Risk 2019

Overview of the different risk assignments of different sources of the documented vulnerabilities.

IDTitleVulDBCVSSSecuniaXForceNessus
163851Apple iTunes libxml2 memory corruption [CVE-2019-8756]medium4.1---
163850Apple watchOS libxml2 memory corruption [CVE-2019-8756]medium4.1---
163849Apple tvOS libxml2 memory corruption [CVE-2019-8756]medium4.1---
163848Apple iCloud libxml2 memory corruption [CVE-2019-8756]medium4.1---
163847Apple iOS libxml2 memory corruption [CVE-2019-8756]medium4.1---
163829Apple iTunes libxml2 memory corruption [CVE-2019-8749]medium4.1---
163828Apple watchOS libxml2 memory corruption [CVE-2019-8749]medium4.1---
163827Apple tvOS libxml2 memory corruption [CVE-2019-8749]medium4.1---
163826Apple iCloud libxml2 memory corruption [CVE-2019-8749]medium4.1---
163819Apple iOS Kernel memory corruption [CVE-2019-8744]medium4.1---
163818Apple watchOS Kernel memory corruption [CVE-2019-8744]medium4.1---
163798Apple iOS PluginKit memory corruption [CVE-2019-8715]medium4.1---
163790Apple iOS PluginKit information disclosure [CVE-2019-8708]low1.5---
163789Apple watchOS Audio memory corruption [CVE-2019-8706]medium6.8---
163788Apple tvOS Audio memory corruption [CVE-2019-8706]medium6.8---
163787Apple iOS/iPadOS Audio memory corruption [CVE-2019-8706]medium6.8---
163756Apple iOS Wi-Fi privileges management [CVE-2019-8612]medium4.9---
163755Apple watchOS Wi-Fi privileges management [CVE-2019-8612]medium4.9---
163754Apple tvOS Wi-Fi privileges management [CVE-2019-8612]medium4.9---
163753Apple iOS CoreAudio memory corruption [CVE-2019-8592]medium6.8---
163752Apple watchOS CoreAudio memory corruption [CVE-2019-8592]medium6.8---
163751Apple tvOS CoreAudio memory corruption [CVE-2019-8592]medium6.8---
163735Apple iOS Kernel memory corruption [CVE-2019-8547]low3.5---
163734Apple watchOS Kernel memory corruption [CVE-2019-8547]low3.5---
163721Apple iOS Kernel memory corruption [CVE-2019-8525]medium7.6---
163720Apple watchOS Kernel memory corruption [CVE-2019-8525]medium7.6---
163719Apple macOS Live Photos in FaceTime Local Privilege Escalationlow4.1---
162269Microsoft Windows OleCreateFontIndirectExt out-of-bounds read [Disputed]low2.3---
159432Sricam IP CCTV Camera Device Viewer memory corruptionmedium4.1---
159431Sricam IP CCTV Camera Device Viewer stack-based overflowmedium4.1---
150766Apple iCloud CoreCrypto denial of service [CVE-2019-8741]low5.0---
150765Apple iCloud CoreCrypto denial of service [CVE-2019-8741]low5.0---
150764Apple iTunes CoreCrypto denial of service [CVE-2019-8741]low5.0---
150763Apple macOS CoreCrypto denial of service [CVE-2019-8741]low5.0---
150762Apple watchOS CoreCrypto denial of service [CVE-2019-8741]low5.0---
150761Apple iOS CoreCrypto denial of service [CVE-2019-8741]low5.0---
150737Apple tvOS CoreCrypto denial of service [CVE-2019-8741]low5.0---
149460Adobe Acrobat Reader use after free [CVE-2019-8257]medium6.8---
149459Adobe Acrobat Reader type confusion [CVE-2019-7131]medium6.8---
149313Microsoft Outlook Email input validation [CVE-2019-1460]medium6.8---
149312Microsoft Windows User Profile Service privileges managementmedium6.0---
149311Microsoft Visual Studio Code Debug Listener privileges managementmedium4.1---
149310Microsoft Dynamics 365 Impersonation privileges management [CVE-2018-8654]medium6.0---
148215rovinbhandari FTP file_transfer_functions.c receive_file input validationlow5.0---
148214FiberHome an5506-04-f cross site scripting [CVE-2019-9556]low3.5---
148213Craft CMS Header new cross site scriptinglow4.3---
148212Bolt pages cross site scriptinglow4.3---
148211Unity Editor Protocol os command injection [CVE-2019-9197]medium6.8---
148210Ricoh MarcomCentral FPProducerInternetServer.exe path traversalmedium7.5---
148209Zoho ManageEngine ADSelfService Plus information disclosure [CVE-2019-7162]medium7.5---
148208Blink XT2 Sync Module injection [CVE-2019-3984]medium7.5---
148207ezXML ezxml_char_content release of referencemedium6.8---
148206ezXML xml injection [CVE-2019-20201]low4.3---
148205ezXML ezxml_decode out-of-bounds readmedium6.8---
148204ezXML strlen out-of-bounds readlow4.3---
148203ezXML ezxml_ent_ok resource consumptionlow4.3---
148202Nagios XI schedulereport.php os command injectionmedium6.0---
148201Pure-FTPd ls.c listdir resource consumptionlow5.0---
148200Avira Free Antivirus Kernel Local Privilege Escalation [CVE-2019-18568]medium6.6---
148199GONiCUS GOsa Cookie deserialization [CVE-2019-14466]medium6.5---
148198Generalitat de Catalunya accesuniversitat.gencat.cat Java API information disclosurelow4.0---
148197OutSystems Platform ImageResourceDetail.aspx cross-site request forgerylow4.3---
148196Sylius/Grid __toString cross site scriptinglow3.5---
148195MailStore Server Directory Service improper authentication [CVE-2019-10229]medium6.0---
148194openITCOCKPIT 404 Not Found Reflected cross site scriptinglow4.3---
148193BOMBBA improper authentication [CVE-2018-19834]medium7.5---
148192DDQ improper authentication [CVE-2018-19833]medium7.5---
148191NewIntelTechMedia NETM improper authenticationmedium7.5---
148190Cryptbond Network ToOwner improper authenticationmedium7.5---
148189Business Alliance Financial Circle UBSexToken authorizationmedium7.5---
148188GeniXCMS admin.php cross site scriptinglow4.3---
148187SonicOS Configuration Mode improper authorization [CVE-2019-7479]medium6.0---
148186GMS Webservice Module sql injection [CVE-2019-7478]medium6.8---
147944IBM MQ Data Conversion Routine denial of service [CVE-2019-4655]low3.5---
147943IBM Cognos Analytics Web UI cross site scriting [CVE-2019-4623]low3.5---
147942IBM Cognos Analytics origin validation [CVE-2019-4343]low3.5---
147941IBM Watson Studio Local Key File information disclosure [CVE-2019-4335]low1.5---
147940QEMU core.c ide_dma_cb unusual condition [Disputed]low5.0---
147939SerenityOS Syscall MemoryManager.cpp privileges managementmedium4.1---
147938GPAC box_code_base.c metx_New release of resourcelow4.3---
147937GPAC ipmpx_code.c GF_IPMPX_AUTH_Delete release of referencelow4.3---
147936GPAC box_code_base.c trak_Read use after freemedium6.8---
147935GPAC box_funcs.c gf_isom_box_dump_ex use after freemedium6.8---
147934GPAC box_code_drm.c senc_Parse null pointer dereferencelow4.3---
147933GPAC box_dump.c gf_isom_dump null pointer dereferencelow4.3---
147932GPAC box_code_apple.c ilst_item_Read null pointer dereferencelow4.3---
147931GPAC box_funcs.c gf_isom_box_del null pointer dereferencelow4.3---
147930GPAC descriptors.c gf_odf_avc_cfg_write_bs null pointer dereferencelow4.3---
147929GPAC box_funcs.c gf_isom_box_parse_ex out-of-bounds writemedium6.8---
147928GPAC ipmpx_code.c ReadGF_IPMPX_WatermarkingInit out-of-bounds writemedium6.8---
147927GPAC av_parsers.c av1_parse_tile_group out-of-bounds writemedium6.8---
147926GPAC box_code_base.c dinf_New release of resourcelow4.3---
147925kind-of Type Detection index.js ctorName injectionmedium7.5---
147924Laborator Neon Theme autosuggest-remote.php cross site scriptinglow4.3---
147923libsixel fromgif.c gif_out_code out-of-bounds writemedium6.8---
147922Nagios XI nocscreenapi.php cross site scriptinglow3.5---
147921Linux Kernel f2fs Filesystem ttm_page_alloc.c. ttm_put_pages out-of-bounds readmedium4.4---
147920MFScripts YetiShare _account_forgot_password.ajax.php information disclosurelow5.0---
147919MFScripts YetiShare _account_forgot_password.ajax.php information disclosurelow2.6---
147918MFScripts YetiShare Session Cookie information disclosure [CVE-2019-19739]low2.6---
147917MFScripts YetiShare log_file_viewer.php cross site scriptinglow4.3---
147916MFScripts YetiShare Session Cookie cross-site request forgerylow4.3---
147915MFScripts YetiShare Session Cookie httponly permission assignmentlow4.3---
147914MFScripts YetiShare Password Reset class.userpeer.php unknown vulnerabilitylow2.6---
147913MFScripts YetiShare _account_move_file_in_folder.ajax.php sql injectionmedium6.0---
147912MFScripts YetiShare _get_all_file_server_paths.ajax.php cross site scriptinglow4.3---
147911MFScripts YetiShare translation_manage_text.ajax.php sql injectionmedium6.0---
147910TinyWall Controller Debug Memory privileges managementmedium4.1---
147909XMLBlueprint XML Data xml injection [CVE-2019-19032]medium6.5---
147908Easy XML Editor XML Data xml injection [CVE-2019-19031]medium6.5---
147907D-Link DIR-859 UPnP Service gena.cgi os command injectionhigh9.3---
147906Apache Solr input validation [CVE-2019-17558]medium6.0---
147905Tiny File Manager Upload os command injection [CVE-2019-16790]medium6.0---
147904ClickHouse Decompression out-of-bounds read [CVE-2019-16535]medium6.8---
147903ClickHouse input validation [CVE-2019-15024]medium6.0---
147902ros-melodic-ros-comm spinner.cpp remove memory corruptionlow5.0---
147901ros-melodic-ros-comm record.cpp parseOptions integer overflowmedium6.8---
147900php-shellcommand os command injection [CVE-2019-10774]medium7.5---
147899D-Link DGS-1510 cross site scripting [CVE-2018-7859]low4.3---
147898GitLab Enterprise Edition Access Control missing authenticationmedium7.5--medium
147897GitLab Community Edition/Enterprise Edition Access Control authorizationmedium6.8--medium
147896GitLab Community Edition/Enterprise Edition server-side request forgerymedium7.5--medium
147895GitLab Community Edition/Enterprise Edition Access Control authorizationmedium7.5--medium
147894GitLab Community Edition/Enterprise Edition server-side request forgerymedium7.5--medium
147893GitLab Community Edition/Enterprise Edition cross site scriptinglow4.3--medium
147892GitLab Community Edition/Enterprise Edition information disclosurelow5.0--medium
147891GitLab Community Edition/Enterprise Edition Access Control authorizationmedium7.5--medium
147890GitLab Community Edition/Enterprise Edition Access Control authorizationmedium7.5--medium
147889GitLab Enterprise Edition Persistent cross site scripting [CVE-2018-20491]low4.3--medium
147888GitLab Community Edition/Enterprise Edition Persistent cross site scriptinglow4.3--medium
147887GitLab Community Edition/Enterprise Edition Access Control improper authenticationmedium7.5--medium
147886GitLab Community Edition/Enterprise Edition information disclosurelow5.0--medium
147885IBM Watson Studio Local information disclosure [CVE-2018-1682]low4.3---
147884QEMU Virtio privileges management [CVE-2013-2016]medium6.8--high
147883cumin Server Certificate Validator certificate validation [CVE-2013-0264]medium5.0---
147882OpenShift Enterprise Web Console cross-site request forgery [CVE-2013-0196]low4.3---
147881isearch Package tmp tempnam cleanupmedium7.5---
147880Freeciv Server resource consumption [CVE-2012-5645]low5.0--medium
147879OpenStack Dashboard Package quantum.conf Password information disclosurelow2.1---
147878Red Hat OpenStack Platform local_settings Secret Key missing encryptionlow1.7--low
147877HTTP Authentication Library Password Hash inadequate encryptionlow2.6---
147876Linux Kernel feat.c __feat_register_sp resource consumptionlow2.1---
147875Linux Kernel Error cfg80211.c mwifiex_tm_cmd release of resourcelow2.1---
147874libsixel fromgif.c gif_init_frame out-of-bounds writemedium6.8---
147873PoDoFo PdfVariant.h DelayedLoad null pointer dereferencelow4.3---
147872Bento4 Ap4EsDescriptor.cpp GetTag null pointer dereferencelow4.3---
147871Bento4 Ap4DecoderConfigDescriptor.cpp GetTag null pointer dereferencelow4.3---
147870Bento4 Ap4Sample.h GetOffset use after freemedium6.8---
147869GoPro gpmf-parser GPMF_parse.c GPMF_SeekToSamples out-of-bounds readmedium6.8---
147868GoPro gpmf-parser GPMF_mp4reader.c GetPayload out-of-bounds readmedium6.8---
147867GoPro gpmf-parser GPMF-parse.c GPMF_seekToSamples out-of-bounds readmedium6.8---
147866GoPro gpmf-parser GPMF_parser.c GPMF_Next out-of-bounds readmedium6.8---
147865TVT NVMS-1000 GET Request path traversal [CVE-2019-20085]medium7.5---
147864VIM autocmd window.c use after freehigh7.5---
147863Netis DL4323 Dynamic DNS Configuration form2Ddns.cgi cross site scriptinglow4.3---
147862Netis DL4323 Ping6 Diagnostic pingrtt_v6.html cross site scriptinglow4.3---
147861Netis DL4323 form2saveConf.cgi Password insufficiently protected credentialslow3.5---
147860Netis DL4323 User Account Configuration form2userconfig.cgi cross site scriptinglow4.3---
147859Netis DL4323 Dynamic DNS Configuration form2Ddns.cgi cross site scriptinglow4.3---
147858Netis DL4323 Log form2logaction.cgi cross-site request forgerylow4.3---
147857Netis DL4323 form2url.cgi cross site scriptinglow4.3---
147856libmysofa dataobject.c mysofa2json initializationhigh6.8---
147855Bolt Symfony Web Profiler cross site scripting [CVE-2019-20058]low4.3---
147854Proxyman Privileged Helper Tool Proxy insufficient verification of data authenticitymedium6.8---
147853stb Image Loader stb_image.h stbi__shiftsigned assertionmedium4.3---
147852LuquidPixels LiquiFire OS URL server-side request forgery [CVE-2019-20055]medium7.5---
147851Linux Kernel proc_sysctl.c drop_sysctl_table null pointer dereferencelow2.1---
147850UPX Mach-O File p_mach.cpp canUnpack input validationmedium4.3---
147849matio mat.c Mat_VarCalloc release of resourcelow4.3---
147848UPX p_lx_elf.cpp elf_hash calculationlow4.3---
147847Alcatel-Lucent OmniVista 4760 __construct code injectionhigh9.3---
147846Alcatel-Lucent OmniVista 8770 Service Port 389 unrestricted uploadmedium8.5---
147845Alcatel-Lucent OmniVista 4760/OmniVista 8770 Web Server Configuration sess_ insufficiently protected credentialslow4.3---
147844K7 Ultimate Security Backup Module K7BKCExt.dll link followingmedium4.6---
147843Tenable Nessus UI Stored cross site scriptinglow3.5--high
147842Tenable Nessus UI Stored cross site scriptinglow3.5--high
147841Livefyre LiveComments Picture cross site scripting [CVE-2014-6420]low4.3---
147840Senkas Kolibri URI input validation [CVE-2014-5289]medium6.8---
147839WP-Planet Plugin magpie_debug.php cross site scriptinglow4.3---
147838Video Comments Webcam Recorder Plugin r_logout.php cross site scriptinglow4.3---
147837Swipe Checkout for WooCommerce Plugin test-plugin.php cross site scriptinglow4.3---
147836Shortcode Ninja Plugin preview-shortcode-external.php cross site scriptinglow4.3---
147835Ruven Toolkit Plugin popup.php cross site scriptinglow4.3---
147834Podcast Channels Plugin demo.write.php cross site scriptinglow4.3---
147833Movies Plugin demo.mimeonly.php cross site scriptinglow4.3---
147832Infusionsoft Gravity Forms Plugin notAuto_test_ContactService_pauseCampaign.php cross site scriptinglow4.3---
147831Import Legacy Media Plugin demo.mimeonly.php cross site scriptinglow4.3---
147830Conversador Plugin cross site scripting [CVE-2014-4519]low4.3---
147829D-Link DWR-113 cross-site request forgery [CVE-2014-3136]low4.3---
147828Collabtive Access Control install.php privileges managementmedium7.5---
147827Vivotek IP Camera authorization [CVE-2013-4985]medium5.0---
147826AVTECH AVN801 DVR Administration Login Captcha improper authenticationmedium7.5---
147825Hikvision DS-2CD7153-E improper authentication [CVE-2013-4976]medium6.8---
147824Hikvision DS-2CD7153-E privileges management [CVE-2013-4975]medium6.5---
147823Karotz API Session Token information disclosure [CVE-2013-4868]low5.0---
147822Electronic Arts Karotz Smart Rabbit Python Module privileges managementlow3.7---
147821Insteon Hub 2242-222 Web/API default permission [CVE-2013-4859]medium6.8---
147820ReviewBoard unrestricted upload [CVE-2013-4796]medium6.5---
147819Samsung Galaxy S3/Galaxy S4 SMS Text Message default permissionmedium4.6---
147818Samsung Galaxy S3/Galaxy S4 SMS Text Message default permissionmedium4.6---
147817Static HTTP Server http.ini buffer overflowmedium4.1---
147816NullSoft WinAmp gen_ff.dll release of reference [CVE-2013-4695]medium6.8--high
147815Xorbin Digital Flash Clock Extension xorAnalogClock.swf cross site scriptinglow4.3---
147814Xorbin Analog Flash Clock Extension xorAnalogClock.swf cross site scriptinglow4.3---
147813Sencha Connect connect.methodOverride cross site scriptinglow4.3---
147812SPBAS Business Automation Software index.php cross-site request forgerylow4.3---
147811SPBAS Business Automation Software cross site scripting [CVE-2013-4664]low4.3---
147810Magnolia CMS improper authentication [CVE-2013-4621]medium7.5---
147809Toshiba ConfigFree Utility CFProfile.exe out-of-bounds writemedium6.8---
147808thttpd Underflow out-of-bounds write [CVE-2007-0158]medium6.8---
147807WordPress REST API class-wp-rest-posts-controller.php privileges managementmedium6.8---
147806WordPress Protection Mechanism formatting.php wp_targeted_link_rel cross site scriptinglow4.3---
147805WordPress HTML5 kses.php wp_kses_bad_protocol input validationhigh7.5---
147804Citrix Application Delivery Controller/Gateway path traversalhigh7.5---
147803Swipe Checkout for WP e-Commerce Plugin test-plugin.php cross site scriptinglow4.3---
147802Ebay Feeds Plugin magpie_slashbox.php cross site scriptinglow4.3---
147801Easy Career Openings Plugin cross site scripting [CVE-2014-4523]low4.3---
147800Huawei USG9500 X.509 out-of-bounds write [CVE-2019-5275]medium6.8---
147799Huawei USG9500 X.509 buffer overflow [CVE-2019-5274]low5.0---
147798Huawei USG9500 X.509 buffer overflow [CVE-2019-5273]medium6.8---
147797Huawei USG9500 Integrity Check improper validation of integrity check valuemedium6.0---
147796libsixel fromsixel.c image_buffer_resize out-of-bounds writemedium6.8---
147795libsixel fromsixel.c image_buffer_resize release of resourcelow4.3---
147794libsixel frompnm.c load_pnm operation after expirationmedium4.3---
147793UPX Mach-O File p_mach.cpp canUnpack out-of-bounds writemedium6.8---
147792matio mat5.c ReadNextStructField out-of-bounds readmedium6.8---
147791matio mat5.c Mat_VarRead5 resource consumptionlow4.3---
147790matio mat5.c ReadNextCell out-of-bounds readmedium6.8---
147789matio mat5.c Mat_VarReadNextInfo5 out-of-bounds readmedium6.8---
147788libmysofa dataobject.c readOHDRHeaderMessageDatatype out-of-bounds writelow4.3---
147787GNU LibreDWG dwg.spec dwg_decode_LWPOLYLINE_private resource consumptionlow4.3---
147786GNU LibreDWG free.c dwg_free double freemedium6.8---
147785GNU LibreDWG dwg.spec decode_3dsolid resource consumptionlow4.3---
147784GNU LibreDWG dwg.spec dwg_decode_HATCH_private resource consumptionlow4.3---
147783GNU LibreDWG decode.c decode_R13_R2000 out-of-bounds readmedium6.8---
147782GNU LibreDWG decode.c resolve_objectref_vector use after freemedium6.8---
147781GNU LibreDWG dwg.spec dwg_decode_SPLINE_private resource consumptionlow4.3---
147780Archery Project Name Stored cross site scriptinglow3.5---
147779ezXML ezxml.c ezxml_parse_str null pointer dereferencelow4.3---
147778ezXML ezxml_char_content use after freemedium6.8---
147777ezXML XML File strchr out-of-bounds readmedium6.8---
147776Intelbras IWR 3000N JSON login input validationlow5.0---
147775Intelbras IWR 3000N user cross-site request forgerylow4.3---
147774Huawei MediaPad M5 Lite 10 input validation [CVE-2019-19398]medium6.8---
147773JetBrains Ktor Framework cross site scripting [CVE-2019-19389]medium6.0---
147772Waitress Proxy request smuggling [CVE-2019-16789]medium4.6---
147771WordPress Block Editor cross site scripting [CVE-2019-16781]low3.5---
147770WordPress Block Editor cross site scripting [CVE-2019-16780]low3.5---
147769D-Link DIR-601 B1 improper authentication [CVE-2019-16327]medium7.5---
147768D-Link DIR-601 B1 cross-site request forgery [CVE-2019-16326]low4.3---
147767GitLab Community Edition/Enterprise Edition Access Control authorizationmedium6.8--medium
147766ircd-ratbox MONITOR Command memory corruption [CVE-2015-5290]low4.3---
147765Features Gem tmp File injectionmedium6.0---
147764Belkin N900 Javascript Debugging improper authentication [CVE-2013-3088]medium6.8---
147763Belkin F5D8236-4 Web Management Interface improper authenticationmedium6.8---
147762W3 Super Cache Plugin Incomplete Fix CVE-2013-2009 escape outputmedium6.8--high
147761Java SE Virtual Machine information disclosure [CVE-2012-4420]low4.3---
147760sssd HBAC Rule improper authentication [CVE-2012-3462]medium6.5---
147759NetworkManager AdHoc Mode missing authentication [CVE-2012-2736]low3.3--high
147758pax-linux arch_get_unmapped_area_topdown resource consumptionlow1.5---
147757Athenz redirect [CVE-2019-6035]medium6.8---
147756A-Blog CMS injection [CVE-2019-6034]low4.3---
147755A-Blog CMS cross site scripting [CVE-2019-6033]low4.3---
147754NTV News24 X.509 Certificate Validation certificate validationlow2.6---
147753KINZA RSS Reader cross site scripting [CVE-2019-6031]low4.3---
147752Custom Body Class cross-site request forgery [CVE-2019-6030]low4.3---
147751Custom Body Class cross site scripting [CVE-2019-6029]low4.3---
147750WP Spell Check cross-site request forgery [CVE-2019-6027]low4.3---
147749MOTEX LanScope Cat Client privileges management [CVE-2019-6026]medium4.1---
147748Movable Type redirect [CVE-2019-6025]medium6.8---
147747Rakuma App insufficiently protected credentials [CVE-2019-6024]medium6.8---
147746Cybozu Office Access Restriction privileges management [CVE-2019-6023]medium6.0---
147745Cybozu Office Customapp path traversalmedium6.0---
147744Library Information Management System LIMEDIO redirect [CVE-2019-6021]medium6.8---
147743PowerCMS redirect [CVE-2019-6020]medium6.8---
147742STAMP Workbench Installer untrusted search path [CVE-2019-6019]low4.1---
147741NetCommons cross site scripting [CVE-2019-6018]low4.3---
147740REMISE Payment Module information disclosure [CVE-2019-6017]low5.0---
147739REMISE Payment Module cross site scripting [CVE-2019-6016]low4.3---
147738D-Link DBA-1510P Web User Interface os command injection [CVE-2019-6014]medium5.8---
147737D-Link DBA-1510P Command Line Interface os command injectionmedium4.3---
147736wpDataTables Lite sql injection [CVE-2019-6012]medium6.0---
147735wpDataTables Lite cross site scripting [CVE-2019-6011]low4.3---
147734Yokogawa Exaopc Unquoted Search Path unquoted search path [CVE-2019-6008]medium4.1---
147733Pandora FMS Alert System authorization [CVE-2019-19681]medium6.0---
147732ListingPro Theme Listing Submit Page Persistent cross site scriptinglow3.5---
147731ListingPro Theme Listing Submit Page Persistent cross site scriptinglow3.5---
147730ListingPro Theme Reflected cross site scripting [CVE-2019-19540]low4.3---
147729TigerVNC readSetCursor stack-based overflowmedium6.8---
147728TigerVNC decodeRect heap-based overflowmedium6.8---
147727TigerVNC FilterGradient heap-based overflowmedium6.8---
147726TigerVNC CopyRectDecoder heap-based overflowmedium6.8---
147725TigerVNC ZRLEDecoder memory corruption [CVE-2019-15691]medium6.8---
147724BullGuard Premium Protection Symlink toctou [CVE-2019-20000]low5.8---
147723Halo Template server-side request forgery [CVE-2019-19999]medium6.5---
147722Xiuno BBS token.php xml external entity referencemedium7.5---
147721Email Subscribers / Newsletters File Download information disclosurelow4.3---
147720Email Subscribers / Newsletters Campaign privileges managementmedium6.0---
147719Fast Velocity Minify fastvelocity_min_files Path information disclosurelow1.5---
147718Email Subscribers / Newsletters unknown vulnerability [CVE-2019-19982]medium5.8---
147717Email Subscribers / Newsletters Plugin Settings cross-site request forgerylow4.3---
147716Email Subscribers / Newsletters Administrative Dashboard wp_ajax privileges managementmedium6.0---
147715WP Maintenance Maintenance Mode cross site scriting [CVE-2019-19979]low4.3---
147714libESMTP ntlmstruct.c ntlm_build_type_2 out-of-bounds readmedium6.8---
147713UPC Connect Box EuroDOCSIS 3.0 Voice Gateway Administration Page setter.xml cleartext transmissionlow2.6---
147712CrushFTP redirect [CVE-2018-18288]medium6.8---
147711NVIDIA GeForce Experience GameStream authorization [CVE-2019-5702]medium4.1---
147710Linux Kernel cpia2_v4l.c cpia2_exit use after freelow2.1---
147709Linux Kernel Port Connection sas_discover.c race conditionlow1.9---
147708wolfSSL DAS information disclosure [CVE-2019-19963]low2.6---
147707wolfSSL RSA wc_SignatureGenerateHash risky encryptionmedium5.0---
147706wolfSSL wc_ecc_mulmod_ex information disclosurelow2.6---
147705libIEC61850 string_utilities.c StringUtils_createStringFromBuffer resource consumptionlow4.3---
147704libIEC61850 mms_access_result.c getNumberOfElements out-of-bounds readmedium6.8---
147703libxml2 parser.c xmlParseBalancedChunkMemoryRecover release of resourcelow5.0---
147702Signal Desktop wmic.exe privileges managementmedium4.1---
147701SQLite Update zipfile.c zipfileUpdate unrestricted uploadmedium4.3---
147700SQLite Error expr.c sqlite3WindowRewrite exceptional conditionlow4.3---
147699SQLite SELECT DISTINCT select.c flattenSubquery null pointer dereferencelow4.3---
147698Trend Micro Antivirus for Mac 2019 link following [CVE-2019-19695]medium7.5---
147697Reliable Controls MACH-ProWebCom Link cross site scripting [CVE-2019-18249]medium6.0---
147696mongo-express Endpoint toBSON code injectionmedium6.5---
147695Fermax Outdoor Panel DTMF Receiver authorization [CVE-2017-16778]medium4.4---
147694GraphicsMagick pict.c EncodeImage out-of-bounds readmedium6.8---
147693ImageMagick png.c MngInfoDiscardObject use after freemedium6.8---
147692GraphicsMagick miff.c ImportRLEPixels out-of-bounds writemedium6.8---
147691GraphicsMagick error.c ThrowLoggedException use after freemedium6.8---
147690ImageMagick png.c WritePNGImage out-of-bounds readmedium6.8---
147689ImageMagick sgi.c WriteSGIImage out-of-bounds writemedium6.8---
147688Check Point Endpoint Security Client Log File link followinglow5.0---
147687upload-image-with-ajax File Upload unrestricted upload [CVE-2019-8293]medium7.5---
147686SonicWALL Email Security Appliance improper authorization [CVE-2019-7489]medium6.8---
147685SonicWALL Email Security Appliance Database credentials managementmedium6.8---
147684F5 BIG-IP/BIG-IQ UCS Backup File information disclosure [CVE-2019-6688]low3.5---
147683F5 BIG-IP ASM Cloud Security Services Profile improper authenticationmedium6.8---
147682F5 BIG-IP Traffic Management Microkernel input validation [CVE-2019-6686]low5.0---
147681F5 BIG-IP iRule privileges management [CVE-2019-6685]medium4.1---
147680F5 BIG-IP Virtual Clustered Multiprocessing input validationmedium6.8---
147679F5 BIG-IP Virtual Server FastL4 Profile resource consumptionlow4.3---
147678F5 BIG-IP ASM Security Policy resource consumption [CVE-2019-6682]low4.3---
147677F5 BIG-IP Multicast Forwarding Cache release of resource [CVE-2019-6681]low5.0---
147676F5 BIG-IP FastL4 Virtual Server input validation [CVE-2019-6680]low5.0---
147675F5 BIG-IP SCP link following [CVE-2019-6679]medium4.9---
147674F5 BIG-IP Packet Filter input validation [CVE-2019-6678]low4.3---
147673F5 BIG-IP TMM input validation [CVE-2019-6677]low5.0---
147672F5 BIG-IP TMM input validation [CVE-2019-6676]low5.0---
147671Forcepoint NGFW Security Management Center Configuration Database type conversionmedium5.8---
147631VMware Workstation/Horizon View Agent DLL Loader untrusted search pathmedium4.1---
147630Huawei Smart Phone buffer overflow [CVE-2019-5276]medium5.4---
147629Huawei OceanStor SNS3096 Operation information disclosure [CVE-2019-5267]low1.9---
147628Huawei P30 Share input validation [CVE-2019-5266]low5.0---
147627Huawei P30 Share information disclosure [CVE-2019-5265]low5.0---
147626Linux Kernel IAPP Location Update input validation [CVE-2019-5108]low3.3---
147625Debian-edu-config ACL privileges management [CVE-2019-3467]medium4.4---
147624ZTE ZXCLOUD GoldenData VAP insufficiently protected credentialsmedium5.0---
147623ZTE ZXCLOUD GoldenData VAP information disclosure [CVE-2019-3430]low4.0---
147622ZTE ZXCLOUD GoldenData VAP Log File log file [CVE-2019-3429]low4.3---
147621Linux Kernel USB Device kvaser_usb_leaf.c information disclosurelow2.1---
147620libIEC61850 ber_decode.c BerDecoder_decodeUint32 out-of-bounds readmedium6.8---
147619Red Hat Ceph Storage RADOS Gateway Daemon input validation [CVE-2019-19337]low3.5---
147618F5 BIG-IP/BIG-IQ/iWorkflow/Enterprise Manager TMOS Shell privileges managementmedium4.1---
147617F5 BIG-IP APM Log log file [CVE-2019-19150]low3.5---
147616virglrenderer Command vrend_renderer.c vrend_renderer_transfer_write_iov out-of-bounds writemedium4.4---
147615virglrenderer Command vrend_renderer.c vrend_blit_need_swizzle out-of-bounds readmedium4.4---
147614virglrenderer vrend_renderer.c vrend_renderer_transfer_write_iov out-of-bounds writemedium4.4---
147613virglrenderer Command vrend_renderer.c null pointer dereferencelow2.1---
147612PLC Editor Project File stack-based overflow [CVE-2019-18236]medium6.8---
147611Equinox Control Expert sql injection [CVE-2019-18234]medium6.8---
147610Orckestra C1 CMS Deserialization Composite.dll EntityTokenSerializer deserializationmedium6.5---
147609Apache Tomcat FORM Authentication session fixiation [CVE-2019-17563]medium6.8---
147608Open TFTP Server SP Error Packet logMess out-of-bounds writemedium6.8---
147607Open TFTP Server MT Error Packet logMess out-of-bounds writemedium6.8---
147606Apache Tomcat JMX Remote Lifecycle Listener insufficiently protected credentialslow1.5---
147605TFTP Server MT Error Packet logMess format stringmedium6.8---
147604TFTP Server SP Error Packet logMess format stringmedium6.8---
147603TFTP Server SP Error Packet out-of-bounds write [CVE-2018-10387]medium6.8---
147602libIEC61850 mms_access_result.c MmsValue_decodeMmsData out-of-bounds writemedium6.8---
147601libIEC61850 mms_value.c MmsValue_newOctetString integer overflowlow4.3---
147600Malwarebytes AdwCleaner DLL untrusted search path [CVE-2019-19929]medium6.6---
147599SQLite Incomplete Fix CVE-2019-19880 select.c multiSelect null pointer dereferencemedium5.0---
147598Linux Kernel Slice fair.c resource consumptionlow1.9---
147597sa-exim CF File Greylisting.pm os command injectionmedium6.0---
147596PHP EXIF Extension exif_read_data out-of-bounds readmedium6.8---
147595PHP Header mail double freemedium6.8---
147594PHP EXIF Extension exif_read_data out-of-bounds readmedium6.8---
147593PHP bcmath out-of-bounds read [CVE-2019-11046]medium6.8---
147592PHP Filename DirectoryIterator null terminationmedium6.8---
147591PHP Filename link null terminationmedium6.8---
147590IBM Financial Transaction Manager Web UI cross site scritinglow3.5---
147589IBM Financial Transaction Manager Session missing encryptionlow2.6---
147588IBM Financial Transaction Manager clickjacking [CVE-2019-4742]medium6.0---
147587IBM Financial Transaction Manager cross-site request forgerylow4.3---
147586IBM Cognos Analytics Web UI cross site scriting [CVE-2019-4555]low3.5---
147585IBM Cognos Analytics cross-site request forgery [CVE-2019-4231]low4.3---
147584handlebars injection [CVE-2019-19919]medium6.8---
147583Lout z02.c srcnext out-of-bounds writemedium6.8---
147582Lout z39.c StringQuotedWord buffer overflowmedium6.8---
147581NeuVector Active Directory Authentication weak password [CVE-2019-19747]medium6.8---
147580CA Client Automation File Access Local Privilege Escalation [CVE-2019-19231]medium4.1---
147579Log4j Deserialization SocketServer deserializationmedium6.8---
147578NetHack Configuration File privileges management [CVE-2019-16787]low4.1---
147577Waitress HTTP Header request smuggling [CVE-2019-16786]medium4.6---
147576Waitress Split request smuggling [CVE-2019-16785]medium4.6---
147575Xiaomi DGNWG03LM/ZNCZ03LM/MCCGQ01LM/WSDCGQ01LM/RTCGQ01LM Zigbee input validationlow5.0---
147574Xiaomi DGNWG03LM/ZNCZ03LM/MCCGQ01LM/WSDCGQ01LM/RTCGQ01LM Zigbee input validationlow5.0---
147573Xiaomi DGNWG03LM/ZNCZ03LM/MCCGQ01LM/WSDCGQ01LM/RTCGQ01LM Zigbee authorizationlow4.3---
147572Asus HG100/WS-101/TS-101 ZigBee Pro input validation [CVE-2019-15912]low5.0---
147571Asus HG100/WS-101/TS-101 ZigBee Pro cleartext transmission [CVE-2019-15911]low4.3---
147570Asus HG100/WS-101/TS-101 ZigBee Pro input validation [CVE-2019-15910]low5.0---
147569GitLab Community Edition/Enterprise Edition resource consumptionlow4.0---
147568IBM Cognos Business Intelligence cross-site request forgery [CVE-2018-1934]low4.3---
147567Midori Browser Content Security Policy cross site scripting [CVE-2019-19916]low4.3---
147566phpMyChat-Plus Password Reset URL pass_reset.php Reflected cross site scriptinglow4.3---
1475653S-Smart CODESYS SP Realtime NT null pointer dereference [CVE-2019-19789]low4.0---
147564Trend Micro Security 2020 information disclosure [CVE-2019-19693]medium4.1---
147563Trend Micro Apex One Product Console cross site scripting [CVE-2019-19692]low4.3---
147562Trend Micro Apex One/OfficeScan XG Development Tool Credentials insufficiently protected credentialslow3.5---
147561Philips Veradius Unity inadequate encryption [CVE-2019-18263]low2.9---
147560Palo Alto PAN-OS Log Forwarding Card Remote Code Execution [CVE-2019-17440]high9.3---
147559Swagger-UI Key Name cross site scripting [CVE-2016-1000229]low4.3---
147558negotiator Regular Expression resource consumption [CVE-2016-1000022]low4.3--medium
147557GnuTLS CBC Mode information exposure [CVE-2015-8313]medium7.5--critical
147556gnome-keyring gnome_keyring_lock_all_sync input validationmedium5.0---
147555CUPS Localhost cupsd.conf authorizationmedium6.8--high
147554LibreOffice/OpenOffice Embedded Content input validation [CVE-2012-5639]medium6.8---
147553ecryptfs-utils suid Helper input validation [CVE-2012-3409]medium4.1--low
147552Adobe ColdFusion Permission default permission [CVE-2019-8256]medium6.8---
147551Brackets injection [CVE-2019-8255]medium7.5---
147550Adobe Photoshop CC memory corruption [CVE-2019-8254]medium6.8---
147549Adobe Photoshop CC memory corruption [CVE-2019-8253]medium6.8---
147548301 Redirects - Easy Redirect Manager Plugin privileges managementmedium6.8---
147547MediaWiki MinervaNeue Skin cross site scripting [CVE-2019-19910]low4.3---
147546Public Knowledge Project pkp-lib OJS Report Generator deserializationmedium6.0---
147545Kopano Groupware Core freebusyutil.cpp HrAddFBBlock buffer overflowmedium6.8---
147544cyrus-sasl OpenLDAP common.c _sasl_add_string out-of-bounds writelow4.3---
147543NetHack Configuration File buffer overflow [CVE-2019-19905]medium6.8---
147542Backdrop CMS File Type Description cross site scripting [CVE-2019-19903]low3.5---
147541Backdrop CMS File Upload information disclosure [CVE-2019-19902]medium6.0---
147540Backdrop CMS Block Description cross site scripting [CVE-2019-19901]low3.5---
147539Backdrop CMS Content Type cross site scripting [CVE-2019-19900]low3.5---
147538Ansible Tower websocket Password information exposurelow4.3---
147537Ansible Tower Database Backup tower Credentials file accesslow1.5---
147536Ansible Tower RabbitMQ Management Interface information disclosuremedium6.8---
147535sudo privileges management [CVE-2019-19234]medium8.5---
147534sudo Runas privileges management [CVE-2019-19232]medium8.5---
147533Plex Media Server Camera Upload unrestricted upload [CVE-2019-19141]medium6.0---
147532Lansweeper Web Console cross site scripting [CVE-2019-18955]low4.3---
147531CloudVision Portal API Password insufficiently protected credentialslow3.5---
147530CloudVision Portal CVP API privileges management [CVE-2019-18181]low1.5---
147529Eclipse Che Workspace cross-site request forgery [CVE-2019-17633]medium6.8---
147528JS JOBS FREE Extension custormfields.php dataForDepandantField sql injectionmedium6.8---
147527Beckhoff Embedded Windows PLC ADS Protocol input validation [CVE-2019-16871]high9.3---
147526Odoo Community/Enterprise Access Control access control [CVE-2019-11780]medium6.0---
147525Cloud Foundry Cloud Controller API Global Service Broker information disclosurelow3.5---
147524Kibana Region Map cross site scripting [CVE-2019-7621]low3.5---
147523SonicOS SSLVPN NACagent Installation unquoted search path [CVE-2019-7487]medium4.6---
147522SonicWALL SMA100 CGI Script viewcacert code injectionmedium6.0---
147521SonicWALL SMA100 CGI Script DEARegister buffer overflowmedium6.0---
147520SonicWALL SMA100 CGI Script viewcacert sql injectionmedium6.0---
147519SonicWALL SMA100 CGI Script handleWAFRedirect path traversallow5.0---
147518SonicWALL SMA100 libSys.so stack-based overflowmedium6.8---
147517GitLab Enterprise Edition Access Control access control [CVE-2019-5487]low4.3---
147516GitLab Community Edition/Enterprise Edition Salesforce Login authentication bypassmedium6.5---
147515GitLab Community Edition/Enterprise Edition Project Archive authorizationmedium6.0---
147514WAGO PFC100/PFC200 iocheckd Service buffer overflow [CVE-2019-5081]medium6.8---
147513WAGO PFC100/PFC200 iocheckd Service missing authentication [CVE-2019-5080]low5.0---
147512WAGO PFC100/PFC200 iocheckd Service out-of-bounds write [CVE-2019-5079]medium6.8---
147511WAGO PFC100/PFC200 iocheckd Service missing authentication [CVE-2019-5078]low5.0---
147510WAGO PFC100/PFC200 iocheckd Service missing authentication [CVE-2019-5077]low5.0---
147509WAGO PFC100/PFC200 Command Line Utility memory corruption [CVE-2019-5075]medium6.8---
147508WAGO PFC100/PFC200 iocheckd Service buffer overflow [CVE-2019-5074]medium6.8---
147507WAGO PFC100/PFC200 iocheckd Service information disclosure [CVE-2019-5073]low5.0---
147506Pebble Templates Protection Mechanism getClass input validationmedium7.5---
147505Humax Wireless Voice Gateway HGB10R-2 insufficiently protected credentialslow2.6---
147504Humax Wireless Voice Gateway HGB10R-2 Backup File backupsettings.conf cleartext transmissionlow5.0---
147503ffjpeg jfif.c jfif_decode divide by zerolow4.3---
147502ffjpeg bitstr.c bitstr_tell null pointer dereferencelow4.3---
147501Django Password Reset password recovery [CVE-2019-19844]medium6.8---
147500Opera Web Browser Sandbox origin validation [CVE-2019-19788]medium6.8---
147499Singularity Permission .singularity default permissionmedium6.8---
147498Trend Micro Mobile Security weak password [CVE-2019-19690]medium4.4---
147497Trend Micro HouseCall for Home Networks DLL untrusted search pathmedium4.1---
147496Trend Micro HouseCall for Home Networks DLL privileges managementmedium4.1---
147495ABB PB610 Panel Builder 600 HMISimulator unknown vulnerabilitymedium5.4---
147494ABB PB610 Panel Builder 600 HMIStudio Local Privilege Escalationmedium4.1---
147493ABB PB610 Panel Builder 600 HMISimulator input validation [CVE-2019-18995]low2.9---
147492ABB PB610 Panel Builder 600 HMIStudio input validation [CVE-2019-18994]low1.5---
147491Zoho ManageEngine ADSelfService Plus redirect [CVE-2019-18781]medium6.8---
147490RSA Identity Governance Session Local Privilege Escalation [CVE-2019-18573]medium4.1---
147489RSA Identity Governance JMX Agent missing authentication [CVE-2019-18572]medium6.8---
147488RSA Identity Governance My Access Live Module Reflected cross site scriptinglow1.5---
147487GE S2020 Fast Switch 61850 Reflected cross site scripting [CVE-2019-18267]low4.3---
147486Pronestor Planner Outlook Add-in PronestorHealthMonitor.exe privileges managementmedium4.1---
147485Rack Session timing discrepancy [CVE-2019-16782]medium4.6---
147484http_server path traversal [CVE-2019-15600]low5.0---
147483tree-kill code injection [CVE-2019-15599]medium7.5---
147482treekill code injection [CVE-2019-15598]medium7.5---
147481node-df code injection [CVE-2019-15597]medium7.5---
147480statics-server path traversal [CVE-2019-15596]medium7.5---
147479GitLab Community Edition/Enterprise Edition Access Control access controllow3.5---
147478GitLab Community Edition/Enterprise Edition Clone access controlmedium6.0---
147477GitLab Community Edition/Enterprise Edition Pipeline insertion of sensitive information into sent datalow4.3---
147476GitLab Community Edition/Enterprise Edition Project Milestone information disclosurelow3.5---
147475GitLab Community Edition/Enterprise Edition GraphQL Endpoint information disclosurelow5.0---
147474GitLab Community Edition/Enterprise Edition API command injectionmedium7.5---
147473Atlassian Confluence Server/Confluence Data Center Previews Plugin dynamically-managed code resourcesmedium6.8---
147472Git Clone input validation [CVE-2019-1387]medium6.8---
147471HPE UIoT information disclosure [CVE-2019-11995]low4.3---
147470Intel CSME/TXE/Detection Tool Access Control privileges managementmedium4.1---
147469Intel AMT Subsystem cross site scripting [CVE-2019-11132]low4.3---
147468Intel AMT Subsystem privileges management [CVE-2019-11131]medium6.8---
147467Intel CSME/TXE Subsystem improper authentication [CVE-2019-11110]low4.1---
147466Intel SPS Subsystem denial of service [CVE-2019-11109]low1.5---
147465Intel CSME Subsystem input validation [CVE-2019-11108]medium4.1---
147464Intel AMT Subsystem input validation [CVE-2019-11107]medium6.8---
147463Intel CSME/TXE Subsystem session expiration [CVE-2019-11106]medium4.1---
147462Intel CSME Subsystem privileges management [CVE-2019-11105]medium4.1---
147461Intel CSME/TXE input validation [CVE-2019-11104]medium4.1---
147460Intel CSME Firmware Update input validation [CVE-2019-11103]medium4.1---
147459Intel DAL/CSME/TXE input validation [CVE-2019-11102]low1.5---
147458Intel CSME/TXE Subsystem input validation [CVE-2019-11101]low1.5---
147457Intel AMT Subsystem input validation [CVE-2019-11100]low1.9---
147456Intel Management Engine Consumer Driver Directory Permission default permissionmedium4.1---
147455Intel AMT Subsystem input validation [CVE-2019-11088]medium5.4---
147454Intel CSME/TXE Subsystem input validation [CVE-2019-11087]medium4.1---
147453Intel AMT Subsystem input validation [CVE-2019-11086]medium4.4---
147452Intel CSME/TXE Subsystem out-of-bounds write [CVE-2019-0169]medium5.4---
147451Intel CSME/TXE input validation [CVE-2019-0168]low1.5---
147450Intel AMT input validation [CVE-2019-0166]low4.3---
147449Intel CSME input validation [CVE-2019-0165]low1.5---
147448Intel AMT input validation [CVE-2019-0131]medium5.4---
147447Apache Xerces-C XML Parser use after free [CVE-2018-1311]medium6.8---
147446Restlet Endpoint xml external entity reference [CVE-2012-2656]low5.0---
147444Apple macOS Web Page History information disclosurelow4.3---
147443Apple iCloud memory corruption [CVE-2019-8763]medium6.8---
147442Apple iTunes memory corruption [CVE-2019-8763]medium6.8---
147441Apple Safari memory corruption [CVE-2019-8763]medium6.8---
147440Apple tvOS memory corruption [CVE-2019-8763]medium6.8---
147439Apple iCloud Text File out-of-bounds read [CVE-2019-8745]medium6.8---
147438Apple iTunes Text File out-of-bounds read [CVE-2019-8745]medium6.8---
147437Apple tvOS Text File out-of-bounds read [CVE-2019-8745]medium6.8---
147436Apple iCloud use after free [CVE-2019-8735]medium6.8---
147435Apple iTunes use after free [CVE-2019-8735]medium6.8---
147434Apple iCloud memory corruption [CVE-2019-8733]medium6.8---
147433Apple iTunes memory corruption [CVE-2019-8733]medium6.8---
147432Apple iCloud memory corruption [CVE-2019-8726]medium6.8---
147431Apple iTunes memory corruption [CVE-2019-8726]medium6.8---
147430Apple iCloud State Management Universal cross site scriptingmedium4.3---
147429Apple iTunes State Management Universal cross site scriptingmedium4.3---
147428Apple tvOS Kernel memory corruption [CVE-2019-8717]medium6.9---
147427Apple iCloud use after free [CVE-2019-8707]medium6.8---
147426Apple iTunes use after free [CVE-2019-8707]medium6.8---
147425Apple iClouds State Management Universal cross site scriptingmedium4.3---
147424Apple iTunes State Management Universal cross site scriptingmedium4.3---
147423SwiftNIO SSL TLS stack-based overflow [CVE-2019-8849]medium6.8---
147422Apple Xcode File memory corruption [CVE-2019-8806]medium6.8---
147421Apple Xcode File memory corruption [CVE-2019-8800]medium6.8---
147420Shazam App URL injection [CVE-2019-8792]low4.3---
147419Shazam App URL Scheme redirect [CVE-2019-8791]medium6.8---
147418Apple macOS State Management memory corruption [CVE-2019-8781]medium6.6---
147417Apple macOS Encrypted PDF inadequate encryption [CVE-2019-8772]low4.3---
147416Apple macOS Document permission assignment [CVE-2019-8770]medium4.1---
147415Apple iOS/iPadOS Web Page History information disclosurelow4.3---
147414Apple macOS History information disclosure [CVE-2019-8768]low1.5---
147413Apple iOS/iPadOS memory corruption [CVE-2019-8763]medium6.8---
147412Apple macOS null pointer dereference [CVE-2019-8758]medium6.6---
147411Apple macOS User Preferences race condition [CVE-2019-8757]low1.9---
147410Apple macOS Kernel Kernel Memory null pointer dereferencelow2.1---
147409Apple macOS Kernel null pointer dereference [CVE-2019-8748]medium6.9---
147408Apple macOS Text File buffer overflow [CVE-2019-8745]medium6.8---
147407Apple tvOS use after free [CVE-2019-8735]medium6.8---
147406Apple tvOS memory corruption [CVE-2019-8733]medium6.8---
147405Apple macOS Search Result information disclosure [CVE-2019-8730]low1.5---
147404Apple tvOS memory corruption [CVE-2019-8726]medium6.8---
147403Apple tvOS State Management Universal cross site scriptingmedium4.3---
147402Apple macOS Kernel memory corruption [CVE-2019-8717]medium6.9---
147401Apple tvOS use after free [CVE-2019-8707]medium6.8---
147400Apple macOS memory corruption [CVE-2019-8701]medium4.4---
147399Apple Texture Analytics Data memory corruption [CVE-2019-8632]low2.6---
147398Apple tvOS State Management Universal cross site scriptingmedium4.3---
147397Apple watchOS Passcode information disclosure [CVE-2019-8548]low1.9---
147396Apple Shortcuts Sandbox external reference [CVE-2019-7290]medium7.5---
147395Apple Shortcuts input validation [CVE-2019-7289]low1.5---
147394shadowsocks-libev Network Packet information disclosure [CVE-2019-5152]low4.3---
147393IBM Planning Analytics TM1 Script privileges management [CVE-2019-4716]medium6.8---
147392IBM API Connect missing encryption [CVE-2019-4609]low2.6---
147391HCL AppScan Source Web UI cross site scripting [CVE-2019-4388]low3.5---
147390Qualcomm Snapdragon Auto Event Argument buffer overflow [CVE-2019-2304]medium4.4---
147389Qualcomm Snapdragon Auto RPU Write improper authentication [CVE-2019-2274]medium4.6---
147388Qualcomm Snapdragon Auto integer overflow [CVE-2019-2242]medium6.8---
147387shadow privileges management [CVE-2019-19882]medium6.6---
147386SQLite ORDER BY window.c exprListAppendList null pointer dereferencelow3.5---
147385Tautulli Media Server shutdown cross-site request forgerylow4.3---
147384Xerox AltaLink C8035 cross-site request forgery [CVE-2019-19832]low4.3---
147383SolarWinds Serv-U FTP Server cross site scripting [CVE-2019-19829]low3.5---
147382D-Link DIR-615 Account Configuration Page cross site scriptinglow3.5---
147381Asus ATK AsLdrSrv.exe input validationmedium4.1---
147380GNU Bash shell.c disable_priv_mode dropped privilegesmedium8.5---
147379HPE OneView for VMware vCenter cross site scripting [CVE-2019-11992]low4.3---
147378TRENDnet TEW-651BR/TEW-652BRP/TEW-652BRU get_set.ccp memory corruptionmedium6.8---
147377TRENDnet TEW-651BR/TEW-652BRP/TEW-652BRU get_set.ccp os command injectionmedium7.5---
147376Qualcomm Snapdragon Auto out-of-bounds write [CVE-2019-10614]medium6.8---
147375Qualcomm Snapdragon Auto buffer overflow [CVE-2019-10607]medium4.4---
147374Qualcomm Snapdragon Auto IEEE 802.11 Header buffer overflow [CVE-2019-10605]medium4.4---
147373Qualcomm Snapdragon Auto WMI Message array index [CVE-2019-10601]medium4.4---
147372Qualcomm Snapdragon Auto Netlink CB Callback null pointer dereferencemedium4.4---
147371Qualcomm Snapdragon Auto IBSS Connection Mode buffer overflowmedium4.4---
147370Qualcomm Snapdragon Auto Message input validation [CVE-2019-10595]medium4.4---
147369Qualcomm Snapdragon Auto Debug Queue out-of-bounds read [CVE-2019-10584]medium4.4---
147368Qualcomm Snapdragon Auto Video Driver integer overflow [CVE-2019-10572]medium6.8---
147367Qualcomm Snapdragon Auto EEPROM out-of-bounds read [CVE-2019-10564]medium4.4---
147366Qualcomm Snapdragon Auto Wireless Driver out-of-bounds read [CVE-2019-10557]medium6.8---
147365Qualcomm Snapdragon Auto memory corruption [CVE-2019-10544]medium4.4---
147364Qualcomm Snapdragon Auto FW Response integer overflow [CVE-2019-10537]medium4.4---
147363Qualcomm Snapdragon Auto double free [CVE-2019-10536]medium4.4---
147362Qualcomm Snapdragon Auto SIB Read out-of-bounds write [CVE-2019-10525]medium6.8---
147361Qualcomm Snapdragon Auto iWLAN use after free [CVE-2019-10518]medium4.4---
147360Qualcomm Snapdragon Auto Thread double free [CVE-2019-10517]medium4.6---
147359Qualcomm Snapdragon Auto MM out-of-bounds read [CVE-2019-10516]medium6.8---
147358Qualcomm Snapdragon Auto SPDM Command null pointer dereferencelow2.1---
147357Qualcomm Snapdragon Auto MT Secondary PDP Request memory corruptionmedium6.8---
147356Qualcomm Snapdragon Auto SMS OTA Message out-of-bounds read [CVE-2019-10487]medium6.8---
147355Qualcomm Snapdragon Auto information disclosure [CVE-2019-10482]low7.1---
147354Qualcomm Snapdragon Auto WMI FW Event array index [CVE-2019-10481]medium4.4---
147353Qualcomm Snapdragon Auto WMI Firmware Event buffer overflow [CVE-2019-10480]medium4.4---
147352Qualcomm Snapdragon Auto Broadcast qdf_nbuf_trim_tail buffer overflowmedium4.4---
147351JBoss AS 7 Community Release Security Context Propagation privileges managementmedium4.1---
147350SonicWALL SMA100 sql injection [CVE-2019-7481]low4.3---
147349elog Proxy confused deputy [CVE-2019-3996]medium6.8---
147348elog null pointer dereference [CVE-2019-3995]low5.0---
147347elog retrieve_url use after freelow5.0---
147346elog Credentials information disclosure [CVE-2019-3993]low4.3---
147345elog Configuration File information disclosure [CVE-2019-3992]low5.0---
147344Joomla CMS sql injection [CVE-2019-19846]medium6.8---
147343Joomla CMS Access Check Path path traversallow5.0---
147342Zulip Server Image Thumbnail redirect [CVE-2019-19775]medium6.8---
147341Alt-N MDaemon Attachment cross site scripting [CVE-2019-19497]low4.3---
147340Linux Kernel io-wq.c privileges managementmedium4.4---
147339Advantech DiagAnywhere Server stack-based overflow [CVE-2019-18257]medium6.8---
147338TIBCO Spotfire Analytics Platform for AWS Marketplace Spotfire Library Reflected cross site scritinglow4.3---
147337TIBCO Spotfire Analytics Platform for AWS Marketplace Data Access Layer Credentials information disclosurelow3.5---
147336TIBCO Spotfire Analytics Platform for AWS Marketplace Data Access Layer information disclosurelow2.1---
147335TIBCO Spotfire Analyst privileges management [CVE-2019-17334]medium4.0---
147334JIRA WorkflowResource authorizationlow4.9---
147333Micro Focus Arcsight Logger cross-site request forgery [CVE-2019-11657]low4.3---
147332SAP Treasury/Risk Management authorization [CVE-2019-0384]medium6.5---
147331SAP Treasury/Risk Management Transaction Management authorizationmedium6.5---
147330Linux Kernel Thread sendmsg privileges managementmedium4.1---
147329TYPO3 QueryGenerator sql injectionmedium5.4---
147328TYPO3 Deserialization QueryView privileges managementmedium6.0---
147327TYPO3 Extension Manager path traversal [CVE-2019-19848]medium5.4---
147326Libspiro spiro.c spiro_to_bpath0 out-of-bounds writemedium6.8---
147325SPIP medias input validationmedium6.0---
147324Linux Kernel btrfs Filesystem volumes.c __btrfs_map_block out-of-bounds writemedium6.8---
147323Linux Kernel f2fs Filesystem Image recovery.c null pointer dereferencelow4.3---
147322Linux Kernel f2fs Filesystem Image __remove_dirty_segment out-of-bounds writemedium6.8---
147321Linux Kernel btrfs Filesystem mutex.c __mutex_lock use after freemedium6.8---
147320Contao Back End unrestricted upload [CVE-2019-19745]medium6.0---
147319Contao Output escape output [CVE-2019-19714]medium7.5---
147318Contao Permission default permission [CVE-2019-19712]low4.3---
147317Ivanti Workspace Control Managed Application Security default permissionmedium4.1---
147316verot.net class.upload File Extension class.upload.php unrestricted uploadmedium7.5---
147315Nalpeiron Licensing Service NLSSRV32.EXE permission assignmentmedium4.4---
147314Simplifile RecordFusion information disclosure [CVE-2019-19264]medium7.5---
147313Divisa Proxia Suite/SparkSpace/Proxia PHR Java Deserialization deserializationmedium6.8---
147312Barco ClickShare Button R9861500D01 TLS Connection missing encryptionlow1.2---
147311Barco ClickShare Button R9861500D01 Credential Management insufficiently protected credentialslow1.2---
147310Barco ClickShare Button R9861500D01 DLL Loader Clickshare_For_Windows.exe untrusted search pathmedium4.1---
147309Barco ClickShare Huddle CS-100/ClickShare Huddle CS-200 Credential Management missing encryptionlow1.2---
147308Barco ClickShare Button R9861500D01 Integrity Check input validationlow4.4---
147307Acer Quick Access QAAdminAgent.exe untrusted search pathmedium4.1---
147306Alauda Kubernetes Support Plugin improper authorization [CVE-2019-16576]medium6.5---
147305Alauda Kubernetes Support Plugin cross-site request forgery [CVE-2019-16575]low4.3---
147304Alauda DevOps Pipeline Plugin Permission Check improper authorizationmedium6.5---
147303Alauda DevOps Pipeline Plugin cross-site request forgery [CVE-2019-16573]low4.3---
147302Weibo Plugin Global Configuration Credentials credentials storagelow1.9---
147301RapidDeploy Plugin Permission Check improper authorization [CVE-2019-16571]medium6.5---
147300RapidDeploy Plugin cross-site request forgery [CVE-2019-16570]low4.3---
147299Mantis Plugin cross-site request forgery [CVE-2019-16569]low4.3---
147298SCTMExecutor Plugin Global Configuration Credentials cleartext transmissionlow5.0---
147297Team Concert Plugin Permission Check Credentials improper authorizationlow4.0---
147296Team Concert Plugin Permission Check improper authorization [CVE-2019-16566]medium6.5---
147295Team Concert Plugin cross-site request forgery [CVE-2019-16565]low4.3---
147294Pipeline Aggregator View Plugin Stored cross site scripting [CVE-2019-16564]low3.5---
147293Mission Control Plugin Escape Job Stored cross site scriptinglow3.5---
147292buildgraph-view Plugin Stored cross site scripting [CVE-2019-16562]low3.5---
147291WebSphere Deployer Plugin SSL/TLS Certificate Validator certificate validationmedium4.6---
147290WebSphere Deployer Plugin cross-site request forgery [CVE-2019-16560]low4.3---
147289WebSphere Deployer Plugin Permission Check improper authorizationmedium6.5---
147288Spira Importer Plugin TLS Certificate Validation certificate validationmedium7.5---
147287Redgate SQL Change Automation Plugin Configuration File config.xml Credentials credentials storagelow3.5---
147286Rundeck Plugin Configuration File config.xml Credentials credentials storagelow3.5---
