CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
251 CVE-2019-14492 125 DoS 2019-08-01 2019-08-09
6.4
None Remote Low Not required Partial None Partial
An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read/write in the function HaarEvaluator::OptFeature::calc in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.
252 CVE-2019-14491 125 DoS 2019-08-01 2019-08-09
6.4
None Remote Low Not required Partial None Partial
An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read in the function cv::predictOrdered<cv::HaarEvaluator> in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.
253 CVE-2019-14486 119 Overflow 2019-08-01 2019-08-13
6.8
None Remote Medium Not required Partial Partial Partial
GnuCOBOL 2.2 has a buffer overflow in cb_evaluate_expr in cobc/field.c via crafted COBOL source code.
254 CVE-2019-14473 285 2019-08-06 2019-08-14
6.5
None Remote Low Single system Partial Partial Partial
eQ-3 Homematic CCU2 and CCU3 use session IDs for authentication but lack authorization checks. Consequently, a valid guest level or user level account can create a new admin level account, read the service messages, clear the system protocol or modify/delete internal programs, etc. pp.
255 CVE-2019-14468 119 Overflow 2019-08-01 2019-08-07
6.8
None Remote Medium Not required Partial Partial Partial
GnuCOBOL 2.2 has a buffer overflow in cb_push_op in cobc/field.c via crafted COBOL source code.
256 CVE-2019-14465 119 Overflow 2019-07-31 2019-08-07
6.8
None Remote Medium Not required Partial Partial Partial
fmt_mtm_load_song in fmt/mtm.c in Schism Tracker 20190722 has a heap-based buffer overflow.
257 CVE-2019-14438 125 2019-08-29 2019-09-06
6.8
None Remote Medium Not required Partial Partial Partial
A heap-based buffer over-read in xiph_PackHeaders() in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer over-read via a crafted .ogg file.
258 CVE-2019-14437 416 2019-08-29 2019-09-06
6.8
None Remote Medium Not required Partial Partial Partial
The xiph_SplitHeaders function in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 does not check array bounds properly. As a result, a heap-based buffer over-read can be triggered via a crafted .ogg file.
259 CVE-2019-14432 287 Exec Code 2019-08-07 2019-08-19
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect authentication of application WebSocket connections in Loom Desktop for Mac up to 0.16.0 allows remote code execution from either malicious JavaScript in a browser or hosts on the same network, during periods in which a user is recording a video with the application. The same attack vector can be used to crash the application at any time.
260 CVE-2019-14422 254 Exec Code 2019-08-15 2019-08-28
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in in TortoiseSVN 1.12.1. The Tsvncmd: URI handler allows a customised diff operation on Excel workbooks, which could be used to open remote workbooks without protection from macro security settings to execute arbitrary code. A tsvncmd:command:diff?path:[file1]?path2:[file2] URI will execute a customised diff on [file1] and [file2] based on the file extension. For xls files, it will execute the script diff-xls.js using wscript, which will open the two files for analysis without any macro security warning. An attacker can exploit this by putting a macro virus in a network drive, and force the victim to open the workbooks and execute the macro inside.
261 CVE-2019-14418 22 Dir. Trav. 2019-07-29 2019-10-09
6.5
None Remote Low Single system Partial Partial Partial
An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. When uploading an application bundle, a directory traversal vulnerability allows a VRP user with sufficient privileges to overwrite any file in the VRP virtual machine. A malicious VRP user could use this to replace existing files to take control of the VRP virtual machine.
262 CVE-2019-14405 20 Exec Code 2019-07-30 2019-07-30
6.5
None Remote Low Single system Partial Partial Partial
cPanel before 78.0.18 allows demo accounts to execute code via securitypolicy.cg (SEC-487).
263 CVE-2019-14401 20 Exec Code 2019-07-30 2019-07-30
6.5
None Remote Low Single system Partial Partial Partial
cPanel before 78.0.18 allows code execution via an addforward API1 call (SEC-480).
264 CVE-2019-14399 200 +Info 2019-07-30 2019-07-31
6.1
None Local Low Not required Complete Partial Partial
The SSL certificate-storage feature in cPanel before 78.0.18 allows unsafe file operations in the context of the root account (SEC-477).
265 CVE-2019-14398 20 Exec Code 2019-07-30 2019-07-31
6.5
None Remote Low Single system Partial Partial Partial
cPanel before 80.0.5 allows demo accounts to execute arbitrary code via ajax_maketext_syntax_util.pl (SEC-498).
266 CVE-2019-14392 20 Exec Code 2019-07-30 2019-07-30
6.5
None Remote Low Single system Partial Partial Partial
cPanel before 80.0.22 allows remote code execution by a demo account because of incorrect URI dispatching (SEC-501).
267 CVE-2019-14378 119 Overflow 2019-07-29 2019-08-10
6.5
None Remote Low Single system Partial Partial Partial
ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.
