Weekly Vulnerabilities Reports > September 2 to 8, 2019

Overview

209 new vulnerabilities reported during this period, including 29 critical vulnerabilities and 85 high severity vulnerabilities. This weekly summary report vulnerabilities in 209 products from 104 vendors including Google, Debian, Opensuse, Linux, and Canonical. Vulnerabilities are notably categorized as "Out-of-bounds Write", "Cross-site Scripting", "Out-of-bounds Read", "Use After Free", and "NULL Pointer Dereference".

  • 129 reported vulnerabilities are remotely exploitables.
  • 8 reported vulnerabilities have public exploit available.
  • 52 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 122 reported vulnerabilities are exploitable by an anonymous user.
  • Google has the most reported vulnerabilities, with 45 reported vulnerabilities.
  • Debian has the most reported critical vulnerabilities, with 4 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

29 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-09-05 CVE-2019-15954 Totaljs Missing Authorization vulnerability in Totaljs Total.Js CMS 12.0.0

An issue was discovered in Total.js CMS 12.0.0.

9.9
2019-09-08 CVE-2019-16119 10Web SQL Injection vulnerability in 10Web Photo Gallery

SQL injection in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via the admin/controllers/Albumsgalleries.php album_id parameter.

9.8
2019-09-08 CVE-2019-16102 Silver Peak Insecure Default Initialization of Resource vulnerability in Silver-Peak Unity Edgeconnect Sd-Wan Firmware 8.1.4.965644

Silver Peak EdgeConnect SD-WAN before 8.1.7.x has an SNMP service with a public value for rocommunity and trapcommunity.

9.8
2019-09-08 CVE-2019-16093 Symonics
Canonical
Out-of-bounds Write vulnerability in multiple products

Symonics libmysofa 0.7 has an invalid write in readOHDRHeaderMessageDataLayout in hdf/dataobject.c.

9.8
2019-09-08 CVE-2019-16092 Symonics
Canonical
NULL Pointer Dereference vulnerability in multiple products

Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hrtf/reader.c.

9.8
2019-09-06 CVE-2019-10892 Dlink Out-of-bounds Write vulnerability in Dlink Dir-806 Firmware 1.0

An issue was discovered in D-Link DIR-806 devices.

9.8
2019-09-06 CVE-2019-10891 Dlink OS Command Injection vulnerability in Dlink Dir-806 Firmware

An issue was discovered in D-Link DIR-806 devices.

9.8
2019-09-06 CVE-2019-9855 Libreoffice
Opensuse
Channel and Path Errors vulnerability in multiple products

LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from.

9.8
2019-09-06 CVE-2019-16060 Airbrake Unspecified vulnerability in Airbrake Ruby 4.2.3

The Airbrake Ruby notifier 4.2.3 for Airbrake mishandles the blacklist_keys configuration option and consequently may disclose passwords to unauthorized actors.

9.8
2019-09-06 CVE-2019-11926 Facebook Out-of-bounds Read vulnerability in Facebook Hhvm

Insufficient boundary checks when processing M_SOFx markers from JPEG headers in the GD extension could allow access to out-of-bounds memory via a maliciously constructed invalid JPEG input.

9.8
2019-09-06 CVE-2019-11925 Facebook Out-of-bounds Read vulnerability in Facebook Hhvm

Insufficient boundary checks when processing the JPEG APP12 block marker in the GD extension could allow access to out-of-bounds memory via a maliciously constructed invalid JPEG input.

9.8
2019-09-06 CVE-2016-7398 PHP Incorrect Type Conversion or Cast vulnerability in PHP Ext-Http

A type confusion vulnerability in the merge_param() function of php_http_params.c in PHP's pecl-http extension 3.1.0beta2 (PHP 7) and earlier as well as 2.6.0beta2 (PHP 5) and earlier allows attackers to crash PHP and possibly execute arbitrary code via crafted HTTP requests.

9.8
2019-09-06 CVE-2019-15102 Sahipro Missing Authentication for Critical Function vulnerability in Sahipro Sahi PRO

An issue was discovered in Tyto Sahi Pro 6.x through 8.0.0.

9.8
2019-09-06 CVE-2019-13656 Broadcom Unspecified vulnerability in Broadcom CA Client Automation and CA Workload Automation AE

An access vulnerability in CA Common Services DIA of CA Technologies Client Automation 14 and Workload Automation AE 11.3.5, 11.3.6 allows a remote attacker to execute arbitrary code.

9.8
2019-09-06 CVE-2019-14813 Artifex
Redhat
Fedoraproject
Opensuse
Debian
Incorrect Authorization vulnerability in multiple products

A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions.

9.8
2019-09-06 CVE-2019-15846 Exim
Debian
Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash.
9.8
2019-09-05 CVE-2019-14222 Alfresco Insecure Default Initialization of Resource vulnerability in Alfresco

An issue was discovered in Alfresco Community Edition versions 6.0 and lower.

9.8
2019-09-05 CVE-2019-13188 ENG Improper Authentication vulnerability in ENG Knowage

In Knowage through 6.1.1, an unauthenticated user can bypass access controls and access the entire application.

9.8
2019-09-05 CVE-2019-13187 Symphonyextensions Unrestricted Upload of File with Dangerous Type vulnerability in Symphonyextensions Rich Text Formatter

The Rich Text Formatter (Redactor) extension through v1.1.1 for Symphony CMS has an Unauthenticated arbitrary file upload vulnerability in content.fileupload.php and content.imageupload.php.

9.8
2019-09-05 CVE-2018-11569 Eventum Project Deserialization of Untrusted Data vulnerability in Eventum Project Eventum 3.5.0/3.5.1

Controller/ListController.php in Eventum 3.5.0 is vulnerable to Deserialization of Untrusted Data.

9.8
2019-09-05 CVE-2019-15938 Pengutronix Out-of-bounds Write vulnerability in Pengutronix Barebox

Pengutronix barebox through 2019.08.1 has a remote buffer overflow in nfs_readlink_req in fs/nfs.c because a length field is directly used for a memcpy.

9.8
2019-09-05 CVE-2019-15937 Pengutronix Out-of-bounds Write vulnerability in Pengutronix Barebox

Pengutronix barebox through 2019.08.1 has a remote buffer overflow in nfs_readlink_reply in net/nfs.c because a length field is directly used for a memcpy.

9.8
2019-09-05 CVE-2019-1976 Cisco Unspecified vulnerability in Cisco Industrial Network Director and Network Level Service

A vulnerability in the “plug-and-play” services component of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to access sensitive information on an affected device.

