Weekly Vulnerabilities Reports > September 16 to 22, 2019

Overview

303 new vulnerabilities reported during this period, including 8 critical vulnerabilities and 52 high severity vulnerabilities. This weekly summary report vulnerabilities in 1177 products from 152 vendors including Gitlab, Schneider Electric, IBM, Prise, and Microfocus. Vulnerabilities are notably categorized as "Cross-site Scripting", "Cross-Site Request Forgery (CSRF)", "SQL Injection", "Path Traversal", and "Information Exposure".

  • 291 reported vulnerabilities are remotely exploitables.
  • 4 reported vulnerabilities have public exploit available.
  • 125 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 232 reported vulnerabilities are exploitable by an anonymous user.
  • Gitlab has the most reported vulnerabilities, with 21 reported vulnerabilities.
  • Advantech has the most reported critical vulnerabilities, with 2 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

8 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-09-19 CVE-2019-3689 Linux NFS Incorrect Default Permissions vulnerability in Linux-Nfs Nfs-Utils

The nfs-utils package in SUSE Linux Enterprise Server 12 before and including version 1.3.0-34.18.1 and in SUSE Linux Enterprise Server 15 before and including version 2.1.1-6.10.2 the directory /var/lib/nfs is owned by statd:nogroup.

10.0
2019-09-18 CVE-2019-11210 Tibco Unspecified vulnerability in Tibco products

The server component of TIBCO Software Inc.'s TIBCO Enterprise Runtime for R - Server Edition, and TIBCO Spotfire Analytics Platform for AWS Marketplace contains a vulnerability that theoretically allows an unauthenticated user to bypass access controls and remotely execute code using the operating system account hosting the affected component.

10.0
2019-09-16 CVE-2019-16057 Dlink OS Command Injection vulnerability in Dlink Dns-320 Firmware

The login_mgr.cgi script in D-Link DNS-320 through 2.05.B10 is vulnerable to remote command injection.

10.0
2019-09-19 CVE-2019-15001 Atlassian Code Injection vulnerability in Atlassian Jira

The Jira Importers Plugin in Atlassian Jira Server and Data Cente from version with 7.0.10 before 7.6.16, from 7.7.0 before 7.13.8, from 8.0.0 before 8.1.3, from 8.2.0 before 8.2.5, from 8.3.0 before 8.3.4 and from 8.4.0 before 8.4.1 allows remote attackers with Administrator permissions to gain remote code execution via a template injection vulnerability through the use of a crafted PUT request.

9.0
2019-09-18 CVE-2019-11211 Tibco Unspecified vulnerability in Tibco products

The server component of TIBCO Software Inc.'s TIBCO Enterprise Runtime for R - Server Edition, and TIBCO Spotfire Analytics Platform for AWS Marketplace contains a vulnerability that theoretically allows an authenticated user to trigger remote code execution in certain circumstances.

9.0
2019-09-18 CVE-2019-13558 Advantech Code Injection vulnerability in Advantech Webaccess

In WebAccess versions 8.4.1 and prior, an exploit executed over the network may cause improper control of generation of code, which may allow remote code execution, data exfiltration, or cause a system crash.

9.0
2019-09-18 CVE-2019-13550 Advantech Unspecified vulnerability in Advantech Webaccess

In WebAccess, versions 8.4.1 and prior, an improper authorization vulnerability may allow an attacker to disclose sensitive information, cause improper control of generation of code, which may allow remote code execution or cause a system crash.

9.0
2019-09-16 CVE-2019-8371 Open EMR Code Injection vulnerability in Open-Emr Openemr 5.0.16

OpenEMR v5.0.1-6 allows code execution.

9.0

52 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-09-19 CVE-2019-16412 Tendacn Improper Input Validation vulnerability in Tendacn N301 Firmware

In goform/setSysTools on Tenda N301 wireless routers, attackers can trigger a device crash via a zero wanMTU value.

7.8
2019-09-18 CVE-2019-14458 Vivotek Unspecified vulnerability in Vivotek Camera

VIVOTEK IP Camera devices with firmware before 0x20x allow a denial of service via a crafted HTTP header.

7.8
2019-09-17 CVE-2019-6829 Schneider Electric Improper Handling of Exceptional Conditions vulnerability in Schneider-Electric Modicon M340 Firmware and Modicon M580 Firmware

A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 (firmware version prior to V2.90) and Modicon M340 (firmware version prior to V3.10), which could cause a possible denial of service when writing to specific memory addresses in the controller over Modbus.

7.8
2019-09-17 CVE-2019-6828 Schneider Electric Improper Handling of Exceptional Conditions vulnerability in Schneider-Electric products

A CWE-248: Uncaught Exception vulnerability exists Modicon M580 (firmware version prior to V2.90), Modicon M340 (firmware version prior to V3.10), Modicon Premium (all versions), and Modicon Quantum (all versions), which could cause a possible denial of service when reading specific coils and registers in the controller over Modbus.

7.8
2019-09-17 CVE-2019-6813 Schneider Electric Improper Check for Unusual or Exceptional Conditions vulnerability in Schneider-Electric Bmxnor0200H Firmware and Modicon M340 Firmware

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module (all firmware versions) and Modicon M340 controller (all firmware versions), which could cause denial of service when truncated SNMP packets on port 161/UDP are received by the device.

7.8
2019-09-17 CVE-2019-6809 Schneider Electric Improper Handling of Exceptional Conditions vulnerability in Schneider-Electric products

A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 (firmware versions prior to V2.90), Modicon M340 (firmware versions prior to V3.10), Modicon Premium (all versions), Modicon Quantum (all versions), which could cause a possible denial of service when reading invalid data from the controller.

7.8
2019-09-17 CVE-2019-4183 IBM Resource Exhaustion vulnerability in IBM Cognos Analytics 11.0.0/11.1.0

IBM Cognos Analytics 11.0, and 11.1 is vulnerable to a denial of service attack that could allow a remote user to send specially crafted requests that would consume all available CPU and memory resources.

7.8
2019-09-22 CVE-2019-16696 Phpipam SQL Injection vulnerability in PHPipam

phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit.php table parameter when action=add is used.

7.5
2019-09-22 CVE-2019-16695 Phpipam SQL Injection vulnerability in PHPipam

phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter.php table parameter when action=add is used.

7.5
2019-09-22 CVE-2019-16694 Phpipam SQL Injection vulnerability in PHPipam

phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit-result.php table parameter when action=add is used.

7.5
2019-09-22 CVE-2019-16693 Phpipam SQL Injection vulnerability in PHPipam

phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/order.php table parameter when action=add is used.

7.5
2019-09-22 CVE-2019-16692 Phpipam SQL Injection vulnerability in PHPipam

phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter-result.php table parameter when action=add is used.

7.5
2019-09-22 CVE-2018-21018 Joinmastodon Insufficient Session Expiration vulnerability in Joinmastodon Mastodon

Mastodon before 2.6.3 mishandles timeouts of incompletely established sessions.

7.5
2019-09-21 CVE-2019-16656 Joyplus Project Improper Input Validation vulnerability in Joyplus Project Joyplus 1.6.0

joyplus-cms 1.6.0 allows remote attackers to execute arbitrary PHP code via /install by placing the code in the name of an object in the database.

7.5
2019-09-21 CVE-2019-16650 Supermicro Unspecified vulnerability in Supermicro products

On Supermicro X10 and X11 products, a client's access privileges may be transferred to a different client that later has the same socket file descriptor number.

7.5
2019-09-20 CVE-2019-16644 Tuzicms SQL Injection vulnerability in Tuzicms 2.0.6

App\Home\Controller\ZhuantiController.class.php in TuziCMS 2.0.6 has SQL injection via the index.php/Zhuanti/group?id= substring.

7.5
2019-09-20 CVE-2019-16642 Yejiao SQL Injection vulnerability in Yejiao Tuzicms 2.0.6

App\Mobile\Controller\ZhuantiController.class.php in TuziCMS 2.0.6 has SQL injection via the index.php/Mobile/Zhuanti/group?id= substring.

7.5
2019-09-20 CVE-2016-11000 Smackcoders SQL Injection vulnerability in Smackcoders Ultimate Exporter 1.0/1.1

The wp-ultimate-exporter plugin through 1.1 for WordPress has SQL injection via the export_type_name parameter.

7.5
2019-09-20 CVE-2019-15088 Prise Unspecified vulnerability in Prise Adas 1.7.0

An issue was discovered in PRiSE adAS 1.7.0.

7.5
2019-09-20 CVE-2019-14914 Prise Path Traversal vulnerability in Prise Adas 1.7.0

An issue was discovered in PRiSE adAS 1.7.0.

7.5
2019-09-18 CVE-2019-3758 RSA Weak Password Requirements vulnerability in RSA Archer

RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper authentication vulnerability.

7.5
2019-09-18 CVE-2019-5067 Aspose Use of Uninitialized Resource vulnerability in Aspose Aspose.Pdf FOR C++ 19.2

An uninitialized memory access vulnerability exists in the way Aspose.PDF 19.2 for C++ handles invalid parent object pointers.

7.5
2019-09-18 CVE-2019-5066 Aspose Use After Free vulnerability in Aspose Aspose.Pdf for C++ 19.2

An exploitable use-after-free vulnerability exists in the way LZW-compressed streams are processed in Aspose.PDF 19.2 for C++.

7.5
2019-09-18 CVE-2019-15301 Terrasoft SQL Injection vulnerability in Terrasoft BPM Online CRM System SDK 7.13

A SQL injection vulnerability in the method Terrasoft.Core.DB.Column.Const() in Terrasoft Bpm'online CRM-System SDK 7.13 allows attackers to execute arbitrary SQL commands via the value parameter.

