Security Vulnerabilities - CVEs Published In August 2019
The facebook-by-weblizar plugin before 2.8.5 for WordPress has CSRF.
CVSS Score
8.8
EPSS Score
0.001
Published
2019-08-29
Secure Reliable Transport (SRT) through 1.3.4 has a CSndUList array overflow if there are many SRT connections.
CVSS Score
9.8
EPSS Score
0.004
Published
2019-08-29
FontForge 20190813 through 20190820 has a buffer overflow in PrefsUI_LoadPrefs in prefs.c.
CVSS Score
9.8
EPSS Score
0.006
Published
2019-08-29
ROBOTIS Dynamixel SDK through 3.7.11 has a buffer overflow via a large rxpacket.
CVSS Score
9.8
EPSS Score
0.005
Published
2019-08-29
Clara Genomics Analysis before 0.2.0 has an integer overflow for cudapoa memory management in allocate_block.cpp.
CVSS Score
9.8
EPSS Score
0.004
Published
2019-08-29
An issue was discovered in GitLab Community and Enterprise Edition 12.0 through 12.1.4. It uses Hard-coded Credentials.
CVSS Score
9.8
EPSS Score
0.003
Published
2019-08-29
The handl-utm-grabber plugin before 2.6.5 for WordPress has CSRF via add_option and update_option.
CVSS Score
8.8
EPSS Score
0.001
Published
2019-08-29
The woo-address-book plugin before 1.6.0 for WordPress has save calls without nonce verification checks.
CVSS Score
8.8
EPSS Score
0.001
Published
2019-08-29
The nd-donations plugin before 1.4 for WordPress has a nopriv_ AJAX action that allows modification of the siteurl setting.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-08-29
The nd-travel plugin before 1.7 for WordPress has a nopriv_ AJAX action that allows modification of the siteurl setting.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-08-29