9.8
2019-09-04 CVE-2019-13976 Egain Unrestricted Upload of File with Dangerous Type vulnerability in Egain Chat 15.0.3

eGain Chat 15.0.3 allows unrestricted file upload.

9.8
2019-09-04 CVE-2019-10709 Asus Permissions, Privileges, and Access Controls vulnerability in Asus Precision Touchpad 11.0.0.25

AsusPTPFilter.sys on Asus Precision TouchPad 11.0.0.25 hardware has a Pool Overflow associated with the \\.\AsusTP device, leading to a DoS or potentially privilege escalation via a crafted DeviceIoControl call.

9.8
2019-09-03 CVE-2019-15872 Wpbrigade SQL Injection vulnerability in Wpbrigade Loginpress

The LoginPress plugin before 1.1.4 for WordPress has SQL injection via an import of settings.

9.8
2019-09-04 CVE-2019-6644 F5 Unspecified vulnerability in F5 products

Similar to the issue identified in CVE-2018-12120, on versions 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, and 12.1.0-12.1.4 BIG-IP will bind a debug nodejs process to all interfaces when invoked.

9.4
2019-09-04 CVE-2019-15926 Linux
Debian
Canonical
Out-of-bounds Read vulnerability in multiple products

An issue was discovered in the Linux kernel before 5.2.3.

9.1
2019-09-03 CVE-2019-10197 Samba
Debian
Canonical
Path Traversal vulnerability in multiple products

A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file.

9.1

85 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-09-08 CVE-2019-16120 TRI Improper Neutralization of Formula Elements in a CSV File vulnerability in TRI Event Tickets

CSV injection in the event-tickets (Event Tickets) plugin before 4.10.7.2 for WordPress exists via the "All Post> Ticketed > Attendees" Export Attendees feature.

8.8
2019-09-08 CVE-2019-16113 Bludit Path Traversal vulnerability in Bludit 3.9.2

Bludit 3.9.2 allows remote code execution via bl-kernel/ajax/upload-images.php because PHP code can be entered with a .jpg file name, and then this PHP code can write other PHP code to a ../ pathname.

8.8
2019-09-08 CVE-2019-16099 Silver Peak Cross-Site Request Forgery (CSRF) vulnerability in Silver-Peak Unity Edgeconnect Sd-Wan Firmware 8.1.4.965644

Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows CSRF via JSON data to a .swf file.

8.8
2019-09-06 CVE-2019-16059 Sapplica Cross-Site Request Forgery (CSRF) vulnerability in Sapplica Sentrifugo 3.2

Sentrifugo 3.2 lacks CSRF protection.

8.8
2019-09-06 CVE-2019-13953 Xiaoyi Unspecified vulnerability in Xiaoyi YI M1 Mirrorless Camera Firmware 3.2Cn

An exploitable authentication bypass vulnerability exists in the Bluetooth Low Energy (BLE) authentication module of YI M1 Mirrorless Camera V3.2-cn.

8.8
2019-09-06 CVE-2019-13517 BD Session Fixation vulnerability in BD Pyxis Enterprise Server and Pyxis ES

In Pyxis ES Versions 1.3.4 through to 1.6.1 and Pyxis Enterprise Server, with Windows Server Versions 4.4 through 4.12, a vulnerability has been identified where existing access privileges are not restricted in coordination with the expiration of access based on active directory user account changes when the device is joined to an AD domain.

8.8
2019-09-05 CVE-2019-2177 Google Permission Issues vulnerability in Google Android

In isPreferred of HidProfile.java in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is a possible device type confusion due to a permissions bypass.

8.8
2019-09-05 CVE-2019-15029 Fusionpbx OS Command Injection vulnerability in Fusionpbx 4.4.8

FusionPBX 4.4.8 allows an attacker to execute arbitrary system commands by submitting a malicious command to the service_edit.php file (which will insert the malicious command into the database).

8.8
2019-09-05 CVE-2019-15953 Totaljs Missing Authorization vulnerability in Totaljs Total.Js CMS 12.0.0

An issue was discovered in Total.js CMS 12.0.0.

8.8
2019-09-05 CVE-2019-15952 Totaljs Path Traversal vulnerability in Totaljs Total.Js CMS 12.0.0

An issue was discovered in Total.js CMS 12.0.0.

8.8
2019-09-05 CVE-2019-5069 Epignosishq Deserialization of Untrusted Data vulnerability in Epignosishq Efront LMS

A code execution vulnerability exists in Epignosis eFront LMS v5.2.12.

8.8
2019-09-05 CVE-2019-15949 Nagios OS Command Injection vulnerability in Nagios XI

Nagios XI before 5.6.6 allows remote command execution as root.

8.8
2019-09-05 CVE-2019-15942 Ffmpeg Unchecked Return Value vulnerability in Ffmpeg

FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645_parse because alloc_rbsp_buffer in libavcodec/h2645_parse.c mishandles rbsp_buffer.

8.8
2019-09-05 CVE-2018-21010 Uclouvain
Debian
Out-of-bounds Write vulnerability in multiple products

OpenJPEG before 2.3.1 has a heap buffer overflow in color_apply_icc_profile in bin/common/color.c.

8.8
2019-09-05 CVE-2018-21009 Freedesktop Integer Overflow or Wraparound vulnerability in Freedesktop Poppler

Poppler before 0.66.0 has an integer overflow in Parser::makeStream in Parser.cc.

8.8
2019-09-05 CVE-2019-1939 Cisco Improper Privilege Management vulnerability in Cisco Webex Teams 3.0.4533

A vulnerability in the Cisco Webex Teams client for Windows could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected system.

8.8
2019-09-04 CVE-2019-6646 F5 Unspecified vulnerability in F5 products

On BIG-IP 11.5.2-11.6.4 and Enterprise Manager 3.1.1, REST users with guest privileges may be able to escalate their privileges and run commands with admin privileges.

8.8
2019-09-04 CVE-2019-15813 Sentrifugo Unrestricted Upload of File with Dangerous Type vulnerability in Sentrifugo 3.2

Multiple file upload restriction bypass vulnerabilities in Sentrifugo 3.2 could allow authenticated users to execute arbitrary code via a webshell.

8.8
2019-09-03 CVE-2019-5475 Sonatype OS Command Injection vulnerability in Sonatype Nexus Repository Manager

The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability.

8.8
2019-09-03 CVE-2019-15873 Metagauss Code Injection vulnerability in Metagauss Profilegrid

The profilegrid-user-profiles-groups-and-communities plugin before 2.8.6 for WordPress has remote code execution via an wp-admin/admin-ajax.php request with the action=pm_template_preview&html=<?php substring followed by PHP code.

