| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-1182 | Cri | 0.65 | 9.8 | 0.13 | Aug 14, 2019 | A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and… | ||
| CVE-2019-1181 | Cri | 0.70 | 9.8 | 0.75 | Aug 14, 2019 | A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and… | ||
| CVE-2019-15058 | Cri | 0.59 | 9.1 | 0.03 | Aug 14, 2019 | stb_image.h (aka the stb image loader) 2.23 has a heap-based buffer over-read in stbi__tga_load, leading to Information Disclosure or Denial of Service. | ||
| CVE-2019-14527 | Cri | 0.64 | 9.8 | 0.03 | Aug 14, 2019 | An issue was discovered on NETGEAR Nighthawk M1 (MR1100) devices before 12.06.03. System commands can be executed, via the web interface, after authentication. | ||
| CVE-2019-12103 | Cri | 0.64 | 9.8 | 0.03 | Aug 14, 2019 | The web-based configuration interface of the TP-Link M7350 V3 with firmware before 190531 is affected by a pre-authentication command injection vulnerability. | ||
| CVE-2019-0736 | Cri | 0.64 | 9.8 | 0.04 | Aug 14, 2019 | A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client. An attacker who successfully exploited the vulnerability could run arbitrary code on the client machine. To exploit the vulnerability, an… | ||
| CVE-2019-15052 | Cri | 0.00 | 9.8 | 0.03 | Aug 14, 2019 | The HTTP client in Gradle before 5.6 sends authentication credentials originally destined for the configured host. If that host returns a 30x redirect, Gradle also sends those credentials to all subsequent hosts that the request redirects to. This is similar to CVE-2018-1000007. | ||
| CVE-2019-12262 | Cri | 0.64 | 9.8 | 0.04 | Aug 14, 2019 | Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Control in the RARP client component. IPNET security vulnerability: Handling of unsolicited Reverse ARP replies (Logical Flaw). | ||
| CVE-2019-11652 | Cri | 0.64 | 9.8 | 0.02 | Aug 14, 2019 | A potential authorization bypass issue was found in Micro Focus Self Service Password Reset (SSPR) versions prior to: 4.4.0.3, 4.3.0.6, and 4.2.0.6. Upgrade to Micro Focus Self Service Password Reset (SSPR) SSPR versions 4.4.0.3, 4.3.0.6, or 4.2.0.6 as appropriate. | ||
| CVE-2016-10888 | Cri | 0.64 | 9.8 | 0.02 | Aug 14, 2019 | The all-in-one-wp-security-and-firewall plugin before 4.0.7 for WordPress has multiple SQL injection issues. | ||
| CVE-2016-10887 | Cri | 0.64 | 9.8 | 0.02 | Aug 14, 2019 | The all-in-one-wp-security-and-firewall plugin before 4.0.9 for WordPress has multiple SQL injection issues. | ||
| CVE-2016-10886 | Cri | 0.64 | 9.8 | 0.02 | Aug 14, 2019 | The wp-editor plugin before 1.2.6 for WordPress has incorrect permissions. | ||
| CVE-2015-9310 | Cri | 0.64 | 9.8 | 0.02 | Aug 14, 2019 | The all-in-one-wp-security-and-firewall plugin before 3.9.1 for WordPress has multiple SQL injection issues. | ||
| CVE-2019-15025 | Cri | 0.64 | 9.8 | 0.02 | Aug 14, 2019 | The ninja-forms plugin before 3.3.21.2 for WordPress has SQL injection in the search filter on the submissions page. | ||
| CVE-2017-18514 | Cri | 0.64 | 9.8 | 0.02 | Aug 14, 2019 | The simple-login-log plugin before 1.1.2 for WordPress has SQL injection. | ||
| CVE-2016-10889 | Cri | 0.64 | 9.8 | 0.02 | Aug 14, 2019 | The nextgen-gallery plugin before 2.1.57 for WordPress has SQL injection via a gallery name. | ||
| CVE-2015-9316 | Cri | 0.64 | 9.8 | 0.03 | Aug 14, 2019 | The wp-fastest-cache plugin before 0.8.4.9 for WordPress has SQL injection in wp-admin/admin-ajax.php?action=wpfc_wppolls_ajax_request via the poll_id parameter. | ||
