|
220171
|
6.5 |
MEDIUM
Network
|
epignosishq
|
efront_lms
|
An exploitable SQL injection vulnerability exists in the unauthenticated portion of eFront LMS, versions v5.2.12 and earlier. Specially crafted web request to login page can cause SQL injections, res…
|
CWE-89
SQL Injection
|
CVE-2019-5070
|
2024-11-21 13:44 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220172
|
8.8 |
HIGH
Network
|
epignosishq
|
efront_lms
|
A code execution vulnerability exists in Epignosis eFront LMS v5.2.12. A specially crafted web request can cause unsafe deserialization potentially resulting in PHP code being executed. An attacker c…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2019-5069
|
2024-11-21 13:44 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220173
|
5.3 |
MEDIUM
Network
|
blynk
|
blynk-library
|
An exploitable information disclosure vulnerability exists in the packet-parsing functionality of Blynk-Library v0.6.1. A specially crafted packet can cause an unterminated strncpy, resulting in info…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-5065
|
2024-11-21 13:44 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220174
|
8.8 |
HIGH
Network
|
aspose
|
aspose.words
|
An exploitable Stack Based Buffer Overflow vulnerability exists in the EnumMetaInfo function of Aspose Aspose.Words library, version 18.11.0.0. A specially crafted doc file can cause a stack-based bu…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-5041
|
2024-11-21 13:44 |
2019-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220175
|
8.8 |
HIGH
Network
|
aspose
|
aspose.cells
|
An exploitable out-of-bounds read vulnerability exists in the Number record parser of Aspose Aspose.Cells 19.1.0 library. A specially crafted XLS file can cause an out-of-bounds read, resulting in re…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-5033
|
2024-11-21 13:44 |
2019-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220176
|
8.8 |
HIGH
Network
|
aspose
|
aspose.cells
|
An exploitable out-of-bounds read vulnerability exists in the LabelSst record parser of Aspose Aspose.Cells 19.1.0 library. A specially crafted XLS file can cause an out-of-bounds read, resulting in …
|
CWE-125
Out-of-bounds Read
|
CVE-2019-5032
|
2024-11-21 13:44 |
2019-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220177
|
7.5 |
HIGH
Network
|
google
|
nest_cam_iq_indoor_firmware
|
An exploitable denial-of-service vulnerability exists in the Weave error reporting functionality of the Nest Cam IQ Indoor, version 4620002. A specially crafted weave packets can cause an arbitrary W…
|
CWE-346
Origin Validation Error
|
CVE-2019-5036
|
2024-11-21 13:44 |
2019-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220178
|
9.0 |
CRITICAL
Network
|
google
|
nest_cam_iq_indoor_firmware
|
An exploitable information disclosure vulnerability exists in the Weave PASE pairing functionality of the Nest Cam IQ Indoor, version 4620002. A set of specially crafted weave packets can brute force…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2019-5035
|
2024-11-21 13:44 |
2019-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220179
|
5.3 |
MEDIUM
Network
|
google
|
nest_cam_iq_indoor_firmware
|
An exploitable information disclosure vulnerability exists in the Weave Legacy Pairing functionality of Nest Cam IQ Indoor version 4620002. A set of specially crafted weave packets can cause an out o…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-5034
|
2024-11-21 13:44 |
2019-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220180
|
7.5 |
HIGH
Network
|
openweave
google
|
openweave-core
nest_cam_iq_indoor_firmware
|
An exploitable information disclosure vulnerability exists in the Weave MessageLayer parsing of Openweave-core version 4.0.2 and Nest Cam IQ Indoor version 4620002. A specially crafted weave packet c…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2019-5040
|
2024-11-21 13:44 |
2019-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
