Loading data/CVE/list +129 −82 Original line number Diff line number Diff line CVE-2019-15537 (The proxystatistics module before 3.1.0 for SimpleSAMLphp allows SQL I ...) TODO: check CVE-2019-15536 (The Acclaim block plugin before 2019-06-26 for Moodle allows SQL Injec ...) TODO: check CVE-2019-15535 (Tasking Manager before 3.4.0 allows SQL Injection via custom SQL. ...) TODO: check CVE-2019-15534 RESERVED CVE-2019-15533 RESERVED CVE-2019-15532 RESERVED CVE-2019-15531 (GNU Libextractor through 1.9 has a heap-based buffer over-read in the ...) TODO: check CVE-2019-15530 (An issue was discovered on D-Link DIR-823G devices with firmware V1.0. ...) TODO: check CVE-2019-15529 (An issue was discovered on D-Link DIR-823G devices with firmware V1.0. ...) TODO: check CVE-2019-15528 (An issue was discovered on D-Link DIR-823G devices with firmware V1.0. ...) TODO: check CVE-2019-15527 (An issue was discovered on D-Link DIR-823G devices with firmware V1.0. ...) TODO: check CVE-2019-15526 (An issue was discovered on D-Link DIR-823G devices with firmware V1.0. ...) TODO: check CVE-2019-15525 (There is Missing SSL Certificate Validation in the pw3270 terminal emu ...) TODO: check CVE-2019-15524 RESERVED CVE-2019-15523 RESERVED CVE-2019-15522 RESERVED CVE-2019-15521 RESERVED CVE-2019-15520 (comelz Quark before 2019-03-26 allows directory traversal to locations ...) TODO: check CVE-2019-15519 (Power-Response before 2019-02-02 allows directory traversal (up to the ...) TODO: check CVE-2019-15518 (Swoole before 4.2.13 allows directory traversal in swPort_http_static_ ...) TODO: check CVE-2019-15517 (jc21 Nginx Proxy Manager before 2.0.13 allows %2e%2e%2f directory trav ...) TODO: check CVE-2019-15516 (Cuberite before 2019-06-11 allows webadmin directory traversal via ... ...) TODO: check CVE-2019-15515 RESERVED CVE-2019-15514 (The Privacy > Phone Number feature in the Telegram app 5.10 for And ...) TODO: check CVE-2019-15513 (An issue was discovered in OpenWrt libuci (aka Library for the Unified ...) TODO: check CVE-2019-15512 Loading Loading @@ -36,44 +84,44 @@ CVE-2019-15496 RESERVED CVE-2019-15495 RESERVED CVE-2019-15494 RESERVED CVE-2019-15493 RESERVED CVE-2019-15492 RESERVED CVE-2019-15491 RESERVED CVE-2019-15490 RESERVED CVE-2019-15494 (openITCOCKPIT before 3.7.1 allows SSRF, aka RVID 5-445b21. ...) TODO: check CVE-2019-15493 (openITCOCKPIT before 3.7.1 allows deletion of files, aka RVID 4-445b21 ...) TODO: check CVE-2019-15492 (openITCOCKPIT before 3.7.1 has reflected XSS, aka RVID 3-445b21. ...) TODO: check CVE-2019-15491 (openITCOCKPIT before 3.7.1 has CSRF, aka RVID 2-445b21. ...) TODO: check CVE-2019-15490 (openITCOCKPIT before 3.7.1 allows code injection, aka RVID 1-445b21. ...) TODO: check CVE-2019-15489 RESERVED CVE-2019-15488 RESERVED CVE-2019-15487 RESERVED CVE-2019-15486 RESERVED CVE-2019-15485 RESERVED CVE-2019-15484 RESERVED CVE-2019-15483 RESERVED CVE-2019-15482 RESERVED CVE-2019-15481 RESERVED CVE-2019-15480 RESERVED CVE-2019-15488 (Ignite Realtime Openfire before 4.4.1 has reflected XSS via an LDAP se ...) TODO: check CVE-2019-15487 (DfE School Experience before v16333-GA has XSS via a teacher training ...) TODO: check CVE-2019-15486 (django-js-reverse (aka Django JS Reverse) before 0.9.1 has XSS via js_ ...) TODO: