|
223181
|
6.7 |
MEDIUM
Local
|
intel
|
snmp_subagent_stand-alone
|
Uncontrolled search path element in the installer for Intel(R) SNMP Subagent Stand-Alone for Windows* may allow an authenticated user to potentially enable escalation of privilege via local access.
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2019-14600
|
2024-11-21 13:27 |
2020-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223182
|
8.8 |
HIGH
Network
|
atlassian
|
bitbucket
|
Bitbucket Server and Bitbucket Data Center from version 4.13. before 5.16.11, from version 6.0.0 before 6.0.11, from version 6.1.0 before 6.1.9, from version 6.2.0 before 6.2.7, from version 6.3.0 be…
|
CWE-269
Improper Privilege Management
|
CVE-2019-15012
|
2024-11-21 13:27 |
2020-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223183
|
8.8 |
HIGH
Network
|
atlassian
|
bitbucket
|
Bitbucket Server and Bitbucket Data Center versions starting from version 3.0.0 before version 5.16.11, from version 6.0.0 before 6.0.11, from version 6.1.0 before 6.1.9, from version 6.2.0 before 6.…
|
CWE-77
Command Injection
|
CVE-2019-15010
|
2024-11-21 13:27 |
2020-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223184
|
8.8 |
HIGH
Network
|
billion
|
sg600_r2_firmware
|
Billion Smart Energy Router SG600R2 Firmware v3.02.rc6 allows an authenticated attacker to gain root execution privileges over the device via a hidden etc_ro/web/adm/system_command.asp shell feature.
|
NVD-CWE-noinfo
|
CVE-2019-14920
|
2024-11-21 13:27 |
2020-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223185
|
7.8 |
HIGH
Local
|
billion
|
sg600_r2_firmware
|
An exposed Telnet Service on the Billion Smart Energy Router SG600R2 with firmware v3.02.rc6 allows a local network attacker to authenticate via hardcoded credentials into a shell, gaining root execu…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2019-14919
|
2024-11-21 13:27 |
2020-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223186
|
5.4 |
MEDIUM
Network
|
billion
|
sg600_r2_firmware
|
XSS in the DHCP lease-status table in Billion Smart Energy Router SG600R2 Firmware v3.02.rc6 allows an attacker to inject arbitrary HTML/JavaScript code to achieve client-side code execution via craf…
|
CWE-79
Cross-site Scripting
|
CVE-2019-14918
|
2024-11-21 13:27 |
2020-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223187
|
4.3 |
MEDIUM
Network
|
redhat
|
keycloak
single_sign-on
jboss_enterprise_application_platform
jboss_fuse
|
It was found that keycloak before version 8.0.0 exposes internal adapter endpoints in org.keycloak.constants.AdapterConstants, which can be invoked via a specially-crafted URL. This vulnerability cou…
|
NVD-CWE-noinfo
|
CVE-2019-14820
|
2024-11-21 13:27 |
2020-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223188
|
9.8 |
CRITICAL
Network
|
libsdl
redhat
|
simple_directmedia_layer
enterprise_linux
|
A flaw was found with the RHSA-2019:3950 erratum, where it did not fix the CVE-2019-13616 SDL vulnerability. This issue only affects Red Hat SDL packages, SDL versions through 1.2.15 and 2.x through …
|
-
|
CVE-2019-14906
|
2024-11-21 13:27 |
2020-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223189
|
8.8 |
HIGH
Network
|
redhat
|
openshift_container_platform
|
A flaw was found during the upgrade of an existing OpenShift Container Platform 3.x cluster. Using CRI-O, the dockergc service account is assigned to the current namespace of the user performing the …
|
-
|
CVE-2019-14819
|
2024-11-21 13:27 |
2020-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223190
|
5.4 |
MEDIUM
Network
|
moodle
|
moodle
|
A vulnerability was found in Moodle versions 3.7.x before 3.7.3, 3.6.x before 3.6.7 and 3.5.x before 3.5.9. When a cohort role assignment was removed, the associated capabilities were not being revok…
|
CWE-273
Improper Check for Dropped Privileges
|
CVE-2019-14879
|
2024-11-21 13:27 |
2020-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