7.5
2019-09-18 CVE-2019-9677 Dahuasecurity Classic Buffer Overflow vulnerability in Dahuasecurity products

The specific fields of CGI interface of some Dahua products are not strictly verified, an attacker can cause a buffer overflow by constructing malicious packets.

7.5
2019-09-18 CVE-2019-14254 Publisure SQL Injection vulnerability in Publisure 2.1.2

An issue was discovered in the secure portal in Publisure 2.1.2.

7.5
2019-09-18 CVE-2019-16399 Westerndigital Use of Hard-coded Credentials vulnerability in Westerndigital WD MY Book Firmware

Western Digital WD My Book World through II 1.02.12 suffers from Broken Authentication, which allows an attacker to access the /admin/ directory without credentials.

7.5
2019-09-18 CVE-2016-10995 Templatic Unrestricted Upload of File with Dangerous Type vulnerability in Templatic Telvolution

The Tevolution plugin before 2.3.0 for WordPress has arbitrary file upload via single_upload.php or single-upload.php.

7.5
2019-09-17 CVE-2019-16199 EQ 3 Missing Authentication for Critical Function vulnerability in Eq-3 Homematic Ccu2 Firmware and Homematic Ccu3 Firmware

eQ-3 Homematic CCU2 before 2.47.18 and CCU3 before 3.47.18 allow Remote Code Execution by unauthenticated attackers with access to the web interface via an HTTP POST request to certain URLs related to the ReGa core process.

7.5
2019-09-17 CVE-2019-6840 Schneider Electric Use of Externally-Controlled Format String vulnerability in Schneider-Electric products

A Format String: CWE-134 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow an attacker to send a crafted message to the target server, thereby causing arbitrary commands to be executed.

7.5
2019-09-17 CVE-2019-16378 Trusteddomain Authentication Bypass by Spoofing vulnerability in Trusteddomain Opendmarc

OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 is prone to a signature-bypass vulnerability with multiple From: addresses, which might affect applications that consider a domain name to be relevant to the origin of an e-mail message.

7.5
2019-09-17 CVE-2019-16239 Infradead
Fedoraproject
Classic Buffer Overflow vulnerability in multiple products

process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes.

7.5
2019-09-17 CVE-2019-15131 Code42 Unrestricted Upload of File with Dangerous Type vulnerability in Code42

In Code42 Enterprise 6.7.5 and earlier, 6.8.4 through 6.8.8, and 7.0.0 a vulnerability has been identified that may allow arbitrary files to be uploaded to Code42 servers and executed.

7.5
2019-09-16 CVE-2019-5482 Haxx Classic Buffer Overflow vulnerability in Haxx Curl

Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.

7.5
2019-09-16 CVE-2019-5481 Haxx Double Free vulnerability in Haxx Curl

Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.

7.5
2019-09-16 CVE-2019-15741 Gitlab Unspecified vulnerability in Gitlab Omnibus

An issue was discovered in GitLab Omnibus 7.4 through 12.2.1.

7.5
2019-09-16 CVE-2019-16366 Moddable Classic Buffer Overflow vulnerability in Moddable and XS

In XS 9.0.0 in Moddable SDK OS180329, there is a heap-based buffer overflow in fxBeginHost in xsAPI.c when called from fxRunDefine in xsRun.c, as demonstrated by crafted JavaScript code to xst.

7.5
2019-09-16 CVE-2016-10972 Tagdiv Improper Privilege Management vulnerability in Tagdiv Newspaper 6.7.0/6.7.1

The newspaper theme before 6.7.2 for WordPress has a lack of options access control via td_ajax_update_panel.

7.5
2019-09-16 CVE-2019-0195 Apache Deserialization of Untrusted Data vulnerability in Apache Tapestry 5.4.0

Manipulating classpath asset file URLs, an attacker could guess the path to a known file in the classpath and have it downloaded.

7.5
2019-09-16 CVE-2019-16264 Egpp SQL Injection vulnerability in Egpp Sistema Integrado DE Gestion Academica 1

In Escuela de Gestion Publica Plurinacional (EGPP) Sistema Integrado de Gestion Academica (GESAC) v1, the username parameter of the authentication form is vulnerable to SQL injection, allowing attackers to access the database.

7.5
2019-09-16 CVE-2016-10971 Membersonic Improper Privilege Management vulnerability in Membersonic 1.2/1.301

The MemberSonic Lite plugin before 1.302 for WordPress has incorrect login access control because only knowlewdge of an e-mail address is required.

7.5
2019-09-16 CVE-2019-13474 Telestar Use of Hard-coded Credentials vulnerability in Telestar products

TELESTAR Bobs Rock Radio, Dabman D10, Dabman i30 Stereo, Imperial i110, Imperial i150, Imperial i200, Imperial i200-cd, Imperial i400, Imperial i450, Imperial i500-bt, and Imperial i600 TN81HH96-g102h-g102 devices have insufficient access control for the /set_dname, /mylogo, /LocalPlay, /irdevice.xml, /Sendkey, /setvol, /hotkeylist, /init, /playlogo.jpg, /stop, /exit, /back, and /playinfo commands.

7.5
2019-09-16 CVE-2017-18634 Tagdiv Injection vulnerability in Tagdiv Newspaper 6.7.0/6.7.1

The newspaper theme before 6.7.2 for WordPress has script injection via td_ads[header] to admin-ajax.php.

7.5
2019-09-20 CVE-2019-6145 Forcepoint Unquoted Search Path or Element vulnerability in Forcepoint VPN Client 6.6.0

Forcepoint VPN Client for Windows versions lower than 6.6.1 have an unquoted search path vulnerability.

7.2
2019-09-20 CVE-2019-14816 Linux
Redhat
Classic Buffer Overflow vulnerability in Linux Kernel

There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

7.2
2019-09-20 CVE-2019-14814 Linux
Redhat
Classic Buffer Overflow vulnerability in Linux Kernel

There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

7.2
2019-09-19 CVE-2019-14821 Linux
Redhat
Canonical
Opensuse
Fedoraproject
Debian
Netapp
Oracle
Out-of-bounds Write vulnerability in multiple products

An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation.

7.2
2019-09-19 CVE-2019-16398 Keeper Improper Input Validation vulnerability in Keeper K5 Firmware 20.1.0.25/20.1.0.63

On Keeper K5 20.1.0.25 and 20.1.0.63 devices, remote code execution can occur by inserting an SD card containing a file named zskj_script_run.sh that executes a reverse shell.

7.2
2019-09-17 CVE-2019-14835 Linux
Canonical
Debian
Fedoraproject
Opensuse
Netapp
Redhat
Huawei
Classic Buffer Overflow vulnerability in multiple products

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration.

7.2
2019-09-19 CVE-2019-9720 Libav Classic Buffer Overflow vulnerability in Libav

A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf.

7.1
2019-09-19 CVE-2019-9717 Libav Improper Input Validation vulnerability in Libav

In Libav 12.3, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c has a complex format argument to sscanf.

7.1
2019-09-17 CVE-2019-6830 Schneider Electric Improper Handling of Exceptional Conditions vulnerability in Schneider-Electric Modicon M580 Firmware

A CWE-248: Uncaught Exception vulnerability exists IN Modicon M580 all versions prior to V2.80, which could cause a possible denial of service when sending an appropriately timed HTTP request to the controller.

7.1

220 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-09-21 CVE-2019-16660 Joyplus Project Cross-Site Request Forgery (CSRF) vulnerability in Joyplus Project Joyplus 1.6.0

joyplus-cms 1.6.0 has admin_ajax.php?action=savexml&tab=vodplay CSRF.

6.8
2019-09-21 CVE-2019-16659 Tuzicms Cross-Site Request Forgery (CSRF) vulnerability in Tuzicms 2.0.6

TuziCMS 2.0.6 has index.php/manage/link/do_add CSRF.

6.8
2019-09-21 CVE-2019-16658 Tuzicms Cross-Site Request Forgery (CSRF) vulnerability in Tuzicms 2.0.6

TuziCMS 2.0.6 has index.php/manage/notice/do_add CSRF.

6.8
2019-09-20 CVE-2015-9402 Usersultra Unrestricted Upload of File with Dangerous Type vulnerability in Usersultra Users Ultra Membership

The users-ultra plugin before 1.5.59 for WordPress has uultra-form-cvs-form-conf arbitrary file upload.

6.8
2019-09-20 CVE-2015-9394 Usersultra Cross-Site Request Forgery (CSRF) vulnerability in Usersultra Users Ultra Membership 1.5.59

The users-ultra plugin before 1.5.63 for WordPress has CSRF via action=package_add_new to wp-admin/admin-ajax.php.

6.8
2019-09-20 CVE-2019-15089 Prise Cross-Site Request Forgery (CSRF) vulnerability in Prise Adas 1.7.0

An issue was discovered in PRiSE adAS 1.7.0.

6.8
2019-09-20 CVE-2019-16531 Layerbb Cross-Site Request Forgery (CSRF) vulnerability in Layerbb

LayerBB before 1.1.4 has multiple CSRF issues, as demonstrated by changing the System Settings via admin/general.php.

6.8
2019-09-19 CVE-2019-9719 Libav Classic Buffer Overflow vulnerability in Libav

** DISPUTED ** A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf.

6.8
2019-09-19 CVE-2019-15000 Atlassian OS Command Injection vulnerability in Atlassian Bitbucket

The commit diff rest endpoint in Bitbucket Server and Data Center before 5.16.10 (the fixed version for 5.16.x ), from 6.0.0 before 6.0.10 (the fixed version for 6.0.x), from 6.1.0 before 6.1.8 (the fixed version for 6.1.x), from 6.2.0 before 6.2.6 (the fixed version for 6.2.x), from 6.3.0 before 6.3.5 (the fixed version for 6.3.x), from 6.4.0 before 6.4.3 (the fixed version for 6.4.x), and from 6.5.0 before 6.5.2 (the fixed version for 6.5.x) allows remote attackers who have permission to access a repository, if public access is enabled for a project or repository then attackers are able to exploit this issue anonymously, to read the contents of arbitrary files on the system and execute commands via injecting additional arguments into git commands.