check CVE-2019-15485 (Bolt before 3.6.10 has XSS via createFolder or createFile in Controlle ...) TODO: check CVE-2019-15484 (Bolt before 3.6.10 has XSS via an image's alt or title field. ...) TODO: check CVE-2019-15483 (Bolt before 3.6.10 has XSS via a title that is mishandled in the syste ...) TODO: check CVE-2019-15482 (selectize-plugin-a11y before 1.1.0 has XSS via the msg field. ...) TODO: check CVE-2019-15481 (Kimai v2 before 1.1 has XSS via a timesheet description. ...) TODO: check CVE-2019-15480 (Domoticz 4.10717 has XSS via item.Name. ...) TODO: check CVE-2019-15479 RESERVED CVE-2019-15478 RESERVED CVE-2019-15477 RESERVED CVE-2019-15476 RESERVED CVE-2019-15477 (Jooby before 1.6.4 has XSS via the default error handler. ...) TODO: check CVE-2019-15476 (Former before 4.2.1 has XSS via a checkbox value. ...) TODO: check CVE-2019-15475 RESERVED CVE-2019-15474 Loading Loading @@ -1548,8 +1596,8 @@ CVE-2019-15001 RESERVED CVE-2019-15000 RESERVED CVE-2019-14999 RESERVED CVE-2019-14999 (The Uninstall REST endpoint in Atlassian Universal Plugin Manager befo ...) TODO: check CVE-2019-14998 RESERVED CVE-2019-14997 Loading Loading @@ -7050,12 +7098,12 @@ CVE-2019-13425 RESERVED CVE-2019-13424 RESERVED CVE-2019-13423 RESERVED CVE-2019-13422 RESERVED CVE-2019-13421 RESERVED CVE-2019-13423 (Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 ...) TODO: check CVE-2019-13422 (Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 ...) TODO: check CVE-2019-13421 (Search Guard versions before 23.1 had an issue that an administrative ...) TODO: check CVE-2019-13420 (Search Guard versions before 21.0 had an timing side channel issue whe ...) NOT-FOR-US: Search Guard CVE-2019-13419 (Search Guard versions before 23.1 had an issue that for aggregations c ...) Loading Loading @@ -8161,10 +8209,10 @@ CVE-2019-13016 RESERVED CVE-2019-13015 RESERVED CVE-2019-13014 RESERVED CVE-2019-13013 RESERVED CVE-2019-13014 (Little Snitch versions 4.4.0 fixes a vulnerability in a privileged hel ...) TODO: check CVE-2019-13013 (Little Snitch versions 4.3.0 to 4.3.2 have a local privilege escalatio ...) TODO: check CVE-2019-13011 [Merge Request Template Name Disclosure] RESERVED [experimental] - gitlab 11.10.8+dfsg-1 Loading Loading @@ -11732,8 +11780,8 @@ CVE-2019-11656 RESERVED CVE-2019-11655 RESERVED CVE-2019-11654 RESERVED CVE-2019-11654 (Path traversal vulnerability in Micro Focus Verastream Host Integrator ...) TODO: check CVE-2019-11653 (Remote Access Control Bypass in Micro Focus Content Manager. versions ...) NOT-FOR-US: Micro Focus CVE-2019-11652 (A potential authorization bypass issue was found in Micro Focus Self S ...) Loading Loading @@ -11924,18 +11972,18 @@ CVE-2019-11593 (In Adblock Plus before 3.5.2, the $rewrite filter option allows NOT-FOR-US: AdBlock Plus CVE-2019-11592 (WeBid 1.2.2 has reflected XSS via the id parameter to admin/deletenews ...) NOT-FOR-US: WeBid Auction Script CVE-2019-11589 RESERVED CVE-2019-11588 RESERVED CVE-2019-11587 RESERVED CVE-2019-11586 RESERVED CVE-2019-11585 RESERVED CVE-2019-11584 RESERVED CVE-2019-11589 (The ChangeSharedFilterOwner resource in Jira before version 7.13.6, fr ...) TODO: check CVE-2019-11588 (The ViewSystemInfo class doGarbageCollection method in Jira before ver ...) TODO: check