Tools 2019

163851Apple iTunes libxml2 memory corruption [CVE-2019-8756]
163850Apple watchOS libxml2 memory corruption [CVE-2019-8756]
163849Apple tvOS libxml2 memory corruption [CVE-2019-8756]
163848Apple iCloud libxml2 memory corruption [CVE-2019-8756]
163847Apple iOS libxml2 memory corruption [CVE-2019-8756]
163829Apple iTunes libxml2 memory corruption [CVE-2019-8749]
163828Apple watchOS libxml2 memory corruption [CVE-2019-8749]
163827Apple tvOS libxml2 memory corruption [CVE-2019-8749]
163826Apple iCloud libxml2 memory corruption [CVE-2019-8749]
163819Apple iOS Kernel memory corruption [CVE-2019-8744]
163818Apple watchOS Kernel memory corruption [CVE-2019-8744]
163798Apple iOS PluginKit memory corruption [CVE-2019-8715]
163790Apple iOS PluginKit information disclosure [CVE-2019-8708]
163789Apple watchOS Audio memory corruption [CVE-2019-8706]
163788Apple tvOS Audio memory corruption [CVE-2019-8706]
163787Apple iOS/iPadOS Audio memory corruption [CVE-2019-8706]
163756Apple iOS Wi-Fi privileges management [CVE-2019-8612]
163755Apple watchOS Wi-Fi privileges management [CVE-2019-8612]
163754Apple tvOS Wi-Fi privileges management [CVE-2019-8612]
163753Apple iOS CoreAudio memory corruption [CVE-2019-8592]
163752Apple watchOS CoreAudio memory corruption [CVE-2019-8592]
163751Apple tvOS CoreAudio memory corruption [CVE-2019-8592]
163735Apple iOS Kernel memory corruption [CVE-2019-8547]
163734Apple watchOS Kernel memory corruption [CVE-2019-8547]
163721Apple iOS Kernel memory corruption [CVE-2019-8525]
163720Apple watchOS Kernel memory corruption [CVE-2019-8525]
163719Apple macOS Live Photos in FaceTime Local Privilege Escalation
162269Microsoft Windows OleCreateFontIndirectExt out-of-bounds read [Disputed]
159432Sricam IP CCTV Camera Device Viewer memory corruption
159431Sricam IP CCTV Camera Device Viewer stack-based overflow
150766Apple iCloud CoreCrypto denial of service [CVE-2019-8741]
150765Apple iCloud CoreCrypto denial of service [CVE-2019-8741]
150764Apple iTunes CoreCrypto denial of service [CVE-2019-8741]
150763Apple macOS CoreCrypto denial of service [CVE-2019-8741]
150762Apple watchOS CoreCrypto denial of service [CVE-2019-8741]
150761Apple iOS CoreCrypto denial of service [CVE-2019-8741]
150737Apple tvOS CoreCrypto denial of service [CVE-2019-8741]
149460Adobe Acrobat Reader use after free [CVE-2019-8257]
149459Adobe Acrobat Reader type confusion [CVE-2019-7131]
149313Microsoft Outlook Email input validation [CVE-2019-1460]
149312Microsoft Windows User Profile Service privileges management
149311Microsoft Visual Studio Code Debug Listener privileges management
149310Microsoft Dynamics 365 Impersonation privileges management [CVE-2018-8654]
148215rovinbhandari FTP file_transfer_functions.c receive_file input validation
148214FiberHome an5506-04-f cross site scripting [CVE-2019-9556]
148213Craft CMS Header new cross site scripting
148212Bolt pages cross site scripting
148211Unity Editor Protocol os command injection [CVE-2019-9197]
148210Ricoh MarcomCentral FPProducerInternetServer.exe path traversal
148209Zoho ManageEngine ADSelfService Plus information disclosure [CVE-2019-7162]
148208Blink XT2 Sync Module injection [CVE-2019-3984]
148207ezXML ezxml_char_content release of reference
148206ezXML xml injection [CVE-2019-20201]
148205ezXML ezxml_decode out-of-bounds read
148204ezXML strlen out-of-bounds read
148203ezXML ezxml_ent_ok resource consumption
148202Nagios XI schedulereport.php os command injection
148201Pure-FTPd ls.c listdir resource consumption
148200Avira Free Antivirus Kernel Local Privilege Escalation [CVE-2019-18568]
148199GONiCUS GOsa Cookie deserialization [CVE-2019-14466]
148198Generalitat de Catalunya Java API information disclosure
148197OutSystems Platform ImageResourceDetail.aspx cross-site request forgery
148196Sylius/Grid __toString cross site scripting
148195MailStore Server Directory Service improper authentication [CVE-2019-10229]
148194openITCOCKPIT 404 Not Found Reflected cross site scripting
148193BOMBBA improper authentication [CVE-2018-19834]
148192DDQ improper authentication [CVE-2018-19833]
148191NewIntelTechMedia NETM improper authentication
148190Cryptbond Network ToOwner improper authentication
148189Business Alliance Financial Circle UBSexToken authorization
148188GeniXCMS admin.php cross site scripting
148187SonicOS Configuration Mode improper authorization [CVE-2019-7479]
148186GMS Webservice Module sql injection [CVE-2019-7478]
147944IBM MQ Data Conversion Routine denial of service [CVE-2019-4655]
147943IBM Cognos Analytics Web UI cross site scriting [CVE-2019-4623]
147942IBM Cognos Analytics origin validation [CVE-2019-4343]
147941IBM Watson Studio Local Key File information disclosure [CVE-2019-4335]
147940QEMU core.c ide_dma_cb unusual condition [Disputed]
147939SerenityOS Syscall MemoryManager.cpp privileges management
147938GPAC box_code_base.c metx_New release of resource
147937GPAC ipmpx_code.c GF_IPMPX_AUTH_Delete release of reference
147936GPAC box_code_base.c trak_Read use after free
147935GPAC box_funcs.c gf_isom_box_dump_ex use after free
147934GPAC box_code_drm.c senc_Parse null pointer dereference
147933GPAC box_dump.c gf_isom_dump null pointer dereference
147932GPAC box_code_apple.c ilst_item_Read null pointer dereference
147931GPAC box_funcs.c gf_isom_box_del null pointer dereference
147930GPAC descriptors.c gf_odf_avc_cfg_write_bs null pointer dereference
147929GPAC box_funcs.c gf_isom_box_parse_ex out-of-bounds write
147928GPAC ipmpx_code.c ReadGF_IPMPX_WatermarkingInit out-of-bounds write
147927GPAC av_parsers.c av1_parse_tile_group out-of-bounds write
147926GPAC box_code_base.c dinf_New release of resource
147925kind-of Type Detection index.js ctorName injection
147924Laborator Neon Theme autosuggest-remote.php cross site scripting
147923libsixel fromgif.c gif_out_code out-of-bounds write
147922Nagios XI nocscreenapi.php cross site scripting
147921Linux Kernel f2fs Filesystem ttm_page_alloc.c. ttm_put_pages out-of-bounds read
147920MFScripts YetiShare _account_forgot_password.ajax.php information disclosure
147919MFScripts YetiShare _account_forgot_password.ajax.php information disclosure
147918MFScripts YetiShare Session Cookie information disclosure [CVE-2019-19739]
147917MFScripts YetiShare log_file_viewer.php cross site scripting
147916MFScripts YetiShare Session Cookie cross-site request forgery
147915MFScripts YetiShare Session Cookie httponly permission assignment
147914MFScripts YetiShare Password Reset class.userpeer.php unknown vulnerability
147913MFScripts YetiShare _account_move_file_in_folder.ajax.php sql injection
147912MFScripts YetiShare _get_all_file_server_paths.ajax.php cross site scripting
147911MFScripts YetiShare translation_manage_text.ajax.php sql injection
147910TinyWall Controller Debug Memory privileges management
147909XMLBlueprint XML Data xml injection [CVE-2019-19032]
147908Easy XML Editor XML Data xml injection [CVE-2019-19031]
147907D-Link DIR-859 UPnP Service gena.cgi os command injection
147906Apache Solr input validation [CVE-2019-17558]
147905Tiny File Manager Upload os command injection [CVE-2019-16790]
147904ClickHouse Decompression out-of-bounds read [CVE-2019-16535]
147903ClickHouse input validation [CVE-2019-15024]
147902ros-melodic-ros-comm spinner.cpp remove memory corruption
147901ros-melodic-ros-comm record.cpp parseOptions integer overflow
147900php-shellcommand os command injection [CVE-2019-10774]
147899D-Link DGS-1510 cross site scripting [CVE-2018-7859]
147898GitLab Enterprise Edition Access Control missing authentication🔒
147897GitLab Community Edition/Enterprise Edition Access Control authorization🔒
147896GitLab Community Edition/Enterprise Edition server-side request forgery🔒
147895GitLab Community Edition/Enterprise Edition Access Control authorization🔒
147894GitLab Community Edition/Enterprise Edition server-side request forgery🔒
147893GitLab Community Edition/Enterprise Edition cross site scripting🔒
147892GitLab Community Edition/Enterprise Edition information disclosure🔒
147891GitLab Community Edition/Enterprise Edition Access Control authorization🔒
147890GitLab Community Edition/Enterprise Edition Access Control authorization🔒
147889GitLab Enterprise Edition Persistent cross site scripting [CVE-2018-20491]🔒
147888GitLab Community Edition/Enterprise Edition Persistent cross site scripting🔒
147887GitLab Community Edition/Enterprise Edition Access Control improper authentication🔒
147886GitLab Community Edition/Enterprise Edition information disclosure🔒
147885IBM Watson Studio Local information disclosure [CVE-2018-1682]
147884QEMU Virtio privileges management [CVE-2013-2016]🔒🔒
147883cumin Server Certificate Validator certificate validation [CVE-2013-0264]
147882OpenShift Enterprise Web Console cross-site request forgery [CVE-2013-0196]
147881isearch Package tmp tempnam cleanup
147880Freeciv Server resource consumption [CVE-2012-5645]🔒🔒
147879OpenStack Dashboard Package quantum.conf Password information disclosure
147878Red Hat OpenStack Platform local_settings Secret Key missing encryption🔒
147877HTTP Authentication Library Password Hash inadequate encryption
147876Linux Kernel feat.c __feat_register_sp resource consumption
147875Linux Kernel Error cfg80211.c mwifiex_tm_cmd release of resource
147874libsixel fromgif.c gif_init_frame out-of-bounds write
147873PoDoFo PdfVariant.h DelayedLoad null pointer dereference
147872Bento4 Ap4EsDescriptor.cpp GetTag null pointer dereference
147871Bento4 Ap4DecoderConfigDescriptor.cpp GetTag null pointer dereference
147870Bento4 Ap4Sample.h GetOffset use after free
147869GoPro gpmf-parser GPMF_parse.c GPMF_SeekToSamples out-of-bounds read
147868GoPro gpmf-parser GPMF_mp4reader.c GetPayload out-of-bounds read
147867GoPro gpmf-parser GPMF-parse.c GPMF_seekToSamples out-of-bounds read
147866GoPro gpmf-parser GPMF_parser.c GPMF_Next out-of-bounds read
147865TVT NVMS-1000 GET Request path traversal [CVE-2019-20085]
147864VIM autocmd window.c use after free
147863Netis DL4323 Dynamic DNS Configuration form2Ddns.cgi cross site scripting
147862Netis DL4323 Ping6 Diagnostic pingrtt_v6.html cross site scripting
147861Netis DL4323 form2saveConf.cgi Password insufficiently protected credentials
147860Netis DL4323 User Account Configuration form2userconfig.cgi cross site scripting
147859Netis DL4323 Dynamic DNS Configuration form2Ddns.cgi cross site scripting
147858Netis DL4323 Log form2logaction.cgi cross-site request forgery
147857Netis DL4323 form2url.cgi cross site scripting
147856libmysofa dataobject.c mysofa2json initialization
147855Bolt Symfony Web Profiler cross site scripting [CVE-2019-20058]
147854Proxyman Privileged Helper Tool Proxy insufficient verification of data authenticity
147853stb Image Loader stb_image.h stbi__shiftsigned assertion
147852LuquidPixels LiquiFire OS URL server-side request forgery [CVE-2019-20055]
147851Linux Kernel proc_sysctl.c drop_sysctl_table null pointer dereference
147850UPX Mach-O File p_mach.cpp canUnpack input validation
147849matio mat.c Mat_VarCalloc release of resource
147848UPX p_lx_elf.cpp elf_hash calculation
147847Alcatel-Lucent OmniVista 4760 __construct code injection
147846Alcatel-Lucent OmniVista 8770 Service Port 389 unrestricted upload
147845Alcatel-Lucent OmniVista 4760/OmniVista 8770 Web Server Configuration sess_ insufficiently protected credentials
147844K7 Ultimate Security Backup Module K7BKCExt.dll link following
147843Tenable Nessus UI Stored cross site scripting🔒
147842Tenable Nessus UI Stored cross site scripting🔒
147841Livefyre LiveComments Picture cross site scripting [CVE-2014-6420]
147840Senkas Kolibri URI input validation [CVE-2014-5289]
147839WP-Planet Plugin magpie_debug.php cross site scripting
147838Video Comments Webcam Recorder Plugin r_logout.php cross site scripting
147837Swipe Checkout for WooCommerce Plugin test-plugin.php cross site scripting
147836Shortcode Ninja Plugin preview-shortcode-external.php cross site scripting
147835Ruven Toolkit Plugin popup.php cross site scripting
147834Podcast Channels Plugin demo.write.php cross site scripting
147833Movies Plugin demo.mimeonly.php cross site scripting
147832Infusionsoft Gravity Forms Plugin notAuto_test_ContactService_pauseCampaign.php cross site scripting
147831Import Legacy Media Plugin demo.mimeonly.php cross site scripting
147830Conversador Plugin cross site scripting [CVE-2014-4519]
147829D-Link DWR-113 cross-site request forgery [CVE-2014-3136]
147828Collabtive Access Control install.php privileges management
147827Vivotek IP Camera authorization [CVE-2013-4985]
147826AVTECH AVN801 DVR Administration Login Captcha improper authentication🔒
147825Hikvision DS-2CD7153-E improper authentication [CVE-2013-4976]
147824Hikvision DS-2CD7153-E privileges management [CVE-2013-4975]
147823Karotz API Session Token information disclosure [CVE-2013-4868]
147822Electronic Arts Karotz Smart Rabbit Python Module privileges management
147821Insteon Hub 2242-222 Web/API default permission [CVE-2013-4859]
147820ReviewBoard unrestricted upload [CVE-2013-4796]
147819Samsung Galaxy S3/Galaxy S4 SMS Text Message default permission
147818Samsung Galaxy S3/Galaxy S4 SMS Text Message default permission
147817Static HTTP Server http.ini buffer overflow
147816NullSoft WinAmp gen_ff.dll release of reference [CVE-2013-4695]🔒
147815Xorbin Digital Flash Clock Extension xorAnalogClock.swf cross site scripting
147814Xorbin Analog Flash Clock Extension xorAnalogClock.swf cross site scripting
147813Sencha Connect connect.methodOverride cross site scripting
147812SPBAS Business Automation Software index.php cross-site request forgery
147811SPBAS Business Automation Software cross site scripting [CVE-2013-4664]
147810Magnolia CMS improper authentication [CVE-2013-4621]🔒
147809Toshiba ConfigFree Utility CFProfile.exe out-of-bounds write
147808thttpd Underflow out-of-bounds write [CVE-2007-0158]
147807WordPress REST API class-wp-rest-posts-controller.php privileges management
147806WordPress Protection Mechanism formatting.php wp_targeted_link_rel cross site scripting
147805WordPress HTML5 kses.php wp_kses_bad_protocol input validation
147804Citrix Application Delivery Controller/Gateway path traversal
147803Swipe Checkout for WP e-Commerce Plugin test-plugin.php cross site scripting
147802Ebay Feeds Plugin magpie_slashbox.php cross site scripting
147801Easy Career Openings Plugin cross site scripting [CVE-2014-4523]
147800Huawei USG9500 X.509 out-of-bounds write [CVE-2019-5275]
147799Huawei USG9500 X.509 buffer overflow [CVE-2019-5274]
147798Huawei USG9500 X.509 buffer overflow [CVE-2019-5273]
147797Huawei USG9500 Integrity Check improper validation of integrity check value
147796libsixel fromsixel.c image_buffer_resize out-of-bounds write
147795libsixel fromsixel.c image_buffer_resize release of resource
147794libsixel frompnm.c load_pnm operation after expiration
147793UPX Mach-O File p_mach.cpp canUnpack out-of-bounds write
147792matio mat5.c ReadNextStructField out-of-bounds read
147791matio mat5.c Mat_VarRead5 resource consumption
147790matio mat5.c ReadNextCell out-of-bounds read
147789matio mat5.c Mat_VarReadNextInfo5 out-of-bounds read
147788libmysofa dataobject.c readOHDRHeaderMessageDatatype out-of-bounds write
147787GNU LibreDWG dwg.spec dwg_decode_LWPOLYLINE_private resource consumption
147786GNU LibreDWG free.c dwg_free double free
147785GNU LibreDWG dwg.spec decode_3dsolid resource consumption
147784GNU LibreDWG dwg.spec dwg_decode_HATCH_private resource consumption
147783GNU LibreDWG decode.c decode_R13_R2000 out-of-bounds read
147782GNU LibreDWG decode.c resolve_objectref_vector use after free
147781GNU LibreDWG dwg.spec dwg_decode_SPLINE_private resource consumption
147780Archery Project Name Stored cross site scripting
147779ezXML ezxml.c ezxml_parse_str null pointer dereference
147778ezXML ezxml_char_content use after free
147777ezXML XML File strchr out-of-bounds read
147776Intelbras IWR 3000N JSON login input validation
147775Intelbras IWR 3000N user cross-site request forgery
147774Huawei MediaPad M5 Lite 10 input validation [CVE-2019-19398]
147773JetBrains Ktor Framework cross site scripting [CVE-2019-19389]
147772Waitress Proxy request smuggling [CVE-2019-16789]
147771WordPress Block Editor cross site scripting [CVE-2019-16781]
147770WordPress Block Editor cross site scripting [CVE-2019-16780]
147769D-Link DIR-601 B1 improper authentication [CVE-2019-16327]
147768D-Link DIR-601 B1 cross-site request forgery [CVE-2019-16326]
147767GitLab Community Edition/Enterprise Edition Access Control authorization🔒
147766ircd-ratbox MONITOR Command memory corruption [CVE-2015-5290]
147765Features Gem tmp File injection
147764Belkin N900 Javascript Debugging improper authentication [CVE-2013-3088]
147763Belkin F5D8236-4 Web Management Interface improper authentication
147762W3 Super Cache Plugin Incomplete Fix CVE-2013-2009 escape output🔒
147761Java SE Virtual Machine information disclosure [CVE-2012-4420]
147760sssd HBAC Rule improper authentication [CVE-2012-3462]
147759NetworkManager AdHoc Mode missing authentication [CVE-2012-2736]🔒🔒
147758pax-linux arch_get_unmapped_area_topdown resource consumption
147757Athenz redirect [CVE-2019-6035]
147756A-Blog CMS injection [CVE-2019-6034]
147755A-Blog CMS cross site scripting [CVE-2019-6033]
147754NTV News24 X.509 Certificate Validation certificate validation
147753KINZA RSS Reader cross site scripting [CVE-2019-6031]
147752Custom Body Class cross-site request forgery [CVE-2019-6030]
147751Custom Body Class cross site scripting [CVE-2019-6029]
147750WP Spell Check cross-site request forgery [CVE-2019-6027]
147749MOTEX LanScope Cat Client privileges management [CVE-2019-6026]
147748Movable Type redirect [CVE-2019-6025]
147747Rakuma App insufficiently protected credentials [CVE-2019-6024]
147746Cybozu Office Access Restriction privileges management [CVE-2019-6023]
147745Cybozu Office Customapp path traversal
147744Library Information Management System LIMEDIO redirect [CVE-2019-6021]
147743PowerCMS redirect [CVE-2019-6020]
147742STAMP Workbench Installer untrusted search path [CVE-2019-6019]
147741NetCommons cross site scripting [CVE-2019-6018]
147740REMISE Payment Module information disclosure [CVE-2019-6017]
147739REMISE Payment Module cross site scripting [CVE-2019-6016]
147738D-Link DBA-1510P Web User Interface os command injection [CVE-2019-6014]
147737D-Link DBA-1510P Command Line Interface os command injection
147736wpDataTables Lite sql injection [CVE-2019-6012]
147735wpDataTables Lite cross site scripting [CVE-2019-6011]
147734Yokogawa Exaopc Unquoted Search Path unquoted search path [CVE-2019-6008]
147733Pandora FMS Alert System authorization [CVE-2019-19681]
147732ListingPro Theme Listing Submit Page Persistent cross site scripting
147731ListingPro Theme Listing Submit Page Persistent cross site scripting
147730ListingPro Theme Reflected cross site scripting [CVE-2019-19540]
147729TigerVNC readSetCursor stack-based overflow
147728TigerVNC decodeRect heap-based overflow
147727TigerVNC FilterGradient heap-based overflow
147726TigerVNC CopyRectDecoder heap-based overflow
147725TigerVNC ZRLEDecoder memory corruption [CVE-2019-15691]
147724BullGuard Premium Protection Symlink toctou [CVE-2019-20000]
147723Halo Template server-side request forgery [CVE-2019-19999]
147722Xiuno BBS token.php xml external entity reference
147721Email Subscribers / Newsletters File Download information disclosure
147720Email Subscribers / Newsletters Campaign privileges management
147719Fast Velocity Minify fastvelocity_min_files Path information disclosure
147718Email Subscribers / Newsletters unknown vulnerability [CVE-2019-19982]
147717Email Subscribers / Newsletters Plugin Settings cross-site request forgery
147716Email Subscribers / Newsletters Administrative Dashboard wp_ajax privileges management
147715WP Maintenance Maintenance Mode cross site scriting [CVE-2019-19979]
147714libESMTP ntlmstruct.c ntlm_build_type_2 out-of-bounds read
147713UPC Connect Box EuroDOCSIS 3.0 Voice Gateway Administration Page setter.xml cleartext transmission
147712CrushFTP redirect [CVE-2018-18288]
147711NVIDIA GeForce Experience GameStream authorization [CVE-2019-5702]
147710Linux Kernel cpia2_v4l.c cpia2_exit use after free
147709Linux Kernel Port Connection sas_discover.c race condition
147708wolfSSL DAS information disclosure [CVE-2019-19963]
147707wolfSSL RSA wc_SignatureGenerateHash risky encryption
147706wolfSSL wc_ecc_mulmod_ex information disclosure
147705libIEC61850 string_utilities.c StringUtils_createStringFromBuffer resource consumption
147704libIEC61850 mms_access_result.c getNumberOfElements out-of-bounds read
147703libxml2 parser.c xmlParseBalancedChunkMemoryRecover release of resource
147702Signal Desktop wmic.exe privileges management
147701SQLite Update zipfile.c zipfileUpdate unrestricted upload
147700SQLite Error expr.c sqlite3WindowRewrite exceptional condition
147699SQLite SELECT DISTINCT select.c flattenSubquery null pointer dereference
147698Trend Micro Antivirus for Mac 2019 link following [CVE-2019-19695]
147697Reliable Controls MACH-ProWebCom Link cross site scripting [CVE-2019-18249]
147696mongo-express Endpoint toBSON code injection
147695Fermax Outdoor Panel DTMF Receiver authorization [CVE-2017-16778]
147694GraphicsMagick pict.c EncodeImage out-of-bounds read
147693ImageMagick png.c MngInfoDiscardObject use after free
147692GraphicsMagick miff.c ImportRLEPixels out-of-bounds write
147691GraphicsMagick error.c ThrowLoggedException use after free
147690ImageMagick png.c WritePNGImage out-of-bounds read
147689ImageMagick sgi.c WriteSGIImage out-of-bounds write
147688Check Point Endpoint Security Client Log File link following
147687upload-image-with-ajax File Upload unrestricted upload [CVE-2019-8293]
147686SonicWALL Email Security Appliance improper authorization [CVE-2019-7489]
147685SonicWALL Email Security Appliance Database credentials management
147684F5 BIG-IP/BIG-IQ UCS Backup File information disclosure [CVE-2019-6688]
147683F5 BIG-IP ASM Cloud Security Services Profile improper authentication
147682F5 BIG-IP Traffic Management Microkernel input validation [CVE-2019-6686]
147681F5 BIG-IP iRule privileges management [CVE-2019-6685]
147680F5 BIG-IP Virtual Clustered Multiprocessing input validation
147679F5 BIG-IP Virtual Server FastL4 Profile resource consumption
147678F5 BIG-IP ASM Security Policy resource consumption [CVE-2019-6682]
147677F5 BIG-IP Multicast Forwarding Cache release of resource [CVE-2019-6681]
147676F5 BIG-IP FastL4 Virtual Server input validation [CVE-2019-6680]
147675F5 BIG-IP SCP link following [CVE-2019-6679]
147674F5 BIG-IP Packet Filter input validation [CVE-2019-6678]
147673F5 BIG-IP TMM input validation [CVE-2019-6677]
147672F5 BIG-IP TMM input validation [CVE-2019-6676]
147671Forcepoint NGFW Security Management Center Configuration Database type conversion
147631VMware Workstation/Horizon View Agent DLL Loader untrusted search path
147630Huawei Smart Phone buffer overflow [CVE-2019-5276]
147629Huawei OceanStor SNS3096 Operation information disclosure [CVE-2019-5267]
147628Huawei P30 Share input validation [CVE-2019-5266]
147627Huawei P30 Share information disclosure [CVE-2019-5265]
147626Linux Kernel IAPP Location Update input validation [CVE-2019-5108]
147625Debian-edu-config ACL privileges management [CVE-2019-3467]
147624ZTE ZXCLOUD GoldenData VAP insufficiently protected credentials
147623ZTE ZXCLOUD GoldenData VAP information disclosure [CVE-2019-3430]
147622ZTE ZXCLOUD GoldenData VAP Log File log file [CVE-2019-3429]
147621Linux Kernel USB Device kvaser_usb_leaf.c information disclosure
147620libIEC61850 ber_decode.c BerDecoder_decodeUint32 out-of-bounds read
147619Red Hat Ceph Storage RADOS Gateway Daemon input validation [CVE-2019-19337]
147618F5 BIG-IP/BIG-IQ/iWorkflow/Enterprise Manager TMOS Shell privileges management
147617F5 BIG-IP APM Log log file [CVE-2019-19150]
147616virglrenderer Command vrend_renderer.c vrend_renderer_transfer_write_iov out-of-bounds write
147615virglrenderer Command vrend_renderer.c vrend_blit_need_swizzle out-of-bounds read
147614virglrenderer vrend_renderer.c vrend_renderer_transfer_write_iov out-of-bounds write
147613virglrenderer Command vrend_renderer.c null pointer dereference
147612PLC Editor Project File stack-based overflow [CVE-2019-18236]
147611Equinox Control Expert sql injection [CVE-2019-18234]
147610Orckestra C1 CMS Deserialization Composite.dll EntityTokenSerializer deserialization
147609Apache Tomcat FORM Authentication session fixiation [CVE-2019-17563]
147608Open TFTP Server SP Error Packet logMess out-of-bounds write
147607Open TFTP Server MT Error Packet logMess out-of-bounds write
147606Apache Tomcat JMX Remote Lifecycle Listener insufficiently protected credentials
147605TFTP Server MT Error Packet logMess format string
147604TFTP Server SP Error Packet logMess format string
147603TFTP Server SP Error Packet out-of-bounds write [CVE-2018-10387]
147602libIEC61850 mms_access_result.c MmsValue_decodeMmsData out-of-bounds write
147601libIEC61850 mms_value.c MmsValue_newOctetString integer overflow
147600Malwarebytes AdwCleaner DLL untrusted search path [CVE-2019-19929]
147599SQLite Incomplete Fix CVE-2019-19880 select.c multiSelect null pointer dereference
147598Linux Kernel Slice fair.c resource consumption
147597sa-exim CF File os command injection
147596PHP EXIF Extension exif_read_data out-of-bounds read
147595PHP Header mail double free
147594PHP EXIF Extension exif_read_data out-of-bounds read
147593PHP bcmath out-of-bounds read [CVE-2019-11046]
147592PHP Filename DirectoryIterator null termination
147591PHP Filename link null termination
147590IBM Financial Transaction Manager Web UI cross site scriting
147589IBM Financial Transaction Manager Session missing encryption
147588IBM Financial Transaction Manager clickjacking [CVE-2019-4742]
147587IBM Financial Transaction Manager cross-site request forgery
147586IBM Cognos Analytics Web UI cross site scriting [CVE-2019-4555]
147585IBM Cognos Analytics cross-site request forgery [CVE-2019-4231]
147584handlebars injection [CVE-2019-19919]
147583Lout z02.c srcnext out-of-bounds write
147582Lout z39.c StringQuotedWord buffer overflow
147581NeuVector Active Directory Authentication weak password [CVE-2019-19747]
147580CA Client Automation File Access Local Privilege Escalation [CVE-2019-19231]
147579Log4j Deserialization SocketServer deserialization
147578NetHack Configuration File privileges management [CVE-2019-16787]
147577Waitress HTTP Header request smuggling [CVE-2019-16786]
147576Waitress Split request smuggling [CVE-2019-16785]
147575Xiaomi DGNWG03LM/ZNCZ03LM/MCCGQ01LM/WSDCGQ01LM/RTCGQ01LM Zigbee input validation
147574Xiaomi DGNWG03LM/ZNCZ03LM/MCCGQ01LM/WSDCGQ01LM/RTCGQ01LM Zigbee input validation
147573Xiaomi DGNWG03LM/ZNCZ03LM/MCCGQ01LM/WSDCGQ01LM/RTCGQ01LM Zigbee authorization
147572Asus HG100/WS-101/TS-101 ZigBee Pro input validation [CVE-2019-15912]
147571Asus HG100/WS-101/TS-101 ZigBee Pro cleartext transmission [CVE-2019-15911]
147570Asus HG100/WS-101/TS-101 ZigBee Pro input validation [CVE-2019-15910]
147569GitLab Community Edition/Enterprise Edition resource consumption
147568IBM Cognos Business Intelligence cross-site request forgery [CVE-2018-1934]
147567Midori Browser Content Security Policy cross site scripting [CVE-2019-19916]
147566phpMyChat-Plus Password Reset URL pass_reset.php Reflected cross site scripting
1475653S-Smart CODESYS SP Realtime NT null pointer dereference [CVE-2019-19789]
147564Trend Micro Security 2020 information disclosure [CVE-2019-19693]
147563Trend Micro Apex One Product Console cross site scripting [CVE-2019-19692]
147562Trend Micro Apex One/OfficeScan XG Development Tool Credentials insufficiently protected credentials
147561Philips Veradius Unity inadequate encryption [CVE-2019-18263]
147560Palo Alto PAN-OS Log Forwarding Card Remote Code Execution [CVE-2019-17440]
147559Swagger-UI Key Name cross site scripting [CVE-2016-1000229]
147558negotiator Regular Expression resource consumption [CVE-2016-1000022]🔒
147557GnuTLS CBC Mode information exposure [CVE-2015-8313]🔒🔒
147556gnome-keyring gnome_keyring_lock_all_sync input validation
147555CUPS Localhost cupsd.conf authorization🔒🔒
147554LibreOffice/OpenOffice Embedded Content input validation [CVE-2012-5639]
147553ecryptfs-utils suid Helper input validation [CVE-2012-3409]🔒🔒
147552Adobe ColdFusion Permission default permission [CVE-2019-8256]
147551Brackets injection [CVE-2019-8255]
147550Adobe Photoshop CC memory corruption [CVE-2019-8254]
147549Adobe Photoshop CC memory corruption [CVE-2019-8253]
147548301 Redirects - Easy Redirect Manager Plugin privileges management
147547MediaWiki MinervaNeue Skin cross site scripting [CVE-2019-19910]
147546Public Knowledge Project pkp-lib OJS Report Generator deserialization
147545Kopano Groupware Core freebusyutil.cpp HrAddFBBlock buffer overflow
147544cyrus-sasl OpenLDAP common.c _sasl_add_string out-of-bounds write
147543NetHack Configuration File buffer overflow [CVE-2019-19905]
147542Backdrop CMS File Type Description cross site scripting [CVE-2019-19903]
147541Backdrop CMS File Upload information disclosure [CVE-2019-19902]
147540Backdrop CMS Block Description cross site scripting [CVE-2019-19901]
147539Backdrop CMS Content Type cross site scripting [CVE-2019-19900]
147538Ansible Tower websocket Password information exposure
147537Ansible Tower Database Backup tower Credentials file access
147536Ansible Tower RabbitMQ Management Interface information disclosure
147535sudo privileges management [CVE-2019-19234]
147534sudo Runas privileges management [CVE-2019-19232]
147533Plex Media Server Camera Upload unrestricted upload [CVE-2019-19141]
147532Lansweeper Web Console cross site scripting [CVE-2019-18955]
147531CloudVision Portal API Password insufficiently protected credentials
147530CloudVision Portal CVP API privileges management [CVE-2019-18181]
147529Eclipse Che Workspace cross-site request forgery [CVE-2019-17633]
147528JS JOBS FREE Extension custormfields.php dataForDepandantField sql injection
147527Beckhoff Embedded Windows PLC ADS Protocol input validation [CVE-2019-16871]
147526Odoo Community/Enterprise Access Control access control [CVE-2019-11780]
147525Cloud Foundry Cloud Controller API Global Service Broker information disclosure
147524Kibana Region Map cross site scripting [CVE-2019-7621]
147523SonicOS SSLVPN NACagent Installation unquoted search path [CVE-2019-7487]
147522SonicWALL SMA100 CGI Script viewcacert code injection
147521SonicWALL SMA100 CGI Script DEARegister buffer overflow
147520SonicWALL SMA100 CGI Script viewcacert sql injection
147519SonicWALL SMA100 CGI Script handleWAFRedirect path traversal
147518SonicWALL SMA100 stack-based overflow
147517GitLab Enterprise Edition Access Control access control [CVE-2019-5487]
147516GitLab Community Edition/Enterprise Edition Salesforce Login authentication bypass
147515GitLab Community Edition/Enterprise Edition Project Archive authorization
147514WAGO PFC100/PFC200 iocheckd Service buffer overflow [CVE-2019-5081]
147513WAGO PFC100/PFC200 iocheckd Service missing authentication [CVE-2019-5080]
147512WAGO PFC100/PFC200 iocheckd Service out-of-bounds write [CVE-2019-5079]
147511WAGO PFC100/PFC200 iocheckd Service missing authentication [CVE-2019-5078]
147510WAGO PFC100/PFC200 iocheckd Service missing authentication [CVE-2019-5077]
147509WAGO PFC100/PFC200 Command Line Utility memory corruption [CVE-2019-5075]
147508WAGO PFC100/PFC200 iocheckd Service buffer overflow [CVE-2019-5074]
147507WAGO PFC100/PFC200 iocheckd Service information disclosure [CVE-2019-5073]
147506Pebble Templates Protection Mechanism getClass input validation
147505Humax Wireless Voice Gateway HGB10R-2 insufficiently protected credentials
147504Humax Wireless Voice Gateway HGB10R-2 Backup File backupsettings.conf cleartext transmission
147503ffjpeg jfif.c jfif_decode divide by zero
147502ffjpeg bitstr.c bitstr_tell null pointer dereference
147501Django Password Reset password recovery [CVE-2019-19844]
147500Opera Web Browser Sandbox origin validation [CVE-2019-19788]
147499Singularity Permission .singularity default permission
147498Trend Micro Mobile Security weak password [CVE-2019-19690]
147497Trend Micro HouseCall for Home Networks DLL untrusted search path
147496Trend Micro HouseCall for Home Networks DLL privileges management
147495ABB PB610 Panel Builder 600 HMISimulator Remote Code Execution
147494ABB PB610 Panel Builder 600 HMIStudio Local Privilege Escalation
147493ABB PB610 Panel Builder 600 HMISimulator input validation [CVE-2019-18995]
147492ABB PB610 Panel Builder 600 HMIStudio input validation [CVE-2019-18994]
147491Zoho ManageEngine ADSelfService Plus redirect [CVE-2019-18781]
147490RSA Identity Governance Session Local Privilege Escalation [CVE-2019-18573]
147489RSA Identity Governance JMX Agent missing authentication [CVE-2019-18572]
147488RSA Identity Governance My Access Live Module Reflected cross site scripting
147487GE S2020 Fast Switch 61850 Reflected cross site scripting [CVE-2019-18267]
147486Pronestor Planner Outlook Add-in PronestorHealthMonitor.exe privileges management
147485Rack Session timing discrepancy [CVE-2019-16782]
147484http_server path traversal [CVE-2019-15600]
147483tree-kill code injection [CVE-2019-15599]
147482treekill code injection [CVE-2019-15598]
147481node-df code injection [CVE-2019-15597]
147480statics-server path traversal [CVE-2019-15596]
147479GitLab Community Edition/Enterprise Edition Access Control access control
147478GitLab Community Edition/Enterprise Edition Clone access control
147477GitLab Community Edition/Enterprise Edition Pipeline insertion of sensitive information into sent data
147476GitLab Community Edition/Enterprise Edition Project Milestone information disclosure
147475GitLab Community Edition/Enterprise Edition GraphQL Endpoint information disclosure
147474GitLab Community Edition/Enterprise Edition API command injection
147473Atlassian Confluence Server/Confluence Data Center Previews Plugin dynamically-managed code resources
147472Git Clone input validation [CVE-2019-1387]
147471HPE UIoT information disclosure [CVE-2019-11995]
147470Intel CSME/TXE/Detection Tool Access Control privileges management
147469Intel AMT Subsystem cross site scripting [CVE-2019-11132]
147468Intel AMT Subsystem privileges management [CVE-2019-11131]
147467Intel CSME/TXE Subsystem improper authentication [CVE-2019-11110]
147466Intel SPS Subsystem denial of service [CVE-2019-11109]
147465Intel CSME Subsystem input validation [CVE-2019-11108]
147464Intel AMT Subsystem input validation [CVE-2019-11107]
147463Intel CSME/TXE Subsystem session expiration [CVE-2019-11106]
147462Intel CSME Subsystem privileges management [CVE-2019-11105]
147461Intel CSME/TXE input validation [CVE-2019-11104]
147460Intel CSME Firmware Update input validation [CVE-2019-11103]
147459Intel DAL/CSME/TXE input validation [CVE-2019-11102]
147458Intel CSME/TXE Subsystem input validation [CVE-2019-11101]
147457Intel AMT Subsystem input validation [CVE-2019-11100]
147456Intel Management Engine Consumer Driver Directory Permission default permission
147455Intel AMT Subsystem input validation [CVE-2019-11088]
147454Intel CSME/TXE Subsystem input validation [CVE-2019-11087]
147453Intel AMT Subsystem input validation [CVE-2019-11086]
147452Intel CSME/TXE Subsystem out-of-bounds write [CVE-2019-0169]
147451Intel CSME/TXE input validation [CVE-2019-0168]
147450Intel AMT input validation [CVE-2019-0166]
147449Intel CSME input validation [CVE-2019-0165]
147448Intel AMT input validation [CVE-2019-0131]
147447Apache Xerces-C XML Parser use after free [CVE-2018-1311]
147446Restlet Endpoint xml external entity reference [CVE-2012-2656]
147444Apple macOS Web Page History information disclosure
147443Apple iCloud memory corruption [CVE-2019-8763]
147442Apple iTunes memory corruption [CVE-2019-8763]
147441Apple Safari memory corruption [CVE-2019-8763]
147440Apple tvOS memory corruption [CVE-2019-8763]
147439Apple iCloud Text File out-of-bounds read [CVE-2019-8745]
147438Apple iTunes Text File out-of-bounds read [CVE-2019-8745]
147437Apple tvOS Text File out-of-bounds read [CVE-2019-8745]
147436Apple iCloud use after free [CVE-2019-8735]
147435Apple iTunes use after free [CVE-2019-8735]
147434Apple iCloud memory corruption [CVE-2019-8733]
147433Apple iTunes memory corruption [CVE-2019-8733]
147432Apple iCloud memory corruption [CVE-2019-8726]
147431Apple iTunes memory corruption [CVE-2019-8726]
147430Apple iCloud State Management Universal cross site scripting
147429Apple iTunes State Management Universal cross site scripting
147428Apple tvOS Kernel memory corruption [CVE-2019-8717]
147427Apple iCloud use after free [CVE-2019-8707]
147426Apple iTunes use after free [CVE-2019-8707]
147425Apple iClouds State Management Universal cross site scripting
147424Apple iTunes State Management Universal cross site scripting
147423SwiftNIO SSL TLS stack-based overflow [CVE-2019-8849]
147422Apple Xcode File memory corruption [CVE-2019-8806]
147421Apple Xcode File memory corruption [CVE-2019-8800]
147420Shazam App URL injection [CVE-2019-8792]
147419Shazam App URL Scheme redirect [CVE-2019-8791]
147418Apple macOS State Management memory corruption [CVE-2019-8781]
147417Apple macOS Encrypted PDF inadequate encryption [CVE-2019-8772]
147416Apple macOS Document permission assignment [CVE-2019-8770]
147415Apple iOS/iPadOS Web Page History information disclosure
147414Apple macOS History information disclosure [CVE-2019-8768]
147413Apple iOS/iPadOS memory corruption [CVE-2019-8763]
147412Apple macOS null pointer dereference [CVE-2019-8758]
147411Apple macOS User Preferences race condition [CVE-2019-8757]
147410Apple macOS Kernel Kernel Memory null pointer dereference
147409Apple macOS Kernel null pointer dereference [CVE-2019-8748]
147408Apple macOS Text File buffer overflow [CVE-2019-8745]
147407Apple tvOS use after free [CVE-2019-8735]
147406Apple tvOS memory corruption [CVE-2019-8733]
147405Apple macOS Search Result information disclosure [CVE-2019-8730]
147404Apple tvOS memory corruption [CVE-2019-8726]
147403Apple tvOS State Management Universal cross site scripting
147402Apple macOS Kernel memory corruption [CVE-2019-8717]
147401Apple tvOS use after free [CVE-2019-8707]
147400Apple macOS memory corruption [CVE-2019-8701]
147399Apple Texture Analytics Data memory corruption [CVE-2019-8632]
147398Apple tvOS State Management Universal cross site scripting
147397Apple watchOS Passcode information disclosure [CVE-2019-8548]
147396Apple Shortcuts Sandbox external reference [CVE-2019-7290]
147395Apple Shortcuts input validation [CVE-2019-7289]
147394shadowsocks-libev Network Packet information disclosure [CVE-2019-5152]
147393IBM Planning Analytics TM1 Script privileges management [CVE-2019-4716]
147392IBM API Connect missing encryption [CVE-2019-4609]
147391HCL AppScan Source Web UI cross site scripting [CVE-2019-4388]
147390Qualcomm Snapdragon Auto Event Argument buffer overflow [CVE-2019-2304]
147389Qualcomm Snapdragon Auto RPU Write improper authentication [CVE-2019-2274]
147388Qualcomm Snapdragon Auto integer overflow [CVE-2019-2242]
147387shadow privileges management [CVE-2019-19882]
147386SQLite ORDER BY window.c exprListAppendList null pointer dereference
147385Tautulli Media Server shutdown cross-site request forgery
147384Xerox AltaLink C8035 cross-site request forgery [CVE-2019-19832]
147383SolarWinds Serv-U FTP Server cross site scripting [CVE-2019-19829]
147382D-Link DIR-615 Account Configuration Page cross site scripting
147381Asus ATK AsLdrSrv.exe input validation
147380GNU Bash shell.c disable_priv_mode dropped privileges
147379HPE OneView for VMware vCenter cross site scripting [CVE-2019-11992]
147378TRENDnet TEW-651BR/TEW-652BRP/TEW-652BRU get_set.ccp memory corruption
147377TRENDnet TEW-651BR/TEW-652BRP/TEW-652BRU get_set.ccp os command injection
147376Qualcomm Snapdragon Auto out-of-bounds write [CVE-2019-10614]
147375Qualcomm Snapdragon Auto buffer overflow [CVE-2019-10607]
147374Qualcomm Snapdragon Auto IEEE 802.11 Header buffer overflow [CVE-2019-10605]
147373Qualcomm Snapdragon Auto WMI Message array index [CVE-2019-10601]
147372Qualcomm Snapdragon Auto Netlink CB Callback null pointer dereference
147371Qualcomm Snapdragon Auto IBSS Connection Mode buffer overflow
147370Qualcomm Snapdragon Auto Message input validation [CVE-2019-10595]
147369Qualcomm Snapdragon Auto Debug Queue out-of-bounds read [CVE-2019-10584]
147368Qualcomm Snapdragon Auto Video Driver integer overflow [CVE-2019-10572]
147367Qualcomm Snapdragon Auto EEPROM out-of-bounds read [CVE-2019-10564]
147366Qualcomm Snapdragon Auto Wireless Driver out-of-bounds read [CVE-2019-10557]
147365Qualcomm Snapdragon Auto memory corruption [CVE-2019-10544]
147364Qualcomm Snapdragon Auto FW Response integer overflow [CVE-2019-10537]
147363Qualcomm Snapdragon Auto double free [CVE-2019-10536]
147362Qualcomm Snapdragon Auto SIB Read out-of-bounds write [CVE-2019-10525]
147361Qualcomm Snapdragon Auto iWLAN use after free [CVE-2019-10518]
147360Qualcomm Snapdragon Auto Thread double free [CVE-2019-10517]
147359Qualcomm Snapdragon Auto MM out-of-bounds read [CVE-2019-10516]
147358Qualcomm Snapdragon Auto SPDM Command null pointer dereference
147357Qualcomm Snapdragon Auto MT Secondary PDP Request memory corruption
147356Qualcomm Snapdragon Auto SMS OTA Message out-of-bounds read [CVE-2019-10487]
147355Qualcomm Snapdragon Auto information disclosure [CVE-2019-10482]
147354Qualcomm Snapdragon Auto WMI FW Event array index [CVE-2019-10481]
147353Qualcomm Snapdragon Auto WMI Firmware Event buffer overflow [CVE-2019-10480]
147352Qualcomm Snapdragon Auto Broadcast qdf_nbuf_trim_tail buffer overflow
147351JBoss AS 7 Community Release Security Context Propagation privileges management
147350SonicWALL SMA100 sql injection [CVE-2019-7481]
147349elog Proxy confused deputy [CVE-2019-3996]
147348elog null pointer dereference [CVE-2019-3995]
147347elog retrieve_url use after free
147346elog Credentials information disclosure [CVE-2019-3993]
147345elog Configuration File information disclosure [CVE-2019-3992]
147344Joomla CMS sql injection [CVE-2019-19846]
147343Joomla CMS Access Check Path path traversal
147342Zulip Server Image Thumbnail redirect [CVE-2019-19775]
147341Alt-N MDaemon Attachment cross site scripting [CVE-2019-19497]
147340Linux Kernel io-wq.c privileges management
147339Advantech DiagAnywhere Server stack-based overflow [CVE-2019-18257]
147338TIBCO Spotfire Analytics Platform for AWS Marketplace Spotfire Library Reflected cross site scriting
147337TIBCO Spotfire Analytics Platform for AWS Marketplace Data Access Layer Credentials information disclosure
147336TIBCO Spotfire Analytics Platform for AWS Marketplace Data Access Layer information disclosure
147335TIBCO Spotfire Analyst privileges management [CVE-2019-17334]
147334JIRA WorkflowResource authorization
147333Micro Focus Arcsight Logger cross-site request forgery [CVE-2019-11657]
147332SAP Treasury/Risk Management authorization [CVE-2019-0384]
147331SAP Treasury/Risk Management Transaction Management authorization
147330Linux Kernel Thread sendmsg privileges management
147329TYPO3 QueryGenerator sql injection
147328TYPO3 Deserialization QueryView privileges management
147327TYPO3 Extension Manager path traversal [CVE-2019-19848]
147326Libspiro spiro.c spiro_to_bpath0 out-of-bounds write
147325SPIP medias input validation
147324Linux Kernel btrfs Filesystem volumes.c __btrfs_map_block out-of-bounds write
147323Linux Kernel f2fs Filesystem Image recovery.c null pointer dereference
147322Linux Kernel f2fs Filesystem Image __remove_dirty_segment out-of-bounds write
147321Linux Kernel btrfs Filesystem mutex.c __mutex_lock use after free
147320Contao Back End unrestricted upload [CVE-2019-19745]
147319Contao Output escape output [CVE-2019-19714]
147318Contao Permission default permission [CVE-2019-19712]
147317Ivanti Workspace Control Managed Application Security default permission class.upload File Extension class.upload.php unrestricted upload
147315Nalpeiron Licensing Service NLSSRV32.EXE permission assignment
147314Simplifile RecordFusion information disclosure [CVE-2019-19264]
147313Divisa Proxia Suite/SparkSpace/Proxia PHR Java Deserialization deserialization
147312Barco ClickShare Button R9861500D01 TLS Connection missing encryption
147311Barco ClickShare Button R9861500D01 Credential Management insufficiently protected credentials
147310Barco ClickShare Button R9861500D01 DLL Loader Clickshare_For_Windows.exe untrusted search path
147309Barco ClickShare Huddle CS-100/ClickShare Huddle CS-200 Credential Management missing encryption
147308Barco ClickShare Button R9861500D01 Integrity Check input validation
147307Acer Quick Access QAAdminAgent.exe untrusted search path
147306Alauda Kubernetes Support Plugin improper authorization [CVE-2019-16576]
147305Alauda Kubernetes Support Plugin cross-site request forgery [CVE-2019-16575]
147304Alauda DevOps Pipeline Plugin Permission Check improper authorization
147303Alauda DevOps Pipeline Plugin cross-site request forgery [CVE-2019-16573]
147302Weibo Plugin Global Configuration Credentials credentials storage
147301RapidDeploy Plugin Permission Check improper authorization [CVE-2019-16571]
147300RapidDeploy Plugin cross-site request forgery [CVE-2019-16570]
147299Mantis Plugin cross-site request forgery [CVE-2019-16569]
147298SCTMExecutor Plugin Global Configuration Credentials cleartext transmission
147297Team Concert Plugin Permission Check Credentials improper authorization
147296Team Concert Plugin Permission Check improper authorization [CVE-2019-16566]
147295Team Concert Plugin cross-site request forgery [CVE-2019-16565]
147294Pipeline Aggregator View Plugin Stored cross site scripting [CVE-2019-16564]
147293Mission Control Plugin Escape Job Stored cross site scripting
147292buildgraph-view Plugin Stored cross site scripting [CVE-2019-16562]
147291WebSphere Deployer Plugin SSL/TLS Certificate Validator certificate validation
147290WebSphere Deployer Plugin cross-site request forgery [CVE-2019-16560]
147289WebSphere Deployer Plugin Permission Check improper authorization
147288Spira Importer Plugin TLS Certificate Validation certificate validation
147287Redgate SQL Change Automation Plugin Configuration File config.xml Credentials credentials storage
147286Rundeck Plugin Configuration File config.xml Credentials credentials storage
147285Build Failure Analyzer Plugin Regular Expression resource consumption
147284Build Failure Analyzer Plugin Regular Expression improper authorization
147283Build Failure Analyzer Plugin Regular Expression cross-site request forgery
147282Gerrit Trigger Plugin Permission Check improper authorization
147281Gerrit Trigger Plugin cross-site request forgery [CVE-2019-16551]
147280Maven Release Plugin Connection Test Form cross-site request forgery
147279Maven Release Plugin XML Parser xml external entity reference CentOS Web Panel sess_xxxxxx insufficiently protected credentials
147277Application Links ListEntityLinksServlet default permission CentOS Web Panel tmp insufficiently protected credentials
147275Atlassian Crowd Demo Application cross-site request forgery [CVE-2017-18107]
147274Docker Engine Manifest input validation [CVE-2014-8179]🔒🔒
147273Docker Engine Image Layer Cache Poisoning input validation🔒🔒
147272ownCloud sharing.php cross site scripting🔒
147271Mahara cross site scripting [CVE-2012-2237]🔒🔒
147270Huawei AR3600 information disclosure [CVE-2019-5259]
147269IBM MQ/MQ Appliance Message denial of service [CVE-2019-4560]
147268IBM API Connect Developer Portal Password information disclosure
147267Views Dynamic Fields Module code injection
147266Nitro Free PDF Reader Unicode npdf.dll PDAnnotHandlerDestroyData2+0xa08a out-of-bounds read
147265Cyrus IMAP Sieve Script Command lmtp_sieve.c autosieve_createfolder input validation
147264D-Link DIR-615 Portal input validation [CVE-2019-19743]
147263Roxy Fileman RENAMEFILE path traversal
147262Rumpus FTP Web File Manager Login Page Reflected cross site scripting
147261knot-resolver DNS Reply algorithmic complexity [CVE-2019-19331]
147260Barco ClickShare Button R9861500D01 Certificate Private Key information disclosure
147259Bridge ClickShare Button R9861500D01 Dongre Bridge Program os command injection
147258Barco ClickShare Button R9861500D01 Debug Interface insufficiently protected credentials
147257Barco ClickShare Button R9861500D01 JTAG input validation [CVE-2019-18827]
147256Barco ClickShare Button R9861500D01 Certificate Validation certificate validation
147255Dell XPS 13 2-in-1 BIOS Configuration config [CVE-2019-18579]
147254Omron PLC CJ/PLC CS Lock Remote Code Execution [CVE-2019-18269]
147253Omron PLC CS/PLC CJ/PLC NJ Brute Force excessive authentication
147252Omron PLC CJ/PLC CS authentication spoofing [CVE-2019-18259]
147251Trend Micro Deep Security Service Quick Setup Cloud Formation Template authorization
147250excon Gem Persistent Connection resource control [CVE-2019-16779]
147249TensorFlow UnsortedSegmentSum heap-based overflow
147248Intel NUC Firmware out-of-bounds write [CVE-2019-14612]
147247Intel NUC Firmware integer overflow [CVE-2019-14611]
147246Intel NUC Access Control privileges management [CVE-2019-14610]
147245Intel NUC Firmware Validation input validation [CVE-2019-14609]
147244Intel NUC memory corruption [CVE-2019-14608]
147243Intel CPU unusual condition [CVE-2019-14607]
147242Intel SCS Platform Discovery Utility Installer default permission
147241Intel Quartus Prime Pro Edition FPGA Kernel Driver null pointer dereference
147240Intel Quartus Prime Pro Edition License Server default permission
147239Control Center-I privileges management [CVE-2019-14599]
147238Intel RST default permission [CVE-2019-14568]
147237Omron PLC CJ/PLC CS authentication replay [CVE-2019-13533]
147236SolarWinds Serv-U FTP Server Web UI Stored cross site scripting
147235SolarWinds Serv-U FTP Server Web UI injection [CVE-2019-13181]
147234Apache Incubator Superset SQLLab information disclosure [CVE-2019-12414]
147233Apache Incubator Superset Database Metadata information disclosure
147232Intel FPGA SDK for OpenCL Pro Edition Kernel Driver unusual condition
147231Intel CPU unusual condition [CVE-2019-11157]
147230Intel Ethernet I218 Adapter Driver Memory Protection information disclosure
147229Yarn Package Installer link following [CVE-2019-10773]
147228Intel Network Adapter Linux Administrative Tools privileges management
147227Intel Dynamic Platform/Thermal Framework default permission [CVE-2019-0134]
147226Puppet Agent SSL Certificate Valu certificate validation [CVE-2018-11751]
147225Linux Kernel timer.c snd_timer_close_locked use after free
147224Xfig fig2dev read.c read_colordef out-of-bounds write
147223python-requests-Kerberos Mutual Authentication improper authentication🔒
147222ImageMagick infinite loop [CVE-2014-8561]
147221ZF2014-0 View Helper cross site scripting [CVE-2014-4913]
147220eDeploy Temp File race condition [CVE-2014-3701]
147219eDeploy cPickle Deserialization deserialization [CVE-2014-3699]
147218JBoss KeyCloak URL Validator redirect [CVE-2014-3652]
147217jersey SAX Parser xml external entity reference [CVE-2014-3643]
147216CloudForms Management Engine Registration top_output.log Log log file
147215Huawei Product insufficient verification of data authenticity
147214Huawei S5700/S6700 input validation [CVE-2019-5290]
147213Huawei CampusInsight Gauss100 OLTP Database out-of-bounds read
147212Huawei CloudUSM-EUA information disclosure [CVE-2019-5277]
147211Huawei Mate 9 Applock information disclosure [CVE-2019-5264]
147210Huawei Y9/Honor View 20 TD-SCDMA Message input validation [CVE-2019-5260]
147209Huawei eSpace U1981 buffer overflow [CVE-2019-5258]
147208Huawei AP2000 Management buffer overflow [CVE-2019-5257]
147207Huawei eSpace U1981 resource consumption [CVE-2019-5256]
147206Huawei eSpace U1981 null pointer dereference [CVE-2019-5255]
147205Huawei eSpace U1981 Message out-of-bounds read [CVE-2019-5254]
147204Huawei E5572-855 improper authentication [CVE-2019-5253]
147203Huawei Y9/Honor 8X/Honor 9 Lite/Honor 9i/Y6 Pro Applock improper authentication
147202Huawei Smartphone path traversal [CVE-2019-5251]
147201Huawei Mate 20 Pro authorization [CVE-2019-5250]
147200Huawei CloudEngine 12800 release of resource [CVE-2019-5248]
147199Huawei Smart Phone null pointer dereference [CVE-2019-5235]
147198IBM Case Manager Case Builder cross site scriting [CVE-2019-4426]
147197Yabasic Basic Source Code function.c myformat out-of-bounds write
147196Samurai Build File util.c canonpath out-of-bounds write
147195miekg Go DNS Random Number Generator weak prng [CVE-2019-19794]
147194Cyxtera AppGate SDP Client privileges management [CVE-2019-19793]
147193Telerik UI for ASP.NET AJAX RadChart path traversal [CVE-2019-19790]
147192ATasm m65 File setparse.c get_signed_expression out-of-bounds write
