|
224031
|
8.8 |
HIGH
Network
|
eng
|
knowage
|
In Knowage through 6.1.1, an authenticated user who accesses the datasources page will gain access to any data source credentials in cleartext, which includes databases.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2019-13348
|
2024-11-21 13:24 |
2019-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224032
|
6.1 |
MEDIUM
Network
|
eng
|
knowage
|
In Knowage through 6.1.1, there is XSS via the start_url or user_id field to the ChangePwdServlet page.
|
CWE-79
Cross-site Scripting
|
CVE-2019-13189
|
2024-11-21 13:24 |
2019-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224033
|
8.8 |
HIGH
Adjacent
|
edimax
|
br-6208ac_v1_firmware
|
Edimax BR-6208AC V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. In order to transfer data from the host network …
|
CWE-20
Improper Input Validation
|
CVE-2019-13270
|
2024-11-21 13:24 |
2019-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224034
|
8.8 |
HIGH
Adjacent
|
edimax
|
br-6208ac_v1_firmware
|
Edimax BR-6208AC V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. A DHCP Request is sent to the router with a cert…
|
CWE-20
Improper Input Validation
|
CVE-2019-13269
|
2024-11-21 13:24 |
2019-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224035
|
8.8 |
HIGH
Adjacent
|
tp-link
|
archer_c3200_v1_firmware
archer_c2_v1_firmware
|
TP-Link Archer C3200 V1 and Archer C2 V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. They forward ARP requests, …
|
CWE-20
Improper Input Validation
|
CVE-2019-13268
|
2024-11-21 13:24 |
2019-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224036
|
9.8 |
CRITICAL
Network
|
xymon
debian
|
xymon
debian_linux
|
In Xymon through 4.3.28, a stack-based buffer overflow exists in the status-log viewer component because of expansion in svcstatus.c.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-13486
|
2024-11-21 13:24 |
2019-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224037
|
9.8 |
CRITICAL
Network
|
xymon
debian
|
xymon
debian_linux
|
In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the history viewer component via a long hostname or service parameter to history.c.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-13485
|
2024-11-21 13:24 |
2019-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224038
|
9.8 |
CRITICAL
Network
|
xymon
debian
|
xymon
debian_linux
|
In Xymon through 4.3.28, a buffer overflow exists in the status-log viewer CGI because of expansion in appfeed.c.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2019-13484
|
2024-11-21 13:24 |
2019-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224039
|
9.8 |
CRITICAL
Network
|
xymon
debian
|
xymon
debian_linux
|
In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the alert acknowledgment CGI tool because of expansion in acknowledge.c.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-13455
|
2024-11-21 13:24 |
2019-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224040
|
8.8 |
HIGH
Adjacent
|
tp-link
|
archer_c3200_v1_firmware
archer_c2_v1_firmware
|
TP-Link Archer C3200 V1 and Archer C2 V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. In order to transfer data f…
|
NVD-CWE-noinfo
|
CVE-2019-13267
|
2024-11-21 13:24 |
2019-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
