Weekly Vulnerabilities Reports > October 21 to 27, 2019

Overview

251 new vulnerabilities reported during this period, including 18 critical vulnerabilities and 47 high severity vulnerabilities. This weekly summary report vulnerabilities in 218 products from 107 vendors including Sandhillsdev, Easydigitaldownloads, Fusionpbx, Jenkins, and Adobe. Vulnerabilities are notably categorized as "Cross-site Scripting", "SQL Injection", "Cross-Site Request Forgery (CSRF)", "OS Command Injection", and "Path Traversal".

  • 226 reported vulnerabilities are remotely exploitables.
  • 5 reported vulnerabilities have public exploit available.
  • 153 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 200 reported vulnerabilities are exploitable by an anonymous user.
  • Sandhillsdev has the most reported vulnerabilities, with 32 reported vulnerabilities.
  • TP Link has the most reported critical vulnerabilities, with 6 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

18 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-10-25 CVE-2019-13553 Carel Use of Hard-coded Credentials vulnerability in Carel Pcoweb Firmware A1.5.3/A2.0.4/B1.2.4

Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4.

10.0
2019-10-25 CVE-2019-14451 Repetier Server Unrestricted Upload of File with Dangerous Type vulnerability in Repetier-Server

RepetierServer.exe in Repetier-Server 0.8 through 0.91 does not properly validate the XML data structure provided when uploading a new printer configuration.

10.0
2019-10-25 CVE-2013-4658 Linksys Path Traversal vulnerability in Linksys Ea6500 Firmware

Linksys EA6500 has SMB Symlink Traversal allowing symbolic links to be created to locations outside of the Samba share.

10.0
2019-10-24 CVE-2019-18200 Fujitsu Unspecified vulnerability in Fujitsu Lx390 Firmware

An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices.

10.0
2019-10-24 CVE-2019-13653 TP Link OS Command Injection vulnerability in Tp-Link M7350 Firmware 1.0.16

TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow triggerPort OS Command Injection (issue 5 of 5).

10.0
2019-10-24 CVE-2019-13652 TP Link OS Command Injection vulnerability in Tp-Link M7350 Firmware 1.0.16

TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow serviceName OS Command Injection (issue 4 of 5).

10.0
2019-10-24 CVE-2019-13651 TP Link OS Command Injection vulnerability in Tp-Link M7350 Firmware 1.0.16

TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow portMappingProtocol OS Command Injection (issue 3 of 5).

10.0
2019-10-24 CVE-2019-13650 TP Link OS Command Injection vulnerability in Tp-Link M7350 Firmware 1.0.16

TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow internalPort OS Command Injection (issue 2 of 5).

10.0
2019-10-24 CVE-2019-13649 TP Link OS Command Injection vulnerability in Tp-Link M7350 Firmware 1.0.16

TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow externalPort OS Command Injection (issue 1 of 5).

10.0
2019-10-23 CVE-2019-8237 Adobe Use of a Broken or Risky Cryptographic Algorithm vulnerability in Adobe Acrobat DC

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an insufficiently robust encryption vulnerability.

10.0
2019-10-25 CVE-2013-4857 Dlink XML Injection (aka Blind XPath Injection) vulnerability in Dlink Dir-865L Firmware

D-Link DIR-865L has PHP File Inclusion in the router xml file.

9.8
2019-10-24 CVE-2019-18413 Typestack Class Validator Project SQL Injection vulnerability in Typestack Class-Validator Project Typestack Class-Validator 0.10.2

In TypeStack class-validator 0.10.2, validate() input validation can be bypassed because certain internal attributes can be overwritten via a conflicting name.

9.8
2019-10-21 CVE-2019-18224 GNU Out-of-bounds Write vulnerability in GNU Libidn2

idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string.

9.8
2019-10-25 CVE-2019-5114 Youphptube SQL Injection vulnerability in Youphptube 7.6

An exploitable SQL injection vulnerability exists in the authenticated portion of YouPHPTube 7.6.

9.3
2019-10-25 CVE-2013-4848 TP Link Cross-Site Request Forgery (CSRF) vulnerability in Tp-Link Tl-Wdr4300 Firmware 3.13.31

TP-Link TL-WDR4300 version 3.13.31 has multiple CSRF vulnerabilities.

9.3
2019-10-25 CVE-2016-5202 Google Incorrect Permission Assignment for Critical Resource vulnerability in Google Chrome

browser/extensions/api/dial/dial_registry.cc in Google Chrome before 54.0.2840.98 on macOS, before 54.0.2840.99 on Windows, and before 54.0.2840.100 on Linux neglects to copy a device ID before an erase() call, which causes the erase operation to access data that that erase operation will destroy.

9.1
2019-10-21 CVE-2019-16964 Fusionpbx OS Command Injection vulnerability in Fusionpbx

app/call_centers/cmd.php in the Call Center Queue Module in FusionPBX up to 4.5.7 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated attackers (with at least the permission call_center_queue_add or call_center_queue_edit) to execute any commands on the host as www-data.

9.0
2019-10-21 CVE-2019-16530 Sonatype Unrestricted Upload of File with Dangerous Type vulnerability in Sonatype Nexus IQ Server

Sonatype Nexus Repository Manager 2.x before 2.14.15 and 3.x before 3.19, and IQ Server before 72, has remote code execution.

9.0

47 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-10-25 CVE-2013-4855 Dlink Path Traversal vulnerability in Dlink Dir-865L Firmware

D-Link DIR-865L has SMB Symlink Traversal due to misconfiguration in the SMB service allowing symbolic links to be created to locations outside of the Samba share.

8.8
2019-10-23 CVE-2019-10471 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Libvirt Slaves

A cross-site request forgery vulnerability in Jenkins Libvirt Slaves Plugin allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

8.8
2019-10-23 CVE-2019-10468 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Kubernetes CI

A cross-site request forgery vulnerability in Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

8.8
2019-10-23 CVE-2019-10464 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Deploy Weblogic

A cross-site request forgery vulnerability in Jenkins Deploy WebLogic Plugin allows attackers to connect to an attacker-specified URL using attacker-specified credentials, or determine whether a file or directory with an attacker-specified path exists on the Jenkins master file system.

8.8
2019-10-21 CVE-2019-16980 Fusionpbx SQL Injection vulnerability in Fusionpbx

In FusionPBX up to v4.5.7, the file app\call_broadcast\call_broadcast_edit.php uses an unsanitized "id" variable coming from the URL in an unparameterized SQL query, leading to SQL injection.

8.8
2019-10-23 CVE-2019-10466 Jenkins XXE vulnerability in Jenkins 360 Fireline

An XML external entities (XXE) vulnerability in Jenkins 360 FireLine Plugin allows attackers with Overall/Read access to have Jenkins resolve external entities, resulting in the extraction of secrets from the Jenkins agent, server-side request forgery, or denial-of-service attacks.

8.1
2019-10-23 CVE-2019-10462 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Dynatrace Application Monitoring

A cross-site request forgery vulnerability in Jenkins Dynatrace Application Monitoring Plugin 2.1.3 and earlier allowed attackers to connect to an attacker-specified URL using attacker-specified credentials.

8.1
2019-10-21 CVE-2019-17498 Libssh2
Fedoraproject
Opensuse
Debian
Netapp
Integer Overflow or Wraparound vulnerability in multiple products

In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read.

