| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
351 |
CVE-2019-17121 |
79 |
|
XSS |
2019-10-03 |
2019-10-08 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
REDCap before 9.3.4 has XSS on the Customize & Manage Locking/E-signatures page via Lock Record Custom Text values. |
|
352 |
CVE-2019-17112 |
552 |
|
|
2019-10-09 |
2019-10-11 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
An issue was discovered in Zoho ManageEngine DataSecurity Plus before 5.0.1 5012. An exposed service allows a basic user ("Operator" access level) to access the configuration file of the mail server (except for the password). |
|
353 |
CVE-2019-17110 |
200 |
|
+Info |
2019-10-03 |
2019-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A security issue was discovered in kube-state-metrics 1.7.x before 1.7.2. An experimental feature was added to v1.7.0 and v1.7.1 that enabled annotations to be exposed as metrics. By default, kube-state-metrics metrics only expose metadata about Secrets. However, a combination of the default kubectl behavior and this new feature can cause the entire secret content to end up in metric labels, thus inadvertently exposing the secret content in metrics. |
|
354 |
CVE-2019-17109 |
22 |
|
Dir. Trav. |
2019-10-09 |
2019-10-11 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
|
Koji through 1.18.0 allows remote Directory Traversal, with resultant Privilege Escalation. |
|
355 |
CVE-2019-17108 |
79 |
|
XSS File Inclusion |
2019-10-08 |
2019-10-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Local file inclusion in brokerPerformance.php in Centreon Web before 2.8.28 allows attackers to disclose information or perform a stored XSS attack on a user. |
|
356 |
CVE-2019-17107 |
94 |
|
Exec Code |
2019-10-08 |
2019-10-15 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
minPlayCommand.php in Centreon Web before 2.8.27 allows authenticated attackers to execute arbitrary code via the command_hostaddress parameter. NOTE: some sources have listed CVE-2019-17017 for this, but that is incorrect. |
|
357 |
CVE-2019-17106 |
312 |
|
|
2019-10-08 |
2019-10-10 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
In Centreon Web through 2.8.29, disclosure of external components' passwords allows authenticated attackers to move laterally to external components. |
|
358 |
CVE-2019-17105 |
330 |
|
|
2019-10-08 |
2019-10-15 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The token generator in index.php in Centreon Web before 2.8.27 is predictable. |
|
359 |
CVE-2019-17104 |
565 |
|
|
2019-10-08 |
2019-10-11 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In Centreon VM through 19.04.3, the cookie configuration within the Apache HTTP Server does not protect against theft because the HTTPOnly flag is not set. |
|
360 |
CVE-2019-17092 |
79 |
|
XSS |
2019-10-09 |
2019-10-14 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An XSS vulnerability in project list in OpenProject before 9.0.4 and 10.x before 10.0.2 allows remote attackers to inject arbitrary web script or HTML via the sortBy parameter because error messages are mishandled. |
|
361 |
CVE-2019-17080 |
502 |
|
Exec Code |
2019-10-02 |
2019-10-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
mintinstall (aka Software Manager) 7.9.9 for Linux Mint allows code execution if a REVIEWS_CACHE file is controlled by an attacker, because an unpickle occurs. This is resolved in 8.0.0 and backports. |
|
362 |
CVE-2019-17074 |
79 |
|
XSS |
2019-10-01 |
2019-10-07 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
An issue was discovered in XunRuiCMS 4.3.1. There is a stored XSS in the module_category area. |
|
363 |
CVE-2019-17073 |
22 |
|
Dir. Trav. |
2019-10-01 |
2019-10-04 |
5.5 |
None |
Remote |
Low |
Single system |
None |
Partial |
Partial |
|
emlog through 6.0.0beta allows remote authenticated users to delete arbitrary files via admin/template.php?action=del&tpl=../ directory traversal. |
|
364 |
CVE-2019-17071 |
79 |
|
XSS |
2019-10-10 |
2019-10-10 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The client-dash (aka Client Dash) plugin 2.1.4 for WordPress allows XSS. |
|
365 |
CVE-2019-17070 |
79 |
|
XSS |
2019-10-10 |
2019-10-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The liquid-speech-balloon (aka LIQUID SPEECH BALLOON) plugin 1.0.5 for WordPress allows XSS with Internet Explorer. |
|
366 |
CVE-2019-17069 |
20 |
|
DoS |
2019-10-01 |
2019-10-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1_MSG_DISCONNECT message. |
|
367 |
CVE-2019-17068 |
74 |
|
|
2019-10-01 |
2019-10-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