6.8
2019-09-19 CVE-2019-6010 Linecorp Integer Overflow or Wraparound vulnerability in Linecorp Line

Integer overflow vulnerability in LINE(Android) from 4.4.0 to the version before 9.15.1 allows remote attackers to cause a denial of service (DoS) condition or execute arbitrary code via a specially crafted image.

6.8
2019-09-19 CVE-2019-15943 Valvesoftware Out-of-bounds Write vulnerability in Valvesoftware Counter-Strike: Global Offensive

vphysics.dll in Counter-Strike: Global Offensive before 1.37.1.1 allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is mishandled during a memset call.

6.8
2019-09-17 CVE-2019-16396 Gnucobol Project Use After Free vulnerability in Gnucobol Project Gnucobol 2.2

GnuCOBOL 2.2 has a use-after-free in the end_scope_of_program_name() function in cobc/parser.y via crafted COBOL source code.

6.8
2019-09-17 CVE-2019-16395 Gnucobol Project Classic Buffer Overflow vulnerability in Gnucobol Project Gnucobol 2.2

GnuCOBOL 2.2 has a stack-based buffer overflow in the cb_name() function in cobc/tree.c via crafted COBOL source code.

6.8
2019-09-17 CVE-2019-6832 Schneider Electric Improper Authentication vulnerability in Schneider-Electric Spacelynk Firmware and Wiser FOR KNX Firmware

A CWE-287: Authentication vulnerability exists in spaceLYnk (all versions before 2.4.0) and Wiser for KNX (all versions before 2.4.0 - formerly known as homeLYnk), which could cause loss of control when an attacker bypasses the authentication.

6.8
2019-09-17 CVE-2019-6826 SE Untrusted Search Path vulnerability in SE Somachine Hvac 2.1.0/2.4.1

A CWE-426: Untrusted Search Path vulnerability exists in SoMachine HVAC v2.4.1 and earlier versions, which could cause arbitrary code execution on the system running SoMachine HVAC when a malicious DLL library is loaded by the product.

6.8
2019-09-17 CVE-2019-13538 Codesys Cross-site Scripting vulnerability in Codesys

3S-Smart Software Solutions GmbH CODESYS V3 Library Manager, all versions prior to 3.5.16.0, allows the system to display active library content without checking its validity, which may allow the contents of manipulated libraries to be displayed or executed.

6.8
2019-09-17 CVE-2019-11666 Microfocus Deserialization of Untrusted Data vulnerability in Microfocus Service Manager

Insecure deserialization of untrusted data in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62.

6.8
2019-09-17 CVE-2016-10989 Leenk Cross-Site Request Forgery (CSRF) vulnerability in Leenk Leenk.Me

The leenkme plugin before 2.6.0 for WordPress has wp-admin/admin.php?page=leenkme_facebook CSRF.

6.8
2019-09-17 CVE-2016-10982 Kentothemes Cross-Site Request Forgery (CSRF) vulnerability in Kentothemes Kento-Post-View-Counter

The kento-post-view-counter plugin through 2.8 for WordPress has wp-admin/admin.php?page=kentopvc_settings CSRF.

6.8
2019-09-17 CVE-2016-10978 Fossura Cross-Site Request Forgery (CSRF) vulnerability in Fossura TAG Miner

The fossura-tag-miner plugin before 1.1.5 for WordPress has CSRF.

6.8
2019-09-17 CVE-2016-10974 Tonjoostudio Cross-Site Request Forgery (CSRF) vulnerability in Tonjoostudio Fluid-Responsive-Slideshow

The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has frs_save CSRF with resultant stored XSS.

6.8
2019-09-16 CVE-2019-10071 Apache Improper Input Validation vulnerability in Apache Tapestry 5.4.0

The code which checks HMAC in form submissions used String.equals() for comparisons, which results in a timing side channel for the comparison of the HMAC signatures.

6.8
2019-09-16 CVE-2019-16347 Ngiflib Project Incorrect Calculation vulnerability in Ngiflib Project Ngiflib 0.4

ngiflib 0.4 has a heap-based buffer overflow in WritePixels() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled.

6.8
2019-09-16 CVE-2019-16346 Ngiflib Project Incorrect Calculation vulnerability in Ngiflib Project Ngiflib 0.4

ngiflib 0.4 has a heap-based buffer overflow in WritePixel() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled.

6.8
2019-09-20 CVE-2019-11326 Topcon Forced Browsing vulnerability in Topcon Net-G5 Firmware 5.2.2

An issue was discovered on Topcon Positioning Net-G5 GNSS Receiver devices with firmware 5.2.2.

6.5
2019-09-20 CVE-2019-11280 Pivotal Software Improper Privilege Management vulnerability in Pivotal Software Pivotal Application Service

Pivotal Apps Manager, included in Pivotal Application Service versions 2.3.x prior to 2.3.18, 2.4.x prior to 2.4.14, 2.5.x prior to 2.5.10, and 2.6.x prior to 2.6.5, contains an invitations microservice which allows users to invite others to their organizations.

6.5
2019-09-20 CVE-2015-9400 Typomedia SQL Injection vulnerability in Typomedia Wordpress Meta Robots 2.1

The wordpress-meta-robots plugin through 2.1 for WordPress has wp-admin/post-new.php text SQL injection.

6.5
2019-09-20 CVE-2015-9399 Trivetechnology SQL Injection vulnerability in Trivetechnology Wp-Stats-Dashboard 2.9.4

The wp-stats-dashboard plugin through 2.9.4 for WordPress has admin/graph_trend.php type SQL injection.

6.5
2019-09-20 CVE-2015-9398 Webmaster Source SQL Injection vulnerability in Webmaster-Source Gocodes 1.3.5

The gocodes plugin through 1.3.5 for WordPress has wp-admin/tools.php gcid SQL injection.

6.5
2019-09-20 CVE-2015-9395 Usersultra SQL Injection vulnerability in Usersultra Users Ultra Membership 1.5.59/1.5.63

The users-ultra plugin before 1.5.64 for WordPress has SQL Injection via an ajax action.

6.5
2019-09-20 CVE-2016-11004 Elegantthemes Improper Privilege Management vulnerability in Elegantthemes Monarch 1.1.1

The Elegant Themes Monarch plugin before 1.2.7 for WordPress has privilege escalation.

6.5
2019-09-20 CVE-2016-11003 Elegantthemes Improper Privilege Management vulnerability in Elegantthemes Monarch

The Elegant Themes Bloom plugin before 1.1.1 for WordPress has privilege escalation.

6.5
2019-09-20 CVE-2016-11002 Elegantthemes Improper Privilege Management vulnerability in Elegantthemes Extra

The Elegant Themes Extra theme before 1.2.4 for WordPress has privilege escalation.

6.5
2019-09-20 CVE-2019-15087 Prise Code Injection vulnerability in Prise Adas 1.7.0

An issue was discovered in PRiSE adAS 1.7.0.

6.5
2019-09-18 CVE-2019-13556 Advantech Out-of-bounds Write vulnerability in Advantech Webaccess

In WebAccess versions 8.4.1 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data.

6.5
2019-09-18 CVE-2019-11661 Microfocus Unspecified vulnerability in Microfocus Service Manager

Allow changes to some table by non-SysAdmin in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62.

6.5
2019-09-18 CVE-2019-5042 Aspose Use After Free vulnerability in Aspose Aspose.Pdf for C++ 19.2

An exploitable Use-After-Free vulnerability exists in the way FunctionType 0 PDF elements are processed in Aspose.PDF 19.2 for C++.

6.5
2019-09-18 CVE-2019-13552 Advantech OS Command Injection vulnerability in Advantech Webaccess

In WebAccess versions 8.4.1 and prior, multiple command injection vulnerabilities are caused by a lack of proper validation of user-supplied data and may allow arbitrary file deletion and remote code execution.

6.5
2019-09-18 CVE-2019-9679 Dahuasecurity Incorrect Default Permissions vulnerability in Dahuasecurity products

Some of Dahua's Debug functions do not have permission separation.

6.5
2019-09-18 CVE-2019-14252 Publisure Unrestricted Upload of File with Dangerous Type vulnerability in Publisure 2.1.2

An issue was discovered in the secure portal in Publisure 2.1.2.

6.5
2019-09-18 CVE-2019-16403 Webkul Authorization Bypass Through User-Controlled Key vulnerability in Webkul Bagisto

In Webkul Bagisto before 0.1.5, the functionalities for customers to change their own values (such as address, review, orders, etc.) can also be manipulated by other customers.

6.5
2019-09-17 CVE-2019-6839 Schneider Electric Unrestricted Upload of File with Dangerous Type vulnerability in Schneider-Electric products

A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow a user with low privileges to upload a rogue file.

6.5
2019-09-17 CVE-2019-6810 Schneider Electric Incorrect Authorization vulnerability in Schneider-Electric Bmxnor0200H Firmware

CWE-284: Improper Access Control vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module (all firmware versions), which could cause the execution of commands by unauthorized users when using IEC 60870-5-104 protocol.

6.5
2019-09-17 CVE-2019-9008 Codesys Incorrect Permission Assignment for Critical Resource vulnerability in Codesys products

An issue was discovered in 3S-Smart CODESYS V3 through 3.5.12.30.

6.5
2019-09-16 CVE-2019-4147 IBM SQL Injection vulnerability in IBM Sterling File Gateway

IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 is vulnerable to SQL injection.

