|
224411
|
4.9 |
MEDIUM
Network
|
openldap
canonical
debian
opensuse
apple
mcafee
oracle
|
openldap
ubuntu_linux
debian_linux
leap
mac_os_x
policy_auditor
solaris
zfs_storage_appliance_kit
blockchain_platform
|
An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certain databases but wants to maintain isolation (e.g.…
|
NVD-CWE-noinfo
|
CVE-2019-13057
|
2024-11-21 13:24 |
2019-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224412
|
7.3 |
HIGH
Network
|
auth0
|
passport-sharepoint
|
Auth0 Passport-SharePoint before 0.4.0 does not validate the JWT signature of an Access Token before processing. This allows attackers to forge tokens and bypass authentication and authorization mech…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2019-13483
|
2024-11-21 13:24 |
2019-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224413
|
7.5 |
HIGH
Network
|
cat_runner\
|
_decorate_home_project
|
The application API of Cat Runner Decorate Home version 2.8.0 for Android does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable. Attackers can …
|
CWE-20
Improper Input Validation
|
CVE-2019-13097
|
2024-11-21 13:24 |
2019-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224414
|
9.8 |
CRITICAL
Network
|
tronlink
|
wallet
|
TronLink Wallet 2.2.0 stores user wallet keystore in plaintext and places them in insecure storage. An attacker can read and reuse the user keystore of a valid user via /data/data/com.tronlink.wallet…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2019-13096
|
2024-11-21 13:24 |
2019-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224415
|
6.5 |
MEDIUM
Network
|
send-anywhere
|
send_anywhere
|
The Send Anywhere application 9.4.18 for Android stores confidential information insecurely on the system (i.e., in cleartext), which allows a non-root user to find out the username/password of a val…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2019-13100
|
2024-11-21 13:24 |
2019-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224416
|
6.5 |
MEDIUM
Network
|
momo_project
|
momo
|
The Momo application 2.1.9 for Android stores confidential information insecurely on the system (i.e., in cleartext), which allows a non-root user to find out the username/password of a valid user an…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2019-13099
|
2024-11-21 13:24 |
2019-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224417
|
6.5 |
MEDIUM
Network
|
tronlink
|
wallet
|
The user password via the registration form of TronLink Wallet 2.2.0 is stored in the log when the class CreateWalletTwoActivity is called. Other authenticated users can read it in the log later. The…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2019-13098
|
2024-11-21 13:24 |
2019-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224418
|
6.1 |
MEDIUM
Network
|
sertek
|
xpare
|
An issue was discovered in Sertek Xpare 3.67. The login form does not sanitize input data. Because of this, a malicious agent could exploit the vulnerable function in order to prepare an XSS payload …
|
CWE-79
Cross-site Scripting
|
CVE-2019-13448
|
2024-11-21 13:24 |
2019-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224419
|
9.8 |
CRITICAL
Network
|
sertek
|
xpare
|
An issue was discovered in Sertek Xpare 3.67. The login form does not sanitize input data. Because of this, a malicious agent could access the backend database via SQL injection.
|
CWE-89
SQL Injection
|
CVE-2019-13447
|
2024-11-21 13:24 |
2019-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224420
|
7.5 |
HIGH
Network
|
temenos
|
cwx
|
Temenos CWX version 8.9 has an Broken Access Control vulnerability in the module /CWX/Employee/EmployeeEdit2.aspx, leading to the viewing of user information.
|
NVD-CWE-noinfo
|
CVE-2019-13403
|
2024-11-21 13:24 |
2019-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