8.8
2019-09-03 CVE-2019-15868 Wpaffiliatemanager Cross-Site Request Forgery (CSRF) vulnerability in Wpaffiliatemanager Affiliates Manager

The affiliates-manager plugin before 2.6.6 for WordPress has CSRF.

8.8
2019-09-03 CVE-2019-15867 Omaksolutions Use of Hard-coded Credentials vulnerability in Omaksolutions Slick-Popup

The slick-popup plugin before 1.7.2 for WordPress has a hardcoded OmakPass13# password for the slickpopupteam account, after a Subscriber calls a certain AJAX action.

8.8
2019-09-03 CVE-2019-15866 Crelly Slider Project Unrestricted Upload of File with Dangerous Type vulnerability in Crelly Slider Project Crelly Slider

The crelly-slider plugin before 1.3.5 for WordPress has arbitrary file upload via a PHP file inside a ZIP archive to wp_ajax_crellyslider_importSlider.

8.8
2019-09-03 CVE-2019-15865 Holest Cross-Site Request Forgery (CSRF) vulnerability in Holest Breadcrumbs BY Menu

The breadcrumbs-by-menu plugin before 1.0.3 for WordPress has CSRF.

8.8
2019-09-03 CVE-2019-15858 Webcraftic Missing Authentication for Critical Function vulnerability in Webcraftic Woody AD Snippets

admin/includes/class.import.snippet.php in the "Woody ad snippets" plugin before 2.2.5 for WordPress allows unauthenticated options import, as demonstrated by storing an XSS payload for remote code execution.

8.8
2019-09-03 CVE-2015-9381 Freetype
Debian
Out-of-bounds Read vulnerability in multiple products

FreeType before 2.6.1 has a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c.

8.8
2019-09-04 CVE-2019-12587 Espressif Use of a Broken or Risky Cryptographic Algorithm vulnerability in Espressif Esp-Idf and Esp8266 Nonos SDK

The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 allows the installation of a zero Pairwise Master Key (PMK) after the completion of any EAP authentication method, which allows attackers in radio range to replay, decrypt, or spoof frames via a rogue access point.

8.1
2019-09-08 CVE-2019-16115 Glyphandcog Out-of-bounds Read vulnerability in Glyphandcog Xpdfreader 4.01.01

In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in IdentityFunction::transform in Function.cc, used by GfxAxialShading::getColor.

7.8
2019-09-06 CVE-2019-9345 Google Unspecified vulnerability in Google Android

In the Android kernel in sdcardfs there is a possible violation of the separation of data between profiles due to shared mapping of obb files.

7.8
2019-09-06 CVE-2019-9270 Google Out-of-bounds Write vulnerability in Google Android

In the Android kernel in unifi and r8180 WiFi drivers there is a possible out of bounds write due to a missing bounds check.

7.8
2019-09-06 CVE-2019-2182 Google Unspecified vulnerability in Google Android

In the Android kernel in the kernel MMU code there is a possible execution path leaving some kernel text and rodata pages writable.

7.8
2019-09-06 CVE-2019-9854 Libreoffice
Redhat
Debian
Canonical
Opensuse
Fedoraproject
Path Traversal vulnerability in multiple products

LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc.

7.8
2019-09-06 CVE-2018-18630 Mckesson
Changehealthcare
Incorrect Permission Assignment for Critical Resource vulnerability in multiple products

A vulnerability was found in McKesson Cardiology product 13.x and 14.x.

7.8
2019-09-06 CVE-2018-6240 Google Out-of-bounds Write vulnerability in Google Android

NVIDIA Tegra contains a vulnerability in BootRom where a user with kernel level privileges can write an arbitrary value to an arbitrary physical address

7.8
2019-09-05 CVE-2019-9254 Google Command Injection vulnerability in Google Android 10.0

In readArgumentList of zygote.java in Android 10, there is a possible command injection due to improper input validation.

7.8
2019-09-05 CVE-2019-2181 Google Integer Overflow or Wraparound vulnerability in Google Android

In binder_transaction of binder.c in the Android kernel, there is a possible out of bounds write due to an integer overflow.

7.8
2019-09-05 CVE-2019-2178 Google Out-of-bounds Write vulnerability in Google Android

In rw_t4t_sm_read_ndef of rw_t4t in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is a possible out of bounds write due to a missing bounds check.

7.8
2019-09-05 CVE-2019-2176 Google Out-of-bounds Write vulnerability in Google Android 8.0/8.1/9.0

In ihevcd_parse_buffering_period_sei of ihevcd_parse_headers.c in Android 8.0, 8.1 and 9, there is a possible out of bounds write due to a missing bounds check.

7.8
2019-09-05 CVE-2019-2175 Google Incorrect Authorization vulnerability in Google Android 9.0

In checkAccess of SliceManagerService.java in Android 9, there is a possible permissions check bypass due to incorrect order of arguments.

7.8
2019-09-05 CVE-2019-2174 Google Improper Locking vulnerability in Google Android

In SensorManager::assertStateLocked of SensorManager.cpp in Android 7.1.1, 7.1.2, 8.0, 8.1, and 9, there is a possible use after free due to improper locking.

7.8
2019-09-05 CVE-2019-2123 Google Out-of-bounds Write vulnerability in Google Android

In execTransact of Binder.java in Android 7.1.1, 7.1.2, 8.0, 8.1, and 9, there is a possible local execution of arbitrary code in a privileged process due to a memory overwrite.

7.8
2019-09-05 CVE-2019-2115 Google Double Free vulnerability in Google Android

In GateKeeper::MintAuthToken of gatekeeper.cpp in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is possible memory corruption due to a double free.

7.8
2019-09-05 CVE-2019-2108 Google Out-of-bounds Write vulnerability in Google Android 10.0

In ihevcd_ref_list of ihevcd_ref_list.c in Android 10, there is a possible out of bounds write due to a missing bounds check.

7.8
2019-09-05 CVE-2019-12645 Cisco Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Jabber 12.5(0)

A vulnerability in Cisco Jabber Client Framework (JCF) for Mac Software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local attacker to execute arbitrary code on an affected device The vulnerability is due to improper file level permissions on an affected device when it is running Cisco JCF for Mac Software.

7.8
2019-09-04 CVE-2019-15927 Linux Out-of-bounds Read vulnerability in Linux Kernel

An issue was discovered in the Linux kernel before 4.20.2.

