| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
101 |
CVE-2019-12109 |
476 |
|
DoS |
2019-05-15 |
2019-05-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for rem_port. |
|
102 |
CVE-2019-12108 |
476 |
|
DoS |
2019-05-15 |
2019-05-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for int_port. |
|
103 |
CVE-2019-12107 |
200 |
|
+Info |
2019-05-15 |
2019-05-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd through 2.1 allows a remote attacker to leak information from the heap due to improper validation of an snprintf return value. |
|
104 |
CVE-2019-12106 |
416 |
|
|
2019-05-15 |
2019-05-26 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The updateDevice function in minissdpd.c in MiniUPnP MiniSSDPd 1.4 and 1.5 allows a remote attacker to crash the process due to a Use After Free vulnerability. |
|
105 |
CVE-2019-12101 |
476 |
|
DoS |
2019-05-15 |
2019-05-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
coap_decode_option in coap.c in LibNyoci 0.07.00rc1 mishandles certain packets with "Uri-Path: (null)" and consequently allows remote attackers to cause a denial of service (segmentation fault). |
|
106 |
CVE-2019-12098 |
320 |
|
|
2019-05-15 |
2019-06-04 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
In the client side of Heimdal before 7.6.0, failure to verify anonymous PKINIT PA-PKINIT-KX key exchange permits a man-in-the-middle attack. This issue is in krb5_init_creds_step in lib/krb5/init_creds_pw.c. |
|
107 |
CVE-2019-12086 |
200 |
|
+Info |
2019-05-17 |
2019-05-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java jar (8.0.14 or earlier) in the classpath, and an attacker can host a crafted MySQL server reachable by the victim, an attacker can send a crafted JSON message that allows them to read arbitrary local files on the server. This occurs because of missing com.mysql.cj.jdbc.admin.MiniAdmin validation. |
|
108 |
CVE-2019-12044 |
119 |
|
Overflow |
2019-05-22 |
2019-05-24 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A Buffer Overflow exists in Citrix NetScaler Gateway 10.5.x before 10.5.70.x, 11.1.x before 11.1.59.10, 12.0.x before 12.0.59.8, and 12.1.x before 12.1.49.23 and Citrix Application Delivery Controller 10.5.x before 10.5.70.x, 11.1.x before 11.1.59.10, 12.0.x before 12.0.59.8, and 12.1.x before 12.1.49.23. |
|
109 |
CVE-2019-12041 |
399 |
|
DoS |
2019-05-13 |
2019-05-13 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
lib/common/html_re.js in remarkable 1.7.1 allows Regular Expression Denial of Service (ReDoS) via a CDATA section. |
|
110 |
CVE-2019-11891 |
264 |
|
|
2019-05-29 |
2019-05-31 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A potential incorrect privilege assignment vulnerability exists in the app pairing mechanism of the Bosch Smart Home Controller (SHC) before 9.8.905 that may result in elevated privileges of the adversary's choosing. In order to exploit the vulnerability, the adversary needs physical access to the SHC during the attack. |
|
111 |
CVE-2019-11880 |
89 |
|
Sql |
2019-05-22 |
2019-05-23 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
CommSy through 8.6.5 has SQL Injection via the cid parameter. This is fixed in 9.2. |
|
112 |
CVE-2019-11842 |
338 |
|
|
2019-05-09 |
2019-05-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in Matrix Sydent before 1.0.3 and Synapse before 0.99.3.1. Random number generation is mishandled, which makes it easier for attackers to predict a Sydent authentication token or a Synapse random ID. |
|
113 |
CVE-2019-11837 |
189 |
|
|
2019-05-09 |
2019-05-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
njs through 0.3.1, used in NGINX, has a segmentation fault in String.prototype.toBytes for negative arguments, related to nxt_utf8_next in nxt/nxt_utf8.h and njs_string_offset in njs/njs_string.c. |
|
114 |
CVE-2019-11767 |
918 |
|
|
2019-05-05 |
2019-05-06 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Server side request forgery (SSRF) in phpBB before 3.2.6 allows checking for the existence of files and services on the local network of the host through the remote avatar upload function. |
|
115 |
CVE-2019-11648 |
200 |
|
+Info |
2019-06-24 |
2019-06-24 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An information leakage exists in Micro Focus NetIQ Self Service Password Reset Software all versions prior to version 4.4. The vulnerability could be exploited to expose sensitive information. |
|
116 |
CVE-2019-11641 |
254 |
|
|
2019-05-01 |
