|
222351
|
6.1 |
MEDIUM
Network
|
mcafee
|
web_advisor
|
Remote Code Execution vulnerability in the web interface in McAfee Web Advisor (WA) 8.0.34745 and earlier allows remote unauthenticated attacker to execute arbitrary code via a cross site scripting a…
|
CWE-79
Cross-site Scripting
|
CVE-2019-3670
|
2024-11-21 13:42 |
2020-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222352
|
3.3 |
LOW
Local
|
suse
|
yast2-security
|
yast2-security didn't use secure defaults to protect passwords. This became a problem on 2019-10-07 when configuration files that set secure settings were moved to a different location. As of the 201…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2019-3700
|
2024-11-21 13:42 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222353
|
7.8 |
HIGH
Local
|
privoxy
|
privoxy
|
UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of privoxy on openSUSE Leap 15.1, Factory allows local attackers to escalate from user privoxy to root. This issue affects: openS…
|
-
|
CVE-2019-3699
|
2024-11-21 13:42 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222354
|
7.8 |
HIGH
Local
|
opensuse
gnu
|
leap
gnump3d
|
UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of gnump3d in openSUSE Leap 15.1 allows local attackers to escalate from user gnump3d to root. This issue affects: openSUSE Leap …
|
-
|
CVE-2019-3697
|
2024-11-21 13:42 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222355
|
7.8 |
HIGH
Local
|
opensuse
suse
|
munin
|
A Symbolic Link (Symlink) Following vulnerability in the packaging of munin in openSUSE Factory, Leap 15.1 allows local attackers to escalate from user munin to root. This issue affects: openSUSE Fac…
|
-
|
CVE-2019-3694
|
2024-11-21 13:42 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222356
|
7.8 |
HIGH
Local
|
suse
opensuse
|
mailman
backports_sle
|
A symlink following vulnerability in the packaging of mailman in SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Server 12; openSUSE Leap 15.1 allowed local attackers to escalate their privile…
|
-
|
CVE-2019-3693
|
2024-11-21 13:42 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222357
|
7.8 |
HIGH
Local
|
suse
opensuse
|
inn
leap
backports_sle
|
The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local attackers to escalate from user inn to root via symlink attacks. This issue affects: SUSE Linux Enter…
|
-
|
CVE-2019-3692
|
2024-11-21 13:42 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222358
|
3.3 |
LOW
Local
|
suse
|
linux_enterprise_server
|
The permission package in SUSE Linux Enterprise Server allowed all local users to run dumpcap in the "easy" permission profile and sniff network traffic. This issue affects: SUSE Linux Enterprise Ser…
|
CWE-276
Incorrect Default Permissions
|
CVE-2019-3687
|
2024-11-21 13:42 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222359
|
7.8 |
HIGH
Local
|
opensuse
|
munge
|
A Symbolic Link (Symlink) Following vulnerability in the packaging of munge in SUSE Linux Enterprise Server 15; openSUSE Factory allowed local attackers to escalate privileges from user munge to root…
|
-
|
CVE-2019-3691
|
2024-11-21 13:42 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222360
|
8.8 |
HIGH
Network
|
redhat
|
quay
|
A vulnerability was discovered in all quay-2 versions before quay-3.0.0, in the Quay web GUI where POST requests include a specific parameter which is used as a CSRF token. The token is not refreshed…
|
CWE-352
Origin Validation Error
|
CVE-2019-3864
|
2024-11-21 13:42 |
2020-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
