|
219631
|
5.5 |
MEDIUM
Local
|
huawei
|
honor_magic_2_firmware
|
There is an information disclosure vulnerability on Secure Input of certain Huawei smartphones in Versions earlier than Tony-AL00B 9.1.0.216(C00E214R2P1). The Secure Input does not properly limit cer…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2019-5222
|
2024-11-21 13:44 |
2019-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219632
|
5.3 |
MEDIUM
Network
|
http-file-server_project
|
http-file-server
|
A path traversal vulnerability in <= v0.2.6 of http-file-server npm module allows attackers to list files in arbitrary folders.
|
CWE-22
Path Traversal
|
CVE-2019-5447
|
2024-11-21 13:44 |
2019-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219633
|
7.2 |
HIGH
Network
|
ui
|
edgeswitch_firmware
|
Command Injection in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to execute commands as root.
|
CWE-77
Command Injection
|
CVE-2019-5446
|
2024-11-21 13:44 |
2019-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219634
|
4.9 |
MEDIUM
Network
|
ui
|
edgeswitch_firmware
|
DoS in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to Crash the SSH CLI interface by using crafted commands.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2019-5445
|
2024-11-21 13:44 |
2019-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219635
|
5.3 |
MEDIUM
Network
|
serve-here.js_project
|
serve-here.js
|
Path traversal vulnerability in version up to v1.1.3 in serve-here.js npm module allows attackers to list any file in arbitrary folder.
|
CWE-22
Path Traversal
|
CVE-2019-5444
|
2024-11-21 13:44 |
2019-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219636
|
6.5 |
MEDIUM
Adjacent
|
huawei
|
mate_20_x_firmware
|
There is a path traversal vulnerability on Huawei Share. The software does not properly validate the path, an attacker could crafted a file path when transporting file through Huawei Share, successfu…
|
CWE-22
Path Traversal
|
CVE-2019-5221
|
2024-11-21 13:44 |
2019-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219637
|
4.6 |
MEDIUM
Physics
|
huawei
|
mate_20_x_firmware
mate_20_firmware
honor_magic_2_firmware
|
There is a Factory Reset Protection (FRP) bypass vulnerability on several smartphones. The system does not sufficiently verify the permission, an attacker could do a certain operation on certain step…
|
CWE-863
Incorrect Authorization
|
CVE-2019-5220
|
2024-11-21 13:44 |
2019-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219638
|
8.8 |
HIGH
Network
|
libsdl
debian
opensuse
canonical
|
sdl2_image
debian_linux
leap
backports_sle
ubuntu_linux
|
An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2_image 2.0.4. A specially crafted file can cause an integer overflow, resulting in too little memory being allocate…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2019-5052
|
2024-11-21 13:44 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219639
|
8.8 |
HIGH
Network
|
libsdl
debian
opensuse
canonical
|
sdl2_image
debian_linux
leap
backports_sle
ubuntu_linux
|
An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2_image, version 2.0.4. A missing error handler can lead to a buffer overflow and potential code execution…
|
CWE-787
CWE-755
Out-of-bounds Write
Improper Handling of Exceptional Conditions
|
CVE-2019-5051
|
2024-11-21 13:44 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219640
|
7.8 |
HIGH
Local
|
haxx
oracle
netapp
|
curl
http_server
enterprise_manager_ops_center
oss_support_tools
mysql_server
snapcenter
oncommand_unified_manager
oncommand_workflow_automation
oncommand_insight
|
A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl <= 7.65.1 automatically run the code (as an openssl "engine") …
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2019-5443
|
2024-11-21 13:44 |
2019-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
