|
223031
|
6.5 |
MEDIUM
Adjacent
|
w1.fi
debian
canonical
|
hostapd
wpa_supplicant
debian_linux
ubuntu_linux
|
hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service th…
|
CWE-346
Origin Validation Error
|
CVE-2019-16275
|
2024-11-21 13:30 |
2019-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223032
|
6.1 |
MEDIUM
Network
|
afterlogic
|
aurora
|
Afterlogic Aurora through 8.3.9-build-a3 has XSS that can be leveraged for session hijacking by retrieving the session cookie from the administrator login.
|
CWE-79
Cross-site Scripting
|
CVE-2019-16238
|
2024-11-21 13:30 |
2019-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223033
|
9.1 |
CRITICAL
Network
|
tripplite
|
pdumh15at_firmware
|
Tripp Lite PDUMH15AT 12.04.0053 devices allow unauthenticated POST requests to the /Forms/ directory, as demonstrated by changing the manager or admin password, or shutting off power to an outlet. NO…
|
CWE-287
Improper Authentication
|
CVE-2019-16261
|
2024-11-21 13:30 |
2019-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223034
|
9.8 |
CRITICAL
Network
|
motorola
|
motorola_firmware
|
Some Motorola devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or ex…
|
NVD-CWE-noinfo
|
CVE-2019-16257
|
2024-11-21 13:30 |
2019-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223035
|
9.8 |
CRITICAL
Network
|
samsung
|
samsung_firmware
|
Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or exe…
|
NVD-CWE-noinfo
|
CVE-2019-16256
|
2024-11-21 13:30 |
2019-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223036
|
7.5 |
HIGH
Network
|
oceanwp
|
ocean_extra
|
includes/wizard/wizard.php in the Ocean Extra plugin through 1.5.8 for WordPress allows unauthenticated options changes and injection of a Cascading Style Sheets (CSS) token sequence.
|
CWE-287
Improper Authentication
|
CVE-2019-16250
|
2024-11-21 13:30 |
2019-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223037
|
5.3 |
MEDIUM
Network
|
opencv
|
opencv
|
OpenCV 4.1.1 has an out-of-bounds read in hal_baseline::v_load in core/hal/intrin_sse.hpp when called from computeSSDMeanNorm in modules/video/src/dis_flow.cpp.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-16249
|
2024-11-21 13:30 |
2019-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223038
|
5.5 |
MEDIUM
Local
|
telegram
|
telegram
|
The "delete for" feature in Telegram before 5.11 on Android does not delete shared media files from the Telegram Images directory. In other words, there is a potentially misleading UI indication that…
|
NVD-CWE-noinfo
|
CVE-2019-16248
|
2024-11-21 13:30 |
2019-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223039
|
7.8 |
HIGH
Local
|
deltaww
|
dcisoft
|
Delta DCISoft 1.21 has a User Mode Write AV starting at CommLib!CCommLib::SetSerializeData+0x000000000000001b.
|
NVD-CWE-noinfo
|
CVE-2019-16247
|
2024-11-21 13:30 |
2019-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223040
|
7.5 |
HIGH
Network
|
dino
canonical
fedoraproject
debian
|
dino
ubuntu_linux
fedora
debian_linux
|
Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep/0313_message_archive_management.vala.
|
CWE-346
Origin Validation Error
|
CVE-2019-16237
|
2024-11-21 13:30 |
2019-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
