|
219761
|
2.4 |
LOW
Physics
|
systemd_project
canonical
fedoraproject
opensuse
netapp
|
systemd
ubuntu_linux
fedora
leap
cloud_backup
steelstore_cloud_integrated_storage
active_iq_unified_manager
|
An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2019-20386
|
2024-11-21 13:38 |
2020-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219762
|
8.8 |
HIGH
Network
|
logaritmo
|
aware_callmanager
|
The CSV upload feature in /supervisor/procesa_carga.php on Logaritmo Aware CallManager 2012 devices allows upload of .php files with a text/* content type. The PHP code can then be executed by visiti…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2019-20385
|
2024-11-21 13:38 |
2020-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219763
|
5.5 |
MEDIUM
Local
|
gentoo
|
portage
|
Gentoo Portage through 2.3.84 allows local users to place a Trojan horse plugin in the /usr/lib64/nagios/plugins directory by leveraging access to the nagios user account, because this directory is w…
|
CWE-362
Race Condition
|
CVE-2019-20384
|
2024-11-21 13:38 |
2020-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219764
|
6.1 |
MEDIUM
Network
|
testlink
|
testlink
|
TestLink before 1.9.20 allows XSS via non-lowercase javascript: in the index.php reqURI parameter. NOTE: this issue exists because of an incomplete fix for CVE-2019-19491.
|
CWE-79
Cross-site Scripting
|
CVE-2019-20381
|
2024-11-21 13:38 |
2020-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219765
|
7.8 |
HIGH
Local
|
trendmicro
|
antivirus_\+_security_2019
antivirus_\+_security_2020
internet_security_2019
internet_security_2020
maximum_security_2019
maximum_security_2020
premium_security_2019
premium_secu…
|
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to …
|
CWE-428
Unquoted Search Path or Element
|
CVE-2019-20357
|
2024-11-21 13:38 |
2020-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219766
|
7.8 |
HIGH
Local
|
centreon
|
centreon
|
Insecure permissions in cwrapper_perl in Centreon Infrastructure Monitoring Software through 19.10 allow local attackers to gain privileges. (cwrapper_perl is a setuid executable allowing execution o…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2019-20327
|
2024-11-21 13:38 |
2020-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219767
|
8.8 |
HIGH
Network
|
atlassian
|
bitbucket
|
Bitbucket Server and Bitbucket Data Center versions starting from 1.0.0 before 5.16.11, from version 6.0.0 before 6.0.11, from version 6.1.0 before 6.1.9, from version 6.2.0 before 6.2.7, from versio…
|
NVD-CWE-noinfo
|
CVE-2019-20097
|
2024-11-21 13:38 |
2020-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219768
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 10.8 through 12.6.1. It has Incorrect Access Control.
|
NVD-CWE-noinfo
|
CVE-2019-20144
|
2024-11-21 13:38 |
2020-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219769
|
5.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 12.6. It has Incorrect Access Control.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2019-20143
|
2024-11-21 13:38 |
2020-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219770
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 12.3 through 12.6.1. It allows Denial of Service.
|
NVD-CWE-noinfo
|
CVE-2019-20142
|
2024-11-21 13:38 |
2020-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
