|
214191
|
6.5 |
MEDIUM
Network
|
sonicwall
|
sonicos
sonicosv
|
A vulnerability in SonicWall SonicOS and SonicOSv, allow authenticated read-only admin to leave the firewall in an unstable state by downloading certificate with specific extension. This vulnerabilit…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2019-7474
|
2024-11-21 13:48 |
2019-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214192
|
7.8 |
HIGH
Local
|
dovecot
debian
canonical
opensuse
|
dovecot
debian_linux
ubuntu_linux
leap
|
In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to root. This occurs because of missing c…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2019-7524
|
2024-11-21 13:48 |
2019-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214193
|
4.8 |
MEDIUM
Network
|
control-webpanel
|
webpanel
|
CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.763 is vulnerable to Stored/Persistent XSS for the "Package Name" field via the add_package module parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2019-7646
|
2024-11-21 13:48 |
2019-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214194
|
7.5 |
HIGH
Network
|
ghs
|
integrity_rtos
|
An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. The main shell handler function uses the value of the environment variable ipcom.shell.greeting …
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2019-7715
|
2024-11-21 13:48 |
2019-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214195
|
9.8 |
CRITICAL
Network
|
ghs
|
integrity_rtos
|
An issue was discovered in Interpeak IPWEBS on Green Hills INTEGRITY RTOS 5.0.4. It allocates 60 bytes for the HTTP Authentication header. However, when copying this header to parse, it does not chec…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-7714
|
2024-11-21 13:48 |
2019-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214196
|
9.8 |
CRITICAL
Network
|
ghs
|
integrity_rtos
|
An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. There is a heap-based buffer overflow in the function responsible for printing the shell prompt,…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-7713
|
2024-11-21 13:48 |
2019-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214197
|
7.5 |
HIGH
Network
|
ghs
|
integrity_rtos
|
An issue was discovered in handler_ipcom_shell_pwd in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. When using the pwd command, the current working directory path is use…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2019-7712
|
2024-11-21 13:48 |
2019-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214198
|
7.5 |
HIGH
Network
|
ghs
|
integrity_rtos
|
An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. The undocumented shell command "prompt" sets the (user controlled) shell's prompt value, which i…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2019-7711
|
2024-11-21 13:48 |
2019-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214199
|
7.5 |
HIGH
Network
|
dlink
|
dir-817lw_firmware
dir-816l_firmware
dir-816_firmware
dir-850l_firmware
dir-868l_firmware
|
D-Link routers with the mydlink feature have some web interfaces without authentication requirements. An attacker can remotely obtain users' DNS query logs and login logs. Vulnerable targets include …
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2019-7642
|
2024-11-21 13:48 |
2019-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214200
|
7.5 |
HIGH
Network
|
elastic
|
winlogbeat
|
Winlogbeat versions before 5.6.16 and 6.6.2 had an insufficient logging flaw. An attacker able to inject certain characters into a log entry could prevent Winlogbeat from recording the event.
|
NVD-CWE-Other
|
CVE-2019-7613
|
2024-11-21 13:48 |
2019-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
