|
212561
|
6.1 |
MEDIUM
Network
|
telos
|
automated_message_handling_system
|
: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the LDAP cbURL parameter of Telos Automated Message Handling System allows a remote attacker to…
|
CWE-79
Cross-site Scripting
|
CVE-2019-9538
|
2024-11-21 13:51 |
2020-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212562
|
6.1 |
MEDIUM
Network
|
telos
|
automated_message_handling_system
|
: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uploaditem.asp of Telos Automated Message Handling System allows a remote attacker to inject ar…
|
CWE-79
Cross-site Scripting
|
CVE-2019-9537
|
2024-11-21 13:51 |
2020-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212563
|
5.4 |
MEDIUM
Network
|
fiberhomegroup
|
an5506-04-f_firmware
|
FiberHome an5506-04-f RP2669 devices have XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2019-9556
|
2024-11-21 13:51 |
2020-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212564
|
6.1 |
MEDIUM
Network
|
craftcms
|
craft_cms
|
In the 3.1.12 Pro version of Craft CMS, XSS has been discovered in the header insertion field when adding source code at an s/admin/entries/news/new URI.
|
CWE-79
Cross-site Scripting
|
CVE-2019-9554
|
2024-11-21 13:51 |
2020-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212565
|
6.1 |
MEDIUM
Network
|
boltcms
|
bolt
|
Bolt 3.6.4 has XSS via the slug, teaser, or title parameter to editcontent/pages, a related issue to CVE-2017-11128 and CVE-2018-19933.
|
CWE-79
Cross-site Scripting
|
CVE-2019-9553
|
2024-11-21 13:51 |
2020-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212566
|
6.1 |
MEDIUM
Network
|
paessler
|
prtg_network_monitor
|
PRTG Network Monitor v7.1.3.3378 allows XSS via the /search.htm searchtext parameter. NOTE: This product is discontinued.
|
CWE-79
Cross-site Scripting
|
CVE-2019-9207
|
2024-11-21 13:51 |
2020-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212567
|
6.1 |
MEDIUM
Network
|
paessler
|
prtg_network_monitor
|
PRTG Network Monitor v7.1.3.3378 allows XSS via the /public/login.htm errormsg or loginurl parameter. NOTE: This product is discontinued.
|
CWE-79
Cross-site Scripting
|
CVE-2019-9206
|
2024-11-21 13:51 |
2020-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212568
|
8.8 |
HIGH
Network
|
unity3d
|
unity_editor
|
The com.unity3d.kharma protocol handler in Unity Editor 2018.3 allows remote attackers to execute arbitrary code.
|
CWE-78
OS Command
|
CVE-2019-9197
|
2024-11-21 13:51 |
2020-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212569
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In various functions of RecentLocationApps.java, DevicePolicyManagerService.java, and RecognitionService.java, there is an incorrect warning indicating an app accessed the user's location. This could…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2019-9464
|
2024-11-21 13:51 |
2019-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212570
|
6.8 |
MEDIUM
Physics
|
apple
|
iphone_3gs
|
Apple iPhone 3GS bootrom malloc implementation returns a non-NULL pointer when unable to allocate memory, aka 'alloc8'. An attacker with physical access to the device can install arbitrary firmware.
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2019-9536
|
2024-11-21 13:51 |
2019-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
