| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
2251 |
CVE-2019-11401 |
434 |
|
Exec Code |
2019-04-22 |
2019-04-24 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
A issue was discovered in SiteServer CMS 6.9.0. It allows remote attackers to execute arbitrary code because an administrator can add the permitted file extension .aassp, which is converted to .asp because the "as" substring is deleted. |
|
2252 |
CVE-2019-11398 |
79 |
|
XSS |
2019-05-08 |
2019-06-10 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in UliCMS 2019.2 and 2019.1 allow remote attackers to inject arbitrary web script or HTML via the go parameter to admin/index.php, the go parameter to /admin/index.php?register=register, or the error parameter to admin/index.php?action=favicon. |
|
2253 |
CVE-2019-11397 |
22 |
|
Dir. Trav. File Inclusion |
2019-05-14 |
2019-05-16 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
GetFile.aspx in Rapid4 RapidFlows Enterprise Application Builder 4.5M.23 (when used with .NET Framework 4.5) allows Local File Inclusion via the FileDesc parameter. |
|
2254 |
CVE-2019-11393 |
640 |
|
|
2019-04-22 |
2019-04-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in /admin/users/update in M/Monit before 3.7.3. It allows unprivileged users to escalate their privileges to an administrator by requesting a password change and specifying the admin parameter. |
|
2255 |
CVE-2019-11392 |
611 |
|
|
2019-06-21 |
2019-06-23 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
BlogEngine.NET 3.3.7 and earlier allows XXE via an apml file to syndication.axd. |
|
2256 |
CVE-2019-11391 |
185 |
|
DoS |
2019-04-20 |
2019-07-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
** DISPUTED ** An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf allows remote attackers to cause a denial of service (ReDOS) by entering a specially crafted string with $a# at the beginning and nested repetition operators. NOTE: the software maintainer disputes that this is a vulnerability because the issue cannot be exploited via ModSecurity. |
|
2257 |
CVE-2019-11390 |
185 |
|
DoS |
2019-04-20 |
2019-07-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
** DISPUTED ** An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf allows remote attackers to cause a denial of service (ReDOS) by entering a specially crafted string with set_error_handler# at the beginning and nested repetition operators. NOTE: the software maintainer disputes that this is a vulnerability because the issue cannot be exploited via ModSecurity. |
|
2258 |
CVE-2019-11389 |
185 |
|
DoS |
2019-04-20 |
2019-07-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
** DISPUTED ** An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf allows remote attackers to cause a denial of service (ReDOS) by entering a specially crafted string with next# at the beginning and nested repetition operators. NOTE: the software maintainer disputes that this is a vulnerability because the issue cannot be exploited via ModSecurity. |
|
2259 |
CVE-2019-11388 |
185 |
|
DoS |
2019-04-20 |
2019-07-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
** DISPUTED ** An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf allows remote attackers to cause a denial of service (ReDOS) by entering a specially crafted string with nested repetition operators. NOTE: the software maintainer disputes that this is a vulnerability because the issue cannot be exploited via ModSecurity. |
|
2260 |
CVE-2019-11387 |
185 |
|
DoS |
2019-04-20 |
2019-07-11 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf allows remote attackers to cause a denial of service (ReDOS) by entering a specially crafted string with nested repetition operators. |
|
2261 |
CVE-2019-11384 |
255 |
|
|
2019-04-22 |
2019-04-23 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The Zalora application 6.15.1 for Android stores confidential information insecurely on the system (i.e. plain text), which allows a non-root user to find out the username/password of a valid user via /data/data/com.zalora.android/shared_prefs/login_data.xml. |
|
2262 |
CVE-2019-11383 |
255 |
|
|
2019-04-22 |
2019-04-26 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in the Medha WiFi FTP Server application 1.8.3 for Android. An attacker can read the username/password of a valid user via /data/data/com.medhaapps.wififtpserver/shared_prefs/com.medhaapps.wififtpserver_preferences.xml |
|
