|
223211
|
3.3 |
LOW
Local
|
linux
|
linux_kernel
|
llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka C…
|
CWE-276
Incorrect Default Permissions
|
CVE-2019-17056
|
2024-11-21 13:31 |
2019-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223212
|
3.3 |
LOW
Local
|
linux
debian
fedoraproject
canonical
opensuse
redhat
|
linux_kernel
debian_linux
fedora
ubuntu_linux
leap
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
|
base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw sock…
|
CWE-862
Missing Authorization
|
CVE-2019-17055
|
2024-11-21 13:31 |
2019-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223213
|
3.3 |
LOW
Local
|
linux
|
linux_kernel
|
atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka…
|
CWE-276
Incorrect Default Permissions
|
CVE-2019-17054
|
2024-11-21 13:31 |
2019-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223214
|
3.3 |
LOW
Local
|
linux
|
linux_kernel
|
ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw s…
|
CWE-276
Incorrect Default Permissions
|
CVE-2019-17053
|
2024-11-21 13:31 |
2019-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223215
|
3.3 |
LOW
Local
|
linux
debian
fedoraproject
canonical
|
linux_kernel
debian_linux
fedora
ubuntu_linux
|
ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka C…
|
CWE-276
Incorrect Default Permissions
|
CVE-2019-17052
|
2024-11-21 13:31 |
2019-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223216
|
7.5 |
HIGH
Network
|
rust-lang
|
rust
|
Cargo prior to Rust 1.26.0 may download the wrong dependency if your package.toml file uses the `package` configuration key. Usage of the `package` key to rename dependencies in `Cargo.toml` is ignor…
|
CWE-494
Download of Code Without Integrity Check
|
CVE-2019-16760
|
2024-11-21 13:31 |
2019-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223217
|
7.8 |
HIGH
Local
|
evernote
|
evernote
|
Evernote before 7.13 GA on macOS allows code execution because the com.apple.quarantine attribute is not used for attachment files, as demonstrated by a one-click attack involving a drag-and-drop ope…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2019-17051
|
2024-11-21 13:31 |
2019-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223218
|
7.2 |
HIGH
Network
|
thecontrolgroup
|
voyager
|
An issue was discovered in the Voyager package through 1.2.7 for Laravel. An attacker with admin privileges and Compass access can read or delete arbitrary files, such as the .env file. NOTE: a softw…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2019-17050
|
2024-11-21 13:31 |
2019-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223219
|
7.5 |
HIGH
Network
|
netgear
|
srx5308_firmware
|
NETGEAR SRX5308 4.3.5-3 devices allow SQL Injection, as exploited in the wild in September 2019 to add a new user account.
|
CWE-89
SQL Injection
|
CVE-2019-17049
|
2024-11-21 13:31 |
2019-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223220
|
10.0 |
CRITICAL
Network
|
themeisle
|
visualizer
|
A blind SSRF vulnerability exists in the Visualizer plugin before 3.3.1 for WordPress via wp-json/visualizer/v1/upload-data.
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2019-16932
|
2024-11-21 13:31 |
2019-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