8.1
2019-10-23 CVE-2013-7333 Projectfloodlight Improper Input Validation vulnerability in Projectfloodlight Open SDN Controller 0.90

A vulnerability in version 0.90 of the Open Floodlight SDN controller software could allow an attacker with access to the OpenFlow control network to selectively disconnect individual switches from the SDN controller, causing degradation and eventually denial of network access to all devices connected to the targeted switch.

7.8
2019-10-23 CVE-2019-10476 Jenkins Insufficiently Protected Credentials vulnerability in Jenkins Zulip

Jenkins Zulip Plugin 1.1.0 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system.

7.8
2019-10-23 CVE-2019-10461 Jenkins Insufficiently Protected Credentials vulnerability in Jenkins Dynatrace Application Monitoring

Jenkins Dynatrace Application Monitoring Plugin 2.1.3 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system.

7.8
2019-10-23 CVE-2019-10460 Jenkins Insufficiently Protected Credentials vulnerability in Jenkins Bitbucket Oauth

Jenkins Bitbucket OAuth Plugin 0.9 and earlier stored credentials unencrypted in the global config.xml configuration file on the Jenkins master where they could be viewed by users with access to the master file system.

7.8
2019-10-21 CVE-2019-9491 Trendmicro Uncontrolled Search Path Element vulnerability in Trendmicro Anti-Threat Toolkit 1.62.0.1218

Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below have a vulnerability that may allow an attacker to place malicious files in the same directory, potentially leading to arbitrary remote code execution (RCE) when executed.

7.8
2019-10-21 CVE-2019-18218 File Project
Debian
Opensuse
Netapp
Fedoraproject
Canonical
Out-of-bounds Write vulnerability in multiple products

cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write).

7.8
2019-10-25 CVE-2017-14742 Labf Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Labf Nfsaxe 3.7

Buffer overflow in LabF nfsAxe FTP client 3.7 allows an attacker to execute code remotely.

7.5
2019-10-25 CVE-2019-5129 Youphptube OS Command Injection vulnerability in Youphptube Encoder 2.3

A command injection have been found in YouPHPTube Encoder.

7.5
2019-10-25 CVE-2019-5128 Youphptube OS Command Injection vulnerability in Youphptube Encoder 2.3

A command injection have been found in YouPHPTube Encoder.

7.5
2019-10-25 CVE-2019-5127 Youphptube OS Command Injection vulnerability in Youphptube Encoder 2.3

A command injection have been found in YouPHPTube Encoder.

7.5
2019-10-25 CVE-2019-16265 Codesys Out-of-bounds Write vulnerability in Codesys and ENI Server

CODESYS V2.3 ENI server up to V3.2.2.24 has a Buffer Overflow.

7.5
2019-10-25 CVE-2019-8088 Adobe Command Injection vulnerability in Adobe Experience Manager

Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a command injection vulnerability.

7.5
2019-10-25 CVE-2016-2359 Milesight Improper Authentication vulnerability in Milesight IP Security Camera Firmware

Milesight IP security cameras through 2016-11-14 allow remote attackers to bypass authentication and access a protected resource by simultaneously making a request for the unprotected vb.htm resource.

7.5
2019-10-25 CVE-2016-2356 Milesight Classic Buffer Overflow vulnerability in Milesight IP Security Camera Firmware

Milesight IP security cameras through 2016-11-14 have a buffer overflow in a web application via a long username or password.

7.5
2019-10-25 CVE-2015-0270 Zend SQL Injection vulnerability in Zend Framework

Zend Framework before 2.2.10 and 2.3.x before 2.3.5 has Potential SQL injection in PostgreSQL Zend\Db adapter.

7.5
2019-10-24 CVE-2019-17596 Golang
Debian
Fedoraproject
Redhat
Opensuse
Arista
Interpretation Conflict vulnerability in multiple products

Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key.

7.5
2019-10-24 CVE-2019-18418 Clonos Session Fixation vulnerability in Clonos 19.09

clonos.php in ClonOS WEB control panel 19.09 allows remote attackers to gain full access via change password requests because there is no session management.

7.5
2019-10-24 CVE-2019-12017 Mapr Deserialization of Untrusted Data vulnerability in Mapr

A remote code execution vulnerability exists in MapR CLDB code, specifically in the JSON framework that is used in the CLDB code that handles login and ticket issuance.

7.5
2019-10-24 CVE-2019-18408 Libarchive
Debian
Canonical
Use After Free vulnerability in multiple products

archive_read_format_rar_read_data in archive_read_support_format_rar.c in libarchive before 3.4.0 has a use-after-free in a certain ARCHIVE_FAILED situation, related to Ppmd7_DecodeSymbol.

7.5
2019-10-24 CVE-2019-18394 Igniterealtime Server-Side Request Forgery (SSRF) vulnerability in Igniterealtime Openfire

A Server Side Request Forgery (SSRF) vulnerability in FaviconServlet.java in Ignite Realtime Openfire through 4.4.2 allows attackers to send arbitrary HTTP GET requests.

7.5
2019-10-23 CVE-2019-18387 Hotel AND Lodge Management System Project SQL Injection vulnerability in Hotel and Lodge Management System Project Hotel and Lodge Management System 1.0

Sourcecodester Hotel and Lodge Management System 1.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the id parameter to the edit page for Customer, Room, Currency, Room Booking Details, or Tax Details.

7.5
2019-10-23 CVE-2019-8236 Adobe Unspecified vulnerability in Adobe Creative Cloud

Creative Cloud Desktop Application version 4.6.1 and earlier versions have Security Bypass vulnerability.

7.5
2019-10-23 CVE-2019-18370 MI Improper Input Validation vulnerability in MI Millet Router 3G Firmware

An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable.

7.5
2019-10-23 CVE-2019-18355 Thycotic Server-Side Request Forgery (SSRF) vulnerability in Thycotic Secret Server

An SSRF issue was discovered in the legacy Web launcher in Thycotic Secret Server before 10.7.

7.5
2019-10-23 CVE-2019-11933 Libpl Droidsonroids GIF Project
Whatsapp
Out-of-bounds Write vulnerability in multiple products

A heap buffer overflow bug in libpl_droidsonroids_gif before 1.2.19, as used in WhatsApp for Android before version 2.19.291 could allow remote attackers to execute arbitrary code or cause a denial of service.

7.5
2019-10-23 CVE-2019-18344 Online Grading System Project SQL Injection vulnerability in Online Grading System Project Online Grading System 1.0

Sourcecodester Online Grading System 1.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the student, instructor, department, room, class, or user page (id or classid parameter).

7.5
2019-10-23 CVE-2019-18277 Haproxy HTTP Request Smuggling vulnerability in Haproxy

A flaw was found in HAProxy before 2.0.6.

7.5
2019-10-22 CVE-2015-9499 Themepunch Unrestricted Upload of File with Dangerous Type vulnerability in Themepunch Showbiz PRO 1.7.1

The Showbiz Pro plugin through 1.7.1 for WordPress has PHP code execution by uploading a .php file within a ZIP archive.

7.5
2019-10-22 CVE-2019-12290 GNU Improper Input Validation vulnerability in GNU Libidn2

GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels.

