| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1101 |
CVE-2019-15001 |
74 |
|
Exec Code |
2019-09-19 |
2019-09-25 |
9.0 |
None |
Remote |
Low |
Single system |
Complete |
Complete |
Complete |
|
The Jira Importers Plugin in Atlassian Jira Server and Data Cente from version with 7.0.10 before 7.6.16, from 7.7.0 before 7.13.8, from 8.1.0 before 8.1.3, from 8.2.0 before 8.2.5, from 8.3.0 before 8.3.4 and from 8.4.0 before 8.4.1 allows remote attackers with Administrator permissions to gain remote code execution via a template injection vulnerability through the use of a crafted PUT request. |
|
1102 |
CVE-2019-15000 |
74 |
|
Exec Code |
2019-09-19 |
2019-09-25 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The commit diff rest endpoint in Bitbucket Server and Data Center before 5.16.10 (the fixed version for 5.16.x ), from 6.0.0 before 6.0.10 (the fixed version for 6.0.x), from 6.1.0 before 6.1.8 (the fixed version for 6.1.x), from 6.2.0 before 6.2.6 (the fixed version for 6.2.x), from 6.3.0 before 6.3.5 (the fixed version for 6.3.x), from 6.4.0 before 6.4.3 (the fixed version for 6.4.x), and from 6.5.0 before 6.5.2 (the fixed version for 6.5.x) allows remote attackers who have permission to access a repository, if public access is enabled for a project or repository then attackers are able to exploit this issue anonymously, to read the contents of arbitrary files on the system and execute commands via injecting additional arguments into git commands. |
|
1103 |
CVE-2019-14999 |
352 |
|
CSRF |
2019-08-23 |
2019-08-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The Uninstall REST endpoint in Atlassian Universal Plugin Manager before version 2.22.19, from version 3.0.0 before version 3.0.3 and from version 4.0.0 before version 4.0.3 allows remote attackers to uninstall plugins using a Cross-Site Request Forgery (CSRF) vulnerability on an authenticated administrator. |
|
1104 |
CVE-2019-14998 |
352 |
|
Bypass CSRF |
2019-09-11 |
2019-09-16 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The Webwork action Cross-Site Request Forgery (CSRF) protection implementation in Jira before version 8.4.0 allows remote attackers to bypass its protection via "cookie tossing" a CSRF cookie from a subdomain of a Jira instance. |
|
1105 |
CVE-2019-14997 |
200 |
|
+Info |
2019-09-11 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The AccessLogFilter class in Jira before version 8.4.0 allows remote anonymous attackers to learn details about other users, including their username, via an information expose through caching vulnerability when Jira is configured with a reverse Proxy and or a load balancer with caching or a CDN. |
|
1106 |
CVE-2019-14996 |
79 |
|
XSS |
2019-09-11 |
2019-09-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The FilterPickerPopup.jspa resource in Jira before version 7.13.7, and from version 8.0.0 before version 8.3.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the searchOwnerUserName parameter. |
|
1107 |
CVE-2019-14995 |
276 |
|
|
2019-09-11 |
2019-09-16 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The /rest/api/1.0/render resource in Jira before version 8.4.0 allows remote anonymous attackers to determine if an attachment with a specific name exists and if an issue key is valid via a missing permissions check. |
|
1108 |
CVE-2019-14994 |
22 |
|
Dir. Trav. |
2019-09-19 |
2019-09-23 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before version 3.9.16, from version 3.10.0 before version 3.16.8, from version 4.0.0 before version 4.1.3, from version 4.2.0 before version 4.2.5, from version 4.3.0 before version 4.3.4, and version 4.4.0 allows remote attackers with portal access to view arbitrary issues in Jira Service Desk projects via a path traversal vulnerability. Note that when the 'Anyone can email the service desk or raise a request in the portal' setting is enabled, an attacker can grant themselves portal access, allowing them to exploit the vulnerability. |
|
1109 |
CVE-2019-14993 |
185 |
|
DoS |
2019-08-13 |
