|
222811
|
7.8 |
HIGH
Local
|
verifone
|
verix_os
|
Verifone VerixV Pinpad Payment Terminals with QT000530 allow bypass of integrity and origin control for S1G file generation.
|
NVD-CWE-noinfo
|
CVE-2019-14712
|
2024-11-21 13:27 |
2020-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222812
|
7.0 |
HIGH
Local
|
verifone
|
mx900_firmware
|
Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have a race condition for RBAC bypass.
|
CWE-362
Race Condition
|
CVE-2019-14711
|
2024-11-21 13:27 |
2020-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222813
|
4.4 |
MEDIUM
Local
|
kaiostech
|
kaios
|
An issue was discovered in KaiOS 2.5. The pre-installed Note application is vulnerable to HTML and JavaScript injection attacks. A local attacker can inject arbitrary HTML into the Note application. …
|
CWE-79
Cross-site Scripting
|
CVE-2019-14761
|
2024-11-21 13:27 |
2020-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222814
|
4.4 |
MEDIUM
Local
|
kaiostech
|
kaios
|
An issue was discovered in KaiOS 2.5. The pre-installed Recorder application is vulnerable to HTML and JavaScript injection attacks. A local attacker can inject arbitrary HTML into the Recorder appli…
|
CWE-79
Cross-site Scripting
|
CVE-2019-14760
|
2024-11-21 13:27 |
2020-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222815
|
4.4 |
MEDIUM
Local
|
kaiostech
|
kaios
|
An issue was discovered in KaiOS 1.0, 2.5, and 2.5.1. The pre-installed Radio application is vulnerable to HTML and JavaScript injection attacks. A local attacker can inject arbitrary HTML into the R…
|
CWE-79
Cross-site Scripting
|
CVE-2019-14759
|
2024-11-21 13:27 |
2020-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222816
|
6.1 |
MEDIUM
Network
|
kaiostech
|
kaios
|
An issue was discovered in KaiOS 2.5 and 2.5.1. The pre-installed File Manager application is vulnerable to HTML and JavaScript injection attacks. An attacker can send a file via email to the victim …
|
CWE-79
Cross-site Scripting
|
CVE-2019-14758
|
2024-11-21 13:27 |
2020-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222817
|
6.1 |
MEDIUM
Network
|
kaiostech
|
kaios
|
An issue was discovered in KaiOS 2.5 and 2.5.1. The pre-installed Contacts application is vulnerable to HTML and JavaScript injection attacks. An attacker can send a vCard file to the victim that wil…
|
CWE-79
Cross-site Scripting
|
CVE-2019-14757
|
2024-11-21 13:27 |
2020-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222818
|
6.1 |
MEDIUM
Network
|
kaiostech
|
kaios
|
An issue was discovered in KaiOS 1.0, 2.5, and 2.5.12.5. The pre-installed Email application is vulnerable to HTML and JavaScript injection attacks. An attacker can send a specially crafted email to …
|
CWE-79
Cross-site Scripting
|
CVE-2019-14756
|
2024-11-21 13:27 |
2020-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222819
|
7.3 |
HIGH
Local
|
redhat
debian
|
ansible
debian_linux
|
A flaw was found in the solaris_zone module from the Ansible Community modules. When setting the name for the zone on the Solaris host, the zone name is checked by listing the process with the 'ps' b…
|
-
|
CVE-2019-14904
|
2024-11-21 13:27 |
2020-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222820
|
6.5 |
MEDIUM
Adjacent
|
intel
|
ax201_firmware
ax200_firmware
ac_9560_firmware
ac_9462_firmware
ac_9461_firmware
ac_9260_firmware
ac_8265_firmware
ac_8260_firmware
ac_3168_firmware
ac_7265_firmware
ac_…
|
Insufficient control flow management for some Intel(R) Wireless Bluetooth(R) products may allow an unprivileged user to potentially enable denial of service via adjacent access.
|
NVD-CWE-noinfo
|
CVE-2019-14620
|
2024-11-21 13:27 |
2020-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
