The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2019-15151 | AdPlug 2.3.1 has a double free in the Cu6mPlayer class in u6m.h. | HIGH | Aug 30, 2019 |
| CVE-2019-15150 | In the OAuth2 Client extension before 0.4 for MediaWiki, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function. | MEDIUM | Aug 26, 2019 |
| CVE-2019-15149 | core.py in Mitogen before 0.2.8 has a typo that drops the unidirectional-routing protection mechanism in the case of a child that is initiated by another child. The Ansible extension is unaffected. NOTE: the vendor disputes this issue because it is exploitable only in conjunction with hypothetical other factors, i.e., an affected use case within a library caller, and a bug in the message receiver policy code that led to reliance on this extra protection mechanism | MEDIUM | Aug 30, 2019 |
| CVE-2019-15148 | GoPro GPMF-parser 1.2.2 has an out-of-bounds write in OpenMP4Source in demo/GPMF_mp4reader.c. | MEDIUM | Aug 22, 2019 |
| CVE-2019-15147 | GoPro GPMF-parser 1.2.2 has an out-of-bounds read and SEGV in GPMF_Next in GPMF_parser.c. | MEDIUM | Aug 22, 2019 |
| CVE-2019-15146 | GoPro GPMF-parser 1.2.2 has a heap-based buffer over-read (4 bytes) in GPMF_Next in GPMF_parser.c. | MEDIUM | Aug 22, 2019 |
| CVE-2019-15145 | DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack (application crash via an out-of-bounds read) by crafting a corrupted JB2 image file that is mishandled in JB2Dict::JB2Codec::get_direct_context in libdjvu/JB2Image.h because of a missing zero-bytes check in libdjvu/GBitmap.h. | MEDIUM | Aug 30, 2019 |
| CVE-2019-15144 | In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate<TYPE>::sort) allows attackers to cause a denial-of-service (application crash due to an Uncontrolled Recursion) by crafting a PBM image file that is mishandled in libdjvu/GContainer.h. | MEDIUM | Aug 30, 2019 |
| CVE-2019-15143 | In DjVuLibre 3.5.27, the bitmap reader component allows attackers to cause a denial-of-service error (resource exhaustion caused by a GBitmap::read_rle_raw infinite loop) by crafting a corrupted image file, related to libdjvu/DjVmDir.cpp and libdjvu/GBitmap.cpp. | MEDIUM | Aug 30, 2019 |
| CVE-2019-15142 | In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows attackers to cause a denial-of-service (application crash in GStringRep::strdup in libdjvu/GString.cpp caused by a heap-based buffer over-read) by crafting a DJVU file. | MEDIUM | Aug 30, 2019 |
| CVE-2019-15141 | WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. NOTE: this occurs because of an incomplete fix for CVE-2019-11597. | Medium | Aug 22, 2019 |
| CVE-2019-15140 | coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c. | Medium | Aug 28, 2019 |
| CVE-2019-15139 | The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472. | Medium | Aug 28, 2019 |
| CVE-2019-15138 | The html-pdf package 2.2.0 for Node.js has an arbitrary file read vulnerability via an HTML file that uses XMLHttpRequest to access a file:/// URL. | MEDIUM | Sep 23, 2019 |
| CVE-2019-15137 | The Access Control plugin in eProsima Fast RTPS through 1.9.0 allows fnmatch pattern matches with topic name strings (instead of the permission expressions themselves), which can lead to unintended connections between participants in a Data Distribution Service (DDS) network. | MEDIUM | Aug 29, 2019 |
| CVE-2019-15136 | The Access Control plugin in eProsima Fast RTPS through 1.9.0 does not check partition permissions from remote participant connections, which can lead to policy bypass for a secure Data Distribution Service (DDS) partition. | MEDIUM | Aug 29, 2019 |