6.5
2019-09-16 CVE-2016-10968 Peepso Improper Privilege Management vulnerability in Peepso

The peepso-core plugin before 1.6.1 for WordPress has PeepSoProfilePreferencesAjax->save() privilege escalation.

6.5
2019-09-16 CVE-2016-10960 Joomlaserviceprovider Improper Input Validation vulnerability in Joomlaserviceprovider Wsecure

The wsecure plugin before 2.4 for WordPress has remote code execution via shell metacharacters in the wsecure-config.php publish parameter.

6.5
2019-09-21 CVE-2019-16655 Joyplus Project Improper Input Validation vulnerability in Joyplus Project Joyplus 1.6.0

joyplus-cms 1.6.0 allows reinstallation if the install/ URI remains available.

6.4
2019-09-18 CVE-2019-14253 Publisure Missing Authentication for Critical Function vulnerability in Publisure 2.1.2

An issue was discovered in servletcontroller in the secure portal in Publisure 2.1.2.

6.4
2019-09-17 CVE-2019-6837 Schneider Electric Server-Side Request Forgery (SSRF) vulnerability in Schneider-Electric products

A Server-Side Request Forgery (SSRF): CWE-918 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could cause server configuration data to be exposed when an attacker modifies a URL.

6.4
2019-09-16 CVE-2019-15737 Gitlab Unspecified vulnerability in Gitlab

An issue was discovered in GitLab Community and Enterprise Edition through 12.2.1.

6.4
2019-09-16 CVE-2016-10965 Creativeinteractivemedia Path Traversal vulnerability in Creativeinteractivemedia Real3D Flipbook 1.0

The real3d-flipbook-lite plugin 1.0 for WordPress has deleteBook=../ directory traversal for file deletion.

6.4
2019-09-21 CVE-2019-16677 Idreamsoft Cross-Site Request Forgery (CSRF) vulnerability in Idreamsoft Icms 7.0.0

An issue was discovered in idreamsoft iCMS V7.0.

5.8
2019-09-20 CVE-2019-6650 F5 Unspecified vulnerability in F5 Big-Ip Application Security Manager

F5 BIG-IP ASM 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.6.0-11.6.4, and 11.5.1-11.5.9 may expose sensitive information and allow the system configuration to be modified when using non-default settings.

5.8
2019-09-20 CVE-2019-6649 F5 Unspecified vulnerability in F5 products

F5 BIG-IP 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.6.0-11.6.4, and 11.5.1-11.5.9 and Enterprise Manager 3.1.1 may expose sensitive information and allow the system configuration to be modified when using non-default ConfigSync settings.

5.8
2019-09-20 CVE-2019-14912 Prise Open Redirect vulnerability in Prise Adas 1.7.0

An issue was discovered in PRiSE adAS 1.7.0.

5.8
2019-09-19 CVE-2019-16511 Firegiant Path Traversal vulnerability in Firegiant WIX Toolset

An issue was discovered in DTF in FireGiant WiX Toolset before 3.11.2.

5.8
2019-09-18 CVE-2019-5531 Vmware Insufficient Session Expiration vulnerability in VMWare Esxi, Vcenter Server and Vsphere Esxi

VMware vSphere ESXi (6.7 prior to ESXi670-201810101-SG, 6.5 prior to ESXi650-201811102-SG, and 6.0 prior to ESXi600-201807103-SG) and VMware vCenter Server (6.7 prior to 6.7 U1b, 6.5 prior to 6.5 U2b, and 6.0 prior to 6.0 U3j) contain an information disclosure vulnerability in clients arising from insufficient session expiration.

5.8
2019-09-18 CVE-2019-15843 MI Unrestricted Upload of File with Dangerous Type vulnerability in MI Xiaomi Millet Firmware 16.3.9.3

A malicious file upload vulnerability was discovered in Xiaomi Millet mobile phones 1-6.3.9.3.

5.8
2019-09-17 CVE-2019-16393 Spip Open Redirect vulnerability in Spip

SPIP before 3.1.11 and 3.2 before 3.2.5 mishandles redirect URLs in ecrire/inc/headers.php with a %0D, %0A, or %20 character.

5.8
2019-09-16 CVE-2019-16371 Logmein Insufficiently Protected Credentials vulnerability in Logmein Lastpass

LogMeIn LastPass before 4.33.0 allows attackers to construct a crafted web site that captures the credentials for a victim's account on a previously visited web site, because do_popupregister can be bypassed via clickjacking.

5.8
2019-09-20 CVE-2019-5521 Vmware Out-of-bounds Read vulnerability in VMWare Esxi, Fusion and Workstation

VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6) and Fusion (11.x before 11.0.3 and 10.x before 10.1.6) contain an out-of-bounds read vulnerability in the pixel shader functionality.

5.5
2019-09-18 CVE-2019-11778 Eclipse Use After Free vulnerability in Eclipse Mosquitto

If an MQTT v5 client connects to Eclipse Mosquitto versions 1.6.0 to 1.6.4 inclusive, sets a last will and testament, sets a will delay interval, sets a session expiry interval, and the will delay interval is set longer than the session expiry interval, then a use after free error occurs, which has the potential to cause a crash in some situations.

5.5
2019-09-17 CVE-2019-6838 Schneider Electric Unspecified vulnerability in Schneider-Electric products

A CWE-863: Incorrect Authorization vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow a user with low privileges to delete a critical file.

5.5
2019-09-16 CVE-2019-15721 Gitlab Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab

An issue was discovered in GitLab Community and Enterprise Edition 10.8 through 12.2.1.

5.5
2019-09-16 CVE-2019-16170 Gitlab Unspecified vulnerability in Gitlab

An issue was discovered in GitLab Enterprise Edition 11.x and 12.x before 12.0.9, 12.1.x before 12.1.9, and 12.2.x before 12.2.5.

5.5
2019-09-21 CVE-2019-16669 Pagekit Information Exposure Through Discrepancy vulnerability in Pagekit 1.0.17

The Reset Password feature in Pagekit 1.0.17 gives a different response depending on whether the e-mail address of a valid user account is entered, which might make it easier for attackers to enumerate accounts.

5.0
2019-09-21 CVE-2019-16649 Supermicro Improper Authentication vulnerability in Supermicro products

On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination of encryption and authentication problems in the virtual media service allows capture of BMC credentials and data transferred over virtual media devices.

5.0
2019-09-20 CVE-2019-15138 Html PDF Project Information Exposure vulnerability in Html-Pdf Project Html-Pdf

The html-pdf package 2.2.0 for Node.js has an arbitrary file read vulnerability via an HTML file that uses XMLHttpRequest to access a file:/// URL.

5.0
2019-09-20 CVE-2015-9406 Mtheme Unus Project Path Traversal vulnerability in Mtheme-Unus Project Mtheme-Unus

Directory traversal vulnerability in the mTheme-Unus theme before 2.3 for WordPress allows an attacker to read arbitrary files via a ..

5.0
2019-09-20 CVE-2014-10397 Para Path Traversal vulnerability in Para Antioch 20140907

The Antioch theme through 2014-09-07 for WordPress allows arbitrary file downloads via the file parameter to lib/scripts/download.php.

5.0
2019-09-20 CVE-2014-10396 Organizedthemes Path Traversal vulnerability in Organizedthemes Epic

The epic theme through 2014-09-07 for WordPress allows arbitrary file downloads via the file parameter to includes/download.php.

5.0
2019-09-20 CVE-2019-16645 Embedthis Code Injection vulnerability in Embedthis Goahead 2.5.0

An issue was discovered in Embedthis GoAhead 2.5.0.

5.0
2019-09-20 CVE-2019-4565 IBM Weak Password Requirements vulnerability in IBM Security KEY Lifecycle Manager

IBM Security Key Lifecycle Manager 3.0 and 3.0.1 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.

5.0
2019-09-20 CVE-2019-4505 IBM Unspecified vulnerability in IBM products

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Network Deployment could allow a remote attacker to obtain sensitive information, caused by sending a specially-crafted URL.

5.0
2019-09-20 CVE-2016-11010 Usabilitydynamics Exposure of Resource to Wrong Sphere vulnerability in Usabilitydynamics Wp-Invoice

The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_twocheckout payer metadata updates.

5.0
2019-09-20 CVE-2016-11009 Usabilitydynamics Exposure of Resource to Wrong Sphere vulnerability in Usabilitydynamics Wp-Invoice

The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_interkassa payer metadata updates.

5.0
2019-09-20 CVE-2016-11008 Usabilitydynamics Exposure of Resource to Wrong Sphere vulnerability in Usabilitydynamics Wp-Invoice

The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_paypal payer metadata updates.

5.0
2019-09-20 CVE-2016-11007 Usabilitydynamics Exposure of Resource to Wrong Sphere vulnerability in Usabilitydynamics Wp-Invoice

The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_user_id for invoice retrieval.

5.0
2019-09-20 CVE-2016-11006 Usabilitydynamics Exposure of Resource to Wrong Sphere vulnerability in Usabilitydynamics Wp-Invoice

The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control for admin_init settings changes.

5.0
2019-09-20 CVE-2016-10996 Optinmonster Incorrect Authorization vulnerability in Optinmonster

The optinmonster plugin before 1.1.4.6 for WordPress has incorrect access control for shortcodes because of a nonce leak.

5.0
2019-09-20 CVE-2019-15085 Prise Information Exposure vulnerability in Prise Adas 1.7.0

An issue was discovered in PRiSE adAS 1.7.0.

5.0
2019-09-19 CVE-2019-15032 Pydio Information Exposure Through an Error Message vulnerability in Pydio 6.0.8

Pydio 6.0.8 mishandles error reporting when a directory allows unauthenticated uploads, and the remote-upload option is used with the http://localhost:22 URL.

