| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-18595 | Hig | 0.00 | 7.8 | 0.00 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c. | ||
| CVE-2019-15918 | Hig | 0.00 | 7.8 | 0.01 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.10. SMB2_negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21. | ||
| CVE-2019-15917 | Hig | 0.00 | 7.0 | 0.01 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c. | ||
| CVE-2019-6646 | Hig | 0.57 | 8.8 | 0.02 | Sep 4, 2019 | On BIG-IP 11.5.2-11.6.4 and Enterprise Manager 3.1.1, REST users with guest privileges may be able to escalate their privileges and run commands with admin privileges. | ||
| CVE-2019-6643 | Hig | 0.49 | 7.5 | 0.01 | Sep 4, 2019 | On versions 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, 12.1.0-12.1.4.1, and 11.5.2-11.6.4, an attacker sending specifically crafted DHCPv6 requests through a BIG-IP virtual server configured with a DHCPv6 profile may be able to cause the TMM process to produce a core file. | ||
| CVE-2019-6645 | Hig | 0.49 | 7.5 | 0.01 | Sep 4, 2019 | On BIG-IP 14.0.0-14.1.0.5, 13.0.0-13.1.2, 12.1.0-12.1.4.1, 11.5.2-11.6.4, FTP traffic passing through a Virtual Server with both an active FTP profile associated and connection mirroring configured may lead to a TMM crash causing the configured HA action to be taken. | ||
| CVE-2019-15916 | Hig | 0.00 | 7.5 | 0.04 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service. | ||
| CVE-2019-13522 | Hig | 0.51 | 7.8 | 0.01 | Sep 4, 2019 | An attacker could use a specially crafted project file to corrupt the memory and execute code under the privileges of the EZ PLC Editor Versions 1.8.41 and prior. | ||
| CVE-2019-13518 | Hig | 0.51 | 7.8 | 0.01 | Sep 4, 2019 | An attacker could use a specially crafted project file to overflow the buffer and execute code under the privileges of the EZ Touch Editor Versions 2.1.0 and prior. | ||
| CVE-2019-15813 | Hig | 0.63 | 8.8 | 0.33 | Sep 4, 2019 | Multiple file upload restriction bypass vulnerabilities in Sentrifugo 3.2 could allow authenticated users to execute arbitrary code via a webshell. | ||
| CVE-2019-12587 | Hig | 0.53 | 8.1 | 0.01 | Sep 4, 2019 | The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 allows the installation of a zero Pairwise Master Key (PMK) after the completion of any EAP authentication method, which allows attackers in radio range to replay,… | ||
| CVE-2019-15903 | Hig | 0.01 | 7.5 | 0.07 | Sep 4, 2019 | In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read. | ||
| CVE-2019-15892 | Hig | 0.49 | 7.5 | 0.06 | Sep 3, 2019 | An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and 6.2.x before 6.2.1. An HTTP/1 parsing failure allows a remote attacker to trigger an assert by sending crafted HTTP/1 requests. The assert will cause an automatic restart with a clean cache, which makes it… | ||
| CVE-2019-5479 | — | Hig | 0.49 | 7.5 | 0.01 | Sep 3, 2019 | An unintended require vulnerability in <v0.5.5 larvitbase-api may allow an attacker to load arbitrary non-production code (JavaScript file). | |
| CVE-2019-5475 | — | Hig | 0.59 | 8.8 | 0.18 | Sep 3, 2019 | The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability. | |
| CVE-2019-6179 | Hig | 0.49 | 7.5 | 0.01 | Sep 3, 2019 | An XML External Entity (XXE) processing vulnerability was reported in Lenovo XClarity Administrator (LXCA) prior to version 2.5.0 , Lenovo XClarity Integrator (LXCI) for Microsoft System Center prior to version 7.7.0, and Lenovo XClarity Integrator (LXCI) for VMWare vCenter… | ||
| CVE-2019-14261 | Hig | 0.49 | 7.5 | 0.03 | Sep 3, 2019 | An issue was discovered on ABUS Secvest FUAA50000 3.01.01 devices. Due to an insufficient implementation of jamming detection, an attacker is able to suppress correctly received RF messages sent between wireless peripheral components, e.g., wireless detectors or remote controls,… | ||
