| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1401 |
CVE-2019-14260 |
77 |
|
|
2019-08-01 |
2019-08-08 |
7.7 |
None |
Local Network |
Low |
Single system |
Complete |
Complete |
Complete |
|
On the Alcatel-Lucent Enterprise (ALE) 8008 Cloud Edition Deskphone VoIP phone with firmware 1.50.13, a command injection (missing input validation) issue in the password change field for the Change Password interface allows an authenticated remote attacker in the same network to trigger OS commands via shell commands in a POST request. |
|
1402 |
CVE-2019-14259 |
77 |
|
|
2019-08-01 |
2019-08-08 |
7.7 |
None |
Local Network |
Low |
Single system |
Complete |
Complete |
Complete |
|
On the Polycom Obihai Obi1022 VoIP phone with firmware 5.1.11, a command injection (missing input validation) issue in the NTP server IP address field for the "Time Service Settings web" interface allows an authenticated remote attacker in the same network to trigger OS commands via shell commands in a POST request. |
|
1403 |
CVE-2019-14258 |
611 |
|
|
2019-08-21 |
2019-08-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The XML-RPC subsystem in Zenoss 2.5.3 allows XXE attacks that lead to unauthenticated information disclosure via port 9988. |
|
1404 |
CVE-2019-14257 |
264 |
|
|
2019-08-21 |
2019-08-27 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
pyraw in Zenoss 2.5.3 allows local privilege escalation by modifying environment variables to redirect execution before privileges are dropped, aka ZEN-31765. |
|
1405 |
CVE-2019-14255 |
918 |
|
|
2019-08-08 |
2019-08-13 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A Server Side Request Forgery (SSRF) vulnerability in go-camo up to version 1.1.4 allows a remote attacker to perform HTTP requests to internal endpoints. |
|
1406 |
CVE-2019-14254 |
89 |
|
Sql |
2019-09-18 |
2019-09-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in the secure portal in Publisure 2.1.2. Because SQL queries are not well sanitized, there are multiple SQL injections in userAccFunctions.php functions. Using this, an attacker can access passwords and/or grant access to the user account "user" in order to become "Administrator" (for example). |
|
1407 |
CVE-2019-14253 |
863 |
|
Bypass |
2019-09-18 |
2019-09-18 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
An issue was discovered in servletcontroller in the secure portal in Publisure 2.1.2. One can bypass authentication and perform a query on PHP forms within the /AdminDir folder that should be restricted. |
|
1408 |
CVE-2019-14252 |
434 |
|
|
2019-09-18 |
2019-09-18 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
An issue was discovered in the secure portal in Publisure 2.1.2. Once successfully authenticated as an administrator, one is able to inject arbitrary PHP code by using the adminCons.php form. The code is then stored in the E:\PUBLISURE\webservice\webpages\AdminDir\Templates\ folder even if removed from the adminCons.php view (i.e., the rogue PHP file can be hidden). |
|
1409 |
CVE-2019-14250 |
190 |
|
Overflow |
2019-07-24 |
2019-08-22 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow. |
|
1410 |
CVE-2019-14249 |
369 |
|
DoS |
2019-07-24 |
2019-08-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
dwarf_elf_load_headers.c in libdwarf before 2019-07-05 allows attackers to cause a denial of service (division by zero) via an ELF file with a zero-size section group (SHT_GROUP), as demonstrated by dwarfdump. |
|
1411 |
CVE-2019-14248 |
476 |
|
|
2019-07-24 |
2019-08-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In libnasm.a in Netwide Assembler (NASM) 2.14.xx, asm/pragma.c allows a NULL pointer dereference in process_pragma, search_pragma_list, and nasm_set_limit when "%pragma limit" is mishandled. |
|
1412 |
CVE-2019-14247 |
787 |
|
|
2019-07-24 |
2019-07-26 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The scan() function in mad.c in mpg321 0.3.2 allows remote attackers to trigger an out-of-bounds write via a zero bitrate in an MP3 file. |
|
1413 |
CVE-2019-14246 |
255 |
|
|
2019-08-21 |
2019-09-04 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to discover phpMyAdmin passwords (of any user in /etc/passwd) via an attacker account. |
|
1414 |
CVE-2019-14245 |
264 |
|
|
2019-08-21 |
2019-09-04 |
5.5 |
None |
Remote |
Low |
Single system |
None |
Partial |
Partial |
|
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete databases (such as oauthv2) from the server via an attacker account. |
|
1415 |
CVE-2019-14243 |
20 |
|
DoS |
2019-07-23 |
2019-08-01 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
headerv2.go in mastercactapus proxyprotocol before 0.0.2, as used in the mastercactapus caddy-proxyprotocol plugin through 0.0.2 for Caddy, allows remote attackers to cause a denial of service (webserver panic and daemon crash) via a crafted HAProxy PROXY v2 request with truncated source/destination address data. |
|
1416 |
CVE-2019-14242 |
94 |
|
Exec Code |
2019-07-30 |
2019-08-08 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in Bitdefender products for Windows (Bitdefender Endpoint Security Tool versions prior to 6.6.8.115; and Bitdefender Antivirus Plus, Bitdefender Internet Security, and Bitdefender Total Security versions prior to 23.0.24.120) that can lead to local code injection. A local attacker with administrator privileges can create a malicious DLL file in %SystemRoot%\System32\ that will be executed with local user privileges. |
