|
223151
|
6.5 |
MEDIUM
Adjacent
|
espressif
|
esp-idf
arduino-esp32
esp8266_nonos_sdk
|
The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 processes EAP Success messages before any EAP method completion or failure, which allows…
|
NVD-CWE-noinfo
|
CVE-2019-12586
|
2024-11-21 13:23 |
2019-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223152
|
6.5 |
MEDIUM
Adjacent
|
espressif
|
esp8266_nonos_sdk
arduino_esp8266
|
The client 802.11 mac implementation in Espressif ESP8266_NONOS_SDK 2.2.0 through 3.1.0 does not validate correctly the RSN AuthKey suite list count in beacon frames, probe responses, and association…
|
CWE-20
Improper Input Validation
|
CVE-2019-12588
|
2024-11-21 13:23 |
2019-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223153
|
8.1 |
HIGH
Adjacent
|
espressif
|
esp8266_nonos_sdk
esp-idf
|
The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 allows the installation of a zero Pairwise Master Key (PMK) after the completion of any …
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2019-12587
|
2024-11-21 13:23 |
2019-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223154
|
7.8 |
HIGH
Local
|
estsoft
|
alsee
|
A memory corruption vulnerability exists in the .PSD parsing functionality of ALSee v5.3 ~ v8.39. A specially crafted .PSD file can cause an out of bounds write vulnerability resulting in code execut…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-12810
|
2024-11-21 13:23 |
2019-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223155
|
4.8 |
MEDIUM
Network
|
symantec
|
vip
|
Symantec My VIP portal, previous version which has already been auto updated, was susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject cli…
|
CWE-79
Cross-site Scripting
|
CVE-2019-12754
|
2024-11-21 13:23 |
2019-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223156
|
4.9 |
MEDIUM
Network
|
symantec
|
reporter
|
An information disclosure vulnerability in Symantec Reporter web UI 10.3 prior to 10.3.2.5 allows a malicious authenticated administrator user to obtain passwords for external SMTP, FTP, FTPS, LDAP, …
|
NVD-CWE-noinfo
|
CVE-2019-12753
|
2024-11-21 13:23 |
2019-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223157
|
10.0 |
CRITICAL
Network
|
cisco
|
ios_xe
|
A vulnerability in the Cisco REST API virtual service container for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass authentication on the managed Cisco IOS XE device. …
|
CWE-287
Improper Authentication
|
CVE-2019-12643
|
2024-11-21 13:23 |
2019-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223158
|
7.8 |
HIGH
Local
|
insyde
|
h2offt
h2ooae
h2osde
h2ouve
h2oelv
h2opcm
|
Improper access control in the Insyde software tools may allow an authenticated user to potentially enable escalation of privilege, or information disclosure via local access. This is a software vuln…
|
NVD-CWE-noinfo
|
CVE-2019-12532
|
2024-11-21 13:23 |
2019-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223159
|
7.5 |
HIGH
Network
|
cisco
|
ucs_director
integrated_management_controller_supervisor
ucs_director_express_for_big_data
|
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauth…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2019-12634
|
2024-11-21 13:23 |
2019-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223160
|
7.5 |
HIGH
Network
|
cisco
|
firepower_threat_defense
|
A vulnerability in the application policy configuration of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensit…
|
NVD-CWE-Other
|
CVE-2019-12627
|
2024-11-21 13:23 |
2019-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
