|
222971
|
6.5 |
MEDIUM
Network
|
momo_project
|
momo
|
The Momo application 2.1.9 for Android stores confidential information insecurely on the system (i.e., in cleartext), which allows a non-root user to find out the username/password of a valid user an…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2019-13099
|
2024-11-21 13:24 |
2019-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222972
|
6.5 |
MEDIUM
Network
|
tronlink
|
wallet
|
The user password via the registration form of TronLink Wallet 2.2.0 is stored in the log when the class CreateWalletTwoActivity is called. Other authenticated users can read it in the log later. The…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2019-13098
|
2024-11-21 13:24 |
2019-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222973
|
6.1 |
MEDIUM
Network
|
sertek
|
xpare
|
An issue was discovered in Sertek Xpare 3.67. The login form does not sanitize input data. Because of this, a malicious agent could exploit the vulnerable function in order to prepare an XSS payload …
|
CWE-79
Cross-site Scripting
|
CVE-2019-13448
|
2024-11-21 13:24 |
2019-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222974
|
9.8 |
CRITICAL
Network
|
sertek
|
xpare
|
An issue was discovered in Sertek Xpare 3.67. The login form does not sanitize input data. Because of this, a malicious agent could access the backend database via SQL injection.
|
CWE-89
SQL Injection
|
CVE-2019-13447
|
2024-11-21 13:24 |
2019-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222975
|
7.5 |
HIGH
Network
|
temenos
|
cwx
|
Temenos CWX version 8.9 has an Broken Access Control vulnerability in the module /CWX/Employee/EmployeeEdit2.aspx, leading to the viewing of user information.
|
NVD-CWE-noinfo
|
CVE-2019-13403
|
2024-11-21 13:24 |
2019-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222976
|
6.1 |
MEDIUM
Network
|
myt_project
|
myt
|
In MyT 1.5.1, the User[username] parameter has XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2019-13346
|
2024-11-21 13:24 |
2019-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222977
|
6.5 |
MEDIUM
Network
|
zipios_project
|
zipios
|
Zipios before 0.1.7 does not properly handle certain malformed zip archives and can go into an infinite loop, causing a denial of service. This is related to zipheadio.h:readUint32() and zipfile.cpp:…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2019-13453
|
2024-11-21 13:24 |
2019-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222978
|
7.8 |
HIGH
Local
|
linux
debian
fedoraproject
canonical
redhat
netapp
|
linux_kernel
debian_linux
fedora
ubuntu_linux
enterprise_linux
enterprise_linux_for_real_time
enterprise_linux_for_real_time_for_nfv_tus
enterprise_linux_for_real_time_tus
ent…
|
In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obta…
|
NVD-CWE-noinfo
|
CVE-2019-13272
|
2024-11-21 13:24 |
2019-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222979
|
7.5 |
HIGH
Network
|
control-webpanel
|
webpanel
|
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, a cwpsrv-xxx cookie allows a normal user to craft and upload a session file to the /tmp directory, and use it to become the root user.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2019-13359
|
2024-11-21 13:24 |
2019-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222980
|
8.1 |
HIGH
Network
|
libssh2
debian
fedoraproject
netapp
f5
|
libssh2
debian_linux
fedora
cloud_backup
ontap_select_deploy_administration_utility
e-series_santricity_os_controller
traffix_systems_signaling_delivery_controller
|
In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the se…
|
CWE-125
CWE-190
Out-of-bounds Read
Integer Overflow or Wraparound
|
CVE-2019-13115
|
2024-11-21 13:24 |
2019-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