7.5
2019-10-22 CVE-2019-12148 Sangoma Argument Injection or Modification vulnerability in Sangoma Session Border Controller Firmware 2.3.23119Ga

The Sangoma Session Border Controller (SBC) 2.3.23-119 GA web interface is vulnerable to an authentication bypass via an argument injection vulnerability involving special characters in the username field.

7.5
2019-10-22 CVE-2019-10079 Apache Allocation of Resources Without Limits or Throttling vulnerability in Apache Traffic Server

Apache Traffic Server is vulnerable to HTTP/2 setting flood attacks.

7.5
2019-10-21 CVE-2019-18225 Citrix Unspecified vulnerability in Citrix products

An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway before 10.5 build 70.8, 11.x before 11.1 build 63.9, 12.0 before build 62.10, 12.1 before build 54.16, and 13.0 before build 41.28.

7.5
2019-10-21 CVE-2019-18217 Proftpd Infinite Loop vulnerability in Proftpd

ProFTPD before 1.3.6b and 1.3.7rc before 1.3.7rc2 allows remote unauthenticated denial-of-service due to incorrect handling of overly long commands because main.c in a child process enters an infinite loop.

7.5
2019-10-25 CVE-2019-13546 Philips Exposure of Resource to Wrong Sphere vulnerability in Philips Intellispace Perinatal K

In IntelliSpace Perinatal, Versions K and prior, a vulnerability within the IntelliSpace Perinatal application environment could enable an unauthorized attacker with physical access to a locked application screen, or an authorized remote desktop session host application user to break-out from the containment of the application and access unauthorized resources from the Windows operating system as the limited-access Windows user.

7.2
2019-10-24 CVE-2019-5013 Wacom Argument Injection or Modification vulnerability in Wacom Driver 6.3.323

An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3, update helper service in the start/stopLaunchDProcess command.

7.2
2019-10-24 CVE-2019-5012 Wacom Argument Injection or Modification vulnerability in Wacom Driver 6.3.323

An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3, update helper service in the startProcess command.

7.2
2019-10-24 CVE-2019-11021 Schlix Unrestricted Upload of File with Dangerous Type vulnerability in Schlix CMS 2.1.87

admin/app/mediamanager in Schlix CMS 2.1.8-7 allows Authenticated Unrestricted File Upload, leading to remote code execution.

7.2
2019-10-22 CVE-2019-4523 IBM Classic Buffer Overflow vulnerability in IBM DB2 High Performance Unload Load 6.1/6.5

IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges.

7.2
2019-10-21 CVE-2019-16965 Fusionpbx OS Command Injection vulnerability in Fusionpbx

resources/cmd.php in FusionPBX up to 4.5.7 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated administrative attackers to execute any commands on the host as www-data.

7.2

174 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-10-24 CVE-2019-18196 Teamviewer Untrusted Search Path vulnerability in Teamviewer

A DLL side loading vulnerability in the Windows Service in TeamViewer versions up to 11.0.133222 (fixed in 11.0.214397), 12.0.181268 (fixed in 12.0.214399), 13.2.36215 (fixed in 13.2.36216), and 14.6.4835 (fixed in 14.7.1965) on Windows could allow an attacker to perform code execution on a target system via a service restart where the DLL was previously installed with administrative privileges.

6.9
2019-10-24 CVE-2019-18199 Fujitsu Authentication Bypass by Capture-replay vulnerability in Fujitsu Lx390 Firmware

An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices.

6.9
2019-10-25 CVE-2019-17145 Foxitsoftware Out-of-bounds Write vulnerability in Foxitsoftware Phantompdf 9.6.0.25114

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114.

6.8
2019-10-25 CVE-2019-17144 Foxitsoftware Out-of-bounds Write vulnerability in Foxitsoftware Phantompdf 9.6.0.25114

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114.

6.8
2019-10-25 CVE-2019-17142 Foxitsoftware Use After Free vulnerability in Foxitsoftware Phantompdf 9.6.0.25114

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114.

6.8
2019-10-25 CVE-2019-17141 Foxitsoftware Use After Free vulnerability in Foxitsoftware Phantompdf 9.6.0.25114

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114.

6.8
2019-10-25 CVE-2019-17140 Foxitsoftware Use After Free vulnerability in Foxitsoftware Phantompdf 9.6.0.25114

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114.

6.8
2019-10-25 CVE-2019-17139 Foxitsoftware Out-of-bounds Write vulnerability in Foxitsoftware Foxit Reader

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723.

6.8
2019-10-24 CVE-2019-18414 Sourcecodester Cross-Site Request Forgery (CSRF) vulnerability in Sourcecodester Restaurant Management System 1.0

Sourcecodester Restaurant Management System 1.0 is affected by an admin/staff-exec.php Cross Site Request Forgery vulnerability due to a lack of CSRF protection.

6.8
2019-10-24 CVE-2019-12095 Horde Cross-Site Request Forgery (CSRF) vulnerability in Horde Groupware

Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 and other products, allows CSRF, as demonstrated by the treanBookmarkTags parameter to the trean/ URI on a webmail server.

6.8
2019-10-23 CVE-2019-18280 Online Grading System Project Cross-Site Request Forgery (CSRF) vulnerability in Online Grading System Project Online Grading System 1.0

Sourcecodester Online Grading System 1.0 is affected by a Cross Site Request Forgery vulnerability due to a lack of CSRF protection.

6.8
2019-10-23 CVE-2019-18220 Sitemagic Cross-Site Request Forgery (CSRF) vulnerability in Sitemagic 4.4.1

Sitemagic CMS 4.4.1 is affected by a Cross-Site-Request-Forgery (CSRF) issue as it doesn't implement any method to validate incoming requests, allowing the execution of critical functionalities via spoofed requests.

6.8
2019-10-22 CVE-2015-9498 Wpserveur Cross-Site Request Forgery (CSRF) vulnerability in Wpserveur WPS Hide Login 1.0

The wps-hide-login plugin before 1.1 for WordPress has CSRF that affects saving an option value.

6.8
2019-10-22 CVE-2015-9497 AD Inserter Project Cross-Site Request Forgery (CSRF) vulnerability in AD Inserter Project AD Inserter

The ad-inserter plugin before 1.5.3 for WordPress has CSRF with resultant XSS via wp-admin/options-general.php?page=ad-inserter.php.

6.8
2019-10-22 CVE-2019-17424 Nipper NG Project Out-of-bounds Write vulnerability in Nipper-Ng Project Nipper-Ng 0.11.10

A stack-based buffer overflow in the processPrivilage() function in IOS/process-general.c in nipper-ng 0.11.10 allows remote attackers (serving firewall configuration files) to achieve Remote Code Execution or Denial Of Service via a crafted file.

6.8
2019-10-25 CVE-2019-5123 Youphptube SQL Injection vulnerability in Youphptube 7.6

Specially crafted web requests can cause SQL injections in YouPHPTube 7.6.

6.5
2019-10-25 CVE-2019-5122 Youphptube SQL Injection vulnerability in Youphptube 7.6

SQL injection vulnerabilities exists in the authenticated part of YouPHPTube 7.6.

6.5
2019-10-25 CVE-2019-5121 Youphptube SQL Injection vulnerability in Youphptube 7.6

SQL injection vulnerabilities exists in the authenticated part of YouPHPTube 7.6.

