|
219611
|
9.8 |
CRITICAL
Network
|
facebook
|
hiphop_virtual_machine
|
Call to the scrypt_enc() function in HHVM can lead to heap corruption by using specifically crafted parameters (N, r and p). This happens if the parameters are configurable by an attacker for instanc…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-3570
|
2024-11-21 13:42 |
2019-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219612
|
5.5 |
MEDIUM
Local
|
comodo
|
antivirus
|
Comodo Antivirus versions 12.0.0.6810 and below are vulnerable to Denial of Service affecting CmdAgent.exe via an unprotected section object "<GUID>_CisSharedMemBuff". This section object is exposed …
|
CWE-125
Out-of-bounds Read
|
CVE-2019-3972
|
2024-11-21 13:42 |
2019-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219613
|
5.5 |
MEDIUM
Local
|
comodo
|
antivirus
|
Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to a local Denial of Service affecting CmdVirth.exe via its LPC port "cmdvrtLPCServerPort". A low privileged local process can connect to th…
|
NVD-CWE-noinfo
|
CVE-2019-3971
|
2024-11-21 13:42 |
2019-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219614
|
5.5 |
MEDIUM
Local
|
comodo
|
antivirus
|
Comodo Antivirus versions 11.0.0.6582 and below are vulnerable to Denial of Service affecting CmdGuard.sys via its filter port "cmdServicePort". A low privileged process can crash CmdVirth.exe to dec…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-3973
|
2024-11-21 13:42 |
2019-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219615
|
5.5 |
MEDIUM
Local
|
comodo
|
antivirus
|
Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Arbitrary File Write due to Cavwp.exe handling of Comodo's Antivirus database. Cavwp.exe loads Comodo antivirus definition database in un…
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2019-3970
|
2024-11-21 13:42 |
2019-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219616
|
7.8 |
HIGH
Local
|
comodo
|
antivirus
|
Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Local Privilege Escalation due to CmdAgent's handling of COM clients. A local process can bypass the signature check enforced by CmdAgent…
|
NVD-CWE-noinfo
|
CVE-2019-3969
|
2024-11-21 13:42 |
2019-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219617
|
5.3 |
MEDIUM
Network
|
whatsapp
|
whatsapp
|
An input validation issue affected WhatsApp Desktop versions prior to 0.3.3793 which allows malicious clients to send files to users that would be displayed with a wrong extension.
|
CWE-20
Improper Input Validation
|
CVE-2019-3571
|
2024-11-21 13:42 |
2019-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219618
|
5.7 |
MEDIUM
Adjacent
|
zte
|
zxmw_nr8000_firmware
|
ZTE MW NR8000V2.4.4.03 and NR8000V2.4.4.04 are impacted by path traversal vulnerability. Due to path traversal,users can download any files.
|
CWE-22
Path Traversal
|
CVE-2019-3415
|
2024-11-21 13:42 |
2019-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219619
|
5.4 |
MEDIUM
Network
|
redhat
|
openshift_container_platform
|
A reflected XSS vulnerability exists in authorization flow of OpenShift Container Platform versions: openshift-online-3, openshift-enterprise-3.4 through 3.7 and openshift-enterprise-3.9 through 3.11…
|
-
|
CVE-2019-3889
|
2024-11-21 13:42 |
2019-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219620
|
9.8 |
CRITICAL
Network
|
arlo
|
vmb3010_firmware
vmb4000_firmware
vmb3500_firmware
vmb4500_firmware
vmb5000_firmware
|
Arlo Basestation firmware 1.12.0.1_27940 and prior contain a hardcoded username and password combination that allows root access to the device when an onboard serial interface is connected to.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2019-3950
|
2024-11-21 13:42 |
2019-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
