CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
4151 CVE-2019-16706 352 CSRF 2019-09-23 2019-09-23
6.8
None Remote Medium Not required Partial Partial Partial
kkcms v1.3 has a CSRF vulnerablity that can add an user account via admin/cms_user_add.php.
4152 CVE-2019-16705 125 2019-09-23 2019-09-23
6.4
None Remote Low Not required Partial None Partial
Ming (aka libming) 0.4.8 has an out of bounds read vulnerability in the function OpCode() in the decompile.c file in libutil.a.
4153 CVE-2019-16675 125 Exec Code 2019-10-31 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. A manipulated PC Worx or Config+ project file could lead to an Out-of-bounds Read and remote code execution. The attacker needs to get access to an original PC Worx or Config+ project to be able to manipulate data inside. After manipulation, the attacker needs to exchange the original files with the manipulated ones on the application programming workstation.
4154 CVE-2019-16671 400 2019-12-06 2019-12-12
6.8
None Remote Low ??? None None Complete
An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. Remote authenticated users can crash a device with a special packet because of Uncontrolled Resource Consumption.
4155 CVE-2019-16667 352 CSRF 2019-09-26 2020-07-27
6.8
None Remote Medium Not required Partial Partial Partial
diag_command.php in pfSense 2.4.4-p3 allows CSRF via the txtCommand or txtRecallBuffer field, as demonstrated by executing OS commands. This occurs because csrf_callback() produces a "CSRF token expired" error and a Try Again button when a CSRF token is missing.
4156 CVE-2019-16660 352 CSRF 2019-09-21 2019-09-23
6.8
None Remote Medium Not required Partial Partial Partial
joyplus-cms 1.6.0 has admin_ajax.php?action=savexml&tab=vodplay CSRF.
4157 CVE-2019-16659 352 CSRF 2019-09-21 2019-09-23
6.8
None Remote Medium Not required Partial Partial Partial
TuziCMS 2.0.6 has index.php/manage/link/do_add CSRF.
4158 CVE-2019-16658 352 CSRF 2019-09-21 2019-09-23
6.8
None Remote Medium Not required Partial Partial Partial
TuziCMS 2.0.6 has index.php/manage/notice/do_add CSRF.
4159 CVE-2019-16655 20 2019-09-21 2019-09-23
6.4
None Remote Low Not required None Partial Partial
joyplus-cms 1.6.0 allows reinstallation if the install/ URI remains available.
4160 CVE-2019-16653 269 +Priv 2020-04-29 2021-03-30
6.5
None Remote Low ??? Partial Partial Partial
An application plugin in Genius Bytes Genius Server (Genius CDDS) 3.2.2 allows remote authenticated users to gain admin privileges.
4161 CVE-2019-16652 94 Exec Code 2020-04-29 2021-03-30
6.5
None Remote Low ??? Partial Partial Partial
The BPM component in Genius Bytes Genius Server (Genius CDDS) 3.2.2 allows remote authenticated users to execute arbitrary commands.
4162 CVE-2019-16575 352 CSRF 2019-12-17 2019-12-18
6.8
None Remote Medium Not required Partial Partial Partial
A cross-site request forgery vulnerability in Jenkins Alauda Kubernetes Suport Plugin 2.3.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing the Kubernetes service account token or credentials stored in Jenkins.
4163 CVE-2019-16573 352 CSRF 2019-12-17 2019-12-18
6.8
None Remote Medium Not required Partial Partial Partial
A cross-site request forgery vulnerability in Jenkins Alauda DevOps Pipeline Plugin 2.3.2 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
4164 CVE-2019-16570 352 CSRF 2019-12-17 2019-12-18
6.8
None Remote Medium Not required Partial Partial Partial
A cross-site request forgery vulnerability in Jenkins RapidDeploy Plugin 4.1 and earlier allows attackers to connect to an attacker-specified web server.
4165 CVE-2019-16565 352 CSRF 2019-12-17 2019-12-18
6.8
None Remote Medium Not required Partial Partial Partial
A cross-site request forgery vulnerability in Jenkins Team Concert Plugin 1.3.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
4166 CVE-2019-16560 352 CSRF 2019-12-17 2020-01-03
6.8
None Remote Medium Not required Partial Partial Partial
A cross-site request forgery vulnerability in Jenkins WebSphere Deployer Plugin 1.6.1 and earlier allows attackers to perform connection tests and determine whether files with an attacker-specified path exist on the Jenkins master file system.
4167 CVE-2019-16558 295 2019-12-17 2020-01-03
6.4
None Remote Low Not required Partial Partial None
Jenkins Spira Importer Plugin 3.2.3 and earlier disables SSL/TLS certificate validation for the Jenkins master JVM.
