The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2019-16893 | The Web Management of TP-Link TP-SG105E V4 1.0.0 Build 20181120 devices allows an unauthenticated attacker to reboot the device via a reboot.cgi request. | HIGH | Feb 6, 2020 |
| CVE-2019-16894 | download.php in inoERP 4.15 allows SQL injection through insecure deserialization. | HIGH | Sep 27, 2019 |
| CVE-2019-16895 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-16894. Reason: This candidate is a reservation duplicate of CVE-2019-16894. Notes: All CVE users should reference CVE-2019-16894 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | -- | Nov 7, 2023 |
| CVE-2019-16896 | In K7 Ultimate Security 16.0.0117, the module K7BKCExt.dll (aka the backup module) improperly validates the administrative privileges of the user, allowing an arbitrary file write via a symbolic link attack with file restoration functionality. | LOW | Jan 9, 2020 |
| CVE-2019-16897 | In K7 Antivirus Premium 16.0.xxx through 16.0.0120; K7 Total Security 16.0.xxx through 16.0.0120; and K7 Ultimate Security 16.0.xxx through 16.0.0120, the module K7TSHlpr.dll improperly validates the administrative privileges of the user, allowing arbitrary registry writes in the K7AVOptn.dll module to facilitate escalation of privileges via inter-process communication with a service process. | HIGH | Oct 31, 2019 |
| CVE-2019-16898 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-16897. Reason: This candidate is a reservation duplicate of CVE-2019-16897. Notes: All CVE users should reference CVE-2019-16897 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | -- | Nov 7, 2023 |
| CVE-2019-16899 | In Advantech WebAccess/HMI Designer 2.1.9.31, Data from a Faulting Address controls Code Flow starting at PM_V3!CTagInfoThreadBase::GetNICInfo+0x0000000000512918. | -- | Sep 26, 2019 |
| CVE-2019-16900 | Advantech WebAccess/HMI Designer 2.1.9.31 has a User Mode Write AV starting at MSVCR90!memcpy+0x000000000000015c. | -- | Sep 26, 2019 |
| CVE-2019-16901 | Advantech WebAccess/HMI Designer 2.1.9.31 has Exception Handler Chain corruption starting at Unknown Symbol @ 0x0000000000000000 called from ntdll!RtlRaiseStatus+0x00000000000000b4. | -- | Sep 26, 2019 |
| CVE-2019-16902 | In the ARforms plugin 3.7.1 for WordPress, arf_delete_file in arformcontroller.php allows unauthenticated deletion of an arbitrary file by supplying the full pathname. | MEDIUM | Sep 27, 2019 |
| CVE-2019-16903 | Platinum UPnP SDK 1.2.0 allows Directory Traversal in Core/PltHttpServer.cpp because it checks for /.. where it should be checking for ../ instead. | MEDIUM | Sep 26, 2019 |
| CVE-2019-16904 | TeamPass 2.1.27.36 allows Stored XSS by setting a crafted password for an item in a common available folder or sharing the item with an admin. (The crafted password is exploitable when viewing the change history of the item or tapping on the item.) | LOW | Sep 27, 2019 |
| CVE-2019-16905 | OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH. | MEDIUM | Oct 9, 2019 |
| CVE-2019-16906 | An issue was discovered in the Infosysta In-App & Desktop Notifications app 1.6.13_J8 for Jira. By using plugins/servlet/nfj/PushNotification?username= with a modified username, a different user\'s notifications can be read without authentication/authorization. These notifications are then no longer displayed to the normal user. | MEDIUM | Oct 31, 2019 |
| CVE-2019-16907 | An issue was discovered in the Infosysta In-App & Desktop Notifications app 1.6.13_J8 for Jira. It is possible to obtain a list of all valid Jira usernames without authentication/authorization via the plugins/servlet/nfj/UserFilter?searchQuery=@ URI. | MEDIUM | Oct 31, 2019 |
| CVE-2019-16908 | An issue was discovered in the Infosysta \"In-App & Desktop Notifications\" app before 1.6.14_J8 for Jira. It is possible to obtain a list of all Jira projects without authentication/authorization via the plugins/servlet/nfj/ProjectFilter?searchQuery= URI. | MEDIUM | Nov 4, 2019 |
| CVE-2019-16909 | An issue was discovered in the Infosysta \"In-App & Desktop Notifications\" app before 1.6.14_J8 for Jira. It is possible to obtain a list of all Jira projects (with authentication as a Jira user, but without authorization for specific projects) via the plugins/servlet/nfj/NotificationSettings URI. | MEDIUM | Nov 4, 2019 |