147191ATasm m65 File setparse.c parse_expr out-of-bounds write
147190ATasm m65 File asm.c to_comma out-of-bounds write
147189AceaXe Plus FTP Client buffer overflow [CVE-2019-19782]
147188libsixel loader.c load_sixel out-of-bounds read
147187stb Image Loader stb_image.h stbi__load_main out-of-bounds read
147186Zoho ManageEngine EventLog Analyzer MD5 information disclosure
147185Dovecot Push Notification Driver null pointer dereference [CVE-2019-19722]
147184VeraCrypt VeraCryptExpander.exe privileges management
147183Huawei Products risky encryption [CVE-2019-19397]
147182Envoy Route Manager null pointer dereference [CVE-2019-18838]
147181Envoy HTTP Header memory corruption [CVE-2019-18802]
147180Envoy Access Control memory corruption [CVE-2019-18801]
147179quiz-master-next Plugin quiz-options-page.php Reflected cross site scripting
147178Petwant PF-103/Petalk AI processCommandUploadLog os command injection
147177eGain Web Email API 11+ Message email) Header Injection input validation
147176npm CLI Install Script path traversal [CVE-2019-16777]
147175npm CLI Install Script path traversal [CVE-2019-16776]
147174npm CLI Install Script symlink [CVE-2019-16775]
147173Petwant PF-103/Petalk AI processCommandSetMac os command injection
147172Petwant PF-103/Petalk AI processCommandUploadSnapshot out-of-bounds write
147171Petwant PF-103/Petalk AI processCommandUploadLog out-of-bounds write
147170Petwant PF-103/Petalk AI Telnet Service hard-coded credentials
147169Petwant PF-103/Petalk AI processCommandSetUid os command injection
147168Petalk PF-103/Petalk AI Communication signature verification
147167Petwant PF-103/Petalk AI udpServerSys Service authorization [CVE-2019-16731]
147166Petwant PF-103/Petalk AI processCommandUpgrade input validation
147165TemaTres Reflected cross site scripting [CVE-2019-14344]
147164SAML Single Sign On Plugin input validation [CVE-2019-13347]
147163duplicity SSL Certificate Verification Service certificate validation
147162Pen Temp File webfile.html exposure of resource
147161suPHP Source Highlighting improper authentication [CVE-2014-1867]
147160hammer_cli_foreman Gem foreman.yml insufficiently protected credentials
147159qpid-cpp ACL Policy resource consumption [CVE-2014-0212]
147158cfme CSRF Protection cross-site request forgery [CVE-2014-0197]
147157MCollective Installation hard-coded credentials [CVE-2014-0175]
147156Apple Safari WebKit integer underflow [CVE-2019-5144]
147155Hostapd 802.11w Security State input validation [CVE-2019-5062]
147154Hostapd IAPP Location Update input validation [CVE-2019-5061]
147153Advantech WebAccess stack-based overflow [CVE-2019-3951]
147152lodahs input validation [CVE-2019-19771]
147151Linux Kernel inode.c debugfs_remov use after free
147150Linux Kernel lock.h perf_trace_lock_acquire use after free
147149Linux Kernel blktrace.c __blk_add_trace use after free
147148Linux Kernel inode.c ext4_xattr_set_entry use after free
147147Bitwarden Server inadequate encryption [CVE-2019-19766]
147146Siemens SiNVR 3 Central Control Server SFTP Service routine [CVE-2019-18342]
147145Siemens SiNVR 3 Central Control Server improper authentication
147144Siemens SiNVR 3 Central Control Server Credentials information disclosure
147143Siemens SiNVR 3 Central Control Server HTTP Service missing authentication
147142Siemens SiNVR 3 Central Control Server XML Data path traversal
147141Siemens SiNVR 3 Central Control Server XML Data improper authentication
147140Siemens SPPA-T3000 Application Server Service Port 80 information disclosure
147139Siemens SPPA-T3000 Application Server Service Port 8090 Username information disclosure
147138Siemens SPPA-T3000 Application Server Service Port 8090 Directory information disclosure
147137Siemens SPPA-T3000 Application Server Web Services Directory information disclosure
147136Siemens SPPA-T3000 Application Server Service Port 1099 information disclosure
147135Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflow
147134Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflow
147133Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflow
147132Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflow
147131Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflow
147130Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflow
147129Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflow
147128Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflow
147127Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 improper authentication
147126Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 improper authentication
147125Siemens SPPA-T3000 Application Server File Upload improper authentication
147124Siemens SPPA-T3000 Application Server RMI improper authentication
147123Siemens SPPA-T3000 Application Server RMI improper authentication
147122Siemens SPPA-T3000 Application Server RMI improper authentication
147121Siemens SPPA-T3000 Application Server Service Port 1099 deserialization
147120Siemens SPPA-T3000 Application Server Service Port 8888 improper authentication
147119Siemens SPPA-T3000 Application Server RMI improper authentication
147118Siemens SPPA-T3000 MS3000 Migration Server RPC Service unrestricted upload
147117Siemens SPPA-T3000 MS3000 Migration Server RPC Service improper authentication
147116Siemens SPPA-T3000 MS3000 Migration Server Service Port 7061 denial of service
147115Siemens SPPA-T3000 MS3000 Migration Server Service Port 7061 stack-based overflow
147114Siemens SPPA-T3000 MS3000 Migration Server access control [CVE-2019-18309]
147113Siemens SPPA-T3000 MS3000 Migration Server access control [CVE-2019-18308]
147112Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 out-of-bounds read
147111Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 out-of-bounds read
147110Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 integer overflow
147109Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 integer overflow
147108Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 integer overflow
147107Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 integer overflow
147106Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 integer overflow
147105Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 integer overflow
147104Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 integer overflow
147103Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 integer overflow
147102Siemens SPPA-T3000 MS3000 Migration Server heap-based overflow
147101Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflow
147100Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflow
147099Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflow
147098Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflow
147097Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflow
147096Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflow
147095Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflow
147094Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 heap-based overflow
147093Siemens SPPA-T3000 Application Server RMI interface unrestricted upload
147092Siemens SPPA-T3000 Application Server Directory improper authentication
147091Siemens SPPA-T3000 Application Server Directory improper authentication
147090Siemens SPPA-T3000 Application Server RMI Communication cleartext transmission
147089Siemens SPPA-T3000 Application Server AdminService improper authentication
147088Siemens SPPA-T3000 Application Server AdminService deserialization
147087phpfastcache Cookie Driver code injection [CVE-2019-16774]
147086Siemens SiNVR 3 Central Control Server User Configuration Menu Password information disclosure
147085Siemens EN100 Ethernet Module DNP3 Web Server path traversal
147084Siemens EN100 Ethernet Module DNP3 Web Interface cross site scripting
147083Siemens EN100 Ethernet Module DNP3 Webserver memory corruption
147082XHQ Web Application input validation [CVE-2019-13932]
147081XHQ Web Interface cross site scriting [CVE-2019-13931]
147080XHQ Web Interface cross-site request forgery [CVE-2019-13930]
147079Apache SpamAssassin Message resource consumption [CVE-2019-12420]
147078Apache SpamAssassin CF File os command injection [CVE-2018-11805]
147077IBM DB2 High Performance Unload privileges management [CVE-2019-4606]
147076minerstat msOS SSH Key improper authentication [CVE-2019-19750]
147075Electronic Arts Origin privileges management [CVE-2019-19248]
147074Electronic Arts Origin privileges management [CVE-2019-19247]
147073Scoutnet Kalender Plugin cross site scripting [CVE-2019-19198]
147072DAViCal Reflected cross site scripting [CVE-2019-18345]
147071Intesync Solismed Stored inadequate encryption [CVE-2019-17428]
147070Cacti Deserialization functions.php deserialization
147069Intesync Solismed information disclosure [CVE-2019-16246]
147068Intesync Solismed File Upload unrestricted upload [CVE-2019-15936]
147067Intesync Solismed cross site scripting [CVE-2019-15935]
147066Intesync Solismed cross-site request forgery [CVE-2019-15934]
147065Intesync Solismed sql injection [CVE-2019-15933]
147064Intesync Solismed Access Control permission assignment [CVE-2019-15932]
147063Intesync Solismed path traversal [CVE-2019-15931]
147062Intesync Solismed improper restriction of rendered ui layers
1470613scale Session Cookie httponly insertion of sensitive information into sent data
147060Siemens SIMATIC S7-1200 CPU UART routine [CVE-2019-13945]
147059Desigo PXC00-E.D Web Server denial of service [CVE-2019-13927]
147058Qualcomm Snapdragon Auto Image memory corruption [CVE-2019-2338]
147057Qualcomm Snapdragon Auto EMM out-of-bounds read [CVE-2019-2337]
147056Qualcomm Snapdragon Auto HLOS buffer overflow [CVE-2019-2321]
147055Qualcomm Snapdragon Auto array index [CVE-2019-2320]
147054Qualcomm Snapdragon Auto HLOS privileges management [CVE-2019-2319]
147053Qualcomm Snapdragon Auto out-of-bounds read [CVE-2019-2310]
147052Qualcomm Snapdragon Auto TZ buffer overflow [CVE-2019-2288]
147051Qualcomm Snapdragon Connectivity Driver information disclosure
147050Qualcomm Snapdragon Auto QDCM API integer overflow [CVE-2019-10592]
147049Qualcomm Snapdragon Auto Snapshot buffer overflow [CVE-2019-10571]
147048Qualcomm Snapdragon Auto OGG File out-of-bounds read [CVE-2019-10559]
147047Qualcomm Snapdragon Auto buffer overflow [CVE-2019-10555]
147046Qualcomm Snapdragon Auto LLC Support null pointer dereference
147045Qualcomm Snapdragon Auto Data Truncation integer overflow [CVE-2019-10530]
147044Qualcomm Snapdragon Mobile/Snapdragon Voice / Music GPU Memory resource consumption
147043Qualcomm Snapdragon Auto GSNDCP Compressed Mode array index [CVE-2019-10511]
147042Qualcomm Snapdragon Auto Camera toctou [CVE-2019-10494]
147041Qualcomm Snapdragon Auto buffer overflow [CVE-2019-10493]
147040Qualcomm Snapdragon Auto Compressed Data infinite loop [CVE-2019-10485]
147039Qualcomm Snapdragon Auto Command use after free [CVE-2019-10484]
147038Work Time Calendar App cross site scripting [CVE-2019-19748]
147037Xfig fig2dev arrow.c make_arrow integer overflow
147036Octeth Oempro Campaign.Get sql injection
147035OpenBSD setuid Program _dl_setup_env privileges management
147034SnakeYAML Alias xml entity expansion [CVE-2017-18640]
147033Microsoft Visual Studio Git input validation [CVE-2019-1387]
147032Microsoft Visual Studio Git input validation [CVE-2019-1354]
147031Microsoft Visual Studio Git input validation [CVE-2019-1352]
147030Microsoft Visual Studio Git input validation [CVE-2019-1351]
147029Microsoft Visual Studio Git input validation [CVE-2019-1350]
147028Microsoft Visual Studio Git input validation [CVE-2019-1349]
147027Avaya IP Office Application Server Web UI cross site scripting
147026LEADTOOLS JPEG2000 File out-of-bounds write [CVE-2019-5154]
147025LEADTOOLS DICOM integer overflow
147024LEADTOOLS DICOM Image out-of-bounds write [CVE-2019-5092]
147023LEADTOOLS infinite loop
147022LEADTOOLS out-of-bounds read
147021LEADTOOLS DICOM Parser integer overflow
147020IBM Spectrum Scale command injection [CVE-2019-4715]
147019IBM Spectrum Scale Web UI cross site scriting [CVE-2019-4665]
147018Blink XT2 Sync Module Network Configuration os command injection
147017Blink XT2 Sync Module WiFi os command injection [CVE-2019-3988]
147016Blink XT2 Sync Module WiFi os command injection [CVE-2019-3987]
147015Blink XT2 Sync Module WiFi os command injection [CVE-2019-3986]
147014Blink XT2 Sync Module WiFi os command injection [CVE-2019-3985]
147013Blink XT2 Sync Module UART insufficiently protected credentials
147012bson-objectid ObjectID input validation
147011sysstat sa_common.c check_file_actlst double free
147010Zoho ManageEngine Applications Manager sql injection
147009Zoho ManageEngine Applications Manager doGet sql injection
147008Xen VMX VMEntry Check input validation [CVE-2019-19583]
147007Xen Bit Iteration infinite loop [CVE-2019-19582]
147006Xen Bit Iteration memory corruption [CVE-2019-19581]
147005Xen Incomplete Fix race condition [CVE-2019-19580]
147004Xen Pagetable input validation [CVE-2019-19578]
147003Xen Pagetable input validation [CVE-2019-19577]
147002Squiz Matrix CMS File Upload input validation
147001Squiz Matrix CMS deserialization
147000Symantec Messaging Gateway server-side request forgery [CVE-2019-18379]
146999Symantec Messaging Gateway cross site scripting [CVE-2019-18378]
146998Symantec Messaging Gateway privileges management [CVE-2019-18377]
146997Reliable Controls LicenseManager unquoted search path [CVE-2019-18245]
146996Safenet Sentinel LDK License Manager Service link following [CVE-2019-18232]
146995Micro Focus AcuToWeb File Download information disclosure [CVE-2019-17087]
146994Atlassian FishEye/Crucible authorization
146993Atlassian FishEye/Crucible branchreview cross site scripting
146992Atlassian FishEye/Crucible Branch cross site scripting [CVE-2019-15007]
146991Linux/FreeBSD/OpenBSD/MacOS/iOS/Android VPN channel accessible
146990wolfSSL/wolfCrypt DSA Nonce Generator dsa.c Key missing encryption
146989enshrined svg-sanitize cross site scripting [CVE-2019-10772]
146988Puppet Enterprise root_configuration Password log file
146987Puppet Enterprise Express Install hard-coded credentials [CVE-2019-10694]
146986SAP Enable Now User information disclosure [CVE-2019-0405]
146985SAP Enable Now Error Message information disclosure [CVE-2019-0404]
146984SAP Enable Now input validation [CVE-2019-0403]
146983SAP Adaptive Server Enterprise information disclosure [CVE-2019-0402]
146982SAP Project Management Project Dashboard information disclosure
146981SAP BusinessObjects Business Intelligence Platform cross-site request forgery
146980SAP BusinessObjects Business Intelligence Platform Fiori BI Launchpad Stored cross site scripting
146979DBD::PgPP sql injection [CVE-2014-7257]
146978openshift os command injection [CVE-2014-0163]
146977Foreman input validation [CVE-2014-0091]
146976katello-headpin REST API cross-site request forgery [CVE-2014-0026]
146975node-connect Incomplete Fix CVE-2013-7370 cross site scripting
146974Cart66 Lite Plugin products.php cross site scripting
146973Zabbix sql injection [CVE-2013-5743]🔒🔒
146972Puppet Enterprise cross site scripting [CVE-2013-4968]🔒
146971MediaWiki API IEUrlExtension.php cross site scripting🔒🔒
146970AirLive POE-2600HD resource consumption [CVE-2013-3691]
146969Grandstream GXV3500 Telnet Service hard-coded credentials [CVE-2013-3542]🔒
146968Adobe Acrobat Reader input validation [CVE-2019-16453]
146967Adobe Acrobat Reader privileges management [CVE-2019-16444]
146966Adobe Acrobat Reader null pointer dereference [CVE-2019-16463]
146965Adobe Acrobat Reader null pointer dereference [CVE-2019-16460]
146964Adobe Acrobat Reader null pointer dereference [CVE-2019-16455]
146963Adobe Acrobat Reader null pointer dereference [CVE-2019-16446]
146962Adobe Acrobat Reader memory corruption [CVE-2019-16462]
146961Adobe Acrobat Reader out-of-bounds write [CVE-2019-16451]
146960Adobe Acrobat Reader use after free [CVE-2019-16464]
146959Adobe Acrobat Reader use after free [CVE-2019-16459]
146958Adobe Acrobat Reader use after free [CVE-2019-16452]
146957Adobe Acrobat Reader use after free [CVE-2019-16448]
146956Adobe Acrobat Reader use after free [CVE-2019-16445]
146955Adobe Acrobat Reader out-of-bounds write [CVE-2019-16454]
146954Adobe Acrobat Reader out-of-bounds write [CVE-2019-16450]
146953Adobe Acrobat Reader out-of-bounds read [CVE-2019-16465]
146952Adobe Acrobat Reader out-of-bounds read [CVE-2019-16461]
146951Adobe Acrobat Reader out-of-bounds read [CVE-2019-16458]
146950Adobe Acrobat Reader out-of-bounds read [CVE-2019-16457]
146949Adobe Acrobat Reader out-of-bounds read [CVE-2019-16456]
146948Adobe Acrobat Reader information disclosure [CVE-2019-16449]
146947McAfee Tech Check Microsoft Windows Client privileges management
146946AWS Firecracker buffer overflow [CVE-2019-18960]
146945Progress Telerik UI for ASP.NET AJAX .NET Deserialization RadAsyncUpload deserialization
146944node-connect Middleware cross site scripting [CVE-2013-7370]
146943JBossWeb Bayeux Reflected cross site scripting [CVE-2013-6495]
146942omniauth-facebook Gem Access Token improper authentication [CVE-2013-4593]
146941Orca Python Module input validation [CVE-2013-4245]🔒
146940SmokePing Incomplete Fix CVE-2012-0790 cross site scripting [CVE-2013-4158]🔒🔒
146939Google Chrome Javascript memory corruption [CVE-2019-5843]
146938Google Chrome Javascript memory corruption [CVE-2019-5841]
146937libxslt xsltNumberFormatGetMultipleLevel type confusion
146936Yabasic Basic Source Code flex.c yylex memory corruption
146935Tableau Server embeddedAuthRedirect cross site scripting
146934MediaWiki Protection Mechanism redirect [CVE-2019-19709]
146933VisualEditor Extension Clipboard cross site scripting [CVE-2019-19708]
146932Moxa EDS-G508E/EDS-G512E/EDS-G516E PROFINET DCE-RPC Endpoint denial of service
146931Ktor redirect [CVE-2019-19703]
146930modoboa-dmarc Plugin XML Data xml injection [CVE-2019-19702]
146929Git Submodule Update input validation [CVE-2019-19604]
146928Yachtcontrol os command injection [CVE-2019-17270]
146927Microsoft Skype for Business Server input validation [CVE-2019-1490]
146926Microsoft Windows Remote Desktop Protocol information disclosure
146925libssh scp Client ssh_scp_new command injection
146924Microsoft Windows Defender memory corruption [CVE-2019-1488]
146923Ssamba S4U Kerberos Delegation improper authorization [CVE-2019-14870]
146922Microsoft Authentication Library information disclosure [CVE-2019-1487]
146921Samba AD Handleer dns_name_compare out-of-bounds read
146920Microsoft Visual Studio redirect [CVE-2019-1486]
146919Google Chrome Javascript type confusion [CVE-2019-13764]
146918Google Chrome Payment input validation [CVE-2019-13763]
146917Google Chrome Download input validation [CVE-2019-13762]
146916Google Chrome Omnibox Domain input validation
146915Google Chrome interstitials Domain input validation
146914Google Chrome Navigation input validation [CVE-2019-13758]
146913Google Chrome Omnibox Domain input validation
146912Google Chrome Security UI Domain input validation
146911Google Chrome Extension input validation [CVE-2019-13755]
146910Google Chrome Extension input validation [CVE-2019-13754]
146909Google Chrome SQLite out-of-bounds read [CVE-2019-13753]
146908Google Chrome SQLite out-of-bounds read [CVE-2019-13752]
146907Google Chrome SQLite information disclosure [CVE-2019-13751]
146906Google Chrome SQLite input validation [CVE-2019-13750]
146905Google Chrome Omnibox Address input validation
146904Google Chrome Developer Tools input validation [CVE-2019-13748]
146903Google Chrome input validation [CVE-2019-13747]
146902Google Chrome Omnibox URL input validation
146901Google Chrome Audio information disclosure [CVE-2019-13745]
146900Google Chrome Policy Enforcement information disclosure [CVE-2019-13744]
146899Google Chrome Security UI input validation [CVE-2019-13743]
146898Google Chrome Omnibox Domain input validation
146897Google Chrome Blink input validation [CVE-2019-13741]
146896Google Chrome Security UI Domain input validation
146895Google Chrome Policy Enforcement Domain input validation
146894Google Chrome Policy Enforcement permission assignment [CVE-2019-13738]
146893Google Chrome Policy Enforcement information disclosure [CVE-2019-13737]
146892Google Chrome PDFium integer overflow [CVE-2019-13736]
146891Google Chrome Javascript out-of-bounds write [CVE-2019-13735]
146890Google Chrome SQLite out-of-bounds write [CVE-2019-13734]
146889Google Chrome WebAudio use after free [CVE-2019-13732]
146888Google Chrome Javascript type confusion [CVE-2019-13730]
146887Google Chrome WebSocket use after free [CVE-2019-13729]
146886Google Chrome Javascript out-of-bounds write [CVE-2019-13728]
146885Google Chrome WebSocket permission assignment [CVE-2019-13727]
146884Google Chrome Password Manager memory corruption [CVE-2019-13726]
146883Google Chrome Bluetooth use after free [CVE-2019-13725]
146882Google Chrome Omnibox input validation [CVE-2019-13672]
146880OpenBSD Random Number Generator random.c prng seed
146879Microsoft Windows OLE input validation [CVE-2019-1484]
146878Microsoft Windows AppX Deployment Server privileges management
146877Microsoft Windows Windows Media Player information disclosure
146876Microsoft Windows Windows Media Player information disclosure
146875Microsoft Windows COM Server privileges management [CVE-2019-1478]
146874Microsoft Windows Printer Service privileges management [CVE-2019-1477]
146873Microsoft Windows AppX Deployment Service privileges management
146872Microsoft Windows Kernel information disclosure [CVE-2019-1474]
146871Microsoft Windows Kernel information disclosure [CVE-2019-1472]
146870Microsoft Windows Hyper-V information disclosure [CVE-2019-1470]
146869Microsoft Windows GDI information disclosure [CVE-2019-1467]
146868Microsoft Windows GDI information disclosure [CVE-2019-1466]
146867Microsoft Windows GDI information disclosure [CVE-2019-1465]
146866Microsoft Office Excel information disclosure [CVE-2019-1464]
146865Microsoft Office Access information disclosure [CVE-2019-1463]
146864Microsoft Office PowerPoint input validation [CVE-2019-1462]
146863Microsoft Office Word input validation [CVE-2019-1461]
146862Microsoft Windows Remote Desktop Protocol input validation [CVE-2019-1453]
146861Microsoft Office Access information disclosure [CVE-2019-1400]
146860Microsoft Power BI Report Server cross site scripting [CVE-2019-1332]
146859Microsoft Internet Explorer VBScript memory corruption [CVE-2019-1485]
146858Microsoft Windows Win32k information disclosure [CVE-2019-1469]
146857Microsoft Windows Win32k privileges management [CVE-2019-1458]
146856Microsoft Windows Hyper-V input validation [CVE-2019-1471]
146855Microsoft Windows Win32k Graphics input validation [CVE-2019-1468]
146854Lenovo Power Management Driver memory corruption [CVE-2019-6192]
146853Lenovo Energy Management Driver input validation [CVE-2019-6183]
146852IBM WebSphere Application Server Web UI cross site scripting
146851IBM Cloud Pak System Platform System Manager injection [CVE-2019-4521]
146850IBM SmartCloud Analytics Zookeeper privileges management [CVE-2019-4244]
146849IBM Cloud Pak System cross-site request forgery [CVE-2019-4095] Scrobbler input validation [CVE-2019-19251]
146847Yaws redirect [CVE-2016-1000108]
146846Erlang inets redirect [CVE-2016-1000107]
146845JBoss KeyCloak login-status-iframe.html cross site scripting
146844CPAN Data::UUID link following [CVE-2013-4184]
146843kde-workspace Plasma Desktop crypt denial of service🔒
146842Katello API OAuth Authentication resource consumption [CVE-2013-4120]
146841Monkey HTTP Daemon exposure of resource [CVE-2013-2183]
146840python-keystoneclient Memcache insufficient verification of data authenticity🔒🔒
146839python-keystoneclient Memcache inadequate encryption [CVE-2013-2166]🔒🔒
146838Monkey HTTP Daemon auth.c improper authentication
146837rubygem-openshift-origin-controller API cartridge_cache.rb URI.prase injection
146836openstack-utils openstack-db Password missing authentication
146835Mozilla Firefox Frame input validation [CVE-2013-1689]
146834Ovirt Node Lock Screen privileges management [CVE-2013-0293]
146833marc-q libwav libwav.c wav_content_read null pointer dereference
146832CoreHR Core Portal cross-site request forgery
146831IBM DataPower Gateway IPMI LAN Channel privileges management
146830IBM Planning Analytics My Account Portal unrestricted upload
146829IBM Planning Analytics Web UI cross site scriting [CVE-2019-4611]
146828IBM Cloud Pak for Data Watson Assistant cross site scriting [CVE-2019-4428]
146827OpenStack Keystone Credentials API credentials insufficiently protected credentials
146826Nop Solution Ltd nopCommerce RoxyFileman RoxyFilemanController.cs cross-site request forgery
146825Nop Solution Ltd nopCommerce File Upload PluginController.cs unrestricted upload
146824Nop Solution Ltd nopCommerce NewsController.cs SaveStoreMappings cross site scripting
146823Xray Test Management Test Issue cross site scripting [CVE-2019-19679]
146822Xray Test Management Generic Test Definition cross site scripting
146821SQLite NOT NULL pragma.c unusual condition
146820SQLite ALTER TABLE Statement alter.c recursion
146819SQLite CREATE Statement privileges management [CVE-2019-19603]
146818CA Release Automation DataManagement deserialization [CVE-2019-19230]
146817Symantec Industrial Control System Protection improper authentication
146816Trend Micro Security Consumer null pointer dereference [CVE-2019-18190]
146815Temenos Channels Login Page GetImage downloadDocServer path traversal
146812Samsung m2m1shot Driver Framework m2m1shot_compat_ioctl32 out-of-bounds write
146811Accentis Content Resource Management System cross site scripting
146810Accentis Content Resource Management System sql injection [CVE-2015-3424]
146809Chrony denial of service [CVE-2015-1853]🔒🔒
146808libcapsinetwork/monopd listener.cpp readBuf off-by-one🔒🔒
146807mod_wsgi Embedded Mode information disclosure [CVE-2014-0242]🔒🔒
146806pyrad CreateID input validation
146805Nop Solution Ltd nopCommerce FileRoxyFilemanService.cs path traversal
146804Microsoft Windows Media Center xml external entity reference
146803Microsoft Visual Studio xml external entity reference
146802YARA macho.c macho_parse_file out-of-bounds read
146801radare2 asm.c r_asm_pseudo_incbin input validation
146800Microsoft Excel XML Import xml external entity reference
146799rConfig privileges management [CVE-2019-19268]
146798OpenNetAdmin code injection
146797Supermicro X8STi-F setvmdrive.asp os command injection
146796libsixel frompnm.c load_pnm out-of-bounds write
146795libsixel fromsixel.c sixel_decode_raw_impl integer overflow
146794libsixel tosixel.c sixel_encode_body integer overflow
146793libsixel fromsixel.c sixel_decode_raw_impl out-of-bounds write
146792HTMLDOC string.c hd_strlcpy out-of-bounds write
146791Linux Kernel f2fs Filesystem Image segment.c f2fs_build_segment_manager out-of-bounds read
146790Linux Kernel btrfs Filesystem free-space-cache.c try_merge_free_space use after free
146789Linux Kernel ext4 Filesystem Image super.c ext4_put_super use after free
146788Google Android Permission permission assignment
146787Google Android Unicode handleRun input validation
146786Google Android blob.cpp Blob input validation
146785Google Android NativeNfcManager.cpp nfcManager_unrouteAid use after free
146784Google Android updateWidget information disclosure
146783Google Android array.c array_find out-of-bounds read
146782Google Android Bluetooth DeepCopy out-of-bounds read
146781Google Android Bluetooth Server device_class_to_int out-of-bounds read
146780Google Android Bluetooth Pairing privileges management [CVE-2019-2225]
146779Google Android mat.c ReadMATImage out-of-bounds write
146778Google Android ihevcd_ref_list.c ihevcd_ref_list out-of-bounds write
146777Google Android ihevcd_parse_slice.c ihevcd_parse_slice_data out-of-bounds write
146776Google Android hasActivityInVisibleTask input validation
146775Google Android checkOperation information disclosure
146774Google Android System UI race condition [CVE-2019-2219]
146773Google Android Permission Check createSessionInternal permission assignment
146772Google Android GpuStats.cpp setCpuVulkanInUse use after free
146771ShapeShift KeepKey Hardware Wallet Finite State Machine improper validation of integrity check value
146770ShapeShift KeepKey Hardware Wallet USB Packet out-of-bounds write
146769Dell Command Configure uncontrolled search path [CVE-2019-18575]
146768serialize-to-js Regular Expression RegExp.prototype.toString cross site scripting
146767Armeria response splitting [CVE-2019-16771]
146766Weidmueller IE-SW-VL05M/IE-SW-VL08MT/IE-SW-PL10M Cookie Credentials information disclosure
146765Weidmueller IE-SW-VL05M/IE-SW-VL08MT/IE-SW-PL10M Password Storage missing encryption
146764Weidmueller IE-SW-VL05M/IE-SW-VL08MT/IE-SW-PL10M Credentials missing encryption
146763Weidmueller IE-SW-VL05M/IE-SW-VL08MT/IE-SW-PL10M denial of service
146762Weidmueller IE-SW-VL05M/IE-SW-VL08MT/IE-SW-PL10M Authentication Mechanism Brute Force information disclosure
146761OpenSSL Montgomery Square information disclosure [CVE-2019-1551]
146760SiteVision Access Control privileges management [CVE-2019-12734]
146759SiteVision input validation [CVE-2019-12733]
146758Cloud Foundry UAA Log Credentials log file
146757safer-eval Sandbox input validation
146756TITool PrintMonitor Login Time sql injection
146755JBoxx AS Java Security Policy privileges management [CVE-2012-2148]
146754PolarSSL DH inadequate encryption [CVE-2012-2130]🔒🔒
146753Ubuntu Cobbler cobbler-ubuntu-import signature verification [CVE-2012-2092]
146752OpenSLP out-of-bounds write [CVE-2019-5544]
146751SROS 2 ROS 2 Node information disclosure [CVE-2019-19627]
146750SROS 2 Node Information governance.xml information disclosure
146749OpenCV dis_flow.cpp ocl_calc out-of-bounds read
146748SecureWorks Red Cloak Windows Agent Telemetry Alert permissions
146747Sangoma FreePBX Userman cross site scripting [CVE-2019-19552]
146746Sangoma FreePBX Userman cross site scripting [CVE-2019-19551]
146745libyang YANG Parser stack-based overflow [CVE-2019-19334]
146744libyang YANG Parser stack-based overflow [CVE-2019-19333]
146743Audible App SSL Certificate certificate validation [CVE-2019-11554]
146742Fedoraproject Sectool DBus File privileges management [CVE-2012-1615]🔒🔒
146741Documize Markdown markdown.go cross site scripting
146740phpMyAdmin Git Information GitRevision.php Remote Code Execution
146739Xtivia Web Time/Expense GetAttachment resource transfer
146738QNAP QTS Photo Station external reference [CVE-2019-7195]
146737QNAP QTS Photo Station external reference [CVE-2019-7194]
146736QNAP QTS input validation [CVE-2019-7193]
146735QNAP QTS Photo Station privileges management [CVE-2019-7192]
146734QNAP QTS Music Station cross site scripting [CVE-2019-7185]
146733QNAP QTS Video Station cross site scripting [CVE-2019-7184]
146732QNAP QTS Link link following [CVE-2019-7183]
146731AMD Driver Pixel Shader ATIDXX64.DLL out-of-bounds read
146730chkstat Tool symlink [CVE-2019-3690]
146729Strapi Framework Plugin execa input validation
146728Adobe Stock API upload.php unrestricted upload
146727Adobe Stock API multi_upload.php unrestricted upload
146726Norton Password Manager information disclosure [CVE-2019-19546]
146725Norton Password Manager origin validation [CVE-2019-19545]
146724SCEditor cross site scripting [CVE-2019-19466]
146722Intelbras IWR 3000N user Credentials insufficiently protected credentials
146721Norton Password Manager origin validation [CVE-2019-18381]
146720OTRS Filename infinite loop [CVE-2019-18180]
146719Palo Alto PAN-OS insufficient permissions or privileges [CVE-2019-17437]
146718Aviatrix VPN Client File Permission privileges management [CVE-2019-17388]
146717Aviatrix VPN Client AVPNC_RP Service privileges management [CVE-2019-17387]
146716Puma Connection allocation of resources [CVE-2019-16770]
146715Yahoo serialize-javascript cross site scripting [CVE-2019-16769]
146714Sylius Exception Message AuthenticationServiceException information exposure
146713ThinkParQ BeeGFS beegfs-ctl missing authentication [CVE-2019-15897]
146712KeyCloak LDAP User Federation authentication bypass [CVE-2019-14910]
146711Kubernetes CSI Sidecar Container Persistent input validation
146710Kubernetes API Server redirect [CVE-2018-1002102]
146709OpenStack Nova Base Image permission assignment [CVE-2013-0326]
146708Katello Notification Page cross site scripting [CVE-2013-0283]
146707haskell-tls-extra TLS Connection input validation [CVE-2013-0243]
146706Openshift haproxy cartridge tmp exposure of resource
146705Apache Struts XSLT File unrestricted upload [CVE-2012-1592]
146704LDAP Account Manager Pro cmd.php cross site scripting🔒🔒
146703LDAP Account Manager Pro cmd.php cross site scripting🔒🔒
146702Jasig php-pear-CAS Authentication Service tmp setCacheTimesForAuthRecheck information disclosure🔒🔒
146701phpCAS Service Proxy setCacheTimesForAuthRecheck privileges management🔒🔒
146700Linux Kernel internal.h fpregs_state_valid permission assignment
146699OpenDetex detex.l TexOpen memory corruption
146698SQLite resolve.c lookupName input validation
146697D-Link DAP-1860 timestamp improper authentication
146696D-Link DAP-1860 HTTP Header improper authentication [CVE-2019-19597]
146695GitBook MD File cross site scripting [CVE-2019-19596]
146694radare2 asm.c r_asm_massemble integer overflow
146693Lever PDF Embedder Plugin input validation [CVE-2019-19589]
146692Validator Package resource consumption [CVE-2019-19588]
146691Wireshark CMS Dissector packet-cms-template.c injection
146690QNAP NetBak Replicator QVssService unquoted search path [CVE-2019-7201]
146689QNAP QTS Stored cross site scripting [CVE-2019-7197]
146688WSO2 Enterprise Integrator Management Console Reflected cross site scriting
146687Xen Incomplete Fix CVE-2019-18424 input validation [CVE-2019-19579] class.upload class.upload.php unrestricted upload
146685Xfig fig2dev read.c out-of-bounds write
146684OpenBSD S-Key/Yubikey improper authentication [CVE-2019-19522]
146683OpenBSD libc auth_subr.c improper authentication
146682OpenBSD xlock loader.c privileges management
146681OpenBSD su.c main input validation
146680Sony Catalyst Production Suite/Catalyst Browse DLL Loader untrusted search path
146679Fronius Solar Inverter service.fcgi path traversal
146678Fronius Solar Inverter web_users.conf cleartext storage
146677CSS Hero Plugin csshero_action=edit_page Reflected cross site scripting
146676TrevorC2 Fingerprint information disclosure [CVE-2019-18850]
146675DAViCal Stored cross site scripting [CVE-2019-18347]
146674DAViCal cross-site request forgery [CVE-2019-18346]
146673Apache Olingo Public API AbstractService deserialization
146672Apache Olingo AsyncResponseWrapperImpl input validation
146671Apache Olingo Deserialization xml external entity reference [CVE-2019-17554]
146670Decentralized Anonymous Payment System Signature signature verification
146669Decentralized Anonymous Payment System cross-site request forgery
146668COPA-DATA zenone32 zenon Editor uncontrolled search path [CVE-2019-15638]
146667KeyCloak LDAP improper authentication [CVE-2019-14909]
146666Proxygen HPACK use after free [CVE-2019-11940]
146665Mcrouter Carbon Protocol resource consumption [CVE-2019-11937]
146664HHVM APC denial of service [CVE-2019-11936]
146663HHVM mb_ereg_replace out-of-bounds read
146662AsyncSSLSocket close_notify Alert out-of-bounds read [CVE-2019-11934]
146661HHVM mb_detect_order release of reference
146660Mcrouter ASCII Parser resource consumption [CVE-2019-11923]
146659BMC Smart Reporting XML Data unrestricted upload [CVE-2019-11216]
146658QNAP QTS File Station injection [CVE-2018-0730]
146657QNAP QTS Music Station injection [CVE-2018-0729]
146656QNAP QTS Helpdesk privileges management [CVE-2018-0728]
146655minidlna sql injection [CVE-2013-2745]
146654Cameron Hamilton-Rich axTLS TLS Handshake tls1.c process_certificate buffer overflow
146653Autodesk FBX Software Development Kit FBX File buffer overflow
146652Autodesk Desktop Application DLL Loader untrusted search path
146651shadowsocks-libev ss-manager missing authentication [CVE-2019-5164]
146650shadowsocks-libev UDPRelay missing authentication
146649AccuSoft ImageGear igcore19d.dll out-of-bounds write [CVE-2019-5133]
146648AccuSoft ImageGear GEM Raster Parser igcore19d.dll out-of-bounds write
146647Forma LMS ajax.server.php sql injection
146646Forma LMS ajax.server.php sql injection
146645Forma LMS sql injection [CVE-2019-5110]
146644Forma LMS sql injection [CVE-2019-5109]
146643Goahead Web Server Multi-Part Request infinite loop [CVE-2019-5097]
146642Goahead Web Server Multi-Part Request use after free [CVE-2019-5096]
146641AccuSoft ImageGear igcore19d.dll TIFdecodethunderscan out-of-bounds write
146640AccuSoft ImageGear PNG Header igcore19d.dll out-of-bounds write
146639IBM Cloud Pak System Web UI cross site scriting [CVE-2019-4468]
146638IBM Cloud Pak System Web UI cross site scriting [CVE-2019-4467]
146637IBM Cloud Pak System Stored information disclosure [CVE-2019-4465]
146636IBM Cloud Pak System Web UI cross site scriting [CVE-2019-4226]
146635IBM Cloud Pak System File Upload code injection [CVE-2019-4130]
146634IBM Cloud Pak System Web UI cross site scriting [CVE-2019-4098]
146633Harbor API Endpoint users information disclosure
146632Dell Command Update Directory Permission uncontrolled search path
146631Dell Command Update uncontrolled search path [CVE-2019-3749]
146630Linux Kernel serial_ir.c serial_ir_init_module use after free
146629Linux Kernel USB Device file.c race condition
146628Linux Kernel USB Device pcan_usb_pro.c information disclosure
146627Linux Kernel USB Device pcan_usb_fd.c information disclosure
146626Linux Kernel USB Device pcan_usb_core.c information disclosure
146625Linux Kernel USB Device ttusb_dec.c release of resource
146624Linux Kernel USB Device hid-axff.c out-of-bounds write
146623Linux Kernel USB Device yurex.c use after free
146622Linux Kernel USB Device cdc-acm.c use after free
146621Linux Kernel USB Device mcba_usb.c use after free
146620Linux Kernel USB Device iowarrior.c use after free
146619Linux Kernel USB Device hiddev.c use after free
146618Linux Kernel USB Device usb.c use after free
146617Linux Kernel USB Device atusb.c use after free
146616Linux Kernel USB Device ff-memless.c use after free
146615Linux Kernel USB Device adutux.c use after free
146614SALTO ProAccess SPACE Webserver default permission [CVE-2019-19460]
146613SALTO ProAccess SPACE input validation [CVE-2019-19459]
146612SALTO ProAccess SPACE Data Export path traversal [CVE-2019-19458]
146611SALTO ProAccess SPACE cross site scripting [CVE-2019-19457]
146610freeFTPd SIZE Command buffer overflow [CVE-2019-19383]
146609OpenWrt forwards cross site scripting
146608OpenWrt rules cross site scripting
146607Dell EMC RSA Authentication Manager Security Console Stored cross site scripting
146606OkayCMS ProductsView.php injection
146605FreeRADIUS EAP-pwd Handshake information disclosure [CVE-2019-13456]
146603Cameron Hamilton-Rich axTLS asn1.c get_asn1_length buffer overflow
146602mod_fcgid input validation [CVE-2016-1000104]🔒
146601node-cli Temp File input validation [CVE-2016-1000021]
146600libgwenhywfar CA Certificate cleartext transmission [CVE-2015-7542]🔒🔒
146599devscripts Tarball code injection [CVE-2013-7325]🔒🔒
146598Zanata Log injection [CVE-2013-4486]
146597Review Board URL authorization [CVE-2013-4411]🔒🔒
146596shadow Directory Tree toctou [CVE-2013-4235]
146595SaltStack RSA Key Generation excessive authentication [CVE-2013-2228]
146594webauth Credentials insufficiently protected credentials [CVE-2013-2106]
146593openshift URL input validation [CVE-2013-2103]
146592Katello cross site scripting [CVE-2013-2101]
146591Huawei Honor Play Screen Lock information disclosure [CVE-2019-5309]
146590Huawei 20 RS ADB Mode authorization [CVE-2019-5308]
146589Huawei Myna Cloud information disclosure [CVE-2019-5271]
146588Huawei Home Router authorization [CVE-2019-5269]
146587Huawei Home Router input validation [CVE-2019-5268]
146586Huawei HiSuite/HwBackup information disclosure [CVE-2019-5263]
146585Huawei Atlas 300/Atlas 500 buffer overflow [CVE-2019-5247]
146584Huawei Viewpoint random values [CVE-2019-5232]
146583Huawei P30/P30 Pro/Mate 20/HiSuite Upgrade Package input validation
146582Huawei P30/P30 Pro/Mate 20/HiSuite Upgrade Package input validation
146581Huawei P30/Mate 20/P30 Pro buffer overflow [CVE-2019-5225]
146580Huawei P30 Application out-of-bounds read [CVE-2019-5224]
146579Huawei Band 2/Honor Band 3 improper authentication [CVE-2019-5218]
146578Huawei Share Access Control information disclosure [CVE-2019-5212]
146577Huawei P20 Huawei Share input validation [CVE-2019-5211]
146576Nova 5i/5 array index [CVE-2019-5210]
146575McAfee Web Advisor Web Interface privileges management [CVE-2019-3666]
146574McAfee Web Advisor Web Interface code injection [CVE-2019-3665]
146573Intelbras WRN 150 Password Change SysToolChangePwd cross-site request forgery
146572jpv Type Detection compareCommon improper authentication
146571Image Uploader/Browser plugin Pathname pluginconfig.php input validation
146570Alfresco Enterprise HTML File Upload Stored cross site scripting
146569Kentico File Upload unrestricted upload [CVE-2019-19493]
146568FreeSWITCH event_socket.conf.xml hard-coded credentials
146567TestLink archiveData.php cross site scripting [CVE-2019-19491]
146566LiteManager Permission ROMFUSClient.exe default permission
146565SMPlayer m3u File buffer overflow [CVE-2019-19489]
146564OpenSC CAC Certificate card-cac1.c memory corruption
146563OpenSC pkcs15-prkey.c sc_pkcs15_decode_prkdf_entry operation after expiration
146562OpenSC SETCOS Attribute card-setcos.c out-of-bounds read
146561Zmanda Management Console Default Credentials ZMC_Admin_Advanced cross-site request forgery
146560Free Photo Viewer BMP File unrestricted upload [CVE-2019-19468]
146559CBC Gem App missing encryption [CVE-2019-19464]
146558Anhui Huami Mi Fit App Update Check missing encryption [CVE-2019-19463]
146557Linux Kernel relay.c relay_open null pointer dereference
146556GNOME Dia Encoding infinite loop [CVE-2019-19451]
146555illumos Thread ip_attr.c conn_ixa input validation
146554LuaJIT type confusion [CVE-2019-19391]
146553FusionPBX dialplan_detail_edit.php cross site scripting
146552FusionPBX fifo_interactive.php cross site scripting
146551FusionPBX voicemail_greeting_edit.php cross site scripting
146550FusionPBX dialplans.php cross site scripting
146549FusionPBX fax_log_view.php cross site scripting
146548MISP TagsController.php permission assignment
146547Linux Kernel btrfs Filesystem raid56.c index_rbio_pages out-of-bounds write
146546Linux Kernel btrfs Filesystem async-thread.c btrfs_queue_work use after free
146545Octopus Deploy Team API input validation [CVE-2019-19376]
146544Octopus Deploy SSL Offloading missing initialization of resource
146543rConfig downloadFile.php path traversal [Disputed]
146542TeamViewer Desktop Application Chat information disclosure [CVE-2019-19362]
146541Terraform risky encryption [CVE-2019-19316]
146540ProFTPD tls_verify_crl null pointer dereference
146539Django save default permission
146538TitanHQ WebTitan Administration Interface hard-coded credentials
146537TitanHQ WebTitan Administration Web Interface unrestricted upload
146536TitanHQ WebTitan Hotfix Download injection [CVE-2019-19019]
146535TitanHQ WebTitan Administration Interface dbconfig.ini Database information disclosure
146534TitanHQ WebTitan Installation race condition [CVE-2019-19017]
146533TitanHQ WebTitan Administration Interface history-x.php sql injection
146532TitanHQ WebTitan Proxy Service exposure of resource [CVE-2019-19015]
146531TitanHQ WebTitan privileges management [CVE-2019-19014]
146530Allied Telesis AT-GS950-8 Web Interface path traversal [CVE-2019-18922]
146529RabbitMQ amqp_connection.c memcpy integer overflow
146528ezmaster Admin Sys Mode unnecessary privileges [CVE-2019-16767]
146527wagtail-2fa authentication spoofing [CVE-2019-16766]
146526Kaspersky Secure Connection exposure of resource [CVE-2019-15689]
146525MuleSoft Mule Community Edition code injection [CVE-2019-15631]
146524Trend Micro Security 2020 DLL Loader untrusted search path [CVE-2019-15628]
146523Linux Kernel Marvell Wifi Chip Driver resource consumption [CVE-2019-14901]
146522Linux Kernel Marvell Wifi Chip Driver stack-based overflow [CVE-2019-14897]
146521Linux Kernel Marvell Wifi Chip Driver heap-based overflow [CVE-2019-14895]
146520grub2 grub2-set-bootflag denial of service [CVE-2019-14865]
146519Anviz CrossChex Access Control Management Software buffer overflow
146518Inateck BCST-60 injection [CVE-2019-12503]
146517Anviz Access Control Password Change improper authentication
146516Anviz Access Control authentication replay [CVE-2019-12393]
146515Anviz Access Control authorization [CVE-2019-12392]
146514Anviz Management System Log unknown vulnerability [CVE-2019-12391]
146513Anviz Access Control Service Port 5010 PIN information disclosure
146512Anviz Access Control Service Port 5010 Credentials information disclosure
146511Anviz Access Control Service Port 5010 information disclosure
146510Module::Signature PGP Signature Parser numeric conversion [CVE-2015-3406]🔒🔒
146509cabextract File Extraction path traversal [CVE-2015-2060]🔒🔒
146508Ruby OpenSSL Extension verify_certificate_identity input validation🔒🔒
146507Libgcrypt/GnuPG mpi_powm information exposure🔒🔒
146506Docker Container Protection Mechanism path traversal [CVE-2014-9356]🔒🔒
146505Libgcrypt/GnuPG Elgamal Decryption information disclosure [CVE-2014-3591]🔒🔒
146504Zabbix inadequate encryption [CVE-2013-7484]
146503ReviewBoard REST API authorization [CVE-2013-4410]🔒🔒
146502rhn-proxy RHN Satellige cleartext transmission [CVE-2012-5562]
146501FreeBSD input validation [CVE-2012-4576]🔒🔒
146500Piwigo Incomplete Fix CVE-2012-4525 password.php cross site scripting
146499Piwigo password.php cross site scripting
146498mom PIF File run privileges management🔒🔒
146497OpenSLP SLPIntersectStringList out-of-bounds read🔒🔒
146495NAPC Xinet Elegant 6 Asset Library sql injection [CVE-2019-19245]
146494Max Secure Anti Virus permission assignment [CVE-2019-19382]
146493F5 SSL Orchestrator TMM input validation [CVE-2019-6674]
146492F5 BIG-IP TMM input validation [CVE-2019-6673]
146491F5 BIG-IP AFM Virtual Server Performance input validation
146490F5 BIG-IP TMM release of resource [CVE-2019-6671]
146489F5 BIG-IP vCMP Hypervisor cleartext storage [CVE-2019-6670]
146488F5 BIG-IP TMM input validation [CVE-2019-6669]
146487F5 BIG-IP APM Edge Client authorization [CVE-2019-6668]
146486F5 BIG-IP TMM resource consumption [CVE-2019-6667]
146485F5 BIG-IP TMM input validation [CVE-2019-6666]
146484F5 BIG-IP ASM/BIG-IQ/iWorkflow/Enterprise Manager improper authentication
146483FusionPBX fax_files.php cross site scripting
146482FusionPBX xml_cdr_search.php cross site scripting
146481HAProxy HTTP2 injection [CVE-2019-19330]
146480WiKID Javascript Rendering Engine cross site scripting [CVE-2019-19329]
146479Wikibase Wikidata Query Service GUI Tooltip Rdf.js injection
146478Wikibase Wikidata Query Service GUI Reporting ResultView.js cross site scripting
146477Linux Kernel ext4 Image xattr.c ext4_xattr_set_entry out-of-bounds write
146476Linux Kernel btrfs Image Mount rwsem.c rwsem_down_write_slowpath use after free
146475gnome-font-viewer TTF File sushi-font-widget.c text_to_glyphs null pointer dereference
146474SQLite expr.c sqlite3ExprCodeTarget sql injection
146473Linux Kernel Spectre-RSB Mitigation entry_64.S information disclosure
146472Relion 670 path traversal [CVE-2019-18253]
146471Relion 650/670 input validation [CVE-2019-18247]
146470Crestron DMC-STRO Ping os command injection [CVE-2019-18184]
146469Fortinet FortiOS SSL VPN Portal input validation [CVE-2019-15705]
146468Centreon Web ldap_host.php sql injection
146467Centreon Web Administration Interface formMibs.php injection
146466Ghostscript setuserparams2 Remote Code Execution
146465Siemens Polarion Web Page Generator Persistent cross site scripting
146464Siemens Polarion Web Page Generator Reflected cross site scripting
146463Siemens Polarion Web Page Generator Reflected cross site scripting
146462Linux Kernel CIFS Path path traversal
146461Ghostscript Remote Code Execution [CVE-2019-10216]
146460Mersive Solstice Pod os command injection [CVE-2017-12945]
146459xquest Password Generator random values [CVE-2016-4980]🔒🔒
146458Python CGI Script CGIHandler redirect🔒🔒
146457Frams' Fast File EXchange rup Reflected cross site scripting🔒🔒
146456OTRS Help Desk before/ITSM/FAQ Object Linking privileges management🔒🔒
146455AccountService user.c user_change_password_authorized_cb Password permission assignment
146454dhclient Path Variable input validation [CVE-2012-2248]
146453DHCPv6 Client DHCP Message injection [CVE-2011-2717]
146452vsftpd Service Port 6200 os command injection [CVE-2011-2523]
146451PackageKit RPM permission assignment [CVE-2011-2515]🔒🔒
146450FreeBSD/NetBSD 802.11 Stack information disclosure [CVE-2011-2480]
146449dirmngr System Call certificate validation [CVE-2011-2207]
146448xscreensaver Activation missing authentication [CVE-2011-2187]
146447OpenOffice Suite Tools privileges management [CVE-2011-2177]
146446Linux Kernel Marvell Wifi Chip Driver cfg.c lbs_ibss_join_existing heap-based overflow
146445Ipa Kerberos Key Data Parser ber_scanf resource consumption
146444Ipa Batch Processing Password information disclosure
146443Cloudera HUE LdapBackend improper authentication [CVE-2019-7319]
146442F5 BIG-IP Active Directory/LDAP/Client Certificate improper authentication
146441ISC BIND denial of service [CVE-2019-6477]
146440IBM Sterling B2B Integrator Standard Edition Back-End Database sql injection
146439Cesanta Mongoose mongoose.c integer overflow
146438Zoho CRM Lead Magnet Plugin Module cross site scripting [CVE-2019-19306]
146437typed_ast Python Interpreter ast_for_arguments out-of-bounds read
146436typed_ast Python Interpreter handle_keywordonly_args out-of-bounds read
146435Dolibarr CRM/ERP Profile Picture viewimage.php Stored cross site scripting
146434AfterLogic Webmail Pro/Aurora Attachment Name Stored cross site scripting
146433Squid Web Proxy HTTP Digest Authentication information disclosure
146432Squid Web Proxy URL request smuggling [CVE-2019-18678]
146431Squid Web Proxy Hostname cross-site request forgery [CVE-2019-18677]
146430Squid Web Proxy URI Scheme input validation [CVE-2019-18676]
146429Dell EMC Storage Monitoring/Reporting Java RMI Deserialization deserialization
146428GitLab Community Edition/Enterprise Edition Permission permission assignment
146427GitLab Community Edition/Enterprise Edition Permission privileges management
146426GitLab Community Edition/Enterprise Edition Sub Group Epic information disclosure
146425GitLab Community Edition/Enterprise Edition Access Control information disclosure
146424GitLab Community Edition/Enterprise Edition Environment permission assignment
146423GitLab Community Edition/Enterprise Edition Permission permissions
146422GitLab Community Edition/Enterprise Edition Security Token permissions
146421GitLab Community Edition/Enterprise Edition Elasticsearch information disclosure
146420GitLab Community Edition/Enterprise Edition Nested GraphQL Query infinite loop
146419GitLab Community Edition/Enterprise Edition Rdoc Wiki Page cross site scripting
146418GitLab Community Edition/Enterprise Edition Comment permission assignment
146417GitLab Community Edition/Enterprise Edition Private Project permission assignment
146416GitLab Community Edition/Enterprise Edition Internal Redirect Filter redirect
146415GitLab Community Edition/Enterprise Edition Project Label permission assignment
146414GitLab Community Edition/Enterprise Edition Autocomplete information disclosure
146413GitLab Community Edition/Enterprise Edition Access Control information disclosure
146412GitLab Community Edition/Enterprise Edition Permission permission assignment
146411GitLab Community Edition/Enterprise Edition Permission permission assignment
146410CSRF Magic Library CSRF Protection csrf_callback cross-site request forgery
146409Progress Sitefinity Password Recovery password recovery [CVE-2019-17392]
146408PEGA Platform Audit Log information disclosure [CVE-2019-16388]
146407PEGA Platform exposure of resource [CVE-2019-16387]
146406PEGA Platform information disclosure [CVE-2019-16386]
146405Ruby shell.rb injection [CVE-2019-16255]
146404Ruby Incomplete Fix injection [CVE-2019-16254]
146403TCL Alcatel Cingular Flip 2 B9HUAH1 Web API injection [CVE-2019-16243]
146402TCL Alcatel Cingular Flip 2 B9HUAH1 omamock os command injection
146401TCL Alcatel Cingular Flip 2 B9HUAH1 PIN Authentication authorization
146400Ruby Regular Expression backtracking DigestAuth improper authentication
146399Centreon cross site scripting [CVE-2019-16195]
146398Ruby Path File.fnmatch privileges management
146397Kaspersky Anti-Virus Web Protection redirect [CVE-2019-15688]