4168 CVE-2019-16553 352 CSRF 2019-12-17 2020-01-03
6.8
None Remote Medium Not required Partial Partial Partial
A cross-site request forgery vulnerability in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier allows attackers to have Jenkins evaluate a computationally expensive regular expression.
4169 CVE-2019-16551 352 CSRF 2019-12-17 2020-01-03
6.8
None Remote Medium Not required Partial Partial Partial
A cross-site request forgery vulnerability in Jenkins Gerrit Trigger Plugin 2.30.1 and earlier allows attackers to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials.
4170 CVE-2019-16550 352 CSRF 2019-12-17 2020-01-03
6.8
None Remote Medium Not required Partial Partial Partial
A cross-site request forgery vulnerability in a connection test form method in Jenkins Maven Release Plugin 0.16.1 and earlier allows attackers to have Jenkins connect to an attacker specified web server and parse XML documents.
4171 CVE-2019-16549 611 2019-12-17 2020-01-03
6.8
None Remote Medium Not required Partial Partial Partial
Jenkins Maven Release Plugin 0.16.1 and earlier does not configure the XML parser to prevent XML external entity (XXE) attacks, allowing man-in-the-middle attackers to have Jenkins parse crafted XML documents.
4172 CVE-2019-16548 352 CSRF 2019-11-21 2019-11-22
6.8
None Remote Medium Not required Partial Partial Partial
A cross-site request forgery vulnerability in Jenkins Google Compute Engine Plugin 4.1.1 and earlier in ComputeEngineCloud#doProvision could be used to provision new agents.
4173 CVE-2019-16541 668 2019-11-21 2019-12-03
6.5
None Remote Low ??? Partial Partial Partial
Jenkins JIRA Plugin 3.0.10 and earlier does not declare the correct (folder) scope for per-folder Jira site definitions, allowing users to select and use credentials with System scope.
4174 CVE-2019-16538 863 Exec Code Bypass 2019-11-21 2020-07-13
6.5
None Remote Low ??? Partial Partial Partial
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.67 and earlier related to the handling of default parameter expressions in closures allowed attackers to execute arbitrary code in sandboxed scripts.
4175 CVE-2019-16531 352 CSRF 2019-09-20 2019-09-20
6.8
None Remote Medium Not required Partial Partial Partial
LayerBB before 1.1.4 has multiple CSRF issues, as demonstrated by changing the System Settings via admin/general.php.
4176 CVE-2019-16515 2020-01-23 2020-01-30
6.4
None Remote Low Not required Partial Partial None
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. Certain HTTP security headers are not used.
4177 CVE-2019-16514 434 Exec Code 2020-01-23 2020-01-28
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. The server allows remote code execution. Administrative users could upload an unsigned extension ZIP file containing executable code that is subsequently executed by the server.
4178 CVE-2019-16513 352 CSRF 2020-01-23 2020-01-24
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. CSRF can be used to send API requests.
4179 CVE-2019-16410 125 2019-09-24 2019-10-18
6.4
None Remote Low Not required Partial None Partial
An issue was discovered in Suricata 4.1.4. By sending multiple fragmented IPv4 packets, the function Defrag4Reassemble in defrag.c tries to access a memory region that is not allocated, because of a lack of header_len checking.
4180 CVE-2019-16404 89 Sql 2019-10-21 2019-10-22
6.5
None Remote Low ??? Partial Partial Partial
Authenticated SQL Injection in interface/forms/eye_mag/js/eye_base.php in OpenEMR through 5.0.2 allows a user to extract arbitrary data from the openemr database via a non-parameterized INSERT INTO statement, as demonstrated by the providerID parameter.
4181 CVE-2019-16403 639 2019-09-18 2020-08-24
6.5
None Remote Low ??? Partial Partial Partial
In Webkul Bagisto before 0.1.5, the functionalities for customers to change their own values (such as address, review, orders, etc.) can also be manipulated by other customers.
4182 CVE-2019-16396 416 2019-09-17 2019-09-18
6.8
None Remote Medium Not required Partial Partial Partial
GnuCOBOL 2.2 has a use-after-free in the end_scope_of_program_name() function in cobc/parser.y via crafted COBOL source code.
4183 CVE-2019-16395 120 Overflow 2019-09-17 2019-09-18
6.8
None Remote Medium Not required Partial Partial Partial
GnuCOBOL 2.2 has a stack-based buffer overflow in the cb_name() function in cobc/tree.c via crafted COBOL source code.