5.0
2019-09-19 CVE-2019-16510 MZ Automation Use After Free vulnerability in Mz-Automation Libiec61850

libIEC61850 through 1.3.3 has a use-after-free in MmsServer_waitReady in mms/iso_mms/server/mms_server.c, as demonstrated by server_example_goose.

5.0
2019-09-19 CVE-2019-16413 Linux Infinite Loop vulnerability in Linux Kernel

An issue was discovered in the Linux kernel before 5.0.4.

5.0
2019-09-18 CVE-2019-9680 Dahuasecurity Information Exposure vulnerability in Dahuasecurity products

Some Dahua products have information leakage issues.

5.0
2019-09-18 CVE-2019-9678 Dahuasecurity Improper Input Validation vulnerability in Dahuasecurity products

Some Dahua products have the problem of denial of service during the login process.

5.0
2019-09-18 CVE-2019-12620 Cisco Insufficient Verification of Data Authenticity vulnerability in Cisco products

A vulnerability in the statistics collection service of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to inject arbitrary values on an affected device.

5.0
2019-09-17 CVE-2019-16394 Spip Information Exposure vulnerability in Spip

SPIP before 3.1.11 and 3.2 before 3.2.5 provides different error messages from the password-reminder page depending on whether an e-mail address exists, which might help attackers to enumerate subscribers.

5.0
2019-09-17 CVE-2019-6836 Schneider Electric Unspecified vulnerability in Schneider-Electric products

A CWE-863: Incorrect Authorization vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow the file system to access the wrong file.

5.0
2019-09-17 CVE-2019-6831 Schneider Electric Improper Check for Unusual or Exceptional Conditions vulnerability in Schneider-Electric Bmxnor0200H Firmware

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module (all firmware versions), which could cause disconnection of active connections when an unusually high number of IEC 60870- 5-104 packets are received by the module on port 2404/TCP.

5.0
2019-09-17 CVE-2019-6811 Schneider Electric Improper Check for Unusual or Exceptional Conditions vulnerability in Schneider-Electric products

An Improper Check for Unusual or Exceptional Conditions (CWE-754) vulnerability exists in Modicon Quantum 140 NOE771x1 version 6.9 and earlier, which could cause denial of service when the module receives an IP fragmented packet with a length greater than 65535 bytes.

5.0
2019-09-17 CVE-2019-11665 Microfocus Unspecified vulnerability in Microfocus Service Manager

Data exposure in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62.

5.0
2019-09-17 CVE-2018-7820 Schneider Electric Insufficiently Protected Credentials vulnerability in Schneider-Electric products

A Credentials Management CWE-255 vulnerability exists in the APC UPS Network Management Card 2 AOS v6.5.6, which could cause Remote Monitoring Credentials to be viewed in plaintext when Remote Monitoring is enabled, and then disabled.

5.0
2019-09-17 CVE-2019-4268 IBM Path Traversal vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system.

5.0
2019-09-17 CVE-2019-4175 IBM Inadequate Encryption Strength vulnerability in IBM Cognos Controller 10.4.0/10.4.1

IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

5.0
2019-09-17 CVE-2019-11667 Microfocus Unspecified vulnerability in Microfocus Service Manager

Unauthorized access to contact information in Micro Focus Service Manager, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62.

5.0
2019-09-17 CVE-2019-9681 Dahuasecurity Missing Encryption of Sensitive Data vulnerability in Dahuasecurity products

Online upgrade information in some firmware packages of Dahua products is not encrypted.

5.0
2019-09-17 CVE-2019-9009 Codesys Improper Input Validation vulnerability in Codesys products

An issue was discovered in 3S-Smart CODESYS before 3.5.15.0 .

5.0
2019-09-17 CVE-2018-20336 Asus Classic Buffer Overflow vulnerability in Asus Asuswrt-Merlin 3.0.0.4.384.20308

An issue was discovered in ASUSWRT 3.0.0.4.384.20308.

5.0
2019-09-17 CVE-2019-15729 Gitlab Information Exposure vulnerability in Gitlab

An issue was discovered in GitLab Community and Enterprise Edition 8.18 through 12.2.1.

5.0
2019-09-17 CVE-2016-10991 Imdb Widget Project Improper Input Validation vulnerability in Imdb-Widget Project Imdb-Widget 1.0.8

The imdb-widget plugin before 1.0.9 for WordPress has Local File Inclusion.

5.0
2019-09-16 CVE-2019-15740 Gitlab Information Exposure vulnerability in Gitlab

An issue was discovered in GitLab Community and Enterprise Edition 7.9 through 12.2.1.

5.0
2019-09-16 CVE-2019-15738 Gitlab Information Exposure vulnerability in Gitlab

An issue was discovered in GitLab Community and Enterprise Edition 12.0 through 12.2.1.

5.0
2019-09-16 CVE-2019-15736 Gitlab Allocation of Resources Without Limits or Throttling vulnerability in Gitlab

An issue was discovered in GitLab Community and Enterprise Edition through 12.2.1.

5.0
2019-09-16 CVE-2019-15732 Gitlab Information Exposure vulnerability in Gitlab 12.2.0/12.2.1/12.2.2

An issue was discovered in GitLab Community and Enterprise Edition 12.2 through 12.2.1.

5.0
2019-09-16 CVE-2019-15731 Gitlab Server-Side Request Forgery (SSRF) vulnerability in Gitlab

An issue was discovered in GitLab Community and Enterprise Edition 12.0 through 12.2.1.

5.0
2019-09-16 CVE-2019-15730 Gitlab Server-Side Request Forgery (SSRF) vulnerability in Gitlab

An issue was discovered in GitLab Community and Enterprise Edition 8.14 through 12.2.1.

5.0
2019-09-16 CVE-2019-15728 Gitlab Server-Side Request Forgery (SSRF) vulnerability in Gitlab

An issue was discovered in GitLab Community and Enterprise Edition 10.1 through 12.2.1.

5.0
2019-09-16 CVE-2019-15727 Gitlab Information Exposure vulnerability in Gitlab

An issue was discovered in GitLab Community and Enterprise Edition 11.2 through 12.2.1.

5.0
2019-09-16 CVE-2019-15726 Gitlab Information Exposure vulnerability in Gitlab

An issue was discovered in GitLab Community and Enterprise Edition through 12.2.1.

5.0
2019-09-16 CVE-2019-15725 Gitlab Authorization Bypass Through User-Controlled Key vulnerability in Gitlab

An issue was discovered in GitLab Community and Enterprise Edition 12.0 through 12.2.1.

5.0
2019-09-16 CVE-2019-15723 Gitlab Missing Authorization vulnerability in Gitlab

An issue was discovered in GitLab Community and Enterprise Edition 11.9.x and 11.10.x before 11.10.1.

5.0
2019-09-16 CVE-2019-15722 Gitlab Allocation of Resources Without Limits or Throttling vulnerability in Gitlab

An issue was discovered in GitLab Community and Enterprise Edition 8.15 through 12.2.1.

5.0
2019-09-16 CVE-2019-0207 Apache Path Traversal vulnerability in Apache Tapestry

Tapestry processes assets `/assets/ctx` using classes chain `StaticFilesFilter -> AssetDispatcher -> ContextResource`, which doesn't filter the character `\`, so attacker can perform a path traversal attack to read any files on Windows platform.

5.0
2019-09-16 CVE-2019-16353 Geautomation Improper Input Validation vulnerability in Geautomation Proficy 8.0

Emerson GE Automation Proficy Machine Edition 8.0 allows an access violation and application crash via crafted traffic from a remote device, as demonstrated by an RX7i device.

5.0
2019-09-16 CVE-2016-10966 Creativeinteractivemedia Path Traversal vulnerability in Creativeinteractivemedia Real3D Flipbook 1.0

The real3d-flipbook-lite plugin 1.0 for WordPress has bookName=../ directory traversal for file upload.

5.0
2019-09-16 CVE-2016-10958 Estatik Unrestricted Upload of File with Dangerous Type vulnerability in Estatik

The estatik plugin before 2.3.0 for WordPress has unauthenticated arbitrary file upload via es_media_images[] to wp-admin/admin-ajax.php.

5.0
2019-09-16 CVE-2016-10956 Mail Masta Project Improper Input Validation vulnerability in Mail-Masta Project Mail-Masta 1.0

The mail-masta plugin 1.0 for WordPress has local file inclusion in count_of_send.php and csvexport.php.

5.0
2019-09-16 CVE-2019-11166 Intel Incorrect Permission Assignment for Critical Resource vulnerability in Intel Easy Streaming Wizard

Improper file permissions in the installer for Intel(R) Easy Streaming Wizard before version 2.1.0731 may allow an authenticated user to potentially enable escalation of privilege via local attack.

4.6
2019-09-21 CVE-2019-16678 Yzmcms Cross-Site Request Forgery (CSRF) vulnerability in Yzmcms 5.3

admin/urlrule/add.html in YzmCMS 5.3 allows CSRF with a resultant denial of service by adding a superseding route.

4.3
2019-09-21 CVE-2019-16665 Thinksaas Cross-site Scripting vulnerability in Thinksaas 2.91

An issue was discovered in ThinkSAAS 2.91.

4.3
2019-09-21 CVE-2019-16657 Tuzicms Cross-site Scripting vulnerability in Tuzicms 2.0.6

TuziCMS 2.0.6 has XSS via the PATH_INFO to a group URI, as demonstrated by index.php/article/group/id/2/.

4.3
2019-09-20 CVE-2018-17789 Prospecta Cross-Site Request Forgery (CSRF) vulnerability in Prospecta Master Data Online

Prospecta Master Data Online (MDO) allows CSRF.

