| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2019-1020002 |
200 |
|
+Info |
2019-07-29 |
2019-07-31 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Pterodactyl before 0.7.14 with 2FA allows credential sniffing. |
|
2 |
CVE-2019-1010299 |
200 |
|
+Info |
2019-07-15 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The Rust Programming Language Standard Library 1.18.0 and later is affected by: CWE-200: Information Exposure. The impact is: Contents of uninitialized memory could be printed to string or to log file. The component is: Debug trait implementation for std::collections::vec_deque::Iter. The attack vector is: The program needs to invoke debug printing for iterator over an empty VecDeque. The fixed version is: 1.30.0, nightly versions after commit b85e4cc8fadaabd41da5b9645c08c68b8f89908d. |
|
3 |
CVE-2019-1010283 |
200 |
|
+Info |
2019-07-17 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Univention Corporate Server univention-directory-notifier 12.0.1-3 and earlier is affected by: CWE-213: Intentional Information Exposure. The impact is: Loss of Confidentiality. The component is: function data_on_connection() in src/callback.c. The attack vector is: network connectivity. The fixed version is: 12.0.1-4 and later. |
|
4 |
CVE-2019-1010257 |
200 |
|
+Info |
2019-03-27 |
2019-08-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An Information Disclosure / Data Modification issue exists in article2pdf_getfile.php in the article2pdf Wordpress plugin 0.24, 0.25, 0.26, 0.27. A URL can be constructed which allows overriding the PDF file's path leading to any PDF whose path is known and which is readable to the web server can be downloaded. The file will be deleted after download if the web server has permission to do so. For PHP versions before 5.3, any file can be read by null terminating the string left of the file extension. |
|
5 |
CVE-2019-1010246 |
200 |
|
+Info |
2019-07-18 |
2019-07-29 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
MailCleaner before c888fbb6aaa7c5f8400f637bcf1cbb844de46cd9 is affected by: Unauthenticated MySQL database password information disclosure. The impact is: MySQL database content disclosure (e.g. username, password). The component is: The API call in the function allowAction() in NewslettersController.php. The attack vector is: HTTP Get request. The fixed version is: c888fbb6aaa7c5f8400f637bcf1cbb844de46cd9. |
|
6 |
CVE-2019-1010156 |
287 |
|
DoS Bypass +Info |
2019-07-23 |
2019-07-24 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
D-Link DSL-2750U Firmware 1.11 is affected by: Authentication Bypass. The impact is: denial of service and information leakage. The component is: login form. |
|
7 |
CVE-2019-1010155 |
287 |
|
DoS Bypass +Info |
2019-07-23 |
2019-08-08 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
** DISPUTED ** D-Link DSL-2750U 1.11 is affected by: Authentication Bypass. The impact is: denial of service and information leakage. The component is: login. NOTE: Third parties dispute this issues as not being a vulnerability because although the wizard is accessible without authentication, it can't actually configure anything. Thus, there is no denial of service or information leakage. |
|
8 |
CVE-2019-1010025 |
200 |
|
Bypass +Info |
2019-07-15 |
2019-08-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability." |
|
9 |
CVE-2019-1010024 |
200 |
|
Bypass +Info |
2019-07-15 |
2019-09-20 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. |
|
10 |
CVE-2019-1003045 |
200 |
|
+Info |
2019-03-28 |
2019-10-09 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
A vulnerability in Jenkins ECS Publisher Plugin 1.0.0 and earlier allows attackers with Item/Extended Read permission, or local file system access to the Jenkins home directory to obtain the API token configured in this plugin's configuration. |
|
11 |
CVE-2019-1003037 |
200 |
|
+Info |
2019-03-08 |
2019-10-09 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
An information exposure vulnerability exists in Jenkins Azure VM Agents Plugin 0.8.0 and earlier in src/main/java/com/microsoft/azure/vmagent/AzureVMCloud.java that allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. |
|
12 |
CVE-2019-1003025 |
200 |
|
+Info |
2019-02-20 |
2019-10-09 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
