|
224431
|
8.8 |
HIGH
Network
|
dlink
|
dir-818lw_firmware
|
An issue was discovered on D-Link DIR-818LW devices with firmware 2.06betab01. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the Type field to Se…
|
CWE-78
OS Command
|
CVE-2019-13482
|
2024-11-21 13:24 |
2019-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224432
|
8.8 |
HIGH
Network
|
dlink
|
dir-818lw_firmware
|
An issue was discovered on D-Link DIR-818LW devices with firmware 2.06betab01. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the MTU field to Set…
|
CWE-78
OS Command
|
CVE-2019-13481
|
2024-11-21 13:24 |
2019-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224433
|
9.8 |
CRITICAL
Network
|
zeromq
debian
canonical
fedoraproject
|
libzmq
debian_linux
ubuntu_linux
fedora
|
In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/a…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-13132
|
2024-11-21 13:24 |
2019-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224434
|
9.8 |
CRITICAL
Network
|
trendnet
|
tew-827dru_firmware
|
TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains multiple stack-based buffer overflows when processing user input for the setup wizard, allowing an unauthenticated user to execu…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-13279
|
2024-11-21 13:24 |
2019-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224435
|
9.8 |
CRITICAL
Network
|
trendnet
|
tew-827dru_firmware
|
TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains multiple command injections when processing user input for the setup wizard, allowing an unauthenticated user to run arbitrary c…
|
CWE-78
OS Command
|
CVE-2019-13278
|
2024-11-21 13:24 |
2019-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224436
|
9.8 |
CRITICAL
Network
|
trendnet
|
tew-827dru_firmware
|
TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains a stack-based buffer overflow in the ssi binary. The overflow allows an unauthenticated user to execute arbitrary code by provid…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-13276
|
2024-11-21 13:24 |
2019-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224437
|
6.1 |
MEDIUM
Network
|
ozlabs
|
patchwork
|
A Cross Site Scripting (XSS) vulnerability exists in the template tag used to render message ids in Patchwork v1.1 through v2.1.x. This allows an attacker to insert JavaScript or HTML into the patch …
|
CWE-79
Cross-site Scripting
|
CVE-2019-13122
|
2024-11-21 13:24 |
2019-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224438
|
5.3 |
MEDIUM
Network
|
getflightpath
|
flightpath
|
FlightPath 4.x and 5.0-x allows directory traversal and Local File Inclusion through the form_include parameter in an index.php?q=system-handle-form-submit POST request because of an include_once in …
|
CWE-22
Path Traversal
|
CVE-2019-13396
|
2024-11-21 13:24 |
2019-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224439
|
5.9 |
MEDIUM
Network
|
glpi-project
|
glpi
|
An issue was discovered in GLPI before 9.4.1. After a successful password reset by a user, it is possible to change that user's password again during the next 24 hours without any information except …
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2019-13240
|
2024-11-21 13:24 |
2019-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224440
|
6.5 |
MEDIUM
Network
|
oniguruma_project
fedoraproject
|
oniguruma
fedora
|
A NULL Pointer Dereference in match_at() in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause denial of service by providing a crafted regular expression. Oniguruma issues often affe…
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-13225
|
2024-11-21 13:24 |
2019-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
