|
220181
|
8.8 |
HIGH
Network
|
openweave
|
openweave-core
|
An exploitable command execution vulnerability exists in the ASN1 certificate writing functionality of Openweave-core version 4.0.2. A specially crafted weave certificate can trigger a heap-based buf…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-5039
|
2024-11-21 13:44 |
2019-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220182
|
8.8 |
HIGH
Network
|
openweave
|
openweave-core
|
An exploitable command execution vulnerability exists in the print-tlv command of Weave tool. A specially crafted weave TLV can trigger a stack-based buffer overflow, resulting in code execution. An …
|
CWE-787
Out-of-bounds Write
|
CVE-2019-5038
|
2024-11-21 13:44 |
2019-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220183
|
7.5 |
HIGH
Network
|
google
|
nest_cam_iq_indoor_firmware
|
An exploitable denial-of-service vulnerability exists in the Weave certificate loading functionality of Nest Cam IQ Indoor camera, version 4620002. A specially crafted weave packet can cause an integ…
|
CWE-125
CWE-190
Out-of-bounds Read
Integer Overflow or Wraparound
|
CVE-2019-5037
|
2024-11-21 13:44 |
2019-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220184
|
7.8 |
HIGH
Local
|
huawei
|
hima-al00b_firmware
|
Huawei mobile phones Hima-AL00Bhave with Versions earlier than HMA-AL00C00B175 have a signature verification bypass vulnerability. Attackers can induce users to install malicious applications. Due to…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2019-5299
|
2024-11-21 13:44 |
2019-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220185
|
6.5 |
MEDIUM
Network
|
huawei
|
cloudlink_phone_7900_firmware
|
The SIP TLS module of Huawei CloudLink Phone 7900 with V600R019C10 has a TLS certificate verification vulnerability. Due to insufficient verification of specific parameters of the TLS server certific…
|
CWE-295
Improper Certificate Validation
|
CVE-2019-5280
|
2024-11-21 13:44 |
2019-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220186
|
7.8 |
HIGH
Local
|
huawei
|
pcmanager
|
PCManager 9.1.3.1 has an improper authentication vulnerability. The certain driver interface of the software does not perform a validation of user-mode data properly, successful exploit could result …
|
CWE-287
Improper Authentication
|
CVE-2019-5223
|
2024-11-21 13:44 |
2019-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220187
|
6.5 |
MEDIUM
Network
|
hp
|
xp7_device_manager
xp7_tiered_storage_manager
xp7_replication_manager
|
Command View Advanced Edition (CVAE) products contain a vulnerability that could expose configuration information of hosts and storage systems that are managed by Device Manager server. This problem …
|
NVD-CWE-noinfo
|
CVE-2019-5408
|
2024-11-21 13:44 |
2019-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220188
|
6.3 |
MEDIUM
Network
|
hp
|
3par_storeserv_management_console
|
A remote information disclosure vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1.
|
NVD-CWE-noinfo
|
CVE-2019-5407
|
2024-11-21 13:44 |
2019-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220189
|
7.2 |
HIGH
Network
|
hp
|
3par_storeserv_management_console
|
A remote session reuse vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1.
|
CWE-384
Session Fixation
|
CVE-2019-5406
|
2024-11-21 13:44 |
2019-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220190
|
7.3 |
HIGH
Network
|
hp
|
3par_storeserv_management_console
|
A remote authorization bypass vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1.
|
NVD-CWE-noinfo
|
CVE-2019-5405
|
2024-11-21 13:44 |
2019-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
