|
221951
|
6.1 |
MEDIUM
Physics
|
linux
|
linux_kernel
|
In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d.
|
CWE-416
Use After Free
|
CVE-2019-19528
|
2024-11-21 13:34 |
2019-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221952
|
6.8 |
MEDIUM
Physics
|
linux
debian
opensuse
|
linux_kernel
debian_linux
leap
|
In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver, aka CID-9c09b214f30e.
|
CWE-416
Use After Free
|
CVE-2019-19527
|
2024-11-21 13:34 |
2019-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221953
|
4.6 |
MEDIUM
Physics
|
linux
canonical
opensuse
|
linux_kernel
ubuntu_linux
leap
|
In the Linux kernel before 5.3.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/nfc/pn533/usb.c driver, aka CID-6af3aa57a098.
|
CWE-416
Use After Free
|
CVE-2019-19526
|
2024-11-21 13:34 |
2019-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221954
|
4.6 |
MEDIUM
Physics
|
linux
debian
opensuse
|
linux_kernel
debian_linux
leap
|
In the Linux kernel before 5.3.6, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035.
|
CWE-416
Use After Free
|
CVE-2019-19525
|
2024-11-21 13:34 |
2019-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221955
|
4.6 |
MEDIUM
Physics
|
linux
debian
canonical
|
linux_kernel
debian_linux
ubuntu_linux
|
In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9.
|
CWE-416
Use After Free
|
CVE-2019-19524
|
2024-11-21 13:34 |
2019-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221956
|
4.6 |
MEDIUM
Physics
|
linux
debian
opensuse
|
linux_kernel
debian_linux
leap
|
In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79.
|
CWE-416
Use After Free
|
CVE-2019-19523
|
2024-11-21 13:34 |
2019-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221957
|
6.5 |
MEDIUM
Network
|
intelbras
|
wrn_150_firmware
|
Intelbras WRN 150 1.0.18 devices allow CSRF via GO=system_password.asp to the goform/SysToolChangePwd URI to change a password.
|
CWE-352
Origin Validation Error
|
CVE-2019-19516
|
2024-11-21 13:34 |
2019-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221958
|
7.5 |
HIGH
Network
|
hashicorp
|
terraform
|
When using the Azure backend with a shared access signature (SAS), Terraform versions prior to 0.12.17 may transmit the token and state snapshot using cleartext HTTP.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2019-19316
|
2024-11-21 13:34 |
2019-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221959
|
5.3 |
MEDIUM
Network
|
json_pattern_validator_project
|
json_pattern_validator
|
In jpv (aka Json Pattern Validator) before 2.1.1, compareCommon() can be bypassed because certain internal attributes can be overwritten via a conflicting name, as demonstrated by 'constructor': {'na…
|
CWE-287
Improper Authentication
|
CVE-2019-19507
|
2024-11-21 13:34 |
2019-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221960
|
9.8 |
CRITICAL
Network
|
titanhq
|
webtitan
|
An issue was discovered in TitanHQ WebTitan before 5.18. It has a hidden support account (with a hard-coded password) in the web administration interface, with administrator privileges. Anybody can l…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2019-19021
|
2024-11-21 13:34 |
2019-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
