|
223361
|
9.8 |
CRITICAL
Network
|
tronlink
|
wallet
|
TronLink Wallet 2.2.0 stores user wallet keystore in plaintext and places them in insecure storage. An attacker can read and reuse the user keystore of a valid user via /data/data/com.tronlink.wallet…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2019-13096
|
2024-11-21 13:24 |
2019-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223362
|
6.5 |
MEDIUM
Network
|
send-anywhere
|
send_anywhere
|
The Send Anywhere application 9.4.18 for Android stores confidential information insecurely on the system (i.e., in cleartext), which allows a non-root user to find out the username/password of a val…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2019-13100
|
2024-11-21 13:24 |
2019-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223363
|
6.5 |
MEDIUM
Network
|
momo_project
|
momo
|
The Momo application 2.1.9 for Android stores confidential information insecurely on the system (i.e., in cleartext), which allows a non-root user to find out the username/password of a valid user an…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2019-13099
|
2024-11-21 13:24 |
2019-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223364
|
6.5 |
MEDIUM
Network
|
tronlink
|
wallet
|
The user password via the registration form of TronLink Wallet 2.2.0 is stored in the log when the class CreateWalletTwoActivity is called. Other authenticated users can read it in the log later. The…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2019-13098
|
2024-11-21 13:24 |
2019-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223365
|
6.1 |
MEDIUM
Network
|
sertek
|
xpare
|
An issue was discovered in Sertek Xpare 3.67. The login form does not sanitize input data. Because of this, a malicious agent could exploit the vulnerable function in order to prepare an XSS payload …
|
CWE-79
Cross-site Scripting
|
CVE-2019-13448
|
2024-11-21 13:24 |
2019-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223366
|
9.8 |
CRITICAL
Network
|
sertek
|
xpare
|
An issue was discovered in Sertek Xpare 3.67. The login form does not sanitize input data. Because of this, a malicious agent could access the backend database via SQL injection.
|
CWE-89
SQL Injection
|
CVE-2019-13447
|
2024-11-21 13:24 |
2019-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223367
|
7.5 |
HIGH
Network
|
temenos
|
cwx
|
Temenos CWX version 8.9 has an Broken Access Control vulnerability in the module /CWX/Employee/EmployeeEdit2.aspx, leading to the viewing of user information.
|
NVD-CWE-noinfo
|
CVE-2019-13403
|
2024-11-21 13:24 |
2019-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223368
|
6.1 |
MEDIUM
Network
|
myt_project
|
myt
|
In MyT 1.5.1, the User[username] parameter has XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2019-13346
|
2024-11-21 13:24 |
2019-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223369
|
6.5 |
MEDIUM
Network
|
zipios_project
|
zipios
|
Zipios before 0.1.7 does not properly handle certain malformed zip archives and can go into an infinite loop, causing a denial of service. This is related to zipheadio.h:readUint32() and zipfile.cpp:…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2019-13453
|
2024-11-21 13:24 |
2019-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223370
|
7.8 |
HIGH
Local
|
linux
debian
fedoraproject
canonical
redhat
netapp
|
linux_kernel
debian_linux
fedora
ubuntu_linux
enterprise_linux
enterprise_linux_for_real_time
enterprise_linux_for_real_time_for_nfv_tus
enterprise_linux_for_real_time_tus
ent…
|
In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obta…
|
NVD-CWE-noinfo
|
CVE-2019-13272
|
2024-11-21 13:24 |
2019-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
