|
222291
|
9.1 |
CRITICAL
Network
|
progradegrill
|
wifi_grilling_thermometer_firmware
|
Lierda Grill Temperature Monitor V1.00_50006 has a default password of admin for the admin account, which allows an attacker to cause a Denial of Service or Information Disclosure via the undocumente…
|
CWE-1188
Insecure Default Initialization of Resource
|
CVE-2019-15304
|
2024-11-21 13:28 |
2019-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222292
|
7.5 |
HIGH
Network
|
rustls_project
|
rustls
|
rustls-mio/examples/tlsserver.rs in the rustls crate before 0.16.0 for Rust allows attackers to cause a denial of service (loop of conn_event and ready) by arranging for a client to never be writable.
|
CWE-88
Argument Injection
|
CVE-2019-15541
|
2024-11-21 13:28 |
2019-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222293
|
9.8 |
CRITICAL
Network
|
raml-module-builder_project
|
raml-module-builder
|
Raml-Module-Builder 26.4.0 allows SQL Injection in PostgresClient.update.
|
CWE-89
SQL Injection
|
CVE-2019-15534
|
2024-11-21 13:28 |
2019-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222294
|
6.1 |
MEDIUM
Network
|
gchq
|
cyberchef
|
CyberChef before 8.31.2 allows XSS in core/operations/TextEncodingBruteForce.mjs.
|
CWE-79
Cross-site Scripting
|
CVE-2019-15532
|
2024-11-21 13:28 |
2019-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222295
|
7.5 |
HIGH
Network
|
kaseya
|
virtual_system_administrator
|
An issue was discovered in Kaseya Virtual System Administrator (VSA) through 9.4.0.37. It has a critical information disclosure vulnerability. An unauthenticated attacker can send properly formatted …
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2019-15506
|
2024-11-21 13:28 |
2019-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222296
|
6.1 |
MEDIUM
Network
|
laracom
|
laracom
|
laracom (aka Laravel FREE E-Commerce Software) 1.4.11 has search?q= XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2019-15489
|
2024-11-21 13:28 |
2019-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222297
|
6.1 |
MEDIUM
Network
|
status_board_project
|
status_board
|
Status Board 1.1.81 has reflected XSS via logic.ts.
|
CWE-79
Cross-site Scripting
|
CVE-2019-15478
|
2024-11-21 13:28 |
2019-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222298
|
7.8 |
HIGH
Local
|
cdemu
|
libmirage
|
filters/filter-cso/filter-stream.c in the CSO filter in libMirage 3.2.2 in CDemu does not validate the part size, triggering a heap-based buffer overflow that can lead to root access by a local Linux…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-15540
|
2024-11-21 13:28 |
2019-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222299
|
7.5 |
HIGH
Network
|
linux
canonical
netapp
opensuse
debian
fedoraproject
|
linux_kernel
ubuntu_linux
data_availability_services
solidfire
hci_management_node
aff_a700s_firmware
h300s_firmware
h500s_firmware
h700s_firmware
h300e_firmware
h500e_f…
|
An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsi…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2019-15538
|
2024-11-21 13:28 |
2019-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222300
|
7.3 |
HIGH
Local
|
webtoffee
|
import_export_wordpress_users
|
The webtoffee "WordPress Users & WooCommerce Customers Import Export" plugin 1.3.0 for WordPress allows CSV injection in the user_url, display_name, first_name, and last_name columns in an exported C…
|
CWE-1236
Improper Neutralization of Formula Elements in a CSV File
|
CVE-2019-15092
|
2024-11-21 13:28 |
2019-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
