|
222941
|
7.8 |
HIGH
Local
|
hornerautomation
|
cscape
|
In Horner Automation Cscape 9.90 and prior, improper validation of data may cause the system to write outside the intended buffer area, which may allow arbitrary code execution.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-13545
|
2024-11-21 13:25 |
2019-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222942
|
7.8 |
HIGH
Local
|
hornerautomation
|
cscape
|
In Horner Automation Cscape 9.90 and prior, an improper input validation vulnerability has been identified that may be exploited by processing files lacking user input validation. This may allow an a…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-13541
|
2024-11-21 13:25 |
2019-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222943
|
8.8 |
HIGH
Network
|
broadcom
|
ca_performance_management
network_operations
|
CA Performance Management 3.5.x, 3.6.x before 3.6.9, and 3.7.x before 3.7.4 have a default credential vulnerability that can allow a remote attacker to execute arbitrary commands and compromise syste…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2019-13657
|
2024-11-21 13:25 |
2019-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222944
|
6.5 |
MEDIUM
Network
|
siemens
|
simatic_it_uadm
|
A vulnerability has been identified in SIMATIC IT UADM (All versions < V1.3). An authenticated remote attacker with network access to port 1434/tcp of SIMATIC IT UADM could potentially recover a pass…
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2019-13929
|
2024-11-21 13:25 |
2019-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222945
|
7.5 |
HIGH
Network
|
siemens
|
simatic_winac_rtx_\(f\)_2010
|
A vulnerability has been identified in SIMATIC WinAC RTX (F) 2010 (All versions < SP3 Update 1). Affected versions of the software contain a vulnerability that could allow an unauthenticated attacker…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2019-13921
|
2024-11-21 13:25 |
2019-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222946
|
8.8 |
HIGH
Network
|
sma
|
sunny_webbox_firmware
|
An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions with the permissions of the user on the Sunny WebBox Firmware Version 1.6 and…
|
CWE-352
Origin Validation Error
|
CVE-2019-13529
|
2024-11-21 13:25 |
2019-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222947
|
5.9 |
MEDIUM
Network
|
matrixssl
|
matrixssl
|
MatrixSSL 4.2.1 and earlier contains a timing side channel in ECDSA signature generation. This allows a local or a remote attacker, able to measure the duration of hundreds to thousands of signing op…
|
CWE-327
CWE-203
Use of a Broken or Risky Cryptographic Algorithm
Information Exposure Through Discrepancy
|
CVE-2019-13629
|
2024-11-21 13:25 |
2019-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222948
|
4.7 |
MEDIUM
Local
|
wolfssl
|
wolfssl
|
wolfSSL and wolfCrypt 4.0.0 and earlier (when configured without --enable-fpecc, --enable-sp, or --enable-sp-math) contain a timing side channel in ECDSA signature generation. This allows a local att…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2019-13628
|
2024-11-21 13:25 |
2019-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222949
|
9.8 |
CRITICAL
Network
|
umbraco
|
umbraco
|
In Umbraco 7.3.8, there is SQL Injection in the backoffice/PageWApprove/PageWApproveApi/GetInpectSearch method via the nodeName parameter.
|
CWE-89
SQL Injection
|
CVE-2019-13957
|
2024-11-21 13:25 |
2019-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222950
|
9.8 |
CRITICAL
Network
|
broadcom
|
network_flow_analysis
|
CA Network Flow Analysis 9.x and 10.0.x have a default credential vulnerability that can allow a remote attacker to execute arbitrary commands and compromise system security.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2019-13658
|
2024-11-21 13:25 |
2019-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