6.5
2019-10-25 CVE-2019-5120 Youphptube SQL Injection vulnerability in Youphptube 7.6

An exploitable SQL injection vulnerability exists in the authenticated part of YouPHPTube 7.6.

6.5
2019-10-25 CVE-2019-5119 Youphptube SQL Injection vulnerability in Youphptube 7.6

An exploitable SQL injection vulnerability exist in the authenticated part of YouPHPTube 7.6.

6.5
2019-10-25 CVE-2019-5117 Youphptube SQL Injection vulnerability in Youphptube 7.6

Exploitable SQL injection vulnerabilities exists in the authenticated portion of YouPHPTube 7.6.

6.5
2019-10-25 CVE-2019-5116 Youphptube SQL Injection vulnerability in Youphptube 7.6

An exploitable SQL injection vulnerability exists in the authenticated part of YouPHPTube 7.6.

6.5
2019-10-25 CVE-2013-4856 Dlink Information Exposure vulnerability in Dlink Dir-865L Firmware

D-Link DIR-865L has Information Disclosure.

6.5
2019-10-24 CVE-2019-18417 Sourcecodester Unrestricted Upload of File with Dangerous Type vulnerability in Sourcecodester Restaurant Management System 1.0

Sourcecodester Restaurant Management System 1.0 allows an authenticated attacker to upload arbitrary files that can result in code execution.

6.5
2019-10-23 CVE-2019-18213 XML Language Server Project
Eclipse
Theia XML Extension Project
XML Injection (aka Blind XPath Injection) vulnerability in multiple products

XML Language Server (aka lsp4xml) before 0.9.1, as used in Red Hat XML Language Support (aka vscode-xml) before 0.9.1 for Visual Studio and other products, allows XXE via a crafted XML document, with resultant SSRF (as well as SMB connection initiation that can lead to NetNTLM challenge/response capture for password cracking).

6.5
2019-10-23 CVE-2019-10472 Jenkins Incorrect Default Permissions vulnerability in Jenkins Libvirt Slaves

A missing permission check in Jenkins Libvirt Slaves Plugin allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

6.5
2019-10-23 CVE-2019-10470 Jenkins Incorrect Default Permissions vulnerability in Jenkins Kubernetes CI

A missing permission check in Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins.

6.5
2019-10-23 CVE-2019-10469 Jenkins Incorrect Default Permissions vulnerability in Jenkins Kubernetes CI

A missing permission check in Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

6.5
2019-10-23 CVE-2019-10467 Jenkins Insufficiently Protected Credentials vulnerability in Jenkins Sonar Gerrit

Jenkins Sonar Gerrit Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.

6.5
2019-10-23 CVE-2019-10463 Jenkins Incorrect Default Permissions vulnerability in Jenkins Dynatrace Application Monitoring

A missing permission check in Jenkins Dynatrace Application Monitoring Plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials.

6.5
2019-10-23 CVE-2019-10459 Jenkins Insufficiently Protected Credentials vulnerability in Jenkins Mattermost Notification

Jenkins Mattermost Notification Plugin 2.7.0 and earlier stored webhook URLs containing a secret token unencrypted in its global configuration file and job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system.

6.5
2019-10-23 CVE-2019-14276 Xnat XXE vulnerability in Xnat 1.7.5.3

WUSTL XNAT 1.7.5.3 allows XXE attacks via a POST request body.

6.5
2019-10-22 CVE-2015-9496 Freshmail SQL Injection vulnerability in Freshmail Freshmail-Newsletter

The freshmail-newsletter plugin before 1.6 for WordPress has shortcode.php SQL Injection via the 'FM_form id=' substring.

6.5
2019-10-21 CVE-2019-16404 Open EMR SQL Injection vulnerability in Open-Emr Openemr

Authenticated SQL Injection in interface/forms/eye_mag/js/eye_base.php in OpenEMR through 5.0.2 allows a user to extract arbitrary data from the openemr database via a non-parameterized INSERT INTO statement, as demonstrated by the providerID parameter.

6.5
2019-10-21 CVE-2019-16986 Fusionpbx Path Traversal vulnerability in Fusionpbx

In FusionPBX up to v4.5.7, the file resources\download.php uses an unsanitized "f" variable coming from the URL, which takes any pathname and allows a download of it.

6.5
2019-10-21 CVE-2019-16985 Fusionpbx Path Traversal vulnerability in Fusionpbx

In FusionPBX up to v4.5.7, the file app\xml_cdr\xml_cdr_delete.php uses an unsanitized "rec" variable coming from the URL, which is base64 decoded and allows deletion of any file of the system.

6.5
2019-10-21 CVE-2019-16990 Fusionpbx Path Traversal vulnerability in Fusionpbx

In FusionPBX up to v4.5.7, the file app/music_on_hold/music_on_hold.php uses an unsanitized "file" variable coming from the URL, which takes any pathname (base64 encoded) and allows a download of it.

6.5
2019-10-23 CVE-2019-18348 Python Injection vulnerability in Python

An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0.

6.1
2019-10-23 CVE-2019-17606 Hexo Admin Project Cross-site Scripting vulnerability in Hexo-Admin Project Hexo-Admin

The Post editor functionality in the hexo-admin plugin versions 2.3.0 and earlier for Node.js is vulnerable to stored XSS via the content of a post.

6.1
2019-10-23 CVE-2019-10475 Jenkins Cross-site Scripting vulnerability in Jenkins Build-Metrics

A reflected cross-site scripting vulnerability in Jenkins build-metrics Plugin allows attackers to inject arbitrary HTML and JavaScript into web pages provided by this plugin.

6.1
2019-10-22 CVE-2019-16973 Fusionpbx Cross-site Scripting vulnerability in Fusionpbx

In FusionPBX up to 4.5.7, the file app\contacts\contact_edit.php uses an unsanitized "query_string" variable coming from the URL, which is reflected in HTML, leading to XSS.

6.1
2019-10-22 CVE-2019-16972 Fusionpbx Cross-site Scripting vulnerability in Fusionpbx

In FusionPBX up to 4.5.7, the file app\contacts\contact_addresses.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.

6.1
2019-10-22 CVE-2019-16971 Fusionpbx Cross-site Scripting vulnerability in Fusionpbx

In FusionPBX up to 4.5.7, the file app\messages\messages_thread.php uses an unsanitized "contact_uuid" variable coming from the URL, which is reflected on 3 occasions in HTML, leading to XSS.

6.1
2019-10-21 CVE-2019-16974 Fusionpbx Cross-site Scripting vulnerability in Fusionpbx

In FusionPBX up to 4.5.7, the file app\contacts\contact_times.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.

6.1
2019-10-21 CVE-2019-16969 Fusionpbx Cross-site Scripting vulnerability in Fusionpbx

In FusionPBX up to 4.5.7, the file app\fifo_list\fifo_interactive.php uses an unsanitized "c" variable coming from the URL, which is reflected in HTML, leading to XSS.

6.1
2019-10-21 CVE-2019-16970 Fusionpbx Cross-site Scripting vulnerability in Fusionpbx

In FusionPBX up to 4.5.7, the file app\sip_status\sip_status.php uses an unsanitized "savemsg" variable coming from the URL, which is reflected in HTML, leading to XSS.