2019-08-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Istio before 1.1.13 and 1.2.x before 1.2.4 mishandles regular expressions for long URIs, leading to a denial of service during use of the JWT, VirtualService, HTTPAPISpecBinding, or QuotaSpecBinding API. |
|
1110 |
CVE-2019-14986 |
77 |
|
|
2019-08-13 |
2019-08-21 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
eQ-3 Homematic CCU2 and CCU3 with the CUxD AddOn before 2.3.0 installed allow administrative operations by unauthenticated attackers with access to the web interface, because features such as File-Browser and Shell Command (as well as "Set root password") are exposed. |
|
1111 |
CVE-2019-14985 |
20 |
|
Exec Code |
2019-08-13 |
2019-08-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
eQ-3 Homematic CCU2 and CCU3 with the CUxD AddOn installed allow Remote Code Execution by unauthenticated attackers with access to the web interface, because this interface can access the CMD_EXEC virtual device type 28. |
|
1112 |
CVE-2019-14984 |
77 |
|
Exec Code |
2019-08-13 |
2019-08-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
eQ-3 Homematic CCU2 and CCU3 with the XML-API through 1.2.0 AddOn installed allow Remote Code Execution by unauthenticated attackers with access to the web interface, because the undocumented addons/xmlapi/exec.cgi script uses CMD_EXEC to execute TCL code from a POST request. |
|
1113 |
CVE-2019-14982 |
190 |
|
Overflow |
2019-08-12 |
2019-08-16 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Exiv2 before v0.27.2, there is an integer overflow vulnerability in the WebPImage::getHeaderOffset function in webpimage.cpp. It can lead to a buffer overflow vulnerability and a crash. |
|
1114 |
CVE-2019-14981 |
369 |
|
DoS |
2019-08-12 |
2019-08-16 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file. |
|
1115 |
CVE-2019-14980 |
416 |
|
DoS |
2019-08-12 |
2019-08-16 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file. |
|
1116 |
CVE-2019-14979 |
20 |
|
|
2019-08-29 |
2019-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
** DISPUTED ** cgi-bin/webscr?cmd=_cart in the WooCommerce PayPal Checkout Payment Gateway plugin 1.6.17 for WordPress allows Parameter Tampering in an amount parameter (such as amount_1), as demonstrated by purchasing an item for lower than the intended price. NOTE: The plugin author states it is true that the amount can be manipulated in the PayPal payment flow. However, the amount is validated against the WooCommerce order total before completing the order, and if it doesn?t match then the order will be left in an ?On Hold? state. |
|
1117 |
CVE-2019-14978 |
20 |
|
|
2019-08-29 |
2019-08-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
/payu/icpcheckout/ in the WooCommerce PayU India Payment Gateway plugin 2.1.1 for WordPress allows Parameter Tampering in the purchaseQuantity=1 parameter, as demonstrated by purchasing an item for lower than the intended price. |
|
1118 |
CVE-2019-14977 |
20 |
|
|
2019-08-29 |
2019-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
** DISPUTED ** card/pay/.../amount in the WooCommerce Instamojo Payment Gateway plugin 1.0.7 for WordPress allows Parameter Tampering in the sign parameter, as demonstrated by purchasing an item for lower than the intended price. NOTE: The vendor disputes this vulnerability stating, "Validation is happening as expected on the data in POST body. The URL parameters are completely unused in this POST." |
|
1119 |
CVE-2019-14976 |
79 |
|
XSS |
2019-08-12 |
2019-08-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
iCMS 7.0.15 allows admincp.php?app=apps XSS via the keywords parameter. |
|
1120 |
CVE-2019-14975 |
125 |
|
|
2019-08-14 |
2019-08-26 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
None |
Partial |
|
Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_chartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string. |
|
1121 |
CVE-2019-14974 |
79 |
|
XSS |
2019-08-14 |
2019-08-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