146396Kaspersky Anti-Virus Web Protection information disclosure [CVE-2019-15687]
146395Kaspersky Anti-Virus Antivirus Protection Feature input validation
146394Kaspersky Anti-Virus Web Protection input validation [CVE-2019-15685]
146393Ansible input validation [CVE-2019-14856]
146392python-ecdsa Signature Decoding denial of service [CVE-2019-14853]
146391libnbd NBD Protocol nbd_pread input validation
146390Cloudera Manager Impala Query cross site scripting [CVE-2019-14449]
146389Squid Web Proxy URN Response buffer overflow [CVE-2019-12526]
146388Squid Web Proxy Access Check input validation [CVE-2019-12523]
146387Fastweb Askey RTV1907VW injection [CVE-2019-12489]
146386Cloudera Data Science Workbench Permission Check default permission
146385Cloudera CDH Permission default permission [CVE-2018-17860]
146384Cloudera Manager Username privileges management [CVE-2017-7399]
146383Cloudera Manager Help Search cross site scripting [CVE-2016-9271]
146382Cloudera CDH Search RealTimeGetHandler authorization
146381Cloudera CDH Diagnostic Support Bundles information disclosure
146380Cloudera CDH Impala Command authorization [CVE-2016-4572]
146379Cloudera Manager cleartext storage [CVE-2016-3192]
146378Cloudera CDH authorization [CVE-2016-3131]
146377Fast Secure Contact Form Plugin cross site scripting [CVE-2015-9539]
146376NextGEN Gallery path traversal [CVE-2015-9538]
146375NextGEN Gallery cross site scripting [CVE-2015-9537]
146374Cloudera HUE CDH privileges management [CVE-2015-7831]
146373Cloudera Manager Diagnostic Support Bundles information disclosure
146371Cloudera Manager UI cross site scripting [CVE-2015-4457]
146370CMSMS News Module input validation [CVE-2011-4310]
146369Zend Framework Encoding sql injection [CVE-2011-1939]🔒🔒
146368lilo lilo-uuid-diskid lilo.conf information disclosure
146367Jifty::DBI sql injection [CVE-2011-1933]
146366Ansible Tower config Credentials cleartext storage
146365mod_auth_openidc redirect [CVE-2019-14857]
146364Google Chrome IndexedDB use after free [CVE-2019-5826]
146363Google Chrome Javascript use after free [CVE-2019-5825]
146362ProFTPD TLS tls_verify_crl null pointer dereference
146361ProFTPD CRL tls_verify_crl certificate validation
146360ProFTPD CRL tls_verify_crl certificate validation
146359SQLite Distinct select.c sqlite3Select input validation
146358Omron CX-Supervisor Teamviewer Remote Code Execution [CVE-2019-18251]
146357ABB Power Generation Information Manager/Plant Connect authentication bypass
146356Philips IntelliBridge EC40 SSH Server inadequate encryption [CVE-2019-18241]
146355Eclipse Jetty Error Response cross site scripting [CVE-2019-17632]
146354Cisco SD-WAN Solution vManage Web-based UI cross-site request forgery
146353Cisco WebEx Teams DLL Loader uncontrolled search path [CVE-2019-16001]
146352Cisco IOS XR Access Control List access control [CVE-2019-15998]
146351Cisco DNA Spaces Connector CLI input validation [CVE-2019-15997]
146350Cisco DNA Spaces Connector CLI access control [CVE-2019-15996]
146349Cisco DNA Spaces Connector Web UI sql injection [CVE-2019-15995]
146348Cisco Stealthwatch Enterprise Web-based Management Interface cross site scripting
146347Cisco Small Business RV Series Router Web-based Management Interface improper authorization
146346Cisco Email Security Appliance Antispam Protection Mechanism input validation
146345Cisco Webex Event Center Web Interface improper authentication
146344Cisco Unity Express CLI os command injection [CVE-2019-15986]
146343Cisco Industrial Network Director Web-based Management Interface cross site scripting
146342Cisco Unified Communications Manager Web-based Management Interface sql injection
146341Cisco AsyncOS/Email Security Appliance MP3 Detection Engine input validation
146340Cisco Unified Communications Domain Manager Web-based Management Interface cross site scripting
146339Cisco TelePresence Collaboration Endpoint/RoomOS CLI access control
146338Cisco Webex Meeting WebEx Network Recording Admin Page access control
146337Cisco Prime Infrastructure REST API input validation [CVE-2019-15958]
146336Cisco AsyncOS/Web Security Appliance Web Management Interface access control
146335Trend Micro Password Manager information disclosure [CVE-2019-15629]
146334UniFi Video command injection [CVE-2019-15595]
146333Cisco TelePresence Collaboration Endpoint CLI input validation
146332Cisco WebEx Network Recording Player/Webex Player ARF File memory corruption
146331Cisco WebEx Network Recording Player/Webex Player ARF File memory corruption
146330Cisco Wireless LAN Controller Software Web Interface input validation
146329Cisco Small Business RV Series Router Web-based Management Interface deserialization
146328Cloud Foundry UAA Log Credentials log file
146327iobroker.web GET Reflected cross site scripting
146326Yaws URL path traversal [CVE-2011-4350]
146325Ruby OpenSSL Extension inadequate encryption [CVE-2011-4121]
146324Yubico PAM Module pam_sm_authenticate input validation🔒🔒
146323Serendipity Karma Plugin serendipity_admin.php cross site scripting
146322phpLDAPadmin HTTP Header resource consumption [CVE-2011-4082]
146321OpenStack Nova Key information disclosure [CVE-2011-4076]🔒🔒
146320Hardlink link following [CVE-2011-3632]🔒🔒
146319Hardlink integer overflow [CVE-2011-3631]🔒🔒
146318Hardlink out-of-bounds write [CVE-2011-3630]🔒🔒
146317Ruby Log File HTTPRequest injection
146316Tahoe-LAFS authorization [CVE-2011-3617]
146315Red Hat JBoss Application Server cross-site request forgery [CVE-2011-3609]
146314Red Hat JBoss Application Server Aministration Console DOM-Based cross site scripting
146313Apache OFBiz XML-RPC Event xmlrpc xml external entity reference
146312Polipo assertion [CVE-2011-3596]🔒🔒
146311wec_discussion Extension sql injection [CVE-2011-3584]🔒
146310TYPO3 sql injection [CVE-2011-3583]🔒
146309apt apt-key signature verification [CVE-2011-3374]
146308Views Builk Operations Module cross site scripting [CVE-2011-3373]🔒🔒
146307evolution-data-server Email Message missing encryption [CVE-2011-3355]
146306openvas-scanner Temp File link following [CVE-2011-3351]🔒
146305Google Chrome Swiftshader out-of-bounds read [CVE-2019-5881]
146304Google Chrome Policy Enforcement information disclosure [CVE-2019-5880]
146303Google Chrome Same Origin Policy input validation [CVE-2019-5879]
146302Google Chrome v8 use after free [CVE-2019-5878]
146301Google Chrome Javascript memory corruption [CVE-2019-5877]
146300Google Chrome Media use after free [CVE-2019-5876]
146299Google Chrome Downloads Address input validation
146298Google Chrome Navigation input validation [CVE-2019-5874]
146297Google Chrome Navigation Address input validation
146296Google Chrome Mojo use after free [CVE-2019-5872]
146295Google Chrome Skia out-of-bounds write [CVE-2019-5871]
146294Google Chrome Media use after free [CVE-2019-5870]
146293Google Chrome Blink use after free [CVE-2019-5869]
146292Google Chrome Javascript memory corruption [CVE-2019-5866]
146291Google Chrome Policy Enforcement input validation [CVE-2019-5865]
146290Google Chrome Content Security Policy input validation [CVE-2019-5864]
146289Google Chrome AppCache input validation [CVE-2019-5862]
146288Google Chrome Blink improper restriction of rendered ui layers
146287Google Chrome PDFium use after free [CVE-2019-5860]
146286Google Chrome URI Scheme input validation [CVE-2019-5859]
146285Google Chrome Services Integration input validation [CVE-2019-5858]
146284Google Chrome Javascript memory corruption [CVE-2019-5857]
146283Google Chrome Policy Enforcement input validation [CVE-2019-5856]
146282Google Chrome PDFium integer overflow [CVE-2019-5855]
146281Google Chrome PDFium integer overflow [CVE-2019-5854]
146280Google Chrome Javascript input validation [CVE-2019-5853]
146279Google Chrome Javascript input validation [CVE-2019-5852]
146278Google Chrome WebAudio use after free [CVE-2019-5851]
146277Google Chrome Offline Mode use after free [CVE-2019-5850]
146276Google Chrome Skia out-of-bounds read [CVE-2019-5849]
146275Google Chrome Font information disclosure [CVE-2019-5848]
146274Google Chrome Javascript memory corruption [CVE-2019-5847]
146273Google Chrome Blink use after free [CVE-2019-5842]
146272IBM Spectrum Protect Backup-Archive Client TCP/IP information exposure
146271Linux Kernel vcsu Device vc_screen.c vcs_write out-of-bounds read
146270OpenTrade v1.js sql injection
146269QueryTree Invitation InvitationsController.cs input validation
146268Oniguruma regexec.c str_lower_case_match out-of-bounds read
146267Linux Kernel cpia2_core.c cpia2_remap_buffer integer overflow
146266Symantec Critical System Protection improper authentication [CVE-2019-18374]
146265Nokia Impact path traversal [CVE-2019-17406]
146264Nokia Impact Reflected cross site scripting [CVE-2019-17405]
146263Nokia Impact Path path traversal [CVE-2019-17404]
146262Nokia Impact File Upload unrestricted upload [CVE-2019-17403]
146261vscode-codeql codeQL.cli.executablePath path traversal [CVE-2019-16765]
146260pow_assent PowAssent.Phoenix.AuthorizationController resource consumption
146259Kaspersky Protection Extension authorization [CVE-2019-15684]
146258Katello Password Storage Credentials cleartext transmission
146257Google Chrome WebBluetooth out-of-bounds write [CVE-2019-13724]
146256Google Chrome WebBluetooth use after free [CVE-2019-13723]
146255Google Chrome PDFium use after free [CVE-2019-13721]
146254Google Chrome WebAudio use after free [CVE-2019-13720]
146253Google Chrome Full Screen Mode insecure storage of sensitive information
146252Google Chrome Omnibox Domain input validation
146251Google Chrome Full Screen Mode insecure storage of sensitive information
146250Google Chrome Policy Enforcement authorization [CVE-2019-13716]
146249Google Chrome Omnibox Domain authentication spoofing
146248Google Chrome Color Enhancer Extension css injection
146247Google Chrome Policy Enforcement information disclosure [CVE-2019-13713]
146246Google Chrome Policy Enforcement information disclosure [CVE-2019-13711]
146245Google Chrome Downloads input validation [CVE-2019-13710]
146244Google Chrome Policy Enforcement authentication spoofing [CVE-2019-13709]
146243Google Chrome Navigation Address authentication spoofing
146242Google Chrome information disclosure [CVE-2019-13707]
146241Google Chrome PDFium out-of-bounds read [CVE-2019-13706]
146240Google Chrome Policy Enforcement information disclosure [CVE-2019-13705]
146239Google Chrome Content Security Policy authentication spoofing
146238Google Chrome Policy Enforcement Address authentication spoofing
146237Google Chrome Installer privileges management [CVE-2019-13702]
146236Google Chrome Navigation Address authentication spoofing
146235Google Chrome Renderer memory corruption [CVE-2019-13700]
146234Google Chrome Renderer use after free [CVE-2019-13699]
146233Google Chrome Javascript memory corruption [CVE-2019-13698]
146232Google Chrome Policy Enforcement permission assignment [CVE-2019-13697]
146231Google Chrome Javascript use after free [CVE-2019-13696]
146230Google Chrome use after free [CVE-2019-13695]
146229Google Chrome WebRTC use after free [CVE-2019-13694]
146228Google Chrome IndexedDB use after free [CVE-2019-13693]
146227Google Chrome Policy Enforcement input validation [CVE-2019-13692]
146226Google Chrome Navigation Address input validation
146225Google Chrome Blink use after free [CVE-2019-13688]
146224Google Chrome Blink use after free [CVE-2019-13687]
146223Google Chrome Offline Mode use after free [CVE-2019-13686]
146222Google Chrome use after free [CVE-2019-13685]
146221Google Chrome Javascript information disclosure [CVE-2019-13684]
146220Google Chrome Policy Enforcement permission assignment [CVE-2019-13683]
146219Google Chrome Same Origin Policy permission assignment [CVE-2019-13682]
146218Google Chrome Download permission assignment [CVE-2019-13681]
146217Google Chrome TLS IP Address privileges management
146216Google Chrome Policy Enforcement permission assignment [CVE-2019-13679]
146215Google Chrome Download Domain input validation
146214Google Chrome Policy Enforcement permission assignment [CVE-2019-13677]
146213Google Chrome Policy Enforcement Domain permission assignment
146212Google Chrome Extension input validation [CVE-2019-13675]
146211Google Chrome Omnibox Domain input validation
146210Google Chrome Developer Tools input validation [CVE-2019-13673]
146209Google Chrome Security UI input validation [CVE-2019-13671]
146208Google Chrome input validation [CVE-2019-13670]
146207Google Chrome Navigation Address input validation
146206Google Chrome Policy Enforcement permission assignment [CVE-2019-13668]
146205Google Chrome Omnibox URL input validation
146204Google Chrome information disclosure [CVE-2019-13666]
146203Google Chrome Blink permission assignment [CVE-2019-13665]
146202Google Chrome Content Security Policy permission assignment [CVE-2019-13664]
146201Google Chrome Omnibox Domain input validation
146200Google Chrome Content Security Policy permission assignment [CVE-2019-13662]
146199Google Chrome Notification input validation [CVE-2019-13661]
146198Google Chrome Notification input validation [CVE-2019-13660]
146197Google Chrome Omnibox permission assignment [CVE-2019-13659]
146196389-ds-base Verbose Mode insufficiently protected credentials
146195Ansible GCP Module service_account_contents information disclosure
146194Openshift Container Platform Debug Log neutralization for logs
146193Linux Kernel Bluetooth null pointer dereference [CVE-2019-10207]
146192IBM Spectrum Protect Backup-Archive Client CIT privileges management
146191GNU Patch Incomplete Fix path traversal [CVE-2015-1396]🔒🔒
146189cloud-init EC2 Instance Data privileges management [CVE-2012-6639]
146188libuser Home Directory information disclosure [CVE-2012-5644]🔒🔒
146187thttpd .htpasswd File null pointer dereference [CVE-2012-5640]
146186Ipa Server Identity Cookie cookie validation
146185libuser Directory Tree toctou [CVE-2012-5630]🔒🔒
146184gksu-polkit PolicyKit Policy Configuration File privileges management🔒🔒
146183opendnssec libcurl API input validation [CVE-2012-5582]
146182Python Keyring default permission [CVE-2012-5578]
146181gnome-system-log polkit Policy information disclosure [CVE-2012-5535]🔒🔒
146180Claws Mail vCalendar Plugin Interface Credentials insufficiently protected credentials
146179Quagga ospf6d assertion [CVE-2012-5521]
146178vdsm Certificate Generator certificate validation [CVE-2012-5518]🔒🔒
146177Zope Incomplete Fix CVE-2010-1104 cross site scripting [CVE-2011-4924]
146176cri-o Container denial of service [CVE-2019-14891]
146175ibus DBus Server authorization [CVE-2019-14822]
146174Linux Kernel WMM heap-based overflow [CVE-2019-14815]
146173Red Hat Enterprise Linux Image Library insufficiently protected credentials
146172Infinispan invokeAccessibly Privilege Escalation
146171Apple iPhone malloc privileges management [CVE-2019-9536]
146170IBM Tivoli Netcool Impact Error Message information disclosure
146169IBM Tivoli Netcool Impact Web UI cross site scriting [CVE-2019-4569]
146168IBM SmartCloud Analytics solrconfig.xml information disclosure
146167IBM SmartCloud Analytics Host Header Cache Poisoning privileges management
146166IBM SmartCloud Analytics input validation [CVE-2019-4215]
146165IBM SmartCloud Analytics Token/Cookie authorization [CVE-2019-4214]
146164McAfee Client Proxy Microsoft Windows Client privileges management
146163ZTE ZXCDN IAMWEB Management Portal input validation [CVE-2019-3428]
146162ZTE XCDN IAMWEB Management Page injection [CVE-2019-3427]
146161EmbedThis GoAhead HTTP Header memory corruption [CVE-2019-19240]
146160Linux Kernel AppleTalk Subsystem aarp.c register_snap_client null pointer dereference
146159Pagekit CSRF Token cross-site request forgery [CVE-2019-19013]
146158Sangoma Asterisk/Certified Asterisk res_pjsip_t38.c null pointer dereference
146157HP ThinPro Citrix Receiver Wrapper input validation [CVE-2019-18910]
146156HP ThinPro input validation [CVE-2019-18909]
146155Sangoma Asterisk/Certified Asterisk chan_sip.c authorization
146154phpMyAdmin Designer sql injection [CVE-2019-18622]
146153Sangoma Asterisk/Certified Asterisk Asterisk Manager Interface manager.c authorization
146152Eracent EPA Agent Agent Executable untrusted search path [CVE-2019-17446]
146151Eracent EDA/EPA/EPM/EUA/FLW/SUM Agent Executable link following
146150Pannellum data URI cross site scripting [CVE-2019-16763]
146149HP ThinPro Application Filter privileges management [CVE-2019-16287]
146148HP ThinPro OS Application Filter authorization [CVE-2019-16286]
146147HP ThinPro authorization [CVE-2019-16285]
146146NSSLGlobal SatLink VSAT Modem Unit Web Interface cross site scripting
146145GitLab Comment resource consumption [CVE-2019-15593]
146144ros_comm/ros-melodic-ros-comm buffer overflow [CVE-2019-13566]
146143NAVER Vaccine nsz Archive nsGreen.dll path traversal
146142Pivotal RabbitMQ Policy Management cross site scripting [CVE-2019-11291]
146141Pivotal RabbitMQ Web Management Plugin resource consumption [CVE-2019-11287]
146140ansible-playbook-k/Ansible CLI Tools Template Password input validation
146139PowerDNS input validation [CVE-2019-10203]
146138CloudForms v2v Infrastructure Mapping Delete Stored cross site scripting
146137libbluray JAR File MountManager toctou
146136OpenStack Designate DNS Protocol infinite loop [CVE-2015-5694]
146135oVirt Permission authorization [CVE-2015-1780]
146134ace Privileges random values
146133CHICKEN select buffer overflow
146132redhat-upgrade-tool GPG Signature signature verification [CVE-2014-3585]
146131POSH login.php cross site scripting🔒
146130POSH scr_sendmd5.php redirect🔒
146129Gael Q-Pulse managedlistdialog.aspx cross site scripting
146128FlashCanvas proxy.php cross site scripting
146127Mijosoft MijoSearch Error Message search information exposure
146126Mijosoft MijoSearch search cross site scripting
146125D-Link DSL-6740U Remote Management cross-site request forgery
146124Exis Contexis Photo Gallery Model cross site scripting [CVE-2013-6239]
146123SpagoBI Worksheet Designer unrestricted upload [CVE-2013-6234]
146122ownCloud new.php cross site scripting🔒
146121W3 Total Cache Database Cache information disclosure [CVE-2012-6079]
146120W3 Total Cache Hash Generation information disclosure [CVE-2012-6078]
146119W3 Total Cache Secure Storage Password information disclosure
146118plow buffer overflow [CVE-2012-3407]
146117PyXML Hash Table resource consumption [CVE-2012-0877]
146116PostfixAdmin menu.php cross site scripting🔒🔒
146115Qualcomm Snapdragon Auto Xtra Daemon use after free [CVE-2019-10490]
146114Qualcomm Snapdragon Auto Qurt Kernel buffer overflow [CVE-2018-13916]
146113Fortinet FortiOS Configuration Backup hard-coded credentials
146112Beckhoff TwinCAT Profinet Driver divide by zero [CVE-2019-5637]
146111Beckhoff TwinCAT Runtime ADS Discovery Service denial of service
146110NetApp ONTAP Select Deploy Administration Utility injection [CVE-2019-5509]
146109xcftools xcf2png/xcf2pnm flattenIncrementally integer overflow
146108xcftools xcf2png/xcf2pnm flattenIncrementally integer overflow
146107Tenda AC9 Router AC1200 WanParameterSetting os command injection
146106Tenda AC9 Router AC1200 WanParameterSetting os command injection
146105Qualcomm Snapdragon Auto memory corruption [CVE-2019-2339]
146104Qualcomm Snapdragon Auto CBO Listener use after free [CVE-2019-2336]
146103Qualcomm Snapdragon Auto Attach Reject Message infinite loop
146102Qualcomm Snapdragon Compute use after free [CVE-2019-2329]
146101Qualcomm Snapdragon Auto Kernel out-of-bounds read [CVE-2019-2318]
146100Qualcomm Snapdragon Auto API memory corruption [CVE-2019-2315]
146099Qualcomm Snapdragon Auto SNDCP Module out-of-bounds read [CVE-2019-2303]
146098Qualcomm Snapdragon Auto NAN Message integer underflow [CVE-2019-2297]
146097Qualcomm Snapdragon Auto SDI memory corruption [CVE-2019-2295]
146096Qualcomm Snapdragon Auto Modem improper authentication [CVE-2019-2289]
146095Qualcomm Snapdragon Auto Downlink Session out-of-bounds read
146094Qualcomm Snapdragon Auto P2P Action Frame out-of-bounds read
146093Qualcomm Snapdragon Auto Camera Sensor use after free [CVE-2019-2266]
146092Qualcomm Snapdragon Auto Bitmap File buffer overflow [CVE-2019-2251]
146091libarchive archive_string.c archive_wstring_append_from_mbs out-of-bounds read
146090rConfig devices.php sql injection
146089Oniguruma regparse.c fetch_interval_quantifier out-of-bounds read
146088Oniguruma gb18030.c gb18030_mbc_enc_len out-of-bounds read
146087vTiger CRM My Preferences default permission [CVE-2019-19202]
146086Kyrol Internet Security IOCTL kyrld.sys permission assignment
146085Shibboleth Service Provider Spec File link following [CVE-2019-19191]
146084Jalios JCMS improper authentication [CVE-2019-19033]
146083Sangoma FreePBX Access Control authorization [CVE-2019-19006]
146082Nitro Pro Log File debug.log input validation
146081Zulip Server Password Authentication API Key improper authentication
146080Redmine sql injection [CVE-2019-18890]
146079Symfony Cache Adapter Interface injection [CVE-2019-18889]
146078Symfony MIME Type input validation [CVE-2019-18888]
146077Symfony UriSigner race condition [CVE-2019-18887]
146076Symfony User information disclosure [CVE-2019-18886]
146075HotkeyP Commands.cpp privilege privileges management
146074Fortinet FortiClient Security Check os command injection [CVE-2019-17650]
146073Zoho ManageEngine OpManager/Firewall Analyzer Nipper default permission
146072NetApp ONTAP Select Deploy Administration Utility input validation
146071Lexmark Services Monitor Service Port 2070 path traversal [CVE-2019-16758]
146070Google Compute Engine Plugin ComputeEngineCloud#doProvision cross-site request forgery
146069Google Compute Engine Plugin API Endpoint permission assignment
146068Google Compute Engine Plugin SSH Host Key authorization [CVE-2019-16546]
146067QMetry for JIRA Test Management Plugin cleartext transmission
146066QMetry for JIRA Test Management Plugin config.xml Credentials credentials storage
146065Spira Importer Plugin Global Configuration Credentials credentials storage
146064Anchore Container Image Scanner Plugin config.xml Credentials credentials storage
146063Jira Plugin Site Definition exposure of resource [CVE-2019-16541]
146062Support Core Plugin Permission path traversal [CVE-2019-16540]
146061Support Core Plugin Permission Check improper authorization [CVE-2019-16539]
146059Centreon Web OVA/OVF permission assignment [CVE-2019-16406]
146058Centreon Web Macro Expression Location Setting input validation
146057Belkin Linksys Velop sysinfo_json.cgi Key authorization
146056Fortinet FortiClient SSL VPN Gateway information disclosure [CVE-2019-15704]
146055GOG Galaxy GalaxyClientService privileges management [CVE-2019-15511]
146054Symfony VarExport var-exporter input validation
146053ioBroker path traversal [CVE-2019-10767]
146052Qualcomm IPS Interpreter integer overflow [CVE-2019-10627]
146051Qualcomm QCA6174_9377 Registry privileges management [CVE-2019-10617]
146050Qualcomm Snapdragon Auto WLAN Module buffer overflow [CVE-2019-10566]
146049Qualcomm Snapdragon Auto Message out-of-bounds read [CVE-2019-10563]
146048Qualcomm Snapdragon Auto Loop memory corruption [CVE-2019-10535]
146047Qualcomm Snapdragon Auto Camera Driver array index [CVE-2019-10503]
146046Qualcomm Snapdragon Auto Ressource Lock toctou [CVE-2019-10486]
146045Fotinet FortiOS URL/SPAM/AV hard-coded credentials [CVE-2018-9195]
146044Asuswrt-Merlin blocking.asp out-of-bounds write
146043Synametrics SynaMan/Syncrify/SynTail cross-site request forgery🔒
146042Ikiwiki openid-selector.tmpl cross site scripting🔒🔒
146041Zhone zNID 2426A Web Administrative Portal authorization [CVE-2014-8356]
146040xcfa Temp File race condition [CVE-2014-5255]
146039xcfa Temp File race condition [CVE-2014-5254]
146038eDeploy eval injection
146037wolfSSL Server Certificate improper authentication [CVE-2014-2904]
146036wolfSSL CA Certificate certificate validation [CVE-2014-2902]
146035wolfSSL Certificate certificate validation [CVE-2014-2901]
146034python-rply Temp File rply-*.json link following
146033Gamera Temp File tempfile.mktemp input validation
146032rc Temp File input validation [CVE-2014-1936]
1460319base Temp File input validation [CVE-2014-1935]
146030openshift-origin-node Gem cronjob Timeout input validation [CVE-2014-0084]
146029net-ldap gem SSHA Password Generation password.rb LDAP Salt unknown vulnerability
146028Slackware iodbctest/iodbctestw input validation [CVE-2013-7172]
146027Slackware/Slackware LLVM Privileges tmp input validation
146026Loftek Nexus 543 IP Camera get_realip.cgi information disclosure
146025Loftek Nexus 543 IP Camera check_users.cgi Password insufficiently protected credentials
146024Loftek Nexus 543 IP Camera set_users.cgi cross-site request forgery
146023Loftek Nexus 543 IP Camera path traversal [CVE-2013-3311]
146022xlockmore dclock input validation [CVE-2012-4524]🔒🔒
146021Mono ASP.NET Web Form Hash input validation [CVE-2012-3543]🔒🔒
146020cumin PostgreSQL Database input validation [CVE-2012-3460]
146019pam_shield Default Configuration input validation [CVE-2012-2350]
146018trytond ModelView.button authorization
146017Activity Module cross-site request forgery [CVE-2012-2079]
146016Activity Module cross site scripting [CVE-2012-2078]
146015Quick Tabs Module cross site scripting [CVE-2012-1637]
146014Chyrp ajax.php cross site scripting
146013Linux Kernel extent-tree.c __btrfs_free_extent information disclosure
146012Linux Kernel namei.c ext4_empty_dir null pointer dereference
146011Linux Kernel ctree.c btrfs_root_node null pointer dereference
146010Schneider Electric Andover Continuum Web Server cross site scripting
146009Schneider Electric Modicon M340 CPU Web Server information disclosure
146008VMware Workstation/Fusion RPC input validation [CVE-2019-5542]
146007VMware Workstation/Fusion e1000e Virtual Network Adapter out-of-bounds write
146006VMware Workstation/Fusion vmnetdhcp information disclosure [CVE-2019-5540]
146005IBM Security Identity Manager Deserialization code injection
146004IBM Maximo Asset Management denial of service [CVE-2019-4530]
146003postgresql-common pg_ctlcluster privileges management
146002CODESYS Web Server buffer overflow [CVE-2019-18858]
146001GNU Serveez reader http_cgi_write information disclosure
146000iobroker.admin path traversal [CVE-2019-10765]
145999Google Chrome unknown vulnerability [CVE-2016-9652]🔒🔒
145998Google Chrome Product Security memory corruption [CVE-2016-5194]🔒🔒
145997PostgreSQL Error Message information disclosure [CVE-2015-3167]🔒🔒
145996PostgreSQL snprintf memory corruption🔒🔒
145995GnuPG Sign Extension keybox-search.c input validation🔒🔒
145994GnuPG Keyring DB use after free [CVE-2015-1606]🔒🔒
145993Dolibarr ERP CRM barcode.lib.php input validation [CVE-2013-2093]
145992Dolibarr ERP CRM functions.lib.php cross site scripting [CVE-2013-2092]
145991Dolibarr ERP CRM fiche.php sql injection
145990MediaWiki api.php information disclosure🔒🔒
145989MediaWiki HttpFunctions.php input validation🔒🔒
145988Piwik cross site scripting [CVE-2013-0195]
145987Piwik cross site scripting [CVE-2013-0194]
145986Piwik cross site scripting [CVE-2013-0193]
145985tuned default permission [CVE-2012-6136]
145984Pidgin dbus cleartext transmission [CVE-2012-1257]
145983Tiki tiki-admin_system.php cross site scripting🔒
145982Tiki tiki-remind_password.php cross site scripting🔒
145981Smarty3 input validation [CVE-2011-1028]
145980Weborf HTTP input validation [CVE-2011-0529]
145979statusnet addslashes input validation
145978statusnet Error Message cross site scripting [CVE-2010-4659]
145977Lenovo Paper software privileges management [CVE-2019-6191]
145976Lenovo System Interface Foundation DLL Loader untrusted search path
145975Lenovo XClarity Controller Stored injection [CVE-2019-6187]
145974Lenovo System Interface Foundation code injection [CVE-2019-6186]
145973Customer Engagement Service privileges management [CVE-2019-6184]
145972ThinkPad USB-C Dock denial of service [CVE-2019-6176]
145971Mail2000 redirect [CVE-2019-15073]
145970Mail2000 Login portal cross site scripting
145969Mail2000 go cross site scripting
145968GNU C Library setuid Program information disclosure [CVE-2019-19126]
145967Apache NiFi Authentication Mechanism Logout session expiration
145966AngularJS merge input validation
145965Apache NiFi API information disclosure [CVE-2019-10083]
145964Apache NiFi XMLFileLookupService xml external entity reference
145963Zikula cross site scripting [CVE-2011-3352]
145962masqmail log.c seteuid dropped privileges
145961LightDM Permission privileges management [CVE-2011-3349]
145960foomatic-rip Filter Debug Mode link following [CVE-2011-2924]🔒🔒
145959foomatic-rip Filter Debug Mode link following [CVE-2011-2923]🔒🔒
145958Unbound IPsec Module input validation [CVE-2019-18934]
145957Cloud Foundry Routing Nonce input validation [CVE-2019-11289]
145956Pixie limit sql injection
145955Node-cookie-signature Comparison race condition [CVE-2016-1000236]
145954RubyGems Startup input validation [CVE-2012-6135]
145953nuSOAP Certificate Validation certificate validation [CVE-2012-6071]
145952Falconpl libcurl API input validation [CVE-2012-6070]
145951ktsuss GTK Interface input validation [CVE-2011-2922]🔒🔒
145950ktsuss Privileges dropped privileges [CVE-2011-2921]🔒🔒
145949Code42 DLL Loader untrusted search path [CVE-2019-16861]
145948Code42 DLL Loader untrusted search path [CVE-2019-16860]
145947HHVM __construct use after free
145946sniffit Configuration File out-of-bounds write [CVE-2014-5439]🔒
145945uzbl Cookie Storage information disclosure [CVE-2012-0843]🔒🔒
145944Surf Cookie Jahr information disclosure [CVE-2012-0842]🔒🔒
145943gnusound format string [CVE-2012-0824]
145942nginx HTTP Proxy Module input validation [CVE-2011-4968]
145941tog-Pegasus Package Hash input validation [CVE-2011-4967]
145940Cobbler privileges management [CVE-2011-4954]🔒
145939Cobbler cross-site request forgery [CVE-2011-4952]🔒
145938mpack information disclosure [CVE-2011-4919]🔒🔒
145937NVIDIA NVFlash privileges management [CVE-2019-5688]
145936OpenWrt ustream-ssl certificate validation [CVE-2019-5102]
145935OpenWrt ustream-ssl __ustream_ssl_poll certificate validation
145934ZTE C520V21 Web Service improper authentication [CVE-2019-3424]
145933ZTE C520V21 URL path traversal [CVE-2019-3423]
145932PHICOMM K2 autoupgrade.lua input validation [CVE-2019-19117]
145931newbee-mall NewBeeMallGoodsMapper.xml sql injection
145930Octopus Server Persistent cross site scripting [CVE-2019-19085]
145929Octopus Deploy Package unrestricted upload [CVE-2019-19084]
145928Norton App Lock privileges management [CVE-2019-18373]
145927Comodo Internet Security Signature Validation signmgr.dll untrusted search path
145926Micro Focus Operations Agent XML Data xml external entity reference
145925Footy Tipping Software AFL Web Edition File Upload unrestricted upload
145924Footy Tipping Software AFL Web Edition cross site scripting [CVE-2019-17057]
145923Mailbird HTML Mail Message cross site scripting [CVE-2019-15054]
145922Social Photo Gallery plugin Album input validation [CVE-2019-14467]
145921Apache Shiro Configuration Padding input validation
145920Apache Solr Configuration File unrestricted upload
145918Sandline Centraleyezer File Upload Stored cross site scripting
145917Sandline Centraleyezer Category Stored cross site scripting
145916Sandline Centraleyezer File Upload unrestricted upload [CVE-2019-12271]
145915elliptic-php Private Key Elliptic-Curve race condition
145914Pimcore pimcore sql injection
145913Codehaus jackson-mapper-asl XML Data xml external entity reference
145912Apache Atlas Search Stored cross site scripting
145911Plex Media Server Access Control insufficiently protected credentials
145910Raritan CommandCenter Secure Gateway XML Data xml external entity reference
145909BlackBoard Learn bb-auth-provider-cas Authentication Module redirect
145908TBOOT Boot Loader loader.c input validation🔒🔒
145907Jenkins CI Game Plugin cross site scripting [CVE-2012-4441]
145906Jenkins Violations Plugin cross site scripting [CVE-2012-4440]
145905Jenkins URL cross site scripting [CVE-2012-4439]
145904Jenkins input validation [CVE-2012-4438]
145903Distributed Ruby instance_eval Remote Code Execution
145902Distributed Ruby Syscall Remote Code Execution [CVE-2011-5330]
145901Iceweasel-firegpg Temp File link following [CVE-2008-7273]
145900Linux Kernel dc clock_source_create resource consumption
145899Linux Kernel dc create_resource_pool resource consumption
145898Linux Kernel main.c nfp_flower_spawn_vnic_reprs resource consumption
145897Linux Kernel main.c nfp_flower_spawn_phy_reprs resource consumption
145896Linux Kernel tun.c qrtr_tun_write_iter resource consumption
145895Linux Kernel usb.c ath10k_usb_hif_tx_sg resource consumption
145894Linux Kernel ib_verbs.c bnxt_re_create_srq resource consumption
145893Linux Kernel cls.c nfp_abm_u32_knode_replace resource consumption
145892Linux Kernel ca8210.c ca8210_probe resource consumption
145891Linux Kernel wmi.c ath9k_wmi_cmd resource consumption
145890Linux Kernel htc_hst.c wait_for_completion_timeout resource consumption
145889Linux Kernel trace_events_filter.c predicate_parse resource consumption
145888Linux Kernel rsi_91x_mgmt.c rsi_send_beacon resource consumption
145887Linux Kernel spi-gpio.c spi_gpio_probe resource consumption
145886Linux Kernel fastrpc.c fastrpc_dma_buf_attach resource consumption
145885Linux Kernel rtl8xxxu_core.c rtl8xxxu_submit_int_urb resource consumption
145884Linux Kernel amdgpu_acp.c acp_hw_init resource consumption
145883Linux Kernel bfad_attr.c bfad_im_get_stats resource consumption
145882Linux Kernel sdma.c sdma_init resource consumption
145881Linux Kernel spi-fsl-lpspi.c fsl_lpspi_probe resource consumption
145880Linux Kernel usb.c rtl_usb_probe resource consumption
145879Linux Kernel crypto_user_base.c crypto_report resource consumption
145878Linux Kernel adis_buffer.c adis_update_scan_mode_burst resource consumption
145877Linux Kernel adis_buffer.c adis_update_scan_mode resource consumption
145876Linux Kernel ctxt-info-gen3.c iwl_pcie_ctxt_info_gen3_init resource consumption
145875Linux Kernel dbg.c alloc_sgtable resource consumption
145874Linux Kernel pcie.c mwifiex_pcie_init_evt_ring resource consumption
145873Linux Kernel pcie.c mwifiex_pcie_alloc_cmdrsp_buf resource consumption
145872Linux Kernel nl80211.c nl80211_get_ftm_responder_stats resource consumption
145871Linux Kernel cx23888-ir.c cx23888_ir_probe resource consumption
145870Linux Kernel rpmsg_char.c rpmsg_eptdev_write_iter resource consumption
145869Linux Kernel gs_usb.c gs_can_open resource consumption
145868Linux Kernel op-rfkill.c i2400m_op_rfkill_sw_toggle resource consumption
145867Linux Kernel crypto_user_stat.c crypto_reportstat resource consumption
145866Linux Kernel unittest.c unittest_data_add resource consumption
145865Linux Kernel vboxguest_utils.c crypto_reportstat resource consumption
145864Linux Kernel health.c mlx5_fw_fatal_reporter_dump resource consumption
145863Linux Kernel ipmi_msghandler.c __ipmi_bmc_register resource consumption
145862Linux Kernel conn.c mlx5_fpga_conn_create_cq resource consumption
145861Linux Kernel v3d_gem.c v3d_submit_cl_ioctl resource consumption
145860Linux Kernel i40e_main.c i40e_setup_macvlans resource consumption
145859Xorux Lpar2RRD/Stor2RRD Upgrade Package os command injection
145858KairosDB view.html cross site scripting
145857jhead jpgfile.c process_SOFn out-of-bounds read
145856iTerm2 Search History information disclosure [CVE-2019-19022]
145855Oniguruma regexec.c search_in_range integer overflow
145854MiniUPnP ngiflib ngiflib.c GifIndexToTrueColor null pointer dereference
145853F5 BIG-IP Management Port input validation [CVE-2019-6664]
145852F5 BIG-IP/BIG-IQ/iWorkflow/Enterprise Manager Configuration Utility DNS Rebinding input validation
145851F5 BIG-IP Log log file [CVE-2019-6662]
145850F5 BIG-IP APM APD/APMD resource consumption [CVE-2019-6661]
145849F5 BIG-IP resource consumption [CVE-2019-6660]
145848F5 BIG-IP Virtual Server input validation [CVE-2019-6659]
145847Math Plugin Eval input validation [CVE-2019-19010]
145846AbuseFilter Extension information disclosure [CVE-2019-18987]
145845Pimcore Forgot Password excessive authentication [CVE-2019-18986]
145844Pimcore 2FA Token excessive authentication [CVE-2019-18985]
145843Pimcore Email Log Preview EmailController.php cross site scripting
145842Pimcore ID privileges management [CVE-2019-18981]
145841Cyrus IMAP privileges management [CVE-2019-18928]
145840Symantec Endpoint Protection privileges management [CVE-2019-18372]
145839slpjs Bitcoin Script input validation [CVE-2019-16762]
145838slp-validate Bitcoin Script input validation [CVE-2019-16761]
145837Ghostscript .charkeys Remote Code Execution
145836TemaTres Administrator Account privileges management [CVE-2019-14345]
145835TemaTres Stored cross site scripting [CVE-2019-14343]
145834Marvell 88W8688 Parrot Faurecia Automotive FC6050W out-of-bounds write
145833Marvell 88W8688 Parrot Faurecia Automotive FC6050W out-of-bounds write
145832Symantec Endpoint Protection Manager privileges management [CVE-2019-12759]
145831Symantec Endpoint Protection Digital Signature input validation
145830Symantec Endpoint Protection privileges management [CVE-2019-12757]
145829Symantec Endpoint Protection Password Protection authorization
145828Symantec Endpoint Protection Manager privileges management [CVE-2018-18368]
145827NSS ssl3_ComputeRecordMACConstantTime null pointer dereference🔒🔒
145826openshift Install Script exposure of resource [CVE-2014-0023]
145825Chrony cmdmon Protocol Amplification privileges management🔒🔒
145824ClamAV dbg_printhex information disclosure🔒🔒
145823ClamAV libclamav buffer overflow [CVE-2013-7088]🔒🔒
145822ClamAV WWPack memory corruption [CVE-2013-7087]🔒🔒
145821Perdition IMAP Server/POP Server ssl_outgoing_ciphers exceptional condition
145820qtnx Configuration File Key cleartext storage
145819ax25-tools AX.25 Daemon setuid privileges management
145818Drupal File Upload authorization [CVE-2011-2726]
145817gksu-polkit xauth input validation [CVE-2011-0703]
145816Jetty Cookie Dump Servlet Escape memory corruption
145815Intel fTPM race condition [CVE-2019-11090]
145814Adobe Illustrator CC memory corruption [CVE-2019-8248]
145813Adobe Illustrator CC memory corruption [CVE-2019-8247]
145812Adobe Media Encoder out-of-bounds write [CVE-2019-8246]
145811Adobe Media Encoder out-of-bounds read [CVE-2019-8244]
145810Adobe Media Encoder out-of-bounds read [CVE-2019-8243]
145809Adobe Media Encoder out-of-bounds read [CVE-2019-8242]
145808Adobe Media Encoder out-of-bounds read [CVE-2019-8241]
145807Adobe Bridge CC memory corruption [CVE-2019-8240]
145806Adobe Bridge CC memory corruption [CVE-2019-8239]
145805Adobe Illustrator CC Library Loader untrusted search path [CVE-2019-7962]
145804Adobe Animate CC Library Loader untrusted search path [CVE-2019-7960]
145803Philips Taolight Smart Wi-Fi Wiz Connected LED Bulb API improper authentication
145802rack-cors Gem path traversal [CVE-2019-18978]
145801MicroStrategy Library Reflected cross site scripting
145800SnowHaze input validation [CVE-2019-18949]
145799eQ-3 Homematic CCU2/Homematic CCU3 Web Interface exec.cgi input validation
145798eQ-3 Homematic CCU2/Homematic CCU3 Web Interface save.cgi input validation
145797eQ-3 Homematic CCU2/Homematic CCU3 Web Interface exec.cgi input validation
145796Scanguard default permission [CVE-2019-18895]
145795Linux Kernel volumes.c null pointer dereference
1457943xLogic Infinias Access Control cross-site request forgery [CVE-2019-18651]
145793Untangle NG Firewall Report Stored cross site scripting
145792Untangle NG Firewall Reflected cross site scripting [CVE-2019-18648]
145791Untangle NG Firewall injection [CVE-2019-18647]
145790Within Authenticate Firewall sql injection [CVE-2019-18646]
145789Espressif ESP32 Secure Boot information disclosure [CVE-2019-17391]
145788STMicroelectronics ST33TPHF2ESPI TPM Private Key TPM-Fail risky encryption
145787Blade Shadow Network Protocol input validation [CVE-2019-16110]
145786ZyXEL GS1900 Password Recovery input validation [CVE-2019-15804]
145785ZyXEL GS1900 fds_sys_passDebugPasswd_ret input validation
145784ZyXEL GS1900 Configuration Backup sal_util_str_encrypt hard-coded credentials
145783ZyXEL GS1900 fds_sys_passDebugPasswd_ret insufficiently protected credentials
145782ZyXEL GS1900 cmd_sys_traceroute_exec input validation
145781ZyXEL GS1900 Web Interface privileges management [CVE-2019-15799]
145780Sony Xperia XZs external reference [CVE-2019-15744]
145779Sony Xperia Touch external reference [CVE-2019-15743]
145778Xiaomi Mi A3 external reference [CVE-2019-15475]
145777Xiaomi Cepheus external reference [CVE-2019-15474]
145776Xiaomi Mi A2 Lite external reference [CVE-2019-15473]
145775Xiaomi Mi A2 Lite external reference [CVE-2019-15472]
145774Xiaomi Mi Mix 2S permission assignment [CVE-2019-15471]
145773Xiaomi Redmi Note 6 Pro permission assignment [CVE-2019-15470]
145772Xiaomi Mi Pad 4 permission assignment [CVE-2019-15469]
145771Xiaomi Mi A2 Lite external reference [CVE-2019-15468]
145770Xiaomi Mi Mix 2S external reference [CVE-2019-15467]
145769Xiaomi Redmi 6 Pro external reference [CVE-2019-15466]
145768Samsung J7 Pro permission assignment [CVE-2019-15465]
145767Samsung J7 Pro permission assignment [CVE-2019-15464]
145766Samsung j7popeltemtr permission assignment [CVE-2019-15463]
145765Samsung J7 Duo permission assignment [CVE-2019-15462]
145764Samsung J7 Neo permission assignment [CVE-2019-15461]
145763Samsung J7 Neo permission assignment [CVE-2019-15460]
145762Samsung J7 Neo permission assignment [CVE-2019-15459]
145761Samsung J7 Neo permission assignment [CVE-2019-15458]
145760Samsung J6 permission assignment [CVE-2019-15457]
145759Samsung J6 permission assignment [CVE-2019-15456]
145758Samsung J5 permission assignment [CVE-2019-15455]
145757Samsung J4 permission assignment [CVE-2019-15454]
145756Samsung J4 permission assignment [CVE-2019-15453]
145755Samsung J3 permission assignment [CVE-2019-15452]
145754Samsung J3 permission assignment [CVE-2019-15451]
145753Samsung j3popeltecan permission assignment [CVE-2019-15450]
145752Samsung S7 Edge permission assignment [CVE-2019-15449]
145751Samsung S7 Edge permission assignment [CVE-2019-15448]
145750Samsung S7 Edge permission assignment [CVE-2019-15447]
145749Samsung S7 permission assignment [CVE-2019-15446]
145748Samsung S7 permission assignment [CVE-2019-15445]
145747Samsung S7 permission assignment [CVE-2019-15444]
145746Samsung J7 Max permission assignment [CVE-2019-15443]
145745Samsung on7xelteskt permission assignment [CVE-2019-15442]
145744Samsung on7xeltelgt permission assignment [CVE-2019-15441]
145743Samsung J5 permission assignment [CVE-2019-15440]
145742Samsung XCover4 permission assignment [CVE-2019-15439]
145741Samsung XCover4 permission assignment [CVE-2019-15438]
145740Samsung XCover4 permission assignment [CVE-2019-15437]
145739Samsung A8+ permission assignment [CVE-2019-15436]
145738Samsung A7 permission assignment [CVE-2019-15435]
145737Samsung A5 permission assignment [CVE-2019-15434]
145736Samsung A3 permission assignment [CVE-2019-15433]
145735Evercoss U6 permission assignment [CVE-2019-15432]
145734Evercoss U50A permission assignment [CVE-2019-15431]
145733Bluboo D3 Pro permission assignment [CVE-2019-15430]
145732Panasonic ELUGA I9 external reference [CVE-2019-15429]
145731Xiaomi Mi Note 2 external reference [CVE-2019-15428]
145730Xiaomi Mi Mix external reference [CVE-2019-15427]
145729Xiaomi Mi 5s Plus external reference [CVE-2019-15426]
145728Kata M4s external reference [CVE-2019-15425]
145727Doogee BL5000 external reference [CVE-2019-15424]
145726Bluboo S1 external reference [CVE-2019-15423]
145725Doogee Mix external reference [CVE-2019-15422]
145724Blackview BV7000 Pro external reference [CVE-2019-15421]
145723Blackview BV9000Pro-F external reference [CVE-2019-15420]
145722Asus X015_1 external reference [CVE-2019-15419]
145721Asus X00K_1 external reference [CVE-2019-15418]
145720Tecno Spark Pro permission assignment [CVE-2019-15417]
145719Sony keyaki_kddi permission assignment [CVE-2019-15416]
145718Xiaomi Redmi 5 external reference [CVE-2019-15415]
145717Asus ZenFone AR permission assignment [CVE-2019-15414]
145716Asus ZenFone 3 Ultra permission assignment [CVE-2019-15413]
145715Asus ZenFone 4 Selfie com.asus.loguploader permission assignment
145714Asus ZenFone 3 Laser com.asus.loguploader permission assignment
145713Asus ZenFone 5Q com.asus.loguploader permission assignment [CVE-2019-15410]
145712Asus ZenFone 5Q com.asus.loguploader permission assignment [CVE-2019-15409]
145711Asus ZenFone 5 Lite com.asus.loguploader permission assignment
145710Asus X015_1 com.asus.loguploader permission assignment [CVE-2019-15407]
145709Asus X00LD_3 com.asus.loguploader permission assignment [CVE-2019-15406]
145708Asus X00K_1 com.asus.loguploader external reference [CVE-2019-15405]
145707Asus ZenFone Max 4 com.asus.loguploader permission assignment
145706Asus ZenFone 3s Max com.asus.loguploader permission assignment
145705Asus A002_2 com.asus.loguploader permission assignment [CVE-2019-15402]
145704Asus A002 com.asus.loguploader permission assignment [CVE-2019-15401]
145703Asus ZenFone 3 Ultra com.asus.loguploader permission assignment
145702Asus ZenFone 5Q com.asus.loguploader permission assignment [CVE-2019-15399]
145701Asus ZenFone 4 com.asus.loguploader permission assignment [CVE-2019-15398]
145700Asus ZenFone Max 4 com.asus.loguploader permission assignment
145699Asus ZenFone 3 com.asus.loguploader permission assignment [CVE-2019-15396]
145698Asus ZenFone 3s Max com.asus.loguploader permission assignment
145697Asus ZenFone 5 Selfie external reference [CVE-2019-15394]
145696Asus ZenFone Live external reference [CVE-2019-15393]
145695Asus ZenFone 4 Selfie Authorization authorization [CVE-2019-15392]
145694Asus ZenFone 4 Selfie Authorization authorization [CVE-2019-15391]
145693Haier G8 Authorization authorization [CVE-2019-15390]
145692Haier A6 Graphical User Interface permission assignment [CVE-2019-15389]
145691Coolpad 1851 Graphical User Interface injection [CVE-2019-15388]
145690Archos Core 101 Permission permission assignment [CVE-2019-15387]
145689LAVA Z60s Authorization permission assignment [CVE-2019-15386]
145688Infinix Note 5 Authorization authorization [CVE-2019-15385]
145687Elephone A4 Authorization authorization [CVE-2019-15384]
145686Allview X5 Authorization authorization [CVE-2019-15383]
145685Cubot Nova Authorization authorization [CVE-2019-15382]
145684BQ 5515L Authorization authorization [CVE-2019-15381]
145683Fly Photo Pro Authorization authorization [CVE-2019-15380]
145682Walton Primo G3 Authorization authorization [CVE-2019-15379]
145681Panasonic Eluga Ray 600 Authorization authorization [CVE-2019-15378]
145680Cherry Flare S7 Authorization authorization [CVE-2019-15377]
145679Panasonic Eluga Ray 530 Authorization authorization [CVE-2019-15376]
145678Haier G8 Authorization authorization [CVE-2019-15375]
145677LAVA Iris 88 Lite Authorization authorization [CVE-2019-15374]
145676Symphony i95 Lite Authorization authorization [CVE-2019-15373]
145675Hisense F17 Authorization authorization [CVE-2019-15372]
145674Symphony G100 Authorization authorization [CVE-2019-15371]
145673Haier G8 Authorization authorization [CVE-2019-15370]
145672LAVA Z61 Turbo Authorization authorization [CVE-2019-15369]
145671Coolpad 1851 Authorization authorization [CVE-2019-15368]
145670Haier P10 Authorization authorization [CVE-2019-15367]
145669Infinix Note 5 Authorization authorization [CVE-2019-15366]
145668LAVA Z92 Authorization authorization [CVE-2019-15365]
145667Dexp BL250 Authorization authorization [CVE-2019-15364]
145666Leagoo Power 5 Authorization authorization [CVE-2019-15363]
145665LAVA Iris 88 Go Authorization authorization [CVE-2019-15362]
145664Infinix Note 5 Authorization authorization [CVE-2019-15361]
145663Hisense U965 Authorization authorization [CVE-2019-15360]
145662Haier A6 Authorization authorization [CVE-2019-15359]
145661Dexp Z250 authorization [CVE-2019-15358]
145660Advan i6A authorization [CVE-2019-15357]
145659LAVA Flair Z1 authorization [CVE-2019-15356]
145658Tecno Camon iClick authorization [CVE-2019-15355]
145657Ulefone Armor 5 authorization [CVE-2019-15354]
145656Coolpad N3C authorization [CVE-2019-15353]
145655Coolpad 1851 authorization [CVE-2019-15352]
145654Tecno Camon Graphical User Interface permission assignment [CVE-2019-15351]
145653Tecno Camon Graphical User Interface permission assignment [CVE-2019-15350]
145652Tecno Camon Graphical User Interface permission assignment [CVE-2019-15349]
145651Tecno Camon Graphical User Interface permission assignment [CVE-2019-15348]
145650Tecno Camon iClick 2 Graphical User Interface permission assignment
145649Tecno Camon iClick 2 Graphical User Interface permission assignment
145648Tecno Camon iClick Graphical User Interface permission assignment
145647Tecno Camon iClick Graphical User Interface permission assignment
145646Tecno Camon iClick Graphical User Interface permission assignment
145645Tecno Camon iAir 2 Plus Graphical User Interface permission assignment
145644Tecno Camon iAir 2 Plus Graphical User Interface permission assignment
145643Xiaomi Redmi 6 Pro permission assignment [CVE-2019-15340]
145642LAVA Z60s permission assignment [CVE-2019-15339]
145641LAVA Iris 88 Lite permission assignment [CVE-2019-15338]
145640LAVA Z81 permission assignment [CVE-2019-15337]
145639LAVA Z61 Turbo permission assignment [CVE-2019-15336]
145638LAVA Z92 permission assignment [CVE-2019-15335]
145637LAVA Iris 88 Go permission assignment [CVE-2019-15334]
145636LAVA Flair Z1 permission assignment [CVE-2019-15333]
145635LAVA Z61 permission assignment [CVE-2019-15332]
145634dpdk File Descriptor resource consumption [CVE-2019-14818]
145633SAS XML Mapper XML Data xml external entity reference [CVE-2019-14678]
145632Nuvoton CIR Driver Permission default permission [CVE-2019-14602]
145631Intel Graphics Driver API input validation [CVE-2019-14591]
145630Intel Graphics Driver information disclosure [CVE-2019-14590]
145629Intel Graphics Driver out-of-bounds read [CVE-2019-14574]
145628Intel SGX SDK input validation [CVE-2019-14566]
145627Intel SGX SDK input validation [CVE-2019-14565]
145626Facebook WhatsApp MP4 File stack-based overflow [CVE-2019-11931]
145625Intel Baseboard Management Controller memory corruption [CVE-2019-11182]
145624Intel Baseboard Management Controller out-of-bounds read [CVE-2019-11181]
145623Intel Baseboard Management Controller input validation [CVE-2019-11180]
145622Intel Baseboard Management Controller input validation [CVE-2019-11179]
145621Intel Baseboard Management Controller buffer overflow [CVE-2019-11178]
145620Intel Baseboard Management Controller exceptional condition [CVE-2019-11177]
145619Intel Baseboard Management Controller input validation [CVE-2019-11175]
145618Intel Baseboard Management Controller Access Control information disclosure
145617Intel Baseboard Management Controller Session session fixiation
145616Intel Baseboard Management Controller out-of-bounds read [CVE-2019-11172]
145615Intel Baseboard Management Controller memory corruption [CVE-2019-11171]
145614Intel Baseboard Management Controller improper authentication
145613Intel Baseboard Management Controller Session session expiration
145612Intel PROSet Wireless WiFi Software privileges management [CVE-2019-11156]
145611Intel PROSet Wireless WiFi Software Directory Permission default permission
145610Intel PROSet Wireless WiFi Software Directory Permission default permission
145609Intel PROSet Wireless WiFi Software DLL memory corruption [CVE-2019-11153]
145608Intel WiFi Driver memory corruption [CVE-2019-11152]
145607Intel WiFi Driver memory corruption [CVE-2019-11151]
145606Intel Xeon Voltage Modulation Interface unusual condition [CVE-2019-11139]
145605Intel Xeon/Atom System Firmware input validation [CVE-2019-11137]
145604Intel Xeon Access Control privileges management [CVE-2019-11136]
145603Intel Graphics Driver Kernel Mode Module memory corruption [CVE-2019-11113]
145602Intel Graphics Driver Kernel Mode Driver privileges management
145601Intel Graphics Drivers Unified Shader Compiler null pointer dereference
145600Intel Graphics Driver input validation [CVE-2019-11089]
145599Intel Core Processor/Xeon Protected Memory Subsystem information disclosure
145598Intel Core Processor/Xeon Protected Memory Subsystem information disclosure
145597Intel Core Processor/Pentium/Celeron/Atom/Xeon privileges management
145596Intel Core Processor/Pentium/Celeron/Atom/Xeon Access Control input validation
145595Intel Xeon System Management Mode memory corruption [CVE-2019-0152]
145594Intel Core Processor/Xeon Memory Protection memory corruption
145593Intel Ethernet 700 Series Controller Access Control authorization
145592Intel Ethernet 700 Series Controller i40e Driver input validation
145591Intel Ethernet 700 Series Controller i40e Driver resource consumption
145590Intel Ethernet 700 Series Controller i40e Driver input validation