6.1
2019-10-21 CVE-2019-16968 Fusionpbx Cross-site Scripting vulnerability in Fusionpbx

An issue was discovered in FusionPBX up to 4.5.7.

6.1
2019-10-21 CVE-2019-16991 Fusionpbx Cross-site Scripting vulnerability in Fusionpbx

In FusionPBX up to v4.5.7, the file app\edit\filedelete.php uses an unsanitized "file" variable coming from the URL, which is reflected in HTML, leading to XSS.

6.1
2019-10-21 CVE-2019-16989 Fusionpbx Cross-site Scripting vulnerability in Fusionpbx

In FusionPBX up to v4.5.7, the file app\conferences_active\conference_interactive.php uses an unsanitized "c" variable coming from the URL, which is reflected in HTML, leading to XSS.

6.1
2019-10-21 CVE-2019-16988 Fusionpbx Cross-site Scripting vulnerability in Fusionpbx

In FusionPBX up to v4.5.7, the file app\basic_operator_panel\resources\content.php uses an unsanitized "eavesdrop_dest" variable coming from the URL, which is reflected on 3 occasions in HTML, leading to XSS.

6.1
2019-10-21 CVE-2019-16987 Fusionpbx Cross-site Scripting vulnerability in Fusionpbx

In FusionPBX up to v4.5.7, the file app\contacts\contact_import.php uses an unsanitized "query_string" variable coming from the URL, which is reflected in HTML, leading to XSS.

6.1
2019-10-21 CVE-2019-16984 Fusionpbx Cross-site Scripting vulnerability in Fusionpbx

In FusionPBX up to v4.5.7, the file app\recordings\recording_play.php uses an unsanitized "filename" variable coming from the URL, which is base64 decoded and reflected in HTML, leading to XSS.

6.1
2019-10-21 CVE-2019-16983 Fusionpbx Cross-site Scripting vulnerability in Fusionpbx

In FusionPBX up to v4.5.7, the file resources\paging.php has a paging function (called by several pages of the interface), which uses an unsanitized "param" variable constructed partially from the URL args and reflected in HTML, leading to XSS.

6.1
2019-10-21 CVE-2019-16982 Fusionpbx Cross-site Scripting vulnerability in Fusionpbx

In FusionPBX up to v4.5.7, the file app\access_controls\access_control_nodes.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.

6.1
2019-10-21 CVE-2019-16981 Fusionpbx Cross-site Scripting vulnerability in Fusionpbx

In FusionPBX up to v4.5.7, the file app\conference_profiles\conference_profile_params.php uses an unsanitized "id" variable coming from the URL, which is reflected on 2 occasions in HTML, leading to XSS.

6.1
2019-10-21 CVE-2019-16979 Fusionpbx Cross-site Scripting vulnerability in Fusionpbx

In FusionPBX up to v4.5.7, the file app\contacts\contact_urls.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.

6.1
2019-10-21 CVE-2019-16978 Fusionpbx Cross-site Scripting vulnerability in Fusionpbx

In FusionPBX up to v4.5.7, the file app\devices\device_settings.php uses an unsanitized "id" variable coming from the URL, which is reflected on 2 occasions in HTML, leading to XSS.

6.1
2019-10-22 CVE-2019-11674 Microfocus Improper Certificate Validation vulnerability in Microfocus Netiq Self Service Password Reset

Man-in-the-middle vulnerability in Micro Focus Self Service Password Reset, affecting all versions prior to 4.4.0.4.

5.9
2019-10-23 CVE-2019-18359 Glensawyer Out-of-bounds Read vulnerability in Glensawyer Mp3Gain 1.6.2

A buffer over-read was discovered in ReadMP3APETag in apetag.c in MP3Gain 1.6.2.

5.5
2019-10-23 CVE-2019-12415 Apache
Oracle
XXE vulnerability in multiple products

In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to convert user-provided Microsoft Excel documents, a specially crafted document can allow an attacker to read files from the local filesystem or from internal network resources via XML External Entity (XXE) Processing.

5.5
2019-10-22 CVE-2019-15587 Loofah Project
Fedoraproject
Canonical
Debian
Cross-site Scripting vulnerability in multiple products

In the Loofah gem for Ruby through v2.3.0 unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.

5.4
2019-10-25 CVE-2019-5508 Netapp Unspecified vulnerability in Netapp Clustered Data Ontap 9.2/9.3/9.4

Clustered Data ONTAP versions 9.2 through 9.4 are susceptible to a vulnerability which allows an attacker to use l2ping to cause a Denial of Service (DoS).

5.0
2019-10-25 CVE-2019-13549 Carel Missing Authentication for Critical Function vulnerability in Carel Pcoweb Firmware A1.5.3/A2.0.4/B1.2.4

Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4.

5.0
2019-10-25 CVE-2019-13525 Honeywell Missing Authentication for Critical Function vulnerability in Honeywell Ip-Ak2 Firmware

In IP-AK2 Access Control Panel Version 1.04.07 and prior, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data, which can be accessed without authentication over the network.

5.0
2019-10-25 CVE-2019-4399 IBM Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Cloud Orchestrator

IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

5.0
2019-10-25 CVE-2019-4036 IBM Improper Input Validation vulnerability in IBM Security Access Manager

IBM Security Access Manager Appliance could allow unauthenticated attacker to cause a denial of service in the reverse proxy component.

5.0
2019-10-25 CVE-2019-8087 Adobe XXE vulnerability in Adobe Experience Manager

Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability.

5.0
2019-10-25 CVE-2019-8086 Adobe XXE vulnerability in Adobe Experience Manager

Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability.

5.0
2019-10-25 CVE-2019-8082 Adobe XXE vulnerability in Adobe Experience Manager 6.2/6.3/6.4

Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability.

5.0
2019-10-25 CVE-2019-8081 Adobe Unspecified vulnerability in Adobe Experience Manager

Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have an authentication bypass vulnerability.

5.0
2019-10-25 CVE-2016-2360 Milesight Use of Hard-coded Credentials vulnerability in Milesight IP Security Camera Firmware

Milesight IP security cameras through 2016-11-14 have a default root password in /etc/shadow that is the same across different customers' installations.

5.0
2019-10-25 CVE-2016-2358 Milesight Use of Hard-coded Credentials vulnerability in Milesight IP Security Camera Firmware

Milesight IP security cameras through 2016-11-14 have a default set of 10 privileged accounts with hardcoded credentials.

5.0
2019-10-25 CVE-2016-2357 Milesight Use of Hard-coded Credentials vulnerability in Milesight IP Security Camera Firmware

Milesight IP security cameras through 2016-11-14 have a hardcoded SSL private key under the /etc/config directory.

5.0
2019-10-24 CVE-2019-15929 Craftcms Weak Password Recovery Mechanism for Forgotten Password vulnerability in Craftcms Craft CMS

In Craft CMS through 3.1.7, the elevated session password prompt was not being rate limited like normal login forms, leading to the possibility of a brute force attempt on them.

5.0
2019-10-24 CVE-2019-18201 Fujitsu Missing Encryption of Sensitive Data vulnerability in Fujitsu Lx390 Firmware

An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices.

5.0
2019-10-24 CVE-2019-18393 Igniterealtime Path Traversal vulnerability in Igniterealtime Openfire

PluginServlet.java in Ignite Realtime Openfire through 4.4.2 does not ensure that retrieved files are located under the Openfire home directory, aka a directory traversal vulnerability.

