|
220401
|
9.8 |
CRITICAL
Network
|
zte
|
mf920_firmware
|
All versions up to BD_R218V2.4 of ZTE MF920 product are impacted by command execution vulnerability. Due to some interfaces do not adequately verify parameters, an attacker can execute arbitrary comm…
|
CWE-78
OS Command
|
CVE-2019-3412
|
2024-11-21 13:42 |
2019-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220402
|
7.5 |
HIGH
Network
|
zte
|
mf920_firmware
|
All versions up to BD_R218V2.4 of ZTE MF920 product are impacted by information leak vulnerability. Due to some interfaces can obtain the WebUI login password without login, an attacker can exploit t…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2019-3411
|
2024-11-21 13:42 |
2019-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220403
|
8.8 |
HIGH
Network
|
zte
|
wf820\+_lte_outdoor_cpe_firmware
|
All versions up to UKBB_WF820+_1.0.0B06 of ZTE WF820+ LTE Outdoor CPE product are impacted by Cross-Site Request Forgery vulnerability,which stems from the fact that WEB applications do not adequatel…
|
CWE-352
Origin Validation Error
|
CVE-2019-3410
|
2024-11-21 13:42 |
2019-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220404
|
8.8 |
HIGH
Network
|
zte
|
wf820\+_lte_outdoor_cpe_firmware
|
All versions up to UKBB_WF820+_1.0.0B06 of ZTE WF820+ LTE Outdoor CPE product are impacted by command injection vulnerability. Due to inadequate parameter verification, unauthorized users can take ad…
|
CWE-78
OS Command
|
CVE-2019-3409
|
2024-11-21 13:42 |
2019-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220405
|
7.4 |
HIGH
Network
|
solarwinds
|
dameware_mini_remote_control
|
Dameware Remote Mini Control version 12.1.0.34 and prior contains an unauthenticated remote buffer over-read due to the server not properly validating RsaSignatureLen during key negotiation, which co…
|
CWE-20
CWE-125
Improper Input Validation
Out-of-bounds Read
|
CVE-2019-3957
|
2024-11-21 13:42 |
2019-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220406
|
7.4 |
HIGH
Network
|
dameware
|
remote_mini_control
|
Dameware Remote Mini Control version 12.1.0.34 and prior contains an unauthenticated remote buffer over-read due to the server not properly validating CltDHPubKeyLen during key negotiation, which cou…
|
CWE-20
CWE-125
Improper Input Validation
Out-of-bounds Read
|
CVE-2019-3956
|
2024-11-21 13:42 |
2019-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220407
|
7.5 |
HIGH
Network
|
dameware
|
remote_mini_control
|
Dameware Remote Mini Control version 12.1.0.34 and prior contains a unauthenticated remote heap overflow due to the server not properly validating RsaPubKeyLen during key negotiation. An unauthentica…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-3955
|
2024-11-21 13:42 |
2019-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220408
|
6.1 |
MEDIUM
Network
|
microfocus
|
solutions_business_manager
|
Micro Focus Solution Business Manager versions prior to 11.4.2 is susceptible to open redirect.
|
CWE-601
Open Redirect
|
CVE-2019-3477
|
2024-11-21 13:42 |
2019-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220409
|
5.4 |
MEDIUM
Network
|
pivotal_software
|
operations_manager
|
The Pivotal Ops Manager, 2.2.x versions prior to 2.2.23, 2.3.x versions prior to 2.3.16, 2.4.x versions prior to 2.4.11, and 2.5.x versions prior to 2.5.3, contain configuration that circumvents refr…
|
CWE-613
Insufficient Session Expiration
|
CVE-2019-3790
|
2024-11-21 13:42 |
2019-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220410
|
9.1 |
CRITICAL
Network
|
dell
|
emc_openmanage_server_administrator
|
Dell EMC OpenManage Server Administrator (OMSA) versions prior to 9.1.0.3 and prior to 9.2.0.4 contain a web parameter tampering vulnerability. A remote unauthenticated attacker could potentially man…
|
CWE-20
Improper Input Validation
|
CVE-2019-3723
|
2024-11-21 13:42 |
2019-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
