|
211241
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In /proc/net of the kernel filesystem, there is a possible information leak due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed…
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2019-9475
|
2024-11-21 13:51 |
2021-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211242
|
7.5 |
HIGH
Network
|
contiki-os
contiki-ng
|
contiki
contiki-ng
|
An issue was discovered in Contiki-NG through 4.3 and Contiki through 3.0. A buffer overflow is present due to an integer underflow during 6LoWPAN fragment processing in the face of truncated fragmen…
|
CWE-787
CWE-191
Out-of-bounds Write
Integer Underflow (Wrap or Wraparound)
|
CVE-2019-9183
|
2024-11-21 13:51 |
2020-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211243
|
9.8 |
CRITICAL
Network
|
marchnetworks
|
command_client
|
The connection initiation process in March Networks Command Client before 2.7.2 allows remote attackers to execute arbitrary code via crafted XAML objects.
|
CWE-94
Code Injection
|
CVE-2019-9163
|
2024-11-21 13:51 |
2020-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211244
|
5.4 |
MEDIUM
Network
|
vertiv
|
avocent_umg-4000_firmware
|
The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to reflected XSS in an HTTP POST parameter. The web application does not neutralize user-controllable input before disp…
|
CWE-79
Cross-site Scripting
|
CVE-2019-9509
|
2024-11-21 13:51 |
2020-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211245
|
3.5 |
LOW
Network
|
vertiv
|
avocent_umg-4000_firmware
|
The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to stored XSS. A remote attacker authenticated with an administrator account could store a maliciously named file withi…
|
CWE-79
Cross-site Scripting
|
CVE-2019-9508
|
2024-11-21 13:51 |
2020-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211246
|
7.2 |
HIGH
Network
|
vertiv
|
avocent_umg-4000_firmware
|
The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to command injection because the application incorrectly neutralizes code syntax before executing. Since all commands w…
|
CWE-77
Command Injection
|
CVE-2019-9507
|
2024-11-21 13:51 |
2020-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211247
|
7.5 |
HIGH
Network
|
google
|
android
|
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction i…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-9474
|
2024-11-21 13:51 |
2020-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211248
|
7.5 |
HIGH
Network
|
google
|
android
|
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction i…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-9473
|
2024-11-21 13:51 |
2020-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211249
|
8.8 |
HIGH
Adjacent
|
synology
broadcom
|
router_manager
bcm4339_firmware
|
The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. If the vendor information element data length is larger than 164 bytes, a heap buffer overflow is triggered in wlc_wpa_plumb_gtk. …
|
CWE-787
Out-of-bounds Write
|
CVE-2019-9502
|
2024-11-21 13:51 |
2020-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211250
|
8.8 |
HIGH
Adjacent
|
synology
broadcom
|
router_manager
bcm4339_firmware
|
The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. By supplying a vendor information element with a data length larger than 32 bytes, a heap buffer overflow is triggered in wlc_wpa_…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-9501
|
2024-11-21 13:51 |
2020-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