2263 |
CVE-2019-11380 |
284 |
|
Bypass |
2019-09-05 |
2019-09-06 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The master-password feature in the ES File Explorer File Manager application 4.2.0.1.3 for Android can be bypassed via a com.estrongs.android.pop.ftp.ESFtpShortcut intent, leading to remote FTP access to the entirety of local storage. |
|
2264 |
CVE-2019-11378 |
434 |
|
Dir. Trav. |
2019-04-20 |
2019-05-10 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
An issue was discovered in ProjectSend r1053. upload-process-form.php allows finished_files[]=../ directory traversal. It is possible for users to read arbitrary files and (potentially) access the supporting database, delete arbitrary files, access user passwords, or run arbitrary code. |
|
2265 |
CVE-2019-11377 |
434 |
|
|
2019-04-20 |
2019-04-22 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
wcms/wex/finder/action.php in WCMS v0.3.2 has a Arbitrary File Upload Vulnerability via developer/finder because .php is a valid extension according to the fm_get_text_exts function. |
|
2266 |
CVE-2019-11376 |
94 |
|
Exec Code |
2019-04-20 |
2019-04-22 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
** DISPUTED ** SOY CMS v3.0.2 allows remote attackers to execute arbitrary PHP code via a <?php substring in the second text box. NOTE: the vendor indicates that there was an assumption that the content is "made editable on its own." |
|
2267 |
CVE-2019-11375 |
352 |
|
CSRF |
2019-04-20 |
2019-04-26 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Msvod v10 has a CSRF vulnerability to change user information via the admin/member/edit.html URI. |
|
2268 |
CVE-2019-11374 |
352 |
|
CSRF |
2019-04-20 |
2019-04-26 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
74CMS v5.0.1 has a CSRF vulnerability to add a new admin user via the index.php?m=Admin&c=admin&a=add URI. |
|
2269 |
CVE-2019-11373 |
125 |
|
|
2019-04-20 |
2019-05-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
An out-of-bounds read in File__Analyze::Get_L8 in File__Analyze_Buffer.cpp in MediaInfoLib in MediaArea MediaInfo 18.12 leads to a crash. |
|
2270 |
CVE-2019-11372 |
125 |
|
|
2019-04-20 |
2019-05-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
An out-of-bounds read in MediaInfoLib::File__Tags_Helper::Synched_Test in Tag/File__Tags.cpp in MediaInfoLib in MediaArea MediaInfo 18.12 leads to a crash. |
|
2271 |
CVE-2019-11370 |
79 |
|
XSS |
2019-06-03 |
2019-06-04 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
Stored XSS was discovered in Carel pCOWeb prior to B1.2.4, as demonstrated by the config/pw_snmp.html "System contact" field. |
|
2272 |
CVE-2019-11369 |
255 |
|
|
2019-06-03 |
2019-06-04 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
An issue was discovered in Carel pCOWeb prior to B1.2.4. In /config/pw_changeusers.html the device stores cleartext passwords, which may allow sensitive information to be read by someone with access to the device. |
|
2273 |
CVE-2019-11368 |
79 |
|
XSS |
2019-06-03 |
2019-06-05 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
Stored XSS was discovered in AUO Solar Data Recorder before 1.3.0 via the protect/config.htm addr parameter. |
|
2274 |
CVE-2019-11366 |
476 |
|
DoS |
2019-04-20 |
2019-05-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
An issue was discovered in atftpd in atftp 0.7.1. It does not lock the thread_list_mutex mutex before assigning the current thread data structure. As a result, the daemon is vulnerable to a denial of service attack due to a NULL pointer dereference. If thread_data is NULL when assigned to current, and modified by another thread before a certain tftpd_list.c check, there is a crash when dereferencing current->next. |
|
2275 |
CVE-2019-11363 |
89 |
|
Exec Code Sql |
2019-08-29 |
2019-09-03 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
A SQL injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to execute arbitrary SQL commands via the AgentConsole/UserGroupQuery.php ShowUser parameter. |
|
2276 |
CVE-2019-11360 |
119 |
|
Exec Code Overflow |
2019-07-12 |
2019-07-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c. |
|
2277 |
CVE-2019-11359 |
79 |
|
XSS |
2019-04-19 |
2019-04-22 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in display.php in I, Librarian 4.10 allows remote attackers to inject arbitrary web script or HTML via the project parameter. |
|
2278 |
CVE-2019-11358 |
79 |
|
XSS |