CVE-2019-11587 (Various exposed resources of the ViewLogging class in Jira before vers ...) TODO: check CVE-2019-11586 (The AddResolution.jspa resource in Jira before version 7.13.6, from ve ...) TODO: check CVE-2019-11585 (The startup.jsp resource in Jira before version 7.13.6, from version 8 ...) TODO: check CVE-2019-11584 (The MigratePriorityScheme resource in Jira before version 8.3.2 allows ...) TODO: check CVE-2019-11583 (The issue searching component in Jira before version 8.1.0 allows remo ...) NOT-FOR-US: issue searching component in Jira CVE-2019-11582 (An argument injection vulnerability in Atlassian Sourcetree for Window ...) Loading Loading @@ -14110,18 +14158,17 @@ CVE-2019-10753 RESERVED CVE-2019-10752 RESERVED CVE-2019-10751 RESERVED CVE-2019-10750 RESERVED CVE-2019-10751 (All versions of the HTTPie package are vulnerable to Open Redirect tha ...) TODO: check CVE-2019-10750 (deeply is vulnerable to Prototype Pollution in versions before 3.1.0. ...) TODO: check CVE-2019-10749 RESERVED CVE-2019-10748 RESERVED CVE-2019-10747 RESERVED CVE-2019-10746 [prototype pollution] RESERVED CVE-2019-10747 (set-value is vulnerable to Prototype Pollution in versions before 2.0. ...) TODO: check CVE-2019-10746 (mixin-deep is vulnerable to Prototype Pollution in versions before 1.3 ...) - node-mixin-deep 2.0.1-1 (bug #932500) [buster] - node-mixin-deep <no-dsa> (Minor issue; will be fixed via point release) [stretch] - node-mixin-deep <ignored> (Nodejs in stretch not covered by security support) Loading Loading @@ -21188,14 +21235,14 @@ CVE-2019-8449 RESERVED CVE-2019-8448 (The login.jsp resource in Jira before version 7.13.4, and from version ...) NOT-FOR-US: Atlassian Jira CVE-2019-8447 RESERVED CVE-2019-8446 RESERVED CVE-2019-8445 RESERVED CVE-2019-8444 RESERVED CVE-2019-8447 (The ServiceExecutor resource in Jira before version 8.3.2 allows remot ...) TODO: check CVE-2019-8446 (The /rest/issueNav/1/issueTable resource in Jira before version 8.3.2 ...) TODO: check CVE-2019-8445 (Several worklog rest resources in Jira before version 7.13.7, and from ...) TODO: check CVE-2019-8444 (The wikirenderer component in Jira before version 7.13.6, and from ver ...) TODO: check CVE-2019-8443 (The ViewUpgrades resource in Jira before version 7.13.4, from version ...) NOT-FOR-US: Atlassian Jira CVE-2019-8442 (The CachingResourceDownloadRewriteRule class in Jira before version 7. ...) Loading Loading @@ -39522,14 +39569,14 @@ CVE-2018-19918 (CuppaCMS has XSS via an SVG document uploaded to the administrat NOT-FOR-US: CuppaCMS CVE-2019-1584 RESERVED CVE-2019-1583 RESERVED CVE-2019-1582 RESERVED CVE-2019-1581 RESERVED CVE-2019-1580 RESERVED CVE-2019-1583 (Escalation of privilege vulnerability in the Palo Alto Networks Twistl ...) TODO: check CVE-2019-1582 (Memory corruption in PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and ea ...) TODO: check CVE-2019-1581 (Mitigation bypass in PAN-OS 7.1.24 and earlier, PAN-OS 8.0.19 and earl ...) TODO: check CVE-2019-1580 (Memory corruption in PAN-OS 7.1.24 and earlier, PAN-OS 8.0.19 and earl ...) TODO: check CVE-2019-1579 (Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 a ...) NOT-FOR-US: PAN-OS CVE-2019-1578 (Cross-site scripting vulnerability in Palo Alto Networks MineMeld vers ...) Loading