7.8
2019-09-04 CVE-2019-15925 Linux
Canonical
Out-of-bounds Read vulnerability in multiple products

An issue was discovered in the Linux kernel before 5.2.3.

7.8
2019-09-04 CVE-2017-18595 Linux
Opensuse
Double Free vulnerability in multiple products

An issue was discovered in the Linux kernel before 4.14.11.

7.8
2019-09-04 CVE-2019-15918 Linux
Canonical
Out-of-bounds Read vulnerability in multiple products

An issue was discovered in the Linux kernel before 5.0.10.

7.8
2019-09-04 CVE-2019-13522 Ezautomation Out-of-bounds Write vulnerability in Ezautomation EZ PLC Editor 1.8.41

An attacker could use a specially crafted project file to corrupt the memory and execute code under the privileges of the EZ PLC Editor Versions 1.8.41 and prior.

7.8
2019-09-04 CVE-2019-13518 Ezautomation Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ezautomation EZ Touch Editor 2.1.0

An attacker could use a specially crafted project file to overflow the buffer and execute code under the privileges of the EZ Touch Editor Versions 2.1.0 and prior.

7.8
2019-09-03 CVE-2019-14817 Artifex
Redhat
Opensuse
Fedoraproject
Debian
Incorrect Authorization vulnerability in multiple products

A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions.

7.8
2019-09-03 CVE-2019-14811 Artifex
Redhat
Fedoraproject
Opensuse
Debian
Incorrect Authorization vulnerability in multiple products

A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions.

7.8
2019-09-08 CVE-2019-16100 Silver Peak Unspecified vulnerability in Silver-Peak Unity Edgeconnect Sd-Wan Firmware 8.1.4.965644

Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows remote attackers to trigger a web-interface outage via slow client-side HTTP traffic from a single source.

7.5
2019-09-08 CVE-2016-10937 Imapfilter Project
Debian
Fedoraproject
Opensuse
Improper Certificate Validation vulnerability in multiple products

IMAPFilter through 2.6.12 does not validate the hostname in an SSL certificate.

7.5
2019-09-08 CVE-2019-16096 Kilo Project Integer Overflow or Wraparound vulnerability in Kilo Project Kilo 0.0.1

Kilo 0.0.1 has a heap-based buffer overflow because there is an integer overflow in a calculation involving the number of tabs in one row.

7.5
2019-09-08 CVE-2019-16095 Symonics
Canonical
Out-of-bounds Read vulnerability in multiple products

Symonics libmysofa 0.7 has an invalid read in getDimension in hrtf/reader.c.

7.5
2019-09-08 CVE-2019-16094 Symonics
Canonical
Out-of-bounds Read vulnerability in multiple products

Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c.

7.5
2019-09-08 CVE-2019-16091 Symonics
Canonical
Out-of-bounds Read vulnerability in multiple products

Symonics libmysofa 0.7 has an out-of-bounds read in directblockRead in hdf/fractalhead.c.

7.5
2019-09-06 CVE-2019-16058 Opensc Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Opensc Project Opensc 0.2.0/0.3.0

An issue was discovered in the pam_p11 component 0.2.0 and 0.3.0 for OpenSC.

7.5
2019-09-06 CVE-2019-16056 Python
Fedoraproject
Debian
Canonical
Redhat
Oracle
Opensuse
An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4.
7.5
2019-09-06 CVE-2019-15890 Libslirp Project
Qemu
Use After Free vulnerability in multiple products

libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.

7.5
2019-09-05 CVE-2019-11380 Estrongs Unspecified vulnerability in Estrongs ES File Explorer File Manager 4.2.0.1.3

The master-password feature in the ES File Explorer File Manager application 4.2.0.1.3 for Android can be bypassed via a com.estrongs.android.pop.ftp.ESFtpShortcut intent, leading to remote FTP access to the entirety of local storage.

7.5
2019-09-05 CVE-2019-13191 Mapsolutions SQL Injection vulnerability in Mapsolutions Intramaps

A SQL injection vulnerability in IntraMaps MapControl 8 allows attackers to execute arbitrary SQL commands via the /ApplicationEngine/Search/Refine/Set page.

7.5
2019-09-05 CVE-2019-15947 Bitcoin Cleartext Storage of Sensitive Information vulnerability in Bitcoin Core 0.18.0

In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory.

7.5
2019-09-05 CVE-2019-4321 IBM Weak Password Requirements vulnerability in IBM products

IBM Intelligent Operations Center V5.1.0 - V5.2.0, IBM Intelligent Operations Center for Emergency Management V5.1.0 - V5.1.0.6, and IBM Water Operations for Waternamics V5.1.0 - V5.2.1.1 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.

7.5
2019-09-05 CVE-2019-12223 Hanwha Security Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hanwha-Security products

An issue was discovered in NVR WebViewer on Hanwah Techwin SRN-472s 1.07_190502 devices, and other SRN-x devices before 2019-05-03.

7.5
2019-09-05 CVE-2019-12633 Cisco Server-Side Request Forgery (SSRF) vulnerability in Cisco Unified Contact Center Express

A vulnerability in Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to bypass access controls and conduct a server-side request forgery (SSRF) attack on a targeted system.

7.5
2019-09-05 CVE-2019-12632 Cisco Server-Side Request Forgery (SSRF) vulnerability in Cisco Finesse 11.6(1)/12.0(1)/12.5(1)

A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to bypass access controls and conduct a server-side request forgery (SSRF) attack on an affected system.

7.5
2019-09-04 CVE-2019-6643 F5 Unspecified vulnerability in F5 products

On versions 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, 12.1.0-12.1.4.1, and 11.5.2-11.6.4, an attacker sending specifically crafted DHCPv6 requests through a BIG-IP virtual server configured with a DHCPv6 profile may be able to cause the TMM process to produce a core file.

7.5
2019-09-04 CVE-2019-6645 F5 Unspecified vulnerability in F5 products

On BIG-IP 14.0.0-14.1.0.5, 13.0.0-13.1.2, 12.1.0-12.1.4.1, 11.5.2-11.6.4, FTP traffic passing through a Virtual Server with both an active FTP profile associated and connection mirroring configured may lead to a TMM crash causing the configured HA action to be taken.

7.5
2019-09-04 CVE-2019-15916 Linux Memory Leak vulnerability in Linux Kernel

An issue was discovered in the Linux kernel before 5.0.1.

7.5
2019-09-04 CVE-2019-15903 Libexpat Project
Python
XML Entity Expansion vulnerability in multiple products

In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.

7.5
2019-09-03 CVE-2019-15892 Varnish Cache Project
Varnish Software
Debian
Reachable Assertion vulnerability in multiple products

An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and 6.2.x before 6.2.1.