| CVE-2015-9315 | Cri | 0.64 | 9.8 | 0.02 | Aug 14, 2019 | The newstatpress plugin before 1.0.1 for WordPress has SQL injection. | ||
| CVE-2015-9313 | Cri | 0.64 | 9.8 | 0.02 | Aug 14, 2019 | The newstatpress plugin before 1.0.5 for WordPress has SQL injection related to an IMG element. | ||
| CVE-2019-0345 | Cri | 0.64 | 9.8 | 0.02 | Aug 14, 2019 | A remote unauthenticated attacker can abuse a web service in SAP NetWeaver Application Server for Java (Administrator System Overview), versions 7.30, 7.31, 7.40, 7.50, by sending a specially crafted XML file and trick the application server into leaking authentication… | ||
| CVE-2019-0344 | Cri | 0.76 | 9.8 | 0.07 | KEV | Aug 14, 2019 | Due to unsafe deserialization used in SAP Commerce Cloud (virtualjdbc extension), versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, it is possible to execute arbitrary code on a target machine with 'Hybris' user rights, resulting in Code Injection. | |
| CVE-2017-18515 | Cri | 0.57 | 9.8 | 0.03 | Aug 14, 2019 | The wp-statistics plugin before 12.0.8 for WordPress has SQL injection. | ||
| CVE-2019-15027 | Cri | 0.64 | 9.8 | 0.03 | Aug 14, 2019 | The MediaTek Embedded Multimedia Card (eMMC) subsystem for Android on MT65xx, MT66xx, and MT8163 SoC devices allows attackers to execute arbitrary commands as root via shell metacharacters in a filename under /data, because clear_emmc_nomedia_entry in… | ||
| CVE-2019-14809 | Cri | 0.64 | 9.8 | 0.08 | Aug 13, 2019 | net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications. This is related to a Host field with a suffix appearing in neither Hostname() nor Port(), and is related to a non-numeric port… | ||
| CVE-2019-12479 | Cri | 0.59 | 9.1 | 0.02 | Aug 13, 2019 | An issue was discovered in 20|20 Storage 2.11.0. A Path Traversal vulnerability in the TwentyTwenty.Storage library in the LocalStorageProvider allows creating and reading files outside of the specified basepath. If the application using this library does not sanitize… | ||
| CVE-2019-14985 | Cri | 0.65 | 9.8 | 0.11 | Aug 13, 2019 | eQ-3 Homematic CCU2 and CCU3 with the CUxD AddOn installed allow Remote Code Execution by unauthenticated attackers with access to the web interface, because this interface can access the CMD_EXEC virtual device type 28. | ||
| CVE-2015-9301 | Cri | 0.64 | 9.8 | 0.02 | Aug 13, 2019 | The liveforms plugin before 3.2.0 for WordPress has SQL injection. | ||
| CVE-2015-9298 | Cri | 0.64 | 9.8 | 0.02 | Aug 13, 2019 | The events-manager plugin before 5.6 for WordPress has code injection. | ||
| CVE-2019-14968 | Cri | 0.64 | 9.8 | 0.02 | Aug 12, 2019 | An issue was discovered in imcat 4.9. There is SQL Injection via the index.php order parameter in a mod=faqs action. | ||
| CVE-2019-14965 | Cri | 0.00 | 9.8 | 0.03 | Aug 12, 2019 | An issue was discovered in Frappe Framework 10 through 12 before 12.0.4. A server side template injection (SSTI) issue exists. | ||
| CVE-2019-13462 | Cri | 0.60 | 9.1 | 0.11 | Aug 12, 2019 | Lansweeper before 7.1.117.4 allows unauthenticated SQL injection. | ||
| CVE-2019-12618 | — | Cri | 0.64 | 9.8 | 0.02 | Aug 12, 2019 | HashiCorp Nomad 0.9.0 through 0.9.1 has Incorrect Access Control via the exec driver. | |
| CVE-2019-12261 | Cri | 0.64 | 9.8 | 0.09 | Aug 9, 2019 | Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host. | ||
| CVE-2019-12260 | Cri | 0.66 | 9.8 | 0.23 | Aug 9, 2019 | Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option. | ||
