|
223941
|
5.5 |
MEDIUM
Local
|
flightcrew_project
|
flightcrew
|
An issue was discovered in FlightCrew v0.9.2 and earlier. A NULL pointer dereference occurs in GetRelativePathToNcx() or GetRelativePathsToXhtmlDocuments() when a NULL pointer is passed to xc::XMLUri…
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-13032
|
2024-11-21 13:24 |
2019-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223942
|
8.1 |
HIGH
Network
|
lemonldap-ng
debian
|
lemonldap\
debian_linux
|
LemonLDAP::NG before 1.9.20 has an XML External Entity (XXE) issue when submitting a notification to the notification server. By default, the notification server is not enabled and has a "deny all" r…
|
CWE-611
XXE
|
CVE-2019-13031
|
2024-11-21 13:24 |
2019-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223943
|
8.8 |
HIGH
Network
|
minv
|
electronic_identification_cards_client
|
An incorrect implementation of a local web server in eID client (Windows version before 3.1.2, Linux version before 3.0.3) allows remote attackers to execute arbitrary code (.cgi, .pl, or .php) or de…
|
CWE-284
Improper Access Control
|
CVE-2019-13028
|
2024-11-21 13:24 |
2019-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223944
|
7.5 |
HIGH
Network
|
gnome
|
glib
|
The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 creates directories using g_file_make_directory_with_parents (kfsb->dir, NULL, NULL) and files using g_file_replace_contents (kf…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2019-13012
|
2024-11-21 13:24 |
2019-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223945
|
5.3 |
MEDIUM
Network
|
dropbear_ssh_project
|
dropbear_ssh
|
Dropbear 2011.54 through 2018.76 has an inconsistent failure delay that may lead to revealing valid usernames, a different issue than CVE-2018-15599.
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2019-12953
|
2024-11-21 13:23 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223946
|
9.8 |
CRITICAL
Network
|
dlink
|
dap-1650_firmware
|
An issue was discovered on D-Link DAP-1650 devices through v1.03b07 before 1.04B02_J65H Hot Fix. Attackers can bypass authentication via forceful browsing.
|
CWE-425
Direct Request ('Forced Browsing')
|
CVE-2019-12768
|
2024-11-21 13:23 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223947
|
8.8 |
HIGH
Network
|
verint
|
impact_360
|
An issue was discovered in Verint Impact 360 15.1. At wfo/control/signin, the login form can accept submissions from external websites. In conjunction with CVE-2019-12783, this can be used by attacke…
|
CWE-352
Origin Validation Error
|
CVE-2019-12784
|
2024-11-21 13:23 |
2020-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223948
|
6.1 |
MEDIUM
Network
|
verint
|
impact_360
|
An issue was discovered in Verint Impact 360 15.1. At wfo/control/signin, the rd parameter can accept a URL, to which users will be redirected after a successful login. In conjunction with CVE-2019-1…
|
CWE-601
Open Redirect
|
CVE-2019-12783
|
2024-11-21 13:23 |
2020-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223949
|
6.1 |
MEDIUM
Network
|
verint
|
impact_360
|
An issue was discovered in Verint Impact 360 15.1. At wfo/help/help_popup.jsp, the helpURL parameter can be changed to embed arbitrary content inside of an iFrame. Attackers may use this in conjuncti…
|
CWE-79
Cross-site Scripting
|
CVE-2019-12773
|
2024-11-21 13:23 |
2020-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223950
|
5.5 |
MEDIUM
Local
|
solarwinds
|
netpath
orion_platform
network_performance_monitor
|
SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) is vulnerable to Information Leakage, because of improper error handling with stack traces, as demonstrated by discovering a full pathna…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2019-12864
|
2024-11-21 13:23 |
2020-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