145589Intel Ethernet 700 Series Controller i40e Driver resource consumption
145588Intel Ethernet 700 Series Controller i40e Driver buffer overflow
145587Intel Ethernet 700 Series Controller exceptional condition [CVE-2019-0144]
145586Intel Ethernet 700 Series Controller Kernel-Mode Driver exceptional condition
145585Intel Ethernet 700 Series Controller Access Control ilp60x64.sys privileges management
145584Intel Ethernet 700 Series Controller buffer overflow [CVE-2019-0140]
145583Intel Ethernet 700 Series Controller privileges management [CVE-2019-0139]
145582Intel CPU Memory Protection memory corruption [CVE-2019-0124]
145581Intel SGX Memory Protection memory corruption [CVE-2019-0123]
145580Intel SGX/Xeon Memory Subsystem information disclosure [CVE-2019-0117]
145579Cryptocat Message cross site scripting [CVE-2013-4109]
145578Cryptocat Remote Code Execution [CVE-2013-4108]
145577Cryptocat Conversation Overview Nickname cross site scripting
145576Netgear WNDR4700 path traversal [CVE-2013-3073]
145575Netgear WNDR4700 Administration Portal improper authentication
145574Netgear WNDR4700 Management Web Interface Credentials information disclosure
145573Moodle External Enrollment Plugin Context check externallib.php get_enrolled_users improper validation of integrity check value🔒🔒
145572Moodle navigationlib.php load_for_user information disclosure🔒🔒
145571Moodle Web Services input validation [CVE-2012-1168]🔒🔒
145570Moodle Course Information coursetagslib.php information disclosure🔒🔒
145569Moodle Form Subscription unsubscribe permission assignment🔒🔒
145568Moodle lib.php fill_table information disclosure🔒🔒
145567Moodle Gradebook grade_export_form.php definition information disclosure🔒🔒
145566Moodle Repository access.php default permission🔒🔒
145565Moodle Backup log file [CVE-2012-1156]🔒🔒
145564Moodle Database Activity Export Permission export.php export information disclosure🔒🔒
145563klibc DHCP Reply net-$DEVICE.conf command injection🔒🔒
145562Thunar thunar_transfer_job_copy_node format string🔒
145561rsyslog Daemon release of resource [CVE-2011-1490]🔒
145560rsyslog Daemon release of resource [CVE-2011-1489]🔒
145559rsyslog Daemon release of resource [CVE-2011-1488]🔒
145558unixODBC SQLDriverConnect buffer overflow🔒
145557tesseract Link link following [CVE-2011-1136]
145556v86d Kernel authorization [CVE-2011-1070]
145555Google Android Bootloader os command injection [CVE-2019-9467]
145554Google Android Broadcom Wi-Fi Driver input validation [CVE-2019-9466]
145553Huawei Product Message out-of-bounds read [CVE-2019-5294]
145552Huawei Product Message release of resource [CVE-2019-5293]
145551Huawei Honor 10/Honor 8A/Y6 Permission information disclosure
145550ManageOne Gauss100 OLTP Database out-of-bounds read [CVE-2019-5289]
145549Huawei P30 integer overflow [CVE-2019-5288]
145548Huawei P30 integer overflow [CVE-2019-5287]
145547Huawei Smart Phone Bastet Module double free [CVE-2019-5282]
145546Huawei Smart Phone information disclosure [CVE-2019-5279]
145545Exhibitor Web UI Config Editor os command injection [CVE-2019-5029]
145543McAfee Advanced Threat Defense privileges management [CVE-2019-3663]
145542McAfee Advanced Threat Defense here path traversal
145541McAfee Advanced Threat Defense sql injection [CVE-2019-3661]
145540McAfee Advanced Threat Defense privileges management [CVE-2019-3660]
145539McAfee Advanced Threat Defense ePO information disclosure [CVE-2019-3651]
145538McAfee Advanced Threat Defense Credentials information disclosure
145537McAfee Advanced Threat Defense Log File Credentials information disclosure
145536McAfee Threat Intelligence Exchange API improper authorization
145535McAfee Data Loss Prevention ePO Extension Credentials missing encryption
145534ZTE ZXHN H108N information disclosure [CVE-2019-3420]
145533Google Android getCount privileges management
145532Google Android Kernel binder.c binder_transaction privileges management
145531Google Android binder.c binder_free_transaction use after free
145530Google Android poisson_distribution information disclosure
145529Google Android createProjectionMapForQuery sql injection
145528Google Android load_logging_config buffer overflow
145527Google Android BTA_DmPinReply out-of-bounds read
145526Google Android v8 information disclosure [CVE-2019-2208]
145525Google Android nfa_hci_handle_admin_gate_rsp out-of-bounds write
145524Google Android NFC rw_i93_sm_set_read_only out-of-bounds write
145523Google Android SetPacScript use after free
145522Google Android FindSharedFunctionInfo out-of-bounds read
145521Google Android CryptoPlugin.cpp decrypt out-of-bounds write
145520Google Android CryptoPlugin.cpp decrypt out-of-bounds write
145519Google Android jsimd_arm64_neon.S generate_jsimd_ycc_rgb_convert_neon out-of-bounds write
145518Google Android createSessionInternal privileges management
145517Google Android Download Provider sql injection [CVE-2019-2198]
145516Google Android processPhonebookAccess insecure default initialization of resource
145515Google Android Download Provider sql injection [CVE-2019-2196]
145514Google Android sqlite3_android.cpp input validation
145513Google Android Device Policy Client privileges management
145512Google Android Permission input validation
145511Google Android okToConnect privileges management
145510Pomelo State entryHandler.js injection
145509SibSoft Xfilesharing up.cgi unrestricted upload
145508SibSoft Xfilesharing path traversal [CVE-2019-18951]
145507Western Digital My Cloud EX2 Ultra Instruction Pointer buffer overflow
145506Western Digital My Cloud EX2 Ultra out-of-bounds write
145505Western Digital My Cloud EX2 Ultra download_mgr.cgi out-of-bounds write
145504go-camo cross site scripting [CVE-2019-18923]
145503Rise Ultimate Project Manager add_team_member cross-site request forgery
145502Lavalite CMS cross site scripting [CVE-2019-18883]
145501ACRN Device Model core.c assertion
145500FUDForum Stored cross site scripting [CVE-2019-18839]
145499crun Image linux.c link following
145498Parallels Plesk Panel index.htm cross site scripting
145497GNU FriBidi fribidi-bidi.c fribidi_get_par_embedding_levels_ex buffer overflow
145496Phoenix SCT WinFlash Driver privileges management [CVE-2019-18279]
145495Fuji Electric V-Server heap-based overflow [CVE-2019-18240]
145494Blog2Social Plugin post.calendar.php Reflected cross site scripting
145493Technicolor TC7300 wlanAccess.asp cross site scripting
145492Technicolor TC7300 FTPDiag.asp cross site scripting
145491CleanTalk cleantalk-spam-protect Plugin cleantalk-users.php Reflected cross site scripting
145490Enghouse Web Chat Remote File Inclusion information disclosure
145489Enghouse Web Chat cross site scripting [CVE-2019-16950]
145488Enghouse Web Chat Chat Log input validation [CVE-2019-16949]
145487Enghouse Web Chat server-side request forgery [CVE-2019-16948]
145486Texas Instruments CC256x/WL18xx Bluetooth Low Energy buffer overflow
145485Mitsubishi Electric MELSEC-Q/MELSEC-L FTP Service resource consumption
145484SAP BusinessObjects Business Intelligence Platform XML Data input validation
145483SAP Quality Management sql injection [CVE-2019-0393]
145482SAP NetWeaver AS JAVA information disclosure [CVE-2019-0391]
145481SAP Data Hub Connection Manager information disclosure [CVE-2019-0390]
145480SAP NetWeaver Application Server privileges management [CVE-2019-0389]
145479SAP UI5 HTTP Handler authentication spoofing [CVE-2019-0388]
145478SAP ERP Sales/S4HANA Sales/S4CORE Order Proessing authorization
145477SAP Enable Now cross site scripting [CVE-2019-0385]
145476SP Business Intelligence Platform cross site scripting [CVE-2019-0382]
145475vdsm/vdsclient Hostname Validator certificate validation [CVE-2014-8167]
145474JBoss KeyCloak Soft Token cross-site request forgery [CVE-2014-3655]
145473openshift Team Name Stored cross site scripting
145472ProJoom Smart Flash Header upload.php unrestricted upload
145471Netgear WNR3500U/WNR3500L SMB Service path traversal [CVE-2013-4657]
145470Asus RT-AC66U/RT-N56U SMB Service path traversal [CVE-2013-4656]
145469Belkin N900 SMB Service link following [CVE-2013-4655]
145468TP-LINK TL-WDR4300/TL-1043ND path traversal [CVE-2013-4654]
145467Zen Theme template.php zen_breadcrumb cross site scripting
145466Netgear WNR3500U/WNR3500L cross site scripting [CVE-2013-3517]
145465Netgear WNR3500U/WNR3500L CSRF Token cross-site request forgery
145464TRENDnet TEW-691GR/TEW-692GR Telnet Service improper authentication
145463TRENDnet TEW-812DRU Telnet Service broadcom.c cross-site request forgery
145462Verizon FIOS Actiontec MI424WR-GEN3I cross site scripting [CVE-2013-3097]
145461Bitweaver index.php cross site scripting🔒
145460LetoDMS cross-site request forgery [CVE-2012-4385]
145459LetoDMS Login Page/Document Owner/Calendar Stored cross site scripting
145458Ckeditor Module hook_file_download information disclosure
145456phpBB BB Tag cross site scripting [CVE-2011-0544]
145455Trac Workflow Permission default permission [CVE-2010-5108]
145454Pithos link following [CVE-2010-4817]
145453ConsoleKit Security Policy privileges management [CVE-2010-4664]🔒
145452udisks Kernel Module Loader unrestricted upload [CVE-2010-4661]🔒
145451PHP libxml2 release of resource [CVE-2010-4657]
145450Poppler Command injection [CVE-2010-4654]🔒🔒
145449Poppler Font integer overflow [CVE-2010-4653]🔒🔒
145448Offlineimap SSL certificate validation [CVE-2010-4533]
145447Offlineimap SSL Certificate Validator certificate validation
145446McAfee Total Protection Microsoft Windows Client privileges management
145445Lenovo ThinkPad BIOS Tamper Detection authorization [CVE-2019-6188]
145444Lenovo ThinkPad SMI Callback input validation [CVE-2019-6172]
145443Lenovo ThinkPad SMM input validation [CVE-2019-6170]
145442NVIDIA GeForce Experience/Windows GPU Display Driver Local Service Provider untrusted search path
145441Huawei Smartphone insufficient verification of data authenticity
145440Huawei Smartphone improper authentication [CVE-2019-5233]
145439Huawei P30 authorization [CVE-2019-5231]
145438Huawei P20 Pro/P20/Mate RS input validation [CVE-2019-5230]
145437Huawei P30 insufficient verification of data authenticity [CVE-2019-5229]
145436Huawei P30/P30 Pro/V20 Detection Module race condition [CVE-2019-5228]
145435Huawei Honor Play improper authentication [CVE-2019-5213]
145434IBM Spectrum Protect Plus default permission [CVE-2019-4652]
145433Systematic IRIS Standards Management Reflected cross site scripting
145432Systematic IRIS WebForms improper authentication [CVE-2019-18925]
145431Systematic IRIS WebForms path traversal [CVE-2019-18924]
145430json-jwt Gem JWE String input validation [CVE-2019-18848]
145429File Sharing Wizard Structured Exception out-of-bounds write
145428Hitachi Command Suite resource consumption [CVE-2019-17360]
145427TIBCO EBX Digital Asset Manager Web Interface Stored cross site scriting
145426TIBCO EBX Data Exchange Web Interface Stored cross site scriting
145425TIBCO EBX Web Server Reflected cross site scriting
145424igniteup Plugin class-coming-soon-creator.php cross-site request forgery
145423igniteup Plugin class-coming-soon-creator.php Stored cross site scripting
145422igniteup Plugin class-coming-soon-creator.php information disclosure
145421igniteup Plugin class-coming-soon-creator.php input validation
145419ZyXEL P-1302-T10D v3 Access Control authorization [CVE-2019-15815]
145418Microsoft Office Excel input validation [CVE-2019-1457]
145417Slack-Chat Slack Access Token information disclosure [CVE-2019-14367]
145416WP SlackSync Plugin Slack Access Token information disclosure
145415Intercom Plugin Slack Access Token information disclosure [CVE-2019-14365]
145414AUO SunVeillance Monitoring System mvc_send_mail.aspx sql injection
145413AUO SunVeillance Monitoring System Access Control Picture_Manage_mvc.aspx unrestricted upload
145412Microsoft Windows Hyper-V Network Switch input validation [CVE-2019-0719]
145411Hitachi Command Suite information disclosure [CVE-2018-21026]
145410Huawei Smart Phone null pointer dereference [CVE-2017-17224]
145409OpenStack Keystone resource consumption [CVE-2012-1572]🔒🔒
145408mwlib exceptional condition [CVE-2012-1109]
145407atop Temp File link following [CVE-2011-3618]
145406Google Chrome WebKit CSSSelector double free
145405Google Chrome WebKit use after free [CVE-2011-2334]
145404Google Chrome WebKit SVGSMILElement.h double free
145403Google Chrome WebKit null pointer dereference [CVE-2011-1802]
145402Microsoft Windows OpenType Font Parser memory corruption [CVE-2019-1456]
145401Microsoft Office ClickToRun Security Feature privileges management
145400Microsoft Office Excel memory corruption [CVE-2019-1448]
145399Microsoft Office Online Server input validation [CVE-2019-1447]
145398Microsoft Office Excel information disclosure [CVE-2019-1446]
145397Microsoft Office Online Server input validation [CVE-2019-1445]
145396Microsoft SharePoint Server Upload unrestricted upload [CVE-2019-1443]
145395Microsoft SharePoint Server Security Feature privileges management
145394Microsoft Windows Win32k information disclosure [CVE-2019-1440]
145393Microsoft Windows GDI information disclosure [CVE-2019-1439]
145392Microsoft Windows Graphics Component privileges management [CVE-2019-1438]
145391Microsoft Windows Graphics Component privileges management [CVE-2019-1437]
145390Microsoft Windows Win32k information disclosure [CVE-2019-1436]
145389Microsoft Windows Graphics Component privileges management [CVE-2019-1435]
145388Microsoft Windows Win32k privileges management [CVE-2019-1434]
145387Microsoft Windows Graphics Component privileges management [CVE-2019-1433]
145386Microsoft Windows DirectWrite information disclosure [CVE-2019-1432]
145385Microsoft Visual Studio Archive privileges management [CVE-2019-1425]
145384Microsoft Windows NetLogon Security Feature input validation
145383Microsoft Windows StartTileData.dll privileges management [CVE-2019-1423]
145382Microsoft Windows iphlpsvc.dll privileges management [CVE-2019-1422]
145381Microsoft Windows dssvc.dll privileges management [CVE-2019-1420]
145380Microsoft Windows Modules Installer Service information disclosure
145379Microsoft Windows Data Sharing Service privileges management
145378Microsoft Windows Subsystem for Linux race condition [CVE-2019-1416]
145377Microsoft Windows Installer privileges management [CVE-2019-1415]
145376Microsoft Edge Security Feature input validation [CVE-2019-1413]
145375Microsoft Windows OpenType Font Driver ATMFD.dll information disclosure
145374Microsoft Windows DirectWrite information disclosure [CVE-2019-1411]
145373Microsoft Windows Remote Procedure Call information disclosure
145372Microsoft Windows Win32k privileges management [CVE-2019-1408]
145371Microsoft Windows Graphics Component privileges management [CVE-2019-1407]
145370Microsoft Windows JET Database Engine memory corruption [CVE-2019-1406]
145369Microsoft Windows UPnP Service privileges management [CVE-2019-1405]
145368Microsoft Office information disclosure [CVE-2019-1402]
145367Microsoft Windows Hyper-V input validation [CVE-2019-1399]
145366Microsoft Windows Win32k privileges management [CVE-2019-1396]
145365Microsoft Windows Win32k privileges management [CVE-2019-1395]
145364Microsoft Windows Win32k privileges management [CVE-2019-1394]
145363Microsoft Windows Win32k privileges management [CVE-2019-1393]
145362Microsoft Windows Kernel privileges management [CVE-2019-1392]
145361Microsoft Windows input validation [CVE-2019-1391]
145360Microsoft Windows Certificate Dialog privileges management [CVE-2019-1388]
145359Microsoft Windows AppX Deployment Extension privileges management
145358Microsoft Windows Netlogon input validation [CVE-2019-1384]
145357Microsoft Windows Data Sharing Service privileges management
145356Microsoft Windows ActiveX Installer Service privileges management
145355Microsoft Windows Servicing Stack information disclosure [CVE-2019-1381]
145354Microsoft Windows splwow64.exe privileges management
145353Microsoft Windows Data Sharing Service privileges management
145352Microsoft Windows Error Reporting information disclosure [CVE-2019-1374]
145351Microsoft Open Enclave SDK information disclosure [CVE-2019-1370]
145350Microsoft Windows TCP/IP Stack information disclosure [CVE-2019-1324]
145349Microsoft Windows Hyper-V Network Switch input validation [CVE-2019-1310]
145348Microsoft Windows Hyper-V Network Switch input validation [CVE-2019-1309]
145347Microsoft Azure Stack User Portal authentication spoofing [CVE-2019-1234]
145346Microsoft Windows Kernel information disclosure [CVE-2019-11135]
145345Microsoft Windows Hyper-V input validation [CVE-2019-0712]
145344Microsoft Windows input validation [CVE-2018-12207]
145343Microsoft Exchange Server Metadata deserialization [CVE-2019-1373]
145342Microsoft Windows Win32k Graphics memory corruption [CVE-2019-1441]
145341Microsoft Windows Media Foundation memory corruption [CVE-2019-1430]
145340Microsoft Windows OpenType Font Parser memory corruption [CVE-2019-1419]
145339Microsoft Internet Explorer Scripting Engine memory corruption
145338Microsoft Edge/ChakraCore Scripting Engine memory corruption
145337Microsoft Edge/ChakraCore Scripting Engine memory corruption
145336Microsoft Edge/ChakraCore Scripting Engine memory corruption
145335Microsoft Internet Explorer VBScript memory corruption [CVE-2019-1390]
145334Microsoft Windows Hyper-V input validation [CVE-2019-1398]
145333Microsoft Windows Hyper-V input validation [CVE-2019-1397]
145332Microsoft Windows Hyper-V input validation [CVE-2019-1389]
145331Microsoft Windows Hyper-V Switch input validation [CVE-2019-0721]
145330MySQL-GUI-tools Process Password cleartext transmission
145329JBoss BRMS cross site scripting [CVE-2010-3857]
145328Ettercap ec_gtk_conf.c sscanf buffer overflow🔒🔒
145327babiloo Dictionary File code download [CVE-2010-3440]
145326alien-arena Download input validation [CVE-2010-3439]
145325libpoe-component-irc-perl Line Feed format string [CVE-2010-3438]
145324gargoyle-free input validation
145323Pixelpost cross-site request forgery [CVE-2010-3305]
145322Ruby on Rails Padding missing encryption [CVE-2010-3299]
145321Mailscanner Configuration missing encryption [CVE-2010-3292]
145320Mailscanner Incomplete Fix link following [CVE-2010-3095]
145319ZNC Connection null pointer dereference [CVE-2010-2488]
145318Istio infinite loop [CVE-2019-18817]
145317Helm Chart link following [CVE-2019-18658]
145316Mitel MiCollab/MiVoice Business Express Web Conference Chat authorization
145315Python Twisted HTTP Client certificate validation [CVE-2014-7143]
145314HornetQ REST XML Data xml external entity reference [CVE-2014-3599]
145313Pacemaker Temp File link following [CVE-2011-5271]
145312statusnet cross site scripting [CVE-2011-3370]
145311Elgg sql injection [CVE-2011-2936]
145310Elgg cross site scripting [CVE-2011-2935]
145309gdk-pixbuf GIF input validation [CVE-2011-2897]🔒
145308WSO2 IS as Key Manager Content-Type download-userinfo.jag Stored cross site scripting
145307WSO2 IS as a Key Manager Dashboard Reflected cross site scripting
145306python-psutil refcount double free [CVE-2019-18874]
145305FUDForum admsession.php Stored cross site scripting
145304GNU Mailutils maidag privileges management [CVE-2019-18862]
145303darylldoyle svg-sanitizer Attribute input validation [CVE-2019-18857]
145302SVG Sanitizer Module input validation [CVE-2019-18856]
145301safe-svg input validation [CVE-2019-18855]
145300safe-svg recursion [CVE-2019-18854]
145299ImageMagick SVG svg.c input validation
145298D-Link DIR-890L A1 Telnet Service image_sign hard-coded credentials
145297tnef Attachment authorized_keys out-of-bounds read
145296Chartkick Gem Prototype input validation [CVE-2019-18841]
145295Envoy continue_on_listener_filters_timeout infinite loop
145294Patriot Viper RGB Driver MsIo64.sys ZwMapViewOfSection privileges management
145293wolfSSL ASN.1 Certificate asn.c out-of-bounds write
145292NVIDIA GeForce Experience GameStream untrusted search path [CVE-2019-5701]
145291NVIDIA Virtual GPU Manager vGPU Plugin input validation [CVE-2019-5698]
145290NVIDIA Virtual GPU Manager Guest Access authorization [CVE-2019-5697]
145289NVIDIA Virtual GPU Manager Guest VM out-of-bounds read [CVE-2019-5696]
145288NVIDIA Windows GPU Display Driver DLL Loader untrusted search path
145287NVIDIA Windows GPU Display Driver Kernel Mode Layer nvlddmkm.sys uninitialized pointer
145286NVIDIA Windows GPU Display Driver Kernel Mode Layer nvlddmkm.sys DxgkDdiEscape input validation
145285NVIDIA Windows GPU Display Driver Kernel Mode Layer nvlddmkm.sys DxgkDdiEscape null pointer dereference
145284NVIDIA Windows GPU Display Driver Kernel Mode Layer nvlddmkm.sys DxgkDdiEscape input validation
145283NVIDIA GeForce Experience Downloader input validation [CVE-2019-5689]
145282IBM Cognos Analytics Web UI cross site scripting [CVE-2019-4645]
145281IBM QRadar Web UI cross site scripting [CVE-2019-4581]
145280IBM QRadar Advisor Blacklist input validation [CVE-2019-4556]
145279IBM QRadar authorization [CVE-2019-4509]
145278IBM QRadar Web UI cross site scripting [CVE-2019-4470]
145277IBM QRadar Web UI cross site scripting [CVE-2019-4454]
145276IBM i Web UI cross site scripting [CVE-2019-4450]
145275IBM Cognos Controller URL information disclosure [CVE-2019-4412]
145274IBM Cognos Controller Session Identifier information disclosure
145273IBM Cognos Analytics information disclosure [CVE-2019-4334]
145272openstack-mistral Log File information disclosure [CVE-2019-3866]
145271ZTE ZXUPN-9000E input validation [CVE-2019-3426]
145270ZTE ZXUPN-9000E Change Password default permission [CVE-2019-3425]
145269EnergyCAP Public Dashboard privileges management [CVE-2019-18623]
145268codepress-admin-columns Plugin CSV injection [CVE-2019-17661]
145267JEUS Administration Web Page path traversal [CVE-2019-17327]
145266Brocade SANnav Log Password log file
145265Brocade SANnav SSL ReportsTrustManager certificate validation
145264Brocade SANnav PBE risky encryption [CVE-2019-16208]
145263Brocade SANnav Back-End Database hard-coded credentials [CVE-2019-16207]
145262Brocade SANnav Authentication Mechanism log file [CVE-2019-16206]
145261Brocade SANnav Session ID Random random values
145260Syndesis unknown vulnerability [CVE-2019-14860]
145259389-ds-base deref Plugin Password use after free
145258Tasy EMR WebPortal information disclosure [CVE-2019-13557]
145257Medtronic Valleylab Exchange Client hard-coded credentials [CVE-2019-13543]
145256Medtronic Valleylab Exchange Client Password Hashing input validation
145255Medtronic Valleylab LS10 Energy Platform RFID protection mechanism
145254Medtronic Valleylab LS10 Energy Platform RFID improper authentication
145253Apache Arrow Parquet null pointer dereference [CVE-2019-12410]
145252Apache Arrow Array null pointer dereference [CVE-2019-12408]
145251Ceph RGW Client Beast Front End resource consumption [CVE-2019-10222]
145250Hibernate-Validator SafeHtml Validator cross site scripting [CVE-2019-10219]
145249IBM Cognos Analytics Web Server xml injection [CVE-2018-1721]
145248mod_ruid2 Descriptor input validation [CVE-2013-1889]
145247tuned ktune Service input validation [CVE-2013-1820]
145246qpid-cpp Message input validation [CVE-2009-5004]
145245dtc-xen race condition [CVE-2009-4011]
145244liboping input validation [CVE-2009-3614]
145243Red Hat Enterprise Virtualization Manager SSL Certificate Verification Service certificate validation
145242MantisBT Attachment cross site scripting [CVE-2009-2802]
145241alsa-utils alsa-info link following
145240Troubleshooting/Support Tools Plugin Log Scan authorization [CVE-2019-15005]
145239HP Inkjet Printer Print File assertion [CVE-2019-6337]
145238Dell EMC iDRAC8/iDRAC9 Password improper authorization [CVE-2019-3764]
145237Rob Richards XmlSecLibs Signature input validation [CVE-2019-3465]
145236ZTE MF910S One Click Update Tool Password information disclosure
145235Matrix Synapse Signature send_join signature verification
145234Eximious Logo Designer User Mode BuildGradientColorsTable+0x0000000000000053 out-of-bounds write
145233Eximious Logo Designer out-of-bounds write [CVE-2019-18820]
145232Eximious Logo Designer User Mode out-of-bounds write [CVE-2019-18819]
145231strapi Password Reset Auth.js password recovery
145230PopojiCMS Stored cross site scripting [CVE-2019-18816]
145229PopojiCMS redirect [CVE-2019-18815]
145228Linux Kernel audit.c aa_label_parse use after free
145227Linux Kernel dwc3-pci.c dwc3_pci_probe resource consumption
145226Linux Kernel debug.c sof_dfsentry_write resource consumption
145225Linux Kernel ipc.c sof_set_get_large_ctrl_data resource consumption
145224Linux Kernel komeda_wb_connector.c komeda_wb_connector_add resource consumption
145223Linux Kernel af9005.c af9005_identify_state resource consumption
145222Linux Kernel ccp-ops.c ccp_run_sha_cmd resource consumption
145221Linux Kernel sja1105_spi.c sja1105_static_config_upload resource consumption
145220Linux Kernel qla3xxx.c ql_alloc_large_buffers resource consumption
145219Linux Kernel sysctl_net_ipv4.c tcp_ack_update_rtt integer overflow
145218DjVuLibre IW44EncodeCodec.cpp filter_fv null pointer dereference
145217eyecomms eyeCMS Assignment authorization [CVE-2019-17605]
145216eyecomms eyeCMS input validation [CVE-2019-17604]
145215Intelbras WRN 150 WAN Configuration Screen Stored cross site scripting
145214Portainer cross site scripting [CVE-2019-16878]
145213Portainer Access Control permission assignment [CVE-2019-16877]
145212Directory Portainer path traversal [CVE-2019-16876]
145211Portainer Access Control permission assignment [CVE-2019-16874]
145210Portainer cross site scripting [CVE-2019-16873]
145209Portainer Access Control permission assignment [CVE-2019-16872]
145208PHPOffice PhpSpreadsheet XML Data std_table.php xml external entity reference
145207HPE Nimble Storage System Multi Array Group privileges management
145206GNUBOARD5 board_form_update.php cross site scripting
145205MantisBT Access Control input validation [CVE-2013-1811]🔒🔒
145204Gambas link following [CVE-2013-1809]
145203Monkeyd Log File master.log log file
145202Twiki input validation [CVE-2013-1751]🔒
145201lintian link following [CVE-2013-1429]
145200Mahara TinyMCE Editor wysiwyg.php cross site scripting
145199ldap-git-backup Directory Permission Password default permission
145198Tahoe-LAFS input validation [CVE-2012-0051]
145197OpenTTD Join resource consumption [CVE-2012-0049]🔒🔒
145196Google Chrome WebKit Timer.cpp exceptional condition
145195Google Chrome WebKit replaceDocument use after free
145194Google Chrome Blink type conversion [CVE-2011-2337]
145193Google Chrome Blink AnimationControllerPrivate exceptional condition
145192syscp input validation [CVE-2010-2476]
145191Drupal Session Lockout input validation [CVE-2010-2473]
145190Drupal Locale Module/Dependent Contributed Module cross site scripting
145189Shibboleth SP Private Key information disclosure
145188Gource Log File gource-$UID.tmp input validation
145187gitolite Path Name Filter input validation [CVE-2010-2447]
145186Drupal Site Installation cross site scripting [CVE-2010-2250]
145185Linux Kernel clocksource.c input validation
145184gri Temp File exposure of resource [CVE-2008-7291]
145183FireGPG cleartext storage [CVE-2008-7272]
145182JON information disclosure [CVE-2008-5083]
145181frysk f insecure default initialization of resource
145180ClamAV ScanOLE2 Floating Point Remote Code Execution
145179ViewVC Access Control permission assignment [CVE-2007-5743]
145178Mondo Temp File exposure of resource [CVE-2007-3915]
145177Linux Kernel iret_exc denial of service
145176Xorux lpar2rrd/stor2rrd os command injection [CVE-2019-19041]
145175WebKit putToPrimitive Universal cross site scriting
145174Atlassian Jira Service Desk Server Customer Context Filter path traversal
145173Atlassian Jira Service Desk Server Customer Context Filter authorization
145172NiceHash Miner Error Message information disclosure [CVE-2019-6122]
145171NiceHash Miner Authorization authorization [CVE-2019-6121]
145170NiceHash Miner Wallet input validation [CVE-2019-6120]
145169Computing For Good's Basic Laboratory Information System Access Control privileges management
145168Computing For Good's Basic Laboratory Information System Access Control User improper authentication
145167Rapid7 Metasploit Pro Web Interface permission assignment [CVE-2019-5642]
145166Computing For Good's Basic Laboratory Information System Access Control password recovery
145165LEADTOOLS JPEG2000 Parser out-of-bounds write [CVE-2019-5125]
145164LEADTOOLS Header Parsing integer overflow [CVE-2019-5100]
145163LEADTOOLS CMP Parser integer overflow [CVE-2019-5099]
145162LEADTOOLS TIF Parser out-of-bounds write [CVE-2019-5084]
145161Qualcomm Snapdragon Auto memory corruption [CVE-2019-2332]
145160Qualcomm Snapdragon Auto integer overflow [CVE-2019-2331]
145159Qualcomm Snapdragon Auto ADSP array index [CVE-2019-2325]
145158Qualcomm Snapdragon Auto ADSP memory corruption [CVE-2019-2324]
145157Qualcomm Snapdragon Auto Crypto Engine use of uninitialized resource
145156Qualcomm Snapdragon Auto Vendor Command integer overflow [CVE-2019-2302]
145155Qualcomm Snapdragon Auto out-of-bounds write [CVE-2019-2285]
145154Qualcomm Snapdragon Auto memory corruption [CVE-2019-2283]
145153Qualcomm Snapdragon Auto Key Blob input validation [CVE-2019-2275]
145152Qualcomm Snapdragon Auto Array Index array index [CVE-2019-2258]
145151Qualcomm Snapdragon Auto Kernel out-of-bounds read [CVE-2019-2249]
145150Qualcomm Snapdragon Auto Thread memory corruption [CVE-2019-2246]
145149Viber input validation [CVE-2019-18800]
145148LibSass parser_selectors.cpp parseCompoundSelector null pointer dereference
145147LibSass ast_sel_weave.cpp weaveParents out-of-bounds read
145146LibSass eval.cpp Binary_Expression*) recursion
145145Zoho ManageEngine ADSelfService Plus User Profile Page cross-site request forgery
145144Samsung Galaxy S8 Plus/Galaxy S3/Galaxy Note 2/Exynos 4412 Bluetooth information disclosure
145143Samsung Galaxy S8 Plus/Galaxy S3/Galaxy Note 2/Exynos 4412 Bluetooth injection
145142Quest KACE Systems Management Appliance Server Center ticket_associated_tickets.php cross site scripting
145141Quest KACE Systems Management Appliance Server Center cross site scripting
145140Quest KACE Systems Management Appliance Server Center history_log.php sql injection
145139Quest KACE Systems Management Appliance Server Center user_profile.php sql injection
145138Quest KACE Systems Management Appliance Server Center sam_detail_titled.php cross site scripting
145137Quest KACE Systems Management Appliance Server Center ticket_list.php sql injection
145136Quest KACE Systems Management Appliance Server Center software_library.php sql injection
145135Quest KACE Systems Management Appliance Server Center software_library.php Reflected cross site scripting
145134Apache CXF Access Token Service improper authentication [CVE-2019-12419]
145133Apache CXF Attachment resource consumption [CVE-2019-12406]
145132Qualcomm Snapdragon Auto Sensor Power double free [CVE-2019-10565]
145131Qualcomm Snapdragon Auto Header out-of-bounds read [CVE-2019-10542]
145130Qualcomm Snapdragon Auto FLV Clip memory corruption [CVE-2019-10541]
145129Qualcomm Snapdragon Auto Super Index Entry null pointer dereference
145128Qualcomm Snapdragon Auto Array Index array index [CVE-2019-10533]
145127Qualcomm Snapdragon Auto buffer overflow [CVE-2019-10531]
145126Qualcomm Snapdragon Auto Entry Page set_page_dirty race condition
145125Qualcomm Snapdragon Auto mdlog Session use after free [CVE-2019-10528]
145124Qualcomm Snapdragon Auto clk Driver use after free [CVE-2019-10524]
145123Qualcomm Snapdragon Auto buffer overflow [CVE-2019-10522]
145122Qualcomm Snapdragon Auto DCI Client use after free [CVE-2019-10515]
145121Qualcomm Snapdragon Auto Audio array index [CVE-2019-10512]
145120Qualcomm Snapdragon Auto IE Measurement out-of-bounds read [CVE-2019-10505]
145119Qualcomm Snapdragon Auto EXT Response resource consumption [CVE-2019-10504]
145118Qualcomm Snapdragon Compute Camera Module buffer overflow [CVE-2019-10502]
145117Qualcomm Snapdragon Auto Data Structure buffer overflow [CVE-2019-10496]
145116Qualcomm Snapdragon Auto HEVC Encoding/AVC Encoding input validation
145115Qualcomm Snapdragon Auto ADSP buffer overflow [CVE-2019-10491]
145114Qualcomm Snapdragon Auto Chunk Parser null pointer dereference
145113MailPoet Newsletters Plugin Spam privileges management [CVE-2018-20853]
145111Progress Sitefinity CMS cross site scripting [CVE-2017-18639]
145110Aruba ClearPass Policy Manager Credentials insufficiently protected credentials
145109Pagure Attachment Endpoint cross site scripting [CVE-2016-1000037]🔒🔒
145108Technicolor C2000T/C2100T hard-coded credentials [CVE-2015-7276]🔒🔒
145107WP Marketplace Plugin cart.php ajaxinit path traversal
145106WP Marketplace Plugin cart.php ajaxinit input validation
145105Red Hat Enterprise Linux Kernel initialization [CVE-2014-8181]
145104Linux Kernel compat.c restart_syscall out-of-bounds read [Disputed]
145103TYPO3 Access Control ExtDirect input validation🔒
145102TYPO3 RemoveXSS cross site scripting🔒
145101TYPO3 Webserver input validation [CVE-2011-4902]🔒
145100TYPO3 Database information disclosure [CVE-2011-4901]🔒
145099TYPO3 Backend information disclosure [CVE-2011-4900]🔒
145098TYPO3 tcemain Flash Message cross site scripting [CVE-2011-4632]🔒
145097TYPO3 System Extension Recycler cross site scripting [CVE-2011-4631]🔒
145096TYPO3 browse_links Wizard cross site scripting [CVE-2011-4630]🔒
145095TYPO3 Admin Panel cross site scripting [CVE-2011-4629]🔒
145094TYPO3 Backend improper authentication [CVE-2011-4628]🔒
145093TYPO3 Backend information disclosure [CVE-2011-4627]🔒
145092TYPO3 typolink cross site scripting🔒
145091SimpleSAMLphp XML Encryption exceptional condition [CVE-2011-4625]🔒
145090Google Chrome WebKit input validation [CVE-2011-2808]
145089Google Chrome WebKit fillRect integer overflow
145088MySQL-GUI-tools Text Console Password insufficiently protected credentials
145087Drupal redirect [CVE-2010-2471]
145086Rbot Reaction Plugin input validation [CVE-2010-2446]
145085makepasswd insecure default initialization of resource [CVE-2010-2247]
145084Konversation input validation [CVE-2009-5050]
145083Jetty WebApp JSP Snoop Page cross site scripting [CVE-2009-5049]
145082Jetty Cookie Dump Servlet Stored cross site scripting
145081Jetty JSP Dump Servlet/Session Dump Servlet cross site scripting
145080Jetty Dump Servlet information disclosure [CVE-2009-5045]
145079Samba AD DC LDAP Server null pointer dereference [CVE-2019-14847]
145078Samba Password Complexity weak password [CVE-2019-14833]
145077Samba Client path traversal [CVE-2019-10218]
145076Magento Xpath xml injection [CVE-2019-8158]
145075Magento Download Link Stored cross site scripting
145074Magento Configuration server-side request forgery [CVE-2019-8156]
145073Magento Product Stored cross site scripting
145072Magento Design Configuration Stored cross site scripting
145071Linux Kernel rcar_drif.c rcar_drif_g_fmt_sdr_cap Memory information disclosure
145070SuiteCRM sql injection [CVE-2019-18784]
145069Joomla CMS Access Check Path authorization
145068Joomla CMS com_template cross-site request forgery [CVE-2019-18650]
145066ClamAV fsg.c out-of-bounds write
145065archivemail Temp File race condition [CVE-2006-4245]
145064Linux Kernel privileges management [CVE-2006-4243]
145063termpkg memory corruption [CVE-2006-3100]
145062xlockmore missing authentication [CVE-2006-0062]
145061xlockmore libpam-opensc missing authentication [CVE-2006-0061]
145060Magento HTML Comment cross site scripting [CVE-2019-8233]
145059Magento Import input validation [CVE-2019-8232]
145058Magento Layout input validation [CVE-2019-8231]
145057Magento Config Setting input validation [CVE-2019-8230]
145056Magento Product Attribute input validation [CVE-2019-8229]
145055Magento Transaction Mail Page cross site scripting [CVE-2019-8228]
145054Magento Profile cross site scripting [CVE-2019-8227]
145053Magento os command injection [CVE-2019-8159]
145052Magento CSRF Token information disclosure [CVE-2019-8155]
145051Magento Product Catalog input validation [CVE-2019-8154]
145050Magento escapeURL cross site scripting
145049Magento Admin Dashboard blockDirective Stored cross site scripting
145048Magento Shippment server-side request forgery [CVE-2019-8151]
145047Magento Page Layout input validation [CVE-2019-8150]
145046Magento Session Management session fixiation [CVE-2019-8149]
145045Magento Page Builder Stored cross site scripting
145044Magento Customer Attribute Stored cross site scripting
145043Magento Customer Attribute Stored cross site scripting
145042Magento PageBuilder Template input validation [CVE-2019-8144]
145041Magento Email Template Stored sql injection
145040Magento Order Stored cross site scripting
145039Magento Phar Deserialization deserialization [CVE-2019-8141]
145038Magento Synchronization unrestricted upload [CVE-2019-8140]
145037Magento Page Builder Stored cross site scripting
145036Magento API Endpoint Stored cross site scripting
145035Magento Layout input validation [CVE-2019-8137]
145034Magento Symphony Framework Remote Code Execution [CVE-2019-8136]
145033Magento Symphony Framework injection [CVE-2019-8135]
145032Magento Email Template sql injection [CVE-2019-8134]
145031Magento Sitemap input validation [CVE-2019-8133]
145030Magento Inventory Source Stored cross site scripting
145029Magento Database Connection sql injection [CVE-2019-8130]
145028Magento Expression Stored cross site scripting
145027Magento Main Website Name Stored cross site scripting
145026Magento Newsletter Template sql injection [CVE-2019-8127]
145025Magento XML Data xml entity expansion [CVE-2019-8126]
145024Magento Configuration Parameter input validation [CVE-2019-8125]
145023Magento Log insufficient verification of data authenticity [CVE-2019-8124]
145022Magento Log input validation [CVE-2019-8123]
145021Magento Layout Update input validation [CVE-2019-8122]
145020Magento Bootstrap/jquery/Knockout privileges management [CVE-2019-8121]
145019Magento Customer Email Address Stored cross site scripting
145018Magento Bulk Product Import input validation [CVE-2019-8119]
145017Magento cleartext storage [CVE-2019-8118]
145016Magento Product View Stored cross site scripting
145015Magento Session Management improper authentication [CVE-2019-8116]
145014Magento Product Reflected cross site scripting
145013Magento Import unrestricted upload [CVE-2019-8114]
145012Magento Random Number Generator weak prng [CVE-2019-8113]
145011Magento Email Confirmation insufficient verification of data authenticity
145010Magento Plugin input validation [CVE-2019-8111]
145009Magento Template Hierarchy input validation [CVE-2019-8110]
145008Magento cross-site request forgery [CVE-2019-8109]
145007Magento Session Management improper authentication [CVE-2019-8108]
145006Magento Export Data input validation [CVE-2019-8107]
145005Magento unrestricted upload [CVE-2019-8093]
145004Magento Email Template Preview Reflected cross site scripting
145003Magento Layout Update input validation [CVE-2019-8091]
145002Magento Design Layout denial of service [CVE-2019-8090]
145001Forcepoint Email Security cross site scripting [CVE-2019-6142]
145000Investintech Able2Extract Professional out-of-bounds write [CVE-2019-5089]
144999Investintech Able2Extract Professional out-of-bounds write [CVE-2019-5088]
144998X11 Mesa 3D Graphics Library Shared Memory permission assignment
144997Cisco Firepower Threat Defense Software HTTP Traffic Filter default permission
144996Cisco Firepower Threat Defense Software Normalization improper authentication
144995Cisco Firepower Threat Defense Software Protocol Detection improper authentication
144994Cisco Firepower Threat Defense Software Stream Reassembly improper authentication
144993Veritas InfoScale Cluster Server os command injection [CVE-2019-18780]
144992Cisco Enterprise Chat/Email HTTP API information disclosure [CVE-2019-1877]
144991ClamAV out-of-bounds read [CVE-2019-1789]
144990Cisco FXOS/NX-OS CLI Diagnostics information disclosure [CVE-2019-1734]
144989HP Device Boot input validation [CVE-2019-16284]
144988Cisco TelePresence Advanced Media Gateway Web Application input validation
144987ClamAV ZIP Bomb denial of service
144986Apache Impala Random Number Generator missing authentication
144985CloakCoin Header resource consumption [CVE-2018-19167]
144984peercoin Header resource consumption [CVE-2018-19166]
144983neblio Header resource consumption [CVE-2018-19165]
144982reddcoin Header resource consumption [CVE-2018-19164]
144981stratisX Header resource consumption [CVE-2018-19163]
144980Divi Header resource consumption [CVE-2018-19162]
144979alqo Header resource consumption [CVE-2018-19161]
144978Diamond Header resource consumption [CVE-2018-19160]
144977lux Header resource consumption [CVE-2018-19159]
144976Phore Header resource consumption [CVE-2018-19157]
144975PIVX Header resource consumption [CVE-2018-19156]
144974navcoin Header resource consumption [CVE-2018-19155]
144973HTMLCOIN Header resource consumption [CVE-2018-19154]
144972particl Header resource consumption [CVE-2018-19153]
144971emercoin Header resource consumption [CVE-2018-19152]
144970Dovecot SSL/TLS Key permission assignment [CVE-2016-4983]🔒
144969Horde Groupware Webmail Edition basic.php cross-site request forgery
144968ISC BIND DNS Response Rate Cache Poisoning authentication spoofing
144967Python PIP DNS Query improper authentication [CVE-2013-5123]🔒🔒
144966Google Chrome WebKit type conversion [CVE-2011-1460]
144965Google Chrome Blink htmlpluginelement.cpp handleEvent resource consumption
144964Serendipity Xinha manager.php cross site scripting
144963Serendipity Xinha unrestricted upload [CVE-2011-1134]
144962Serendipity Xinha backend.php cross site scripting
144961TYPO3 Frontend Search Box cross site scripting [CVE-2010-3674]🔒
144960TYPO3 HTML Mailing API information disclosure [CVE-2010-3673]🔒
144959TYPO3 extbase Extension cross site scripting [CVE-2010-3672]🔒
144958TYPO3 session fixiation [CVE-2010-3671]🔒
144957TYPO3 Forgot Password Random inadequate encryption🔒
144956Red Hat 389 Directory Server Search Query _ger_parse_control null pointer dereference
144955Nvu Mozilla XPCOM Remote Code Execution [CVE-2005-2354]
144954Centrify Authentication/Privileged Elevation Services deserialization
144953Lightbend Play Framework play-ws Credentials insufficiently protected credentials
144952PhantomJS file:/ file access
144951ARM Mbed OS CoAP Library sn_coap_parser_options_parse out-of-bounds write
144950ARM Mbed OS CoAP Library sn_coap_builder_calc_needed_packet_data_size_2 integer overflow
144949Oxid eShop Admin Panel session fixiation [CVE-2019-17062]
144947gdm3 Screen Lock information disclosure [CVE-2016-1000002]
144946Nokogiri XML Entity xml entity expansion [CVE-2013-6461]
144945Nokogiri Gem XML Document xml entity expansion [CVE-2013-6460]
144944Horde Groupware Webmail Edition Permission edit.php cross-site request forgery
144943Horde Groupware Webmail Edition Virtual Address Book search.php cross-site request forgery
144942Cryptocat Chat User List information disclosure [CVE-2013-4110]
144941Cryptocat cryptocat.js handlePresence cross site scripting
144940Open Build Service TLS Certificate Validation certificate validation
144939kube-state-metrics Annotation information disclosure [CVE-2019-10223]
144848ARP-GUARD forgot1 sql injection
144847FreeRTOS FATFS ff_file.c FF_Close use after free
144846ARM Mbed OS MQTT Library readMQTTLenString input validation
144845One Identity Cloud Access Manager cross-site request forgery
144844One Identity Cloud Access Manager OTP improper validation of integrity check value
144843php-gettext Plural Form Formula input validation [CVE-2015-8980]🔒
144842Python Software Foundation Djblets eval input validation🔒🔒
144841RHQ Mongo DB Drift Server Temp File exposure of resource [CVE-2013-4374]
144840Redhat vsdm Temp File exposure of resource [CVE-2013-4280]
144839SciPy scipy.weave tmp privileges management🔒🔒
144838Cryptocat Multiparty Encryption Scheme information disclosure
144837Cryptocat Entropy Cryptocat.random entropy
144836Cryptocat Firefox Conversation Overview input validation [CVE-2013-2259]
144835Cryptocat Nickname Impersonation authentication spoofing
144834Cryptocat Key Generation excessive authentication [CVE-2013-2257]
144833TYPO3 Frontend Login Box redirect [CVE-2010-3669]🔒
144832TYPO3 Download Header Injection injection🔒
144831TYPO3 Form Spam input validation🔒
144830TYPO3 uniqid Random random values🔒
144829TYPO3 Extension Manager cross site scripting [CVE-2010-3665]🔒
144828TYPO3 Backend information disclosure [CVE-2010-3664]🔒
144827TYPO3 Backend unrestricted upload [CVE-2010-3663]🔒
144826TYPO3 Backend sql injection [CVE-2010-3662]🔒
144825shadow/sudo Session input validation [CVE-2005-4890]🔒
144824sudo Descriptor 3 race condition
144823Linux Kernel V4L2 Subsystem vivid vivid_stop_generating_vid_cap race condition
144822Linux Kernel tcp.c rds_tcp_kill_sock null pointer dereference
144821SAP HANA Database input validation [CVE-2019-0350]
144820360 Safe Router Background Process injection [CVE-2018-19031]
144818JBoss AeroGear Reflected cross site scripting [CVE-2014-3649]
144817Red Hat Update Infrastructure PKI information disclosure [CVE-2013-4518]
144816CloudForms Password Storage insufficiently protected credentials
144815slim crypt null pointer dereference
144814Cryptocat Socialist Millionnaire Protocol inadequate encryption
144813Cryptocat input validation [CVE-2013-4103]
144812Cryptocat strophe.js Math.random Random random values
144811Cryptocat Link Markup Decorator addLinks input validation
144810Cryptocat input validation [CVE-2013-4100]
144809Cryptocat strophe.js information disclosure
144808Cryptocat Extension keygen.gif information disclosure
144807SHIFT BitBox02 OLED Display information disclosure [CVE-2019-18673]
144806Currency Switcher Addon input validation [CVE-2019-18668]
144805freeradius3 for pfSense freeradius_view_config.php cross site scripting
144804SECUDOS DOMOS Log Module path traversal [CVE-2019-18665]
144803SECUDOS DOMOS Log Module cross site scripting [CVE-2019-18664]
144802YouPHPTube getChat.json.php sql injection
144801Hyundai Pay Kasse HK-1000 OLED Display information disclosure
144800Archos Safe-T OLED Display information disclosure [CVE-2019-14358]
144799F5 BIG-IP AFM AFM Configuration Utility sql injection [CVE-2019-6658]
144798F5 BIG-IP Traffic Management User Interface Reflected cross site scripting
144797Red Hat Linux Enterprise DHCP denial of service [CVE-2019-6470]
144796Fastweb FASTgate Administration Console check_pwd information disclosure
144795Facebook WhatsApp Wireless Emergency Alerts Protocol risky encryption
144794AVG Antivirus SSID Name cross site scripting [CVE-2019-18654]
144793Avast Antivirus SSID Name cross site scripting [CVE-2019-18653]
144792Nexus Repository Manager os command injection
144791Symantec SONAR Tamper Protection default permission [CVE-2019-12752]
144790ovirt-engine os.chmod permission assignment
144789SmokePing Time Field cross site scripting [CVE-2013-4168]🔒🔒
144788OpenStack Keystone/OpenStack Compute SSL Certificate Validator HTTPSConnections certificate validation
144787GLPI common.tabs.php input validation🔒
144786Foswiki Maketext Macro code injection [CVE-2013-1666]🔒
144785Red Hat ManageIQ EVM cross site scripting [CVE-2013-0186]
144784Redis Temp File redis.ds input validation
144783Redis Temp File redis-%p.vm input validation
144782openshift Temp File input validation
144781FreeBSD nsd resource transfer [CVE-2012-2979]🔒🔒
144780Apache Struts ParameterInterceptor permission assignment🔒
144779TYPO3 Backend redirect [CVE-2010-3661]🔒
144778TYPO3 Backend cross site scripting [CVE-2010-3660]🔒
144777gs-gpl Addon Script race condition [CVE-2005-2352]
144776Mutt Temp File exposure of resource [CVE-2005-2351]
144775websieve Web User Interface cross site scripting [CVE-2005-2350]
144774Jitbit .NET Forum Gravatar cross site scripting [CVE-2019-18636]
144773Infosysta In-App / Desktop Notifications App Project NotificationSettings information disclosure
144772Infosysta In-App / Desktop Notifications App Project ProjectFilter information disclosure
144771php-symfony2-Validator Serialization input validation [CVE-2013-4751]🔒🔒
144770Evince input validation [CVE-2013-3718]
144769minidlna memory corruption [CVE-2013-2739]
144768minidlna sql injection [CVE-2013-2738]
144767MiniUPnPd Minissdp.c snprintf information disclosure
144766Twiki Include injection🔒
144765YouPHPTube sql injection [CVE-2019-5151]
144764YouPHPTube VideoTags Plugin sql injection [CVE-2019-5150]
144763Tempo Plugin Permission authorization [CVE-2019-5095]
144762AMD ATI Radeon Pixel Shader ATIDXX64.DLL out-of-bounds write
144761Google Nest Cam IQ Indoor resource consumption [CVE-2019-5043]
144760Rainbow PDF Office Server Document Converter PowerPoint Document Conversion parse out-of-bounds write
144759grsecurity PaX Patch kmem read_kmem release of resource
144758Python X.509 Certificate null pointer dereference [CVE-2019-5010]🔒
144757ClickHouse Header Injection injection [CVE-2019-18657]
144756Technicolor TD5130v2 Web Interface mnt_ping.cgi os command injection
144755Honeywell IP Camera Audio Stream missing authentication [CVE-2019-18230]
144754Advantech WISE-PaaS/RMM sql injection [CVE-2019-18229]
144753Honeywell IP Cameras input validation [CVE-2019-18228]
144752Advantech WISE-PaaS/RMM XML Data xml external entity reference
144751Honeywell IP Cameras authentication replay [CVE-2019-18226]
144750Infosysta In-App / Desktop Notifications App UserFilter Username improper authentication
144749Infosysta In-App / Desktop Notifications App PushNotification improper authentication
144748Phoenix Contact PC Worx/PC Worx Express/Config+ Config+ Project File input validation CentOS Web Panel filemanager2.php Stored cross site scripting
144746Fortinet FortiExtender CLI Admin Console os command injection
144745Coldcard MK1/MK2 OLED Display information disclosure [CVE-2019-14356] [Disputed]
144744Advantech WISE-PaaS/RMM path traversal [CVE-2019-13551]
144743Advantech WISE-PaaS/RMM authorization [CVE-2019-13547]
144742FreeTDS memory corruption [CVE-2019-13508]
144741Sierra Wireless AirLink ES450 ACEManager upload.cgi improper authentication
144740CUJO Smart Firewall Safe Browsing code injection [CVE-2018-4031]
144739CUJO Smart Firewall mdnscap recursion [CVE-2018-4002]
144738Atlantis Word Processor Word Document Parser uninitialized pointer
144737CHICKEN Incomplete Fix buffer overflow [CVE-2013-2075]
144736CHICKEN utils Module qs os command injection🔒
144735autojump privileges management [CVE-2013-2012]
144734MediaWiki Lua cross site scripting [CVE-2013-1951]🔒🔒
144733ruby193 unknown vulnerability [CVE-2013-1945]
144732MantisBT Configuration Report Page adm_config_report.php cross site scripting🔒🔒
144731MantisBT Configuration Report Page adm_config_report.php cross site scripting🔒
144730MantisBT manage_proj_ver_delete.php cross site scripting🔒🔒
144729MantisBT Workflow input validation [CVE-2013-1930]🔒🔒
144728yum Metadata input validation
144727CHICKEN Hash Table Collision input validation
144726CHICKEN Random Number Generator weak prng [CVE-2012-6124] [Disputed]
144725CHICKEN NULL Byte input validation [CVE-2012-6123]
144724CHICKEN Thread Scheduler select buffer overflow
144723IcedTea6 JNLP Service information disclosure [CVE-2010-2783]🔒🔒
144722IcedTea6 authorization [CVE-2010-2548]🔒🔒
144721ZTE ZX297520V3 Terminal System injection [CVE-2019-3421]
144720ZTE ZXMP input validation [CVE-2019-3419]
144719Pimcore translations.js cross site scripting
144718Total Defense Anti-Virus Quarantine permission assignment [CVE-2019-18645]
144717Total Defense Anti-Virus Symlink toctou [CVE-2019-18644]
144716Mooltipass Moolticute MPDevice_win.cpp null pointer dereference
144715European Commission eIDAS-Node Integration Package Certificate Validation certificate validation
144714European Commission eIDAS-Node Integration Package Certificate certificate validation
144713Progress MOVEit Transfer SSH/SFTP missing authentication [CVE-2019-18465]
144712Progress MOVEit Transfer REST API sql injection [CVE-2019-18464]
144711Xen Descriptor privileges management [CVE-2019-18425]
144710Xen DMA os command injection [CVE-2019-18424]
144709Xen Hypercall p2m_resolve_translation_fault input validation
144708Xen Exception permission assignment [CVE-2019-18422]
144707Xen Promotion race condition [CVE-2019-18421]
144706Xen Hypercall hypercall_create_continuation input validation
144705JetBrains YouTrack Tag default permission [CVE-2019-18369]
144704JetBrains ToolBox App privileges management [CVE-2019-18368]
144703JetBrains TeamCity default permission [CVE-2019-18367]
144702JetBrains TeamCity Permission default permission [CVE-2019-18366]
144701JetBrains TeamCity privileges management [CVE-2019-18365]
144700JetBrains TeamCity Java Deserialization deserialization [CVE-2019-18364]
144699JetBrains TeamCity information disclosure [CVE-2019-18363]
144698JetBrains MPS Network Service information disclosure [CVE-2019-18362]