5.0
2019-10-23 CVE-2019-8238 Adobe Path Traversal vulnerability in Adobe Acrobat DC

Adobe Acrobat and Reader versions 2019.010.20100 and earlier; 2019.010.20099 and earlier versions; 2017.011.30140 and earlier version; 2017.011.30138 and earlier version; 2015.006.30495 and earlier versions; 2015.006.30493 and earlier versions have a Path Traversal vulnerability.

5.0
2019-10-23 CVE-2019-18385 Terra Master Information Exposure Through Log Files vulnerability in Terra-Master Fs-210 Firmware 4.0.19

An issue was discovered on TerraMaster FS-210 4.0.19 devices.

5.0
2019-10-23 CVE-2019-18383 Terra Master Missing Authorization vulnerability in Terra-Master Fs-210 Firmware 4.0.19

An issue was discovered on TerraMaster FS-210 4.0.19 devices.

5.0
2019-10-23 CVE-2019-18382 Avstar Improper Input Validation vulnerability in Avstar Pe204 Firmware 3.10.70

An issue was discovered on AVStar PE204 3.10.70 IP camera devices.

5.0
2019-10-23 CVE-2019-18371 MI Path Traversal vulnerability in MI Millet Router 3G Firmware

An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable.

5.0
2019-10-23 CVE-2014-2304 Projectfloodlight Improper Input Validation vulnerability in Projectfloodlight Open SDN Controller 0.90

A vulnerability in version 0.90 of the Open Floodlight SDN controller software could result in a denial of service attack and crashing of the controller service.

5.0
2019-10-22 CVE-2019-12147 Sangoma Argument Injection or Modification vulnerability in Sangoma Session Border Controller Firmware 2.3.23119Ga

The Sangoma Session Border Controller (SBC) 2.3.23-119 GA web interface is vulnerable to Argument Injection via special characters in the username field.

5.0
2019-10-21 CVE-2019-17400 Universal Office Converter Project Server-Side Request Forgery (SSRF) vulnerability in Universal Office Converter Project Universal Office Converter

The unoconv package before 0.9 mishandles untrusted pathnames, leading to SSRF and local file inclusion.

5.0
2019-10-24 CVE-2019-18409 Zenspider Incorrect Permission Assignment for Critical Resource vulnerability in Zenspider Ruby Parser-Legacy 1.0.0

The ruby_parser-legacy (aka legacy) gem 1.0.0 for Ruby allows local privilege escalation because of world-writable files.

4.6
2019-10-23 CVE-2002-2439 GNU Integer Overflow or Wraparound vulnerability in GNU GCC

Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impacts.

4.6
2019-10-23 CVE-2019-18278 Videolan Unspecified vulnerability in Videolan VLC Media Player 3.0.8

When executing VideoLAN VLC media player 3.0.8 with libqt on Windows, Data from a Faulting Address controls Code Flow starting at libqt_plugin!vlc_entry_license__3_0_0f+0x00000000003b9aba.

4.6
2019-10-24 CVE-2019-6692 Fortinet Uncontrolled Search Path Element vulnerability in Fortinet Forticlient

A malicious DLL preload vulnerability in Fortinet FortiClient for Windows 6.2.0 and below allows a privileged attacker to perform arbitrary code execution via forging that DLL.

4.4
2019-10-23 CVE-2019-17093 AVG
Avast
Untrusted Search Path vulnerability in multiple products

An issue was discovered in Avast antivirus before 19.8 and AVG antivirus before 19.8.

4.4
2019-10-25 CVE-2019-18221 Corehr Cross-site Scripting vulnerability in Corehr Core Portal

CoreHR Core Portal before 27.0.7 allows stored XSS.

4.3
2019-10-25 CVE-2019-17143 Foxitsoftware Use After Free vulnerability in Foxitsoftware Phantompdf 9.6.0.25114

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.6.0.25114.

4.3
2019-10-25 CVE-2019-17138 Foxitsoftware Out-of-bounds Read vulnerability in Foxitsoftware Foxit Studio Photo

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.909.

4.3
2019-10-25 CVE-2019-8234 Adobe Cross-Site Request Forgery (CSRF) vulnerability in Adobe Experience Manager 6.2/6.3/6.4

Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a cross-site request forgery vulnerability.

4.3
2019-10-25 CVE-2019-8085 Adobe Cross-site Scripting vulnerability in Adobe Experience Manager

Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a reflected cross site scripting vulnerability.

4.3
2019-10-25 CVE-2019-8084 Adobe Cross-site Scripting vulnerability in Adobe Experience Manager

Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a reflected cross site scripting vulnerability.

4.3
2019-10-25 CVE-2019-8083 Adobe Cross-site Scripting vulnerability in Adobe Experience Manager 6.3/6.4/6.5

Adobe Experience Manager versions 6.5, 6.4 and 6.3 have a cross site scripting vulnerability.

4.3
2019-10-24 CVE-2019-18419 Clonos Cross-site Scripting vulnerability in Clonos 19.09

A cross-site scripting (XSS) vulnerability in index.php in ClonOS WEB control panel 19.09 allows remote attackers to inject arbitrary web script or HTML via the lang parameter.

4.3
2019-10-24 CVE-2019-8080 Adobe Cross-site Scripting vulnerability in Adobe Experience Manager 6.3/6.4

Adobe Experience Manager versions 6.4 and 6.3 have a stored cross site scripting vulnerability.

4.3
2019-10-24 CVE-2019-8079 Adobe Cross-site Scripting vulnerability in Adobe Experience Manager

Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross site scripting vulnerability.

4.3
2019-10-24 CVE-2019-8078 Adobe Cross-site Scripting vulnerability in Adobe Experience Manager 6.2/6.3/6.4

Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a reflected cross site scripting vulnerability.

4.3
2019-10-24 CVE-2019-18416 Restaurant Management System Project Cross-site Scripting vulnerability in Restaurant Management System Project Restaurant Management System 1.0

Sourcecodester Restaurant Management System 1.0 allows XSS via the Last Name field of a member.

4.3
2019-10-24 CVE-2019-18415 Restaurant Management System Project Cross-site Scripting vulnerability in Restaurant Management System Project Restaurant Management System 1.0

Sourcecodester Restaurant Management System 1.0 allows XSS via the "send a message" screen.

4.3
2019-10-24 CVE-2019-12094 Horde Cross-site Scripting vulnerability in Horde Groupware

Horde Groupware Webmail Edition through 5.2.22 allows XSS via an admin/user.php?form=update_f&user_name= or admin/user.php?form=remove_f&user_name= or admin/config/diff.php?app= URI.

4.3
2019-10-24 CVE-2019-17581 Dormsystem Project Cross-site Scripting vulnerability in Dormsystem Project Dormsystem 1.1/1.2/1.3

tonyy dormsystem through 1.3 allows DOM XSS.

4.3
2019-10-23 CVE-2019-9597 Darktrace Cross-Site Request Forgery (CSRF) vulnerability in Darktrace Enterprise Immune System 3.0.10/3.0.9

Darktrace Enterprise Immune System before 3.1 allows CSRF via the /config endpoint.