SugarCRM Enterprise 9.0.0 allows mobile/error-not-supported-platform.html?desktop_url= XSS. |
|
1122 |
CVE-2019-14973 |
190 |
|
Overflow |
2019-08-14 |
2019-08-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application crash. |
|
1123 |
CVE-2019-14970 |
119 |
|
Overflow |
2019-08-29 |
2019-09-06 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A vulnerability in mkv::event_thread_t in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer overflow via a crafted .mkv file. |
|
1124 |
CVE-2019-14969 |
264 |
|
Exec Code |
2019-08-12 |
2019-08-21 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Netwrix Auditor before 9.8 has insecure permissions on %PROGRAMDATA%\Netwrix Auditor\Logs\ActiveDirectory\ and sub-folders. In addition, the service Netwrix.ADA.StorageAuditService (which writes to that directory) does not perform proper impersonation, and thus the target file will have the same permissions as the invoking process (in this case, granting Authenticated Users full access over the target file). This vulnerability can be triggered by a low-privileged user to perform DLL Hijacking/Binary Planting attacks and ultimately execute code as NT AUTHORITY\SYSTEM with the help of Symbolic Links. |
|
1125 |
CVE-2019-14968 |
89 |
|
Sql |
2019-08-12 |
2019-08-15 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in imcat 4.9. There is SQL Injection via the index.php order parameter in a mod=faqs action. |
|
1126 |
CVE-2019-14967 |
79 |
|
XSS |
2019-08-12 |
2019-08-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in Frappe Framework 10, 11 before 11.1.46, and 12. There exists an XSS vulnerability. |
|
1127 |
CVE-2019-14966 |
89 |
|
Sql |
2019-08-12 |
2019-08-16 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
An issue was discovered in Frappe Framework 10 through 12 before 12.0.4. There exists an authenticated SQL injection. |
|
1128 |
CVE-2019-14965 |
74 |
|
|
2019-08-12 |
2019-08-16 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in Frappe Framework 10 through 12 before 12.0.4. A server side template injection (SSTI) issue exists. |
|
1129 |
CVE-2019-14961 |
79 |
|
XSS |
2019-10-01 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
JetBrains Upsource before 2019.1.1412 was not properly escaping HTML tags in a code block comments, leading to XSS. |
|
1130 |
CVE-2019-14960 |
426 |
|
|
2019-10-01 |
2019-10-08 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
JetBrains Rider before 2019.1.2 was using an unsigned JetBrains.Rider.Unity.Editor.Plugin.Repacked.dll file. |
|
1131 |
CVE-2019-14959 |
311 |
|
|
2019-10-02 |
2019-10-04 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection. |
|
1132 |
CVE-2019-14958 |
400 |
|
|
2019-10-02 |
2019-10-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
JetBrains PyCharm before 2019.2 was allocating a buffer of unknown size for one of the connection processes. In a very specific situation, it could lead to a remote invocation of an OOM error message because of Uncontrolled Memory Allocation. |
|
1133 |
CVE-2019-14957 |
922 |
|
|
2019-10-01 |
2019-10-08 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The JetBrains Vim plugin before version 0.52 was storing individual project data in the global vim_settings.xml file. This xml file could be synchronized to a publicly accessible GitHub repository. |
|
1134 |
CVE-2019-14956 |
281 |
|
|
2019-10-02 |
2019-10-03 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
JetBrains YouTrack before 2019.2.53938 was using incorrect settings, allowing a user without necessary permissions to get other project names. |
|
1135 |
CVE-2019-14955 |
640 |
|
|
2019-10-01 |
2019-10-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
In JetBrains Hub versions earlier than 2018.4.11436, there was no option to force a user to change the password and no password expiration policy was implemented. |
|
1136 |
CVE-2019-14954 |
311 |
|
|
2019-10-01 |
2019-10-08 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
JetBrains IntelliJ IDEA before 2019.2 was resolving the markdown plantuml artifact download link via a cleartext http connection. |