268 CVE-2019-14373 125 2019-07-28 2019-08-01
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in image_save_png in image/image-png.cpp in Free Lossless Image Format (FLIF) 0.3. Attackers can trigger a heap-based buffer over-read in libpng via a crafted flif file.
269 CVE-2019-14368 125 2019-07-28 2019-08-01
6.8
None Remote Medium Not required Partial Partial Partial
Exiv2 0.27.99.0 has a heap-based buffer over-read in Exiv2::RafImage::readMetadata() in rafimage.cpp.
270 CVE-2019-14352 20 2019-07-28 2019-08-05
6.8
None Remote Medium Not required Partial Partial Partial
** DISPUTED ** In Joget Workflow 6.0.20, CSV Injection, also known as Formula Injection, exists, as demonstrated by jw/web/userview/crm_community/crm_userview_sales/_/account_new with the Account ID or Account Name field. NOTE: the vendor disputes the relevance of this finding because CSV is not the intended export format for spreadsheet applications.
271 CVE-2019-14347 264 2019-08-06 2019-08-14
6.5
None Remote Low Single system Partial Partial Partial
Internal/Views/addUsers.php in Schben Adive 2.0.7 allows remote unprivileged users (editor or developer) to create an administrator account via admin/user/add, as demonstrated by a Python PoC script.
272 CVE-2019-14328 352 CSRF 2019-07-28 2019-08-05
6.8
None Remote Medium Not required Partial Partial Partial
The Simple Membership plugin before 3.8.5 for WordPress has CSRF affecting the Bulk Operation section.
273 CVE-2019-14296 119 DoS Overflow 2019-07-27 2019-08-10
6.8
None Remote Medium Not required Partial Partial Partial
canUnpack in p_vmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service (SEGV or buffer overflow, and application crash) or possibly have unspecified other impact via a crafted UPX packed file.
274 CVE-2019-14267 119 Overflow 2019-07-29 2019-09-06
6.8
None Remote Medium Not required Partial Partial Partial
PDFResurrect 0.15 has a buffer overflow via a crafted PDF file because data associated with startxref and %%EOF is mishandled.
275 CVE-2019-14266 89 Sql 2019-07-25 2019-07-29
6.5
None Remote Low Single system Partial Partial Partial
OpenSNS v6.1.0 allows SQL Injection via the index.php?s=/ucenter/Config/ uid parameter because of the getNeedQueryData function in Application/Common/Model/UserModel.class.php.
276 CVE-2019-14253 863 Bypass 2019-09-18 2019-09-18
6.4
None Remote Low Not required Partial Partial None
An issue was discovered in servletcontroller in the secure portal in Publisure 2.1.2. One can bypass authentication and perform a query on PHP forms within the /AdminDir folder that should be restricted.
277 CVE-2019-14252 434 2019-09-18 2019-09-18
6.5
None Remote Low Single system Partial Partial Partial
An issue was discovered in the secure portal in Publisure 2.1.2. Once successfully authenticated as an administrator, one is able to inject arbitrary PHP code by using the adminCons.php form. The code is then stored in the E:\PUBLISURE\webservice\webpages\AdminDir\Templates\ folder even if removed from the adminCons.php view (i.e., the rogue PHP file can be hidden).
278 CVE-2019-14216 352 CSRF 2019-08-14 2019-08-23
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the svg-vector-icon-plugin (aka WP SVG Icons) plugin through 3.2.1 for WordPress. wp-admin/admin.php?page=wp-svg-icons-custom-set mishandles Custom Icon uploads. CSRF leads to upload of a ZIP archive containing a .php file.
279 CVE-2019-14206 20 2019-07-21 2019-07-31
6.4
None Remote Low Not required None Partial Partial
An Arbitrary File Deletion vulnerability in the Nevma Adaptive Images plugin before 0.6.67 for WordPress allows remote attackers to delete arbitrary files via the $REQUEST['adaptive-images-settings'] parameter in adaptive-images-script.php.
280 CVE-2019-14197 125 2019-07-31 2019-08-02
6.4
None Remote Low Not required Partial None Partial
An issue was discovered in Das U-Boot through 2019.07. There is a read of out-of-bounds data at nfs_read_reply.
281 CVE-2019-13989 119 Overflow 2019-07-19 2019-07-24
6.8
None Remote Medium Not required Partial Partial Partial
dpic 2019.06.20 has a Stack-based Buffer Overflow in the wfloat() function in main.c.
282 CVE-2019-13984 434 2019-07-19 2019-07-22
6.8
None Remote Medium Not required Partial Partial Partial
Directus 7 API before 2.3.0 does not validate uploaded files. Regardless of the file extension or MIME type, there is a direct link to each uploaded file, accessible by unauthenticated users, as demonstrated by the EICAR Anti-Virus Test File.
