|
220331
|
8.8 |
HIGH
Network
|
atlassian
|
confluence
confluence_server
|
There was a local file disclosure vulnerability in Confluence Server and Confluence Data Center via page exporting. An attacker with permission to editing a page is able to exploit this issue to read…
|
CWE-22
Path Traversal
|
CVE-2019-3394
|
2024-11-21 13:42 |
2019-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220332
|
5.5 |
MEDIUM
Local
|
mcafee
|
data_loss_prevention_endpoint
|
Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to "blue screen" via an encrypted message sent to DLPe…
|
CWE-119
CWE-125
Incorrect Access of Indexable Resource ('Range Error')
Out-of-bounds Read
|
CVE-2019-3634
|
2024-11-21 13:42 |
2019-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220333
|
5.5 |
MEDIUM
Local
|
mcafee
|
data_loss_prevention_endpoint
|
Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to "blue screen" via a carefully constructed message s…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2019-3633
|
2024-11-21 13:42 |
2019-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220334
|
8.8 |
HIGH
Network
|
open-emr
|
openemr
|
In OpenEMR 5.0.1 and earlier, an authenticated attacker can execute arbitrary commands on the host system via the Scanned Forms interface when creating a new form.
|
CWE-78
OS Command
|
CVE-2019-3968
|
2024-11-21 13:42 |
2019-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220335
|
6.5 |
MEDIUM
Network
|
dell
|
emc_powerconnect_8024_firmware
emc_powerconnect_7000_firmware
emc_powerconnect_m6348_firmware
emc_powerconnect_m6220_firmware
emc_powerconnect_m8024_firmware
emc_powerconnect_m8024-k_f…
|
Dell EMC PowerConnect 8024, 7000, M6348, M6220, M8024 and M8024-K running firmware versions prior to 5.1.15.2 contain a plain-text password storage vulnerability. TACACS\Radius credentials are stored…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2019-3753
|
2024-11-21 13:42 |
2019-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220336
|
6.5 |
MEDIUM
Network
|
open-emr
|
openemr
|
In OpenEMR 5.0.1 and earlier, the patient file download interface contains a directory traversal flaw that allows authenticated attackers to download arbitrary files from the host system.
|
CWE-22
Path Traversal
|
CVE-2019-3967
|
2024-11-21 13:42 |
2019-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220337
|
6.1 |
MEDIUM
Network
|
open-emr
|
openemr
|
In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS vulnerability in the foreign_id parameter. This could allow an attacker to execute arbitrary code in the context of a user's sess…
|
CWE-79
Cross-site Scripting
|
CVE-2019-3966
|
2024-11-21 13:42 |
2019-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220338
|
6.1 |
MEDIUM
Network
|
open-emr
|
openemr
|
In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS vulnerability in the document_id parameter. This could allow an attacker to execute arbitrary code in the context of a user's ses…
|
CWE-79
Cross-site Scripting
|
CVE-2019-3965
|
2024-11-21 13:42 |
2019-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220339
|
6.1 |
MEDIUM
Network
|
open-emr
|
openemr
|
In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS vulnerability in the doc_id parameter. This could allow an attacker to execute arbitrary code in the context of a user's session.
|
CWE-79
Cross-site Scripting
|
CVE-2019-3964
|
2024-11-21 13:42 |
2019-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220340
|
6.1 |
MEDIUM
Network
|
open-emr
|
openemr
|
In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS vulnerability in the patient_id parameter. This could allow an attacker to execute arbitrary code in the context of a user's sess…
|
CWE-79
Cross-site Scripting
|
CVE-2019-3963
|
2024-11-21 13:42 |
2019-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