4.3
2019-09-20 CVE-2018-11200 Acquia Cross-site Scripting vulnerability in Acquia Mautic 2.13.1

An issue was discovered in Mautic 2.13.1.

4.3
2019-09-20 CVE-2019-16534 Draytek Cross-site Scripting vulnerability in Draytek Vigor2925 Firmware 3.8.4.3

On DrayTek Vigor2925 devices with firmware 3.8.4.3, XSS exists via a crafted WAN name on the General Setup screen.

4.3
2019-09-20 CVE-2019-16533 Draytek Cross-site Scripting vulnerability in Draytek Vigor2925 Firmware 3.8.4.3

On DrayTek Vigor2925 devices with firmware 3.8.4.3, Incorrect Access Control exists in loginset.htm, and can be used to trigger XSS.

4.3
2019-09-20 CVE-2015-9408 Cyberseo Cross-Site Request Forgery (CSRF) vulnerability in Cyberseo Xpinner Lite 2.2

The xpinner-lite plugin through 2.2 for WordPress has wp-admin/options-general.php CSRF with resultant XSS.

4.3
2019-09-20 CVE-2015-9407 Cyberseo Cross-site Scripting vulnerability in Cyberseo Xpinner Lite 2.2

The xpinner-lite plugin through 2.2 for WordPress has xpinner-lite.php XSS.

4.3
2019-09-20 CVE-2015-9405 WP Piwik Project Cross-site Scripting vulnerability in Wp-Piwik Project Wp-Piwik

The wp-piwik plugin before 1.0.5 for WordPress has XSS.

4.3
2019-09-20 CVE-2015-9404 Neuvoo Cross-site Scripting vulnerability in Neuvoo Neuvoo-Jobroll 2.0

The neuvoo-jobroll plugin 2.0 for WordPress has neuvoo_keywords XSS.

4.3
2019-09-20 CVE-2015-9403 Neuvoo Cross-site Scripting vulnerability in Neuvoo Neuvoo-Jobroll 2.0

The neuvoo-jobroll plugin 2.0 for WordPress has neuvoo_location XSS.

4.3
2019-09-20 CVE-2015-9396 Attosoft Cross-site Scripting vulnerability in Attosoft Auto Thickbox Plus 1.9

The auto-thickbox-plus plugin through 1.9 for WordPress has wp-content/plugins/auto-thickbox-plus/download.min.php?file= XSS.

4.3
2019-09-20 CVE-2016-11013 Agentevolution Cross-site Scripting vulnerability in Agentevolution Impress Listings

The wp-listings plugin before 2.0.2 for WordPress has includes/views/single-listing.php XSS.

4.3
2019-09-20 CVE-2016-11005 Elfsight Cross-site Scripting vulnerability in Elfsight Instalinker

The instalinker plugin before 1.1.2 for WordPress has includes/instalinker-admin-preview.php?client_id= XSS.

4.3
2019-09-20 CVE-2016-11001 Plugin Planet Cross-site Scripting vulnerability in Plugin-Planet User Submitted Posts

The user-submitted-posts plugin before 20160215 for WordPress has XSS via the user-submitted-content field.

4.3
2019-09-20 CVE-2016-10999 Momizat Cross-site Scripting vulnerability in Momizat Goodnews 20160228

The Goodnews theme through 2016-02-28 for WordPress has XSS via the s parameter.

4.3
2019-09-20 CVE-2016-10998 Ocimscripts Cross-site Scripting vulnerability in Ocimscripts Ocim-Mp3 20160307

The ocim-mp3 plugin through 2016-03-07 for WordPress has wp-content/plugins/ocim-mp3/source/pages.php?id= XSS.

4.3
2019-09-20 CVE-2016-10997 Yourinspirationweb Cross-Site Request Forgery (CSRF) vulnerability in Yourinspirationweb Beauty-Premium 1.0.8

The beauty-premium theme 1.0.8 for WordPress has CSRF with resultant arbitrary file upload in includes/sendmail.php.

4.3
2019-09-20 CVE-2015-9391 Ostenta Cross-site Scripting vulnerability in Ostenta Yawpp

The yawpp plugin through 1.2.2 for WordPress has XSS via the field1 parameter.

4.3
2019-09-20 CVE-2015-9388 Mtouch Quiz Project Cross-Site Request Forgery (CSRF) vulnerability in Mtouch Quiz Project Mtouch Quiz

The mtouch-quiz plugin before 3.1.3 for WordPress has wp-admin/edit.php CSRF with resultant XSS.

4.3
2019-09-20 CVE-2015-9387 Mtouch Quiz Project Cross-Site Request Forgery (CSRF) vulnerability in Mtouch Quiz Project Mtouch Quiz

The mtouch-quiz plugin before 3.1.3 for WordPress has wp-admin/options-general.php CSRF.

4.3
2019-09-20 CVE-2015-9386 Mtouch Quiz Project Cross-site Scripting vulnerability in Mtouch Quiz Project Mtouch Quiz

The mtouch-quiz plugin before 3.1.3 for WordPress has XSS via the quiz parameter during a Quiz Manage operation.

4.3
2019-09-20 CVE-2015-9385 Bestwebsoft Cross-site Scripting vulnerability in Bestwebsoft Quotes and Tips

The quotes-and-tips plugin before 1.20 for WordPress has XSS.

4.3
2019-09-20 CVE-2015-9384 Bestwebsoft Cross-site Scripting vulnerability in Bestwebsoft Relevant

The relevant plugin before 1.0.8 for WordPress has XSS.

4.3
2019-09-20 CVE-2019-15086 Prise Cross-site Scripting vulnerability in Prise Adas 1.7.0

An issue was discovered in PRiSE adAS 1.7.0.

4.3
2019-09-20 CVE-2019-14915 Prise Cross-site Scripting vulnerability in Prise Adas 1.7.0

An issue was discovered in PRiSE adAS 1.7.0.

4.3
2019-09-20 CVE-2019-14911 Prise Cross-site Scripting vulnerability in Prise Adas 1.7.0

An issue was discovered in PRiSE adAS 1.7.0.

4.3
2019-09-19 CVE-2019-16525 Checklist Cross-site Scripting vulnerability in Checklist

An XSS issue was discovered in the checklist plugin before 1.1.9 for WordPress.

4.3
2019-09-19 CVE-2019-14994 Atlassian Path Traversal vulnerability in Atlassian Jira Service Desk

The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before version 3.9.16, from version 3.10.0 before version 3.16.8, from version 4.0.0 before version 4.1.3, from version 4.2.0 before version 4.2.5, from version 4.3.0 before version 4.3.4, and version 4.4.0 allows remote attackers with portal access to view arbitrary issues in Jira Service Desk projects via a path traversal vulnerability.

4.3
2019-09-18 CVE-2019-3740 RSA Information Exposure vulnerability in RSA Bsafe Cert-J, Bsafe Crypto-J and Bsafe Ssl-J

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation.

4.3
2019-09-18 CVE-2019-3739 RSA Information Exposure Through Discrepancy vulnerability in RSA Bsafe Cert-J, Bsafe Crypto-J and Bsafe Ssl-J

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation.

4.3
2019-09-18 CVE-2019-3738 RSA Improper Verification of Cryptographic Signature vulnerability in RSA Bsafe Cert-J, Bsafe Crypto-J and Bsafe Ssl-J

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability.

4.3
2019-09-18 CVE-2019-1975 Cisco Cross-site Scripting vulnerability in Cisco products

A vulnerability in the web-based interface of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS) attack on an affected device.

4.3
2019-09-18 CVE-2016-10994 Truemag Theme Project Cross-site Scripting vulnerability in Truemag Theme Project Truemag Theme 2016Q2

The Truemag theme 2016 Q2 for WordPress has XSS via the s parameter.

4.3
2019-09-17 CVE-2019-16392 Spip Cross-site Scripting vulnerability in Spip

SPIP before 3.1.11 and 3.2 before 3.2.5 allows prive/formulaires/login.php XSS via error messages.

4.3
2019-09-17 CVE-2019-6833 Schneider Electric Improper Check for Unusual or Exceptional Conditions vulnerability in Schneider-Electric products

A CWE-754 – Improper Check for Unusual or Exceptional Conditions vulnerability exists in Magelis HMI Panels (all versions of - HMIGTO, HMISTO, XBTGH, HMIGTU, HMIGTUX, HMISCU, HMISTU, XBTGT, XBTGT, HMIGXO, HMIGXU), which could cause a temporary freeze of the HMI when a high rate of frames is received.

4.3
2019-09-17 CVE-2019-4171 IBM Missing Encryption of Sensitive Data vulnerability in IBM Cognos Controller

IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 does not set the secure attribute on authorization tokens or session cookies.

4.3
2019-09-17 CVE-2019-4086 IBM Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Application Performance Management 8.1.4

IBM Cloud Application Performance Management 8.1.4 could allow a remote attacker to hijack the clicking action of the victim.

4.3
2019-09-17 CVE-2019-11559 Hrworks Cross-site Scripting vulnerability in Hrworks 1.16.1

A reflected Cross-site scripting (XSS) vulnerability in HRworks V 1.16.1 allows remote attackers to inject arbitrary web script or HTML via the URL parameter to the Login component.

4.3
2019-09-17 CVE-2016-10992 Codepeople Cross-site Scripting vulnerability in Codepeople Music Store

The music-store plugin before 1.0.43 for WordPress has XSS via the wp-admin/admin.php?page=music-store-menu-reports from_year parameter.

4.3
2019-09-17 CVE-2016-10990 Wpcerber Cross-site Scripting vulnerability in Wpcerber Cerber Security Antispam & Malware Scan 2.0.1.6

The wp-cerber plugin before 2.7 for WordPress has XSS via the X-Forwarded-For HTTP header.