| CVE-2019-16910 | Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might allow an attacker to recover a private key via side-channel attacks if a victim signs the same message many times. (For Mbed TLS, the fix is also available in versions 2.7.12 and 2.16.3.) | Low | Oct 3, 2019 |
| CVE-2019-16913 | PC Protect Antivirus v4.14.31 installs by default to %PROGRAMFILES(X86)%\\PCProtect with very weak folder permissions, granting any user full permission \"Everyone: (F)\" to the contents of the directory and its subfolders. In addition, the program installs a service called SecurityService that runs as LocalSystem. This allows any user to escalate privileges to \"NT AUTHORITY\\SYSTEM\" by substituting the service\'s binary with a Trojan horse. | HIGH | Oct 11, 2019 |
| CVE-2019-16914 | An XSS issue was discovered in pfSense through 2.4.4-p3. In services_captiveportal_mac.php, the username and delmac parameters are displayed without sanitization. | MEDIUM | Sep 27, 2019 |
| CVE-2019-16915 | An issue was discovered in pfSense through 2.4.4-p3. widgets/widgets/picture.widget.php uses the widgetkey parameter directly without sanitization (e.g., a basename call) for a pathname to file_get_contents or file_put_contents. | HIGH | Sep 27, 2019 |
| CVE-2019-16916 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue for the designated product. Notes: none | -- | Nov 7, 2023 |
| CVE-2019-16917 | WiKID Enterprise 2FA (two factor authentication) Enterprise Server through 4.2.0-b2047 is vulnerable to SQL injection through the searchDevices.jsp endpoint. The uid and domain parameters are used, unsanitized, in a SQL query constructed in the buildSearchWhereClause function. | MEDIUM | Oct 22, 2019 |
| CVE-2019-16919 | Harbor API has a Broken Access Control vulnerability. The vulnerability allows project administrators to use the Harbor API to create a robot account with unauthorized push and/or pull access permissions to a project they don\'t have access or control for. The Harbor API did not enforce the proper project permissions and project scope on the API request to create a new robot account. | MEDIUM | Oct 24, 2019 |
| CVE-2019-16920 | Unauthenticated remote code execution occurs in D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565. The issue occurs when the attacker sends an arbitrary input to a \"PingTest\" device common gateway interface that could lead to common injection. An attacker who successfully triggers the command injection could achieve full system compromise. Later, it was independently found that these are also affected: DIR-855L, DAP-1533, DIR-862L, DIR-615, DIR-835, and DIR-825. | HIGH | Oct 10, 2019 |
| CVE-2019-16921 | In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/infiniband/hw/hns/hns_roce_main.c does not initialize the resp data structure, which might allow attackers to obtain sensitive information from kernel stack memory, aka CID-df7e40425813. | Medium | Sep 27, 2019 |
| CVE-2019-16922 | SuiteCRM 7.10.x before 7.10.20 and 7.11.x before 7.11.8 allows unintended public exposure of files. | MEDIUM | Oct 1, 2019 |
| CVE-2019-16923 | kkcms 1.3 has jx.php?url= XSS. | MEDIUM | Sep 27, 2019 |
| CVE-2019-16924 | The Nulock application 1.5.0 for mobile devices sends a cleartext password over Bluetooth, which allows remote attackers (after sniffing the network) to take control of the lock. | LOW | Oct 4, 2019 |
| CVE-2019-16925 | Flower 0.9.3 has XSS via the name parameter in an @app.task call. NOTE: The project author stated that he doesn\'t think this is a valid vulnerability. Worker name and task name aren’t user facing configuration options. They are internal backend config options and person having rights to change them already has full access | Medium | Oct 3, 2019 |
| CVE-2019-16926 | Flower 0.9.3 has XSS via a crafted worker name. NOTE: The project author stated that he doesn\'t think this is a valid vulnerability. Worker name and task name aren’t user facing configuration options. They are internal backend config options and person having rights to change them already has full access | Medium | Oct 3, 2019 |
| CVE-2019-16927 | Xpdf 4.01.01 has an out-of-bounds write in the vertProfile part of the TextPage::findGaps function in TextOutputDev.cc, a different vulnerability than CVE-2019-9877. | MEDIUM | Oct 1, 2019 |
| CVE-2019-16928 | Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command. | HIGH | Oct 2, 2019 |
| CVE-2019-16929 | Auth0 auth0.net before 6.5.4 has Incorrect Access Control because IdentityTokenValidator can be accidentally used to validate untrusted ID tokens. | MEDIUM | Oct 17, 2019 |