7.5
2019-09-03 CVE-2019-5479 Larvit Inclusion of Functionality from Untrusted Control Sphere vulnerability in Larvit Larvitbase

An unintended require vulnerability in <v0.5.5 larvitbase-api may allow an attacker to load arbitrary non-production code (JavaScript file).

7.5
2019-09-03 CVE-2019-6179 Lenovo XXE vulnerability in Lenovo Xclarity Administrator and Xclarity Integrator

An XML External Entity (XXE) processing vulnerability was reported in Lenovo XClarity Administrator (LXCA) prior to version 2.5.0 , Lenovo XClarity Integrator (LXCI) for Microsoft System Center prior to version 7.7.0, and Lenovo XClarity Integrator (LXCI) for VMWare vCenter prior to version 6.1.0 that could allow information disclosure.

7.5
2019-09-03 CVE-2019-14261 Abus Cryptographic Issues vulnerability in Abus Secvest Wireless Alarm System Fuaa50000 Firmware 3.01.01

An issue was discovered on ABUS Secvest FUAA50000 3.01.01 devices.

7.5
2019-09-03 CVE-2019-13156 Naver Out-of-bounds Write vulnerability in Naver Cloud Explorer

NDrive(1.2.2).sys in Naver Cloud Explorer has a stack-based buffer overflow, which allows attackers to cause a denial of service when reading data from IOCTL handle.

7.5
2019-09-03 CVE-2019-15863 Convertplug Unspecified vulnerability in Convertplug Convertplus

The ConvertPlus plugin before 3.4.5 for WordPress has an unintended account creation (with the none role) via a request for variants.

7.5
2019-09-03 CVE-2019-15043 Grafana Missing Authentication for Critical Function vulnerability in Grafana

In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use.

7.5
2019-09-02 CVE-2019-15847 GNU
Opensuse
Insufficient Entropy vulnerability in multiple products

The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator.

7.5
2019-09-03 CVE-2019-3751 Dell Improper Certificate Validation vulnerability in Dell EMC Enterprise Copy Data Management

Dell EMC Enterprise Copy Data Management (eCDM) versions 1.0, 1.1, 2.0, 2.1, and 3.0 contain a certificate validation vulnerability.

7.4
2019-09-08 CVE-2019-16103 Silver Peak Unspecified vulnerability in Silver-Peak Unity Edgeconnect Sd-Wan Firmware 8.1.4.965644

Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows privilege escalation (by administrators) from the menu to a root Bash OS shell via the spsshell feature.

7.2
2019-09-05 CVE-2019-14224 Alfresco Deserialization of Untrusted Data vulnerability in Alfresco 5.2

An issue was discovered in Alfresco Community Edition 5.2 201707.

7.2
2019-09-06 CVE-2019-9458 Google
Opensuse
Use After Free vulnerability in multiple products

In the Android kernel in the video driver there is a use after free due to a race condition.

7.0
2019-09-04 CVE-2019-15917 Linux
Debian
Opensuse
Use After Free vulnerability in multiple products

An issue was discovered in the Linux kernel before 5.0.5.

7.0

92 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-09-06 CVE-2019-9456 Google
Opensuse
Out-of-bounds Write vulnerability in multiple products

In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check.

6.7
2019-09-06 CVE-2019-9454 Google Out-of-bounds Write vulnerability in Google Android

In the Android kernel in i2c driver there is a possible out of bounds write due to memory corruption.

6.7
2019-09-06 CVE-2019-9451 Google Out-of-bounds Write vulnerability in Google Android

In the Android kernel in the touchscreen driver there is a possible out of bounds write due to a missing bounds check.

6.7
2019-09-06 CVE-2019-9448 Google Out-of-bounds Write vulnerability in Google Android

In the Android kernel in the FingerTipS touchscreen driver there is a possible out of bounds write due to a missing bounds check.

6.7
2019-09-06 CVE-2019-9447 Google Improper Locking vulnerability in Google Android

In the Android kernel in the FingerTipS touchscreen driver there is a possible use-after-free due to improper locking.

6.7
2019-09-06 CVE-2019-9446 Google Out-of-bounds Write vulnerability in Google Android

In the Android kernel in the FingerTipS touchscreen driver there is a possible out of bounds write due to improper input validation.

6.7
2019-09-06 CVE-2019-9443 Google Improper Privilege Management vulnerability in Google Android

In the Android kernel in the vl53L0 driver there is a possible out of bounds write due to a permissions bypass.

6.7
2019-09-06 CVE-2019-9442 Google Use After Free vulnerability in Google Android

In the Android kernel in the mnh driver there is possible memory corruption due to a use after free.

6.7
2019-09-06 CVE-2019-9441 Google Out-of-bounds Write vulnerability in Google Android

In the Android kernel in the mnh driver there is a possible out of bounds write due to improper input validation.

6.7
2019-09-06 CVE-2019-9436 Google Unspecified vulnerability in Google Android

In the Android kernel in the bootloader there is a possible secure boot bypass.

6.7
2019-09-06 CVE-2019-9426 Google Out-of-bounds Write vulnerability in Google Android

In the Android kernel in Bluetooth there is a possible out of bounds write due to a missing bounds check.

6.7
2019-09-06 CVE-2019-9276 Google Use After Free vulnerability in Google Android

In the Android kernel in the synaptics_dsx_htc touchscreen driver there is a possible out of bounds write due to a use after free.

6.7
2019-09-06 CVE-2019-9275 Google Improper Locking vulnerability in Google Android

In the Android kernel in the mnh driver there is a use after free due to improper locking.

6.7
2019-09-06 CVE-2019-9274 Google Out-of-bounds Write vulnerability in Google Android

In the Android kernel in the mnh driver there is a possible out of bounds write due to a missing bounds check.

6.7
2019-09-06 CVE-2019-9273 Google Improper Locking vulnerability in Google Android

In the Android kernel in the synaptics_dsx_htc touchscreen driver there is a possible use after free due to improper locking.

6.7
2019-09-06 CVE-2019-9248 Google Out-of-bounds Write vulnerability in Google Android

In the Android kernel in the FingerTipS touchscreen driver there is a possible out of bounds write due to a missing bounds check.

6.7
2019-09-08 CVE-2019-16097 Linuxfoundation Missing Authorization vulnerability in Linuxfoundation Harbor

core/api/user.go in Harbor 1.7.0 through 1.8.2 allows non-admin users to create admin accounts via the POST /api/users API, when Harbor is setup with DB as authentication backend and allow user to do self-registration.

