|
212671
|
5.4 |
MEDIUM
Network
|
elastic
|
kibana
|
Kibana versions before 6.8.6 and 7.5.1 contain a cross site scripting (XSS) flaw in the coordinate and region map visualizations. An attacker with the ability to create coordinate map visualizations …
|
CWE-79
Cross-site Scripting
|
CVE-2019-7621
|
2024-11-21 13:48 |
2019-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212672
|
7.5 |
HIGH
Network
|
sonicwall
|
sma_100_firmware
|
Vulnerability in SonicWall SMA100 allow unauthenticated user to gain read-only access to unauthorized resources. This vulnerablity impacted SMA100 version 9.0.0.3 and earlier.
|
CWE-89
SQL Injection
|
CVE-2019-7481
|
2024-11-21 13:48 |
2019-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212673
|
7.8 |
HIGH
Local
|
autodesk
|
fbx_software_development_kit
|
Buffer overflow vulnerability in Autodesk FBX Software Development Kit version 2019.5. A user may be tricked into opening a malicious FBX file which may exploit a buffer overflow vulnerability causin…
|
CWE-120
Classic Buffer Overflow
|
CVE-2019-7366
|
2024-11-21 13:48 |
2019-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212674
|
7.8 |
HIGH
Local
|
autodesk
|
autodesk_desktop
|
DLL preloading vulnerability in Autodesk Desktop Application versions 7.0.16.29 and earlier. An attacker may trick a user into downloading a malicious DLL file into the working directory, which may t…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2019-7365
|
2024-11-21 13:48 |
2019-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212675
|
8.3 |
HIGH
Network
|
cloudera
|
cdh
|
An issue was discovered in Cloudera Hue 6.0.0 through 6.1.0. When using one of following authentication backends: LdapBackend, PamBackend, SpnegoDjangoBackend, RemoteUserDjangoBackend, SAML2Backend, …
|
CWE-269
Improper Privilege Management
|
CVE-2019-7319
|
2024-11-21 13:48 |
2019-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212676
|
7.5 |
HIGH
Network
|
elastic
|
logstash
|
Logstash versions before 7.4.1 and 6.8.4 contain a denial of service flaw in the Logstash Beats input plugin. An unauthenticated user who is able to connect to the port the Logstash beats input could…
|
NVD-CWE-noinfo
|
CVE-2019-7620
|
2024-11-21 13:48 |
2019-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212677
|
5.3 |
MEDIUM
Network
|
elastic
|
elasticsearch
|
Elasticsearch versions 7.0.0-7.3.2 and 6.7.0-6.8.3 contain a username disclosure flaw was found in the API Key service. An unauthenticated attacker could send a specially crafted request and determin…
|
NVD-CWE-noinfo
|
CVE-2019-7619
|
2024-11-21 13:48 |
2019-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212678
|
6.5 |
MEDIUM
Network
|
elastic
|
kibana
|
A local file disclosure flaw was found in Elastic Code versions 7.3.0, 7.3.1, and 7.3.2. If a malicious code repository is imported into Code it is possible to read arbitrary files from the local fil…
|
CWE-22
Path Traversal
|
CVE-2019-7618
|
2024-11-21 13:48 |
2019-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212679
|
7.8 |
HIGH
Local
|
autodesk
|
design_review
|
Use-after-free vulnerability in Autodesk Design Review versions 2011, 2012, 2013, and 2018. An attacker may trick a user into opening a malicious DWF file that may leverage a use-after-free vulnerabi…
|
CWE-416
Use After Free
|
CVE-2019-7363
|
2024-11-21 13:48 |
2019-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212680
|
7.8 |
HIGH
Local
|
autodesk
|
design_review
|
DLL preloading vulnerability in Autodesk Design Review versions 2011, 2012, 2013, and 2018. An attacker may trick a user into opening a malicious DWF file that may leverage a DLL preloading vulnerabi…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2019-7362
|
2024-11-21 13:48 |
2019-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