4.3
2019-09-17 CVE-2016-10988 Leenk Cross-site Scripting vulnerability in Leenk Leenk.Me

The leenkme plugin before 2.6.0 for WordPress has stored XSS via facebook_message, facebook_linkname, facebook_caption, facebook_description, default_image, or _wp_http_referer.

4.3
2019-09-17 CVE-2016-10987 Woocommerce Cross-site Scripting vulnerability in Woocommerce Persian Woocommerce SMS

The persian-woocommerce-sms plugin before 3.3.4 for WordPress has ps_sms_numbers XSS.

4.3
2019-09-17 CVE-2016-10986 Nerdcow Cross-site Scripting vulnerability in Nerdcow Tweet Wheel

The tweet-wheel plugin before 1.0.3.3 for WordPress has XSS via consumer_key, consumer_secret, access_token, and access_token_secret.

4.3
2019-09-17 CVE-2016-10985 Smackcoders Cross-site Scripting vulnerability in Smackcoders Echo Sign 1.0.0/1.1.0

The echosign plugin before 1.2 for WordPress has XSS via the templates/add_templates.php id parameter.

4.3
2019-09-17 CVE-2016-10984 Smackcoders Cross-site Scripting vulnerability in Smackcoders Echo Sign 1.0.0/1.1.0

The echosign plugin before 1.2 for WordPress has XSS via the inc.php page parameter.

4.3
2019-09-17 CVE-2016-10981 Kentothemes Cross-site Scripting vulnerability in Kentothemes Kento-Post-View-Counter

The kento-post-view-counter plugin through 2.8 for WordPress has stored XSS via kento_pvc_numbers_lang, kento_pvc_today_text, or kento_pvc_total_text.

4.3
2019-09-17 CVE-2016-10980 Kentothemes Cross-site Scripting vulnerability in Kentothemes Kento-Post-View-Counter

The kento-post-view-counter plugin through 2.8 for WordPress has XSS via kento_pvc_geo.

4.3
2019-09-17 CVE-2016-10979 Fossura Cross-site Scripting vulnerability in Fossura TAG Miner

The fossura-tag-miner plugin before 1.1.5 for WordPress has XSS.

4.3
2019-09-17 CVE-2016-10976 Kodebyraaet Cross-site Scripting vulnerability in Kodebyraaet Safe Editor 1.0/1.1

The safe-editor plugin before 1.2 for WordPress has no se_save authentication, with resultant XSS.

4.3
2019-09-17 CVE-2016-10975 Tonjoostudio Cross-site Scripting vulnerability in Tonjoostudio Fluid-Responsive-Slideshow

The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has reflected XSS via the skin parameter.

4.3
2019-09-16 CVE-2019-8368 Open EMR Cross-site Scripting vulnerability in Open-Emr Openemr 5.0.16

OpenEMR v5.0.1-6 allows XSS.

4.3
2019-09-16 CVE-2019-16370 Gradle Improper Input Validation vulnerability in Gradle

The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an attacker to replace an artifact with a different one that has the same SHA-1 message digest, a related issue to CVE-2005-4900.

4.3
2019-09-16 CVE-2019-15739 Gitlab Cross-site Scripting vulnerability in Gitlab

An issue was discovered in GitLab Community and Enterprise Edition 8.1 through 12.2.1.

4.3
2019-09-16 CVE-2019-15724 Gitlab Cross-site Scripting vulnerability in Gitlab

An issue was discovered in GitLab Community and Enterprise Edition 11.10 through 12.2.1.

4.3
2019-09-16 CVE-2019-13140 Intenogroup Information Exposure Through Discrepancy vulnerability in Intenogroup Eg200 Firmware Eg200Wu7P1Uadamo3.16.41902261650

Inteno EG200 EG200-WU7P1U_ADAMO3.16.4-190226_1650 routers have a JUCI ACL misconfiguration that allows the "user" account to extract the 3DES key via JSON commands to ubus.

4.3
2019-09-16 CVE-2016-10973 Brafton Cross-site Scripting vulnerability in Brafton

The Brafton plugin before 3.4.8 for WordPress has XSS via the wp-admin/admin.php?page=BraftonArticleLoader tab parameter to BraftonAdminPage.php.

4.3
2019-09-16 CVE-2019-15950 Redmineup Cross-site Scripting vulnerability in Redmineup CRM

The CRM Plugin before 4.2.4 for Redmine allows XSS via crafted vCard data.

4.3
2019-09-16 CVE-2019-16352 Ffjpeg Project Out-of-bounds Write vulnerability in Ffjpeg Project Ffjpeg

ffjpeg before 2019-08-21 has a heap-based buffer overflow in jfif_load() at jfif.c.

4.3
2019-09-16 CVE-2019-16351 Ffjpeg Project NULL Pointer Dereference vulnerability in Ffjpeg Project Ffjpeg

ffjpeg before 2019-08-18 has a NULL pointer dereference in huffman_decode_step() at huffman.c.

4.3
2019-09-16 CVE-2019-16350 Ffjpeg Project NULL Pointer Dereference vulnerability in Ffjpeg Project Ffjpeg

ffjpeg before 2019-08-18 has a NULL pointer dereference in idct2d8x8() at dct.c.

4.3
2019-09-16 CVE-2019-16349 Axiosys NULL Pointer Dereference vulnerability in Axiosys Bento4 1.5.1628

Bento4 1.5.1-628 has a NULL pointer dereference in AP4_ByteStream::ReadUI32 in Core/Ap4ByteStream.cpp when called from the AP4_TrunAtom class.

4.3
2019-09-16 CVE-2019-16348 Libwav Project NULL Pointer Dereference vulnerability in Libwav Project Libwav

marc-q libwav through 2017-04-20 has a NULL pointer dereference in gain_file() at wav_gain.c.

4.3
2019-09-16 CVE-2019-16197 Dolibarr Cross-site Scripting vulnerability in Dolibarr 10.0.1

In htdocs/societe/card.php in Dolibarr 10.0.1, the value of the User-Agent HTTP header is copied into the HTML document as plain text between tags, leading to XSS.

4.3
2019-09-16 CVE-2018-21017 Gpac Memory Leak vulnerability in Gpac 0.7.1

GPAC 0.7.1 has a memory leak in dinf_Read in isomedia/box_code_base.c.

4.3
2019-09-16 CVE-2018-21016 Gpac Out-of-bounds Read vulnerability in Gpac 0.7.1

audio_sample_entry_AddBox() at isomedia/box_code_base.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.

4.3
2019-09-16 CVE-2018-21015 Gpac NULL Pointer Dereference vulnerability in Gpac 0.7.1

AVC_DuplicateConfig() at isomedia/avc_ext.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.

4.3
2019-09-16 CVE-2016-10970 Supportflow Project Cross-site Scripting vulnerability in Supportflow Project Supportflow

The supportflow plugin before 0.7 for WordPress has XSS via a ticket excerpt.

4.3
2019-09-16 CVE-2016-10969 Supportflow Project Cross-site Scripting vulnerability in Supportflow Project Supportflow

The supportflow plugin before 0.7 for WordPress has XSS via a discussion ticket title.

4.3
2019-09-16 CVE-2016-10967 Creativeinteractivemedia Cross-site Scripting vulnerability in Creativeinteractivemedia Real3D Flipbook 1.0

The real3d-flipbook-lite plugin 1.0 for WordPress has XSS via the wp-content/plugins/real3d-flipbook/includes/flipbooks.php bookId parameter.

4.3
2019-09-16 CVE-2016-10964 Findshorty Cross-site Scripting vulnerability in Findshorty Dwnldr

The dwnldr plugin before 1.01 for WordPress has XSS via the User-Agent HTTP header.

4.3
2019-09-16 CVE-2016-10963 Icegram Cross-site Scripting vulnerability in Icegram

The icegram plugin before 1.9.19 for WordPress has XSS.

4.3
2019-09-16 CVE-2016-10962 Icegram Cross-Site Request Forgery (CSRF) vulnerability in Icegram

The icegram plugin before 1.9.19 for WordPress has CSRF via the wp-admin/edit.php option_name parameter.

4.3
2019-09-16 CVE-2016-10961 Inkthemes Cross-site Scripting vulnerability in Inkthemes Colorway

The colorway theme before 3.4.2 for WordPress has XSS via the contactName parameter.

4.3
2019-09-16 CVE-2016-10957 Akal Project Cross-site Scripting vulnerability in Akal Project Akal 20160822

The Akal theme through 2016-08-22 for WordPress has XSS via the framework/brad-shortcodes/tinymce/preview.php sc parameter.

4.3
2019-09-21 CVE-2019-16679 Gilacms Path Traversal vulnerability in Gilacms Gila CMS

Gila CMS before 1.11.1 allows admin/fm/?f=../ directory traversal, leading to Local File Inclusion.

4.0
2019-09-20 CVE-2019-11327 Topcon Path Traversal vulnerability in Topcon Net-G5 Firmware 5.2.2

An issue was discovered on Topcon Positioning Net-G5 GNSS Receiver devices with firmware 5.2.2.

4.0
2019-09-20 CVE-2016-11011 Usabilitydynamics Improper Privilege Management vulnerability in Usabilitydynamics Wp-Invoice

The wp-invoice plugin before 4.1.1 for WordPress has wpi_update_user_option privilege escalation.

4.0
2019-09-20 CVE-2015-9390 Admin Management Xtended Project Improper Privilege Management vulnerability in Admin Management Xtended Project Admin Management Xtended

The admin-management-xtended plugin before 2.4.0.1 for WordPress has privilege escalation because wp_ajax functions are mishandled.

4.0
2019-09-20 CVE-2019-14916 Prise Unrestricted Upload of File with Dangerous Type vulnerability in Prise Adas 1.7.0

An issue was discovered in PRiSE adAS 1.7.0.

