Security Vulnerabilities - CVEs Published In August 2019
The custom-sidebars plugin before 3.0.8.1 for WordPress has CSRF.
CVSS Score
8.8
EPSS Score
0.001
Published
2019-08-14
The newsletter-by-supsystic plugin before 1.1.8 for WordPress has CSRF.
CVSS Score
8.8
EPSS Score
0.001
Published
2019-08-14
The responsive-menu plugin before 3.1.4 for WordPress has no CSRF protection mechanism for the admin interface.
CVSS Score
8.8
EPSS Score
0.001
Published
2019-08-14
The wp-ultimate-csv-importer plugin before 5.6.1 for WordPress has CSRF.
CVSS Score
8.8
EPSS Score
0.002
Published
2019-08-14
The wp-ultimate-exporter plugin before 1.4.2 for WordPress has CSRF.
CVSS Score
8.8
EPSS Score
0.001
Published
2019-08-14
A potential authorization bypass issue was found in Micro Focus Self Service Password Reset (SSPR) versions prior to: 4.4.0.3, 4.3.0.6, and 4.2.0.6. Upgrade to Micro Focus Self Service Password Reset (SSPR) SSPR versions 4.4.0.3, 4.3.0.6, or 4.2.0.6 as appropriate.
CVSS Score
9.8
EPSS Score
0.005
Published
2019-08-14
SugarCRM Enterprise 9.0.0 allows mobile/error-not-supported-platform.html?desktop_url= XSS.
CVSS Score
6.1
EPSS Score
0.294
Published
2019-08-14
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the function AP4_BitReader::SkipBits at Core/Ap4Utils.cpp.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-08-14
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer overflow in the AP4_RtpAtom class at Core/Ap4RtpAtom.cpp.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-08-14
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_Dec3Atom class at Core/Ap4Dec3Atom.cpp.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-08-14