2019-04-19 |
2019-06-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype. |
|
2279 |
CVE-2019-11354 |
94 |
|
Exec Code |
2019-04-19 |
2019-06-24 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. This can be used to escape the underlying AngularJS sandbox and achieve remote code execution via an origin2://game/launch URL for QtApplication QDesktopServices communication. |
|
2280 |
CVE-2019-11350 |
255 |
|
|
2019-04-19 |
2019-07-08 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
CloudBees Jenkins Operations Center 2.150.2.3, when an expired trial license exists, allows Cleartext Password Storage and Retrieval via the proxy configuration page. |
|
2281 |
CVE-2019-11340 |
20 |
|
|
2019-04-19 |
2019-04-22 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
util/emailutils.py in Matrix Sydent before 1.0.2 mishandles registration restrictions that are based on e-mail domain, if the allowed_local_3pids option is enabled. This occurs because of potentially unwanted behavior in Python, in which an email.utils.parseaddr call on [email protected]@good.example.com returns the [email protected] substring. |
|
2282 |
CVE-2019-11339 |
125 |
|
DoS |
2019-04-18 |
2019-05-06 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 before 4.0.4 and 4.1 before 4.1.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via crafted MPEG-4 video data. |
|
2283 |
CVE-2019-11338 |
476 |
|
DoS |
2019-04-18 |
2019-05-29 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
libavcodec/hevcdec.c in FFmpeg 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL pointer dereference and out-of-array access) or possibly have unspecified other impact via crafted HEVC data. |
|
2284 |
CVE-2019-11336 |
532 |
|
Exec Code |
2019-05-14 |
2019-05-21 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Sony Bravia Smart TV devices allow remote attackers to retrieve the static Wi-Fi password (used when the TV is acting as an access point) by using the Photo Sharing Plus application to execute a backdoor API command, a different vulnerability than CVE-2019-10886. |
|
2285 |
CVE-2019-11334 |
287 |
|
Bypass |
2019-06-11 |
2019-06-14 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
An authentication bypass in website post requests in the Tzumi Electronics Klic Lock application 1.0.9 for mobile devices allows attackers to access resources (that are not otherwise accessible without proper authentication) via capture-replay. Physically proximate attackers can use this information to unlock unauthorized Tzumi Electronics Klic Smart Padlock Model 5686 Firmware 6.2. |
|
2286 |
CVE-2019-11332 |
287 |
|
|
2019-04-18 |
2019-04-22 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
MKCMS 5.0 allows remote attackers to take over arbitrary user accounts by posting a username and e-mail address to ucenter/repass.php, which triggers e-mail transmission with the password, as demonstrated by 123456. |
|
2287 |
CVE-2019-11331 |
254 |
|
|
2019-04-18 |
2019-07-23 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Network Time Protocol (NTP), as specified in RFC 5905, uses port 123 even for modes where a fixed port number is not required, which makes it easier for remote attackers to conduct off-path attacks. |
|
2288 |
CVE-2019-11327 |
22 |
|
Dir. Trav. File Inclusion |
2019-09-20 |
2019-09-23 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
An issue was discovered on Topcon Positioning Net-G5 GNSS Receiver devices with firmware 5.2.2. The web interface of the product has a local file inclusion vulnerability. An attacker with administrative privileges can craft a special URL to read arbitrary files from the device's files system. |
|
2289 |
CVE-2019-11326 |
269 |
|
+Priv |
2019-09-20 |
2019-09-23 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
An issue was discovered on Topcon Positioning Net-G5 GNSS Receiver devices with firmware 5.2.2. The web interface of the product is protected by a login. A guest is allowed to login. Once logged in as a guest, an attacker can browse a URL to read the password of the administrative user. The same procedure allows a regular user to gain administrative privileges. The guest login is possible in the default configuration. |
|
2290 |
CVE-2019-11324 |
295 |
|
|
2019-04-18 |
2019-09-14 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This is related to use of the ssl_context, ca_certs, or ca_certs_dir argument. |
|
2291 |
CVE-2019-11323 |
310 |
|
