|
211321
|
9.8 |
CRITICAL
Network
|
oembed_project
|
oembed
|
plugin.js in the w8tcha oEmbed plugin before 2019-03-14 for CKEditor mishandles SCRIPT elements.
|
CWE-19
Data Processing Errors
|
CVE-2019-9870
|
2024-11-21 13:52 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211322
|
7.2 |
HIGH
Network
|
veritas
|
netbackup_appliance
|
An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The SMTP password is displayed to an administrator.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2019-9868
|
2024-11-21 13:52 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211323
|
7.2 |
HIGH
Network
|
veritas
|
netbackup_appliance
|
An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The proxy server password is displayed to an administrator.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2019-9867
|
2024-11-21 13:52 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211324
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel through 5.0.2, the function inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c neglects to call fsnotify_put_mark() with IN_MASK_CREATE after fsnotify_find_mark()…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2019-9857
|
2024-11-21 13:52 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211325
|
6.1 |
MEDIUM
Network
|
openid
|
openid_connect
|
Doorkeeper::OpenidConnect (aka the OpenID Connect extension for Doorkeeper) 1.4.x and 1.5.x before 1.5.4 has an open redirect via the redirect_uri field in an OAuth authorization request (that result…
|
CWE-601
Open Redirect
|
CVE-2019-9837
|
2024-11-21 13:52 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211326
|
9.6 |
CRITICAL
Adjacent
|
fujitsu
|
lx901_firmware
gk900_firmware
|
The receiver (aka bridge) component of Fujitsu Wireless Keyboard Set LX901 GK900 devices allows Keystroke Injection. This occurs because it accepts unencrypted 2.4 GHz packets, even though all legiti…
|
NVD-CWE-noinfo
|
CVE-2019-9835
|
2024-11-21 13:52 |
2019-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211327
|
7.5 |
HIGH
Network
|
screen_stream_project
|
screen_stream
|
The Screen Stream application through 3.0.15 for Android allows remote attackers to cause a denial of service via many simultaneous /start-stop requests.
|
NVD-CWE-noinfo
|
CVE-2019-9833
|
2024-11-21 13:52 |
2019-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211328
|
7.5 |
HIGH
Network
|
airdrop_project
|
airdrop
|
The AirDrop application through 2.0 for Android allows remote attackers to cause a denial of service via a client that makes many socket connections through a configured port.
|
NVD-CWE-noinfo
|
CVE-2019-9832
|
2024-11-21 13:52 |
2019-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211329
|
7.5 |
HIGH
Network
|
airmore
|
airmore
|
The AirMore application through 1.6.1 for Android allows remote attackers to cause a denial of service (system hang) via many simultaneous /?Key=PhoneRequestAuthorization requests.
|
NVD-CWE-noinfo
|
CVE-2019-9831
|
2024-11-21 13:52 |
2019-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211330
|
6.1 |
MEDIUM
Network
|
netdata
|
netdata
|
The Netdata web application through 1.13.0 allows remote attackers to inject their own malicious HTML code into an imported snapshot, aka HTML Injection. Successful exploitation will allow attacker-s…
|
CWE-79
Cross-site Scripting
|
CVE-2019-9834
|
2024-11-21 13:52 |
2019-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
