|
219011
|
5.9 |
MEDIUM
Network
|
elastic
|
elasticsearch
|
A race condition flaw was found in the response headers Elasticsearch versions before 7.2.1 and 6.8.2 returns to a request. On a system with multiple users submitting requests, it could be possible f…
|
CWE-362
Race Condition
|
CVE-2019-7614
|
2024-11-21 13:48 |
2019-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219012
|
7.8 |
HIGH
Local
|
johnsoncontrols
|
exacqvision_server
|
ExacqVision Server’s services 'exacqVisionServer', 'dvrdhcpserver' and 'mdnsresponder' have an unquoted service path. If an authenticated user is able to insert code in their system root path it pote…
|
CWE-428
Unquoted Search Path or Element
|
CVE-2019-7590
|
2024-11-21 13:48 |
2019-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219013
|
7.5 |
HIGH
Network
|
adobe
|
campaign
|
Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Information Exposure Through an Error Message vulnerability. Successful exploitation could lead to Information Disclosure in t…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2019-7941
|
2024-11-21 13:48 |
2019-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219014
|
9.8 |
CRITICAL
Network
|
adobe
|
campaign
|
Adobe Campaign Classic version 18.10.5-8984 and earlier versions have a Command injection vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current u…
|
CWE-77
Command Injection
|
CVE-2019-7850
|
2024-11-21 13:48 |
2019-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219015
|
7.5 |
HIGH
Network
|
adobe
|
campaign
|
Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Inadequate access control vulnerability. Successful exploitation could lead to Information Disclosure in the context of the cu…
|
NVD-CWE-noinfo
|
CVE-2019-7848
|
2024-11-21 13:48 |
2019-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219016
|
7.5 |
HIGH
Network
|
adobe
|
campaign
|
Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Improper Restriction of XML External Entity Reference ('XXE') vulnerability. Successful exploitation could lead to Arbitrary r…
|
CWE-611
XXE
|
CVE-2019-7847
|
2024-11-21 13:48 |
2019-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219017
|
7.5 |
HIGH
Network
|
adobe
|
campaign
|
Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Improper error handling vulnerability. Successful exploitation could lead to Information Disclosure in the context of the curr…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2019-7846
|
2024-11-21 13:48 |
2019-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219018
|
7.5 |
HIGH
Network
|
adobe
|
campaign
|
Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Insufficient input validation vulnerability. Successful exploitation could lead to Information Disclosure in the context of th…
|
CWE-20
Improper Input Validation
|
CVE-2019-7843
|
2024-11-21 13:48 |
2019-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219019
|
7.2 |
HIGH
Network
|
primasystems
|
flexair
|
Prima Systems FlexAir, Versions 2.3.38 and prior. The application incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component, which c…
|
CWE-78
OS Command
|
CVE-2019-7670
|
2024-11-21 13:48 |
2019-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219020
|
8.8 |
HIGH
Network
|
primasystems
|
flexair
|
Prima Systems FlexAir, Versions 2.3.38 and prior. Improper validation of file extensions when uploading files could allow a remote authenticated attacker to upload and execute malicious applications …
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2019-7669
|
2024-11-21 13:48 |
2019-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