| CVE-2019-14817 | Hig | 0.51 | 7.8 | 0.02 | Sep 3, 2019 | A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and… | ||
| CVE-2019-14811 | Hig | 0.51 | 7.8 | 0.04 | Sep 3, 2019 | A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and… | ||
| CVE-2019-13156 | Hig | 0.49 | 7.5 | 0.01 | Sep 3, 2019 | NDrive(1.2.2).sys in Naver Cloud Explorer has a stack-based buffer overflow, which allows attackers to cause a denial of service when reading data from IOCTL handle. | ||
| CVE-2019-15873 | Hig | 0.58 | 8.8 | 0.04 | Sep 3, 2019 | The profilegrid-user-profiles-groups-and-communities plugin before 2.8.6 for WordPress has remote code execution via an wp-admin/admin-ajax.php request with the action=pm_template_preview&html=<?php substring followed by PHP code. | ||
| CVE-2019-15868 | Hig | 0.57 | 8.8 | 0.01 | Sep 3, 2019 | The affiliates-manager plugin before 2.6.6 for WordPress has CSRF. | ||
| CVE-2019-15867 | Hig | 0.57 | 8.8 | 0.02 | Sep 3, 2019 | The slick-popup plugin before 1.7.2 for WordPress has a hardcoded OmakPass13# password for the slickpopupteam account, after a Subscriber calls a certain AJAX action. | ||
| CVE-2019-15866 | Hig | 0.57 | 8.8 | 0.02 | Sep 3, 2019 | The crelly-slider plugin before 1.3.5 for WordPress has arbitrary file upload via a PHP file inside a ZIP archive to wp_ajax_crellyslider_importSlider. | ||
| CVE-2019-15865 | Hig | 0.57 | 8.8 | 0.01 | Sep 3, 2019 | The breadcrumbs-by-menu plugin before 1.0.3 for WordPress has CSRF. | ||
| CVE-2019-15863 | Hig | 0.49 | 7.5 | 0.02 | Sep 3, 2019 | The ConvertPlus plugin before 3.4.5 for WordPress has an unintended account creation (with the none role) via a request for variants. | ||
| CVE-2019-15043 | Hig | 0.54 | 7.5 | 0.63 | Sep 3, 2019 | In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana. | ||
| CVE-2019-15858 | Hig | 0.59 | 8.8 | 0.21 | Sep 3, 2019 | admin/includes/class.import.snippet.php in the "Woody ad snippets" plugin before 2.2.5 for WordPress allows unauthenticated options import, as demonstrated by storing an XSS payload for remote code execution. | ||
| CVE-2015-9381 | Hig | 0.57 | 8.8 | 0.02 | Sep 3, 2019 | FreeType before 2.6.1 has a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c. | ||
| CVE-2019-15847 | Hig | 0.49 | 7.5 | 0.03 | Sep 2, 2019 | The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For… | ||
| CVE-2019-15841 | Hig | 0.57 | 8.8 | 0.01 | Aug 30, 2019 | The facebook-for-woocommerce plugin before 1.9.15 for WordPress has CSRF via ajax_woo_infobanner_post_click, ajax_woo_infobanner_post_xout, or ajax_fb_toggle_visibility. | ||
| CVE-2019-15840 | Hig | 0.57 | 8.8 | 0.01 | Aug 30, 2019 | The facebook-for-woocommerce plugin before 1.9.14 for WordPress has CSRF. | ||
| CVE-2019-15839 | Hig | 0.49 | 7.5 | 0.02 | Aug 30, 2019 | The sina-extension-for-elementor plugin before 2.2.1 for WordPress has local file inclusion. | ||
| CVE-2019-15835 | Hig | 0.57 | 8.8 | 0.01 | Aug 30, 2019 | The wp-better-permalinks plugin before 3.0.5 for WordPress has CSRF. | ||
| CVE-2019-15834 | Hig | 0.57 | 8.8 | 0.01 | Aug 30, 2019 | The webp-converter-for-media plugin before 1.0.3 for WordPress has CSRF. | ||
| CVE-2019-15630 | — | Hig | 0.49 | 7.5 | 0.03 | Aug 30, 2019 | Directory Traversal in APIkit, HTTP connector, and OAuth2 Provider components in MuleSoft Mule Runtime 3.2.0 and higher released before August 1 2019, MuleSoft Mule Runtime 4.1.0 and higher released before August 1 2019, and all versions of MuleSoft API Gateway released before… | |