147285Build Failure Analyzer Plugin Regular Expression resource consumptionmedium4.0---
147284Build Failure Analyzer Plugin Regular Expression improper authorizationmedium6.5---
147283Build Failure Analyzer Plugin Regular Expression cross-site request forgerylow4.3---
147282Gerrit Trigger Plugin Permission Check improper authorizationmedium6.5---
147281Gerrit Trigger Plugin cross-site request forgery [CVE-2019-16551]low4.3---
147280Maven Release Plugin Connection Test Form cross-site request forgerylow4.3---
147279Maven Release Plugin XML Parser xml external entity referencemedium6.8---
147278CentOS-WebPanel.com CentOS Web Panel sess_xxxxxx insufficiently protected credentialslow3.5---
147277Application Links ListEntityLinksServlet default permissionlow4.0---
147276CentOS-WebPanel.com CentOS Web Panel tmp insufficiently protected credentialslow4.0---
147275Atlassian Crowd Demo Application cross-site request forgery [CVE-2017-18107]low4.3---
147274Docker Engine Manifest input validation [CVE-2014-8179]medium7.5--medium
147273Docker Engine Image Layer Cache Poisoning input validationmedium4.4--medium
147272ownCloud sharing.php cross site scriptinglow4.3---
147271Mahara cross site scripting [CVE-2012-2237]medium6.4--high
147270Huawei AR3600 information disclosure [CVE-2019-5259]low4.0---
147269IBM MQ/MQ Appliance Message denial of service [CVE-2019-4560]low2.1---
147268IBM API Connect Developer Portal Password information disclosurelow1.0---
147267Views Dynamic Fields Module views_handler_filter_dynamic_fields.inc code injectionmedium5.1---
147266Nitro Free PDF Reader Unicode npdf.dll PDAnnotHandlerDestroyData2+0xa08a out-of-bounds readmedium6.8---
147265Cyrus IMAP Sieve Script Command lmtp_sieve.c autosieve_createfolder input validationmedium6.0---
147264D-Link DIR-615 Portal input validation [CVE-2019-19743]medium6.0---
147263Roxy Fileman RENAMEFILE path traversalmedium7.5---
147262Rumpus FTP Web File Manager Login Page Reflected cross site scriptinglow4.3---
147261knot-resolver DNS Reply algorithmic complexity [CVE-2019-19331]low4.3---
147260Barco ClickShare Button R9861500D01 Certificate Private Key information disclosurelow3.5---
147259Bridge ClickShare Button R9861500D01 Dongre Bridge Program os command injectionmedium7.5---
147258Barco ClickShare Button R9861500D01 Debug Interface insufficiently protected credentialsmedium4.4---
147257Barco ClickShare Button R9861500D01 JTAG input validation [CVE-2019-18827]medium6.2---
147256Barco ClickShare Button R9861500D01 Certificate Validation certificate validationlow5.0---
147255Dell XPS 13 2-in-1 BIOS Configuration config [CVE-2019-18579]medium6.9---
147254Omron PLC CJ/PLC CS Lock Remote Code Execution [CVE-2019-18269]medium7.5---
147253Omron PLC CS/PLC CJ/PLC NJ Brute Force excessive authenticationlow2.6---
147252Omron PLC CJ/PLC CS authentication spoofing [CVE-2019-18259]medium7.5---
147251Trend Micro Deep Security Service Quick Setup Cloud Formation Template authorizationmedium6.5---
147250excon Gem Persistent Connection resource control [CVE-2019-16779]low2.1---
147249TensorFlow UnsortedSegmentSum heap-based overflowmedium6.0---
147248Intel NUC Firmware out-of-bounds write [CVE-2019-14612]medium4.1---
147247Intel NUC Firmware integer overflow [CVE-2019-14611]low4.1---
147246Intel NUC Access Control privileges management [CVE-2019-14610]medium4.1---
147245Intel NUC Firmware Validation input validation [CVE-2019-14609]medium4.1---
147244Intel NUC memory corruption [CVE-2019-14608]medium4.1---
147243Intel CPU unusual condition [CVE-2019-14607]medium4.1---
147242Intel SCS Platform Discovery Utility Installer default permissionmedium4.1---
147241Intel Quartus Prime Pro Edition FPGA Kernel Driver null pointer dereferencelow1.5---
147240Intel Quartus Prime Pro Edition License Server default permissionmedium4.1---
147239Control Center-I privileges management [CVE-2019-14599]medium4.1---
147238Intel RST default permission [CVE-2019-14568]medium4.1---
147237Omron PLC CJ/PLC CS authentication replay [CVE-2019-13533]medium5.1---
147236SolarWinds Serv-U FTP Server Web UI Stored cross site scriptinglow3.5---
147235SolarWinds Serv-U FTP Server Web UI injection [CVE-2019-13181]medium6.5---
147234Apache Incubator Superset SQLLab information disclosure [CVE-2019-12414]low5.0---
147233Apache Incubator Superset Database Metadata information disclosurelow4.3---
147232Intel FPGA SDK for OpenCL Pro Edition Kernel Driver unusual conditionlow1.5---
147231Intel CPU unusual condition [CVE-2019-11157]medium6.6---
147230Intel Ethernet I218 Adapter Driver Memory Protection information disclosurelow1.5---
147229Yarn Package Installer link following [CVE-2019-10773]medium6.8---
147228Intel Network Adapter Linux Administrative Tools privileges managementmedium4.1---
147227Intel Dynamic Platform/Thermal Framework default permission [CVE-2019-0134]medium4.3---
147226Puppet Agent SSL Certificate Valu certificate validation [CVE-2018-11751]medium5.1---
147225Linux Kernel timer.c snd_timer_close_locked use after freemedium4.4---
147224Xfig fig2dev read.c read_colordef out-of-bounds writemedium6.8---
147223python-requests-Kerberos Mutual Authentication improper authenticationmedium7.5---
147222ImageMagick infinite loop [CVE-2014-8561]low4.3---
147221ZF2014-0 View Helper cross site scripting [CVE-2014-4913]low4.3---
147220eDeploy Temp File race condition [CVE-2014-3701]medium6.8---
147219eDeploy cPickle Deserialization deserialization [CVE-2014-3699]medium7.5---
147218JBoss KeyCloak URL Validator redirect [CVE-2014-3652]medium6.8---
147217jersey SAX Parser xml external entity reference [CVE-2014-3643]medium7.5---
147216CloudForms Management Engine Registration top_output.log Log log filelow1.9---
147215Huawei Product insufficient verification of data authenticitymedium5.1---
147214Huawei S5700/S6700 input validation [CVE-2019-5290]low4.0---
147213Huawei CampusInsight Gauss100 OLTP Database out-of-bounds readlow4.0---
147212Huawei CloudUSM-EUA information disclosure [CVE-2019-5277]low5.0---
147211Huawei Mate 9 Applock information disclosure [CVE-2019-5264]low2.1---
147210Huawei Y9/Honor View 20 TD-SCDMA Message input validation [CVE-2019-5260]low3.3---
147209Huawei eSpace U1981 buffer overflow [CVE-2019-5258]medium4.1---
147208Huawei AP2000 Management buffer overflow [CVE-2019-5257]medium4.1---
147207Huawei eSpace U1981 resource consumption [CVE-2019-5256]low1.5---
147206Huawei eSpace U1981 null pointer dereference [CVE-2019-5255]medium6.8---
147205Huawei eSpace U1981 Message out-of-bounds read [CVE-2019-5254]medium6.8---
147204Huawei E5572-855 improper authentication [CVE-2019-5253]medium6.8---
147203Huawei Y9/Honor 8X/Honor 9 Lite/Honor 9i/Y6 Pro Applock improper authenticationmedium4.6---
147202Huawei Smartphone path traversal [CVE-2019-5251]low4.3---
147201Huawei Mate 20 Pro authorization [CVE-2019-5250]medium6.8---
147200Huawei CloudEngine 12800 release of resource [CVE-2019-5248]low3.3---
147199Huawei Smart Phone null pointer dereference [CVE-2019-5235]low5.0---
147198IBM Case Manager Case Builder cross site scriting [CVE-2019-4426]low3.5---
147197Yabasic Basic Source Code function.c myformat out-of-bounds writemedium6.8---
147196Samurai Build File util.c canonpath out-of-bounds writemedium6.8---
147195miekg Go DNS Random Number Generator weak prng [CVE-2019-19794]medium6.8---
147194Cyxtera AppGate SDP Client privileges management [CVE-2019-19793]medium6.0---
147193Telerik UI for ASP.NET AJAX RadChart path traversal [CVE-2019-19790]medium7.5---
147192ATasm m65 File setparse.c get_signed_expression out-of-bounds writemedium6.8---
147191ATasm m65 File setparse.c parse_expr out-of-bounds writemedium6.8---
147190ATasm m65 File asm.c to_comma out-of-bounds writemedium6.8---
147189AceaXe Plus FTP Client buffer overflow [CVE-2019-19782]medium6.8---
147188libsixel loader.c load_sixel out-of-bounds readmedium6.8---
147187stb Image Loader stb_image.h stbi__load_main out-of-bounds readmedium6.8---
147186Zoho ManageEngine EventLog Analyzer runquery.do MD5 information disclosurelow3.5---
147185Dovecot Push Notification Driver null pointer dereference [CVE-2019-19722]low5.0---
147184VeraCrypt VeraCryptExpander.exe privileges managementmedium4.1---
147183Huawei Products risky encryption [CVE-2019-19397]low2.6---
147182Envoy Route Manager null pointer dereference [CVE-2019-18838]low4.3---
147181Envoy HTTP Header memory corruption [CVE-2019-18802]medium7.5---
147180Envoy Access Control memory corruption [CVE-2019-18801]medium6.8---
147179quiz-master-next Plugin quiz-options-page.php Reflected cross site scriptinglow4.3---
147178Petwant PF-103/Petalk AI libcommon.so processCommandUploadLog os command injectionhigh9.3---
147177eGain Web Email API 11+ Message email) Header Injection input validationmedium7.5---
147176npm CLI Install Script path traversal [CVE-2019-16777]medium4.6---
147175npm CLI Install Script path traversal [CVE-2019-16776]medium4.6---
147174npm CLI Install Script symlink [CVE-2019-16775]medium4.6---
147173Petwant PF-103/Petalk AI libcommon.so processCommandSetMac os command injectionhigh9.3---
147172Petwant PF-103/Petalk AI libcommon.so processCommandUploadSnapshot out-of-bounds writehigh9.3---
147171Petwant PF-103/Petalk AI libcommon.so processCommandUploadLog out-of-bounds writehigh9.3---
147170Petwant PF-103/Petalk AI Telnet Service hard-coded credentialshigh9.3---
147169Petwant PF-103/Petalk AI libcommon.so processCommandSetUid os command injectionhigh9.3---
147168Petalk PF-103/Petalk AI Communication signature verificationmedium7.6---
147167Petwant PF-103/Petalk AI udpServerSys Service authorization [CVE-2019-16731]medium6.8---
147166Petwant PF-103/Petalk AI libcommon.so processCommandUpgrade input validationhigh9.3---
147165TemaTres Reflected cross site scripting [CVE-2019-14344]low4.3---
147164SAML Single Sign On Plugin input validation [CVE-2019-13347]medium6.0---
147163duplicity SSL Certificate Verification Service certificate validationmedium5.1---
147162Pen Temp File webfile.html exposure of resourcemedium4.6---
147161suPHP Source Highlighting improper authentication [CVE-2014-1867]medium4.4---
147160hammer_cli_foreman Gem foreman.yml insufficiently protected credentialslow2.1---
147159qpid-cpp ACL Policy resource consumption [CVE-2014-0212]low5.0---
147158cfme CSRF Protection cross-site request forgery [CVE-2014-0197]low4.3---
147157MCollective Installation hard-coded credentials [CVE-2014-0175]medium6.8---
147156Apple Safari WebKit integer underflow [CVE-2019-5144]medium6.8---
147155Hostapd 802.11w Security State input validation [CVE-2019-5062]low2.9---
147154Hostapd IAPP Location Update input validation [CVE-2019-5061]low2.9---
147153Advantech WebAccess stack-based overflow [CVE-2019-3951]medium6.8---
147152lodahs input validation [CVE-2019-19771]medium6.8---
147151Linux Kernel inode.c debugfs_remov use after freemedium6.8---
147150Linux Kernel lock.h perf_trace_lock_acquire use after freemedium6.8---
147149Linux Kernel blktrace.c __blk_add_trace use after freemedium6.8---
147148Linux Kernel inode.c ext4_xattr_set_entry use after freemedium6.8---
147147Bitwarden Server inadequate encryption [CVE-2019-19766]medium5.0---
147146Siemens SiNVR 3 Central Control Server SFTP Service routine [CVE-2019-18342]medium6.8---
147145Siemens SiNVR 3 Central Control Server improper authenticationmedium6.8---
147144Siemens SiNVR 3 Central Control Server Credentials information disclosurelow1.5---
147143Siemens SiNVR 3 Central Control Server HTTP Service missing authenticationmedium6.8---
147142Siemens SiNVR 3 Central Control Server XML Data path traversalmedium6.5---
147141Siemens SiNVR 3 Central Control Server XML Data improper authenticationmedium6.8---
147140Siemens SPPA-T3000 Application Server Service Port 80 information disclosurelow5.0---
147139Siemens SPPA-T3000 Application Server Service Port 8090 Username information disclosurelow5.0---
147138Siemens SPPA-T3000 Application Server Service Port 8090 Directory information disclosurelow5.0---
147137Siemens SPPA-T3000 Application Server Web Services Directory information disclosurelow5.0---
147136Siemens SPPA-T3000 Application Server Service Port 1099 information disclosurelow4.3---
147135Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflowmedium6.8---
147134Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflowmedium6.8---
147133Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflowmedium6.8---
147132Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflowmedium6.8---
147131Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflowmedium6.8---
147130Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflowmedium6.8---
147129Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflowmedium6.8---
147128Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflowmedium6.8---
147127Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 improper authenticationmedium7.5---
147126Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 improper authenticationlow5.0---
147125Siemens SPPA-T3000 Application Server File Upload improper authenticationmedium6.8---
147124Siemens SPPA-T3000 Application Server RMI improper authenticationlow5.0---
147123Siemens SPPA-T3000 Application Server RMI improper authenticationlow5.0---
147122Siemens SPPA-T3000 Application Server RMI improper authenticationlow5.0---
147121Siemens SPPA-T3000 Application Server Service Port 1099 deserializationmedium6.8---
147120Siemens SPPA-T3000 Application Server Service Port 8888 improper authenticationmedium6.8---
147119Siemens SPPA-T3000 Application Server RMI improper authenticationmedium6.8---
147118Siemens SPPA-T3000 MS3000 Migration Server RPC Service unrestricted uploadmedium6.8---
147117Siemens SPPA-T3000 MS3000 Migration Server RPC Service improper authenticationlow4.3---
147116Siemens SPPA-T3000 MS3000 Migration Server Service Port 7061 denial of servicelow4.3---
147115Siemens SPPA-T3000 MS3000 Migration Server Service Port 7061 stack-based overflowlow4.3---
147114Siemens SPPA-T3000 MS3000 Migration Server access control [CVE-2019-18309]medium6.6---
147113Siemens SPPA-T3000 MS3000 Migration Server access control [CVE-2019-18308]medium6.6---
147112Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 out-of-bounds readlow4.3---
147111Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 out-of-bounds readlow4.3---
147110Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 integer overflowlow4.3---
147109Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 integer overflowlow4.3---
147108Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 integer overflowlow4.3---
147107Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 integer overflowlow4.3---
147106Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 integer overflowlow4.3---
147105Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 integer overflowlow4.3---
147104Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 integer overflowlow4.3---
147103Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 integer overflowlow4.3---
147102Siemens SPPA-T3000 MS3000 Migration Server heap-based overflowmedium6.6---
147101Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflowmedium6.8---
147100Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflowmedium6.8---
147099Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflowlow4.3---
147098Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflowmedium6.8---
147097Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflowlow4.3---
147096Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflowlow4.3---
147095Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflowlow4.3---
147094Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflowmedium6.8---
147093Siemens SPPA-T3000 Application Server RMI interface unrestricted uploadmedium6.0---
147092Siemens SPPA-T3000 Application Server Directory improper authenticationlow5.0---
147091Siemens SPPA-T3000 Application Server Directory improper authenticationlow5.0---
147090Siemens SPPA-T3000 Application Server RMI Communication cleartext transmissionlow2.6---
147089Siemens SPPA-T3000 Application Server AdminService improper authenticationmedium6.0---
147088Siemens SPPA-T3000 Application Server AdminService deserializationmedium6.0---
147087phpfastcache Cookie Driver code injection [CVE-2019-16774]medium4.6---
147086Siemens SiNVR 3 Central Control Server User Configuration Menu Password information disclosurelow2.6---
147085Siemens EN100 Ethernet Module DNP3 Web Server path traversallow5.0---
147084Siemens EN100 Ethernet Module DNP3 Web Interface cross site scriptinglow4.3---
147083Siemens EN100 Ethernet Module DNP3 Webserver memory corruptionmedium6.8---
147082XHQ Web Application input validation [CVE-2019-13932]medium6.0---
147081XHQ Web Interface cross site scriting [CVE-2019-13931]medium6.0---
147080XHQ Web Interface cross-site request forgery [CVE-2019-13930]low4.3---
147079Apache SpamAssassin Message resource consumption [CVE-2019-12420]low5.0---
147078Apache SpamAssassin CF File os command injection [CVE-2018-11805]medium7.5---
147077IBM DB2 High Performance Unload privileges management [CVE-2019-4606]low4.4---
147076minerstat msOS SSH Key improper authentication [CVE-2019-19750]medium7.5---
147075Electronic Arts Origin privileges management [CVE-2019-19248]medium4.6---
147074Electronic Arts Origin privileges management [CVE-2019-19247]medium4.6---
147073Scoutnet Kalender Plugin cross site scripting [CVE-2019-19198]low3.5---
147072DAViCal Reflected cross site scripting [CVE-2019-18345]low4.3---
147071Intesync Solismed Stored inadequate encryption [CVE-2019-17428]low4.3---
147070Cacti Deserialization functions.php deserializationmedium6.0---
147069Intesync Solismed information disclosure [CVE-2019-16246]medium7.5---
147068Intesync Solismed File Upload unrestricted upload [CVE-2019-15936]medium7.5---
147067Intesync Solismed cross site scripting [CVE-2019-15935]low4.3---
147066Intesync Solismed cross-site request forgery [CVE-2019-15934]low4.3---
147065Intesync Solismed sql injection [CVE-2019-15933]medium6.8---
147064Intesync Solismed Access Control permission assignment [CVE-2019-15932]medium7.5---
147063Intesync Solismed path traversal [CVE-2019-15931]medium7.5---
147062Intesync Solismed improper restriction of rendered ui layerslow4.3---
1470613scale Session Cookie httponly insertion of sensitive information into sent datalow3.5---
147060Siemens SIMATIC S7-1200 CPU UART routine [CVE-2019-13945]medium4.4---
147059Desigo PXC00-E.D Web Server denial of service [CVE-2019-13927]low5.0---
147058Qualcomm Snapdragon Auto Image memory corruption [CVE-2019-2338]medium4.4---
147057Qualcomm Snapdragon Auto EMM out-of-bounds read [CVE-2019-2337]medium6.8---
147056Qualcomm Snapdragon Auto HLOS buffer overflow [CVE-2019-2321]medium4.4---
147055Qualcomm Snapdragon Auto array index [CVE-2019-2320]medium6.8---
147054Qualcomm Snapdragon Auto HLOS privileges management [CVE-2019-2319]medium4.4---
147053Qualcomm Snapdragon Auto out-of-bounds read [CVE-2019-2310]medium6.8---
147052Qualcomm Snapdragon Auto TZ buffer overflow [CVE-2019-2288]medium4.4---
147051Qualcomm Snapdragon Connectivity Driver information disclosuremedium4.6---
147050Qualcomm Snapdragon Auto QDCM API integer overflow [CVE-2019-10592]medium4.4---
147049Qualcomm Snapdragon Auto Snapshot buffer overflow [CVE-2019-10571]medium4.4---
147048Qualcomm Snapdragon Auto OGG File out-of-bounds read [CVE-2019-10559]medium6.8---
147047Qualcomm Snapdragon Auto buffer overflow [CVE-2019-10555]medium4.4---
147046Qualcomm Snapdragon Auto LLC Support null pointer dereferencelow2.1---
147045Qualcomm Snapdragon Auto Data Truncation integer overflow [CVE-2019-10530]medium4.4---
147044Qualcomm Snapdragon Mobile/Snapdragon Voice / Music GPU Memory resource consumptionlow2.1---
147043Qualcomm Snapdragon Auto GSNDCP Compressed Mode array index [CVE-2019-10511]medium6.8---
147042Qualcomm Snapdragon Auto Camera toctou [CVE-2019-10494]medium4.4---
147041Qualcomm Snapdragon Auto buffer overflow [CVE-2019-10493]low5.0---
147040Qualcomm Snapdragon Auto Compressed Data infinite loop [CVE-2019-10485]low5.0---
147039Qualcomm Snapdragon Auto Command use after free [CVE-2019-10484]medium4.4---
147038Work Time Calendar App cross site scripting [CVE-2019-19748]low4.3---
147037Xfig fig2dev arrow.c make_arrow integer overflowmedium6.8---
147036Octeth Oempro Campaign.Get sql injectionmedium6.8---
147035OpenBSD setuid Program ld.so _dl_setup_env privileges managementmedium6.6---
147034SnakeYAML Alias xml entity expansion [CVE-2017-18640]medium5.0---
147033Microsoft Visual Studio Git input validation [CVE-2019-1387]medium6.8---
147032Microsoft Visual Studio Git input validation [CVE-2019-1354]medium6.8---
147031Microsoft Visual Studio Git input validation [CVE-2019-1352]medium6.8---
147030Microsoft Visual Studio Git input validation [CVE-2019-1351]medium6.8---
147029Microsoft Visual Studio Git input validation [CVE-2019-1350]medium6.8---
147028Microsoft Visual Studio Git input validation [CVE-2019-1349]medium6.8---
147027Avaya IP Office Application Server Web UI cross site scriptinglow3.5---
147026LEADTOOLS JPEG2000 File out-of-bounds write [CVE-2019-5154]medium6.8---
147025LEADTOOLS DICOM libltdic.so integer overflowmedium6.8---
147024LEADTOOLS DICOM Image out-of-bounds write [CVE-2019-5092]medium6.8---
147023LEADTOOLS libltdic.so infinite looplow5.0---
147022LEADTOOLS libltdic.so out-of-bounds readlow5.0---
147021LEADTOOLS DICOM Parser libltdic.so integer overflowmedium6.8---
147020IBM Spectrum Scale command injection [CVE-2019-4715]medium6.0---
147019IBM Spectrum Scale Web UI cross site scriting [CVE-2019-4665]low3.5---
147018Blink XT2 Sync Module Network Configuration os command injectionmedium6.8---
147017Blink XT2 Sync Module WiFi os command injection [CVE-2019-3988]medium7.5---
147016Blink XT2 Sync Module WiFi os command injection [CVE-2019-3987]medium7.5---
147015Blink XT2 Sync Module WiFi os command injection [CVE-2019-3986]medium7.5---
147014Blink XT2 Sync Module WiFi os command injection [CVE-2019-3985]medium7.5---
147013Blink XT2 Sync Module UART insufficiently protected credentialsmedium6.8---
147012bson-objectid ObjectID input validationmedium7.5---
147011sysstat sa_common.c check_file_actlst double freemedium6.8---
147010Zoho ManageEngine Applications Manager Agent.java sql injectionmedium6.0---
147009Zoho ManageEngine Applications Manager SyncEventServlet.java doGet sql injectionmedium6.8---
147008Xen VMX VMEntry Check input validation [CVE-2019-19583]low5.0---
147007Xen Bit Iteration infinite loop [CVE-2019-19582]low2.1---
147006Xen Bit Iteration memory corruption [CVE-2019-19581]low2.1---
147005Xen Incomplete Fix race condition [CVE-2019-19580]medium6.0---
147004Xen Pagetable input validation [CVE-2019-19578]low2.1---
147003Xen Pagetable input validation [CVE-2019-19577]medium4.6---
147002Squiz Matrix CMS File Upload form_question_type_file_upload.inc input validationmedium6.4---
147001Squiz Matrix CMS page_remote_content.inc deserializationmedium7.5---
147000Symantec Messaging Gateway server-side request forgery [CVE-2019-18379]medium7.5---
146999Symantec Messaging Gateway cross site scripting [CVE-2019-18378]low3.5---
146998Symantec Messaging Gateway privileges management [CVE-2019-18377]medium6.5---
146997Reliable Controls LicenseManager unquoted search path [CVE-2019-18245]medium4.3---
146996Safenet Sentinel LDK License Manager Service link following [CVE-2019-18232]medium4.1---
146995Micro Focus AcuToWeb File Download information disclosure [CVE-2019-17087]low5.0---
146994Atlassian FishEye/Crucible removeStarAjax.do authorizationmedium6.0---
146993Atlassian FishEye/Crucible branchreview cross site scriptinglow4.3---
146992Atlassian FishEye/Crucible Branch cross site scripting [CVE-2019-15007]low3.5---
146991Linux/FreeBSD/OpenBSD/MacOS/iOS/Android VPN channel accessiblemedium4.0---
146990wolfSSL/wolfCrypt DSA Nonce Generator dsa.c Key missing encryptionlow2.6---
146989enshrined svg-sanitize cross site scripting [CVE-2019-10772]medium6.8---
146988Puppet Enterprise root_configuration Password log filelow3.5---
146987Puppet Enterprise Express Install hard-coded credentials [CVE-2019-10694]medium6.8---
146986SAP Enable Now User information disclosure [CVE-2019-0405]low5.0---
146985SAP Enable Now Error Message information disclosure [CVE-2019-0404]low5.0---
146984SAP Enable Now input validation [CVE-2019-0403]medium7.5---
146983SAP Adaptive Server Enterprise information disclosure [CVE-2019-0402]low1.5---
146982SAP Project Management Project Dashboard information disclosurelow4.0---
146981SAP BusinessObjects Business Intelligence Platform cross-site request forgerylow3.5---
146980SAP BusinessObjects Business Intelligence Platform Fiori BI Launchpad Stored cross site scriptinglow3.5---
146979DBD::PgPP sql injection [CVE-2014-7257]medium6.8---
146978openshift os command injection [CVE-2014-0163]medium6.5---
IDTitleVulDBCVSSSecuniaXForceNessus
146977Foreman input validation [CVE-2014-0091]low5.0---
146976katello-headpin REST API cross-site request forgery [CVE-2014-0026]low4.3---
146975node-connect Incomplete Fix CVE-2013-7370 cross site scriptinglow4.3---
146974Cart66 Lite Plugin products.php cross site scriptinglow4.3---
146973Zabbix sql injection [CVE-2013-5743]medium6.8--medium
146972Puppet Enterprise cross site scripting [CVE-2013-4968]low4.3--medium
146971MediaWiki API IEUrlExtension.php cross site scriptinglow4.3--high
146970AirLive POE-2600HD resource consumption [CVE-2013-3691]low5.0---
146969Grandstream GXV3500 Telnet Service hard-coded credentials [CVE-2013-3542]medium6.8---
146968Adobe Acrobat Reader input validation [CVE-2019-16453]medium6.8---
146967Adobe Acrobat Reader privileges management [CVE-2019-16444]medium4.1---
146966Adobe Acrobat Reader null pointer dereference [CVE-2019-16463]medium6.8---
146965Adobe Acrobat Reader null pointer dereference [CVE-2019-16460]medium6.8---
146964Adobe Acrobat Reader null pointer dereference [CVE-2019-16455]medium6.8---
146963Adobe Acrobat Reader null pointer dereference [CVE-2019-16446]medium6.8---
146962Adobe Acrobat Reader memory corruption [CVE-2019-16462]medium6.8---
146961Adobe Acrobat Reader out-of-bounds write [CVE-2019-16451]medium6.8---
146960Adobe Acrobat Reader use after free [CVE-2019-16464]medium6.8---
146959Adobe Acrobat Reader use after free [CVE-2019-16459]medium6.8---
146958Adobe Acrobat Reader use after free [CVE-2019-16452]medium6.8---
146957Adobe Acrobat Reader use after free [CVE-2019-16448]medium6.8---
146956Adobe Acrobat Reader use after free [CVE-2019-16445]medium6.8---
146955Adobe Acrobat Reader out-of-bounds write [CVE-2019-16454]medium6.8---
146954Adobe Acrobat Reader out-of-bounds write [CVE-2019-16450]medium6.8---
146953Adobe Acrobat Reader out-of-bounds read [CVE-2019-16465]low4.3---
146952Adobe Acrobat Reader out-of-bounds read [CVE-2019-16461]low4.3---
146951Adobe Acrobat Reader out-of-bounds read [CVE-2019-16458]low4.3---
146950Adobe Acrobat Reader out-of-bounds read [CVE-2019-16457]low4.3---
146949Adobe Acrobat Reader out-of-bounds read [CVE-2019-16456]low4.3---
146948Adobe Acrobat Reader information disclosure [CVE-2019-16449]low4.3---
146947McAfee Tech Check Microsoft Windows Client privileges managementmedium4.1---
146946AWS Firecracker buffer overflow [CVE-2019-18960]medium6.8---
146945Progress Telerik UI for ASP.NET AJAX .NET Deserialization RadAsyncUpload deserializationmedium6.8---
146944node-connect Middleware cross site scripting [CVE-2013-7370]low4.3---
146943JBossWeb Bayeux Reflected cross site scripting [CVE-2013-6495]low4.3---
146942omniauth-facebook Gem Access Token improper authentication [CVE-2013-4593]medium5.0---
146941Orca Python Module input validation [CVE-2013-4245]medium4.4--high
146940SmokePing Incomplete Fix CVE-2012-0790 cross site scripting [CVE-2013-4158]low4.3--medium
146939Google Chrome Javascript memory corruption [CVE-2019-5843]medium6.8---
146938Google Chrome Javascript memory corruption [CVE-2019-5841]medium6.8---
146937libxslt xsltNumberFormatGetMultipleLevel type confusionmedium6.8---
146936Yabasic Basic Source Code flex.c yylex memory corruptionmedium6.8---
146935Tableau Server embeddedAuthRedirect cross site scriptinglow4.3---
146934MediaWiki Protection Mechanism redirect [CVE-2019-19709]medium6.8---
146933VisualEditor Extension Clipboard cross site scripting [CVE-2019-19708]low4.3---
146932Moxa EDS-G508E/EDS-G512E/EDS-G516E PROFINET DCE-RPC Endpoint denial of servicelow5.0---
146931Ktor redirect [CVE-2019-19703]medium6.8---
146930modoboa-dmarc Plugin XML Data xml injection [CVE-2019-19702]medium7.5---
146929Git Submodule Update input validation [CVE-2019-19604]medium7.5---
146928Yachtcontrol os command injection [CVE-2019-17270]medium7.5---
146927Microsoft Skype for Business Server input validation [CVE-2019-1490]low3.5---
146926Microsoft Windows Remote Desktop Protocol information disclosurelow5.0---
146925libssh scp Client ssh_scp_new command injectionmedium4.6---
146924Microsoft Windows Defender memory corruption [CVE-2019-1488]medium6.0---
146923Ssamba S4U Kerberos Delegation improper authorization [CVE-2019-14870]medium6.0---
146922Microsoft Authentication Library information disclosure [CVE-2019-1487]low3.5---
146921Samba AD Handleer dns_name_compare out-of-bounds readmedium4.6---
146920Microsoft Visual Studio redirect [CVE-2019-1486]medium6.8---
146919Google Chrome Javascript type confusion [CVE-2019-13764]medium6.8---
146918Google Chrome Payment input validation [CVE-2019-13763]low4.3---
146917Google Chrome Download input validation [CVE-2019-13762]low4.1---
146916Google Chrome Omnibox Domain input validationmedium6.8---
146915Google Chrome interstitials Domain input validationmedium6.8---
146914Google Chrome Navigation input validation [CVE-2019-13758]medium6.8---
146913Google Chrome Omnibox Domain input validationmedium6.8---
146912Google Chrome Security UI Domain input validationmedium6.8---
146911Google Chrome Extension input validation [CVE-2019-13755]low4.3---
146910Google Chrome Extension input validation [CVE-2019-13754]medium6.8---
146909Google Chrome SQLite out-of-bounds read [CVE-2019-13753]medium4.3---
146908Google Chrome SQLite out-of-bounds read [CVE-2019-13752]low4.3---
146907Google Chrome SQLite information disclosure [CVE-2019-13751]low4.3---
146906Google Chrome SQLite input validation [CVE-2019-13750]medium6.8---
146905Google Chrome Omnibox Address input validationmedium6.8---
146904Google Chrome Developer Tools input validation [CVE-2019-13748]low1.5---
146903Google Chrome input validation [CVE-2019-13747]medium6.8---
146902Google Chrome Omnibox URL input validationmedium6.8---
146901Google Chrome Audio information disclosure [CVE-2019-13745]low4.3---
146900Google Chrome Policy Enforcement information disclosure [CVE-2019-13744]low4.3---
146899Google Chrome Security UI input validation [CVE-2019-13743]medium6.8---
146898Google Chrome Omnibox Domain input validationmedium6.8---
146897Google Chrome Blink input validation [CVE-2019-13741]low4.1---
146896Google Chrome Security UI Domain input validationmedium6.8---
146895Google Chrome Policy Enforcement Domain input validationmedium6.8---
146894Google Chrome Policy Enforcement permission assignment [CVE-2019-13738]medium6.8---
146893Google Chrome Policy Enforcement information disclosure [CVE-2019-13737]low4.3---
146892Google Chrome PDFium integer overflow [CVE-2019-13736]medium6.8---
146891Google Chrome Javascript out-of-bounds write [CVE-2019-13735]medium6.8---
146890Google Chrome SQLite out-of-bounds write [CVE-2019-13734]medium6.8---
146889Google Chrome WebAudio use after free [CVE-2019-13732]medium6.8---
146888Google Chrome Javascript type confusion [CVE-2019-13730]medium6.8---
146887Google Chrome WebSocket use after free [CVE-2019-13729]medium6.8---
146886Google Chrome Javascript out-of-bounds write [CVE-2019-13728]medium6.8---
146885Google Chrome WebSocket permission assignment [CVE-2019-13727]medium6.8---
146884Google Chrome Password Manager memory corruption [CVE-2019-13726]medium6.8---
146883Google Chrome Bluetooth use after free [CVE-2019-13725]medium6.8---
146882Google Chrome Omnibox input validation [CVE-2019-13672]medium6.8---
146880OpenBSD Random Number Generator random.c prng seedlow2.6---
146879Microsoft Windows OLE input validation [CVE-2019-1484]medium6.8---
146878Microsoft Windows AppX Deployment Server privileges managementmedium6.0---
146877Microsoft Windows Windows Media Player information disclosurelow4.3---
146876Microsoft Windows Windows Media Player information disclosurelow4.3---
146875Microsoft Windows COM Server privileges management [CVE-2019-1478]medium6.0---
146874Microsoft Windows Printer Service privileges management [CVE-2019-1477]medium6.0---
146873Microsoft Windows AppX Deployment Service privileges managementmedium6.0---
146872Microsoft Windows Kernel information disclosure [CVE-2019-1474]low3.5---
146871Microsoft Windows Kernel information disclosure [CVE-2019-1472]low3.5---
146870Microsoft Windows Hyper-V information disclosure [CVE-2019-1470]low3.5---
146869Microsoft Windows GDI information disclosure [CVE-2019-1467]low4.3---
146868Microsoft Windows GDI information disclosure [CVE-2019-1466]low4.3---
146867Microsoft Windows GDI information disclosure [CVE-2019-1465]low4.3---
146866Microsoft Office Excel information disclosure [CVE-2019-1464]low4.3---
146865Microsoft Office Access information disclosure [CVE-2019-1463]low3.5---
146864Microsoft Office PowerPoint input validation [CVE-2019-1462]medium6.8---
146863Microsoft Office Word input validation [CVE-2019-1461]low4.3---
146862Microsoft Windows Remote Desktop Protocol input validation [CVE-2019-1453]low4.3---
146861Microsoft Office Access information disclosure [CVE-2019-1400]low3.5---
146860Microsoft Power BI Report Server cross site scripting [CVE-2019-1332]low4.3---
146859Microsoft Internet Explorer VBScript memory corruption [CVE-2019-1485]medium6.8---
146858Microsoft Windows Win32k information disclosure [CVE-2019-1469]low3.5---
146857Microsoft Windows Win32k privileges management [CVE-2019-1458]medium8.5---
146856Microsoft Windows Hyper-V input validation [CVE-2019-1471]medium6.3---
146855Microsoft Windows Win32k Graphics input validation [CVE-2019-1468]medium6.8---
146854Lenovo Power Management Driver memory corruption [CVE-2019-6192]medium4.1---
146853Lenovo Energy Management Driver input validation [CVE-2019-6183]low5.0---
146852IBM WebSphere Application Server Web UI cross site scriptinglow3.5---
146851IBM Cloud Pak System Platform System Manager injection [CVE-2019-4521]medium5.1---
146850IBM SmartCloud Analytics Zookeeper privileges management [CVE-2019-4244]medium6.8---
146849IBM Cloud Pak System cross-site request forgery [CVE-2019-4095]low4.3---
146848Last.fm Scrobbler input validation [CVE-2019-19251]low2.6---
146847Yaws redirect [CVE-2016-1000108]medium6.8---
146846Erlang inets redirect [CVE-2016-1000107]medium6.8---
146845JBoss KeyCloak login-status-iframe.html cross site scriptinglow4.3---
146844CPAN Data::UUID link following [CVE-2013-4184]medium4.6---
146843kde-workspace Plasma Desktop crypt denial of servicelow5.0--medium
146842Katello API OAuth Authentication resource consumption [CVE-2013-4120]low5.0---
146841Monkey HTTP Daemon exposure of resource [CVE-2013-2183]medium4.1---
146840python-keystoneclient Memcache insufficient verification of data authenticitymedium5.5--medium
146839python-keystoneclient Memcache inadequate encryption [CVE-2013-2166]medium5.5--medium
146838Monkey HTTP Daemon auth.c improper authenticationmedium7.5---
146837rubygem-openshift-origin-controller API cartridge_cache.rb URI.prase injectionmedium7.5---
146836openstack-utils openstack-db Password missing authenticationlow5.0---
146835Mozilla Firefox Frame input validation [CVE-2013-1689]low4.3---
146834Ovirt Node Lock Screen privileges management [CVE-2013-0293]medium4.4---
146833marc-q libwav libwav.c wav_content_read null pointer dereferencelow4.3---
146832CoreHR Core Portal cross-site request forgerylow4.3---
146831IBM DataPower Gateway IPMI LAN Channel privileges managementmedium5.1---
146830IBM Planning Analytics My Account Portal unrestricted uploadmedium6.0---
146829IBM Planning Analytics Web UI cross site scriting [CVE-2019-4611]low3.5---
146828IBM Cloud Pak for Data Watson Assistant cross site scriting [CVE-2019-4428]low3.5---
146827OpenStack Keystone Credentials API credentials insufficiently protected credentialslow3.5---
146826Nop Solution Ltd nopCommerce RoxyFileman RoxyFilemanController.cs cross-site request forgerylow4.3---
146825Nop Solution Ltd nopCommerce File Upload PluginController.cs unrestricted uploadmedium6.0---
146824Nop Solution Ltd nopCommerce NewsController.cs SaveStoreMappings cross site scriptinglow3.5---
146823Xray Test Management Test Issue cross site scripting [CVE-2019-19679]low3.5---
146822Xray Test Management Generic Test Definition cross site scriptinglow3.5---
146821SQLite NOT NULL pragma.c unusual conditionmedium6.0---
146820SQLite ALTER TABLE Statement alter.c recursionlow3.5---
146819SQLite CREATE Statement privileges management [CVE-2019-19603]medium6.0---
146818CA Release Automation DataManagement deserialization [CVE-2019-19230]medium6.8---
146817Symantec Industrial Control System Protection improper authenticationmedium5.4---
146816Trend Micro Security Consumer null pointer dereference [CVE-2019-18190]low5.0---
146815Temenos Channels Login Page GetImage downloadDocServer path traversalmedium7.5---
146812Samsung m2m1shot Driver Framework m2m1shot_compat_ioctl32 out-of-bounds writemedium4.1---
146811Accentis Content Resource Management System cross site scriptinglow4.3---
146810Accentis Content Resource Management System sql injection [CVE-2015-3424]medium6.0---
146809Chrony denial of service [CVE-2015-1853]low4.3--medium
146808libcapsinetwork/monopd listener.cpp readBuf off-by-onelow5.0--medium
146807mod_wsgi Embedded Mode information disclosure [CVE-2014-0242]low2.6--medium
146806pyrad packet.py CreateID input validationmedium5.1---
146805Nop Solution Ltd nopCommerce FileRoxyFilemanService.cs path traversalmedium6.0---
146804Microsoft Windows Media Center xml external entity referencelow6.8---
146803Microsoft Visual Studio xml external entity referencemedium6.8---
146802YARA macho.c macho_parse_file out-of-bounds readmedium6.8---
146801radare2 asm.c r_asm_pseudo_incbin input validationlow4.3---
146800Microsoft Excel XML Import xml external entity referencemedium6.8---
146799rConfig privileges management [CVE-2019-19268]medium6.6---
146798OpenNetAdmin code injectionmedium6.0---
146797Supermicro X8STi-F setvmdrive.asp os command injectionmedium6.5---
146796libsixel frompnm.c load_pnm out-of-bounds writemedium6.8---
146795libsixel fromsixel.c sixel_decode_raw_impl integer overflowmedium6.8---
146794libsixel tosixel.c sixel_encode_body integer overflowmedium6.8---
146793libsixel fromsixel.c sixel_decode_raw_impl out-of-bounds writemedium6.8---
146792HTMLDOC string.c hd_strlcpy out-of-bounds writemedium6.8---
146791Linux Kernel f2fs Filesystem Image segment.c f2fs_build_segment_manager out-of-bounds readmedium6.8---
146790Linux Kernel btrfs Filesystem free-space-cache.c try_merge_free_space use after freemedium6.8---
146789Linux Kernel ext4 Filesystem Image super.c ext4_put_super use after freemedium6.8---
146788Google Android Permission RecentLocationApps.java permission assignmentlow4.3---
146787Google Android Unicode TextLine.java handleRun input validationlow4.3---
146786Google Android blob.cpp Blob input validationlow1.5---
146785Google Android NativeNfcManager.cpp nfcManager_unrouteAid use after freelow4.3---
146784Google Android BaseWidgetProvider.java updateWidget information disclosurelow1.5---
146783Google Android array.c array_find out-of-bounds readlow1.5---
146782Google Android Bluetooth btif_av.cc DeepCopy out-of-bounds readlow1.5---
146781Google Android Bluetooth Server device_class.cc device_class_to_int out-of-bounds readlow1.5---
146780Google Android Bluetooth Pairing privileges management [CVE-2019-2225]medium4.4---
146779Google Android mat.c ReadMATImage out-of-bounds writemedium6.8---
146778Google Android ihevcd_ref_list.c ihevcd_ref_list out-of-bounds writemedium6.8---
146777Google Android ihevcd_parse_slice.c ihevcd_parse_slice_data out-of-bounds writemedium6.8---
146776Google Android WindowProcessController.java hasActivityInVisibleTask input validationmedium4.1---
146775Google Android AppOpsService.java checkOperation information disclosurelow1.9---
146774Google Android System UI race condition [CVE-2019-2219]low1.9---
146773Google Android Permission Check PackageInstallerService.java createSessionInternal permission assignmentmedium4.1---
146772Google Android GpuStats.cpp setCpuVulkanInUse use after freemedium4.4---
146771ShapeShift KeepKey Hardware Wallet Finite State Machine improper validation of integrity check valuemedium6.8---
146770ShapeShift KeepKey Hardware Wallet USB Packet out-of-bounds writemedium6.8---
146769Dell Command Configure uncontrolled search path [CVE-2019-18575]low4.1---
146768serialize-to-js Regular Expression RegExp.prototype.toString cross site scriptinglow3.5---
146767Armeria response splitting [CVE-2019-16771]medium6.8---
146766Weidmueller IE-SW-VL05M/IE-SW-VL08MT/IE-SW-PL10M Cookie Credentials information disclosurelow4.3---
146765Weidmueller IE-SW-VL05M/IE-SW-VL08MT/IE-SW-PL10M Password Storage missing encryptionlow1.5---
146764Weidmueller IE-SW-VL05M/IE-SW-VL08MT/IE-SW-PL10M Credentials missing encryptionlow2.6---
146763Weidmueller IE-SW-VL05M/IE-SW-VL08MT/IE-SW-PL10M denial of servicemedium6.3---
146762Weidmueller IE-SW-VL05M/IE-SW-VL08MT/IE-SW-PL10M Authentication Mechanism Brute Force information disclosurelow4.3---
146761OpenSSL Montgomery Square information disclosure [CVE-2019-1551]medium6.8---
146760SiteVision Access Control privileges management [CVE-2019-12734]medium6.5---
146759SiteVision input validation [CVE-2019-12733]medium6.0---
146758Cloud Foundry UAA Log Credentials log filelow3.5---
146757safer-eval Sandbox input validationmedium7.5---
146756TITool PrintMonitor Login Time sql injectionmedium6.8---
146755JBoxx AS Java Security Policy privileges management [CVE-2012-2148]medium4.4---
146754PolarSSL DH inadequate encryption [CVE-2012-2130]low2.6--medium
146753Ubuntu Cobbler cobbler-ubuntu-import signature verification [CVE-2012-2092]low5.1---
146752OpenSLP out-of-bounds write [CVE-2019-5544]medium6.8---
146751SROS 2 ROS 2 Node information disclosure [CVE-2019-19627]low1.5---
146750SROS 2 Node Information governance.xml information disclosurelow4.3---
146749OpenCV dis_flow.cpp ocl_calc out-of-bounds readmedium6.8---
146748SecureWorks Red Cloak Windows Agent Telemetry Alert permissionslow1.5---
146747Sangoma FreePBX Userman cross site scripting [CVE-2019-19552]low3.5---
146746Sangoma FreePBX Userman cross site scripting [CVE-2019-19551]low3.5---
146745libyang YANG Parser stack-based overflow [CVE-2019-19334]medium6.8---
146744libyang YANG Parser stack-based overflow [CVE-2019-19333]medium6.8---
146743Audible App SSL Certificate certificate validation [CVE-2019-11554]low2.6---
146742Fedoraproject Sectool DBus File privileges management [CVE-2012-1615]medium4.6--medium
146741Documize Markdown markdown.go cross site scriptinglow4.3---
146740phpMyAdmin Git Information GitRevision.php Remote Code Executionhigh7.5---
146739Xtivia Web Time/Expense GetAttachment resource transferlow3.5---
146738QNAP QTS Photo Station external reference [CVE-2019-7195]medium7.5---
146737QNAP QTS Photo Station external reference [CVE-2019-7194]medium7.5---
146736QNAP QTS input validation [CVE-2019-7193]medium7.5---
146735QNAP QTS Photo Station privileges management [CVE-2019-7192]medium7.5---
146734QNAP QTS Music Station cross site scripting [CVE-2019-7185]low3.5---
146733QNAP QTS Video Station cross site scripting [CVE-2019-7184]low3.5---
146732QNAP QTS Link link following [CVE-2019-7183]medium7.5---
146731AMD Driver Pixel Shader ATIDXX64.DLL out-of-bounds readmedium6.8---
146730chkstat Tool symlink [CVE-2019-3690]medium4.1---
146729Strapi Framework Plugin execa input validationmedium6.0---
146728Adobe Stock API upload.php unrestricted uploadmedium6.8---
146727Adobe Stock API multi_upload.php unrestricted uploadmedium6.8---
146726Norton Password Manager information disclosure [CVE-2019-19546]low4.0---
146725Norton Password Manager origin validation [CVE-2019-19545]medium6.5---
146724SCEditor cross site scripting [CVE-2019-19466]low4.3---
146722Intelbras IWR 3000N user Credentials insufficiently protected credentialslow4.0---
146721Norton Password Manager origin validation [CVE-2019-18381]medium6.5---
146720OTRS Filename infinite loop [CVE-2019-18180]low4.3---
146719Palo Alto PAN-OS insufficient permissions or privileges [CVE-2019-17437]medium4.1---
146718Aviatrix VPN Client File Permission privileges management [CVE-2019-17388]medium4.1---
146717Aviatrix VPN Client AVPNC_RP Service privileges management [CVE-2019-17387]medium4.6---
146716Puma Connection allocation of resources [CVE-2019-16770]low4.3---
146715Yahoo serialize-javascript cross site scripting [CVE-2019-16769]low3.5---
146714Sylius Exception Message AuthenticationServiceException information exposurelow3.5---
146713ThinkParQ BeeGFS beegfs-ctl missing authentication [CVE-2019-15897]medium5.4---
146712KeyCloak LDAP User Federation authentication bypass [CVE-2019-14910]medium6.8---
146711Kubernetes CSI Sidecar Container Persistent input validationlow4.3---
146710Kubernetes API Server redirect [CVE-2018-1002102]medium4.3---
146709OpenStack Nova Base Image permission assignment [CVE-2013-0326]low1.9---
146708Katello Notification Page cross site scripting [CVE-2013-0283]low3.5---
146707haskell-tls-extra TLS Connection input validation [CVE-2013-0243]low2.6---
146706Openshift haproxy cartridge tmp exposure of resourcelow2.1---
146705Apache Struts XSLT File unrestricted upload [CVE-2012-1592]medium4.1---
146704LDAP Account Manager Pro cmd.php cross site scriptinglow4.3--medium
146703LDAP Account Manager Pro cmd.php cross site scriptinglow4.3--medium
146702Jasig php-pear-CAS Authentication Service tmp setCacheTimesForAuthRecheck information disclosurelow5.0--medium
146701phpCAS Service Proxy setCacheTimesForAuthRecheck privileges managementmedium6.4--medium
146700Linux Kernel internal.h fpregs_state_valid permission assignmentmedium4.4---
146699OpenDetex detex.l TexOpen memory corruptionmedium6.8---
146698SQLite resolve.c lookupName input validationmedium6.8---
146697D-Link DAP-1860 timestamp improper authenticationmedium5.8---
146696D-Link DAP-1860 HTTP Header improper authentication [CVE-2019-19597]medium6.8---
146695GitBook MD File cross site scripting [CVE-2019-19596]low1.5---
146694radare2 asm.c r_asm_massemble integer overflowmedium6.8---
146693Lever PDF Embedder Plugin input validation [CVE-2019-19589]high7.5---
146692Validator Package resource consumption [CVE-2019-19588]low5.0---
146691Wireshark CMS Dissector packet-cms-template.c injectionlow5.0---
146690QNAP NetBak Replicator QVssService unquoted search path [CVE-2019-7201]medium4.1---
146689QNAP QTS Stored cross site scripting [CVE-2019-7197]low3.5---
146688WSO2 Enterprise Integrator Management Console Reflected cross site scritinglow4.3---
146687Xen Incomplete Fix CVE-2019-18424 input validation [CVE-2019-19579]medium4.6---
146686verot.net class.upload class.upload.php unrestricted uploadmedium7.5---
146685Xfig fig2dev read.c out-of-bounds writemedium6.8---
146684OpenBSD S-Key/Yubikey improper authentication [CVE-2019-19522]medium6.6---
146683OpenBSD libc auth_subr.c improper authenticationmedium6.8---
146682OpenBSD xlock loader.c privileges managementmedium4.1---
146681OpenBSD su.c main input validationmedium4.1---
146680Sony Catalyst Production Suite/Catalyst Browse DLL Loader untrusted search pathmedium6.6---
146679Fronius Solar Inverter service.fcgi path traversalmedium6.5---
146678Fronius Solar Inverter web_users.conf cleartext storagemedium6.8---
146677CSS Hero Plugin csshero_action=edit_page Reflected cross site scriptinglow4.3---
146676TrevorC2 Fingerprint information disclosure [CVE-2019-18850]low5.0---
146675DAViCal Stored cross site scripting [CVE-2019-18347]low3.5---
146674DAViCal cross-site request forgery [CVE-2019-18346]low3.5---
146673Apache Olingo Public API AbstractService deserializationmedium7.5---
146672Apache Olingo AsyncResponseWrapperImpl input validationlow5.0---
146671Apache Olingo Deserialization xml external entity reference [CVE-2019-17554]medium6.8---
146670Decentralized Anonymous Payment System Signature signature verificationmedium5.1---
146669Decentralized Anonymous Payment System cross-site request forgerylow2.6---
146668COPA-DATA zenone32 zenon Editor uncontrolled search path [CVE-2019-15638]low4.1---
146667KeyCloak LDAP improper authentication [CVE-2019-14909]medium6.8---
146666Proxygen HPACK use after free [CVE-2019-11940]medium6.8---
146665Mcrouter Carbon Protocol resource consumption [CVE-2019-11937]low5.0---
146664HHVM APC denial of service [CVE-2019-11936]low5.0---
146663HHVM mb_ereg_replace out-of-bounds readmedium6.8---
146662AsyncSSLSocket close_notify Alert out-of-bounds read [CVE-2019-11934]medium6.8---
146661HHVM mb_detect_order release of referencemedium6.8---
146660Mcrouter ASCII Parser resource consumption [CVE-2019-11923]low5.0---
146659BMC Smart Reporting XML Data unrestricted upload [CVE-2019-11216]medium6.5---
146658QNAP QTS File Station injection [CVE-2018-0730]medium7.5---
146657QNAP QTS Music Station injection [CVE-2018-0729]medium7.5---
146656QNAP QTS Helpdesk privileges management [CVE-2018-0728]low5.0---
146655minidlna sql injection [CVE-2013-2745]medium6.8---
146654Cameron Hamilton-Rich axTLS TLS Handshake tls1.c process_certificate buffer overflowmedium6.8---
146653Autodesk FBX Software Development Kit FBX File buffer overflowmedium6.8---
146652Autodesk Desktop Application DLL Loader untrusted search pathmedium4.1---
146651shadowsocks-libev ss-manager missing authentication [CVE-2019-5164]medium4.6---
146650shadowsocks-libev UDPRelay missing authenticationlow1.9---
146649AccuSoft ImageGear igcore19d.dll out-of-bounds write [CVE-2019-5133]medium6.8---
146648AccuSoft ImageGear GEM Raster Parser igcore19d.dll out-of-bounds writemedium6.8---
146647Forma LMS ajax.server.php sql injectionmedium6.0---
146646Forma LMS ajax.server.php sql injectionmedium6.0---
146645Forma LMS sql injection [CVE-2019-5110]medium6.0---
146644Forma LMS sql injection [CVE-2019-5109]medium6.0---
146643Goahead Web Server Multi-Part Request infinite loop [CVE-2019-5097]low4.3---
146642Goahead Web Server Multi-Part Request use after free [CVE-2019-5096]medium6.8---
146641AccuSoft ImageGear igcore19d.dll TIFdecodethunderscan out-of-bounds writemedium6.8---
146640AccuSoft ImageGear PNG Header igcore19d.dll out-of-bounds writemedium6.8---
146639IBM Cloud Pak System Web UI cross site scriting [CVE-2019-4468]low3.5---
146638IBM Cloud Pak System Web UI cross site scriting [CVE-2019-4467]low3.5---
146637IBM Cloud Pak System Stored information disclosure [CVE-2019-4465]low1.5---
146636IBM Cloud Pak System Web UI cross site scriting [CVE-2019-4226]low3.5---
146635IBM Cloud Pak System File Upload code injection [CVE-2019-4130]medium6.0---
146634IBM Cloud Pak System Web UI cross site scriting [CVE-2019-4098]low3.5---
146633Harbor API Endpoint users information disclosurelow4.0---
146632Dell Command Update Directory Permission uncontrolled search pathlow3.0---
146631Dell Command Update uncontrolled search path [CVE-2019-3749]low3.0---
146630Linux Kernel serial_ir.c serial_ir_init_module use after freemedium4.4---
146629Linux Kernel USB Device file.c race conditionlow4.7---
146628Linux Kernel USB Device pcan_usb_pro.c information disclosurelow1.9---
146627Linux Kernel USB Device pcan_usb_fd.c information disclosurelow1.9---
146626Linux Kernel USB Device pcan_usb_core.c information disclosurelow1.9---
146625Linux Kernel USB Device ttusb_dec.c release of resourcelow1.9---
146624Linux Kernel USB Device hid-axff.c out-of-bounds writemedium4.4---
146623Linux Kernel USB Device yurex.c use after freemedium4.4---
146622Linux Kernel USB Device cdc-acm.c use after freemedium4.4---
146621Linux Kernel USB Device mcba_usb.c use after freemedium4.4---
146620Linux Kernel USB Device iowarrior.c use after freemedium4.4---
146619Linux Kernel USB Device hiddev.c use after freemedium4.4---
146618Linux Kernel USB Device usb.c use after freemedium4.4---
146617Linux Kernel USB Device atusb.c use after freemedium4.4---
146616Linux Kernel USB Device ff-memless.c use after freemedium4.4---
146615Linux Kernel USB Device adutux.c use after freemedium4.4---
146614SALTO ProAccess SPACE Webserver default permission [CVE-2019-19460]medium7.6---
146613SALTO ProAccess SPACE input validation [CVE-2019-19459]medium7.5---
146612SALTO ProAccess SPACE Data Export path traversal [CVE-2019-19458]medium7.5---
146611SALTO ProAccess SPACE cross site scripting [CVE-2019-19457]low3.5---
146610freeFTPd SIZE Command buffer overflow [CVE-2019-19383]medium6.0---
146609OpenWrt forwards cross site scriptinglow3.5---
146608OpenWrt rules cross site scriptinglow3.5---
146607Dell EMC RSA Authentication Manager Security Console Stored cross site scriptinglow3.5---
146606OkayCMS ProductsView.php injectionmedium7.5---
146605FreeRADIUS EAP-pwd Handshake information disclosure [CVE-2019-13456]low2.9---
146603Cameron Hamilton-Rich axTLS asn1.c get_asn1_length buffer overflowmedium6.8---
146602mod_fcgid input validation [CVE-2016-1000104]medium6.5--medium
146601node-cli Temp File input validation [CVE-2016-1000021]medium7.5---
146600libgwenhywfar CA Certificate cleartext transmission [CVE-2015-7542]medium7.5--high
146599devscripts Tarball code injection [CVE-2013-7325]medium7.5--high
146598Zanata Log injection [CVE-2013-4486]medium6.8---
146597Review Board URL authorization [CVE-2013-4411]medium6.8--medium
146596shadow Directory Tree toctou [CVE-2013-4235]low3.3---
146595SaltStack RSA Key Generation excessive authentication [CVE-2013-2228]low4.3---
146594webauth Credentials insufficiently protected credentials [CVE-2013-2106]low5.0---
146593openshift URL input validation [CVE-2013-2103]low4.0---
146592Katello cross site scripting [CVE-2013-2101]low3.5---
146591Huawei Honor Play Screen Lock information disclosure [CVE-2019-5309]low1.9---
