|
223321
|
8.1 |
HIGH
Adjacent
|
espressif
|
esp8266_nonos_sdk
esp-idf
|
The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 allows the installation of a zero Pairwise Master Key (PMK) after the completion of any …
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2019-12587
|
2024-11-21 13:23 |
2019-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223322
|
7.8 |
HIGH
Local
|
estsoft
|
alsee
|
A memory corruption vulnerability exists in the .PSD parsing functionality of ALSee v5.3 ~ v8.39. A specially crafted .PSD file can cause an out of bounds write vulnerability resulting in code execut…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-12810
|
2024-11-21 13:23 |
2019-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223323
|
4.8 |
MEDIUM
Network
|
symantec
|
vip
|
Symantec My VIP portal, previous version which has already been auto updated, was susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject cli…
|
CWE-79
Cross-site Scripting
|
CVE-2019-12754
|
2024-11-21 13:23 |
2019-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223324
|
4.9 |
MEDIUM
Network
|
symantec
|
reporter
|
An information disclosure vulnerability in Symantec Reporter web UI 10.3 prior to 10.3.2.5 allows a malicious authenticated administrator user to obtain passwords for external SMTP, FTP, FTPS, LDAP, …
|
NVD-CWE-noinfo
|
CVE-2019-12753
|
2024-11-21 13:23 |
2019-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223325
|
10.0 |
CRITICAL
Network
|
cisco
|
ios_xe
|
A vulnerability in the Cisco REST API virtual service container for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass authentication on the managed Cisco IOS XE device. …
|
CWE-287
Improper Authentication
|
CVE-2019-12643
|
2024-11-21 13:23 |
2019-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223326
|
7.8 |
HIGH
Local
|
insyde
|
h2offt
h2ooae
h2osde
h2ouve
h2oelv
h2opcm
|
Improper access control in the Insyde software tools may allow an authenticated user to potentially enable escalation of privilege, or information disclosure via local access. This is a software vuln…
|
NVD-CWE-noinfo
|
CVE-2019-12532
|
2024-11-21 13:23 |
2019-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223327
|
7.5 |
HIGH
Network
|
cisco
|
ucs_director
integrated_management_controller_supervisor
ucs_director_express_for_big_data
|
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauth…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2019-12634
|
2024-11-21 13:23 |
2019-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223328
|
7.5 |
HIGH
Network
|
cisco
|
firepower_threat_defense
|
A vulnerability in the application policy configuration of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensit…
|
NVD-CWE-Other
|
CVE-2019-12627
|
2024-11-21 13:23 |
2019-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223329
|
4.8 |
MEDIUM
Network
|
cisco
|
unified_contact_center_express
|
A vulnerability in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS…
|
CWE-79
Cross-site Scripting
|
CVE-2019-12626
|
2024-11-21 13:23 |
2019-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223330
|
8.8 |
HIGH
Network
|
cisco
|
ios_xe
|
A vulnerability in the web-based management interface of Cisco IOS XE New Generation Wireless Controller (NGWC) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery…
|
CWE-352
Origin Validation Error
|
CVE-2019-12624
|
2024-11-21 13:23 |
2019-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
