|
212451
|
7.2 |
HIGH
Network
|
veritas
|
netbackup_appliance
|
An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The proxy server password is displayed to an administrator.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2019-9867
|
2024-11-21 13:52 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212452
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel through 5.0.2, the function inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c neglects to call fsnotify_put_mark() with IN_MASK_CREATE after fsnotify_find_mark()…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2019-9857
|
2024-11-21 13:52 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212453
|
6.1 |
MEDIUM
Network
|
openid
|
openid_connect
|
Doorkeeper::OpenidConnect (aka the OpenID Connect extension for Doorkeeper) 1.4.x and 1.5.x before 1.5.4 has an open redirect via the redirect_uri field in an OAuth authorization request (that result…
|
CWE-601
Open Redirect
|
CVE-2019-9837
|
2024-11-21 13:52 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212454
|
9.6 |
CRITICAL
Adjacent
|
fujitsu
|
lx901_firmware
gk900_firmware
|
The receiver (aka bridge) component of Fujitsu Wireless Keyboard Set LX901 GK900 devices allows Keystroke Injection. This occurs because it accepts unencrypted 2.4 GHz packets, even though all legiti…
|
NVD-CWE-noinfo
|
CVE-2019-9835
|
2024-11-21 13:52 |
2019-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212455
|
7.5 |
HIGH
Network
|
screen_stream_project
|
screen_stream
|
The Screen Stream application through 3.0.15 for Android allows remote attackers to cause a denial of service via many simultaneous /start-stop requests.
|
NVD-CWE-noinfo
|
CVE-2019-9833
|
2024-11-21 13:52 |
2019-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212456
|
7.5 |
HIGH
Network
|
airdrop_project
|
airdrop
|
The AirDrop application through 2.0 for Android allows remote attackers to cause a denial of service via a client that makes many socket connections through a configured port.
|
NVD-CWE-noinfo
|
CVE-2019-9832
|
2024-11-21 13:52 |
2019-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212457
|
7.5 |
HIGH
Network
|
airmore
|
airmore
|
The AirMore application through 1.6.1 for Android allows remote attackers to cause a denial of service (system hang) via many simultaneous /?Key=PhoneRequestAuthorization requests.
|
NVD-CWE-noinfo
|
CVE-2019-9831
|
2024-11-21 13:52 |
2019-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212458
|
6.1 |
MEDIUM
Network
|
netdata
|
netdata
|
The Netdata web application through 1.13.0 allows remote attackers to inject their own malicious HTML code into an imported snapshot, aka HTML Injection. Successful exploitation will allow attacker-s…
|
CWE-79
Cross-site Scripting
|
CVE-2019-9834
|
2024-11-21 13:52 |
2019-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212459
|
8.8 |
HIGH
Network
|
maccms
|
maccms
|
Maccms 10 allows remote attackers to execute arbitrary PHP code by entering this code in a template/default_pc/html/art Edit action. This occurs because template rendering uses an include operation o…
|
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2019-9829
|
2024-11-21 13:52 |
2019-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212460
|
9.8 |
CRITICAL
Network
|
feifeicms
|
feifeicms
|
FeiFeiCMS 4.1.190209 allows remote attackers to upload and execute arbitrary PHP code by visiting index.php?s=Admin-Index to modify the set of allowable file extensions, as demonstrated by adding php…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2019-9825
|
2024-11-21 13:52 |
2019-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
