| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
2851 |
CVE-2019-10052 |
707 |
|
|
2019-08-28 |
2019-09-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in Suricata 4.1.3. If the network packet does not have the right length, the parser tries to access a part of a DHCP packet. At this point, the Rust environment runs into a panic in parse_clientid_option in the dhcp/parser.rs file. |
|
2852 |
CVE-2019-10051 |
754 |
|
|
2019-08-28 |
2019-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in Suricata 4.1.3. If the function filetracker_newchunk encounters an unsafe "Some(sfcm) => { ft.new_chunk }" item, then the program enters an smb/files.rs error condition and crashes. |
|
2853 |
CVE-2019-10050 |
125 |
|
|
2019-05-13 |
2019-05-13 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A buffer over-read issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the decode-mpls.c function DecodeMPLS is composed only of a packet of source address and destination address plus the correct type field and the right number for shim, an attacker can manipulate the control flow, such that the condition to leave the loop is true. After leaving the loop, the network packet has a length of 2 bytes. There is no validation of this length. Later on, the code tries to read at an empty position, leading to a crash. |
|
2854 |
CVE-2019-10049 |
264 |
|
Exec Code +Info |
2019-05-31 |
2019-06-03 |
4.9 |
None |
Remote |
Medium |
Single system |
Partial |
Partial |
None |
|
It is possible for an attacker with regular user access to the web application of Pydio through 8.2.2 to trick an administrator user into opening a link shared through the application, that in turn opens a shared file that contains JavaScript code (that is executed in the context of the victim user to obtain sensitive information such as session identifiers and perform actions on behalf of him/her). |
|
2855 |
CVE-2019-10047 |
79 |
|
Exec Code XSS |
2019-05-31 |
2019-06-03 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
A stored XSS vulnerability exists in the web application of Pydio through 8.2.2 that can be exploited by levering the file upload and file preview features of the application. An authenticated attacker can upload an HTML file containing JavaScript code and afterwards a file preview URL can be used to access the uploaded file. If a malicious user shares an uploaded HTML file containing JavaScript code with another user of the application, and tricks an authenticated victim into accessing a URL that results in the HTML code being interpreted by the web browser, then the included JavaScript code is executed under the context of the victim user session. |
|
2856 |
CVE-2019-10046 |
200 |
|
+Info |
2019-05-31 |
2019-06-03 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An unauthenticated attacker can obtain information about the Pydio 8.2.2 configuration including session timeout, libraries, and license information. |
|
2857 |
CVE-2019-10045 |
384 |
|
|
2019-05-31 |
2019-06-03 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
The "action" get_sess_id in the web application of Pydio through 8.2.2 discloses the session cookie value in the response body, enabling scripts to get access to its value. This identifier can be reused by an attacker to impersonate a user and perform actions on behalf of him/her (if the session is still active). |
|
2858 |
CVE-2019-10044 |
20 |
|
|
2019-03-25 |
2019-04-07 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Telegram Desktop before 1.5.12 on Windows, and the Telegram applications for Android, iOS, and Linux, is vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if (for example) Latin and Cyrillic characters exist in the same domain name, and the available font has an identical representation of characters from different alphabets. |
|
2859 |
CVE-2019-10038 |
22 |
|
Dir. Trav. |
2019-05-31 |
2019-06-03 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Evernote 7.9 on macOS allows attackers to execute arbitrary programs by embedding a reference to a local executable file such as the /Applications/Calculator.app/Contents/MacOS/Calculator file. |
|
2860 |
CVE-2019-10028 |
20 |
|
DoS |
2019-06-21 |
2019-06-24 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Denial of Service (DOS) in Dial Reference Source Code Used before June 18th, 2019. |
|
2861 |
CVE-2019-10023 |
369 |
|
|
2019-03-24 |
2019-06-27 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpMod case. |
|
2862 |
CVE-2019-10021 |
369 |
|
|
2019-03-24 |
2019-06-27 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nComps. |
|
2863 |
CVE-2019-10019 |
369 |
|
|
2019-03-24 |
2019-06-27 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PSOutputDev::checkPageSlice at PSOutputDev.cc for nStripes. |
|
2864 |
CVE-2019-10018 |
369 |
|
|
2019-03-24 |
2019-06-27 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case. |
|
2865 |
CVE-2019-10017 |
79 |
|
XSS |
2019-03-24 |
2019-07-18 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
CMS Made Simple 2.2.10 has XSS via the moduleinterface.php Name field, which is reachable via an "Add a new Profile" action to the File Picker. |