data/CVE/list +129 −82 Original line number Diff line number Diff line CVE-2019-15537 (The proxystatistics module before 3.1.0 for SimpleSAMLphp allows SQL I ...) TODO: check CVE-2019-15536 (The Acclaim block plugin before 2019-06-26 for Moodle allows SQL Injec ...) TODO: check CVE-2019-15535 (Tasking Manager before 3.4.0 allows SQL Injection via custom SQL. ...) TODO: check CVE-2019-15534 RESERVED CVE-2019-15533 RESERVED CVE-2019-15532 RESERVED CVE-2019-15531 (GNU Libextractor through 1.9 has a heap-based buffer over-read in the ...) TODO: check CVE-2019-15530 (An issue was discovered on D-Link DIR-823G devices with firmware V1.0. ...) TODO: check CVE-2019-15529 (An issue was discovered on D-Link DIR-823G devices with firmware V1.0. ...) TODO: check CVE-2019-15528 (An issue was discovered on D-Link DIR-823G devices with firmware V1.0. ...) TODO: check CVE-2019-15527 (An issue was discovered on D-Link DIR-823G devices with firmware V1.0. ...) TODO: check CVE-2019-15526 (An issue was discovered on D-Link DIR-823G devices with firmware V1.0. ...) TODO: check CVE-2019-15525 (There is Missing SSL Certificate Validation in the pw3270 terminal emu ...) TODO: check CVE-2019-15524 RESERVED CVE-2019-15523 RESERVED CVE-2019-15522 RESERVED CVE-2019-15521 RESERVED CVE-2019-15520 (comelz Quark before 2019-03-26 allows directory traversal to locations ...) TODO: check CVE-2019-15519 (Power-Response before 2019-02-02 allows directory traversal (up to the ...) TODO: check CVE-2019-15518 (Swoole before 4.2.13 allows directory traversal in swPort_http_static_ ...) TODO: check CVE-2019-15517 (jc21 Nginx Proxy Manager before 2.0.13 allows %2e%2e%2f directory trav ...) TODO: check CVE-2019-15516 (Cuberite before 2019-06-11 allows webadmin directory traversal via ... ...) TODO: check CVE-2019-15515 RESERVED CVE-2019-15514 (The Privacy > Phone Number feature in the Telegram app 5.10 for And ...) TODO: check CVE-2019-15513 (An issue was discovered in OpenWrt libuci (aka Library for the Unified ...) TODO: check CVE-2019-15512 Loading Loading @@ -36,44 +84,44 @@ CVE-2019-15496 RESERVED CVE-2019-15495 RESERVED CVE-2019-15494 RESERVED CVE-2019-15493 RESERVED CVE-2019-15492 RESERVED CVE-2019-15491 RESERVED CVE-2019-15490 RESERVED CVE-2019-15494 (openITCOCKPIT before 3.7.1 allows SSRF, aka RVID 5-445b21. ...) TODO: check CVE-2019-15493 (openITCOCKPIT before 3.7.1 allows deletion of files, aka RVID 4-445b21 ...) TODO: check CVE-2019-15492 (openITCOCKPIT before 3.7.1 has reflected XSS, aka RVID 3-445b21. ...) TODO: check CVE-2019-15491 (openITCOCKPIT before 3.7.1 has CSRF, aka RVID 2-445b21. ...) TODO: check CVE-2019-15490 (openITCOCKPIT before 3.7.1 allows code injection, aka RVID 1-445b21. ...) TODO: check CVE-2019-15489 RESERVED CVE-2019-15488 RESERVED CVE-2019-15487 RESERVED CVE-2019-15486 RESERVED CVE-2019-15485 RESERVED CVE-2019-15484 RESERVED CVE-2019-15483 RESERVED CVE-2019-15482 RESERVED CVE-2019-15481 RESERVED CVE-2019-15480 RESERVED CVE-2019-15488 (Ignite Realtime Openfire before 4.4.1 has reflected XSS via an LDAP se ...) TODO: check CVE-2019-15487 (DfE School Experience before v16333-GA has XSS via a teacher training ...) TODO: check CVE-2019-15486 (django-js-reverse (aka Django JS Reverse) before 0.9.1 has XSS via js_ ...) TODO: