|
213831
|
7.5 |
HIGH
Network
|
adobe
|
bridge_cc
|
Adobe Bridge CC versions 9.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to information disclosure.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-8240
|
2024-11-21 13:49 |
2019-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213832
|
7.5 |
HIGH
Network
|
adobe
|
bridge_cc
|
Adobe Bridge CC versions 9.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to information disclosure.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-8239
|
2024-11-21 13:49 |
2019-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213833
|
7.8 |
HIGH
Local
|
adobe
|
illustrator_cc
|
Adobe Illustrator CC versions 23.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2019-7962
|
2024-11-21 13:49 |
2019-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213834
|
7.8 |
HIGH
Local
|
adobe
|
animate_cc
|
Adobe Animate CC versions 19.2.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2019-7960
|
2024-11-21 13:49 |
2019-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213835
|
9.8 |
CRITICAL
Network
|
magento
|
magento
|
An XPath entity injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An attacker can craft a GET request to page cache block rendering module that ge…
|
CWE-91
Blind XPath Injection
|
CVE-2019-8158
|
2024-11-21 13:49 |
2019-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213836
|
5.4 |
MEDIUM
Network
|
magento
|
magento
|
A stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can manipulate downloadable link and cause an in…
|
CWE-79
Cross-site Scripting
|
CVE-2019-8157
|
2024-11-21 13:49 |
2019-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213837
|
7.2 |
HIGH
Network
|
magento
|
magento
|
A server-side request forgery (SSRF) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with admin privileges to modify store configura…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2019-8156
|
2024-11-21 13:49 |
2019-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213838
|
5.4 |
MEDIUM
Network
|
magento
|
magento
|
A stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can inject arbitrary JavaScript code into the at…
|
CWE-79
Cross-site Scripting
|
CVE-2019-8145
|
2024-11-21 13:49 |
2019-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213839
|
5.4 |
MEDIUM
Network
|
magento
|
magento
|
A stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can craft malicious payload in the template Name…
|
CWE-79
Cross-site Scripting
|
CVE-2019-8132
|
2024-11-21 13:49 |
2019-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213840
|
6.1 |
MEDIUM
Network
|
magento
|
magento
|
In Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1, an unauthenticated user can inject arbitrary JavaScript code as a result of the sanitization engine ignoring HTML comments.
|
CWE-79
Cross-site Scripting
|
CVE-2019-8233
|
2024-11-21 13:49 |
2019-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
