|
220371
|
5.5 |
MEDIUM
Local
|
comodo
|
antivirus
|
Comodo Antivirus versions 11.0.0.6582 and below are vulnerable to Denial of Service affecting CmdGuard.sys via its filter port "cmdServicePort". A low privileged process can crash CmdVirth.exe to dec…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-3973
|
2024-11-21 13:42 |
2019-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220372
|
5.5 |
MEDIUM
Local
|
comodo
|
antivirus
|
Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Arbitrary File Write due to Cavwp.exe handling of Comodo's Antivirus database. Cavwp.exe loads Comodo antivirus definition database in un…
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2019-3970
|
2024-11-21 13:42 |
2019-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220373
|
7.8 |
HIGH
Local
|
comodo
|
antivirus
|
Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Local Privilege Escalation due to CmdAgent's handling of COM clients. A local process can bypass the signature check enforced by CmdAgent…
|
NVD-CWE-noinfo
|
CVE-2019-3969
|
2024-11-21 13:42 |
2019-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220374
|
5.3 |
MEDIUM
Network
|
whatsapp
|
whatsapp
|
An input validation issue affected WhatsApp Desktop versions prior to 0.3.3793 which allows malicious clients to send files to users that would be displayed with a wrong extension.
|
CWE-20
Improper Input Validation
|
CVE-2019-3571
|
2024-11-21 13:42 |
2019-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220375
|
5.7 |
MEDIUM
Adjacent
|
zte
|
zxmw_nr8000_firmware
|
ZTE MW NR8000V2.4.4.03 and NR8000V2.4.4.04 are impacted by path traversal vulnerability. Due to path traversal,users can download any files.
|
CWE-22
Path Traversal
|
CVE-2019-3415
|
2024-11-21 13:42 |
2019-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220376
|
5.4 |
MEDIUM
Network
|
redhat
|
openshift_container_platform
|
A reflected XSS vulnerability exists in authorization flow of OpenShift Container Platform versions: openshift-online-3, openshift-enterprise-3.4 through 3.7 and openshift-enterprise-3.9 through 3.11…
|
-
|
CVE-2019-3889
|
2024-11-21 13:42 |
2019-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220377
|
9.8 |
CRITICAL
Network
|
arlo
|
vmb3010_firmware
vmb4000_firmware
vmb3500_firmware
vmb4500_firmware
vmb5000_firmware
|
Arlo Basestation firmware 1.12.0.1_27940 and prior contain a hardcoded username and password combination that allows root access to the device when an onboard serial interface is connected to.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2019-3950
|
2024-11-21 13:42 |
2019-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220378
|
9.8 |
CRITICAL
Network
|
arlo
|
vmb3010_firmware
vmb4000_firmware
vmb3500_firmware
vmb4500_firmware
vmb5000_firmware
|
Arlo Basestation firmware 1.12.0.1_27940 and prior firmware contain a networking misconfiguration that allows access to restricted network interfaces. This could allow an attacker to upload or downlo…
|
CWE-16
Configuration
|
CVE-2019-3949
|
2024-11-21 13:42 |
2019-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220379
|
4.9 |
MEDIUM
Network
|
mcafee
|
epolicy_orchestrator
|
Information Disclosure vulnerability in the Agent Handler in McAfee ePolicy Orchestrator (ePO) 5.9.x and 5.10.0 prior to 5.10.0 update 4 allows remote unauthenticated attacker to view sensitive infor…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2019-3619
|
2024-11-21 13:42 |
2019-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220380
|
3.3 |
LOW
Local
|
tenable
|
nessus
|
Content Injection vulnerability in Tenable Nessus prior to 8.5.0 may allow an authenticated, local attacker to exploit this vulnerability by convincing another targeted Nessus user to view a maliciou…
|
CWE-79
Cross-site Scripting
|
CVE-2019-3962
|
2024-11-21 13:42 |
2019-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
