|
212461
|
5.4 |
MEDIUM
Network
|
wowza
|
streaming_engine
|
Wowza Streaming Engine 4.8.0 and earlier from multiple authenticated XSS vulnerabilities via the (1) customList%5B0%5D.value field in enginemanager/server/serversetup/edit_adv.htm of the Server Setup…
|
CWE-79
Cross-site Scripting
|
CVE-2019-7655
|
2024-11-21 13:48 |
2020-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212462
|
6.5 |
MEDIUM
Network
|
wowza
|
streaming_engine
|
Wowza Streaming Engine 4.8.0 and earlier suffers from multiple CSRF vulnerabilities. For example, an administrator, by following a link, can be tricked into making unwanted changes such as adding ano…
|
CWE-352
Origin Validation Error
|
CVE-2019-7654
|
2024-11-21 13:48 |
2020-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212463
|
7.8 |
HIGH
Local
|
wowza
|
streaming_engine
|
A privilege escalation vulnerability in Wowza Streaming Engine 4.8.0 and earlier allows any unprivileged Linux user to escalate privileges to root. The installer sets too relaxed permissions on /usr/…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2019-7656
|
2024-11-21 13:48 |
2020-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212464
|
7.5 |
HIGH
Network
|
ricoh
|
fusionpro_vdp
|
A directory traversal and local file inclusion vulnerability in FPProducerInternetServer.exe in Ricoh MarcomCentral, formerly PTI Marketing, FusionPro VDP before 10.0 allows a remote attacker to list…
|
CWE-22
Path Traversal
|
CVE-2019-7751
|
2024-11-21 13:48 |
2020-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212465
|
7.2 |
HIGH
Network
|
sonicwall
|
sonicosv
sonicos
|
A vulnerability in SonicOS allow authenticated read-only admin can elevate permissions to configuration mode. This vulnerability affected SonicOS Gen 5 version 5.9.1.12-4o and earlier, Gen 6 version …
|
CWE-269
Improper Privilege Management
|
CVE-2019-7479
|
2024-11-21 13:48 |
2019-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212466
|
9.8 |
CRITICAL
Network
|
sonicwall
|
global_management_system
|
A vulnerability in GMS allow unauthenticated user to SQL injection in Webservice module. This vulnerability affected GMS versions GMS 8.4, 8.5, 8.6, 8.7, 9.0 and 9.1.
|
CWE-89
SQL Injection
|
CVE-2019-7478
|
2024-11-21 13:48 |
2019-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212467
|
9.8 |
CRITICAL
Network
|
sonicwall
|
email_security_appliance
|
A vulnerability in SonicWall Email Security appliance allow an unauthenticated user to perform remote code execution. This vulnerability affected Email Security Appliance version 10.0.2 and earlier.
|
NVD-CWE-noinfo
|
CVE-2019-7489
|
2024-11-21 13:48 |
2019-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212468
|
9.8 |
CRITICAL
Network
|
sonicwall
|
email_security_appliance
|
Weak default password cause vulnerability in SonicWall Email Security appliance which leads to attacker gain access to appliance database. This vulnerability affected Email Security Appliance version…
|
CWE-521
Weak Password Requirements
|
CVE-2019-7488
|
2024-11-21 13:48 |
2019-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212469
|
7.8 |
HIGH
Local
|
sonicwall
|
sonicos
sonicos_sslvpn_nacagent
|
Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path in quotes, so if a malicious binary by an attacker within the parent…
|
CWE-428
Unquoted Search Path or Element
|
CVE-2019-7487
|
2024-11-21 13:48 |
2019-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212470
|
8.8 |
HIGH
Network
|
sonicwall
|
sma_100_firmware
|
Code injection in SonicWall SMA100 allows an authenticated user to execute arbitrary code in viewcacert CGI script. This vulnerability impacted SMA100 version 9.0.0.4 and earlier.
|
CWE-94
Code Injection
|
CVE-2019-7486
|
2024-11-21 13:48 |
2019-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
