|
224361
|
9.8 |
CRITICAL
Network
|
activesoft
|
mybuilder
|
ActiveX Control in MyBuilder before 6.2.2019.814 allow an attacker to execute arbitrary command via the ShellOpen method. This can be leveraged for code execution
|
CWE-78
OS Command
|
CVE-2019-12811
|
2024-11-21 13:23 |
2019-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224362
|
5.3 |
MEDIUM
Network
|
jetbrains
|
ktor
|
UserHashedTableAuth in JetBrains Ktor framework before 1.2.0-rc uses a One-Way Hash with a Predictable Salt for storing user credentials.
|
CWE-916
Use of Password Hash With Insufficient Computational Effort
|
CVE-2019-12737
|
2024-11-21 13:23 |
2019-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224363
|
9.8 |
CRITICAL
Network
|
jetbrains
|
ktor
|
JetBrains Ktor framework before 1.2.0-rc does not sanitize the username provided by the user for the LDAP protocol, leading to command injection.
|
CWE-77
Command Injection
|
CVE-2019-12736
|
2024-11-21 13:23 |
2019-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224364
|
6.1 |
MEDIUM
Network
|
cisco
|
unified_communications_manager
|
A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) could allow an unauthenticated, remote att…
|
CWE-79
Cross-site Scripting
|
CVE-2019-12716
|
2024-11-21 13:23 |
2019-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224365
|
6.1 |
MEDIUM
Network
|
cisco
|
unified_communications_manager
|
A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) could allow an unauthenticated, remote att…
|
CWE-79
Cross-site Scripting
|
CVE-2019-12715
|
2024-11-21 13:23 |
2019-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224366
|
6.5 |
MEDIUM
Network
|
cisco
|
ic3000_industrial_compute_gateway_firmware
|
A vulnerability in the web-based management interface of Cisco IC3000 Industrial Compute Gateway could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affec…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2019-12714
|
2024-11-21 13:23 |
2019-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224367
|
6.1 |
MEDIUM
Network
|
cisco
|
prime_infrastructure
|
A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of th…
|
CWE-79
Cross-site Scripting
|
CVE-2019-12713
|
2024-11-21 13:23 |
2019-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224368
|
7.5 |
HIGH
Network
|
cisco
|
firepower
|
Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file ty…
|
NVD-CWE-Other
|
CVE-2019-12697
|
2024-11-21 13:23 |
2019-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224369
|
7.5 |
HIGH
Network
|
cisco
|
firepower
|
Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file ty…
|
NVD-CWE-Other
|
CVE-2019-12696
|
2024-11-21 13:23 |
2019-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224370
|
8.8 |
HIGH
Network
|
cisco
|
firepower_management_center
|
A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is du…
|
CWE-20
Improper Input Validation
|
CVE-2019-12688
|
2024-11-21 13:23 |
2019-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
