| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1251 |
CVE-2019-13929 |
522 |
|
|
2019-10-10 |
2019-10-15 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
A vulnerability has been identified in SIMATIC IT UADM (All versions < V1.3). An authenticated remote attacker with network access to port 1434/tcp of SIMATIC IT UADM could potentially recover a password that can be used to gain read and write access to the related TeamCenter station. The security vulnerability could be exploited only if the attacker is authenticated. No user interaction is required to exploit this security vulnerability. Successful exploitation of the security vulnerability compromises the confidentiality of the targeted system. At the time of advisory publication no public exploitation of this security vulnerability was known. |
|
1252 |
CVE-2019-13923 |
79 |
|
XSS |
2019-09-13 |
2019-09-24 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A vulnerability has been identified in IE/WSN-PA Link WirelessHART Gateway (All versions). The integrated configuration web server of the affected device could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. User interaction is required for a successful exploitation. The user must be logged into the web interface in order for the exploitation to succeed. At the stage of publishing this security advisory no public exploitation is known. |
|
1253 |
CVE-2019-13922 |
916 |
|
|
2019-09-13 |
2019-10-09 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). An attacker with administrative privileges can obtain the hash of a connected device's password. The security vulnerability could be exploited by an attacker with network access to the SINEMA Remote Connect Server and administrative privileges. At the time of advisory publication no public exploitation of this security vulnerability was known. |
|
1254 |
CVE-2019-13921 |
287 |
|
|
2019-10-10 |
2019-10-15 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A vulnerability has been identified in SIMATIC WinAC RTX (F) 2010 (All versions). Affected versions of the software contain a vulnerability that could allow an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large HTTP request is sent to the executing service. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the service provided by the software. At the time of advisory publication no public exploitation of this security vulnerability was known. |
|
1255 |
CVE-2019-13920 |
352 |
|
CSRF |
2019-09-13 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). Some parts of the web application are not protected against Cross Site Request Forgery (CSRF) attacks. The security vulnerability could be exploited by an attacker that is able to trigger requests of a logged-in user to the application. The vulnerability could allow switching the connectivity state of a user or a device. At the time of advisory publication no public exploitation of this security vulnerability was known. |
|
1256 |
CVE-2019-13919 |
200 |
|
+Info |
2019-09-13 |
2019-10-09 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). Some pages that should only be accessible by a privileged user can also be accessed by a non-privileged user. The security vulnerability could be exploited by an attacker with network access and valid credentials for the web interface. No user interaction is required. The vulnerability could allow an attacker to access information that he should not be able to read. The affected information does not include passwords. At the time of advisory publication no public exploitation of this security vulnerability was known. |
|
1257 |
CVE-2019-13915 |
74 |
|
|
2019-07-18 |
2019-07-25 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
b3log Wide before 1.6.0 allows three types of attacks to access arbitrary files. First, the attacker can write code in the editor, and compile and run it approximately three times to read an arbitrary file. Second, the attacker can create a symlink, and then place the symlink into a ZIP archive. An unzip operation leads to read access, and write access (depending on file permissions), to the symlink target. Third, the attacker can import a Git repository that contains a symlink, similarly leading to read and write access. |
|
1258 |
CVE-2019-13655 |
400 |
|
DoS |
2019-07-29 |
2019-08-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Imgix through 2019-06-19 allows remote attackers to cause a denial of service (resource consumption) by manipulating a small JPEG file to specify dimensions of 64250x64250 pixels, which is mishandled during an attempt to load the 'whole image' into memory. |
