|
211711
|
9.8 |
CRITICAL
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Insecure Permissions.
|
NVD-CWE-noinfo
|
CVE-2019-9485
|
2024-11-21 13:51 |
2019-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211712
|
5.5 |
MEDIUM
Local
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 3 of 5).
|
CWE-20
Improper Input Validation
|
CVE-2019-9221
|
2024-11-21 13:51 |
2019-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211713
|
9.8 |
CRITICAL
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 1 of 5).
|
NVD-CWE-noinfo
|
CVE-2019-9218
|
2024-11-21 13:51 |
2019-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211714
|
7.5 |
HIGH
Network
|
aware
|
knomi
|
The Face authentication component in Aware mobile liveness 2.2.1 sdk 2.2.0 for Knomi allows a Biometrical Liveness authentication bypass via parameter tampering of the /knomi/analyze security_level f…
|
NVD-CWE-noinfo
|
CVE-2019-9196
|
2024-11-21 13:51 |
2019-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211715
|
9.8 |
CRITICAL
Network
|
gracemedia_media_player_project
|
gracemedia_media_player
|
The GraceMedia Media Player plugin 1.0 for WordPress allows Local File Inclusion via the "cfg" parameter.
|
CWE-22
Path Traversal
|
CVE-2019-9618
|
2024-11-21 13:51 |
2019-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211716
|
9.8 |
CRITICAL
Network
|
printerlogic
|
print_management
|
The PrinterLogic Print Management software, versions up to and including 18.3.1.96, does not sanitize special characters allowing for remote unauthorized changes to configuration files. An unauthenti…
|
NVD-CWE-Other
|
CVE-2019-9505
|
2024-11-21 13:51 |
2019-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211717
|
8.8 |
HIGH
Network
|
strato
telekom
ionos
|
hidrive_desktop_client
magentacloud
1\&1_online_storage
|
STRATO HiDrive Desktop Client 5.0.1.0 for Windows suffers from a SYSTEM privilege escalation vulnerability through the HiDriveMaintenanceService service. This service establishes a NetNamedPipe endpo…
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2019-9486
|
2024-11-21 13:51 |
2019-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211718
|
7.5 |
HIGH
Network
|
zimbra
|
collaboration_server
|
Zimbra Collaboration Suite before 8.6 patch 13, 8.7.x before 8.7.11 patch 10, and 8.8.x before 8.8.10 patch 7 or 8.8.x before 8.8.11 patch 3 allows SSRF via the ProxyServlet component.
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2019-9621
|
2024-11-21 13:51 |
2019-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211719
|
7.8 |
HIGH
Local
|
datools
|
daviewindy
|
DaviewIndy 8.98.7 and earlier versions have a Integer overflow vulnerability, triggered when the user opens a malformed PDF file that is mishandled by Daview.exe. Attackers could exploit this and arb…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2019-9139
|
2024-11-21 13:51 |
2019-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211720
|
7.8 |
HIGH
Local
|
datools
|
daviewindy
|
DaviewIndy 8.98.7 and earlier versions have a Integer overflow vulnerability, triggered when the user opens a malformed PhotoShop file that is mishandled by Daview.exe. Attackers could exploit this a…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2019-9138
|
2024-11-21 13:51 |
2019-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