|
2866 |
CVE-2019-10012 |
434 |
|
Exec Code |
2019-03-25 |
2019-09-20 |
6.0 |
None |
Remote |
Medium |
Single system |
Partial |
Partial |
Partial |
|
Jenzabar JICS (aka Internet Campus Solution) before 9 allows remote attackers to upload and execute arbitrary .aspx code by placing it in a ZIP archive and using the MoxieManager (for .NET) plugin before 2.1.4 in the moxiemanager directory within the installation folder ICS\ICS.NET\ICSFileServer. |
|
2867 |
CVE-2019-10009 |
22 |
|
Dir. Trav. |
2019-06-03 |
2019-06-06 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
A Directory Traversal issue was discovered in the Web GUI in Titan FTP Server 2019 Build 3505. When an authenticated user attempts to preview an uploaded file (through PreviewHandler.ashx) by using a \..\..\ technique, arbitrary files can be loaded in the server response outside the root directory. |
|
2868 |
CVE-2019-10008 |
384 |
|
|
2019-04-24 |
2019-04-25 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
Zoho ManageEngine ServiceDesk 9.3 allows session hijacking and privilege escalation because an established guest session is automatically converted into an established administrator session when the guest user enters the administrator username, with an arbitrary incorrect password, in an mc/ login attempt within a different browser tab. |
|
2869 |
CVE-2019-9978 |
79 |
|
XSS |
2019-03-24 |
2019-05-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, as exploited in the wild in March 2019. This affects Social Warfare and Social Warfare Pro. |
|
2870 |
CVE-2019-9977 |
20 |
|
Exec Code |
2019-03-24 |
2019-04-07 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The renderer process in the entertainment system on Tesla Model 3 vehicles mishandles JIT compilation, which allows attackers to trigger firmware code execution, and display a crafted message to vehicle occupants. |
|
2871 |
CVE-2019-9976 |
255 |
|
|
2019-04-11 |
2019-04-12 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
The Boa server configuration on DASAN H660RM devices with firmware 1.03-0022 logs POST data to the /tmp/boa-temp file, which allows logged-in users to read the credentials of administration web interface users. |
|
2872 |
CVE-2019-9975 |
798 |
|
|
2019-04-11 |
2019-04-12 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
DASAN H660RM devices with firmware 1.03-0022 use a hard-coded key for logs encryption. Data stored using this key can be decrypted by anyone able to access this key. |
|
2873 |
CVE-2019-9974 |
285 |
|
|
2019-04-11 |
2019-04-12 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
diag_tool.cgi on DASAN H660RM GPON routers with firmware 1.03-0022 lacks any authorization check, which allows remote attackers to run a ping command via a GET request to enumerate LAN devices or crash the router with a DoS attack. |
|
2874 |
CVE-2019-9970 |
20 |
|
|
2019-03-23 |
2019-08-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Open Whisper Signal (aka Signal-Desktop) through 1.23.1 and the Signal Private Messenger application through 4.35.3 for Android are vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if (for example) Latin and Cyrillic characters exist in the same domain name, and the available font has an identical representation of characters from different alphabets. |
|
2875 |
CVE-2019-9961 |
79 |
|
XSS |
2019-03-26 |
2019-03-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A cross-site scripting (XSS) vulnerability in ressource view in core/modules/resource/RESOURCEVIEW.php in Wikindx prior to version 5.7.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter. |
|
2876 |
CVE-2019-9959 |
190 |
|
Overflow |
2019-07-22 |
2019-08-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo. |
|
2877 |
CVE-2019-9958 |
352 |
|
CSRF |
2019-06-24 |
2019-07-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
CSRF within the admin panel in Quadbase EspressReport ES (ERES) v7.0 update 7 allows remote attackers to escalate privileges, or create new admin accounts by crafting a malicious web page that issues specific requests, using a target admin's session to process their requests. |
|
2878 |
CVE-2019-9957 |
79 |
|
Exec Code XSS CSRF |
2019-06-24 |
2019-06-27 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
Stored XSS within Quadbase EspressReport ES (ERES) v7.0 update 7 allows remote attackers to execute malicious JavaScript and inject arbitrary source code into the target pages. The XSS payload is stored by creating a new user account, and setting the username to an XSS payload. The stored payload can then be triggered by accessing the "Set Security Levels" or "View User/Group Relationships" page. If the attacker does not currently have permission to create a new user, another vulnerability such as CSRF must be exploited first. |
|
2879 |
CVE-2019-9956 |
119 |
|
DoS Exec Code Overflow |
2019-03-23 |
2019-05-14 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in the function PopHexPixel of coders/ps.c, which allows an attacker to cause a denial of service or code execution via a crafted image file. |
|
2880 |
CVE-2019-9955 |
79 |
|
XSS |
