|
223091
|
7.5 |
HIGH
Network
|
redhat
netapp
|
jboss-remoting
undertow
jboss_enterprise_application_platform
active_iq_unified_manager
|
A flaw was found in Undertow when using Remoting as shipped in Red Hat Jboss EAP before version 7.2.4. A memory leak in HttpOpenListener due to holding remote connections indefinitely may lead to den…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2019-19343
|
2024-11-21 13:34 |
2021-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223092
|
8.8 |
HIGH
Network
|
siemens
|
xhq
|
A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow a Cross-Site Request Forgery (CSRF) attack if an unsuspecting user is tricked into accessing a malicious…
|
-
|
CVE-2019-19289
|
2024-11-21 13:34 |
2020-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223093
|
6.1 |
MEDIUM
Network
|
siemens
|
xhq
|
A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link.
|
-
|
CVE-2019-19288
|
2024-11-21 13:34 |
2020-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223094
|
6.5 |
MEDIUM
Network
|
siemens
|
xhq
|
A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow attackers to traverse through the file system of the server based by sending specially crafted packets o…
|
-
|
CVE-2019-19287
|
2024-11-21 13:34 |
2020-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223095
|
7.2 |
HIGH
Network
|
siemens
|
xhq
|
A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow SQL injection attacks if an attacker is able to modify content of particular web pages.
|
-
|
CVE-2019-19286
|
2024-11-21 13:34 |
2020-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223096
|
5.4 |
MEDIUM
Network
|
siemens
|
xhq
|
A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow injections that could lead to XSS attacks if unsuspecting users are tricked into accessing a malicious l…
|
CWE-79
Cross-site Scripting
|
CVE-2019-19285
|
2024-11-21 13:34 |
2020-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223097
|
5.4 |
MEDIUM
Network
|
siemens
|
xhq
|
A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow Cross-Site Scripting (XSS) attacks if an attacker is able to modify content of particular web pages, cau…
|
-
|
CVE-2019-19284
|
2024-11-21 13:34 |
2020-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223098
|
5.3 |
MEDIUM
Network
|
siemens
|
xhq
|
A vulnerability has been identified in XHQ (All Versions < 6.1). The application's web server could expose non-sensitive information about the server's architecture. This could allow an attacker to a…
|
-
|
CVE-2019-19283
|
2024-11-21 13:34 |
2020-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223099
|
2.4 |
LOW
Physics
|
harman
|
hermes
|
A misconfiguration in the debug interface in Mercedes-Benz HERMES 2.1 allows an attacker with direct physical access to device hardware to obtain cellular modem information.
|
NVD-CWE-noinfo
|
CVE-2019-19563
|
2024-11-21 13:34 |
2020-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223100
|
4.6 |
MEDIUM
Physics
|
harman
|
hermes
|
An authentication bypass in the debug interface in Mercedes-Benz HERMES 2.1 allows an attacker with physical access to device hardware to obtain system information.
|
CWE-287
Improper Authentication
|
CVE-2019-19562
|
2024-11-21 13:34 |
2020-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