| CVE-2019-16930 | Zcashd in Zcash before 2.0.7-3 allows discovery of the IP address of a full node that owns a shielded address, related to mishandling of exceptions during deserialization of note plaintexts. This affects anyone who has disclosed their zaddr to a third party. | MEDIUM | Oct 4, 2019 |
| CVE-2019-16931 | A stored XSS vulnerability in the Visualizer plugin 3.3.0 for WordPress allows an unauthenticated attacker to execute arbitrary JavaScript when an admin or other privileged user edits the chart via the admin dashboard. This occurs because classes/Visualizer/Gutenberg/Block.php registers wp-json/visualizer/v1/update-chart with no access control, and classes/Visualizer/Render/Page/Data.php lacks output sanitization. | MEDIUM | Oct 9, 2019 |
| CVE-2019-16932 | A blind SSRF vulnerability exists in the Visualizer plugin before 3.3.1 for WordPress via wp-json/visualizer/v1/upload-data. | MEDIUM | Oct 4, 2019 |
| CVE-2019-16935 | The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server. | Medium | Oct 9, 2019 |
| CVE-2019-16941 | NSA Ghidra through 9.0.4, when experimental mode is enabled, allows arbitrary code execution if the Read XML Files feature of Bit Patterns Explorer is used with a modified XML document. This occurs in Features/BytePatterns/src/main/java/ghidra/bitpatterns/info/FileBitPatternInfoReader.java. An attack could start with an XML document that was originally created by DumpFunctionPatternInfoScript but then directly modified by an attacker (for example, to make a java.lang.Runtime.exec call). | MEDIUM | Oct 4, 2019 |
| CVE-2019-16942 | A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling. | HIGH | Oct 8, 2019 |
| CVE-2019-16943 | A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling. | HIGH | Oct 12, 2019 |
| CVE-2019-16948 | An SSRF issue was discovered in Enghouse Web Chat 6.1.300.31. In any POST request, one can replace the port number at WebServiceLocation=http://localhost:8085/UCWebServices/ with a range of ports to determine what is visible on the internal network (as opposed to what general web traffic would see on the product\'s host). The response from open ports is different than from closed ports. The product does not allow one to change the protocol: anything except http(s) will throw an error; however, it is the type of error that allows one to determine if a port is open or not. | HIGH | Nov 13, 2019 |
| CVE-2019-16949 | An issue was discovered in Enghouse Web Chat 6.1.300.31 and 6.2.284.34. A user is allowed to send an archive of their chat log to an email address specified at the beginning of the chat (where the user enters in their name and e-mail address). This POST request can be modified to change the message as well as the end recipient of the message. The e-mail address will have the same domain name and user as the product allotted. This can be used in phishing campaigns against users on the same domain. | MEDIUM | Nov 13, 2019 |
| CVE-2019-16950 | An XSS issue was discovered in Enghouse Web Chat 6.1.300.31 and 6.2.284.34. The QueueName parameter of a GET request allows for insertion of user-supplied JavaScript. | MEDIUM | Nov 15, 2019 |
| CVE-2019-16951 | A remote file include (RFI) issue was discovered in Enghouse Web Chat 6.2.284.34. One can replace the localhost attribute with one\'s own domain name. When the product calls this domain after the POST request is sent, it retrieves an attacker\'s data and displays it. Also worth mentioning is the amount of information sent in the request from this product to the attacker: it reveals information the public should not have. This includes pathnames and internal ip addresses. | MEDIUM | Nov 13, 2019 |
| CVE-2019-16954 | SolarWinds Web Help Desk 12.7.0 allows HTML injection via a Comment in a Help Request ticket. | MEDIUM | Jan 8, 2021 |
| CVE-2019-16955 | SolarWinds Web Help Desk 12.7.0 allows XSS via an uploaded SVG document in a request. | LOW | Dec 18, 2020 |
| CVE-2019-16956 | SolarWinds Web Help Desk 12.7.0 allows XSS via the Request Type parameter of a ticket. | LOW | Jan 6, 2021 |
| CVE-2019-16957 | SolarWinds Web Help Desk 12.7.0 allows XSS via the First Name field of a User Account. | LOW | Dec 18, 2020 |
| CVE-2019-16958 | Cross-site Scripting (XSS) vulnerability in SolarWinds Web Help Desk 12.7.0 allows attacker to inject arbitrary web script or HTML via Location Name. | LOW | Dec 2, 2020 |
