|
222691
|
7.8 |
HIGH
Local
|
mcafee
|
virusscan_enterprise
|
Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow local users to interact with the On-Access Scan Messag…
|
CWE-269
Improper Privilege Management
|
CVE-2019-3585
|
2024-11-21 13:42 |
2020-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222692
|
7.3 |
HIGH
Local
|
mcafee
|
agent
|
DLL Search Order Hijacking vulnerability in McAfee Agent (MA) prior to 5.6.4 allows attackers with local access to execute arbitrary code via execution from a compromised folder.
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2019-3613
|
2024-11-21 13:42 |
2020-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222693
|
8.2 |
HIGH
Local
|
mcafee
|
total_protection
|
Privilege escalation vulnerability in McAfee Total Protection (ToPS) for Mac OS prior to 4.6 allows local users to gain root privileges via incorrect protection of temporary files.
|
CWE-269
Improper Privilege Management
|
CVE-2019-3617
|
2024-11-21 13:42 |
2020-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222694
|
7.5 |
HIGH
Network
|
parrot
|
anafi_firmware
|
Web server running on Parrot ANAFI can be crashed due to the SDK command "Common_CurrentDateTime" being sent to control service with larger than expected date length.
|
NVD-CWE-Other
|
CVE-2019-3945
|
2024-11-21 13:42 |
2020-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222695
|
7.5 |
HIGH
Network
|
parrot
|
anafi_firmware
|
Parrot ANAFI is vulnerable to Wi-Fi deauthentication attack, allowing remote and unauthenticated attackers to disconnect drone from controller during mid-flight.
|
CWE-276
Incorrect Default Permissions
|
CVE-2019-3944
|
2024-11-21 13:42 |
2020-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222696
|
7.5 |
HIGH
Network
|
advantech
|
webaccess
|
Advantech WebAccess 8.3.4 does not properly restrict an RPC call that allows unauthenticated, remote users to read files. An attacker can use this vulnerability to recover the administrator password.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2019-3942
|
2024-11-21 13:42 |
2020-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222697
|
7.5 |
HIGH
Network
|
dell
|
emc_integrated_data_protection_appliance
emc_data_protection_central
|
Data Protection Central versions 1.0, 1.0.1, 18.1, 18.2, and 19.1 contains an Improper Certificate Chain of Trust Vulnerability. A remote unauthenticated attacker could potentially exploit this vulne…
|
CWE-295
Improper Certificate Validation
|
CVE-2019-3762
|
2024-11-21 13:42 |
2020-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222698
|
6.4 |
MEDIUM
Network
|
dell
|
wyse_management_suite
|
Dell Wyse Management Suite versions prior to 1.4.1 contain a stored cross-site scripting vulnerability when unregistering a device. A remote authenticated malicious user with low privileges could exp…
|
CWE-79
Cross-site Scripting
|
CVE-2019-3770
|
2024-11-21 13:42 |
2020-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222699
|
6.4 |
MEDIUM
Network
|
dell
|
wyse_management_suite
|
Dell Wyse Management Suite versions prior to 1.4.1 contain a stored cross-site scripting vulnerability. A remote authenticated malicious user with low privileges could exploit this vulnerability to s…
|
CWE-79
Cross-site Scripting
|
CVE-2019-3769
|
2024-11-21 13:42 |
2020-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222700
|
7.5 |
HIGH
Network
|
facebook
|
thrift
|
C++ Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result …
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2019-3553
|
2024-11-21 13:42 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
