| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-12532 | Hig | 0.51 | 7.8 | 0.00 | Aug 26, 2019 | Improper access control in the Insyde software tools may allow an authenticated user to potentially enable escalation of privilege, or information disclosure via local access. This is a software vulnerability, not a firmware issue. Affected tools include: H2OFFT version… | ||
| CVE-2018-20989 | — | Hig | 0.00 | 7.5 | 0.01 | Aug 26, 2019 | An issue was discovered in the untrusted crate before 0.6.2 for Rust. Error handling can trigger an integer underflow and panic. | |
| CVE-2017-18589 | — | Hig | 0.42 | 7.5 | 0.01 | Aug 26, 2019 | An issue was discovered in the cookie crate before 0.7.6 for Rust. Large integers in the Max-Age of a cookie cause a panic. | |
| CVE-2019-15640 | Hig | 0.00 | 7.5 | 0.01 | Aug 26, 2019 | Limesurvey before 3.17.10 does not validate both the MIME type and file extension of an image. | ||
| CVE-2019-15637 | Hig | 0.57 | 8.1 | 0.14 | Aug 26, 2019 | Numerous Tableau products are vulnerable to XXE via a malicious workbook, extension, or data source, leading to information disclosure or a DoS. This affects Tableau Server, Tableau Desktop, Tableau Reader, and Tableau Public Desktop. | ||
| CVE-2019-15549 | — | Hig | 0.49 | 7.5 | 0.01 | Aug 26, 2019 | An issue was discovered in the asn1_der crate before 0.6.2 for Rust. Attackers can trigger memory exhaustion by supplying a large value in a length field. | |
| CVE-2019-4513 | Hig | 0.54 | 8.2 | 0.03 | Aug 26, 2019 | IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force… | ||
| CVE-2019-4448 | Hig | 0.51 | 7.8 | 0.00 | Aug 26, 2019 | IBM DB2 High Performance Unload load for LUW 6.1, 6.1.0.1, 6.1.0.1 IF1, 6.1.0.2, 6.1.0.2 IF1, and 6.1.0.1 IF2 db2hpum and db2hpum_debug binaries are setuid root and have built-in options that allow an low privileged user the ability to load arbitrary db2 libraries from a… | ||
| CVE-2019-4447 | Hig | 0.51 | 7.8 | 0.00 | Aug 26, 2019 | IBM DB2 High Performance Unload load for LUW 6.1, 6.1.0.1, 6.1.0.1 IF1, 6.1.0.2, 6.1.0.2 IF1, and 6.1.0.1 IF2 db2hpum_debug is a setuid root binary which trusts the PATH environment variable. A low privileged user can execute arbitrary commands as root by altering the PATH… | ||
| CVE-2019-15553 | — | Hig | 0.49 | 7.5 | 0.02 | Aug 26, 2019 | An issue was discovered in the memoffset crate before 0.5.0 for Rust. offset_of and span_of can cause exposure of uninitialized memory. | |
| CVE-2019-15550 | — | Hig | 0.00 | 7.5 | 0.01 | Aug 26, 2019 | An issue was discovered in the simd-json crate before 0.1.15 for Rust. There is an out-of-bounds read and an incorrect crossing of a page boundary. | |
| CVE-2019-14307 | Hig | 0.57 | 8.8 | 0.03 | Aug 26, 2019 | Several Ricoh printers have multiple buffer overflows parsing HTTP parameter settings for SNMP, which allow an attacker to cause a denial of service or code execution via crafted requests to the web server. Affected firmware versions depend on the printer models. One affected… | ||
| CVE-2019-14305 | Hig | 0.57 | 8.8 | 0.03 | Aug 26, 2019 | Several Ricoh printers have multiple buffer overflows parsing HTTP parameter settings for Wi-Fi, mDNS, POP3, SMTP, and notification alerts, which allow an attacker to cause a denial of service or code execution via crafted requests to the web server. Affected firmware versions… | ||
