|
219081
|
6.1 |
MEDIUM
Network
|
zoho
|
salesiq
|
Cross-site scripting vulnerability in Zoho SalesIQ 1.0.8 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2019-5962
|
2024-11-21 13:45 |
2019-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219082
|
7.4 |
HIGH
Network
|
mastodon-tootdon
|
tootdon_for_mastodon
|
The Android App 'Tootdon for Mastodon' version 3.4.1 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive in…
|
CWE-295
Improper Certificate Validation
|
CVE-2019-5961
|
2024-11-21 13:45 |
2019-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219083
|
8.8 |
HIGH
Network
|
custom4web
|
wp_open_graph
|
Cross-site request forgery (CSRF) vulnerability in WP Open Graph 1.6.1 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
|
CWE-352
Origin Validation Error
|
CVE-2019-5960
|
2024-11-21 13:45 |
2019-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219084
|
8.8 |
HIGH
Network
|
freebsd
|
freebsd
|
In FreeBSD 12.0-STABLE before r349628, 12.0-RELEASE before 12.0-RELEASE-p7, 11.3-PRERELEASE before r349629, 11.3-RC3 before 11.3-RC3-p1, and 11.2-RELEASE before 11.2-RELEASE-p11, a bug in the cdrom d…
|
CWE-787
CWE-863
Out-of-bounds Write
Incorrect Authorization
|
CVE-2019-5602
|
2024-11-21 13:45 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219085
|
6.5 |
MEDIUM
Network
|
freebsd
|
freebsd
|
In FreeBSD 12.0-STABLE before r347474, 12.0-RELEASE before 12.0-RELEASE-p7, 11.2-STABLE before r347475, and 11.2-RELEASE before 11.2-RELEASE-p11, a bug in the FFS implementation causes up to three by…
|
CWE-200
Information Exposure
|
CVE-2019-5601
|
2024-11-21 13:45 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219086
|
9.8 |
CRITICAL
Network
|
freebsd
|
freebsd
|
In FreeBSD 12.0-STABLE before r349622, 12.0-RELEASE before 12.0-RELEASE-p7, 11.3-PRERELEASE before r349624, 11.3-RC3 before 11.3-RC3-p1, and 11.2-RELEASE before 11.2-RELEASE-p11, a bug in iconv imple…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-5600
|
2024-11-21 13:45 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219087
|
8.8 |
HIGH
Network
|
rapid7
|
nexpose
|
A Cross-Site Request Forgery (CSRF) vulnerability was found in Rapid7 Nexpose InsightVM Security Console versions 6.5.0 through 6.5.68. This issue allows attackers to exploit CSRF vulnerabilities on …
|
CWE-352
Origin Validation Error
|
CVE-2019-5630
|
2024-11-21 13:45 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219088
|
7.5 |
HIGH
Network
|
freebsd
|
freebsd
|
In FreeBSD 12.0-STABLE before r349197 and 12.0-RELEASE before 12.0-RELEASE-p6, a bug in the non-default RACK TCP stack can allow an attacker to cause several linked lists to grow unbounded and cause …
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2019-5599
|
2024-11-21 13:45 |
2019-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219089
|
9.8 |
CRITICAL
Network
|
netapp
|
aff_a700s_firmware
clustered_data_ontap
|
NetApp AFF A700s Baseboard Management Controller (BMC) firmware versions 1.22 and higher were shipped with a default account enabled that could allow unauthorized arbitrary command execution.
|
CWE-1188
Insecure Default Initialization of Resource
|
CVE-2019-5497
|
2024-11-21 13:45 |
2019-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219090
|
4.3 |
MEDIUM
Network
|
google
opensuse
debian
fedoraproject
|
chrome
leap
debian_linux
fedora
backports
|
Incorrect security UI in popup blocker in Google Chrome on iOS prior to 75.0.3770.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
|
CWE-362
Race Condition
|
CVE-2019-5840
|
2024-11-21 13:45 |
2019-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
