|
212711
|
8.8 |
HIGH
Network
|
kaspersky
|
antivirus_engine
|
Kaspersky Lab Antivirus Engine version before 04.apr.2019 has a heap-based buffer overflow vulnerability that potentially allow arbitrary code execution
|
CWE-787
Out-of-bounds Write
|
CVE-2019-8285
|
2024-11-21 13:49 |
2019-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212712
|
9.8 |
CRITICAL
Network
|
barni
|
master_ip_camera01_firmware
|
MASTER IPCAMERA01 3.3.4.2103 devices allow Remote Command Execution, related to the thttpd component.
|
NVD-CWE-noinfo
|
CVE-2019-8387
|
2024-11-21 13:49 |
2019-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212713
|
6.1 |
MEDIUM
Network
|
htmly
|
htmly
|
Multiple cross-site scripting (XSS) vulnerabilities in HTMLy 2.7.4 allow remote attackers to inject arbitrary web script or HTML via the (1) destination parameter to delete feature; the (2) destinati…
|
CWE-79
Cross-site Scripting
|
CVE-2019-8349
|
2024-11-21 13:49 |
2019-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212714
|
7.0 |
HIGH
Local
|
checkpoint
|
endpoint_security
|
A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80.96 writes and another BAT file, then by impersonating the WPAD server, …
|
CWE-59
Link Following
|
CVE-2019-8454
|
2024-11-21 13:49 |
2019-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212715
|
7.8 |
HIGH
Local
|
checkpoint
|
zonealarm
endpoint_security
|
A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Security client for Windows before E80.96 to any file on the system will get its permission c…
|
CWE-59
Link Following
|
CVE-2019-8452
|
2024-11-21 13:49 |
2019-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212716
|
7.1 |
HIGH
Local
|
checkpoint
|
zonealarm
|
A hard-link created from the log file of Check Point ZoneAlarm up to 15.4.062 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on fi…
|
CWE-59
Link Following
|
CVE-2019-8455
|
2024-11-21 13:49 |
2019-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212717
|
5.5 |
MEDIUM
Local
|
checkpoint
|
zonealarm
|
Some of the DLLs loaded by Check Point ZoneAlarm up to 15.4.062 are taken from directories where all users have write permissions. This can allow a local attacker to replace a DLL file with a malicio…
|
CWE-426
Untrusted Search Path
|
CVE-2019-8453
|
2024-11-21 13:49 |
2019-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212718
|
5.9 |
MEDIUM
Network
|
checkpoint
|
ipsec_vpn
|
Check Point IKEv2 IPsec VPN up to R80.30, in some less common conditions, may allow an attacker with knowledge of the internal configuration and setup to successfully connect to a site-to-site VPN se…
|
NVD-CWE-noinfo
|
CVE-2019-8456
|
2024-11-21 13:49 |
2019-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212719
|
9.1 |
CRITICAL
Network
|
heimdalsecurity
|
thor
|
Heimdal Thor Agent 2.5.17x before 2.5.173 does not verify X.509 certificates from TLS servers, which allows remote attackers to spoof servers and obtain sensitive information via a crafted certificat…
|
CWE-295
Improper Certificate Validation
|
CVE-2019-8351
|
2024-11-21 13:49 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212720
|
9.8 |
CRITICAL
Network
|
uvnc
|
ultravnc
|
UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside RAW decoder, which can potentially result code execution. This attack appear to be exploitable via network connectiv…
|
CWE-125
CWE-787
Out-of-bounds Read
Out-of-bounds Write
|
CVE-2019-8280
|
2024-11-21 13:49 |
2019-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