283 CVE-2019-13980 434 Exec Code 2019-07-19 2019-07-22
6.8
None Remote Medium Not required Partial Partial Partial
In Directus 7 API through 2.3.0, uploading of PHP files is blocked only when the Apache HTTP Server is used, leading to uploads/_/originals remote code execution with nginx.
284 CVE-2019-13979 434 Exec Code 2019-07-19 2019-07-22
6.8
None Remote Medium Not required Partial Partial Partial
In Directus 7 API before 2.2.1, uploading of PHP files is not blocked, leading to uploads/_/originals remote code execution.
285 CVE-2019-13978 89 Sql 2019-07-19 2019-07-27
6.5
None Remote Low Single system Partial Partial Partial
Ovidentia 8.4.3 has SQL Injection via the id parameter in an index.php?tg=delegat&idx=mem request.
286 CVE-2019-13974 352 CSRF 2019-07-19 2019-07-19
6.8
None Remote Medium Not required Partial Partial Partial
LayerBB 1.1.3 allows conversations.php/cmd/new CSRF.
287 CVE-2019-13969 89 Sql 2019-07-19 2019-07-19
6.5
None Remote Low Single system Partial Partial Partial
Metinfo 6.x allows SQL Injection via the id parameter in an admin/index.php?n=ui_set&m=admin&c=index&a=doget_text_content&table=lang&field=1 request.
288 CVE-2019-13961 352 CSRF 2019-07-18 2019-07-19
6.8
None Remote Medium Not required Partial Partial Partial
A CSRF vulnerability was found in flatCore before 1.5, leading to the upload of arbitrary .php files via acp/core/files.upload-script.php.
289 CVE-2019-13954 400 2019-07-26 2019-08-07
6.8
None Remote Low Single system None None Complete
Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to memory exhaustion. By sending a crafted HTTP request, an authenticated remote attacker can crash the HTTP server and in some circumstances reboot the system. Malicious code cannot be injected.
290 CVE-2019-13949 352 CSRF 2019-07-18 2019-07-18
6.8
None Remote Medium Not required Partial Partial Partial
SyGuestBook A5 Version 1.2 has no CSRF protection mechanism, as demonstrated by CSRF for an index.php?c=Administrator&a=update admin password change.
291 CVE-2019-13635 22 Dir. Trav. 2019-07-30 2019-08-13
6.4
None Remote Low Not required Partial Partial None
The WP Fastest Cache plugin through 0.8.9.5 for WordPress allows wpFastestCache.php and inc/cache.php Directory Traversal.
292 CVE-2019-13627 362 2019-09-25 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.
293 CVE-2019-13623 22 Exec Code Dir. Trav. 2019-07-16 2019-08-12
6.8
None Remote Medium Not required Partial Partial Partial
In NSA Ghidra through 9.0.4, path traversal can occur in RestoreTask.java (from the package ghidra.app.plugin.core.archive) via an archive with an executable file that has an initial ../ in its filename. This allows attackers to overwrite arbitrary files in scenarios where an intermediate analysis result is archived for sharing with other persons. To achieve arbitrary code execution, one approach is to overwrite some critical Ghidra modules, e.g., the decompile module.
294 CVE-2019-13616 125 2019-07-16 2019-09-05
6.8
None Remote Medium Not required Partial Partial Partial
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c.
295 CVE-2019-13611 352 2019-07-15 2019-07-22
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in python-engineio through 3.8.2. There is a Cross-Site WebSocket Hijacking (CSWSH) vulnerability that allows attackers to make WebSocket connections to a server by using a victim's credentials, because the Origin header is not restricted.
296 CVE-2019-13605 287 Bypass 2019-07-16 2019-07-18
6.5
None Remote Low Single system Partial Partial Partial
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.838 to 0.9.8.846, remote attackers can bypass authentication in the login process by leveraging the knowledge of a valid username. The attacker must defeat an encoding that is not equivalent to base64, and thus this is different from CVE-2019-13360.
297 CVE-2019-13602 191 DoS Overflow 2019-07-14 2019-07-25
6.8
None Remote Medium Not required Partial Partial Partial
An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact via a crafted .mp4 file.
298 CVE-2019-13594 352 CSRF 2019-07-14 2019-07-17
6.8
None Remote Medium Not required Partial Partial Partial
In Mirumee Saleor 2.7.0 (fixed in 2.8.0), CSRF protection middleware was accidentally disabled, which allowed attackers to send a POST request without a valid CSRF token and be accepted by the server.
299 CVE-2019-13574 20 Exec Code 2019-07-11 2019-10-07
6.8
None Remote Medium Not required Partial Partial Partial
In lib/mini_magick/image.rb in MiniMagick before 4.9.4, a fetched remote image filename could cause remote command execution because Image.open input is directly passed to Kernel#open, which accepts a '|' character followed by a command.
300 CVE-2019-13570 89 Sql 2019-07-23 2019-07-31
6.5
None Remote Low Single system Partial Partial Partial
The AJdG AdRotate plugin before 5.3 for WordPress allows SQL Injection.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.