4184 CVE-2019-16347 787 Overflow 2019-09-16 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
ngiflib 0.4 has a heap-based buffer overflow in WritePixels() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled.
4185 CVE-2019-16346 787 Overflow 2019-09-16 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
ngiflib 0.4 has a heap-based buffer overflow in WritePixel() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled.
4186 CVE-2019-16340 639 2019-11-21 2019-11-25
6.4
None Remote Low Not required Partial Partial None
Belkin Linksys Velop 1.1.8.192419 devices allows remote attackers to discover the recovery key via a direct request for the /sysinfo_json.cgi URI.
4187 CVE-2019-16338 416 2020-03-19 2020-03-27
6.8
None Remote Medium Not required Partial Partial Partial
The tfo_common component in HwordApp.dll in Hancom Office 9.6.1.7634 allows a use-after-free via a crafted .docx file.
4188 CVE-2019-16337 416 2020-03-19 2020-03-27
6.8
None Remote Medium Not required Partial Partial Partial
The hncbd90 component in Hancom Office 9.6.1.9403 allows a use-after-free via an unknown object in a crafted .docx file.
4189 CVE-2019-16326 352 CSRF 2019-12-26 2020-01-08
6.8
None Remote Medium Not required Partial Partial Partial
D-Link DIR-601 B1 2.00NA devices have CSRF because no anti-CSRF token is implemented. A remote attacker could exploit this in conjunction with CVE-2019-16327 to enable remote router management and device compromise. NOTE: this is an end-of-life product.
4190 CVE-2019-16318 434 Bypass 2019-09-14 2019-09-17
6.5
None Remote Low ??? Partial Partial Partial
In Pimcore before 5.7.1, an attacker with limited privileges can bypass file-extension restrictions via a 256-character filename, as demonstrated by the failure of automatic renaming of .php to .php.txt for long filenames, a different vulnerability than CVE-2019-10867 and CVE-2019-16317.
4191 CVE-2019-16317 502 2019-09-14 2019-09-17
6.5
None Remote Low ??? Partial Partial Partial
In Pimcore before 5.7.1, an attacker with limited privileges can trigger execution of a .phar file via a phar:// URL in a filename parameter, because PHAR uploads are not blocked and are reachable within the phar://../../../../../../../../var/www/html/web/var/assets/ directory, a different vulnerability than CVE-2019-10867 and CVE-2019-16318.
4192 CVE-2019-16311 352 CSRF 2019-09-14 2019-09-16
6.8
None Remote Medium Not required Partial Partial Partial
NIUSHOP V1.11 has CSRF via search_info to index.php.
4193 CVE-2019-16305 77 Exec Code 2019-09-14 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
In MobaXterm 11.1 and 12.1, the protocol handler is vulnerable to command injection. A crafted link can trigger a popup asking whether the user wants to run MobaXterm to handle the link. If accepted, another popup appears asking for further confirmation. If this is also accepted, command execution is achieved, as demonstrated by the MobaXterm://`calc` URI.
4194 CVE-2019-16294 787 DoS Exec Code 2019-09-14 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
SciLexer.dll in Scintilla in Notepad++ (x64) before 7.7 allows remote code execution or denial of service via Unicode characters in a crafted .ml file.
4195 CVE-2019-16293 78 Exec Code 2019-09-13 2019-09-13
6.5
None Remote Low ??? Partial Partial Partial
The Create Discoveries feature of Open-AudIT before 3.2.0 allows an authenticated attacker to execute arbitrary OS commands via a crafted value for a URL field.
4196 CVE-2019-16277 787 Overflow 2019-09-13 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
PicoC 2.1 has a heap-based buffer overflow in StringStrcpy in cstdlib/string.c when called from ExpressionParseFunctionCall in expression.c.
4197 CVE-2019-16255 94 2019-11-26 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the "command" argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. An attacker can exploit this to call an arbitrary Ruby method.
4198 CVE-2019-16212 Bypass 2020-09-25 2020-10-06
6.5
None Remote Low ??? Partial Partial Partial
A vulnerability in Brocade SANnav versions before v2.1.0 could allow a remote authenticated attacker to conduct an LDAP injection. The vulnerability could allow a remote attacker to bypass the authentication process.
4199 CVE-2019-16186 276 2019-09-09 2019-09-10
6.5
None Remote Low ??? Partial Partial Partial
In Limesurvey before 3.17.14, admin users can access the plugin manager without proper permissions.
4200 CVE-2019-16185 276 2019-09-09 2019-09-10
6.5
None Remote Low ??? Partial Partial Partial
In Limesurvey before 3.17.14, admin users can view, update, or delete reserved menu entries without proper permissions.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.