|
221001
|
5.3 |
MEDIUM
Network
|
lexmark
|
xm5163_firmware
xm5170_firmware
xm7155_firmware
xm7163_firmware
xm7170_firmware
xm7155x_firmware
xm7163x_firmware
xm7170x_firmware
cx310_firmware
cx410_firmware
cx510_fi…
|
Certain Lexmark CX, MX, X, XC, XM, XS, and 6500e devices before 2019-02-11 allow remote attackers to erase stored shortcuts.
|
NVD-CWE-noinfo
|
CVE-2019-6489
|
2024-11-21 13:46 |
2019-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221002
|
7.2 |
HIGH
Network
|
kentico
|
kentico
|
Kentico v10.0.42 allows Global Administrators to read the cleartext SMTP Password by navigating to the SMTP configuration page. NOTE: the vendor considers this a best-practice violation but not a vul…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2019-6242
|
2024-11-21 13:46 |
2019-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221003
|
9.8 |
CRITICAL
Network
|
forcepoint
|
user_id
|
Forcepoint User ID (FUID) server versions up to 1.2 have a remote arbitrary file upload vulnerability on TCP port 5001. Successful exploitation of this vulnerability may lead to remote code execution…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2019-6139
|
2024-11-21 13:46 |
2019-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221004
|
6.8 |
MEDIUM
Physics
|
bd
|
facslyric_ivd
facslyric
|
BD FACSLyric Research Use Only, Windows 10 Professional Operating System, U.S. and Malaysian Releases, between November 2017 and November 2018 and BD FACSLyric IVD Windows 10 Professional Operating S…
|
NVD-CWE-Other
|
CVE-2019-6517
|
2024-11-21 13:46 |
2019-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221005
|
6.1 |
MEDIUM
Network
|
broadcom
|
automic_workload_automation
|
Insufficient output sanitization in the Automic Web Interface (AWI), in CA Automic Workload Automation 12.0 to 12.2, allow attackers to potentially conduct persistent cross site scripting (XSS) attac…
|
CWE-79
Cross-site Scripting
|
CVE-2019-6504
|
2024-11-21 13:46 |
2019-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221006
|
9.8 |
CRITICAL
Network
|
advantech
|
webaccess\/scada
|
WebAccess/SCADA, Version 8.3. The software does not properly sanitize its inputs for SQL commands.
|
CWE-89
SQL Injection
|
CVE-2019-6523
|
2024-11-21 13:46 |
2019-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221007
|
8.6 |
HIGH
Network
|
advantech
|
webaccess\/scada
|
WebAccess/SCADA, Version 8.3. Specially crafted requests could allow a possible authentication bypass that could allow an attacker to obtain and manipulate sensitive information.
|
CWE-287
Improper Authentication
|
CVE-2019-6521
|
2024-11-21 13:46 |
2019-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221008
|
9.8 |
CRITICAL
Network
|
advantech
|
webaccess\/scada
|
WebAccess/SCADA, Version 8.3. An improper authentication vulnerability exists that could allow a possible authentication bypass allowing an attacker to upload malicious data.
|
CWE-287
Improper Authentication
|
CVE-2019-6519
|
2024-11-21 13:46 |
2019-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221009
|
5.9 |
MEDIUM
Network
|
f5
|
big-ip_local_traffic_manager
|
On BIG-IP LTM 13.0.0 to 13.0.1 and 12.1.0 to 12.1.3.6, under certain conditions, the TMM may consume excessive resources when processing SSL Session ID Persistence traffic.
|
NVD-CWE-noinfo
|
CVE-2019-6590
|
2024-11-21 13:46 |
2019-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221010
|
7.5 |
HIGH
Network
|
mitsubishielectric
|
q03udvcpu_firmware
q04udvcpu_firmware
q06udvcpu_firmware
q13udvcpu_firmware
q26udvcpu_firmware
q04udpvcpu_firmware
q06udpvcpu_firmware
q13udpvcpu_firmware
q26udpvcpu_firmware<…
|
Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and prior, Q04/06/13/26UDPVCPU: serial number 20081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 20101 and …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2019-6535
|
2024-11-21 13:46 |
2019-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