| CVE-2018-20999 | — | Hig | 0.49 | 7.5 | 0.02 | Aug 26, 2019 | An issue was discovered in the orion crate before 0.11.2 for Rust. reset() calls cause incorrect results. | |
| CVE-2018-20994 | — | Hig | 0.49 | 7.5 | 0.01 | Aug 26, 2019 | An issue was discovered in the trust-dns-proto crate before 0.5.0-alpha.3 for Rust. There is infinite recursion because DNS message compression is mishandled. | |
| CVE-2018-20993 | — | Hig | 0.42 | 7.5 | 0.01 | Aug 26, 2019 | An issue was discovered in the yaml-rust crate before 0.4.1 for Rust. There is uncontrolled recursion during deserialization. | |
| CVE-2018-20990 | — | Hig | 0.42 | 7.5 | 0.02 | Aug 26, 2019 | An issue was discovered in the tar crate before 0.4.16 for Rust. Arbitrary file overwrite can occur via a symlink or hardlink in a TAR archive. | |
| CVE-2019-15541 | Hig | 0.00 | 7.5 | 0.02 | Aug 26, 2019 | rustls-mio/examples/tlsserver.rs in the rustls crate before 0.16.0 for Rust allows attackers to cause a denial of service (loop of conn_event and ready) by arranging for a client to never be writable. | ||
| CVE-2019-15506 | Hig | 0.49 | 7.5 | 0.02 | Aug 26, 2019 | An issue was discovered in Kaseya Virtual System Administrator (VSA) through 9.4.0.37. It has a critical information disclosure vulnerability. An unauthenticated attacker can send properly formatted requests to the web application and download sensitive files and information.… | ||
| CVE-2016-10931 | — | Hig | 0.53 | 8.1 | 0.01 | Aug 26, 2019 | An issue was discovered in the openssl crate before 0.9.0 for Rust. There is an SSL/TLS man-in-the-middle vulnerability because certificate verification is off by default and there is no API for hostname verification. | |
| CVE-2019-15540 | Hig | 0.51 | 7.8 | 0.01 | Aug 25, 2019 | filters/filter-cso/filter-stream.c in the CSO filter in libMirage 3.2.2 in CDemu does not validate the part size, triggering a heap-based buffer overflow that can lead to root access by a local Linux user. | ||
| CVE-2019-15538 | Hig | 0.00 | 7.5 | 0.04 | Aug 25, 2019 | An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails.… | ||
| CVE-2019-15092 | Hig | 0.51 | 7.3 | 0.05 | Aug 23, 2019 | The webtoffee "WordPress Users & WooCommerce Customers Import Export" plugin 1.3.0 for WordPress allows CSV injection in the user_url, display_name, first_name, and last_name columns in an exported CSV file created by the WF_CustomerImpExpCsv_Exporter class. | ||
| CVE-2019-7364 | Hig | 0.51 | 7.8 | 0.02 | Aug 23, 2019 | DLL preloading vulnerability in versions 2017, 2018, 2019, and 2020 of Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D and version 2017 of AutoCAD P&ID. An… | ||
| CVE-2019-7363 | Hig | 0.51 | 7.8 | 0.01 | Aug 23, 2019 | Use-after-free vulnerability in Autodesk Design Review versions 2011, 2012, 2013, and 2018. An attacker may trick a user into opening a malicious DWF file that may leverage a use-after-free vulnerability, which may result in code execution. | ||
| CVE-2019-7362 | Hig | 0.51 | 7.8 | 0.01 | Aug 23, 2019 | DLL preloading vulnerability in Autodesk Design Review versions 2011, 2012, 2013, and 2018. An attacker may trick a user into opening a malicious DWF file that may leverage a DLL preloading vulnerability, which may result in code execution. | ||
| CVE-2019-1583 | Hig | 0.52 | 8.0 | 0.01 | Aug 23, 2019 | Escalation of privilege vulnerability in the Palo Alto Networks Twistlock console 19.07.358 and earlier allows a Twistlock user with Operator capabilities to escalate privileges to that of another user. Active interaction with an affected component is required for the payload to… | ||
