|
218901
|
7.2 |
HIGH
Network
|
arubanetworks
|
airwave
|
An administrative application user of or application user with write access to Aruba Airwave VisualRF is able to obtain code execution on the AMP platform. This is possible due to the ability to over…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2019-5326
|
2024-11-21 13:44 |
2020-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218902
|
7.2 |
HIGH
Network
|
arubanetworks
|
airwave
|
There are command injection vulnerabilities present in the AirWave application. Certain input fields controlled by an administrative user are not properly sanitized before being parsed by AirWave. If…
|
CWE-77
Command Injection
|
CVE-2019-5323
|
2024-11-21 13:44 |
2020-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218903
|
4.3 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitte…
|
CWE-352
Origin Validation Error
|
CVE-2019-4726
|
2024-11-21 13:44 |
2020-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218904
|
7.2 |
HIGH
Network
|
moxa
|
awk-3131a_firmware
|
An exploitable authentication bypass vulnerability exists in the hostname processing of the Moxa AWK-3131A firmware version 1.13. A specially configured device hostname can cause the device to interp…
|
CWE-287
Improper Authentication
|
CVE-2019-5165
|
2024-11-21 13:44 |
2020-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218905
|
8.8 |
HIGH
Network
|
moxa
|
awk-3131a_firmware
|
An exploitable improper access control vulnerability exists in the iw_webs account settings functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted user name entry can cause th…
|
NVD-CWE-noinfo
|
CVE-2019-5162
|
2024-11-21 13:44 |
2020-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218906
|
8.8 |
HIGH
Network
|
moxa
|
awk-3131a_firmware
|
An exploitable remote code execution vulnerability exists in the iw_webs configuration parsing functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted user name entry can cause…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-5153
|
2024-11-21 13:44 |
2020-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218907
|
7.5 |
HIGH
Network
|
moxa
|
awk-3131a_firmware
|
An exploitable denial-of-service vulnerability exists in ServiceAgent functionality of the Moxa AWK-3131A, firmware version 1.13. A specially crafted packet can cause an integer underflow, triggering…
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2019-5148
|
2024-11-21 13:44 |
2020-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218908
|
8.8 |
HIGH
Network
|
moxa
|
awk-3131a_firmware
|
An exploitable format string vulnerability exists in the iw_console conio_writestr functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted time server entry can cause an overfl…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2019-5143
|
2024-11-21 13:44 |
2020-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218909
|
7.2 |
HIGH
Network
|
moxa
|
awk-3131a_firmware
|
An exploitable command injection vulnerability exists in the hostname functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted entry to network configuration information can cau…
|
CWE-78
OS Command
|
CVE-2019-5142
|
2024-11-21 13:44 |
2020-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218910
|
8.8 |
HIGH
Network
|
moxa
|
awk-3131a_firmware
|
An exploitable command injection vulnerability exists in the iw_webs functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted iw_serverip parameter can cause user input to be re…
|
CWE-78
OS Command
|
CVE-2019-5141
|
2024-11-21 13:44 |
2020-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