|
2019-05-09 |
2019-05-10 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
HAProxy before 1.9.7 mishandles a reload with rotated keys, which triggers use of uninitialized, and very predictable, HMAC keys. This is related to an include/types/ssl_sock.h error. |
|
2292 |
CVE-2019-11321 |
200 |
|
+Info |
2019-04-18 |
2019-04-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in Motorola CX2 1.01 and M2 1.01. The router opens TCP port 8010. Users can send hnap requests to this port without authentication to obtain information such as the MAC addresses of connected client devices. |
|
2293 |
CVE-2019-11280 |
269 |
|
+Priv |
2019-09-20 |
2019-10-09 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
Pivotal Apps Manager, included in Pivotal Application Service versions 2.3.x prior to 2.3.18, 2.4.x prior to 2.4.14, 2.5.x prior to 2.5.10, and 2.6.x prior to 2.6.5, contains an invitations microservice which allows users to invite others to their organizations. A remote authenticated user can gain additional privileges by inviting themselves to spaces that they should not have access to. |
|
2294 |
CVE-2019-11279 |
269 |
|
|
2019-09-26 |
2019-10-09 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
CF UAA versions prior to 74.1.0 can request scopes for a client that shouldn't be allowed by submitting an array of requested scopes. A remote malicious user can escalate their own privileges to any scope, allowing them to take control of UAA and the resources it controls. |
|
2295 |
CVE-2019-11277 |
74 |
|
|
2019-09-23 |
2019-10-09 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
None |
Partial |
|
Cloud Foundry NFS Volume Service, 1.7.x versions prior to 1.7.11 and 2.x versions prior to 2.3.0, is vulnerable to LDAP injection. A remote authenticated malicious space developer can potentially inject LDAP filters via service instance creation, facilitating the malicious space developer to deny service or perform a dictionary attack. |
|
2296 |
CVE-2019-11276 |
284 |
|
|
2019-08-19 |
2019-10-09 |
4.1 |
None |
Local Network |
Low |
Single system |
Partial |
Partial |
None |
|
Pivotal Apps Manager, included in Pivotal Application Service versions 2.3.x prior to 2.3.16, 2.4.x prior to 2.4.12, 2.5.x prior to 2.5.8, and 2.6.x prior to 2.6.3, makes a request to the /cloudapplication endpoint via Spring actuator, and subsequent requests via unsecured http. An adjacent unauthenticated user could eavesdrop on the network traffic and gain access to the unencrypted token allowing the attacker to read the type of access a user has over an app. They may also modify the logging level, potentially leading to lost information that would otherwise have been logged. |
|
2297 |
CVE-2019-11275 |
732 |
|
+Priv |
2019-10-01 |
2019-10-09 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
Pivotal Application Manager, versions 666.0.x prior to 666.0.36, versions 667.0.x prior to 667.0.22, versions 668.0.x prior to 668.0.21, versions 669.0.x prior to 669.0.13, and versions 670.0.x prior to 670.0.7, contain a vulnerability where a remote authenticated user can create an app with a name such that a csv program can interpret into a formula and gets executed. The malicious user can possibly gain access to a usage report that requires a higher privilege. |
|
2298 |
CVE-2019-11274 |
79 |
|
XSS |
2019-08-09 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cloud Foundry UAA, versions prior to 74.0.0, is vulnerable to an XSS attack. A remote unauthenticated malicious attacker could craft a URL that contains a SCIM filter that contains malicious JavaScript, which older browsers may execute. |
|
2299 |
CVE-2019-11273 |
200 |
|
+Info |
2019-07-23 |
2019-10-09 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
Pivotal Container Services (PKS) versions 1.3.x prior to 1.3.7, and versions 1.4.x prior to 1.4.1, contains a vulnerable component which logs the username and password to the billing database. A remote authenticated user with access to those logs may be able to retrieve non-sensitive information. |
|
2300 |
CVE-2019-11271 |
200 |
|
+Info |
2019-06-18 |
2019-06-21 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Cloud Foundry BOSH 270.x versions prior to v270.1.1, contain a BOSH Director that does not properly redact credentials when configured to use a MySQL database. A local authenticated malicious user may read any credentials that are contained in a BOSH manifest. |