| CVE-2019-12810 | Hig | 0.51 | 7.8 | 0.01 | Aug 30, 2019 | A memory corruption vulnerability exists in the .PSD parsing functionality of ALSee v5.3 ~ v8.39. A specially crafted .PSD file can cause an out of bounds write vulnerability resulting in code execution. By persuading a victim to open a specially-crafted .PSD file, an attacker… | ||
| CVE-2019-2390 | Hig | 0.53 | 8.2 | 0.01 | Aug 30, 2019 | An unprivileged user or program on Microsoft Windows which can create OpenSSL configuration files in a fixed location may cause utility programs shipped with MongoDB server to run attacker defined code as the user running the utility. This issue MongoDB Server v4.0 versions… | ||
| CVE-2019-15026 | Hig | 0.00 | 7.5 | 0.03 | Aug 30, 2019 | memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conn_to_str in memcached.c. | ||
| CVE-2019-15832 | Hig | 0.57 | 8.8 | 0.01 | Aug 30, 2019 | The visitors-traffic-real-time-statistics plugin before 1.13 for WordPress has CSRF. | ||
| CVE-2019-15831 | Hig | 0.57 | 8.8 | 0.01 | Aug 30, 2019 | The visitors-traffic-real-time-statistics plugin before 1.12 for WordPress has CSRF in the settings page. | ||
| CVE-2019-15828 | Hig | 0.57 | 8.8 | 0.01 | Aug 30, 2019 | The one-click-ssl plugin before 1.4.7 for WordPress has CSRF. | ||
| CVE-2019-15821 | Hig | 0.50 | 7.5 | 0.11 | Aug 30, 2019 | The bold-page-builder plugin before 2.3.2 for WordPress has no protection against modifying settings and importing data. | ||
| CVE-2019-15816 | Hig | 0.49 | 7.5 | 0.02 | Aug 30, 2019 | The wp-private-content-plus plugin before 2.0 for WordPress has no protection against option changes via save_settings_page and other save_ functions. | ||
| CVE-2015-9380 | Hig | 0.57 | 8.8 | 0.01 | Aug 30, 2019 | The photo-gallery plugin before 1.2.42 for WordPress has CSRF. | ||
| CVE-2019-6113 | Hig | 0.49 | 7.5 | 0.03 | Aug 30, 2019 | Directory traversal vulnerability on ONKYO TX-NR686 1030-5000-1040-0010 A/V Receiver devices allows remote attackers to read arbitrary files via a .. (dot dot) and %2f to the default URI. | ||
| CVE-2019-5612 | Hig | 0.49 | 7.5 | 0.01 | Aug 30, 2019 | In FreeBSD 12.0-STABLE before r351264, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r351265, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, the kernel driver for /dev/midistat implements a read handler that is not thread-safe. A… | ||
| CVE-2019-5611 | Hig | 0.49 | 7.5 | 0.04 | Aug 30, 2019 | In FreeBSD 12.0-STABLE before r350828, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r350829, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, a missing check in the function to arrange data in a chain of mbufs could cause data returned… | ||
| CVE-2019-5610 | Hig | 0.49 | 7.5 | 0.04 | Aug 30, 2019 | In FreeBSD 12.0-STABLE before r350637, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350638, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the bsnmp library is not properly validating the submitted length from a type-length-value… | ||
| CVE-2019-5609 | Hig | 0.49 | 7.5 | 0.01 | Aug 30, 2019 | In FreeBSD 12.0-STABLE before r350619, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350619, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the bhyve e1000 device emulation used a guest-provided value to determine the size of the… |
- risk 0.00cvss 7.8epss 0.00
An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c.
- risk 0.00cvss 7.8epss 0.01
An issue was discovered in the Linux kernel before 5.0.10. SMB2_negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21.
- risk 0.00cvss 7.0epss 0.01
An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c.
- risk 0.57cvss 8.8epss 0.02
On BIG-IP 11.5.2-11.6.4 and Enterprise Manager 3.1.1, REST users with guest privileges may be able to escalate their privileges and run commands with admin privileges.