check CVE-2019-15485 (Bolt before 3.6.10 has XSS via createFolder or createFile in Controlle ...) TODO: check CVE-2019-15484 (Bolt before 3.6.10 has XSS via an image's alt or title field. ...) TODO: check CVE-2019-15483 (Bolt before 3.6.10 has XSS via a title that is mishandled in the syste ...) TODO: check CVE-2019-15482 (selectize-plugin-a11y before 1.1.0 has XSS via the msg field. ...) TODO: check CVE-2019-15481 (Kimai v2 before 1.1 has XSS via a timesheet description. ...) TODO: check CVE-2019-15480 (Domoticz 4.10717 has XSS via item.Name. ...) TODO: check CVE-2019-15479 RESERVED CVE-2019-15478 RESERVED CVE-2019-15477 RESERVED CVE-2019-15476 RESERVED CVE-2019-15477 (Jooby before 1.6.4 has XSS via the default error handler. ...) TODO: check CVE-2019-15476 (Former before 4.2.1 has XSS via a checkbox value. ...) TODO: check CVE-2019-15475 RESERVED CVE-2019-15474 Loading Loading @@ -1548,8 +1596,8 @@ CVE-2019-15001 RESERVED CVE-2019-15000 RESERVED CVE-2019-14999 RESERVED CVE-2019-14999 (The Uninstall REST endpoint in Atlassian Universal Plugin Manager befo ...) TODO: check CVE-2019-14998 RESERVED CVE-2019-14997 Loading Loading @@ -7050,12 +7098,12 @@ CVE-2019-13425 RESERVED CVE-2019-13424 RESERVED CVE-2019-13423 RESERVED CVE-2019-13422 RESERVED CVE-2019-13421 RESERVED CVE-2019-13423 (Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 ...) TODO: check CVE-2019-13422 (Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 ...) TODO: check CVE-2019-13421 (Search Guard versions before 23.1 had an issue that an administrative ...) TODO: check CVE-2019-13420 (Search Guard versions before 21.0 had an timing side channel issue whe ...) NOT-FOR-US: Search Guard CVE-2019-13419 (Search Guard versions before 23.1 had an issue that for aggregations c ...) Loading Loading @@ -8161,10 +8209,10 @@ CVE-2019-13016 RESERVED CVE-2019-13015 RESERVED CVE-2019-13014 RESERVED CVE-2019-13013 RESERVED CVE-2019-13014 (Little Snitch versions 4.4.0 fixes a vulnerability in a privileged hel ...) TODO: check CVE-2019-13013 (Little Snitch versions 4.3.0 to 4.3.2 have a local privilege escalatio ...) TODO: check CVE-2019-13011 [Merge Request Template Name Disclosure] RESERVED [experimental] - gitlab 11.10.8+dfsg-1 Loading Loading @@ -11732,8 +11780,8 @@ CVE-2019-11656 RESERVED CVE-2019-11655 RESERVED CVE-2019-11654 RESERVED CVE-2019-11654 (Path traversal vulnerability in Micro Focus Verastream Host Integrator ...) TODO: check CVE-2019-11653 (Remote Access Control Bypass in Micro Focus Content Manager. versions ...) NOT-FOR-US: Micro Focus CVE-2019-11652 (A potential authorization bypass issue was found in Micro Focus Self S ...) Loading Loading @@ -11924,18 +11972,18 @@ CVE-2019-11593 (In Adblock Plus before 3.5.2, the $rewrite filter option allows NOT-FOR-US: AdBlock Plus CVE-2019-11592 (WeBid 1.2.2 has reflected XSS via the id parameter to admin/deletenews ...) NOT-FOR-US: WeBid Auction Script CVE-2019-11589 RESERVED CVE-2019-11588 RESERVED CVE-2019-11587 RESERVED CVE-2019-11586 RESERVED CVE-2019-11585 RESERVED CVE-2019-11584 RESERVED CVE-2019-11589 (The ChangeSharedFilterOwner resource in Jira before version 7.13.6, fr ...) TODO: check CVE-2019-11588 (The ViewSystemInfo class doGarbageCollection method in Jira before ver ...) TODO: check