Vulnerabilities > 7PK - Security Features
|2019-08-28||CVE-2019-10059|| 7PK - Security Features vulnerability in Lexmark products |
The legacy finger service (TCP port 79) is enabled by default on various older Lexmark devices.
| 5.0 |
|2019-08-26||CVE-2016-10933|| 7PK - Security Features vulnerability in Portaudio Project Portaudio 0.7.0 |
An issue was discovered in the portaudio crate through 0.7.0 for Rust.
| 4.3 |
|2019-08-26||CVE-2016-10932|| 7PK - Security Features vulnerability in Hyper |
An issue was discovered in the hyper crate before 0.9.4 for Rust on Windows.
| 5.8 |
|2019-08-20||CVE-2015-9331|| 7PK - Security Features vulnerability in Soflyy WP ALL Import |
The wp-all-import plugin before 3.2.4 for WordPress has no prevention of unauthenticated requests to adminInit.
| 5.0 |
|2019-08-20||CVE-2015-9318|| 7PK - Security Features vulnerability in Getawesomesupport Awesome Support |
The awesome-support plugin before 3.1.7 for WordPress has a security issue in which shortcodes are allowed in replies.
| 5.0 |
|2019-08-18||CVE-2019-15149|| 7PK - Security Features vulnerability in Networkgenomics Mitogen |
** DISPUTED ** core.py in Mitogen before 0.2.8 has a typo that drops the unidirectional-routing protection mechanism in the case of a child that is initiated by another child.
| 6.8 |
|2019-08-16||CVE-2016-10894|| 7PK - Security Features vulnerability in multiple products |
xtrlock through 2.10 does not block multitouch events.
| 2.1 |
|2019-08-07||CVE-2019-10380|| 7PK - Security Features vulnerability in Jenkins Simple Travis Pipeline Runner 1.0 |
Jenkins Simple Travis Pipeline Runner Plugin 1.0 and earlier specifies unsafe values in its custom Script Security whitelist, allowing attackers able to execute Script Security protected scripts to execute arbitrary code.
| 6.5 |
|2019-08-05||CVE-2019-11270|| 7PK - Security Features vulnerability in Pivotal Software products |
Cloud Foundry UAA versions prior to v73.4.0 contain a vulnerability where a malicious client possessing the 'clients.write' authority or scope can bypass the restrictions imposed on clients created via 'clients.write' and create clients with arbitrary scopes that the creator does not possess.
| 5.0 |
|2019-08-05||CVE-2017-18480|| 7PK - Security Features vulnerability in Cpanel |
cPanel before 62.0.4 does not enforce account ownership for has_mycnf_for_cpuser WHM API calls (SEC-210).
| 4.0 |