2019-05-03 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Anomali Agave (formerly Drupot) through 1.0.0 fails to avoid fingerprinting by including predictable data and minimal variation in size within HTML templates, giving attackers the ability to detect and avoid this system. |
|
117 |
CVE-2019-11636 |
254 |
|
|
2019-05-01 |
2019-05-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Zcash 2.x allows an inexpensive approach to "fill all transactions of all blocks" and "prevent any real transaction from occurring" via a "Sapling Wood-Chipper" attack. |
|
118 |
CVE-2019-11633 |
264 |
|
|
2019-05-01 |
2019-05-03 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
HoneyPress through 2016-09-27 can be fingerprinted by attackers because of the ingrained unique www.atxsec.com and ayylmao.wpengine.com hostnames within the fake WordPress templates. This allows attackers to discover and avoid this honeypot system. |
|
119 |
CVE-2019-11632 |
264 |
|
|
2019-05-01 |
2019-05-03 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
None |
|
In Octopus Deploy 2019.1.0 through 2019.3.1 and 2019.4.0 through 2019.4.5, an authenticated user with the VariableViewUnscoped or VariableEditUnscoped permission scoped to a specific project could view or edit unscoped variables from a different project. (These permissions are only used in custom User Roles and do not affect built in User Roles.) |
|
120 |
CVE-2019-11626 |
21 |
|
|
2019-04-30 |
2019-05-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
routers/ajaxRouter.php in doorGets 7.0 has a web site physical path leakage vulnerability, as demonstrated by an ajax/index.php?uri=1234%5c request. |
|
121 |
CVE-2019-11624 |
264 |
|
|
2019-04-30 |
2019-05-01 |
5.5 |
None |
Remote |
Low |
Single system |
None |
Partial |
Partial |
|
doorGets 7.0 has an arbitrary file deletion vulnerability in /doorgets/app/requests/user/configurationRequest.php. A remote background administrator privilege user can exploit this vulnerability to delete arbitrary files. |
|
122 |
CVE-2019-11616 |
255 |
|
+Info |
2019-04-30 |
2019-05-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
doorGets 7.0 has a sensitive information disclosure vulnerability in /setup/temp/admin.php and /setup/temp/database.php. A remote unauthenticated attacker could exploit this vulnerability to obtain the administrator password. |
|
123 |
CVE-2019-11614 |
89 |
|
Sql +Info |
2019-04-30 |
2019-05-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/views/ajax/commentView.php. A remote unauthorized attacker could exploit the vulnerability to obtain database sensitive information. |
|
124 |
CVE-2019-11611 |
200 |
|
+Info |
2019-04-30 |
2019-05-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/download.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information. |
|
125 |
CVE-2019-11610 |
200 |
|
+Info |
2019-04-30 |
2019-05-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/downloaddir.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information. |
|
126 |
CVE-2019-11607 |
200 |
|
+Info |
2019-04-30 |
2019-05-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/copydir.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information. |
|
127 |
CVE-2019-11606 |
200 |
|
+Info |
2019-04-30 |
2019-05-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/copyfile.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information. |
|
128 |
CVE-2019-11598 |
125 |
|
DoS |
2019-04-29 |
2019-05-14 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
None |
Partial |
|
In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c. |
|
129 |
CVE-2019-11597 |
125 |
|
DoS |
2019-04-29 |
2019-05-14 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
None |
Partial |
|
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. |
|
130 |
CVE-2019-11596 |
476 |
|
DoS |
2019-04-29 |
2019-05-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In memcached before 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. This causes a denial of service when parsing crafted lru command messages in process_lru_command in memcached.c. |
|
131 |
CVE-2019-11579 |
119 |
|
Overflow |
2019-04-28 |
2019-05-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
dhcp.c in dhcpcd before 7.2.1 contains a 1-byte read overflow with DHO_OPTSOVERLOADED. |
|
132 |
CVE-2019-11541 |
287 |
|
|
2019-04-25 |
2019-05-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, and 8.2RX before 8.2R12.1, users using SAML authentication with the Reuse Existing NC (Pulse) Session option may see authentication leaks. |
|
133 |
CVE-2019-11517 |
352 |
|
CSRF |
2019-06-10 |
2019-06-11 |
5.8 |
None |
Remote |
Medium |
Not required |
None |
Partial |
Partial |
|