4.0
2019-09-19 CVE-2019-15033 Pydio Server-Side Request Forgery (SSRF) vulnerability in Pydio 6.0.8

Pydio 6.0.8 allows Authenticated SSRF during a Remote Link Feature download.

4.0
2019-09-19 CVE-2019-11779 Eclipse Improper Check for Unusual or Exceptional Conditions vulnerability in Eclipse Mosquitto

In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE packet containing a topic that consists of approximately 65400 or more '/' characters, i.e.

4.0
2019-09-18 CVE-2019-3756 RSA Information Exposure vulnerability in RSA Archer

RSA Archer, versions prior to 6.6 P3 (6.6.0.3), contain an information disclosure vulnerability.

4.0
2019-09-18 CVE-2019-11664 Microfocus Insufficiently Protected Credentials vulnerability in Microfocus Service Manager

Clear text password in browser in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62.

4.0
2019-09-18 CVE-2019-11663 Microfocus Insufficiently Protected Credentials vulnerability in Microfocus Service Manager

Clear text credentials are used to access managers app in Tomcat in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62.

4.0
2019-09-18 CVE-2019-11662 Microfocus Information Exposure Through an Error Message vulnerability in Microfocus Service Manager

Class and method names in error message in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62.

4.0
2019-09-18 CVE-2019-5534 Vmware Insufficiently Protected Credentials vulnerability in VMWare Vcenter Server 6.0/6.5/6.7

VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j) contains an information disclosure vulnerability where Virtual Machines deployed from an OVF could expose login information via the virtual machine's vAppConfig properties.

4.0
2019-09-18 CVE-2019-5532 Vmware Information Exposure Through Log Files vulnerability in VMWare Vcenter Server 6.0/6.5/6.7

VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j) contains an information disclosure vulnerability due to the logging of credentials in plain-text for virtual machines deployed through OVF.

4.0
2019-09-18 CVE-2018-1847 IBM Path Traversal vulnerability in IBM Financial Transaction Manager FOR Multiplatform

IBM Financial Transaction Manager (FTM) for Multi-Platform (MP) v2.0.0.0 through 2.0.0.5, v2.1.0.0 through 2.1.0.4, v2.1.1.0 through 2.1.1.4, and v3.0.0.0 through 3.0.0.8 could allow a remote attacker to traverse directories on the system.

4.0
2019-09-18 CVE-2019-16215 Zulip Resource Exhaustion vulnerability in Zulip Server

The Markdown parser in Zulip server before 2.0.5 used a regular expression vulnerable to exponential backtracking.

4.0
2019-09-17 CVE-2019-16391 Spip Unspecified vulnerability in Spip

SPIP before 3.1.11 and 3.2 before 3.2.5 allows authenticated visitors to modify any published content and execute other modifications in the database.

4.0
2019-09-17 CVE-2019-4477 IBM Improper Privilege Management vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a user with access to audit logs to obtain sensitive information, caused by improper handling of command line options.

4.0
2019-09-17 CVE-2019-4442 IBM Path Traversal vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9,0 could allow a remote attacker to traverse directories on the file system.

4.0
2019-09-17 CVE-2019-13542 Codesys NULL Pointer Dereference vulnerability in Codesys products

3S-Smart Software Solutions GmbH CODESYS V3 OPC UA Server, all versions 3.5.11.0 to 3.5.15.0, allows an attacker to send crafted requests from a trusted OPC UA client that cause a NULL pointer dereference, which may trigger a denial-of-service condition.

4.0
2019-09-17 CVE-2016-10983 Ghost Improper Authentication vulnerability in Ghost

The ghost plugin before 0.5.6 for WordPress has no access control for wp-admin/tools.php?ghostexport=true downloads of exported data.

4.0
2019-09-17 CVE-2016-10977 Neliosoftware Path Traversal vulnerability in Neliosoftware Nelio AB Testing

The nelio-ab-testing plugin before 4.5.0 for WordPress has filename=..%2f directory traversal.

4.0
2019-09-16 CVE-2019-15734 Gitlab Information Exposure vulnerability in Gitlab

An issue was discovered in GitLab Community and Enterprise Edition 8.6 through 12.2.1.

4.0
2019-09-16 CVE-2019-15733 Gitlab Information Exposure vulnerability in Gitlab

An issue was discovered in GitLab Community and Enterprise Edition 7.12 through 12.2.1.

4.0
2019-09-16 CVE-2016-10959 Estatik Unrestricted Upload of File with Dangerous Type vulnerability in Estatik

The estatik plugin before 2.3.1 for WordPress has authenticated arbitrary file upload (exploitable with CSRF) via es_media_images[] to wp-admin/admin-ajax.php.

4.0

23 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-09-21 CVE-2019-16664 Thinksaas Cross-site Scripting vulnerability in Thinksaas 2.91

An issue was discovered in ThinkSAAS 2.91.

3.5
2019-09-21 CVE-2019-16661 Digimute Cross-site Scripting vulnerability in Digimute Ogma CMS 0.5

Ogma CMS 0.5 has XSS via creation of a new blog.

3.5
2019-09-20 CVE-2019-16643 Zrlog Cross-site Scripting vulnerability in Zrlog 2.0.1

An issue was discovered in ZrLog 2.1.1.

3.5
2019-09-20 CVE-2015-9401 Websimon Tables Project Cross-site Scripting vulnerability in Websimon-Tables Project Websimon-Tables 1.3.4

The websimon-tables plugin through 1.3.4 for WordPress has wp-admin/tools.php edit_style id XSS.

3.5
2019-09-20 CVE-2015-9397 Webmaster Source Cross-site Scripting vulnerability in Webmaster-Source Gocodes 1.3.5

The gocodes plugin through 1.3.5 for WordPress has wp-admin/tools.php deletegc XSS.

3.5
2019-09-20 CVE-2015-9393 Usersultra Cross-site Scripting vulnerability in Usersultra Users Ultra Membership 1.5.59

The users-ultra plugin before 1.5.63 for WordPress has XSS via the p_desc parameter.

3.5
2019-09-20 CVE-2015-9392 Usersultra Cross-site Scripting vulnerability in Usersultra Users Ultra Membership 1.5.59

The users-ultra plugin before 1.5.63 for WordPress has XSS via the p_name parameter.

3.5
2019-09-20 CVE-2016-11012 Solaplugins Cross-site Scripting vulnerability in Solaplugins Sola Support Tickets

The sola-support-tickets plugin before 3.13 for WordPress has incorrect access control for /wp-admin with resultant XSS.

3.5
2019-09-20 CVE-2015-9389 Mtouch Quiz Project Cross-site Scripting vulnerability in Mtouch Quiz Project Mtouch Quiz

The mtouch-quiz plugin before 3.1.3 for WordPress has XSS via a quiz name.

3.5
2019-09-20 CVE-2019-14913 Prise Cross-site Scripting vulnerability in Prise Adas 1.7.0

An issue was discovered in PRiSE adAS 1.7.0.

3.5
2019-09-18 CVE-2019-16216 Zulip Cross-site Scripting vulnerability in Zulip Server

Zulip server before 2.0.5 incompletely validated the MIME types of uploaded files.

3.5
2019-09-17 CVE-2019-6835 Schneider Electric Cross-site Scripting vulnerability in Schneider-Electric products

A Cross-Site Scripting (XSS) CWE-79 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow an attacker to inject client-side script when a user visits a web page.

3.5
2019-09-17 CVE-2019-4342 IBM Cross-site Scripting vulnerability in IBM Cognos Analytics 11.0.0/11.1.0

IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting.

3.5
2019-09-17 CVE-2019-4271 IBM Improper Input Validation vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin console is vulnerable to a Client-side HTTP parameter pollution vulnerability.

3.5
2019-09-17 CVE-2019-4270 IBM Cross-site Scripting vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console is vulnerable to cross-site scripting.

3.5
2019-09-17 CVE-2016-10993 Scoreme Project Cross-site Scripting vulnerability in Scoreme Project Scoreme 20160401

The ScoreMe theme through 2016-04-01 for WordPress has XSS via the s parameter.

3.5
2019-09-16 CVE-2019-11184 Intel Race Condition vulnerability in Intel products

A race condition in specific microprocessors using Intel (R) DDIO cache allocation and RDMA may allow an authenticated user to potentially enable partial information disclosure via adjacent access.

2.9
2019-09-21 CVE-2019-16681 Traveloka Cross-site Scripting vulnerability in Traveloka 3.14.0

The Traveloka application 3.14.0 for Android exports com.traveloka.android.activity.common.WebViewActivity, leading to the opening of arbitrary URLs, which can inject deceptive content into the UI.

2.6
2019-09-21 CVE-2019-16680 Gnome
Canonical
Debian
Redhat
Path Traversal vulnerability in multiple products

An issue was discovered in GNOME file-roller before 3.29.91.

2.6
2019-09-17 CVE-2019-14826 Freeipa
Redhat
Insufficient Session Expiration vulnerability in multiple products

A flaw was found in FreeIPA versions 4.5.0 and later.

2.1
2019-09-17 CVE-2019-12755 Symantec Information Exposure vulnerability in Symantec Norton Password Manager

Norton Password Manager, prior to 6.5.0.2104, may be susceptible to an information disclosure issue, which is a type of vulnerability whereby there is an unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.

2.1
2019-09-16 CVE-2019-16355 Beego Incorrect Default Permissions vulnerability in Beego 1.10.0

The File Session Manager in Beego 1.10.0 allows local users to read session files because of weak permissions for individual files.

2.1
2019-09-16 CVE-2019-16354 Beego Race Condition vulnerability in Beego 1.10.0

The File Session Manager in Beego 1.10.0 allows local users to read session files because there is a race condition involving file creation within a directory with weak permissions.

1.9