|
222581
|
6.5 |
MEDIUM
Network
|
tibco
|
spotfire_server
spotfire_analytics_platform_for_aws
|
The Data access layer component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains multiple vulnerabilities that theoretically allow an …
|
NVD-CWE-noinfo
|
CVE-2019-17335
|
2024-11-21 13:32 |
2019-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222582
|
8.0 |
HIGH
Network
|
tibco
|
spotfire_analyst
spotfire_desktop
spotfire_analytics_platform_for_aws
spotfire_desktop_language_packs
spotfire_deployment_kit
|
The Visualizations component of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Deployment Kit, TIBCO Spotfire Desktop, and TIBCO S…
|
CWE-276
Incorrect Default Permissions
|
CVE-2019-17334
|
2024-11-21 13:32 |
2019-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222583
|
8.8 |
HIGH
Network
|
trendmicro
|
deep_security_as_a_service
|
A privilege escalation vulnerability in the Trend Micro Deep Security as a Service Quick Setup cloud formation template could allow an authenticated entity with certain unrestricted AWS execution pri…
|
CWE-459
Incomplete Cleanup
|
CVE-2019-18191
|
2024-11-21 13:32 |
2019-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222584
|
9.8 |
CRITICAL
Network
|
omron
|
plc_cs_firmware
plc_cj_firmware
|
Omron’s CS and CJ series PLCs have an unrestricted externally accessible lock vulnerability.
|
NVD-CWE-Other
|
CVE-2019-18269
|
2024-11-21 13:32 |
2019-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222585
|
9.8 |
CRITICAL
Network
|
omron
|
plc_nj_firmware
plc_cs_firmware
plc_cj_firmware
|
In Omron PLC CS series, all versions, Omron PLC CJ series, all versions, and Omron PLC NJ series, all versions, the software does not implement sufficient measures to prevent multiple failed authenti…
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2019-18261
|
2024-11-21 13:32 |
2019-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222586
|
9.8 |
CRITICAL
Network
|
omron
|
plc_cs_firmware
plc_cj_firmware
|
In Omron PLC CJ series, all versions and Omron PLC CS series, all versions, an attacker could spoof arbitrary messages or execute commands.
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2019-18259
|
2024-11-21 13:32 |
2019-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222587
|
9.8 |
CRITICAL
Network
|
skymee
petwant
|
petalk_ai_firmware
pf-103_firmware
|
The processCommandUploadLog() function of libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user.
|
CWE-78
OS Command
|
CVE-2019-17364
|
2024-11-21 13:32 |
2019-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222588
|
6.1 |
MEDIUM
Network
|
expresstech
|
quiz_and_survey_master
|
The quiz-master-next (aka Quiz And Survey Master) plugin before 6.3.5 for WordPress is affected by: Cross Site Scripting (XSS). The impact is: Allows an attacker to execute arbitrary HTML and JavaScr…
|
CWE-79
Cross-site Scripting
|
CVE-2019-17599
|
2024-11-21 13:32 |
2019-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222589
|
7.8 |
HIGH
Local
|
siemens
|
sppa-t3000_ms3000_migration_server
|
A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with local access to the MS3000 Server and low privileges could gain root privileges by sending s…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-18297
|
2024-11-21 13:32 |
2019-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222590
|
5.9 |
MEDIUM
Network
|
intesync
|
solismed
|
An issue was discovered in Intesync Solismed 3.3sp1. An flaw in the encryption implementation exists, allowing for all encrypted data stored within the database to be decrypted.
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2019-17428
|
2024-11-21 13:32 |
2019-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