A exposure of sensitive information vulnerability exists in Jenkins Cloud Foundry Plugin 2.3.1 and earlier in AbstractCloudFoundryPushDescriptor.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. |
|
13 |
CVE-2019-1003021 |
200 |
|
+Info |
2019-02-06 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
An exposure of sensitive information vulnerability exists in Jenkins OpenId Connect Authentication Plugin 1.4 and earlier in OicSecurityRealm/config.jelly that allows attackers able to view a Jenkins administrator's web browser output, or control the browser (e.g. malicious extension) to retrieve the configured client secret. |
|
14 |
CVE-2019-1003018 |
200 |
|
+Info |
2019-02-06 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
An exposure of sensitive information vulnerability exists in Jenkins GitHub Authentication Plugin 0.29 and earlier in GithubSecurityRealm/config.jelly that allows attackers able to view a Jenkins administrator's web browser output, or control the browser (e.g. malicious extension) to retrieve the configured client secret. |
|
15 |
CVE-2019-1003016 |
352 |
|
+Info |
2019-02-06 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
An exposure of sensitive information vulnerability exists in Jenkins Job Import Plugin 2.1 and earlier in src/main/java/org/jenkins/ci/plugins/jobimport/JobImportAction.java, src/main/java/org/jenkins/ci/plugins/jobimport/JobImportGlobalConfig.java, src/main/java/org/jenkins/ci/plugins/jobimport/model/JenkinsSite.java that allows attackers with Overall/Read permission to have Jenkins connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. |
|
16 |
CVE-2019-17110 |
200 |
|
+Info |
2019-10-03 |
2019-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A security issue was discovered in kube-state-metrics 1.7.x before 1.7.2. An experimental feature was added to v1.7.0 and v1.7.1 that enabled annotations to be exposed as metrics. By default, kube-state-metrics metrics only expose metadata about Secrets. However, a combination of the default kubectl behavior and this new feature can cause the entire secret content to end up in metric labels, thus inadvertently exposing the secret content in metrics. |
|
17 |
CVE-2019-16922 |
200 |
|
+Info |
2019-09-27 |
2019-10-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
SuiteCRM 7.10.x before 7.10.20 and 7.11.x before 7.11.8 allows unintended public exposure of files. |
|
18 |
CVE-2019-16921 |
665 |
|
+Info |
2019-09-27 |
2019-09-27 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/infiniband/hw/hns/hns_roce_main.c does not initialize the resp data structure, which might allow attackers to obtain sensitive information from kernel stack memory, aka CID-df7e40425813. |
|
19 |
CVE-2019-16910 |
200 |
|
+Info |
2019-09-26 |
2019-10-03 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might allow an attacker to recover a private key via side-channel attacks if a victim signs the same message many times. (For Mbed TLS, the fix is also available in versions 2.7.12 and 2.16.3.) |
|
20 |
CVE-2019-16738 |
200 |
|
+Info |
2019-09-25 |
2019-09-26 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In MediaWiki through 1.33.0, Special:Redirect allows information disclosure of suppressed usernames via a User ID Lookup. |
|
21 |
CVE-2019-16714 |
200 |
|
+Info |
2019-09-23 |
2019-09-24 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized. |
|
22 |
CVE-2019-16409 |
200 |
|
+Info |
2019-09-26 |
2019-10-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In the Versioned Files module through 2.0.3 for SilverStripe 3.x, unpublished versions of files are publicly exposed to anyone who can guess their URL. This guess could be highly informed by a basic understanding of the symbiote/silverstripe-versionedfiles source code. (Users who upgrade from SilverStripe 3.x to 4.x and had Versioned Files installed have no further need for this module, because the 4.x release has built-in versioning. However, nothing in the upgrade process automates the destruction of these insecure artefacts, nor alerts the user to the criticality of destruction.) |
|
23 |
CVE-2019-16394 |
200 |
|
+Info |
2019-09-17 |
2019-09-25 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
SPIP before 3.1.11 and 3.2 before 3.2.5 provides different error messages from the password-reminder page depending on whether an e-mail address exists, which might help attackers to enumerate subscribers. |
|
24 |
CVE-2019-16320 |
200 |
|
+Info |