| CVE-2019-12255 | Cri | 0.73 | 9.8 | 0.75 | Aug 9, 2019 | Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow. | ||
| CVE-2019-11581 | Cri | 0.82 | 9.8 | 0.85 | KEV | Aug 9, 2019 | There was a server-side template injection vulnerability in Jira Server and Data Center, in the ContactAdministrators and the SendBulkMail actions. An attacker is able to remotely execute code on systems that run a vulnerable version of Jira Server or Data Center. All versions… | |
| CVE-2019-5402 | Cri | 0.61 | 9.4 | 0.04 | Aug 9, 2019 | A remote authorization bypass vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. | ||
| CVE-2019-5399 | Cri | 0.61 | 9.4 | 0.02 | Aug 9, 2019 | A remote gain authorized access vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1. | ||
| CVE-2019-5397 | Cri | 0.61 | 9.4 | 0.04 | Aug 9, 2019 | A remote bypass of security restrictions vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1. | ||
| CVE-2019-12256 | Cri | 0.66 | 9.8 | 0.27 | Aug 9, 2019 | Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets’ IP options. | ||
| CVE-2019-5396 | Cri | 0.62 | 9.4 | 0.05 | Aug 9, 2019 | A remote authentication bypass vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1. | ||
| CVE-2019-14801 | Cri | 0.64 | 9.8 | 0.02 | Aug 9, 2019 | The FV Flowplayer Video Player plugin before 7.3.15.727 for WordPress allows email subscription SQL injection. | ||
| CVE-2019-14234 | — | Cri | 0.61 | 9.8 | 0.48 | Aug 9, 2019 | An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField,… | |
| CVE-2018-20955 | Cri | 0.64 | 9.8 | 0.02 | Aug 8, 2019 | Swann SWWHD-INTCAM-HD devices have the twipc root password, leading to FTP access as root. NOTE: all affected customers were migrated by 2020-08-31. | ||
| CVE-2019-12994 | Cri | 0.60 | 9.1 | 0.04 | Aug 8, 2019 | Server Side Request Forgery (SSRF) exists in Zoho ManageEngine AssetExplorer version 6.2.0 for the AJaxServlet servlet via a parameter in a URL. | ||
| CVE-2019-11208 | Cri | 0.64 | 9.9 | 0.01 | Aug 8, 2019 | The authorization component of TIBCO Software Inc.'s TIBCO API Exchange Gateway, and TIBCO API Exchange Gateway Distribution for TIBCO Silver Fabric contains a vulnerability that theoretically processes OAuth authorization incorrectly, leading to potential escalation of… | ||
| CVE-2019-14754 | Cri | 0.64 | 9.8 | 0.02 | Aug 8, 2019 | Open-School 3.0, and Community Edition 2.3, allows SQL Injection via the index.php?r=students/students/document id parameter. | ||
| CVE-2019-14255 | Cri | 0.64 | 9.8 | 0.02 | Aug 8, 2019 | A Server Side Request Forgery (SSRF) vulnerability in go-camo up to version 1.1.4 allows a remote attacker to perform HTTP requests to internal endpoints. | ||
| CVE-2019-13101 | Cri | 0.72 | 9.8 | 0.67 | Aug 8, 2019 | An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page. | ||
| CVE-2019-1971 | Cri | 0.64 | 9.8 | 0.04 | Aug 8, 2019 | A vulnerability in the web portal of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to perform a command injection attack and execute arbitrary commands with root privileges. The vulnerability is due to insufficient input… |
- risk 0.65cvss 9.8epss 0.13
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and…
- risk 0.70cvss 9.8epss 0.75
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and…
- risk 0.59cvss 9.1epss 0.03
stb_image.h (aka the stb image loader) 2.23 has a heap-based buffer over-read in stbi__tga_load, leading to Information Disclosure or Denial of Service.