|
1417 |
CVE-2019-14241 |
20 |
|
DoS |
2019-07-23 |
2019-07-25 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
HAProxy through 2.0.2 allows attackers to cause a denial of service (ha_panic) via vectors related to htx_manage_client_side_cookies in proto_htx.c. |
|
1418 |
CVE-2019-14240 |
352 |
|
Dir. Trav. CSRF |
2019-07-23 |
2019-07-25 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
WCMS v0.3.2 has a CSRF vulnerability, with resultant directory traversal, to modify index.html via the /wex/html.php?finish=../index.html URI. |
|
1419 |
CVE-2019-14239 |
287 |
|
Exec Code |
2019-09-24 |
2019-09-25 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls (FAC) (a software IP protection method for execute-only access) can be defeated by leveraging a load instruction inside the execute-only region to expose the protected code into a CPU register. |
|
1420 |
CVE-2019-14238 |
287 |
|
|
2019-09-24 |
2019-09-25 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
On STMicroelectronics STM32F7 devices, Proprietary Code Read Out Protection (PCROP) (a software IP protection method) can be defeated with a debug probe via the Instruction Tightly Coupled Memory (ITCM) bus. |
|
1421 |
CVE-2019-14237 |
863 |
|
Exec Code |
2019-09-12 |
2019-09-16 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls (FAC) (a software IP protection method for execute-only access) can be defeated by observing CPU registers and the effect of code/instruction execution. |
|
1422 |
CVE-2019-14236 |
863 |
|
Exec Code |
2019-09-12 |
2019-09-16 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices, Proprietary Code Read Out Protection (PCROP) (a software IP protection method) can be defeated by observing CPU registers and the effect of code/instruction execution. |
|
1423 |
CVE-2019-14235 |
20 |
|
|
2019-08-02 |
2019-08-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If passed certain inputs, django.utils.encoding.uri_to_iri could lead to significant memory usage due to a recursion when repercent-encoding invalid UTF-8 octet sequences. |
|
1424 |
CVE-2019-14234 |
89 |
|
Sql |
2019-08-09 |
2019-08-28 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField, were subject to SQL injection. This could, for example, be exploited via crafted use of "OR 1=1" in a key or index name to return all records, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to the QuerySet.filter() function. |
|
1425 |
CVE-2019-14233 |
20 |
|
|
2019-08-02 |
2019-08-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to the behaviour of the underlying HTMLParser, django.utils.html.strip_tags would be extremely slow to evaluate certain inputs containing large sequences of nested incomplete HTML entities. |
|
1426 |
CVE-2019-14232 |
20 |
|
|
2019-08-02 |
2019-08-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable. |
|
1427 |
CVE-2019-14231 |
89 |
|
Exec Code Sql |
2019-07-21 |
2019-07-23 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in the Viral Quiz Maker - OnionBuzz plugin before 1.2.2 for WordPress. One could exploit the points parameter in the ob_get_results ajax nopriv handler due to there being no sanitization prior to use in a SQL query in getResultByPointsTrivia. This allows an unauthenticated/unprivileged user to perform a SQL injection attack capable of remote code execution and information disclosure. |
|
1428 |
CVE-2019-14230 |
89 |
|
Exec Code Sql |
2019-07-21 |
2019-07-23 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in the Viral Quiz Maker - OnionBuzz plugin before 1.2.7 for WordPress. One could exploit the id parameter in the set_count ajax nopriv handler due to there being no sanitization prior to use in a SQL query in saveQuestionVote. This allows an unauthenticated/unprivileged user to perform a SQL injection attack capable of remote code execution and information disclosure. |
|
1429 |
CVE-2019-14228 |
79 |
|
XSS CSRF |
2019-07-26 |
2019-08-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Xavier PHP Management Panel 3.0 is vulnerable to Reflected POST-based XSS via the username parameter when registering a new user at admin/includes/adminprocess.php. If there is an error when registering the user, the unsanitized username will reflect via the error page. Due to the lack of CSRF protection on the admin/includes/adminprocess.php endpoint, an attacker is able to chain the XSS with CSRF in order to cause remote exploitation. |
|
1430 |
CVE-2019-14224 |
20 |
|
Exec Code |
2019-09-05 |
2019-09-06 |
9.0 |
None |
Remote |
Low |
Single system |
Complete |
Complete |
Complete |
|
An issue was discovered in Alfresco Community Edition 5.2 201707. By leveraging multiple components in the Alfresco Software applications, an exploit chain was observed that allows an attacker to achieve remote code execution on the victim machine. The attacker must upload malicious Solr configuration files and then receive a JMX connection from the victim, and serve a Java object that results in deserialization and code execution. |
|
1431 |
CVE-2019-14223 |
601 |
|
|
2019-09-06 |
2019-09-10 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
An issue was discovered in Alfresco Community Edition versions below 5.2.6, 6.0.N and 6.1.N. The Alfresco Share application is vulnerable to an Open Redirect attack via a crafted POST request. By manipulating the POST parameters, an attacker can redirect a victim to a malicious website over any protocol the attacker desires (e.g.,http, https, ftp, smb, etc.). |
