|
224061
|
6.5 |
MEDIUM
Network
|
publisure
|
publisure
|
An issue was discovered in servletcontroller in the secure portal in Publisure 2.1.2. One can bypass authentication and perform a query on PHP forms within the /AdminDir folder that should be restric…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2019-14253
|
2024-11-21 13:26 |
2019-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224062
|
7.2 |
HIGH
Network
|
publisure
|
publisure
|
An issue was discovered in the secure portal in Publisure 2.1.2. Once successfully authenticated as an administrator, one is able to inject arbitrary PHP code by using the adminCons.php form. The cod…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2019-14252
|
2024-11-21 13:26 |
2019-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224063
|
9.8 |
CRITICAL
Network
|
fasterxml
netapp
fedoraproject
debian
redhat
oracle
|
jackson-databind
steelstore_cloud_integrated_storage
oncommand_workflow_automation
oncommand_api_services
fedora
debian_linux
jboss_enterprise_application_platform
retail_xstore_…
|
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2019-14540
|
2024-11-21 13:26 |
2019-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224064
|
9.8 |
CRITICAL
Network
|
nxp
|
kinetis_kv1x_firmware
kinetis_kv3x_firmware
kinetis_k8x_firmware
|
On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls (FAC) (a software IP protection method for execute-only access) can be defeated by observing CPU registers and the ef…
|
CWE-863
Incorrect Authorization
|
CVE-2019-14237
|
2024-11-21 13:26 |
2019-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224065
|
9.8 |
CRITICAL
Network
|
st
|
stm32l0_firmware
stm32l1_firmware
stm32f4_firmware
stm32l4_firmware
stm32f7_firmware
stm32h7_firmware
|
On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices, Proprietary Code Read Out Protection (PCROP) (a software IP protection method) can be defeated by observing CPU…
|
CWE-863
Incorrect Authorization
|
CVE-2019-14236
|
2024-11-21 13:26 |
2019-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224066
|
9.8 |
CRITICAL
Network
|
vivotek
|
camera
|
VIVOTEK IP Camera devices with firmware before 0x20x have a stack-based buffer overflow via a crafted HTTP header.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-14457
|
2024-11-21 13:26 |
2019-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224067
|
6.1 |
MEDIUM
Network
|
alfresco
|
alfresco
|
An issue was discovered in Alfresco Community Edition versions below 5.2.6, 6.0.N and 6.1.N. The Alfresco Share application is vulnerable to an Open Redirect attack via a crafted POST request. By man…
|
CWE-601
Open Redirect
|
CVE-2019-14223
|
2024-11-21 13:26 |
2019-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224068
|
7.2 |
HIGH
Network
|
alfresco
|
alfresco
|
An issue was discovered in Alfresco Community Edition 5.2 201707. By leveraging multiple components in the Alfresco Software applications, an exploit chain was observed that allows an attacker to ach…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2019-14224
|
2024-11-21 13:26 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224069
|
9.8 |
CRITICAL
Network
|
alfresco
|
alfresco
|
An issue was discovered in Alfresco Community Edition versions 6.0 and lower. An unauthenticated, remote attacker could authenticate to Alfresco's Solr Web Admin Interface. The vulnerability is due t…
|
CWE-1188
Insecure Default Initialization of Resource
|
CVE-2019-14222
|
2024-11-21 13:26 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224070
|
5.5 |
MEDIUM
Local
|
canon
|
print
|
The ContentProvider in the Canon PRINT jp.co.canon.bsd.ad.pixmaprint 2.5.5 application for Android does not properly restrict canon.ij.printer.capability.data data access. This allows an attacker's m…
|
NVD-CWE-noinfo
|
CVE-2019-14339
|
2024-11-21 13:26 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