|
1137 |
CVE-2019-14953 |
79 |
|
XSS |
2019-10-01 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
JetBrains YouTrack versions before 2019.2.53938 had a possible XSS through issue attachments when using the Firefox browser. |
|
1138 |
CVE-2019-14952 |
79 |
|
XSS |
2019-10-01 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
JetBrains YouTrack versions before 2019.1.52584 had a possible XSS in the issue titles. |
|
1139 |
CVE-2019-14951 |
254 |
|
|
2019-08-12 |
2019-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The Telenav Scout GPS Link app 1.x for iOS, as used with Toyota and Lexus vehicles, has an incorrect protection mechanism against brute-force attacks on the authentication process, which makes it easier for attackers to obtain multimedia-screen access via port 7050 on the cellular network, as demonstrated by a DrivingRestriction method call to uma/jsonrpc/mobile. |
|
1140 |
CVE-2019-14950 |
79 |
|
XSS |
2019-08-12 |
2019-08-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The wp-live-chat-support plugin before 8.0.27 for WordPress has XSS via the GDPR page. |
|
1141 |
CVE-2019-14949 |
79 |
|
XSS |
2019-08-12 |
2019-08-21 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The wp-database-backup plugin before 5.1.2 for WordPress has XSS. |
|
1142 |
CVE-2019-14943 |
798 |
|
|
2019-08-29 |
2019-09-04 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in GitLab Community and Enterprise Edition 12.0 through 12.1.4. It uses Hard-coded Credentials. |
|
1143 |
CVE-2019-14940 |
20 |
|
|
2019-08-11 |
2019-08-21 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
|
In Storage Performance Development Kit (SPDK) before 19.07, a user of a vhost can cause a crash if the target is sent invalid input. |
|
1144 |
CVE-2019-14937 |
89 |
|
Sql |
2019-08-17 |
2019-08-27 |
6.0 |
None |
Remote |
Medium |
Single system |
Partial |
Partial |
Partial |
|
REDCap before 9.3.0 allows time-based SQL injection in the edit calendar event via the cal_id parameter, such as cal_id=55 and sleep(3) to Calendar/calendar_popup_ajax.php. The attacker can obtain a user's login sessionid from the database, and then re-login into REDCap to compromise all data. |
|
1145 |
CVE-2019-14936 |
200 |
|
+Info |
2019-09-11 |
2019-09-25 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Easy!Appointments 1.3.2 plugin for WordPress allows Sensitive Information Disclosure (Username and Password Hash). |
|
1146 |
CVE-2019-14935 |
275 |
|
|
2019-08-11 |
2019-08-27 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
3CX Phone 15 on Windows has insecure permissions on the "%PROGRAMDATA%\3CXPhone for Windows\PhoneApp" installation directory, allowing Full Control access for Everyone, and leading to privilege escalation because of a StartUp link. |
|
1147 |
CVE-2019-14934 |
787 |
|
|
2019-08-11 |
2019-09-06 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in PDFResurrect before 0.18. pdf_load_pages_kids in pdf.c doesn't validate a certain size value, which leads to a malloc failure and out-of-bounds write. |
|
1148 |
CVE-2019-14933 |
352 |
|
CSRF |
2019-08-11 |
2019-08-14 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Bagisto 0.1.5 allows CSRF under /admin URIs. |
|
1149 |
CVE-2019-14932 |
200 |
|
+Info |
2019-08-12 |
2019-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The Recruitment module in Humanica Humatrix 7 1.0.0.681 and 1.0.0.203 allows remote attackers to access all candidates' information on the website via a modified selApp variable to personalData/resumeDetail.cfm. This includes personal information and other sensitive data. |
|
1150 |
CVE-2019-14924 |
200 |
|
+Info |
2019-08-10 |
2019-08-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in GCDWebServer before 3.5.3. The method moveItem in the GCDWebUploader class checks the FileExtension of newAbsolutePath but not oldAbsolutePath. By leveraging this vulnerability, an adversary can make an inaccessible file be available (the credential of the app, for instance). |