| CVE-2019-1582 | Hig | 0.47 | 7.2 | 0.01 | Aug 23, 2019 | Memory corruption in PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier will allow an administrative user to cause arbitrary memory corruption by rekeying the current client interactive session. | ||
| CVE-2019-11654 | Hig | 0.49 | 7.5 | 0.03 | Aug 23, 2019 | Path traversal vulnerability in Micro Focus Verastream Host Integrator (VHI), versions 7.7 SP2 and earlier, The vulnerability allows remote unauthenticated attackers to read arbitrary files. | ||
| CVE-2019-15530 | Hig | 0.58 | 8.8 | 0.04 | Aug 23, 2019 | An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the LoginPassword field to Login. | ||
| CVE-2019-15529 | Hig | 0.58 | 8.8 | 0.08 | Aug 23, 2019 | An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the Username field to Login. | ||
| CVE-2019-15528 | Hig | 0.58 | 8.8 | 0.04 | Aug 23, 2019 | An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the Interface field to SetStaticRouteSettings. | ||
| CVE-2019-15527 | Hig | 0.58 | 8.8 | 0.04 | Aug 23, 2019 | An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the MaxIdTime field to SetWanSettings. | ||
| CVE-2019-15526 | Hig | 0.58 | 8.8 | 0.04 | Aug 23, 2019 | An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the Type field to SetWanSettings, a related issue to CVE-2019-13482. | ||
| CVE-2019-10751 | — | Hig | 0.57 | 8.8 | 0.02 | Aug 23, 2019 | All versions of the HTTPie package prior to version 1.0.3 are vulnerable to Open Redirect that allows an attacker to write an arbitrary file with supplied filename and content to the current directory, by redirecting a request from HTTP to a crafted URL pointing to a server in… | |
| CVE-2019-15525 | — | Hig | 0.53 | 8.1 | 0.01 | Aug 23, 2019 | There is Missing SSL Certificate Validation in the pw3270 terminal emulator before version 5.1. | |
| CVE-2019-15516 | Hig | 0.00 | 7.5 | 0.02 | Aug 23, 2019 | Cuberite before 2019-06-11 allows webadmin directory traversal via ....// because the protection mechanism simply removes one ../ substring. | ||
| CVE-2019-13423 | Hig | 0.57 | 8.8 | 0.01 | Aug 23, 2019 | Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an authenticated Kibana user could impersonate as kibanaserver user when providing wrong credentials when all of the following conditions a-c are true: a) Kibana is configured to use… | ||
| CVE-2019-15493 | Hig | 0.49 | 7.5 | 0.01 | Aug 23, 2019 | openITCOCKPIT before 3.7.1 allows deletion of files, aka RVID 4-445b21. | ||
| CVE-2019-15491 | Hig | 0.57 | 8.8 | 0.01 | Aug 23, 2019 | openITCOCKPIT before 3.7.1 has CSRF, aka RVID 2-445b21. | ||
| CVE-2019-15513 | Hig | 0.49 | 7.5 | 0.02 | Aug 23, 2019 | An issue was discovered in OpenWrt libuci (aka Library for the Unified Configuration Interface) before 15.05.1 as used on Motorola CX2L MWR04L 1.01 and C1 MWR03 1.01 devices. /tmp/.uci/network locking is mishandled after reception of a long SetWanSettings command, leading to a… | ||
| CVE-2019-15498 | Hig | 0.57 | 8.8 | 0.03 | Aug 23, 2019 | cgi-bin/cmh/webcam.sh in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users to execute arbitrary OS commands via --output argument injection in the username parameter to /cgi-bin/cmh/webcam.sh. | ||
| CVE-2019-15329 | Hig | 0.57 | 8.8 | 0.01 | Aug 22, 2019 | The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has CSRF. | ||