PuTTY before 0.73 mishandles the "bracketed paste mode" protection mechanism, which may allow a session to be affected by malicious clipboard content. |
|
368 |
CVE-2019-17064 |
476 |
|
|
2019-10-01 |
2019-10-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog.pageLabels is initialized too late in the Catalog constructor. |
|
369 |
CVE-2019-17063 |
20 |
|
|
2019-10-01 |
2019-10-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Snowtide PDFxStream before 3.7.1 (for Java), a crafted PDF file can trigger an extremely long running computation because of page-tree mishandling. |
|
370 |
CVE-2019-17056 |
276 |
|
|
2019-10-01 |
2019-10-08 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176. |
|
371 |
CVE-2019-17055 |
20 |
|
|
2019-10-01 |
2019-10-08 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21. |
|
372 |
CVE-2019-17054 |
276 |
|
|
2019-10-01 |
2019-10-08 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c. |
|
373 |
CVE-2019-17053 |
276 |
|
|
2019-10-01 |
2019-10-08 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7. |
|
374 |
CVE-2019-17052 |
276 |
|
|
2019-10-01 |
2019-10-08 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768. |
|
375 |
CVE-2019-17051 |
20 |
|
Exec Code |
2019-09-30 |
2019-10-04 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Evernote before 7.13 GA on macOS allows code execution because the com.apple.quarantine attribute is not used for attachment files, as demonstrated by a one-click attack involving a drag-and-drop operation on a crafted Terminal file. |
|
376 |
CVE-2019-17050 |
639 |
|
|
2019-09-30 |
2019-10-04 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
An issue was discovered in the Voyager package through 1.2.7 for Laravel. An attacker with admin privileges and Compass access can read or delete arbitrary files, such as the .env file. NOTE: a software maintainer has suggested a solution in which Compass is switched off in a production environment. |
|
377 |
CVE-2019-17049 |
89 |
|
Sql |
2019-09-30 |
2019-10-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
NETGEAR SRX5308 4.3.5-3 devices allow SQL Injection, as exploited in the wild in September 2019 to add a new user account. |
|
378 |
CVE-2019-17045 |
79 |
|
XSS |
2019-09-30 |
2019-10-03 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
Ilch 2.1.22 allows stored XSS via the title, text, or email id to the Jobs Tab. |
|
379 |
CVE-2019-16997 |
89 |
|
Sql |
2019-09-30 |
2019-10-04 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
In Metinfo 7.0.0beta, a SQL Injection was discovered in app/system/language/admin/language_general.class.php via the admin/?n=language&c=language_general&a=doExportPack appno parameter. |
|
380 |
CVE-2019-16996 |
89 |
|
Sql |
2019-09-30 |
2019-10-04 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
In Metinfo 7.0.0beta, a SQL Injection was discovered in app/system/product/admin/product_admin.class.php via the admin/?n=product&c=product_admin&a=dopara&app_type=shop id parameter. |
|
381 |
CVE-2019-16993 |
352 |
|
CSRF |
2019-09-30 |
2019-10-07 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In phpBB before 3.1.7-PL1, includes/acp/acp_bbcodes.php has improper verification of a CSRF token on the BBCode page in the Administration Control Panel. An actual CSRF attack is possible if an attacker also manages to retrieve the session id of a reauthenticated administrator prior to targeting them. |
|
382 |
CVE-2019-16992 |
347 |
|
|
2019-09-29 |
2019-10-08 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The Keybase app 2.13.2 for iOS provides potentially insufficient notice that it is employing a user's private key to sign a certain cryptocurrency attestation (that an address at keybase.io can be used for Stellar payments to the user), which might be incompatible with a user's personal position on the semantics of an attestation. |
|
383 |
CVE-2019-16941 |
91 |
|
Exec Code |
2019-09-28 |
2019-10-04 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
NSA Ghidra through 9.0.4, when experimental mode is enabled, allows arbitrary code execution if the Read XML Files feature of Bit Patterns Explorer is used with a modified XML document. This occurs in Features/BytePatterns/src/main/java/ghidra/bitpatterns/info/FileBitPatternInfoReader.java. An attack could start with an XML document that was originally created by DumpFunctionPatternInfoScript but then directly modified by an attacker (for example, to make a java.lang.Runtime.exec call). |
|
384 |
CVE-2019-16935 |
79 |
|
XSS |