146590Huawei 20 RS ADB Mode authorization [CVE-2019-5308]medium4.6---
146589Huawei Myna Cloud information disclosure [CVE-2019-5271]medium5.4---
146588Huawei Home Router authorization [CVE-2019-5269]medium4.4---
146587Huawei Home Router input validation [CVE-2019-5268]low3.3---
146586Huawei HiSuite/HwBackup information disclosure [CVE-2019-5263]low1.2---
146585Huawei Atlas 300/Atlas 500 buffer overflow [CVE-2019-5247]medium4.1---
146584Huawei Viewpoint random values [CVE-2019-5232]low4.3---
146583Huawei P30/P30 Pro/Mate 20/HiSuite Upgrade Package input validationmedium6.8---
146582Huawei P30/P30 Pro/Mate 20/HiSuite Upgrade Package input validationmedium6.8---
146581Huawei P30/Mate 20/P30 Pro buffer overflow [CVE-2019-5225]medium6.8---
146580Huawei P30 Application out-of-bounds read [CVE-2019-5224]medium6.8---
146579Huawei Band 2/Honor Band 3 improper authentication [CVE-2019-5218]medium5.8---
146578Huawei Share Access Control information disclosure [CVE-2019-5212]medium6.8---
146577Huawei P20 Huawei Share input validation [CVE-2019-5211]low4.3---
146576Nova 5i/5 array index [CVE-2019-5210]medium4.4---
146575McAfee Web Advisor Web Interface privileges management [CVE-2019-3666]medium6.8---
146574McAfee Web Advisor Web Interface code injection [CVE-2019-3665]medium6.8---
146573Intelbras WRN 150 Password Change SysToolChangePwd cross-site request forgerylow4.3---
146572jpv Type Detection compareCommon improper authenticationmedium7.5---
146571Image Uploader/Browser plugin Pathname pluginconfig.php input validationhigh7.5---
146570Alfresco Enterprise HTML File Upload Stored cross site scriptinglow3.5---
146569Kentico File Upload unrestricted upload [CVE-2019-19493]low4.3---
146568FreeSWITCH event_socket.conf.xml hard-coded credentialsmedium7.5---
146567TestLink archiveData.php cross site scripting [CVE-2019-19491]low4.3---
146566LiteManager Permission ROMFUSClient.exe default permissionmedium4.4---
146565SMPlayer m3u File buffer overflow [CVE-2019-19489]medium6.8---
146564OpenSC CAC Certificate card-cac1.c memory corruptionmedium4.4---
146563OpenSC pkcs15-prkey.c sc_pkcs15_decode_prkdf_entry operation after expirationmedium5.0---
146562OpenSC SETCOS Attribute card-setcos.c out-of-bounds readmedium4.6---
146561Zmanda Management Console Default Credentials ZMC_Admin_Advanced cross-site request forgerymedium6.8---
146560Free Photo Viewer BMP File unrestricted upload [CVE-2019-19468]medium6.8---
146559CBC Gem App missing encryption [CVE-2019-19464]medium7.5---
146558Anhui Huami Mi Fit App Update Check missing encryption [CVE-2019-19463]medium7.5---
146557Linux Kernel relay.c relay_open null pointer dereferencelow1.5---
146556GNOME Dia Encoding infinite loop [CVE-2019-19451]low1.9---
146555illumos Thread ip_attr.c conn_ixa input validationlow5.0---
146554LuaJIT type confusion [CVE-2019-19391]medium6.8---
146553FusionPBX dialplan_detail_edit.php cross site scriptinglow4.3---
146552FusionPBX fifo_interactive.php cross site scriptinglow4.3---
146551FusionPBX voicemail_greeting_edit.php cross site scriptinglow4.3---
146550FusionPBX dialplans.php cross site scriptinglow4.3---
146549FusionPBX fax_log_view.php cross site scriptinglow4.3---
146548MISP TagsController.php permission assignmentmedium7.5---
146547Linux Kernel btrfs Filesystem raid56.c index_rbio_pages out-of-bounds writemedium6.8---
146546Linux Kernel btrfs Filesystem async-thread.c btrfs_queue_work use after freemedium6.8---
146545Octopus Deploy Team API input validation [CVE-2019-19376]medium6.0---
146544Octopus Deploy SSL Offloading missing initialization of resourcelow2.6---
146543rConfig downloadFile.php path traversal [Disputed]medium7.5---
146542TeamViewer Desktop Application Chat information disclosure [CVE-2019-19362]low1.5---
146541Terraform risky encryption [CVE-2019-19316]low2.6---
146540ProFTPD tls_verify_crl null pointer dereferencelow4.0---
146539Django save default permissionmedium6.0---
146538TitanHQ WebTitan Administration Interface hard-coded credentialsmedium6.8---
146537TitanHQ WebTitan Administration Web Interface unrestricted uploadmedium6.0---
146536TitanHQ WebTitan Hotfix Download injection [CVE-2019-19019]medium7.6---
146535TitanHQ WebTitan Administration Interface dbconfig.ini Database information disclosurelow4.0---
146534TitanHQ WebTitan Installation race condition [CVE-2019-19017]high9.3---
146533TitanHQ WebTitan Administration Interface history-x.php sql injectionmedium6.8---
146532TitanHQ WebTitan Proxy Service exposure of resource [CVE-2019-19015]medium7.5---
146531TitanHQ WebTitan privileges management [CVE-2019-19014]medium6.6---
146530Allied Telesis AT-GS950-8 Web Interface path traversal [CVE-2019-18922]medium7.5---
146529RabbitMQ amqp_connection.c memcpy integer overflowmedium6.8---
146528ezmaster Admin Sys Mode unnecessary privileges [CVE-2019-16767]low3.5---
146527wagtail-2fa authentication spoofing [CVE-2019-16766]medium5.4---
146526Kaspersky Secure Connection exposure of resource [CVE-2019-15689]medium4.1---
146525MuleSoft Mule Community Edition code injection [CVE-2019-15631]medium6.8---
146524Trend Micro Security 2020 DLL Loader untrusted search path [CVE-2019-15628]medium4.1---
146523Linux Kernel Marvell Wifi Chip Driver resource consumption [CVE-2019-14901]medium6.8---
146522Linux Kernel Marvell Wifi Chip Driver stack-based overflow [CVE-2019-14897]medium4.1---
146521Linux Kernel Marvell Wifi Chip Driver heap-based overflow [CVE-2019-14895]medium4.9---
146520grub2 grub2-set-bootflag denial of service [CVE-2019-14865]low4.4---
146519Anviz CrossChex Access Control Management Software buffer overflowmedium6.8---
146518Inateck BCST-60 injection [CVE-2019-12503]medium5.1---
146517Anviz Access Control Password Change improper authenticationmedium6.8---
146516Anviz Access Control authentication replay [CVE-2019-12393]medium5.1---
146515Anviz Access Control authorization [CVE-2019-12392]medium6.8---
146514Anviz Management System Log unknown vulnerability [CVE-2019-12391]medium5.0---
146513Anviz Access Control Service Port 5010 PIN information disclosurelow4.3---
146512Anviz Access Control Service Port 5010 Credentials information disclosurelow4.3---
146511Anviz Access Control Service Port 5010 information disclosurelow2.6---
146510Module::Signature PGP Signature Parser numeric conversion [CVE-2015-3406]medium7.5--high
146509cabextract File Extraction path traversal [CVE-2015-2060]medium6.8--low
146508Ruby OpenSSL Extension verify_certificate_identity input validationmedium5.1--high
146507Libgcrypt/GnuPG mpi_powm information exposurelow2.6--medium
146506Docker Container Protection Mechanism path traversal [CVE-2014-9356]medium7.5--critical
146505Libgcrypt/GnuPG Elgamal Decryption information disclosure [CVE-2014-3591]low1.2--medium
146504Zabbix inadequate encryption [CVE-2013-7484]low2.6---
146503ReviewBoard REST API authorization [CVE-2013-4410]medium5.1--medium
146502rhn-proxy RHN Satellige cleartext transmission [CVE-2012-5562]low2.6---
146501FreeBSD input validation [CVE-2012-4576]medium4.1--medium
146500Piwigo Incomplete Fix CVE-2012-4525 password.php cross site scriptinglow4.3---
146499Piwigo password.php cross site scriptinglow4.3---
146498mom PIF File run privileges managementmedium4.1--low
146497OpenSLP SLPIntersectStringList out-of-bounds readlow5.0--medium
146495NAPC Xinet Elegant 6 Asset Library sql injection [CVE-2019-19245]medium6.8---
146494Max Secure Anti Virus permission assignment [CVE-2019-19382]medium4.1---
146493F5 SSL Orchestrator TMM input validation [CVE-2019-6674]low5.0---
146492F5 BIG-IP TMM input validation [CVE-2019-6673]low4.3---
146491F5 BIG-IP AFM Virtual Server Performance input validationlow5.0---
146490F5 BIG-IP TMM release of resource [CVE-2019-6671]low5.0---
146489F5 BIG-IP vCMP Hypervisor cleartext storage [CVE-2019-6670]low2.1---
146488F5 BIG-IP TMM input validation [CVE-2019-6669]low4.3---
146487F5 BIG-IP APM Edge Client authorization [CVE-2019-6668]medium6.9---
146486F5 BIG-IP TMM resource consumption [CVE-2019-6667]low4.3---
146485F5 BIG-IP TMM input validation [CVE-2019-6666]low5.0---
146484F5 BIG-IP ASM/BIG-IQ/iWorkflow/Enterprise Manager improper authenticationlow1.8---
146483FusionPBX fax_files.php cross site scriptinglow4.3---
146482FusionPBX xml_cdr_search.php cross site scriptinglow4.3---
146481HAProxy HTTP2 injection [CVE-2019-19330]high7.5---
146480WiKID Javascript Rendering Engine cross site scripting [CVE-2019-19329]low4.3---
146479Wikibase Wikidata Query Service GUI Tooltip Rdf.js injectionlow4.3---
146478Wikibase Wikidata Query Service GUI Reporting ResultView.js cross site scriptinglow4.3---
146477Linux Kernel ext4 Image xattr.c ext4_xattr_set_entry out-of-bounds writemedium6.8---
146476Linux Kernel btrfs Image Mount rwsem.c rwsem_down_write_slowpath use after freemedium6.8---
146475gnome-font-viewer TTF File sushi-font-widget.c text_to_glyphs null pointer dereferencelow4.3---
146474SQLite expr.c sqlite3ExprCodeTarget sql injectionmedium4.3---
146473Linux Kernel Spectre-RSB Mitigation entry_64.S information disclosurelow1.9---
146472Relion 670 path traversal [CVE-2019-18253]medium7.5---
146471Relion 650/670 input validation [CVE-2019-18247]low5.0---
146470Crestron DMC-STRO Ping os command injection [CVE-2019-18184]medium6.8---
146469Fortinet FortiOS SSL VPN Portal input validation [CVE-2019-15705]low4.3---
146468Centreon Web ldap_host.php sql injectionmedium6.0---
146467Centreon Web Administration Interface formMibs.php injectionmedium6.0---
146466Ghostscript setuserparams2 Remote Code Executionmedium6.8---
146465Siemens Polarion Web Page Generator Persistent cross site scriptinglow3.5---
146464Siemens Polarion Web Page Generator Reflected cross site scriptinglow3.5---
146463Siemens Polarion Web Page Generator Reflected cross site scriptinglow3.5---
146462Linux Kernel CIFS Path path traversalmedium6.0---
146461Ghostscript Remote Code Execution [CVE-2019-10216]medium6.8---
146460Mersive Solstice Pod os command injection [CVE-2017-12945]medium6.0---
146459xquest Password Generator random values [CVE-2016-4980]low1.2--high
146458Python CGI Script CGIHandler redirectmedium7.5--medium
146457Frams' Fast File EXchange rup Reflected cross site scriptinglow4.3--medium
146456OTRS Help Desk before/ITSM/FAQ Object Linking privileges managementmedium6.8--high
146455AccountService user.c user_change_password_authorized_cb Password permission assignmentlow1.5---
146454dhclient Path Variable input validation [CVE-2012-2248]medium9.3---
146453DHCPv6 Client DHCP Message injection [CVE-2011-2717]medium6.8---
146452vsftpd Service Port 6200 os command injection [CVE-2011-2523]high6.8---
146451PackageKit RPM permission assignment [CVE-2011-2515]medium5.1--low
146450FreeBSD/NetBSD 802.11 Stack information disclosure [CVE-2011-2480]low1.5---
146449dirmngr System Call certificate validation [CVE-2011-2207]low5.0---
146448xscreensaver Activation missing authentication [CVE-2011-2187]low4.1---
146447OpenOffice Suite Tools privileges management [CVE-2011-2177]medium6.8---
146446Linux Kernel Marvell Wifi Chip Driver cfg.c lbs_ibss_join_existing heap-based overflowmedium6.0---
146445Ipa Kerberos Key Data Parser ber_scanf resource consumptionmedium6.8---
146444Ipa Batch Processing Password information disclosurelow3.5---
146443Cloudera HUE LdapBackend improper authentication [CVE-2019-7319]medium6.0---
146442F5 BIG-IP Active Directory/LDAP/Client Certificate improper authenticationmedium7.5---
146441ISC BIND denial of service [CVE-2019-6477]low4.3---
146440IBM Sterling B2B Integrator Standard Edition Back-End Database sql injectionmedium6.0---
146439Cesanta Mongoose mongoose.c integer overflowmedium6.8---
146438Zoho CRM Lead Magnet Plugin Module cross site scripting [CVE-2019-19306]low3.5---
146437typed_ast Python Interpreter ast_for_arguments out-of-bounds readlow5.0---
146436typed_ast Python Interpreter handle_keywordonly_args out-of-bounds readlow5.0---
146435Dolibarr CRM/ERP Profile Picture viewimage.php Stored cross site scriptinglow3.5---
146434AfterLogic Webmail Pro/Aurora Attachment Name Stored cross site scriptinglow4.3---
146433Squid Web Proxy HTTP Digest Authentication information disclosurelow5.0---
146432Squid Web Proxy URL request smuggling [CVE-2019-18678]medium7.5---
146431Squid Web Proxy Hostname cross-site request forgery [CVE-2019-18677]medium6.8---
146430Squid Web Proxy URI Scheme input validation [CVE-2019-18676]medium6.8---
146429Dell EMC Storage Monitoring/Reporting Java RMI Deserialization deserializationmedium6.8---
146428GitLab Community Edition/Enterprise Edition Permission permission assignmentmedium6.5---
146427GitLab Community Edition/Enterprise Edition Permission privileges managementmedium6.5---
146426GitLab Community Edition/Enterprise Edition Sub Group Epic information disclosuremedium6.5---
146425GitLab Community Edition/Enterprise Edition Access Control information disclosuremedium7.5---
146424GitLab Community Edition/Enterprise Edition Environment permission assignmentmedium7.5---
146423GitLab Community Edition/Enterprise Edition Permission permissionsmedium6.5---
146422GitLab Community Edition/Enterprise Edition Security Token permissionsmedium6.5---
146421GitLab Community Edition/Enterprise Edition Elasticsearch information disclosuremedium7.5---
146420GitLab Community Edition/Enterprise Edition Nested GraphQL Query infinite looplow5.0---
146419GitLab Community Edition/Enterprise Edition Rdoc Wiki Page cross site scriptinglow4.3---
146418GitLab Community Edition/Enterprise Edition Comment permission assignmentmedium6.5---
146417GitLab Community Edition/Enterprise Edition Private Project permission assignmentmedium7.5---
146416GitLab Community Edition/Enterprise Edition Internal Redirect Filter redirectmedium6.8---
146415GitLab Community Edition/Enterprise Edition Project Label permission assignmentmedium6.5---
146414GitLab Community Edition/Enterprise Edition Autocomplete information disclosuremedium6.5---
146413GitLab Community Edition/Enterprise Edition Access Control information disclosuremedium6.5---
146412GitLab Community Edition/Enterprise Edition Permission permission assignmentmedium6.5---
146411GitLab Community Edition/Enterprise Edition Permission permission assignmentmedium6.5---
146410CSRF Magic Library CSRF Protection csrf_callback cross-site request forgerylow4.3---
146409Progress Sitefinity Password Recovery password recovery [CVE-2019-17392]high7.5---
146408PEGA Platform Audit Log information disclosure [CVE-2019-16388]low4.0---
146407PEGA Platform exposure of resource [CVE-2019-16387]low4.0---
146406PEGA Platform information disclosure [CVE-2019-16386]low4.0---
146405Ruby shell.rb injection [CVE-2019-16255]medium7.5---
146404Ruby Incomplete Fix injection [CVE-2019-16254]medium7.5---
146403TCL Alcatel Cingular Flip 2 B9HUAH1 Web API injection [CVE-2019-16243]medium6.8---
146402TCL Alcatel Cingular Flip 2 B9HUAH1 omamock os command injectionmedium4.6---
146401TCL Alcatel Cingular Flip 2 B9HUAH1 PIN Authentication authorizationmedium4.4---
146400Ruby Regular Expression backtracking DigestAuth improper authenticationlow5.0---
146399Centreon cross site scripting [CVE-2019-16195]low4.3---
146398Ruby Path File.fnmatch privileges managementmedium4.1---
146397Kaspersky Anti-Virus Web Protection redirect [CVE-2019-15688]medium6.8---
146396Kaspersky Anti-Virus Web Protection information disclosure [CVE-2019-15687]low4.3---
146395Kaspersky Anti-Virus Antivirus Protection Feature input validationlow4.3---
146394Kaspersky Anti-Virus Web Protection input validation [CVE-2019-15685]low4.3---
146393Ansible input validation [CVE-2019-14856]medium4.1---
146392python-ecdsa Signature Decoding denial of service [CVE-2019-14853]low2.6---
146391libnbd NBD Protocol nbd_pread input validationmedium6.8---
146390Cloudera Manager Impala Query cross site scripting [CVE-2019-14449]low3.5---
146389Squid Web Proxy URN Response buffer overflow [CVE-2019-12526]medium6.8---
146388Squid Web Proxy Access Check input validation [CVE-2019-12523]medium6.8---
146387Fastweb Askey RTV1907VW injection [CVE-2019-12489]medium7.5---
146386Cloudera Data Science Workbench Permission Check default permissionmedium6.0---
146385Cloudera CDH Permission default permission [CVE-2018-17860]medium6.0---
146384Cloudera Manager Username privileges management [CVE-2017-7399]low4.0---
146383Cloudera Manager Help Search cross site scripting [CVE-2016-9271]low3.5---
146382Cloudera CDH Search RealTimeGetHandler authorizationmedium6.0---
146381Cloudera CDH Diagnostic Support Bundles information disclosurelow5.0---
146380Cloudera CDH Impala Command authorization [CVE-2016-4572]medium6.0---
146379Cloudera Manager cleartext storage [CVE-2016-3192]medium6.5---
146378Cloudera CDH authorization [CVE-2016-3131]medium6.5---
146377Fast Secure Contact Form Plugin cross site scripting [CVE-2015-9539]low4.3---
146376NextGEN Gallery path traversal [CVE-2015-9538]medium6.5---
146375NextGEN Gallery cross site scripting [CVE-2015-9537]low3.5---
146374Cloudera HUE CDH privileges management [CVE-2015-7831]medium6.0---
146373Cloudera Manager Diagnostic Support Bundles information disclosurelow5.0---
146371Cloudera Manager UI cross site scripting [CVE-2015-4457]low3.5---
146370CMSMS News Module input validation [CVE-2011-4310]low5.0---
146369Zend Framework Encoding sql injection [CVE-2011-1939]medium6.8--high
146368lilo lilo-uuid-diskid lilo.conf information disclosurelow4.0---
146367Jifty::DBI sql injection [CVE-2011-1933]medium6.8---
146366Ansible Tower config Credentials cleartext storagelow1.5---
146365mod_auth_openidc redirect [CVE-2019-14857]medium4.3---
146364Google Chrome IndexedDB use after free [CVE-2019-5826]medium6.8---
146363Google Chrome Javascript use after free [CVE-2019-5825]medium6.8---
146362ProFTPD TLS tls_verify_crl null pointer dereferencelow5.0---
146361ProFTPD CRL tls_verify_crl certificate validationlow2.6---
146360ProFTPD CRL tls_verify_crl certificate validationmedium5.1---
146359SQLite Distinct select.c sqlite3Select input validationlow3.5---
146358Omron CX-Supervisor Teamviewer Remote Code Execution [CVE-2019-18251]high6.8---
146357ABB Power Generation Information Manager/Plant Connect authentication bypassmedium6.8---
146356Philips IntelliBridge EC40 SSH Server inadequate encryption [CVE-2019-18241]low2.6---
146355Eclipse Jetty Error Response cross site scripting [CVE-2019-17632]low4.3---
146354Cisco SD-WAN Solution vManage Web-based UI cross-site request forgerylow4.3---
146353Cisco WebEx Teams DLL Loader uncontrolled search path [CVE-2019-16001]medium4.1---
146352Cisco IOS XR Access Control List access control [CVE-2019-15998]medium6.8---
146351Cisco DNA Spaces Connector CLI input validation [CVE-2019-15997]medium6.6---
146350Cisco DNA Spaces Connector CLI access control [CVE-2019-15996]medium6.6---
146349Cisco DNA Spaces Connector Web UI sql injection [CVE-2019-15995]medium6.0---
146348Cisco Stealthwatch Enterprise Web-based Management Interface cross site scriptinglow4.3---
146347Cisco Small Business RV Series Router Web-based Management Interface improper authorizationlow4.3---
146346Cisco Email Security Appliance Antispam Protection Mechanism input validationmedium6.8---
146345Cisco Webex Event Center Web Interface improper authenticationlow4.3---
146344Cisco Unity Express CLI os command injection [CVE-2019-15986]medium6.6---
146343Cisco Industrial Network Director Web-based Management Interface cross site scriptinglow4.3---
146342Cisco Unified Communications Manager Web-based Management Interface sql injectionmedium6.0---
146341Cisco AsyncOS/Email Security Appliance MP3 Detection Engine input validationmedium6.8---
146340Cisco Unified Communications Domain Manager Web-based Management Interface cross site scriptinglow3.5---
146339Cisco TelePresence Collaboration Endpoint/RoomOS CLI access controllow1.5---
146338Cisco Webex Meeting WebEx Network Recording Admin Page access controlmedium6.0---
146337Cisco Prime Infrastructure REST API input validation [CVE-2019-15958]high9.3---
146336Cisco AsyncOS/Web Security Appliance Web Management Interface access controllow3.5---
146335Trend Micro Password Manager information disclosure [CVE-2019-15629]low5.0---
146334UniFi Video command injection [CVE-2019-15595]medium4.1---
146333Cisco TelePresence Collaboration Endpoint CLI input validationmedium6.0---
146332Cisco WebEx Network Recording Player/Webex Player ARF File memory corruptionmedium6.8---
146331Cisco WebEx Network Recording Player/Webex Player ARF File memory corruptionmedium6.8---
146330Cisco Wireless LAN Controller Software Web Interface input validationlow3.5---
146329Cisco Small Business RV Series Router Web-based Management Interface deserializationmedium8.5---
146328Cloud Foundry UAA Log Credentials log filelow3.5---
146327iobroker.web GET Reflected cross site scriptinglow4.3---
146326Yaws URL path traversal [CVE-2011-4350]medium6.5---
146325Ruby OpenSSL Extension inadequate encryption [CVE-2011-4121]medium7.5---
146324Yubico PAM Module pam_sm_authenticate input validationmedium5.1--medium
146323Serendipity Karma Plugin serendipity_admin.php cross site scriptinglow4.3---
146322phpLDAPadmin HTTP Header resource consumption [CVE-2011-4082]medium7.5---
146321OpenStack Nova Key information disclosure [CVE-2011-4076]low5.0--high
146320Hardlink link following [CVE-2011-3632]low4.1--medium
146319Hardlink integer overflow [CVE-2011-3631]medium4.1--medium
146318Hardlink out-of-bounds write [CVE-2011-3630]low4.4--medium
146317Ruby Log File HTTPRequest injectionmedium7.5---
146316Tahoe-LAFS authorization [CVE-2011-3617]low5.5---
146315Red Hat JBoss Application Server cross-site request forgery [CVE-2011-3609]low4.3---
146314Red Hat JBoss Application Server Aministration Console DOM-Based cross site scriptinglow3.5---
146313Apache OFBiz XML-RPC Event xmlrpc xml external entity referencemedium7.5---
146312Polipo assertion [CVE-2011-3596]low3.3--low
146311wec_discussion Extension sql injection [CVE-2011-3584]medium6.8---
146310TYPO3 sql injection [CVE-2011-3583]medium6.8---
146309apt apt-key signature verification [CVE-2011-3374]medium6.8---
146308Views Builk Operations Module cross site scripting [CVE-2011-3373]low3.5--low
146307evolution-data-server Email Message missing encryption [CVE-2011-3355]low2.6---
146306openvas-scanner Temp File link following [CVE-2011-3351]low4.1---
146305Google Chrome Swiftshader out-of-bounds read [CVE-2019-5881]low4.3---
146304Google Chrome Policy Enforcement information disclosure [CVE-2019-5880]low4.3---
146303Google Chrome Same Origin Policy input validation [CVE-2019-5879]medium6.8---
146302Google Chrome v8 use after free [CVE-2019-5878]medium6.8---
146301Google Chrome Javascript memory corruption [CVE-2019-5877]medium6.8---
146300Google Chrome Media use after free [CVE-2019-5876]medium6.8---
146299Google Chrome Downloads Address input validationmedium6.8---
146298Google Chrome Navigation input validation [CVE-2019-5874]medium6.8---
146297Google Chrome Navigation Address input validationmedium6.8---
146296Google Chrome Mojo use after free [CVE-2019-5872]medium6.8---
146295Google Chrome Skia out-of-bounds write [CVE-2019-5871]medium6.8---
146294Google Chrome Media use after free [CVE-2019-5870]medium6.8---
146293Google Chrome Blink use after free [CVE-2019-5869]medium6.8---
146292Google Chrome Javascript memory corruption [CVE-2019-5866]medium6.8---
146291Google Chrome Policy Enforcement input validation [CVE-2019-5865]medium6.8---
146290Google Chrome Content Security Policy input validation [CVE-2019-5864]medium6.8---
146289Google Chrome AppCache input validation [CVE-2019-5862]medium6.8---
146288Google Chrome Blink improper restriction of rendered ui layersmedium6.8---
146287Google Chrome PDFium use after free [CVE-2019-5860]medium6.8---
146286Google Chrome URI Scheme input validation [CVE-2019-5859]medium6.8---
146285Google Chrome Services Integration input validation [CVE-2019-5858]medium4.1---
146284Google Chrome Javascript memory corruption [CVE-2019-5857]medium4.3---
146283Google Chrome Policy Enforcement input validation [CVE-2019-5856]medium6.8---
146282Google Chrome PDFium integer overflow [CVE-2019-5855]medium6.8---
146281Google Chrome PDFium integer overflow [CVE-2019-5854]medium6.8---
146280Google Chrome Javascript input validation [CVE-2019-5853]medium6.8---
146279Google Chrome Javascript input validation [CVE-2019-5852]low4.3---
146278Google Chrome WebAudio use after free [CVE-2019-5851]medium6.8---
146277Google Chrome Offline Mode use after free [CVE-2019-5850]medium6.8---
146276Google Chrome Skia out-of-bounds read [CVE-2019-5849]medium6.8---
146275Google Chrome Font information disclosure [CVE-2019-5848]low4.3---
146274Google Chrome Javascript memory corruption [CVE-2019-5847]medium6.8---
146273Google Chrome Blink use after free [CVE-2019-5842]medium6.8---
146272IBM Spectrum Protect Backup-Archive Client TCP/IP information exposurelow1.5---
146271Linux Kernel vcsu Device vc_screen.c vcs_write out-of-bounds readmedium4.6---
146270OpenTrade v1.js sql injectionmedium6.8---
146269QueryTree Invitation InvitationsController.cs input validationhigh7.5---
146268Oniguruma regexec.c str_lower_case_match out-of-bounds readmedium6.8---
146267Linux Kernel cpia2_core.c cpia2_remap_buffer integer overflowmedium4.1---
146266Symantec Critical System Protection improper authentication [CVE-2019-18374]medium7.5---
146265Nokia Impact path traversal [CVE-2019-17406]medium6.8---
146264Nokia Impact Reflected cross site scripting [CVE-2019-17405]low4.3---
146263Nokia Impact Path path traversal [CVE-2019-17404]low4.0---
146262Nokia Impact File Upload unrestricted upload [CVE-2019-17403]medium6.5---
146261vscode-codeql codeQL.cli.executablePath path traversal [CVE-2019-16765]medium4.1---
146260pow_assent PowAssent.Phoenix.AuthorizationController resource consumptionlow3.5---
146259Kaspersky Protection Extension authorization [CVE-2019-15684]low4.3---
146258Katello Password Storage Credentials cleartext transmissionlow3.5---
146257Google Chrome WebBluetooth out-of-bounds write [CVE-2019-13724]medium6.8---
146256Google Chrome WebBluetooth use after free [CVE-2019-13723]medium6.8---
146255Google Chrome PDFium use after free [CVE-2019-13721]medium6.8---
146254Google Chrome WebAudio use after free [CVE-2019-13720]medium6.8---
146253Google Chrome Full Screen Mode insecure storage of sensitive informationlow4.3---
146252Google Chrome Omnibox Domain input validationmedium6.8---
146251Google Chrome Full Screen Mode insecure storage of sensitive informationlow4.3---
146250Google Chrome Policy Enforcement authorization [CVE-2019-13716]medium6.8---
146249Google Chrome Omnibox Domain authentication spoofingmedium6.8---
146248Google Chrome Color Enhancer Extension css injectionmedium6.8---
146247Google Chrome Policy Enforcement information disclosure [CVE-2019-13713]low4.3---
146246Google Chrome Policy Enforcement information disclosure [CVE-2019-13711]low4.3---
146245Google Chrome Downloads input validation [CVE-2019-13710]medium6.8---
146244Google Chrome Policy Enforcement authentication spoofing [CVE-2019-13709]medium6.8---
146243Google Chrome Navigation Address authentication spoofingmedium6.8---
146242Google Chrome information disclosure [CVE-2019-13707]low1.9---
146241Google Chrome PDFium out-of-bounds read [CVE-2019-13706]medium6.8---
146240Google Chrome Policy Enforcement information disclosure [CVE-2019-13705]low4.3---
146239Google Chrome Content Security Policy authentication spoofingmedium6.8---
146238Google Chrome Policy Enforcement Address authentication spoofingmedium6.8---
146237Google Chrome Installer privileges management [CVE-2019-13702]medium4.4---
146236Google Chrome Navigation Address authentication spoofingmedium6.8---
146235Google Chrome Renderer memory corruption [CVE-2019-13700]medium6.8---
146234Google Chrome Renderer use after free [CVE-2019-13699]medium6.8---
146233Google Chrome Javascript memory corruption [CVE-2019-13698]medium6.8---
146232Google Chrome Policy Enforcement permission assignment [CVE-2019-13697]low4.3---
146231Google Chrome Javascript use after free [CVE-2019-13696]medium6.8---
146230Google Chrome use after free [CVE-2019-13695]medium6.8---
146229Google Chrome WebRTC use after free [CVE-2019-13694]medium6.8---
146228Google Chrome IndexedDB use after free [CVE-2019-13693]medium6.8---
146227Google Chrome Policy Enforcement input validation [CVE-2019-13692]medium6.8---
146226Google Chrome Navigation Address input validationmedium6.8---
146225Google Chrome Blink use after free [CVE-2019-13688]medium6.8---
146224Google Chrome Blink use after free [CVE-2019-13687]medium6.8---
146223Google Chrome Offline Mode use after free [CVE-2019-13686]medium6.8---
146222Google Chrome use after free [CVE-2019-13685]medium6.8---
146221Google Chrome Javascript information disclosure [CVE-2019-13684]low4.3---
146220Google Chrome Policy Enforcement permission assignment [CVE-2019-13683]low4.3---
146219Google Chrome Same Origin Policy permission assignment [CVE-2019-13682]medium6.8---
146218Google Chrome Download permission assignment [CVE-2019-13681]medium6.8---
146217Google Chrome TLS IP Address privileges managementmedium6.8---
146216Google Chrome Policy Enforcement permission assignment [CVE-2019-13679]medium6.8---
146215Google Chrome Download Domain input validationmedium6.8---
146214Google Chrome Policy Enforcement permission assignment [CVE-2019-13677]medium6.8---
146213Google Chrome Policy Enforcement Domain permission assignmentmedium6.8---
146212Google Chrome Extension input validation [CVE-2019-13675]low4.3---
146211Google Chrome Omnibox Domain input validationmedium6.8---
146210Google Chrome Developer Tools input validation [CVE-2019-13673]low4.3---
146209Google Chrome Security UI input validation [CVE-2019-13671]medium6.8---
146208Google Chrome input validation [CVE-2019-13670]medium6.8---
146207Google Chrome Navigation Address input validationmedium6.8---
146206Google Chrome Policy Enforcement permission assignment [CVE-2019-13668]low4.3---
146205Google Chrome Omnibox URL input validationmedium6.8---
146204Google Chrome information disclosure [CVE-2019-13666]low4.3---
146203Google Chrome Blink permission assignment [CVE-2019-13665]medium6.8---
146202Google Chrome Content Security Policy permission assignment [CVE-2019-13664]medium6.8---
146201Google Chrome Omnibox Domain input validationmedium6.8---
146200Google Chrome Content Security Policy permission assignment [CVE-2019-13662]medium6.8---
146199Google Chrome Notification input validation [CVE-2019-13661]medium6.8---
146198Google Chrome Notification input validation [CVE-2019-13660]medium6.8---
146197Google Chrome Omnibox permission assignment [CVE-2019-13659]medium6.8---
146196389-ds-base Verbose Mode insufficiently protected credentialslow1.5---
146195Ansible GCP Module service_account_contents information disclosurelow3.5---
146194Openshift Container Platform Debug Log neutralization for logslow3.5---
146193Linux Kernel Bluetooth null pointer dereference [CVE-2019-10207]low4.4---
146192IBM Spectrum Protect Backup-Archive Client CIT privileges managementmedium4.1---
146191GNU Patch Incomplete Fix path traversal [CVE-2015-1396]medium5.8--high
146189cloud-init EC2 Instance Data privileges management [CVE-2012-6639]medium6.5---
146188libuser Home Directory information disclosure [CVE-2012-5644]low1.5--medium
146187thttpd .htpasswd File null pointer dereference [CVE-2012-5640]low1.5---
146186Ipa Server Identity Cookie cookie validationlow4.3---
146185libuser Directory Tree toctou [CVE-2012-5630]low4.1--medium
146184gksu-polkit PolicyKit Policy Configuration File privileges managementmedium4.1--high
146183opendnssec libcurl API input validation [CVE-2012-5582]high7.5---
146182Python Keyring default permission [CVE-2012-5578]low1.9---
146181gnome-system-log polkit Policy information disclosure [CVE-2012-5535]low2.1--medium
146180Claws Mail vCalendar Plugin Interface Credentials insufficiently protected credentialslow2.1---
146179Quagga ospf6d assertion [CVE-2012-5521]low3.3---
146178vdsm Certificate Generator certificate validation [CVE-2012-5518]medium4.3--medium
146177Zope Incomplete Fix CVE-2010-1104 cross site scripting [CVE-2011-4924]low4.3---
146176cri-o Container denial of service [CVE-2019-14891]low2.1---
146175ibus DBus Server authorization [CVE-2019-14822]medium4.1---
146174Linux Kernel WMM heap-based overflow [CVE-2019-14815]medium6.6---
146173Red Hat Enterprise Linux Image Library insufficiently protected credentialslow2.6---
146172Infinispan invokeAccessibly Remote Privilege Escalationmedium4.6---
146171Apple iPhone malloc privileges management [CVE-2019-9536]medium6.9---
146170IBM Tivoli Netcool Impact Error Message information disclosurelow4.3---
146169IBM Tivoli Netcool Impact Web UI cross site scriting [CVE-2019-4569]low3.5---
146168IBM SmartCloud Analytics solrconfig.xml information disclosurelow1.9---
146167IBM SmartCloud Analytics Host Header Cache Poisoning privileges managementmedium6.0---
146166IBM SmartCloud Analytics input validation [CVE-2019-4215]medium6.8---
146165IBM SmartCloud Analytics Token/Cookie authorization [CVE-2019-4214]low2.6---
146164McAfee Client Proxy Microsoft Windows Client privileges managementmedium3.5---
146163ZTE ZXCDN IAMWEB Management Portal input validation [CVE-2019-3428]low4.3---
146162ZTE XCDN IAMWEB Management Page injection [CVE-2019-3427]medium6.5---
146161EmbedThis GoAhead HTTP Header memory corruption [CVE-2019-19240]medium6.8---
146160Linux Kernel AppleTalk Subsystem aarp.c register_snap_client null pointer dereferencelow2.1---
146159Pagekit CSRF Token cross-site request forgery [CVE-2019-19013]low4.3---
146158Sangoma Asterisk/Certified Asterisk res_pjsip_t38.c null pointer dereferencelow5.0---
146157HP ThinPro Citrix Receiver Wrapper input validation [CVE-2019-18910]medium4.1---
146156HP ThinPro input validation [CVE-2019-18909]medium7.4---
146155Sangoma Asterisk/Certified Asterisk chan_sip.c authorizationmedium6.8---
146154phpMyAdmin Designer sql injection [CVE-2019-18622]medium6.0---
146153Sangoma Asterisk/Certified Asterisk Asterisk Manager Interface manager.c authorizationmedium6.0---
146152Eracent EPA Agent Agent Executable untrusted search path [CVE-2019-17446]low4.1---
146151Eracent EDA/EPA/EPM/EUA/FLW/SUM Agent Executable link followinglow4.1---
146150Pannellum data URI cross site scripting [CVE-2019-16763]low4.3---
146149HP ThinPro Application Filter privileges management [CVE-2019-16287]medium4.1---
146148HP ThinPro OS Application Filter authorization [CVE-2019-16286]medium4.4---
146147HP ThinPro authorization [CVE-2019-16285]low1.5---
146146NSSLGlobal SatLink VSAT Modem Unit Web Interface cross site scriptinglow4.3---
146145GitLab Comment resource consumption [CVE-2019-15593]low4.0---
146144ros_comm/ros-melodic-ros-comm buffer overflow [CVE-2019-13566]medium6.8---
146143NAVER Vaccine nsz Archive nsGreen.dll path traversalmedium6.4---
146142Pivotal RabbitMQ Policy Management cross site scripting [CVE-2019-11291]low3.5---
146141Pivotal RabbitMQ Web Management Plugin resource consumption [CVE-2019-11287]low2.8---
146140ansible-playbook-k/Ansible CLI Tools Template Password input validationlow2.1---
146139PowerDNS input validation [CVE-2019-10203]low3.5---
146138CloudForms v2v Infrastructure Mapping Delete Stored cross site scriptinglow3.5---
146137libbluray JAR File MountManager toctoulow3.3---
146136OpenStack Designate DNS Protocol infinite loop [CVE-2015-5694]medium6.0---
146135oVirt Permission authorization [CVE-2015-1780]medium6.0---
146134ace Privileges generate_doygen.pl random valueslow4.1---
146133CHICKEN select buffer overflowmedium6.8---
146132redhat-upgrade-tool GPG Signature signature verification [CVE-2014-3585]medium5.1---
146131POSH login.php cross site scriptinglow4.3---
146130POSH scr_sendmd5.php redirectmedium6.8---
146129Gael Q-Pulse managedlistdialog.aspx cross site scriptinglow4.3---
146128FlashCanvas proxy.php cross site scriptingmedium6.8---
146127Mijosoft MijoSearch Error Message search information exposurelow5.0---
146126Mijosoft MijoSearch search cross site scriptinglow4.3---
146125D-Link DSL-6740U Remote Management cross-site request forgerylow4.3---
146124Exis Contexis Photo Gallery Model cross site scripting [CVE-2013-6239]low4.3---
146123SpagoBI Worksheet Designer unrestricted upload [CVE-2013-6234]low3.5---
146122ownCloud new.php cross site scriptinglow3.5---
146121W3 Total Cache Database Cache information disclosure [CVE-2012-6079]low5.0---
146120W3 Total Cache Hash Generation information disclosure [CVE-2012-6078]low5.0---
146119W3 Total Cache Secure Storage Password information disclosurelow5.0---
146118plow buffer overflow [CVE-2012-3407]medium4.1---
146117PyXML Hash Table resource consumption [CVE-2012-0877]low5.0---
146116PostfixAdmin menu.php cross site scriptinglow6.4--high
146115Qualcomm Snapdragon Auto Xtra Daemon use after free [CVE-2019-10490]medium4.4---
146114Qualcomm Snapdragon Auto Qurt Kernel buffer overflow [CVE-2018-13916]medium4.4---
146113Fortinet FortiOS Configuration Backup hard-coded credentialslow2.1---
146112Beckhoff TwinCAT Profinet Driver divide by zero [CVE-2019-5637]low4.3---
146111Beckhoff TwinCAT Runtime ADS Discovery Service denial of servicelow4.3---
146110NetApp ONTAP Select Deploy Administration Utility injection [CVE-2019-5509]medium6.8---
146109xcftools xcf2png/xcf2pnm flattenIncrementally integer overflowmedium6.8---
146108xcftools xcf2png/xcf2pnm flattenIncrementally integer overflowmedium6.8---
146107Tenda AC9 Router AC1200 WanParameterSetting os command injectionmedium4.6---
146106Tenda AC9 Router AC1200 WanParameterSetting os command injectionmedium4.6---
146105Qualcomm Snapdragon Auto memory corruption [CVE-2019-2339]medium4.4---
146104Qualcomm Snapdragon Auto CBO Listener use after free [CVE-2019-2336]medium4.4---
146103Qualcomm Snapdragon Auto Attach Reject Message infinite looplow5.0---
146102Qualcomm Snapdragon Compute use after free [CVE-2019-2329]medium4.4---
146101Qualcomm Snapdragon Auto Kernel out-of-bounds read [CVE-2019-2318]low2.1---
146100Qualcomm Snapdragon Auto API memory corruption [CVE-2019-2315]medium4.4---
146099Qualcomm Snapdragon Auto SNDCP Module out-of-bounds read [CVE-2019-2303]medium6.8---
146098Qualcomm Snapdragon Auto NAN Message integer underflow [CVE-2019-2297]medium4.4---
146097Qualcomm Snapdragon Auto SDI memory corruption [CVE-2019-2295]low2.1---
146096Qualcomm Snapdragon Auto Modem improper authentication [CVE-2019-2289]medium7.5---
146095Qualcomm Snapdragon Auto Downlink Session out-of-bounds readmedium6.8---
146094Qualcomm Snapdragon Auto P2P Action Frame out-of-bounds readmedium6.8---
146093Qualcomm Snapdragon Auto Camera Sensor use after free [CVE-2019-2266]medium4.4---
146092Qualcomm Snapdragon Auto Bitmap File buffer overflow [CVE-2019-2251]medium4.4---
146091libarchive archive_string.c archive_wstring_append_from_mbs out-of-bounds readmedium4.4---
146090rConfig devices.php sql injectionmedium6.0---
146089Oniguruma regparse.c fetch_interval_quantifier out-of-bounds readmedium6.8---
146088Oniguruma gb18030.c gb18030_mbc_enc_len out-of-bounds readmedium6.8---
146087vTiger CRM My Preferences default permission [CVE-2019-19202]medium6.0---
146086Kyrol Internet Security IOCTL kyrld.sys permission assignmentmedium4.6---
146085Shibboleth Service Provider Spec File link following [CVE-2019-19191]medium6.6---
146084Jalios JCMS improper authentication [CVE-2019-19033]medium6.8---
146083Sangoma FreePBX Access Control authorization [CVE-2019-19006]medium7.5---
146082Nitro Pro Log File debug.log input validationmedium4.6---
146081Zulip Server Password Authentication API Key improper authenticationlow4.3---
146080Redmine sql injection [CVE-2019-18890]medium6.0---
146079Symfony Cache Adapter Interface injection [CVE-2019-18889]medium7.5---
146078Symfony MIME Type input validation [CVE-2019-18888]medium7.5---
146077Symfony UriSigner race condition [CVE-2019-18887]medium6.8---
146076Symfony User information disclosure [CVE-2019-18886]low5.0---
146075HotkeyP Commands.cpp privilege privileges managementmedium7.5---
146074Fortinet FortiClient Security Check os command injection [CVE-2019-17650]medium6.6---
146073Zoho ManageEngine OpManager/Firewall Analyzer Nipper default permissionmedium6.6---
146072NetApp ONTAP Select Deploy Administration Utility input validationmedium6.0---
146071Lexmark Services Monitor Service Port 2070 path traversal [CVE-2019-16758]medium4.3---
146070Google Compute Engine Plugin ComputeEngineCloud#doProvision cross-site request forgerylow4.3---
146069Google Compute Engine Plugin API Endpoint permission assignmentlow3.5---
146068Google Compute Engine Plugin SSH Host Key authorization [CVE-2019-16546]medium5.1---
146067QMetry for JIRA Test Management Plugin cleartext transmissionlow2.1---
146066QMetry for JIRA Test Management Plugin config.xml Credentials credentials storagelow3.5---
146065Spira Importer Plugin Global Configuration Credentials credentials storagelow1.9---
146064Anchore Container Image Scanner Plugin config.xml Credentials credentials storagelow3.5---
146063Jira Plugin Site Definition exposure of resource [CVE-2019-16541]medium6.5---
146062Support Core Plugin Permission path traversal [CVE-2019-16540]medium6.5---
146061Support Core Plugin Permission Check improper authorization [CVE-2019-16539]medium6.5---
146059Centreon Web OVA/OVF permission assignment [CVE-2019-16406]medium4.4---
146058Centreon Web Macro Expression Location Setting input validationmedium6.5---
146057Belkin Linksys Velop sysinfo_json.cgi Key authorizationlow5.0---
146056Fortinet FortiClient SSL VPN Gateway information disclosure [CVE-2019-15704]low1.5---
146055GOG Galaxy GalaxyClientService privileges management [CVE-2019-15511]medium6.9---
146054Symfony VarExport var-exporter input validationmedium6.8---
146053ioBroker path traversal [CVE-2019-10767]medium6.0---
146052Qualcomm IPS Interpreter integer overflow [CVE-2019-10627]medium6.8---
146051Qualcomm QCA6174_9377 Registry privileges management [CVE-2019-10617]medium4.6---
146050Qualcomm Snapdragon Auto WLAN Module buffer overflow [CVE-2019-10566]medium4.4---
146049Qualcomm Snapdragon Auto Message out-of-bounds read [CVE-2019-10563]medium4.4---
146048Qualcomm Snapdragon Auto Loop memory corruption [CVE-2019-10535]medium4.4---
146047Qualcomm Snapdragon Auto Camera Driver array index [CVE-2019-10503]medium4.4---
146046Qualcomm Snapdragon Auto Ressource Lock toctou [CVE-2019-10486]medium4.4---
146045Fotinet FortiOS URL/SPAM/AV hard-coded credentials [CVE-2018-9195]low2.6---
146044Asuswrt-Merlin blocking.asp out-of-bounds writemedium6.8---
146043Synametrics SynaMan/Syncrify/SynTail cross-site request forgerylow4.3---
146042Ikiwiki openid-selector.tmpl cross site scriptinglow4.3--medium
146041Zhone zNID 2426A Web Administrative Portal authorization [CVE-2014-8356]medium6.0---
146040xcfa Temp File race condition [CVE-2014-5255]medium4.1---
146039xcfa Temp File race condition [CVE-2014-5254]medium4.1---
146038eDeploy eval injectionmedium7.5---
146037wolfSSL Server Certificate improper authentication [CVE-2014-2904]medium5.1---
146036wolfSSL CA Certificate certificate validation [CVE-2014-2902]medium5.1---
146035wolfSSL Certificate certificate validation [CVE-2014-2901]medium5.1---
146034python-rply Temp File rply-*.json link followingmedium4.6---
146033Gamera Temp File io.py tempfile.mktemp input validationmedium7.5---
146032rc Temp File input validation [CVE-2014-1936]medium7.5---
1460319base Temp File input validation [CVE-2014-1935]medium7.5---
146030openshift-origin-node Gem cronjob Timeout input validation [CVE-2014-0084]low2.1---
146029net-ldap gem SSHA Password Generation password.rb LDAP Salt unknown vulnerabilitymedium4.6---
146028Slackware iodbctest/iodbctestw input validation [CVE-2013-7172]medium6.6---
146027Slackware/Slackware LLVM Privileges tmp input validationmedium8.5---
146026Loftek Nexus 543 IP Camera get_realip.cgi information disclosurelow5.0---
146025Loftek Nexus 543 IP Camera check_users.cgi Password insufficiently protected credentialsmedium4.3---
146024Loftek Nexus 543 IP Camera set_users.cgi cross-site request forgerylow4.3---
146023Loftek Nexus 543 IP Camera path traversal [CVE-2013-3311]medium5.0---
146022xlockmore dclock input validation [CVE-2012-4524]medium6.8--medium
146021Mono ASP.NET Web Form Hash input validation [CVE-2012-3543]low5.0--high
146020cumin PostgreSQL Database input validation [CVE-2012-3460]medium7.5---
146019pam_shield Default Configuration input validation [CVE-2012-2350]medium7.5---
146018trytond ModelView.button authorizationmedium7.5---
146017Activity Module cross-site request forgery [CVE-2012-2079]low4.3---
146016Activity Module cross site scripting [CVE-2012-2078]low3.5---
146015Quick Tabs Module cross site scripting [CVE-2012-1637]low3.5---
146014Chyrp ajax.php cross site scriptinglow4.3---
146013Linux Kernel extent-tree.c __btrfs_free_extent information disclosurelow1.5---
146012Linux Kernel namei.c ext4_empty_dir null pointer dereferencelow4.3---
146011Linux Kernel ctree.c btrfs_root_node null pointer dereferencelow4.3---
146010Schneider Electric Andover Continuum Web Server cross site scriptinglow4.3---
146009Schneider Electric Modicon M340 CPU Web Server information disclosuremedium6.8---
146008VMware Workstation/Fusion RPC input validation [CVE-2019-5542]low4.0---
146007VMware Workstation/Fusion e1000e Virtual Network Adapter out-of-bounds writemedium6.0---
146006VMware Workstation/Fusion vmnetdhcp information disclosure [CVE-2019-5540]low4.0---
146005IBM Security Identity Manager Deserialization code injectionmedium6.0---
146004IBM Maximo Asset Management denial of service [CVE-2019-4530]low4.9---
146003postgresql-common pg_ctlcluster privileges managementmedium4.1---
146002CODESYS Web Server buffer overflow [CVE-2019-18858]medium6.8---
146001GNU Serveez reader http_cgi_write information disclosuremedium6.8---
146000iobroker.admin path traversal [CVE-2019-10765]low5.0---
145999Google Chrome unknown vulnerability [CVE-2016-9652]low5.8--high
145998Google Chrome Product Security memory corruption [CVE-2016-5194]medium6.8--medium
145997PostgreSQL Error Message information disclosure [CVE-2015-3167]low2.6--medium
145996PostgreSQL snprintf memory corruptionlow4.3--medium
145995GnuPG Sign Extension keybox-search.c input validationmedium6.8--low
145994GnuPG Keyring DB use after free [CVE-2015-1606]medium6.8--high
145993Dolibarr ERP CRM barcode.lib.php input validation [CVE-2013-2093]medium7.5---
145992Dolibarr ERP CRM functions.lib.php cross site scripting [CVE-2013-2092]low4.3---
145991Dolibarr ERP CRM fiche.php sql injectionmedium6.8---
145990MediaWiki api.php information disclosurelow5.0--high
145989MediaWiki HttpFunctions.php input validationmedium7.5--high
145988Piwik cross site scripting [CVE-2013-0195]low4.3---
145987Piwik cross site scripting [CVE-2013-0194]low4.3---
145986Piwik cross site scripting [CVE-2013-0193]low4.3---
145985tuned default permission [CVE-2012-6136]medium4.1---
145984Pidgin dbus cleartext transmission [CVE-2012-1257]low1.5---
145983Tiki tiki-admin_system.php cross site scriptinglow4.3---
145982Tiki tiki-remind_password.php cross site scriptinglow4.3---
145981Smarty3 input validation [CVE-2011-1028]medium7.5---
145980Weborf HTTP input validation [CVE-2011-0529]low5.0---
145979statusnet addslashes input validationmedium6.8---
145978statusnet Error Message cross site scripting [CVE-2010-4659]low4.3---
145977Lenovo Paper software privileges management [CVE-2019-6191]medium4.6---
145976Lenovo System Interface Foundation DLL Loader untrusted search pathmedium4.4---
145975Lenovo XClarity Controller Stored injection [CVE-2019-6187]medium6.5---
145974Lenovo System Interface Foundation code injection [CVE-2019-6186]medium6.5---
145973Customer Engagement Service privileges management [CVE-2019-6184]medium4.1---
145972ThinkPad USB-C Dock denial of service [CVE-2019-6176]low5.0---
145971Mail2000 redirect [CVE-2019-15073]medium6.8---
145970Mail2000 Login portal cross site scriptinglow4.3---
145969Mail2000 go cross site scriptinglow4.3---
IDTitleVulDBCVSSSecuniaXForceNessus
145968GNU C Library setuid Program information disclosure [CVE-2019-19126]medium4.1---
145967Apache NiFi Authentication Mechanism Logout session expirationmedium5.1---
145966AngularJS merge input validationmedium7.5---
145965Apache NiFi API information disclosure [CVE-2019-10083]low5.0---
145964Apache NiFi XMLFileLookupService xml external entity referencemedium6.5---
145963Zikula cross site scripting [CVE-2011-3352]low3.5---
145962masqmail log.c seteuid dropped privilegesmedium7.5---
145961LightDM Permission privileges management [CVE-2011-3349]medium4.1---
145960foomatic-rip Filter Debug Mode link following [CVE-2011-2924]medium4.1--low
145959foomatic-rip Filter Debug Mode link following [CVE-2011-2923]low4.1--low
145958Unbound IPsec Module input validation [CVE-2019-18934]medium6.8---
145957Cloud Foundry Routing Nonce input validation [CVE-2019-11289]low4.3---
145956Pixie limit sql injectionmedium6.8---
145955Node-cookie-signature Comparison race condition [CVE-2016-1000236]low2.1---
145954RubyGems Startup input validation [CVE-2012-6135]medium6.4---
145953nuSOAP Certificate Validation certificate validation [CVE-2012-6071]medium7.5---
145952Falconpl libcurl API input validation [CVE-2012-6070]medium7.5---
145951ktsuss GTK Interface input validation [CVE-2011-2922]medium6.6--high
145950ktsuss Privileges dropped privileges [CVE-2011-2921]medium6.6--high
145949Code42 DLL Loader untrusted search path [CVE-2019-16861]medium4.1---
145948Code42 DLL Loader untrusted search path [CVE-2019-16860]medium4.1---
145947HHVM __construct use after freemedium6.8---
145946sniffit Configuration File out-of-bounds write [CVE-2014-5439]high9.3--high
145945uzbl Cookie Storage information disclosure [CVE-2012-0843]low1.5--low
145944Surf Cookie Jahr information disclosure [CVE-2012-0842]low1.5--high
145943gnusound format string [CVE-2012-0824]medium6.8---
145942nginx HTTP Proxy Module input validation [CVE-2011-4968]medium5.1---
145941tog-Pegasus Package Hash input validation [CVE-2011-4967]low5.0---
145940Cobbler privileges management [CVE-2011-4954]medium4.1--medium
145939Cobbler cross-site request forgery [CVE-2011-4952]low5.8--medium
145938mpack information disclosure [CVE-2011-4919]low5.0--high
145937NVIDIA NVFlash privileges management [CVE-2019-5688]medium4.1---
145936OpenWrt ustream-ssl certificate validation [CVE-2019-5102]medium5.1---
145935OpenWrt ustream-ssl __ustream_ssl_poll certificate validationmedium5.1---
145934ZTE C520V21 Web Service improper authentication [CVE-2019-3424]medium7.5---
145933ZTE C520V21 URL path traversal [CVE-2019-3423]medium7.5---
145932PHICOMM K2 autoupgrade.lua input validation [CVE-2019-19117]medium6.5---
145931newbee-mall NewBeeMallGoodsMapper.xml sql injectionmedium6.8---
145930Octopus Server Persistent cross site scripting [CVE-2019-19085]low3.5---
145929Octopus Deploy Package unrestricted upload [CVE-2019-19084]medium6.0---
145928Norton App Lock privileges management [CVE-2019-18373]low4.4---
145927Comodo Internet Security Signature Validation signmgr.dll untrusted search pathmedium4.4---
145926Micro Focus Operations Agent XML Data xml external entity referencemedium6.5---
145925Footy Tipping Software AFL Web Edition File Upload unrestricted uploadmedium6.5---
145924Footy Tipping Software AFL Web Edition cross site scripting [CVE-2019-17057]low4.3---
145923Mailbird HTML Mail Message cross site scripting [CVE-2019-15054]low4.3---
145922Social Photo Gallery plugin Album input validation [CVE-2019-14467]medium7.5---
145921Apache Shiro Configuration Padding input validationmedium5.1---
145920Apache Solr Configuration File solr.in.sh unrestricted uploadmedium6.8---
145918Sandline Centraleyezer File Upload Stored cross site scriptinglow4.3---
145917Sandline Centraleyezer Category Stored cross site scriptinglow4.3---
145916Sandline Centraleyezer File Upload unrestricted upload [CVE-2019-12271]medium7.5---
145915elliptic-php Private Key Elliptic-Curve race conditionlow2.6---
145914Pimcore pimcore sql injectionmedium6.0---
145913Codehaus jackson-mapper-asl XML Data xml external entity referencemedium5.1---
145912Apache Atlas Search Stored cross site scriptinglow4.3---
145911Plex Media Server Access Control insufficiently protected credentialsmedium6.5---
145910Raritan CommandCenter Secure Gateway XML Data xml external entity referencemedium7.5---
145909BlackBoard Learn bb-auth-provider-cas Authentication Module redirectmedium6.8---
145908TBOOT Boot Loader loader.c input validationmedium4.0--low
145907Jenkins CI Game Plugin cross site scripting [CVE-2012-4441]low4.3---
145906Jenkins Violations Plugin cross site scripting [CVE-2012-4440]low4.3---
145905Jenkins URL cross site scripting [CVE-2012-4439]low4.3---
145904Jenkins input validation [CVE-2012-4438]medium6.0---
145903Distributed Ruby instance_eval Remote Code Executionhigh7.5---
145902Distributed Ruby Syscall Remote Code Execution [CVE-2011-5330]high7.5---
145901Iceweasel-firegpg Temp File link following [CVE-2008-7273]medium4.6---
145900Linux Kernel dc clock_source_create resource consumptionlow5.0---
145899Linux Kernel dc create_resource_pool resource consumptionlow5.0---
145898Linux Kernel main.c nfp_flower_spawn_vnic_reprs resource consumptionlow5.0---
145897Linux Kernel main.c nfp_flower_spawn_phy_reprs resource consumptionlow5.0---
145896Linux Kernel tun.c qrtr_tun_write_iter resource consumptionlow5.0---
145895Linux Kernel usb.c ath10k_usb_hif_tx_sg resource consumptionlow5.0---
145894Linux Kernel ib_verbs.c bnxt_re_create_srq resource consumptionlow5.0---
145893Linux Kernel cls.c nfp_abm_u32_knode_replace resource consumptionlow5.0---
145892Linux Kernel ca8210.c ca8210_probe resource consumptionlow5.0---
145891Linux Kernel wmi.c ath9k_wmi_cmd resource consumptionlow5.0---
145890Linux Kernel htc_hst.c wait_for_completion_timeout resource consumptionlow5.0---
145889Linux Kernel trace_events_filter.c predicate_parse resource consumptionlow5.0---
145888Linux Kernel rsi_91x_mgmt.c rsi_send_beacon resource consumptionlow5.0---
145887Linux Kernel spi-gpio.c spi_gpio_probe resource consumptionlow5.0---
145886Linux Kernel fastrpc.c fastrpc_dma_buf_attach resource consumptionlow5.0---
145885Linux Kernel rtl8xxxu_core.c rtl8xxxu_submit_int_urb resource consumptionlow5.0---