| CVE-2019-15326 | Hig | 0.49 | 7.5 | 0.02 | Aug 22, 2019 | The import-users-from-csv-with-meta plugin before 1.14.2.1 for WordPress has directory traversal. | ||
| CVE-2019-15325 | Hig | 0.49 | 7.5 | 0.01 | Aug 22, 2019 | In GalliumOS 3.0, CONFIG_SECURITY_YAMA is disabled but /etc/sysctl.d/10-ptrace.conf tries to set /proc/sys/kernel/yama/ptrace_scope to 1, which might increase risk because of the appearance that a protection mechanism is present when actually it is not. | ||
| CVE-2019-13139 | Hig | 0.00 | 8.4 | 0.02 | Aug 22, 2019 | In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs, and results in command injection into the… | ||
| CVE-2017-18585 | Hig | 0.53 | 8.1 | 0.02 | Aug 22, 2019 | The posts-in-page plugin before 1.3.0 for WordPress has ic_add_posts template='../ directory traversal. | ||
| CVE-2016-10928 | Hig | 0.42 | 7.5 | 0.02 | Aug 22, 2019 | The onelogin-saml-sso plugin before 2.2.0 for WordPress has a hardcoded @@@nopass@@@ password for just-in-time provisioned users. | ||
| CVE-2015-9340 | Hig | 0.49 | 7.5 | 0.01 | Aug 22, 2019 | The wp-file-upload plugin before 3.0.0 for WordPress has insufficient restrictions on upload of php, js, pht, php3, php4, php5, phtml, htm, html, and htaccess files. | ||
| CVE-2015-9339 | Hig | 0.49 | 7.5 | 0.01 | Aug 22, 2019 | The wp-file-upload plugin before 2.7.1 for WordPress has insufficient restrictions on upload of .js files. |
- risk 0.51cvss 7.8epss 0.00
Improper access control in the Insyde software tools may allow an authenticated user to potentially enable escalation of privilege, or information disclosure via local access. This is a software vulnerability, not a firmware issue. Affected tools include: H2OFFT version…
- risk 0.00cvss 7.5epss 0.01
An issue was discovered in the untrusted crate before 0.6.2 for Rust. Error handling can trigger an integer underflow and panic.
- risk 0.42cvss 7.5epss 0.01
An issue was discovered in the cookie crate before 0.7.6 for Rust. Large integers in the Max-Age of a cookie cause a panic.
- risk 0.00cvss 7.5epss 0.01
Limesurvey before 3.17.10 does not validate both the MIME type and file extension of an image.
- risk 0.57cvss 8.1epss 0.14
Numerous Tableau products are vulnerable to XXE via a malicious workbook, extension, or data source, leading to information disclosure or a DoS. This affects Tableau Server, Tableau Desktop, Tableau Reader, and Tableau Public Desktop.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in the asn1_der crate before 0.6.2 for Rust. Attackers can trigger memory exhaustion by supplying a large value in a length field.
- risk 0.54cvss 8.2epss 0.03
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force…
- risk 0.51cvss 7.8epss 0.00
IBM DB2 High Performance Unload load for LUW 6.1, 6.1.0.1, 6.1.0.1 IF1, 6.1.0.2, 6.1.0.2 IF1, and 6.1.0.1 IF2 db2hpum and db2hpum_debug binaries are setuid root and have built-in options that allow an low privileged user the ability to load arbitrary db2 libraries from a…
- risk 0.51cvss 7.8epss 0.00
IBM DB2 High Performance Unload load for LUW 6.1, 6.1.0.1, 6.1.0.1 IF1, 6.1.0.2, 6.1.0.2 IF1, and 6.1.0.1 IF2 db2hpum_debug is a setuid root binary which trusts the PATH environment variable. A low privileged user can execute arbitrary commands as root by altering the PATH…
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in the memoffset crate before 0.5.0 for Rust. offset_of and span_of can cause exposure of uninitialized memory.
