National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

There are 122,981 matching records.
Displaying matches 141 through 160.
Vuln ID Summary CVSS Severity
CVE-2019-15843

A malicious file upload vulnerability was discovered in Xiaomi Millet mobile phones 1-6.3.9.3. A particular condition involving a man-in-the-middle attack may lead to partial data leakage or malicious file writing.

Published: September 18, 2019; 11:15:10 AM -04:00
V3.1: 7.4 HIGH
    V2: 5.8 MEDIUM
CVE-2018-1847

IBM Financial Transaction Manager (FTM) for Multi-Platform (MP) v2.0.0.0 through 2.0.0.5, v2.1.0.0 through 2.1.0.4, v2.1.1.0 through 2.1.1.4, and v3.0.0.0 through 3.0.0.8 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 150946.

Published: September 18, 2019; 11:15:10 AM -04:00
V3.1: 6.5 MEDIUM
    V2: 4.0 MEDIUM
CVE-2019-16399

Western Digital WD My Book World through II 1.02.12 suffers from Broken Authentication, which allows an attacker to access the /admin/ directory without credentials. An attacker can easily enable SSH from /admin/system_advanced.php?lang=en and login with the default root password welc0me.

Published: September 18, 2019; 10:15:11 AM -04:00
V3.1: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2019-16403

In Webkul Bagisto before 0.1.5, the functionalities for customers to change their own values (such as address, review, orders, etc.) can also be manipulated by other customers.

Published: September 18, 2019; 08:15:11 AM -04:00
V3.1: 8.8 HIGH
    V2: 6.5 MEDIUM
CVE-2019-16216

Zulip server before 2.0.5 incompletely validated the MIME types of uploaded files. A user who is logged into the server could upload files of certain types to mount a stored cross-site scripting attack on other logged-in users. On a Zulip server using the default local uploads backend, the attack is only effective against browsers lacking support for Content-Security-Policy such as Internet Explorer 11. On a Zulip server using the S3 uploads backend, the attack is confined to the origin of the configured S3 uploads hostname and cannot reach the Zulip server itself.

Published: September 18, 2019; 08:15:10 AM -04:00
V3.1: 5.4 MEDIUM
    V2: 3.5 LOW
CVE-2019-16215

The Markdown parser in Zulip server before 2.0.5 used a regular expression vulnerable to exponential backtracking. A user who is logged into the server could send a crafted message causing the server to spend an effectively arbitrary amount of CPU time and stall the processing of future messages.

Published: September 18, 2019; 08:15:10 AM -04:00
V3.1: 6.5 MEDIUM
    V2: 4.0 MEDIUM
CVE-2016-10995

The Tevolution plugin before 2.3.0 for WordPress has arbitrary file upload via single_upload.php or single-upload.php.

Published: September 18, 2019; 08:15:10 AM -04:00
V3.1: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2016-10994

The Truemag theme 2016 Q2 for WordPress has XSS via the s parameter.

Published: September 18, 2019; 08:15:10 AM -04:00
V3.1: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2019-16396

GnuCOBOL 2.2 has a use-after-free in the end_scope_of_program_name() function in cobc/parser.y via crafted COBOL source code.

Published: September 17, 2019; 06:15:11 PM -04:00
V3.1: 7.8 HIGH
    V2: 6.8 MEDIUM
CVE-2019-16395

GnuCOBOL 2.2 has a stack-based buffer overflow in the cb_name() function in cobc/tree.c via crafted COBOL source code.

Published: September 17, 2019; 06:15:11 PM -04:00
V3.1: 7.8 HIGH
    V2: 6.8 MEDIUM
CVE-2019-16394

SPIP before 3.1.11 and 3.2 before 3.2.5 provides different error messages from the password-reminder page depending on whether an e-mail address exists, which might help attackers to enumerate subscribers.

Published: September 17, 2019; 05:15:11 PM -04:00
V3.1: 5.3 MEDIUM
    V2: 5.0 MEDIUM
CVE-2019-16393

SPIP before 3.1.11 and 3.2 before 3.2.5 mishandles redirect URLs in ecrire/inc/headers.php with a %0D, %0A, or %20 character.

Published: September 17, 2019; 05:15:11 PM -04:00
V3.1: 6.1 MEDIUM
    V2: 5.8 MEDIUM
CVE-2019-16392

SPIP before 3.1.11 and 3.2 before 3.2.5 allows prive/formulaires/login.php XSS via error messages.

Published: September 17, 2019; 05:15:11 PM -04:00
V3.1: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2019-16391

SPIP before 3.1.11 and 3.2 before 3.2.5 allows authenticated visitors to modify any published content and execute other modifications in the database. This is related to ecrire/inc/meta.php and ecrire/inc/securiser_action.php.

Published: September 17, 2019; 05:15:11 PM -04:00
V3.1: 6.5 MEDIUM
    V2: 4.0 MEDIUM
CVE-2019-16199

eQ-3 Homematic CCU2 before 2.47.18 and CCU3 before 3.47.18 allow Remote Code Execution by unauthenticated attackers with access to the web interface via an HTTP POST request to certain URLs related to the ReGa core process.

Published: September 17, 2019; 05:15:11 PM -04:00
V3.1: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2019-6840

A Format String: CWE-134 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow an attacker to send a crafted message to the target server, thereby causing arbitrary commands to be executed.

Published: September 17, 2019; 04:15:12 PM -04:00
V3.1: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2019-6839

An Improper Access Control: CWE-284 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow a user with low privileges to upload a rogue file.

Published: September 17, 2019; 04:15:12 PM -04:00
V3.1: 8.8 HIGH
    V2: 6.5 MEDIUM
CVE-2019-6838

An Improper Access Control: CWE-284 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow a user with low privileges to delete a critical file.

Published: September 17, 2019; 04:15:12 PM -04:00
V3.1: 6.5 MEDIUM
    V2: 5.5 MEDIUM
CVE-2019-6837

A Server-Side Request Forgery (SSRF): CWE-918 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could cause server configuration data to be exposed when an attacker modifies a URL.

Published: September 17, 2019; 04:15:12 PM -04:00
V3.1: 9.1 CRITICAL
    V2: 6.4 MEDIUM
CVE-2019-6836

An Improper Access Control: CWE-284 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow the file system to access the wrong file.

Published: September 17, 2019; 04:15:12 PM -04:00
V3.1: 7.5 HIGH
    V2: 5.0 MEDIUM