|
213521
|
9.8 |
CRITICAL
Network
|
d-link
|
dir-822_firmware
|
D-Link DIR-822 Rev.Bx devices with firmware v.202KRb06 and older allow a buffer overflow via long MacAddress data in a /HNAP1/SetClientInfo HNAP protocol message, which is mishandled in /usr/sbin/udh…
|
CWE-120
Classic Buffer Overflow
|
CVE-2019-6258
|
2024-11-21 13:46 |
2020-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213522
|
7.3 |
HIGH
Local
|
lenovo
|
installation_package
|
A symbolic link vulnerability in some Lenovo installation packages, prior to version 1.2.9.3, could allow privileged file operations during file extraction and installation.
|
CWE-426
Untrusted Search Path
|
CVE-2019-6196
|
2024-11-21 13:46 |
2020-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213523
|
6.5 |
MEDIUM
Local
|
lenovo
|
installation_package
|
A DLL search path vulnerability could allow privilege escalation in some Lenovo installation packages, prior to version 1.2.9.3, during installation if an attacker already has administrative privileg…
|
CWE-426
Untrusted Search Path
|
CVE-2019-6173
|
2024-11-21 13:46 |
2020-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213524
|
9.8 |
CRITICAL
Network
|
drupal
|
drupal
|
An access bypass vulnerability exists when the experimental Workspaces module in Drupal 8 core is enabled. This can be mitigated by disabling the Workspaces module. It does not affect any release oth…
|
NVD-CWE-noinfo
|
CVE-2019-6342
|
2024-11-21 13:46 |
2020-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213525
|
9.8 |
CRITICAL
Network
|
apple
|
mac_os_x
iphone_os
tvos
|
A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2. An attacker in a privileged network position may be able to intercept net…
|
NVD-CWE-noinfo
|
CVE-2019-6203
|
2024-11-21 13:46 |
2020-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213526
|
7.5 |
HIGH
Network
|
auto-maskin
|
rp_210e_firmware
dcu_210e_firmware
marine_pro_observer
|
In Auto-Maskin RP210E Versions 3.7 and prior, DCU210E Versions 3.7 and prior and Marine Observer Pro (Android App), the software contains a mechanism for users to recover or change their passwords wi…
|
CWE-521
Weak Password Requirements
|
CVE-2019-6558
|
2024-11-21 13:46 |
2020-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213527
|
9.1 |
CRITICAL
Network
|
auto-maskin
|
rp210e_firmware
dcu_210_firmware
marine_pro_observer
|
In Auto-Maskin RP210E Versions 3.7 and prior, DCU210E Versions 3.7 and prior and Marine Observer Pro (Android App), the software contains a mechanism for users to recover or change their passwords wi…
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2019-6560
|
2024-11-21 13:46 |
2020-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213528
|
6.1 |
MEDIUM
Network
|
fortinet
|
fortios
|
An improper input validation vulnerability in FortiOS 6.2.1, 6.2.0, 6.0.8 and below until 5.4.0 under admin webUI may allow an attacker to perform an URL redirect attack via a specifically crafted re…
|
CWE-20
CWE-601
Improper Input Validation
Open Redirect
|
CVE-2019-6696
|
2024-11-21 13:46 |
2020-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213529
|
5.4 |
MEDIUM
Network
|
fortinet
|
fortiadc
|
An improper neutralization of input vulnerability in Fortinet FortiADC 5.3.3 and earlier may allow an attacker to execute a stored Cross Site Scripting (XSS) via a field in the traffic group interfac…
|
CWE-79
Cross-site Scripting
|
CVE-2019-6699
|
2024-11-21 13:46 |
2020-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213530
|
6.1 |
MEDIUM
Network
|
siemens
|
scalance_s602_firmware
scalance_s612_firmware
scalance_s623_firmware
scalance_s627-2m_firmware
|
A vulnerability has been identified in SCALANCE S602 (All versions >= V3.0 and < V4.1), SCALANCE S612 (All versions >= V3.0 and < V4.1), SCALANCE S623 (All versions >= V3.0 and < V4.1), SCALANCE S627…
|
-
|
CVE-2019-6585
|
2024-11-21 13:46 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