- risk 0.00cvss 7.5epss 0.01
An issue was discovered in the simd-json crate before 0.1.15 for Rust. There is an out-of-bounds read and an incorrect crossing of a page boundary.
- risk 0.57cvss 8.8epss 0.03
Several Ricoh printers have multiple buffer overflows parsing HTTP parameter settings for SNMP, which allow an attacker to cause a denial of service or code execution via crafted requests to the web server. Affected firmware versions depend on the printer models. One affected…
- risk 0.57cvss 8.8epss 0.03
Several Ricoh printers have multiple buffer overflows parsing HTTP parameter settings for Wi-Fi, mDNS, POP3, SMTP, and notification alerts, which allow an attacker to cause a denial of service or code execution via crafted requests to the web server. Affected firmware versions…
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in the orion crate before 0.11.2 for Rust. reset() calls cause incorrect results.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in the trust-dns-proto crate before 0.5.0-alpha.3 for Rust. There is infinite recursion because DNS message compression is mishandled.
- risk 0.42cvss 7.5epss 0.01
An issue was discovered in the yaml-rust crate before 0.4.1 for Rust. There is uncontrolled recursion during deserialization.
- risk 0.42cvss 7.5epss 0.02
An issue was discovered in the tar crate before 0.4.16 for Rust. Arbitrary file overwrite can occur via a symlink or hardlink in a TAR archive.
- risk 0.00cvss 7.5epss 0.02
rustls-mio/examples/tlsserver.rs in the rustls crate before 0.16.0 for Rust allows attackers to cause a denial of service (loop of conn_event and ready) by arranging for a client to never be writable.
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in Kaseya Virtual System Administrator (VSA) through 9.4.0.37. It has a critical information disclosure vulnerability. An unauthenticated attacker can send properly formatted requests to the web application and download sensitive files and information.…
- risk 0.53cvss 8.1epss 0.01
An issue was discovered in the openssl crate before 0.9.0 for Rust. There is an SSL/TLS man-in-the-middle vulnerability because certificate verification is off by default and there is no API for hostname verification.
- risk 0.51cvss 7.8epss 0.01
filters/filter-cso/filter-stream.c in the CSO filter in libMirage 3.2.2 in CDemu does not validate the part size, triggering a heap-based buffer overflow that can lead to root access by a local Linux user.
- risk 0.00cvss 7.5epss 0.04
An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails.…
- risk 0.51cvss 7.3epss 0.05
The webtoffee "WordPress Users & WooCommerce Customers Import Export" plugin 1.3.0 for WordPress allows CSV injection in the user_url, display_name, first_name, and last_name columns in an exported CSV file created by the WF_CustomerImpExpCsv_Exporter class.
- risk 0.51cvss 7.8epss 0.02
DLL preloading vulnerability in versions 2017, 2018, 2019, and 2020 of Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D and version 2017 of AutoCAD P&ID. An…
- risk 0.51cvss 7.8epss 0.01
Use-after-free vulnerability in Autodesk Design Review versions 2011, 2012, 2013, and 2018. An attacker may trick a user into opening a malicious DWF file that may leverage a use-after-free vulnerability, which may result in code execution.
- risk 0.51cvss 7.8epss 0.01
DLL preloading vulnerability in Autodesk Design Review versions 2011, 2012, 2013, and 2018. An attacker may trick a user into opening a malicious DWF file that may leverage a DLL preloading vulnerability, which may result in code execution.
- risk 0.52cvss 8.0epss 0.01
Escalation of privilege vulnerability in the Palo Alto Networks Twistlock console 19.07.358 and earlier allows a Twistlock user with Operator capabilities to escalate privileges to that of another user. Active interaction with an affected component is required for the payload to…
- risk 0.47cvss 7.2epss 0.01
Memory corruption in PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier will allow an administrative user to cause arbitrary memory corruption by rekeying the current client interactive session.
