|
219461
|
6.4 |
MEDIUM
Network
|
dell
|
wyse_management_suite
|
Dell Wyse Management Suite versions prior to 1.4.1 contain a stored cross-site scripting vulnerability when unregistering a device. A remote authenticated malicious user with low privileges could exp…
|
CWE-79
Cross-site Scripting
|
CVE-2019-3770
|
2024-11-21 13:42 |
2020-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219462
|
6.4 |
MEDIUM
Network
|
dell
|
wyse_management_suite
|
Dell Wyse Management Suite versions prior to 1.4.1 contain a stored cross-site scripting vulnerability. A remote authenticated malicious user with low privileges could exploit this vulnerability to s…
|
CWE-79
Cross-site Scripting
|
CVE-2019-3769
|
2024-11-21 13:42 |
2020-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219463
|
7.5 |
HIGH
Network
|
facebook
|
thrift
|
C++ Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result …
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2019-3553
|
2024-11-21 13:42 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219464
|
7.5 |
HIGH
Network
|
360
|
p0_router_firmware
f5c_router_firmware
|
By adding some special fields to the uri ofrouter app function, the user could abuse background app cgi functions withoutauthentication. This affects 360 router P0 and F5C.
|
NVD-CWE-noinfo
|
CVE-2019-3404
|
2024-11-21 13:42 |
2020-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219465
|
7.3 |
HIGH
Local
|
opensuse
|
pcp
|
A Improper Limitation of a Pathname to a Restricted Directory vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performanc…
|
CWE-22
Path Traversal
|
CVE-2019-3696
|
2024-11-21 13:42 |
2020-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219466
|
7.8 |
HIGH
Local
|
opensuse
|
pcp
|
A Improper Control of Generation of Code vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, …
|
CWE-94
Code Injection
|
CVE-2019-3695
|
2024-11-21 13:42 |
2020-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219467
|
7.0 |
HIGH
Local
|
nagios
opensuse
|
nagios
leap
backports_sle
|
UNIX Symbolic Link (Symlink) Following vulnerability in the cronjob shipped with nagios of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 11; openSUSE Factory allows local attackers to…
|
-
|
CVE-2019-3698
|
2024-11-21 13:42 |
2020-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219468
|
6.1 |
MEDIUM
Network
|
mcafee
|
web_advisor
|
Remote Code Execution vulnerability in the web interface in McAfee Web Advisor (WA) 8.0.34745 and earlier allows remote unauthenticated attacker to execute arbitrary code via a cross site scripting a…
|
CWE-79
Cross-site Scripting
|
CVE-2019-3670
|
2024-11-21 13:42 |
2020-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219469
|
3.3 |
LOW
Local
|
suse
|
yast2-security
|
yast2-security didn't use secure defaults to protect passwords. This became a problem on 2019-10-07 when configuration files that set secure settings were moved to a different location. As of the 201…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2019-3700
|
2024-11-21 13:42 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219470
|
7.8 |
HIGH
Local
|
privoxy
|
privoxy
|
UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of privoxy on openSUSE Leap 15.1, Factory allows local attackers to escalate from user privoxy to root. This issue affects: openS…
|
-
|
CVE-2019-3699
|
2024-11-21 13:42 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