- risk 0.49cvss 7.5epss 0.01
On versions 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, 12.1.0-12.1.4.1, and 11.5.2-11.6.4, an attacker sending specifically crafted DHCPv6 requests through a BIG-IP virtual server configured with a DHCPv6 profile may be able to cause the TMM process to produce a core file.
- risk 0.49cvss 7.5epss 0.01
On BIG-IP 14.0.0-14.1.0.5, 13.0.0-13.1.2, 12.1.0-12.1.4.1, 11.5.2-11.6.4, FTP traffic passing through a Virtual Server with both an active FTP profile associated and connection mirroring configured may lead to a TMM crash causing the configured HA action to be taken.
- risk 0.00cvss 7.5epss 0.04
An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service.
- risk 0.51cvss 7.8epss 0.01
An attacker could use a specially crafted project file to corrupt the memory and execute code under the privileges of the EZ PLC Editor Versions 1.8.41 and prior.
- risk 0.51cvss 7.8epss 0.01
An attacker could use a specially crafted project file to overflow the buffer and execute code under the privileges of the EZ Touch Editor Versions 2.1.0 and prior.
- risk 0.63cvss 8.8epss 0.33
Multiple file upload restriction bypass vulnerabilities in Sentrifugo 3.2 could allow authenticated users to execute arbitrary code via a webshell.
- risk 0.53cvss 8.1epss 0.01
The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 allows the installation of a zero Pairwise Master Key (PMK) after the completion of any EAP authentication method, which allows attackers in radio range to replay,…
- risk 0.01cvss 7.5epss 0.07
In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.
- risk 0.49cvss 7.5epss 0.06
An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and 6.2.x before 6.2.1. An HTTP/1 parsing failure allows a remote attacker to trigger an assert by sending crafted HTTP/1 requests. The assert will cause an automatic restart with a clean cache, which makes it…
- risk 0.49cvss 7.5epss 0.01
An unintended require vulnerability in <v0.5.5 larvitbase-api may allow an attacker to load arbitrary non-production code (JavaScript file).
- risk 0.59cvss 8.8epss 0.18
The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability.
- risk 0.49cvss 7.5epss 0.01
An XML External Entity (XXE) processing vulnerability was reported in Lenovo XClarity Administrator (LXCA) prior to version 2.5.0 , Lenovo XClarity Integrator (LXCI) for Microsoft System Center prior to version 7.7.0, and Lenovo XClarity Integrator (LXCI) for VMWare vCenter…
- risk 0.49cvss 7.5epss 0.03
An issue was discovered on ABUS Secvest FUAA50000 3.01.01 devices. Due to an insufficient implementation of jamming detection, an attacker is able to suppress correctly received RF messages sent between wireless peripheral components, e.g., wireless detectors or remote controls,…
- risk 0.51cvss 7.8epss 0.02
A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and…
- risk 0.51cvss 7.8epss 0.04
A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and…
- risk 0.49cvss 7.5epss 0.01
NDrive(1.2.2).sys in Naver Cloud Explorer has a stack-based buffer overflow, which allows attackers to cause a denial of service when reading data from IOCTL handle.
- risk 0.58cvss 8.8epss 0.04
The profilegrid-user-profiles-groups-and-communities plugin before 2.8.6 for WordPress has remote code execution via an wp-admin/admin-ajax.php request with the action=pm_template_preview&html=<?php substring followed by PHP code.
- risk 0.57cvss 8.8epss 0.01
The affiliates-manager plugin before 2.6.6 for WordPress has CSRF.
- risk 0.57cvss 8.8epss 0.02
The slick-popup plugin before 1.7.2 for WordPress has a hardcoded OmakPass13# password for the slickpopupteam account, after a Subscriber calls a certain AJAX action.
- risk 0.57cvss 8.8epss 0.02
The crelly-slider plugin before 1.3.5 for WordPress has arbitrary file upload via a PHP file inside a ZIP archive to wp_ajax_crellyslider_importSlider.
- risk 0.57cvss 8.8epss 0.01
The breadcrumbs-by-menu plugin before 1.0.3 for WordPress has CSRF.
- risk 0.49cvss 7.5epss 0.02
The ConvertPlus plugin before 3.4.5 for WordPress has an unintended account creation (with the none role) via a request for variants.