4.3
2019-10-23 CVE-2019-9596 Darktrace Cross-Site Request Forgery (CSRF) vulnerability in Darktrace Enterprise Immune System 3.0.10/3.0.9

Darktrace Enterprise Immune System before 3.1 allows CSRF via the /whitelisteddomains endpoint.

4.3
2019-10-23 CVE-2019-18357 Thycotic Cross-site Scripting vulnerability in Thycotic Secret Server

An XSS issue was discovered in Thycotic Secret Server before 10.7 (issue 2 of 2).

4.3
2019-10-23 CVE-2019-18356 Thycotic Cross-site Scripting vulnerability in Thycotic Secret Server

An XSS issue was discovered in Thycotic Secret Server before 10.7 (issue 1 of 2).

4.3
2019-10-23 CVE-2019-18350 ANT Design Cross-site Scripting vulnerability in Ant.Design ANT Design PRO 4.0.0

In Ant Design Pro 4.0.0, reflected XSS in the user/login redirect GET parameter affects the authorization component, leading to execution of JavaScript code in the login after-action script.

4.3
2019-10-23 CVE-2019-16977 Fusionpbx Cross-site Scripting vulnerability in Fusionpbx

In FusionPBX up to 4.5.7, the file app\extensions\extension_imports.php uses an unsanitized "query_string" variable coming from the URL, which is reflected in HTML, leading to XSS.

4.3
2019-10-23 CVE-2015-9524 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) Recount Earnings extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9523 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) Recommended Products extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9522 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) QR Code extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9521 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) Pushover Notifications extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9520 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) Per Product Emails extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9519 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) PDF Stamper extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9518 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) PDF Invoices extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9517 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) Manual Purchases extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9516 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) Invoices extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9515 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) htaccess Editor extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9514 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) Free Downloads extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9513 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) Favorites extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9512 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) CSV Manager extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9511 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) Conditional Success Redirects extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9510 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) Cross-sell Upsell extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9509 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) Content Restriction extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9508 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) Commissions extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9507 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) Attach Accounts to Orders extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9506 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) Amazon S3 extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9505 Sandhillsdev Cross-site Scripting vulnerability in Sandhillsdev Easy Digital Downloads

The Easy Digital Downloads (EDD) core component 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7 for WordPress has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9504 Weeklynews Theme Project Cross-site Scripting vulnerability in Weeklynews Theme Project Weeklynews Theme

The weeklynews theme before 2.2.9 for WordPress has XSS via the s parameter.

4.3
2019-10-23 CVE-2015-9503 Webmandesign Cross-site Scripting vulnerability in Webmandesign Modern Theme

The Modern theme before 1.4.2 for WordPress has XSS via the genericons/example.html anchor identifier.

4.3
2019-10-23 CVE-2015-9502 Webmandesign Cross-site Scripting vulnerability in Webmandesign Auberge Theme

The Auberge theme before 1.4.5 for WordPress has XSS via the genericons/example.html anchor identifier.

4.3
2019-10-23 CVE-2019-16975 Fusionpbx Cross-site Scripting vulnerability in Fusionpbx

In FusionPBX up to 4.5.7, the file app\contacts\contact_notes.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.

4.3
2019-10-23 CVE-2015-9536 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) Twenty-Twelve theme for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9535 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) Shoppette theme for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9534 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) Quota theme for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9533 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) Lattice theme for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9532 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) Digital Store theme for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9531 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) Wish Lists extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9530 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) Upload File extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9529 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) Stripe extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9528 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) Software Licensing extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9527 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) Simple Shipping extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9526 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) Reviews extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2015-9525 Sandhillsdev
Easydigitaldownloads
Cross-site Scripting vulnerability in multiple products

The Easy Digital Downloads (EDD) Recurring Payments extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

4.3
2019-10-23 CVE-2019-18281 QT
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

An out-of-bounds memory access in the generateDirectionalRuns() function in qtextengine.cpp in Qt qtbase 5.11.x and 5.12.x before 5.12.5 allows attackers to cause a denial of service by crashing an application via a text file containing many directional characters.

4.3
2019-10-23 CVE-2019-16976 Fusionpbx Cross-site Scripting vulnerability in Fusionpbx

In FusionPBX up to 4.5.7, the file app\destinations\destination_imports.php uses an unsanitized "query_string" variable coming from the URL, which is reflected on 2 occasions in HTML, leading to XSS.

4.3
2019-10-23 CVE-2019-18219 Sitemagic Cross-site Scripting vulnerability in Sitemagic 4.4.1

Sitemagic CMS 4.4.1 is affected by a Cross-Site-Scripting (XSS) vulnerability, as it fails to validate user input.

4.3
2019-10-23 CVE-2019-10474 Jenkins Incorrect Default Permissions vulnerability in Jenkins Global Post Script

A missing permission check in Jenkins Global Post Script Plugin in allowed users with Overall/Read access to list the scripts available to the plugin stored on the Jenkins master file system.

4.3
2019-10-23 CVE-2019-10473 Jenkins Incorrect Default Permissions vulnerability in Jenkins Libvirt Slaves

A missing permission check in Jenkins Libvirt Slaves Plugin in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins.

4.3
2019-10-23 CVE-2019-10465 Jenkins Incorrect Default Permissions vulnerability in Jenkins Deploy Weblogic

A missing permission check in Jenkins Deploy WebLogic Plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials, or determine whether a file or directory with an attacker-specified path exists on the Jenkins master file system.

4.3
2019-10-22 CVE-2015-9501 Artificial Intelligence Project Cross-site Scripting vulnerability in Artificial Intelligence Project Artificial Intelligence

The Artificial Intelligence theme before 1.2.4 for WordPress has XSS because Genericons HTML files are unnecessarily placed under the web root.

4.3
2019-10-22 CVE-2019-8089 Adobe Cross-site Scripting vulnerability in Adobe Experience Manager Forms 6.3/6.4/6.5

Adobe Experience Manager Forms versions 6.3-6.5 have a reflected cross-site scripting vulnerability.

4.3
2019-10-22 CVE-2015-9500 Exquisite Ultimate Newspaper Project Cross-site Scripting vulnerability in Exquisite Ultimate Newspaper Project Exquisite Ultimate Newspaper 1.3.3

The Exquisite Ultimate Newspaper theme 1.3.3 for WordPress has XSS via the anchor identifier to assets/js/jquery.foundation.plugins.js.

4.3
2019-10-22 CVE-2015-9495 Syndication Links Project Cross-site Scripting vulnerability in Syndication Links Project Syndication Links

The syndication-links plugin before 1.0.3 for WordPress has XSS via the genericons/example.html anchor identifier.

4.3
2019-10-22 CVE-2015-9494 Indieweb Post Kinds Project Cross-site Scripting vulnerability in Indieweb Post Kinds Project Indieweb Post Kinds

The indieweb-post-kinds plugin before 1.3.1.1 for WordPress has XSS via the genericons/example.html anchor identifier.

4.3
2019-10-22 CVE-2015-9493 NLB Creationst Cross-site Scripting vulnerability in Nlb-Creationst MY Wish List

The my-wish-list plugin before 1.4.2 for WordPress has multiple XSS issues.

