|
212381
|
9.8 |
CRITICAL
Network
|
adobe
|
coldfusion
|
ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Command Injection via Vulnerable component vulnerability. Successful exploitation could lead to Arbitrary code …
|
CWE-77
Command Injection
|
CVE-2019-8073
|
2024-11-21 13:49 |
2019-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212382
|
7.5 |
HIGH
Network
|
adobe
|
coldfusion
|
ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Security bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of t…
|
NVD-CWE-noinfo
|
CVE-2019-8072
|
2024-11-21 13:49 |
2019-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212383
|
6.1 |
MEDIUM
Network
|
open-emr
|
openemr
|
OpenEMR v5.0.1-6 allows XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2019-8368
|
2024-11-21 13:49 |
2019-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212384
|
7.2 |
HIGH
Network
|
open-emr
|
openemr
|
OpenEMR v5.0.1-6 allows code execution.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2019-8371
|
2024-11-21 13:49 |
2019-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212385
|
7.8 |
HIGH
Local
|
adobe
|
application_manager
|
Adobe application manager installer version 10.0 have an Insecure Library Loading (DLL hijacking) vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the c…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2019-8076
|
2024-11-21 13:49 |
2019-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212386
|
9.8 |
CRITICAL
Network
|
adobe
|
flash_player_desktop_runtime
flash_player
|
Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Use after free vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context …
|
CWE-416
Use After Free
|
CVE-2019-8070
|
2024-11-21 13:49 |
2019-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212387
|
9.8 |
CRITICAL
Network
|
adobe
|
flash_player_desktop_runtime
flash_player
|
Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Same Origin Method Execution vulnerability. Successful exploitation could lead to Arbitrary Code Execution i…
|
CWE-346
Origin Validation Error
|
CVE-2019-8069
|
2024-11-21 13:49 |
2019-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212388
|
6.5 |
MEDIUM
Network
|
atlassian
|
jira_server
|
The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.4.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF) vul…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2019-8451
|
2024-11-21 13:49 |
2019-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212389
|
4.8 |
MEDIUM
Network
|
atlassian
|
jira_server
|
Various templates of the Optimization plugin in Jira before version 7.13.6, and from version 8.0.0 before version 8.4.0 allow remote attackers who have permission to manage custom fields to inject ar…
|
CWE-79
Cross-site Scripting
|
CVE-2019-8450
|
2024-11-21 13:49 |
2019-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212390
|
5.3 |
MEDIUM
Network
|
atlassian
|
jira
|
The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote attackers to enumerate usernames via an information disclosure vulnerability.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2019-8449
|
2024-11-21 13:49 |
2019-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
