|
212571
|
6.7 |
MEDIUM
Local
|
google
|
android
|
In the Bootloader, there is a possible kernel command injection due to missing command sanitization. This could lead to a local elevation of privilege with System execution privileges needed. User in…
|
CWE-20
CWE-77
Improper Input Validation
Command Injection
|
CVE-2019-9467
|
2024-11-21 13:51 |
2019-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212572
|
6.5 |
MEDIUM
Network
|
darktrace
|
enterprise_immune_system
|
Darktrace Enterprise Immune System before 3.1 allows CSRF via the /config endpoint.
|
CWE-352
Origin Validation Error
|
CVE-2019-9597
|
2024-11-21 13:51 |
2019-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212573
|
6.5 |
MEDIUM
Network
|
darktrace
|
enterprise_immune_system
|
Darktrace Enterprise Immune System before 3.1 allows CSRF via the /whitelisteddomains endpoint.
|
CWE-352
Origin Validation Error
|
CVE-2019-9596
|
2024-11-21 13:51 |
2019-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212574
|
7.8 |
HIGH
Local
|
trendmicro
|
anti-threat_toolkit
|
Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below have a vulnerability that may allow an attacker to place malicious files in the same directory, potentially leading to arbitrary …
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2019-9491
|
2024-11-21 13:51 |
2019-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212575
|
7.8 |
HIGH
Local
|
cobham
|
explorer_710_firmware
|
The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image. Development scripts left in the firmware can be used to upload a custom firmware image that the device runs. This…
|
CWE-494
Download of Code Without Integrity Check
|
CVE-2019-9534
|
2024-11-21 13:51 |
2019-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212576
|
9.8 |
CRITICAL
Network
|
cobham
|
explorer_710_firmware
|
The root password of the Cobham EXPLORER 710 is the same for all versions of firmware up to and including v1.08. This could allow an attacker to reverse-engineer the password from available versions …
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2019-9533
|
2024-11-21 13:51 |
2019-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212577
|
7.8 |
HIGH
Local
|
cobham
|
explorer_710_firmware
|
The web application portal of the Cobham EXPLORER 710, firmware version 1.07, sends the login password in cleartext. This could allow an unauthenticated, local attacker to intercept the password and …
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2019-9532
|
2024-11-21 13:51 |
2019-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212578
|
9.8 |
CRITICAL
Network
|
cobham
|
explorer_710_firmware
|
The web application portal of the Cobham EXPLORER 710, firmware version 1.07, allows unauthenticated access to port 5454. This could allow an unauthenticated, remote attacker to connect to this port …
|
CWE-287
Improper Authentication
|
CVE-2019-9531
|
2024-11-21 13:51 |
2019-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212579
|
5.5 |
MEDIUM
Local
|
cobham
|
explorer_710_firmware
|
The web root directory of the Cobham EXPLORER 710, firmware version 1.07, has no access restrictions on downloading and reading all files. This could allow an unauthenticated, local attacker connecte…
|
NVD-CWE-Other
|
CVE-2019-9530
|
2024-11-21 13:51 |
2019-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212580
|
5.5 |
MEDIUM
Local
|
cobham
|
explorer_710_firmware
|
The web application portal of the Cobham EXPLORER 710, firmware version 1.07, has no authentication by default. This could allow an unauthenticated, local attacker connected to the device to access t…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2019-9529
|
2024-11-21 13:51 |
2019-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