6.5
2019-09-06 CVE-2019-9461 Google Unspecified vulnerability in Google Android

In the Android kernel in VPN routing there is a possible information disclosure.

6.5
2019-09-06 CVE-2019-15128 IF Svnadmin Project Cross-Site Request Forgery (CSRF) vulnerability in If.Svnadmin Project If.Svnadmin 1.6.0/1.6.1/1.6.2

iF.SVNAdmin through 1.6.2 allows svnadmin/usercreate.php CSRF to create a user.

6.5
2019-09-05 CVE-2019-15955 Totaljs Use of Insufficiently Random Values vulnerability in Totaljs Total.Js CMS 12.0.0

An issue was discovered in Total.js CMS 12.0.0.

6.5
2019-09-05 CVE-2019-5070 Epignosishq SQL Injection vulnerability in Epignosishq Efront LMS

An exploitable SQL injection vulnerability exists in the unauthenticated portion of eFront LMS, versions v5.2.12 and earlier.

6.5
2019-09-05 CVE-2019-13361 Smanos Improper Authentication vulnerability in Smanos W100 Firmware 1.0.0

Smanos W100 1.0.0 devices have Insecure Permissions, exploitable by an attacker on the same Wi-Fi network.

6.5
2019-09-04 CVE-2019-14319 Tiktok Cleartext Transmission of Sensitive Information vulnerability in Tiktok

The TikTok (formerly Musical.ly) application 12.2.0 for Android and iOS performs unencrypted transmission of images, videos, and likes.

6.5
2019-09-04 CVE-2019-12586 Espressif Unspecified vulnerability in Espressif Esp-Idf

The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 processes EAP Success messages before any EAP method completion or failure, which allows attackers in radio range to cause a denial of service (crash) via a crafted message.

6.5
2019-09-04 CVE-2019-12588 Espressif Improper Input Validation vulnerability in Espressif Arduino Esp8266 and Esp8266 Nonos SDK

The client 802.11 mac implementation in Espressif ESP8266_NONOS_SDK 2.2.0 through 3.1.0 does not validate correctly the RSN AuthKey suite list count in beacon frames, probe responses, and association responses, which allows attackers in radio range to cause a denial of service (crash) via a crafted message.

6.5
2019-09-03 CVE-2015-9383 Freetype
Debian
Canonical
Out-of-bounds Read vulnerability in multiple products

FreeType before 2.6.2 has a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c.

6.5
2019-09-03 CVE-2015-9382 Freetype
Debian
Out-of-bounds Read vulnerability in multiple products

FreeType before 2.6.1 has a buffer over-read in skip_comment in psaux/psobjs.c because ps_parser_skip_PS_token is mishandled in an FT_New_Memory_Face operation.

6.5
2019-09-06 CVE-2019-9450 Google Out-of-bounds Write vulnerability in Google Android

In the Android kernel in the FingerTipS touchscreen driver there is a possible memory corruption due to a race condition.

6.4
2019-09-06 CVE-2019-9271 Google Use After Free vulnerability in Google Android

In the Android kernel in the mnh driver there is a race condition due to insufficient locking.

6.4
2019-09-05 CVE-2019-15946 Opensc Project
Debian
Fedoraproject
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry in libopensc/asn1.c.

6.4
2019-09-05 CVE-2019-15945 Opensc Project
Debian
Fedoraproject
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Bitstring in decode_bit_string in libopensc/asn1.c.

6.4
2019-09-08 CVE-2019-16118 10Web Cross-site Scripting vulnerability in 10Web Photo Gallery

Cross site scripting (XSS) in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via admin/controllers/Options.php.

6.1
2019-09-08 CVE-2019-16117 10Web Cross-site Scripting vulnerability in 10Web Photo Gallery

Cross site scripting (XSS) in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via admin/models/Galleries.php.

6.1
2019-09-08 CVE-2019-16104 Silver Peak Cross-site Scripting vulnerability in Silver-Peak Unity Edgeconnect Sd-Wan Firmware 8.1.4.965644

Silver Peak EdgeConnect SD-WAN before 8.1.7.x has reflected XSS via the rest/json/configdb/download/ PATH_INFO.

6.1
2019-09-06 CVE-2018-11198 Acquia Cross-site Scripting vulnerability in Acquia Mautic 2.13.1

An issue was discovered in Mautic 2.13.1.

6.1
2019-09-06 CVE-2019-14223 Alfresco Open Redirect vulnerability in Alfresco

An issue was discovered in Alfresco Community Edition versions below 5.2.6, 6.0.N and 6.1.N.

6.1
2019-09-05 CVE-2019-15848 Jetbrains Cross-site Scripting vulnerability in Jetbrains Teamcity 2019.1/2019.1.1

JetBrains TeamCity 2019.1 and 2019.1.1 allows cross-site scripting (XSS), potentially making it possible to send an arbitrary HTTP request to a TeamCity server under the name of the currently logged-in user.

6.1
2019-09-05 CVE-2019-4186 IBM Cross-site Scripting vulnerability in IBM Jazz for Service Management 1.1.3

IBM Jazz for Service Management 1.1.3 is vulnerable to HTTP header injection, caused by incorrect trust in the HTTP Host header during caching.

6.1
2019-09-05 CVE-2019-10677 Dasanzhone Cross-site Scripting vulnerability in Dasanzhone Znid Gpon 2426A EU Firmware S3.1.285

Multiple Cross-Site Scripting (XSS) issues in the web interface on DASAN Zhone ZNID GPON 2426A EU version S3.1.285 devices allow a remote attacker to execute arbitrary JavaScript via manipulation of an unsanitized GET parameter: /zhndnsdisplay.cmd (name), /wlsecrefresh.wl (wlWscCfgMethod, wl_wsc_reg).

6.1
2019-09-05 CVE-2019-12644 Cisco Cross-site Scripting vulnerability in Cisco Identity Services Engine

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

6.1
2019-09-04 CVE-2019-14470 Instagram PHP API Project
Userproplugin
Cross-site Scripting vulnerability in multiple products

cosenary Instagram-PHP-API (aka Instagram PHP API V2), as used in the UserPro plugin through 4.9.32 for WordPress, has XSS via the example/success.php error_description parameter.

6.1
2019-09-04 CVE-2019-13975 Egain Cross-site Scripting vulnerability in Egain Chat 15.0.3

eGain Chat 15.0.3 allows HTML Injection.

6.1
2019-09-04 CVE-2019-13209 Suse Cross-site Scripting vulnerability in Suse Rancher

Rancher 2 through 2.2.4 is vulnerable to a Cross-Site Websocket Hijacking attack that allows an exploiter to gain access to clusters managed by Rancher.

