|
213101
|
7.8 |
HIGH
Local
|
apple
|
mac_os_x
iphone_os
|
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4, macOS Mojave 10.14.3 Supplemental Update. An application may be able to gain elevated privil…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-7286
|
2024-11-21 13:47 |
2019-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213102
|
8.8 |
HIGH
Network
|
apple
|
iphone_os
tvos
icloud
itunes
safari
|
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing malicious…
|
CWE-416
Use After Free
|
CVE-2019-7285
|
2024-11-21 13:47 |
2019-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213103
|
4.3 |
MEDIUM
Network
|
apple
|
iphone_os
|
This issue was addressed with improved checks. This issue is fixed in iOS 12.2. Processing a maliciously crafted mail message may lead to S/MIME signature spoofing.
|
NVD-CWE-noinfo
|
CVE-2019-7284
|
2024-11-21 13:47 |
2019-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213104
|
5.4 |
MEDIUM
Network
|
avaya
|
ip_office_application_server
|
A Cross-Site Scripting (XSS) vulnerability in the WebUI component of IP Office Application Server could allow unauthorized code execution and potentially disclose sensitive information. All product v…
|
CWE-79
Cross-site Scripting
|
CVE-2019-7004
|
2024-11-21 13:47 |
2019-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213105
|
9.8 |
CRITICAL
Network
|
qnap
|
photo_station
|
This external control of file name or path vulnerability allows remote attackers to access or modify system files. To fix the vulnerability, QNAP recommend updating Photo Station to their latest vers…
|
CWE-22
Path Traversal
|
CVE-2019-7195
|
2024-11-21 13:47 |
2019-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213106
|
9.8 |
CRITICAL
Network
|
qnap
|
photo_station
|
This external control of file name or path vulnerability allows remote attackers to access or modify system files. To fix the vulnerability, QNAP recommend updating Photo Station to their latest vers…
|
CWE-22
Path Traversal
|
CVE-2019-7194
|
2024-11-21 13:47 |
2019-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213107
|
9.8 |
CRITICAL
Network
|
qnap
|
qts
|
This improper input validation vulnerability allows remote attackers to inject arbitrary code to the system. To fix the vulnerability, QNAP recommend updating QTS to their latest versions.
|
CWE-20
Improper Input Validation
|
CVE-2019-7193
|
2024-11-21 13:47 |
2019-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213108
|
9.8 |
CRITICAL
Network
|
qnap
|
photo_station
|
This improper access control vulnerability allows remote attackers to gain unauthorized access to the system. To fix these vulnerabilities, QNAP recommend updating Photo Station to their latest versi…
|
CWE-863
Incorrect Authorization
|
CVE-2019-7192
|
2024-11-21 13:47 |
2019-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213109
|
4.8 |
MEDIUM
Network
|
qnap
|
music_station
|
This cross-site scripting (XSS) vulnerability in Music Station allows remote attackers to inject and execute scripts on the administrator’s management console. To fix this vulnerability, QNAP recomme…
|
CWE-79
Cross-site Scripting
|
CVE-2019-7185
|
2024-11-21 13:47 |
2019-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213110
|
4.8 |
MEDIUM
Network
|
qnap
|
video_station
|
This cross-site scripting (XSS) vulnerability in Video Station allows remote attackers to inject and execute scripts on the administrator’s management console. To fix this vulnerability, QNAP recomme…
|
CWE-79
Cross-site Scripting
|
CVE-2019-7184
|
2024-11-21 13:47 |
2019-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