145884Linux Kernel amdgpu_acp.c acp_hw_init resource consumptionlow5.0---
145883Linux Kernel bfad_attr.c bfad_im_get_stats resource consumptionlow5.0---
145882Linux Kernel sdma.c sdma_init resource consumptionlow5.0---
145881Linux Kernel spi-fsl-lpspi.c fsl_lpspi_probe resource consumptionlow5.0---
145880Linux Kernel usb.c rtl_usb_probe resource consumptionlow5.0---
145879Linux Kernel crypto_user_base.c crypto_report resource consumptionlow5.0---
145878Linux Kernel adis_buffer.c adis_update_scan_mode_burst resource consumptionlow5.0---
145877Linux Kernel adis_buffer.c adis_update_scan_mode resource consumptionlow5.0---
145876Linux Kernel ctxt-info-gen3.c iwl_pcie_ctxt_info_gen3_init resource consumptionlow5.0---
145875Linux Kernel dbg.c alloc_sgtable resource consumptionlow5.0---
145874Linux Kernel pcie.c mwifiex_pcie_init_evt_ring resource consumptionlow5.0---
145873Linux Kernel pcie.c mwifiex_pcie_alloc_cmdrsp_buf resource consumptionlow5.0---
145872Linux Kernel nl80211.c nl80211_get_ftm_responder_stats resource consumptionlow5.0---
145871Linux Kernel cx23888-ir.c cx23888_ir_probe resource consumptionlow5.0---
145870Linux Kernel rpmsg_char.c rpmsg_eptdev_write_iter resource consumptionlow5.0---
145869Linux Kernel gs_usb.c gs_can_open resource consumptionlow5.0---
145868Linux Kernel op-rfkill.c i2400m_op_rfkill_sw_toggle resource consumptionlow5.0---
145867Linux Kernel crypto_user_stat.c crypto_reportstat resource consumptionlow5.0---
145866Linux Kernel unittest.c unittest_data_add resource consumptionlow5.0---
145865Linux Kernel vboxguest_utils.c crypto_reportstat resource consumptionlow5.0---
145864Linux Kernel health.c mlx5_fw_fatal_reporter_dump resource consumptionlow5.0---
145863Linux Kernel ipmi_msghandler.c __ipmi_bmc_register resource consumptionlow5.0---
145862Linux Kernel conn.c mlx5_fpga_conn_create_cq resource consumptionlow5.0---
145861Linux Kernel v3d_gem.c v3d_submit_cl_ioctl resource consumptionlow5.0---
145860Linux Kernel i40e_main.c i40e_setup_macvlans resource consumptionlow5.0---
145859Xorux Lpar2RRD/Stor2RRD Upgrade Package os command injectionmedium6.5---
145858KairosDB view.html cross site scriptinglow4.3---
145857jhead jpgfile.c process_SOFn out-of-bounds readmedium6.8---
145856iTerm2 Search History information disclosure [CVE-2019-19022]low4.3---
145855Oniguruma regexec.c search_in_range integer overflowmedium6.8---
145854MiniUPnP ngiflib ngiflib.c GifIndexToTrueColor null pointer dereferencelow5.0---
145853F5 BIG-IP Management Port input validation [CVE-2019-6664]medium7.5---
145852F5 BIG-IP/BIG-IQ/iWorkflow/Enterprise Manager Configuration Utility DNS Rebinding input validationmedium6.8---
145851F5 BIG-IP Log log file [CVE-2019-6662]low3.5---
145850F5 BIG-IP APM APD/APMD resource consumption [CVE-2019-6661]low5.0---
145849F5 BIG-IP resource consumption [CVE-2019-6660]low5.0---
145848F5 BIG-IP Virtual Server input validation [CVE-2019-6659]low5.0---
145847Math Plugin Eval input validation [CVE-2019-19010]medium7.5---
145846AbuseFilter Extension information disclosure [CVE-2019-18987]low4.3---
145845Pimcore Forgot Password excessive authentication [CVE-2019-18986]low4.3---
145844Pimcore 2FA Token excessive authentication [CVE-2019-18985]low2.6---
145843Pimcore Email Log Preview EmailController.php cross site scriptinglow4.3---
145842Pimcore ID privileges management [CVE-2019-18981]medium6.8---
145841Cyrus IMAP privileges management [CVE-2019-18928]medium7.5---
145840Symantec Endpoint Protection privileges management [CVE-2019-18372]medium4.1---
145839slpjs Bitcoin Script input validation [CVE-2019-16762]low4.3---
145838slp-validate Bitcoin Script input validation [CVE-2019-16761]low4.3---
145837Ghostscript .charkeys Remote Code Executionmedium6.8---
145836TemaTres Administrator Account privileges management [CVE-2019-14345]medium7.5---
145835TemaTres Stored cross site scripting [CVE-2019-14343]low4.3---
145834Marvell 88W8688 Parrot Faurecia Automotive FC6050W out-of-bounds writemedium5.4---
145833Marvell 88W8688 Parrot Faurecia Automotive FC6050W out-of-bounds writemedium5.4---
145832Symantec Endpoint Protection Manager privileges management [CVE-2019-12759]medium6.6---
145831Symantec Endpoint Protection Digital Signature input validationmedium3.8---
145830Symantec Endpoint Protection privileges management [CVE-2019-12757]medium6.6---
145829Symantec Endpoint Protection Password Protection authorizationmedium4.1---
145828Symantec Endpoint Protection Manager privileges management [CVE-2018-18368]medium4.1---
145827NSS ssl3_ComputeRecordMACConstantTime null pointer dereferencelow4.3--high
145826openshift Install Script exposure of resource [CVE-2014-0023]medium4.6---
145825Chrony cmdmon Protocol Amplification privileges managementmedium7.5--high
145824ClamAV dbg_printhex information disclosurelow5.0--medium
145823ClamAV libclamav buffer overflow [CVE-2013-7088]medium7.5--medium
145822ClamAV WWPack memory corruption [CVE-2013-7087]medium6.8--medium
145821Perdition IMAP Server/POP Server ssl_outgoing_ciphers exceptional conditionlow2.6---
145820qtnx Configuration File Key cleartext storagelow1.5---
145819ax25-tools AX.25 Daemon setuid privileges managementmedium4.6---
145818Drupal File Upload authorization [CVE-2011-2726]medium7.5---
145817gksu-polkit xauth input validation [CVE-2011-0703]medium7.5---
145816Jetty Cookie Dump Servlet Escape memory corruptionmedium7.5---
145815Intel fTPM race condition [CVE-2019-11090]low1.2---
145814Adobe Illustrator CC memory corruption [CVE-2019-8248]medium6.8---
145813Adobe Illustrator CC memory corruption [CVE-2019-8247]medium6.8---
145812Adobe Media Encoder out-of-bounds write [CVE-2019-8246]medium6.8---
145811Adobe Media Encoder out-of-bounds read [CVE-2019-8244]medium6.8---
145810Adobe Media Encoder out-of-bounds read [CVE-2019-8243]medium6.8---
145809Adobe Media Encoder out-of-bounds read [CVE-2019-8242]medium6.8---
145808Adobe Media Encoder out-of-bounds read [CVE-2019-8241]medium6.8---
145807Adobe Bridge CC memory corruption [CVE-2019-8240]medium6.8---
145806Adobe Bridge CC memory corruption [CVE-2019-8239]medium6.8---
145805Adobe Illustrator CC Library Loader untrusted search path [CVE-2019-7962]medium6.8---
145804Adobe Animate CC Library Loader untrusted search path [CVE-2019-7960]medium4.1---
145803Philips Taolight Smart Wi-Fi Wiz Connected LED Bulb API improper authenticationmedium5.4---
145802rack-cors Gem path traversal [CVE-2019-18978]medium7.5---
145801MicroStrategy Library Reflected cross site scriptinglow4.3---
145800SnowHaze input validation [CVE-2019-18949]low4.3---
145799eQ-3 Homematic CCU2/Homematic CCU3 Web Interface exec.cgi input validationmedium7.5---
145798eQ-3 Homematic CCU2/Homematic CCU3 Web Interface save.cgi input validationmedium7.5---
145797eQ-3 Homematic CCU2/Homematic CCU3 Web Interface exec.cgi input validationmedium7.5---
145796Scanguard default permission [CVE-2019-18895]medium4.6---
145795Linux Kernel volumes.c null pointer dereferencelow2.1---
1457943xLogic Infinias Access Control cross-site request forgery [CVE-2019-18651]low4.3---
145793Untangle NG Firewall Report Stored cross site scriptinglow3.5---
145792Untangle NG Firewall Reflected cross site scripting [CVE-2019-18648]low3.5---
145791Untangle NG Firewall injection [CVE-2019-18647]medium6.5---
145790Within Authenticate Firewall sql injection [CVE-2019-18646]medium6.5---
145789Espressif ESP32 Secure Boot information disclosure [CVE-2019-17391]low1.2---
145788STMicroelectronics ST33TPHF2ESPI TPM Private Key TPM-Fail risky encryptionlow2.6---
145787Blade Shadow Network Protocol input validation [CVE-2019-16110]medium6.8---
145786ZyXEL GS1900 Password Recovery input validation [CVE-2019-15804]medium7.5---
145785ZyXEL GS1900 libfds.so fds_sys_passDebugPasswd_ret input validationmedium7.5---
145784ZyXEL GS1900 Configuration Backup libsal.so.0.0 sal_util_str_encrypt hard-coded credentialsmedium5.1---
145783ZyXEL GS1900 libfds.so.0.0 fds_sys_passDebugPasswd_ret insufficiently protected credentialsmedium7.5---
145782ZyXEL GS1900 libclicmd.so cmd_sys_traceroute_exec input validationmedium7.5---
145781ZyXEL GS1900 Web Interface privileges management [CVE-2019-15799]low4.0---
145780Sony Xperia XZs external reference [CVE-2019-15744]medium4.6---
145779Sony Xperia Touch external reference [CVE-2019-15743]medium4.6---
145778Xiaomi Mi A3 external reference [CVE-2019-15475]medium4.6---
145777Xiaomi Cepheus external reference [CVE-2019-15474]medium4.6---
145776Xiaomi Mi A2 Lite external reference [CVE-2019-15473]medium4.6---
145775Xiaomi Mi A2 Lite external reference [CVE-2019-15472]medium4.6---
145774Xiaomi Mi Mix 2S permission assignment [CVE-2019-15471]medium4.6---
145773Xiaomi Redmi Note 6 Pro permission assignment [CVE-2019-15470]medium4.6---
145772Xiaomi Mi Pad 4 permission assignment [CVE-2019-15469]medium4.6---
145771Xiaomi Mi A2 Lite external reference [CVE-2019-15468]medium4.6---
145770Xiaomi Mi Mix 2S external reference [CVE-2019-15467]medium4.6---
145769Xiaomi Redmi 6 Pro external reference [CVE-2019-15466]medium4.6---
145768Samsung J7 Pro permission assignment [CVE-2019-15465]medium4.6---
145767Samsung J7 Pro permission assignment [CVE-2019-15464]medium4.6---
145766Samsung j7popeltemtr permission assignment [CVE-2019-15463]medium4.6---
145765Samsung J7 Duo permission assignment [CVE-2019-15462]medium4.6---
145764Samsung J7 Neo permission assignment [CVE-2019-15461]medium4.6---
145763Samsung J7 Neo permission assignment [CVE-2019-15460]medium4.6---
145762Samsung J7 Neo permission assignment [CVE-2019-15459]medium4.6---
145761Samsung J7 Neo permission assignment [CVE-2019-15458]medium4.6---
145760Samsung J6 permission assignment [CVE-2019-15457]medium4.6---
145759Samsung J6 permission assignment [CVE-2019-15456]medium4.6---
145758Samsung J5 permission assignment [CVE-2019-15455]medium4.6---
145757Samsung J4 permission assignment [CVE-2019-15454]medium4.6---
145756Samsung J4 permission assignment [CVE-2019-15453]medium4.6---
145755Samsung J3 permission assignment [CVE-2019-15452]medium4.6---
145754Samsung J3 permission assignment [CVE-2019-15451]medium4.6---
145753Samsung j3popeltecan permission assignment [CVE-2019-15450]medium4.6---
145752Samsung S7 Edge permission assignment [CVE-2019-15449]medium4.6---
145751Samsung S7 Edge permission assignment [CVE-2019-15448]medium4.6---
145750Samsung S7 Edge permission assignment [CVE-2019-15447]medium4.6---
145749Samsung S7 permission assignment [CVE-2019-15446]medium4.6---
145748Samsung S7 permission assignment [CVE-2019-15445]medium4.6---
145747Samsung S7 permission assignment [CVE-2019-15444]medium4.6---
145746Samsung J7 Max permission assignment [CVE-2019-15443]medium4.6---
145745Samsung on7xelteskt permission assignment [CVE-2019-15442]medium4.6---
145744Samsung on7xeltelgt permission assignment [CVE-2019-15441]medium4.6---
145743Samsung J5 permission assignment [CVE-2019-15440]medium4.6---
145742Samsung XCover4 permission assignment [CVE-2019-15439]medium4.6---
145741Samsung XCover4 permission assignment [CVE-2019-15438]medium4.6---
145740Samsung XCover4 permission assignment [CVE-2019-15437]medium4.6---
145739Samsung A8+ permission assignment [CVE-2019-15436]medium4.6---
145738Samsung A7 permission assignment [CVE-2019-15435]medium4.6---
145737Samsung A5 permission assignment [CVE-2019-15434]medium4.6---
145736Samsung A3 permission assignment [CVE-2019-15433]medium4.6---
145735Evercoss U6 permission assignment [CVE-2019-15432]medium4.6---
145734Evercoss U50A permission assignment [CVE-2019-15431]medium4.6---
145733Bluboo D3 Pro permission assignment [CVE-2019-15430]medium4.6---
145732Panasonic ELUGA I9 external reference [CVE-2019-15429]medium4.6---
145731Xiaomi Mi Note 2 external reference [CVE-2019-15428]medium4.6---
145730Xiaomi Mi Mix external reference [CVE-2019-15427]medium4.6---
145729Xiaomi Mi 5s Plus external reference [CVE-2019-15426]medium4.6---
145728Kata M4s external reference [CVE-2019-15425]medium4.6---
145727Doogee BL5000 external reference [CVE-2019-15424]medium4.6---
145726Bluboo S1 external reference [CVE-2019-15423]medium4.6---
145725Doogee Mix external reference [CVE-2019-15422]medium4.6---
145724Blackview BV7000 Pro external reference [CVE-2019-15421]medium4.6---
145723Blackview BV9000Pro-F external reference [CVE-2019-15420]medium4.6---
145722Asus X015_1 external reference [CVE-2019-15419]medium4.6---
145721Asus X00K_1 external reference [CVE-2019-15418]medium4.6---
145720Tecno Spark Pro permission assignment [CVE-2019-15417]medium4.6---
145719Sony keyaki_kddi permission assignment [CVE-2019-15416]medium4.6---
145718Xiaomi Redmi 5 external reference [CVE-2019-15415]medium4.6---
145717Asus ZenFone AR permission assignment [CVE-2019-15414]medium4.6---
145716Asus ZenFone 3 Ultra permission assignment [CVE-2019-15413]medium4.6---
145715Asus ZenFone 4 Selfie com.asus.loguploader permission assignmentmedium4.6---
145714Asus ZenFone 3 Laser com.asus.loguploader permission assignmentmedium4.6---
145713Asus ZenFone 5Q com.asus.loguploader permission assignment [CVE-2019-15410]medium4.6---
145712Asus ZenFone 5Q com.asus.loguploader permission assignment [CVE-2019-15409]medium4.6---
145711Asus ZenFone 5 Lite com.asus.loguploader permission assignmentmedium4.6---
145710Asus X015_1 com.asus.loguploader permission assignment [CVE-2019-15407]medium4.6---
145709Asus X00LD_3 com.asus.loguploader permission assignment [CVE-2019-15406]medium4.6---
145708Asus X00K_1 com.asus.loguploader external reference [CVE-2019-15405]medium4.6---
145707Asus ZenFone Max 4 com.asus.loguploader permission assignmentmedium4.6---
145706Asus ZenFone 3s Max com.asus.loguploader permission assignmentmedium4.6---
145705Asus A002_2 com.asus.loguploader permission assignment [CVE-2019-15402]medium4.6---
145704Asus A002 com.asus.loguploader permission assignment [CVE-2019-15401]medium4.6---
145703Asus ZenFone 3 Ultra com.asus.loguploader permission assignmentmedium4.6---
145702Asus ZenFone 5Q com.asus.loguploader permission assignment [CVE-2019-15399]medium4.6---
145701Asus ZenFone 4 com.asus.loguploader permission assignment [CVE-2019-15398]medium4.6---
145700Asus ZenFone Max 4 com.asus.loguploader permission assignmentmedium4.6---
145699Asus ZenFone 3 com.asus.loguploader permission assignment [CVE-2019-15396]medium4.6---
145698Asus ZenFone 3s Max com.asus.loguploader permission assignmentmedium4.6---
145697Asus ZenFone 5 Selfie external reference [CVE-2019-15394]medium4.6---
145696Asus ZenFone Live external reference [CVE-2019-15393]medium4.6---
145695Asus ZenFone 4 Selfie Authorization authorization [CVE-2019-15392]medium4.6---
145694Asus ZenFone 4 Selfie Authorization authorization [CVE-2019-15391]medium4.6---
145693Haier G8 Authorization authorization [CVE-2019-15390]medium4.6---
145692Haier A6 Graphical User Interface permission assignment [CVE-2019-15389]medium5.1---
145691Coolpad 1851 Graphical User Interface injection [CVE-2019-15388]medium5.1---
145690Archos Core 101 Permission permission assignment [CVE-2019-15387]medium4.6---
145689LAVA Z60s Authorization permission assignment [CVE-2019-15386]medium4.6---
145688Infinix Note 5 Authorization authorization [CVE-2019-15385]medium4.6---
145687Elephone A4 Authorization authorization [CVE-2019-15384]medium4.6---
145686Allview X5 Authorization authorization [CVE-2019-15383]medium4.6---
145685Cubot Nova Authorization authorization [CVE-2019-15382]medium4.6---
145684BQ 5515L Authorization authorization [CVE-2019-15381]medium4.6---
145683Fly Photo Pro Authorization authorization [CVE-2019-15380]medium4.6---
145682Walton Primo G3 Authorization authorization [CVE-2019-15379]medium4.6---
145681Panasonic Eluga Ray 600 Authorization authorization [CVE-2019-15378]medium4.6---
145680Cherry Flare S7 Authorization authorization [CVE-2019-15377]medium4.6---
145679Panasonic Eluga Ray 530 Authorization authorization [CVE-2019-15376]medium4.6---
145678Haier G8 Authorization authorization [CVE-2019-15375]medium4.6---
145677LAVA Iris 88 Lite Authorization authorization [CVE-2019-15374]medium4.6---
145676Symphony i95 Lite Authorization authorization [CVE-2019-15373]medium4.6---
145675Hisense F17 Authorization authorization [CVE-2019-15372]medium4.6---
145674Symphony G100 Authorization authorization [CVE-2019-15371]medium4.6---
145673Haier G8 Authorization authorization [CVE-2019-15370]medium4.6---
145672LAVA Z61 Turbo Authorization authorization [CVE-2019-15369]medium4.6---
145671Coolpad 1851 Authorization authorization [CVE-2019-15368]medium4.6---
145670Haier P10 Authorization authorization [CVE-2019-15367]medium4.6---
145669Infinix Note 5 Authorization authorization [CVE-2019-15366]medium4.6---
145668LAVA Z92 Authorization authorization [CVE-2019-15365]medium4.6---
145667Dexp BL250 Authorization authorization [CVE-2019-15364]medium4.6---
145666Leagoo Power 5 Authorization authorization [CVE-2019-15363]medium4.6---
145665LAVA Iris 88 Go Authorization authorization [CVE-2019-15362]medium4.6---
145664Infinix Note 5 Authorization authorization [CVE-2019-15361]medium4.6---
145663Hisense U965 Authorization authorization [CVE-2019-15360]medium4.6---
145662Haier A6 Authorization authorization [CVE-2019-15359]medium4.6---
145661Dexp Z250 authorization [CVE-2019-15358]medium4.6---
145660Advan i6A authorization [CVE-2019-15357]medium4.6---
145659LAVA Flair Z1 authorization [CVE-2019-15356]medium4.6---
145658Tecno Camon iClick authorization [CVE-2019-15355]medium4.6---
145657Ulefone Armor 5 authorization [CVE-2019-15354]medium4.6---
145656Coolpad N3C authorization [CVE-2019-15353]medium4.6---
145655Coolpad 1851 authorization [CVE-2019-15352]medium4.6---
145654Tecno Camon Graphical User Interface permission assignment [CVE-2019-15351]medium4.6---
145653Tecno Camon Graphical User Interface permission assignment [CVE-2019-15350]medium4.6---
145652Tecno Camon Graphical User Interface permission assignment [CVE-2019-15349]medium4.6---
145651Tecno Camon Graphical User Interface permission assignment [CVE-2019-15348]medium4.6---
145650Tecno Camon iClick 2 Graphical User Interface permission assignmentmedium4.6---
145649Tecno Camon iClick 2 Graphical User Interface permission assignmentmedium4.6---
145648Tecno Camon iClick Graphical User Interface permission assignmentmedium4.6---
145647Tecno Camon iClick Graphical User Interface permission assignmentmedium6.8---
145646Tecno Camon iClick Graphical User Interface permission assignmentmedium4.6---
145645Tecno Camon iAir 2 Plus Graphical User Interface permission assignmentmedium4.6---
145644Tecno Camon iAir 2 Plus Graphical User Interface permission assignmentmedium4.6---
145643Xiaomi Redmi 6 Pro permission assignment [CVE-2019-15340]medium4.6---
145642LAVA Z60s permission assignment [CVE-2019-15339]medium4.6---
145641LAVA Iris 88 Lite permission assignment [CVE-2019-15338]medium4.6---
145640LAVA Z81 permission assignment [CVE-2019-15337]medium4.6---
145639LAVA Z61 Turbo permission assignment [CVE-2019-15336]medium4.6---
145638LAVA Z92 permission assignment [CVE-2019-15335]medium4.6---
145637LAVA Iris 88 Go permission assignment [CVE-2019-15334]medium4.6---
145636LAVA Flair Z1 permission assignment [CVE-2019-15333]medium4.6---
145635LAVA Z61 permission assignment [CVE-2019-15332]medium4.6---
145634dpdk File Descriptor resource consumption [CVE-2019-14818]low4.3---
145633SAS XML Mapper XML Data xml external entity reference [CVE-2019-14678]medium7.5---
145632Nuvoton CIR Driver Permission default permission [CVE-2019-14602]medium4.1---
145631Intel Graphics Driver API input validation [CVE-2019-14591]low1.5---
145630Intel Graphics Driver information disclosure [CVE-2019-14590]low1.5---
145629Intel Graphics Driver out-of-bounds read [CVE-2019-14574]medium4.1---
145628Intel SGX SDK input validation [CVE-2019-14566]medium4.1---
145627Intel SGX SDK input validation [CVE-2019-14565]medium4.1---
145626Facebook WhatsApp MP4 File stack-based overflow [CVE-2019-11931]medium6.8---
145625Intel Baseboard Management Controller memory corruption [CVE-2019-11182]medium6.8---
145624Intel Baseboard Management Controller out-of-bounds read [CVE-2019-11181]medium6.8---
145623Intel Baseboard Management Controller input validation [CVE-2019-11180]low4.3---
145622Intel Baseboard Management Controller input validation [CVE-2019-11179]low3.5---
145621Intel Baseboard Management Controller buffer overflow [CVE-2019-11178]medium6.0---
145620Intel Baseboard Management Controller exceptional condition [CVE-2019-11177]low4.3---
145619Intel Baseboard Management Controller input validation [CVE-2019-11175]low4.3---
145618Intel Baseboard Management Controller Access Control information disclosurelow4.3---
145617Intel Baseboard Management Controller Session session fixiationmedium4.1---
145616Intel Baseboard Management Controller out-of-bounds read [CVE-2019-11172]low4.3---
145615Intel Baseboard Management Controller memory corruption [CVE-2019-11171]medium6.8---
145614Intel Baseboard Management Controller improper authenticationmedium4.4---
145613Intel Baseboard Management Controller Session session expirationmedium6.8---
145612Intel PROSet Wireless WiFi Software privileges management [CVE-2019-11156]low4.1---
145611Intel PROSet Wireless WiFi Software Directory Permission default permissionlow1.5---
145610Intel PROSet Wireless WiFi Software Directory Permission default permissionlow1.5---
145609Intel PROSet Wireless WiFi Software DLL memory corruption [CVE-2019-11153]medium4.1---
145608Intel WiFi Driver memory corruption [CVE-2019-11152]medium5.4---
145607Intel WiFi Driver memory corruption [CVE-2019-11151]medium4.1---
145606Intel Xeon Voltage Modulation Interface unusual condition [CVE-2019-11139]low1.5---
145605Intel Xeon/Atom System Firmware input validation [CVE-2019-11137]medium4.1---
145604Intel Xeon Access Control privileges management [CVE-2019-11136]medium4.1---
145603Intel Graphics Driver Kernel Mode Module memory corruption [CVE-2019-11113]medium4.1---
145602Intel Graphics Driver Kernel Mode Driver privileges managementmedium4.1---
145601Intel Graphics Drivers Unified Shader Compiler null pointer dereferencemedium4.1---
145600Intel Graphics Driver input validation [CVE-2019-11089]low1.5---
145599Intel Core Processor/Xeon Protected Memory Subsystem information disclosurelow1.5---
145598Intel Core Processor/Xeon Protected Memory Subsystem information disclosurelow1.5---
145597Intel Core Processor/Pentium/Celeron/Atom/Xeon privileges managementmedium4.1---
145596Intel Core Processor/Pentium/Celeron/Atom/Xeon Access Control input validationlow1.5---
145595Intel Xeon System Management Mode memory corruption [CVE-2019-0152]medium4.1---
145594Intel Core Processor/Xeon Memory Protection memory corruptionmedium4.1---
145593Intel Ethernet 700 Series Controller Access Control authorizationlow1.5---
145592Intel Ethernet 700 Series Controller i40e Driver input validationlow1.5---
145591Intel Ethernet 700 Series Controller i40e Driver resource consumptionlow1.5---
145590Intel Ethernet 700 Series Controller i40e Driver input validationlow1.5---
145589Intel Ethernet 700 Series Controller i40e Driver resource consumptionlow1.5---
145588Intel Ethernet 700 Series Controller i40e Driver buffer overflowmedium4.1---
145587Intel Ethernet 700 Series Controller exceptional condition [CVE-2019-0144]low1.5---
145586Intel Ethernet 700 Series Controller Kernel-Mode Driver exceptional conditionlow1.5---
145585Intel Ethernet 700 Series Controller Access Control ilp60x64.sys privileges managementmedium4.1---
145584Intel Ethernet 700 Series Controller buffer overflow [CVE-2019-0140]medium5.4---
145583Intel Ethernet 700 Series Controller privileges management [CVE-2019-0139]medium4.1---
145582Intel CPU Memory Protection memory corruption [CVE-2019-0124]medium4.1---
145581Intel SGX Memory Protection memory corruption [CVE-2019-0123]medium4.1---
145580Intel SGX/Xeon Memory Subsystem information disclosure [CVE-2019-0117]low1.5---
145579Cryptocat Message cross site scripting [CVE-2013-4109]low4.3---
145578Cryptocat Remote Code Execution [CVE-2013-4108]high7.5---
145577Cryptocat Conversation Overview Nickname cross site scriptinglow4.3---
145576Netgear WNDR4700 path traversal [CVE-2013-3073]medium7.5---
145575Netgear WNDR4700 Administration Portal improper authenticationmedium6.8---
145574Netgear WNDR4700 Management Web Interface Credentials information disclosurelow5.0---
145573Moodle External Enrollment Plugin Context check externallib.php get_enrolled_users improper validation of integrity check valuemedium6.8--medium
145572Moodle navigationlib.php load_for_user information disclosurelow4.3--medium
145571Moodle Web Services input validation [CVE-2012-1168]medium6.8--medium
145570Moodle Course Information coursetagslib.php information disclosurelow4.3--medium
145569Moodle Form Subscription unsubscribe permission assignmentmedium6.8--medium
145568Moodle lib.php fill_table information disclosurelow4.3--medium
145567Moodle Gradebook grade_export_form.php definition information disclosurelow4.3--medium
145566Moodle Repository access.php default permissionlow4.3--medium
145565Moodle Backup log file [CVE-2012-1156]low4.3--medium
145564Moodle Database Activity Export Permission export.php export information disclosurelow4.3--medium
145563klibc DHCP Reply net-$DEVICE.conf command injectionmedium7.5--high
145562Thunar thunar_transfer_job_copy_node format stringlow4.3--high
145561rsyslog Daemon release of resource [CVE-2011-1490]low1.5--high
145560rsyslog Daemon release of resource [CVE-2011-1489]low1.5--high
145559rsyslog Daemon release of resource [CVE-2011-1488]low1.5--high
145558unixODBC SQLDriverConnect buffer overflowmedium4.4--high
145557tesseract Link link following [CVE-2011-1136]medium3.3---
145556v86d Kernel authorization [CVE-2011-1070]medium4.6---
145555Google Android Bootloader os command injection [CVE-2019-9467]medium6.6---
145554Google Android Broadcom Wi-Fi Driver input validation [CVE-2019-9466]medium6.8---
145553Huawei Product Message out-of-bounds read [CVE-2019-5294]low5.0---
145552Huawei Product Message release of resource [CVE-2019-5293]low4.0---
145551Huawei Honor 10/Honor 8A/Y6 Permission information disclosurelow2.1---
145550ManageOne Gauss100 OLTP Database out-of-bounds read [CVE-2019-5289]medium6.8---
145549Huawei P30 integer overflow [CVE-2019-5288]medium5.1---
145548Huawei P30 integer overflow [CVE-2019-5287]medium5.1---
145547Huawei Smart Phone Bastet Module double free [CVE-2019-5282]medium5.1---
145546Huawei Smart Phone information disclosure [CVE-2019-5279]low2.6---
145545Exhibitor Web UI Config Editor os command injection [CVE-2019-5029]medium7.5---
145543McAfee Advanced Threat Defense privileges management [CVE-2019-3663]medium4.1---
145542McAfee Advanced Threat Defense here path traversalmedium6.0---
145541McAfee Advanced Threat Defense sql injection [CVE-2019-3661]medium6.0---
145540McAfee Advanced Threat Defense privileges management [CVE-2019-3660]medium6.0---
145539McAfee Advanced Threat Defense ePO information disclosure [CVE-2019-3651]low3.5---
145538McAfee Advanced Threat Defense Credentials information disclosurelow3.5---
145537McAfee Advanced Threat Defense Log File Credentials information disclosurelow3.5---
145536McAfee Threat Intelligence Exchange API improper authorizationmedium4.9---
145535McAfee Data Loss Prevention ePO Extension Credentials missing encryptionlow2.6---
145534ZTE ZXHN H108N information disclosure [CVE-2019-3420]medium5.8---
145533Google Android UserSwitcherController.java getCount privileges managementmedium4.4---
145532Google Android Kernel binder.c binder_transaction privileges managementmedium4.1---
145531Google Android binder.c binder_free_transaction use after freemedium4.1---
145530Google Android poisson_distribution information disclosurelow1.5---
145529Google Android TvProvider.java createProjectionMapForQuery sql injectionmedium6.0---
145528Google Android qmi_vs_service.cc load_logging_config buffer overflowmedium4.1---
145527Google Android bta_dm_api.cc BTA_DmPinReply out-of-bounds readlow1.5---
145526Google Android v8 information disclosure [CVE-2019-2208]low4.3---
145525Google Android nfa_hci_act.cc nfa_hci_handle_admin_gate_rsp out-of-bounds writemedium6.6---
145524Google Android NFC rw_i93.cc rw_i93_sm_set_read_only out-of-bounds writemedium6.8---
145523Google Android proxy_resolver_v8.cc SetPacScript use after freemedium6.8---
145522Google Android objects.cc FindSharedFunctionInfo out-of-bounds readmedium6.8---
145521Google Android CryptoPlugin.cpp decrypt out-of-bounds writemedium4.1---
145520Google Android CryptoPlugin.cpp decrypt out-of-bounds writemedium4.1---
145519Google Android jsimd_arm64_neon.S generate_jsimd_ycc_rgb_convert_neon out-of-bounds writemedium4.1---
145518Google Android PackageInstallerService.java createSessionInternal privileges managementmedium4.1---
145517Google Android Download Provider sql injection [CVE-2019-2198]medium4.1---
145516Google Android CachedBluetoothDevice.java processPhonebookAccess insecure default initialization of resourcelow1.5---
145515Google Android Download Provider sql injection [CVE-2019-2196]medium4.1---
145514Google Android sqlite3_android.cpp input validationmedium4.1---
145513Google Android Device Policy Client WelcomeActivity.java privileges managementmedium4.6---
145512Google Android Permission SliceProvider.java input validationmedium4.1---
145511Google Android HidHostService.java okToConnect privileges managementmedium6.8---
145510Pomelo State entryHandler.js injectionmedium7.5---
145509SibSoft Xfilesharing up.cgi unrestricted uploadmedium7.5---
145508SibSoft Xfilesharing path traversal [CVE-2019-18951]medium5.0---
145507Western Digital My Cloud EX2 Ultra Instruction Pointer buffer overflowmedium6.0---
145506Western Digital My Cloud EX2 Ultra libscheddl.so out-of-bounds writemedium6.0---
145505Western Digital My Cloud EX2 Ultra download_mgr.cgi out-of-bounds writemedium6.0---
145504go-camo cross site scripting [CVE-2019-18923]medium6.8---
145503Rise Ultimate Project Manager add_team_member cross-site request forgerylow4.3---
145502Lavalite CMS cross site scripting [CVE-2019-18883]low4.3---
145501ACRN Device Model core.c assertionlow5.0---
145500FUDForum Stored cross site scripting [CVE-2019-18839]low3.5---
145499crun Image linux.c link followingmedium7.5---
145498Parallels Plesk Panel index.htm cross site scriptinglow4.3---
145497GNU FriBidi fribidi-bidi.c fribidi_get_par_embedding_levels_ex buffer overflowmedium6.8---
145496Phoenix SCT WinFlash Driver privileges management [CVE-2019-18279]medium6.8---
145495Fuji Electric V-Server heap-based overflow [CVE-2019-18240]medium6.8---
145494Blog2Social Plugin post.calendar.php Reflected cross site scriptinglow4.3---
145493Technicolor TC7300 wlanAccess.asp cross site scriptinglow3.5---
145492Technicolor TC7300 FTPDiag.asp cross site scriptinglow3.5---
145491CleanTalk cleantalk-spam-protect Plugin cleantalk-users.php Reflected cross site scriptinglow4.3---
145490Enghouse Web Chat Remote File Inclusion information disclosuremedium7.5---
145489Enghouse Web Chat cross site scripting [CVE-2019-16950]low4.3---
145488Enghouse Web Chat Chat Log input validation [CVE-2019-16949]medium6.5---
145487Enghouse Web Chat server-side request forgery [CVE-2019-16948]medium7.5---
145486Texas Instruments CC256x/WL18xx Bluetooth Low Energy buffer overflowmedium5.4---
145485Mitsubishi Electric MELSEC-Q/MELSEC-L FTP Service resource consumptionlow4.3---
145484SAP BusinessObjects Business Intelligence Platform XML Data input validationmedium6.5---
145483SAP Quality Management sql injection [CVE-2019-0393]medium6.0---
145482SAP NetWeaver AS JAVA information disclosure [CVE-2019-0391]medium6.5---
145481SAP Data Hub Connection Manager information disclosure [CVE-2019-0390]medium6.5---
145480SAP NetWeaver Application Server privileges management [CVE-2019-0389]medium6.5---
145479SAP UI5 HTTP Handler authentication spoofing [CVE-2019-0388]low5.0---
145478SAP ERP Sales/S4HANA Sales/S4CORE Order Proessing authorizationmedium6.0---
145477SAP Enable Now cross site scripting [CVE-2019-0385]low3.5---
145476SP Business Intelligence Platform cross site scripting [CVE-2019-0382]low3.5---
145475vdsm/vdsclient Hostname Validator certificate validation [CVE-2014-8167]medium5.1---
145474JBoss KeyCloak Soft Token cross-site request forgery [CVE-2014-3655]low4.3---
145473openshift Team Name Stored cross site scriptinglow4.3---
145472ProJoom Smart Flash Header upload.php unrestricted uploadmedium6.5---
145471Netgear WNR3500U/WNR3500L SMB Service path traversal [CVE-2013-4657]medium7.5---
145470Asus RT-AC66U/RT-N56U SMB Service path traversal [CVE-2013-4656]medium7.5---
145469Belkin N900 SMB Service link following [CVE-2013-4655]medium7.5---
145468TP-LINK TL-WDR4300/TL-1043ND path traversal [CVE-2013-4654]medium7.5---
145467Zen Theme template.php zen_breadcrumb cross site scriptinglow3.5---
145466Netgear WNR3500U/WNR3500L cross site scripting [CVE-2013-3517]low3.5---
145465Netgear WNR3500U/WNR3500L CSRF Token cross-site request forgerylow4.3---
145464TRENDnet TEW-691GR/TEW-692GR Telnet Service improper authenticationmedium7.5---
145463TRENDnet TEW-812DRU Telnet Service broadcom.c cross-site request forgerymedium6.8---
145462Verizon FIOS Actiontec MI424WR-GEN3I cross site scripting [CVE-2013-3097]low4.3---
145461Bitweaver index.php cross site scriptinglow4.3---
145460LetoDMS cross-site request forgery [CVE-2012-4385]low4.3---
145459LetoDMS Login Page/Document Owner/Calendar Stored cross site scriptinglow4.3---
145458Ckeditor Module hook_file_download information disclosurelow5.0---
145456phpBB BB Tag cross site scripting [CVE-2011-0544]low4.3---
145455Trac Workflow Permission default permission [CVE-2010-5108]medium7.5---
145454Pithos link following [CVE-2010-4817]medium4.6---
145453ConsoleKit Security Policy privileges management [CVE-2010-4664]medium6.0--high
145452udisks Kernel Module Loader unrestricted upload [CVE-2010-4661]medium4.1--high
145451PHP libxml2 release of resource [CVE-2010-4657]low4.3---
145450Poppler Command injection [CVE-2010-4654]medium6.8--critical
145449Poppler Font integer overflow [CVE-2010-4653]medium7.5--critical
145448Offlineimap SSL certificate validation [CVE-2010-4533]low2.6---
145447Offlineimap SSL Certificate Validator certificate validationlow2.6---
145446McAfee Total Protection Microsoft Windows Client privileges managementmedium4.1---
145445Lenovo ThinkPad BIOS Tamper Detection authorization [CVE-2019-6188]medium7.5---
145444Lenovo ThinkPad SMI Callback input validation [CVE-2019-6172]medium7.5---
145443Lenovo ThinkPad SMM input validation [CVE-2019-6170]medium6.8---
145442NVIDIA GeForce Experience/Windows GPU Display Driver Local Service Provider untrusted search pathmedium4.1---
145441Huawei Smartphone insufficient verification of data authenticitylow4.6---
145440Huawei Smartphone improper authentication [CVE-2019-5233]medium6.8---
145439Huawei P30 authorization [CVE-2019-5231]medium4.6---
145438Huawei P20 Pro/P20/Mate RS input validation [CVE-2019-5230]medium6.8---
145437Huawei P30 insufficient verification of data authenticity [CVE-2019-5229]low4.6---
145436Huawei P30/P30 Pro/V20 Detection Module race condition [CVE-2019-5228]medium6.8---
145435Huawei Honor Play improper authentication [CVE-2019-5213]medium4.4---
145434IBM Spectrum Protect Plus default permission [CVE-2019-4652]medium4.1---
145433Systematic IRIS Standards Management Reflected cross site scriptinglow4.3---
145432Systematic IRIS WebForms improper authentication [CVE-2019-18925]medium7.5---
145431Systematic IRIS WebForms path traversal [CVE-2019-18924]medium7.5---
145430json-jwt Gem JWE String input validation [CVE-2019-18848]medium5.0---
145429File Sharing Wizard Structured Exception out-of-bounds writemedium6.8---
145428Hitachi Command Suite resource consumption [CVE-2019-17360]low5.0---
145427TIBCO EBX Digital Asset Manager Web Interface Stored cross site scritinglow3.5---
145426TIBCO EBX Data Exchange Web Interface Stored cross site scritinglow3.5---
145425TIBCO EBX Web Server Reflected cross site scritinglow3.5---
145424igniteup Plugin class-coming-soon-creator.php cross-site request forgerylow4.3---
145423igniteup Plugin class-coming-soon-creator.php Stored cross site scriptinglow4.3---
145422igniteup Plugin class-coming-soon-creator.php information disclosurelow5.0---
145421igniteup Plugin class-coming-soon-creator.php input validationmedium6.4---
145419ZyXEL P-1302-T10D v3 Access Control authorization [CVE-2019-15815]medium6.5---
145418Microsoft Office Excel input validation [CVE-2019-1457]medium6.8---
145417Slack-Chat Slack Access Token information disclosure [CVE-2019-14367]low5.0---
145416WP SlackSync Plugin Slack Access Token information disclosurelow5.0---
145415Intercom Plugin Slack Access Token information disclosure [CVE-2019-14365]low5.0---
145414AUO SunVeillance Monitoring System mvc_send_mail.aspx sql injectionmedium6.8---
145413AUO SunVeillance Monitoring System Access Control Picture_Manage_mvc.aspx unrestricted uploadmedium7.5---
145412Microsoft Windows Hyper-V Network Switch input validation [CVE-2019-0719]medium6.0---
145411Hitachi Command Suite information disclosure [CVE-2018-21026]low4.3---
145410Huawei Smart Phone null pointer dereference [CVE-2017-17224]low3.3---
145409OpenStack Keystone resource consumption [CVE-2012-1572]low5.0--medium
145408mwlib exceptional condition [CVE-2012-1109]low5.0---
145407atop Temp File link following [CVE-2011-3618]medium4.6---
145406Google Chrome WebKit CSSSelector double freemedium6.8---
145405Google Chrome WebKit use after free [CVE-2011-2334]medium6.8---
145404Google Chrome WebKit SVGSMILElement.h double freemedium4.3---
145403Google Chrome WebKit null pointer dereference [CVE-2011-1802]medium6.8---
145402Microsoft Windows OpenType Font Parser memory corruption [CVE-2019-1456]medium6.8---
145401Microsoft Office ClickToRun Security Feature privileges managementmedium6.8---
145400Microsoft Office Excel memory corruption [CVE-2019-1448]medium6.8---
145399Microsoft Office Online Server input validation [CVE-2019-1447]medium6.8---
145398Microsoft Office Excel information disclosure [CVE-2019-1446]low4.3---
145397Microsoft Office Online Server input validation [CVE-2019-1445]medium6.8---
145396Microsoft SharePoint Server Upload unrestricted upload [CVE-2019-1443]low4.0---
145395Microsoft SharePoint Server Security Feature privileges managementmedium6.8---
145394Microsoft Windows Win32k information disclosure [CVE-2019-1440]low3.5---
145393Microsoft Windows GDI information disclosure [CVE-2019-1439]low4.3---
145392Microsoft Windows Graphics Component privileges management [CVE-2019-1438]medium4.1---
145391Microsoft Windows Graphics Component privileges management [CVE-2019-1437]medium4.1---
145390Microsoft Windows Win32k information disclosure [CVE-2019-1436]low3.5---
145389Microsoft Windows Graphics Component privileges management [CVE-2019-1435]medium4.1---
145388Microsoft Windows Win32k privileges management [CVE-2019-1434]medium8.5---
145387Microsoft Windows Graphics Component privileges management [CVE-2019-1433]medium4.1---
145386Microsoft Windows DirectWrite information disclosure [CVE-2019-1432]low4.3---
145385Microsoft Visual Studio Archive privileges management [CVE-2019-1425]medium6.8---
145384Microsoft Windows NetLogon Security Feature input validationmedium5.1---
145383Microsoft Windows StartTileData.dll privileges management [CVE-2019-1423]medium4.1---
145382Microsoft Windows iphlpsvc.dll privileges management [CVE-2019-1422]medium6.0---
145381Microsoft Windows dssvc.dll privileges management [CVE-2019-1420]medium4.1---
145380Microsoft Windows Modules Installer Service information disclosurelow3.5---
145379Microsoft Windows Data Sharing Service privileges managementmedium6.0---
145378Microsoft Windows Subsystem for Linux race condition [CVE-2019-1416]medium4.1---
145377Microsoft Windows Installer privileges management [CVE-2019-1415]medium6.0---
145376Microsoft Edge Security Feature input validation [CVE-2019-1413]medium6.8---
145375Microsoft Windows OpenType Font Driver ATMFD.dll information disclosurelow3.5---
145374Microsoft Windows DirectWrite information disclosure [CVE-2019-1411]low3.5---
145373Microsoft Windows Remote Procedure Call information disclosurelow3.5---
145372Microsoft Windows Win32k privileges management [CVE-2019-1408]medium8.5---
145371Microsoft Windows Graphics Component privileges management [CVE-2019-1407]medium4.1---
145370Microsoft Windows JET Database Engine memory corruption [CVE-2019-1406]medium6.8---
145369Microsoft Windows UPnP Service privileges management [CVE-2019-1405]medium6.0---
145368Microsoft Office information disclosure [CVE-2019-1402]low3.5---
145367Microsoft Windows Hyper-V input validation [CVE-2019-1399]low5.2---
145366Microsoft Windows Win32k privileges management [CVE-2019-1396]medium8.5---
145365Microsoft Windows Win32k privileges management [CVE-2019-1395]medium8.5---
145364Microsoft Windows Win32k privileges management [CVE-2019-1394]medium8.5---
145363Microsoft Windows Win32k privileges management [CVE-2019-1393]medium8.5---
145362Microsoft Windows Kernel privileges management [CVE-2019-1392]medium8.5---
145361Microsoft Windows input validation [CVE-2019-1391]medium6.3---
145360Microsoft Windows Certificate Dialog privileges management [CVE-2019-1388]medium6.0---
145359Microsoft Windows AppX Deployment Extension privileges managementmedium8.5---
145358Microsoft Windows Netlogon input validation [CVE-2019-1384]low2.1---
145357Microsoft Windows Data Sharing Service privileges managementmedium6.0---
145356Microsoft Windows ActiveX Installer Service privileges managementmedium6.0---
145355Microsoft Windows Servicing Stack information disclosure [CVE-2019-1381]low3.5---
145354Microsoft Windows splwow64.exe privileges managementmedium4.1---
145353Microsoft Windows Data Sharing Service privileges managementmedium6.0---
145352Microsoft Windows Error Reporting information disclosure [CVE-2019-1374]low3.5---
145351Microsoft Open Enclave SDK information disclosure [CVE-2019-1370]low1.0---
145350Microsoft Windows TCP/IP Stack information disclosure [CVE-2019-1324]low4.3---
145349Microsoft Windows Hyper-V Network Switch input validation [CVE-2019-1310]medium6.3---
145348Microsoft Windows Hyper-V Network Switch input validation [CVE-2019-1309]medium6.3---
145347Microsoft Azure Stack User Portal authentication spoofing [CVE-2019-1234]medium7.5---
145346Microsoft Windows Kernel information disclosure [CVE-2019-11135]low3.5---
145345Microsoft Windows Hyper-V input validation [CVE-2019-0712]medium6.3---
145344Microsoft Windows input validation [CVE-2018-12207]medium6.3---
145343Microsoft Exchange Server Metadata deserialization [CVE-2019-1373]medium6.8---
145342Microsoft Windows Win32k Graphics memory corruption [CVE-2019-1441]medium6.8---
145341Microsoft Windows Media Foundation memory corruption [CVE-2019-1430]medium6.8---
145340Microsoft Windows OpenType Font Parser memory corruption [CVE-2019-1419]medium6.8---
145339Microsoft Internet Explorer Scripting Engine memory corruptionmedium6.8---
145338Microsoft Edge/ChakraCore Scripting Engine memory corruptionmedium6.8---
145337Microsoft Edge/ChakraCore Scripting Engine memory corruptionmedium6.8---
145336Microsoft Edge/ChakraCore Scripting Engine memory corruptionmedium6.8---
145335Microsoft Internet Explorer VBScript memory corruption [CVE-2019-1390]medium6.8---
145334Microsoft Windows Hyper-V input validation [CVE-2019-1398]medium7.0---
145333Microsoft Windows Hyper-V input validation [CVE-2019-1397]medium7.0---
145332Microsoft Windows Hyper-V input validation [CVE-2019-1389]medium7.0---
145331Microsoft Windows Hyper-V Switch input validation [CVE-2019-0721]medium7.9---
145330MySQL-GUI-tools Process Password cleartext transmissionlow3.5---
145329JBoss BRMS cross site scripting [CVE-2010-3857]low4.3---
145328Ettercap ec_gtk_conf.c sscanf buffer overflowmedium4.1--medium
145327babiloo Dictionary File code download [CVE-2010-3440]medium3.0---
145326alien-arena Download input validation [CVE-2010-3439]low4.0---
145325libpoe-component-irc-perl Line Feed format string [CVE-2010-3438]medium7.5---
145324gargoyle-free libgarglk.so input validationmedium4.1---
145323Pixelpost cross-site request forgery [CVE-2010-3305]low4.3---
145322Ruby on Rails Padding missing encryption [CVE-2010-3299]medium6.8---
145321Mailscanner Configuration missing encryption [CVE-2010-3292]medium4.4---
145320Mailscanner Incomplete Fix link following [CVE-2010-3095]low3.0---
145319ZNC Connection null pointer dereference [CVE-2010-2488]low5.0---
145318Istio infinite loop [CVE-2019-18817]low4.3---
145317Helm Chart link following [CVE-2019-18658]medium7.5---
145316Mitel MiCollab/MiVoice Business Express Web Conference Chat authorizationmedium7.5---
145315Python Twisted HTTP Client certificate validation [CVE-2014-7143]medium5.0---
145314HornetQ REST XML Data xml external entity reference [CVE-2014-3599]medium6.8---
145313Pacemaker Temp File link following [CVE-2011-5271]medium4.4---
145312statusnet cross site scripting [CVE-2011-3370]low4.3---
145311Elgg sql injection [CVE-2011-2936]medium6.8---
145310Elgg cross site scripting [CVE-2011-2935]low4.3---
145309gdk-pixbuf GIF input validation [CVE-2011-2897]medium6.8--medium
145308WSO2 IS as Key Manager Content-Type download-userinfo.jag Stored cross site scriptinglow4.3---
145307WSO2 IS as a Key Manager Dashboard Reflected cross site scriptinglow4.3---
145306python-psutil refcount double free [CVE-2019-18874]medium6.8---
145305FUDForum admsession.php Stored cross site scriptinglow3.5---
145304GNU Mailutils maidag privileges management [CVE-2019-18862]medium6.6---
145303darylldoyle svg-sanitizer Attribute input validation [CVE-2019-18857]low4.3---
145302SVG Sanitizer Module input validation [CVE-2019-18856]low5.0---
145301safe-svg input validation [CVE-2019-18855]low5.0---
145300safe-svg recursion [CVE-2019-18854]low5.0---
145299ImageMagick SVG svg.c input validationlow4.3---
145298D-Link DIR-890L A1 Telnet Service image_sign hard-coded credentialsmedium6.8---
145297tnef Attachment authorized_keys out-of-bounds readmedium6.8---
145296Chartkick Gem Prototype input validation [CVE-2019-18841]medium7.5---
145295Envoy continue_on_listener_filters_timeout infinite looplow5.0---
145294Patriot Viper RGB Driver MsIo64.sys ZwMapViewOfSection privileges managementmedium6.6---
145293wolfSSL ASN.1 Certificate asn.c out-of-bounds writemedium6.8---
145292NVIDIA GeForce Experience GameStream untrusted search path [CVE-2019-5701]medium4.1---
145291NVIDIA Virtual GPU Manager vGPU Plugin input validation [CVE-2019-5698]low2.1---
145290NVIDIA Virtual GPU Manager Guest Access authorization [CVE-2019-5697]medium4.6---
145289NVIDIA Virtual GPU Manager Guest VM out-of-bounds read [CVE-2019-5696]medium4.4---
145288NVIDIA Windows GPU Display Driver DLL Loader untrusted search pathmedium4.1---
145287NVIDIA Windows GPU Display Driver Kernel Mode Layer nvlddmkm.sys uninitialized pointerlow2.1---
145286NVIDIA Windows GPU Display Driver Kernel Mode Layer nvlddmkm.sys DxgkDdiEscape input validationmedium4.4---
145285NVIDIA Windows GPU Display Driver Kernel Mode Layer nvlddmkm.sys DxgkDdiEscape null pointer dereferencemedium4.4---
145284NVIDIA Windows GPU Display Driver Kernel Mode Layer nvlddmkm.sys DxgkDdiEscape input validationmedium4.4---
145283NVIDIA GeForce Experience Downloader input validation [CVE-2019-5689]medium4.1---
145282IBM Cognos Analytics Web UI cross site scripting [CVE-2019-4645]low4.3---
145281IBM QRadar Web UI cross site scripting [CVE-2019-4581]low4.3---
145280IBM QRadar Advisor Blacklist input validation [CVE-2019-4556]medium6.5---
145279IBM QRadar authorization [CVE-2019-4509]low3.5---
145278IBM QRadar Web UI cross site scripting [CVE-2019-4470]low3.5---
145277IBM QRadar Web UI cross site scripting [CVE-2019-4454]low3.5---
145276IBM i Web UI cross site scripting [CVE-2019-4450]low4.3---
145275IBM Cognos Controller URL information disclosure [CVE-2019-4412]low4.3---
145274IBM Cognos Controller Session Identifier information disclosurelow3.5---
145273IBM Cognos Analytics information disclosure [CVE-2019-4334]low3.5---
145272openstack-mistral Log File information disclosure [CVE-2019-3866]low1.9---
145271ZTE ZXUPN-9000E input validation [CVE-2019-3426]medium7.5---
145270ZTE ZXUPN-9000E Change Password default permission [CVE-2019-3425]medium7.5---
145269EnergyCAP Public Dashboard privileges management [CVE-2019-18623]low4.3---
145268codepress-admin-columns Plugin CSV injection [CVE-2019-17661]medium6.5---
145267JEUS Administration Web Page path traversal [CVE-2019-17327]medium6.0---
145266Brocade SANnav Log Password log filelow1.2---
145265Brocade SANnav SSL ReportsTrustManager certificate validationlow2.6---
145264Brocade SANnav PBE risky encryption [CVE-2019-16208]medium5.1---
145263Brocade SANnav Back-End Database hard-coded credentials [CVE-2019-16207]medium4.1---
145262Brocade SANnav Authentication Mechanism log file [CVE-2019-16206]low1.5---
145261Brocade SANnav Session ID Random random valueslow2.6---
145260Syndesis unknown vulnerability [CVE-2019-14860]medium6.8---
145259389-ds-base deref Plugin Password use after freelow3.5---
145258Tasy EMR WebPortal information disclosure [CVE-2019-13557]low5.0---
145257Medtronic Valleylab Exchange Client hard-coded credentials [CVE-2019-13543]medium6.8---
145256Medtronic Valleylab Exchange Client Password Hashing input validationlow1.5---
145255Medtronic Valleylab LS10 Energy Platform RFID protection mechanismlow1.5---
145254Medtronic Valleylab LS10 Energy Platform RFID improper authenticationmedium4.4---
145253Apache Arrow Parquet null pointer dereference [CVE-2019-12410]medium5.0---
145252Apache Arrow Array null pointer dereference [CVE-2019-12408]medium5.0---
145251Ceph RGW Client Beast Front End resource consumption [CVE-2019-10222]low4.3---
145250Hibernate-Validator SafeHtml Validator cross site scripting [CVE-2019-10219]low4.3---
145249IBM Cognos Analytics Web Server xml injection [CVE-2018-1721]medium6.5---
145248mod_ruid2 Descriptor input validation [CVE-2013-1889]medium7.5---
145247tuned ktune Service input validation [CVE-2013-1820]low1.5---
145246qpid-cpp Message input validation [CVE-2009-5004]low4.0---
145245dtc-xen race condition [CVE-2009-4011]medium6.8---
145244liboping input validation [CVE-2009-3614]low2.1---
145243Red Hat Enterprise Virtualization Manager SSL Certificate Verification Service certificate validationmedium4.3---
145242MantisBT Attachment cross site scripting [CVE-2009-2802]low4.3---
145241alsa-utils alsa-info link followinglow4.1---
145240Troubleshooting/Support Tools Plugin Log Scan authorization [CVE-2019-15005]low4.0---
145239HP Inkjet Printer Print File assertion [CVE-2019-6337]low1.9---
145238Dell EMC iDRAC8/iDRAC9 Password improper authorization [CVE-2019-3764]low3.5---
145237Rob Richards XmlSecLibs Signature input validation [CVE-2019-3465]medium6.5---
145236ZTE MF910S One Click Update Tool Password information disclosurelow1.9---
145235Matrix Synapse Signature send_join signature verificationmedium7.5---
145234Eximious Logo Designer User Mode BuildGradientColorsTable+0x0000000000000053 out-of-bounds writemedium4.4---
145233Eximious Logo Designer out-of-bounds write [CVE-2019-18820]medium4.4---
145232Eximious Logo Designer User Mode out-of-bounds write [CVE-2019-18819]medium4.4---
145231strapi Password Reset Auth.js password recoveryhigh5.0---
145230PopojiCMS Stored cross site scripting [CVE-2019-18816]low4.3---
145229PopojiCMS redirect [CVE-2019-18815]medium6.8---
145228Linux Kernel audit.c aa_label_parse use after freemedium6.8---
145227Linux Kernel dwc3-pci.c dwc3_pci_probe resource consumptionlow5.0---
145226Linux Kernel debug.c sof_dfsentry_write resource consumptionlow5.0---
145225Linux Kernel ipc.c sof_set_get_large_ctrl_data resource consumptionlow5.0---
145224Linux Kernel komeda_wb_connector.c komeda_wb_connector_add resource consumptionlow5.0---
145223Linux Kernel af9005.c af9005_identify_state resource consumptionlow5.0---
145222Linux Kernel ccp-ops.c ccp_run_sha_cmd resource consumptionlow5.0---
145221Linux Kernel sja1105_spi.c sja1105_static_config_upload resource consumptionlow5.0---
145220Linux Kernel qla3xxx.c ql_alloc_large_buffers resource consumptionlow1.5---
145219Linux Kernel sysctl_net_ipv4.c tcp_ack_update_rtt integer overflowmedium6.8---
145218DjVuLibre IW44EncodeCodec.cpp filter_fv null pointer dereferencelow5.0---
145217eyecomms eyeCMS Assignment authorization [CVE-2019-17605]medium6.5---
145216eyecomms eyeCMS input validation [CVE-2019-17604]medium6.5---
145215Intelbras WRN 150 WAN Configuration Screen Stored cross site scriptinglow4.3---
145214Portainer cross site scripting [CVE-2019-16878]low3.5---
145213Portainer Access Control permission assignment [CVE-2019-16877]medium6.5---
145212Directory Portainer path traversal [CVE-2019-16876]medium7.5---
145211Portainer Access Control permission assignment [CVE-2019-16874]medium6.5---
145210Portainer cross site scripting [CVE-2019-16873]low3.5---
145209Portainer Access Control permission assignment [CVE-2019-16872]medium6.5---
145208PHPOffice PhpSpreadsheet XML Data std_table.php xml external entity referencemedium6.8---
145207HPE Nimble Storage System Multi Array Group privileges managementmedium6.8---
145206GNUBOARD5 board_form_update.php cross site scriptinglow4.3---
145205MantisBT Access Control input validation [CVE-2013-1811]medium6.5--high
145204Gambas link following [CVE-2013-1809]medium7.5---
145203Monkeyd Log File master.log log filelow5.0---
145202Twiki input validation [CVE-2013-1751]medium6.8--medium
145201lintian link following [CVE-2013-1429]low4.3---
145200Mahara TinyMCE Editor wysiwyg.php cross site scriptinglow4.3---
145199ldap-git-backup Directory Permission Password default permissionlow2.1---
145198Tahoe-LAFS input validation [CVE-2012-0051]low4.3---
145197OpenTTD Join resource consumption [CVE-2012-0049]low5.0--medium
145196Google Chrome WebKit Timer.cpp exceptional conditionmedium4.3---
145195Google Chrome WebKit replaceDocument use after freemedium6.8---
145194Google Chrome Blink type conversion [CVE-2011-2337]high7.5---
145193Google Chrome Blink AnimationControllerPrivate exceptional conditionmedium4.3---
145192syscp input validation [CVE-2010-2476]medium7.5---
145191Drupal Session Lockout input validation [CVE-2010-2473]medium6.0---
