|
221711
|
9.8 |
CRITICAL
Network
|
arlo
|
vmb3010_firmware
vmb4000_firmware
vmb3500_firmware
vmb4500_firmware
vmb5000_firmware
|
Arlo Basestation firmware 1.12.0.1_27940 and prior contain a hardcoded username and password combination that allows root access to the device when an onboard serial interface is connected to.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2019-3950
|
2024-11-21 13:42 |
2019-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221712
|
9.8 |
CRITICAL
Network
|
arlo
|
vmb3010_firmware
vmb4000_firmware
vmb3500_firmware
vmb4500_firmware
vmb5000_firmware
|
Arlo Basestation firmware 1.12.0.1_27940 and prior firmware contain a networking misconfiguration that allows access to restricted network interfaces. This could allow an attacker to upload or downlo…
|
CWE-16
Configuration
|
CVE-2019-3949
|
2024-11-21 13:42 |
2019-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221713
|
4.9 |
MEDIUM
Network
|
mcafee
|
epolicy_orchestrator
|
Information Disclosure vulnerability in the Agent Handler in McAfee ePolicy Orchestrator (ePO) 5.9.x and 5.10.0 prior to 5.10.0 update 4 allows remote unauthenticated attacker to view sensitive infor…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2019-3619
|
2024-11-21 13:42 |
2019-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221714
|
3.3 |
LOW
Local
|
tenable
|
nessus
|
Content Injection vulnerability in Tenable Nessus prior to 8.5.0 may allow an authenticated, local attacker to exploit this vulnerability by convincing another targeted Nessus user to view a maliciou…
|
CWE-79
Cross-site Scripting
|
CVE-2019-3962
|
2024-11-21 13:42 |
2019-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221715
|
8.8 |
HIGH
Network
|
mcafee
|
enterprise_security_manager
|
Directory Traversal vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to gain elevated privileges via specially crafted input.
|
CWE-22
Path Traversal
|
CVE-2019-3632
|
2024-11-21 13:42 |
2019-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221716
|
7.2 |
HIGH
Network
|
mcafee
|
enterprise_security_manager
|
Command Injection vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to execute arbitrary code via specially crafted parameters.
|
CWE-78
OS Command
|
CVE-2019-3631
|
2024-11-21 13:42 |
2019-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221717
|
7.2 |
HIGH
Network
|
mcafee
|
enterprise_security_manager
|
Command Injection vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to execute arbitrary code via specially crafted parameters.
|
CWE-78
OS Command
|
CVE-2019-3630
|
2024-11-21 13:42 |
2019-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221718
|
6.5 |
MEDIUM
Network
|
mcafee
|
enterprise_security_manager
|
Application protection bypass vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows unauthenticated user to impersonate system users via specially craft…
|
NVD-CWE-noinfo
|
CVE-2019-3629
|
2024-11-21 13:42 |
2019-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221719
|
8.8 |
HIGH
Network
|
mcafee
|
enterprise_security_manager
|
Privilege escalation in McAfee Enterprise Security Manager (ESM) 11.x prior to 11.2.0 allows authenticated user to gain access to a core system component via incorrect access control.
|
NVD-CWE-noinfo
|
CVE-2019-3628
|
2024-11-21 13:42 |
2019-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221720
|
7.5 |
HIGH
Network
|
facebook
|
hhvm
|
HHVM, when used with FastCGI, would bind by default to all available interfaces. This behavior could allow a malicious individual unintended direct access to the application, which could result in in…
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2019-3569
|
2024-11-21 13:42 |
2019-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