|
1259 |
CVE-2019-13648 |
399 |
|
DoS |
2019-07-19 |
2019-07-30 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a crafted signal frame. This affects arch/powerpc/kernel/signal_32.c and arch/powerpc/kernel/signal_64.c. |
|
1260 |
CVE-2019-13647 |
79 |
|
Exec Code XSS |
2019-07-17 |
2019-07-18 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
Firefly III before 4.7.17.3 is vulnerable to stored XSS due to lack of filtration of user-supplied data in image file content. The JavaScript code is executed during attachments/view/$file_id$ attachment viewing. |
|
1261 |
CVE-2019-13646 |
79 |
|
XSS |
2019-07-17 |
2019-07-18 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
Firefly III before 4.7.17.3 is vulnerable to reflected XSS due to lack of filtration of user-supplied data in a search query. |
|
1262 |
CVE-2019-13645 |
79 |
|
Exec Code XSS |
2019-07-17 |
2019-07-18 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
Firefly III before 4.7.17.3 is vulnerable to stored XSS due to lack of filtration of user-supplied data in image file names. The JavaScript code is executed during attachments/edit/$file_id$ attachment editing. |
|
1263 |
CVE-2019-13644 |
79 |
|
Exec Code XSS |
2019-07-17 |
2019-07-18 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
Firefly III before 4.7.17.1 is vulnerable to stored XSS due to lack of filtration of user-supplied data in a budget name. The JavaScript code is contained in a transaction, and is executed on the tags/show/$tag_number$ tag summary page. |
|
1264 |
CVE-2019-13643 |
79 |
|
Exec Code XSS |
2019-07-17 |
2019-07-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Stored XSS in EspoCRM before 5.6.4 allows remote attackers to execute malicious JavaScript and inject arbitrary source code into the target pages. The attack begins by storing a new stream message containing an XSS payload. The stored payload can then be triggered by clicking a malicious link on the Notifications page. |
|
1265 |
CVE-2019-13636 |
59 |
|
|
2019-07-17 |
2019-07-24 |
5.8 |
None |
Remote |
Medium |
Not required |
None |
Partial |
Partial |
|
In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c. |
|
1266 |
CVE-2019-13635 |
22 |
|
Dir. Trav. |
2019-07-30 |
2019-08-13 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
The WP Fastest Cache plugin through 0.8.9.5 for WordPress allows wpFastestCache.php and inc/cache.php Directory Traversal. |
|
1267 |
CVE-2019-13631 |
787 |
|
|
2019-07-17 |
2019-07-25 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages. |
|
1268 |
CVE-2019-13629 |
327 |
|
XSS |
2019-10-03 |
2019-10-08 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
MatrixSSL 4.2.1 and earlier contains a timing side channel in ECDSA signature generation. This allows a local or a remote attacker, able to measure the duration of hundreds to thousands of signing operations, to compute the private key used. The issue occurs because crypto/pubkey/ecc_math.c scalar multiplication leaks the bit length of the scalar. |
|
1269 |
CVE-2019-13628 |
203 |
|
+Info |
2019-10-03 |
2019-10-10 |
1.2 |
None |
Local |
High |
Not required |
Partial |
None |
None |
|
wolfSSL and wolfCrypt 4.0.0 and earlier (when configured without --enable-fpecc, --enable-sp, or --enable-sp-math) contain a timing side channel in ECDSA signature generation. This allows a local attacker, able to precisely measure the duration of signature operations, to infer information about the nonces used and potentially mount a lattice attack to recover the private key used. The issue occurs because ecc.c scalar multiplication might leak the bit length. |
|
1270 |
CVE-2019-13627 |
362 |
|
|
2019-09-25 |
2019-10-02 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7. |
|
1271 |
CVE-2019-13626 |
190 |
|
Overflow |
2019-07-17 |
2019-09-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
SDL (Simple DirectMedia Layer) 2.x through 2.0.9 has a heap-based buffer over-read in Fill_IMA_ADPCM_block, caused by an integer overflow in IMA_ADPCM_decode() in audio/SDL_wave.c. |
|
1272 |
CVE-2019-13623 |
22 |
|
Exec Code Dir. Trav. |
2019-07-16 |
2019-08-12 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In NSA Ghidra through 9.0.4, path traversal can occur in RestoreTask.java (from the package ghidra.app.plugin.core.archive) via an archive with an executable file that has an initial ../ in its filename. This allows attackers to overwrite arbitrary files in scenarios where an intermediate analysis result is archived for sharing with other persons. To achieve arbitrary code execution, one approach is to overwrite some critical Ghidra modules, e.g., the decompile module. |