2019-09-15 |
2019-09-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Cobham Sea Tel v170 224521 through v194 225444 devices allow attackers to obtain potentially sensitive information, such as a vessel's latitude and longitude, via the public SNMP community. |
|
25 |
CVE-2019-16187 |
200 |
|
+Info CSRF |
2019-09-09 |
2019-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Limesurvey before 3.17.14 uses an anti-CSRF cookie without the HttpOnly flag, which allows attackers to access a cookie value via a client-side script. |
|
26 |
CVE-2019-16180 |
200 |
|
+Info |
2019-09-09 |
2019-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Limesurvey before 3.17.14 allows remote attackers to bruteforce the login form and enumerate usernames when the LDAP authentication method is used. |
|
27 |
CVE-2019-16177 |
200 |
|
+Info |
2019-09-09 |
2019-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In Limesurvey before 3.17.14, the entire database is exposed through browser caching. |
|
28 |
CVE-2019-16176 |
200 |
|
+Info |
2019-09-09 |
2019-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A path disclosure vulnerability was found in Limesurvey before 3.17.14 that allows a remote attacker to discover the path to the application in the filesystem. |
|
29 |
CVE-2019-16116 |
532 |
|
+Info |
2019-10-02 |
2019-10-10 |
3.5 |
None |
Remote |
Medium |
Single system |
Partial |
None |
None |
|
EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable to information exposure in the Bootstrap.log file. This allows an attacker to obtain the administrator password hash. |
|
30 |
CVE-2019-16101 |
200 |
|
+Info |
2019-09-08 |
2019-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows remote attackers to obtain potentially sensitive stack traces by sending incorrect JSON data to the REST API, such as the rest/json/banners URI. |
|
31 |
CVE-2019-15902 |
200 |
|
+Info |
2019-09-04 |
2019-10-10 |
4.7 |
None |
Local |
Medium |
Not required |
Complete |
None |
None |
|
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" commit reintroduced the Spectre vulnerability that it aimed to eliminate. This occurred because the backport process depends on cherry picking specific commits, and because two (correctly ordered) code lines were swapped. |
|
32 |
CVE-2019-15891 |
200 |
|
+Info |
2019-09-26 |
2019-10-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in CKFinder through 2.6.2.1 and 3.x through 3.5.0. The documentation has misleading information that could lead to a conclusion that the application has a built-in bulletproof content sniffing protection. |
|
33 |
CVE-2019-15740 |
200 |
|
+Info |
2019-09-16 |
2019-09-17 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in GitLab Community and Enterprise Edition 7.9 through 12.2.1. EXIF Geolocation data was not being removed from certain image uploads. |
|
34 |
CVE-2019-15738 |
200 |
|
+Info |
2019-09-16 |
2019-09-17 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in GitLab Community and Enterprise Edition 12.0 through 12.2.1. Under certain conditions, merge request IDs were being disclosed via email. |
|
35 |
CVE-2019-15734 |
200 |
|
+Info |
2019-09-16 |
2019-09-18 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
An issue was discovered in GitLab Community and Enterprise Edition 8.6 through 12.2.1. Under very specific conditions, commit titles and team member comments could become viewable to users who did not have permission to access these. |
|
36 |
CVE-2019-15733 |
200 |
|
+Info |
2019-09-16 |
2019-09-17 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
An issue was discovered in GitLab Community and Enterprise Edition 7.12 through 12.2.1. The specified default branch name could be exposed to unauthorized users. |
|
37 |
CVE-2019-15732 |
200 |
|
Bypass +Info |
2019-09-16 |
2019-09-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in GitLab Community and Enterprise Edition 12.2 through 12.2.1. The project import API could be used to bypass project visibility restrictions. |
|
38 |
CVE-2019-15729 |
200 |
|
+Info |
2019-09-17 |
2019-09-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in GitLab Community and Enterprise Edition 8.18 through 12.2.1. An internal endpoint unintentionally disclosed information about the last pipeline that ran for a merge request. |
|
39 |
CVE-2019-15727 |
200 |
|
+Info |
2019-09-16 |