2019-09-27 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server. |
|
385 |
CVE-2019-16932 |
918 |
|
|
2019-09-30 |
2019-10-04 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
A blind SSRF vulnerability exists in the Visualizer plugin before 3.3.1 for WordPress via wp-json/visualizer/v1/upload-data. |
|
386 |
CVE-2019-16931 |
79 |
|
XSS |
2019-10-03 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A stored XSS vulnerability in the Visualizer plugin 3.3.0 for WordPress allows an unauthenticated attacker to execute arbitrary JavaScript when an admin or other privileged user edits the chart via the admin dashboard. This occurs because classes/Visualizer/Gutenberg/Block.php registers wp-json/visualizer/v1/update-chart with no access control, and classes/Visualizer/Render/Page/Data.php lacks output sanitization. |
|
387 |
CVE-2019-16930 |
755 |
|
|
2019-09-28 |
2019-10-04 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Zcashd in Zcash before 2.0.7-3 allows discovery of the IP address of a full node that owns a shielded address, related to mishandling of exceptions during deserialization of note plaintexts. This affects anyone who has disclosed their zaddr to a third party. |
|
388 |
CVE-2019-16927 |
787 |
|
|
2019-09-27 |
2019-10-01 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Xpdf 4.01.01 has an out-of-bounds write in the vertProfile part of the TextPage::findGaps function in TextOutputDev.cc, a different vulnerability than CVE-2019-9877. |
|
389 |
CVE-2019-16926 |
79 |
|
XSS |
2019-09-27 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Flower 0.9.3 has XSS via a crafted worker name. |
|
390 |
CVE-2019-16925 |
79 |
|
XSS |
2019-09-27 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Flower 0.9.3 has XSS via the name parameter in an @app.task call. |
|
391 |
CVE-2019-16924 |
319 |
|
|
2019-09-27 |
2019-10-04 |
3.3 |
None |
Local Network |
Low |
Not required |
Partial |
None |
None |
|
The Nulock application 1.5.0 for mobile devices sends a cleartext password over Bluetooth, which allows remote attackers (after sniffing the network) to take control of the lock. |
|
392 |
CVE-2019-16923 |
79 |
|
XSS |
2019-09-27 |
2019-09-27 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
kkcms 1.3 has jx.php?url= XSS. |
|
393 |
CVE-2019-16922 |
200 |
|
+Info |
2019-09-27 |
2019-10-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
SuiteCRM 7.10.x before 7.10.20 and 7.11.x before 7.11.8 allows unintended public exposure of files. |
|
394 |
CVE-2019-16921 |
665 |
|
+Info |
2019-09-27 |
2019-09-27 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/infiniband/hw/hns/hns_roce_main.c does not initialize the resp data structure, which might allow attackers to obtain sensitive information from kernel stack memory, aka CID-df7e40425813. |
|
395 |
CVE-2019-16914 |
79 |
|
XSS |
2019-09-26 |
2019-09-27 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An XSS issue was discovered in pfSense through 2.4.4-p3. In services_captiveportal_mac.php, the username and delmac parameters are displayed without sanitization. |
|
396 |
CVE-2019-16910 |
200 |
|
+Info |
2019-09-26 |
2019-10-03 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might allow an attacker to recover a private key via side-channel attacks if a victim signs the same message many times. (For Mbed TLS, the fix is also available in versions 2.7.12 and 2.16.3.) |
|
397 |
CVE-2019-16904 |
79 |
|
XSS |
2019-09-26 |
2019-09-27 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
TeamPass 2.1.27.36 allows Stored XSS by setting a crafted password for an item in a common available folder or sharing the item with an admin. (The crafted password is exploitable when viewing the change history of the item or tapping on the item.) |
|
398 |
CVE-2019-16903 |
22 |
|
Dir. Trav. |
2019-09-26 |
2019-09-26 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Platinum UPnP SDK 1.2.0 allows Directory Traversal in Core/PltHttpServer.cpp because it checks for /.. where it should be checking for ../ instead. |
|
399 |
CVE-2019-16902 |
20 |
|
|
2019-09-27 |
2019-09-27 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
|
In the ARforms plugin 3.7.1 for WordPress, arf_delete_file in arformcontroller.php allows unauthenticated deletion of an arbitrary file by supplying the full pathname. |
|
400 |
CVE-2019-16901 |
755 |
|
|
2019-09-25 |
2019-09-26 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Advantech WebAccess/HMI Designer 2.1.9.31 has Exception Handler Chain corruption starting at Unknown Symbol @ 0x0000000000000000 called from ntdll!RtlRaiseStatus+0x00000000000000b4. |