|
1273 |
CVE-2019-13619 |
119 |
|
Overflow |
2019-07-17 |
2019-08-20 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. This was addressed in epan/asn1.c by properly restricting buffer increments. |
|
1274 |
CVE-2019-13618 |
125 |
|
|
2019-07-16 |
2019-07-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In GPAC before 0.8.0, isomedia/isom_read.c in libgpac.a has a heap-based buffer over-read, as demonstrated by a crash in gf_m2ts_sync in media_tools/mpegts.c. |
|
1275 |
CVE-2019-13617 |
119 |
|
Overflow |
2019-07-16 |
2019-07-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
njs through 0.3.3, used in NGINX, has a heap-based buffer over-read in nxt_vsprintf in nxt/nxt_sprintf.c during error handling, as demonstrated by an njs_regexp_literal call that leads to an njs_parser_lexer_error call and then an njs_parser_scope_error call. |
|
1276 |
CVE-2019-13616 |
125 |
|
|
2019-07-16 |
2019-09-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c. |
|
1277 |
CVE-2019-13615 |
119 |
|
Overflow |
2019-07-16 |
2019-07-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries before 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement. |
|
1278 |
CVE-2019-13612 |
20 |
|
|
2019-07-16 |
2019-07-22 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
MDaemon Email Server 19 skips SpamAssassin checks by default for e-mail messages larger than 2 MB (and limits checks to 10 MB even with special configuration), which is arguably inconsistent with currently popular message sizes. This might interfere with risk management for malicious e-mail, if a customer deploys a server with sufficient resources to scan large messages. |
|
1279 |
CVE-2019-13611 |
352 |
|
|
2019-07-15 |
2019-07-22 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in python-engineio through 3.8.2. There is a Cross-Site WebSocket Hijacking (CSWSH) vulnerability that allows attackers to make WebSocket connections to a server by using a victim's credentials, because the Origin header is not restricted. |
|
1280 |
CVE-2019-13608 |
611 |
|
|
2019-08-29 |
2019-09-04 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Citrix StoreFront Server before 1903, 7.15 LTSR before CU4 (3.12.4000), and 7.6 LTSR before CU8 (3.0.8000) allows XXE attacks. |
|
1281 |
CVE-2019-13607 |
79 |
|
XSS |
2019-07-18 |
2019-08-01 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The Opera Mini application through 16.0.14 for iOS has a UXSS vulnerability that can be triggered by performing navigation to a javascript: URL. |
|
1282 |
CVE-2019-13605 |
287 |
|
Bypass |
2019-07-16 |
2019-07-18 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.838 to 0.9.8.846, remote attackers can bypass authentication in the login process by leveraging the knowledge of a valid username. The attacker must defeat an encoding that is not equivalent to base64, and thus this is different from CVE-2019-13360. |
|
1283 |
CVE-2019-13604 |
200 |
|
+Info |
2019-07-15 |
2019-07-29 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
There is a short key vulnerability in HID Global DigitalPersona (formerly Crossmatch) U.are.U 4500 Fingerprint Reader v24. The key for obfuscating the fingerprint image is vulnerable to brute-force attacks. This allows an attacker to recover the key and decrypt that image using the key. Successful exploitation causes a sensitive biometric information leak. |
|
1284 |
CVE-2019-13603 |
310 |
|
|
2019-07-16 |
2019-07-29 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
An issue was discovered in the HID Global DigitalPersona (formerly Crossmatch) U.are.U 4500 Fingerprint Reader Windows Biometric Framework driver 5.0.0.5. It has a statically coded initialization vector to encrypt a user's fingerprint image, resulting in weak encryption of that. This, in combination with retrieving an encrypted fingerprint image and encryption key (through another vulnerability), allows an attacker to obtain a user's fingerprint image. |
|
1285 |
CVE-2019-13602 |
191 |
|
DoS Overflow |
2019-07-14 |
2019-07-25 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact via a crafted .mp4 file. |
|
1286 |
CVE-2019-13599 |
200 |
|
+Info |
2019-08-21 |
2019-09-04 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.848, the Login process allows attackers to check whether a username is valid by comparing response times. |