|
1432 |
CVE-2019-14222 |
320 |
|
|
2019-09-05 |
2019-09-06 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in Alfresco Community Edition versions 6.0 and lower. An unauthenticated, remote attacker could authenticate to Alfresco's Solr Web Admin Interface. The vulnerability is due to the presence of a default private key that is present in all default installations. An attacker could exploit this vulnerability by using the extracted private key and bundling it into a PKCS12. A successful exploit could allow the attacker to gain information about the target system (e.g., OS type, system file locations, Java version, Solr version, etc.) as well as the ability to launch further attacks by leveraging the access to Alfresco's Solr Web Admin Interface. |
|
1433 |
CVE-2019-14220 |
200 |
|
+Info |
2019-09-24 |
2019-09-26 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
An issue was discovered in BlueStacks 4.110 and below on macOS and on 4.120 and below on Windows. BlueStacks employs Android running in a virtual machine (VM) to enable Android apps to run on Windows or MacOS. Bug is in a local arbitrary file read through a system service call. The impacted method runs with System admin privilege and if given the file name as parameter returns you the content of file. A malicious app using the affected method can then read the content of any system file which it is not authorized to read |
|
1434 |
CVE-2019-14216 |
352 |
|
CSRF |
2019-08-14 |
2019-08-23 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in the svg-vector-icon-plugin (aka WP SVG Icons) plugin through 3.2.1 for WordPress. wp-admin/admin.php?page=wp-svg-icons-custom-set mishandles Custom Icon uploads. CSRF leads to upload of a ZIP archive containing a .php file. |
|
1435 |
CVE-2019-14215 |
20 |
|
|
2019-07-21 |
2019-07-22 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling xfa.event.rest XFA JavaScript due to accessing a wild pointer. |
|
1436 |
CVE-2019-14214 |
20 |
|
DoS |
2019-07-21 |
2019-07-22 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to a JavaScript Denial of Service when deleting pages in a document that contains only one page by calling a "t.hidden = true" function. |
|
1437 |
CVE-2019-14213 |
20 |
|
|
2019-07-21 |
2019-07-25 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash due to the repeated release of the signature dictionary during CSG_SignatureF and CPDF_Document destruction. |
|
1438 |
CVE-2019-14212 |
476 |
|
|
2019-07-21 |
2019-07-22 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling certain XFA JavaScript due to the use of, or access to, a NULL pointer without proper validation on the object. |
|
1439 |
CVE-2019-14211 |
20 |
|
|
2019-07-21 |
2019-07-25 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash due to the lack of proper validation of the existence of an object prior to performing operations on that object when executing JavaScript. |
|
1440 |
CVE-2019-14210 |
476 |
|
Mem. Corr. |
2019-07-21 |
2019-07-22 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to Memory Corruption due to the use of an invalid pointer copy, resulting from a destructed string object. |
|
1441 |
CVE-2019-14209 |
119 |
|
Overflow |
2019-07-21 |
2019-07-22 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to Heap Corruption due to data desynchrony when adding AcroForm. |
|
1442 |
CVE-2019-14208 |
476 |
|
|
2019-07-21 |
2019-07-22 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to a NULL pointer dereference and crash when getting a PDF object from a document, or parsing a certain portfolio that contains a null dictionary. |
|
1443 |
CVE-2019-14207 |
400 |
|
|
2019-07-21 |
2019-07-22 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling the clone function due to an endless loop resulting from confusing relationships between a child and parent object (caused by an append error). |
|
1444 |
CVE-2019-14206 |
20 |
|
|
2019-07-21 |
2019-07-31 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
|
An Arbitrary File Deletion vulnerability in the Nevma Adaptive Images plugin before 0.6.67 for WordPress allows remote attackers to delete arbitrary files via the $REQUEST['adaptive-images-settings'] parameter in adaptive-images-script.php. |
|
1445 |
CVE-2019-14205 |
200 |
|
+Info File Inclusion |
2019-07-21 |
2019-07-31 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A Local File Inclusion vulnerability in the Nevma Adaptive Images plugin before 0.6.67 for WordPress allows remote attackers to retrieve arbitrary files via the $REQUEST['adaptive-images-settings']['source_file'] parameter in adaptive-images-script.php. |
|
1446 |
CVE-2019-14204 |
119 |
|
Overflow |
2019-07-31 |
2019-08-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_umountall_reply. |
|
1447 |
CVE-2019-14203 |
119 |
|
Overflow |
2019-07-31 |
2019-08-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_mount_reply. |
|
1448 |
CVE-2019-14202 |
119 |
|
Overflow |
2019-07-31 |
2019-08-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_readlink_reply. |
|
1449 |
CVE-2019-14201 |
119 |
|
Overflow |
2019-07-31 |
2019-08-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_lookup_reply. |
|
1450 |
CVE-2019-14200 |
119 |
|
Overflow |
2019-07-31 |
2019-08-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: rpc_lookup_reply. |