CVE-2019-11587 (Various exposed resources of the ViewLogging class in Jira before vers ...) TODO: check CVE-2019-11586 (The AddResolution.jspa resource in Jira before version 7.13.6, from ve ...) TODO: check CVE-2019-11585 (The startup.jsp resource in Jira before version 7.13.6, from version 8 ...) TODO: check CVE-2019-11584 (The MigratePriorityScheme resource in Jira before version 8.3.2 allows ...) TODO: check CVE-2019-11583 (The issue searching component in Jira before version 8.1.0 allows remo ...) NOT-FOR-US: issue searching component in Jira CVE-2019-11582 (An argument injection vulnerability in Atlassian Sourcetree for Window ...) Loading Loading @@ -14110,18 +14158,17 @@ CVE-2019-10753 RESERVED CVE-2019-10752 RESERVED CVE-2019-10751 RESERVED CVE-2019-10750 RESERVED CVE-2019-10751 (All versions of the HTTPie package are vulnerable to Open Redirect tha ...) TODO: check CVE-2019-10750 (deeply is vulnerable to Prototype Pollution in versions before 3.1.0. ...) TODO: check CVE-2019-10749 RESERVED CVE-2019-10748 RESERVED CVE-2019-10747 RESERVED CVE-2019-10746 [prototype pollution] RESERVED CVE-2019-10747 (set-value is vulnerable to Prototype Pollution in versions before 2.0. ...) TODO: check CVE-2019-10746 (mixin-deep is vulnerable to Prototype Pollution in versions before 1.3 ...) - node-mixin-deep 2.0.1-1 (bug #932500) [buster] - node-mixin-deep <no-dsa> (Minor issue; will be fixed via point release) [stretch] - node-mixin-deep <ignored> (Nodejs in stretch not covered by security support) Loading Loading @@ -21188,14 +21235,14 @@ CVE-2019-8449 RESERVED CVE-2019-8448 (The login.jsp resource in Jira before version 7.13.4, and from version ...) NOT-FOR-US: Atlassian Jira CVE-2019-8447 RESERVED CVE-2019-8446 RESERVED CVE-2019-8445 RESERVED CVE-2019-8444 RESERVED CVE-2019-8447 (The ServiceExecutor resource in Jira before version 8.3.2 allows remot ...) TODO: check CVE-2019-8446 (The /rest/issueNav/1/issueTable resource in Jira before version 8.3.2 ...) TODO: check CVE-2019-8445 (Several worklog rest resources in Jira before version 7.13.7, and from ...) TODO: check CVE-2019-8444 (The wikirenderer component in Jira before version 7.13.6, and from ver ...) TODO: check CVE-2019-8443 (The ViewUpgrades resource in Jira before version 7.13.4, from version ...) NOT-FOR-US: Atlassian Jira CVE-2019-8442 (The CachingResourceDownloadRewriteRule class in Jira before version 7. ...) Loading Loading @@ -39522,14 +39569,14 @@ CVE-2018-19918 (CuppaCMS has XSS via an SVG document uploaded to the administrat NOT-FOR-US: CuppaCMS CVE-2019-1584 RESERVED CVE-2019-1583 RESERVED CVE-2019-1582 RESERVED CVE-2019-1581 RESERVED CVE-2019-1580 RESERVED CVE-2019-1583 (Escalation of privilege vulnerability in the Palo Alto Networks Twistl ...) TODO: check CVE-2019-1582 (Memory corruption in PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and ea ...) TODO: check CVE-2019-1581 (Mitigation bypass in PAN-OS 7.1.24 and earlier, PAN-OS 8.0.19 and earl ...) TODO: check CVE-2019-1580 (Memory corruption in PAN-OS 7.1.24 and earlier, PAN-OS 8.0.19 and earl ...) TODO: check CVE-2019-1579 (Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 a ...) NOT-FOR-US: PAN-OS CVE-2019-1578 (Cross-site scripting vulnerability in Palo Alto Networks MineMeld vers ...)
