|
214401
|
5.6 |
MEDIUM
Local
|
linux
canonical
opensuse
|
linux_kernel
ubuntu_linux
leap
|
kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different sta…
|
CWE-189
Numeric Errors
|
CVE-2019-7308
|
2024-11-21 13:47 |
2019-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214402
|
7.2 |
HIGH
Network
|
zevenet
|
zen_load_balancer
|
Zen Load Balancer 3.10.1 allows remote authenticated admin users to execute arbitrary commands as root via shell metacharacters in the index.cgi?action=View_Cert certname parameter.
|
CWE-78
OS Command
|
CVE-2019-7301
|
2024-11-21 13:47 |
2019-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214403
|
7.2 |
HIGH
Network
|
articatech
|
artica_proxy
|
Artica Proxy 3.06.200056 allows remote attackers to execute arbitrary commands as root by reading the ressources/settings.inc ldap_admin and ldap_password fields, using these credentials at logon.php…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2019-7300
|
2024-11-21 13:47 |
2019-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214404
|
8.1 |
HIGH
Network
|
dlink
|
dir-823g_firmware
|
An issue was discovered on D-Link DIR-823G devices with firmware through 1.02B03. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 request. Thi…
|
CWE-78
OS Command
|
CVE-2019-7298
|
2024-11-21 13:47 |
2019-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214405
|
9.8 |
CRITICAL
Network
|
d-link
|
dir-823g_firmware
|
An issue was discovered on D-Link DIR-823G devices with firmware through 1.02B03. A command Injection vulnerability allows attackers to execute arbitrary OS commands via shell metacharacters in a cra…
|
CWE-78
OS Command
|
CVE-2019-7297
|
2024-11-21 13:47 |
2019-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214406
|
6.1 |
MEDIUM
Network
|
typora
|
typora
|
typora through 0.9.64 has XSS, with resultant remote command execution, during inline rendering of a mathematical formula.
|
CWE-79
Cross-site Scripting
|
CVE-2019-7296
|
2024-11-21 13:47 |
2019-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214407
|
6.1 |
MEDIUM
Network
|
typora
|
typora
|
typora through 0.9.63 has XSS, with resultant remote command execution, during block rendering of a mathematical formula.
|
CWE-79
Cross-site Scripting
|
CVE-2019-7295
|
2024-11-21 13:47 |
2019-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214408
|
7.4 |
HIGH
Network
|
netkit
debian
|
netkit
debian_linux
|
An issue was discovered in rcp in NetKit through 0.17. For an rcp operation, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validatio…
|
NVD-CWE-noinfo
|
CVE-2019-7283
|
2024-11-21 13:47 |
2019-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214409
|
5.9 |
MEDIUM
Network
|
netkit
debian
fedoraproject
|
netkit
debian_linux
fedora
|
In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of…
|
NVD-CWE-noinfo
|
CVE-2019-7282
|
2024-11-21 13:47 |
2019-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214410
|
6.1 |
MEDIUM
Network
|
cross_reference_project
|
cross_reference
|
An issue was discovered in the Cross Reference Add-on 36 for Google Docs. Stored XSS in the preview boxes in the configuration panel may allow a malicious user to use both label text and references t…
|
CWE-79
Cross-site Scripting
|
CVE-2019-7250
|
2024-11-21 13:47 |
2019-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
