|
214071
|
8.1 |
HIGH
Adjacent
|
abus
|
secvest_wireless_alarm_system_fuaa50000_firmware
|
Due to the use of an insecure RFID technology (MIFARE Classic), ABUS proximity chip keys (RFID tokens) of the ABUS Secvest FUAA50000 wireless alarm system can easily be cloned and used to deactivate …
|
CWE-310
Cryptographic Issues
|
CVE-2019-9861
|
2024-11-21 13:52 |
2019-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214072
|
7.5 |
HIGH
Network
|
eq-3
|
ccu3_firmware
|
Unauthenticated password hash disclosure in the User.getUserPWD method in eQ-3 AG Homematic CCU3 3.43.15 and earlier allows remote attackers to retrieve the GUI password hashes of GUI users. This vul…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2019-9727
|
2024-11-21 13:52 |
2019-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214073
|
7.5 |
HIGH
Network
|
eq-3
|
ccu3_firmware
|
Directory Traversal / Arbitrary File Read in eQ-3 AG Homematic CCU3 3.43.15 and earlier allows remote attackers to read arbitrary files of the device's filesystem. This vulnerability can be exploited…
|
CWE-22
Path Traversal
|
CVE-2019-9726
|
2024-11-21 13:52 |
2019-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214074
|
7.8 |
HIGH
Local
|
libreoffice
|
libreoffice
|
A vulnerability in LibreOffice hyperlink processing allows an attacker to construct documents containing hyperlinks pointing to the location of an executable on the target users file system. If the h…
|
CWE-20
Improper Input Validation
|
CVE-2019-9847
|
2024-11-21 13:52 |
2019-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214075
|
5.5 |
MEDIUM
Local
|
symantec
|
antivirus_engine
|
Symantec AV Engine, prior to 13.0.9r17, may be susceptible to an arbitrary file deletion issue, which is a type of vulnerability that could allow an attacker to delete files on the resident system wi…
|
NVD-CWE-noinfo
|
CVE-2019-9698
|
2024-11-21 13:52 |
2019-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214076
|
4.9 |
MEDIUM
Network
|
mahara
|
mahara
|
An issue was discovered in Mahara 17.10 before 17.10.8, 18.04 before 18.04.4, and 18.10 before 18.10.1. A site administrator can suspend the system user (root), causing all users to be locked out fro…
|
NVD-CWE-noinfo
|
CVE-2019-9708
|
2024-11-21 13:52 |
2019-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214077
|
5.4 |
MEDIUM
Network
|
mahara
|
mahara
|
An issue was discovered in Mahara 17.10 before 17.10.8, 18.04 before 18.04.4, and 18.10 before 18.10.1. The collection title is vulnerable to Cross Site Scripting (XSS) due to not escaping it when vi…
|
CWE-79
Cross-site Scripting
|
CVE-2019-9709
|
2024-11-21 13:52 |
2019-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214078
|
7.5 |
HIGH
Network
|
phpbb
|
phpbb
|
The fulltext search component in phpBB before 3.2.6 allows Denial of Service.
|
CWE-20
Improper Input Validation
|
CVE-2019-9826
|
2024-11-21 13:52 |
2019-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214079
|
8.8 |
HIGH
Network
|
mozilla
|
thunderbird
firefox
firefox_esr
|
Incorrect handling of __proto__ mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox < 66.0.1, Firef…
|
CWE-843
Type Confusion
|
CVE-2019-9813
|
2024-11-21 13:52 |
2019-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214080
|
8.8 |
HIGH
Network
|
mozilla
redhat
|
thunderbird
firefox
firefox_esr
enterprise_linux
enterprise_linux_eus
enterprise_linux_server_tus
enterprise_linux_server_aus
|
Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox < 66.0.1, Firefox ESR…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2019-9810
|
2024-11-21 13:52 |
2019-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
