|
223311
|
9.8 |
CRITICAL
Network
|
nxp
|
kinetis_kv1x_firmware
kinetis_kv3x_firmware
kinetis_k8x_firmware
|
On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls (FAC) (a software IP protection method for execute-only access) can be defeated by observing CPU registers and the ef…
|
CWE-863
Incorrect Authorization
|
CVE-2019-14237
|
2024-11-21 13:26 |
2019-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223312
|
9.8 |
CRITICAL
Network
|
st
|
stm32l0_firmware
stm32l1_firmware
stm32f4_firmware
stm32l4_firmware
stm32f7_firmware
stm32h7_firmware
|
On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices, Proprietary Code Read Out Protection (PCROP) (a software IP protection method) can be defeated by observing CPU…
|
CWE-863
Incorrect Authorization
|
CVE-2019-14236
|
2024-11-21 13:26 |
2019-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223313
|
9.8 |
CRITICAL
Network
|
vivotek
|
camera
|
VIVOTEK IP Camera devices with firmware before 0x20x have a stack-based buffer overflow via a crafted HTTP header.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-14457
|
2024-11-21 13:26 |
2019-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223314
|
6.1 |
MEDIUM
Network
|
alfresco
|
alfresco
|
An issue was discovered in Alfresco Community Edition versions below 5.2.6, 6.0.N and 6.1.N. The Alfresco Share application is vulnerable to an Open Redirect attack via a crafted POST request. By man…
|
CWE-601
Open Redirect
|
CVE-2019-14223
|
2024-11-21 13:26 |
2019-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223315
|
7.2 |
HIGH
Network
|
alfresco
|
alfresco
|
An issue was discovered in Alfresco Community Edition 5.2 201707. By leveraging multiple components in the Alfresco Software applications, an exploit chain was observed that allows an attacker to ach…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2019-14224
|
2024-11-21 13:26 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223316
|
9.8 |
CRITICAL
Network
|
alfresco
|
alfresco
|
An issue was discovered in Alfresco Community Edition versions 6.0 and lower. An unauthenticated, remote attacker could authenticate to Alfresco's Solr Web Admin Interface. The vulnerability is due t…
|
CWE-1188
Insecure Default Initialization of Resource
|
CVE-2019-14222
|
2024-11-21 13:26 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223317
|
5.5 |
MEDIUM
Local
|
canon
|
print
|
The ContentProvider in the Canon PRINT jp.co.canon.bsd.ad.pixmaprint 2.5.5 application for Android does not properly restrict canon.ij.printer.capability.data data access. This allows an attacker's m…
|
NVD-CWE-noinfo
|
CVE-2019-14339
|
2024-11-21 13:26 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223318
|
5.3 |
MEDIUM
Network
|
knowage-suite
|
knowage
|
In Knowage through 6.1.1, an unauthenticated user can enumerated valid usernames via the ChangePwdServlet page.
|
NVD-CWE-noinfo
|
CVE-2019-14278
|
2024-11-21 13:26 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223319
|
6.1 |
MEDIUM
Network
|
instagram-php-api_project
userproplugin
|
instagram-php-api
user_pro
|
cosenary Instagram-PHP-API (aka Instagram PHP API V2), as used in the UserPro plugin through 4.9.32 for WordPress, has XSS via the example/success.php error_description parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2019-14470
|
2024-11-21 13:26 |
2019-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223320
|
6.5 |
MEDIUM
Adjacent
|
tiktok
|
tiktok
|
The TikTok (formerly Musical.ly) application 12.2.0 for Android and iOS performs unencrypted transmission of images, videos, and likes. This allows an attacker to extract private sensitive informatio…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2019-14319
|
2024-11-21 13:26 |
2019-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
