|
212641
|
8.8 |
HIGH
Network
|
dlink
|
dir-878_firmware
|
An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injecti…
|
CWE-78
OS Command
|
CVE-2019-8316
|
2024-11-21 13:49 |
2019-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212642
|
8.8 |
HIGH
Network
|
dlink
|
dir-878_firmware
|
An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injecti…
|
CWE-78
OS Command
|
CVE-2019-8315
|
2024-11-21 13:49 |
2019-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212643
|
8.8 |
HIGH
Network
|
dlink
|
dir-878_firmware
|
An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injecti…
|
CWE-78
OS Command
|
CVE-2019-8314
|
2024-11-21 13:49 |
2019-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212644
|
8.8 |
HIGH
Network
|
dlink
|
dir-878_firmware
|
An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injecti…
|
CWE-78
OS Command
|
CVE-2019-8313
|
2024-11-21 13:49 |
2019-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212645
|
8.8 |
HIGH
Network
|
dlink
|
dir-878_firmware
|
An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injecti…
|
CWE-78
OS Command
|
CVE-2019-8312
|
2024-11-21 13:49 |
2019-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212646
|
8.2 |
HIGH
Local
|
flatpak
debian
redhat
|
flatpak
debian_linux
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_tus
enterprise_linux_server_eus
enterprise_linux_server…
|
Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sandbox, which allows attackers to modify a host-side executable file.
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2019-8308
|
2024-11-21 13:49 |
2019-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212647
|
5.5 |
MEDIUM
Local
|
adobe
|
acrobat_dc
acrobat_reader_dc
|
Adobe Acrobat Reader versions 2019.010.20098 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnera…
|
-
|
CVE-2019-7819
|
2024-11-21 13:48 |
2023-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212648
|
9.8 |
CRITICAL
Network
|
nukeviet
|
nukeviet
|
modules/banners/funcs/click.php in NukeViet before 4.3.04 has a SQL INSERT statement with raw header data from an HTTP request (e.g., Referer and User-Agent).
|
CWE-89
SQL Injection
|
CVE-2019-7726
|
2024-11-21 13:48 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212649
|
9.8 |
CRITICAL
Network
|
nukeviet
|
nukeviet
|
includes/core/is_user.php in NukeViet before 4.3.04 deserializes the untrusted nvloginhash cookie (i.e., the code relies on PHP's serialization format when JSON can be used to eliminate the risk).
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2019-7725
|
2024-11-21 13:48 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212650
|
8.8 |
HIGH
Network
|
intelliants
|
subrion_cms
|
Subrion CMS 4.2.1 has CSRF in panel/modules/plugins/. The attacker can remotely activate/deactivate the plugins.
|
CWE-352
Origin Validation Error
|
CVE-2019-7357
|
2024-11-21 13:48 |
2020-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
