|
213631
|
6.1 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It allows XSS (issue 1 of 2). Markdown fields contain a lack of input…
|
CWE-79
Cross-site Scripting
|
CVE-2019-6784
|
2024-11-21 13:47 |
2019-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213632
|
8.8 |
HIGH
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. GitLab Pages contains a directory traversal vulnerability that could …
|
CWE-22
Path Traversal
|
CVE-2019-6783
|
2024-11-21 13:47 |
2019-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213633
|
7.5 |
HIGH
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It allows Information Disclosure (issue 1 of 6). An authorization iss…
|
NVD-CWE-noinfo
|
CVE-2019-6782
|
2024-11-21 13:47 |
2019-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213634
|
7.0 |
HIGH
Local
|
apport_project
|
apport
|
Apport before versions 2.14.1-0ubuntu3.29+esm1, 2.20.1-0ubuntu2.19, 2.20.9-0ubuntu7.7, 2.20.10-0ubuntu27.1, 2.20.11-0ubuntu5 contained a TOCTTOU vulnerability when reading the users ~/.apport-ignore.…
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2019-7307
|
2024-11-21 13:47 |
2019-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213635
|
9.8 |
CRITICAL
Network
|
tcl
|
alcatel_linkzone_firmware
|
The web interface of Alcatel LINKZONE MW40-V-V1.0 MW40_LU_02.00_02 devices is vulnerable to an authentication bypass that allows an unauthenticated user to have access to the web interface without kn…
|
CWE-287
Improper Authentication
|
CVE-2019-7163
|
2024-11-21 13:47 |
2019-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213636
|
7.5 |
HIGH
Network
|
dlink
|
dva-5592_firmware
|
The web interface of the D-Link DVA-5592 20180823 is vulnerable to an authentication bypass that allows an unauthenticated user to have access to sensitive information such as the Wi-Fi password and …
|
CWE-79
Cross-site Scripting
|
CVE-2019-6969
|
2024-11-21 13:47 |
2019-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213637
|
6.1 |
MEDIUM
Network
|
dlink
|
dva-5592_firmware
|
The web interface of the D-Link DVA-5592 20180823 is vulnerable to XSS because HTML form parameters are directly reflected.
|
CWE-79
Cross-site Scripting
|
CVE-2019-6968
|
2024-11-21 13:47 |
2019-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213638
|
6.1 |
MEDIUM
Network
|
avaya
|
aura_conferencing
|
A Cross-Site Scripting (XSS) vulnerability in the Web UI of Avaya Aura Conferencing may allow code execution and potentially disclose sensitive information. Affected versions of Avaya Aura Conferenci…
|
CWE-79
Cross-site Scripting
|
CVE-2019-7000
|
2024-11-21 13:47 |
2019-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213639
|
6.5 |
MEDIUM
Network
|
wpfastestcache
|
wp_fastest_cache
|
The WP Fastest Cache plugin through 0.8.9.0 for WordPress allows remote attackers to delete arbitrary files because wp_postratings_clear_fastest_cache and rm_folder_recursively in wpFastestCache.php …
|
CWE-22
Path Traversal
|
CVE-2019-6726
|
2024-11-21 13:47 |
2019-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213640
|
7.8 |
HIGH
Local
|
schneider-electric
|
interactive_graphical_scada_system
|
A CWE-787: Out-of-bounds Write vulnerability exists in Interactive Graphical SCADA System (IGSS), Version 14 and prior, which could cause a software crash when data in the mdb database is manipulated.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-6827
|
2024-11-21 13:47 |
2019-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
