|
222361
|
7.1 |
HIGH
Local
|
fortinet
|
forticlient
|
A privilege escalation vulnerability in FortiClient for Linux 6.2.1 and below may allow a user with low privilege to overwrite system files as root with arbitrary content through system backup file v…
|
NVD-CWE-noinfo
|
CVE-2019-16155
|
2024-11-21 13:30 |
2020-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222362
|
6.5 |
MEDIUM
Network
|
fortinet
|
forticlient
|
A Denial of service (DoS) vulnerability in FortiClient for Linux 6.2.1 and below may allow an user with low privilege to cause FortiClient processes running under root privilege crashes via sending s…
|
CWE-20
Improper Input Validation
|
CVE-2019-16152
|
2024-11-21 13:30 |
2020-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222363
|
7.5 |
HIGH
Network
|
broadcom
|
fabric_operating_system
|
Brocade Fabric OS Versions before v7.4.2f, v8.2.2a, v8.1.2j and v8.2.1d could expose external passwords, common secrets or authentication keys used between the switch and an external server.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2019-16204
|
2024-11-21 13:30 |
2020-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222364
|
7.5 |
HIGH
Network
|
broadcom
|
fabric_operating_system
|
Brocade Fabric OS Versions before v8.2.2a and v8.2.1d could expose the credentials of the remote ESRS server when these credentials are given as a command line option when configuring the ESRS client.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2019-16203
|
2024-11-21 13:30 |
2020-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222365
|
9.8 |
CRITICAL
Network
|
connectwise
|
control
|
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is a CORS misconfiguration, which reflected the Origin provided by incoming requests. This allo…
|
CWE-346
Origin Validation Error
|
CVE-2019-16517
|
2024-11-21 13:30 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222366
|
5.3 |
MEDIUM
Network
|
connectwise
|
control
|
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is a user enumeration vulnerability, allowing an unauthenticated attacker to determine with cer…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2019-16516
|
2024-11-21 13:30 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222367
|
6.5 |
MEDIUM
Network
|
connectwise
|
control
|
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. Certain HTTP security headers are not used.
|
NVD-CWE-Other
|
CVE-2019-16515
|
2024-11-21 13:30 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222368
|
7.2 |
HIGH
Network
|
connectwise
|
control
|
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. The server allows remote code execution. Administrative users could upload an unsigned extension ZIP …
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2019-16514
|
2024-11-21 13:30 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222369
|
8.8 |
HIGH
Network
|
connectwise
|
control
|
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. CSRF can be used to send API requests.
|
CWE-352
Origin Validation Error
|
CVE-2019-16513
|
2024-11-21 13:30 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222370
|
4.8 |
MEDIUM
Network
|
connectwise
|
control
|
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is stored XSS in the Appearance modifier.
|
CWE-79
Cross-site Scripting
|
CVE-2019-16512
|
2024-11-21 13:30 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
