|
222601
|
7.8 |
HIGH
Local
|
intel
|
nuc_8_mainstream_game_kit_firmware
nuc_8_mainstream_game_mini_computer_firmware
nuc_board_de3815tybe_firmware
nuc_kit_de3815tykhe_firmware
nuc_kit_dn2820fykh_firmware
|
Memory corruption in system firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-14570
|
2024-11-21 13:26 |
2019-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222602
|
7.8 |
HIGH
Local
|
intel
|
nuc_8_mainstream_game_kit_firmware
nuc_8_mainstream_game_mini_computer_firmware
nuc_board_de3815tybe_firmware
nuc_kit_de3815tykhe_firmware
nuc_kit_dn2820fykh_firmware
|
Pointer corruption in system firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2019-14569
|
2024-11-21 13:26 |
2019-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222603
|
6.7 |
MEDIUM
Local
|
kaseya
|
vsa
|
An issue was discovered in Kaseya VSA RMM through 9.5.0.22. When using the default configuration, the LAN Cache feature creates a local account FSAdminxxxxxxxxx (e.g., FSAdmin123456789) on the server…
|
CWE-287
CWE-276
Improper Authentication
Incorrect Default Permissions
|
CVE-2019-14510
|
2024-11-21 13:26 |
2019-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222604
|
9.8 |
CRITICAL
Network
|
salesagility
|
suitecrm
|
SuiteCRM 7.11.x and 7.10.x before 7.11.8 and 7.10.20 is vulnerable to vertical privilege escalation.
|
NVD-CWE-noinfo
|
CVE-2019-14454
|
2024-11-21 13:26 |
2019-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222605
|
5.3 |
MEDIUM
Network
|
silverstripe
|
silverstripe
|
In SilverStripe assets 4.0, there is broken access control on files.
|
CWE-552
Files or Directories Accessible to External Parties
|
CVE-2019-14273
|
2024-11-21 13:26 |
2019-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222606
|
5.4 |
MEDIUM
Network
|
silverstripe
|
silverstripe
|
In SilverStripe asset-admin 4.0, there is XSS in file titles managed through the CMS.
|
CWE-79
Cross-site Scripting
|
CVE-2019-14272
|
2024-11-21 13:26 |
2019-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222607
|
6.5 |
MEDIUM
Local
|
bluestacks
|
bluestacks
|
An issue was discovered in BlueStacks 4.110 and below on macOS and on 4.120 and below on Windows. BlueStacks employs Android running in a virtual machine (VM) to enable Android apps to run on Windows…
|
CWE-269
Improper Privilege Management
|
CVE-2019-14220
|
2024-11-21 13:26 |
2019-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222608
|
6.6 |
MEDIUM
Physics
|
nxp
|
kinetis_kv1x_firmware
kinetis_kv3x_firmware
kinetis_k8x_firmware
|
On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls (FAC) (a software IP protection method for execute-only access) can be defeated by leveraging a load instruction insi…
|
CWE-287
Improper Authentication
|
CVE-2019-14239
|
2024-11-21 13:26 |
2019-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222609
|
6.6 |
MEDIUM
Physics
|
st
|
stm32l0_firmware
stm32l1_firmware
stm32f4_firmware
stm32l4_firmware
stm32f7_firmware
stm32h7_firmware
|
On STMicroelectronics STM32F7 devices, Proprietary Code Read Out Protection (PCROP) (a software IP protection method) can be defeated with a debug probe via the Instruction Tightly Coupled Memory (IT…
|
CWE-287
Improper Authentication
|
CVE-2019-14238
|
2024-11-21 13:26 |
2019-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222610
|
7.5 |
HIGH
Network
|
vivotek
|
camera
|
VIVOTEK IP Camera devices with firmware before 0x20x allow a denial of service via a crafted HTTP header.
|
NVD-CWE-noinfo
|
CVE-2019-14458
|
2024-11-21 13:26 |
2019-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