145190Drupal Locale Module/Dependent Contributed Module cross site scriptinglow3.5---
145189Shibboleth SP Private Key keygen.sh information disclosurelow1.5---
145188Gource Log File gource-$UID.tmp input validationmedium4.1---
145187gitolite Path Name Filter input validation [CVE-2010-2447]high7.5---
145186Drupal Site Installation cross site scripting [CVE-2010-2250]low4.3---
145185Linux Kernel clocksource.c input validationmedium7.8---
145184gri Temp File exposure of resource [CVE-2008-7291]medium7.5---
145183FireGPG cleartext storage [CVE-2008-7272]low2.6---
145182JON information disclosure [CVE-2008-5083]low4.0---
145181frysk f insecure default initialization of resourcemedium4.1---
145180ClamAV ScanOLE2 Floating Point Remote Code Executionhigh7.5---
145179ViewVC Access Control permission assignment [CVE-2007-5743]medium6.8---
145178Mondo Temp File exposure of resource [CVE-2007-3915]medium6.4---
145177Linux Kernel iret_exc denial of servicelow1.9---
145176Xorux lpar2rrd/stor2rrd os command injection [CVE-2019-19041]medium6.0---
145175WebKit putToPrimitive Universal cross site scritinglow4.3---
145174Atlassian Jira Service Desk Server Customer Context Filter path traversalmedium6.0---
145173Atlassian Jira Service Desk Server Customer Context Filter authorizationlow3.5---
145172NiceHash Miner Error Message information disclosure [CVE-2019-6122]low4.3---
145171NiceHash Miner Authorization authorization [CVE-2019-6121]low4.3---
145170NiceHash Miner Wallet input validation [CVE-2019-6120]low5.0---
145169Computing For Good's Basic Laboratory Information System Access Control privileges managementmedium6.8---
145168Computing For Good's Basic Laboratory Information System Access Control User improper authenticationlow4.3---
145167Rapid7 Metasploit Pro Web Interface permission assignment [CVE-2019-5642]low1.9---
145166Computing For Good's Basic Laboratory Information System Access Control password recoverymedium6.8---
145165LEADTOOLS JPEG2000 Parser out-of-bounds write [CVE-2019-5125]medium6.8---
145164LEADTOOLS Header Parsing integer overflow [CVE-2019-5100]medium6.8---
145163LEADTOOLS CMP Parser integer overflow [CVE-2019-5099]medium6.8---
145162LEADTOOLS TIF Parser out-of-bounds write [CVE-2019-5084]medium6.8---
145161Qualcomm Snapdragon Auto memory corruption [CVE-2019-2332]medium6.8---
145160Qualcomm Snapdragon Auto integer overflow [CVE-2019-2331]medium6.8---
145159Qualcomm Snapdragon Auto ADSP array index [CVE-2019-2325]medium6.8---
145158Qualcomm Snapdragon Auto ADSP memory corruption [CVE-2019-2324]medium6.8---
145157Qualcomm Snapdragon Auto Crypto Engine use of uninitialized resourcehigh10.0---
145156Qualcomm Snapdragon Auto Vendor Command integer overflow [CVE-2019-2302]medium6.8---
145155Qualcomm Snapdragon Auto out-of-bounds write [CVE-2019-2285]medium6.8---
145154Qualcomm Snapdragon Auto memory corruption [CVE-2019-2283]medium6.8---
145153Qualcomm Snapdragon Auto Key Blob input validation [CVE-2019-2275]medium4.4---
145152Qualcomm Snapdragon Auto Array Index array index [CVE-2019-2258]medium6.8---
145151Qualcomm Snapdragon Auto Kernel out-of-bounds read [CVE-2019-2249]medium10.0---
145150Qualcomm Snapdragon Auto Thread memory corruption [CVE-2019-2246]medium4.4---
145149Viber input validation [CVE-2019-18800]low2.6---
145148LibSass parser_selectors.cpp parseCompoundSelector null pointer dereferencelow4.3---
145147LibSass ast_sel_weave.cpp weaveParents out-of-bounds readmedium6.8---
145146LibSass eval.cpp Binary_Expression*) recursionlow4.3---
145145Zoho ManageEngine ADSelfService Plus User Profile Page cross-site request forgerylow4.3---
145144Samsung Galaxy S8 Plus/Galaxy S3/Galaxy Note 2/Exynos 4412 Bluetooth information disclosurelow1.9---
145143Samsung Galaxy S8 Plus/Galaxy S3/Galaxy Note 2/Exynos 4412 Bluetooth injectionlow1.9---
145142Quest KACE Systems Management Appliance Server Center ticket_associated_tickets.php cross site scriptinglow3.5---
145141Quest KACE Systems Management Appliance Server Center cross site scriptinglow3.5---
145140Quest KACE Systems Management Appliance Server Center history_log.php sql injectionmedium6.0---
145139Quest KACE Systems Management Appliance Server Center user_profile.php sql injectionmedium6.0---
145138Quest KACE Systems Management Appliance Server Center sam_detail_titled.php cross site scriptinglow4.3---
145137Quest KACE Systems Management Appliance Server Center ticket_list.php sql injectionmedium6.0---
145136Quest KACE Systems Management Appliance Server Center software_library.php sql injectionmedium6.8---
145135Quest KACE Systems Management Appliance Server Center software_library.php Reflected cross site scriptinglow4.3---
145134Apache CXF Access Token Service improper authentication [CVE-2019-12419]low2.6---
145133Apache CXF Attachment resource consumption [CVE-2019-12406]low4.3---
145132Qualcomm Snapdragon Auto Sensor Power double free [CVE-2019-10565]medium6.8---
145131Qualcomm Snapdragon Auto Header out-of-bounds read [CVE-2019-10542]medium6.8---
145130Qualcomm Snapdragon Auto FLV Clip memory corruption [CVE-2019-10541]high10.0---
145129Qualcomm Snapdragon Auto Super Index Entry null pointer dereferencelow5.0---
145128Qualcomm Snapdragon Auto Array Index array index [CVE-2019-10533]medium6.8---
145127Qualcomm Snapdragon Auto buffer overflow [CVE-2019-10531]medium6.8---
145126Qualcomm Snapdragon Auto Entry Page set_page_dirty race conditionmedium6.8---
145125Qualcomm Snapdragon Auto mdlog Session use after free [CVE-2019-10528]medium6.8---
145124Qualcomm Snapdragon Auto clk Driver use after free [CVE-2019-10524]medium4.4---
145123Qualcomm Snapdragon Auto buffer overflow [CVE-2019-10522]medium6.8---
145122Qualcomm Snapdragon Auto DCI Client use after free [CVE-2019-10515]medium4.9---
145121Qualcomm Snapdragon Auto Audio array index [CVE-2019-10512]medium4.4---
145120Qualcomm Snapdragon Auto IE Measurement out-of-bounds read [CVE-2019-10505]medium6.8---
145119Qualcomm Snapdragon Auto EXT Response resource consumption [CVE-2019-10504]low5.0---
145118Qualcomm Snapdragon Compute Camera Module buffer overflow [CVE-2019-10502]medium4.4---
145117Qualcomm Snapdragon Auto Data Structure buffer overflow [CVE-2019-10496]medium4.4---
145116Qualcomm Snapdragon Auto HEVC Encoding/AVC Encoding input validationmedium4.4---
145115Qualcomm Snapdragon Auto ADSP buffer overflow [CVE-2019-10491]medium4.6---
145114Qualcomm Snapdragon Auto Chunk Parser null pointer dereferencelow5.0---
145113MailPoet Newsletters Plugin Spam privileges management [CVE-2018-20853]medium7.5---
145111Progress Sitefinity CMS cross site scripting [CVE-2017-18639]low4.3---
145110Aruba ClearPass Policy Manager Credentials insufficiently protected credentialslow5.0---
145109Pagure Attachment Endpoint cross site scripting [CVE-2016-1000037]low4.3--high
145108Technicolor C2000T/C2100T hard-coded credentials [CVE-2015-7276]low2.6--medium
145107WP Marketplace Plugin cart.php ajaxinit path traversallow4.0---
145106WP Marketplace Plugin cart.php ajaxinit input validationmedium6.5---
145105Red Hat Enterprise Linux Kernel initialization [CVE-2014-8181]low3.5---
145104Linux Kernel compat.c restart_syscall out-of-bounds read [Disputed]medium5.1---
145103TYPO3 Access Control ExtDirect input validationlow4.0---
145102TYPO3 RemoveXSS cross site scriptinglow4.3---
145101TYPO3 Webserver input validation [CVE-2011-4902]low5.5---
145100TYPO3 Database information disclosure [CVE-2011-4901]low4.0---
145099TYPO3 Backend information disclosure [CVE-2011-4900]low4.0---
145098TYPO3 tcemain Flash Message cross site scripting [CVE-2011-4632]low3.5---
145097TYPO3 System Extension Recycler cross site scripting [CVE-2011-4631]low3.5---
145096TYPO3 browse_links Wizard cross site scripting [CVE-2011-4630]low3.5---
145095TYPO3 Admin Panel cross site scripting [CVE-2011-4629]low3.5---
145094TYPO3 Backend improper authentication [CVE-2011-4628]medium7.5---
145093TYPO3 Backend information disclosure [CVE-2011-4627]low4.0---
145092TYPO3 typolink cross site scriptinglow4.3---
145091SimpleSAMLphp XML Encryption exceptional condition [CVE-2011-4625]medium7.5---
145090Google Chrome WebKit input validation [CVE-2011-2808]medium4.3---
145089Google Chrome WebKit fillRect integer overflowmedium6.8---
145088MySQL-GUI-tools Text Console Password insufficiently protected credentialslow2.1---
145087Drupal redirect [CVE-2010-2471]medium6.8---
145086Rbot Reaction Plugin input validation [CVE-2010-2446]medium7.5---
145085makepasswd insecure default initialization of resource [CVE-2010-2247]low2.6---
145084Konversation input validation [CVE-2009-5050]low5.0---
145083Jetty WebApp JSP Snoop Page cross site scripting [CVE-2009-5049]low4.3---
145082Jetty Cookie Dump Servlet Stored cross site scriptinglow4.3---
145081Jetty JSP Dump Servlet/Session Dump Servlet cross site scriptinglow4.3---
145080Jetty Dump Servlet information disclosure [CVE-2009-5045]low5.0---
145079Samba AD DC LDAP Server null pointer dereference [CVE-2019-14847]low4.0---
145078Samba Password Complexity weak password [CVE-2019-14833]low5.1---
145077Samba Client path traversal [CVE-2019-10218]medium6.0---
145076Magento Xpath xml injection [CVE-2019-8158]medium7.5---
145075Magento Download Link Stored cross site scriptinglow3.5---
145074Magento Configuration server-side request forgery [CVE-2019-8156]medium6.5---
145073Magento Product Stored cross site scriptinglow3.5---
145072Magento Design Configuration Stored cross site scriptinglow3.5---
145071Linux Kernel rcar_drif.c rcar_drif_g_fmt_sdr_cap Memory information disclosurelow2.1---
145070SuiteCRM sql injection [CVE-2019-18784]medium6.8---
145069Joomla CMS Access Check Path authorizationlow5.0---
145068Joomla CMS com_template cross-site request forgery [CVE-2019-18650]low4.3---
145066ClamAV fsg.c out-of-bounds writemedium6.8---
145065archivemail Temp File race condition [CVE-2006-4245]medium6.8---
145064Linux Kernel privileges management [CVE-2006-4243]medium7.5---
145063termpkg memory corruption [CVE-2006-3100]medium6.8---
145062xlockmore missing authentication [CVE-2006-0062]medium7.5---
145061xlockmore libpam-opensc missing authentication [CVE-2006-0061]medium6.8---
145060Magento HTML Comment cross site scripting [CVE-2019-8233]low4.3---
145059Magento Import input validation [CVE-2019-8232]medium6.0---
145058Magento Layout input validation [CVE-2019-8231]medium6.0---
145057Magento Config Setting input validation [CVE-2019-8230]medium6.0---
145056Magento Product Attribute input validation [CVE-2019-8229]medium6.0---
145055Magento Transaction Mail Page cross site scripting [CVE-2019-8228]low3.5---
145054Magento Profile cross site scripting [CVE-2019-8227]low3.5---
145053Magento os command injection [CVE-2019-8159]medium6.0---
145052Magento CSRF Token information disclosure [CVE-2019-8155]low2.6---
145051Magento Product Catalog input validation [CVE-2019-8154]medium6.0---
145050Magento escapeURL cross site scriptinglow4.3---
145049Magento Admin Dashboard blockDirective Stored cross site scriptinglow3.5---
145048Magento Shippment server-side request forgery [CVE-2019-8151]medium6.0---
145047Magento Page Layout input validation [CVE-2019-8150]medium6.0---
145046Magento Session Management session fixiation [CVE-2019-8149]medium7.5---
145045Magento Page Builder Stored cross site scriptinglow3.5---
145044Magento Customer Attribute Stored cross site scriptinglow3.5---
145043Magento Customer Attribute Stored cross site scriptinglow3.5---
145042Magento PageBuilder Template input validation [CVE-2019-8144]medium6.8---
145041Magento Email Template Stored sql injectionmedium6.0---
145040Magento Order Stored cross site scriptinglow3.5---
145039Magento Phar Deserialization deserialization [CVE-2019-8141]medium6.0---
145038Magento Synchronization unrestricted upload [CVE-2019-8140]medium6.5---
145037Magento Page Builder Stored cross site scriptinglow3.5---
145036Magento API Endpoint Stored cross site scriptinglow3.5---
145035Magento Layout input validation [CVE-2019-8137]medium6.0---
145034Magento Symphony Framework Remote Code Execution [CVE-2019-8136]high7.5---
145033Magento Symphony Framework injection [CVE-2019-8135]medium7.5---
145032Magento Email Template sql injection [CVE-2019-8134]medium6.0---
145031Magento Sitemap input validation [CVE-2019-8133]medium6.0---
145030Magento Inventory Source Stored cross site scriptinglow3.5---
145029Magento Database Connection sql injection [CVE-2019-8130]medium6.0---
145028Magento Expression Stored cross site scriptinglow3.5---
145027Magento Main Website Name Stored cross site scriptinglow3.5---
145026Magento Newsletter Template sql injection [CVE-2019-8127]medium6.0---
145025Magento XML Data xml entity expansion [CVE-2019-8126]medium6.0---
145024Magento Configuration Parameter input validation [CVE-2019-8125]medium6.0---
145023Magento Log insufficient verification of data authenticity [CVE-2019-8124]low4.6---
145022Magento Log input validation [CVE-2019-8123]low5.1---
145021Magento Layout Update input validation [CVE-2019-8122]medium6.0---
145020Magento Bootstrap/jquery/Knockout privileges management [CVE-2019-8121]medium7.5---
145019Magento Customer Email Address Stored cross site scriptinglow3.5---
145018Magento Bulk Product Import input validation [CVE-2019-8119]medium6.0---
145017Magento cleartext storage [CVE-2019-8118]medium7.5---
145016Magento Product View Stored cross site scriptinglow3.5---
145015Magento Session Management improper authentication [CVE-2019-8116]medium7.5---
145014Magento Product Reflected cross site scriptinglow3.5---
145013Magento Import unrestricted upload [CVE-2019-8114]medium6.0---
145012Magento Random Number Generator weak prng [CVE-2019-8113]low5.1---
145011Magento Email Confirmation insufficient verification of data authenticitymedium6.8---
145010Magento Plugin input validation [CVE-2019-8111]medium6.0---
145009Magento Template Hierarchy input validation [CVE-2019-8110]medium6.0---
145008Magento cross-site request forgery [CVE-2019-8109]low3.5---
145007Magento Session Management improper authentication [CVE-2019-8108]medium6.0---
145006Magento Export Data input validation [CVE-2019-8107]low4.9---
145005Magento unrestricted upload [CVE-2019-8093]medium6.0---
145004Magento Email Template Preview Reflected cross site scriptinglow3.5---
145003Magento Layout Update input validation [CVE-2019-8091]medium6.0---
145002Magento Design Layout denial of service [CVE-2019-8090]low4.9---
145001Forcepoint Email Security cross site scripting [CVE-2019-6142]low4.3---
145000Investintech Able2Extract Professional out-of-bounds write [CVE-2019-5089]medium6.8---
144999Investintech Able2Extract Professional out-of-bounds write [CVE-2019-5088]medium6.8---
144998X11 Mesa 3D Graphics Library Shared Memory permission assignmentmedium4.4---
144997Cisco Firepower Threat Defense Software HTTP Traffic Filter default permissionmedium6.8---
144996Cisco Firepower Threat Defense Software Normalization improper authenticationmedium6.8---
144995Cisco Firepower Threat Defense Software Protocol Detection improper authenticationmedium6.8---
144994Cisco Firepower Threat Defense Software Stream Reassembly improper authenticationmedium6.8---
144993Veritas InfoScale Cluster Server os command injection [CVE-2019-18780]high9.3---
144992Cisco Enterprise Chat/Email HTTP API information disclosure [CVE-2019-1877]low4.3---
144991ClamAV out-of-bounds read [CVE-2019-1789]medium6.8---
144990Cisco FXOS/NX-OS CLI Diagnostics information disclosure [CVE-2019-1734]low1.5---
144989HP Device Boot input validation [CVE-2019-16284]medium6.5---
144988Cisco TelePresence Advanced Media Gateway Web Application input validationlow3.5---
144987ClamAV ZIP Bomb denial of servicelow4.3---
144986Apache Impala Random Number Generator missing authenticationlow2.1---
144985CloakCoin Header resource consumption [CVE-2018-19167]low5.0---
144984peercoin Header resource consumption [CVE-2018-19166]low5.0---
144983neblio Header resource consumption [CVE-2018-19165]low5.0---
144982reddcoin Header resource consumption [CVE-2018-19164]low5.0---
144981stratisX Header resource consumption [CVE-2018-19163]low5.0---
144980Divi Header resource consumption [CVE-2018-19162]low5.0---
144979alqo Header resource consumption [CVE-2018-19161]low5.0---
144978Diamond Header resource consumption [CVE-2018-19160]low5.0---
144977lux Header resource consumption [CVE-2018-19159]low5.0---
144976Phore Header resource consumption [CVE-2018-19157]low5.0---
144975PIVX Header resource consumption [CVE-2018-19156]low5.0---
144974navcoin Header resource consumption [CVE-2018-19155]low5.0---
144973HTMLCOIN Header resource consumption [CVE-2018-19154]low5.0---
144972particl Header resource consumption [CVE-2018-19153]low5.0---
144971emercoin Header resource consumption [CVE-2018-19152]low5.0---
144970Dovecot SSL/TLS Key permission assignment [CVE-2016-4983]low1.5--high
144969Horde Groupware Webmail Edition basic.php cross-site request forgerylow4.3---
144968ISC BIND DNS Response Rate Cache Poisoning authentication spoofingmedium4.0---
144967Python PIP DNS Query improper authentication [CVE-2013-5123]medium5.1--medium
144966Google Chrome WebKit type conversion [CVE-2011-1460]medium6.8---
144965Google Chrome Blink htmlpluginelement.cpp handleEvent resource consumptionlow4.3---
144964Serendipity Xinha manager.php cross site scriptinglow4.3---
144963Serendipity Xinha unrestricted upload [CVE-2011-1134]low4.3---
IDTitleVulDBCVSSSecuniaXForceNessus
144962Serendipity Xinha backend.php cross site scriptinglow4.3---
144961TYPO3 Frontend Search Box cross site scripting [CVE-2010-3674]low4.3---
144960TYPO3 HTML Mailing API information disclosure [CVE-2010-3673]low5.0---
144959TYPO3 extbase Extension cross site scripting [CVE-2010-3672]low4.3---
144958TYPO3 session fixiation [CVE-2010-3671]medium7.5---
144957TYPO3 Forgot Password Random inadequate encryptionmedium6.8---
144956Red Hat 389 Directory Server Search Query _ger_parse_control null pointer dereferencelow5.0---
144955Nvu Mozilla XPCOM Remote Code Execution [CVE-2005-2354]high7.5---
144954Centrify Authentication/Privileged Elevation Services deserializationmedium6.8---
144953Lightbend Play Framework play-ws Credentials insufficiently protected credentialslow3.5---
144952PhantomJS file:/ page.open file accesslow4.3---
144951ARM Mbed OS CoAP Library sn_coap_parser_options_parse out-of-bounds writemedium6.8---
144950ARM Mbed OS CoAP Library sn_coap_builder_calc_needed_packet_data_size_2 integer overflowmedium6.8---
144949Oxid eShop Admin Panel session fixiation [CVE-2019-17062]medium6.0---
144947gdm3 Screen Lock information disclosure [CVE-2016-1000002]low2.1---
144946Nokogiri XML Entity xml entity expansion [CVE-2013-6461]low4.3---
144945Nokogiri Gem XML Document xml entity expansion [CVE-2013-6460]low4.3---
144944Horde Groupware Webmail Edition Permission edit.php cross-site request forgerylow4.3---
144943Horde Groupware Webmail Edition Virtual Address Book search.php cross-site request forgerylow4.3---
144942Cryptocat Chat User List information disclosure [CVE-2013-4110]low5.0---
144941Cryptocat cryptocat.js handlePresence cross site scriptinglow4.3---
144940Open Build Service TLS Certificate Validation certificate validationmedium6.8---
144939kube-state-metrics Annotation information disclosure [CVE-2019-10223]low3.5---
144848ARP-GUARD forgot1 sql injectionmedium6.8---
144847FreeRTOS FATFS ff_file.c FF_Close use after freemedium6.8---
144846ARM Mbed OS MQTT Library readMQTTLenString input validationlow5.0---
144845One Identity Cloud Access Manager cross-site request forgerylow4.3---
144844One Identity Cloud Access Manager OTP improper validation of integrity check valuemedium6.8---
144843php-gettext Plural Form Formula input validation [CVE-2015-8980]medium6.8--high
144842Python Software Foundation Djblets eval input validationmedium5.1--medium
144841RHQ Mongo DB Drift Server Temp File exposure of resource [CVE-2013-4374]medium4.6---
144840Redhat vsdm Temp File exposure of resource [CVE-2013-4280]medium4.6---
144839SciPy scipy.weave tmp privileges managementmedium4.3--low
144838Cryptocat Multiparty Encryption Scheme information disclosurelow5.0---
144837Cryptocat Entropy Cryptocat.random entropymedium7.5---
144836Cryptocat Firefox Conversation Overview input validation [CVE-2013-2259]medium7.5---
144835Cryptocat Nickname Impersonation authentication spoofingmedium7.5---
144834Cryptocat Key Generation excessive authentication [CVE-2013-2257]medium7.5---
144833TYPO3 Frontend Login Box redirect [CVE-2010-3669]low3.5---
144832TYPO3 Download Header Injection injectionmedium7.5---
144831TYPO3 Form Spam input validationmedium5.0---
144830TYPO3 uniqid Random random valueslow5.0---
144829TYPO3 Extension Manager cross site scripting [CVE-2010-3665]low3.5---
144828TYPO3 Backend information disclosure [CVE-2010-3664]low4.0---
144827TYPO3 Backend unrestricted upload [CVE-2010-3663]medium6.0---
144826TYPO3 Backend sql injection [CVE-2010-3662]medium6.0---
144825shadow/sudo Session input validation [CVE-2005-4890]medium4.4--medium
144824sudo Descriptor 3 race conditionmedium6.6---
144823Linux Kernel V4L2 Subsystem vivid vivid_stop_generating_vid_cap race conditionmedium4.1---
144822Linux Kernel tcp.c rds_tcp_kill_sock null pointer dereferencelow5.0---
144821SAP HANA Database input validation [CVE-2019-0350]low5.0---
144820360 Safe Router Background Process injection [CVE-2018-19031]medium6.5---
144818JBoss AeroGear Reflected cross site scripting [CVE-2014-3649]low4.3---
144817Red Hat Update Infrastructure PKI information disclosure [CVE-2013-4518]low2.1---
144816CloudForms Password Storage insufficiently protected credentialsmedium4.6---
144815slim crypt null pointer dereferencelow5.0---
144814Cryptocat Socialist Millionnaire Protocol inadequate encryptionmedium7.5---
144813Cryptocat input validation [CVE-2013-4103]medium7.5---
144812Cryptocat strophe.js Math.random Random random valuesmedium7.5---
144811Cryptocat Link Markup Decorator addLinks input validationmedium5.0---
144810Cryptocat input validation [CVE-2013-4100]low5.0---
144809Cryptocat strophe.js information disclosurelow5.0---
144808Cryptocat Extension keygen.gif information disclosurelow5.0---
144807SHIFT BitBox02 OLED Display information disclosure [CVE-2019-18673]low1.2---
144806Currency Switcher Addon input validation [CVE-2019-18668]medium6.5---
144805freeradius3 for pfSense freeradius_view_config.php cross site scriptinglow4.3---
144804SECUDOS DOMOS Log Module path traversal [CVE-2019-18665]medium7.5---
144803SECUDOS DOMOS Log Module cross site scripting [CVE-2019-18664]low3.5---
144802YouPHPTube getChat.json.php sql injectionmedium6.8---
144801Hyundai Pay Kasse HK-1000 OLED Display information disclosurelow1.2---
144800Archos Safe-T OLED Display information disclosure [CVE-2019-14358]low1.2---
144799F5 BIG-IP AFM AFM Configuration Utility sql injection [CVE-2019-6658]medium6.0---
144798F5 BIG-IP Traffic Management User Interface Reflected cross site scriptinglow4.3---
144797Red Hat Linux Enterprise DHCP denial of service [CVE-2019-6470]low5.0---
144796Fastweb FASTgate Administration Console check_pwd information disclosuremedium7.5---
144795Facebook WhatsApp Wireless Emergency Alerts Protocol risky encryptionmedium6.8---
144794AVG Antivirus SSID Name cross site scripting [CVE-2019-18654]low4.3---
144793Avast Antivirus SSID Name cross site scripting [CVE-2019-18653]low4.3---
144792Nexus Repository Manager CommandLineExecutor.java os command injectionmedium6.0---
144791Symantec SONAR Tamper Protection default permission [CVE-2019-12752]medium5.2---
144790ovirt-engine os.chmod permission assignmentmedium4.6---
144789SmokePing Time Field cross site scripting [CVE-2013-4168]low4.3--medium
144788OpenStack Keystone/OpenStack Compute SSL Certificate Validator HTTPSConnections certificate validationmedium5.1---
144787GLPI common.tabs.php input validationmedium7.5---
144786Foswiki Maketext Macro code injection [CVE-2013-1666]medium6.8--medium
144785Red Hat ManageIQ EVM cross site scripting [CVE-2013-0186]low4.3---
144784Redis Temp File redis.ds input validationmedium3.6---
144783Redis Temp File redis-%p.vm input validationmedium3.6---
144782openshift Temp File dump.sh input validationmedium7.5---
144781FreeBSD nsd resource transfer [CVE-2012-2979]low4.3--high
144780Apache Struts ParameterInterceptor permission assignmenthigh10.0--critical
144779TYPO3 Backend redirect [CVE-2010-3661]medium6.8---
144778TYPO3 Backend cross site scripting [CVE-2010-3660]low3.5---
144777gs-gpl Addon Script race condition [CVE-2005-2352]medium6.8---
144776Mutt Temp File exposure of resource [CVE-2005-2351]low2.1---
144775websieve Web User Interface cross site scripting [CVE-2005-2350]low4.3---
144774Jitbit .NET Forum Gravatar cross site scripting [CVE-2019-18636]low3.5---
144773Infosysta In-App / Desktop Notifications App Project NotificationSettings information disclosurelow4.0---
144772Infosysta In-App / Desktop Notifications App Project ProjectFilter information disclosurelow5.0---
144771php-symfony2-Validator Serialization input validation [CVE-2013-4751]medium5.8--medium
144770Evince input validation [CVE-2013-3718]medium6.8---
144769minidlna memory corruption [CVE-2013-2739]medium6.8---
144768minidlna sql injection [CVE-2013-2738]medium6.8---
144767MiniUPnPd Minissdp.c snprintf information disclosurelow5.0---
144766Twiki Include injectionmedium6.5--medium
144765YouPHPTube sql injection [CVE-2019-5151]medium6.8---
144764YouPHPTube VideoTags Plugin sql injection [CVE-2019-5150]medium6.8---
144763Tempo Plugin Permission authorization [CVE-2019-5095]low3.5---
144762AMD ATI Radeon Pixel Shader ATIDXX64.DLL out-of-bounds writemedium6.8---
144761Google Nest Cam IQ Indoor resource consumption [CVE-2019-5043]low5.0---
144760Rainbow PDF Office Server Document Converter PowerPoint Document Conversion parse out-of-bounds writemedium6.8---
144759grsecurity PaX Patch kmem read_kmem release of resourcelow4.3---
144758Python X.509 Certificate null pointer dereference [CVE-2019-5010]low5.0--medium
144757ClickHouse Header Injection injection [CVE-2019-18657]medium7.5---
144756Technicolor TD5130v2 Web Interface mnt_ping.cgi os command injectionmedium6.5---
144755Honeywell IP Camera Audio Stream missing authentication [CVE-2019-18230]low4.3---
144754Advantech WISE-PaaS/RMM sql injection [CVE-2019-18229]medium6.0---
144753Honeywell IP Cameras input validation [CVE-2019-18228]low5.0---
144752Advantech WISE-PaaS/RMM XML Data xml external entity referencemedium7.5---
144751Honeywell IP Cameras authentication replay [CVE-2019-18226]medium5.1---
144750Infosysta In-App / Desktop Notifications App UserFilter Username improper authenticationlow4.3---
144749Infosysta In-App / Desktop Notifications App PushNotification improper authenticationlow5.0---
144748Phoenix Contact PC Worx/PC Worx Express/Config+ Config+ Project File input validationmedium6.8---
144747CentOS-WebPanel.com CentOS Web Panel filemanager2.php Stored cross site scriptinglow1.5---
144746Fortinet FortiExtender CLI Admin Console os command injectionmedium8.5---
144745Coldcard MK1/MK2 OLED Display information disclosure [CVE-2019-14356] [Disputed]low1.2---
144744Advantech WISE-PaaS/RMM path traversal [CVE-2019-13551]medium7.5---
144743Advantech WISE-PaaS/RMM authorization [CVE-2019-13547]medium6.8---
144742FreeTDS memory corruption [CVE-2019-13508]medium6.8---
144741Sierra Wireless AirLink ES450 ACEManager upload.cgi improper authenticationmedium6.0---
144740CUJO Smart Firewall Safe Browsing code injection [CVE-2018-4031]high9.3---
144739CUJO Smart Firewall mdnscap recursion [CVE-2018-4002]low5.0---
144738Atlantis Word Processor Word Document Parser uninitialized pointermedium6.8---
144737CHICKEN Incomplete Fix buffer overflow [CVE-2013-2075]medium6.8---
144736CHICKEN utils Module qs os command injectionmedium7.5--high
144735autojump privileges management [CVE-2013-2012]medium4.4---
144734MediaWiki Lua cross site scripting [CVE-2013-1951]low4.3--medium
144733ruby193 unknown vulnerability [CVE-2013-1945]low2.1---
144732MantisBT Configuration Report Page adm_config_report.php cross site scriptinglow3.5--high
144731MantisBT Configuration Report Page adm_config_report.php cross site scriptinglow3.5--low
144730MantisBT manage_proj_ver_delete.php cross site scriptinglow4.3--medium
144729MantisBT Workflow input validation [CVE-2013-1930]medium6.8--medium
144728yum Metadata yumRepo.py input validationmedium7.5---
144727CHICKEN Hash Table Collision input validationhigh7.5---
144726CHICKEN Random Number Generator weak prng [CVE-2012-6124] [Disputed]medium7.5---
144725CHICKEN NULL Byte input validation [CVE-2012-6123]medium5.0---
144724CHICKEN Thread Scheduler select buffer overflowmedium6.8---
144723IcedTea6 JNLP Service information disclosure [CVE-2010-2783]medium7.5--high
144722IcedTea6 authorization [CVE-2010-2548]medium7.5--high
144721ZTE ZX297520V3 Terminal System injection [CVE-2019-3421]medium5.2---
144720ZTE ZXMP input validation [CVE-2019-3419]low2.7---
144719Pimcore translations.js cross site scriptinglow4.3---
144718Total Defense Anti-Virus Quarantine permission assignment [CVE-2019-18645]medium4.6---
144717Total Defense Anti-Virus Symlink toctou [CVE-2019-18644]low5.8---
144716Mooltipass Moolticute MPDevice_win.cpp null pointer dereferencelow5.0---
144715European Commission eIDAS-Node Integration Package Certificate Validation certificate validationmedium7.5---
144714European Commission eIDAS-Node Integration Package Certificate certificate validationmedium7.5---
144713Progress MOVEit Transfer SSH/SFTP missing authentication [CVE-2019-18465]medium6.8---
144712Progress MOVEit Transfer REST API sql injection [CVE-2019-18464]medium6.8---
144711Xen Descriptor privileges management [CVE-2019-18425]medium6.8---
144710Xen DMA os command injection [CVE-2019-18424]medium4.4---
144709Xen Hypercall p2m_resolve_translation_fault input validationlow3.5---
144708Xen Exception permission assignment [CVE-2019-18422]medium6.0---
144707Xen Promotion race condition [CVE-2019-18421]medium4.6---
144706Xen Hypercall hypercall_create_continuation input validationlow3.5---
144705JetBrains YouTrack Tag default permission [CVE-2019-18369]medium7.5---
144704JetBrains ToolBox App privileges management [CVE-2019-18368]medium7.5---
144703JetBrains TeamCity default permission [CVE-2019-18367]medium7.5---
144702JetBrains TeamCity Permission default permission [CVE-2019-18366]low5.0---
144701JetBrains TeamCity privileges management [CVE-2019-18365]medium4.3---
144700JetBrains TeamCity Java Deserialization deserialization [CVE-2019-18364]medium7.5---
144699JetBrains TeamCity information disclosure [CVE-2019-18363]low4.3---
144698JetBrains MPS Network Service information disclosure [CVE-2019-18362]medium6.8---
144697JetBrains IntelliJ IDEA privileges management [CVE-2019-18361]low4.1---
144696JetBrains Hub Password Recovery Username information disclosurelow5.0---
144695Zucchetti InfoBusiness Web Component cross site scripting [CVE-2019-18207]low3.5---
144694Zucchetti InfoBusiness File Upload cross-site request forgerylow4.3---
144693Zucchetti InfoBusiness Browsing Reflected cross site scriptinglow4.3---
144692Zucchetti InfoBusiness File Upload unrestricted upload [CVE-2019-18204]medium6.5---
144691Apak Wholesale Floorplanning Finance agreementView.faces cross site scriptinglow4.3---
144690ClipSoft REXPERT input validation [CVE-2019-17326]low4.3---
144689ClipSoft REXPERT RexViewerCtrl30.ocx ActiveX unrestricted uploadlow4.3---
144688ClipSoft REXPERT path traversal [CVE-2019-17324]medium6.8---
144687ClipSoft REXPERT xml injection [CVE-2019-17323]medium6.8---
144686ClipSoft REXPERT input validation [CVE-2019-17322]medium6.8---
144685ClipSoft REXPERT information disclosure [CVE-2019-17321]low2.6---
144684YIT Plugin Framework yit-plugin-panel-wc.php privileges managementmedium6.5---
144683BitDefender BOX Web API input validation [CVE-2019-12612]medium4.6---
144682Apache Airflow Metadata Database cross site scripting [CVE-2019-12417]low3.5---
144681medoo columnQuote sql injectionmedium6.8---
144680Jupyter Notebook CSP improper restriction of rendered ui layersmedium6.8---
144679systemd Certificate Validation certificate validation [CVE-2018-21029]medium5.1---
144678GNUBOARD5 Extra Contents boardgroup_form_update.php cross site scriptinglow4.3---
144677murmur-server Client Query input validation [CVE-2010-2490]low4.0---
144676Ikiwiki Comment cross site scripting [CVE-2010-1673]low4.3---
144675transmission Endgame memory corruption [CVE-2010-0749]low5.0---
144674transmission Magnet Link input validation [CVE-2010-0748]low5.0--high
144673drbd8 mount.cifs permission assignmentmedium4.1---
144672JBoss Operations Network CLI permission assignment [CVE-2010-0737]medium4.9---
144671Autokey link following [CVE-2010-0398]low3.0---
144670Xpdf xref Table infinite loop [CVE-2010-0207]low4.3---
144669Xpdf JBIG2 null pointer dereference [CVE-2010-0206]low4.3---
144668Burn Quotation Mark exceptional condition [CVE-2009-5043]high7.5---
144667python-docutils Temp File exposure of resource [CVE-2009-5042]medium7.5---
144666Overkill Player Name buffer overflow [CVE-2009-5041]medium6.8---
144665Apple iTunes WebKit Process Model memory corruption [CVE-2019-8815]medium6.8---
144664Apple iTunes WebKit memory corruption [CVE-2019-8823]medium6.8---
144663Apple iTunes WebKit memory corruption [CVE-2019-8822]medium6.8---
144662Apple iTunes WebKit memory corruption [CVE-2019-8821]medium6.8---
144661Apple iTunes WebKit memory corruption [CVE-2019-8820]medium6.8---
144660Apple iTunes WebKit memory corruption [CVE-2019-8819]medium6.8---
144659Apple iTunes WebKit memory corruption [CVE-2019-8816]medium6.8---
144658Apple iTunes WebKit memory corruption [CVE-2019-8814]medium6.8---
144657Apple iTunes WebKit memory corruption [CVE-2019-8812]medium6.8---
144656Apple iTunes WebKit memory corruption [CVE-2019-8811]medium6.8---
144655Apple iTunes WebKit memory corruption [CVE-2019-8808]medium6.8---
144654Apple iTunes WebKit memory corruption [CVE-2019-8783]medium6.8---
144653Apple iTunes WebKit memory corruption [CVE-2019-8782]medium6.8---
144652Apple iTunes WebKit Universal cross site scriptingmedium4.3---
144651Apple iTunes untrusted search path [CVE-2019-8801]medium4.1---
144650Apple iTunes Graphics Driver memory corruption [CVE-2019-8784]medium6.6---
144649Apple iCloud WebKit Process Model memory corruption [CVE-2019-8815]medium6.8---
144648Apple iCloud WebKit memory corruption [CVE-2019-8823]medium6.8---
144647Apple iCloud WebKit memory corruption [CVE-2019-8822]medium6.8---
144646Apple iCloud WebKit memory corruption [CVE-2019-8821]medium6.8---
144645Apple iCloud WebKit memory corruption [CVE-2019-8820]medium6.8---
144644Apple iCloud WebKit memory corruption [CVE-2019-8819]medium6.8---
144643Apple iCloud WebKit memory corruption [CVE-2019-8816]medium6.8---
144642Apple iCloud WebKit memory corruption [CVE-2019-8814]medium6.8---
144641Apple iCloud WebKit memory corruption [CVE-2019-8811]medium6.8---
144640Apple iCloud WebKit memory corruption [CVE-2019-8783]medium6.8---
144639Apple iCloud WebKit memory corruption [CVE-2019-8782]medium6.8---
144638Apple iCloud WebKit memory corruption [CVE-2019-8766]medium6.8---
144637Apple iCloud WebKit memory corruption [CVE-2019-8710]medium6.8---
144636Apple iCloud WebKit Universal cross site scriptingmedium4.3---
144635Apple iCloud libxslt memory corruption [CVE-2019-8750]medium6.8---
144634Apple iCloud Graphics Driver memory corruption [CVE-2019-8784]medium6.6---
144633Apple iCloud WebKit Process Model memory corruption [CVE-2019-8815]medium6.8---
144632Apple iCloud WebKit memory corruption [CVE-2019-8823]medium6.8---
144631Apple iCloud WebKit memory corruption [CVE-2019-8822]medium6.8---
144630Apple iCloud WebKit memory corruption [CVE-2019-8821]medium6.8---
144629Apple iCloud WebKit memory corruption [CVE-2019-8820]medium6.8---
144628Apple iCloud WebKit memory corruption [CVE-2019-8819]medium6.8---
144627Apple iCloud WebKit memory corruption [CVE-2019-8816]medium6.8---
144626Apple iCloud WebKit memory corruption [CVE-2019-8814]medium6.8---
144625Apple iCloud WebKit memory corruption [CVE-2019-8811]medium6.8---
144624Apple iCloud WebKit memory corruption [CVE-2019-8783]medium6.8---
144623Apple iCloud Graphics Driver memory corruption [CVE-2019-8784]medium6.6---
144622Apple macOS UIFoundation information disclosure [CVE-2019-8761]low1.5---
144621Apple macOS System Extensions input validation [CVE-2019-8805]medium6.6---
144620Apple macOS PluginKit memory corruption [CVE-2019-8715]medium4.1---
144619Apple macOS PluginKit information disclosure [CVE-2019-8708]low1.5---
144618Apple macOS manpages input validation [CVE-2019-8802]medium6.6---
144617Apple macOS libxslt memory corruption [CVE-2019-8750]medium6.8---
144616Apple macOS libxml2 memory corruption [CVE-2019-8756]medium4.1---
144615Apple macOS libxml2 memory corruption [CVE-2019-8749]medium4.1---
144614Apple macOS Kernel memory corruption [CVE-2019-8744]medium4.1---
144613Apple macOS Kernel memory corruption [CVE-2019-8786]medium6.6---
144612Apple macOS Kernel Memory input validationlow1.5---
144611Apple macOS iTunes untrusted search path [CVE-2019-8801]medium4.1---
144610Apple macOS IOGraphics denial of service [CVE-2019-8759]medium4.4---
144609Apple macOS Intel Graphics Driver memory corruption [CVE-2019-8807]medium6.6---
144608Apple macOS Graphics Driver memory corruption [CVE-2019-8784]medium6.6---
144607Apple macOS Graphics unrestricted upload [CVE-2018-1215]medium6.0---
144606Apple macOS Graphics unrestricted upload [CVE-2018-1215]medium6.0---
144605Apple macOS Graphics unrestricted upload [CVE-2018-1215]medium6.0---
144604Apple macOS File System Events memory corruption [CVE-2019-8798]medium6.6---
144603Apple macOS File Quarantine privileges management [CVE-2019-8509]medium4.1---
144602Apple macOS CUPS denial of service [CVE-2019-8737]low2.3---
144601Apple macOS CUPS heap-based overflow [CVE-2019-8767]medium6.8---
144600Apple macOS CUPS information disclosure [CVE-2019-8736]low2.3---
144599Apple macOS Contacts authentication spoofing [CVE-2017-7152]medium6.8---
144598Apple macOS Books link following [CVE-2019-8789]low4.3---
144597Apple macOS Audio memory corruption [CVE-2019-8797]medium6.6---
144596Apple macOS Audio memory corruption [CVE-2019-8785]medium6.6---
144595Apple macOS Audio memory corruption [CVE-2019-8706]medium6.8---
144594Apple macOS Associated Domains input validation [CVE-2019-8788]low5.0---
144593Apple macOS AppleGraphicsControl memory corruption [CVE-2019-8716]medium6.6---
144592Apple macOS AppleGraphicsControl Memory input validationlow1.5---
144591Apple macOS App Store session expiration [CVE-2019-8803]low4.1---
144590Apple macOS Accounts out-of-bounds read [CVE-2019-8787]medium6.8---
144589Apple watchOS WebKit memory corruption [CVE-2019-8820]medium6.8---
144588Apple watchOS WebKit memory corruption [CVE-2019-8816]medium6.8---
144587Apple watchOS WebKit memory corruption [CVE-2019-8812]medium6.8---
144586Apple watchOS WebKit memory corruption [CVE-2019-8811]medium6.8---
144585Apple watchOS WebKit memory corruption [CVE-2019-8808]medium6.8---
144584Apple watchOS WebKit memory corruption [CVE-2019-8766]medium6.8---
144583Apple watchOS WebKit memory corruption [CVE-2019-8765]medium6.8---
144582Apple watchOS WebKit memory corruption [CVE-2019-8743]medium6.8---
144581Apple watchOS WebKit Universal cross site scriptingmedium4.3---
144580Apple watchOS VoiceOver information disclosure [CVE-2019-8775]low1.9---
144579Apple watchOS libxslt memory corruption [CVE-2019-8750]medium6.8---
144578Apple watchOS Kernel memory corruption [CVE-2019-8786]medium6.6---
144577Apple watchOS Kernel input validation [CVE-2019-8794]low1.5---
144576Apple watchOS File System Events memory corruption [CVE-2019-8798]medium6.6---
144575Apple watchOS Contacts authentication spoofing [CVE-2017-7152]medium6.8---
144574Apple watchOS Audio memory corruption [CVE-2019-8797]medium6.6---
144573Apple watchOS Audio memory corruption [CVE-2019-8785]medium6.6---
144572Apple watchOS AppleFirmwareUpdateKext memory corruption [CVE-2019-8747]medium6.6---
144571Apple watchOS App Store session expiration [CVE-2019-8803]low4.1---
144570Apple watchOS Accounts out-of-bounds read [CVE-2019-8787]medium6.8---
144569Apple Safari WebKit Process Model memory corruption [CVE-2019-8815]medium6.8---
144568Apple Safari WebKit memory corruption [CVE-2019-8823]medium6.8---
144567Apple Safari WebKit memory corruption [CVE-2019-8822]medium6.8---
144566Apple Safari WebKit memory corruption [CVE-2019-8821]medium6.8---
144565Apple Safari WebKit memory corruption [CVE-2019-8820]medium6.8---
144564Apple Safari WebKit memory corruption [CVE-2019-8819]medium6.8---
144563Apple Safari WebKit memory corruption [CVE-2019-8816]medium6.8---
144562Apple Safari WebKit memory corruption [CVE-2019-8814]medium6.8---
144561Apple Safari WebKit memory corruption [CVE-2019-8812]medium6.8---
144560Apple Safari WebKit memory corruption [CVE-2019-8811]medium6.8---
144559Apple Safari WebKit memory corruption [CVE-2019-8808]medium6.8---
144558Apple Safari WebKit memory corruption [CVE-2019-8783]medium6.8---
144557Apple Safari WebKit memory corruption [CVE-2019-8782]medium6.8---
144556Apple Safari WebKit Universal cross site scriptingmedium4.3---
144555Apple iOS/iPadOS WebKit Process Model memory corruption [CVE-2019-8815]medium6.8---
144554Apple iOS/iPadOS WebKit memory corruption [CVE-2019-8823]medium6.8---
144553Apple iOS/iPadOS WebKit memory corruption [CVE-2019-8822]medium6.8---
144552Apple iOS/iPadOS WebKit memory corruption [CVE-2019-8821]medium6.8---
144551Apple iOS/iPadOS WebKit memory corruption [CVE-2019-8820]medium6.8---
144550Apple iOS/iPadOS WebKit memory corruption [CVE-2019-8819]medium6.8---
144549Apple iOS/iPadOS WebKit memory corruption [CVE-2019-8816]medium6.8---
144548Apple iOS/iPadOS WebKit memory corruption [CVE-2019-8814]medium6.8---
144547Apple iOS/iPadOS WebKit memory corruption [CVE-2019-8812]medium6.8---
144546Apple iOS/iPadOS WebKit memory corruption [CVE-2019-8811]medium6.8---
144545Apple iOS/iPadOS WebKit memory corruption [CVE-2019-8808]medium6.8---
144544Apple iOS/iPadOS WebKit memory corruption [CVE-2019-8783]medium6.8---
144543Apple iOS/iPadOS WebKit memory corruption [CVE-2019-8782]medium6.8---
144542Apple iOS/iPadOS WebKit Universal cross site scriptingmedium4.3---
144541Apple iOS/iPadOS Screen Recording input validation [CVE-2019-8793]low1.5---
144540Apple iOS/iPadOS Setup Assistant improper authentication [CVE-2019-8804]low4.4---
144539Apple iOS/iPadOS Kernel memory corruption [CVE-2019-8786]medium6.6---
144538Apple iOS/iPadOS Kernel Memory input validationlow1.5---
144537Apple iOS/iPadOS Graphics Driver memory corruption [CVE-2019-8784]medium6.6---
144536Apple iOS/iPadOS File System Events memory corruption [CVE-2019-8798]medium6.6---
144535Apple iOS/iPadOS Contacts authentication spoofing [CVE-2017-7152]medium6.8---
144534Apple iOS/iPadOS Books link following [CVE-2019-8789]low4.3---
144533Apple iOS/iPadOS AVEVideoEncoder memory corruption [CVE-2019-8795]medium6.6---
144532Apple iOS/iPadOS Audio memory corruption [CVE-2019-8797]medium6.6---
144531Apple iOS/iPadOS Audio memory corruption [CVE-2019-8785]medium6.6---
144530Apple iOS/iPadOS Associated Domains Exfiltration input validationlow5.0---
144529Apple iOS/iPadOS App Store session expiration [CVE-2019-8803]medium4.1---
144528Apple iOS/iPadOS Accounts out-of-bounds read [CVE-2019-8787]medium6.8---
144527Apple tvOS WebKit Process Model memory corruption [CVE-2019-8815]medium6.8---
144526Apple tvOS WebKit memory corruption [CVE-2019-8823]medium6.8---
144525Apple tvOS WebKit memory corruption [CVE-2019-8822]medium6.8---
144524Apple tvOS WebKit memory corruption [CVE-2019-8821]medium6.8---
144523Apple tvOS WebKit memory corruption [CVE-2019-8820]medium6.8---
144522Apple tvOS WebKit memory corruption [CVE-2019-8819]medium6.8---
144521Apple tvOS WebKit memory corruption [CVE-2019-8816]medium6.8---
144520Apple tvOS WebKit memory corruption [CVE-2019-8814]medium6.8---
144519Apple tvOS WebKit memory corruption [CVE-2019-8812]medium6.8---
144518Apple tvOS WebKit memory corruption [CVE-2019-8811]medium6.8---
144517Apple tvOS WebKit memory corruption [CVE-2019-8808]medium6.8---
144516Apple tvOS WebKit memory corruption [CVE-2019-8783]medium6.8---
144515Apple tvOS WebKit memory corruption [CVE-2019-8782]medium6.8---
144514Apple tvOS WebKit Universal cross site scriptingmedium4.3---
144513Apple tvOS Kernel memory corruption [CVE-2019-8786]medium6.6---
144512Apple tvOS Kernel input validation [CVE-2019-8794]low1.5---
144511Apple tvOS File System Events memory corruption [CVE-2019-8798]medium6.6---
144510Apple tvOS AVEVideoEncoder memory corruption [CVE-2019-8795]medium6.6---
144509Apple tvOS Audio memory corruption [CVE-2019-8797]medium6.6---
144508Apple tvOS Audio memory corruption [CVE-2019-8785]medium6.6---
144507Apple tvOS App Store session expiration [CVE-2019-8803]medium4.4---
144506Apple tvOS Accounts out-of-bounds read [CVE-2019-8787]medium6.8---
144505Logstash Beats Input Plugin input validation [CVE-2019-7620]low5.0---
144504Elasticsearch API Key Service Username risky encryptionlow4.3---
144503rdesktop out-of-bounds read [CVE-2019-15682]low5.0---
144502ISC BIND buffer.c assertionlow4.3--high
144492Aruba Instant injection [CVE-2018-16417]medium7.5---
144451LabKey Server reports-viewScriptReport.view cross-site request forgerylow4.3---
144450LabKey Server Display Name Stored cross site scriptinglow3.5---
144449LabKey Server SVG xml external entity reference [CVE-2019-9757]medium7.5---
144448TightVNC HandleCoRREBBP buffer overflowmedium6.8---
144447Magento input validation [CVE-2019-8235]low4.0---
144446Schneider Electric Modicon M580 TFTP information disclosure [CVE-2019-6851]low5.0---
144445Schneider Electric Modicon BMENOC 0321 Communication Module information disclosurelow5.0---
144444Schneider Electric Modicon BMENOC 0321 Communication Module information disclosurelow5.0---
144443Schneider Electric Modicon BMENOC 0321 Communication Module input validationlow5.0---
144442Modicon Modicon M580 Application exceptional condition [CVE-2019-6847]low4.0---
144441Schneider Electric Modicon M580 FTP cleartext transmission [CVE-2019-6846]low4.3---
144440Schneider Electric Modicon M580 Modbus cleartext transmissionlow5.0---
144439Schneider Electric Modicon M580 PLC exceptional condition [CVE-2019-6844]low4.0---
144438Schneider Electric Modicon M580 PLC exceptional condition [CVE-2019-6843]low4.0---
144437Schneider Electric Modicon M580 PLC exceptional condition [CVE-2019-6842]low4.0---
144436Schneider Electric Modicon M580 PLC exceptional condition [CVE-2019-6841]low4.0---
144435VMware SD-WAN information disclosure [CVE-2019-5533]low4.0---
144434RouterOS DNS Server input validation [CVE-2019-3979]medium7.5---
144433RouterOS DNS Cache Poisoning missing authenticationmedium5.1---
144432RouterOS Upgrade Package code download [CVE-2019-3977]medium6.8---
144431RouterOS Upgrade Package input validation [CVE-2019-3976]medium6.5---
144430Opera Mini File Download input validation [CVE-2019-18624]medium7.5---
144429AbuseFilter Extension information disclosure [CVE-2019-18612]low5.0---
144428CheckUser Extension API information disclosure [CVE-2019-18611]low4.0---
144427Cezerin Attribute cart input validationmedium7.5---
144426axodraw2 axohelp axohelp.c input validationhigh7.5---
144425OpenAFS RPC information disclosure [CVE-2019-18603]low4.3---
144424OpenAFS information disclosure [CVE-2019-18602]low5.0---
144423OpenAFS RPC Call deserialization [CVE-2019-18601]low5.0---
144422Maxthon Unquoted Search Path unquoted search path [CVE-2019-16647]medium4.1---
144421TurboVNC out-of-bounds write [CVE-2019-15683]medium6.8---
144420LibVNC VNC Server information disclosure [CVE-2019-15681]low5.0---
144419TightVNC HandleZlibBPP null pointer dereferencelow5.0---
144418TightVNC InitialiseRFBConnection out-of-bounds writemedium6.8---
144417TightVNC rfbServerCutText out-of-bounds writemedium6.8---
144416Sahi Pro Script Manager DBReports Reflected cross site scriptinglow4.3---
144415Sequelize JSON Path Key sql injection [CVE-2019-10749]medium6.8---
144414Sequelize JSON Path Key sql injection [CVE-2019-10748]medium6.8---
144413Archiver Unarchive path traversal [CVE-2019-10743]medium6.8---
144412PostgreSQL Installer input validation [CVE-2019-10211]medium6.8---
144411PostgreSQL Installer input validation [CVE-2019-10210]medium4.1---
144410PostgreSQL Memory information disclosure [CVE-2019-10209]low3.5---
144409PostgreSQL Execute Permission sql injection [CVE-2019-10208]medium6.0---
144408Apache Thrift TJSONProtocol/TSimpleJSONProtocol out-of-bounds readlow5.0---
144407Apache Thrift infinite loop [CVE-2019-0205]low5.0---
144406qtum Header resource consumption [CVE-2018-19151]low5.0---
144405TightRope Media Carousel Digital Signage Services privileges managementmedium4.1---
144404TightRope Media Carousel Digital Signage File Upload unrestricted uploadmedium6.5---
144403TightRope Media Carousel Seneca HDn hard-coded credentials [CVE-2018-18929]medium6.6---
144402Fabrikar Fabrik Component Reflected cross site scripting [CVE-2018-10727]low4.3---
144400GMER SysTreeView32 Control out-of-bounds write [CVE-2016-4289]medium4.4---
144399Apache Hadoop link following [CVE-2012-2945]medium7.5---
144398BitlBee Privilege unix.c dropped privilegesmedium7.5---
144397SugarCRM CE unserialize input validationmedium7.5---
144396MediaWiki ApiQueryRevisions.php information disclosurelow5.0---
144395gpw Password Generator weak password [CVE-2011-4931]low2.6---
144394Cisco Video Communications Server injection [CVE-2011-2538]medium6.0---
144393Ikiwiki TTY link following [CVE-2011-1408]medium7.5--high
144392Ikiwiki Comment cross site scripting [CVE-2011-0428]low4.3---
144391Mercurial SSL Certificate certificate validation [CVE-2010-4237]medium4.0--high
144390qtparted Library Loader input validation [CVE-2010-3375]medium7.5---
144389paxtest Temp File input validation [CVE-2010-3373]medium2.1---
144388rpcbind portmap.xdr link followinglow4.1---
144387rpcbind portmap.xdr input validationmedium4.1---
144386MapServer Symbol Index input validation [CVE-2010-1678]medium5.0---
144385ytnef path traversal [CVE-2009-3887]medium7.5---
144384Asterisk PBX Call authorization [CVE-2009-3723]medium7.5---
144383VMware vCenter Server Appliance Backup/Restore certificate validationlow4.3---
144382VMware vCenter Server Appliance Backup/Restore certificate validationlow4.3---
144381VMware ESXi/Workstation/Fusion Shader input validation [CVE-2019-5536]low3.5---
144380IBM API Connect information disclosure [CVE-2019-4600]low5.0---
144379IBM Maximo Health- Safety/Environment Manager privileges managementmedium6.0---
144378IBM Security Guardium Big Data Intelligence inadequate encryptionlow2.6---
144377IBM Security Guardium Big Data Intelligence Cookie cookie validationlow2.6---
144376IBM Security Guardium Big Data Intelligence Blacklist input validationmedium6.5---
144375IBM Security Guardium Big Data Intelligence information disclosurelow5.0---
144374IBM Security Guardium Big Data Intelligence information disclosurelow5.0---
144373IBM Security Guardium Big Data Intelligence hard-coded credentialsmedium4.4---
144372IBM Security Guardium Big Data Intelligence Credentials insufficiently protected credentialslow1.5---
144371IBM Security Guardium Big Data Intelligence Permission exposure of resourcemedium7.5---
144370Trend Micro Micro Apex One Management Console path traversalmedium6.8---
144369Trend Micro Apex One ZIP File unrestricted upload [CVE-2019-18188]medium6.8---
144368Trend Micro OfficeScan ZIP File path traversal [CVE-2019-18187]medium7.5---
144367IntraSrv HTTP Request buffer overflow [CVE-2019-17181]medium6.8---
144366Repetier-Server XML File RepetierServer.exe path traversalmedium6.8---
144365Dzone AnswerHub xml external entity reference [CVE-2017-15725]medium7.5---
144364Keyring Lib Permission default permission [CVE-2012-5577]medium7.5---
144363McAfee Total Protection information disclosure [CVE-2019-3636]medium4.4---
144262libpod Podman link following [CVE-2019-18466]medium6.8---
144261TerraMaster FS-210 1.user.php privileges managementmedium6.5---
144260Compal Broadband CH7465LG Modem Web Interface path traversallow4.3---
144259K7 Antivirus Premium/Total Security/Ultimate Security Inter-Process Communication K7TSHlpr.dll privileges managementmedium4.1---
144258rConfig search.crud.php exec os command injectionmedium6.5---
144257rConfig ajaxServerSettingsChk.php exec os command injectionmedium7.5---
144256Mitsubishi Electric ME-RTU/INEA ME-RTU mobile.php os command injectionmedium6.8---
144255Mitsubishi Electric ME-RTU/INEA ME-RTU hard-coded credentialshigh9.3---
144254Mitsubishi Electric ME-RTU/INEA ME-RTU Credentials insufficiently protected credentialslow5.0---
144253Mitsubishi Electric ME-RTU/INEA ME-RTU index.php Stored cross site scriptinglow3.5---
144252Mitsubishi Electric ME-RTU/INEA ME-RTU Configuration File information disclosurelow4.3---
144251Mitsubishi Electric ME-RTU/INEA ME-RTU SSH Key ssh_host_rsa_key hard-coded credentialsmedium7.5---
144250Mitsubishi Electric ME-RTU/INEA ME-RTU Configuration File settings.xml Credentials default permissionlow4.0---
144243pootle cross site scripting [CVE-2010-4245]low4.3---
144242Tiki Wiki CMS Groupware tiki-adminusers.php cross-site request forgerylow4.3---
144241Tiki Wiki CMS Groupware tiki-edit_wiki_section.php cross site scriptinglow4.3---
144240Tiki Wiki CMS Groupware tiki-jsplugin.php input validationmedium7.5---
144239Mailscanner Signature Update input validation [CVE-2010-3293]low1.5---
144238Pixelpost cross site scripting [CVE-2009-4900]low4.3---
144237Pixelpost sql injection [CVE-2009-4899]medium6.8---
144236Zoo path traversal [CVE-2005-2349]medium7.5---
144235Snoopy curl input validation [CVE-2002-2444]high7.5---
144234LabF nfsAxe FTP Client memory corruption [CVE-2017-14742]medium6.8---
144232Joomla CMS code injectionmedium6.0---
144231PHP FPM fpm_main.c env_path_info Underflow out-of-bounds writemedium6.8---
144230Adobe Experience Manager cross-site request forgery [CVE-2019-8234]low4.3---
144229Adobe Experience Manager injection [CVE-2019-8088]medium6.8---
144228Adobe Experience Manager XML Data xml external entity referencemedium6.8---
144227Adobe Experience Manager XML Data xml external entity referencemedium6.8---