WampServer before 3.1.9 has CSRF in add_vhost.php because the synchronizer pattern implemented as remediation of CVE-2018-8817 was incomplete. An attacker could add/delete any vhosts without the consent of the owner. |
|
134 |
CVE-2019-11514 |
20 |
|
|
2019-04-24 |
2019-05-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
User/Command/ConfirmEmailHandler.php in Flarum before 0.1.0-beta.8 mishandles invalidation of user email tokens. |
|
135 |
CVE-2019-11503 |
59 |
|
Bypass |
2019-04-24 |
2019-07-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
snap-confine as included in snapd before 2.39 did not guard against symlink races when performing the chdir() to the current working directory of the calling user, aka a "cwd restore permission bypass." |
|
136 |
CVE-2019-11502 |
59 |
|
|
2019-04-24 |
2019-05-02 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
snap-confine in snapd before 2.38 incorrectly set the ownership of a snap application to the uid and gid of the first calling user. Consequently, that user had unintended access to a private /tmp directory. |
|
137 |
CVE-2019-11499 |
20 |
|
|
2019-05-08 |
2019-06-13 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-login component crashes if AUTH PLAIN is attempted over a TLS secured channel with an unacceptable authentication message. |
|
138 |
CVE-2019-11494 |
20 |
|
|
2019-05-08 |
2019-06-13 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-login service crashes when the client disconnects prematurely during the AUTH command. |
|
139 |
CVE-2019-11492 |
532 |
|
|
2019-04-26 |
2019-04-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
ProjectSend before r1070 writes user passwords to the server logs. |
|
140 |
CVE-2019-11479 |
400 |
|
DoS |
2019-06-18 |
2019-06-20 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363. |
|
141 |
CVE-2019-11478 |
400 |
|
DoS |
2019-06-18 |
2019-06-20 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e. |
|
142 |
CVE-2019-11455 |
119 |
|
DoS Overflow |
2019-04-22 |
2019-05-08 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
None |
Partial |
|
A buffer over-read in Util_urlDecode in util.c in Tildeslash Monit before 5.25.3 allows a remote authenticated attacker to retrieve the contents of adjacent memory via manipulation of GET or POST parameters. The attacker can also cause a denial of service (application outage). |
|
143 |
CVE-2019-11413 |
400 |
|
|
2019-04-22 |
2019-04-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in Artifex MuJS 1.0.5. It has unlimited recursion because the match function in regexp.c lacks a depth check. |
|
144 |
CVE-2019-11412 |
119 |
|
DoS Overflow |
2019-04-22 |
2019-04-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in Artifex MuJS 1.0.5. jscompile.c can cause a denial of service (invalid stack-frame jump) because it lacks an ENDTRY opcode call. |
|
145 |
CVE-2019-11405 |
254 |
|
|
2019-04-22 |
2019-04-27 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
OpenAPI Tools OpenAPI Generator before 4.0.0-20190419.052012-560 uses http:// URLs in various build.gradle, build.gradle.mustache, and build.sbt files, which may have caused insecurely resolved dependencies. |
|
146 |
CVE-2019-11403 |
255 |
|
|
2019-04-22 |
2019-04-24 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In Gradle Enterprise before 2018.5.2, Build Cache Nodes would reflect the configured password back when viewing the HTML page source of the settings page. |
|
147 |
CVE-2019-11402 |
255 |
|
|
2019-04-22 |
2019-04-24 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In Gradle Enterprise before 2018.5.3, Build Cache Nodes did not store the credentials at rest in an encrypted format. |
|
148 |
CVE-2019-11393 |
640 |
|
|
2019-04-22 |
2019-04-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in /admin/users/update in M/Monit before 3.7.3. It allows unprivileged users to escalate their privileges to an administrator by requesting a password change and specifying the admin parameter. |
|
149 |
CVE-2019-11392 |
611 |
|
|
2019-06-21 |
2019-06-23 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
BlogEngine.NET 3.3.7 and earlier allows XXE via an apml file to syndication.axd. |
|
150 |
CVE-2019-11391 |
185 |
|
DoS |
2019-04-20 |
2019-07-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
** DISPUTED ** An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf allows remote attackers to cause a denial of service (ReDOS) by entering a specially crafted string with $a# at the beginning and nested repetition operators. NOTE: the software maintainer disputes that this is a vulnerability because the issue cannot be exploited via ModSecurity. |