2019-04-22 |
2019-04-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
On Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, ZyWALL 1100 devices, the security firewall login page is vulnerable to Reflected XSS via the unsanitized 'mp_idx' parameter. |
|
2881 |
CVE-2019-9948 |
254 |
|
Bypass |
2019-03-23 |
2019-06-18 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call. |
|
2882 |
CVE-2019-9947 |
93 |
|
|
2019-03-23 |
2019-05-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in the path component of a URL that lacks a ? character) followed by an HTTP header or a Redis command. This is similar to the CVE-2019-9740 query string issue. |
|
2883 |
CVE-2019-9946 |
254 |
|
|
2019-04-02 |
2019-06-14 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Cloud Native Computing Foundation (CNCF) CNI (Container Networking Interface) 0.7.4 has a network firewall misconfiguration which affects Kubernetes. The CNI 'portmap' plugin, used to setup HostPorts for CNI, inserts rules at the front of the iptables nat chains; which take precedence over the KUBE- SERVICES chain. Because of this, the HostPort/portmap rule could match incoming traffic even if there were better fitting, more specific service definition rules like NodePorts later in the chain. The issue is fixed in CNI 0.7.5 and Kubernetes 1.11.9, 1.12.7, 1.13.5, and 1.14.0. |
|
2884 |
CVE-2019-9942 |
200 |
|
+Info |
2019-03-23 |
2019-04-01 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
A sandbox information disclosure exists in Twig before 1.38.0 and 2.x before 2.7.0 because, under some circumstances, it is possible to call the __toString() method on an object even if not allowed by the security policy in place. |
|
2885 |
CVE-2019-9937 |
476 |
|
|
2019-03-22 |
2019-06-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In SQLite 3.27.2, interleaving reads and writes in a single transaction with an fts5 virtual table will lead to a NULL Pointer Dereference in fts5ChunkIterate in sqlite3.c. This is related to ext/fts5/fts5_hash.c and ext/fts5/fts5_index.c. |
|
2886 |
CVE-2019-9936 |
125 |
|
+Info |
2019-03-22 |
2019-06-04 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In SQLite 3.27.2, running fts5 prefix queries inside a transaction could trigger a heap-based buffer over-read in fts5HashEntrySort in sqlite3.c, which may lead to an information leak. This is related to ext/fts5/fts5_hash.c. |
|
2887 |
CVE-2019-9935 |
284 |
|
|
2019-08-28 |
2019-08-29 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Various Lexmark products have Incorrect Access Control (issue 2 of 2). |
|
2888 |
CVE-2019-9934 |
284 |
|
|
2019-08-28 |
2019-08-29 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Various Lexmark products have Incorrect Access Control (issue 1 of 2). |
|
2889 |
CVE-2019-9928 |
119 |
|
Exec Code Overflow |
2019-04-24 |
2019-06-27 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution. |
|
2890 |
CVE-2019-9923 |
476 |
|
|
2019-03-22 |
2019-04-24 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers. |
|
2891 |
CVE-2019-9922 |
22 |
|
Dir. Trav. |
2019-03-29 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. Directory Traversal allows read access to arbitrary files. |
|
2892 |
CVE-2019-9921 |
284 |
|
|
2019-03-29 |
2019-10-09 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to read information that should only be accessible by a different user. |
|
2893 |
CVE-2019-9920 |
264 |
|
|
2019-03-29 |
2019-10-09 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to perform an action within the context of the account of another user. |
|
2894 |
CVE-2019-9919 |
79 |
|
XSS |
2019-03-29 |
2019-10-09 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to craft messages in a way that JavaScript gets executed on the side of the receiving user when the message is opened, aka XSS. |
|
2895 |
CVE-2019-9918 |
89 |
|
Sql |
2019-03-29 |
2019-10-09 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. Input does not get validated and queries are not written in a way to prevent SQL injection. Therefore arbitrary SQL-Statements can be executed in the database. |
|
2896 |
CVE-2019-9917 |
20 |
|
DoS |
2019-03-27 |
2019-06-14 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
|
ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial of Service (crash) via invalid encoding. |
|
2897 |
CVE-2019-9903 |
400 |
|
Bypass |
2019-03-21 |
2019-05-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary. |
|
2898 |
CVE-2019-9897 |
20 |
|
|
2019-03-21 |
2019-04-26 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Multiple denial-of-service attacks that can be triggered by writing to the terminal exist in PuTTY versions before 0.71. |
|
2899 |
CVE-2019-9896 |
20 |
|
|
2019-03-21 |
2019-04-04 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In PuTTY versions before 0.71 on Windows, local attackers could hijack the application by putting a malicious help file in the same directory as the executable. |
|
2900 |
CVE-2019-9894 |
320 |
|
|
2019-03-21 |
2019-04-26 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
|
A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification. |