- risk 0.49cvss 7.5epss 0.03
Path traversal vulnerability in Micro Focus Verastream Host Integrator (VHI), versions 7.7 SP2 and earlier, The vulnerability allows remote unauthenticated attackers to read arbitrary files.
- risk 0.58cvss 8.8epss 0.04
An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the LoginPassword field to Login.
- risk 0.58cvss 8.8epss 0.08
An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the Username field to Login.
- risk 0.58cvss 8.8epss 0.04
An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the Interface field to SetStaticRouteSettings.
- risk 0.58cvss 8.8epss 0.04
An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the MaxIdTime field to SetWanSettings.
- risk 0.58cvss 8.8epss 0.04
An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the Type field to SetWanSettings, a related issue to CVE-2019-13482.
- risk 0.57cvss 8.8epss 0.02
All versions of the HTTPie package prior to version 1.0.3 are vulnerable to Open Redirect that allows an attacker to write an arbitrary file with supplied filename and content to the current directory, by redirecting a request from HTTP to a crafted URL pointing to a server in…
- risk 0.53cvss 8.1epss 0.01
There is Missing SSL Certificate Validation in the pw3270 terminal emulator before version 5.1.
- risk 0.00cvss 7.5epss 0.02
Cuberite before 2019-06-11 allows webadmin directory traversal via ....// because the protection mechanism simply removes one ../ substring.
- risk 0.57cvss 8.8epss 0.01
Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an authenticated Kibana user could impersonate as kibanaserver user when providing wrong credentials when all of the following conditions a-c are true: a) Kibana is configured to use…
- risk 0.49cvss 7.5epss 0.01
openITCOCKPIT before 3.7.1 allows deletion of files, aka RVID 4-445b21.
- risk 0.57cvss 8.8epss 0.01
openITCOCKPIT before 3.7.1 has CSRF, aka RVID 2-445b21.
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in OpenWrt libuci (aka Library for the Unified Configuration Interface) before 15.05.1 as used on Motorola CX2L MWR04L 1.01 and C1 MWR03 1.01 devices. /tmp/.uci/network locking is mishandled after reception of a long SetWanSettings command, leading to a…
- risk 0.57cvss 8.8epss 0.03
cgi-bin/cmh/webcam.sh in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users to execute arbitrary OS commands via --output argument injection in the username parameter to /cgi-bin/cmh/webcam.sh.
- risk 0.57cvss 8.8epss 0.01
The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has CSRF.
- risk 0.49cvss 7.5epss 0.02
The import-users-from-csv-with-meta plugin before 1.14.2.1 for WordPress has directory traversal.
- risk 0.49cvss 7.5epss 0.01
In GalliumOS 3.0, CONFIG_SECURITY_YAMA is disabled but /etc/sysctl.d/10-ptrace.conf tries to set /proc/sys/kernel/yama/ptrace_scope to 1, which might increase risk because of the appearance that a protection mechanism is present when actually it is not.
- risk 0.00cvss 8.4epss 0.02
In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs, and results in command injection into the…
- risk 0.53cvss 8.1epss 0.02
The posts-in-page plugin before 1.3.0 for WordPress has ic_add_posts template='../ directory traversal.
- risk 0.42cvss 7.5epss 0.02
The onelogin-saml-sso plugin before 2.2.0 for WordPress has a hardcoded @@@nopass@@@ password for just-in-time provisioned users.
- risk 0.49cvss 7.5epss 0.01
The wp-file-upload plugin before 3.0.0 for WordPress has insufficient restrictions on upload of php, js, pht, php3, php4, php5, phtml, htm, html, and htaccess files.
- risk 0.49cvss 7.5epss 0.01
The wp-file-upload plugin before 2.7.1 for WordPress has insufficient restrictions on upload of .js files.