- risk 0.64cvss 9.8epss 0.03
An issue was discovered on NETGEAR Nighthawk M1 (MR1100) devices before 12.06.03. System commands can be executed, via the web interface, after authentication.
- risk 0.64cvss 9.8epss 0.03
The web-based configuration interface of the TP-Link M7350 V3 with firmware before 190531 is affected by a pre-authentication command injection vulnerability.
- risk 0.64cvss 9.8epss 0.04
A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client. An attacker who successfully exploited the vulnerability could run arbitrary code on the client machine. To exploit the vulnerability, an…
- risk 0.00cvss 9.8epss 0.03
The HTTP client in Gradle before 5.6 sends authentication credentials originally destined for the configured host. If that host returns a 30x redirect, Gradle also sends those credentials to all subsequent hosts that the request redirects to. This is similar to CVE-2018-1000007.
- risk 0.64cvss 9.8epss 0.04
Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Control in the RARP client component. IPNET security vulnerability: Handling of unsolicited Reverse ARP replies (Logical Flaw).
- risk 0.64cvss 9.8epss 0.02
A potential authorization bypass issue was found in Micro Focus Self Service Password Reset (SSPR) versions prior to: 4.4.0.3, 4.3.0.6, and 4.2.0.6. Upgrade to Micro Focus Self Service Password Reset (SSPR) SSPR versions 4.4.0.3, 4.3.0.6, or 4.2.0.6 as appropriate.
- risk 0.64cvss 9.8epss 0.02
The all-in-one-wp-security-and-firewall plugin before 4.0.7 for WordPress has multiple SQL injection issues.
- risk 0.64cvss 9.8epss 0.02
The all-in-one-wp-security-and-firewall plugin before 4.0.9 for WordPress has multiple SQL injection issues.
- risk 0.64cvss 9.8epss 0.02
The wp-editor plugin before 1.2.6 for WordPress has incorrect permissions.
- risk 0.64cvss 9.8epss 0.02
The all-in-one-wp-security-and-firewall plugin before 3.9.1 for WordPress has multiple SQL injection issues.
- risk 0.64cvss 9.8epss 0.02
The ninja-forms plugin before 3.3.21.2 for WordPress has SQL injection in the search filter on the submissions page.
- risk 0.64cvss 9.8epss 0.02
The simple-login-log plugin before 1.1.2 for WordPress has SQL injection.
- risk 0.64cvss 9.8epss 0.02
The nextgen-gallery plugin before 2.1.57 for WordPress has SQL injection via a gallery name.
- risk 0.64cvss 9.8epss 0.03
The wp-fastest-cache plugin before 0.8.4.9 for WordPress has SQL injection in wp-admin/admin-ajax.php?action=wpfc_wppolls_ajax_request via the poll_id parameter.
- risk 0.64cvss 9.8epss 0.02
The newstatpress plugin before 1.0.1 for WordPress has SQL injection.
- risk 0.64cvss 9.8epss 0.02
The newstatpress plugin before 1.0.5 for WordPress has SQL injection related to an IMG element.
- risk 0.64cvss 9.8epss 0.02
A remote unauthenticated attacker can abuse a web service in SAP NetWeaver Application Server for Java (Administrator System Overview), versions 7.30, 7.31, 7.40, 7.50, by sending a specially crafted XML file and trick the application server into leaking authentication…
- risk 0.76cvss 9.8epss 0.07
Due to unsafe deserialization used in SAP Commerce Cloud (virtualjdbc extension), versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, it is possible to execute arbitrary code on a target machine with 'Hybris' user rights, resulting in Code Injection.
- risk 0.57cvss 9.8epss 0.03
The wp-statistics plugin before 12.0.8 for WordPress has SQL injection.