| CVE-2019-15135 | The handshake protocol in Object Management Group (OMG) DDS Security 1.1 sends cleartext information about all of the capabilities of a participant (including capabilities inapplicable to the current session), which makes it easier for attackers to discover potentially sensitive reachability information on a Data Distribution Service (DDS) network. | MEDIUM | Aug 29, 2019 |
| CVE-2019-15134 | RIOT through 2019.07 contains a memory leak in the TCP implementation (gnrc_tcp), allowing an attacker to consume all memory available for network packets and thus effectively stopping all network threads from working. This is related to _receive in sys/net/gnrc/transport_layer/tcp/gnrc_tcp_eventloop.c upon receiving an ACK before a SYN. | HIGH | Aug 29, 2019 |
| CVE-2019-15133 | In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c if the height field of the ImageSize data structure is equal to zero. | Medium | Aug 29, 2019 |
| CVE-2019-15132 | Zabbix through 4.4.0alpha1 allows User Enumeration. With login requests, it is possible to enumerate application usernames based on the variability of server responses (e.g., the Login name or password is incorrect and No permissions for system access messages, or just blocking for a number of seconds). This affects both api_jsonrpc.php and index.php. | Medium | Aug 29, 2019 |
| CVE-2019-15131 | In Code42 Enterprise 6.7.5 and earlier, 6.8.4 through 6.8.8, and 7.0.0 a vulnerability has been identified that may allow arbitrary files to be uploaded to Code42 servers and executed. This vulnerability could allow an attacker to create directories and save files on Code42 servers, which could potentially lead to code execution. | HIGH | Sep 17, 2019 |
| CVE-2019-15130 | The Recruitment module in Humanica Humatrix 7 1.0.0.203 and 1.0.0.681 allows an unauthenticated attacker to upload any file type to a candidate\'s profile picture folder via a crafted recruitment_online/personalData/act_personaltab.cfm multiple-part POST request with a predictable WRC01_USERID parameter. Moreover, the attacker can upload executable content (e.g., asp or aspx) for executing OS commands on the server. | HIGH | Aug 30, 2019 |
| CVE-2019-15129 | The Recruitment module in Humanica Humatrix 7 1.0.0.203 and 1.0.0.681 allows an unauthenticated attacker to access all candidates\' files in the photo folder on the website by specifying a \"user id\" parameter and file name, such as in a recruitment_online/upload/user/[user_id]/photo/[file_name] URI. | MEDIUM | Aug 30, 2019 |
| CVE-2019-15128 | iF.SVNAdmin through 1.6.2 allows svnadmin/usercreate.php CSRF to create a user. | MEDIUM | Sep 9, 2019 |
| CVE-2019-15127 | REDCap before 9.3.0 allows XSS attacks against non-administrator accounts on the Data Import Tool page via a CSV data import file. | LOW | Aug 23, 2019 |
| CVE-2019-15126 | An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic, a different vulnerability than CVE-2019-9500, CVE-2019-9501, CVE-2019-9502, and CVE-2019-9503. | LOW | Feb 14, 2020 |
| CVE-2019-15124 | In the MobileFrontend extension for MediaWiki, XSS exists within the edit summary field of the watchlist feed. This affects REL1_31, REL1_32, and REL1_33. | MEDIUM | Mar 19, 2020 |
| CVE-2019-15123 | The Branding Module in Viki Vera 4.9.1.26180 allows an authenticated user to change the logo on the website. An attacker could use this to upload a malicious .aspx file and gain Remote Code Execution on the site. | MEDIUM | Jun 12, 2020 |
| CVE-2019-15120 | The Kunena extension before 5.1.14 for Joomla! allows XSS via BBCode. | MEDIUM | Aug 16, 2019 |
| CVE-2019-15119 | lib/install/install.go in cnlh nps through 0.23.2 uses 0777 permissions for /usr/local/bin/nps and/or /usr/bin/nps, leading to a file overwrite by a local user. | MEDIUM | Aug 23, 2019 |
| CVE-2019-15118 | check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion. | Medium | Aug 28, 2019 |
