|
224961
|
8.8 |
HIGH
Network
|
bmcsoftware
|
control-m\/agent
|
BMC Control-M/Agent 7.0.00.000 has an Insecure File Copy.
|
CWE-269
Improper Privilege Management
|
CVE-2019-19216
|
2024-11-21 13:34 |
2020-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224962
|
8.8 |
HIGH
Network
|
bmcsoftware
|
control-m\/agent
|
A buffer overflow vulnerability in BMC Control-M/Agent 7.0.00.000 when the On-Do action destination is Mail and the Control-M/Agent is configured to send the email, allows remote attackers to have un…
|
CWE-120
Classic Buffer Overflow
|
CVE-2019-19215
|
2024-11-21 13:34 |
2020-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224963
|
7.2 |
HIGH
Network
|
inogard
|
activex
|
AxECM.cab(ActiveX Control) in Inogard Ebiz4u contains a vulnerability that could allow remote files to be downloaded and executed by setting arguments to the activeX method. Download of Code Without …
|
CWE-494
Download of Code Without Integrity Check
|
CVE-2019-19165
|
2024-11-21 13:34 |
2020-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224964
|
7.5 |
HIGH
Network
|
br-automation
|
automation_studio
|
A directory traversal vulnerability in SharpZipLib used in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x and 4.2.x allow unauthenticated users to write to certain local directori…
|
CWE-22
Path Traversal
|
CVE-2019-19102
|
2024-11-21 13:34 |
2020-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224965
|
5.9 |
MEDIUM
Network
|
br-automation
|
automation_studio
|
A missing secure communication definition and an incomplete TLS validation in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x, 4.2.x, < 4.3.11SP, < 4.4.9SP, < 4.5.5SP, < 4.6.4 and …
|
CWE-295
Improper Certificate Validation
|
CVE-2019-19101
|
2024-11-21 13:34 |
2020-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224966
|
7.1 |
HIGH
Local
|
br-automation
|
automation_studio
|
A privilege escalation vulnerability in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x, 4.2.x, < 4.3.11SP, < 4.4.9SP, < 4.5.4SP, <. 4.6.3SP, < 4.7.2 and < 4.8.1 allow authenticate…
|
NVD-CWE-Other
|
CVE-2019-19100
|
2024-11-21 13:34 |
2020-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224967
|
5.5 |
MEDIUM
Local
|
abb
busch-jaeger
|
tg\/s3.2_firmware
6186\/11_firmware
|
The Configuration pages in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway for user profiles and services transfer the password in plaintext (although hidden when displayed).
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2019-19107
|
2024-11-21 13:34 |
2020-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224968
|
9.1 |
CRITICAL
Network
|
abb
busch-jaeger
|
tg\/s3.2_firmware
6186\/11_firmware
|
Improper implementation of Access Control in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows an unauthorized user to access data marked as restricted, such as viewing o…
|
NVD-CWE-Other
|
CVE-2019-19106
|
2024-11-21 13:34 |
2020-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224969
|
5.5 |
MEDIUM
Local
|
abb
busch-jaeger
|
tg\/s3.2_firmware
6186\/11_firmware
|
The backup function in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway saves the current settings and configuration of the application, including credentials of existing user …
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2019-19105
|
2024-11-21 13:34 |
2020-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224970
|
9.8 |
CRITICAL
Network
|
abb
busch-jaeger
|
tg\/s3.2_firmware
6186\/11_firmware
|
The web server in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows access to different endpoints of the application without authenticating by accessing a specific unifor…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2019-19104
|
2024-11-21 13:34 |
2020-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