4.3
2019-10-22 CVE-2019-12967 Themooltipass Cleartext Transmission of Sensitive Information vulnerability in Themooltipass Moolticute

Stephan Mooltipass Moolticute through 0.42.1 (and possibly earlier versions) has Incorrect Access Control.

4.3
2019-10-21 CVE-2019-17220 Rocket Chat Cross-site Scripting vulnerability in Rocket.Chat

Rocket.Chat before 2.1.0 allows XSS via a URL on a ![title] line.

4.3
2019-10-21 CVE-2019-16967 Freepbx
Sangoma
Cross-site Scripting vulnerability in multiple products

An issue was discovered in Manager 13.x before 13.0.2.6 and 15.x before 15.0.6 before FreePBX 14.0.10.3.

4.3
2019-10-21 CVE-2019-16966 Freepbx
Sangoma
Cross-site Scripting vulnerability in multiple products

An issue was discovered in Contactmanager 13.x before 13.0.45.3, 14.x before 14.0.5.12, and 15.x before 15.0.8.21 for FreePBX 14.0.10.3.

4.3
2019-10-21 CVE-2019-18203 Ricoh Cross-site Scripting vulnerability in Ricoh MP 501 Firmware

On the RICOH MP 501 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn and KeyDisplay parameter to /web/entry/en/address/adrsSetUserWizard.cgi.

4.3
2019-10-21 CVE-2019-17409 Open EMR Cross-site Scripting vulnerability in Open-Emr Openemr

Reflected XSS exists in interface/forms/eye_mag/view.php in OpenEMR 5.x before 5.0.2.1 ia the id parameter.

4.3
2019-10-21 CVE-2019-16862 Open EMR Cross-site Scripting vulnerability in Open-Emr Openemr

Reflected XSS in interface/forms/eye_mag/view.php in OpenEMR 5.x before 5.0.2.1 allows a remote attacker to execute arbitrary code in the context of a user's session via the pid parameter.

4.3
2019-10-25 CVE-2019-4400 IBM Path Traversal vulnerability in IBM Cloud Orchestrator

IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 could allow a remote attacker to traverse directories on the system.

4.0
2019-10-24 CVE-2019-4397 IBM Information Exposure vulnerability in IBM Cloud Orchestrator and Cloud Orchestrator Enterprise

IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 through 2.5.0.9 and 2.4 through 2.4.0.5 stores sensitive information in URL parameters.

4.0
2019-10-23 CVE-2019-18212 XML Language Server Project
Eclipse
Theia XML Extension Project
Path Traversal vulnerability in multiple products

XMLLanguageService.java in XML Language Server (aka lsp4xml) before 0.9.1, as used in Red Hat XML Language Support (aka vscode-xml) before 0.9.1 for Visual Studio and other products, allows a remote attacker to write to arbitrary files via Directory Traversal.

4.0
2019-10-23 CVE-2019-18384 Terra Master Unspecified vulnerability in Terra-Master Fs-210 Firmware 4.0.19

An issue was discovered on TerraMaster FS-210 4.0.19 devices.

4.0
2019-10-23 CVE-2019-6144 Forcepoint Incorrect Authorization vulnerability in Forcepoint ONE Endpoint 19.04/19.08

This vulnerability allows a normal (non-admin) user to disable the Forcepoint One Endpoint (versions 19.04 through 19.08) and bypass DLP and Web protection.

4.0
2019-10-23 CVE-2019-3982 Tenable Improper Input Validation vulnerability in Tenable Nessus

Nessus versions 8.6.0 and earlier were found to contain a Denial of Service vulnerability due to improper validation of specific imported scan types.

4.0
2019-10-23 CVE-2019-11283 Cloudfoundry
Pivotal Software
Information Exposure Through Log Files vulnerability in multiple products

Cloud Foundry SMB Volume, versions prior to v2.0.3, accidentally outputs sensitive information to the logs.

4.0
2019-10-23 CVE-2019-11282 Cloudfoundry
Pivotal Software
Injection vulnerability in multiple products

Cloud Foundry UAA, versions prior to v74.3.0, contains an endpoint that is vulnerable to SCIM injection attack.

4.0
2019-10-21 CVE-2019-10716 Verodin Improper Privilege Management vulnerability in Verodin Director 3.5.3.1

An Information Disclosure issue in Verodin Director 3.5.3.1 and earlier reveals usernames and passwords of integrated security technologies via a /integrations.json JSON REST API request.

4.0

12 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-10-25 CVE-2019-4461 IBM Injection vulnerability in IBM Cloud Orchestrator

IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 is vulnerable to HTTP Response Splitting caused by improper caching of content.

3.5
2019-10-25 CVE-2019-4396 IBM Injection vulnerability in IBM Cloud Orchestrator

IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input.

3.5
2019-10-24 CVE-2019-4486 IBM Cross-site Scripting vulnerability in IBM products

IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting.

3.5
2019-10-24 CVE-2019-4459 IBM Cross-site Scripting vulnerability in IBM Cloud Orchestrator

IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 through 2.5.0.9 and 2.4 through 2.4.0.5 is vulnerable to cross-site scripting.

3.5
2019-10-22 CVE-2019-17189 Totemo Cross-site Scripting vulnerability in Totemo Totemodata 3.0.0B936

totemodata 3.0.0_b936 has XSS via a folder name.

3.5
2019-10-21 CVE-2019-10715 Verodin Cross-site Scripting vulnerability in Verodin Director 3.5.3.1

There is Stored XSS in Verodin Director 3.5.3.0 and earlier via input fields of certain tooltips, and on the Tags, Sequences, and Actors pages.

3.5
2019-10-24 CVE-2019-9699 Symantec Information Exposure vulnerability in Symantec Messaging Gateway

Symantec Messaging Gateway (prior to 10.7.0), may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data.

2.7
2019-10-24 CVE-2019-15703 Fortinet Insufficient Entropy vulnerability in Fortinet Fortios

An Insufficient Entropy in PRNG vulnerability in Fortinet FortiOS 6.2.1, 6.2.0, 6.0.8 and below for device not enable hardware TRNG token and models not support builtin TRNG seed allows attacker to theoretically recover the long term ECDSA secret in a TLS client with a RSA handshake and mutual ECDSA authentication via the help of flush+reload side channel attacks in FortiGate VM models only.

2.6
2019-10-25 CVE-2019-4395 IBM Unspecified vulnerability in IBM Cloud Orchestrator

IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 could allow a local user to obtain sensitive information from temporary script files.

2.1
2019-10-25 CVE-2019-4394 IBM Improper Input Validation vulnerability in IBM Cloud Orchestrator

IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 contain APIs that could be used by a local user to send email.

2.1
2019-10-24 CVE-2019-4398 IBM Missing Encryption of Sensitive Data vulnerability in IBM Cloud Orchestrator and Cloud Orchestrator Enterprise

IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 through 2.5.0.9 and 2.4 through 2.4.0.5 could allow a local user to obtain sensitive information from SessionManagement cookies.

2.1
2019-10-22 CVE-2017-8087 AVM Information Exposure vulnerability in AVM Fritz!Os 6.80/6.83

Information Leakage in PPPoE Packet Padding in AVM Fritz!Box 7490 with Firmware versions Fritz!OS 6.80 and 6.83 allows physically proximate attackers to view slices of previously transmitted packets or portions of memory via via unspecified vectors.

2.1