144226Adobe Experience Manager Reflected cross site scripting [CVE-2019-8085]low4.3---
144225Adobe Experience Manager Reflected cross site scripting [CVE-2019-8084]low4.3---
144224Adobe Experience Manager cross site scripting [CVE-2019-8083]low4.3---
144223Adobe Experience Manager XML Data xml external entity referencemedium6.8---
144222Adobe Experience Manager improper authentication [CVE-2019-8081]low4.3---
144221NetApp Clustered Data ONTAP l2ping input validation [CVE-2019-5508]low5.0---
144220YouPHPTube Encoder getSpiritsFromVideo.php os command injectionmedium7.5---
144219YouPHPTube Encoder getImageMP4.php os command injectionmedium7.5---
144218YouPHPTube Encoder getImage.php os command injectionmedium7.5---
144217YouPHPTube pluginSwitch.json.php sql injectionmedium6.0---
144216YouPHPTube pluginSwitch.json.php sql injectionmedium6.0---
144215YouPHPTube pluginSwitch.json.php sql injectionmedium6.0---
144214YouPHPTube sql injection [CVE-2019-5120]medium6.0---
144213YouPHPTube sql injection [CVE-2019-5119]medium6.0---
144212YouPHPTube sql injection [CVE-2019-5117]medium6.0---
144211YouPHPTube sql injection [CVE-2019-5116]medium6.0---
144210YouPHPTube sql injection [CVE-2019-5114]medium6.0---
144209IBM Cloud Orchestrator cross site scripting [CVE-2019-4461]low6.0---
144208IBM Cloud Orchestrator path traversal [CVE-2019-4400]medium6.5---
144207IBM Cloud Orchestrator risky encryption [CVE-2019-4399]low2.6---
144206IBM Cloud Orchestrator cross site scripting [CVE-2019-4396]medium6.0---
144205IBM Cloud Orchestrator Temporary Script File information disclosurelow1.5---
144204IBM Cloud Orchestrator API Email input validationmedium4.1---
144203IBM Security Access Manager Appliance Reverse Proxy input validationlow5.0---
144202Foxit PhantomPDF DXF File out-of-bounds write [CVE-2019-17145]medium6.8---
144201Foxit PhantomPDF DWG File out-of-bounds write [CVE-2019-17144]medium6.8---
144200Foxit PhantomPDF DWG File use after free [CVE-2019-17143]low4.3---
144199Foxit PhantomPDF use after free [CVE-2019-17142]medium6.8---
144198Foxit PhantomPDF use after free [CVE-2019-17141]medium6.8---
144197Foxit PhantomPDF use after free [CVE-2019-17140]medium6.8---
144196Foxit PhantomPDF HTML2PDF Plugin out-of-bounds write [CVE-2019-17139]medium6.8---
144195Foxit Studio Photo JPEG Converter out-of-bounds read [CVE-2019-17138]low4.3---
1441943S-Smart CODESYS out-of-bounds write [CVE-2019-16265]medium6.8---
144193Repetier-Server XML Data RepetierServer.exe unrestricted uploadmedium6.8---
144192Rittal Chiller SK 3232 hard-coded credentials [CVE-2019-13553]medium6.8---
144191Rittal Chiller SK 3232 missing authentication [CVE-2019-13549]medium7.5---
144190IntelliSpace Perinatal Application Environment exposure of resourcemedium6.0---
144189IP-AK2 Access Control Panel Version Integrated Web Server missing authenticationlow4.3---
144182Google Chrome dial_registry.cc erase permission assignmentmedium6.8--medium
144181Milesight IP Security Camera shadow hard-coded credentialsmedium7.5---
144180Milesight IP Security Camera vb.htm improper authenticationmedium6.8---
144179Milesight IP Security Camera hard-coded credentials [CVE-2016-2358]medium7.5---
144178Milesight IP Security Camera SSL Private Key config hard-coded credentialsmedium7.5---
144177Milesight IP Security Camera Web Application buffer overflowmedium6.8---
144176Zend Framework Postgresql sql injection [CVE-2015-0270]medium6.8---
144175D-Link DIR-865L router_info.xml xml injectionmedium7.5---
144174D-Link DIR-865L bsc_lan.php information disclosurelow2.9---
144173D-Link DIR-865L SMB path traversal [CVE-2013-4855]medium5.4---
144172TP-LINK TL-WDR4300 cross-site request forgery [CVE-2013-4848]low4.3---
144171Linksys EA6500 SMB path traversal [CVE-2013-4658]medium7.5---
144170CoreHR Core Portal Stored cross site scripting [CVE-2019-18221]low4.3---
144169Microsoft Windows Master File Table PushIndexRoot Blue Screen denial of servicelow4.4---
144168Adobe Experience Manager Stored cross site scripting [CVE-2019-8080]low4.3---
144167Adobe Experience Manager Stored cross site scripting [CVE-2019-8079]low4.3---
144166Adobe Experience Manager Reflected cross site scripting [CVE-2019-8078]low4.3---
144165ClonOS Web Control Panel index.php cross site scriptinglow4.3---
144164ClonOS Web Control Panel Session Management clonos.php session fixiationmedium6.8---
144163SourceCodester Management System File Upload unrestricted uploadmedium6.5---
144162SourceCodester Management System Member cross site scriptinglow4.3---
144161SourceCodester Management System Send Message Screen cross site scriptinglow4.3---
144160SourceCodester Management System staff-exec.php cross-site request forgerylow4.3---
144159TypeStack class-validator validate sql injectionmedium6.8---
144158Google Go Certificate Verification Remote Code Execution [CVE-2019-17596]medium5.1---
144157Horde Groupware Webmail Edition Trean cross-site request forgerylow4.3---
144154Fortinet FortiClient DLL Loader uncontrolled search path [CVE-2019-6692]medium4.1---
144153Wacom Driver Helper Service stopLaunchDProcess privileges managementmedium6.6---
144152Wacom Driver Helper Service privileges management [CVE-2019-5012]medium6.6---
144151IBM Maximo Asset Management Web UI cross site scripting [CVE-2019-4486]low3.5---
144150IBM Cloud Orchestrator/Cloud Orchestrator Enterprise Web UI cross site scriptinglow3.5---
144149IBM Cloud Orchestrator/Cloud Orchestrator Enterprise Session Management Cookie missing encryptionlow1.5---
144148IBM Cloud Orchestrator/Cloud Orchestrator Enterprise information disclosurelow4.0---
144147ruby_parser-legacy Gem ruby_parser.rb permission assignment [CVE-2019-18409]medium4.1---
144146libarchive archive_read_support_format_rar.c use after freemedium6.8---
144145Ignite Realtime Openfire FaviconServlet.java server-side request forgerymedium7.5---
144144Ignite Realtime Openfire PluginServlet.java path traversalmedium7.5---
144143Fujitsu Wireless Keyboard Set LX390 GK381 missing encryptionlow1.2---
144142Fujitsu Wireless Keyboard Set LX390 GK381 injection [CVE-2019-18200]low3.7---
144141Fujitsu Wireless Keyboard Set LX390 GK381 authentication replaylow3.7---
144140TeamViewer DLL Loader untrusted search path [CVE-2019-18196]medium4.1---
144139tonyy dormsystem DOM-Based cross site scripting [CVE-2019-17581]low4.3---
144138Craft CMS Login Form password recovery [CVE-2019-15929]low5.0---
144137Fortinet FortiOS ECDSA PRNG entropylow2.6---
144136TP-LINK M7350 Trigger Port os command injection [CVE-2019-13653]medium7.5---
144135TP-LINK M7350 Service Name os command injection [CVE-2019-13652]medium7.5---
144134TP-LINK M7350 os command injection [CVE-2019-13651]medium7.5---
144133TP-LINK M7350 Internal Port os command injection [CVE-2019-13650]medium7.5---
144132TP-LINK M7350 External Port os command injection [CVE-2019-13649]medium7.5---
144131Horde Groupware Webmail Edition Tag Cloud cross site scriptinglow4.3---
144130MapR CLDB JSON Framework input validation [CVE-2019-12017]medium6.8---
144129Schlix CMS File Upload mediamanager unrestricted uploadmedium6.5---
144126Darktrace Enterprise Immune System config cross-site request forgerylow4.3---
144125Darktrace Enterprise Immune System whitelisteddomains cross-site request forgerylow4.3---
144124Adobe Acrobat Reader path traversal [CVE-2019-8238]low4.3---
144123Adobe Acrobat Reader Security Feature inadequate encryption [CVE-2019-8237]medium6.8---
144122Creative Cloud Desktop Application privileges management [CVE-2019-8236]medium7.5---
144121Forcepoint One Endpoint DLP/Web Protection authorization [CVE-2019-6144]medium6.0---
144120Tenable Nessus Scan Type Import input validation [CVE-2019-3982]low3.5---
144119SourceCodester Hotel/Lodge Management System Edit Page sql injectionmedium6.8---
144118TerraMaster FS-210 Log File log file [CVE-2019-18385]low5.0---
144117TerraMaster FS-210 permission assignment [CVE-2019-18384]low4.3---
144116TerraMaster FS-210 Backup File permission assignment [CVE-2019-18383]low5.0---
144115AVStar PE204 Service Port 23456 input validation [CVE-2019-18382]low4.3---
144114Xiaomi Mi WiFi R3G Nginx Alias account path traversalmedium6.8---
144113Xiaomi Mi WiFi R3G Backup File speedtest_urls.xml input validationmedium7.5---
144112MP3Gain apetag.c ReadMP3APETag memory corruptionmedium6.8---
144111Thycotic Secret Server cross site scripting [CVE-2019-18357]low4.3---
144110Thycotic Secret Server cross site scripting [CVE-2019-18356]low4.3---
144109Thycotic Secret Server Legacy Web Launcher server-side request forgerymedium7.5---
144108Ant Design Pro Reflected cross site scripting [CVE-2019-18350]low4.3---
144107Python urllib2 urllib.request.urlopen injectionmedium6.8---
144106SourceCodester Online Grading System sql injection [CVE-2019-18344]medium6.8---
144105Qt qtbase qtextengine.cpp generateDirectionalRuns memory corruptionlow5.0---
144104SourceCodester Online Grading System cross-site request forgerylow4.3---
144103VideoLAN VLC Media Player libqt vlc_entry_license__3_0_0f+0x00000000003b9aba memory corruptionmedium4.4---
144102HAProxy Legacy Mode input validation [CVE-2019-18277]medium6.8---
144101Red Hat XML Language Support LSPXMLParserConfiguration.java xml injectionmedium6.0---
144100Red Hat XML Language Server XMLLanguageService.java path traversalmedium6.5---
144099hexo-admin Plugin Post Editor Stored cross site scriptinglow4.3---
144098Avast/AVG Antivirus DLL Loader wbemcomn.dll untrusted search pathmedium4.1---
144097FusionPBX extension_imports.php Reflected cross site scriptinglow4.3---
144096FusionPBX destination_imports.php Reflected cross site scriptinglow4.3---
144095FusionPBX contact_notes.php Reflected cross site scriptinglow4.3---
144094WUSTL XNAT xml external entity reference [CVE-2019-14276]medium6.5---
144093Apache POI XSSFExportToXml xml external entity reference [CVE-2019-12415]medium6.8---
144092libpl_droidsonroids_gif memory corruption [CVE-2019-11933]medium6.8---
144091Cloud Foundry SMB Volume Log Credentials log filelow3.5---
144090Cloud Foundry UAA SCIM information disclosure [CVE-2019-11282]medium6.0---
144089Zulip Plugin Global Configuration Credentials insufficiently protected credentialslow1.9---
144088build-metrics Plugin Reflected cross site scripting [CVE-2019-10475]low4.3---
144087Global Post Script Plugin Permission Check default permissionlow3.5---
144086Libvirt Slaves Plugin Permission Check Credentials default permissionlow4.0---
144085Libvirt Slaves Plugin Permission Check Credentials default permissionlow4.0---
144084Libvirt Slaves Plugin cross-site request forgery [CVE-2019-10471]low4.3---
144083ElasticBox Jenkins Kubernetes CI-CD Plugin Permission Check Credentials default permissionlow4.0---
144082ElasticBox Jenkins Kubernetes CI-CD Plugin Permission Check default permissionlow3.5---
144081ElasticBox Jenkins Kubernetes CI-CD Plugin cross-site request forgerylow4.3---
144080Sonar Gerrit Plugin config.xml Credentials insufficiently protected credentialslow3.5---
144079360 FireLine Plugin xml external entity reference [CVE-2019-10466]medium6.5---
144078Jenkins Deploy WebLogic Plugin Permission Check default permissionlow4.0---
144077Deploy WebLogic Plugin cross-site request forgery [CVE-2019-10464]low4.3---
144076Dynatrace Application Monitoring Plugin Permission Check default permissionmedium6.0---
144075Dynatrace Application Monitoring Plugin cross-site request forgerylow4.3---
144074Dynatrace Application Monitoring Plugin Global Configuration Credentials insufficiently protected credentialslow1.9---
144073Bitbucket OAuth Plugin Configuration File config.xml Credentials insufficiently protected credentialslow1.9---
144072Mattermost Notification Plugin Global Configuration config.xml Credentials insufficiently protected credentialslow3.5---
144071Easy Digital Downloads Twenty-Twelve Theme cross site scriptinglow4.3---
144070Easy Digital Downloads Shoppette Theme cross site scripting [CVE-2015-9535]low4.3---
144069Easy Digital Downloads Quota Theme cross site scripting [CVE-2015-9534]low4.3---
144068Easy Digital Downloads Lattice Theme cross site scripting [CVE-2015-9533]low4.3---
144067Easy Digital Downloads Digital Store Theme cross site scriptinglow4.3---
144066Easy Digital Downloads Wish Lists Extension cross site scriptinglow4.3---
144065Easy Digital Downloads Upload File Extension cross site scriptinglow4.3---
144064Easy Digital Downloads Stripe Extension cross site scriptinglow4.3---
144063Easy Digital Downloads Software Licensing Extension cross site scriptinglow4.3---
144062Easy Digital Downloads Simple Shipping Extension cross site scriptinglow4.3---
144060Easy Digital Downloads Recurring Payments Extension cross site scriptinglow4.3---
144059Easy Digital Downloads Recount Earnings Extension cross site scriptinglow4.3---
144058Easy Digital Downloads Recommended Products extension cross site scriptinglow4.3---
144057Easy Digital Downloads QR Code Extension cross site scriptinglow4.3---
144056Easy Digital Downloads Pushover Notifications Extension cross site scriptinglow4.3---
144055Easy Digital Downloads Per Product Emails Extension cross site scriptinglow4.3---
144054Easy Digital Downloads PDF Stamper Extension cross site scriptinglow4.3---
144053Easy Digital Downloads PDF Invoices Extension cross site scriptinglow4.3---
144052Easy Digital Downloads Manual Purchases Extension cross site scriptinglow4.3---
144051Easy Digital Downloads Invoices Extension cross site scriptinglow4.3---
144050Easy Digital Downloads htaccess Editor Extension cross site scriptinglow4.3---
144049Easy Digital Downloads Free Downloads Extension cross site scriptinglow4.3---
144048Easy Digital Downloads Favorites Extension cross site scriptinglow4.3---
144047Easy Digital Downloads CSV Manager Extension cross site scriptinglow4.3---
144046Easy Digital Downloads Conditional Success Redirects Extension cross site scriptinglow4.3---
144045Easy Digital Downloads Cross-sell Upsell Extension cross site scriptinglow4.3---
144044Easy Digital Downloads Content Restriction Extension cross site scriptinglow4.3---
144043Easy Digital Downloads Commissions Extension cross site scriptinglow4.3---
144042Easy Digital Downloads Attach Accounts to Orders Extension cross site scriptinglow4.3---
144041Easy Digital Downloads Amazon S3 Extension cross site scriptinglow4.3---
144040Easy Digital Downloads Core cross site scripting [CVE-2015-9505]low4.3---
144039weeklynews Theme cross site scripting [CVE-2015-9504]low4.3---
144038Modern Theme example.html cross site scriptinglow4.3---
144037Auberge Theme example.html cross site scriptinglow4.3---
144036Open Floodlight SDN Controller Service input validation [CVE-2014-2304]low5.0---
144035Open Floodlight SDN Switch input validation [CVE-2013-7333]low4.3---
144034GNU gcc New Operator integer overflow [CVE-2002-2439]medium4.4---
144033Codemagic Sitemagic CMS upgrade.php cross site scriptinglow4.3---
144032Adobe Experience Manager Forms Reflected cross site scriptinglow4.3---
144031totemodata Folder Name cross site scripting [CVE-2019-17189]low3.5---
144030FusionPBX contact_edit.php Reflected cross site scriptinglow4.3---
144029FusionPBX contact_addresses.php Reflected cross site scriptinglow4.3---
144028FusionPBX messages_thread.php Reflected cross site scriptinglow4.3---
144027Loofah Gem cross site scripting [CVE-2019-15587]low3.5---
144026Artificial Intelligence Theme cross site scripting [CVE-2015-9501]low4.3---
144025Exquisite Ultimate Newspaper Theme jquery.foundation.plugins.js cross site scriptinglow4.3---
144024Showbiz Pro Plugin unrestricted upload [CVE-2015-9499]medium7.5---
144023wps-hide-login Plugin Option Save cross-site request forgerylow4.3---
144022ad-inserter Plugin cross-site request forgery [CVE-2015-9497]low4.3---
144021freshmail-newsletter Plugin shortcode.php sql injectionmedium6.0---
144020syndication-links Plugin example.html cross site scriptinglow4.3---
144019indieweb-post-kinds Plugin example.html cross site scriptinglow4.3---
144018my-wish-list Plugin cross site scripting [CVE-2015-9493]low4.3---
144017IBM DB2 High Performance Unload buffer overflow [CVE-2019-4523]medium6.6---
144016nipper-ng Firewall Configuration process-general.c processPrivilage out-of-bounds writemedium6.8---
144015Stephan Mooltipass Moolticute Access Control cleartext transmissionmedium6.8---
144014GNU Libidn2 Roudtrip Check input validation [CVE-2019-12290]medium7.5---
144013Sangoma Session Border Controller GA Web Interface Webconfig.inc.php improper authenticationmedium6.8---
144012Sangoma Session Border Controller GA Web Interface Webconfig.inc.php injectionmedium6.8---
144011Micro Focus Self Service Password Reset Certificate Validation certificate validationmedium6.8---
144010Apache Traffic Server HTTP2 input validation [CVE-2019-10079]low5.0---
144009AVM Fritz!Box 7490 PPPoE Packet Padding information disclosurelow2.9---
144008Codemagic Sitemagic CMS cross-site request forgery [CVE-2019-18220]low4.3---
144007Codemagic Sitemagic CMS index.php cross site scriptinglow4.3---
144006Trend Micro Anti-Threat Toolkit input validation [CVE-2019-9491]medium6.0---
144004Citrix Application Delivery Controller/Gateway Management Interface improper authenticationmedium6.8---
144003Ricoh MP 501 adrsSetUserWizard.cgi Stored cross site scriptinglow4.3---
144002Libssh2 packet.c integer overflowmedium6.8---
144001unoconv Package server-side request forgery [CVE-2019-17400]medium7.5---
144000Rocket.Chat cross site scriptinglow4.3---
143999FusionPBX contact_times.php Reflected cross site scriptinglow4.3---
143998FusionPBX sip_status.php Reflected cross site scriptinglow4.3---
143997FusionPBX fifo_interactive.php Reflected cross site scriptinglow4.3---
143996FusionPBX conference_control_details.php Reflected cross site scriptinglow4.3---
143995FreePBX Manager form.php Reflected cross site scriptinglow4.3---
143994Contactmanager Contactmanager.class.php Reflected cross site scriptinglow4.3---
143993FusionPBX cmd.php injectionmedium6.5---
143992FusionPBX Call Center Queue Module cmd.php injectionmedium6.5---
143991OpenEMR eye_base.php sql injectionmedium6.0---
143989GNU Libidn2 lookup.c idn2_to_ascii_4i out-of-bounds writemedium6.8---
143988FusionPBX filedelete.php Reflected cross site scriptinglow4.3---
143987FusionPBX conference_interactive.php Reflected cross site scriptinglow4.3---
143986FusionPBX content.php Reflected cross site scriptinglow4.3---
143985FusionPBX contact_import.php Reflected cross site scriptinglow4.3---
143984FusionPBX download.php path traversallow4.0---
143983FusionPBX URL xml_cdr_delete.php path traversallow5.5---
143982FusionPBX recording_play.php Reflected cross site scriptinglow4.3---
143981FusionPBX paging.php paging Reflected cross site scriptinglow4.3---
143980FusionPBX access_control_nodes.php Reflected cross site scriptinglow4.3---
143979FusionPBX conference_profile_params.php Reflected cross site scriptinglow4.3---
143978FusionPBX music_on_hold.php path traversallow4.0---
143977FusionPBX call_broadcast_edit.php sql injectionmedium6.0---
143976FusionPBX contact_urls.php Reflected cross site scriptinglow4.3---
143975FusionPBX device_settings.php Reflected cross site scriptinglow4.3---
143974Sonatype Nexus Repository Manager/IQ Server unrestricted uploadmedium6.5---
143973File cdf.c cdf_read_property_info out-of-bounds writemedium6.8---
143972ProFTPD Command main.c infinite looplow4.3---
143971OpenEMR view.php Reflected cross site scriptinglow4.3---
143970OpenEMR view.php Reflected cross site scriptinglow4.3---
143969Verodin Director JSON REST API integrations.json Credentials insufficiently protected credentialslow4.0---
143968Verodin Director Stored cross site scripting [CVE-2019-10715]low3.5---
143967Asus ROG Zephyrus M GM501GS Battery input validation [CVE-2019-18216]medium4.4---
143966Video_Converter App FFmpeg release of resource [CVE-2019-18214]low4.0---
143965Etherpad-Lite URL pad.html cross site scriptinglow4.3---
143964WAGO PFC100/PFC200 Access Control external reference [CVE-2019-18202]low5.0---
143963Adobe Download Manager permission assignment [CVE-2019-8071]medium6.8---
143962HCL Traveler Problem Report Page cross site scripting [CVE-2019-4409]low3.5---
143961Linux Kernel fib6_rules.c fib6_rule_suppress release of resourcemedium4.1---
143960libxslt transform.c xsltCopyText use after freemedium6.8---
143959SageMath Sage Cell Server Python __import__('os').popen('whoami').read os command injectionmedium6.8---
143958Tomedo Server Vendor Communication insufficiently protected credentialslow2.6---
143957OpenWRT radio0.network1 cross-site request forgerylow4.3---
143956broken-link-checker table-printer.php Reflected cross site scriptinglow3.5---
143955Harbor API Access Control default permission [CVE-2019-16919]medium6.0---
143954slicer69 doas input validation [CVE-2019-15901]medium6.5---
143953slicer69 doas sscanf use of uninitialized resourcehigh9.3---
143952Horner Automation Cscape out-of-bounds write [CVE-2019-13545]medium6.8---
143951Horner Automation Cscape input validation [CVE-2019-13541]medium6.8---
143950ajenti API privileges managementmedium6.0---
143949Podman / Varlink API privileges managementmedium6.0---
143948Adobe Acrobat Reader null pointer dereference [CVE-2019-8205]medium6.8---
143947Adobe Acrobat Reader null pointer dereference [CVE-2019-8196]medium6.8---
143946Adobe Acrobat Reader null pointer dereference [CVE-2019-8195]medium6.8---
143945Adobe Acrobat Reader null pointer dereference [CVE-2019-8174]medium6.8---
143944Adobe Acrobat Reader type conversion [CVE-2019-8200]medium6.8---
143943Adobe Acrobat Reader type conversion [CVE-2019-8169]medium6.8---
143942Adobe Acrobat Reader type conversion [CVE-2019-8167]medium6.8---
143941Adobe Acrobat Reader type conversion [CVE-2019-8161]medium6.8---
143940Adobe Acrobat Reader information disclosure [CVE-2019-8226]low4.3---
143939Adobe Acrobat Reader race condition [CVE-2019-8162]medium6.8---
143938Adobe Acrobat Reader cross site scripting [CVE-2019-8160]low4.3---
143937Adobe Acrobat Reader memory corruption [CVE-2019-8166]medium6.8---
143936Adobe Acrobat Reader memory corruption [CVE-2019-8197]medium6.8---
143935Adobe Acrobat Reader memory corruption [CVE-2019-8183]medium6.8---
143934Adobe Acrobat Reader memory corruption [CVE-2019-8170]medium6.8---
143933Adobe Acrobat Reader use after free [CVE-2019-8225]medium6.8---
143932Adobe Acrobat Reader use after free [CVE-2019-8224]medium6.8---
143931Adobe Acrobat Reader use after free [CVE-2019-8223]medium6.8---
143930Adobe Acrobat Reader use after free [CVE-2019-8221]medium6.8---
143929Adobe Acrobat Reader use after free [CVE-2019-8220]medium6.8---
143928Adobe Acrobat Reader use after free [CVE-2019-8219]medium6.8---
143927Adobe Acrobat Reader use after free [CVE-2019-8217]medium6.8---
143926Adobe Acrobat Reader use after free [CVE-2019-8215]medium6.8---
143925Adobe Acrobat Reader use after free [CVE-2019-8214]medium6.8---
143924Adobe Acrobat Reader use after free [CVE-2019-8213]medium6.8---
143923Adobe Acrobat Reader use after free [CVE-2019-8212]medium6.8---
143922Adobe Acrobat Reader use after free [CVE-2019-8211]medium6.8---
143921Adobe Acrobat Reader use after free [CVE-2019-8210]medium6.8---
143920Adobe Acrobat Reader use after free [CVE-2019-8209]medium6.8---
143919Adobe Acrobat Reader use after free [CVE-2019-8208]medium6.8---
143918Adobe Acrobat Reader use after free [CVE-2019-8203]medium6.8---
143917Adobe Acrobat Reader use after free [CVE-2019-8192]medium6.8---
143916Adobe Acrobat Reader use after free [CVE-2019-8188]medium6.8---
143915Adobe Acrobat Reader use after free [CVE-2019-8187]medium6.8---
143914Adobe Acrobat Reader use after free [CVE-2019-8181]medium6.8---
143913Adobe Acrobat Reader use after free [CVE-2019-8180]medium6.8---
143912Adobe Acrobat Reader use after free [CVE-2019-8179]medium6.8---
143911Adobe Acrobat Reader use after free [CVE-2019-8178]medium6.8---
143910Adobe Acrobat Reader use after free [CVE-2019-8177]medium6.8---
143909Adobe Acrobat Reader use after free [CVE-2019-8176]medium6.8---
143908Adobe Acrobat Reader use after free [CVE-2019-8175]medium6.8---
143907Adobe Acrobat Reader out-of-bounds write [CVE-2019-8206]medium6.8---
143906Adobe Acrobat Reader out-of-bounds write [CVE-2019-8199]medium6.8---
143905Adobe Acrobat Reader out-of-bounds write [CVE-2019-8191]medium6.8---
143904Adobe Acrobat Reader out-of-bounds write [CVE-2019-8165]medium6.8---
143903Adobe Acrobat Reader out-of-bounds write [CVE-2019-8186]medium6.8---
143902Adobe Acrobat Reader out-of-bounds write [CVE-2019-8171]medium6.8---
143901Adobe Acrobat Reader out-of-bounds read [CVE-2019-8222]low4.3---
143900Adobe Acrobat Reader out-of-bounds read [CVE-2019-8218]low4.3---
143899Adobe Acrobat Reader out-of-bounds read [CVE-2019-8216]low4.3---
143898Adobe Acrobat Reader out-of-bounds read [CVE-2019-8207]low4.3---
143897Adobe Acrobat Reader out-of-bounds read [CVE-2019-8204]low4.3---
143896Adobe Acrobat Reader out-of-bounds read [CVE-2019-8202]low4.3---
143895Adobe Acrobat Reader out-of-bounds read [CVE-2019-8201]low4.3---
143894Adobe Acrobat Reader out-of-bounds read [CVE-2019-8198]low4.3---
143893Adobe Acrobat Reader out-of-bounds read [CVE-2019-8194]low4.3---
143892Adobe Acrobat Reader out-of-bounds read [CVE-2019-8193]low4.3---
143891Adobe Acrobat Reader out-of-bounds read [CVE-2019-8190]low4.3---
143890Adobe Acrobat Reader out-of-bounds read [CVE-2019-8163]low4.3---
143889Adobe Acrobat Reader out-of-bounds read [CVE-2019-8189]low4.3---
143888Adobe Acrobat Reader out-of-bounds read [CVE-2019-8185]low4.3---
143887Adobe Acrobat Reader out-of-bounds read [CVE-2019-8184]low4.3---
143886Adobe Acrobat Reader out-of-bounds read [CVE-2019-8182]low4.3---
143885Adobe Acrobat Reader out-of-bounds read [CVE-2019-8064]low4.3---
143884Adobe Acrobat Reader out-of-bounds read [CVE-2019-8173]low4.3---
143883Adobe Acrobat Reader out-of-bounds read [CVE-2019-8172]low4.3---
143882Adobe Acrobat Reader out-of-bounds read [CVE-2019-8168]low4.3---
143881Adobe Acrobat Reader out-of-bounds read [CVE-2019-8164]low4.3---
143880ISC BIND QNAME assertion [CVE-2019-6476]low2.6---
143879ISC BIND Mirror Zone input validation [CVE-2019-6475]low2.6---
143878GNU Guix permission assignment [CVE-2019-18192]medium4.1---
143877Eclipse OpenJ9 Privilege Check permission assignment [CVE-2019-17631]medium7.5---
143876Ratpack Netty Library DefaultHttpHeaders input validationmedium7.5---
143875WiKID 2FA Enterprise Server adm_usrs.jsp Reflected cross site scriptinglow4.3---
143874WiKID 2FA Enterprise Server Logs.jsp sql injectionmedium6.0---
143873WiKID 2FA Enterprise Server cross-site request forgery [CVE-2019-17118]low3.5---
143872WiKID 2FA Enterprise Server processPref.jsp sql injectionmedium6.0---
143871WiKID 2FA Enterprise Server groups.jsp Reflected cross site scriptinglow4.3---
143870WiKID 2FA Enterprise Server cross site scripting [CVE-2019-17115]low4.3---
143869WiKID 2FA Enterprise Server userPreregistration.jsp Reflected cross site scriptinglow4.3---
143868WiKID 2FA Enterprise Server searchDevices.jsp buildSearchWhereClause sql injectionmedium6.0---
143867NCH Express Accounts Accounting Persistent cross site scriptinglow3.5---
143866eQ-3 Homematic CCU3 ReGa.runScript input validationmedium6.0---
143865eQ-3 Homematic CCU3 session fixiation [CVE-2019-15849]medium6.8---
143864Trend Micro Deep Security Agent input validation [CVE-2019-15627]medium4.1---
143863Trend Micro Deep Security Manager application LDAP information disclosurelow2.6---
143862HiNet GPON Service Port 6998 input validation [CVE-2019-15066]high9.3---
143861HiNet GPON Service Port 6998 information disclosure [CVE-2019-15065]medium6.8---
143860HiNet GPON improper authentication [CVE-2019-15064]medium6.8---
143859eQ-3 Homematic CCU2 CUx-Daemon information disclosure [CVE-2019-14424]low3.5---
143858eQ-3 Homematic CCU2 CUx-Daemon code injection [CVE-2019-14423]medium8.5---
143857CA Performance Management hard-coded credentials [CVE-2019-13657]medium6.8---
143856HiNet GPON Service Port 3097 information disclosure [CVE-2019-13412]medium6.8---
143855HiNet GPON Service Port 3097 input validation [CVE-2019-13411]high9.3---
143854TOPMeeting Front End Page information disclosure [CVE-2019-13410]low5.0---
143853TOPMeeting Union sql injection [CVE-2019-13409]medium6.8---
143852BitDefender BOX miniupnpd allocation of resources [CVE-2019-12611]low2.1---
143851Pivotal Reactor Netty Header Credentials insufficiently protected credentialslow4.3---
143850Kubernetes API Server input validation [CVE-2019-11253]low5.0---
143849Sequelize JSON Query sequelize.json sql injectionmedium6.8---
143848Kea DHCP input validation [CVE-2019-6474]low2.9---
143847Kea DHCPv4 assertion [CVE-2019-6473]low3.3---
143846Kea DHCPv6 DUID assertion [CVE-2019-6472]low3.3---
143845MetInfo index.class.php doSaveSetup cross-site request forgerylow4.3---
143844WordPress Admin Pages type confusion [CVE-2019-17675]low4.3---
143843WordPress Customizer Stored cross site scriptinglow3.5---
143842WordPress Cache input validation [CVE-2019-17673]medium7.5---
143841WordPress Style Element Stored cross site scriptinglow4.3---
143840WordPress Static Query information disclosure [CVE-2019-17671]low4.3---
143839WordPress URL server-side request forgery [CVE-2019-17670]medium7.5---
143838WordPress URL server-side request forgery [CVE-2019-17669]medium7.5---
143837Samsung Galaxy S10/Note 10 Fingerprint input validation [CVE-2019-17668]medium4.4---
143836Comtech H8 Heights Remote Gateway cross site scripting [CVE-2019-17667]low3.5---
143835Linux Kernel ps.c rtl_p2p_noa_ie buffer overflowmedium5.4---
143834NSA Ghidra jansi.dll untrusted search path [CVE-2019-17665]medium4.1---
143833NSA Ghidra Python Interpreter untrusted search path [CVE-2019-17664]medium4.1---
143832D-Link DIR-866L Common Gateway Interface HtmlResponseMessage cross site scriptinglow4.3---
143831ThinVNC path traversal [CVE-2019-17662]medium5.0---
143830LimeSurvey translateheader_view.php cross site scriptinglow4.3---
143829HongCMS index.php cross site scriptinglow4.3---
143828HongCMS index.php cross site scriptinglow4.3---
143827HongCMS index.php cross site scriptinglow4.3---
143826HongCMS index.php cross site scriptinglow4.3---
143825HongCMS index.php cross site scriptinglow4.3---
143824Dolibarr Outgoing Email Setup cross site scripting [CVE-2019-17578]low3.5---
143823Dolibarr Outgoing Email Setup cross site scripting [CVE-2019-17577]low3.5---
143822Dolibarr Outgoing Email Setup cross site scripting [CVE-2019-17576]low3.5---
143821D-Link DIR-412 log_clear.php improper authenticationmedium6.8---
143820Palo Alto GlobalProtect Agent privileges management [CVE-2019-17436]medium6.6---
143819Palo Alto GlobalProtect Agent MSI Installer privileges managementmedium4.1---
143818slub_events Extension Event Registration unrestricted uploadmedium6.8---
143817sr_freecap Extension input validation [CVE-2019-16699]medium7.5---
143816direct_mail Extension Access Check information disclosure [CVE-2019-16698]medium6.5---
143815url_redirect Extension sql injection [CVE-2019-16682]medium6.8---
143814Cisco TelePresence Collaboration Endpoint CLI root default permissionmedium4.1---
143813Cisco Identity Services Engine Web-based Management Interface missing authenticationlow4.3---
143812Cisco Identity Services Engine Web-based Management Interface Stored cross site scriptinglow3.5---
143811Cisco FirePOWER Management Center Web-based Management Interface Stored cross site scriptinglow3.5---
143810Cisco TelePresence Collaboration Endpoint Privileges privileges managementmedium6.6---
143809Cisco TelePresence Collaboration Endpoint CLI privileges managementlow4.1---
143808Cisco TelePresence Collaboration Endpoint CLI os command injectionmedium4.1---
143807Cisco TelePresence Collaboration Endpoint CLI privileges managementmedium3.0---
143806Cisco FirePOWER Management Center Web-based Management Interface cross site scriptinglow4.3---
143805Cisco FirePOWER Management Center Web-based Management Interface cross site scriptinglow3.5---
143804Cisco FirePOWER Management Center Web-based Management Interface cross site scriptinglow3.5---
143803Cisco Wireless LAN Controller CLI path traversal [CVE-2019-15266]low1.5---
143802Cisco Aironet Access Point BPDU Forwarding handler input validationlow2.9---
143801Cisco Aironet Access Point/Catalyst 9100 Access Point Control/Provisioning resource consumptionlow2.9---
143800Cisco Wireless LAN Controller SSH Session Management input validationlow4.3---
143799Cisco Aironet Access Point PPTP VPN input validation [CVE-2019-15261]low4.3---
143798Cisco Aironet Access Point URL privileges management [CVE-2019-15260]medium6.8---
143797Cisco SPA100 ATA Web-based Management Interface input validationlow3.5---
143796Cisco SPA100 ATA Web-based Management Interface information disclosurelow3.5---
143795Cisco SPA100 ATA Web-based Management Interface memory corruptionmedium4.9---
143794Cisco SPA100 ATA Web-based Management Interface memory corruptionmedium4.9---
143793Cisco SPA100 ATA Web-based Management Interface memory corruptionmedium4.9---
143792Cisco SPA100 ATA Web-based Management Interface memory corruptionmedium4.9---
143791Cisco SPA100 ATA Web-based Management Interface memory corruptionmedium4.9---
143790Cisco SPA100 ATA Web-based Management Interface memory corruptionmedium4.9---
143789Cisco SPA100 ATA Web-based Management Interface memory corruptionmedium4.9---
143788Cisco SPA100 ATA Web-based Management Interface memory corruptionmedium4.9---
143787Cisco SPA100 ATA Web-based Management Interface memory corruptionmedium4.9---
143786Cisco SPA100 ATA Web-based Management Interface memory corruptionmedium4.9---
143785Cisco SPA100 ATA Web-based Management Interface memory corruptionmedium4.9---
143784Cisco SPA100 ATA Web-based Management Interface memory corruptionmedium4.9---
143783Cisco SPA100 ATA Web-based Management Interface memory corruptionmedium4.9---
143782MuleSoft Mule Runtime Engine Apache Commons Collections deserializationmedium6.8---
143781Cisco Small Business Switch/Managed Switch Web-based Interface cross site scriptinglow4.3---
143780Cisco SPA100 ATA Web-based Management Interface information disclosurelow3.5---
143779Cisco TelePresence Video Communication Server Web-based Management Interface cross site scriptinglow4.3---
143778Cisco SPA100 ATA Web-based Management Interface information disclosurelow3.5---
143777Cisco SPA122 ATA Web-based Management Interface cross site scriptinglow2.9---
143776Cisco SPA100 ATA Web-based Management Interface cross site scriptinglow3.5---
143775Cisco Identity Services Engine Web-based Management Interface cross site scriptinglow3.5---
143774Cisco Identity Services Engine Web-based Management Interface Stored cross site scriptinglow3.5---
143773Cisco Small Business Smart Switch/Managed Switch Web-based Management Interface cross-site request forgerylow4.3---
143772Pivotal RabbitMQ Host Limits Page/Federation Management UI cross site scriptinglow3.5---
143771Oracle VM VirtualBox denial of service [CVE-2019-2926]low1.3---
143770Oracle VM VirtualBox missing encryption [CVE-2019-1547]medium1.0---
143769Oracle VM VirtualBox information disclosure [CVE-2019-3031]medium1.3---
143768Oracle VM VirtualBox denial of service [CVE-2019-3005]medium1.3---
143767Oracle VM VirtualBox denial of service [CVE-2019-3002]medium1.3---
143766Oracle VM VirtualBox denial of service [CVE-2019-2984]medium1.3---
143765Oracle VM VirtualBox denial of service [CVE-2019-3021]medium1.5---
143764Oracle VM VirtualBox information disclosure [CVE-2019-3026]medium1.5---
143763Oracle VM VirtualBox denial of service [CVE-2019-2944]medium5.3---
143762Oracle VM VirtualBox Local Privilege Escalation [CVE-2019-3017]medium6.3---
143761Oracle VM VirtualBox Local Privilege Escalation [CVE-2019-3028]medium6.6---
143760Oracle Clusterware TFA Collectorjackson-databind information disclosuremedium2.6---
143759Oracle Diagnostic Assistant jQuery cross site scripting [CVE-2019-11358]medium4.3---
143758Oracle Agile Product Lifecycle Management for Process jQuery cross site scriptingmedium4.3---
143757Oracle Agile PLM Apache Tomcat input validation [CVE-2019-0232]medium7.6---
143756Oracle Agile Recipe Management for Pharmaceuticals Apache Groovy deserializationhigh9.3---
143755Oracle Solaris LDAP Library denial of service [CVE-2019-3008]low0.8---
143754Oracle Solaris SMF services / legacy daemons denial of servicelow2.4---
143753Oracle Solaris Filesystem denial of service [CVE-2019-2765]medium3.5---
143752Oracle Fujitsu M10-1 NSS cryptographic issues [CVE-2018-12404]medium2.6---
143751Oracle Fujitsu M10-1 USB Driver out-of-bounds write [CVE-2017-17558]medium6.6---
143750Oracle Fujitsu M10-1 OpenSSH access control [CVE-2019-6109]medium2.6---
143749Oracle Fujitsu M10-1 OpenSSL key management [CVE-2018-0732]medium4.3---
143748Oracle Fujitsu M10-1 Net SNMP null pointer dereference [CVE-2018-18066]medium4.3---
143747Oracle Fujitsu M10-1 NTP input validation [CVE-2018-7185]medium4.3---
143746Oracle Fujitsu M10-1 glibc null pointer dereference [CVE-2015-5180]medium4.3---
143745Oracle Solaris XScreenSaver Local Privilege Escalation [CVE-2019-3010]medium6.6---
143744Oracle Fujitsu M10-1 cURL information disclosure [CVE-2018-1000007]high9.3---
143743Oracle Siebel UI Framework EAI information disclosure [CVE-2019-2935]medium4.3---
143742Oracle Siebel UI Framework Apache Tomcat race condition [CVE-2018-8037]medium2.6---
143741Oracle Siebel Mobile Applications jQuery cross site scriptingmedium4.3---
143740Oracle Siebel Core - DB Deployment/Configuration Install Configuration information disclosuremedium4.3---
143739Oracle Retail Xstore Point of Service Point of Sale information disclosurelow0.8---
143738Oracle Retail Customer Management/Segmentation Foundation Segment authorizationmedium3.5---
143737Oracle Retail Xstore Point of Service jackson-databind information disclosuremedium4.3---
143736Oracle Retail Xstore Office Internal Operations information disclosuremedium3.5---
143735Oracle Retail Customer Management/Segmentation Foundation Segment information disclosuremedium2.6---
143734Oracle MICROS Relate CRM Software Internal Operations information disclosuremedium2.6---
143733Oracle Retail Customer Insights jQuery cross site scripting [CVE-2019-11358]medium4.3---
143732Oracle Retail Xstore Point of Service jackson-databind information disclosuremedium4.3---
143731Oracle Retail Integration Bus Spring Framework denial of servicemedium4.3---
143730Oracle MICROS Relate CRM Software Apache Tomcat input validationmedium7.6---
143729Oracle Retail Xstore Point of Service jackson-databind input validationhigh9.3---
143728Oracle MICROS Retail XBRi Loss Prevention jackson-databind deserializationhigh9.3---
143727Oracle Policy Automation for Mobile Devices jQuery cross site scriptingmedium4.3---
143726Oracle Policy Automation Connector for Siebel jQuery cross site scriptingmedium4.3---
143725Oracle Policy Automation jQuery cross site scripting [CVE-2019-11358]medium4.3---
143724Oracle Policy Automation Connector for Siebel Apache Axis server-side request forgerymedium6.8---
143723Oracle PeopleSoft Enterprise PeopleTools Integration Broker information disclosuremedium3.5---
143722Oracle PeopleSoft Enterprise HCM Human Resources US Federal Specific information disclosuremedium3.5---
143721Oracle PeopleSoft Enterprise PeopleTools Stylesheet unknown vulnerabilitymedium4.3---
143720Oracle PeopleSoft Enterprise SCM eProcurement information disclosuremedium4.3---
143719Oracle PeopleSoft Enterprise PeopleTools jQuery cross site scriptingmedium4.3---
143718Oracle PeopleSoft Enterprise PeopleTools Portal information disclosuremedium4.3---
143717Oracle PeopleSoft Enterprise PeopleTools Portal information disclosuremedium4.3---
143716Oracle PeopleSoft Enterprise PeopleTools Performance Monitor information disclosuremedium4.3---
143715Oracle PeopleSoft Enterprise PeopleTools Fluid Core information disclosuremedium4.3---
143714Oracle PeopleSoft Enterprise PeopleTools Fluid Core information disclosuremedium4.3---
143713Oracle PeopleSoft Enterprise PeopleTools Tree Manager information disclosuremedium3.5---
143712Oracle PeopleSoft Enterprise PeopleTools libssh2 out-of-bounds readhigh8.8---
143711Oracle PeopleSoft Enterprise PeopleTools Apache Xerces memory corruptionhigh9.3---
143710Oracle MySQL Server Information Schema information disclosurelow2.8---
143709Oracle MySQL Server Encryption information disclosure [CVE-2019-2910]low2.6---
143708Oracle MySQL Server Connection denial of service [CVE-2019-3009]medium1.7---
143707Oracle MySQL Server InnoDB input validation [CVE-2019-3018]medium1.7---
143706Oracle MySQL Server InnoDB input validation [CVE-2019-2938]medium1.7---
143705Oracle MySQL Server Encryption denial of service [CVE-2019-2957]medium2.8---
143704Oracle MySQL Server Replication denial of service [CVE-2019-2960]medium2.8---
143703Oracle MySQL Server Optimizer denial of service [CVE-2019-2998]medium2.8---
143702Oracle MySQL Server Optimizer denial of service [CVE-2019-2982]medium2.8---
143701Oracle MySQL Server Optimizer denial of service [CVE-2019-2950]medium2.8---
IDTitleVulDBCVSSSecuniaXForceNessus
143700Oracle MySQL Server Optimizer denial of service [CVE-2019-2948]medium2.8---
143699Oracle MySQL Server DDL denial of service [CVE-2019-2997]medium2.8---
143698Oracle MySQL Server InnoDB denial of service [CVE-2019-3003]medium2.8---
143697Oracle MySQL Server InnoDB denial of service [CVE-2019-2968]medium2.8---
143696Oracle MySQL Server InnoDB denial of service [CVE-2019-2963]medium2.8---
143695Oracle MySQL Workbench OpenSSL random values [CVE-2019-1549]medium4.3---
143694Oracle MySQL Server Encryption information disclosure [CVE-2019-2924]medium4.3---
143693Oracle MySQL Server Encryption information disclosure [CVE-2019-2923]medium4.3---
143692Oracle MySQL Server Encryption information disclosure [CVE-2019-2922]medium4.3---
143691Oracle MySQL Server C API denial of service [CVE-2019-2993]medium2.1---
143690Oracle MySQL Connectors Connector/ODBC authorization [CVE-2019-2920]medium4.3---
143689Oracle MySQL Server Optimizer denial of service [CVE-2019-2991]medium6.4---
143688Oracle MySQL Server Client programs information disclosure [CVE-2019-2969]medium1.9---
143687Oracle MySQL Server Encryption denial of service [CVE-2019-2914]medium3.5---
143686Oracle MySQL Server Parser denial of service [CVE-2019-3004]medium3.5---
143685Oracle MySQL Server PS denial of service [CVE-2019-2946]medium3.5---
143684Oracle MySQL Server Optimizer denial of service [CVE-2019-2974]medium3.5---
143683Oracle MySQL Server Optimizer denial of service [CVE-2019-2967]medium3.5---
143682Oracle MySQL Server Optimizer denial of service [CVE-2019-2966]medium3.5---
143681Oracle MySQL Server C API denial of service [CVE-2019-3011]medium3.5---
143680Oracle MySQL Connectors OpenSSL cryptographic issues [CVE-2019-1543]medium2.6---
143679Oracle MySQL Enterprise Monitor Apache Tomcat resource consumptionmedium4.3---
143678Oracle MySQL Server cURL code injection [CVE-2019-5443]medium6.6---
143677Oracle MySQL Workbench SQLite out-of-bounds read [CVE-2019-8457]high9.3---
143676Oracle JD Edwards EnterpriseOne Tools Log4j deserialization [CVE-2017-5645]high9.3---
143675Oracle Java SE Networking denial of service [CVE-2019-2945]low2.6---
143674Oracle Java SE Libraries information disclosure [CVE-2019-2933]low2.6---
143673Oracle Java SE Serialization denial of service [CVE-2019-2983]low2.6---
143672Oracle Java SE Security information disclosure [CVE-2019-2894]low2.6---
143671Oracle Java SE Networking denial of service [CVE-2019-2978]low2.6---
143670Oracle Java SE JAXP denial of service [CVE-2019-2981]low2.6---
143669Oracle Java SE JAXP denial of service [CVE-2019-2973]low2.6---
143668Oracle Java SE Concurrency denial of service [CVE-2019-2964]low2.6---
143667Oracle Java SE 2D denial of service [CVE-2019-2992]low2.6---
143666Oracle Java SE Apache Xerces denial of service [CVE-2019-2988]low2.6---
143665Oracle Java SE OpenSSL denial of service [CVE-2019-2962]low2.6---
143664Oracle Java SE OpenSSL denial of service [CVE-2019-2987]low2.6---
143663Oracle Java SE Apache Tomcat information disclosure [CVE-2019-2996]medium2.6---
143662Oracle Java SE Javadoc information disclosure [CVE-2019-2999]medium2.6---
143661Oracle Java SE SQLite denial of service [CVE-2019-2975]medium4.0---
143660Oracle Java SE Log4j denial of service [CVE-2019-2977]medium4.0---
143659Oracle Java SE libxslt access control [CVE-2019-11068]medium5.1---
143658Oracle Java SE Apache Xerces unknown vulnerability [CVE-2019-2958]medium5.4---
143657Oracle Java SE OpenSSL unknown vulnerability [CVE-2019-2989]medium5.4---
143656Oracle Java SE Kerberos information disclosure [CVE-2019-2949]medium2.6---
143655Oracle Hyperion Enterprise Performance Management Architect Apache Tomcat information disclosurelow1.7---
143654Oracle Hyperion Financial Reporting cURL unknown vulnerabilitymedium4.6---
143653Oracle Hyperion Data Relationship Management SQLite Remote Privilege Escalationmedium6.8---
143652Oracle Hospitality Guest Access Eclipse Jetty information disclosuremedium4.3---
143651Oracle Hospitality Cruise Dining Room Management libxslt information disclosuremedium3.5---
143650Oracle Hospitality Guest Access Apache Axis server-side request forgerymedium6.8---
143649Oracle Healthcare Translational Research jQuery cross site scriptingmedium4.3---
143648Oracle Healthcare Foundation jQuery cross site scripting [CVE-2019-11358]medium4.3---
143647Oracle GraalVM Enterprise Edition jQuery unknown vulnerabilitymedium5.4---
143646Oracle GraalVM Enterprise Edition Node.js resource consumptionmedium4.3---
143645Oracle GraalVM Enterprise Edition LLVM Interpreter denial of servicemedium3.5---
143644Oracle JDeveloper/ADF OAM information disclosure [CVE-2019-2899]low2.8---
143643Oracle WebLogic Server Web Services information disclosure [CVE-2019-2887]medium3.5---
143642Oracle BI Publisher BI Publisher Security information disclosuremedium3.5---
143641Oracle WebLogic Server TFA Collectorjackson-databind information disclosuremedium4.3---
143640Oracle Business Intelligence Enterprise Edition jQuery information disclosuremedium4.3---
143639Oracle Business Intelligence Enterprise Edition OpenSSL information disclosuremedium2.6---
143638Oracle API Gateway OpenSSL information disclosure [CVE-2019-1559]medium2.6---
143637Oracle WebLogic Server jQuery cross site scripting [CVE-2015-9251]medium4.3---
143636Oracle WebLogic Server JavaServer Faces cross site scriptingmedium4.3---
143635Oracle WebLogic Server jQuery cross site scripting [CVE-2019-11358]medium4.3---
143634Oracle WebLogic Server OpenSSH information disclosure [CVE-2019-2889]medium4.3---
143633Oracle WebLogic Server jQuery cross site scripting [CVE-2019-11358]medium4.3---
143632Oracle Service Bus jQuery cross site scripting [CVE-2019-11358]medium4.3---
143631Oracle JDeveloper/ADF jQuery cross site scripting [CVE-2019-11358]medium4.3---
143630Oracle Forms glibc information disclosure [CVE-2019-2886]medium4.3---
143629Oracle Business Intelligence Enterprise Edition JQuery cross site scriptingmedium4.3---
143628Oracle Business Intelligence Enterprise Edition Apache Tomcat information disclosuremedium3.5---
143627Oracle Data Integrator jQuery information disclosure [CVE-2019-2943]medium3.5---
143626Oracle WebLogic Server jackson-databind Remote Privilege Escalationmedium7.9---
143625Oracle Web Services jQuery information disclosure [CVE-2019-2907]medium4.3---
143624Oracle SOA Suite Apache Commons FileUpload access control [CVE-2016-1000031]medium6.8---
143623Oracle Outside In Technology Spring Framework denial of servicemedium6.8---
143622Oracle Outside In Technology Apache Tomcat denial of servicemedium6.8---
143621Oracle Outside In Technology jackson-databind denial of servicemedium6.8---
143620Oracle Outside In Technology jackson-databind denial of servicemedium6.8---
143619Oracle Outside In Technology jQuery denial of service [CVE-2019-2901]medium6.8---
143618Oracle Outside In Technology jQuery denial of service [CVE-2019-2970]medium6.8---
143617Oracle WebCenter Portal jackson-databind information disclosuremedium4.3---
143616Oracle GoldenGate Application Adapters Spring Framework denial of servicemedium4.3---
143615Oracle Enterprise Repository Apache POI infinite loop [CVE-2017-12626]medium4.3---
143614Oracle Enterprise Repository Apache Camel xml external entity referencemedium4.3---
143613Oracle Business Intelligence Enterprise Edition Apache Xerces information disclosuremedium4.3---
143612Oracle WebLogic Server OpenSSL Remote Code Execution [CVE-2019-2891]medium7.6---
143611Oracle BI Publisher OpenSSL information disclosure [CVE-2019-2906]medium4.3---
143610Oracle Business Intelligence Enterprise Edition Apache Tomcat information disclosuremedium4.3---
143609Oracle Virtual Directory Apache Commons FileUpload access controlhigh9.3---
143608Oracle JDeveloper/ADF SQLite Remote Code Execution [CVE-2019-2904]high9.3---
143607Oracle Hospitality Reporting/Analytics Log4j authorization [CVE-2019-2952]medium4.3---
143606Oracle Hospitality Materials Control jQuery cross site scriptingmedium4.3---
143605Oracle Hospitality Reporting/Analytics Eclipse Jetty information disclosuremedium2.1---
143604Oracle Hospitality Reporting/Analytics Apache Axis information disclosuremedium3.5---
143603Oracle Hospitality Reporting/Analytics jQuery information disclosuremedium3.5---
143602Oracle Hospitality Reporting/Analytics jQuery information disclosuremedium3.5---
143601Oracle Hospitality RES 3700 Interface Remote Code Execution [CVE-2019-3025]high7.6---
143600Oracle Banking Digital Experience OpenSSL authorization [CVE-2019-3019]medium3.5---
143599Oracle FLEXCUBE Direct Banking OpenSSL unknown vulnerabilitymedium6.3---
143598Oracle Financial Services Retail Performance Analytics jQuery cross site scriptingmedium4.3---
143597Oracle Financial Services Enterprise Financial Performance Analytics jQuery information disclosuremedium4.3---
143596Oracle FLEXCUBE Direct Banking jQuery information disclosuremedium3.5---
143595Oracle Financial Services Analytical Applications Infrastructure jackson-databind input validationhigh9.3---
143594Oracle Banking Platform jackson-databind input validation [CVE-2019-14379]high9.3---
143593Oracle Enterprise Manager Base Platform Eclipse Jetty information disclosuremedium4.3---
143592Oracle Application Testing Suite jQuery cross site scriptingmedium4.3---
143591Oracle Enterprise Manager Ops Center jQuery cross site scriptingmedium4.3---
143590Oracle Enterprise Manager Ops Center Apache HTTP Server resource consumptionmedium4.3---
143589Oracle Enterprise Manager for Exadata Spring Framework Remote Privilege Escalationmedium7.1---
143588Oracle Enterprise Manager Ops Center cURL code injection [CVE-2019-5443]medium6.6---
143587Oracle Enterprise Manager Base Platform Jython Remote Code Executionhigh9.3---
143586Oracle Workflow Apache Commons FileUpload unknown vulnerabilitymedium4.3---
143585Oracle Installed Base jQuery unknown vulnerability [CVE-2019-3024]medium4.3---
143584Oracle Field Service jQuery improper authentication [CVE-2019-2930]medium4.3---
143583Oracle Application Object Library jQuery denial of service [CVE-2019-3027]medium4.3---
143582Oracle Content Manager jackson-databind unknown vulnerabilitymedium4.3---
143581Oracle Marketing jackson-databind information disclosure [CVE-2019-3000]medium4.3---
143580Oracle Marketing Eclipse Jetty information disclosure [CVE-2019-2995]medium4.3---
143579Oracle Marketing jQuery information disclosure [CVE-2019-2994]medium4.3---
143578Oracle iStore Order Tracker information disclosure [CVE-2019-2990]medium4.3---
143577Oracle Advanced Outbound Telephony User Interface information disclosuremedium4.3---
143576Oracle Primavera Unifier jQuery cross site scripting [CVE-2019-11358]medium4.3---
143575Oracle Primavera P6 Enterprise Project Portfolio Management Apache POI information disclosuremedium3.5---
143574Oracle Primavera Unifier Apache POI infinite loop [CVE-2017-12626]medium4.3---
143573Oracle Primavera P6 Enterprise Project Portfolio Management Apache POI infinite loopmedium4.3---
143572Oracle Primavera Gateway Apache POI infinite loop [CVE-2017-12626]medium4.3---
143571Oracle Instantis EnterpriseTrack Apache POI infinite loop [CVE-2017-12626]medium4.3---
143570Oracle Instantis EnterpriseTrack Apache Axis server-side request forgerymedium6.8---
143569Oracle Instantis EnterpriseTrack Apache HTTP Server access controlmedium6.6---
143568Oracle Instantis EnterpriseTrack Apache Tomcat input validationmedium7.6---
143567Oracle Primavera P6 Enterprise Project Portfolio Management Web Access information disclosurehigh4.3---
143566Oracle Primavera Unifier jackson-databind input validation [CVE-2019-14379]high9.3---
143565Oracle Primavera Gateway jackson-databind input validation [CVE-2019-14379]high9.3---
143564Oracle Instantis EnterpriseTrack Apache Tomcat infinite loophigh9.3---
143563Oracle NoSQL Database server-side request forgery [CVE-2018-14721]high9.3---
143562Oracle Database Server Core RDBMS input validation [CVE-2019-2940]low1.3---
143561Oracle Database Server Core RDBMS unknown vulnerability [CVE-2019-2955]low3.0---
143560Oracle Database Server Core RDBMS denial of service [CVE-2019-2954]low3.0---
143559Oracle Database Server Apache Tomcat redirect [CVE-2018-11784]medium4.3---
143558Oracle Database Server Core RDBMS unknown vulnerability [CVE-2019-2734]medium3.5---
143557Oracle Database Server Core RDBMS information disclosure [CVE-2018-2875]medium3.5---
143556Oracle Database Server Core RDBMS information disclosure [CVE-2019-2939]medium3.5---
143555Oracle Database Server Core RDBMS information disclosure [CVE-2019-2913]medium3.5---
143554Oracle Database Server jackson-databind denial of service [CVE-2019-2956]medium3.5---
143553Oracle Database Server Java VM input validation [CVE-2019-2909]medium5.4---
143552HP LaserJet Application Signature input validation [CVE-2019-6334]medium7.5---
143551CMS Made Simple News Screen Stored cross site scriptinglow3.5---
143550CMS Made Simple File Manager Stored cross site scriptinglow3.5---
143549events-manager Plugin Stored cross site scripting [CVE-2019-16523]low3.5---
143548eu-cookie-law Plugin Stored cross site scripting [CVE-2019-16522]low3.5---
143547broken-link-checker Plugin Reflected cross site scripting [CVE-2019-16521]low4.3---
