|
218741
|
9.8 |
CRITICAL
Network
|
aveva
|
indusoft_web_studio
intouch_machine_edition_2014
|
AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly InTouch Machine Edition) prior to Version 2017 Update. Code is executed under the program runtime privi…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2019-6543
|
2024-11-21 13:46 |
2019-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218742
|
7.8 |
HIGH
Local
|
we-con
|
levistudiou
|
A memory corruption vulnerability has been identified in WECON LeviStudioU version 1.8.56 and prior, which may allow arbitrary code execution. Mat Powell, Ziad Badawi, and Natnael Samson working with…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-6541
|
2024-11-21 13:46 |
2019-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218743
|
7.8 |
HIGH
Local
|
we-con
|
levistudiou
|
Several heap-based buffer overflow vulnerabilities in WECON LeviStudioU version 1.8.56 and prior have been identified, which may allow arbitrary code execution. Mat Powell, Ziad Badawi, and Natnael S…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-6539
|
2024-11-21 13:46 |
2019-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218744
|
7.8 |
HIGH
Local
|
we-con
|
levistudiou
|
Multiple stack-based buffer overflow vulnerabilities in WECON LeviStudioU version 1.8.56 and prior may be exploited when parsing strings within project files. The process does not properly validate t…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-6537
|
2024-11-21 13:46 |
2019-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218745
|
7.2 |
HIGH
Network
|
kunbus
|
pr100088_modbus_gateway_firmware
|
An attacker could retrieve plain-text credentials stored in a XML file on PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166) through FTP.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2019-6549
|
2024-11-21 13:46 |
2019-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218746
|
9.1 |
CRITICAL
Network
|
kunbus
|
pr100088_modbus_gateway_firmware
|
Registers used to store Modbus values can be read and written from the web interface without authentication in the PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2019-6533
|
2024-11-21 13:46 |
2019-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218747
|
9.8 |
CRITICAL
Network
|
kunbus
|
pr100088_modbus_gateway_firmware
|
PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166) may allow an attacker to be able to change the password for an admin user who is currently or previously logged i…
|
CWE-287
Improper Authentication
|
CVE-2019-6527
|
2024-11-21 13:46 |
2019-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218748
|
5.3 |
MEDIUM
Network
|
lexmark
|
xm5163_firmware
xm5170_firmware
xm7155_firmware
xm7163_firmware
xm7170_firmware
xm7155x_firmware
xm7163x_firmware
xm7170x_firmware
cx310_firmware
cx410_firmware
cx510_fi…
|
Certain Lexmark CX, MX, X, XC, XM, XS, and 6500e devices before 2019-02-11 allow remote attackers to erase stored shortcuts.
|
NVD-CWE-noinfo
|
CVE-2019-6489
|
2024-11-21 13:46 |
2019-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218749
|
7.2 |
HIGH
Network
|
kentico
|
kentico
|
Kentico v10.0.42 allows Global Administrators to read the cleartext SMTP Password by navigating to the SMTP configuration page. NOTE: the vendor considers this a best-practice violation but not a vul…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2019-6242
|
2024-11-21 13:46 |
2019-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218750
|
9.8 |
CRITICAL
Network
|
forcepoint
|
user_id
|
Forcepoint User ID (FUID) server versions up to 1.2 have a remote arbitrary file upload vulnerability on TCP port 5001. Successful exploitation of this vulnerability may lead to remote code execution…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2019-6139
|
2024-11-21 13:46 |
2019-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
