|
212531
|
7.8 |
HIGH
Local
|
golang
|
go
|
Go through 1.12 on Windows misuses certain LoadLibrary functionality, leading to DLL injection.
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2019-9634
|
2024-11-21 13:52 |
2019-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212532
|
6.5 |
MEDIUM
Network
|
gnome
|
glib
|
gio/gsocketclient.c in GNOME GLib 2.59.2 does not ensure that a parent GTask remains alive during the execution of a connection-attempting enumeration, which allows remote attackers to cause a denial…
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2019-9633
|
2024-11-21 13:52 |
2019-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212533
|
7.5 |
HIGH
Network
|
esafenet
|
electronic_document_security_management_system
|
ESAFENET CDG V3 and V5 has an arbitrary file download vulnerability via the fileName parameter in download.jsp because the InstallationPack parameter is mishandled in a /CDGServer3/ClientAjax request.
|
NVD-CWE-noinfo
|
CVE-2019-9632
|
2024-11-21 13:52 |
2019-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212534
|
9.8 |
CRITICAL
Network
|
freedesktop
fedoraproject
debian
|
poppler
fedora
debian_linux
|
Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-9631
|
2024-11-21 13:52 |
2019-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212535
|
8.1 |
HIGH
Network
|
illumos
oracle
|
illumos
solaris
|
An issue was discovered in Illumos in Nexenta NexentaStor 4.0.5 and 5.1.2, and other products. The SMB server allows an attacker to have unintended access, e.g., an attacker with WRITE_XATTR can chan…
|
NVD-CWE-Other
|
CVE-2019-9579
|
2024-11-21 13:51 |
2022-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212536
|
9.8 |
CRITICAL
Network
|
wyze
|
cam_pan_v2_firmware
cam_v2_firmware
cam_v3_firmware
|
A vulnerability in the authentication logic of Wyze Cam Pan v2, Cam v2, Cam v3 allows an attacker to bypass login and control the devices. This issue affects: Wyze Cam Pan v2 versions prior to 4.49.1…
|
CWE-287
Improper Authentication
|
CVE-2019-9564
|
2024-11-21 13:51 |
2022-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212537
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In /proc/net of the kernel filesystem, there is a possible information leak due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed…
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2019-9475
|
2024-11-21 13:51 |
2021-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212538
|
7.5 |
HIGH
Network
|
contiki-os
contiki-ng
|
contiki
contiki-ng
|
An issue was discovered in Contiki-NG through 4.3 and Contiki through 3.0. A buffer overflow is present due to an integer underflow during 6LoWPAN fragment processing in the face of truncated fragmen…
|
CWE-787
CWE-191
Out-of-bounds Write
Integer Underflow (Wrap or Wraparound)
|
CVE-2019-9183
|
2024-11-21 13:51 |
2020-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212539
|
9.8 |
CRITICAL
Network
|
marchnetworks
|
command_client
|
The connection initiation process in March Networks Command Client before 2.7.2 allows remote attackers to execute arbitrary code via crafted XAML objects.
|
CWE-94
Code Injection
|
CVE-2019-9163
|
2024-11-21 13:51 |
2020-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212540
|
5.4 |
MEDIUM
Network
|
vertiv
|
avocent_umg-4000_firmware
|
The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to reflected XSS in an HTTP POST parameter. The web application does not neutralize user-controllable input before disp…
|
CWE-79
Cross-site Scripting
|
CVE-2019-9509
|
2024-11-21 13:51 |
2020-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