- risk 0.54cvss 7.5epss 0.63
In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana.
- risk 0.59cvss 8.8epss 0.21
admin/includes/class.import.snippet.php in the "Woody ad snippets" plugin before 2.2.5 for WordPress allows unauthenticated options import, as demonstrated by storing an XSS payload for remote code execution.
- risk 0.57cvss 8.8epss 0.02
FreeType before 2.6.1 has a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c.
- risk 0.49cvss 7.5epss 0.03
The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For…
- risk 0.57cvss 8.8epss 0.01
The facebook-for-woocommerce plugin before 1.9.15 for WordPress has CSRF via ajax_woo_infobanner_post_click, ajax_woo_infobanner_post_xout, or ajax_fb_toggle_visibility.
- risk 0.57cvss 8.8epss 0.01
The facebook-for-woocommerce plugin before 1.9.14 for WordPress has CSRF.
- risk 0.49cvss 7.5epss 0.02
The sina-extension-for-elementor plugin before 2.2.1 for WordPress has local file inclusion.
- risk 0.57cvss 8.8epss 0.01
The wp-better-permalinks plugin before 3.0.5 for WordPress has CSRF.
- risk 0.57cvss 8.8epss 0.01
The webp-converter-for-media plugin before 1.0.3 for WordPress has CSRF.
- risk 0.49cvss 7.5epss 0.03
Directory Traversal in APIkit, HTTP connector, and OAuth2 Provider components in MuleSoft Mule Runtime 3.2.0 and higher released before August 1 2019, MuleSoft Mule Runtime 4.1.0 and higher released before August 1 2019, and all versions of MuleSoft API Gateway released before…
- risk 0.51cvss 7.8epss 0.01
A memory corruption vulnerability exists in the .PSD parsing functionality of ALSee v5.3 ~ v8.39. A specially crafted .PSD file can cause an out of bounds write vulnerability resulting in code execution. By persuading a victim to open a specially-crafted .PSD file, an attacker…
- risk 0.53cvss 8.2epss 0.01
An unprivileged user or program on Microsoft Windows which can create OpenSSL configuration files in a fixed location may cause utility programs shipped with MongoDB server to run attacker defined code as the user running the utility. This issue MongoDB Server v4.0 versions…
- risk 0.00cvss 7.5epss 0.03
memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conn_to_str in memcached.c.
- risk 0.57cvss 8.8epss 0.01
The visitors-traffic-real-time-statistics plugin before 1.13 for WordPress has CSRF.
- risk 0.57cvss 8.8epss 0.01
The visitors-traffic-real-time-statistics plugin before 1.12 for WordPress has CSRF in the settings page.
- risk 0.57cvss 8.8epss 0.01
The one-click-ssl plugin before 1.4.7 for WordPress has CSRF.
- risk 0.50cvss 7.5epss 0.11
The bold-page-builder plugin before 2.3.2 for WordPress has no protection against modifying settings and importing data.
- risk 0.49cvss 7.5epss 0.02
The wp-private-content-plus plugin before 2.0 for WordPress has no protection against option changes via save_settings_page and other save_ functions.
- risk 0.57cvss 8.8epss 0.01
The photo-gallery plugin before 1.2.42 for WordPress has CSRF.
- risk 0.49cvss 7.5epss 0.03
Directory traversal vulnerability on ONKYO TX-NR686 1030-5000-1040-0010 A/V Receiver devices allows remote attackers to read arbitrary files via a .. (dot dot) and %2f to the default URI.
- risk 0.49cvss 7.5epss 0.01
In FreeBSD 12.0-STABLE before r351264, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r351265, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, the kernel driver for /dev/midistat implements a read handler that is not thread-safe. A…
- risk 0.49cvss 7.5epss 0.04
In FreeBSD 12.0-STABLE before r350828, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r350829, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, a missing check in the function to arrange data in a chain of mbufs could cause data returned…
- risk 0.49cvss 7.5epss 0.04
In FreeBSD 12.0-STABLE before r350637, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350638, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the bsnmp library is not properly validating the submitted length from a type-length-value…
- risk 0.49cvss 7.5epss 0.01
In FreeBSD 12.0-STABLE before r350619, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350619, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the bhyve e1000 device emulation used a guest-provided value to determine the size of the…