. In other words, the side channel is relevant only if the attacker has enough control over the device's USB connection to make power-consumption measurements at a time when secret data is displayed. The side channel is not relevant in other circumstances, such as a stolen device that is not currently displaying secret data. NOTE: the vendor's position is that an attack is not "realistically implementable." |
1141 |
CVE-2019-14355 |
200 |
|
+Info |
2019-08-10 |
2019-08-21 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
** DISPUTED ** On ShapeShift KeepKey devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might be able to leverage this behavior to recover secret data shown on the display. In other words, the side channel is relevant only if the attacker has enough control over the device's USB connection to make power-consumption measurements at a time when secret data is displayed. The side channel is not relevant in other circumstances, such as a stolen device that is not currently displaying secret data. NOTE: the vendor's position is that there is "insignificant risk." |
1142 |
CVE-2019-14354 |
200 |
|
+Info |
2019-08-10 |
2019-08-21 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
On Ledger Nano S and Nano X devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might be able to leverage this behavior to recover confidential secrets such as the PIN and BIP39 mnemonic. In other words, the side channel is relevant only if the attacker has enough control over the device's USB connection to make power-consumption measurements at a time when secret data is displayed. The side channel is not relevant in other circumstances, such as a stolen device that is not currently displaying secret data. |
1143 |
CVE-2019-14353 |
200 |
|
+Info |
2019-08-08 |
2019-08-19 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
On Trezor One devices before 1.8.2, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might be able to leverage this behavior to recover confidential secrets such as the PIN and BIP39 mnemonic. In other words, the side channel is relevant only if the attacker has enough control over the device's USB connection to make power-consumption measurements at a time when secret data is displayed. The side channel is not relevant in other circumstances, such as a stolen device that is not currently displaying secret data. NOTE: this CVE applies exclusively to the Trezor One, and does not refer to any issues with OLED displays on other devices. |
1144 |
CVE-2019-14352 |
20 |
|
|
2019-07-28 |
2019-08-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
** DISPUTED ** In Joget Workflow 6.0.20, CSV Injection, also known as Formula Injection, exists, as demonstrated by jw/web/userview/crm_community/crm_userview_sales/_/account_new with the Account ID or Account Name field. NOTE: the vendor disputes the relevance of this finding because CSV is not the intended export format for spreadsheet applications. |
1145 |
CVE-2019-14351 |
255 |
|
|
2019-07-28 |
2019-07-30 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
EspoCRM 5.6.4 is vulnerable to user password hash enumeration. A malicious authenticated attacker can brute-force a user password hash by 1 symbol at a time using specially crafted api/v1/User?filterList filters. |
1146 |
CVE-2019-14350 |
79 |
|
XSS |
2019-07-28 |
2019-07-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
EspoCRM 5.6.4 is vulnerable to stored XSS due to lack of filtration of user-supplied data in the Knowledge base. A malicious attacker can inject JavaScript code in the body parameter during api/v1/KnowledgeBaseArticle knowledge-base record creation. |
1147 |
CVE-2019-14349 |
79 |
|
Exec Code XSS |
2019-07-28 |
2019-07-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
EspoCRM version 5.6.4 is vulnerable to stored XSS due to lack of filtration of user-supplied data in the api/v1/Document functionality for storing documents in the account tab. An attacker can upload a crafted file that contains JavaScript code in its name. This code will be executed when a user opens a page of any profile with this. |
1148 |
CVE-2019-14347 |
264 |
|
|
2019-08-06 |
2019-08-14 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
Internal/Views/addUsers.php in Schben Adive 2.0.7 allows remote unprivileged users (editor or developer) to create an administrator account via admin/user/add, as demonstrated by a Python PoC script. |
1149 |
CVE-2019-14346 |
352 |
|
CSRF |
2019-08-06 |
2019-08-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Internal/Views/config.php in Schben Adive 2.0.7 allows admin/config CSRF to change a user password. |
1150 |
CVE-2019-14339 |
200 |
|
+Info |
2019-09-05 |
2019-09-06 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
The ContentProvider in the Canon PRINT jp.co.canon.bsd.ad.pixmaprint 2.5.5 application for Android does not properly restrict canon.ij.printer.capability.data data access. This allows an attacker's malicious application to obtain sensitive information including factory passwords for the administrator web interface and WPA2-PSK key. |