143546all-in-one-seo-pack Plugin Stored cross site scripting [CVE-2019-16520]low3.5---
143545Sonatype Nexus Repository Manager privileges management [CVE-2019-15893]medium6.5---
143544Puppet Enterprise Pipeline Custom Script Security Whitelist input validationmedium6.0---
143543Oracle Cloud Infrastructure Compute Classic Plugin permission assignmentmedium6.5---
143542Oracle Cloud Infrastructure Compute Classic Plugin cross-site request forgerylow4.3---
143541Rundeck Plugin Permission Check permission assignment [CVE-2019-10455]medium6.5---
143540Rundeck Plugin cross-site request forgery [CVE-2019-10454]low4.3---
143539Delphix Plugin Global Configuration Credentials cleartext storagelow1.9---
143538View26 Test-Reporting Plugin config.xml Credentials cleartext storagelow3.5---
143537SOASTA CloudTest Plugin Global Configuration Credentials cleartext storagelow3.5---
143536ElasticBox CI Plugin Configuration File config.xml Credentials cleartext storagelow1.9---
143535Fortify on Demand Plugin config.xml Credentials cleartext storagelow3.5---
143534Extensive Testing Plugin config.xml Credentials insufficiently protected credentialslow3.5---
143533Sofy.AI Plugin config.xml cleartext storagelow4.0---
143532Cadence vManager Plugin Hostname Verification certificate validationmedium5.1---
143531Google Kubernetes Engine Plugin Permission Check permission assignmentlow4.0---
143530Bumblebee HP ALM Plugin Hostname Verification certificate validationmedium5.1---
143529iceScrum Plugin config.xml Credentials cleartext storagelow3.5---
143528iceScrum Plugin Permission Check permission assignment [CVE-2019-10442]medium6.5---
143527iceScrum Plugin cross-site request forgery [CVE-2019-10441]low4.3---
143526NeoLoad Plugin Global Configuration config.xml Credentials cleartext storagemedium3.5---
143525CRX Content Package Deployer Plugin Permission Check doFillCredentialsIdItems Credentials insufficiently protected credentialslow4.0---
143524CRX Content Package Deployer Plugin Permission Check permission assignmentmedium6.5---
143523CRX Content Package Deployer Plugin cross-site request forgerylow4.3---
143522Google OAuth Credentials Plugin information disclosure [CVE-2019-10436]medium6.5---
143521IBM Workload Scheduler Distributed privileges management [CVE-2019-4031]medium6.6---
143520Yale Bluetooth Key App Bluetooth Low Energy improper authenticationmedium3.7---
143519ReportLab colors.py toColor xml injectionmedium7.5---
143518Rambox Service Stored cross site scriptinglow3.5---
143517X.org X Server ct.c_char XQueryKeymap out-of-bounds writemedium4.4---
143516MindPalette NateMail Reflected cross site scripting [CVE-2019-13392]low4.3---
143515Netgear JNR1010 webproc cross site scriptinglow4.3---
143514Netgear JNR1010 webproc cross-site request forgerylow4.3---
143513Netgear JNR1010 Access Control session expiration [CVE-2016-11014]medium7.5---
143512Google Android Qualcomm Component null pointer dereference [CVE-2019-10513]low4.9---
143511Google Android Qualcomm Component memory corruption [CVE-2019-2295]low2.1---
143510Google Android Qualcomm Component use after free [CVE-2019-10490]medium2.1---
143509Google Android Qualcomm Component infinite loop [CVE-2019-2335]medium5.0---
143508Google Android Qualcomm Component out-of-bounds read [CVE-2019-2318]low2.1---
143507Google Android Qualcomm Component out-of-bounds read [CVE-2019-2303]medium7.5---
143506Google Android Qualcomm Component memory corruption [CVE-2019-2339]medium7.2---
143505Google Android Qualcomm Component use after free [CVE-2019-2336]medium4.9---
143504Google Android Qualcomm Component use after free [CVE-2019-2329]medium7.2---
143503Google Android Qualcomm Component Local Privilege Escalationmedium7.2---
143502Google Android Qualcomm Component improper authentication [CVE-2019-2289]medium10.0---
143501Google Android Qualcomm Component out-of-bounds read [CVE-2019-2271]medium10.0---
143500Google Android Qualcomm Component buffer overflow [CVE-2019-2251]medium7.2---
143499Google Android Qualcomm Component buffer overflow [CVE-2018-13916]medium7.2---
143498qibosoft jf.php eval code injectionlow4.3---
14349774cms BackendController.class.php _list sql injectionmedium6.0---
143496Zoho ManageEngine OpManager OPMDeviceDetailsServlet Servlet sql injectionmedium6.8---
143495MiniShare HTTP CONNECT Request memory corruption [CVE-2019-17601]medium6.8---
143494Intelbras IWR 1000N user Credentials cross-site request forgerylow5.0---
143493Dark Horse Comics App Log log file [CVE-2019-17398]low1.5---
143492DoorDash App Log Credentials log filelow3.5---
143491PowerSchool Mobile App Log Credentials log filelow3.5---
143490Rapid Gator App Log Credentials log filelow3.5---
143489Seesaw Parent/Family App Log Credentials log filelow3.5---
143488Infinite Design App Authentication inadequate encryption [CVE-2019-17356]low1.8---
143487Orbitz App Log Credentials log filelow3.5---
143486Dolibarr ERP/CRM note.php injectionlow4.3---
143485Connect2id Nimbus JOSE+JWT JWT Parser unusual condition [CVE-2019-17195]medium6.8---
143484KeyCloak REST API authorization [CVE-2019-14832]medium6.0---
143483Glue Smart Lock Guest Access privileges management [CVE-2019-12944]medium3.7---
143482safer-eval Sandbox code injection [CVE-2019-10760]medium6.5---
143481safer-eval Sandbox code injection [CVE-2019-10759]medium6.5---
143479haml cross site scripting [CVE-2017-1002201]medium6.8---
143478Dell ImageAssist Image information disclosure [CVE-2019-3767]low1.9---
143477ncurses terminfo Library comp_hash.c fmt_entry out-of-bounds readmedium6.8---
143476ncurses terminfo Library comp_hash.c _nc_find_entry out-of-bounds readmedium6.8---
143475JIZHICMS adminadd.html cross-site request forgerylow4.3---
143474csv-parse Module Regular Expression __isInt input validationlow5.0---
143473NCH Express Invoice Quotes Persistent cross site scriptinglow3.5---
143472JSS CryptoManager OCSP Policy certificate validation [CVE-2019-14823]medium5.1---
143471Ubisoft Uplay Permission permission assignment [CVE-2019-14737]medium4.6---
143470AutoPi Device insufficiently protected credentials [CVE-2019-12941]medium6.2---
143469D-Link DIR-880L/DIR-895 fileaccess.cgi buffer overflowmedium6.8---
143468sudo Runas Restriction input validation [CVE-2019-14287]medium8.5---
143467CloudCTI HIP Integrator Recognition Configuration Tool EXQUISE privileges managementmedium4.1---
143466IBM FileNet Content Manager Log File Credentials log filelow1.5---
143465idreamsoft iCMS Comment resource consumption [CVE-2019-17583]low5.0---
143464tonyy dormsystem admin.php sql injectionmedium6.8---
143463Sonarsource SonarQube Project Link cross site scripting [CVE-2019-17579]low4.3---
143462WBCE CMS File Renaming Filter rename.php code injectionmedium6.0---
143461Popup Maker Plugin do_action authorizationmedium6.8---
143460MetInfo sql injection [CVE-2019-17553]medium6.8---
143459idreamsoft iCMS spider_project.admincp.php sql injectionmedium6.8---
143458D-Link DIR-412 Web Interface log_get.php improper authenticationlow4.3---
143457ZZZCMS zzzphp zzz_template.php parserIfLabel input validationmedium6.8---
143456BMC Patrol Agent default permission [CVE-2019-17044]medium6.6---
143455BMC Patrol Agent best1collect.exe default permissionmedium4.1---
143454ESET Cyber Security Scheduled Task input validation [CVE-2019-16519]medium6.6---
143453ScadaBR Login Form login.htm cross site scriptinglow4.3---
143452Nostromo nhttpd SSL_accept path traversallow5.0---
143451Nostromo nhttpd http_verify path traversalmedium7.5---
143450Ansible Engine/Tower log file [CVE-2019-14858]low2.1---
143449wildfly-core improper authentication [CVE-2019-14838]medium6.5---
143448OX App Suite cross site scripting [CVE-2019-14227]low4.3---
143447OX App Suite Permission permissions [CVE-2019-14226]medium6.5---
143446OX App Suite server-side request forgery [CVE-2019-14225]medium6.5---
143445ImageMagick draw.c TraceBezier use after freemedium6.8---
143444LibTIFF RGBA Image tif_getimage.c integer overflowmedium6.8---
143443GDAL ogr_expat.cpp OGRExpatRealloc double freemedium6.8---
143442GNU Aspell getdata.cpp unescape out-of-bounds readmedium6.8---
143441LZ4 LZ4_write32 buffer overflowmedium6.8---
143440FFmpeg vqavideo.c vqa_decode_init array indexmedium6.8---
143439ImageMagick string.c DestroyStringInfo use after freemedium6.8---
143438ImageMagick ps.c ReadPSInfo buffer overflowmedium6.8---
143437FFmpeg utils.c avcodec_open2 null pointer dereferencelow5.0---
143436Centreon os command injection [CVE-2019-17501]medium6.5---
143435Jiangnan Online Judge path traversal [CVE-2019-17538]medium7.5---
143434Jiangnan Online Judge path traversal [CVE-2019-17537]medium7.5---
143433Gila CMS File Upload fm.php moveAction unrestricted uploadmedium6.5---
143432Gila CMS Blog Theme/Mag Theme blog-list.php cross site scriptinglow4.3---
143431libvips gifload.c vips_foreign_load_gif_scan_image use after freemedium6.8---
143430matio mat4.c Mat_VarReadNextInfo4 out-of-bounds readmedium6.8---
143429Belkin Wemo Switch 28B Rule Processing rules1 input validationlow5.0---
143428FasterXML jackson-databind JSON Endpoint input validation [CVE-2019-17531]medium7.5---
143427Bento4 Encryption Ap4Atom.cpp AddField out-of-bounds readmedium6.8---
143426Bento4 Encryption Ap4CommonEncryption.cpp DoInspectFields out-of-bounds readmedium6.8---
143425Bento4 Ap4TfhdAtom.h SetDefaultSampleSize memory corruptionmedium6.8---
143424Hotaru CMS Stored cross site scripting [CVE-2019-17522]low3.5---
143423Landing-CMS cross-site request forgery [CVE-2019-17521]low4.3---
143422Hydra HTTP Header read.c process_header_end null pointer dereferencelow5.0---
143421Samsung Laser Printers input validation [CVE-2019-6335]low5.0---
143420HP Touchpoint Analytics System Service input validation [CVE-2019-6333]medium4.1---
143419Google Android nfc_ncif.cc nfc_ncif_decode_rf_params out-of-bounds readlow1.5---
143418Google Android combined_decode.cpp GetMBheader out-of-bounds writemedium6.8---
143417Google Android vlc_dequant.cpp VlcDequantH263IntraBlock_SH out-of-bounds writemedium6.8---
143416Google Android dec_pred_intra_dc.cpp PV_DecodePredictedIntraDC out-of-bounds writemedium6.8---
143415Google Android Cache RegisteredServicesCache.java generateServicesMap information disclosurelow1.5---
143414Google Android Permission Check ActivityStarter.java startActivityMayWait default permissionmedium4.1---
143413Google Android NFC default permission [CVE-2019-2114]medium4.1---
143412Google Android Permission Check ScreenRotationAnimation.java ScreenRotationAnimation information disclosurelow1.5---
143411Python Documentation Sorting calculation [CVE-2019-17514]medium5.1---
143410D-Link DIR-846 SetWizardConfig.php SetWizardConfig os command injectionhigh9.3---
143409D-Link DIR-846 SetMasterWLanSettings.php SetMasterWLanSettings os command injectionhigh9.3---
143408D-Link DIR-850/DIR-859 DEVICE.TIME.php os command injectionmedium7.5---
143407D-Link DIR-816 A1 Management Page input validation [CVE-2019-17507]medium7.5---
143406D-Link DIR-868L/DIR-817LW Web Interface getcfg.php Credentials improper authenticationlow5.0---
143405D-Link DAP-1320 Web Interface improper authentication [CVE-2019-17505]medium6.8---
143404Kirona Dynamic Resource Scheduling Reflected cross site scriptinglow4.3---
143403Kirona Dynamic Resource Scheduling REGISTER.cmd information disclosurelow5.0---
143402Compal CH7465LG Common Gateway Interface setter.xml os command injectionmedium8.5---
143401Genesys PureEngage Digital HtmlChatPanel.jsp cross site scriptinglow4.3---
143400Sophos Cyberoam Firewall SSL VPN Console injection [CVE-2019-17059]medium7.5---
143399Intel NUC System Firmware memory corruption [CVE-2019-14570]medium4.1---
143398Intel NUC System Firmware Pointer memory corruptionmedium4.1---
143397Kaseya VSA RMM LAN Cache default permission [CVE-2019-14510]medium7.6---
143396Intel Smart Connect Technology for Intel NUC File Permission privileges managementmedium4.1---
143395Intel Active System Console Installer privileges management [CVE-2019-11120]medium4.1---
143394Boa free release of resourcelow5.0---
143393Boa memory corruption [CVE-2018-21027]medium6.8---
143392GREE+ cross-site request forgery [CVE-2018-20582]low4.3---
143391Graphite views.py send_email server-side request forgerymedium7.5---
143390ThemeMakers SmartIT Premium Responsive Theme wp_users.dat information disclosurelow5.0---
143389ThemeMakers Blessing Premium Responsive Theme wp_users.dat information disclosurelow5.0---
143388ThemeMakers GamesTheme Premium Theme wp_users.dat information disclosurelow5.0---
143387ThemeMakers Goodnex Premium Responsive Theme wp_users.dat information disclosurelow5.0---
143386ThemeMakers Almera Responsive Portfolio Site Template wp_users.dat information disclosurelow5.0---
143385ThemeMakers Almera Responsive Portfolio Theme wp_users.dat information disclosurelow5.0---
143384ThemeMakers Axioma Premium Responsive Theme wp_users.dat information disclosurelow5.0---
143383ThemeMakers Accio Responsive Parallax One Page Site Template wp_users.dat information disclosurelow5.0---
143382ThemeMakers Accio One Page Parallax Responsive Theme wp_users.dat information disclosurelow5.0---
143381ThemeMakers Invento Responsive Gallery wp_users.dat information disclosurelow5.0---
143380ThemeMakers Car Dealer Theme wp_users.dat information disclosurelow5.0---
143379ThemeMakers Diplomat/Political Theme wp_users.dat information disclosurelow5.0---
143373XNU IPComp memory corruption [CVE-2019-8717]medium6.8---
143372Cobham Explorer 710 Firmware unrestricted upload [CVE-2019-9534]medium4.4---
143371Cobham Explorer 710 insufficiently protected credentials [CVE-2019-9533]high9.3---
143370Cobham Explorer 710 Web Application Portal cleartext transmissionmedium2.1---
143369Cobham Explorer 710 Web Application Portal improper authenticationmedium6.8---
143368Cobham Explorer 710 Access Restriction information disclosuremedium4.4---
143367Cobham Explorer 710 Web Application Portal missing authenticationmedium4.4---
143366Tracker PDF-XChange Editor NTLM SSO Hash insufficiently protected credentialslow4.3---
143365Craft CMS Stored cross site scripting [CVE-2019-17496]low4.3---
143364Swagger UI CSS injection [CVE-2019-17495]low4.3---
143363laravel-bjyblog URL cross site scripting [CVE-2019-17494]low4.3---
143362Jiangnan Online Judge create cross site scriptinglow4.3---
143361Jiangnan Online Judge create cross site scriptinglow4.3---
143360Jiangnan Online Judge File Upload ProblemController unrestricted uploadmedium6.5---
143359Jiangnan Online Judge create cross site scriptinglow4.3---
143358b3log Symphony HTTP Header cross site scripting [CVE-2019-17488]low4.3---
143357Libntlm smbutil.c tSmbNtlmAuthResponse buffer overflowmedium6.8---
143356animate-it Plugin edsanimate.php cross-site request forgerylow4.3---
143355Softing uaGate SI/uaGate MB/uaGate 840D CGI Script privileges managementmedium6.5---
143354EOS Label Distribution Protocol race condition [CVE-2019-14810]low4.3---
143353Softing uaGate SI memory corruption [CVE-2019-11528]medium6.8---
143352Softing uaGate SI CGI Script os command injection [CVE-2019-11527]medium6.5---
143351Softing uaGate SI Maintenance Script code injection [CVE-2019-11526]medium7.5---
143350Adobe Acrobat Reader privileges management [CVE-2018-19725]medium6.8---
143349VMware Workstation/Fusion IPv6 input validation [CVE-2019-5535]low4.3---
143348VMware ESXi/Workstation/Fusion/VMRC/Horizon Client Virtual Sound Device use after freemedium4.4---
143347IBM Maximo Anywhere Root Detection insecure storage of sensitive informationlow2.1---
143346Bento4 Ap4Descriptor.h GetTag null pointer dereferencelow4.3---
143345Bento4 Ap4Descriptor.h Action null pointer dereferencelow4.3---
143344Bento4 Ap4Descriptor.h Action null pointer dereferencelow4.3---
143343GNU binutils libbfd dwarf2.c _bfd_dwarf2_find_nearest_line integer overflowmedium6.8---
143342GNU binutils libbfd dwarf2.c find_abstract_instance recursionlow4.3---
143341Avira Software Updater DLL untrusted search path [CVE-2019-17449]medium4.6---
143340LavaLite Account Name cross site scripting [CVE-2019-17434]low3.5---
143339z-song laravel-admin cross site scripting [CVE-2019-17433]low3.5---
143338FastAdmin edit cross-site request forgerylow4.3---
143337FastAdmin add cross-site request forgerylow4.3---
143336EyouCms login.php cross site scriptinglow4.3---
143335Adhouma CMS post.php sql injectionmedium6.8---
143334NetSarang XFTP Client File Copy buffer overflow [CVE-2019-17320]medium5.1---
143333new-contact-form-widget Plugin all-query-page.php sql injectionmedium6.8---
143332client-dash Plugin cross site scripting [CVE-2019-17071]low4.3---
143331liquid-speech-balloon Plugin cross site scripting [CVE-2019-17070]low4.3---
143330Siemens SIMATIC IT UADM Service Port 1434 Credentials insufficiently protected credentialslow3.5---
143329Siemens WinAC RTX improper authentication [CVE-2019-13921]low5.0---
143328Siemens SIMATIC/SINAMICS resource consumption [CVE-2019-10936]low4.3---
143327Siemens SIMATIC/SINAMICS IRT resource consumption [CVE-2019-10923]low4.3---
143326RobotCPA Plugin f.php path traversalmedium7.5---
143325ACF-Frontend-Display Plugin File Upload index.php unrestricted uploadmedium7.5---
143324prettyPhoto jquery.prettyPhoto.js cross site scriptinglow4.3---
143323Vernissage Theme Option Update default permission [CVE-2015-9477]medium6.5---
143322Teardrop Theme Option Update default permission [CVE-2015-9476]medium6.5---
143321Pont Theme Option Update default permission [CVE-2015-9475]medium6.5---
143320Simpolio Theme Option Update default permission [CVE-2015-9474]medium6.5---
143319estrutura-basica Theme download.php path traversalmedium7.5---
143318incoming-links Plugin HTTP Header referrers.php cross site scriptinglow4.3---
143317dzs-zoomsounds Plugin File Upload upload.php unrestricted uploadmedium7.5---
143316history-collection Plugin download.php path traversalmedium7.5---
143315content-grabber Plugin cross site scripting [CVE-2015-9469]low3.5---
143314broken-link-manager Plugin delURL cross site scriptinglow4.3---
143313broken-link-manager Plugin wpslEditURL sql injectionmedium6.8---
143312wti-like-post Plugin WtiLikePostProcessVote sql injectionmedium6.8---
143311yet-another-stars-rating Plugin yasr_get_multi_set_values_and_field sql injectionmedium6.0---
143310s3bubble-amazon-s3-html-5-video-with-adverts Plugin downloader.php path traversalmedium7.5---
143309s3bubble-amazon-s3-audio-streaming Plugin downloader.php path traversalmedium7.5---
143308Portfolio Plugin afp_get_new_category_page sql injectionmedium6.0---
143307Portfolio Plugin afp_get_new_portfolio_item_page sql injectionmedium6.0---
143306booking-system Plugin display sql injectionmedium6.0---
143305searchterms-tagging-2 Plugin options-general.php cross site scriptinglow4.3---
143304searchterms-tagging-2 Plugin pk_stt2_db_get_popular_terms sql injectionlow4.3---
143303pretty-link Plugin list_links sql injectionmedium6.0---
143302Redmine Textile Persistent cross site scriptinglow4.3---
143301Automattic Mongoose Access Control input validation [CVE-2019-17426]medium7.5---
143300OISF libhtp HTTP Protocol Parser input validation [CVE-2019-17420]medium6.8---
143299MetInfo sql injection [CVE-2019-17419]medium6.0---
143298MetInfo sql injection [CVE-2019-17418]medium6.0---
143297PbootCMS cross site scripting [CVE-2019-17417]low3.5---
143296iTerm2 tmux Control Mode input validation [CVE-2019-9535]medium7.5---
143295ISC BIND dispatch.c race conditionlow4.3---
143294ISC BIND EDNS Client Subnet input validation [CVE-2019-6469]medium4.3---
143293ISC BIND nxdomain Redirect assertion [CVE-2019-6468]low5.0---
143292ISC BIND nxdomain Redirect query.c assertionlow2.1---
143291ISC BIND Zone Transfer permission assignment [CVE-2019-6465]medium4.3---
143290NVIDIA Shield TV Experience Boot Image input validation [CVE-2019-5700]medium4.6---
143289NVIDIA Shield TV Experience Tegra Bootloader memory corruptionmedium4.4---
143288SnapManager for Oracle information disclosure [CVE-2019-5507]low2.1---
143287Clustered Data ONTAP Hostname Verification certificate validationmedium5.1---
143286NitroPDF type conversion [CVE-2019-5053]medium6.8---
143285NitroPDF memory corruption [CVE-2019-5050]medium6.8---
143284NitroPDF out-of-bounds write [CVE-2019-5048]medium6.8---
143283NitroPDF CharProcs Parser use after free [CVE-2019-5047]medium6.8---
143282NitroPDF JPEG2000 File out-of-bounds write [CVE-2019-5046]medium6.8---
143281NitroPDF JPEG2000 File out-of-bounds write [CVE-2019-5045]medium6.8---
143280IBM Spectrum Scale injection [CVE-2019-4558]medium6.6---
143279IBM Maximo Asset Management Error Message information exposurelow4.0---
143278Dell EMC Avamar Server/Integrated Data Protection Appliance permission assignmentmedium6.0---
143277McAfee Endpoint Security Configuration Tool missing authenticationmedium4.1---
143276McAfee Endpoint Security Installer EPSetup.exe code injectionmedium4.1---
143275File Sharing Wizard Structured Exception buffer overflow [CVE-2019-17415]medium6.8---
143274tinylcy Vino vn_get_string input validationlow5.0---
143273Exiv2 types.cpp getULong buffer overflowlow4.3---
143272libyal liblnk liblnk_location_information.c network_share_name_offset out-of-bounds readmedium4.4---
143271Shack Forms Pro Extension File Attachment path traversal [CVE-2019-17399]medium7.5---
143270RIOT MQTT-SN resource consumption [CVE-2019-17389]low5.0---
143269animate-it Plugin cross site scripting [CVE-2019-17385]low4.3---
143268animate-it Plugin cross site scripting [CVE-2019-17384]low4.3---
143267netaddr Gem File Permission default permission [CVE-2019-17383]medium7.5---
143266Zabbix Dashboard Page improper authentication [CVE-2019-17382]medium6.8---
143265cPanel WHM Update Preferences Interface cross site scriptinglow4.3---
143264cPanel WHM SSL Storage Manager Interface Stored cross site scriptinglow4.3---
143263cPanel SSL Key Delete Interface cross site scripting [CVE-2019-17378]low4.3---
143262cPanel LiveAPI Example Scripts cross site scripting [CVE-2019-17377]low4.3---
143261cPanel SSL Certificate Upload cross site scripting [CVE-2019-17376]low4.3---
143260cPanel API Token session expiration [CVE-2019-17375]medium6.5---
143259Netgear WNR834Bv2 improper authentication [CVE-2019-17373]medium6.8---
143258Netgear DC112A genieDisableLanChanged.cgi improper authenticationmedium6.8---
143257libpng png_create_info_struct release of resourcelow4.3---
143256OTCMS sysCheckFile_deal.php input validationmedium6.5---
143255Citrix Application Delivery Management Access Control authorizationmedium6.5---
143254Nix default permission [CVE-2019-17365]medium4.1---
143253ZyXEL NBG-418N v2 Authentication wan.htm improper authenticationlow5.0---
143252D-Link DIR-615 wan.htm improper authenticationlow4.3---
143251Netreo OmniCenter Blind sql injection [CVE-2019-17128]medium6.8---
143250Kramer VIAware Access Control default permission [CVE-2019-17124]medium7.5---
143249Zoho ManageEngine DataSecurity Plus Configuration File file accessmedium6.5---
143248Koji path traversal [CVE-2019-17109]medium6.5---
143247OpenProject Project List cross site scripting [CVE-2019-17092]low4.3---
143246OpenSSH XMSS Key integer overflow [CVE-2019-16905]medium4.4---
143245Socomec DIRIS A-40 Web Interface password.jsn Password insufficiently protected credentialslow5.0---
143244Zingbox Inspector input validation [CVE-2019-1584]medium6.8---
143243Altair PBS Professional privileges management [CVE-2019-15719]medium5.2---
143242MantisBT os command injection [CVE-2019-15715]medium6.5---
143241Envoy HTTP Header resource consumption [CVE-2019-15226]low5.0---
143240Zingbox Inspector 3rd Party Integration cleartext storage [CVE-2019-15023]low5.0---
143239Zingbox Inspector ARP authentication spoofing [CVE-2019-15022]medium5.4---
143238Zingbox Inspector information disclosure [CVE-2019-15021]low2.9---
143237Zingbox Inspector Update Image injection [CVE-2019-15020]medium7.5---
143236Zingbox Inspector Update Image input validation [CVE-2019-15019]medium7.5---
143235Zingbox Inspector improper authentication [CVE-2019-15018]medium7.5---
143234Zingbox Inspector SSH Service hard-coded credentials [CVE-2019-15017]medium5.4---
143233Zingbox Inspector Management Interface sql injection [CVE-2019-15016]medium6.0---
143232Zingbox Inspector hard-coded credentials [CVE-2019-15015]medium4.4---
143231Zingbox Inspector CLI injection [CVE-2019-15014]medium6.0---
143230RENPHO App JSON improper enforcement of message integrity [CVE-2019-14808]low2.6---
143229Sunny WebBox cross-site request forgery [CVE-2019-13529]medium6.0---
143228Pi-Hole os command injection [CVE-2019-13051]medium6.8---
143227Samsung Smart Phone Service Mode risky encryption [CVE-2019-11341]low1.5---
143226TIBCO MDM MDM Server cross site scripting [CVE-2019-11212]low3.5---
143225Juniper Junos Protocol Independent Multicast resource consumptionlow5.0---
143224Juniper Junos path traversal [CVE-2019-0074]low1.5---
143223Juniper Junos PKI Key permission assignment [CVE-2019-0073]low1.5---
143222Juniper SBR Carrier Access Management Credentials insufficiently protected credentialslow1.5---
143221Juniper Junos Veriexec privileges management [CVE-2019-0071]medium4.1---
143220Juniper Junos input validation [CVE-2019-0070]medium4.1---
143219Juniper Junos Log Credentials cleartext transmissionlow1.5---
143218Juniper Junos flowd unusual condition [CVE-2019-0068]low5.0---
143217Juniper Junos vmcore input validation [CVE-2019-0067]low3.3---
143216Juniper Junos NG-mVPN input validation [CVE-2019-0066]low5.0---
143215Juniper Junos SIP ALG input validation [CVE-2019-0065]low4.3---
143214Juniper Junos flowd input validation [CVE-2019-0064]low4.3---
143213Juniper Junos BNG input validation [CVE-2019-0063]low4.3---
143212Juniper Junos J-Web session fixiation [CVE-2019-0062]medium5.1---
143211Juniper Junos MGD privileges management [CVE-2019-0061]medium6.6---
143210Juniper Junos flowd exceptional condition [CVE-2019-0060]low5.0---
143209Juniper Junos BGP release of resource [CVE-2019-0059]low5.0---
143208Juniper Junos Veriexec Subsystem privileges management [CVE-2019-0058]medium6.6---
143207Juniper Junos JDM improper authentication [CVE-2019-0057]medium4.1---
143206Juniper Junos OSPF input validation [CVE-2019-0056]low5.0---
143205Juniper Junos SIP ALG input validation [CVE-2019-0055]low5.0---
143204Juniper Junos Certificate Validation certificate validation [CVE-2019-0054]medium5.1---
143203Juniper Junos flowd exceptional condition [CVE-2019-0051]low5.0---
143202Juniper Junos srxpfe input validation [CVE-2019-0050]low4.3---
143201Juniper Junos J-Web Persistent cross site scriptinglow4.3---
143200ISC BIND Managed Key risky encryption [CVE-2018-5745]low3.5---
143199ISC BIND EDNS Option release of resource [CVE-2018-5744]medium5.0---
143198ISC BIND Connection allocation of resources [CVE-2018-5743]low4.3---
143197ISC DHCP Options memory corruption [CVE-2018-5732]medium5.0--medium
143192SolarWinds Dameware Mini Remote Client Agent SmartCard Authentication DWRCS.exe input validationmedium6.8---
143191OTCMS Admin Panel member_deal.php cross-site request forgerylow4.3---
143190S-Cms tpl.php cross site scriptinglow4.3---
143189Bouncy Castle Crypto ASN.1 Parser allocation of resources [CVE-2019-17359]low5.0---
143188Jfinal cos isSafeFile unrestricted uploadmedium7.5---
143187vBulletin getHookList sql injectionmedium6.0---
143186XnView Classic User Mode out-of-bounds write [CVE-2019-17262]medium4.4---
143185XnView Classic User Mode out-of-bounds write [CVE-2019-17261]medium4.4---
143184MPC-HC memory corruption [CVE-2019-17260]medium4.4---
143183KMPlayer User Mode out-of-bounds write [CVE-2019-17259]medium4.4---
143182IrfanView out-of-bounds write [CVE-2019-17258]medium6.8---
143181IrfanView Exception unusual condition [CVE-2019-17257]medium4.3---
143180IrfanView User Mode out-of-bounds write [CVE-2019-17256]medium6.8---
143179IrfanView User Mode out-of-bounds write [CVE-2019-17255]medium6.8---
143178IrfanView out-of-bounds write [CVE-2019-17254]medium6.8---
143177IrfanView User Mode out-of-bounds write [CVE-2019-17253]medium6.8---
143176IrfanView User Mode out-of-bounds write [CVE-2019-17252]medium6.8---
143175IrfanView User Mode out-of-bounds write [CVE-2019-17251]medium6.8---
143174IrfanView User Mode out-of-bounds write [CVE-2019-17250]medium6.8---
143173IrfanView User Mode out-of-bounds write [CVE-2019-17249]medium6.8---
143172IrfanView User Mode out-of-bounds write [CVE-2019-17248]medium6.8---
143171IrfanView buffer overflow [CVE-2019-17247]medium6.8---
143170IrfanView User Mode out-of-bounds write [CVE-2019-17246]medium6.8---
143169IrfanView User Mode out-of-bounds write [CVE-2019-17245]medium4.4---
143168IrfanView buffer overflow [CVE-2019-17244]medium6.8---
143167IrfanView buffer overflow [CVE-2019-17243]medium6.8---
143166IrfanView User Mode out-of-bounds write [CVE-2019-17242]medium4.4---
143165IrfanView User Mode out-of-bounds write [CVE-2019-17241]medium4.4---
143164FiberHome HG2201T downloadfile.cgi path traversalmedium6.8---
143163FiberHome HG2201T telnet.cgi input validationmedium6.8---
143162OpenStack Octavia Amphora Image improper authentication [CVE-2019-17134]medium7.5---
143161Centreon Web brokerPerformance.php Stored cross site scriptinglow4.3---
143160Centreon Web minPlayCommand.php code injectionmedium6.0---
143159Centreon Web cleartext storage [CVE-2019-17106]medium6.0---
143158Centreon Web Token Generator index.php random valuesmedium7.5---
143157Centreon VM Apache HTTP Server httponly cookie validationlow2.6---
143156Auth0 Access Control IdentityTokenValidator improper authenticationmedium7.5---
143155Hrworks Flow Report cross site scripting [CVE-2019-16417]low3.5---
143154HRworks Report cross site scripting [CVE-2019-16416]low3.5---
143153Ansible Log Credentials log filelow2.1---
143152openshift TLS Hostname Verification code download [CVE-2019-14845]medium5.4---
143151Yealink Phone OpenVPN File Upload path traversal [CVE-2019-14657]medium6.5---
143150Yealink Phone HTTP Service unrestricted upload [CVE-2019-14656]medium6.0---
143149Dbell Wi-Fi Smart Video Doorbell DB01-S Gen 1 Service Port 81 openlock.cgi input validationmedium7.5---
143148Moxa EDR 810 Ping input validation [CVE-2019-10969]medium6.5---
143147Moxa EDR 810 Log File log file [CVE-2019-10963]low4.3---
143146knex.js MSSQL sql injection [CVE-2019-10757]medium6.8---
143145node-red-dashboard cross site scripting [CVE-2019-10756]low3.5---
143144Bootstrap-3-Typeahead highlighter cross site scriptinglow4.3---
143143SAP SQL Anywhere/IQ/Dynamic Tier file access [CVE-2019-0381]medium4.6---
143142SAP Landscape Management Log log file [CVE-2019-0380]low4.0---
143141SAP NetWeaver Process Integration insufficient verification of data authenticitymedium7.5---
143140SAP Business Intelligence Platform Background Image Stored cross site scriptinglow3.5---
143139SAP Business Intelligence Platform Input Control Stored cross site scriptinglow3.5---
143138SAP Business Intelligence Platform Publication Name Stored cross site scriptinglow3.5---
143137SAP Business Intelligence Platform Export Dialog Box Reflected cross site scriptinglow3.5---
143136SAP Business Intelligence Platform Chart Title Reflected cross site scriptinglow3.5---
143135SAP Financial Consolidation Xpath xml injection [CVE-2019-0370]medium7.5---
143134SAP Financial Consolidation Reflected cross site scripting [CVE-2019-0369]low3.5---
143133SAP Customer Relationship Management cross site scripting [CVE-2019-0368]low3.5---
143132SAP NetWeaver Process Integration Authorization authorizationmedium6.5---
143131Centreon VM Configuration File centreon-backup.pl privileges managementhigh10.0---
143130Centreon Web licenseUpload.php unrestricted uploadmedium7.5---
143129Centreon Web getStats.php code injectionmedium6.0---
143128Centreon Web makeXML_ListServices.php sql injectionmedium6.0---
143127Centreon Web img_gantt.php sql injectionmedium6.0---
143126Centreon Web input validation [CVE-2018-21020]medium5.1---
143125Apple iPhone Siri Self privileges management [Disputed]medium6.8---
143124Microsoft Windows Update Assistant privileges management [CVE-2019-1378]medium6.6---
143123Microsoft SQL Server Management Studio Permission permission assignmentlow3.5---
143122Microsoft Dynamics 365 cross site scripting [CVE-2019-1375]low3.5---
143121Microsoft Internet Explorer memory corruption [CVE-2019-1371]medium6.8---
143120Open Enclave SDK information disclosure [CVE-2019-1369]low1.2---
143119Microsoft Windows Secure Boot input validation [CVE-2019-1368]low1.9---
143118Microsoft Windows IIS memory corruption [CVE-2019-1365]medium6.0---
143117Microsoft Windows Win32k memory corruption [CVE-2019-1364]medium8.5---
143116Microsoft Windows GDI information disclosure [CVE-2019-1363]low3.5---
143115Microsoft Windows Win32k memory corruption [CVE-2019-1362]medium8.5---
143114Microsoft Windows Graphics Component information disclosure [CVE-2019-1361]low4.3---
143113Microsoft Windows JET Database Engine memory corruption [CVE-2019-1359]medium6.8---
143112Microsoft Windows JET Database Engine memory corruption [CVE-2019-1358]medium6.8---
143111Microsoft Edge Cookie authentication spoofing [CVE-2019-1357]medium6.8---
143110Microsoft Internet Explorer Cookie authentication spoofing [CVE-2019-1357]medium6.8---
143109Microsoft Edge information disclosure [CVE-2019-1356]low4.3---
143108Microsoft Windows memory corruption [CVE-2019-1347]medium7.1---
143107Microsoft Windows memory corruption [CVE-2019-1346]medium7.1---
143106Microsoft Windows Kernel information disclosure [CVE-2019-1345]low3.5---
143105Microsoft Windows Code Integrity Module information disclosurelow3.5---
143104Microsoft Windows memory corruption [CVE-2019-1343]low7.1---
143103Microsoft Windows Error Reporting Manager input validation [CVE-2019-1342]low4.9---
143102Microsoft Windows Power Service umpo.dll privileges managementmedium6.0---
143101Microsoft Windows AppX Deployment Server privileges managementmedium4.9---
143100Microsoft Windows Error Reporting privileges management [CVE-2019-1339]medium6.0---
143099Microsoft Windows NTLMv2 inadequate encryption [CVE-2019-1338]medium5.1---
143098Microsoft Windows Update Client information disclosure [CVE-2019-1337]low3.5---
143097Microsoft Windows Update Client privileges management [CVE-2019-1336]medium6.0---
143096Microsoft Windows Kernel information disclosure [CVE-2019-1334]low3.5---
143095Microsoft Excel memory corruption [CVE-2019-1331]medium6.8---
143094Microsoft SharePoint Foundation Impersonation privileges managementmedium6.5---
143093Microsoft SharePoint Foundation/SharePoint Enterprise Server cross site scriptinglow3.5---
143092Microsoft SharePoint Foundation/SharePoint Enterprise Server cross site scriptinglow3.5---
143091Microsoft Excel memory corruption [CVE-2019-1327]medium6.8---
143090Microsoft Windows Remote Desktop Protocol input validation [CVE-2019-1326]low4.3---
143089Microsoft Windows rdbss.sys memory corruption [CVE-2019-1325]medium7.5---
143088Microsoft Windows Update Client privileges management [CVE-2019-1323]medium6.0---
143087Microsoft Windows Authentication Request improper authenticationmedium3.5---
143086Microsoft Windows CloudStore privileges management [CVE-2019-1321]medium3.5---
143085Microsoft Windows Authentication Request improper authenticationmedium3.5---
143084Microsoft Windows Error Reporting privileges management [CVE-2019-1319]medium6.0---
143083Microsoft Windows TLS information disclosure [CVE-2019-1318]low2.1---
143082Microsoft Windows Hardlink link following [CVE-2019-1317]medium7.0---
143081Microsoft Windows Setup privileges management [CVE-2019-1316]medium6.0---
143080Microsoft Windows Error Reporting privileges management [CVE-2019-1315]medium8.5---
143079Microsoft Windows Security Feature improper authentication [CVE-2019-1314]medium4.4---
143078Microsoft SQL Server Management Studio Permission permission assignmentlow3.5---
143077Microsoft Windows Imaging API memory corruption [CVE-2019-1311]medium6.8---
143076Microsoft Windows Hyper-V input validation [CVE-2019-1230]low2.8---
143075Microsoft Windows NTLM MIC improper authentication [CVE-2019-1166]medium5.1---
143074Microsoft SharePoint Foundation/SharePoint Enterprise Server cross site scriptinglow3.5---
143073Microsoft Edge HTTP Content authentication spoofing [CVE-2019-0608]medium6.8---
143072Microsoft Internet Explorer HTTP Content authentication spoofingmedium6.8---
143071Microsoft Windows MS XML xml external entity reference [CVE-2019-1060]medium9.3---
143070Microsoft Azure App Service Sandbox memory corruption [CVE-2019-1372]high9.3---
143069Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruptionmedium6.8---
143068Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruptionmedium6.8---
143067Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruptionmedium6.8---
143066Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruptionmedium6.8---
143065Microsoft Internet Explorer VBScript memory corruption [CVE-2019-1239]medium6.8---
143064Microsoft Internet Explorer VBScript memory corruption [CVE-2019-1238]medium6.8---
143063Microsoft Windows Remote Desktop input validation [CVE-2019-1333]medium6.8---
143062Dell Encryption Enterprise Installer untrusted search path [CVE-2019-3745]medium4.1---
143061SuSE Linux Enterprise Server 15 Squid Binary pinger default permissionmedium4.6---
143060Xen Linux Kernel balloon.c resource consumptionlow2.1---
143059Xen infinite loop [CVE-2019-17350]low2.1---
143058Xen infinite loop [CVE-2019-17349]low2.1---
143057Xen PCID input validation [CVE-2019-17348]low2.1---
143056Xen input validation [CVE-2019-17347]medium4.6---
143055Xen PCID input validation [CVE-2019-17346]medium4.6---
143054Xen IOMMU Operation input validation [CVE-2019-17345]low2.1---
143053Xen PTE Update input validation [CVE-2019-17344]low2.1---
143052Xen HVM input validation [CVE-2019-17343]medium4.6---
143051Xen race condition [CVE-2019-17342]medium4.4---
143050Xen PCI race condition [CVE-2019-17341]medium4.4---
143049Xen grant-table Transfer input validation [CVE-2019-17340]medium4.6---
143048SugarCRM Emails sql injection [CVE-2019-17319]medium6.0---
143047SugarCRM pmse_Inbox sql injection [CVE-2019-17318]medium6.0---
143046SugarCRM UpgradeWizard input validation [CVE-2019-17317]medium6.5---
143045SugarCRM Import input validation [CVE-2019-17316]medium6.5---
143044SugarCRM Administration input validation [CVE-2019-17315]medium6.5---
143043SugarCRM Configurator path traversal [CVE-2019-17314]medium6.5---
143042SugarCRM Studio path traversal [CVE-2019-17313]medium6.5---
143041SugarCRM File path traversal [CVE-2019-17312]medium6.5---
143040SugarCRM Attachment path traversal [CVE-2019-17311]medium6.5---
143039SugarCRM Campaigns input validation [CVE-2019-17310]medium6.5---
143038SugarCRM EmailMan input validation [CVE-2019-17309]medium6.5---
143037SugarCRM Emails input validation [CVE-2019-17308]medium6.5---
143036SugarCRM Tracker input validation [CVE-2019-17307]medium6.5---
143035SugarCRM Configurator input validation [CVE-2019-17306]medium6.5---
143034SugarCRM MergeRecords input validation [CVE-2019-17305]medium6.5---
143033SugarCRM MergeRecords input validation [CVE-2019-17304]medium6.5---
143032SugarCRM MergeRecords input validation [CVE-2019-17303]medium6.5---
143031SugarCRM ModuleBuilder input validation [CVE-2019-17302]medium6.5---
143030SugarCRM ModuleBuilder input validation [CVE-2019-17301]medium6.5---
143029SugarCRM Administration input validation [CVE-2019-17300]medium6.5---
143028SugarCRM Administration input validation [CVE-2019-17299]medium6.5---
143027SugarCRM Administration sql injection [CVE-2019-17298]medium6.0---
143026SugarCRM Quotes sql injection [CVE-2019-17297]medium6.0---
143025SugarCRM Contacts sql injection [CVE-2019-17296]medium6.0---
143024SugarCRM History sql injection [CVE-2019-17295]medium6.0---
143023SugarCRM Export sql injection [CVE-2019-17294]medium6.0---
143022SugarCRM pmse_Project sql injection [CVE-2019-17293]medium6.0---
143021SugarCRM pmse_Inbox sql injection [CVE-2019-17292]medium6.0---
143020download-plugins-dashboard plugin class-alg-download-plugins-settings.php Stored cross site scriptinglow4.3---
143019ultimate-faqs Plugin EWD_UFAQ_Import.php injectionlow4.3---
143018ultimate-faqs Plugin Option Import EWD_UFAQ_Import.php input validationmedium5.0---
143017rsyslog Cisco Log Message pmcisconames.c buffer overflowmedium6.8---
143016rsyslog AIX Log Message pmaixforwardedfrom.c buffer overflowmedium6.8---
143015PCProtect Antivirus Folder Permission privileges managementmedium6.6---
143014Twitter Kit Framework Hostname Verification certificate validationmedium5.1---
143013Espressif ESP-IDF Secure Boot injection [CVE-2019-15894]medium4.6---
143012Sitos Six SCORM File unrestricted upload [CVE-2019-15751]medium6.8---
143011Sitos Six Blog cross site scripting [CVE-2019-15750]low4.3---
143010Sitos Six Password Reset password recovery [CVE-2019-15749]medium6.8---
143009Sitos Six Import unrestricted upload [CVE-2019-15748]medium7.5---
143008Sitos Six privileges management [CVE-2019-15747]medium6.5---
143007Sitos Six injection [CVE-2019-15746]medium7.5---
143006Amazon FreeRTOS MQTT Packet prvProcessReceivedPublish input validationlow5.0---
143005MyBuilder Viewer Configuration File input validation [CVE-2019-12812]medium7.5---
143004MyBuilder ActiveX Control ShellOpen os command injectionmedium7.5---
143003Elementor Pro Plugin customize.php elementor-edit-template cross site scriptinglow4.3---
143002orbisius-child-theme-creator Plugin Access Control permission assignmentmedium6.5---
143001buddypress-activity-plus Plugin admin-ajax.php cross-site request forgerylow4.3---
143000smooth-slider Plugin sql injection [CVE-2015-9454]medium6.0---
142999broken-link-manager Plugin HTTP Header cross site scripting [CVE-2015-9453]low4.3---
142998nex-forms-express-wp-form-builder Plugin sql injection [CVE-2015-9452]medium6.8---
142997plugmatter-optin-feature-box-lite Plugin sql injection [CVE-2015-9451]medium6.8---
142996plugmatter-optin-feature-box-lite Plugin sql injection [CVE-2015-9450]medium6.8---
142995LibTomCrypt UTF-8 der_decode_utf8_string.c der_decode_utf8_string out-of-bounds readmedium6.8---
142992DameWare Remote Support memory corruptionmedium4.1---
142991Google Android Binder Driver binder_poll use after freemedium4.4---
142990Intellian Remote Access Ping Test os command injection [CVE-2019-17269]medium7.5---
142989FasterXML jackson-databind input validation [CVE-2019-17267]high7.5---
142988libsoup NTLM Message soup-auth-ntlm.c soup_ntlm_parse_challenge out-of-bounds readmedium6.8---
142987libyal liblnk liblnk_location_information.c liblnk_location_information_read_data out-of-bounds readmedium4.4---
142986libyal libfwsi libfwsi_extension_block.c libfwsi_extension_block_copy_from_byte_stream out-of-bounds readmedium4.4---
142985Bludit Brute-Force Protection security.class.php excessive authenticationlow4.3---
142984CMS Made Simple Module Manager cross site scripting [CVE-2019-17226]low3.5---
142983Subrion CMS cross site scripting [CVE-2019-17225]low3.5---
142982WebARX Plugin URI authorization [CVE-2019-17214]medium7.5---
142981WebARX Plugin Stored cross site scripting [CVE-2019-17213]low4.3---
142980Frost Ming rediswrapper Pickled Object models.py deserializationmedium7.5---
142979TeamPass Login Stored cross site scriptinglow4.3---
142978TeamPass Knowledge Base Label Stored cross site scriptinglow3.5---
142977TeamPass Search Page Stored cross site scriptinglow3.5---
142976WPO webpagetest getfile.php path traversalmedium7.5---
142975OpenEMR Lifestyle Demographic Filter clinical_rules.php sql injectionmedium6.8---
142973Foxit PhantomPDF AcroForm removeField use after freemedium6.8---
142972Foxit Reader AcroForm exportValues use after freemedium6.8---
142971Foxit Reader AcroForm deleteItemAt use after freemedium6.8---
142970Zendesk FON2601E-SE DNS Amplification input validationlow5.0---
142969IBM Security Key Lifecycle Manager Web UI cross site scriptinglow4.3---
142968IBM Security Key Lifecycle Manager authorization [CVE-2019-4514]low5.0---
142967IBM MQ AMQP Listener session fixiation [CVE-2019-4227]medium7.5---
142966Signal Messenger WebRTC input validation [CVE-2019-17192] [Disputed]low5.0---
142965Signal Messenger Call input validation [CVE-2019-17191]medium6.8---
142964Fecshop FecMall File Upload imageupload getimagesize unrestricted uploadmedium6.5---
142963Xerox AtlaLink C8070 privileges management [CVE-2019-17184]medium7.5---
142962Foxit Reader release of resource [CVE-2019-17183]low5.0---
142961Valve Steam Client Filesystem path traversal [CVE-2019-17180]medium4.6---
142960OpenEMR add_template.php cross site scriptinglow4.3---
142959LodePNG WinPR lodepng.c HuffmanTree_makeFromFrequencies release of resourcelow5.0---
142958FreeRDP region.c release of resourcelow5.0---
142957joyplus-cms admin_pic.php path traversalmedium7.5---
142956Linux Kernel SSID wext-sme.c cfg80211_mgd_wext_giwessid buffer overflowmedium6.8---
142955vBulletin Avatar input validation [CVE-2019-17132]medium6.8---
142954vBulletin improper restriction of rendered ui layers [CVE-2019-17131]medium6.8---
142953vBulletin URL vurl.php file accessmedium6.4---
142952Liferay Portal CE JSON Payload deserialization [CVE-2019-16891]medium6.5---
142951Pillow Image File allocation of resources [CVE-2019-16865]low4.3---
142950Foxit Reader AcroForm use after free [CVE-2019-13320]medium6.8---
142949Foxit Reader XFA Form use after free [CVE-2019-13319]medium6.8---
142948Foxit Reader format string [CVE-2019-13318]medium6.8---
142947Foxit PhantomPDF Calculate Action use after free [CVE-2019-13317]medium6.8---
142946Foxit PhantomPDF Calculate Action use after free [CVE-2019-13316]medium6.8---
142945Foxit Reader removeField use after freemedium6.8---
142944Micro Focus Arcsight Logger Stored cross site scripting [CVE-2019-11656]low3.5---
142943Micro Focus Arcsight Logger File Upload unrestricted upload [CVE-2019-11655]medium6.5---
142942Apache Hadoop fsimage memory corruption [CVE-2018-11768]medium5.0---
142941REDCap cross site scripting [CVE-2019-17121]low3.5---
142940libopenmpt libopenmpt_modplug.c ModPlug_SampleName buffer overflowmedium6.8---
142939kube-state-metrics Metric information disclosure [CVE-2019-17110]low4.3---
142938Visualizer Plugin Admin Dashboard Block.php Stored cross site scriptinglow4.3---
142937Unbound NOTIFY Query memory corruption [CVE-2019-16866]low5.0---
142936RPyC Remote Procedure Call authorization [CVE-2019-16328]medium7.5---
142935KSLabs KSWEB path traversal [CVE-2019-16198]medium6.5---
142934KSLabs KSWEB Ajax code injection [CVE-2019-15766]medium6.5---
142933tcpdump print-lmp.c lmp_print_data_link_subobjs input validationmedium6.8---
142932libpcap PHB Header sf-pcapng.c input validationmedium6.8---
142931libpcap URL daemon.c server-side request forgerymedium7.5---
142930libpcap daemon.c crypt null pointer dereferencelow5.0---
142929libpcap daemon.c Username insufficient verification of data authenticitylow5.0---
142928libpcap daemon.c input validationmedium6.8---
142927Foxit Reader XFA Form use after free [CVE-2019-13332]medium6.8---
142926Foxit Reader JPG File out-of-bounds read [CVE-2019-13331]medium6.8---
142925Foxit Reader JPG File type confusion [CVE-2019-13330]medium6.8---
142924Foxit Reader tif File type confusion [CVE-2019-13329]medium6.8---
142923Foxit Reader Acroform Object use after free [CVE-2019-13328]medium6.8---
142922Foxit Reader Acroform Object use after free [CVE-2019-13327]medium6.8---
142921Foxit Reader Acroform Object out-of-bounds read [CVE-2019-13326]medium6.8---
142920Foxit Studio Photo EPS File out-of-bounds read [CVE-2019-13325]medium6.8---
142919Foxit Studio Photo TIFF File out-of-bounds read [CVE-2019-13324]medium6.8---
142918Foxit Studio Photo tif File out-of-bounds write [CVE-2019-13323]medium6.8---
142917libpl_droidsonroids_gif decoding.c DDGifSlurp double freemedium6.8---
142916tcpdump SMB Parser smbutil.c smb_fdata recursionlow5.0---
142915tcpdump SMB Parser print-smb.c print_trans out-of-bounds readmedium6.8---
142914libpcap pcapng buffer overflow [CVE-2018-16301]medium6.8---
142913tcpdump BGP Parser print-bgp.c bgp_attr_print recursionlow5.0---
142912tcpdump BGP Parser print-bgp.c bgp_attr_print out-of-bounds readmedium6.8---
142911tcpdump DCCP Parser print-dccp.c dccp_print_option out-of-bounds readmedium6.8---
142910tcpdump HNCP Parser print-hncp.c print_prefix out-of-bounds readmedium6.8---
142909tcpdump IEEE 802.11 Parser print-802_11.c out-of-bounds readmedium6.8---
142908tcpdump ICMPv6 Parser print-icmp6.c out-of-bounds readmedium6.8---
142907tcpdump BGP Parser print-bgp.c bgp_capabilities_print out-of-bounds readmedium6.8---
142906tcpdump OSPFv3 Parser print-ospf6.c ospf6_print_lshdr out-of-bounds readmedium7.5---
142905LINE tcpdump CLI Parser tcpdump.c get_next_file buffer overflowmedium6.8---
142904tcpdump print-babel.c babel_print_v2 out-of-bounds readmedium6.8---
142903tcpdump IKEv1 Parser print-isakmp.c ikev1_n_print out-of-bounds readmedium6.8---
142902tcpdump FRF.16 Parser print-fr.c mfr_print out-of-bounds readmedium6.8---
142901tcpdump BGP Parser print-bgp.c bgp_capabilities_print out-of-bounds readmedium6.8---
142900tcpdump Rx Parser print-rx.c rx_cache_find out-of-bounds readmedium6.8---
142899tcpdump RSVP Parser print-rsvp.c rsvp_obj_print out-of-bounds readmedium6.8---
142898tcpdump LMP Parser print-lmp.c lmp_print_data_link_subobjs out-of-bounds readmedium6.8---
142897tcpdump print-vrrp.c vrrp_print out-of-bounds readmedium6.8---
142896tcpdump ICMP Parser print-icmp.c icmp_print out-of-bounds readmedium6.8---
142895tcpdump LDP Parser print-ldp.c ldp_tlv_print out-of-bounds readmedium6.8---
142894tcpdump SMB Data input validation [CVE-2018-10105]medium7.5---
142893tcpdump SMB Data input validation [CVE-2018-10103]medium7.5---
142892IBM WebSphere Application Server Stack Trace information exposurelow5.0---
142891IBM Security Guardium improper authentication [CVE-2019-4422]medium6.5---
142890Red Hat JBoss Operations Network Remote Code Execution [CVE-2019-3834]medium5.1---
142889Athena SCS Smartcard ECDSA Key Generation race condition [CVE-2019-15809]low1.0---
142888MatrixSSL ECDSA Signature ecc_math.c risky encryptionlow1.0---
142887wolfSSL/wolfCrypt ECDSA Signature ecc.c information exposurelow1.0---
142886Cisco Unified Communications Manager Web-based Interface cross-site request forgerylow4.3---
142885JetBrains ReSharper Installer DLL untrusted search path [CVE-2019-16407]low4.1---
142884JetBrains YouTrack Issue Page Stored cross site scriptinglow4.3---
142883Cisco Unified Communications Manager Web-based Interface request smugglingmedium6.8---
142882Cisco Unified Contact Center Express Web Server input validationmedium6.8---
142881Cisco ASA/Firepower Threat Defense IKEv1 resource consumptionlow4.3---
142880JetBrains YouTrack Settings Page cross-site request forgery [CVE-2019-15040]low4.3---
142879JetBrains TeamCity Settings Page cross site scripting [CVE-2019-15037]low4.3---
142878JetBrains TeamCity os command injection [CVE-2019-15036]medium6.5---
142877JetBrains ToolBox URL missing encryption [CVE-2019-14959]medium5.1---
142876JetBrains PyCharm Connection resource consumption [CVE-2019-14958]medium6.8---
142875JetBrains YouTrack Permission permissions [CVE-2019-14956]medium6.0---
142874Umbraco GetInpectSearch sql injectionmedium6.8---
142873JetBrains Ktor Framework UserHashedTableAuth unknown vulnerabilitymedium7.5---
142872JetBrains Ktor Framework LDAP input validation [CVE-2019-12736]medium7.5---
142871Cisco Unified Communications Manager Web-based Interface cross site scriptinglow4.3---
142870Cisco Unified Communications Manager Web-based Interface cross site scriptinglow4.3---
142869Cisco IC3000 Industrial Compute Gateway Web-based Management Interface resource consumptionlow3.5---
142868Cisco Prime Infrastructure Web-based Management Interface cross site scriptinglow4.3---
142867Cisco Prime Infrastructure Web-based Management Interface cross site scriptinglow4.3---
142866Cisco Unified Communications Manager Web-based Interface xml external entity referencemedium6.8---
142865Cisco Unified Communications Manager Web-based Interface sql injectionmedium6.0---
142864Cisco Unified Communications Web-based Interface cross site scriptinglow4.3---
142863Cisco Email Security Appliance Sender Policy Framework input validationmedium6.8---
142862Cisco FirePOWER Management Center Malware Inspection input validationmedium6.8---
142861Cisco Firepower Threat Defense Pluggable Authentication resource consumptionlow3.5---
142860Cisco FXOS/Firepower Threat Defense input validation [CVE-2019-12699]medium6.6---
142859Cisco ASA/Firepower Threat Defense WebVPN resource consumptionlow4.3---
142858Cisco Firepower System Software Detection Engine input validationmedium6.8---
142857Cisco Firepower System Software Detection Engine input validationmedium6.8---
142856Cisco ASA/Firepower Threat Defense WebVPN Portal cross site scriptinglow4.3---
142855Cisco Firepower Threat Defense Command Line Interface input validationmedium6.6---
142854Cisco ASA scp type conversion [CVE-2019-12693]low3.5---
142853Cisco FirePOWER Management Center Web-based Management Interface path traversalmedium6.0---
142852Cisco FirePOWER Management Center Web UI os command injectionmedium8.5---
142851Cisco FirePOWER Management Center Web-based Management Interface input validationmedium6.0---
142850Cisco FirePOWER Management Center Web UI memory corruption [CVE-2019-12688]medium6.0---
142849Cisco FirePOWER Management Center Web UI memory corruption [CVE-2019-12687]medium6.0---
142848Cisco FirePOWER Management Center Web-based Management Interface sql injectionmedium6.0---
142847Cisco FirePOWER Management Center Web-based Management Interface sql injectionmedium6.0---
142846Cisco FirePOWER Management Center Web-based Management Interface sql injectionmedium6.0---
142845Cisco FirePOWER Management Center Web-based Management Interface sql injectionmedium6.0---
142844Cisco FirePOWER Management Center Web-based Management Interface sql injectionmedium6.0---
142843Cisco FirePOWER Management Center Web-based Management Interface sql injectionmedium6.0---
142842Cisco FirePOWER Management Center Web-based Management Interface sql injectionmedium6.0---
142841Cisco FirePOWER Management Center Web-based Management Interface sql injectionmedium6.0---
