|
222561
|
7.7 |
HIGH
Network
|
opensuse
|
open_build_service
|
Open Build Service before version 0.165.4 diddn't validate TLS certificates for HTTPS connections with the osc client binary
|
CWE-295
Improper Certificate Validation
|
CVE-2019-3685
|
2024-11-21 13:42 |
2019-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222562
|
8.0 |
HIGH
Adjacent
|
ztw
|
zx297520v3_firmware
|
The 7520V3V1.0.0B09P27 version, and all earlier versions of ZTE product ZX297520V3 are impacted by a Command Injection vulnerability. Unauthorized users can exploit this vulnerability to control the …
|
CWE-77
Command Injection
|
CVE-2019-3421
|
2024-11-21 13:42 |
2019-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222563
|
5.7 |
MEDIUM
Adjacent
|
zte
|
zxmp_m721_dx_firmware
|
A security vulnerability exists in a management port in the version of ZTE's ZXMP M721V3.10P01B10_M2NCP. An attacker could exploit this vulnerability to build a link to the device and send specific p…
|
NVD-CWE-noinfo
|
CVE-2019-3419
|
2024-11-21 13:42 |
2019-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222564
|
7.5 |
HIGH
Network
|
mikrotik
|
routeros
|
RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below are vulnerable to a DNS unrelated data attack. The router adds all A records to its DNS cache even when the records are unrelated to the d…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2019-3979
|
2024-11-21 13:42 |
2019-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222565
|
7.5 |
HIGH
Network
|
mikrotik
|
routeros
|
RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below allow remote unauthenticated attackers to trigger DNS queries via port 8291. The queries are sent from the router to a server of the attac…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2019-3978
|
2024-11-21 13:42 |
2019-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222566
|
7.5 |
HIGH
Network
|
mikrotik
|
routeros
|
RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below insufficiently validate where upgrade packages are download from when using the autoupgrade feature. Therefore, a remote attacker can tric…
|
CWE-494
Download of Code Without Integrity Check
|
CVE-2019-3977
|
2024-11-21 13:42 |
2019-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222567
|
8.8 |
HIGH
Network
|
mikrotik
|
routeros
|
RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below are vulnerable to an arbitrary directory creation vulnerability via the upgrade package's name field. If an authenticated user installs a …
|
CWE-22
Path Traversal
|
CVE-2019-3976
|
2024-11-21 13:42 |
2019-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222568
|
7.8 |
HIGH
Local
|
mcafee
|
total_protection
|
A File Masquerade vulnerability in McAfee Total Protection (MTP) version 16.0.R21 and earlier in Windows client allowed an attacker to read the plaintext list of AV-Scan exclusion files from the Wind…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2019-3636
|
2024-11-21 13:42 |
2019-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222569
|
6.0 |
MEDIUM
Local
|
oracle
|
vm_virtualbox
|
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerab…
|
NVD-CWE-noinfo
|
CVE-2019-3031
|
2024-11-21 13:42 |
2019-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222570
|
8.8 |
HIGH
Local
|
oracle
|
vm_virtualbox
|
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerab…
|
NVD-CWE-noinfo
|
CVE-2019-3028
|
2024-11-21 13:42 |
2019-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
