|
224111
|
5.3 |
MEDIUM
Network
|
digium
debian
|
certified_asterisk
asterisk
debian_linux
|
An issue was discovered in Asterisk Open Source through 13.27.0, 14.x and 15.x through 15.7.2, and 16.x through 16.4.0, and Certified Asterisk through 13.21-cert3. A pointer dereference in chan_sip w…
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-13161
|
2024-11-21 13:24 |
2019-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224112
|
9.8 |
CRITICAL
Network
|
realization
|
concerto_critical_chain_planner
|
Realization Concerto Critical Chain Planner (aka CCPM) 5.10.8071 has SQL Injection in at least in the taskupdt/taskdetails.aspx webpage via the projectname parameter.
|
CWE-89
SQL Injection
|
CVE-2019-13027
|
2024-11-21 13:24 |
2019-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224113
|
4.8 |
MEDIUM
Network
|
vanderbilt
|
redcap
|
Multiple stored Cross-site scripting (XSS) issues in the admin panel and survey system in REDCap 8 before 8.10.20 and 9 before 9.1.2 allow an attacker to inject arbitrary malicious HTML or JavaScript…
|
CWE-79
Cross-site Scripting
|
CVE-2019-13029
|
2024-11-21 13:24 |
2019-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224114
|
8.8 |
HIGH
Network
|
dlink
|
dir-818lw_firmware
|
An issue was discovered on D-Link DIR-818LW devices with firmware 2.06betab01. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the Type field to Se…
|
CWE-78
OS Command
|
CVE-2019-13482
|
2024-11-21 13:24 |
2019-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224115
|
8.8 |
HIGH
Network
|
dlink
|
dir-818lw_firmware
|
An issue was discovered on D-Link DIR-818LW devices with firmware 2.06betab01. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the MTU field to Set…
|
CWE-78
OS Command
|
CVE-2019-13481
|
2024-11-21 13:24 |
2019-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224116
|
9.8 |
CRITICAL
Network
|
zeromq
debian
canonical
fedoraproject
|
libzmq
debian_linux
ubuntu_linux
fedora
|
In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/a…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-13132
|
2024-11-21 13:24 |
2019-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224117
|
9.8 |
CRITICAL
Network
|
trendnet
|
tew-827dru_firmware
|
TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains multiple stack-based buffer overflows when processing user input for the setup wizard, allowing an unauthenticated user to execu…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-13279
|
2024-11-21 13:24 |
2019-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224118
|
9.8 |
CRITICAL
Network
|
trendnet
|
tew-827dru_firmware
|
TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains multiple command injections when processing user input for the setup wizard, allowing an unauthenticated user to run arbitrary c…
|
CWE-78
OS Command
|
CVE-2019-13278
|
2024-11-21 13:24 |
2019-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224119
|
9.8 |
CRITICAL
Network
|
trendnet
|
tew-827dru_firmware
|
TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains a stack-based buffer overflow in the ssi binary. The overflow allows an unauthenticated user to execute arbitrary code by provid…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-13276
|
2024-11-21 13:24 |
2019-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224120
|
6.1 |
MEDIUM
Network
|
ozlabs
|
patchwork
|
A Cross Site Scripting (XSS) vulnerability exists in the template tag used to render message ids in Patchwork v1.1 through v2.1.x. This allows an attacker to insert JavaScript or HTML into the patch …
|
CWE-79
Cross-site Scripting
|
CVE-2019-13122
|
2024-11-21 13:24 |
2019-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
