|
214461
|
9.8 |
CRITICAL
Network
|
tcl
|
alcatel_linkzone_firmware
|
The web interface of Alcatel LINKZONE MW40-V-V1.0 MW40_LU_02.00_02 devices is vulnerable to an authentication bypass that allows an unauthenticated user to have access to the web interface without kn…
|
CWE-287
Improper Authentication
|
CVE-2019-7163
|
2024-11-21 13:47 |
2019-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214462
|
7.5 |
HIGH
Network
|
dlink
|
dva-5592_firmware
|
The web interface of the D-Link DVA-5592 20180823 is vulnerable to an authentication bypass that allows an unauthenticated user to have access to sensitive information such as the Wi-Fi password and …
|
CWE-79
Cross-site Scripting
|
CVE-2019-6969
|
2024-11-21 13:47 |
2019-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214463
|
6.1 |
MEDIUM
Network
|
dlink
|
dva-5592_firmware
|
The web interface of the D-Link DVA-5592 20180823 is vulnerable to XSS because HTML form parameters are directly reflected.
|
CWE-79
Cross-site Scripting
|
CVE-2019-6968
|
2024-11-21 13:47 |
2019-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214464
|
6.1 |
MEDIUM
Network
|
avaya
|
aura_conferencing
|
A Cross-Site Scripting (XSS) vulnerability in the Web UI of Avaya Aura Conferencing may allow code execution and potentially disclose sensitive information. Affected versions of Avaya Aura Conferenci…
|
CWE-79
Cross-site Scripting
|
CVE-2019-7000
|
2024-11-21 13:47 |
2019-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214465
|
6.5 |
MEDIUM
Network
|
wpfastestcache
|
wp_fastest_cache
|
The WP Fastest Cache plugin through 0.8.9.0 for WordPress allows remote attackers to delete arbitrary files because wp_postratings_clear_fastest_cache and rm_folder_recursively in wpFastestCache.php …
|
CWE-22
Path Traversal
|
CVE-2019-6726
|
2024-11-21 13:47 |
2019-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214466
|
7.8 |
HIGH
Local
|
schneider-electric
|
interactive_graphical_scada_system
|
A CWE-787: Out-of-bounds Write vulnerability exists in Interactive Graphical SCADA System (IGSS), Version 14 and prior, which could cause a software crash when data in the mdb database is manipulated.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-6827
|
2024-11-21 13:47 |
2019-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214467
|
7.8 |
HIGH
Local
|
schneider-electric
|
proclima
|
A CWE-427: Uncontrolled Search Path Element vulnerability exists in ProClima (all versions prior to version 8.0.0) which could allow a malicious DLL file, with the same name of any resident DLLs insi…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2019-6825
|
2024-11-21 13:47 |
2019-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214468
|
9.8 |
CRITICAL
Network
|
schneider-electric
|
proclima
|
A CWE-119: Buffer Errors vulnerability exists in ProClima (all versions prior to version 8.0.0) which allows an unauthenticated, remote attacker to execute arbitrary code on the targeted system in al…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2019-6824
|
2024-11-21 13:47 |
2019-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214469
|
9.8 |
CRITICAL
Network
|
schneider-electric
|
proclima
|
A CWE-94: Code Injection vulnerability exists in ProClima (all versions prior to version 8.0.0) which could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system …
|
CWE-94
Code Injection
|
CVE-2019-6823
|
2024-11-21 13:47 |
2019-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214470
|
7.8 |
HIGH
Local
|
schneider-electric
|
zelio_soft_2
|
A Use After Free: CWE-416 vulnerability exists in Zelio Soft 2, V5.2 and earlier, which could cause remote code execution when opening a specially crafted Zelio Soft 2 project file.
|
CWE-416
Use After Free
|
CVE-2019-6822
|
2024-11-21 13:47 |
2019-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
