|
223941
|
8.8 |
HIGH
Network
|
netgear
|
cg3700b_firmware
|
The Voo branded NETGEAR CG3700b custom firmware V2.02.03 allows CSRF against all /goform/ URIs. An attacker can modify all settings including WEP/WPA/WPA2 keys, restore the router to factory settings…
|
CWE-352
Origin Validation Error
|
CVE-2019-13395
|
2024-11-21 13:24 |
2020-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223942
|
9.8 |
CRITICAL
Network
|
netgear
|
cg3700b_firmware
|
The Voo branded NETGEAR CG3700b custom firmware V2.02.03 uses HTTP Basic Authentication over cleartext HTTP.
|
CWE-319
CWE-522
Cleartext Transmission of Sensitive Information
Insufficiently Protected Credentials
|
CVE-2019-13394
|
2024-11-21 13:24 |
2020-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223943
|
7.5 |
HIGH
Network
|
netgear
|
cg3700b_firmware
|
The Voo branded NETGEAR CG3700b custom firmware V2.02.03 uses the same default 8 character passphrase for the administrative console and the WPA2 pre-shared key. Either an attack against HTTP Basic A…
|
CWE-1188
Insecure Default Initialization of Resource
|
CVE-2019-13393
|
2024-11-21 13:24 |
2020-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223944
|
8.8 |
HIGH
Network
|
kyocera
|
ecosys_m5526cdw_firmware
|
Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by a buffer overflow vulnerability in multiple parameters of the Document Boxes functionality of the web application…
|
CWE-120
Classic Buffer Overflow
|
CVE-2019-13206
|
2024-11-21 13:24 |
2020-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223945
|
7.5 |
HIGH
Network
|
kyocera
|
ecosys_m5526cdw_firmware
|
All configuration parameters of certain Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were accessible by unauthenticated users. This information was only presented in the menus when…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2019-13205
|
2024-11-21 13:24 |
2020-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223946
|
9.8 |
CRITICAL
Network
|
kyocera
|
ecosys_m5526cdw_firmware
|
Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by multiple buffer overflow vulnerabilities in the IPP service. This would allow an unauthenticated attacker to caus…
|
CWE-120
Classic Buffer Overflow
|
CVE-2019-13204
|
2024-11-21 13:24 |
2020-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223947
|
8.8 |
HIGH
Network
|
kyocera
|
ecosys_m5526cdw_firmware
|
Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by an integer overflow vulnerability in the arg3 parameter of several functionalities of the web application that wo…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2019-13203
|
2024-11-21 13:24 |
2020-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223948
|
4.3 |
MEDIUM
Network
|
otrs
|
otrs
|
An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8. A customer user can use the search results to disclose information from their "company" tickets (with the same Custom…
|
CWE-200
Information Exposure
|
CVE-2019-13457
|
2024-11-21 13:24 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223949
|
7.5 |
HIGH
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Enterprise Edition 10.6 through 12.0.2. The GitHub project integration was vulnerable to an SSRF vulnerability which allowed an attacker to make requests to local ne…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2019-13121
|
2024-11-21 13:24 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223950
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Enterprise Edition 8.11.0 through 12.0.2. By using brute-force a user with access to a project, but not it's repository could create a list of merge requests templat…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2019-13011
|
2024-11-21 13:24 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