144697JetBrains IntelliJ IDEA privileges management [CVE-2019-18361]
144696JetBrains Hub Password Recovery Username information disclosure
144695Zucchetti InfoBusiness Web Component cross site scripting [CVE-2019-18207]
144694Zucchetti InfoBusiness File Upload cross-site request forgery
144693Zucchetti InfoBusiness Browsing Reflected cross site scripting
144692Zucchetti InfoBusiness File Upload unrestricted upload [CVE-2019-18204]
144691Apak Wholesale Floorplanning Finance agreementView.faces cross site scripting
144690ClipSoft REXPERT input validation [CVE-2019-17326]
144689ClipSoft REXPERT RexViewerCtrl30.ocx ActiveX unrestricted upload
144688ClipSoft REXPERT path traversal [CVE-2019-17324]
144687ClipSoft REXPERT xml injection [CVE-2019-17323]
144686ClipSoft REXPERT input validation [CVE-2019-17322]
144685ClipSoft REXPERT information disclosure [CVE-2019-17321]
144684YIT Plugin Framework yit-plugin-panel-wc.php privileges management
144683BitDefender BOX Web API input validation [CVE-2019-12612]
144682Apache Airflow Metadata Database cross site scripting [CVE-2019-12417]
144681medoo columnQuote sql injection
144680Jupyter Notebook CSP improper restriction of rendered ui layers
144679systemd Certificate Validation certificate validation [CVE-2018-21029]
144678GNUBOARD5 Extra Contents boardgroup_form_update.php cross site scripting
144677murmur-server Client Query input validation [CVE-2010-2490]
144676Ikiwiki Comment cross site scripting [CVE-2010-1673]🔒
144675transmission Endgame memory corruption [CVE-2010-0749]
144674transmission Magnet Link input validation [CVE-2010-0748]🔒
144673drbd8 mount.cifs permission assignment🔒
144672JBoss Operations Network CLI permission assignment [CVE-2010-0737]
144671Autokey link following [CVE-2010-0398]
144670Xpdf xref Table infinite loop [CVE-2010-0207]
144669Xpdf JBIG2 null pointer dereference [CVE-2010-0206]
144668Burn Quotation Mark exceptional condition [CVE-2009-5043]
144667python-docutils Temp File exposure of resource [CVE-2009-5042]
144666Overkill Player Name buffer overflow [CVE-2009-5041]
144665Apple iTunes WebKit Process Model memory corruption [CVE-2019-8815]
144664Apple iTunes WebKit memory corruption [CVE-2019-8823]
144663Apple iTunes WebKit memory corruption [CVE-2019-8822]
144662Apple iTunes WebKit memory corruption [CVE-2019-8821]
144661Apple iTunes WebKit memory corruption [CVE-2019-8820]
144660Apple iTunes WebKit memory corruption [CVE-2019-8819]
144659Apple iTunes WebKit memory corruption [CVE-2019-8816]
144658Apple iTunes WebKit memory corruption [CVE-2019-8814]
144657Apple iTunes WebKit memory corruption [CVE-2019-8812]
144656Apple iTunes WebKit memory corruption [CVE-2019-8811]
144655Apple iTunes WebKit memory corruption [CVE-2019-8808]
144654Apple iTunes WebKit memory corruption [CVE-2019-8783]
144653Apple iTunes WebKit memory corruption [CVE-2019-8782]
144652Apple iTunes WebKit Universal cross site scripting
144651Apple iTunes untrusted search path [CVE-2019-8801]
144650Apple iTunes Graphics Driver memory corruption [CVE-2019-8784]
144649Apple iCloud WebKit Process Model memory corruption [CVE-2019-8815]
144648Apple iCloud WebKit memory corruption [CVE-2019-8823]
144647Apple iCloud WebKit memory corruption [CVE-2019-8822]
144646Apple iCloud WebKit memory corruption [CVE-2019-8821]
144645Apple iCloud WebKit memory corruption [CVE-2019-8820]
144644Apple iCloud WebKit memory corruption [CVE-2019-8819]
144643Apple iCloud WebKit memory corruption [CVE-2019-8816]
144642Apple iCloud WebKit memory corruption [CVE-2019-8814]
144641Apple iCloud WebKit memory corruption [CVE-2019-8811]
144640Apple iCloud WebKit memory corruption [CVE-2019-8783]
144639Apple iCloud WebKit memory corruption [CVE-2019-8782]
144638Apple iCloud WebKit memory corruption [CVE-2019-8766]
144637Apple iCloud WebKit memory corruption [CVE-2019-8710]
144636Apple iCloud WebKit Universal cross site scripting
144635Apple iCloud libxslt memory corruption [CVE-2019-8750]
144634Apple iCloud Graphics Driver memory corruption [CVE-2019-8784]
144633Apple iCloud WebKit Process Model memory corruption [CVE-2019-8815]
144632Apple iCloud WebKit memory corruption [CVE-2019-8823]
144631Apple iCloud WebKit memory corruption [CVE-2019-8822]
144630Apple iCloud WebKit memory corruption [CVE-2019-8821]
144629Apple iCloud WebKit memory corruption [CVE-2019-8820]
144628Apple iCloud WebKit memory corruption [CVE-2019-8819]
144627Apple iCloud WebKit memory corruption [CVE-2019-8816]
144626Apple iCloud WebKit memory corruption [CVE-2019-8814]
144625Apple iCloud WebKit memory corruption [CVE-2019-8811]
144624Apple iCloud WebKit memory corruption [CVE-2019-8783]
144623Apple iCloud Graphics Driver memory corruption [CVE-2019-8784]
144622Apple macOS UIFoundation information disclosure [CVE-2019-8761]
144621Apple macOS System Extensions input validation [CVE-2019-8805]
144620Apple macOS PluginKit memory corruption [CVE-2019-8715]
144619Apple macOS PluginKit information disclosure [CVE-2019-8708]
144618Apple macOS manpages input validation [CVE-2019-8802]
144617Apple macOS libxslt memory corruption [CVE-2019-8750]
144616Apple macOS libxml2 memory corruption [CVE-2019-8756]
144615Apple macOS libxml2 memory corruption [CVE-2019-8749]
144614Apple macOS Kernel memory corruption [CVE-2019-8744]
144613Apple macOS Kernel memory corruption [CVE-2019-8786]
144612Apple macOS Kernel Memory input validation
144611Apple macOS iTunes untrusted search path [CVE-2019-8801]
144610Apple macOS IOGraphics denial of service [CVE-2019-8759]
144609Apple macOS Intel Graphics Driver memory corruption [CVE-2019-8807]
144608Apple macOS Graphics Driver memory corruption [CVE-2019-8784]
144607Apple macOS Graphics unrestricted upload [CVE-2018-1215]
144606Apple macOS Graphics unrestricted upload [CVE-2018-1215]
144605Apple macOS Graphics unrestricted upload [CVE-2018-1215]
144604Apple macOS File System Events memory corruption [CVE-2019-8798]
144603Apple macOS File Quarantine privileges management [CVE-2019-8509]
144602Apple macOS CUPS denial of service [CVE-2019-8737]
144601Apple macOS CUPS heap-based overflow [CVE-2019-8767]
144600Apple macOS CUPS information disclosure [CVE-2019-8736]
144599Apple macOS Contacts authentication spoofing [CVE-2017-7152]
144598Apple macOS Books link following [CVE-2019-8789]
144597Apple macOS Audio memory corruption [CVE-2019-8797]
144596Apple macOS Audio memory corruption [CVE-2019-8785]
144595Apple macOS Audio memory corruption [CVE-2019-8706]
144594Apple macOS Associated Domains input validation [CVE-2019-8788]
144593Apple macOS AppleGraphicsControl memory corruption [CVE-2019-8716]
144592Apple macOS AppleGraphicsControl Memory input validation
144591Apple macOS App Store session expiration [CVE-2019-8803]
144590Apple macOS Accounts out-of-bounds read [CVE-2019-8787]
144589Apple watchOS WebKit memory corruption [CVE-2019-8820]
144588Apple watchOS WebKit memory corruption [CVE-2019-8816]
144587Apple watchOS WebKit memory corruption [CVE-2019-8812]
144586Apple watchOS WebKit memory corruption [CVE-2019-8811]
144585Apple watchOS WebKit memory corruption [CVE-2019-8808]
144584Apple watchOS WebKit memory corruption [CVE-2019-8766]
144583Apple watchOS WebKit memory corruption [CVE-2019-8765]
144582Apple watchOS WebKit memory corruption [CVE-2019-8743]
144581Apple watchOS WebKit Universal cross site scripting
144580Apple watchOS VoiceOver information disclosure [CVE-2019-8775]
144579Apple watchOS libxslt memory corruption [CVE-2019-8750]
144578Apple watchOS Kernel memory corruption [CVE-2019-8786]
144577Apple watchOS Kernel input validation [CVE-2019-8794]
144576Apple watchOS File System Events memory corruption [CVE-2019-8798]
144575Apple watchOS Contacts authentication spoofing [CVE-2017-7152]
144574Apple watchOS Audio memory corruption [CVE-2019-8797]
144573Apple watchOS Audio memory corruption [CVE-2019-8785]
144572Apple watchOS AppleFirmwareUpdateKext memory corruption [CVE-2019-8747]
144571Apple watchOS App Store session expiration [CVE-2019-8803]
144570Apple watchOS Accounts out-of-bounds read [CVE-2019-8787]
144569Apple Safari WebKit Process Model memory corruption [CVE-2019-8815]
144568Apple Safari WebKit memory corruption [CVE-2019-8823]
144567Apple Safari WebKit memory corruption [CVE-2019-8822]
144566Apple Safari WebKit memory corruption [CVE-2019-8821]
144565Apple Safari WebKit memory corruption [CVE-2019-8820]
144564Apple Safari WebKit memory corruption [CVE-2019-8819]
144563Apple Safari WebKit memory corruption [CVE-2019-8816]
144562Apple Safari WebKit memory corruption [CVE-2019-8814]
144561Apple Safari WebKit memory corruption [CVE-2019-8812]
144560Apple Safari WebKit memory corruption [CVE-2019-8811]
144559Apple Safari WebKit memory corruption [CVE-2019-8808]
144558Apple Safari WebKit memory corruption [CVE-2019-8783]
144557Apple Safari WebKit memory corruption [CVE-2019-8782]
144556Apple Safari WebKit Universal cross site scripting
144555Apple iOS/iPadOS WebKit Process Model memory corruption [CVE-2019-8815]
144554Apple iOS/iPadOS WebKit memory corruption [CVE-2019-8823]
144553Apple iOS/iPadOS WebKit memory corruption [CVE-2019-8822]
144552Apple iOS/iPadOS WebKit memory corruption [CVE-2019-8821]
144551Apple iOS/iPadOS WebKit memory corruption [CVE-2019-8820]
144550Apple iOS/iPadOS WebKit memory corruption [CVE-2019-8819]
144549Apple iOS/iPadOS WebKit memory corruption [CVE-2019-8816]
144548Apple iOS/iPadOS WebKit memory corruption [CVE-2019-8814]
144547Apple iOS/iPadOS WebKit memory corruption [CVE-2019-8812]
144546Apple iOS/iPadOS WebKit memory corruption [CVE-2019-8811]
144545Apple iOS/iPadOS WebKit memory corruption [CVE-2019-8808]
144544Apple iOS/iPadOS WebKit memory corruption [CVE-2019-8783]
144543Apple iOS/iPadOS WebKit memory corruption [CVE-2019-8782]
144542Apple iOS/iPadOS WebKit Universal cross site scripting
144541Apple iOS/iPadOS Screen Recording input validation [CVE-2019-8793]
144540Apple iOS/iPadOS Setup Assistant improper authentication [CVE-2019-8804]
144539Apple iOS/iPadOS Kernel memory corruption [CVE-2019-8786]
144538Apple iOS/iPadOS Kernel Memory input validation
144537Apple iOS/iPadOS Graphics Driver memory corruption [CVE-2019-8784]
144536Apple iOS/iPadOS File System Events memory corruption [CVE-2019-8798]
144535Apple iOS/iPadOS Contacts authentication spoofing [CVE-2017-7152]
144534Apple iOS/iPadOS Books link following [CVE-2019-8789]
144533Apple iOS/iPadOS AVEVideoEncoder memory corruption [CVE-2019-8795]
144532Apple iOS/iPadOS Audio memory corruption [CVE-2019-8797]
144531Apple iOS/iPadOS Audio memory corruption [CVE-2019-8785]
144530Apple iOS/iPadOS Associated Domains Exfiltration input validation
144529Apple iOS/iPadOS App Store session expiration [CVE-2019-8803]
144528Apple iOS/iPadOS Accounts out-of-bounds read [CVE-2019-8787]
144527Apple tvOS WebKit Process Model memory corruption [CVE-2019-8815]
144526Apple tvOS WebKit memory corruption [CVE-2019-8823]
144525Apple tvOS WebKit memory corruption [CVE-2019-8822]
144524Apple tvOS WebKit memory corruption [CVE-2019-8821]
144523Apple tvOS WebKit memory corruption [CVE-2019-8820]
144522Apple tvOS WebKit memory corruption [CVE-2019-8819]
144521Apple tvOS WebKit memory corruption [CVE-2019-8816]
144520Apple tvOS WebKit memory corruption [CVE-2019-8814]
144519Apple tvOS WebKit memory corruption [CVE-2019-8812]
144518Apple tvOS WebKit memory corruption [CVE-2019-8811]
144517Apple tvOS WebKit memory corruption [CVE-2019-8808]
144516Apple tvOS WebKit memory corruption [CVE-2019-8783]
144515Apple tvOS WebKit memory corruption [CVE-2019-8782]
144514Apple tvOS WebKit Universal cross site scripting
144513Apple tvOS Kernel memory corruption [CVE-2019-8786]
144512Apple tvOS Kernel input validation [CVE-2019-8794]
144511Apple tvOS File System Events memory corruption [CVE-2019-8798]
144510Apple tvOS AVEVideoEncoder memory corruption [CVE-2019-8795]
144509Apple tvOS Audio memory corruption [CVE-2019-8797]
144508Apple tvOS Audio memory corruption [CVE-2019-8785]
144507Apple tvOS App Store session expiration [CVE-2019-8803]
144506Apple tvOS Accounts out-of-bounds read [CVE-2019-8787]
144505Logstash Beats Input Plugin input validation [CVE-2019-7620]
144504Elasticsearch API Key Service Username risky encryption
144503rdesktop out-of-bounds read [CVE-2019-15682]
144502ISC BIND buffer.c assertion🔒
144492Aruba Instant injection [CVE-2018-16417]
144451LabKey Server reports-viewScriptReport.view cross-site request forgery
144450LabKey Server Display Name Stored cross site scripting
144449LabKey Server SVG xml external entity reference [CVE-2019-9757]
144448TightVNC HandleCoRREBBP buffer overflow
144447Magento input validation [CVE-2019-8235]
144446Schneider Electric Modicon M580 TFTP information disclosure [CVE-2019-6851]
144445Schneider Electric Modicon BMENOC 0321 Communication Module information disclosure
144444Schneider Electric Modicon BMENOC 0321 Communication Module information disclosure
144443Schneider Electric Modicon BMENOC 0321 Communication Module input validation
144442Modicon Modicon M580 Application exceptional condition [CVE-2019-6847]
144441Schneider Electric Modicon M580 FTP cleartext transmission [CVE-2019-6846]
144440Schneider Electric Modicon M580 Modbus cleartext transmission
144439Schneider Electric Modicon M580 PLC exceptional condition [CVE-2019-6844]
144438Schneider Electric Modicon M580 PLC exceptional condition [CVE-2019-6843]
144437Schneider Electric Modicon M580 PLC exceptional condition [CVE-2019-6842]
144436Schneider Electric Modicon M580 PLC exceptional condition [CVE-2019-6841]
144435VMware SD-WAN information disclosure [CVE-2019-5533]
144434RouterOS DNS Server input validation [CVE-2019-3979]
144433RouterOS DNS Cache Poisoning missing authentication
144432RouterOS Upgrade Package code download [CVE-2019-3977]
144431RouterOS Upgrade Package input validation [CVE-2019-3976]
144430Opera Mini File Download input validation [CVE-2019-18624]
144429AbuseFilter Extension information disclosure [CVE-2019-18612]
144428CheckUser Extension API information disclosure [CVE-2019-18611]
144427Cezerin Attribute cart input validation
144426axodraw2 axohelp axohelp.c input validation
144425OpenAFS RPC information disclosure [CVE-2019-18603]
144424OpenAFS information disclosure [CVE-2019-18602]
144423OpenAFS RPC Call deserialization [CVE-2019-18601]
144422Maxthon Unquoted Search Path unquoted search path [CVE-2019-16647]
144421TurboVNC out-of-bounds write [CVE-2019-15683]
144420LibVNC VNC Server information disclosure [CVE-2019-15681]
144419TightVNC HandleZlibBPP null pointer dereference
144418TightVNC InitialiseRFBConnection out-of-bounds write
144417TightVNC rfbServerCutText out-of-bounds write
144416Sahi Pro Script Manager DBReports Reflected cross site scripting
144415Sequelize JSON Path Key sql injection [CVE-2019-10749]
144414Sequelize JSON Path Key sql injection [CVE-2019-10748]
144413Archiver Unarchive path traversal [CVE-2019-10743]
144412PostgreSQL Installer input validation [CVE-2019-10211]
144411PostgreSQL Installer input validation [CVE-2019-10210]
144410PostgreSQL Memory information disclosure [CVE-2019-10209]
144409PostgreSQL Execute Permission sql injection [CVE-2019-10208]
144408Apache Thrift TJSONProtocol/TSimpleJSONProtocol out-of-bounds read
144407Apache Thrift infinite loop [CVE-2019-0205]
144406qtum Header resource consumption [CVE-2018-19151]
144405TightRope Media Carousel Digital Signage Services privileges management
144404TightRope Media Carousel Digital Signage File Upload unrestricted upload
144403TightRope Media Carousel Seneca HDn hard-coded credentials [CVE-2018-18929]
144402Fabrikar Fabrik Component Reflected cross site scripting [CVE-2018-10727]
144400GMER SysTreeView32 Control out-of-bounds write [CVE-2016-4289]
144399Apache Hadoop link following [CVE-2012-2945]
144398BitlBee Privilege unix.c dropped privileges
144397SugarCRM CE unserialize input validation
144396MediaWiki ApiQueryRevisions.php information disclosure
144395gpw Password Generator weak password [CVE-2011-4931]
144394Cisco Video Communications Server injection [CVE-2011-2538]
144393Ikiwiki TTY link following [CVE-2011-1408]🔒🔒
144392Ikiwiki Comment cross site scripting [CVE-2011-0428]🔒
144391Mercurial SSL Certificate certificate validation [CVE-2010-4237]🔒
144390qtparted Library Loader input validation [CVE-2010-3375]
144389paxtest Temp File input validation [CVE-2010-3373]
144388rpcbind portmap.xdr link following
144387rpcbind portmap.xdr input validation
144386MapServer Symbol Index input validation [CVE-2010-1678]
144385ytnef path traversal [CVE-2009-3887]
144384Asterisk PBX Call authorization [CVE-2009-3723]
144383VMware vCenter Server Appliance Backup/Restore certificate validation
144382VMware vCenter Server Appliance Backup/Restore certificate validation
144381VMware ESXi/Workstation/Fusion Shader input validation [CVE-2019-5536]
144380IBM API Connect information disclosure [CVE-2019-4600]
144379IBM Maximo Health- Safety/Environment Manager privileges management
144378IBM Security Guardium Big Data Intelligence inadequate encryption
144377IBM Security Guardium Big Data Intelligence Cookie cookie validation
144376IBM Security Guardium Big Data Intelligence Blacklist input validation
144375IBM Security Guardium Big Data Intelligence information disclosure
144374IBM Security Guardium Big Data Intelligence information disclosure
144373IBM Security Guardium Big Data Intelligence hard-coded credentials
144372IBM Security Guardium Big Data Intelligence Credentials insufficiently protected credentials
144371IBM Security Guardium Big Data Intelligence Permission exposure of resource
144370Trend Micro Apex One/OfficeScan/Worry-Free Business Security Management Console path traversal
144369Trend Micro Apex One ZIP File unrestricted upload [CVE-2019-18188]
144368Trend Micro OfficeScan ZIP File path traversal [CVE-2019-18187]
144367IntraSrv HTTP Request buffer overflow [CVE-2019-17181]
144366Repetier-Server XML File RepetierServer.exe path traversal
144365Dzone AnswerHub xml external entity reference [CVE-2017-15725]
144364Keyring Lib Permission default permission [CVE-2012-5577]
144363McAfee Total Protection information disclosure [CVE-2019-3636]
144262libpod Podman link following [CVE-2019-18466]
144261TerraMaster FS-210 1.user.php privileges management
144260Compal Broadband CH7465LG Modem Web Interface path traversal
144259K7 Antivirus Premium/Total Security/Ultimate Security Inter-Process Communication K7TSHlpr.dll privileges management
144258rConfig search.crud.php exec os command injection
144257rConfig ajaxServerSettingsChk.php exec os command injection
144256Mitsubishi Electric ME-RTU/INEA ME-RTU mobile.php os command injection
144255Mitsubishi Electric ME-RTU/INEA ME-RTU hard-coded credentials
144254Mitsubishi Electric ME-RTU/INEA ME-RTU Credentials insufficiently protected credentials
144253Mitsubishi Electric ME-RTU/INEA ME-RTU index.php Stored cross site scripting
144252Mitsubishi Electric ME-RTU/INEA ME-RTU Configuration File information disclosure
144251Mitsubishi Electric ME-RTU/INEA ME-RTU SSH Key ssh_host_rsa_key hard-coded credentials
144250Mitsubishi Electric ME-RTU/INEA ME-RTU Configuration File settings.xml Credentials default permission
144243pootle cross site scripting [CVE-2010-4245]
144242Tiki Wiki CMS Groupware tiki-adminusers.php cross-site request forgery
144241Tiki Wiki CMS Groupware tiki-edit_wiki_section.php cross site scripting
144240Tiki Wiki CMS Groupware tiki-jsplugin.php input validation
144239Mailscanner Signature Update input validation [CVE-2010-3293]
144238Pixelpost cross site scripting [CVE-2009-4900]
144237Pixelpost sql injection [CVE-2009-4899]
144236Zoo path traversal [CVE-2005-2349]
144235Snoopy curl input validation [CVE-2002-2444]
144234LabF nfsAxe FTP Client memory corruption [CVE-2017-14742]
144232Joomla CMS code injection
144231PHP FPM fpm_main.c env_path_info Underflow out-of-bounds write
144230Adobe Experience Manager cross-site request forgery [CVE-2019-8234]
144229Adobe Experience Manager injection [CVE-2019-8088]
144228Adobe Experience Manager XML Data xml external entity reference
144227Adobe Experience Manager XML Data xml external entity reference
144226Adobe Experience Manager Reflected cross site scripting [CVE-2019-8085]
144225Adobe Experience Manager Reflected cross site scripting [CVE-2019-8084]
144224Adobe Experience Manager cross site scripting [CVE-2019-8083]
144223Adobe Experience Manager XML Data xml external entity reference
144222Adobe Experience Manager improper authentication [CVE-2019-8081]
144221NetApp Clustered Data ONTAP l2ping input validation [CVE-2019-5508]
144220YouPHPTube Encoder getSpiritsFromVideo.php os command injection
144219YouPHPTube Encoder getImageMP4.php os command injection
144218YouPHPTube Encoder getImage.php os command injection
144217YouPHPTube pluginSwitch.json.php sql injection
144216YouPHPTube pluginSwitch.json.php sql injection
144215YouPHPTube pluginSwitch.json.php sql injection
144214YouPHPTube sql injection [CVE-2019-5120]
144213YouPHPTube sql injection [CVE-2019-5119]
144212YouPHPTube sql injection [CVE-2019-5117]
144211YouPHPTube sql injection [CVE-2019-5116]
144210YouPHPTube sql injection [CVE-2019-5114]
144209IBM Cloud Orchestrator cross site scripting [CVE-2019-4461]
144208IBM Cloud Orchestrator path traversal [CVE-2019-4400]
144207IBM Cloud Orchestrator risky encryption [CVE-2019-4399]
144206IBM Cloud Orchestrator cross site scripting [CVE-2019-4396]
144205IBM Cloud Orchestrator Temporary Script File information disclosure
144204IBM Cloud Orchestrator API Email input validation
144203IBM Security Access Manager Appliance Reverse Proxy input validation
144202Foxit PhantomPDF DXF File out-of-bounds write [CVE-2019-17145]
144201Foxit PhantomPDF DWG File out-of-bounds write [CVE-2019-17144]
144200Foxit PhantomPDF DWG File use after free [CVE-2019-17143]
144199Foxit PhantomPDF use after free [CVE-2019-17142]
144198Foxit PhantomPDF use after free [CVE-2019-17141]
144197Foxit PhantomPDF use after free [CVE-2019-17140]
144196Foxit PhantomPDF HTML2PDF Plugin out-of-bounds write [CVE-2019-17139]
144195Foxit Studio Photo JPEG Converter out-of-bounds read [CVE-2019-17138]
1441943S-Smart CODESYS out-of-bounds write [CVE-2019-16265]
144193Repetier-Server XML Data RepetierServer.exe unrestricted upload
144192Rittal Chiller SK 3232 hard-coded credentials [CVE-2019-13553]
144191Rittal Chiller SK 3232 missing authentication [CVE-2019-13549]
144190IntelliSpace Perinatal Application Environment exposure of resource
144189IP-AK2 Access Control Panel Version Integrated Web Server missing authentication
144182Google Chrome erase permission assignment🔒🔒
144181Milesight IP Security Camera shadow hard-coded credentials
144180Milesight IP Security Camera vb.htm improper authentication
144179Milesight IP Security Camera hard-coded credentials [CVE-2016-2358]
144178Milesight IP Security Camera SSL Private Key config hard-coded credentials
144177Milesight IP Security Camera Web Application buffer overflow
144176Zend Framework Postgresql sql injection [CVE-2015-0270]
144175D-Link DIR-865L router_info.xml xml injection
144174D-Link DIR-865L bsc_lan.php information disclosure
144173D-Link DIR-865L SMB path traversal [CVE-2013-4855]
144172TP-LINK TL-WDR4300 cross-site request forgery [CVE-2013-4848]
144171Linksys EA6500 SMB path traversal [CVE-2013-4658]
144170CoreHR Core Portal Stored cross site scripting [CVE-2019-18221]
144169Microsoft Windows Master File Table PushIndexRoot Blue Screen denial of service
144168Adobe Experience Manager Stored cross site scripting [CVE-2019-8080]
144167Adobe Experience Manager Stored cross site scripting [CVE-2019-8079]
144166Adobe Experience Manager Reflected cross site scripting [CVE-2019-8078]
144165ClonOS Web Control Panel index.php cross site scripting
144164ClonOS Web Control Panel Session Management clonos.php session fixiation
144163SourceCodester Management System File Upload unrestricted upload
144162SourceCodester Management System Member cross site scripting
144161SourceCodester Management System Send Message Screen cross site scripting
144160SourceCodester Management System staff-exec.php cross-site request forgery
144159TypeStack class-validator validate sql injection
144158Google Go Certificate Verification Remote Code Execution [CVE-2019-17596]
144157Horde Groupware Webmail Edition Trean cross-site request forgery
144154Fortinet FortiClient DLL Loader uncontrolled search path [CVE-2019-6692]
144153Wacom Driver Helper Service stopLaunchDProcess privileges management
144152Wacom Driver Helper Service privileges management [CVE-2019-5012]
144151IBM Maximo Asset Management Web UI cross site scripting [CVE-2019-4486]
144150IBM Cloud Orchestrator/Cloud Orchestrator Enterprise Web UI cross site scripting
144149IBM Cloud Orchestrator/Cloud Orchestrator Enterprise Session Management Cookie missing encryption
144148IBM Cloud Orchestrator/Cloud Orchestrator Enterprise information disclosure
144147ruby_parser-legacy Gem ruby_parser.rb permission assignment [CVE-2019-18409]
144146libarchive archive_read_support_format_rar.c use after free
144145Ignite Realtime Openfire server-side request forgery
144144Ignite Realtime Openfire path traversal
144143Fujitsu Wireless Keyboard Set LX390 GK381 missing encryption
144142Fujitsu Wireless Keyboard Set LX390 GK381 injection [CVE-2019-18200]
144141Fujitsu Wireless Keyboard Set LX390 GK381 authentication replay
144140TeamViewer DLL Loader untrusted search path [CVE-2019-18196]
144139tonyy dormsystem DOM-Based cross site scripting [CVE-2019-17581]
144138Craft CMS Login Form password recovery [CVE-2019-15929]
144137Fortinet FortiOS ECDSA PRNG entropy
144136TP-LINK M7350 Trigger Port os command injection [CVE-2019-13653]
144135TP-LINK M7350 Service Name os command injection [CVE-2019-13652]
144134TP-LINK M7350 os command injection [CVE-2019-13651]
144133TP-LINK M7350 Internal Port os command injection [CVE-2019-13650]
144132TP-LINK M7350 External Port os command injection [CVE-2019-13649]
144131Horde Groupware Webmail Edition Tag Cloud cross site scripting
144130MapR CLDB JSON Framework input validation [CVE-2019-12017]
144129Schlix CMS File Upload mediamanager unrestricted upload
144126Darktrace Enterprise Immune System config cross-site request forgery
144125Darktrace Enterprise Immune System whitelisteddomains cross-site request forgery
144124Adobe Acrobat Reader path traversal [CVE-2019-8238]
144123Adobe Acrobat Reader Security Feature inadequate encryption [CVE-2019-8237]
144122Creative Cloud Desktop Application privileges management [CVE-2019-8236]
144121Forcepoint One Endpoint DLP/Web Protection authorization [CVE-2019-6144]
144120Tenable Nessus Scan Type Import input validation [CVE-2019-3982]
144119SourceCodester Hotel/Lodge Management System Edit Page sql injection
144118TerraMaster FS-210 Log File log file [CVE-2019-18385]
144117TerraMaster FS-210 permission assignment [CVE-2019-18384]
144116TerraMaster FS-210 Backup File permission assignment [CVE-2019-18383]
144115AVStar PE204 Service Port 23456 input validation [CVE-2019-18382]
144114Xiaomi Mi WiFi R3G Nginx Alias account path traversal
144113Xiaomi Mi WiFi R3G Backup File speedtest_urls.xml input validation
144112MP3Gain apetag.c ReadMP3APETag memory corruption
144111Thycotic Secret Server cross site scripting [CVE-2019-18357]
144110Thycotic Secret Server cross site scripting [CVE-2019-18356]
144109Thycotic Secret Server Legacy Web Launcher server-side request forgery
144108Ant Design Pro Reflected cross site scripting [CVE-2019-18350]
144107Python urllib2 urllib.request.urlopen injection
144106SourceCodester Online Grading System sql injection [CVE-2019-18344]
144105Qt qtbase qtextengine.cpp generateDirectionalRuns memory corruption
144104SourceCodester Online Grading System cross-site request forgery
144103VideoLAN VLC Media Player libqt vlc_entry_license__3_0_0f+0x00000000003b9aba memory corruption
144102HAProxy Legacy Mode input validation [CVE-2019-18277]
144101Red Hat XML Language Support xml injection
144100Red Hat XML Language Server path traversal
144099hexo-admin Plugin Post Editor Stored cross site scripting
144098Avast/AVG Antivirus DLL Loader wbemcomn.dll untrusted search path
144097FusionPBX extension_imports.php Reflected cross site scripting
144096FusionPBX destination_imports.php Reflected cross site scripting
144095FusionPBX contact_notes.php Reflected cross site scripting
144094WUSTL XNAT xml external entity reference [CVE-2019-14276]
144093Apache POI XSSFExportToXml xml external entity reference [CVE-2019-12415]
144092libpl_droidsonroids_gif memory corruption [CVE-2019-11933]
144091Cloud Foundry SMB Volume Log Credentials log file
144090Cloud Foundry UAA SCIM information disclosure [CVE-2019-11282]
144089Zulip Plugin Global Configuration Credentials insufficiently protected credentials
144088build-metrics Plugin Reflected cross site scripting [CVE-2019-10475]
144087Global Post Script Plugin Permission Check default permission
144086Libvirt Slaves Plugin Permission Check Credentials default permission
144085Libvirt Slaves Plugin Permission Check Credentials default permission
144084Libvirt Slaves Plugin cross-site request forgery [CVE-2019-10471]
144083ElasticBox Jenkins Kubernetes CI-CD Plugin Permission Check Credentials default permission
144082ElasticBox Jenkins Kubernetes CI-CD Plugin Permission Check default permission
144081ElasticBox Jenkins Kubernetes CI-CD Plugin cross-site request forgery
144080Sonar Gerrit Plugin config.xml Credentials insufficiently protected credentials
144079360 FireLine Plugin xml external entity reference [CVE-2019-10466]
144078Jenkins Deploy WebLogic Plugin Permission Check default permission
144077Deploy WebLogic Plugin cross-site request forgery [CVE-2019-10464]
144076Dynatrace Application Monitoring Plugin Permission Check default permission
144075Dynatrace Application Monitoring Plugin cross-site request forgery
144074Dynatrace Application Monitoring Plugin Global Configuration Credentials insufficiently protected credentials
144073Bitbucket OAuth Plugin Configuration File config.xml Credentials insufficiently protected credentials
144072Mattermost Notification Plugin Global Configuration config.xml Credentials insufficiently protected credentials
144071Easy Digital Downloads Twenty-Twelve Theme cross site scripting
144070Easy Digital Downloads Shoppette Theme cross site scripting [CVE-2015-9535]
144069Easy Digital Downloads Quota Theme cross site scripting [CVE-2015-9534]
144068Easy Digital Downloads Lattice Theme cross site scripting [CVE-2015-9533]
144067Easy Digital Downloads Digital Store Theme cross site scripting
144066Easy Digital Downloads Wish Lists Extension cross site scripting
144065Easy Digital Downloads Upload File Extension cross site scripting
144064Easy Digital Downloads Stripe Extension cross site scripting
144063Easy Digital Downloads Software Licensing Extension cross site scripting
144062Easy Digital Downloads Simple Shipping Extension cross site scripting
144060Easy Digital Downloads Recurring Payments Extension cross site scripting
144059Easy Digital Downloads Recount Earnings Extension cross site scripting
144058Easy Digital Downloads Recommended Products extension cross site scripting
144057Easy Digital Downloads QR Code Extension cross site scripting
144056Easy Digital Downloads Pushover Notifications Extension cross site scripting
144055Easy Digital Downloads Per Product Emails Extension cross site scripting
144054Easy Digital Downloads PDF Stamper Extension cross site scripting
144053Easy Digital Downloads PDF Invoices Extension cross site scripting
144052Easy Digital Downloads Manual Purchases Extension cross site scripting
144051Easy Digital Downloads Invoices Extension cross site scripting
144050Easy Digital Downloads htaccess Editor Extension cross site scripting
144049Easy Digital Downloads Free Downloads Extension cross site scripting
144048Easy Digital Downloads Favorites Extension cross site scripting
144047Easy Digital Downloads CSV Manager Extension cross site scripting
144046Easy Digital Downloads Conditional Success Redirects Extension cross site scripting
144045Easy Digital Downloads Cross-sell Upsell Extension cross site scripting
144044Easy Digital Downloads Content Restriction Extension cross site scripting
144043Easy Digital Downloads Commissions Extension cross site scripting
144042Easy Digital Downloads Attach Accounts to Orders Extension cross site scripting
144041Easy Digital Downloads Amazon S3 Extension cross site scripting
144040Easy Digital Downloads Core cross site scripting [CVE-2015-9505]
144039weeklynews Theme cross site scripting [CVE-2015-9504]
144038Modern Theme example.html cross site scripting
144037Auberge Theme example.html cross site scripting
144036Open Floodlight SDN Controller Service input validation [CVE-2014-2304]
144035Open Floodlight SDN Switch input validation [CVE-2013-7333]
144034GNU gcc New Operator integer overflow [CVE-2002-2439]
144033Codemagic Sitemagic CMS upgrade.php cross site scripting
144032Adobe Experience Manager Forms Reflected cross site scripting
144031totemodata Folder Name cross site scripting [CVE-2019-17189]
144030FusionPBX contact_edit.php Reflected cross site scripting
144029FusionPBX contact_addresses.php Reflected cross site scripting
144028FusionPBX messages_thread.php Reflected cross site scripting
144027Loofah Gem cross site scripting [CVE-2019-15587]
144026Artificial Intelligence Theme cross site scripting [CVE-2015-9501]
144025Exquisite Ultimate Newspaper Theme cross site scripting
144024Showbiz Pro Plugin unrestricted upload [CVE-2015-9499]
144023wps-hide-login Plugin Option Save cross-site request forgery
144022ad-inserter Plugin cross-site request forgery [CVE-2015-9497]
144021freshmail-newsletter Plugin shortcode.php sql injection
144020syndication-links Plugin example.html cross site scripting
144019indieweb-post-kinds Plugin example.html cross site scripting
144018my-wish-list Plugin cross site scripting [CVE-2015-9493]
144017IBM DB2 High Performance Unload buffer overflow [CVE-2019-4523]
144016nipper-ng Firewall Configuration process-general.c processPrivilage out-of-bounds write
144015Stephan Mooltipass Moolticute Access Control cleartext transmission
144014GNU Libidn2 Roudtrip Check input validation [CVE-2019-12290]
144013Sangoma Session Border Controller GA Web Interface improper authentication
144012Sangoma Session Border Controller GA Web Interface injection
144011Micro Focus Self Service Password Reset Certificate Validation certificate validation
144010Apache Traffic Server HTTP2 input validation [CVE-2019-10079]
144009AVM Fritz!Box 7490 PPPoE Packet Padding information disclosure
144008Codemagic Sitemagic CMS cross-site request forgery [CVE-2019-18220]
144007Codemagic Sitemagic CMS index.php cross site scripting
144006Trend Micro Anti-Threat Toolkit input validation [CVE-2019-9491]
144004Citrix Application Delivery Controller/Gateway Management Interface improper authentication
144003Ricoh MP 501 adrsSetUserWizard.cgi Stored cross site scripting
144002Libssh2 packet.c integer overflow
144001unoconv Package server-side request forgery [CVE-2019-17400]
144000Rocket.Chat cross site scripting
143999FusionPBX contact_times.php Reflected cross site scripting
143998FusionPBX sip_status.php Reflected cross site scripting
143997FusionPBX fifo_interactive.php Reflected cross site scripting
143996FusionPBX conference_control_details.php Reflected cross site scripting
143995FreePBX Manager form.php Reflected cross site scripting
143994Contactmanager Contactmanager.class.php Reflected cross site scripting
143993FusionPBX cmd.php injection
143992FusionPBX Call Center Queue Module cmd.php injection
143991OpenEMR eye_base.php sql injection
143989GNU Libidn2 lookup.c idn2_to_ascii_4i out-of-bounds write
143988FusionPBX filedelete.php Reflected cross site scripting
143987FusionPBX conference_interactive.php Reflected cross site scripting
143986FusionPBX content.php Reflected cross site scripting
143985FusionPBX contact_import.php Reflected cross site scripting
143984FusionPBX download.php path traversal
143983FusionPBX URL xml_cdr_delete.php path traversal
143982FusionPBX recording_play.php Reflected cross site scripting
143981FusionPBX paging.php paging Reflected cross site scripting
143980FusionPBX access_control_nodes.php Reflected cross site scripting
143979FusionPBX conference_profile_params.php Reflected cross site scripting
143978FusionPBX music_on_hold.php path traversal
143977FusionPBX call_broadcast_edit.php sql injection
143976FusionPBX contact_urls.php Reflected cross site scripting
143975FusionPBX device_settings.php Reflected cross site scripting
143974Sonatype Nexus Repository Manager/IQ Server unrestricted upload
143973File cdf.c cdf_read_property_info out-of-bounds write
143972ProFTPD Command main.c infinite loop
143971OpenEMR view.php Reflected cross site scripting
143970OpenEMR view.php Reflected cross site scripting
143969Verodin Director JSON REST API integrations.json Credentials insufficiently protected credentials
143968Verodin Director Stored cross site scripting [CVE-2019-10715]
143967Asus ROG Zephyrus M GM501GS Battery input validation [CVE-2019-18216]
143966Video_Converter App FFmpeg release of resource [CVE-2019-18214]
143965Etherpad-Lite URL pad.html cross site scripting
143964WAGO PFC100/PFC200 Access Control external reference [CVE-2019-18202]
143963Adobe Download Manager permission assignment [CVE-2019-8071]
143962HCL Traveler Problem Report Page cross site scripting [CVE-2019-4409]
143961Linux Kernel fib6_rules.c fib6_rule_suppress release of resource
143960libxslt transform.c xsltCopyText use after free
143959SageMath Sage Cell Server Python __import__('os').popen('whoami').read os command injection
143958Tomedo Server Vendor Communication insufficiently protected credentials
143957OpenWRT radio0.network1 cross-site request forgery
143956broken-link-checker table-printer.php Reflected cross site scripting
143955Harbor API Access Control default permission [CVE-2019-16919]
143954slicer69 doas input validation [CVE-2019-15901]
143953slicer69 doas sscanf use of uninitialized resource
143952Horner Automation Cscape out-of-bounds write [CVE-2019-13545]
143951Horner Automation Cscape input validation [CVE-2019-13541]
143950ajenti API privileges management
143949Podman / Varlink API privileges management
143948Adobe Acrobat Reader null pointer dereference [CVE-2019-8205]
143947Adobe Acrobat Reader null pointer dereference [CVE-2019-8196]
143946Adobe Acrobat Reader null pointer dereference [CVE-2019-8195]
143945Adobe Acrobat Reader null pointer dereference [CVE-2019-8174]
143944Adobe Acrobat Reader type conversion [CVE-2019-8200]
143943Adobe Acrobat Reader type conversion [CVE-2019-8169]
143942Adobe Acrobat Reader type conversion [CVE-2019-8167]
143941Adobe Acrobat Reader type conversion [CVE-2019-8161]
143940Adobe Acrobat Reader information disclosure [CVE-2019-8226]
143939Adobe Acrobat Reader race condition [CVE-2019-8162]
143938Adobe Acrobat Reader cross site scripting [CVE-2019-8160]
143937Adobe Acrobat Reader memory corruption [CVE-2019-8166]
143936Adobe Acrobat Reader memory corruption [CVE-2019-8197]
143935Adobe Acrobat Reader memory corruption [CVE-2019-8183]
143934Adobe Acrobat Reader memory corruption [CVE-2019-8170]
143933Adobe Acrobat Reader use after free [CVE-2019-8225]
143932Adobe Acrobat Reader use after free [CVE-2019-8224]
143931Adobe Acrobat Reader use after free [CVE-2019-8223]
143930Adobe Acrobat Reader use after free [CVE-2019-8221]
143929Adobe Acrobat Reader use after free [CVE-2019-8220]
143928Adobe Acrobat Reader use after free [CVE-2019-8219]
143927Adobe Acrobat Reader use after free [CVE-2019-8217]
143926Adobe Acrobat Reader use after free [CVE-2019-8215]
143925Adobe Acrobat Reader use after free [CVE-2019-8214]
143924Adobe Acrobat Reader use after free [CVE-2019-8213]
143923Adobe Acrobat Reader use after free [CVE-2019-8212]
143922Adobe Acrobat Reader use after free [CVE-2019-8211]
143921Adobe Acrobat Reader use after free [CVE-2019-8210]
143920Adobe Acrobat Reader use after free [CVE-2019-8209]
143919Adobe Acrobat Reader use after free [CVE-2019-8208]
143918Adobe Acrobat Reader use after free [CVE-2019-8203]
143917Adobe Acrobat Reader use after free [CVE-2019-8192]
143916Adobe Acrobat Reader use after free [CVE-2019-8188]
143915Adobe Acrobat Reader use after free [CVE-2019-8187]
143914Adobe Acrobat Reader use after free [CVE-2019-8181]
143913Adobe Acrobat Reader use after free [CVE-2019-8180]
143912Adobe Acrobat Reader use after free [CVE-2019-8179]
143911Adobe Acrobat Reader use after free [CVE-2019-8178]
143910Adobe Acrobat Reader use after free [CVE-2019-8177]
143909Adobe Acrobat Reader use after free [CVE-2019-8176]
143908Adobe Acrobat Reader use after free [CVE-2019-8175]
143907Adobe Acrobat Reader out-of-bounds write [CVE-2019-8206]
143906Adobe Acrobat Reader out-of-bounds write [CVE-2019-8199]
143905Adobe Acrobat Reader out-of-bounds write [CVE-2019-8191]
143904Adobe Acrobat Reader out-of-bounds write [CVE-2019-8165]
143903Adobe Acrobat Reader out-of-bounds write [CVE-2019-8186]
143902Adobe Acrobat Reader out-of-bounds write [CVE-2019-8171]
143901Adobe Acrobat Reader out-of-bounds read [CVE-2019-8222]
143900Adobe Acrobat Reader out-of-bounds read [CVE-2019-8218]
143899Adobe Acrobat Reader out-of-bounds read [CVE-2019-8216]
143898Adobe Acrobat Reader out-of-bounds read [CVE-2019-8207]
143897Adobe Acrobat Reader out-of-bounds read [CVE-2019-8204]
143896Adobe Acrobat Reader out-of-bounds read [CVE-2019-8202]
143895Adobe Acrobat Reader out-of-bounds read [CVE-2019-8201]
143894Adobe Acrobat Reader out-of-bounds read [CVE-2019-8198]
143893Adobe Acrobat Reader out-of-bounds read [CVE-2019-8194]
143892Adobe Acrobat Reader out-of-bounds read [CVE-2019-8193]
143891Adobe Acrobat Reader out-of-bounds read [CVE-2019-8190]
143890Adobe Acrobat Reader out-of-bounds read [CVE-2019-8163]
143889Adobe Acrobat Reader out-of-bounds read [CVE-2019-8189]
143888Adobe Acrobat Reader out-of-bounds read [CVE-2019-8185]
143887Adobe Acrobat Reader out-of-bounds read [CVE-2019-8184]
143886Adobe Acrobat Reader out-of-bounds read [CVE-2019-8182]
143885Adobe Acrobat Reader out-of-bounds read [CVE-2019-8064]
143884Adobe Acrobat Reader out-of-bounds read [CVE-2019-8173]
143883Adobe Acrobat Reader out-of-bounds read [CVE-2019-8172]
143882Adobe Acrobat Reader out-of-bounds read [CVE-2019-8168]
143881Adobe Acrobat Reader out-of-bounds read [CVE-2019-8164]
143880ISC BIND QNAME assertion [CVE-2019-6476]
143879ISC BIND Mirror Zone input validation [CVE-2019-6475]
143878GNU Guix permission assignment [CVE-2019-18192]
143877Eclipse OpenJ9 Privilege Check permission assignment [CVE-2019-17631]
143876Ratpack Netty Library DefaultHttpHeaders input validation
143875WiKID 2FA Enterprise Server adm_usrs.jsp Reflected cross site scripting
143874WiKID 2FA Enterprise Server Logs.jsp sql injection
143873WiKID 2FA Enterprise Server cross-site request forgery [CVE-2019-17118]
143872WiKID 2FA Enterprise Server processPref.jsp sql injection
143871WiKID 2FA Enterprise Server groups.jsp Reflected cross site scripting
143870WiKID 2FA Enterprise Server cross site scripting [CVE-2019-17115]
143869WiKID 2FA Enterprise Server userPreregistration.jsp Reflected cross site scripting
143868WiKID 2FA Enterprise Server searchDevices.jsp buildSearchWhereClause sql injection
143867NCH Express Accounts Accounting Persistent cross site scripting
143866eQ-3 Homematic CCU3 ReGa.runScript input validation
143865eQ-3 Homematic CCU3 session fixiation [CVE-2019-15849]
143864Trend Micro Deep Security Agent input validation [CVE-2019-15627]
143863Trend Micro Deep Security Manager application LDAP information disclosure
143862HiNet GPON Service Port 6998 input validation [CVE-2019-15066]
143861HiNet GPON Service Port 6998 information disclosure [CVE-2019-15065]
143860HiNet GPON improper authentication [CVE-2019-15064]
143859eQ-3 Homematic CCU2 CUx-Daemon information disclosure [CVE-2019-14424]
143858eQ-3 Homematic CCU2 CUx-Daemon code injection [CVE-2019-14423]
143857CA Performance Management hard-coded credentials [CVE-2019-13657]
143856HiNet GPON Service Port 3097 information disclosure [CVE-2019-13412]
143855HiNet GPON Service Port 3097 input validation [CVE-2019-13411]
143854TOPMeeting Front End Page information disclosure [CVE-2019-13410]
143853TOPMeeting Union sql injection [CVE-2019-13409]
143852BitDefender BOX miniupnpd allocation of resources [CVE-2019-12611]
143851Pivotal Reactor Netty Header Credentials insufficiently protected credentials
143850Kubernetes API Server input validation [CVE-2019-11253]
143849Sequelize JSON Query sequelize.json sql injection
143848Kea DHCP input validation [CVE-2019-6474]
143847Kea DHCPv4 assertion [CVE-2019-6473]
143846Kea DHCPv6 DUID assertion [CVE-2019-6472]
143845MetInfo index.class.php doSaveSetup cross-site request forgery
143844WordPress Admin Pages type confusion [CVE-2019-17675]
143843WordPress Customizer Stored cross site scripting
143842WordPress Cache input validation [CVE-2019-17673]
143841WordPress Style Element Stored cross site scripting
143840WordPress Static Query information disclosure [CVE-2019-17671]
143839WordPress URL server-side request forgery [CVE-2019-17670]
143838WordPress URL server-side request forgery [CVE-2019-17669]
143837Samsung Galaxy S10/Note 10 Fingerprint input validation [CVE-2019-17668]
143836Comtech H8 Heights Remote Gateway cross site scripting [CVE-2019-17667]
143835Linux Kernel ps.c rtl_p2p_noa_ie buffer overflow
143834NSA Ghidra jansi.dll untrusted search path [CVE-2019-17665]
143833NSA Ghidra Python Interpreter untrusted search path [CVE-2019-17664]
143832D-Link DIR-866L Common Gateway Interface HtmlResponseMessage cross site scripting
143831ThinVNC path traversal [CVE-2019-17662]
143830LimeSurvey translateheader_view.php cross site scripting
143829HongCMS index.php cross site scripting
143828HongCMS index.php cross site scripting
143827HongCMS index.php cross site scripting
143826HongCMS index.php cross site scripting
143825HongCMS index.php cross site scripting
143824Dolibarr Outgoing Email Setup cross site scripting [CVE-2019-17578]
143823Dolibarr Outgoing Email Setup cross site scripting [CVE-2019-17577]
143822Dolibarr Outgoing Email Setup cross site scripting [CVE-2019-17576]
143821D-Link DIR-412 log_clear.php improper authentication
143820Palo Alto GlobalProtect Agent privileges management [CVE-2019-17436]
143819Palo Alto GlobalProtect Agent MSI Installer privileges management
143818slub_events Extension Event Registration unrestricted upload
143817sr_freecap Extension input validation [CVE-2019-16699]
143816direct_mail Extension Access Check information disclosure [CVE-2019-16698]
143815url_redirect Extension sql injection [CVE-2019-16682]
143814Cisco TelePresence Collaboration Endpoint CLI root default permission
143813Cisco Identity Services Engine Web-based Management Interface missing authentication
143812Cisco Identity Services Engine Web-based Management Interface Stored cross site scripting
143811Cisco FirePOWER Management Center Web-based Management Interface Stored cross site scripting
143810Cisco TelePresence Collaboration Endpoint Privileges privileges management
143809Cisco TelePresence Collaboration Endpoint CLI privileges management
143808Cisco TelePresence Collaboration Endpoint CLI os command injection
143807Cisco TelePresence Collaboration Endpoint CLI privileges management
143806Cisco FirePOWER Management Center Web-based Management Interface cross site scripting
143805Cisco FirePOWER Management Center Web-based Management Interface cross site scripting
143804Cisco FirePOWER Management Center Web-based Management Interface cross site scripting
143803Cisco Wireless LAN Controller CLI path traversal [CVE-2019-15266]
143802Cisco Aironet Access Point BPDU Forwarding handler input validation
143801Cisco Aironet Access Point/Catalyst 9100 Access Point Control/Provisioning resource consumption
143800Cisco Wireless LAN Controller SSH Session Management input validation
143799Cisco Aironet Access Point PPTP VPN input validation [CVE-2019-15261]
143798Cisco Aironet Access Point URL privileges management [CVE-2019-15260]
143797Cisco SPA100 ATA Web-based Management Interface input validation
143796Cisco SPA100 ATA Web-based Management Interface information disclosure
143795Cisco SPA100 ATA Web-based Management Interface memory corruption
143794Cisco SPA100 ATA Web-based Management Interface memory corruption
143793Cisco SPA100 ATA Web-based Management Interface memory corruption
143792Cisco SPA100 ATA Web-based Management Interface memory corruption
143791Cisco SPA100 ATA Web-based Management Interface memory corruption
143790Cisco SPA100 ATA Web-based Management Interface memory corruption
143789Cisco SPA100 ATA Web-based Management Interface memory corruption
143788Cisco SPA100 ATA Web-based Management Interface memory corruption
143787Cisco SPA100 ATA Web-based Management Interface memory corruption
143786Cisco SPA100 ATA Web-based Management Interface memory corruption
143785Cisco SPA100 ATA Web-based Management Interface memory corruption
143784Cisco SPA100 ATA Web-based Management Interface memory corruption
143783Cisco SPA100 ATA Web-based Management Interface memory corruption
143782MuleSoft Mule Runtime Engine Apache Commons Collections deserialization
143781Cisco Small Business Switch/Managed Switch Web-based Interface cross site scripting
143780Cisco SPA100 ATA Web-based Management Interface information disclosure
143779Cisco TelePresence Video Communication Server Web-based Management Interface cross site scripting
143778Cisco SPA100 ATA Web-based Management Interface information disclosure
143777Cisco SPA122 ATA Web-based Management Interface cross site scripting
143776Cisco SPA100 ATA Web-based Management Interface cross site scripting
143775Cisco Identity Services Engine Web-based Management Interface cross site scripting
143774Cisco Identity Services Engine Web-based Management Interface Stored cross site scripting
143773Cisco Small Business Smart Switch/Managed Switch Web-based Management Interface cross-site request forgery
143772Pivotal RabbitMQ Host Limits Page/Federation Management UI cross site scripting
143771Oracle VM VirtualBox denial of service [CVE-2019-2926]
143770Oracle VM VirtualBox missing encryption [CVE-2019-1547]
143769Oracle VM VirtualBox information disclosure [CVE-2019-3031]
143768Oracle VM VirtualBox denial of service [CVE-2019-3005]
143767Oracle VM VirtualBox denial of service [CVE-2019-3002]
143766Oracle VM VirtualBox denial of service [CVE-2019-2984]
143765Oracle VM VirtualBox denial of service [CVE-2019-3021]
143764Oracle VM VirtualBox information disclosure [CVE-2019-3026]
143763Oracle VM VirtualBox denial of service [CVE-2019-2944]
143762Oracle VM VirtualBox Local Privilege Escalation [CVE-2019-3017]
143761Oracle VM VirtualBox Local Privilege Escalation [CVE-2019-3028]
143760Oracle Clusterware TFA Collectorjackson-databind information disclosure
143759Oracle Diagnostic Assistant jQuery cross site scripting [CVE-2019-11358]
143758Oracle Agile Product Lifecycle Management for Process jQuery cross site scripting
143757Oracle Agile PLM Apache Tomcat input validation [CVE-2019-0232]
143756Oracle Agile Recipe Management for Pharmaceuticals Apache Groovy deserialization
143755Oracle Solaris LDAP Library denial of service [CVE-2019-3008]
143754Oracle Solaris SMF services / legacy daemons denial of service
143753Oracle Solaris Filesystem denial of service [CVE-2019-2765]
143752Oracle Fujitsu M10-1 NSS cryptographic issues [CVE-2018-12404]
143751Oracle Fujitsu M10-1 USB Driver out-of-bounds write [CVE-2017-17558]
143750Oracle Fujitsu M10-1 OpenSSH access control [CVE-2019-6109]
143749Oracle Fujitsu M10-1 OpenSSL key management [CVE-2018-0732]
143748Oracle Fujitsu M10-1 Net SNMP null pointer dereference [CVE-2018-18066]
143747Oracle Fujitsu M10-1 NTP input validation [CVE-2018-7185]
143746Oracle Fujitsu M10-1 glibc null pointer dereference [CVE-2015-5180]
143745Oracle Solaris XScreenSaver Local Privilege Escalation [CVE-2019-3010]
143744Oracle Fujitsu M10-1 cURL information disclosure [CVE-2018-1000007]
143743Oracle Siebel UI Framework EAI information disclosure [CVE-2019-2935]
143742Oracle Siebel UI Framework Apache Tomcat race condition [CVE-2018-8037]
143741Oracle Siebel Mobile Applications jQuery cross site scripting
143740Oracle Siebel Core - DB Deployment/Configuration Install Configuration information disclosure
143739Oracle Retail Xstore Point of Service Point of Sale information disclosure
143738Oracle Retail Customer Management/Segmentation Foundation Segment authorization
143737Oracle Retail Xstore Point of Service jackson-databind information disclosure
143736Oracle Retail Xstore Office Internal Operations information disclosure
143735Oracle Retail Customer Management/Segmentation Foundation Segment information disclosure