|
1287 |
CVE-2019-13594 |
352 |
|
CSRF |
2019-07-14 |
2019-07-17 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In Mirumee Saleor 2.7.0 (fixed in 2.8.0), CSRF protection middleware was accidentally disabled, which allowed attackers to send a POST request without a valid CSRF token and be accepted by the server. |
|
1288 |
CVE-2019-13590 |
190 |
|
Overflow |
2019-07-14 |
2019-07-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in libsox.a in SoX 14.4.2. In sox-fmt.h (startread function), there is an integer overflow on the result of integer addition (wraparound to 0) fed into the lsx_calloc macro that wraps malloc. When a NULL pointer is returned, it is used without a prior check that it is a valid pointer, leading to a NULL pointer dereference on lsx_readbuf in formats_i.c. |
|
1289 |
CVE-2019-13588 |
79 |
|
XSS |
2019-07-26 |
2019-08-22 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A cross-site scripting (XSS) vulnerability in getPagingStart() in core/lists/PAGING.php in WIKINDX before 5.8.2 allows remote attackers to inject arbitrary web script or HTML via the PagingStart parameter. |
|
1290 |
CVE-2019-13584 |
22 |
|
Dir. Trav. |
2019-07-17 |
2019-08-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The remote admin webserver on FANUC Robotics Virtual Robot Controller 8.23 allows Directory Traversal via a forged HTTP request. |
|
1291 |
CVE-2019-13574 |
20 |
|
Exec Code |
2019-07-11 |
2019-10-07 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In lib/mini_magick/image.rb in MiniMagick before 4.9.4, a fetched remote image filename could cause remote command execution because Image.open input is directly passed to Kernel#open, which accepts a '|' character followed by a command. |
|
1292 |
CVE-2019-13570 |
89 |
|
Sql |
2019-07-23 |
2019-07-31 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
The AJdG AdRotate plugin before 5.3 for WordPress allows SQL Injection. |
|
1293 |
CVE-2019-13568 |
119 |
|
Overflow |
2019-07-31 |
2019-08-07 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
CImg through 2.6.7 has a heap-based buffer overflow in _load_bmp in CImg.h because of erroneous memory allocation for a malformed BMP image. |
|
1294 |
CVE-2019-13567 |
20 |
|
Exec Code |
2019-07-12 |
2019-08-30 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The Zoom Client before 4.4.53932.0709 on macOS allows remote code execution, a different vulnerability than CVE-2019-13450. If the ZoomOpener daemon (aka the hidden web server) is running, but the Zoom Client is not installed or can't be opened, an attacker can remotely execute code with a maliciously crafted launch URL. NOTE: ZoomOpener is removed by the Apple Malware Removal Tool (MRT) if this tool is enabled and has the 2019-07-10 MRTConfigData. |
|
1295 |
CVE-2019-13565 |
287 |
|
|
2019-07-26 |
2019-09-23 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs. After the first SASL bind is completed, the sasl_ssf value is retained for all new non-SASL connections. Depending on the ACL configuration, this can affect different types of operations (searches, modifications, etc.). In other words, a successful authorization step completed by one user affects the authorization requirement for a different user. |
|
1296 |
CVE-2019-13564 |
79 |
|
XSS |
2019-07-11 |
2019-08-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
XSS exists in Ping Identity Agentless Integration Kit before 1.5. |
|
1297 |
CVE-2019-13563 |
352 |
|
CSRF |
2019-07-11 |
2019-07-12 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
D-Link DIR-655 C devices before 3.02B05 BETA03 allow CSRF for the entire management console. |
|
1298 |
CVE-2019-13562 |
79 |
|
XSS |
2019-07-11 |
2019-07-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
D-Link DIR-655 C devices before 3.02B05 BETA03 allow XSS, as demonstrated by the /www/ping_response.cgi ping_ipaddr parameter, the /www/ping6_response.cgi ping6_ipaddr parameter, and the /www/apply_sec.cgi html_response_return_page parameter. |
|
1299 |
CVE-2019-13560 |
255 |
|
|
2019-07-11 |
2019-07-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
D-Link DIR-655 C devices before 3.02B05 BETA03 allow remote attackers to force a blank password via the apply_sec.cgi setup_wizard parameter. |
|
1300 |
CVE-2019-13556 |
119 |
|
Exec Code Overflow |
2019-09-18 |
2019-10-09 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
In WebAccess versions 8.4.1 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution. |
