|
223801
|
8.8 |
HIGH
Network
|
bd
|
pyxis_enterprise_server
pyxis_es
|
In Pyxis ES Versions 1.3.4 through to 1.6.1 and Pyxis Enterprise Server, with Windows Server Versions 4.4 through 4.12, a vulnerability has been identified where existing access privileges are not re…
|
CWE-384
Session Fixation
|
CVE-2019-13517
|
2024-11-21 13:25 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223802
|
9.8 |
CRITICAL
Network
|
egain
|
chat
|
eGain Chat 15.0.3 allows unrestricted file upload.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2019-13976
|
2024-11-21 13:25 |
2019-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223803
|
6.1 |
MEDIUM
Network
|
egain
|
chat
|
eGain Chat 15.0.3 allows HTML Injection.
|
CWE-79
Cross-site Scripting
|
CVE-2019-13975
|
2024-11-21 13:25 |
2019-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223804
|
7.8 |
HIGH
Local
|
ezautomation
|
ez_plc_editor
|
An attacker could use a specially crafted project file to corrupt the memory and execute code under the privileges of the EZ PLC Editor Versions 1.8.41 and prior.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-13522
|
2024-11-21 13:25 |
2019-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223805
|
7.8 |
HIGH
Local
|
ezautomation
|
ez_touch_editor
|
An attacker could use a specially crafted project file to overflow the buffer and execute code under the privileges of the EZ Touch Editor Versions 2.1.0 and prior.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2019-13518
|
2024-11-21 13:25 |
2019-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223806
|
8.8 |
HIGH
Network
|
datalogic
|
av7000_firmware
|
Datalogic AV7000 Linear barcode scanner all versions prior to 4.6.0.0 is vulnerable to authentication bypass, which may allow an attacker to remotely execute arbitrary code.
|
CWE-287
Improper Authentication
|
CVE-2019-13526
|
2024-11-21 13:25 |
2019-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223807
|
7.5 |
HIGH
Network
|
citrix
|
storefront_server
|
Citrix StoreFront Server before 1903, 7.15 LTSR before CU4 (3.12.4000), and 7.6 LTSR before CU8 (3.0.8000) allows XXE attacks.
|
CWE-611
XXE
|
CVE-2019-13608
|
2024-11-21 13:25 |
2019-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223808
|
5.3 |
MEDIUM
Network
|
control-webpanel
|
webpanel
|
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.848, the Login process allows attackers to check whether a username is valid by comparing response times.
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2019-13599
|
2024-11-21 13:25 |
2019-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223809
|
7.8 |
HIGH
Local
|
fujielectric
|
alpha5_smart_loader_firmware
|
Multiple buffer overflow issues have been identified in Alpha5 Smart Loader: All versions prior to 4.2. An attacker could use specially crafted project files to overflow the buffer and execute code u…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-13520
|
2024-11-21 13:25 |
2019-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223810
|
8.8 |
HIGH
Network
|
osisoft
|
pi_web_api
|
In OSIsoft PI Web API and prior, the affected product is vulnerable to a direct attack due to a cross-site request forgery protection setting that has not taken effect.
|
CWE-352
Origin Validation Error
|
CVE-2019-13516
|
2024-11-21 13:25 |
2019-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
