|
220411
|
6.7 |
MEDIUM
Local
|
dell
|
emc_recoverpoint
recoverpoint_for_virtual_machines
|
Dell EMC RecoverPoint versions prior to 5.1.3 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an OS command injection vulnerability in the installation feature of Boxmgmt CLI. A malicious …
|
CWE-78
OS Command
|
CVE-2019-3727
|
2024-11-21 13:42 |
2019-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220412
|
9.8 |
CRITICAL
Network
|
rsa
|
security_analytics
netwitness
|
RSA Netwitness Platform versions prior to 11.2.1.1 and RSA Security Analytics versions prior to 10.6.6.1 are vulnerable to a Command Injection vulnerability due to missing input validation in the pro…
|
CWE-78
OS Command
|
CVE-2019-3725
|
2024-11-21 13:42 |
2019-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220413
|
8.8 |
HIGH
Network
|
rsa
|
security_analytics
netwitness_platform
|
RSA Netwitness Platform versions prior to 11.2.1.1 is vulnerable to an Authorization Bypass vulnerability. A remote low privileged attacker could potentially exploit this vulnerability to gain access…
|
NVD-CWE-noinfo
|
CVE-2019-3724
|
2024-11-21 13:42 |
2019-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220414
|
4.8 |
MEDIUM
Network
|
mcafee
|
network_security_manager
|
Cross Site Scripting (XSS) vulnerability in McAfee Network Security Manager (NSM) Prior to 9.1 Update 5 allows an authenticated administrator to embed an XSS in the administrator interface via a spec…
|
CWE-79
Cross-site Scripting
|
CVE-2019-3602
|
2024-11-21 13:42 |
2019-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220415
|
7.5 |
HIGH
Network
|
mcafee
|
endpoint_security
|
Protection Mechanism Failure in the Firewall in McAfee Endpoint Security (ENS) 10.x prior to 10.6.1 May 2019 update allows context-dependent attackers to circumvent ENS protection where GTI flagged I…
|
NVD-CWE-Other
|
CVE-2019-3586
|
2024-11-21 13:42 |
2019-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220416
|
9.8 |
CRITICAL
Network
|
whatsapp
|
whatsapp
|
A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number. The issue affects WhatsApp for Android…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2019-3568
|
2024-11-21 13:42 |
2019-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220417
|
8.8 |
HIGH
Network
|
lifesize
|
icon_300_firmware
icon_500_firmware
icon_700_firmware
|
A Remote Code Execution issue in the DNS Query Web UI in Lifesize Icon LS_RM3_3.7.0 (2421) allows remote authenticated attackers to execute arbitrary commands via a crafted DNS Query address field in…
|
CWE-78
OS Command
|
CVE-2019-3702
|
2024-11-21 13:42 |
2019-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220418
|
5.9 |
MEDIUM
Network
|
suse
|
manager
|
SUSE Manager until version 4.0.7 and Uyuni until commit 1b426ad5ed0a7191a6fb46bb83e98ae4b99a5ade created world-readable swap files on systems that don't have a swap already configured and don't have …
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2019-3684
|
2024-11-21 13:42 |
2019-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220419
|
5.9 |
MEDIUM
Network
|
whatsapp
|
whatsapp
whatsapp_business
|
A bug in WhatsApp for Android's messaging logic would potentially allow a malicious individual who has taken over over a WhatsApp user's account to recover previously sent messages. This behavior req…
|
NVD-CWE-noinfo
|
CVE-2019-3566
|
2024-11-21 13:42 |
2019-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220420
|
6.5 |
MEDIUM
Network
|
vmware
oracle
|
spring_cloud_config
communications_cloud_native_core_policy
|
Spring Cloud Config, versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6, and older unsupported versions allow applications to serve arbitrary configuratio…
|
CWE-22
Path Traversal
|
CVE-2019-3799
|
2024-11-21 13:42 |
2019-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
