| CVE |
Vendors |
Products |
Updated |
CVSS |
| CVE-2019-11807 |
|
|
2019-08-23 |
6.4 |
| The WooCommerce Checkout Manager plugin before 4.3 for WordPress allows media deletion via the wp-admin/admin-ajax.php?action=update_attachment_wccm wccm_default_keys_load parameter because of a nopriv_ registration and a lack of capabilities checks. |
| CVE-2019-10929 |
1 Siemens |
12 Simatic S7-1500, Simatic S7-plcsim Advanced, Simatic Et 200sp Open Controller Cpu 1515sp Pc2 Firmware and 9 more |
2019-08-22 |
4.3 |
| A vulnerability has been identified in SIMATIC ET 200SP Open Controller CPU 1515SP PC (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (All versions), SIMATIC S7-1200 CPU family (All versions >= V4.0), SIMATIC S7-1500 CPU family... |
| CVE-2019-10943 |
1 Siemens |
12 Simatic S7-1500, Simatic S7-plcsim Advanced, Simatic Et 200sp Open Controller Cpu 1515sp Pc2 Firmware and 9 more |
2019-08-22 |
5.0 |
| A vulnerability has been identified in SIMATIC ET 200SP Open Controller CPU 1515SP PC (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (All versions), SIMATIC S7-1200 CPU family (All versions >= V4.0), SIMATIC S7-1500 CPU family... |
| CVE-2019-2791 |
2 Oracle, Canonical |
2 Mysql, Ubuntu Linux |
2019-08-22 |
5.5 |
| Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker... |
| CVE-2019-2747 |
1 Oracle |
1 Mysql |
2019-08-22 |
4.0 |
| Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: GIS). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple... |
| CVE-2019-2746 |
1 Oracle |
1 Mysql |
2019-08-22 |
4.0 |
| Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Data Dictionary). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access... |
| CVE-2019-2743 |
1 Oracle |
1 Mysql |
2019-08-22 |
3.5 |
| Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Roles). Supported versions that are affected are 8.0.12 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access... |
| CVE-2019-2741 |
2 Oracle, Canonical |
2 Mysql, Ubuntu Linux |
2019-08-22 |
3.5 |
| Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Log). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Difficult to exploit vulnerability allows low privileged attacker with... |
| CVE-2017-18543 |
|
|
2019-08-21 |
7.5 |
| The invite-anyone plugin before 1.3.16 for WordPress has incorrect access control for email-based invitations. |
| CVE-2019-2731 |
1 Oracle |
1 Mysql |
2019-08-21 |
5.5 |
| Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.7.23 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via... |
| CVE-2019-2730 |
1 Oracle |
1 Mysql |
2019-08-21 |
4.0 |
| Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.44 and prior and 5.7.18 and prior. Easily exploitable vulnerability allows high privileged... |
| CVE-2019-1182 |
1 Microsoft |
8 Windows 10, Windows 7, Windows 8.1 and 5 more |
2019-08-19 |
10.0 |
| A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop... |
| CVE-2019-1222 |
1 Microsoft |
3 Windows 10, Windows Server 2016, Windows Server 2019 |
2019-08-19 |
10.0 |
| A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop... |
| CVE-2019-1226 |
1 Microsoft |
3 Windows 10, Windows Server 2016, Windows Server 2019 |
2019-08-19 |
10.0 |
| A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop... |
| CVE-2019-1181 |
1 Microsoft |
8 Windows 10, Windows 7, Windows 8.1 and 5 more |
2019-08-19 |
10.0 |
| A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop... |
| CVE-2018-3252 |
1 Oracle |
1 Weblogic Server |
2019-08-18 |
7.5 |
| Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows... |
| CVE-2019-5237 |
|
|
2019-08-16 |
6.8 |
| Huawei PCManager with the versions before 9.0.1.66 (Oversea) and versions before 9.0.1.70 (China) have a code execution vulnerability. Successful exploitation may cause the attacker to execute code and read/write information. |
| CVE-2018-20957 |
|
|
2019-08-16 |
5.8 |
| The Bluetooth Low Energy (BLE) subsystem on Tapplock devices before 2018-06-12 allows replay attacks. |
| CVE-2019-12618 |
1 Hashicorp |
1 Nomad |
2019-08-16 |
10.0 |
| HashiCorp Nomad 0.9.0 through 0.9.1 has Incorrect Access Control via the exec driver. |
| CVE-2019-5238 |
|
|
2019-08-16 |
6.8 |
| Huawei PCManager with the versions before 9.0.1.66 (Oversea) and versions before 9.0.1.70 (China) have a code execution vulnerability. Successful exploitation may cause the attacker to execute code and read/write information. |