| CVE-2019-15117 | parse_audio_mixer_unit in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles a short descriptor, leading to out-of-bounds memory access. | Medium | Aug 28, 2019 |
| CVE-2019-15116 | The easy-digital-downloads plugin before 2.9.16 for WordPress has XSS related to IP address logging. | MEDIUM | Aug 23, 2019 |
| CVE-2019-15115 | The peters-login-redirect plugin before 2.9.2 for WordPress has CSRF. | MEDIUM | Aug 22, 2019 |
| CVE-2019-15114 | The formcraft-form-builder plugin before 1.2.2 for WordPress has CSRF. | MEDIUM | Aug 21, 2019 |
| CVE-2019-15113 | The companion-sitemap-generator plugin before 3.7.0 for WordPress has CSRF. | MEDIUM | Aug 21, 2019 |
| CVE-2019-15112 | The wp-slimstat plugin before 4.8.1 for WordPress has XSS. | MEDIUM | Aug 23, 2019 |
| CVE-2019-15111 | The wp-front-end-profile plugin before 0.2.2 for WordPress has a privilege escalation issue. | HIGH | Aug 21, 2019 |
| CVE-2019-15110 | The wp-front-end-profile plugin before 0.2.2 for WordPress has XSS. | MEDIUM | Aug 21, 2019 |
| CVE-2019-15109 | The the-events-calendar plugin before 4.8.2 for WordPress has XSS via the tribe_paged URL parameter. | MEDIUM | Aug 23, 2019 |
| CVE-2019-15108 | An issue was discovered in WSO2 API Manager 2.6.0 before WSO2-CARBON-PATCH-4.4.0-4457. There is XSS via a crafted filename to the file-upload feature of the event simulator component. | LOW | Aug 29, 2019 |
| CVE-2019-15107 | An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability. | High | Aug 27, 2019 |
| CVE-2019-15106 | An issue was discovered in Zoho ManageEngine OpManager in builds before 14310. One can bypass the user password requirement and execute commands on the server. The \"username+\'@opm\' string is used for the password. For example, if the username is admin, the password is admin@opm. | HIGH | Aug 27, 2019 |
| CVE-2019-15105 | An issue was discovered in Zoho ManageEngine Application Manager through 14.2. There is a SQL Injection vulnerability in jsp/NewThresholdConfiguration.jsp via the resourceid parameter. Therefore, a low-authority user can gain the authority of SYSTEM on the server. One can consequently upload a malicious file using the \"Execute Program Action(s)\" feature. | HIGH | Aug 26, 2019 |
| CVE-2019-15104 | An issue was discovered in Zoho ManageEngine OpManager through 12.4x. There is a SQL Injection vulnerability in jsp/NewThresholdConfiguration.jsp via the resourceid parameter. Therefore, a low-authority user can gain the authority of SYSTEM on the server. One can consequently upload a malicious file using the \"Execute Program Action(s)\" feature. | HIGH | Aug 26, 2019 |
| CVE-2019-15102 | An issue was discovered in Tyto Sahi Pro 6.x through 8.0.0. TestRunner_Non_distributed (and distributed end points) does not have any authentication mechanism. This allow an attacker to execute an arbitrary script on the remote Sahi Pro server. There is also a password-protected web interface intended for remote access to scripts. This web interface lacks server-side validation, which allows an attacker to create/modify/delete a script remotely without any password. Chaining both of these issues results in remote code execution on the Sahi Pro server. | HIGH | Sep 9, 2019 |
| CVE-2019-15099 | drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. | High | Aug 26, 2019 |
| CVE-2019-15098 | drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. | High | Aug 27, 2019 |
| CVE-2019-15095 | DWSurvey through2019-07-22 has reflected XSS via the design/qu-multi-fillblank!answers.action surveyId parameter. | MEDIUM | Aug 26, 2019 |
| CVE-2019-15092 | The webtoffee \"WordPress Users & WooCommerce Customers Import Export\" plugin 1.3.0 for WordPress allows CSV injection in the user_url, display_name, first_name, and last_name columns in an exported CSV file created by the WF_CustomerImpExpCsv_Exporter class. | MEDIUM | Aug 29, 2019 |