2019-09-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in GitLab Community and Enterprise Edition 11.2 through 12.2.1. Insufficient permission checks were being applied when displaying CI results, potentially exposing some CI metrics data to unauthorized users. |
|
40 |
CVE-2019-15726 |
200 |
|
+Info |
2019-09-16 |
2019-09-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in GitLab Community and Enterprise Edition through 12.2.1. Embedded images and media files in markdown could be pointed to an arbitrary server, which would reveal the IP address of clients requesting the file from that server. |
|
41 |
CVE-2019-15725 |
200 |
|
+Info |
2019-09-16 |
2019-09-17 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in GitLab Community and Enterprise Edition 12.0 through 12.2.1. An IDOR in the epic notes API that could result in disclosure of private milestones, labels, and other information. |
|
42 |
CVE-2019-15698 |
200 |
|
+Info |
2019-08-27 |
2019-08-29 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
In Octopus Deploy 2019.7.3 through 2019.7.9, in certain circumstances, an authenticated user with VariableView permissions could view sensitive values. This is fixed in 2019.7.10. |
|
43 |
CVE-2019-15553 |
200 |
|
+Info |
2019-08-26 |
2019-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in the memoffset crate before 0.5.0 for Rust. offset_of and span_of can cause exposure of uninitialized memory. |
|
44 |
CVE-2019-15514 |
200 |
|
+Info |
2019-08-23 |
2019-08-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The Privacy > Phone Number feature in the Telegram app 5.10 for Android and iOS provides an incorrect indication that the access level is Nobody, because attackers can find these numbers via the Group Info feature, e.g., by adding a significant fraction of a region's assigned phone numbers. |
|
45 |
CVE-2019-15506 |
200 |
|
+Info |
2019-08-26 |
2019-08-26 |
7.8 |
None |
Remote |
Low |
Not required |
Complete |
None |
None |
|
An issue was discovered in Kaseya Virtual System Administrator (VSA) through 9.4.0.37. It has a critical information disclosure vulnerability. An unauthenticated attacker can send properly formatted requests to the web application and download sensitive files and information. For example, the /DATAREPORTS directory can be farmed for reports. Because this directory contains the results of reports such as NMAP, Patch Status, and Active Directory domain metadata, an attacker can easily collect this critical information and parse it for information. There are a number of directories affected. |
|
46 |
CVE-2019-15330 |
200 |
|
+Info |
2019-08-22 |
2019-08-29 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The webp-express plugin before 0.14.11 for WordPress has insufficient protection against arbitrary file reading. |
|
47 |
CVE-2019-15138 |
200 |
|
+Info |
2019-09-20 |
2019-09-23 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The html-pdf package 2.2.0 for Node.js has an arbitrary file read vulnerability via an HTML file that uses XMLHttpRequest to access a file:/// URL. |
|
48 |
CVE-2019-15135 |
200 |
|
+Info |
2019-08-18 |
2019-08-29 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The handshake protocol in Object Management Group (OMG) DDS Security 1.1 sends cleartext information about all of the capabilities of a participant (including capabilities inapplicable to the current session), which makes it easier for attackers to discover potentially sensitive reachability information on a Data Distribution Service (DDS) network. |
|
49 |
CVE-2019-15132 |
200 |
|
+Info |
2019-08-17 |
2019-08-29 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Zabbix through 4.4.0alpha1 allows User Enumeration. With login requests, it is possible to enumerate application usernames based on the variability of server responses (e.g., the "Login name or password is incorrect" and "No permissions for system access" messages, or just blocking for a number of seconds). This affects both api_jsonrpc.php and index.php. |
|
50 |
CVE-2019-15129 |
200 |
|
+Info |
2019-08-18 |
2019-08-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The Recruitment module in Humanica Humatrix 7 1.0.0.203 and 1.0.0.681 allows an unauthenticated attacker to access all candidates' files in the photo folder on the website by specifying a "user id" parameter and file name, such as in a recruitment_online/upload/user/[user_id]/photo/[file_name] URI. |