142840Cisco ASA/Firepower Threat Defense Session Initiation Protocol integer underflowlow4.3---
142839Cisco ASA SSL VPN exceptional condition [CVE-2019-12677]low3.5---
142838Cisco ASA/Firepower Threat Defense OSPF input validation [CVE-2019-12676]low2.9---
142837Cisco Firepower Threat Defense Container escape output [CVE-2019-12675]medium4.1---
142836Cisco Firepower Threat Defense Container escape output [CVE-2019-12674]medium4.1---
142835Cisco ASA/Firepower Threat Defense FTP Inspection Engine input validationlow4.3---
142834Cisco Identity Services Engine Web-based Management Interface cross site scriptinglow4.3---
142833Cisco Security Manager Java Deserialization deserialization [CVE-2019-12630]medium6.8---
142832JetBrains TeamCity injection [CVE-2019-12157]medium7.5---
142831JetBrains TeamCity Error Message information exposure [CVE-2019-12156]low5.0---
142830HHVM Number memory corruption [CVE-2019-11929]medium6.8---
142829Micro Focus Enterprise Developer/Enterprise Server Reflected cross site scriptinglow4.3---
142828Undertow Debug Log Credentials log filelow4.3---
142827Check Point R80.30 Security Gateway Configuration exceptional conditionlow2.6---
142826Foxit PDF Reader Javascript Engine exceptional condition [CVE-2019-5031]medium6.8---
142825IBM Security Directory Server insecure storage of sensitive informationlow5.0---
142824IBM Security Directory Server Web UI cross site scripting [CVE-2019-4542]low4.3---
142823IBM Security Directory Server XML Data xml injection [CVE-2019-4539]medium6.5---
142822IBM Security Directory Server redirect [CVE-2019-4538]low6.8---
142821IBM Security Directory Server Lockout excessive authenticationlow2.6---
142820Eclipse Mojarra Client Window Field PartialViewContextImpl.java Reflected cross site scriptinglow4.3---
142819mintinstall deserialization [CVE-2019-17080]medium6.8---
142818EnterpriseDT CompleteFTP Server Bootstrap.log Credentials log filelow3.5---
142817SalesAgility SuiteCRM privileges management [CVE-2019-14454]medium7.5---
142816CA Network Flow Analysis hard-coded credentials [CVE-2019-13658]medium7.5---
142815Butor Portal wl path traversalmedium4.3---
142814SalesAgility SuiteCRM server-side request forgery [CVE-2019-13335]medium7.5---
142813Compal CH7465LG Access Control input validation [CVE-2019-13025]medium7.5---
142812Online Store delete_product.php missing authenticationmedium5.8---
142811Online Store delete_file.php path traversalmedium6.4---
142810Online Store Registration Form sent_register.php cross site scriptinglow4.3---
142809Online Store user_view.php Stored cross site scriptinglow3.5---
142808Online Store user_view.php Stored cross site scriptinglow3.5---
142807Elastic Code Repository Import permission assignment [CVE-2019-7618]low3.5---
142806Linux Kernel cxgb4 Driver mem.c write_tpt_entry memory corruptionlow4.3---
142805XunRuiCMS Stored cross site scripting [CVE-2019-17074]low3.5---
142804emlog path traversal [CVE-2019-17073]low4.9---
142803JetBrains YouTrack Whitelist redirect [CVE-2019-15041]medium6.8---
142802JetBrains TeamCity information disclosure [CVE-2019-15035]medium6.0---
142801Apache MINA TLS Message cleartext transmission [CVE-2019-0231]medium7.5---
142800IBM Jazz Reporting Service Web UI cross site scripting [CVE-2019-4497]low3.5---
142799IBM Jazz Reporting Service Web UI cross site scripting [CVE-2019-4495]low3.5---
142798IBM Jazz Reporting Service Web UI cross site scripting [CVE-2019-4494]low3.5---
142797IBM Daeja ViewONE Virtual information disclosure [CVE-2019-4246]low5.0---
142796PuTTY SSH-1 input validation [CVE-2019-17069]low4.3---
142795PuTTY Protection Mechanism Clipboard injectionmedium6.8---
142794PuTTY Port-Forwarding allocation of resources [CVE-2019-17067]medium4.1---
142793Xpdf Catalog.cc Catalog.pageLabels null pointer dereferencelow4.3---
142792Snowtide PDFxStream Page-Tree input validation [CVE-2019-17063]low4.3---
142791Linux Kernel AF_NFC Network Module llcp_sock.c llcp_sock_create default permissionmedium4.1---
142790Linux Kernel AF_ISDN Network Module socket.c base_sock_create input validationmedium4.1---
142789Linux Kernel AF_APPLETALK Network Module ddp.c atalk_create default permissionmedium4.1---
142788Linux Kernel AF_IEEE802154 Network Module socket.c ieee802154_create default permissionmedium4.1---
142787Linux Kernel AF_AX25 Network Module af_ax25.c ax25_create default permissionmedium4.1---
142786FasterXML jackson-databind JSON Endpoint input validation [CVE-2019-16943]medium6.8---
142785FasterXML jackson-databind RMI Endpoint input validation [CVE-2019-16942]medium6.8---
142784Google Chrome OS Imagination Technologies Driver card1 PVRSRVBridgeSyncPrimOpCreate integer overflowmedium6.8---
142783Victure PC530 Telnet Service missing authentication [CVE-2019-15940]high9.3---
142782JetBrains TeamCity SSL Certificate certificate validation [CVE-2019-15042]medium5.1---
142781JetBrains TeamCity input validation [CVE-2019-15039]medium6.8---
142780JetBrains TeamCity HTTP Header input validation [CVE-2019-15038]low5.1---
142779JetBrains Upsource Code Block Comment cross site scripting [CVE-2019-14961]low4.3---
142778JetBrains Rider JetBrains.Rider.Unity.Editor.Plugin.Repacked.dll untrusted search pathmedium4.6---
142777JetBrains VIM Plugin Project File vim_settings.xml insecure storage of sensitive informationlow4.3---
142776JetBrains Hub Password Expiration Policy password recovery [CVE-2019-14955]low2.6---
142775JetBrains IntelliJ IDEA Markdown missing encryption [CVE-2019-14954]low5.1---
142774JetBrains YouTrack Attachment cross site scripting [CVE-2019-14953]low4.3---
142773JetBrains YouTrack Issue Title cross site scripting [CVE-2019-14952]low4.3---
142772Pivotal Application Manager CSV permission assignment [CVE-2019-11275]medium6.0---
142771SourceGear Vault Plugin Configuration Form Credentials cleartext transmissionlow2.6---
142770LDAP Email Plugin Configuration Form Credentials cleartext transmissionlow2.6---
142769Dingding Plugin Job Configuration config.xml cleartext storagelow1.9---
142768HTML Publisher Plugin Project Name cross site scripting [CVE-2019-10432]low3.5---
142767Script Security Plugin Sandbox code injection [CVE-2019-10431]medium6.0---
142766Codehaus deserialization [CVE-2019-10202]medium6.8---
142765IBM Sterling File Gateway URL path traversal [CVE-2019-4423]medium7.5---
142764IBM WebSphere Application Server Liberty Cookie cookie validationlow5.0---
142763IBM WebSphere Application Server Liberty Session session fixiationmedium6.5---
142762IBM Sterling File Gateway information disclosure [CVE-2019-4280]low5.0---
142761IBM WebSphere eXtreme Scale Admin API cross site scripting [CVE-2019-4115]low3.5---
142760IBM WebSphere eXtreme Scale Admin Console Stored information disclosurelow1.5---
142759IBM WebSphere eXtreme Scale Admin Console improper restriction of rendered ui layersmedium6.8---
142758IBM WebSphere eXtreme Scale Admin Console cross site scriptinglow3.5---
142757RSA BSAFE Crypto-C Micro Edition information disclosure [CVE-2019-3733]low2.1---
142756RSA BSAFE Crypto-C Micro Edition information exposure [CVE-2019-3732]low5.0---
142755RSA BSAFE Crypto-C Micro Edition information exposure [CVE-2019-3731]low5.0---
142754RSA BSAFE Micro Edition Suite Error Message information exposurelow5.0---
142753RSA BSAFE Micro Edition Suite ECDSA Signature buffer overflowmedium4.9---
142752RSA BSAFE Micro Edition Suite DSA Signature out-of-bounds readmedium6.8---
142751Qualcomm Snapdragon Auto Audio Buffer buffer overflow [CVE-2019-2341]medium4.4---
142750Qualcomm Snapdragon Auto IPA Driver buffer overflow [CVE-2019-2333]medium4.4---
142749Qualcomm Snapdragon Auto Heap Guard random values [CVE-2019-2294]medium6.8---
142748Qualcomm Snapdragon Compute Camera use after free [CVE-2019-2284]medium4.4---
142747Qualcomm Snapdragon Auto Video buffer overflow [CVE-2019-2252]medium6.8---
142746Evernote Attachment File input validation [CVE-2019-17051]medium6.8---
142745Voyager Package authorization [CVE-2019-17050]medium6.0---
142744Netgear SRX5308 sql injection [CVE-2019-17049]medium6.8---
142743Visualizer Plugin upload-data server-side request forgerymedium6.8---
142742Rust Cargo code download [CVE-2019-16760]medium6.8---
142741Xoops image-manager cross site scripting [CVE-2019-16684]low3.5---
142740Xoops image-manager cross site scripting [CVE-2019-16683]low3.5---
142739Google Go request smuggling [CVE-2019-16276]medium6.8---
142738Netdisco Search Reflected cross site scriptinglow4.3---
142737Western Digital SSD Dashboard/SanDisk SSD Dashboard Web Service input validationmedium5.1---
142736Western Digital SSD Dashboard/SanDisk SSD Dashboard Access Control information disclosurelow4.3---
142735Foxit Reader Javascript Engine recursion [CVE-2019-13124]low4.3---
142734Foxit Reader Javascript Engine recursion [CVE-2019-13123]low4.3---
142733Qualcomm Snapdragon Auto WLAN NAN buffer overflow [CVE-2019-10540]medium6.8---
142732Qualcomm Snapdragon Auto IE Header buffer overflow [CVE-2019-10539]medium6.8---
142731Qualcomm Snapdragon Auto HLOS input validation [CVE-2019-10538]high10.0---
142730Qualcomm Snapdragon Auto BT null pointer dereference [CVE-2019-10510]low5.0---
142729Qualcomm Snapdragon Auto ACL Disconnect use after free [CVE-2019-10509]medium6.8---
142728Qualcomm Snapdragon Auto WLAN buffer overflow [CVE-2019-10508]medium4.4---
142727Qualcomm Snapdragon Auto Extscan Scan Result out-of-bounds readmedium4.4---
142726Qualcomm Snapdragon Auto Vendor Command input validation [CVE-2019-10506]medium4.6---
142725Qualcomm Snapdragon Auto Volume Listener Library use after freemedium4.4---
142724Qualcomm Snapdragon Mobile FIFO array index [CVE-2019-10499]medium4.4---
142723Qualcomm Snapdragon Auto buffer overflow [CVE-2019-10498]medium4.4---
142722Qualcomm Snapdragon Auto use after free [CVE-2019-10497]medium4.4---
142721Qualcomm Snapdragon Auto Boot Image risky encryption [CVE-2019-10492]medium4.6---
142720Qualcomm Snapdragon Auto AVI Clip null pointer dereference [CVE-2019-10489]low5.0---
142719Ilch index unrestricted uploadmedium6.5---
142718Ilch Jobs Tab Stored cross site scriptinglow3.5---
142717rsyslog pmdb2diag.c out-of-bounds readmedium6.8---
142716CloudBoot getNumByStatus sql injectionmedium6.8---
142715MetInfo language_general.class.php sql injectionmedium6.0---
142714MetInfo product_admin.class.php sql injectionmedium6.0---
142713Linux Kernel hsr_device.c hsr_dev_finalize release of resourcelow5.0---
142712Linux Kernel sit.c sit_init_net release of resourcelow5.0---
142711phpBB BBcode Page acp_bbcodes.php cross-site request forgerylow4.3---
142709eBrigade evenement_choice.php sql injectionmedium6.0---
142708eBrigade evenements.php sql injectionmedium6.0---
142707eBrigade evenement_ical.php sql injectionmedium6.0---
142706Plataformatec Simple Form Access Control form_builder.rb file_method input validationmedium7.5---
142705GFI Kerio Control Login Page DOM-Based cross site scriptingmedium4.3---
142704SalesAgility SuiteCRM cross site scripting [CVE-2019-14752]low4.3---
142703CDG path traversal [CVE-2017-18636]medium7.5---
142702Apple iPhone UBS checkm8 privileges managementmedium6.6---
142701Keybase App Private Key signature verification [CVE-2019-16992]medium5.0---
142700Apple iOS/iPadOS Sandbox exposure of resource [CVE-2019-8779]medium4.1---
142699NSA Ghidra Experimental Mode FileBitPatternInfoReader.java xml injectionmedium6.8---
142698Zcash Zcashd IP Address exceptional conditionlow5.0---
142697Dell EMC ECS Authentication Brute Force excessive authenticationlow5.1---
142696Dell EMC Integrated Data Protection Appliance ACM Stored cross site scriptinglow3.5---
142695Dell EMC Integrated Data Protection Appliance ACM API excessive authenticationmedium6.0---
142694Dell EMC Integrated Data Protection Appliance ACM Credentials insufficiently protected credentialsmedium4.6---
142693Python XML-RPC Server DocXMLRPCServer.py server_title cross site scriptinglow4.3---
142692Exim EHLO Command string.c string_vformat buffer overflowmedium6.8---
142691Xpdf TextOutputDev.cc findGaps out-of-bounds writemedium6.8---
142690Flower Worker Name cross site scripting [CVE-2019-16926]low4.3---
142689Flower cross site scripting [CVE-2019-16925]low4.3---
142688Dolibarr Email Template mails_templates.php Stored cross site scriptinglow3.5---
142687Dolibarr User Profile card.php Stored cross site scriptinglow3.5---
IDTitleVulDBCVSSSecuniaXForceNessus
142686Dolibarr User Note note.php Stored cross site scriptinglow3.5---
142685Dolibarr User Group Description card.php Stored cross site scriptinglow3.5---
142684Facebook WhatsApp Media Parsing Library out-of-bounds write [CVE-2019-11927]medium6.8---
142683LibreOffice Macro escape output [CVE-2019-9853]medium6.8---
142682Google Android Platform privileges management [CVE-2019-9463]medium4.1---
142681Google Android Bluetooth out-of-bounds read [CVE-2019-9462]low4.3---
142680Google Android Mediaserver out-of-bounds write [CVE-2019-9460]medium4.1---
142679Google Android libttspico buffer overflow [CVE-2019-9459]medium6.8---
142678Google Android AOSP Email external reference [CVE-2019-9440]low1.5---
142677Google Android Package Manager Service external reference [CVE-2019-9438]low1.5---
142676Google Android Bluetooth out-of-bounds read [CVE-2019-9435]low1.5---
142675Google Android Bluetooth out-of-bounds read [CVE-2019-9434]low4.3---
142674Google Android libvpx input validation [CVE-2019-9433]low4.3---
142673Google Android Bluetooth out-of-bounds read [CVE-2019-9432]low4.3---
142672Google Android Bluetooth use after free [CVE-2019-9431]low4.3---
142671Google Android Bluetooth null pointer dereference [CVE-2019-9430]low4.3---
142670Google Android profman out-of-bounds write [CVE-2019-9429]medium4.1---
142669Google Android Framework information disclosure [CVE-2019-9428]low4.3---
142668Google Android Bluetooth use after free [CVE-2019-9427]low1.5---
142667Google Android Bluetooth out-of-bounds read [CVE-2019-9425]low4.3---
142666Google Android Screen Lock information disclosure [CVE-2019-9424]low1.9---
142665Google Android opencv out-of-bounds write [CVE-2019-9423]medium4.1---
142664Google Android Bluetooth out-of-bounds read [CVE-2019-9422]low4.3---
142663Google Android libandroidfw out-of-bounds read [CVE-2019-9421]medium4.1---
142662Google Android libhevc integer overflow [CVE-2019-9420]medium6.8---
142661Google Android Bluetooth out-of-bounds read [CVE-2019-9419]low4.3---
142660Google Android libstagefright resource consumption [CVE-2019-9418]low4.3---
142659Google Android Bluetooth out-of-bounds read [CVE-2019-9417]low1.5---
142658Google Android libstagefright use of uninitialized resource [CVE-2019-9416]low4.3---
142657Google Android libstagefright use of uninitialized resource [CVE-2019-9415]low4.3---
142656Google Android wpa_supplicant input validation [CVE-2019-9414]low4.3---
142655Google Android Bluetooth out-of-bounds read [CVE-2019-9413]low4.3---
142654Google Android libSBRdec out-of-bounds read [CVE-2019-9412]low4.3---
142653Google Android libavc use of uninitialized resource [CVE-2019-9411]low4.3---
142652Google Android libavc use of uninitialized resource [CVE-2019-9410]low4.3---
142651Google Android libhevc use of uninitialized resource [CVE-2019-9409]low4.3---
142650Google Android libavc use of uninitialized resource [CVE-2019-9408]low4.3---
142649Google Android Service Manager permission assignment [CVE-2019-9407]medium4.1---
142648Google Android libhevc use of uninitialized resource [CVE-2019-9406]low4.3---
142647Google Android libAACdec integer overflow [CVE-2019-9405]medium6.8---
142646Google Android Bluetooth input validation [CVE-2019-9404]low4.3---
142645Google Android cn-cbor out-of-bounds read [CVE-2019-9403]low4.3---
142644Google Android Bluetooth memory corruption [CVE-2019-9402]low4.3---
142643Google Android Bluetooth input validation [CVE-2019-9401]low4.3---
142642Google Android Bluetooth null pointer dereference [CVE-2019-9400]low4.3---
142641Google Android Print Service inadequate encryption [CVE-2019-9399]low2.6---
142640Google Android Bluetooth input validation [CVE-2019-9398]low4.3---
142639Google Android Bluetooth input validation [CVE-2019-9397]low4.3---
142638Google Android Bluetooth input validation [CVE-2019-9396]low4.3---
142637Google Android Bluetooth input validation [CVE-2019-9395]low4.3---
142636Google Android Bluetooth input validation [CVE-2019-9394]low4.3---
142635Google Android Bluetooth input validation [CVE-2019-9393]low4.3---
142634Google Android libxaac use of uninitialized resource [CVE-2019-9391]low4.3---
142633Google Android Bluetooth out-of-bounds read [CVE-2019-9390]low4.3---
142632Google Android Bluetooth out-of-bounds read [CVE-2019-9389]low4.3---
142631Google Android Bluetooth Service out-of-bounds read [CVE-2019-9388]low4.3---
142630Google Android Bluetooth out-of-bounds read [CVE-2019-9387]low4.3---
142629Google Android NFC Server out-of-bounds write [CVE-2019-9386]medium4.1---
142628Google Android libxaac out-of-bounds read [CVE-2019-9385]low4.3---
142627Google Android LockPatternUtils permission assignment [CVE-2019-9384]medium4.1---
142626Google Android NFC Server out-of-bounds read [CVE-2019-9383]low1.5---
142625Google Android libeffects out-of-bounds write [CVE-2019-9382]medium6.8---
142624Google Android netd use after free [CVE-2019-9381]low4.3---
142623Google Android Settings UI authorization [CVE-2019-9380]medium6.8---
142622Google Android libstagefright resource consumption [CVE-2019-9379]low4.3---
142621Google Android Activity Manager Service permission assignmentmedium4.1---
142620Google Android FingerprintService authorization [CVE-2019-9377]low1.5---
142619Google Android Accounts Package input validation [CVE-2019-9376]medium4.4---
142618Google Android hostapd out-of-bounds read [CVE-2019-9375]medium4.1---
142617Google Android CompanionDeviceManager permission assignment [CVE-2019-9374]medium4.1---
142616Google Android JobStore deserialization [CVE-2019-9373]low1.5---
142615Google Android libskia input validation [CVE-2019-9372]low4.3---
142614Google Android libvpx input validation [CVE-2019-9371]low4.3---
142613Google Android sonivox out-of-bounds read [CVE-2019-9370]low4.3---
142612Google Android Bluetooth use of uninitialized resource [CVE-2019-9369]low1.5---
142611Google Android Bluetooth out-of-bounds read [CVE-2019-9368]low1.5---
142610Google Android Bluetooth out-of-bounds read [CVE-2019-9367]low4.3---
142609Google Android libSBRdec out-of-bounds read [CVE-2019-9366]low4.3---
142608Google Android Bluetooth input validation [CVE-2019-9365]medium6.8---
142607Google Android AudioService permission assignment [CVE-2019-9364]low1.5---
142606Google Android Bluetooth out-of-bounds write [CVE-2019-9363]medium6.8---
142605Google Android libSACdec out-of-bounds read [CVE-2019-9362]low4.3---
142604Google Android libavc use of uninitialized resource [CVE-2019-9361]low4.3---
142603Google Android TEE out-of-bounds read [CVE-2019-9360]low1.5---
142602Google Android libavc use of uninitialized resource [CVE-2019-9359]low4.3---
142601Google Android NFC out-of-bounds write [CVE-2019-9358]medium4.1---
142600Google Android libAACdec integer overflow [CVE-2019-9357]medium6.8---
142599Google Android NFC Server out-of-bounds read [CVE-2019-9356]low1.5---
142598Google Android Bluetooth out-of-bounds read [CVE-2019-9355]low4.3---
142597Google Android NFC Server out-of-bounds read [CVE-2019-9354]low4.3---
142596Google Android Bluetooth out-of-bounds read [CVE-2019-9353]low4.3---
142595Google Android libstagefright resource consumption [CVE-2019-9352]low4.3---
142594Google Android SyncStatusObserver authorization [CVE-2019-9351]low1.5---
142593Google Android Keymaster use after free [CVE-2019-9350]medium4.1---
142592Google Android libstagefright resource consumption [CVE-2019-9349]low4.3---
142591Google Android libstagefright input validation [CVE-2019-9348]low4.3---
142590Google Android m4v_h263 Codec use after free [CVE-2019-9347]low1.5---
142589Google Android libstagefright out-of-bounds write [CVE-2019-9346]medium6.8---
142588Google Android NFC Server out-of-bounds read [CVE-2019-9344]low1.5---
142587Google Android Bluetooth out-of-bounds read [CVE-2019-9343]low4.3---
142586Google Android Bluetooth out-of-bounds read [CVE-2019-9342]low4.3---
142585Google Android Bluetooth out-of-bounds read [CVE-2019-9341]low4.3---
142584Google Android libavc missing initialization of resource [CVE-2019-9338]low4.3---
142583Google Android libavc missing initialization of resource [CVE-2019-9337]low4.3---
142582Google Android libavc missing initialization of resource [CVE-2019-9336]low4.3---
142581Google Android libavc missing initialization of resource [CVE-2019-9335]low4.3---
142580Google Android libhevc missing initialization of resource [CVE-2019-9334]low4.3---
142579Google Android Bluetooth out-of-bounds read [CVE-2019-9333]low4.3---
142578Google Android Bluetooth out-of-bounds read [CVE-2019-9332]low4.3---
142577Google Android Bluetooth out-of-bounds read [CVE-2019-9331]low4.3---
142576Google Android Bluetooth out-of-bounds read [CVE-2019-9330]low4.3---
142575Google Android Bluetooth missing initialization of resource [CVE-2019-9329]low4.3---
142574Google Android Bluetooth out-of-bounds read [CVE-2019-9328]low4.3---
142573Google Android Bluetooth out-of-bounds read [CVE-2019-9327]low4.3---
142572Google Android Bluetooth out-of-bounds read [CVE-2019-9326]low4.3---
142571Google Android libvpx out-of-bounds read [CVE-2019-9325]low4.3---
142570Google Android Wallpaper Manager Service authorization [CVE-2019-9323]low1.5---
142569Google Android libavc missing initialization of resource [CVE-2019-9322]low4.3---
142568Google Android libavc missing initialization of resource [CVE-2019-9321]low4.3---
142567Google Android libavc missing initialization of resource [CVE-2019-9320]low4.3---
142566Google Android libavc missing initialization of resource [CVE-2019-9319]low4.3---
142565Google Android libhevc missing initialization of resource [CVE-2019-9318]low4.3---
142564Google Android libstagefright missing initialization of resourcelow4.3---
142563Google Android libstagefright missing initialization of resourcelow4.3---
142562Google Android libhevc missing initialization of resource [CVE-2019-9315]low4.3---
142561Google Android libavc missing initialization of resource [CVE-2019-9314]low4.3---
142560Google Android libstagefright missing initialization of resourcelow4.3---
142559Google Android Bluetooth out-of-bounds read [CVE-2019-9312]low1.5---
142558Google Android Bluetooth integer overflow [CVE-2019-9311]medium6.8---
142557Google Android libFDK integer overflow [CVE-2019-9310]medium6.8---
142556Google Android NFC out-of-bounds write [CVE-2019-9309]medium4.1---
142555Google Android libAACdec integer overflow [CVE-2019-9308]medium6.8---
142554Google Android libAACdec integer overflow [CVE-2019-9307]medium6.8---
142553Google Android libMpegTPDec out-of-bounds write [CVE-2019-9306]medium6.8---
142552Google Android libAACdec integer overflow [CVE-2019-9305]medium6.8---
142551Google Android libMpegTPDec integer overflow [CVE-2019-9304]medium6.8---
142550Google Android libFDK integer overflow [CVE-2019-9303]medium6.8---
142549Google Android libAACdec integer overflow [CVE-2019-9302]medium6.8---
142548Google Android libAACdec integer overflow [CVE-2019-9301]medium6.8---
142547Google Android libAACdec integer overflow [CVE-2019-9300]medium6.8---
142546Google Android libAACdec integer overflow [CVE-2019-9299]medium6.8---
142545Google Android libAACdec integer overflow [CVE-2019-9298]medium6.8---
142544Google Android libAACdec integer overflow [CVE-2019-9297]medium6.8---
142543Google Android NFC out-of-bounds read [CVE-2019-9296]low1.5---
142542Google Android Permission Check permission assignment [CVE-2019-9295]medium4.1---
142541Google Android libstagefright out-of-bounds read [CVE-2019-9294]low4.3---
142540Google Android libstagefright out-of-bounds read [CVE-2019-9293]low4.3---
142539Google Android Activity Manager Service external reference [CVE-2019-9292]low1.5---
142538Google Android Bluetooth allocation of resources [CVE-2019-9291]medium6.8---
142537Google Android tzdata allocation of resources [CVE-2019-9290]medium4.1---
142536Google Android Bluetooth out-of-bounds read [CVE-2019-9289]low1.5---
142535Google Android libhidcommand_jni out-of-bounds write [CVE-2019-9288]medium4.1---
142534Google Android Bluetooth out-of-bounds read [CVE-2019-9287]low1.5---
142533Google Android Bluetooth out-of-bounds read [CVE-2019-9286]low4.3---
142532Google Android Bluetooth out-of-bounds read [CVE-2019-9285]low4.3---
142531Google Android Bluetooth out-of-bounds read [CVE-2019-9284]low4.3---
142530Google Android AAC Codec input validation [CVE-2019-9283]low4.3---
142529Google Android Skia out-of-bounds read [CVE-2019-9282]low4.3---
142528Google Android GoogleContactsSyncAdapter path traversal [CVE-2019-9281]medium6.8---
142527Google Android Keyguard permission assignment [CVE-2019-9280]medium4.1---
142526Google Android WiFi Hotspot Service null pointer dereferencelow4.3---
142525Google Android libexif integer overflow [CVE-2019-9278]medium6.8---
142524Google Android proc Filesystem log file [CVE-2019-9277]low1.5---
142523Google Android WiFi permission assignment [CVE-2019-9272]low1.5---
142522Google Android System Settings permission assignment [CVE-2019-9269]medium4.1---
142521Google Android libstagefright use after free [CVE-2019-9268]medium4.1---
142520Google Android sensorservice out-of-bounds write [CVE-2019-9266]medium6.6---
142519Google Android Bluetooth out-of-bounds read [CVE-2019-9265]low4.3---
142518Google Android libxaac out-of-bounds read [CVE-2019-9264]low4.3---
142517Google Android Telephony permission assignment [CVE-2019-9263]medium4.1---
142516Google Android MPEG4Extractor integer overflow [CVE-2019-9262]medium6.8---
142515Google Android libxaac out-of-bounds read [CVE-2019-9261]low4.3---
142514Google Android Bluetooth out-of-bounds read [CVE-2019-9260]low4.3---
142513Google Android Bluetooth Stack out-of-bounds write [CVE-2019-9259]medium6.6---
142512Google Android wifilogd out-of-bounds write [CVE-2019-9258]medium4.1---
142511Google Android Bluetooth out-of-bounds write [CVE-2019-9257]medium4.1---
142510Google Android libmediaextractor integer overflow [CVE-2019-9256]medium6.8---
142509Google Android KeyStore insecure storage of sensitive informationlow1.0---
142508Google Android libavc use of uninitialized resource [CVE-2019-9252]low1.5---
142507Google Android NFC out-of-bounds read [CVE-2019-9251]low1.5---
142506Google Android Bluetooth out-of-bounds read [CVE-2019-9250]low4.3---
142505Google Android Bluetooth out-of-bounds read [CVE-2019-9249]low1.5---
142504Google Android AAC Codec missing initialization of resource [CVE-2019-9247]low4.3---
142503Google Android NFC out-of-bounds read [CVE-2019-9246]low1.5---
142502Google Android NFC out-of-bounds read [CVE-2019-9244]low1.5---
142501Google Android wpa_supplicant_8 out-of-bounds read [CVE-2019-9243]low1.5---
142500Google Android NFC out-of-bounds read [CVE-2019-9242]low1.5---
142499Google Android Bluetooth out-of-bounds read [CVE-2019-9241]low4.3---
142498Google Android NFC out-of-bounds read [CVE-2019-9240]low1.5---
142497Google Android NFC out-of-bounds read [CVE-2019-9239]low1.5---
142496Google Android NFC Stack out-of-bounds write [CVE-2019-9238]medium6.6---
142495Google Android Bluetooth out-of-bounds read [CVE-2019-9237]low4.3---
142494Google Android NFC out-of-bounds read [CVE-2019-9236]low1.5---
142493Google Android NFC out-of-bounds read [CVE-2019-9235]low1.5---
142492Google Android wpa_supplicant_8 out-of-bounds read [CVE-2019-9234]low4.3---
142491Google Android wpa_supplicant_8 out-of-bounds read [CVE-2019-9233]low4.3---
142490Google Android libvpx out-of-bounds read [CVE-2019-9232]low4.3---
142489Adobe Flash Player Same Origin Policy origin validation [CVE-2019-8075]low4.3---
142488Adobe ColdFusion path traversal [CVE-2019-8074]medium6.8---
142487Adobe ColdFusion injection [CVE-2019-8073]medium6.8---
142486Adobe ColdFusion information disclosure [CVE-2019-8072]low4.3---
142485IBM MQ Cluster resource consumption [CVE-2019-4141]low4.0---
142484Google Android LG LAF information disclosure [CVE-2019-2191]low1.5---
142483Google Android LG LAF information disclosure [CVE-2019-2190]low1.5---
142482Google Android Easel Driver race condition [CVE-2019-2189]medium4.1---
142481Google Android Easel Driver race condition [CVE-2019-2188]medium4.1---
142480Google Android libxaac use of uninitialized resource [CVE-2019-2172]low4.3---
142479Google Android libxaac initialization [CVE-2019-2171]low4.3---
142478Google Android libxaac initialization [CVE-2019-2170]low4.3---
142477Google Android libxaac initialization [CVE-2019-2169]low4.3---
142476Google Android libxaac initialization [CVE-2019-2168]low4.3---
142475Google Android libxaac initialization [CVE-2019-2167]low4.3---
142474Google Android libxaac initialization [CVE-2019-2166]low4.3---
142473Google Android libxaac out-of-bounds read [CVE-2019-2165]low4.3---
142472Google Android libxaac out-of-bounds read [CVE-2019-2164]low4.3---
142471Google Android libxaac out-of-bounds read [CVE-2019-2163]low4.3---
142470Google Android libxaac out-of-bounds read [CVE-2019-2162]low4.3---
142469Google Android libxaac out-of-bounds read [CVE-2019-2161]low4.3---
142468Google Android libxaac out-of-bounds read [CVE-2019-2160]low4.3---
142467Google Android libxaac out-of-bounds write [CVE-2019-2159]medium6.8---
142466Google Android libxaac out-of-bounds read [CVE-2019-2158]low4.3---
142465Google Android libxaac out-of-bounds read [CVE-2019-2157]low4.3---
142464Google Android libxaac out-of-bounds read [CVE-2019-2156]low4.3---
142463Google Android libxaac out-of-bounds read [CVE-2019-2155]low4.3---
142462Google Android libxaac out-of-bounds read [CVE-2019-2154]low4.3---
142461Google Android libxaac out-of-bounds read [CVE-2019-2153]low4.3---
142460Google Android libxaac out-of-bounds read [CVE-2019-2152]low4.3---
142459Google Android libxaac out-of-bounds read [CVE-2019-2151]low4.3---
142458Google Android libxaac out-of-bounds read [CVE-2019-2150]low4.3---
142457Google Android libxaac out-of-bounds read [CVE-2019-2149]low4.3---
142456Google Android libxaac out-of-bounds read [CVE-2019-2148]low4.3---
142455Google Android libxaac out-of-bounds read [CVE-2019-2147]low4.3---
142454Google Android libxaac out-of-bounds read [CVE-2019-2146]low4.3---
142453Google Android libxaac out-of-bounds read [CVE-2019-2145]low4.3---
142452Google Android libxaac out-of-bounds read [CVE-2019-2144]low4.3---
142451Google Android libxaac out-of-bounds read [CVE-2019-2143]low4.3---
142450Google Android libxaac out-of-bounds read [CVE-2019-2142]low4.3---
142449Google Android libxaac out-of-bounds write [CVE-2019-2141]medium6.8---
142448Google Android libxaac use of uninitialized resource [CVE-2019-2140]low4.3---
142447Google Android libxaac out-of-bounds read [CVE-2019-2139]low4.3---
142446Google Android libxaac out-of-bounds read [CVE-2019-2138]low4.3---
142445Google Android libxaac out-of-bounds write [CVE-2019-2087]medium6.8---
142444Google Android libxaac out-of-bounds write [CVE-2019-2086]medium6.8---
142443Google Android libxaac out-of-bounds write [CVE-2019-2085]medium6.8---
142442Google Android libxaac out-of-bounds write [CVE-2019-2084]medium6.8---
142441Google Android libxaac out-of-bounds write [CVE-2019-2083]medium6.8---
142440Google Android libxaac out-of-bounds write [CVE-2019-2082]medium6.8---
142439Google Android libxaac out-of-bounds write [CVE-2019-2081]medium6.8---
142438Google Android libxaac out-of-bounds write [CVE-2019-2080]medium6.8---
142437Google Android libxaac out-of-bounds read [CVE-2019-2079]low4.3---
142436Google Android libxaac out-of-bounds write [CVE-2019-2078]medium6.8---
142435Google Android libxaac out-of-bounds write [CVE-2019-2077]medium6.8---
142434Google Android libxaac out-of-bounds write [CVE-2019-2076]medium6.8---
142433Google Android libxaac out-of-bounds write [CVE-2019-2075]medium6.8---
142432Google Android libxaac out-of-bounds write [CVE-2019-2074]medium6.8---
142431Google Android libxaac out-of-bounds write [CVE-2019-2073]medium6.8---
142430Google Android libxaac out-of-bounds write [CVE-2019-2072]medium6.8---
142429Google Android libxaac out-of-bounds write [CVE-2019-2071]medium6.8---
142428Google Android libxaac out-of-bounds write [CVE-2019-2070]medium6.8---
142427Google Android libxaac out-of-bounds write [CVE-2019-2069]medium6.8---
142426Google Android libxaac out-of-bounds write [CVE-2019-2068]medium6.8---
142425Google Android libxaac out-of-bounds write [CVE-2019-2067]medium6.8---
142424Google Android libxaac out-of-bounds write [CVE-2019-2066]medium6.8---
142423Google Android libxaac out-of-bounds write [CVE-2019-2065]medium6.8---
142422Google Android libxaac out-of-bounds write [CVE-2019-2064]medium6.8---
142421Google Android Media Server out-of-bounds write [CVE-2019-2063]medium6.8---
142420Google Android libxaac out-of-bounds write [CVE-2019-2062]medium6.8---
142419Google Android libxaac out-of-bounds write [CVE-2019-2061]medium6.8---
142418Google Android libxaac out-of-bounds read [CVE-2019-2060]low4.3---
142417Google Android libxaac out-of-bounds write [CVE-2019-2059]medium6.8---
142416Google Android libxaac out-of-bounds write [CVE-2019-2055]medium6.8---
142415Nulock App Bluetooth Credentials cleartext transmissionlow1.2---
142414kkcms jx.php cross site scriptinglow4.3---
142413SalesAgility SuiteCRM information disclosure [CVE-2019-16922]low5.0---
142412Mozilla Thunderbird SMIME input validation [CVE-2019-11755]medium4.3---
142411Mozilla Firefox Pointer Lock requestPointerLock input validationmedium6.8---
142410Mozilla Firefox Maintenance Service improper validation of integrity check valuemedium4.6---
142409Mozilla Firefox/Thunderbird/Firefox ESR IndexedDB use after freelow4.3---
142408Mozilla Firefox Log input validation [CVE-2019-11751]medium5.8---
142407Mozilla Firefox type conversion [CVE-2019-11750]low4.3---
142406Mozilla Firefox WebRTC getUserMedia information disclosurelow4.3---
142405Mozilla Firefox WebRTC permission assignment [CVE-2019-11748]low4.3---
142404Mozilla Firefox History HSTS initializationlow2.6---
142403Mozilla Firefox/Thunderbird/Firefox ESR Video Element use after freelow4.3---
142402Mozilla Firefox/Thunderbird/Firefox ESR Bracket cross site scriptinglow4.3---
142401Mozilla Firefox/Thunderbird/Firefox ESR Navigation information disclosurelow4.3---
142400Mozilla Firefox/Thunderbird/Firefox ESR SVG Filter unknown vulnerabilitylow4.3---
142399Mozilla Firefox Sandbox Universal cross site scriptingmedium4.3---
142398Mozilla Firefox/Thunderbird/Firefox ESR memory corruption [CVE-2019-11740]medium6.8---
142397Mozilla Thunderbird SMIME information disclosure [CVE-2019-11739]low2.6---
142396Mozilla Firefox Content Security Policy Javascript default permissionmedium6.8---
142395Mozilla Firefox Content Security Policy insufficient verification of data authenticitymedium6.8---
142394Mozilla Firefox Maintenance Service race condition [CVE-2019-11736]medium4.1---
142393Mozilla Firefox buffer overflow [CVE-2019-11735]medium6.8---
142392Mozilla Firefox buffer overflow [CVE-2019-11734]medium6.8---
142391Mozilla Firefox Password Storage information disclosure [CVE-2019-11733]low1.5---
142389Google Android WiFi information disclosure [CVE-2018-9581]low1.5---
142388Google Android Permission Check privileges management [CVE-2018-9425]medium4.1---
142387Corsair Link CLink4Service default permission [CVE-2018-19592]medium6.6---
142384Cisco Carrier Routing System ACL authorization [CVE-2012-1342]medium5.0---
142383Linux Kernel hns_roce_main.c hns_roce_alloc_ucontext initializationlow5.0---
142382D-Link DIR-655C/DIR-866L/DIR-652/DHP-1565 Common Gateway Interface os command injectionmedium7.5---
142381pfSense picture.widget.php file_put_contents input validationmedium7.5---
142380pfSense services_captiveportal_mac.php cross site scriptinglow4.3---
142379ARforms Plugin arformcontroller.php arf_delete_file Path input validationmedium6.4---
142378pfSense diag_command.php csrf_callback cross-site request forgerylow4.3---
142377CKFinder Documentation Content Sniffing information disclosuremedium6.8---
142376CKFinder File Name unrestricted upload [CVE-2019-15862]medium7.5---
142375phpBB Remote Avatar cross-site request forgery [CVE-2019-13376]medium6.8---
142374DNN Admin Notification notification cross site scriptinglow3.5---
142373Cloud Foundry UAA Scope privileges management [CVE-2019-11279]medium6.5---
142372Cloud Foundry UAA SCIM Query input validation [CVE-2019-11278]medium7.5---
142371Apple macOS Foundation out-of-bounds read [CVE-2019-8641]medium6.8---
142370Apple watchOS Foundation out-of-bounds read [CVE-2019-8641]medium6.8---
142369Apple iOS Foundation out-of-bounds read [CVE-2019-8641]medium6.8---
142368Apple iOS/iPadOS VoiceOver Lockscreen information disclosuremedium4.4---
142367Apple Safari Service Workers History information disclosurelow5.0---
142366Apple Safari Juno Im input validationmedium6.8---
142365Apple tvOS improper authentication [CVE-2019-8704]low1.5---
142364Apple Xcode otool memory corruption [CVE-2019-8739]medium6.8---
142363Apple Xcode otool memory corruption [CVE-2019-8738]medium6.8---
142362Apple Xcode ld64 input validation [CVE-2019-8724]medium6.8---
142361Apple Xcode ld64 input validation [CVE-2019-8723]medium6.8---
142360Apple Xcode ld64 input validation [CVE-2019-8722]medium6.8---
142359Apple Xcode ld64 input validation [CVE-2019-8721]medium6.8---
142358Apple Xcode IDE SCM integer overflow [CVE-2019-3855]medium9.3---
142357Apple watchOS Foundation out-of-bounds read [CVE-2019-8641]medium6.8---
142356Apple Safari WebKit Page Loading Universal cross site scriptingmedium4.3---
142355Apple iOS WebKit Page Loading Universal cross site scriptingmedium4.3---
142354Apple iOS Safari Address input validationmedium6.8---
142353Apple iOS Quick Look default permission [CVE-2019-8731]low4.3---
142352Apple iOS Messages Lockscreen information disclosurelow1.9---
142351Apple iOS Keyboards improper authentication [CVE-2019-8704]low1.5---
142350Apple iOS Foundation out-of-bounds read [CVE-2019-8641]medium6.8---
142349Apple iOS Face ID inadequate encryption [CVE-2019-8760]medium4.4---
142348Apple iOS CoreAudio memory corruption [CVE-2019-8705]medium6.8---
142347Apple iOS Bluetooth information disclosure [CVE-2019-8711]medium7.5---
142346Lenovo System Update Configuration File input validation [CVE-2019-6175]low5.0---
142345ThinkAgile CP-SB BMC Session session fixiation [CVE-2019-6161]medium7.5---
142344IBM MQ Command Server input validation [CVE-2019-4378]low4.0---
142343IBM QRadar SIEM server-side request forgery [CVE-2019-4262]medium7.5---
142342ARM Mbed TLS/ARM Mbed Crypto ECDSA RNG information disclosurelow2.6---
142341TeamPass Password cross site scripting [CVE-2019-16904]low3.5---
142340Platinum UPnP SDK PltHttpServer.cpp path traversallow5.0---
142338inoERP Deserialization download.php sql injectionmedium6.8---
142337Netty Whitespace request smuggling [CVE-2019-16869]medium7.5---
142336BMC MyIT Digital Workplace DWP administrator deserializationmedium7.5---
142335YzmCMS HTTP Host Header injection [CVE-2019-16532]medium6.8---
142334easy-fancybox Plugin Settings Menu class-easyfancybox.php Stored cross site scriptinglow3.5---
142333SilverStripe Versioned Files Module information disclosure [CVE-2019-16409]low4.3---
142332krb5 KDC input validation [CVE-2019-14844]low5.0---
142331SilverStripe Assets Access Control file access [CVE-2019-14273]medium7.5---
142330SilverStripe asset-admin File Title cross site scripting [CVE-2019-14272]low3.5---
142329Honeywell Performance IP Cameras/Performance NVR Integrated Web Server information disclosurelow4.3---
142328SilverStripe Cache Pollution privileges managementmedium6.0---
142327Netskope Client Service Connection os command injection [CVE-2019-12091]medium4.1---
142326Netskope Client Service Connection doHandshakefromServer buffer overflowmedium4.1---
142325Apache HTTP Server mod_remoteip null pointer dereference [CVE-2019-10097]medium6.0---
142324Apache HTTP Server mod_proxy cross site scripting [CVE-2019-10092]low4.3---
142323Apache HTTP Server HTTP2 Session use after free [CVE-2019-10082]medium6.8---
142322Apache Subversion svnserve Server Process Disruption input validationlow5.0---
142321Apache Subversion svnserve Server Process Disruption input validationlow4.0---
142320F5 BIG-IP APM Edge Client Log log file [CVE-2019-6656]low5.0---
142319F5 BIG-IP information disclosure [CVE-2019-6655]low4.3---
142318F5 BIG-IP Management Interface input validation [CVE-2019-6654]medium5.4---
142317F5 BIG-IQ Stored cross site scripting [CVE-2019-6653]low3.5---
142316F5 BIG-IQ Authentication improper authentication [CVE-2019-6652]medium5.1---
142315F5 BIG-IP/BIG-IQ/iWorkflow/Enterprise Manager Configuration Utility Login Page information exposurelow5.0---
142314IBM Content Navigator Web UI cross site scripting [CVE-2019-4571]low3.5---
142313Advantech WebAccess/HMI Designer Exception exceptional conditionmedium7.5---
142312Advantech WebAccess/HMI Designer User Mode memory corruptionmedium6.8---
142311Advantech WebAccess/HMI Designer GetNICInfo+0x0000000000512918 memory corruptionmedium6.8---
142310Rubyzip ZIP File resource consumption [CVE-2019-16892]low4.3---
142309Halo comments cross site scriptinglow3.5---
142308Ubiquiti EdgeMAX Cache File resource consumption [CVE-2019-16889]low5.0---
142307IrfanView buffer overflow [CVE-2019-16887]medium6.8---
142306runc AppArmor rootfs_linux.go authorizationmedium7.5---
142305MediaWiki Special:Redirect Username information disclosurelow4.3---
142304Samsung Text-to-speech Engine App privileges management [CVE-2019-16253]medium4.1---
142303LemonLDAP::NG OpenID Connect Issuer authorization [CVE-2019-15941]medium7.5---
142302Smart Battery A4 Authentication Interface improper authenticationmedium6.8---
142301Smart Battery A4 improper authentication [CVE-2019-15068]medium6.8---
142300Smart Battery A2-25DE Login Page improper authentication [CVE-2019-15067]medium6.8---
142299GLPI Password Reset autocompletion.php insufficiently protected credentialsmedium6.5---
142298Cisco NX-OS CLI os command injection [CVE-2019-12717]medium6.6---
142297Cisco IOS XR Virtualization Manager os command injection [CVE-2019-12709]medium6.6---
142296Cisco IOS XE link following [CVE-2019-12672]medium6.6---
142295Cisco IOS XE CLI authorization [CVE-2019-12671]medium4.1---
142294Cisco IOS XE IOx Guest Shell permission assignment [CVE-2019-12670]medium4.1---
142293Cisco IOS XE RADIUS Change of Authorization input validationlow4.3---
142292Cisco IOS/IOS XE Web Framework Stored cross site scriptinglow3.5---
142291Cisco IOS XE Web Framework Stored cross site scriptinglow3.5---
142290Cisco IOS XE Guest Shell path traversal [CVE-2019-12666]medium4.1---
142289Cisco IOS/IOS XE HTTP Client Persistent inadequate encryptionmedium6.8---
142288Cisco IOS XE Dialer Interface Feature for ISDN improper authenticationmedium5.4---
142287Cisco IOS XE CTS PAC input validation [CVE-2019-12663]low4.3---
142286Cisco NX-OS/IOS XE Signature Verification signature verificationmedium4.1---
142285Cisco IOS XE Virtualization Manager os command injection [CVE-2019-12661]medium6.6---
142284Cisco IOS XE CLI input validation [CVE-2019-12660]medium4.1---
142283Cisco IOS XE HTTP Service input validation [CVE-2019-12659]low4.3---
142282Cisco IOS XE Filesystem Resource Management resource consumptionlow4.3---
142281Cisco IOS XE Unified Threat Defense input validation [CVE-2019-12657]low4.3---
142280Cisco IOS/IOS XE IOx Web Server input validation [CVE-2019-12656]low4.3---
142279Cisco IOS XE ALG/NAT/ZBFW buffer overflow [CVE-2019-12655]medium6.8---
142278Cisco IOS/IOS XE Session Initiation Protocol null pointer dereferencelow4.3---
142277Cisco IOS XE Raw Socket Transport input validation [CVE-2019-12653]low4.3---
142276Cisco IOS Management Plane resource consumption [CVE-2019-12652]low4.3---
142275Cisco IOS XE Web-based User Interface os command injection [CVE-2019-12651]medium6.0---
142274Cisco IOS XE Web-based User Interface os command injection [CVE-2019-12650]medium6.0---
142273Cisco IOS XE Image Verification signature verification [CVE-2019-12649]medium4.1---
142272Cisco IOS IOx Application Environment authorization [CVE-2019-12648]medium6.0---
142271Cisco IOS/IOS XE Ident Protocol null pointer dereference [CVE-2019-12647]low4.3---
142270Cisco IOS XE NAT SIP ALG initialization [CVE-2019-12646]low4.3---
142269SilverStripe Access Control loadIntoFile information disclosuremedium7.5---
142268SilverStripe Flash Clipboard Reflected cross site scriptinglow4.3---
142267SilverStripe install.php privileges managementmedium7.5---
142266SilverStripe Change Password session fixiation [CVE-2019-12203]low3.7---
142265noVNC Web Page cross site scripting [CVE-2017-18635]low4.3---
142264microblog-poster Plugin sql injection [CVE-2015-9449]medium6.0---
142263sendpress Plugin sql injection [CVE-2015-9448]medium6.0---
142262unite-gallery-lite Plugin admin.php cross-site request forgerylow4.3---
142261unite-gallery-lite Plugin admin-ajax.php sql injectionmedium6.0---
142260unite-gallery-lite Plugin admin-ajax.php unitegallery_ajax_action cross-site request forgerylow4.3---
142259altos-connect Plugin cross site scripting [CVE-2015-9444]low4.3---
142258accurate-form-data-real-time-form-validation Plugin cross-site request forgerylow4.3---
142257avenirsoft-directdownload Plugin cross-site request forgery [CVE-2015-9442]low4.3---
142256bookmarkify Plugin cross-site request forgery [CVE-2015-9441]low4.3---
142255monetize Plugin cross-site request forgery [CVE-2015-9440]low4.3---
142254addthis Plugin cross site scripting [CVE-2015-9439]low4.3---
142253display-widgets Plugin cross site scripting [CVE-2015-9438]low3.5---
142252dynamic-widgets Plugin cross-site request forgery [CVE-2015-9437]low4.3---
142251dynamic-widgets Plugin cross site scripting [CVE-2015-9436]low3.5---
142250oauth2-provider Plugin Random Number Generator weak prng [CVE-2015-9435]medium7.5---
142249kiwi-logo-carousel Plugin cross-site request forgery [CVE-2015-9434]low4.3---
142248wp-social-bookmarking-light Plugin cross-site request forgerylow4.3---
142247alpine-photo-tile-for-instagram Plugin cross-site request forgerylow4.3---
142246qtranslate-x Plugin cross-site request forgery [CVE-2015-9431]low4.3---
142245crazy-bone Plugin cross site scripting [CVE-2015-9430]low4.3---
142244yith-maintenance-mode Plugin cross-site request forgery [CVE-2015-9429]low4.3---
142243wplegalpages Plugin cross-site request forgery [CVE-2015-9428]low4.3---
142242googmonify Plugin cross-site request forgery [CVE-2015-9427]low4.3---
142241manual-image-crop Plugin cross site scripting [CVE-2015-9426]low4.3---
142240social-locker Plugin cross-site request forgery [CVE-2015-9425]low4.3---
142239multicons Plugin cross-site request forgery [CVE-2015-9424]low4.3---
142238PlugNedit Adaptive Editor Plugin cross site scripting [CVE-2015-9423]low3.5---
142237PlugNedit Adaptive Editor Plugin cross-site request forgery [CVE-2015-9422]low4.3---
142236olevmedia-shortcodes Plugin cross-site request forgery [CVE-2015-9421]low4.3---
142235soundcloud-is-gold Plugin cross site scripting [CVE-2015-9420]low4.3---
142234captain-slider Plugin Section cross site scripting [CVE-2015-9419]low4.3---
142233Watu Pro Plugin Quiz cross-site request forgery [CVE-2015-9418]low4.3---
142232testimonial-slider Plugin cross-site request forgery [CVE-2015-9417]low4.3---
142231sitepress-multilingual-cms Plugin cross site scripting [CVE-2015-9416]low4.3---
142230bj-lazy-load Plugin Remote File Inclusion input validation [CVE-2015-9415]medium7.5---
142229wp-symposium Plugin get_album_item.php cross site scriptinglow4.3---
142228eShop Plugin cross-site request forgery [CVE-2015-9413]low4.3---
142227Royal-Slider Plugin cross site scripting [CVE-2015-9412]low4.3---
142226Postmatic Plugin cross site scripting [CVE-2015-9411]low4.3---
142225Blubrry PowerPress Podcasting Plugin cross site scripting [CVE-2015-9410]low3.5---
142224string-interner Crate Cloning use after free [CVE-2019-16882]medium6.8---
142223portaudio-rs Crate stream_finished_callback use after freemedium6.8---
142222linea Crate zip_elements double freemedium6.8---
142221pfSense pfsense.exec_php os command injectionmedium6.5---
142220Centreon makeXMLForOneService.php sql injectionmedium7.5---
142219HCL AppScan Source XML Data xml external entity reference [CVE-2019-16188]medium6.8---
142218libgcrypt20 ECDSA race condition [CVE-2019-13627]medium5.1---
142217NeuVector Vulnerability Scanner Plugin Global Configuration Credentials cleartext storagelow2.1---
142216GitLab Logo Plugin Global Configuration Credentials cleartext storagelow2.1---
142215Aqua Security Scanner Plugin Configuration Form Credentials cleartext transmissionlow5.0---
142214Aqua MicroScanner Plugin Configuration Form Credentials cleartext transmissionlow5.0---
142213Gem Publisher Plugin Global Configuration Credentials cleartext storagelow1.5---
142212Google Calendar Plugin config.xml Credentials cleartext storagelow3.5---
142211elOyente Plugin Global Configuration Credentials cleartext storagelow1.5---
142210CodeScan Plugin Global Configuration Credentials cleartext storagelow4.1---
142209Call Remote Job Plugin config.xml Credentials cleartext storagelow3.5---
142208Azure Event Grid Build Notifier Plugin config.xml Credentials cleartext storagelow3.5---
142207Assembla Plugin Global Configuration Credentials cleartext storagelow1.5---
142206vFabric Application Director Plugin Global Configuration Credentials cleartext storagelow1.5---
142205Arquillian Steps Plugin Sandbox privileges management [CVE-2019-10418]medium6.5---
142204Kubernetes Steps Plugin Sandbox privileges management [CVE-2019-10417]medium6.0---
142203Violation Comments to GitLab Plugin config.xml Credentials cleartext storagelow3.5---
142202Violation Comments to GitLab Plugin Global Configuration Credentials cleartext storagelow3.5---
142201Git Changelog Plugin config.xml Credentials cleartext storagelow3.5---
142200Data Theorem CI-CD Plugin config.xml Credentials cleartext storagelow3.5---
142199Inedo ProGet Plugin Configuration Form cleartext transmissionlow5.0---
142198Inedo BuildMaster Plugin Configuration Form cleartext transmissionlow5.0---
142197Log Parser Plugin Error Message cross site scripting [CVE-2019-10410]low3.5---
142196Project Inheritance Plugin Permission Check permission assignmentmedium6.5---
142195Project Inheritance Plugin Template cross-site request forgerylow4.3---
142194Project Inheritance Plugin information disclosure [CVE-2019-10407]low4.0---
142193Jenkins Global Configuration Stored cross site scriptinglow3.5---
142192Jenkins HTTP Header information disclosure [CVE-2019-10405]low4.0---
142191Jenkins Tooltip Stored cross site scriptinglow3.5---
142190Jenkins SCM Tag Stored cross site scriptinglow3.5---
142189Jenkins Combobox Form Stored cross site scriptinglow3.5---
142188Jenkins Textbox Control Stored cross site scriptinglow3.5---
142187Apache HTTP Server mod_rewrite redirect [CVE-2019-10098]medium6.8---
142186alo-easymail Plugin alo-easymail-admin-options.php cross-site request forgerylow4.3---
142185emlog path traversal [CVE-2019-16868]medium6.4---
142184HongCMS input validation [CVE-2019-16867]low5.5---
142183ONTAP Select Deploy Administration Utility insufficiently protected credentialsmedium5.1---
142182ONTAP Select Deploy Administration Utility HTTP Service input validationmedium6.8---
142181E2fsprogs Quota File out-of-bounds write [CVE-2019-5094]medium4.4---
142180Dell EMC Update Package Framework uncontrolled search path [CVE-2019-3726]medium4.1---
142179vBulletin widget_php input validationmedium7.5---
142178RIOT MQTT Server null pointer dereference [CVE-2019-16754]low5.0---
142177Devise Token Auth Callback Controller fallback_render Reflected cross site scriptinglow4.3---
142176Joomla CMS Default Template cross site scripting [CVE-2019-16725]low4.3---
142175File Sharing Wizard Exception buffer overflow [CVE-2019-16724]medium6.8---
142174Suricata Options decode-ipv4.c IPV4OptValidateTimestamp out-of-bounds readmedium6.8---
142173Suricata Fragmented Packet defrag.c Defrag4Reassemble out-of-bounds readmedium6.8---
142172Suricata SSLv3 app-layer-ssl.c TLSDecodeHSHelloExtensions out-of-bounds readmedium6.8---
142171SICK FX0-GPNT00000/FX0-GENT00000 buffer overflow [CVE-2019-14753]medium7.5---
142170NXP Kinetis KV1x/Kinetis KV3x/Kinetis K8x Access Control improper authenticationmedium4.6---
142169STMicroelectronics STM32F7 Proprietary Code Read Out Protection improper authenticationmedium4.6---
142168BlueStacks Virtual Machine information disclosure [CVE-2019-14220]medium6.6---
142167Niagara AX Utility improper authentication [CVE-2019-13528]medium4.6---
142166Rockwell Automation Arena Simulation Software Cat. 9502-Ax Arena File uninitialized pointermedium6.8---
142165QEMU LSI SCSI Adapter Emulator lsi_execute_script infinite looplow5.0---
142164IBM Security Key Lifecycle Manager Credentials cleartext storagelow1.7---
142163IBM Security Key Lifecycle Manager cross-site request forgerylow4.3---
142162wolfSSL ASN.1 Certificate asn.c CheckCertSignature_ex out-of-bounds readmedium7.5---
142161Linux Kernel Beacon Head nl80211.c validate_beacon_head buffer overflowmedium7.5---
142160pam-python privileges management [CVE-2019-16729]medium4.6---
142159DOMPurify cross site scripting [CVE-2019-16728]low4.3---
142158Progress MOVEit Transfer REST API MOVEit.DMZ.WebApi.dll sql injectionmedium6.8---
142157makandra consul Gem Access Control authorization [CVE-2019-16377]medium7.5---
142156Grafana Save/Test Credentials insufficiently protected credentialslow3.5---
142155Total Defense Anti-Virus caschelp.exe untrusted search pathmedium6.6---
142154Total Defense Anti-Virus Access Control AMRT.exe privileges managementmedium4.1---
142153Total Defense Anti-Virus Access Control ccschedulersvc.exe privileges managementmedium4.1---
142152Apache JSPWiki Plugin Link cross site scripting [CVE-2019-12407]low4.3---
142151Cloud Foundry NFS Volume Service LDAP injection [CVE-2019-11277]medium6.5---
142150Red Lion Controls Crimson use after free [CVE-2019-10996]medium6.8---
142149Red Lion Controls Crimson Configuration File hard-coded credentialslow2.6---
142148Red Lion Controls Crimson uninitialized pointer [CVE-2019-10984]medium6.8-