143734Oracle MICROS Relate CRM Software Internal Operations information disclosure
143733Oracle Retail Customer Insights jQuery cross site scripting [CVE-2019-11358]
143732Oracle Retail Xstore Point of Service jackson-databind information disclosure
143731Oracle Retail Integration Bus Spring Framework denial of service
143730Oracle MICROS Relate CRM Software Apache Tomcat input validation
143729Oracle Retail Xstore Point of Service jackson-databind input validation
143728Oracle MICROS Retail XBRi Loss Prevention jackson-databind deserialization
143727Oracle Policy Automation for Mobile Devices jQuery cross site scripting
143726Oracle Policy Automation Connector for Siebel jQuery cross site scripting
143725Oracle Policy Automation jQuery cross site scripting [CVE-2019-11358]
143724Oracle Policy Automation Connector for Siebel Apache Axis server-side request forgery
143723Oracle PeopleSoft Enterprise PeopleTools Integration Broker information disclosure
143722Oracle PeopleSoft Enterprise HCM Human Resources US Federal Specific information disclosure
143721Oracle PeopleSoft Enterprise PeopleTools Stylesheet unknown vulnerability
143720Oracle PeopleSoft Enterprise SCM eProcurement information disclosure
143719Oracle PeopleSoft Enterprise PeopleTools jQuery cross site scripting
143718Oracle PeopleSoft Enterprise PeopleTools Portal information disclosure
143717Oracle PeopleSoft Enterprise PeopleTools Portal information disclosure
143716Oracle PeopleSoft Enterprise PeopleTools Performance Monitor information disclosure
143715Oracle PeopleSoft Enterprise PeopleTools Fluid Core information disclosure
143714Oracle PeopleSoft Enterprise PeopleTools Fluid Core information disclosure
143713Oracle PeopleSoft Enterprise PeopleTools Tree Manager information disclosure
143712Oracle PeopleSoft Enterprise PeopleTools libssh2 out-of-bounds read
143711Oracle PeopleSoft Enterprise PeopleTools Apache Xerces memory corruption
143710Oracle MySQL Server Information Schema information disclosure
143709Oracle MySQL Server Encryption information disclosure [CVE-2019-2910]
143708Oracle MySQL Server Connection denial of service [CVE-2019-3009]
143707Oracle MySQL Server InnoDB input validation [CVE-2019-3018]
143706Oracle MySQL Server InnoDB input validation [CVE-2019-2938]
143705Oracle MySQL Server Encryption denial of service [CVE-2019-2957]
143704Oracle MySQL Server Replication denial of service [CVE-2019-2960]
143703Oracle MySQL Server Optimizer denial of service [CVE-2019-2998]
143702Oracle MySQL Server Optimizer denial of service [CVE-2019-2982]
143701Oracle MySQL Server Optimizer denial of service [CVE-2019-2950]
143700Oracle MySQL Server Optimizer denial of service [CVE-2019-2948]
143699Oracle MySQL Server DDL denial of service [CVE-2019-2997]
143698Oracle MySQL Server InnoDB denial of service [CVE-2019-3003]
143697Oracle MySQL Server InnoDB denial of service [CVE-2019-2968]
143696Oracle MySQL Server InnoDB denial of service [CVE-2019-2963]
143695Oracle MySQL Workbench OpenSSL random values [CVE-2019-1549]
143694Oracle MySQL Server Encryption information disclosure [CVE-2019-2924]
143693Oracle MySQL Server Encryption information disclosure [CVE-2019-2923]
143692Oracle MySQL Server Encryption information disclosure [CVE-2019-2922]
143691Oracle MySQL Server C API denial of service [CVE-2019-2993]
143690Oracle MySQL Connectors Connector/ODBC authorization [CVE-2019-2920]
143689Oracle MySQL Server Optimizer denial of service [CVE-2019-2991]
143688Oracle MySQL Server Client programs information disclosure [CVE-2019-2969]
143687Oracle MySQL Server Encryption denial of service [CVE-2019-2914]
143686Oracle MySQL Server Parser denial of service [CVE-2019-3004]
143685Oracle MySQL Server PS denial of service [CVE-2019-2946]
143684Oracle MySQL Server Optimizer denial of service [CVE-2019-2974]
143683Oracle MySQL Server Optimizer denial of service [CVE-2019-2967]
143682Oracle MySQL Server Optimizer denial of service [CVE-2019-2966]
143681Oracle MySQL Server C API denial of service [CVE-2019-3011]
143680Oracle MySQL Connectors OpenSSL cryptographic issues [CVE-2019-1543]
143679Oracle MySQL Enterprise Monitor Apache Tomcat resource consumption
143678Oracle MySQL Server cURL code injection [CVE-2019-5443]
143677Oracle MySQL Workbench SQLite out-of-bounds read [CVE-2019-8457]
143676Oracle JD Edwards EnterpriseOne Tools Log4j deserialization [CVE-2017-5645]
143675Oracle Java SE Networking denial of service [CVE-2019-2945]
143674Oracle Java SE Libraries information disclosure [CVE-2019-2933]
143673Oracle Java SE Serialization denial of service [CVE-2019-2983]
143672Oracle Java SE Security information disclosure [CVE-2019-2894]
143671Oracle Java SE Networking denial of service [CVE-2019-2978]
143670Oracle Java SE JAXP denial of service [CVE-2019-2981]
143669Oracle Java SE JAXP denial of service [CVE-2019-2973]
143668Oracle Java SE Concurrency denial of service [CVE-2019-2964]
143667Oracle Java SE 2D denial of service [CVE-2019-2992]
143666Oracle Java SE Apache Xerces denial of service [CVE-2019-2988]
143665Oracle Java SE OpenSSL denial of service [CVE-2019-2962]
143664Oracle Java SE OpenSSL denial of service [CVE-2019-2987]
143663Oracle Java SE Apache Tomcat information disclosure [CVE-2019-2996]
143662Oracle Java SE Javadoc information disclosure [CVE-2019-2999]
143661Oracle Java SE SQLite denial of service [CVE-2019-2975]
143660Oracle Java SE Log4j denial of service [CVE-2019-2977]
143659Oracle Java SE libxslt access control [CVE-2019-11068]
143658Oracle Java SE Apache Xerces unknown vulnerability [CVE-2019-2958]
143657Oracle Java SE OpenSSL unknown vulnerability [CVE-2019-2989]
143656Oracle Java SE Kerberos information disclosure [CVE-2019-2949]
143655Oracle Hyperion Enterprise Performance Management Architect Apache Tomcat information disclosure
143654Oracle Hyperion Financial Reporting cURL unknown vulnerability
143653Oracle Hyperion Data Relationship Management SQLite Privilege Escalation
143652Oracle Hospitality Guest Access Eclipse Jetty information disclosure
143651Oracle Hospitality Cruise Dining Room Management libxslt information disclosure
143650Oracle Hospitality Guest Access Apache Axis server-side request forgery
143649Oracle Healthcare Translational Research jQuery cross site scripting
143648Oracle Healthcare Foundation jQuery cross site scripting [CVE-2019-11358]
143647Oracle GraalVM Enterprise Edition jQuery unknown vulnerability
143646Oracle GraalVM Enterprise Edition Node.js resource consumption
143645Oracle GraalVM Enterprise Edition LLVM Interpreter denial of service
143644Oracle JDeveloper/ADF OAM information disclosure [CVE-2019-2899]
143643Oracle WebLogic Server Web Services information disclosure [CVE-2019-2887]
143642Oracle BI Publisher BI Publisher Security information disclosure
143641Oracle WebLogic Server TFA Collectorjackson-databind information disclosure
143640Oracle Business Intelligence Enterprise Edition jQuery information disclosure
143639Oracle Business Intelligence Enterprise Edition OpenSSL information disclosure
143638Oracle API Gateway OpenSSL information disclosure [CVE-2019-1559]
143637Oracle WebLogic Server jQuery cross site scripting [CVE-2015-9251]
143636Oracle WebLogic Server JavaServer Faces cross site scripting
143635Oracle WebLogic Server jQuery cross site scripting [CVE-2019-11358]
143634Oracle WebLogic Server OpenSSH information disclosure [CVE-2019-2889]
143633Oracle WebLogic Server jQuery cross site scripting [CVE-2019-11358]
143632Oracle Service Bus jQuery cross site scripting [CVE-2019-11358]
143631Oracle JDeveloper/ADF jQuery cross site scripting [CVE-2019-11358]
143630Oracle Forms glibc information disclosure [CVE-2019-2886]
143629Oracle Business Intelligence Enterprise Edition JQuery cross site scripting
143628Oracle Business Intelligence Enterprise Edition Apache Tomcat information disclosure
143627Oracle Data Integrator jQuery information disclosure [CVE-2019-2943]
143626Oracle WebLogic Server jackson-databind Privilege Escalation
143625Oracle Web Services jQuery information disclosure [CVE-2019-2907]
143624Oracle SOA Suite Apache Commons FileUpload access control [CVE-2016-1000031]
143623Oracle Outside In Technology Spring Framework denial of service
143622Oracle Outside In Technology Apache Tomcat denial of service
143621Oracle Outside In Technology jackson-databind denial of service
143620Oracle Outside In Technology jackson-databind denial of service
143619Oracle Outside In Technology jQuery denial of service [CVE-2019-2901]
143618Oracle Outside In Technology jQuery denial of service [CVE-2019-2970]
143617Oracle WebCenter Portal jackson-databind information disclosure
143616Oracle GoldenGate Application Adapters Spring Framework denial of service
143615Oracle Enterprise Repository Apache POI infinite loop [CVE-2017-12626]
143614Oracle Enterprise Repository Apache Camel xml external entity reference
143613Oracle Business Intelligence Enterprise Edition Apache Xerces information disclosure
143612Oracle WebLogic Server OpenSSL Remote Code Execution [CVE-2019-2891]
143611Oracle BI Publisher OpenSSL information disclosure [CVE-2019-2906]
143610Oracle Business Intelligence Enterprise Edition Apache Tomcat information disclosure
143609Oracle Virtual Directory Apache Commons FileUpload access control
143608Oracle JDeveloper/ADF SQLite Remote Code Execution [CVE-2019-2904]
143607Oracle Hospitality Reporting/Analytics Log4j authorization [CVE-2019-2952]
143606Oracle Hospitality Materials Control jQuery cross site scripting
143605Oracle Hospitality Reporting/Analytics Eclipse Jetty information disclosure
143604Oracle Hospitality Reporting/Analytics Apache Axis information disclosure
143603Oracle Hospitality Reporting/Analytics jQuery information disclosure
143602Oracle Hospitality Reporting/Analytics jQuery information disclosure
143601Oracle Hospitality RES 3700 Interface Remote Code Execution [CVE-2019-3025]
143600Oracle Banking Digital Experience OpenSSL authorization [CVE-2019-3019]
143599Oracle FLEXCUBE Direct Banking OpenSSL unknown vulnerability
143598Oracle Financial Services Retail Performance Analytics jQuery cross site scripting
143597Oracle Financial Services Enterprise Financial Performance Analytics jQuery information disclosure
143596Oracle FLEXCUBE Direct Banking jQuery information disclosure
143595Oracle Financial Services Analytical Applications Infrastructure jackson-databind input validation
143594Oracle Banking Platform jackson-databind input validation [CVE-2019-14379]
143593Oracle Enterprise Manager Base Platform Eclipse Jetty information disclosure
143592Oracle Application Testing Suite jQuery cross site scripting
143591Oracle Enterprise Manager Ops Center jQuery cross site scripting
143590Oracle Enterprise Manager Ops Center Apache HTTP Server resource consumption
143589Oracle Enterprise Manager for Exadata Spring Framework Privilege Escalation
143588Oracle Enterprise Manager Ops Center cURL code injection [CVE-2019-5443]
143587Oracle Enterprise Manager Base Platform Jython Remote Code Execution
143586Oracle Workflow Apache Commons FileUpload unknown vulnerability
143585Oracle Installed Base jQuery unknown vulnerability [CVE-2019-3024]
143584Oracle Field Service jQuery improper authentication [CVE-2019-2930]
143583Oracle Application Object Library jQuery denial of service [CVE-2019-3027]
143582Oracle Content Manager jackson-databind unknown vulnerability
143581Oracle Marketing jackson-databind information disclosure [CVE-2019-3000]
143580Oracle Marketing Eclipse Jetty information disclosure [CVE-2019-2995]
143579Oracle Marketing jQuery information disclosure [CVE-2019-2994]
143578Oracle iStore Order Tracker information disclosure [CVE-2019-2990]
143577Oracle Advanced Outbound Telephony User Interface information disclosure
143576Oracle Primavera Unifier jQuery cross site scripting [CVE-2019-11358]
143575Oracle Primavera P6 Enterprise Project Portfolio Management Apache POI information disclosure
143574Oracle Primavera Unifier Apache POI infinite loop [CVE-2017-12626]
143573Oracle Primavera P6 Enterprise Project Portfolio Management Apache POI infinite loop
143572Oracle Primavera Gateway Apache POI infinite loop [CVE-2017-12626]
143571Oracle Instantis EnterpriseTrack Apache POI infinite loop [CVE-2017-12626]
143570Oracle Instantis EnterpriseTrack Apache Axis server-side request forgery
143569Oracle Instantis EnterpriseTrack Apache HTTP Server access control
143568Oracle Instantis EnterpriseTrack Apache Tomcat input validation
143567Oracle Primavera P6 Enterprise Project Portfolio Management Web Access information disclosure
143566Oracle Primavera Unifier jackson-databind input validation [CVE-2019-14379]
143565Oracle Primavera Gateway jackson-databind input validation [CVE-2019-14379]
143564Oracle Instantis EnterpriseTrack Apache Tomcat infinite loop
143563Oracle NoSQL Database server-side request forgery [CVE-2018-14721]
143562Oracle Database Server Core RDBMS input validation [CVE-2019-2940]
143561Oracle Database Server Core RDBMS unknown vulnerability [CVE-2019-2955]
143560Oracle Database Server Core RDBMS denial of service [CVE-2019-2954]
143559Oracle Database Server Apache Tomcat redirect [CVE-2018-11784]
143558Oracle Database Server Core RDBMS unknown vulnerability [CVE-2019-2734]
143557Oracle Database Server Core RDBMS information disclosure [CVE-2018-2875]
143556Oracle Database Server Core RDBMS information disclosure [CVE-2019-2939]
143555Oracle Database Server Core RDBMS information disclosure [CVE-2019-2913]
143554Oracle Database Server jackson-databind denial of service [CVE-2019-2956]
143553Oracle Database Server Java VM input validation [CVE-2019-2909]
143552HP LaserJet Application Signature input validation [CVE-2019-6334]
143551CMS Made Simple News Screen Stored cross site scripting
143550CMS Made Simple File Manager Stored cross site scripting
143549events-manager Plugin Stored cross site scripting [CVE-2019-16523]
143548eu-cookie-law Plugin Stored cross site scripting [CVE-2019-16522]
143547broken-link-checker Plugin Reflected cross site scripting [CVE-2019-16521]
143546all-in-one-seo-pack Plugin Stored cross site scripting [CVE-2019-16520]
143545Sonatype Nexus Repository Manager privileges management [CVE-2019-15893]
143544Puppet Enterprise Pipeline Custom Script Security Whitelist input validation
143543Oracle Cloud Infrastructure Compute Classic Plugin permission assignment
143542Oracle Cloud Infrastructure Compute Classic Plugin cross-site request forgery
143541Rundeck Plugin Permission Check permission assignment [CVE-2019-10455]
143540Rundeck Plugin cross-site request forgery [CVE-2019-10454]
143539Delphix Plugin Global Configuration Credentials cleartext storage
143538View26 Test-Reporting Plugin config.xml Credentials cleartext storage
143537SOASTA CloudTest Plugin Global Configuration Credentials cleartext storage
143536ElasticBox CI Plugin Configuration File config.xml Credentials cleartext storage
143535Fortify on Demand Plugin config.xml Credentials cleartext storage
143534Extensive Testing Plugin config.xml Credentials insufficiently protected credentials
143533Sofy.AI Plugin config.xml cleartext storage
143532Cadence vManager Plugin Hostname Verification certificate validation
143531Google Kubernetes Engine Plugin Permission Check permission assignment
143530Bumblebee HP ALM Plugin Hostname Verification certificate validation
143529iceScrum Plugin config.xml Credentials cleartext storage
143528iceScrum Plugin Permission Check permission assignment [CVE-2019-10442]
143527iceScrum Plugin cross-site request forgery [CVE-2019-10441]
143526NeoLoad Plugin Global Configuration config.xml Credentials cleartext storage
143525CRX Content Package Deployer Plugin Permission Check doFillCredentialsIdItems Credentials insufficiently protected credentials
143524CRX Content Package Deployer Plugin Permission Check permission assignment
143523CRX Content Package Deployer Plugin cross-site request forgery
143522Google OAuth Credentials Plugin information disclosure [CVE-2019-10436]
143521IBM Workload Scheduler Distributed privileges management [CVE-2019-4031]
143520Yale Bluetooth Key App Bluetooth Low Energy improper authentication
143519ReportLab toColor xml injection
143518Rambox Service Stored cross site scripting X Server ct.c_char XQueryKeymap out-of-bounds write
143516MindPalette NateMail Reflected cross site scripting [CVE-2019-13392]
143515Netgear JNR1010 webproc cross site scripting
143514Netgear JNR1010 webproc cross-site request forgery
143513Netgear JNR1010 Access Control session expiration [CVE-2016-11014]
143512Google Android Qualcomm Component null pointer dereference [CVE-2019-10513]
143511Google Android Qualcomm Component memory corruption [CVE-2019-2295]
143510Google Android Qualcomm Component use after free [CVE-2019-10490]
143509Google Android Qualcomm Component infinite loop [CVE-2019-2335]
143508Google Android Qualcomm Component out-of-bounds read [CVE-2019-2318]
143507Google Android Qualcomm Component out-of-bounds read [CVE-2019-2303]
143506Google Android Qualcomm Component memory corruption [CVE-2019-2339]
143505Google Android Qualcomm Component use after free [CVE-2019-2336]
143504Google Android Qualcomm Component use after free [CVE-2019-2329]
143503Google Android Qualcomm Component Local Privilege Escalation
143502Google Android Qualcomm Component improper authentication [CVE-2019-2289]
143501Google Android Qualcomm Component out-of-bounds read [CVE-2019-2271]
143500Google Android Qualcomm Component buffer overflow [CVE-2019-2251]
143499Google Android Qualcomm Component buffer overflow [CVE-2018-13916]
143498qibosoft jf.php eval code injection
14349774cms BackendController.class.php _list sql injection
143496Zoho ManageEngine OpManager OPMDeviceDetailsServlet Servlet sql injection
143495MiniShare HTTP CONNECT Request memory corruption [CVE-2019-17601]
143494Intelbras IWR 1000N user Credentials cross-site request forgery
143493Dark Horse Comics App Log log file [CVE-2019-17398]
143492DoorDash App Log Credentials log file
143491PowerSchool Mobile App Log Credentials log file
143490Rapid Gator App Log Credentials log file
143489Seesaw Parent/Family App Log Credentials log file
143488Infinite Design App Authentication inadequate encryption [CVE-2019-17356]
143487Orbitz App Log Credentials log file
143486Dolibarr ERP/CRM note.php injection
143485Connect2id Nimbus JOSE+JWT JWT Parser unusual condition [CVE-2019-17195]
143484KeyCloak REST API authorization [CVE-2019-14832]
143483Glue Smart Lock Guest Access privileges management [CVE-2019-12944]
143482safer-eval Sandbox code injection [CVE-2019-10760]
143481safer-eval Sandbox code injection [CVE-2019-10759]
143479haml cross site scripting [CVE-2017-1002201]
143478Dell ImageAssist Image information disclosure [CVE-2019-3767]
143477ncurses terminfo Library comp_hash.c fmt_entry out-of-bounds read
143476ncurses terminfo Library comp_hash.c _nc_find_entry out-of-bounds read
143475JIZHICMS adminadd.html cross-site request forgery
143474csv-parse Module Regular Expression __isInt input validation
143473NCH Express Invoice Quotes Persistent cross site scripting
143472JSS CryptoManager OCSP Policy certificate validation [CVE-2019-14823]
143471Ubisoft Uplay Permission permission assignment [CVE-2019-14737]
143470AutoPi Device insufficiently protected credentials [CVE-2019-12941]
143469D-Link DIR-880L/DIR-895 fileaccess.cgi buffer overflow
143468sudo Runas Restriction input validation [CVE-2019-14287]
143467CloudCTI HIP Integrator Recognition Configuration Tool EXQUISE privileges management
143466IBM FileNet Content Manager Log File Credentials log file
143465idreamsoft iCMS Comment resource consumption [CVE-2019-17583]
143464tonyy dormsystem admin.php sql injection
143463Sonarsource SonarQube Project Link cross site scripting [CVE-2019-17579]
143462WBCE CMS File Renaming Filter rename.php code injection
143461Popup Maker Plugin do_action authorization
143460MetInfo sql injection [CVE-2019-17553]
143459idreamsoft iCMS spider_project.admincp.php sql injection
143458D-Link DIR-412 Web Interface log_get.php improper authentication
143457ZZZCMS zzzphp zzz_template.php parserIfLabel input validation
143456BMC Patrol Agent default permission [CVE-2019-17044]
143455BMC Patrol Agent best1collect.exe default permission
143454ESET Cyber Security Scheduled Task input validation [CVE-2019-16519]
143453ScadaBR Login Form login.htm cross site scripting
143452Nostromo nhttpd SSL_accept path traversal
143451Nostromo nhttpd http_verify path traversal
143450Ansible Engine/Tower log file [CVE-2019-14858]
143449wildfly-core improper authentication [CVE-2019-14838]
143448OX App Suite cross site scripting [CVE-2019-14227]
143447OX App Suite Permission permissions [CVE-2019-14226]
143446OX App Suite server-side request forgery [CVE-2019-14225]
143445ImageMagick draw.c TraceBezier use after free
143444LibTIFF RGBA Image tif_getimage.c integer overflow
143443GDAL ogr_expat.cpp OGRExpatRealloc double free
143442GNU Aspell getdata.cpp unescape out-of-bounds read
143441LZ4 LZ4_write32 buffer overflow
143440FFmpeg vqavideo.c vqa_decode_init array index
143439ImageMagick string.c DestroyStringInfo use after free
143438ImageMagick ps.c ReadPSInfo buffer overflow
143437FFmpeg utils.c avcodec_open2 null pointer dereference
143436Centreon os command injection [CVE-2019-17501]
143435Jiangnan Online Judge path traversal [CVE-2019-17538]
143434Jiangnan Online Judge path traversal [CVE-2019-17537]
143433Gila CMS File Upload fm.php moveAction unrestricted upload
143432Gila CMS Blog Theme/Mag Theme blog-list.php cross site scripting
143431libvips gifload.c vips_foreign_load_gif_scan_image use after free
143430matio mat4.c Mat_VarReadNextInfo4 out-of-bounds read
143429Belkin Wemo Switch 28B Rule Processing rules1 input validation
143428FasterXML jackson-databind JSON Endpoint input validation [CVE-2019-17531]
143427Bento4 Encryption Ap4Atom.cpp AddField out-of-bounds read
143426Bento4 Encryption Ap4CommonEncryption.cpp DoInspectFields out-of-bounds read
143425Bento4 Ap4TfhdAtom.h SetDefaultSampleSize memory corruption
143424Hotaru CMS Stored cross site scripting [CVE-2019-17522]
143423Landing-CMS cross-site request forgery [CVE-2019-17521]
143422Hydra HTTP Header read.c process_header_end null pointer dereference
143421Samsung Laser Printers input validation [CVE-2019-6335]
143420HP Touchpoint Analytics System Service input validation [CVE-2019-6333]
143419Google Android nfc_ncif_decode_rf_params out-of-bounds read
143418Google Android combined_decode.cpp GetMBheader out-of-bounds write
143417Google Android vlc_dequant.cpp VlcDequantH263IntraBlock_SH out-of-bounds write
143416Google Android dec_pred_intra_dc.cpp PV_DecodePredictedIntraDC out-of-bounds write
143415Google Android Cache generateServicesMap information disclosure
143414Google Android Permission Check startActivityMayWait default permission
143413Google Android NFC default permission [CVE-2019-2114]
143412Google Android Permission Check ScreenRotationAnimation information disclosure
143411Python Documentation Sorting calculation [CVE-2019-17514]
143410D-Link DIR-846 SetWizardConfig.php SetWizardConfig os command injection
143409D-Link DIR-846 SetMasterWLanSettings.php SetMasterWLanSettings os command injection
143408D-Link DIR-850/DIR-859 DEVICE.TIME.php os command injection
143407D-Link DIR-816 A1 Management Page input validation [CVE-2019-17507]
143406D-Link DIR-868L/DIR-817LW Web Interface getcfg.php Credentials improper authentication
143405D-Link DAP-1320 Web Interface improper authentication [CVE-2019-17505]
143404Kirona Dynamic Resource Scheduling Reflected cross site scripting
143403Kirona Dynamic Resource Scheduling REGISTER.cmd information disclosure
143402Compal CH7465LG Common Gateway Interface setter.xml os command injection
143401Genesys PureEngage Digital HtmlChatPanel.jsp cross site scripting
143400Sophos Cyberoam Firewall SSL VPN Console injection [CVE-2019-17059]
143399Intel NUC System Firmware memory corruption [CVE-2019-14570]
143398Intel NUC System Firmware Pointer memory corruption
143397Kaseya VSA RMM LAN Cache default permission [CVE-2019-14510]
143396Intel Smart Connect Technology for Intel NUC File Permission privileges management
143395Intel Active System Console Installer privileges management [CVE-2019-11120]
143394Boa free release of resource
143393Boa memory corruption [CVE-2018-21027]
143392GREE+ cross-site request forgery [CVE-2018-20582]
143391Graphite send_email server-side request forgery
143390ThemeMakers SmartIT Premium Responsive Theme wp_users.dat information disclosure
143389ThemeMakers Blessing Premium Responsive Theme wp_users.dat information disclosure
143388ThemeMakers GamesTheme Premium Theme wp_users.dat information disclosure
143387ThemeMakers Goodnex Premium Responsive Theme wp_users.dat information disclosure
143386ThemeMakers Almera Responsive Portfolio Site Template wp_users.dat information disclosure
143385ThemeMakers Almera Responsive Portfolio Theme wp_users.dat information disclosure
143384ThemeMakers Axioma Premium Responsive Theme wp_users.dat information disclosure
143383ThemeMakers Accio Responsive Parallax One Page Site Template wp_users.dat information disclosure
143382ThemeMakers Accio One Page Parallax Responsive Theme wp_users.dat information disclosure
143381ThemeMakers Invento Responsive Gallery wp_users.dat information disclosure
143380ThemeMakers Car Dealer Theme wp_users.dat information disclosure
143379ThemeMakers Diplomat/Political Theme wp_users.dat information disclosure
143373XNU IPComp memory corruption [CVE-2019-8717]
143372Cobham Explorer 710 Firmware unrestricted upload [CVE-2019-9534]
143371Cobham Explorer 710 insufficiently protected credentials [CVE-2019-9533]
143370Cobham Explorer 710 Web Application Portal cleartext transmission
143369Cobham Explorer 710 Web Application Portal improper authentication
143368Cobham Explorer 710 Access Restriction information disclosure
143367Cobham Explorer 710 Web Application Portal missing authentication
143366Tracker PDF-XChange Editor NTLM SSO Hash insufficiently protected credentials
143365Craft CMS Stored cross site scripting [CVE-2019-17496]
143364Swagger UI CSS injection [CVE-2019-17495]
143363laravel-bjyblog URL cross site scripting [CVE-2019-17494]
143362Jiangnan Online Judge create cross site scripting
143361Jiangnan Online Judge create cross site scripting
143360Jiangnan Online Judge File Upload ProblemController unrestricted upload
143359Jiangnan Online Judge create cross site scripting
143358b3log Symphony HTTP Header cross site scripting [CVE-2019-17488]
143357Libntlm smbutil.c tSmbNtlmAuthResponse buffer overflow
143356animate-it Plugin edsanimate.php cross-site request forgery
143355Softing uaGate SI/uaGate MB/uaGate 840D CGI Script privileges management
143354EOS Label Distribution Protocol race condition [CVE-2019-14810]
143353Softing uaGate SI memory corruption [CVE-2019-11528]
143352Softing uaGate SI CGI Script os command injection [CVE-2019-11527]
143351Softing uaGate SI Maintenance Script code injection [CVE-2019-11526]
143350Adobe Acrobat Reader privileges management [CVE-2018-19725]
143349VMware Workstation/Fusion IPv6 input validation [CVE-2019-5535]
143348VMware ESXi/Workstation/Fusion/VMRC/Horizon Client Virtual Sound Device use after free
143347IBM Maximo Anywhere Root Detection insecure storage of sensitive information
143346Bento4 Ap4Descriptor.h GetTag null pointer dereference
143345Bento4 Ap4Descriptor.h Action null pointer dereference
143344Bento4 Ap4Descriptor.h Action null pointer dereference
143343GNU binutils libbfd dwarf2.c _bfd_dwarf2_find_nearest_line integer overflow
143342GNU binutils libbfd dwarf2.c find_abstract_instance recursion
143341Avira Software Updater DLL untrusted search path [CVE-2019-17449]
143340LavaLite Account Name cross site scripting [CVE-2019-17434]
143339z-song laravel-admin cross site scripting [CVE-2019-17433]
143338FastAdmin edit cross-site request forgery
143337FastAdmin add cross-site request forgery
143336EyouCms login.php cross site scripting
143335Adhouma CMS post.php sql injection
143334NetSarang XFTP Client File Copy buffer overflow [CVE-2019-17320]
143333new-contact-form-widget Plugin all-query-page.php sql injection
143332client-dash Plugin cross site scripting [CVE-2019-17071]
143331liquid-speech-balloon Plugin cross site scripting [CVE-2019-17070]
143330Siemens SIMATIC IT UADM Service Port 1434 Credentials insufficiently protected credentials
143329Siemens WinAC RTX improper authentication [CVE-2019-13921]
143328Siemens SIMATIC/SINAMICS resource consumption [CVE-2019-10936]
143327Siemens SIMATIC/SINAMICS IRT resource consumption [CVE-2019-10923]
143326RobotCPA Plugin f.php path traversal
143325ACF-Frontend-Display Plugin File Upload index.php unrestricted upload
143324prettyPhoto jquery.prettyPhoto.js cross site scripting
143323Vernissage Theme Option Update default permission [CVE-2015-9477]
143322Teardrop Theme Option Update default permission [CVE-2015-9476]
143321Pont Theme Option Update default permission [CVE-2015-9475]
143320Simpolio Theme Option Update default permission [CVE-2015-9474]
143319estrutura-basica Theme download.php path traversal
143318incoming-links Plugin HTTP Header referrers.php cross site scripting
143317dzs-zoomsounds Plugin File Upload upload.php unrestricted upload
143316history-collection Plugin download.php path traversal
143315content-grabber Plugin cross site scripting [CVE-2015-9469]
143314broken-link-manager Plugin delURL cross site scripting
143313broken-link-manager Plugin wpslEditURL sql injection
143312wti-like-post Plugin WtiLikePostProcessVote sql injection
143311yet-another-stars-rating Plugin yasr_get_multi_set_values_and_field sql injection
143310s3bubble-amazon-s3-html-5-video-with-adverts Plugin downloader.php path traversal
143309s3bubble-amazon-s3-audio-streaming Plugin downloader.php path traversal
143308Portfolio Plugin afp_get_new_category_page sql injection
143307Portfolio Plugin afp_get_new_portfolio_item_page sql injection
143306booking-system Plugin display sql injection
143305searchterms-tagging-2 Plugin options-general.php cross site scripting
143304searchterms-tagging-2 Plugin pk_stt2_db_get_popular_terms sql injection
143303pretty-link Plugin list_links sql injection
143302Redmine Textile Persistent cross site scripting
143301Automattic Mongoose Access Control input validation [CVE-2019-17426]
143300OISF libhtp HTTP Protocol Parser input validation [CVE-2019-17420]
143299MetInfo sql injection [CVE-2019-17419]
143298MetInfo sql injection [CVE-2019-17418]
143297PbootCMS cross site scripting [CVE-2019-17417]
143296iTerm2 tmux Control Mode input validation [CVE-2019-9535]
143295ISC BIND dispatch.c race condition
143294ISC BIND EDNS Client Subnet input validation [CVE-2019-6469]
143293ISC BIND nxdomain Redirect assertion [CVE-2019-6468]
143292ISC BIND nxdomain Redirect query.c assertion
143291ISC BIND Zone Transfer permission assignment [CVE-2019-6465]
143290NVIDIA Shield TV Experience Boot Image input validation [CVE-2019-5700]
143289NVIDIA Shield TV Experience Tegra Bootloader memory corruption
143288SnapManager for Oracle information disclosure [CVE-2019-5507]
143287Clustered Data ONTAP Hostname Verification certificate validation
143286NitroPDF type conversion [CVE-2019-5053]
143285NitroPDF memory corruption [CVE-2019-5050]
143284NitroPDF out-of-bounds write [CVE-2019-5048]
143283NitroPDF CharProcs Parser use after free [CVE-2019-5047]
143282NitroPDF JPEG2000 File out-of-bounds write [CVE-2019-5046]
143281NitroPDF JPEG2000 File out-of-bounds write [CVE-2019-5045]
143280IBM Spectrum Scale injection [CVE-2019-4558]
143279IBM Maximo Asset Management Error Message information exposure
143278Dell EMC Avamar Server/Integrated Data Protection Appliance permission assignment
143277McAfee Endpoint Security Configuration Tool missing authentication
143276McAfee Endpoint Security Installer EPSetup.exe code injection
143275File Sharing Wizard Structured Exception buffer overflow [CVE-2019-17415]
143274tinylcy Vino vn_get_string input validation
143273Exiv2 types.cpp getULong buffer overflow
143272libyal liblnk liblnk_location_information.c network_share_name_offset out-of-bounds read
143271Shack Forms Pro Extension File Attachment path traversal [CVE-2019-17399]
143270RIOT MQTT-SN resource consumption [CVE-2019-17389]
143269animate-it Plugin cross site scripting [CVE-2019-17385]
143268animate-it Plugin cross site scripting [CVE-2019-17384]
143267netaddr Gem File Permission default permission [CVE-2019-17383]
143266Zabbix Dashboard Page improper authentication [CVE-2019-17382]
143265cPanel WHM Update Preferences Interface cross site scripting
143264cPanel WHM SSL Storage Manager Interface Stored cross site scripting
143263cPanel SSL Key Delete Interface cross site scripting [CVE-2019-17378]
143262cPanel LiveAPI Example Scripts cross site scripting [CVE-2019-17377]
143261cPanel SSL Certificate Upload cross site scripting [CVE-2019-17376]
143260cPanel API Token session expiration [CVE-2019-17375]
143259Netgear WNR834Bv2 improper authentication [CVE-2019-17373]
143258Netgear DC112A genieDisableLanChanged.cgi improper authentication
143257libpng png_create_info_struct release of resource
143256OTCMS sysCheckFile_deal.php input validation
143255Citrix Application Delivery Management Access Control authorization
143254Nix default permission [CVE-2019-17365]
143253ZyXEL NBG-418N v2 Authentication wan.htm improper authentication
143252D-Link DIR-615 wan.htm improper authentication
143251Netreo OmniCenter Blind sql injection [CVE-2019-17128]
143250Kramer VIAware Access Control default permission [CVE-2019-17124]
143249Zoho ManageEngine DataSecurity Plus Configuration File file access
143248Koji path traversal [CVE-2019-17109]
143247OpenProject Project List cross site scripting [CVE-2019-17092]
143246OpenSSH XMSS Key integer overflow [CVE-2019-16905]
143245Socomec DIRIS A-40 Web Interface password.jsn Password insufficiently protected credentials
143244Zingbox Inspector input validation [CVE-2019-1584]
143243Altair PBS Professional privileges management [CVE-2019-15719]
143242MantisBT os command injection [CVE-2019-15715]
143241Envoy HTTP Header resource consumption [CVE-2019-15226]
143240Zingbox Inspector 3rd Party Integration cleartext storage [CVE-2019-15023]
143239Zingbox Inspector ARP authentication spoofing [CVE-2019-15022]
143238Zingbox Inspector information disclosure [CVE-2019-15021]
143237Zingbox Inspector Update Image injection [CVE-2019-15020]
143236Zingbox Inspector Update Image input validation [CVE-2019-15019]
143235Zingbox Inspector improper authentication [CVE-2019-15018]
143234Zingbox Inspector SSH Service hard-coded credentials [CVE-2019-15017]
143233Zingbox Inspector Management Interface sql injection [CVE-2019-15016]
143232Zingbox Inspector hard-coded credentials [CVE-2019-15015]
143231Zingbox Inspector CLI injection [CVE-2019-15014]
143230RENPHO App JSON improper enforcement of message integrity [CVE-2019-14808]
143229Sunny WebBox cross-site request forgery [CVE-2019-13529]
143228Pi-Hole os command injection [CVE-2019-13051]
143227Samsung Smart Phone Service Mode risky encryption [CVE-2019-11341]
143226TIBCO MDM MDM Server cross site scripting [CVE-2019-11212]
143225Juniper Junos Protocol Independent Multicast resource consumption
143224Juniper Junos path traversal [CVE-2019-0074]
143223Juniper Junos PKI Key permission assignment [CVE-2019-0073]
143222Juniper SBR Carrier Access Management Credentials insufficiently protected credentials
143221Juniper Junos Veriexec privileges management [CVE-2019-0071]
143220Juniper Junos input validation [CVE-2019-0070]
143219Juniper Junos Log Credentials cleartext transmission
143218Juniper Junos flowd unusual condition [CVE-2019-0068]
143217Juniper Junos vmcore input validation [CVE-2019-0067]
143216Juniper Junos NG-mVPN input validation [CVE-2019-0066]
143215Juniper Junos SIP ALG input validation [CVE-2019-0065]
143214Juniper Junos flowd input validation [CVE-2019-0064]
143213Juniper Junos BNG input validation [CVE-2019-0063]
143212Juniper Junos J-Web session fixiation [CVE-2019-0062]
143211Juniper Junos MGD privileges management [CVE-2019-0061]
143210Juniper Junos flowd exceptional condition [CVE-2019-0060]
143209Juniper Junos BGP release of resource [CVE-2019-0059]
143208Juniper Junos Veriexec Subsystem privileges management [CVE-2019-0058]
143207Juniper Junos JDM improper authentication [CVE-2019-0057]
143206Juniper Junos OSPF input validation [CVE-2019-0056]
143205Juniper Junos SIP ALG input validation [CVE-2019-0055]
143204Juniper Junos Certificate Validation certificate validation [CVE-2019-0054]
143203Juniper Junos flowd exceptional condition [CVE-2019-0051]
143202Juniper Junos srxpfe input validation [CVE-2019-0050]
143201Juniper Junos J-Web Persistent cross site scripting
143200ISC BIND Managed Key risky encryption [CVE-2018-5745]
143199ISC BIND EDNS Option release of resource [CVE-2018-5744]
143198ISC BIND Connection allocation of resources [CVE-2018-5743]
143197ISC DHCP Options memory corruption [CVE-2018-5732]🔒🔒
143192SolarWinds Dameware Mini Remote Client Agent SmartCard Authentication DWRCS.exe input validation
143191OTCMS Admin Panel member_deal.php cross-site request forgery
143190S-Cms tpl.php cross site scripting
143189Bouncy Castle Crypto ASN.1 Parser allocation of resources [CVE-2019-17359]
143188Jfinal cos isSafeFile unrestricted upload
143187vBulletin getHookList sql injection
143186XnView Classic User Mode out-of-bounds write [CVE-2019-17262]
143185XnView Classic User Mode out-of-bounds write [CVE-2019-17261]
143184MPC-HC memory corruption [CVE-2019-17260]
143183KMPlayer User Mode out-of-bounds write [CVE-2019-17259]
143182IrfanView out-of-bounds write [CVE-2019-17258]
143181IrfanView Exception unusual condition [CVE-2019-17257]
143180IrfanView User Mode out-of-bounds write [CVE-2019-17256]
143179IrfanView User Mode out-of-bounds write [CVE-2019-17255]
143178IrfanView out-of-bounds write [CVE-2019-17254]
143177IrfanView User Mode out-of-bounds write [CVE-2019-17253]
143176IrfanView User Mode out-of-bounds write [CVE-2019-17252]
143175IrfanView User Mode out-of-bounds write [CVE-2019-17251]
143174IrfanView User Mode out-of-bounds write [CVE-2019-17250]
143173IrfanView User Mode out-of-bounds write [CVE-2019-17249]
143172IrfanView User Mode out-of-bounds write [CVE-2019-17248]
143171IrfanView buffer overflow [CVE-2019-17247]
143170IrfanView User Mode out-of-bounds write [CVE-2019-17246]
143169IrfanView User Mode out-of-bounds write [CVE-2019-17245]
143168IrfanView buffer overflow [CVE-2019-17244]
143167IrfanView buffer overflow [CVE-2019-17243]
143166IrfanView User Mode out-of-bounds write [CVE-2019-17242]
143165IrfanView User Mode out-of-bounds write [CVE-2019-17241]
143164FiberHome HG2201T downloadfile.cgi path traversal
143163FiberHome HG2201T telnet.cgi input validation
143162OpenStack Octavia Amphora Image improper authentication [CVE-2019-17134]
143161Centreon Web brokerPerformance.php Stored cross site scripting
143160Centreon Web minPlayCommand.php code injection
143159Centreon Web cleartext storage [CVE-2019-17106]
143158Centreon Web Token Generator index.php random values
143157Centreon VM Apache HTTP Server httponly cookie validation
143156Auth0 Access Control IdentityTokenValidator improper authentication
143155Hrworks Flow Report cross site scripting [CVE-2019-16417]
143154HRworks Report cross site scripting [CVE-2019-16416]
143153Ansible Log Credentials log file
143152openshift TLS Hostname Verification code download [CVE-2019-14845]
143151Yealink Phone OpenVPN File Upload path traversal [CVE-2019-14657]
143150Yealink Phone HTTP Service unrestricted upload [CVE-2019-14656]
143149Dbell Wi-Fi Smart Video Doorbell DB01-S Gen 1 Service Port 81 openlock.cgi input validation
143148Moxa EDR 810 Ping input validation [CVE-2019-10969]
143147Moxa EDR 810 Log File log file [CVE-2019-10963]
143146knex.js MSSQL sql injection [CVE-2019-10757]
143145node-red-dashboard cross site scripting [CVE-2019-10756]
143144Bootstrap-3-Typeahead highlighter cross site scripting
143143SAP SQL Anywhere/IQ/Dynamic Tier file access [CVE-2019-0381]
143142SAP Landscape Management Log log file [CVE-2019-0380]
143141SAP NetWeaver Process Integration insufficient verification of data authenticity
143140SAP Business Intelligence Platform Background Image Stored cross site scripting
143139SAP Business Intelligence Platform Input Control Stored cross site scripting
143138SAP Business Intelligence Platform Publication Name Stored cross site scripting
143137SAP Business Intelligence Platform Export Dialog Box Reflected cross site scripting
143136SAP Business Intelligence Platform Chart Title Reflected cross site scripting
143135SAP Financial Consolidation Xpath xml injection [CVE-2019-0370]
143134SAP Financial Consolidation Reflected cross site scripting [CVE-2019-0369]
143133SAP Customer Relationship Management cross site scripting [CVE-2019-0368]
143132SAP NetWeaver Process Integration Authorization authorization
143131Centreon VM Configuration File privileges management
143130Centreon Web licenseUpload.php unrestricted upload
143129Centreon Web getStats.php code injection
143128Centreon Web makeXML_ListServices.php sql injection
143127Centreon Web img_gantt.php sql injection
143126Centreon Web input validation [CVE-2018-21020]
143125Apple iPhone Siri Self privileges management [Disputed]
143124Microsoft Windows Update Assistant privileges management [CVE-2019-1378]
143123Microsoft SQL Server Management Studio Permission permission assignment
143122Microsoft Dynamics 365 cross site scripting [CVE-2019-1375]
143121Microsoft Internet Explorer memory corruption [CVE-2019-1371]
143120Open Enclave SDK information disclosure [CVE-2019-1369]
143119Microsoft Windows Secure Boot input validation [CVE-2019-1368]
143118Microsoft Windows IIS memory corruption [CVE-2019-1365]
143117Microsoft Windows Win32k memory corruption [CVE-2019-1364]
143116Microsoft Windows GDI information disclosure [CVE-2019-1363]
143115Microsoft Windows Win32k memory corruption [CVE-2019-1362]
143114Microsoft Windows Graphics Component information disclosure [CVE-2019-1361]
143113Microsoft Windows JET Database Engine memory corruption [CVE-2019-1359]
143112Microsoft Windows JET Database Engine memory corruption [CVE-2019-1358]
143111Microsoft Edge Cookie authentication spoofing [CVE-2019-1357]
143110Microsoft Internet Explorer Cookie authentication spoofing [CVE-2019-1357]
143109Microsoft Edge information disclosure [CVE-2019-1356]
143108Microsoft Windows memory corruption [CVE-2019-1347]
143107Microsoft Windows memory corruption [CVE-2019-1346]
143106Microsoft Windows Kernel information disclosure [CVE-2019-1345]
143105Microsoft Windows Code Integrity Module information disclosure
143104Microsoft Windows memory corruption [CVE-2019-1343]
143103Microsoft Windows Error Reporting Manager input validation [CVE-2019-1342]
143102Microsoft Windows Power Service umpo.dll privileges management
143101Microsoft Windows AppX Deployment Server privileges management
143100Microsoft Windows Error Reporting privileges management [CVE-2019-1339]
143099Microsoft Windows NTLMv2 inadequate encryption [CVE-2019-1338]
143098Microsoft Windows Update Client information disclosure [CVE-2019-1337]
143097Microsoft Windows Update Client privileges management [CVE-2019-1336]
143096Microsoft Windows Kernel information disclosure [CVE-2019-1334]
143095Microsoft Excel memory corruption [CVE-2019-1331]
143094Microsoft SharePoint Foundation Impersonation privileges management
143093Microsoft SharePoint Foundation/SharePoint Enterprise Server cross site scripting
143092Microsoft SharePoint Foundation/SharePoint Enterprise Server cross site scripting
143091Microsoft Excel memory corruption [CVE-2019-1327]
143090Microsoft Windows Remote Desktop Protocol input validation [CVE-2019-1326]
143089Microsoft Windows rdbss.sys memory corruption [CVE-2019-1325]
143088Microsoft Windows Update Client privileges management [CVE-2019-1323]
143087Microsoft Windows Authentication Request improper authentication
143086Microsoft Windows CloudStore privileges management [CVE-2019-1321]
143085Microsoft Windows Authentication Request improper authentication
143084Microsoft Windows Error Reporting privileges management [CVE-2019-1319]
143083Microsoft Windows TLS information disclosure [CVE-2019-1318]
143082Microsoft Windows Hardlink link following [CVE-2019-1317]
143081Microsoft Windows Setup privileges management [CVE-2019-1316]
143080Microsoft Windows Error Reporting privileges management [CVE-2019-1315]
143079Microsoft Windows Security Feature improper authentication [CVE-2019-1314]
143078Microsoft SQL Server Management Studio Permission permission assignment
143077Microsoft Windows Imaging API memory corruption [CVE-2019-1311]
143076Microsoft Windows Hyper-V input validation [CVE-2019-1230]
143075Microsoft Windows NTLM MIC improper authentication [CVE-2019-1166]
143074Microsoft SharePoint Foundation/SharePoint Enterprise Server cross site scripting
143073Microsoft Edge HTTP Content authentication spoofing [CVE-2019-0608]
143072Microsoft Internet Explorer HTTP Content authentication spoofing
143071Microsoft Windows MS XML xml external entity reference [CVE-2019-1060]
143070Microsoft Azure App Service Sandbox memory corruption [CVE-2019-1372]
143069Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption
143068Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption
143067Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption
143066Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption
143065Microsoft Internet Explorer VBScript memory corruption [CVE-2019-1239]
143064Microsoft Internet Explorer VBScript memory corruption [CVE-2019-1238]
143063Microsoft Windows Remote Desktop input validation [CVE-2019-1333]
143062Dell Encryption Enterprise Installer untrusted search path [CVE-2019-3745]
143061SuSE Linux Enterprise Server 15 Squid Binary pinger default permission
143060Xen Linux Kernel balloon.c resource consumption
143059Xen infinite loop [CVE-2019-17350]
143058Xen infinite loop [CVE-2019-17349]
143057Xen PCID input validation [CVE-2019-17348]
143056Xen input validation [CVE-2019-17347]
143055Xen PCID input validation [CVE-2019-17346]
143054Xen IOMMU Operation input validation [CVE-2019-17345]
143053Xen PTE Update input validation [CVE-2019-17344]
143052Xen HVM input validation [CVE-2019-17343]
143051Xen race condition [CVE-2019-17342]
143050Xen PCI race condition [CVE-2019-17341]
143049Xen grant-table Transfer input validation [CVE-2019-17340]
143048SugarCRM Emails sql injection [CVE-2019-17319]
143047SugarCRM pmse_Inbox sql injection [CVE-2019-17318]
143046SugarCRM UpgradeWizard input validation [CVE-2019-17317]
143045SugarCRM Import input validation [CVE-2019-17316]
143044SugarCRM Administration input validation [CVE-2019-17315]
143043SugarCRM Configurator path traversal [CVE-2019-17314]
143042SugarCRM Studio path traversal [CVE-2019-17313]
143041SugarCRM File path traversal [CVE-2019-17312]
143040SugarCRM Attachment path traversal [CVE-2019-17311]
143039SugarCRM Campaigns input validation [CVE-2019-17310]
143038SugarCRM EmailMan input validation [CVE-2019-17309]
143037SugarCRM Emails input validation [CVE-2019-17308]
143036SugarCRM Tracker input validation [CVE-2019-17307]
143035SugarCRM Configurator input validation [CVE-2019-17306]
143034SugarCRM MergeRecords input validation [CVE-2019-17305]
143033SugarCRM MergeRecords input validation [CVE-2019-17304]
143032SugarCRM MergeRecords input validation [CVE-2019-17303]
143031SugarCRM ModuleBuilder input validation [CVE-2019-17302]
143030SugarCRM ModuleBuilder input validation [CVE-2019-17301]
143029SugarCRM Administration input validation [CVE-2019-17300]
143028SugarCRM Administration input validation [CVE-2019-17299]
143027SugarCRM Administration sql injection [CVE-2019-17298]
143026SugarCRM Quotes sql injection [CVE-2019-17297]
143025SugarCRM Contacts sql injection [CVE-2019-17296]
143024SugarCRM History sql injection [CVE-2019-17295]
143023SugarCRM Export sql injection [CVE-2019-17294]
143022SugarCRM pmse_Project sql injection [CVE-2019-17293]
143021SugarCRM pmse_Inbox sql injection [CVE-2019-17292]
143020download-plugins-dashboard plugin class-alg-download-plugins-settings.php Stored cross site scripting
143019ultimate-faqs Plugin EWD_UFAQ_Import.php injection
143018ultimate-faqs Plugin Option Import EWD_UFAQ_Import.php input validation
143017rsyslog Cisco Log Message pmcisconames.c buffer overflow
143016rsyslog AIX Log Message pmaixforwardedfrom.c buffer overflow
143015PCProtect Antivirus Folder Permission privileges management
143014Twitter Kit Framework Hostname Verification certificate validation
143013Espressif ESP-IDF Secure Boot injection [CVE-2019-15894]
143012Sitos Six SCORM File unrestricted upload [CVE-2019-15751]
143011Sitos Six Blog cross site scripting [CVE-2019-15750]
143010Sitos Six Password Reset password recovery [CVE-2019-15749]
143009Sitos Six Import unrestricted upload [CVE-2019-15748]
143008Sitos Six privileges management [CVE-2019-15747]
143007Sitos Six injection [CVE-2019-15746]
143006Amazon FreeRTOS MQTT Packet prvProcessReceivedPublish input validation
143005MyBuilder Viewer Configuration File input validation [CVE-2019-12812]
143004MyBuilder ActiveX Control ShellOpen os command injection
143003Elementor Pro Plugin customize.php elementor-edit-template cross site scripting
143002orbisius-child-theme-creator Plugin Access Control permission assignment
143001buddypress-activity-plus Plugin admin-ajax.php cross-site request forgery
143000smooth-slider Plugin sql injection [CVE-2015-9454]
142999broken-link-manager Plugin HTTP Header cross site scripting [CVE-2015-9453]
142998nex-forms-express-wp-form-builder Plugin sql injection [CVE-2015-9452]
142997plugmatter-optin-feature-box-lite Plugin sql injection [CVE-2015-9451]
142996plugmatter-optin-feature-box-lite Plugin sql injection [CVE-2015-9450]
142995LibTomCrypt UTF-8 der_decode_utf8_string.c der_decode_utf8_string out-of-bounds read
142992DameWare Remote Support memory corruption
142991Google Android Binder Driver binder_poll use after free
142990Intellian Remote Access Ping Test os command injection [CVE-2019-17269]
142989FasterXML jackson-databind input validation [CVE-2019-17267]
142988libsoup NTLM Message soup-auth-ntlm.c soup_ntlm_parse_challenge out-of-bounds read
142987libyal liblnk liblnk_location_information.c liblnk_location_information_read_data out-of-bounds read
142986libyal libfwsi libfwsi_extension_block.c libfwsi_extension_block_copy_from_byte_stream out-of-bounds read
142985Bludit Brute-Force Protection security.class.php excessive authentication
142984CMS Made Simple Module Manager cross site scripting [CVE-2019-17226]
142983Subrion CMS cross site scripting [CVE-2019-17225]
142982WebARX Plugin URI authorization [CVE-2019-17214]
142981WebARX Plugin Stored cross site scripting [CVE-2019-17213]
142980Frost Ming rediswrapper Pickled Object deserialization
142979TeamPass Login Stored cross site scripting
142978TeamPass Knowledge Base Label Stored cross site scripting
142977TeamPass Search Page Stored cross site scripting
142976WPO webpagetest getfile.php path traversal
142975OpenEMR Lifestyle Demographic Filter clinical_rules.php sql injection
142973Foxit PhantomPDF AcroForm removeField use after free
142972Foxit Reader AcroForm exportValues use after free
142971Foxit Reader AcroForm deleteItemAt use after free
142970Zendesk FON2601E-SE DNS Amplification input validation
142969IBM Security Key Lifecycle Manager Web UI cross site scripting
142968IBM Security Key Lifecycle Manager authorization [CVE-2019-4514]
142967IBM MQ AMQP Listener session fixiation [CVE-2019-4227]
142966Signal Messenger WebRTC input validation [CVE-2019-17192] [Disputed]
142965Signal Messenger Call input validation [CVE-2019-17191]
142964Fecshop FecMall File Upload imageupload getimagesize unrestricted upload
142963Xerox AtlaLink C8070 privileges management [CVE-2019-17184]
142962Foxit Reader release of resource [CVE-2019-17183]
142961Valve Steam Client Filesystem path traversal [CVE-2019-17180]
142960OpenEMR add_template.php cross site scripting
142959LodePNG WinPR lodepng.c HuffmanTree_makeFromFrequencies release of resource
142958FreeRDP region.c release of resource
142957joyplus-cms admin_pic.php path traversal
142956Linux Kernel SSID wext-sme.c cfg80211_mgd_wext_giwessid buffer overflow
142955vBulletin Avatar input validation [CVE-2019-17132]
142954vBulletin improper restriction of rendered ui layers [CVE-2019-17131]
142953vBulletin URL vurl.php file access
142952Liferay Portal CE JSON Payload deserialization [CVE-2019-16891]
142951Pillow Image File allocation of resources [CVE-2019-16865]
142950Foxit Reader AcroForm use after free [CVE-2019-13320]
142949Foxit Reader XFA Form use after free [CVE-2019-13319]
142948Foxit Reader format string [CVE-2019-13318]
