|
211871
|
6.1 |
MEDIUM
Network
|
wuzhicms
|
wuzhi_cms
|
XSS exists in WUZHI CMS 4.1.0 via index.php?m=message&f=message&v=add&username=[XSS] to coreframe/app/message/message.php.
|
CWE-79
Cross-site Scripting
|
CVE-2019-9109
|
2024-11-21 13:51 |
2019-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211872
|
7.5 |
HIGH
Network
|
flexera
|
flexnet_publisher
|
A Denial of Service (DoS) vulnerability was discovered in FlexNet Publisher's lmadmin 11.16.5, when doing a crafted POST request on lmadmin using the web-based tool.
|
NVD-CWE-noinfo
|
CVE-2019-8963
|
2024-11-21 13:50 |
2023-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211873
|
8.8 |
HIGH
Network
|
webkitgtk
wpewebkit
redhat
|
webkitgtk
wpe_webkit
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_for_scientific_computing
enterprise_linux_server
enterprise_linux_for_power_little_endian…
|
A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple m…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2019-8720
|
2024-11-21 13:50 |
2023-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211874
|
5.3 |
MEDIUM
Network
|
pilz
|
pmc
|
In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), an attacker can identify valid usernames.
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2019-9011
|
2024-11-21 13:50 |
2022-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211875
|
9.8 |
CRITICAL
Network
|
apple
|
iphone_os
mac_os_x
watchos
tvos
|
This issue was addressed with improved entitlements. This issue is fixed in watchOS 6, tvOS 13, macOS Catalina 10.15, iOS 13. An application may be able to gain elevated privileges.
|
NVD-CWE-noinfo
|
CVE-2019-8703
|
2024-11-21 13:50 |
2021-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211876
|
5.5 |
MEDIUM
Local
|
apple
|
mac_os_x
tvos
iphone_os
|
This issue was addressed with a new entitlement. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra, iOS 12.4, tvOS 12.4. A local user …
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2019-8702
|
2024-11-21 13:50 |
2021-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211877
|
9.8 |
CRITICAL
Network
|
apple
|
mac_os_x
|
CVE-2019-8643: Arun Sharma of VMWare This issue is fixed in macOS Mojave 10.14. Description: A logic issue was addressed with improved state management..
|
NVD-CWE-noinfo
|
CVE-2019-8643
|
2024-11-21 13:50 |
2021-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211878
|
8.8 |
HIGH
Adjacent
|
bluez
debian
|
bluez
debian_linux
|
A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn't any check on whether there is enough space in the destination buffer. The function simply appends all data…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-8922
|
2024-11-21 13:50 |
2021-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211879
|
6.5 |
MEDIUM
Adjacent
|
bluez
debian
|
bluez
debian_linux
|
An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVC_ATTR_REQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to tric…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2019-8921
|
2024-11-21 13:50 |
2021-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211880
|
7.5 |
HIGH
Network
|
cmsmadesimple
|
cms_made_simple
|
An issue was discovered in CMS Made Simple 2.2.8. It is possible to achieve unauthenticated path traversal in the CGExtensions module (in the file action.setdefaulttemplate.php) with the m1_filename …
|
CWE-22
Path Traversal
|
CVE-2019-9060
|
2024-11-21 13:50 |
2021-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
