|
222691
|
8.8 |
HIGH
Network
|
zte
|
wf820\+_lte_outdoor_cpe_firmware
|
All versions up to UKBB_WF820+_1.0.0B06 of ZTE WF820+ LTE Outdoor CPE product are impacted by command injection vulnerability. Due to inadequate parameter verification, unauthorized users can take ad…
|
CWE-78
OS Command
|
CVE-2019-3409
|
2024-11-21 13:42 |
2019-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222692
|
7.4 |
HIGH
Network
|
solarwinds
|
dameware_mini_remote_control
|
Dameware Remote Mini Control version 12.1.0.34 and prior contains an unauthenticated remote buffer over-read due to the server not properly validating RsaSignatureLen during key negotiation, which co…
|
CWE-20
CWE-125
Improper Input Validation
Out-of-bounds Read
|
CVE-2019-3957
|
2024-11-21 13:42 |
2019-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222693
|
7.4 |
HIGH
Network
|
dameware
|
remote_mini_control
|
Dameware Remote Mini Control version 12.1.0.34 and prior contains an unauthenticated remote buffer over-read due to the server not properly validating CltDHPubKeyLen during key negotiation, which cou…
|
CWE-20
CWE-125
Improper Input Validation
Out-of-bounds Read
|
CVE-2019-3956
|
2024-11-21 13:42 |
2019-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222694
|
7.5 |
HIGH
Network
|
dameware
|
remote_mini_control
|
Dameware Remote Mini Control version 12.1.0.34 and prior contains a unauthenticated remote heap overflow due to the server not properly validating RsaPubKeyLen during key negotiation. An unauthentica…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-3955
|
2024-11-21 13:42 |
2019-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222695
|
6.1 |
MEDIUM
Network
|
microfocus
|
solutions_business_manager
|
Micro Focus Solution Business Manager versions prior to 11.4.2 is susceptible to open redirect.
|
CWE-601
Open Redirect
|
CVE-2019-3477
|
2024-11-21 13:42 |
2019-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222696
|
5.4 |
MEDIUM
Network
|
pivotal_software
|
operations_manager
|
The Pivotal Ops Manager, 2.2.x versions prior to 2.2.23, 2.3.x versions prior to 2.3.16, 2.4.x versions prior to 2.4.11, and 2.5.x versions prior to 2.5.3, contain configuration that circumvents refr…
|
CWE-613
Insufficient Session Expiration
|
CVE-2019-3790
|
2024-11-21 13:42 |
2019-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222697
|
9.1 |
CRITICAL
Network
|
dell
|
emc_openmanage_server_administrator
|
Dell EMC OpenManage Server Administrator (OMSA) versions prior to 9.1.0.3 and prior to 9.2.0.4 contain a web parameter tampering vulnerability. A remote unauthenticated attacker could potentially man…
|
CWE-20
Improper Input Validation
|
CVE-2019-3723
|
2024-11-21 13:42 |
2019-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222698
|
7.5 |
HIGH
Network
|
dell
|
emc_openmanage_server_administrator
|
Dell EMC OpenManage Server Administrator (OMSA) versions prior to 9.1.0.3 and prior to 9.2.0.4 contain an XML external entity (XXE) injection vulnerability. A remote unauthenticated attacker could po…
|
CWE-611
XXE
|
CVE-2019-3722
|
2024-11-21 13:42 |
2019-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222699
|
5.3 |
MEDIUM
Network
|
mybb
|
mybb
|
MyBB 1.8.19 allows remote attackers to obtain sensitive information because it discloses the username upon receiving a password-reset request that lacks the code parameter.
|
CWE-200
Information Exposure
|
CVE-2019-3579
|
2024-11-21 13:42 |
2019-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222700
|
6.1 |
MEDIUM
Network
|
mybb
|
mybb
|
MyBB 1.8.19 has XSS in the resetpassword function.
|
CWE-79
Cross-site Scripting
|
CVE-2019-3578
|
2024-11-21 13:42 |
2019-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
