|
221811
|
7.5 |
HIGH
Network
|
dlink
|
dsl-2680_firmware
|
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to change DNS servers without being authenticated on the admin interfac…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2019-19225
|
2024-11-21 13:34 |
2020-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221812
|
7.5 |
HIGH
Network
|
dlink
|
dsl-2680_firmware
|
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to download the configuration (binary file) settings by submitting a ro…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2019-19224
|
2024-11-21 13:34 |
2020-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221813
|
7.5 |
HIGH
Network
|
dlink
|
dsl-2680_firmware
|
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to reboot the router by submitting a reboot.html GET request without be…
|
CWE-79
CWE-444
Cross-site Scripting
HTTP Request Smuggling
|
CVE-2019-19223
|
2024-11-21 13:34 |
2020-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221814
|
5.4 |
MEDIUM
Network
|
dlink
|
dsl-2680_firmware
|
A Stored XSS issue in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an authenticated attacker to inject arbitrary JavaScript code into the info.html administration page b…
|
CWE-79
Cross-site Scripting
|
CVE-2019-19222
|
2024-11-21 13:34 |
2020-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221815
|
6.1 |
MEDIUM
Network
|
mitel
|
micollab_audio\
_web_\&_video_conferencing
|
A cross-site scripting (XSS) vulnerability in the web conferencing component of Mitel MiCollab AWV before 8.1.2.2 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (…
|
CWE-79
Cross-site Scripting
|
CVE-2019-19371
|
2024-11-21 13:34 |
2020-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221816
|
6.1 |
MEDIUM
Network
|
mitel
|
micollab
|
A cross-site scripting (XSS) vulnerability in the web conferencing component of the Mitel MiCollab application before 9.0.15 for Android could allow an unauthenticated attacker to conduct a reflected…
|
CWE-79
Cross-site Scripting
|
CVE-2019-19370
|
2024-11-21 13:34 |
2020-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221817
|
6.1 |
MEDIUM
Network
|
heroplugins
|
hero_maps_premium
|
The Hero Maps Premium plugin 2.2.1 and prior for WordPress is prone to unauthenticated XSS via the views/dashboard/index.php p parameter because it fails to sufficiently sanitize user-supplied input.…
|
CWE-79
Cross-site Scripting
|
CVE-2019-19134
|
2024-11-21 13:34 |
2020-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221818
|
7.8 |
HIGH
Local
|
patriotmemory
|
viper_rgb_driver
|
A buffer overflow was found in Patriot Viper RGB through 1.1 when processing IoControlCode 0x80102040. Local attackers (including low integrity processes) can exploit this to gain NT AUTHORITY\SYSTEM…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-19452
|
2024-11-21 13:34 |
2020-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221819
|
6.1 |
MEDIUM
Network
|
silverstripe
|
silverstripe
|
SilverStripe through 4.4.x before 4.4.5 and 4.5.x before 4.5.2 allows Reflected XSS on the login form and custom forms. Silverstripe Forms allow malicious HTML or JavaScript to be inserted through no…
|
CWE-79
Cross-site Scripting
|
CVE-2019-19325
|
2024-11-21 13:34 |
2020-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221820
|
6.5 |
MEDIUM
Adjacent
|
st
|
wb55
bluenrg-2
|
The Bluetooth Low Energy implementation on STMicroelectronics BLE Stack through 1.3.1 for STM32WB5x devices does not properly handle consecutive Attribute Protocol (ATT) requests on reception, allowi…
|
CWE-20
Improper Input Validation
|
CVE-2019-19192
|
2024-11-21 13:34 |
2020-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