142947Foxit PhantomPDF Calculate Action use after free [CVE-2019-13317]
142946Foxit PhantomPDF Calculate Action use after free [CVE-2019-13316]
142945Foxit Reader removeField use after free
142944Micro Focus Arcsight Logger Stored cross site scripting [CVE-2019-11656]
142943Micro Focus Arcsight Logger File Upload unrestricted upload [CVE-2019-11655]
142942Apache Hadoop fsimage memory corruption [CVE-2018-11768]
142941REDCap cross site scripting [CVE-2019-17121]
142940libopenmpt libopenmpt_modplug.c ModPlug_SampleName buffer overflow
142939kube-state-metrics Metric information disclosure [CVE-2019-17110]
142938Visualizer Plugin Admin Dashboard Block.php Stored cross site scripting
142937Unbound NOTIFY Query memory corruption [CVE-2019-16866]
142936RPyC Remote Procedure Call authorization [CVE-2019-16328]
142935KSLabs KSWEB path traversal [CVE-2019-16198]
142934KSLabs KSWEB Ajax code injection [CVE-2019-15766]
142933tcpdump print-lmp.c lmp_print_data_link_subobjs input validation
142932libpcap PHB Header sf-pcapng.c input validation
142931libpcap URL daemon.c server-side request forgery
142930libpcap daemon.c crypt null pointer dereference
142929libpcap daemon.c Username insufficient verification of data authenticity
142928libpcap daemon.c input validation
142927Foxit Reader XFA Form use after free [CVE-2019-13332]
142926Foxit Reader JPG File out-of-bounds read [CVE-2019-13331]
142925Foxit Reader JPG File type confusion [CVE-2019-13330]
142924Foxit Reader tif File type confusion [CVE-2019-13329]
142923Foxit Reader Acroform Object use after free [CVE-2019-13328]
142922Foxit Reader Acroform Object use after free [CVE-2019-13327]
142921Foxit Reader Acroform Object out-of-bounds read [CVE-2019-13326]
142920Foxit Studio Photo EPS File out-of-bounds read [CVE-2019-13325]
142919Foxit Studio Photo TIFF File out-of-bounds read [CVE-2019-13324]
142918Foxit Studio Photo tif File out-of-bounds write [CVE-2019-13323]
142917libpl_droidsonroids_gif decoding.c DDGifSlurp double free
142916tcpdump SMB Parser smbutil.c smb_fdata recursion
142915tcpdump SMB Parser print-smb.c print_trans out-of-bounds read
142914libpcap pcapng buffer overflow [CVE-2018-16301]
142913tcpdump BGP Parser print-bgp.c bgp_attr_print recursion
142912tcpdump BGP Parser print-bgp.c bgp_attr_print out-of-bounds read
142911tcpdump DCCP Parser print-dccp.c dccp_print_option out-of-bounds read
142910tcpdump HNCP Parser print-hncp.c print_prefix out-of-bounds read
142909tcpdump IEEE 802.11 Parser print-802_11.c out-of-bounds read
142908tcpdump ICMPv6 Parser print-icmp6.c out-of-bounds read
142907tcpdump BGP Parser print-bgp.c bgp_capabilities_print out-of-bounds read
142906tcpdump OSPFv3 Parser print-ospf6.c ospf6_print_lshdr out-of-bounds read
142905LINE tcpdump CLI Parser tcpdump.c get_next_file buffer overflow
142904tcpdump print-babel.c babel_print_v2 out-of-bounds read
142903tcpdump IKEv1 Parser print-isakmp.c ikev1_n_print out-of-bounds read
142902tcpdump FRF.16 Parser print-fr.c mfr_print out-of-bounds read
142901tcpdump BGP Parser print-bgp.c bgp_capabilities_print out-of-bounds read
142900tcpdump Rx Parser print-rx.c rx_cache_find out-of-bounds read
142899tcpdump RSVP Parser print-rsvp.c rsvp_obj_print out-of-bounds read
142898tcpdump LMP Parser print-lmp.c lmp_print_data_link_subobjs out-of-bounds read
142897tcpdump print-vrrp.c vrrp_print out-of-bounds read
142896tcpdump ICMP Parser print-icmp.c icmp_print out-of-bounds read
142895tcpdump LDP Parser print-ldp.c ldp_tlv_print out-of-bounds read
142894tcpdump SMB Data input validation [CVE-2018-10105]
142893tcpdump SMB Data input validation [CVE-2018-10103]
142892IBM WebSphere Application Server Stack Trace information exposure
142891IBM Security Guardium improper authentication [CVE-2019-4422]
142890Red Hat JBoss Operations Network Remote Code Execution [CVE-2019-3834]
142889Athena SCS Smartcard ECDSA Key Generation race condition [CVE-2019-15809]
142888MatrixSSL ECDSA Signature ecc_math.c risky encryption
142887wolfSSL/wolfCrypt ECDSA Signature ecc.c information exposure
142886Cisco Unified Communications Manager Web-based Interface cross-site request forgery
142885JetBrains ReSharper Installer DLL untrusted search path [CVE-2019-16407]
142884JetBrains YouTrack Issue Page Stored cross site scripting
142883Cisco Unified Communications Manager Web-based Interface request smuggling
142882Cisco Unified Contact Center Express Web Server input validation
142881Cisco ASA/Firepower Threat Defense IKEv1 resource consumption
142880JetBrains YouTrack Settings Page cross-site request forgery [CVE-2019-15040]
142879JetBrains TeamCity Settings Page cross site scripting [CVE-2019-15037]
142878JetBrains TeamCity os command injection [CVE-2019-15036]
142877JetBrains ToolBox URL missing encryption [CVE-2019-14959]
142876JetBrains PyCharm Connection resource consumption [CVE-2019-14958]
142875JetBrains YouTrack Permission permissions [CVE-2019-14956]
142874Umbraco GetInpectSearch sql injection
142873JetBrains Ktor Framework UserHashedTableAuth unknown vulnerability
142872JetBrains Ktor Framework LDAP input validation [CVE-2019-12736]
142871Cisco Unified Communications Manager Web-based Interface cross site scripting
142870Cisco Unified Communications Manager Web-based Interface cross site scripting
142869Cisco IC3000 Industrial Compute Gateway Web-based Management Interface resource consumption
142868Cisco Prime Infrastructure Web-based Management Interface cross site scripting
142867Cisco Prime Infrastructure Web-based Management Interface cross site scripting
142866Cisco Unified Communications Manager Web-based Interface xml external entity reference
142865Cisco Unified Communications Manager Web-based Interface sql injection
142864Cisco Unified Communications Web-based Interface cross site scripting
142863Cisco Email Security Appliance Sender Policy Framework input validation
142862Cisco FirePOWER Management Center Malware Inspection input validation
142861Cisco Firepower Threat Defense Pluggable Authentication resource consumption
142860Cisco FXOS/Firepower Threat Defense input validation [CVE-2019-12699]
142859Cisco ASA/Firepower Threat Defense WebVPN resource consumption
142858Cisco Firepower System Software Detection Engine input validation
142857Cisco Firepower System Software Detection Engine input validation
142856Cisco ASA/Firepower Threat Defense WebVPN Portal cross site scripting
142855Cisco Firepower Threat Defense Command Line Interface input validation
142854Cisco ASA scp type conversion [CVE-2019-12693]
142853Cisco FirePOWER Management Center Web-based Management Interface path traversal
142852Cisco FirePOWER Management Center Web UI os command injection
142851Cisco FirePOWER Management Center Web-based Management Interface input validation
142850Cisco FirePOWER Management Center Web UI memory corruption [CVE-2019-12688]
142849Cisco FirePOWER Management Center Web UI memory corruption [CVE-2019-12687]
142848Cisco FirePOWER Management Center Web-based Management Interface sql injection
142847Cisco FirePOWER Management Center Web-based Management Interface sql injection
142846Cisco FirePOWER Management Center Web-based Management Interface sql injection
142845Cisco FirePOWER Management Center Web-based Management Interface sql injection
142844Cisco FirePOWER Management Center Web-based Management Interface sql injection
142843Cisco FirePOWER Management Center Web-based Management Interface sql injection
142842Cisco FirePOWER Management Center Web-based Management Interface sql injection
142841Cisco FirePOWER Management Center Web-based Management Interface sql injection
142840Cisco ASA/Firepower Threat Defense Session Initiation Protocol integer underflow
142839Cisco ASA SSL VPN exceptional condition [CVE-2019-12677]
142838Cisco ASA/Firepower Threat Defense OSPF input validation [CVE-2019-12676]
142837Cisco Firepower Threat Defense Container escape output [CVE-2019-12675]
142836Cisco Firepower Threat Defense Container escape output [CVE-2019-12674]
142835Cisco ASA/Firepower Threat Defense FTP Inspection Engine input validation
142834Cisco Identity Services Engine Web-based Management Interface cross site scripting
142833Cisco Security Manager Java Deserialization deserialization [CVE-2019-12630]
142832JetBrains TeamCity injection [CVE-2019-12157]
142831JetBrains TeamCity Error Message information exposure [CVE-2019-12156]
142830HHVM Number memory corruption [CVE-2019-11929]
142829Micro Focus Enterprise Developer/Enterprise Server Reflected cross site scripting
142828Undertow Debug Log Credentials log file
142827Check Point R80.30 Security Gateway Configuration exceptional condition
142826Foxit PDF Reader Javascript Engine exceptional condition [CVE-2019-5031]
142825IBM Security Directory Server insecure storage of sensitive information
142824IBM Security Directory Server Web UI cross site scripting [CVE-2019-4542]
142823IBM Security Directory Server XML Data xml injection [CVE-2019-4539]
142822IBM Security Directory Server redirect [CVE-2019-4538]
142821IBM Security Directory Server Lockout excessive authentication
142820Eclipse Mojarra Client Window Field Reflected cross site scripting
142819mintinstall deserialization [CVE-2019-17080]
142818EnterpriseDT CompleteFTP Server Bootstrap.log Credentials log file
142817SalesAgility SuiteCRM privileges management [CVE-2019-14454]
142816CA Network Flow Analysis hard-coded credentials [CVE-2019-13658]
142815Butor Portal wl path traversal
142814SalesAgility SuiteCRM server-side request forgery [CVE-2019-13335]
142813Compal CH7465LG Access Control input validation [CVE-2019-13025]
142812Online Store delete_product.php missing authentication
142811Online Store delete_file.php path traversal
142810Online Store Registration Form sent_register.php cross site scripting
142809Online Store user_view.php Stored cross site scripting
142808Online Store user_view.php Stored cross site scripting
142807Elastic Code Repository Import permission assignment [CVE-2019-7618]
142806Linux Kernel cxgb4 Driver mem.c write_tpt_entry memory corruption
142805XunRuiCMS Stored cross site scripting [CVE-2019-17074]
142804emlog path traversal [CVE-2019-17073]
142803JetBrains YouTrack Whitelist redirect [CVE-2019-15041]
142802JetBrains TeamCity information disclosure [CVE-2019-15035]
142801Apache MINA TLS Message cleartext transmission [CVE-2019-0231]
142800IBM Jazz Reporting Service Web UI cross site scripting [CVE-2019-4497]
142799IBM Jazz Reporting Service Web UI cross site scripting [CVE-2019-4495]
142798IBM Jazz Reporting Service Web UI cross site scripting [CVE-2019-4494]
142797IBM Daeja ViewONE Virtual information disclosure [CVE-2019-4246]
142796PuTTY SSH-1 input validation [CVE-2019-17069]
142795PuTTY Protection Mechanism Clipboard injection
142794PuTTY Port-Forwarding allocation of resources [CVE-2019-17067]
142793Xpdf Catalog.pageLabels null pointer dereference
142792Snowtide PDFxStream Page-Tree input validation [CVE-2019-17063]
142791Linux Kernel AF_NFC Network Module llcp_sock.c llcp_sock_create default permission
142790Linux Kernel AF_ISDN Network Module socket.c base_sock_create input validation
142789Linux Kernel AF_APPLETALK Network Module ddp.c atalk_create default permission
142788Linux Kernel AF_IEEE802154 Network Module socket.c ieee802154_create default permission
142787Linux Kernel AF_AX25 Network Module af_ax25.c ax25_create default permission
142786FasterXML jackson-databind JSON Endpoint input validation [CVE-2019-16943]
142785FasterXML jackson-databind RMI Endpoint input validation [CVE-2019-16942]
142784Google Chrome OS Imagination Technologies Driver card1 PVRSRVBridgeSyncPrimOpCreate integer overflow
142783Victure PC530 Telnet Service missing authentication [CVE-2019-15940]
142782JetBrains TeamCity SSL Certificate certificate validation [CVE-2019-15042]
142781JetBrains TeamCity input validation [CVE-2019-15039]
142780JetBrains TeamCity HTTP Header input validation [CVE-2019-15038]
142779JetBrains Upsource Code Block Comment cross site scripting [CVE-2019-14961]
142778JetBrains Rider JetBrains.Rider.Unity.Editor.Plugin.Repacked.dll untrusted search path
142777JetBrains VIM Plugin Project File vim_settings.xml insecure storage of sensitive information
142776JetBrains Hub Password Expiration Policy password recovery [CVE-2019-14955]
142775JetBrains IntelliJ IDEA Markdown missing encryption [CVE-2019-14954]
142774JetBrains YouTrack Attachment cross site scripting [CVE-2019-14953]
142773JetBrains YouTrack Issue Title cross site scripting [CVE-2019-14952]
142772Pivotal Application Manager CSV permission assignment [CVE-2019-11275]
142771SourceGear Vault Plugin Configuration Form Credentials cleartext transmission
142770LDAP Email Plugin Configuration Form Credentials cleartext transmission
142769Dingding Plugin Job Configuration config.xml cleartext storage
142768HTML Publisher Plugin Project Name cross site scripting [CVE-2019-10432]
142767Script Security Plugin Sandbox code injection [CVE-2019-10431]
142766Codehaus deserialization [CVE-2019-10202]
142765IBM Sterling File Gateway URL path traversal [CVE-2019-4423]
142764IBM WebSphere Application Server Liberty Cookie cookie validation
142763IBM WebSphere Application Server Liberty Session session fixiation
142762IBM Sterling File Gateway information disclosure [CVE-2019-4280]
142761IBM WebSphere eXtreme Scale Admin API cross site scripting [CVE-2019-4115]
142760IBM WebSphere eXtreme Scale Admin Console Stored information disclosure
142759IBM WebSphere eXtreme Scale Admin Console improper restriction of rendered ui layers
142758IBM WebSphere eXtreme Scale Admin Console cross site scripting
142757RSA BSAFE Crypto-C Micro Edition information disclosure [CVE-2019-3733]
142756RSA BSAFE Crypto-C Micro Edition information exposure [CVE-2019-3732]
142755RSA BSAFE Crypto-C Micro Edition information exposure [CVE-2019-3731]
142754RSA BSAFE Micro Edition Suite Error Message information exposure
142753RSA BSAFE Micro Edition Suite ECDSA Signature buffer overflow
142752RSA BSAFE Micro Edition Suite DSA Signature out-of-bounds read
142751Qualcomm Snapdragon Auto Audio Buffer buffer overflow [CVE-2019-2341]
142750Qualcomm Snapdragon Auto IPA Driver buffer overflow [CVE-2019-2333]
142749Qualcomm Snapdragon Auto Heap Guard random values [CVE-2019-2294]
142748Qualcomm Snapdragon Compute Camera use after free [CVE-2019-2284]
142747Qualcomm Snapdragon Auto Video buffer overflow [CVE-2019-2252]
142746Evernote Attachment File input validation [CVE-2019-17051]
142745Voyager Package authorization [CVE-2019-17050]
142744Netgear SRX5308 sql injection [CVE-2019-17049]
142743Visualizer Plugin upload-data server-side request forgery
142742Rust Cargo code download [CVE-2019-16760]
142741Xoops image-manager cross site scripting [CVE-2019-16684]
142740Xoops image-manager cross site scripting [CVE-2019-16683]
142739Google Go request smuggling [CVE-2019-16276]
142738Netdisco Search Reflected cross site scripting
142737Western Digital SSD Dashboard/SanDisk SSD Dashboard Web Service input validation
142736Western Digital SSD Dashboard/SanDisk SSD Dashboard Access Control information disclosure
142735Foxit Reader Javascript Engine recursion [CVE-2019-13124]
142734Foxit Reader Javascript Engine recursion [CVE-2019-13123]
142733Qualcomm Snapdragon Auto WLAN NAN buffer overflow [CVE-2019-10540]
142732Qualcomm Snapdragon Auto IE Header buffer overflow [CVE-2019-10539]
142731Qualcomm Snapdragon Auto HLOS input validation [CVE-2019-10538]
142730Qualcomm Snapdragon Auto BT null pointer dereference [CVE-2019-10510]
142729Qualcomm Snapdragon Auto ACL Disconnect use after free [CVE-2019-10509]
142728Qualcomm Snapdragon Auto WLAN buffer overflow [CVE-2019-10508]
142727Qualcomm Snapdragon Auto Extscan Scan Result out-of-bounds read
142726Qualcomm Snapdragon Auto Vendor Command input validation [CVE-2019-10506]
142725Qualcomm Snapdragon Auto Volume Listener Library use after free
142724Qualcomm Snapdragon Mobile FIFO array index [CVE-2019-10499]
142723Qualcomm Snapdragon Auto buffer overflow [CVE-2019-10498]
142722Qualcomm Snapdragon Auto use after free [CVE-2019-10497]
142721Qualcomm Snapdragon Auto Boot Image risky encryption [CVE-2019-10492]
142720Qualcomm Snapdragon Auto AVI Clip null pointer dereference [CVE-2019-10489]
142719Ilch index unrestricted upload
142718Ilch Jobs Tab Stored cross site scripting
142717rsyslog pmdb2diag.c out-of-bounds read
142716CloudBoot getNumByStatus sql injection
142715MetInfo language_general.class.php sql injection
142714MetInfo product_admin.class.php sql injection
142713Linux Kernel hsr_device.c hsr_dev_finalize release of resource
142712Linux Kernel sit.c sit_init_net release of resource
142711phpBB BBcode Page acp_bbcodes.php cross-site request forgery
142709eBrigade evenement_choice.php sql injection
142708eBrigade evenements.php sql injection
142707eBrigade evenement_ical.php sql injection
142706Plataformatec Simple Form Access Control form_builder.rb file_method input validation
142705GFI Kerio Control Login Page DOM-Based cross site scripting
142704SalesAgility SuiteCRM cross site scripting [CVE-2019-14752]
142703CDG path traversal [CVE-2017-18636]
142702Apple iPhone UBS checkm8 privileges management
142701Keybase App Private Key signature verification [CVE-2019-16992]
142700Apple iOS/iPadOS Sandbox exposure of resource [CVE-2019-8779]
142699NSA Ghidra Experimental Mode xml injection
142698Zcash Zcashd IP Address exceptional condition
142697Dell EMC ECS Authentication Brute Force excessive authentication
142696Dell EMC Integrated Data Protection Appliance ACM Stored cross site scripting
142695Dell EMC Integrated Data Protection Appliance ACM API excessive authentication
142694Dell EMC Integrated Data Protection Appliance ACM Credentials insufficiently protected credentials
142693Python XML-RPC Server server_title cross site scripting
142692Exim EHLO Command string.c string_vformat buffer overflow
142691Xpdf findGaps out-of-bounds write
142690Flower Worker Name cross site scripting [CVE-2019-16926]
142689Flower cross site scripting [CVE-2019-16925]
142688Dolibarr Email Template mails_templates.php Stored cross site scripting
142687Dolibarr User Profile card.php Stored cross site scripting
142686Dolibarr User Note note.php Stored cross site scripting
142685Dolibarr User Group Description card.php Stored cross site scripting
142684Facebook WhatsApp Media Parsing Library out-of-bounds write [CVE-2019-11927]
142683LibreOffice Macro escape output [CVE-2019-9853]
142682Google Android Platform privileges management [CVE-2019-9463]
142681Google Android Bluetooth out-of-bounds read [CVE-2019-9462]
142680Google Android Mediaserver out-of-bounds write [CVE-2019-9460]
142679Google Android libttspico buffer overflow [CVE-2019-9459]
142678Google Android AOSP Email external reference [CVE-2019-9440]
142677Google Android Package Manager Service external reference [CVE-2019-9438]
142676Google Android Bluetooth out-of-bounds read [CVE-2019-9435]
142675Google Android Bluetooth out-of-bounds read [CVE-2019-9434]
142674Google Android libvpx input validation [CVE-2019-9433]
142673Google Android Bluetooth out-of-bounds read [CVE-2019-9432]
142672Google Android Bluetooth use after free [CVE-2019-9431]
142671Google Android Bluetooth null pointer dereference [CVE-2019-9430]
142670Google Android profman out-of-bounds write [CVE-2019-9429]
142669Google Android Framework information disclosure [CVE-2019-9428]
142668Google Android Bluetooth use after free [CVE-2019-9427]
142667Google Android Bluetooth out-of-bounds read [CVE-2019-9425]
142666Google Android Screen Lock information disclosure [CVE-2019-9424]
142665Google Android opencv out-of-bounds write [CVE-2019-9423]
142664Google Android Bluetooth out-of-bounds read [CVE-2019-9422]
142663Google Android libandroidfw out-of-bounds read [CVE-2019-9421]
142662Google Android libhevc integer overflow [CVE-2019-9420]
142661Google Android Bluetooth out-of-bounds read [CVE-2019-9419]
142660Google Android libstagefright resource consumption [CVE-2019-9418]
142659Google Android Bluetooth out-of-bounds read [CVE-2019-9417]
142658Google Android libstagefright use of uninitialized resource [CVE-2019-9416]
142657Google Android libstagefright use of uninitialized resource [CVE-2019-9415]
142656Google Android wpa_supplicant input validation [CVE-2019-9414]
142655Google Android Bluetooth out-of-bounds read [CVE-2019-9413]
142654Google Android libSBRdec out-of-bounds read [CVE-2019-9412]
142653Google Android libavc use of uninitialized resource [CVE-2019-9411]
142652Google Android libavc use of uninitialized resource [CVE-2019-9410]
142651Google Android libhevc use of uninitialized resource [CVE-2019-9409]
142650Google Android libavc use of uninitialized resource [CVE-2019-9408]
142649Google Android Service Manager permission assignment [CVE-2019-9407]
142648Google Android libhevc use of uninitialized resource [CVE-2019-9406]
142647Google Android libAACdec integer overflow [CVE-2019-9405]
142646Google Android Bluetooth input validation [CVE-2019-9404]
142645Google Android cn-cbor out-of-bounds read [CVE-2019-9403]
142644Google Android Bluetooth memory corruption [CVE-2019-9402]
142643Google Android Bluetooth input validation [CVE-2019-9401]
142642Google Android Bluetooth null pointer dereference [CVE-2019-9400]
142641Google Android Print Service inadequate encryption [CVE-2019-9399]
142640Google Android Bluetooth input validation [CVE-2019-9398]
142639Google Android Bluetooth input validation [CVE-2019-9397]
142638Google Android Bluetooth input validation [CVE-2019-9396]
142637Google Android Bluetooth input validation [CVE-2019-9395]
142636Google Android Bluetooth input validation [CVE-2019-9394]
142635Google Android Bluetooth input validation [CVE-2019-9393]
142634Google Android libxaac use of uninitialized resource [CVE-2019-9391]
142633Google Android Bluetooth out-of-bounds read [CVE-2019-9390]
142632Google Android Bluetooth out-of-bounds read [CVE-2019-9389]
142631Google Android Bluetooth Service out-of-bounds read [CVE-2019-9388]
142630Google Android Bluetooth out-of-bounds read [CVE-2019-9387]
142629Google Android NFC Server out-of-bounds write [CVE-2019-9386]
142628Google Android libxaac out-of-bounds read [CVE-2019-9385]
142627Google Android LockPatternUtils permission assignment [CVE-2019-9384]
142626Google Android NFC Server out-of-bounds read [CVE-2019-9383]
142625Google Android libeffects out-of-bounds write [CVE-2019-9382]
142624Google Android netd use after free [CVE-2019-9381]
142623Google Android Settings UI authorization [CVE-2019-9380]
142622Google Android libstagefright resource consumption [CVE-2019-9379]
142621Google Android Activity Manager Service permission assignment
142620Google Android FingerprintService authorization [CVE-2019-9377]
142619Google Android Accounts Package input validation [CVE-2019-9376]
142618Google Android hostapd out-of-bounds read [CVE-2019-9375]
142617Google Android CompanionDeviceManager permission assignment [CVE-2019-9374]
142616Google Android JobStore deserialization [CVE-2019-9373]
142615Google Android libskia input validation [CVE-2019-9372]
142614Google Android libvpx input validation [CVE-2019-9371]
142613Google Android sonivox out-of-bounds read [CVE-2019-9370]
142612Google Android Bluetooth use of uninitialized resource [CVE-2019-9369]
142611Google Android Bluetooth out-of-bounds read [CVE-2019-9368]
142610Google Android Bluetooth out-of-bounds read [CVE-2019-9367]
142609Google Android libSBRdec out-of-bounds read [CVE-2019-9366]
142608Google Android Bluetooth input validation [CVE-2019-9365]
142607Google Android AudioService permission assignment [CVE-2019-9364]
142606Google Android Bluetooth out-of-bounds write [CVE-2019-9363]
142605Google Android libSACdec out-of-bounds read [CVE-2019-9362]
142604Google Android libavc use of uninitialized resource [CVE-2019-9361]
142603Google Android TEE out-of-bounds read [CVE-2019-9360]
142602Google Android libavc use of uninitialized resource [CVE-2019-9359]
142601Google Android NFC out-of-bounds write [CVE-2019-9358]
142600Google Android libAACdec integer overflow [CVE-2019-9357]
142599Google Android NFC Server out-of-bounds read [CVE-2019-9356]
142598Google Android Bluetooth out-of-bounds read [CVE-2019-9355]
142597Google Android NFC Server out-of-bounds read [CVE-2019-9354]
142596Google Android Bluetooth out-of-bounds read [CVE-2019-9353]
142595Google Android libstagefright resource consumption [CVE-2019-9352]
142594Google Android SyncStatusObserver authorization [CVE-2019-9351]
142593Google Android Keymaster use after free [CVE-2019-9350]
142592Google Android libstagefright resource consumption [CVE-2019-9349]
142591Google Android libstagefright input validation [CVE-2019-9348]
142590Google Android m4v_h263 Codec use after free [CVE-2019-9347]
142589Google Android libstagefright out-of-bounds write [CVE-2019-9346]
142588Google Android NFC Server out-of-bounds read [CVE-2019-9344]
142587Google Android Bluetooth out-of-bounds read [CVE-2019-9343]
142586Google Android Bluetooth out-of-bounds read [CVE-2019-9342]
142585Google Android Bluetooth out-of-bounds read [CVE-2019-9341]
142584Google Android libavc missing initialization of resource [CVE-2019-9338]
142583Google Android libavc missing initialization of resource [CVE-2019-9337]
142582Google Android libavc missing initialization of resource [CVE-2019-9336]
142581Google Android libavc missing initialization of resource [CVE-2019-9335]
142580Google Android libhevc missing initialization of resource [CVE-2019-9334]
142579Google Android Bluetooth out-of-bounds read [CVE-2019-9333]
142578Google Android Bluetooth out-of-bounds read [CVE-2019-9332]
142577Google Android Bluetooth out-of-bounds read [CVE-2019-9331]
142576Google Android Bluetooth out-of-bounds read [CVE-2019-9330]
142575Google Android Bluetooth missing initialization of resource [CVE-2019-9329]
142574Google Android Bluetooth out-of-bounds read [CVE-2019-9328]
142573Google Android Bluetooth out-of-bounds read [CVE-2019-9327]
142572Google Android Bluetooth out-of-bounds read [CVE-2019-9326]
142571Google Android libvpx out-of-bounds read [CVE-2019-9325]
142570Google Android Wallpaper Manager Service authorization [CVE-2019-9323]
142569Google Android libavc missing initialization of resource [CVE-2019-9322]
142568Google Android libavc missing initialization of resource [CVE-2019-9321]
142567Google Android libavc missing initialization of resource [CVE-2019-9320]
142566Google Android libavc missing initialization of resource [CVE-2019-9319]
142565Google Android libhevc missing initialization of resource [CVE-2019-9318]
142564Google Android libstagefright missing initialization of resource
142563Google Android libstagefright missing initialization of resource
142562Google Android libhevc missing initialization of resource [CVE-2019-9315]
142561Google Android libavc missing initialization of resource [CVE-2019-9314]
142560Google Android libstagefright missing initialization of resource
142559Google Android Bluetooth out-of-bounds read [CVE-2019-9312]
142558Google Android Bluetooth integer overflow [CVE-2019-9311]
142557Google Android libFDK integer overflow [CVE-2019-9310]
142556Google Android NFC out-of-bounds write [CVE-2019-9309]
142555Google Android libAACdec integer overflow [CVE-2019-9308]
142554Google Android libAACdec integer overflow [CVE-2019-9307]
142553Google Android libMpegTPDec out-of-bounds write [CVE-2019-9306]
142552Google Android libAACdec integer overflow [CVE-2019-9305]
142551Google Android libMpegTPDec integer overflow [CVE-2019-9304]
142550Google Android libFDK integer overflow [CVE-2019-9303]
142549Google Android libAACdec integer overflow [CVE-2019-9302]
142548Google Android libAACdec integer overflow [CVE-2019-9301]
142547Google Android libAACdec integer overflow [CVE-2019-9300]
142546Google Android libAACdec integer overflow [CVE-2019-9299]
142545Google Android libAACdec integer overflow [CVE-2019-9298]
142544Google Android libAACdec integer overflow [CVE-2019-9297]
142543Google Android NFC out-of-bounds read [CVE-2019-9296]
142542Google Android Permission Check permission assignment [CVE-2019-9295]
142541Google Android libstagefright out-of-bounds read [CVE-2019-9294]
142540Google Android libstagefright out-of-bounds read [CVE-2019-9293]
142539Google Android Activity Manager Service external reference [CVE-2019-9292]
142538Google Android Bluetooth allocation of resources [CVE-2019-9291]
142537Google Android tzdata allocation of resources [CVE-2019-9290]
142536Google Android Bluetooth out-of-bounds read [CVE-2019-9289]
142535Google Android libhidcommand_jni out-of-bounds write [CVE-2019-9288]
142534Google Android Bluetooth out-of-bounds read [CVE-2019-9287]
142533Google Android Bluetooth out-of-bounds read [CVE-2019-9286]
142532Google Android Bluetooth out-of-bounds read [CVE-2019-9285]
142531Google Android Bluetooth out-of-bounds read [CVE-2019-9284]
142530Google Android AAC Codec input validation [CVE-2019-9283]
142529Google Android Skia out-of-bounds read [CVE-2019-9282]
142528Google Android GoogleContactsSyncAdapter path traversal [CVE-2019-9281]
142527Google Android Keyguard permission assignment [CVE-2019-9280]
142526Google Android WiFi Hotspot Service null pointer dereference
142525Google Android libexif integer overflow [CVE-2019-9278]
142524Google Android proc Filesystem log file [CVE-2019-9277]
142523Google Android WiFi permission assignment [CVE-2019-9272]
142522Google Android System Settings permission assignment [CVE-2019-9269]
142521Google Android libstagefright use after free [CVE-2019-9268]
142520Google Android sensorservice out-of-bounds write [CVE-2019-9266]
142519Google Android Bluetooth out-of-bounds read [CVE-2019-9265]
142518Google Android libxaac out-of-bounds read [CVE-2019-9264]
142517Google Android Telephony permission assignment [CVE-2019-9263]
142516Google Android MPEG4Extractor integer overflow [CVE-2019-9262]
142515Google Android libxaac out-of-bounds read [CVE-2019-9261]
142514Google Android Bluetooth out-of-bounds read [CVE-2019-9260]
142513Google Android Bluetooth Stack out-of-bounds write [CVE-2019-9259]
142512Google Android wifilogd out-of-bounds write [CVE-2019-9258]
142511Google Android Bluetooth out-of-bounds write [CVE-2019-9257]
142510Google Android libmediaextractor integer overflow [CVE-2019-9256]
142509Google Android KeyStore insecure storage of sensitive information
142508Google Android libavc use of uninitialized resource [CVE-2019-9252]
142507Google Android NFC out-of-bounds read [CVE-2019-9251]
142506Google Android Bluetooth out-of-bounds read [CVE-2019-9250]
142505Google Android Bluetooth out-of-bounds read [CVE-2019-9249]
142504Google Android AAC Codec missing initialization of resource [CVE-2019-9247]
142503Google Android NFC out-of-bounds read [CVE-2019-9246]
142502Google Android NFC out-of-bounds read [CVE-2019-9244]
142501Google Android wpa_supplicant_8 out-of-bounds read [CVE-2019-9243]
142500Google Android NFC out-of-bounds read [CVE-2019-9242]
142499Google Android Bluetooth out-of-bounds read [CVE-2019-9241]
142498Google Android NFC out-of-bounds read [CVE-2019-9240]
142497Google Android NFC out-of-bounds read [CVE-2019-9239]
142496Google Android NFC Stack out-of-bounds write [CVE-2019-9238]
142495Google Android Bluetooth out-of-bounds read [CVE-2019-9237]
142494Google Android NFC out-of-bounds read [CVE-2019-9236]
142493Google Android NFC out-of-bounds read [CVE-2019-9235]
142492Google Android wpa_supplicant_8 out-of-bounds read [CVE-2019-9234]
142491Google Android wpa_supplicant_8 out-of-bounds read [CVE-2019-9233]
142490Google Android libvpx out-of-bounds read [CVE-2019-9232]
142489Adobe Flash Player Same Origin Policy origin validation [CVE-2019-8075]
142488Adobe ColdFusion path traversal [CVE-2019-8074]
142487Adobe ColdFusion injection [CVE-2019-8073]
142486Adobe ColdFusion information disclosure [CVE-2019-8072]
142485IBM MQ Cluster resource consumption [CVE-2019-4141]
142484Google Android LG LAF information disclosure [CVE-2019-2191]
142483Google Android LG LAF information disclosure [CVE-2019-2190]
142482Google Android Easel Driver race condition [CVE-2019-2189]
142481Google Android Easel Driver race condition [CVE-2019-2188]
142480Google Android libxaac use of uninitialized resource [CVE-2019-2172]
142479Google Android libxaac initialization [CVE-2019-2171]
142478Google Android libxaac initialization [CVE-2019-2170]
142477Google Android libxaac initialization [CVE-2019-2169]
142476Google Android libxaac initialization [CVE-2019-2168]
142475Google Android libxaac initialization [CVE-2019-2167]
142474Google Android libxaac initialization [CVE-2019-2166]
142473Google Android libxaac out-of-bounds read [CVE-2019-2165]
142472Google Android libxaac out-of-bounds read [CVE-2019-2164]
142471Google Android libxaac out-of-bounds read [CVE-2019-2163]
142470Google Android libxaac out-of-bounds read [CVE-2019-2162]
142469Google Android libxaac out-of-bounds read [CVE-2019-2161]
142468Google Android libxaac out-of-bounds read [CVE-2019-2160]
142467Google Android libxaac out-of-bounds write [CVE-2019-2159]
142466Google Android libxaac out-of-bounds read [CVE-2019-2158]
142465Google Android libxaac out-of-bounds read [CVE-2019-2157]
142464Google Android libxaac out-of-bounds read [CVE-2019-2156]
142463Google Android libxaac out-of-bounds read [CVE-2019-2155]
142462Google Android libxaac out-of-bounds read [CVE-2019-2154]
142461Google Android libxaac out-of-bounds read [CVE-2019-2153]
142460Google Android libxaac out-of-bounds read [CVE-2019-2152]
142459Google Android libxaac out-of-bounds read [CVE-2019-2151]
142458Google Android libxaac out-of-bounds read [CVE-2019-2150]
142457Google Android libxaac out-of-bounds read [CVE-2019-2149]
142456Google Android libxaac out-of-bounds read [CVE-2019-2148]
142455Google Android libxaac out-of-bounds read [CVE-2019-2147]
142454Google Android libxaac out-of-bounds read [CVE-2019-2146]
142453Google Android libxaac out-of-bounds read [CVE-2019-2145]
142452Google Android libxaac out-of-bounds read [CVE-2019-2144]
142451Google Android libxaac out-of-bounds read [CVE-2019-2143]
142450Google Android libxaac out-of-bounds read [CVE-2019-2142]
142449Google Android libxaac out-of-bounds write [CVE-2019-2141]
142448Google Android libxaac use of uninitialized resource [CVE-2019-2140]
142447Google Android libxaac out-of-bounds read [CVE-2019-2139]
142446Google Android libxaac out-of-bounds read [CVE-2019-2138]
142445Google Android libxaac out-of-bounds write [CVE-2019-2087]
142444Google Android libxaac out-of-bounds write [CVE-2019-2086]
142443Google Android libxaac out-of-bounds write [CVE-2019-2085]
142442Google Android libxaac out-of-bounds write [CVE-2019-2084]
142441Google Android libxaac out-of-bounds write [CVE-2019-2083]
142440Google Android libxaac out-of-bounds write [CVE-2019-2082]
142439Google Android libxaac out-of-bounds write [CVE-2019-2081]
142438Google Android libxaac out-of-bounds write [CVE-2019-2080]
142437Google Android libxaac out-of-bounds read [CVE-2019-2079]
142436Google Android libxaac out-of-bounds write [CVE-2019-2078]
142435Google Android libxaac out-of-bounds write [CVE-2019-2077]
142434Google Android libxaac out-of-bounds write [CVE-2019-2076]
142433Google Android libxaac out-of-bounds write [CVE-2019-2075]
142432Google Android libxaac out-of-bounds write [CVE-2019-2074]
142431Google Android libxaac out-of-bounds write [CVE-2019-2073]
142430Google Android libxaac out-of-bounds write [CVE-2019-2072]
142429Google Android libxaac out-of-bounds write [CVE-2019-2071]
142428Google Android libxaac out-of-bounds write [CVE-2019-2070]
142427Google Android libxaac out-of-bounds write [CVE-2019-2069]
142426Google Android libxaac out-of-bounds write [CVE-2019-2068]
142425Google Android libxaac out-of-bounds write [CVE-2019-2067]
142424Google Android libxaac out-of-bounds write [CVE-2019-2066]
142423Google Android libxaac out-of-bounds write [CVE-2019-2065]
142422Google Android libxaac out-of-bounds write [CVE-2019-2064]
142421Google Android Media Server out-of-bounds write [CVE-2019-2063]
142420Google Android libxaac out-of-bounds write [CVE-2019-2062]
142419Google Android libxaac out-of-bounds write [CVE-2019-2061]
142418Google Android libxaac out-of-bounds read [CVE-2019-2060]
142417Google Android libxaac out-of-bounds write [CVE-2019-2059]
142416Google Android libxaac out-of-bounds write [CVE-2019-2055]
142415Nulock App Bluetooth Credentials cleartext transmission
142414kkcms jx.php cross site scripting
142413SalesAgility SuiteCRM information disclosure [CVE-2019-16922]
142412Mozilla Thunderbird SMIME input validation [CVE-2019-11755]
142411Mozilla Firefox Pointer Lock requestPointerLock input validation
142410Mozilla Firefox Maintenance Service improper validation of integrity check value
142409Mozilla Firefox/Thunderbird/Firefox ESR IndexedDB use after free
142408Mozilla Firefox Log input validation [CVE-2019-11751]
142407Mozilla Firefox type conversion [CVE-2019-11750]
142406Mozilla Firefox WebRTC getUserMedia information disclosure
142405Mozilla Firefox WebRTC permission assignment [CVE-2019-11748]
142404Mozilla Firefox History HSTS initialization
142403Mozilla Firefox/Thunderbird/Firefox ESR Video Element use after free
142402Mozilla Firefox/Thunderbird/Firefox ESR Bracket cross site scripting
142401Mozilla Firefox/Thunderbird/Firefox ESR Navigation information disclosure
142400Mozilla Firefox/Thunderbird/Firefox ESR SVG Filter unknown vulnerability
142399Mozilla Firefox Sandbox Universal cross site scripting
142398Mozilla Firefox/Thunderbird/Firefox ESR memory corruption [CVE-2019-11740]
142397Mozilla Thunderbird SMIME information disclosure [CVE-2019-11739]
142396Mozilla Firefox Content Security Policy Javascript default permission
142395Mozilla Firefox Content Security Policy insufficient verification of data authenticity
142394Mozilla Firefox Maintenance Service race condition [CVE-2019-11736]
142393Mozilla Firefox buffer overflow [CVE-2019-11735]
142392Mozilla Firefox buffer overflow [CVE-2019-11734]
142391Mozilla Firefox Password Storage information disclosure [CVE-2019-11733]
142389Google Android WiFi information disclosure [CVE-2018-9581]
142388Google Android Permission Check privileges management [CVE-2018-9425]
142387Corsair Link CLink4Service default permission [CVE-2018-19592]
142384Cisco Carrier Routing System ACL authorization [CVE-2012-1342]
142383Linux Kernel hns_roce_main.c hns_roce_alloc_ucontext initialization
142382D-Link DIR-655C/DIR-866L/DIR-652/DHP-1565 Common Gateway Interface os command injection
142381pfSense picture.widget.php file_put_contents input validation
142380pfSense services_captiveportal_mac.php cross site scripting
142379ARforms Plugin arformcontroller.php arf_delete_file Path input validation
142378pfSense diag_command.php csrf_callback cross-site request forgery
142377CKFinder Documentation Content Sniffing information disclosure
142376CKFinder File Name unrestricted upload [CVE-2019-15862]
142375phpBB Remote Avatar cross-site request forgery [CVE-2019-13376]
142374DNN Admin Notification notification cross site scripting
142373Cloud Foundry UAA Scope privileges management [CVE-2019-11279]
142372Cloud Foundry UAA SCIM Query input validation [CVE-2019-11278]
142371Apple macOS Foundation out-of-bounds read [CVE-2019-8641]
142370Apple watchOS Foundation out-of-bounds read [CVE-2019-8641]
142369Apple iOS Foundation out-of-bounds read [CVE-2019-8641]
142368Apple iOS/iPadOS VoiceOver Lockscreen information disclosure
142367Apple Safari Service Workers History information disclosure
142366Apple Safari Juno Im input validation
142365Apple tvOS improper authentication [CVE-2019-8704]
142364Apple Xcode otool memory corruption [CVE-2019-8739]
142363Apple Xcode otool memory corruption [CVE-2019-8738]
142362Apple Xcode ld64 input validation [CVE-2019-8724]
142361Apple Xcode ld64 input validation [CVE-2019-8723]
142360Apple Xcode ld64 input validation [CVE-2019-8722]
142359Apple Xcode ld64 input validation [CVE-2019-8721]
142358Apple Xcode IDE SCM integer overflow [CVE-2019-3855]
142357Apple watchOS Foundation out-of-bounds read [CVE-2019-8641]
142356Apple Safari WebKit Page Loading Universal cross site scripting
142355Apple iOS WebKit Page Loading Universal cross site scripting
142354Apple iOS Safari Address input validation
142353Apple iOS Quick Look default permission [CVE-2019-8731]
142352Apple iOS Messages Lockscreen information disclosure
142351Apple iOS Keyboards improper authentication [CVE-2019-8704]
142350Apple iOS Foundation out-of-bounds read [CVE-2019-8641]
142349Apple iOS Face ID inadequate encryption [CVE-2019-8760]
142348Apple iOS CoreAudio memory corruption [CVE-2019-8705]
142347Apple iOS Bluetooth information disclosure [CVE-2019-8711]
142346Lenovo System Update Configuration File input validation [CVE-2019-6175]
142345ThinkAgile CP-SB BMC Session session fixiation [CVE-2019-6161]
142344IBM MQ Command Server input validation [CVE-2019-4378]
142343IBM QRadar SIEM server-side request forgery [CVE-2019-4262]
142342ARM Mbed TLS/ARM Mbed Crypto ECDSA RNG information disclosure
142341TeamPass Password cross site scripting [CVE-2019-16904]
142340Platinum UPnP SDK PltHttpServer.cpp path traversal
142338inoERP Deserialization download.php sql injection
142337Netty Whitespace request smuggling [CVE-2019-16869]
142336BMC MyIT Digital Workplace DWP administrator deserialization
142335YzmCMS HTTP Host Header injection [CVE-2019-16532]
142334easy-fancybox Plugin Settings Menu class-easyfancybox.php Stored cross site scripting
142333SilverStripe Versioned Files Module information disclosure [CVE-2019-16409]
142332krb5 KDC input validation [CVE-2019-14844]
142331SilverStripe Assets Access Control file access [CVE-2019-14273]
142330SilverStripe asset-admin File Title cross site scripting [CVE-2019-14272]
142329Honeywell Performance IP Cameras/Performance NVR Integrated Web Server information disclosure
142328SilverStripe Cache Pollution privileges management
142327Netskope Client Service Connection os command injection [CVE-2019-12091]
142326Netskope Client Service Connection doHandshakefromServer buffer overflow
142325Apache HTTP Server mod_remoteip null pointer dereference [CVE-2019-10097]
142324Apache HTTP Server mod_proxy cross site scripting [CVE-2019-10092]
142323Apache HTTP Server HTTP2 Session use after free [CVE-2019-10082]
142322Apache Subversion svnserve Server Process Disruption input validation
142321Apache Subversion svnserve Server Process Disruption input validation
142320F5 BIG-IP APM Edge Client Log log file [CVE-2019-6656]
142319F5 BIG-IP information disclosure [CVE-2019-6655]
142318F5 BIG-IP Management Interface input validation [CVE-2019-6654]
142317F5 BIG-IQ Stored cross site scripting [CVE-2019-6653]
142316F5 BIG-IQ Authentication improper authentication [CVE-2019-6652]
142315F5 BIG-IP/BIG-IQ/iWorkflow/Enterprise Manager Configuration Utility Login Page information exposure
142314IBM Content Navigator Web UI cross site scripting [CVE-2019-4571]
142313Advantech WebAccess/HMI Designer Exception exceptional condition
142312Advantech WebAccess/HMI Designer User Mode memory corruption
142311Advantech WebAccess/HMI Designer GetNICInfo+0x0000000000512918 memory corruption
142310Rubyzip ZIP File resource consumption [CVE-2019-16892]
142309Halo comments cross site scripting
142308Ubiquiti EdgeMAX Cache File resource consumption [CVE-2019-16889]
142307IrfanView buffer overflow [CVE-2019-16887]
142306runc AppArmor rootfs_linux.go authorization
142305MediaWiki Special:Redirect Username information disclosure
142304Samsung Text-to-speech Engine App privileges management [CVE-2019-16253]
142303LemonLDAP::NG OpenID Connect Issuer authorization [CVE-2019-15941]
142302Smart Battery A4 Authentication Interface improper authentication
142301Smart Battery A4 improper authentication [CVE-2019-15068]
142300Smart Battery A2-25DE Login Page improper authentication [CVE-2019-15067]
142299GLPI Password Reset autocompletion.php insufficiently protected credentials
142298Cisco NX-OS CLI os command injection [CVE-2019-12717]
142297Cisco IOS XR Virtualization Manager os command injection [CVE-2019-12709]
142296Cisco IOS XE link following [CVE-2019-12672]
142295Cisco IOS XE CLI authorization [CVE-2019-12671]
142294Cisco IOS XE IOx Guest Shell permission assignment [CVE-2019-12670]
142293Cisco IOS XE RADIUS Change of Authorization input validation
142292Cisco IOS/IOS XE Web Framework Stored cross site scripting
142291Cisco IOS XE Web Framework Stored cross site scripting
142290Cisco IOS XE Guest Shell path traversal [CVE-2019-12666]
142289Cisco IOS/IOS XE HTTP Client Persistent inadequate encryption
142288Cisco IOS XE Dialer Interface Feature for ISDN improper authentication
142287Cisco IOS XE CTS PAC input validation [CVE-2019-12663]
142286Cisco NX-OS/IOS XE Signature Verification signature verification
142285Cisco IOS XE Virtualization Manager os command injection [CVE-2019-12661]
142284Cisco IOS XE CLI input validation [CVE-2019-12660]
142283Cisco IOS XE HTTP Service input validation [CVE-2019-12659]
142282Cisco IOS XE Filesystem Resource Management resource consumption
142281Cisco IOS XE Unified Threat Defense input validation [CVE-2019-12657]
142280Cisco IOS/IOS XE IOx Web Server input validation [CVE-2019-12656]
142279Cisco IOS XE ALG/NAT/ZBFW buffer overflow [CVE-2019-12655]
142278Cisco IOS/IOS XE Session Initiation Protocol null pointer dereference
142277Cisco IOS XE Raw Socket Transport input validation [CVE-2019-12653]
142276Cisco IOS Management Plane resource consumption [CVE-2019-12652]
142275Cisco IOS XE Web-based User Interface os command injection [CVE-2019-12651]
142274Cisco IOS XE Web-based User Interface os command injection [CVE-2019-12650]
142273Cisco IOS XE Image Verification signature verification [CVE-2019-12649]
142272Cisco IOS IOx Application Environment authorization [CVE-2019-12648]
142271Cisco IOS/IOS XE Ident Protocol null pointer dereference [CVE-2019-12647]
142270Cisco IOS XE NAT SIP ALG initialization [CVE-2019-12646]
142269SilverStripe Access Control loadIntoFile information disclosure
142268SilverStripe Flash Clipboard Reflected cross site scripting
142267SilverStripe install.php privileges management
142266SilverStripe Change Password session fixiation [CVE-2019-12203]
142265noVNC Web Page cross site scripting [CVE-2017-18635]
142264microblog-poster Plugin sql injection [CVE-2015-9449]
142263sendpress Plugin sql injection [CVE-2015-9448]
142262unite-gallery-lite Plugin admin.php cross-site request forgery
142261unite-gallery-lite Plugin admin-ajax.php sql injection
142260unite-gallery-lite Plugin admin-ajax.php unitegallery_ajax_action cross-site request forgery
142259altos-connect Plugin cross site scripting [CVE-2015-9444]
142258accurate-form-data-real-time-form-validation Plugin cross-site request forgery
142257avenirsoft-directdownload Plugin cross-site request forgery [CVE-2015-9442]
142256bookmarkify Plugin cross-site request forgery [CVE-2015-9441]
142255monetize Plugin cross-site request forgery [CVE-2015-9440]
142254addthis Plugin cross site scripting [CVE-2015-9439]
142253display-widgets Plugin cross site scripting [CVE-2015-9438]
142252dynamic-widgets Plugin cross-site request forgery [CVE-2015-9437]
142251dynamic-widgets Plugin cross site scripting [CVE-2015-9436]
142250oauth2-provider Plugin Random Number Generator weak prng [CVE-2015-9435]
142249kiwi-logo-carousel Plugin cross-site request forgery [CVE-2015-9434]
142248wp-social-bookmarking-light Plugin cross-site request forgery
142247alpine-photo-tile-for-instagram Plugin cross-site request forgery
142246qtranslate-x Plugin cross-site request forgery [CVE-2015-9431]
142245crazy-bone Plugin cross site scripting [CVE-2015-9430]
142244yith-maintenance-mode Plugin cross-site request forgery [CVE-2015-9429]
142243wplegalpages Plugin cross-site request forgery [CVE-2015-9428]
142242googmonify Plugin cross-site request forgery [CVE-2015-9427]
142241manual-image-crop Plugin cross site scripting [CVE-2015-9426]
142240social-locker Plugin cross-site request forgery [CVE-2015-9425]
142239multicons Plugin cross-site request forgery [CVE-2015-9424]
142238PlugNedit Adaptive Editor Plugin cross site scripting [CVE-2015-9423]
142237PlugNedit Adaptive Editor Plugin cross-site request forgery [CVE-2015-9422]
142236olevmedia-shortcodes Plugin cross-site request forgery [CVE-2015-9421]
142235soundcloud-is-gold Plugin cross site scripting [CVE-2015-9420]
142234captain-slider Plugin Section cross site scripting [CVE-2015-9419]
142233Watu Pro Plugin Quiz cross-site request forgery [CVE-2015-9418]
142232testimonial-slider Plugin cross-site request forgery [CVE-2015-9417]
142231sitepress-multilingual-cms Plugin cross site scripting [CVE-2015-9416]
142230bj-lazy-load Plugin Remote File Inclusion input validation [CVE-2015-9415]
142229wp-symposium Plugin get_album_item.php cross site scripting
142228eShop Plugin cross-site request forgery [CVE-2015-9413]
142227Royal-Slider Plugin cross site scripting [CVE-2015-9412]
142226Postmatic Plugin cross site scripting [CVE-2015-9411]
142225Blubrry PowerPress Podcasting Plugin cross site scripting [CVE-2015-9410]
142224string-interner Crate Cloning use after free [CVE-2019-16882]
142223portaudio-rs Crate stream_finished_callback use after free
142222linea Crate zip_elements double free
142221pfSense pfsense.exec_php os command injection
142220Centreon makeXMLForOneService.php sql injection
142219HCL AppScan Source XML Data xml external entity reference [CVE-2019-16188]
142218libgcrypt20 ECDSA race condition [CVE-2019-13627]
142217NeuVector Vulnerability Scanner Plugin Global Configuration Credentials cleartext storage
142216GitLab Logo Plugin Global Configuration Credentials cleartext storage
142215Aqua Security Scanner Plugin Configuration Form Credentials cleartext transmission
142214Aqua MicroScanner Plugin Configuration Form Credentials cleartext transmission
142213Gem Publisher Plugin Global Configuration Credentials cleartext storage
142212Google Calendar Plugin config.xml Credentials cleartext storage
142211elOyente Plugin Global Configuration Credentials cleartext storage
142210CodeScan Plugin Global Configuration Credentials cleartext storage
142209Call Remote Job Plugin config.xml Credentials cleartext storage
142208Azure Event Grid Build Notifier Plugin config.xml Credentials cleartext storage
142207Assembla Plugin Global Configuration Credentials cleartext storage
142206vFabric Application Director Plugin Global Configuration Credentials cleartext storage
142205Arquillian Steps Plugin Sandbox privileges management [CVE-2019-10418]
142204Kubernetes Steps Plugin Sandbox privileges management [CVE-2019-10417]
142203Violation Comments to GitLab Plugin config.xml Credentials cleartext storage
142202Violation Comments to GitLab Plugin Global Configuration Credentials cleartext storage
142201Git Changelog Plugin config.xml Credentials cleartext storage
142200Data Theorem CI-CD Plugin config.xml Credentials cleartext storage
142199Inedo ProGet Plugin Configuration Form cleartext transmission
142198Inedo BuildMaster Plugin Configuration Form cleartext transmission
142197Log Parser Plugin Error Message cross site scripting [CVE-2019-10410]
142196Project Inheritance Plugin Permission Check permission assignment
142195Project Inheritance Plugin Template cross-site request forgery
142194Project Inheritance Plugin information disclosure [CVE-2019-10407]
142193Jenkins Global Configuration Stored cross site scripting
142192Jenkins HTTP Header information disclosure [CVE-2019-10405]
142191Jenkins Tooltip Stored cross site scripting
142190Jenkins SCM Tag Stored cross site scripting
142189Jenkins Combobox Form Stored cross site scripting
142188Jenkins Textbox Control Stored cross site scripting
142187Apache HTTP Server mod_rewrite redirect [CVE-2019-10098]
142186alo-easymail Plugin alo-easymail-admin-options.php cross-site request forgery
142185emlog path traversal [CVE-2019-16868]
142184HongCMS input validation [CVE-2019-16867]
142183ONTAP Select Deploy Administration Utility insufficiently protected credentials
142182ONTAP Select Deploy Administration Utility HTTP Service input validation
142181E2fsprogs Quota File out-of-bounds write [CVE-2019-5094]
142180Dell EMC Update Package Framework uncontrolled search path [CVE-2019-3726]
142179vBulletin widget_php input validation
142178RIOT MQTT Server null pointer dereference [CVE-2019-16754]
142177Devise Token Auth Callback Controller fallback_render Reflected cross site scripting
142176Joomla CMS Default Template cross site scripting [CVE-2019-16725]
142175File Sharing Wizard Exception buffer overflow [CVE-2019-16724]
142174Suricata Options decode-ipv4.c IPV4OptValidateTimestamp out-of-bounds read
142173Suricata Fragmented Packet defrag.c Defrag4Reassemble out-of-bounds read
142172Suricata SSLv3 app-layer-ssl.c TLSDecodeHSHelloExtensions out-of-bounds read
142171SICK FX0-GPNT00000/FX0-GENT00000 buffer overflow [CVE-2019-14753]