6.1
2019-09-03 CVE-2019-15898 Nagios Cross-site Scripting vulnerability in Nagios LOG Server

Nagios Log Server before 2.0.8 allows Reflected XSS via the username on the Login page.

6.1
2019-09-03 CVE-2019-6181 Lenovo Cross-site Scripting vulnerability in Lenovo Xclarity Administrator

A reflected cross-site scripting (XSS) vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions prior to 2.5.0 that could allow a crafted URL, if visited, to cause JavaScript code to be executed in the user's web browser.

6.1
2019-09-03 CVE-2019-15889 Wpdownloadmanager Cross-site Scripting vulnerability in Wpdownloadmanager Wordpress Download Manager

The download-manager plugin before 2.9.94 for WordPress has XSS via the category shortcode feature, as demonstrated by the orderby or search[publish_date] parameter.

6.1
2019-09-03 CVE-2019-3754 Dell Cross-site Scripting vulnerability in Dell products

Dell EMC Unity Operating Environment versions prior to 5.0.0.0.5.116, Dell EMC UnityVSA versions prior to 5.0.0.0.5.116 and Dell EMC VNXe3200 versions prior to 3.1.10.9946299 contain a reflected cross-site scripting vulnerability on the cas/logout page.

6.1
2019-09-03 CVE-2019-15864 Holest Cross-site Scripting vulnerability in Holest Breadcrumbs BY Menu

The breadcrumbs-by-menu plugin before 1.0.3 for WordPress has XSS.

6.1
2019-09-05 CVE-2019-10753 Diffplug Incorrect Resource Transfer Between Spheres vulnerability in Diffplug Eclipse-Cdt, Eclipse-Groovy and Eclipse-Wtp

In all versions prior to version 3.9.6 for eclipse-wtp, all versions prior to version 9.4.4 for eclipse-cdt, and all versions prior to version 3.0.1 for eclipse-groovy, Spotless was resolving dependencies over an insecure channel (http).

5.9
2019-09-05 CVE-2019-15939 Opencv
Opensuse
Debian
Divide By Zero vulnerability in multiple products

An issue was discovered in OpenCV 4.1.0.

5.9
2019-09-04 CVE-2019-15902 Linux
Debian
Opensuse
Netapp
Information Exposure vulnerability in multiple products

A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11.

5.6
2019-09-06 CVE-2019-16088 Glyphandcog Uncontrolled Recursion vulnerability in Glyphandcog Xpdfreader 3.04

Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc.

5.5
2019-09-05 CVE-2019-2180 Google Out-of-bounds Read vulnerability in Google Android 8.0/8.1/9.0

In ippSetValueTag of ipp.c in Android 8.0, 8.1 and 9, there is a possible out of bounds read due to improper input validation.

5.5
2019-09-05 CVE-2019-2179 Google Integer Overflow or Wraparound vulnerability in Google Android

In NDEF_MsgValidate of ndef_utils in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is a possible out of bounds read due to an integer overflow.

5.5
2019-09-05 CVE-2019-2124 Google Unspecified vulnerability in Google Android

In ComposeActivityEmailExternal of ComposeActivityEmailExternal.java in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is a possible way to silently attach files to an email due to a confused deputy.

5.5
2019-09-05 CVE-2019-2103 Google Information Exposure vulnerability in Google Android 9.0

In Google Assistant in Android 9, there is a possible permissions bypass that allows the Assistant to take a screenshot of apps with FLAG_SECURE.

5.5
2019-09-05 CVE-2019-14339 Canon Unspecified vulnerability in Canon Print 2.5.5

The ContentProvider in the Canon PRINT jp.co.canon.bsd.ad.pixmaprint 2.5.5 application for Android does not properly restrict canon.ij.printer.capability.data data access.

5.5
2019-09-04 CVE-2018-21008 Linux Use After Free vulnerability in Linux Kernel

An issue was discovered in the Linux kernel before 4.16.7.

5.5
2019-09-04 CVE-2019-15924 Linux NULL Pointer Dereference vulnerability in Linux Kernel

An issue was discovered in the Linux kernel before 5.0.11.

5.5
2019-09-04 CVE-2019-15923 Linux NULL Pointer Dereference vulnerability in Linux Kernel

An issue was discovered in the Linux kernel before 5.0.9.

5.5
2019-09-04 CVE-2019-15922 Linux NULL Pointer Dereference vulnerability in Linux Kernel

An issue was discovered in the Linux kernel before 5.0.9.

5.5
2019-09-03 CVE-2019-5478 AMD Insufficient Verification of Data Authenticity vulnerability in AMD products

A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices.

5.5
2019-09-03 CVE-2019-15860 Glyphandcog NULL Pointer Dereference vulnerability in Glyphandcog Xpdfreader 2.00

Xpdf 2.00 allows a SIGSEGV in XRef::constructXRef in XRef.cc.

5.5
2019-09-05 CVE-2019-4149 IBM Cross-site Scripting vulnerability in IBM products

IBM Business Automation Workflow V18.0.0.0 through V18.0.0.2 and IBM Business Process Manager V8.6.0.0 through V8.6.0.0 Cumulative Fix 2018.03, V8.5.7.0 through V8.5.7.0 Cumulative Fix 2017.06, and V8.5.6.0 through V8.5.6.0 CF2 is vulnerable to cross-site scripting.

5.4
2019-09-04 CVE-2019-15814 Sentrifugo Cross-site Scripting vulnerability in Sentrifugo 3.2

Multiple stored XSS vulnerabilities in Sentrifugo 3.2 could allow authenticated users to inject arbitrary web script or HTML.

5.4
2019-09-03 CVE-2019-15870 Carspot Project Cross-site Scripting vulnerability in Carspot Project Carspot

The CarSpot theme before 2.1.7 for WordPress has stored XSS via the Phone Number field.

5.4
2019-09-03 CVE-2019-15869 Jobcareer Project Cross-site Scripting vulnerability in Jobcareer Project Jobcareer

The JobCareer theme before 2.5.1 for WordPress has stored XSS.

5.4
2019-09-08 CVE-2019-16109 Plataformatec Unspecified vulnerability in Plataformatec Devise

An issue was discovered in Plataformatec Devise before 4.7.1.

5.3
2019-09-08 CVE-2019-16101 Silver Peak Information Exposure Through an Error Message vulnerability in Silver-Peak Unity Edgeconnect Sd-Wan Firmware 8.1.4.965644

Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows remote attackers to obtain potentially sensitive stack traces by sending incorrect JSON data to the REST API, such as the rest/json/banners URI.