- risk 0.64cvss 9.8epss 0.03
The MediaTek Embedded Multimedia Card (eMMC) subsystem for Android on MT65xx, MT66xx, and MT8163 SoC devices allows attackers to execute arbitrary commands as root via shell metacharacters in a filename under /data, because clear_emmc_nomedia_entry in…
- risk 0.64cvss 9.8epss 0.08
net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications. This is related to a Host field with a suffix appearing in neither Hostname() nor Port(), and is related to a non-numeric port…
- risk 0.59cvss 9.1epss 0.02
An issue was discovered in 20|20 Storage 2.11.0. A Path Traversal vulnerability in the TwentyTwenty.Storage library in the LocalStorageProvider allows creating and reading files outside of the specified basepath. If the application using this library does not sanitize…
- risk 0.65cvss 9.8epss 0.11
eQ-3 Homematic CCU2 and CCU3 with the CUxD AddOn installed allow Remote Code Execution by unauthenticated attackers with access to the web interface, because this interface can access the CMD_EXEC virtual device type 28.
- risk 0.64cvss 9.8epss 0.02
The liveforms plugin before 3.2.0 for WordPress has SQL injection.
- risk 0.64cvss 9.8epss 0.02
The events-manager plugin before 5.6 for WordPress has code injection.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in imcat 4.9. There is SQL Injection via the index.php order parameter in a mod=faqs action.
- risk 0.00cvss 9.8epss 0.03
An issue was discovered in Frappe Framework 10 through 12 before 12.0.4. A server side template injection (SSTI) issue exists.
- risk 0.60cvss 9.1epss 0.11
Lansweeper before 7.1.117.4 allows unauthenticated SQL injection.
- risk 0.64cvss 9.8epss 0.02
HashiCorp Nomad 0.9.0 through 0.9.1 has Incorrect Access Control via the exec driver.
- risk 0.64cvss 9.8epss 0.09
Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host.
- risk 0.66cvss 9.8epss 0.23
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option.
- risk 0.73cvss 9.8epss 0.75
Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow.
- risk 0.82cvss 9.8epss 0.85
There was a server-side template injection vulnerability in Jira Server and Data Center, in the ContactAdministrators and the SendBulkMail actions. An attacker is able to remotely execute code on systems that run a vulnerable version of Jira Server or Data Center. All versions…
- risk 0.61cvss 9.4epss 0.04
A remote authorization bypass vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1.
- risk 0.61cvss 9.4epss 0.02
A remote gain authorized access vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
- risk 0.61cvss 9.4epss 0.04
A remote bypass of security restrictions vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
- risk 0.66cvss 9.8epss 0.27
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets’ IP options.
- risk 0.62cvss 9.4epss 0.05
A remote authentication bypass vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
- risk 0.64cvss 9.8epss 0.02
The FV Flowplayer Video Player plugin before 7.3.15.727 for WordPress allows email subscription SQL injection.
- risk 0.61cvss 9.8epss 0.48
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField,…
- risk 0.64cvss 9.8epss 0.02
Swann SWWHD-INTCAM-HD devices have the twipc root password, leading to FTP access as root. NOTE: all affected customers were migrated by 2020-08-31.
- risk 0.60cvss 9.1epss 0.04
Server Side Request Forgery (SSRF) exists in Zoho ManageEngine AssetExplorer version 6.2.0 for the AJaxServlet servlet via a parameter in a URL.
- risk 0.64cvss 9.9epss 0.01
The authorization component of TIBCO Software Inc.'s TIBCO API Exchange Gateway, and TIBCO API Exchange Gateway Distribution for TIBCO Silver Fabric contains a vulnerability that theoretically processes OAuth authorization incorrectly, leading to potential escalation of…
- risk 0.64cvss 9.8epss 0.02
Open-School 3.0, and Community Edition 2.3, allows SQL Injection via the index.php?r=students/students/document id parameter.
- risk 0.64cvss 9.8epss 0.02
A Server Side Request Forgery (SSRF) vulnerability in go-camo up to version 1.1.4 allows a remote attacker to perform HTTP requests to internal endpoints.
- risk 0.72cvss 9.8epss 0.67
An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page.
- risk 0.64cvss 9.8epss 0.04
A vulnerability in the web portal of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to perform a command injection attack and execute arbitrary commands with root privileges. The vulnerability is due to insufficient input…