|
219911
|
5.4 |
MEDIUM
Network
|
pivotal_software
|
operations_manager
|
Pivotal Operations Manager, 2.1.x versions prior to 2.1.20, 2.2.x versions prior to 2.2.16, 2.3.x versions prior to 2.3.10, 2.4.x versions prior to 2.4.3, contains a reflected cross site scripting vu…
|
CWE-79
Cross-site Scripting
|
CVE-2019-3776
|
2024-11-21 13:42 |
2019-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219912
|
6.5 |
MEDIUM
Network
|
cloudfoundry
|
uaa_release
|
Cloud Foundry UAA, versions prior to v70.0, allows a user to update their own email address. A remote authenticated user can impersonate a different user by changing their email address to that of a …
|
CWE-287
Improper Authentication
|
CVE-2019-3775
|
2024-11-21 13:42 |
2019-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219913
|
8.8 |
HIGH
Adjacent
|
dell
|
wyse_thinlinux_hagent
windows_embedded_standard_wyse_device_agent
|
Dell WES Wyse Device Agent versions prior to 14.1.2.9 and Dell Wyse ThinLinux HAgent versions prior to 5.4.55 00.10 contain a buffer overflow vulnerability. An unauthenticated attacker may potentiall…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2019-3712
|
2024-11-21 13:42 |
2019-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219914
|
6.5 |
MEDIUM
Network
|
samba
debian
canonical
|
samba
debian_linux
ubuntu_linux
|
A flaw was found in the way an LDAP search expression could crash the shared LDAP server process of a samba AD DC in samba before version 4.10. An authenticated user, having read permissions on the L…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-3824
|
2024-11-21 13:42 |
2019-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219915
|
9.8 |
CRITICAL
Network
|
nokia
|
i-240w-q_gpon_ont_firmware
|
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, unauthenticated attacker to /GponFo…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-3922
|
2024-11-21 13:42 |
2019-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219916
|
8.8 |
HIGH
Network
|
nokia
|
i-240w-q_gpon_ont_firmware
|
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, authenticated attacker to /GponForm…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-3921
|
2024-11-21 13:42 |
2019-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219917
|
8.8 |
HIGH
Network
|
nokia
|
i-240w-q_gpon_ont_firmware
|
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to authenticated command injection via crafted HTTP request sent by a remote, authenticated attacker to /GponF…
|
CWE-77
Command Injection
|
CVE-2019-3920
|
2024-11-21 13:42 |
2019-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219918
|
8.8 |
HIGH
Network
|
nokia
|
i-240w-q_gpon_ont_firmware
|
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to command injection via crafted HTTP request sent by a remote, authenticated attacker to /GponForm/usb_restor…
|
CWE-77
Command Injection
|
CVE-2019-3919
|
2024-11-21 13:42 |
2019-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219919
|
9.8 |
CRITICAL
Network
|
nokia
|
i-240w-q_gpon_ont_firmware
|
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 contains multiple hard coded credentials for the Telnet and SSH interfaces.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2019-3918
|
2024-11-21 13:42 |
2019-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219920
|
7.5 |
HIGH
Network
|
nokia
|
i-240w-q_gpon_ont_firmware
|
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 allows a remote, unauthenticated attacker to enable telnetd on the router via a crafted HTTP request.
|
CWE-425
Direct Request ('Forced Browsing')
|
CVE-2019-3917
|
2024-11-21 13:42 |
2019-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