5.3
2019-09-05 CVE-2019-15944 Valvesoftware Improper Encoding or Escaping of Output vulnerability in Valvesoftware Counter-Strike:Global Offensive

In Counter-Strike: Global Offensive before 8/29/2019, community game servers can display unsafe HTML in a disconnection message.

5.3
2019-09-05 CVE-2019-14278 Knowage Suite Unspecified vulnerability in Knowage-Suite Knowage

In Knowage through 6.1.1, an unauthenticated user can enumerated valid usernames via the ChangePwdServlet page.

5.3
2019-09-05 CVE-2019-5065 Blynk Out-of-bounds Read vulnerability in Blynk Blynk-Library 0.6.1

An exploitable information disclosure vulnerability exists in the packet-parsing functionality of Blynk-Library v0.6.1.

5.3
2019-09-05 CVE-2019-13190 ENG Improper Authentication vulnerability in ENG Knowage 6.1.0/6.1.1

In Knowage through 6.1.1, the sign up page does not invalidate a valid CAPTCHA token.

5.3
2019-09-04 CVE-2019-6647 F5 Memory Leak vulnerability in F5 products

On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, 12.1.0-12.1.4.1, 11.5.2-11.6.4, when processing authentication attempts for control-plane users MCPD leaks a small amount of memory.

5.3
2019-09-03 CVE-2019-5480 Statichttpserver Project Path Traversal vulnerability in Statichttpserver Project Statichttpserver

A path traversal vulnerability in <= v0.9.7 of statichttpserver npm module allows attackers to list files in arbitrary folders.

5.3
2019-09-08 CVE-2019-16105 Silver Peak Path Traversal vulnerability in Silver-Peak Unity Edgeconnect Sd-Wan Firmware 8.1.4.965644

Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows ..%2f directory traversal via a rest/json/configdb/download/ URI.

4.9
2019-09-05 CVE-2019-13349 Knowage Suite Insufficiently Protected Credentials vulnerability in Knowage-Suite Knowage

In Knowage through 6.1.1, an authenticated user that accesses the users page will obtain all user password hashes.

4.9
2019-09-03 CVE-2019-6182 Lenovo Improper Neutralization of Formula Elements in a CSV File vulnerability in Lenovo Xclarity Administrator

A stored CSV Injection vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions prior to 2.5.0 that could allow an administrative user to store malformed data in LXCA Jobs and Event Log data, that could result in crafted formulas stored in an exported CSV file.

4.9
2019-09-03 CVE-2019-6180 Lenovo Cross-site Scripting vulnerability in Lenovo Xclarity Administrator

A stored cross-site scripting (XSS) vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions prior to 2.5.0 that could allow an administrative user to cause JavaScript code to be stored in LXCA which may then be executed in the user's web browser.

4.8
2019-09-04 CVE-2019-15921 Linux
Opensuse
Memory Leak vulnerability in multiple products

An issue was discovered in the Linux kernel before 5.0.6.

4.7
2019-09-06 CVE-2019-9453 Google
Canonical
Improper Input Validation vulnerability in multiple products

In the Android kernel in F2FS touch driver there is a possible out of bounds read due to improper input validation.

4.4
2019-09-06 CVE-2019-9452 Google Out-of-bounds Read vulnerability in Google Android

In the Android kernel in SEC_TS touch driver there is a possible out of bounds read due to a missing bounds check.

4.4
2019-09-06 CVE-2019-9449 Google Out-of-bounds Read vulnerability in Google Android

In the Android kernel in FingerTipS touchscreen driver there is a possible out of bounds read due to a missing bounds check.

4.4
2019-09-06 CVE-2019-9445 Google
Debian
Canonical
Out-of-bounds Read vulnerability in multiple products

In the Android kernel in F2FS driver there is a possible out of bounds read due to a missing bounds check.

4.4
2019-09-06 CVE-2019-9444 Google Information Exposure vulnerability in Google Android

In the Android kernel in sync debug fs driver there is a kernel pointer leak due to the usage of printf with %p.

4.4
2019-09-06 CVE-2019-9245 Google Out-of-bounds Read vulnerability in Google Android

In the Android kernel in the f2fs driver there is a possible out of bounds read due to a missing bounds check.

4.4
2019-09-04 CVE-2019-6648 F5
Redhat
Information Exposure Through Log Files vulnerability in multiple products

On version 1.9.0, If DEBUG logging is enable, F5 Container Ingress Service (CIS) for Kubernetes and Red Hat OpenShift (k8s-bigip-ctlr) log files may contain BIG-IP secrets such as SSL Private Keys and Private key Passphrases as provided as inputs by an AS3 Declaration.

4.4
2019-09-04 CVE-2019-15718 Systemd Project
Fedoraproject
Redhat
In systemd 240, bus_open_system_watch_bind_with_description in shared/bus-util.c (as used by systemd-resolved to connect to the system D-Bus instance), calls sd_bus_set_trusted, which disables access controls for incoming D-Bus messages.
4.4
2019-09-05 CVE-2019-12635 Cisco Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Content Security Management Appliance

A vulnerability in the authorization module of Cisco Content Security Management Appliance (SMA) Software could allow an authenticated, remote attacker to gain out-of-scope access to email.

4.3
2019-09-04 CVE-2019-15920 Linux
Opensuse
Use After Free vulnerability in multiple products

An issue was discovered in the Linux kernel before 5.0.10.

4.3
2019-09-03 CVE-2019-15871 Wpbrigade Missing Authorization vulnerability in Wpbrigade Loginpress

The LoginPress plugin before 1.1.4 for WordPress has no capability check for updates to settings.

4.3
2019-09-06 CVE-2019-16089 Linux NULL Pointer Dereference vulnerability in Linux Kernel

An issue was discovered in the Linux kernel through 5.2.13.

4.1

3 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-09-04 CVE-2019-10988 Philips Unspecified vulnerability in Philips HDI 4000 Firmware

In Philips HDI 4000 Ultrasound Systems, all versions running on old, unsupported operating systems such as Windows 2000, the HDI 4000 Ultrasound System is built on an old operating system that is no longer supported.

3.4
2019-09-04 CVE-2019-15919 Linux
Opensuse
Use After Free vulnerability in multiple products

An issue was discovered in the Linux kernel before 5.0.10.

3.3
2019-09-06 CVE-2019-9455 Google
Opensuse
Reachable Assertion vulnerability in multiple products

In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON statement.

2.3