142170NXP Kinetis KV1x/Kinetis KV3x/Kinetis K8x Access Control improper authentication
142169STMicroelectronics STM32F7 Proprietary Code Read Out Protection improper authentication
142168BlueStacks Virtual Machine information disclosure [CVE-2019-14220]
142167Niagara AX Utility improper authentication [CVE-2019-13528]
142166Rockwell Automation Arena Simulation Software Cat. 9502-Ax Arena File uninitialized pointer
142165QEMU LSI SCSI Adapter Emulator lsi_execute_script infinite loop
142164IBM Security Key Lifecycle Manager Credentials cleartext storage
142163IBM Security Key Lifecycle Manager cross-site request forgery
142162wolfSSL ASN.1 Certificate asn.c CheckCertSignature_ex out-of-bounds read
142161Linux Kernel Beacon Head nl80211.c validate_beacon_head buffer overflow
142160pam-python privileges management [CVE-2019-16729]
142159DOMPurify cross site scripting [CVE-2019-16728]
142158Progress MOVEit Transfer REST API MOVEit.DMZ.WebApi.dll sql injection
142157makandra consul Gem Access Control authorization [CVE-2019-16377]
142156Grafana Save/Test Credentials insufficiently protected credentials
142155Total Defense Anti-Virus caschelp.exe untrusted search path
142154Total Defense Anti-Virus Access Control AMRT.exe privileges management
142153Total Defense Anti-Virus Access Control ccschedulersvc.exe privileges management
142152Apache JSPWiki Plugin Link cross site scripting [CVE-2019-12407]
142151Cloud Foundry NFS Volume Service LDAP injection [CVE-2019-11277]
142150Red Lion Controls Crimson use after free [CVE-2019-10996]
142149Red Lion Controls Crimson Configuration File hard-coded credentials
142148Red Lion Controls Crimson uninitialized pointer [CVE-2019-10984]
142147Red Lion Controls Crimson memory corruption [CVE-2019-10978]
142146pac4j-saml SAML Identifier Generator RandomStringUtils PRNG weak prng
142145Apereo CAS Token Generator PRNG weak prng
142144Apache JSPWiki Plugin Link cross site scripting [CVE-2019-10090]
142143CoreOS Tectonic Grafana Web Application cross site scripting
142142Home Assistant Error Log information disclosure
142141TLS Protocol/DTLS Protocol MAC Check Lucky Thirteen cryptographic issues🔒🔒
142140Microsoft Windows Defender File input validation [CVE-2019-1255]
142139Microsoft Internet Explorer Scripting Engine DarkHotel memory corruption
142138ZTE ZXV10 B860A Terminal System input validation [CVE-2019-3416]
142137Cacti Authorization graph_json.php authorization
142136ZZZCMS zzzphp Protection Mechanism input validation [CVE-2019-16722]
142135NoneCms dele.html cross-site request forgery
142134ZZZCMS zzzphp File Upload unrestricted upload [CVE-2019-16720]
142133WTCMS cross-site request forgery [CVE-2019-16719]
142132radare2 cbin.c bin_symbols os command injection
142131Linux Kernel recv.c rds6_inc_info_copy information disclosure
142130ImageMagick dot.c PingImage release of resource
142129ImageMagick ps3.c Huffman2DEncodeImage release of resource
142128ImageMagick ps2.c Huffman2DEncodeImage release of resource
142127ImageMagick dot.c AcquireMagickMemory release of resource
142126ImageMagick dps.c XCreateImage release of resource
142125ImageMagick xwindow.c XCreateImage release of resource
142124Hunspell suggestmgr.cxx leftcommonsubstring memory corruption
142123kkcms cms_user_add.php cross-site request forgery
142121Vandy Vape Platform Bluetooth Low Energy Temperature exposure of resource
142120Within Sahi Pro Script View Page path traversal [CVE-2019-13063]
142119Apache JSPWiki Plugin Link InfoContent.jsp cross site scripting
142118Apache JSPWiki WYSIWYG Editor cross site scripting [CVE-2019-10089]
142117Apache JSPWiki Plugin Link cross site scripting [CVE-2019-10087]
142116libming decompile.c OpCode out-of-bounds read
142115PHPMyWind infoclass_update.php Stored cross site scripting
142114PHPMyWind infolist_add.php Stored cross site scripting
142113Integard Pro LoginAdmin buffer overflow
142112phpipam edit.php sql injection
142111phpipam filter.php sql injection
142110phpipam edit-result.php sql injection
142109phpipam order.php sql injection
142108phpipam filter-result.php sql injection
142107Mastodon Session Timeout session expiration
142106Traveloka App cross site scripting [CVE-2019-16681]
142105GNOME file-roller path traversal [CVE-2019-16680]
142104Gila CMS path traversal [CVE-2019-16679]
142103YzmCMS add.html cross-site request forgery
142102idreamsoft iCMS cross-site request forgery [CVE-2019-16677]
142101Pagekit Reset Password Email information exposure
142100ThinkSAAS cross site scripting [CVE-2019-16665]
142099ThinkSAAS cross site scripting [CVE-2019-16664]
142098Ogma CMS New Blog Creation cross site scripting [CVE-2019-16661]
142097joyplus-cms cross-site request forgery [CVE-2019-16660]
142096TuziCMS do_add cross-site request forgery
142095TuziCMS do_add cross-site request forgery
142094TuziCMS cross site scripting [CVE-2019-16657]
142089F5 BIG-IP ASM Config information disclosure [CVE-2019-6650]
142088F5 BIG-IP/Enterprise Manager Config information disclosure [CVE-2019-6649]
142087Forcepoint VPN Client Unquoted Search Path unquoted search path
142086VMware ESXi/Fusion/Workstation Pixel Shader out-of-bounds read
142085IBM Security Key Lifecycle Manager Password Policy weak password
142084IBM WebSphere Application Server Network Deployment information disclosure
142083EmbedThis GoAhead login injection
142082TuziCMS ZhuantiController.class.php sql injection
142081ZrLog Article Stored cross site scripting
142080DrayTek Vigor2925 General Setup cross site scripting [CVE-2019-16534]
142079DrayTek Vigor2925 Access Control loginset.htm cross site scripting
142078html-pdf Package XMLHttpRequest information disclosure [CVE-2019-15138]
142077Linux Kernel Marvell Wifi Chip Driver buffer overflow [CVE-2019-14816]
142076Linux Kernel Marvell Wifi Chip Driver buffer overflow [CVE-2019-14814]
142075Topcon Positioning Net-G5 GNSS Receiver Web Interface path traversal
142074Topcon Positioning Net-G5 GNSS Receiver Web Interface Password privileges management
142073Pivotal Application Service Apps Manager privileges management
142072Prospecta Master Data Online cross-site request forgery [CVE-2018-17789]
142071Mautic Company Name Stored cross site scripting
142070xpinner-lite Pplugin options-general.php cross-site request forgery
142069xpinner-lite Plugin xpinner-lite.php cross site scripting
142068mTheme-Unus Theme css.php path traversal
142067wp-piwik Plugin cross site scripting [CVE-2015-9405]
142066neuvoo-jobroll Plugin cross site scripting [CVE-2015-9404]
142065neuvoo-jobroll Plugin cross site scripting [CVE-2015-9403]
142064users-ultra Plugin File Upload unrestricted upload [CVE-2015-9402]
142063websimon-tables Plugin tools.php cross site scripting
142062wordpress-meta-robots Plugin post-new.php sql injection
142061wp-stats-dashboard Plugin graph_trend.php sql injection
142060gocodes Plugin tools.php sql injection
142059gocodes Plugin tools.php cross site scripting
142058auto-thickbox-plus Plugin cross site scripting [CVE-2015-9396]
142057users-ultra Plugin Ajax sql injection [CVE-2015-9395]
142056users-ultra Plugin admin-ajax.php cross-site request forgery
142055users-ultra Plugin cross site scripting [CVE-2015-9393]
142054users-ultra Plugin cross site scripting [CVE-2015-9392]
142053Antioch Theme download.php path traversal [CVE-2014-10397]
142052epic Theme download.php path traversal
142051TuziCMS ZhuantiController.class.php sql injection
142050PRiSE adAS cross-site request forgery [CVE-2019-15089]
142049PRiSE adAS type conversion [CVE-2019-15088]
142048PRiSE adAS authorization [CVE-2019-15087]
142047PRiSE adAS Error Message Reflected cross site scripting
142046PRiSE adAS Change Password insufficiently protected credentials
142045PRiSE adAS File Upload unrestricted upload [CVE-2019-14916]
142044PRiSE adAS Certificate cross site scripting [CVE-2019-14915]
142043PRiSE adAS medatadata_del path traversal
142042PRiSE adAS Administration Panel Persistent cross site scripting
142041PRiSE adAS OPENSSO Module redirect [CVE-2019-14912]
142040PRiSE adAS OPENSSO Module Reflected cross site scripting
142039wp-listings Plugin single-listing.php cross site scripting
142038sola-support-tickets Plugin Access Control wp-admin cross site scripting
142037wp-invoice Plugin privileges management [CVE-2016-11011]
142036wp-invoice Plugin Access Control exposure of resource [CVE-2016-11010]
142035wp-invoice Plugin Access Control exposure of resource [CVE-2016-11009]
142034wp-invoice Plugin Access Control exposure of resource [CVE-2016-11008]
142033wp-invoice Plugin Access Control exposure of resource [CVE-2016-11007]
142032wp-invoice Plugin Access Control exposure of resource [CVE-2016-11006]
142031instalinker Plugin cross site scripting [CVE-2016-11005]
142030Elegant Themes Monarch Plugin privileges management [CVE-2016-11004]
142029Elegant Themes Bloom Plugin privileges management [CVE-2016-11003]
142028Elegant Themes Extra Theme privileges management [CVE-2016-11002]
142027user-submitted-posts Plugin cross site scripting [CVE-2016-11001]
142026wp-ultimate-exporter Plugin sql injection [CVE-2016-11000]
142025Goodnews Theme cross site scripting [CVE-2016-10999]
142024ocim-mp3 Plugin pages.php cross site scripting
142023beauty-premium Theme File Upload sendmail.php cross-site request forgery
142022optinmonster Plugin Access Control authorization [CVE-2016-10996]
142021yawpp Plugin cross site scripting [CVE-2015-9391]
142020admin-management-xtended Plugin wp_ajax privileges management
142019mtouch-quiz Plugin Quiz Name cross site scripting [CVE-2015-9389]
142018mtouch-quiz Plugin edit.php cross-site request forgery
142017mtouch-quiz Plugin options-general.php cross-site request forgery
142016mtouch-quiz Plugin Quiz Manage cross site scripting [CVE-2015-9386]
142015quotes-and-tips Plugin cross site scripting [CVE-2015-9385]
142014relevant Plugin cross site scripting [CVE-2015-9384]
142013libavcodec Subtitle Decoder srtdec.c srt_to_ass buffer overflow
142012libav Subtitle Decoder srtdec.c srt_to_ass buffer overflow
142011libav Subtitle Decoder srtdec.c srt_to_ass input validation
142009LayerBB System Settings general.php cross-site request forgery
142008checklist Plugin checklist-icon.php cross site scripting
142007Linux Kernel KVM Hypervisor kvm out-of-bounds write
142006LINE integer overflow [CVE-2019-6010]
142005SuSE Linux Enterprise Server nfs-utils Package nfs privileges management
142004FireGiant WiX Toolset DTF Microsoft.Deployment.Compression.Cab.dll path traversal
142003libIEC61850 mms_server.c MmsServer_waitReady use after free
142002Tenda N301 Wireless Router wanMTU setSysTools input validation
142001Keeper K5 SD Card Data input validation
142000Counter-Strike: Global Offensive Map vphysics.dll input validation
141999Pydio Remote Link index.php server-side request forgery
141998Pydio Error Reporting information exposure [CVE-2019-15032]
141997Atlassian JIRA Server/Data Center Jira Importers Plugin injection
141996Bitbucket Server/Data Center REST Endpoint injection [CVE-2019-15000]
141995Atlassian Jira Service Desk Server Customer Context Filter path traversal
141994Eclipse Mosquitto Subscribe Packet unusual condition [CVE-2019-11779]
141993Linux Kernel p9 Filesystem i_size_write infinite loop
141992Dahua IPC-HDW1X2X IP Address information disclosure [CVE-2019-9680]
141991Dahua IPC-HDW1X2X Debug Function default permission [CVE-2019-9679]
141990Dahua IPC-HDW1X2X Login input validation [CVE-2019-9678]
141989Dahua IPC-HDW1X2X CGI Interface buffer overflow [CVE-2019-9677]
141988VMware vCenter Server vAppConfig Credentials insufficiently protected credentials
141987VMware vCenter Server Log Credentials insufficiently protected credentials
141986VMware vSphere ESXi/vCenter Server Session Expiration session expiration
141985Aspose.PDF use after free [CVE-2019-5067]
141984Aspose.PDF LZW Compression use after free [CVE-2019-5066]
141983Aspose.PDF FunctionType 0 PDF Element use after free [CVE-2019-5042]
141982Dell EMC RSA Archer improper authentication [CVE-2019-3758]
141981Dell EMC RSA Archer Backend Database information disclosure [CVE-2019-3756]
141980RSA BSAFE Crypto-J DAS Key Generation information disclosure
141979RSA BSAFE Crypto-J ECDSA Key Generation information exposure
141978RSA BSAFE Crypto-J Signature Collision signature verification
141977Terrasoft Bpm'online CRM-System SDK Terrasoft.Core.DB.Column.Const sql injection
141976Vivotek IP Camera HTTP Header input validation [CVE-2019-14458]
141975Advantech WebAccess code injection [CVE-2019-13558]
141974Advantech WebAccess memory corruption [CVE-2019-13556]
141973Advantech WebAccess os command injection [CVE-2019-13552]
141972Advantech WebAccess authorization [CVE-2019-13550]
141971Eclipse Mosquitto MQTT v5 Client use after free [CVE-2019-11778]
141970Micro Focus Service Manager Browser insufficiently protected credentials
141969Micro Focus Service Manager Tomcat insufficiently protected credentials
141968Micro Focus Service Manager Error Message information exposure
141967Micro Focus Service Manager Table authorization [CVE-2019-11661]
141966TIBCO Enterprise Runtime for R Server input validation [CVE-2019-11211]
141965TIBCO Enterprise Runtime for R Server input validation [CVE-2019-11210]
141964Cisco HyperFlex Software Web-based Interface cross site scripting
141963Webkul Bagisto authorization [CVE-2019-16403]
141962Western Digital WD My Book World improper authentication [CVE-2019-16399]
141961Zulip Server File Upload Stored cross site scripting
141960Zulip Server Markdown Parser resource consumption [CVE-2019-16215]
141959Xiaomi Millet Mobile Phone File Upload unrestricted upload [CVE-2019-15843]
141958Publisure userAccFunctions.php sql injection
141957Publisure Secure Portal AdminDir authorization
141956Publisure Secure Portal adminCons.php unrestricted upload
141955Cisco HyperFlex Software Statistics Collection Service insufficient verification of data authenticity
141954IBM Financial Transaction Manager URL path traversal [CVE-2018-1847]
141953Tevolution Plugin File Upload single_upload.php unrestricted upload
141952Truemag Theme cross site scripting [CVE-2016-10994]
141951Dahua IPC-HDW1X2X Online Upgrade Reverse Engineering information disclosure
1419503S-Smart CODESYS Control Runtime input validation [CVE-2019-9009]
141949Schneider Electric U.motion Server Message format string [CVE-2019-6840]
141948Schneider Electric U.motion Server Access Control unrestricted upload
141947Schneider Electric U.motion Server Access Control authorization
141946Schneider Electric U.motion Server server-side request forgery
141945Schneider Electric U.motion Server Access Control authorization
141944Schneider Electric U.motion Server cross site scripting [CVE-2019-6835]
141943Schneider Electric HMI Panel HMIGTO Exception Freeze unusual condition
141942Schneider Electric spaceLYnk/Wiser for KNX improper authentication
141941Schneider Electric Modicon M340 Connection unusual condition
141940Schneider Electric Modicon M580 Time exceptional condition [CVE-2019-6830]
141939Schneider Electric Modicon M580/Modicon M340 Modbus exceptional condition
141938Schneider Electric Modicon M580 Modbus exceptional condition
141937Schneider Electric SoMachine HVAC DLL Loader untrusted search path
141936Schneider Electric Modicon M340 SNMP Server Truncate unusual condition
141935Schneider Electric Modicon Quantum 140 NOE771x1 unusual condition
141934Schneider Electric BMXNOR0200H Ethernet-Serial RTU Module Access Control authorization
141933Schneider Electric Modicon M580 Controller exceptional condition
141932IBM WebSphere Application Server Log information disclosure [CVE-2019-4477]
141931IBM WebSphere Application Server path traversal [CVE-2019-4442]
141930IBM Cognos Analytics Web UI cross site scripting [CVE-2019-4342]
141929IBM WebSphere Application Server Pollution input validation [CVE-2019-4271]
141928IBM WebSphere Application Server Web UI cross site scripting
141927IBM WebSphere Application Server URL path traversal [CVE-2019-4268]
141926IBM Cognos Analytics resource consumption [CVE-2019-4183]
141925IBM Cognos Controller inadequate encryption [CVE-2019-4175]
141924IBM Cognos Controller Authorization Token information disclosure
141923IBM Cloud Application Performance Management improper restriction of rendered ui layers
141922GnuCOBOL COBOL Source parser.y end_scope_of_program_name use after free
141921GnuCOBOL COBOL Source tree.c cb_name buffer overflow
141920SPIP Password Reminder Email information disclosure
141919SPIP URL headers.php redirect
141918SPIP Error Message login.php cross site scripting
141917SPIP meta.php authorization
141916eQ-3 Homematic CCU2/Homematic CCU3 Web Interface improper authentication
141915Linux Kernel virtqueue Buffer buffer overflow [CVE-2019-14835]
141914FreeIPA Session session expiration [CVE-2019-14826]
1419133S-Smart CODESYS V3 null pointer dereference [CVE-2019-13542]
1419123S-Smart CODESYS V3 Library cross site scripting [CVE-2019-13538]
141911Norton Password Manager information disclosure [CVE-2019-12755]
141910Micro Focus Service Manager Contact Information information disclosure
141909Micro Focus Service Manager Deserialization deserialization [CVE-2019-11666]
141908Micro Focus Service Manager information disclosure [CVE-2019-11665]
141907APC UPS Network Management Card 2 AOS Remote Monitoring Credentials insufficiently protected credentials
141906Asuswrt-Merlin UDP wanduck.c parse_req_queries buffer overflow
1419053S-Smart CODESYS V3 permission assignment [CVE-2019-9008]
141904OpenDMARC Signature authentication spoofing [CVE-2019-16378]
141903OpenConnect process_http_response buffer overflow
141902GitLab Community Edition/Enterprise Edition Internal Endpoint information disclosure
141901Code42 Enterprise File Upload unrestricted upload [CVE-2019-15131]
141900HRworks Login Reflected cross site scripting
141899ScoreMe Theme cross site scripting [CVE-2016-10993]
141898music-store Plugin cross site scripting [CVE-2016-10992]
141897imdb-widget Plugin input validation [CVE-2016-10991]
141896wp-cerber Plugin HTTP Header cross site scripting [CVE-2016-10990]
141895leenkme Plugin cross-site request forgery [CVE-2016-10989]
141894leenkme Plugin Stored cross site scripting [CVE-2016-10988]
141893persian-woocommerce-sms Plugin cross site scripting [CVE-2016-10987]
141892tweet-wheel Plugin cross site scripting [CVE-2016-10986]
141891echosign Plugin add_templates.php cross site scripting
141890echosign Plugin inc.php cross site scripting
141889ghost Plugin Access Control improper authentication [CVE-2016-10983]
141888kento-post-view-counter Plugin cross-site request forgery [CVE-2016-10982]
141887kento-post-view-counter Plugin Stored cross site scripting [CVE-2016-10981]
141886kento-post-view-counter Plugin cross site scripting [CVE-2016-10980]
141885fossura-tag-miner Plugin cross site scripting [CVE-2016-10979]
141884fossura-tag-miner Plugin cross-site request forgery [CVE-2016-10978]
141883nelio-ab-testing Plugin path traversal [CVE-2016-10977]
141882safe-editor Plugin cross site scripting [CVE-2016-10976]
141881fluid-responsive-slideshow Plugin Reflected cross site scripting
141880fluid-responsive-slideshow Plugin frs_save Stored cross-site request forgery
141879OpenEMR cross site scripting [CVE-2019-8368]
141878cURL TFTP Protocol buffer overflow [CVE-2019-5482]
141877cURL FTP-Kerberos double free [CVE-2019-5481]
141876IBM Sterling File Gateway Back-End Database sql injection [CVE-2019-4147]
141875LogMeIn LastPass insufficiently protected credentials [CVE-2019-16371]
141874Gradle PGP Signing SHA1 input validation
141873GitLab Omnibus logrotate privileges management [CVE-2019-15741]
141872GitLab Community Edition/Enterprise Edition Image Upload Location information disclosure
141871GitLab Community Edition/Enterprise Edition Markdown cross site scripting
141870GitLab Community Edition/Enterprise Edition ID Email information disclosure
141869GitLab Community Edition/Enterprise Edition Session Management improper authentication
141868GitLab Community Edition/Enterprise Edition CI Pipeline resource consumption
141867GitLab Community Edition/Enterprise Edition Commit Title information disclosure
141866OpenEMR code injection [CVE-2019-8371]
141865XS Javascript xsAPI.c fxBeginHost buffer overflow
141864Beego File Session Manager default permission [CVE-2019-16355]
141863Beego File Session Manager race condition [CVE-2019-16354]
141862Emerson GE Automation Proficy Machine Edition Traffic input validation
141861ffjpeg jfif.c jfif_load memory corruption
141860ffjpeg huffman.c huffman_decode_step null pointer dereference
141859ffjpeg dct.c idct2d8x8 null pointer dereference
141858Bento4 Ap4ByteStream.cpp ReadUI32 null pointer dereference
141857marc-q libwav wav_gain.c gain_file null pointer dereference
141856ngiflib ngiflib.c WritePixels memory corruption
141855ngiflib ngiflib.c WritePixel memory corruption
141854Escuela de Gestion Publica Plurinacional Sistema Integrado de Gestion Academica Authentication Form sql injection
141853Dolibarr HTTP Header card.php cross site scripting
141852GitLab Enterprise Edition Access Control permission assignment
141851D-Link DNS-320 CGI Script login_mgr.cgi os command injection
141850CRM Plugin vCard Data cross site scripting [CVE-2019-15950]
141849GitLab Community Edition/Enterprise Edition Branch Name information disclosure
141848GitLab Community Edition/Enterprise Edition Project Import API information disclosure
141847GitLab Community Edition/Enterprise Edition Merge Request permission assignment
141846GitLab Community Edition/Enterprise Edition Jira Integration server-side request forgery
141845GitLab Community Edition/Enterprise Edition Kubernetes Integration server-side request forgery
141844GitLab Community Edition/Enterprise Edition Permission Check information disclosure
141843GitLab Community Edition/Enterprise Edition Markdown IP Address information disclosure
141842GitLab Community Edition/Enterprise Edition API information disclosure
141841GitLab Community Edition/Enterprise Edition Label Description injection
141840GitLab Community Edition/Enterprise Edition permission assignment
141839GitLab Community Edition/Enterprise Edition Markdown resource consumption
141838GitLab Community Edition/Enterprise Edition Internal Endpoint permission assignment
141837TELESTAR Imperial i600 Access Control set_dname improper authentication
141836Inteno EG200 JUCI ACL Key information exposure
141835Intel Microprocessor DDIO Cache race condition [CVE-2019-11184]
141834Intel Easy Streaming Wizard File Permission privileges management
141833Apache Tapestry ctx ContextResource path traversal
141832Apache Tapestry AppModule deserialization
141831GPAC box_code_base.c dinf_Read resource consumption
141830GPAC box_code_base.c audio_sample_entry_AddBox out-of-bounds read
141829GPAC avc_ext.c AVC_DuplicateConfig null pointer dereference
141828newspaper Theme admin-ajax.php injection
141827Brafton Plugin cross site scripting [CVE-2016-10973]
141826newspaper Theme Access Control td_ajax_update_panel privileges management
141825MemberSonic Lite Plugin Access Control privileges management
141824supportflow Plugin Ticket Excerpt cross site scripting [CVE-2016-10970]
141823supportflow Plugin Discussion Ticket Title cross site scripting
141822peepso-core Plugin PeepSoProfilePreferencesAjax->save privileges management
141821real3d-flipbook-lite Plugin flipbooks.php cross site scripting
141820real3d-flipbook-lite Plugin File Upload path traversal [CVE-2016-10966]
141819real3d-flipbook-lite Plugin path traversal [CVE-2016-10965]
141818dwnldr Plugin cross site scripting [CVE-2016-10964]
141817icegram Plugin cross site scripting [CVE-2016-10963]
141816icegram Plugin edit.php cross-site request forgery
141815colorway Theme cross site scripting [CVE-2016-10961]
141814wsecure Plugin wsecure-config.php input validation
141813estatik Plugin File Upload admin-ajax.php unrestricted upload
141812estatik Plugin File Upload admin-ajax.php unrestricted upload
141811Akal Theme preview.php cross site scripting
141810mail-masta Plugin count_of_send.php input validation
141809FasterXML jackson-databind input validation [CVE-2019-16335]
141808Bludit Categories Persistent cross site scripting
141807GetSimple CMS theme-edit.php Persistent cross site scripting
141806api-bearer-auth Plugin swagger-config.yaml.php cross site scripting
141805FasterXML jackson-databind input validation [CVE-2019-14540]
141804ScadaBR cross site scripting [CVE-2019-16321]
141803Cobham Sea Tel SNMP Service information disclosure [CVE-2019-16320]
141802Wireshark Gryphon Dissector packet-gryphon.c resource consumption
141801Pimcore File Extension Filter unrestricted upload [CVE-2019-16318]
141800Pimcore PHAR File deserialization [CVE-2019-16317]
141799Indexhibit input validation [CVE-2019-16314]
141798ifw8 Router ROM HTML Source Code usermanager.htm Credentials insufficiently protected credentials
141797S-Cms cross site scripting [CVE-2019-16312]
141796Niushop index.php cross-site request forgery
141795Niushop cross site scripting [CVE-2019-16310]
141794FlameCMS login.php sql injection
141793Fuji Xerox DocuShare WebEx Module webExMeetingLogin.jsp Reflected cross site scripting
141792MobaXterm Protocol injection [CVE-2019-16305]
141791Notepad++ Scintilla SciLexer.dll input validation
141790gitlabhook Repository Name os command injection [CVE-2019-5485]
141789Bower Install path traversal [CVE-2019-5484]
141788Aruba ArubaOS Web Management Interface os command injection [CVE-2019-5315]
141787Aruba ArubaOS URL cross site scripting [CVE-2019-5314]
141786McAfee Total Protection Free Antivirus Trial DLL untrusted search path
141785JHipster/JHipster Kotlin Generator weak prng [CVE-2019-16303]
141784Open-AudIT Create Discoveries os command injection [CVE-2019-16293]
141783insert-php Plugin cross site scripting [CVE-2019-16289]
141782Tenda N301 Wireless Router setWifi input validation
141781PicoC string.c StringStrcpy memory corruption
141780Linux Kernel process.c information disclosure
141779Linux Kernel Hardware Transaction process.c input validation
141778Siemens IE-WSN-PA Link WirelessHART Gateway Web Interface cross site scripting
141777Siemens SINEMA Remote Connect Server Password unknown vulnerability
141776Siemens SINEMA Remote Connect Server Web Application cross-site request forgery
141775Siemens SINEMA Remote Connect Server information disclosure [CVE-2019-13919]
141774Siemens SINEMA Remote Connect Server Web Interface weak password
141773CODESYS V3 Web Server buffer overflow [CVE-2019-13548]
141772CODESYS V3 Web Server path traversal [CVE-2019-13532]
141771Piwigo cross site scripting [CVE-2019-13364]
141770Piwigo cross site scripting [CVE-2019-13363]
141769phpMyAdmin Setup Page cross-site request forgery [CVE-2019-12922]
141768slickquiz Plugin admin-ajax.php save_quiz_score Stored cross site scripting
141767slickquiz Plugin sql injection [CVE-2019-12516]
141766Micro Focus Data Protector privileges management [CVE-2019-11660]
141765Siemens SIMATIC TDC CP51M1 UDP Packet input validation [CVE-2019-10937]
141764Aruba ArubaOS Mobility Controller input validation [CVE-2018-7081]
141763kama-clic-counter Plugin cross site scripting [CVE-2017-18615]
141762kama-clic-counter Plugin admin.php sql injection
141761trust-form Plugin cross site scripting [CVE-2017-18613]
141760wp-whois-domain Plugin func-whois.php cross site scripting
141759cysteme-finder Plugin File Upload unrestricted upload [CVE-2016-10955]
141758Neosense Theme qquploader unrestricted upload [CVE-2016-10954]
141757Headway Theme License Key cross site scripting [CVE-2016-10953]
141756quotes-collection Plugin cross site scripting [CVE-2016-10952]
141755fs-shopping-cart Plugin sql injection [CVE-2016-10951]
141754sirv Plugin sql injection [CVE-2016-10950]
141753Relevanssi Premium Plugin Unserialization sql injection [CVE-2016-10949]
141752Post Indexer Plugin unserialize input validation
141751Post Indexer Plugin sql injection [CVE-2016-10947]
141750wp-d3 Plugin cross-site request forgery [CVE-2016-10946]
141749PageLines Theme cross-site request forgery [CVE-2016-10945]
141748multisite-post-duplicator Plugin cross-site request forgery [CVE-2016-10944]
141747zx-csv-upload Plugin sql injection [CVE-2016-10943]
141746podlove-podcasting-plugin-for-wordpress Plugin sql injection
141745podlove-podcasting-plugin-for-wordpress Plugin cross site scripting
141744zm-gallery Plugin sql injection [CVE-2016-10940]
141743xtremelocator Plugin sql injection [CVE-2016-10939]
141742copy-me Plugin cross-site request forgery [CVE-2016-10938]
141741Integard Pro/Home Web Server buffer overflow [CVE-2010-5333]
141740Microsoft Windows NTFS excessive authentication
141739SHIRASAGI redirect [CVE-2019-6009]
141738apng-drawable integer overflow [CVE-2019-6007]
141737Smart TV Box Service Port 5555 privileges management [CVE-2019-6005]
141736ApeosWare Management Suite redirect [CVE-2019-6004]
141735Amazon Pay Plugin cross site scripting [CVE-2019-6003]
141734Video Insight VMS sql injection [CVE-2019-5996]
141733Category Specific RSS Feed Subscription cross-site request forgery
141732Ultra Simple Paypal Shopping Cart cross-site request forgery
141731Cybozu Garoon sql injection [CVE-2019-5991]
141730Hikari Denwa Router/Home GateWay cross-site request forgery [CVE-2019-5986]
141729Hikari Denwa Router/Home GateWay cross site scripting [CVE-2019-5985]
141728Cybozu Garoon Scheduler redirect [CVE-2019-5978]
141727Cybozu Garoon E-Mail injection [CVE-2019-5977]
141726Cybozu Garoon input validation [CVE-2019-5976]
141725Cybozu Garoon DOM-Based injection [CVE-2019-5975]
141724WonderCMS path traversal [CVE-2019-5956]
141723McAfee Web Gateway Administrators Web Console Reflected cross site scripting
141722hostapd/wpa_supplicant Disconnection input validation [CVE-2019-16275]
141721Tripp Lite PDUMH15AT improper authentication [CVE-2019-16261]
141720Motorola Device SIMalliance Toolbox Browser privileges management
141719Samsung Device SIMalliance Toolbox Browser privileges management
141718AfterLogic Aurora cross site scripting [CVE-2019-16238]
141717NXP Kinetis KV1x/Kinetis KV3x/Kinetis K8x FAC authorization [CVE-2019-14237]
141716STMicroelectronics STM32L0/STM32L1/STM32L4/STM32F4/STM32F7/STM32H7 PCROP authorization
141715Philips IntelliVue WLAN code download [CVE-2019-13534]
141714Philips IntelliVue WLAN FTP hard-coded credentials [CVE-2019-13530]
141713Bosch Access Professional Edition Windows SMB information disclosure
141712Bosch Access Professional Edition Service Tools hard-coded credentials
141711Eclipse OMR Versioner toctou [CVE-2019-11774]
141710Eclipse OMR RPATH code injection [CVE-2019-11773]
141709Script Security Plugin Sandbox input validation [CVE-2019-10400]
141708Script Security Plugin Sandbox input validation [CVE-2019-10399]
141707Beaker Builder Plugin Global Configuration Credentials insufficiently protected credentials
141706Aqua Security Serverless Scanner Plugin Job Configuration insufficiently protected credentials
141705Dashboard View Plugin Build Description cross site scripting
141704Build Environment Plugin View cross site scripting [CVE-2019-10395]
141703Script Security Plugin Sandbox input validation [CVE-2019-10394]
141702Script Security Plugin Sandbox input validation [CVE-2019-10393]
141701Git Client Plugin URL os command injection [CVE-2019-10392]
141700Trend Micro Security Manager/Vulnerability Protection XML Data xml external entity reference
141699JIRA makeRequest JiraWhitelist server-side request forgery
141698JIRA Optimization Plugin cross site scripting [CVE-2019-8450]
141697JIRA groupuserpicker Username information disclosure
141696Netgear N300 Host Access Point Daemon null pointer dereference
141695Netgear N300 Session null pointer dereference [CVE-2019-5054]
141694Dell EMC RSA Identity Governance Debug Log File Password information disclosure
141693Dell EMC RSA Identity Governance Access Request Module Stored cross site scripting
141692Dell EMC RSA Identity Governance Back-End Database sql injection
141691Dell EMC RSA Identity Governance Groovy Script code injection
141690McAfee Web Gateway Scanning Proxy input validation [CVE-2019-3644]
141689McAfee Web Gateway Scanning Proxy input validation [CVE-2019-3643]
141688Ocean Extra Plugin CSS wizard.php input validation
141687OpenCV intrin_sse.hpp v_load out-of-bounds read
141686Telegram Delete input validation [CVE-2019-16248]
141685Delta DCISoft User Mode SetSerializeData+0x000000000000001b memory corruption
141684Dino MAM Message 0313_message_archive_management.vala input validation
141683Dino Push Authorization module.vala authorization
141682Dino Carbon Message 0280_message_carbons.vala input validation
141681Linux Kernel trans.c null pointer dereference
141680Linux Kernel qla_os.c null pointer dereference
141679Linux Kernel if_sdio.c null pointer dereference [CVE-2019-16232]
141678Linux Kernel fjes_main.c null pointer dereference
141677Linux Kernel radeon_display.c null pointer dereference
141676Linux Kernel kfd_interrupt.c null pointer dereference
141675py-lmdb mdb_env_open2 divide by zero
141674py-lmdb mdb_cursor_set memory corruption
141673py-lmdb memmove mdb_node_del memory corruption
141672py-lmdb memory corruption [CVE-2019-16225]
141671py-lmdb memory corruption [CVE-2019-16224]
141670WordPress Post Preview cross site scripting [CVE-2019-16223]
141669WordPress URL kses.php wp_kses_bad_protocol_once cross site scripting
141668WordPress Dashboard Reflected cross site scripting
141667WordPress pluggable.php wp_validate_redirect
141666WordPress Shortcode Preview cross site scripting [CVE-2019-16219]
141665WordPress Comment Stored cross site scripting
141664WordPress Media Upload cross site scripting [CVE-2019-16217]
141663Micro-Star MSI Afterburner Driver RTCore64.sys privileges management
141662XWiki CryptPad Pad Management Logic input validation [CVE-2019-15302]
141661JIRA cross-site request forgery [CVE-2019-14998]
141660JIRA Cache AccessLogFilter information disclosure
141659JIRA FilterPickerPopup.jspa cross site scripting
141658JIRA Attachment render default permission
141657Easy!Appointments Plugin Credentials information disclosure [CVE-2019-14936]
141656Delta Electronics TPEditor Project File out-of-bounds write [CVE-2019-13544]
141655Delta Electronics TPEditor Project File memory corruption [CVE-2019-13540]
141654Delta Electronics TPEditor Project File buffer overflow [CVE-2019-13536]
141653TELESTAR Imperial i600 Telnet Service hard-coded credentials
141652Microsoft Windows Common Log File System Driver information disclosure
141651Eclipse Paho Java Client Library TLS Connection input validation
141650TeamViewer GUI Teamviewer.exe insufficiently protected credentials
141649Apache OFBiz Form Widget input validation [CVE-2019-10074]
141648Apache OFBiz Stored cross site scripting [CVE-2019-10073]
141647Apache OFBiz XmlSerializer httpService deserialize deserialization
141646Apache OFBiz HTTP Service httpService input validation
141645ArcGIS Enterprise My Profile cross site scripting [CVE-2019-16193] CentOS Web Panel Email authorization [CVE-2019-14725] CentOS Web Panel Email Forwarding authorization
141642Adobe Flash Player origin validation [CVE-2019-8069]
141641Adobe Flash Player use after free [CVE-2019-8070]
141640Adobe Application Manager Installer untrusted search path [CVE-2019-8076]
141639Microsoft SharePoint Foundation cross-site request forgery [CVE-2019-1259]
141638Microsoft Team Foundation Server/Azure DevOps Server cross site scripting
141637Microsoft Windows AppX Deployment Server privileges management
141636Microsoft ASP.NET Core Project Template input validation [CVE-2019-1302]
141635Microsoft .NET Core input validation [CVE-2019-1301]
141634Microsoft Edge information disclosure [CVE-2019-1299]
141633Microsoft Excel memory corruption [CVE-2019-1297]
141632Microsoft Windows Secure Boot input validation [CVE-2019-1294]
141631Microsoft Windows SMB Client Driver information disclosure [CVE-2019-1293]
141630Microsoft Windows memory corruption [CVE-2019-1292]
141629Microsoft Windows Update Delivery Optimization privileges management
141628Microsoft Windows Network Connectivity Assistant input validation
141627Microsoft Windows GDI information disclosure [CVE-2019-1286]
141626Microsoft Windows Win32k privileges management [CVE-2019-1285]
141625Microsoft Windows DirectX memory corruption [CVE-2019-1284]
141624Microsoft Windows Graphics Component information disclosure [CVE-2019-1283]
141623Microsoft Windows unistore.dll privileges management [CVE-2019-1278]
141622Microsoft Windows Audio Service privileges management [CVE-2019-1277]
141621Microsoft Windows Kernel information disclosure [CVE-2019-1274]
141620Microsoft Windows Active Directory Federation Services cross site scripting
141619Microsoft Windows ALPC privileges management [CVE-2019-1272]
141618Microsoft Windows hdAudio.sys privileges management [CVE-2019-1271]
141617Microsoft Windows Store Installer privileges management [CVE-2019-1270]
141616Microsoft Windows ALPC privileges management [CVE-2019-1269]
141615Microsoft Windows Winlogon privileges management [CVE-2019-1268]
141614Microsoft Windows Compatibility Appraiser privileges management
141613Microsoft Exchange Server Outlook Web App input validation [CVE-2019-1266]
141612Microsoft Yammer Security Feature Policy input validation
141611Microsoft Office Security Feature input validation [CVE-2019-1264]
141610Microsoft Excel information disclosure [CVE-2019-1263]
141609Microsoft SharePoint Foundation cross site scripting [CVE-2019-1262]
141608Microsoft SharePoint Enterprise Server cross-site request forgery
141607Microsoft SharePoint Enterprise Server privileges management
141606Microsoft Windows Win32k privileges management [CVE-2019-1256]
141605Microsoft Windows Hyper-V information disclosure [CVE-2019-1254]
141604Microsoft Windows AppX Deployment Server privileges management
141603Microsoft Windows GDI information disclosure [CVE-2019-1252]
141602Microsoft Windows DirectWrite information disclosure [CVE-2019-1251]
141601Microsoft Windows JET Database Engine memory corruption [CVE-2019-1250]
141600Microsoft Windows JET Database Engine memory corruption [CVE-2019-1249]
141599Microsoft Windows JET Database Engine memory corruption [CVE-2019-1248]
141598Microsoft Windows JET Database Engine memory corruption [CVE-2019-1247]
141597Microsoft Windows JET Database Engine memory corruption [CVE-2019-1246]
141596Microsoft Windows DirectWrite information disclosure [CVE-2019-1245]
141595Microsoft Windows DirectWrite information disclosure [CVE-2019-1244]
141594Microsoft Windows JET Database Engine memory corruption [CVE-2019-1243]
141593Microsoft Windows JET Database Engine memory corruption [CVE-2019-1242]
141592Microsoft Windows JET Database Engine memory corruption [CVE-2019-1241]
141591Microsoft Windows JET Database Engine memory corruption [CVE-2019-1240]
141590Microsoft Windows Text Service Framework input validation [CVE-2019-1235]
141589Microsoft Exchange Server memory corruption [CVE-2019-1233]
141588Microsoft Windows Diagnostics Hub Standard Collector Service privileges management
141587Microsoft Rome SDK Certificate Validation certificate validation
141586Microsoft Rome SDK Certificate Validation certificate validation
141585Microsoft Internet Explorer Security Feature permission assignment
141584Microsoft Edge Security Feature permission assignment [CVE-2019-1220]
141583Microsoft Lync Server Conference information disclosure [CVE-2019-1209]
141582Microsoft .NET Framework Common Language Runtime privileges management
141581Microsoft Windows Hyper-V input validation [CVE-2019-0928]
141580Microsoft Windows Transaction Manager information disclosure
141579Microsoft Windows DirectX information disclosure [CVE-2019-1216]
141578Microsoft Windows Winsock ws2ifsl.sys privileges management
141577Microsoft Windows Common Log File System Driver privileges management
141576Microsoft Team Foundation Server/Azure DevOps Server input validation
141575Microsoft Windows lnk File input validation [CVE-2019-1280]
141574Microsoft Internet Explorer VBScript memory corruption [CVE-2019-1236]
141573Microsoft Internet Explorer VBScript memory corruption [CVE-2019-1208]
141572Microsoft Internet Explorer Scripting Engine memory corruption
141571Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption
141570Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption
141569Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption
141568Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption
141567Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption
141566Microsoft SharePoint Enterprise Server API input validation [CVE-2019-1295]
141565Microsoft SharePoint Enterprise Server API input validation [CVE-2019-1296]
141564Microsoft SharePoint Enterprise Server Markup input validation
141563Microsoft Windows Remote Desktop input validation [CVE-2019-0787]
141562Microsoft Windows Remote Desktop input validation [CVE-2019-0788]
141561Microsoft Windows Remote Desktop input validation [CVE-2019-1290]
141560Microsoft Windows Remote Desktop input validation [CVE-2019-1291]
141559Facebook Libra Core Inline Comment input validation
141557Vivotek IP Camera buffer overflow [CVE-2019-14457]
141556Mendix Excel Importer Module server-side request forgery [CVE-2019-12996]
141555TTLock Access Control password recovery [CVE-2019-12943]
141554TTLock Guest Access privileges management [CVE-2019-12942]
141553Micro Focus Service Manager Checkbox authorization [CVE-2019-11669]
141552Micro Focus Service Manager Cookie information disclosure [CVE-2019-11668]
141551Couchbase Server certificate validation [CVE-2019-11497]
141550Couchbase Server Bucket Setting Reset improper authentication
141549Couchbase Server epmd Service PRNG code injection
141548Couchbase Server JSON Document resource consumption [CVE-2019-11467]
141547Couchbase Server Eventing Debug Endpoint improper authentication
141546Vivotek IPCam improper authentication [CVE-2019-10256]
141545OnCommand Workflow Automation HTTP Header information disclosure
141544Advantech WebAccess/SCADA RPC Message buffer overflow [CVE-2019-3975]
141543MISP __checkLoggedActions privileges management
141542Humanica Humatrix 7 Recruitment Module act_acounttab.cfm default permission
141541LifterLMS Plugin class.llms.admin.import.php upload_import privileges management
141540OpenSSL Bleichenbacher missing encryption [CVE-2019-1563]
141539OpenSSL Random Number Generator random values [CVE-2019-1549]
141538OpenSSL EC Group missing encryption [CVE-2019-1547] CentOS Web Panel Domain input validation CentOS Web Panel Subdomain input validation CentOS Web Panel Email Forwarding input validation CentOS Web Panel Email Password input validation CentOS Web Panel DNS Record input validation CentOS Web Panel Email input validation [CVE-2019-14723] CentOS Web Panel Email Forwarding input validation CentOS Web Panel User authorization [CVE-2019-14721]
141529Apache Solr XML Document resource consumption [CVE-2019-12401]
141528supervisor supervisord missing authentication [CVE-2019-12105]
141527Couchbase Server Memcache information exposure [CVE-2019-11465]
141526Couchbase Server HTTP Server Port 8092 cross site scripting [CVE-2019-11464]
141525SAP Kernel resource consumption [CVE-2019-0365]
141524SAP HANA Extended Application Services Endpoint Port input validation
141523SAP HANA Extended Application Services Endpoint input validation
141522SAP Supplier Relationship Management cross site scripting [CVE-2019-0361]
141521SAP HANA Database privileges management [CVE-2019-0357]
141520SAP NetWeaver Process Integration Runtime Workbench information disclosure
141519SAP NetWeaver Application Server Java Web Container code injection
141518SAP Business One Client information disclosure [CVE-2019-0353]
141517SAP Business Intelligence Platform Cache information disclosure
141516magic-fields Plugin RCCWP_CreateCustomFieldPage.php cross site scripting
141515magic-fields Plugin RCCWP_CreateCustomFieldPage.php cross site scripting
141514magic-fields Plugin cross site scripting [CVE-2017-18609]
141513spotim-comments Plugin cross site scripting [CVE-2017-18608]
141512avada Theme cross-site request forgery [CVE-2017-18607]
141511avada Theme Stored cross site scripting [CVE-2017-18606]
141510gravitate-qa-tracker Plugin deserialization [CVE-2017-18605]
141509sitebuilder-dynamic-components Plugin Ajax deserialization [CVE-2017-18604]
141508postman-smtp Plugin cross site scripting [CVE-2017-18603]
141507examapp Plugin sql injection [CVE-2017-18602]
141506examapp Plugin Input Text Field cross site scripting [CVE-2017-18601]
141505formcraft3 Plugin Stored cross site scripting [CVE-2017-18600]
141504Pinfinity Theme cross site scripting [CVE-2017-18599]
141503Qards Plugin html2canvasproxy.php cross site scripting
141502jtrt-responsive-tables Plugin class-jtrt-responsive-tables-admin.php sql injection
141501elementor Plugin Access Control privileges management [CVE-2017-18596]
141500GitLab Community Edition/Enterprise Edition Access Control authorization🔒
141499GitLab Community Edition/Enterprise Edition Access Control information disclosure🔒
141498GitLab Enterprise Edition Access Control information disclosure🔒
141497GitLab Community Edition/Enterprise Edition Access Control permissions🔒
141496GitLab Community Edition/Enterprise Edition Access Control privileges management🔒
141495GitLab Community Edition/Enterprise Edition input validation🔒
141494GitLab Community Edition/Enterprise Edition Project Import Commit information disclosure🔒
141493GitLab Community Edition/Enterprise Edition Jira Integration server-side request forgery🔒
141492GitLab Community Edition/Enterprise Edition Project Import Error information disclosure🔒
141491GitLab Community Edition/Enterprise Edition Access Control permissions🔒
141490GitLab Community Edition/Enterprise Edition Permission information disclosure🔒
141489GitLab Community Edition/Enterprise Edition information disclosure🔒
141488GitLab Community Edition/Enterprise Edition Access Control input validation🔒
141487GitLab Community Edition/Enterprise Edition Project Import input validation🔒
141486GitLab Community Edition/Enterprise Edition KaTeX Persistent cross site scripting🔒
141485GitLab Community Edition/Enterprise Edition path traversal [CVE-2019-6783]🔒
141484GitLab Community Edition/Enterprise Edition Project information disclosure🔒
141483Seneca Environment Variable information exposure [CVE-2019-5483]
141482GitLab Community Edition/Enterprise Edition Email Verification improper authentication
141481GitLab Community Edition/Enterprise Edition Email Notification Persistent cross site scripting
141480GitLab Community Edition/Enterprise Edition Wiki Page Persistent cross site scripting
141479GitLab Community Edition/Enterprise Edition Authorization authorization
141478GitLab Community Edition/Enterprise Edition Service Integration Internal input validation
141477DocCms Module Management File managemodel.php upload_model privileges management
141476D-Link DIR-868L REVB/DIR-885L REVA/DIR-895L REVA SharePort Web Access folder_view.php improper authentication
141475LimeSurvey Cookie httponly information disclosure
141474LimeSurvey Plugin Manager default permission [CVE-2019-16186]
141473LimeSurvey Permission default permission [CVE-2019-16185]
141472LimeSurvey Response injection [CVE-2019-16184]
141471LimeSurvey Integrity Check default permission [CVE-2019-16183]
141470LimeSurvey File Upload Reflected cross site scripting
141469LimeSurvey Notification input validation [CVE-2019-16181]
141468LimeSurvey LDAP Authentication Brute Force information disclosure
141467LimeSurvey Default Configuration TLS certificate validation
141466LimeSurvey Home Page Stored cross site scripting
141465LimeSurvey Cache information disclosure [CVE-2019-16177]
141464LimeSurvey information disclosure [CVE-2019-16176]
141463LimeSurvey improper restriction of rendered ui layers [CVE-2019-16175]
141462LimeSurvey Import xml external entity reference [CVE-2019-16174]
141461LimeSurvey Survey_Common_Action.php Reflected cross site scripting
141460LimeSurvey Stored cross site scripting [CVE-2019-16172]
141459SQLite sqlite3.c whereLoopAddBtreeIndex divide by zero
141458sysstat sa_common.c remap_struct integer overflow
141457GNU cflow parser.c nexttoken out-of-bounds read
141456GNU cflow parser.c reference use after free
141455MyHTML tree.c myhtml_tree_node_remove null pointer dereference
141454Oniguruma regcomp.c resource consumption
141453Onigmo regenc.c parse_char_class out-of-bounds read
141452Onigmo regparse.c onig_error_code_to_str null pointer dereference
141451Liferay Portal Article Title page.jsp cross site scripting
141450Breadcrumbs Contributed Module Caption cross site scripting [CVE-2019-16145]
141449Sangoma Asterisk Invite res_pjsip_t38 null pointer dereference
141448Apache Traffic Control LDAP improper authentication [CVE-2019-12405]
141447GitLab Community Edition/Enterprise Edition API Endpoint information disclosure
141446GitLab Community Edition/Enterprise Edition Connection Error Credentials information disclosure
141445GitLab Community Edition/Enterprise Edition Access Control cross site scripting
141444GitLab Community Edition/Enterprise Edition Branch Name cross site scripting
141443GitLab Community Edition/Enterprise Edition race condition [CVE-2019-11546]
141442GitLab Community Edition/Enterprise Edition Private Project information disclosure
141441GitLab Community Edition/Enterprise Edition Notifications information disclosure
141440BIRD Internet Routing Daemon BGP Daemon buffer overflow [CVE-2019-16159]
141439Sakai Chat User Name cross site scripting [CVE-2019-16148]
141438Gophish cross site scripting [CVE-2019-16146]
141437Generator Crate Scope input validation [CVE-2019-16144]
141436blake2 Crate HMAC input validation [CVE-2019-16143]
141435renderdoc Crate Multi-Threading input validation [CVE-2019-16142]
141434once_cell Crate Lazy Panic input validation
141433chttp Crate use after free [CVE-2019-16140]
141432compact_arena Crate out-of-bounds write [CVE-2019-16139]
141431Image Crate HDR Image Decoder set_len use after free
141430Spin Crate RwLock Memory memory corruption
141429eteams OA Session Password session expiration
141428OKLite tpl_control.php path traversal
141427OKLite File Upload modulec_control.php unrestricted upload
141426YII2-CMS Contact.php cross site scripting
141425Grav Stored cross site scripting [CVE-2019-16126]
141424Jobberbase page_subscribe.php sql injection
141423YouPHPTube Configuration File checkConfiguration.php privileges management
141422Kartatopia PilusCart catalog.php path traversal
141421ATutor header.php access control
141420Search Exclude Plugin Option search-exclude.php access control
141419Sangoma Asterisk RTP Packet translate.c input validation
141418LibreNMS ajax_rulesuggest.php sql injection
141417LibreNMS pdf.php path traversal
141416LibreNMS Graphing Option code injection
141415LibreNMS graph.php sql injection
141414LibreNMS mysqli_escape_real_string cross site scripting
141413LibreNMS passthru injection
141412LibreNMS Authentication Library improper authentication [CVE-2019-10668]
141411LibreNMS Path Fingerprint information disclosure
141410LibreNMS csv.php include code injection
141409LibreNMS Graphing Option input validation
141408buddyboss-media Plugin Stored cross site scripting [CVE-2018-21014]
141407Swape Theme Access Control admin-ajax.php privileges management
141406cf7-invisible-recaptcha Plugin cross site scripting [CVE-2018-21012]
141405charitable Plugin Donation information disclosure [CVE-2018-21011]
141404event-tickets Plugin Export injection [CVE-2019-16120]
141403photo-gallery Plugin Albumsgalleries.php sql injection
141402photo-gallery Plugin Options.php cross site scripting
141401photo-gallery Plugin Galleries.php cross site scripting
141400Xpdf transform memory corruption
141399Bludit upload-images.php code injection
141398Plataformatec Device Confirmation Token input validation [CVE-2019-16109] [Disputed]
141397Silver Peak EdgeConnect SD-WAN path traversal [CVE-2019-16105]
141396Silver Peak EdgeConnect SD-WAN Reflected cross site scripting
141395Silver Peak EdgeConnect SD-WAN spsshell access control [CVE-2019-16103]
141394Silver Peak EdgeConnect SD-WAN SNMP Service input validation
141393Silver Peak EdgeConnect SD-WAN REST API banners Trace information disclosure
141392Silver Peak EdgeConnect SD-WAN Web Interface Slow input validation
141391Silver Peak EdgeConnect SD-WAN SWF File cross-site request forgery
141390Harbor API user.go access control
141389IMAPFilter SSL Certificate Validator certificate validation [CVE-2016-10937]
141388Kilo Tab integer overflow [CVE-2019-16096]
141387Symonics libmysofa reader.c getDimension out-of-bounds read
141386Symonics libmysofa dataobject.c readOHDRHeaderMessageDataLayout out-of-bounds read
141385Symonics libmysofa dataobject.c readOHDRHeaderMessageDataLayout out-of-bounds write
141384Symonics libmysofa reader.c getHrtf null pointer dereference
141383Symonics libmysofa fractalhead.c directblockRead out-of-bounds read</