|
224311
|
8.1 |
HIGH
Network
|
eclipse
|
theia
|
In Eclipse Theia versions 0.3.9 through 0.15.0, one of the default pre-packaged Theia extensions is "Mini-Browser", published as "@theia/mini-browser" on npmjs.com. This extension, for its own needs,…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2019-17636
|
2024-11-21 13:32 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224312
|
9.8 |
CRITICAL
Network
|
centreon
|
centreon
|
An issue was discovered in Centreon before 2.8.30, 18.10.8, 19.04.5, and 19.10.2. SQL Injection exists via the include/monitoring/status/Hosts/xml/hostXML.php instance parameter.
|
CWE-89
SQL Injection
|
CVE-2019-17647
|
2024-11-21 13:32 |
2020-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224313
|
7.5 |
HIGH
Network
|
centreon
|
centreon
|
An issue was discovered in Centreon before 18.10.8, 19.04.5, and 19.10.2. It provides sensitive information via an unauthenticated direct request for api/external.php?object=centreon_metric&action=li…
|
CWE-425
Direct Request ('Forced Browsing')
|
CVE-2019-17646
|
2024-11-21 13:32 |
2020-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224314
|
7.5 |
HIGH
Network
|
centreon
|
centreon
|
An issue was discovered in Centreon before 2.8.31, 18.10.9, 19.04.6, and 19.10.3. It provides sensitive information via an unauthenticated direct request for include/configuration/configObject/servic…
|
CWE-425
Direct Request ('Forced Browsing')
|
CVE-2019-17645
|
2024-11-21 13:32 |
2020-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224315
|
8.8 |
HIGH
Network
|
centreon
|
centreon
|
An issue was discovered in Centreon before 18.10.8, 19.10.1, and 19.04.2. It allows CSRF with resultant remote command execution via shell metacharacters in a POST to centreon-autodiscovery-server/vi…
|
CWE-352
CWE-78
Origin Validation Error
OS Command
|
CVE-2019-17642
|
2024-11-21 13:32 |
2020-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224316
|
7.5 |
HIGH
Network
|
centreon
|
centreon
|
An issue was discovered in Centreon before 2.8-30, 18.10-8, 19.04-5, and 19.10-2.. It provides sensitive information via an unauthenticated direct request for include/configuration/configObject/host/…
|
CWE-425
Direct Request ('Forced Browsing')
|
CVE-2019-17644
|
2024-11-21 13:32 |
2020-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224317
|
7.5 |
HIGH
Network
|
centreon
|
centreon
|
An issue was discovered in Centreon before 2.8-30,18.10-8, 19.04-5, and 19.10-2. It provides sensitive information via an unauthenticated direct request for include/monitoring/recurrentDowntime/GetXM…
|
CWE-425
Direct Request ('Forced Browsing')
|
CVE-2019-17643
|
2024-11-21 13:32 |
2020-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224318
|
6.5 |
MEDIUM
Network
|
eset
|
cyber_security
|
ESET Cyber Security before 6.8.1.0 is vulnerable to a denial-of-service allowing any user to stop (kill) ESET processes. An attacker can abuse this bug to stop the protection from ESET and launch his…
|
NVD-CWE-Other
|
CVE-2019-17549
|
2024-11-21 13:32 |
2020-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224319
|
7.5 |
HIGH
Network
|
moxa
|
iologik_2512_firmware
iologik_2512-t_firmware
iologik_2512-hspa_firmware
iologik_2512-hspa-t_firmware
iologik_2512-wl1-eu_firmware
iologik_2512-wl1-eu-t_firmware
iologik_2512-wl1-us…
|
In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is stored in configuration files without encryption, whic…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2019-18238
|
2024-11-21 13:32 |
2020-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224320
|
9.8 |
CRITICAL
Network
|
netapp
|
oncommand_cloud_manager
|
OnCommand Cloud Manager versions prior to 3.8.0 are susceptible to arbitrary code execution by remote attackers.
|
NVD-CWE-noinfo
|
CVE-2019-17275
|
2024-11-21 13:32 |
2020-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
