|
220421
|
5.3 |
MEDIUM
Network
|
atlassian
|
jira
jira_server
|
The ManageFilters.jspa resource in Jira before version 7.13.3 and from version 8.0.0 before version 8.1.1 allows remote attackers to enumerate usernames via an incorrect authorisation check.
|
CWE-863
Incorrect Authorization
|
CVE-2019-3401
|
2024-11-21 13:42 |
2019-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220422
|
7.8 |
HIGH
Local
|
artifex
debian
opensuse
fedoraproject
canonical
redhat
|
ghostscript
debian_linux
leap
fedora
ubuntu_linux
enterprise_linux
|
It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, fo…
|
NVD-CWE-noinfo
|
CVE-2019-3839
|
2024-11-21 13:42 |
2019-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220423
|
6.7 |
MEDIUM
Local
|
dell
|
emc_recoverpoint
recoverpoint_for_virtual_machines
|
Dell EMC RecoverPoint versions prior to 5.1.3 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an OS command injection vulnerability in the installation feature of Boxmgmt CLI. A malicious …
|
CWE-78
OS Command
|
CVE-2019-3727
|
2024-11-21 13:42 |
2019-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220424
|
9.8 |
CRITICAL
Network
|
rsa
|
security_analytics
netwitness
|
RSA Netwitness Platform versions prior to 11.2.1.1 and RSA Security Analytics versions prior to 10.6.6.1 are vulnerable to a Command Injection vulnerability due to missing input validation in the pro…
|
CWE-78
OS Command
|
CVE-2019-3725
|
2024-11-21 13:42 |
2019-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220425
|
8.8 |
HIGH
Network
|
rsa
|
security_analytics
netwitness_platform
|
RSA Netwitness Platform versions prior to 11.2.1.1 is vulnerable to an Authorization Bypass vulnerability. A remote low privileged attacker could potentially exploit this vulnerability to gain access…
|
NVD-CWE-noinfo
|
CVE-2019-3724
|
2024-11-21 13:42 |
2019-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220426
|
4.8 |
MEDIUM
Network
|
mcafee
|
network_security_manager
|
Cross Site Scripting (XSS) vulnerability in McAfee Network Security Manager (NSM) Prior to 9.1 Update 5 allows an authenticated administrator to embed an XSS in the administrator interface via a spec…
|
CWE-79
Cross-site Scripting
|
CVE-2019-3602
|
2024-11-21 13:42 |
2019-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220427
|
7.5 |
HIGH
Network
|
mcafee
|
endpoint_security
|
Protection Mechanism Failure in the Firewall in McAfee Endpoint Security (ENS) 10.x prior to 10.6.1 May 2019 update allows context-dependent attackers to circumvent ENS protection where GTI flagged I…
|
NVD-CWE-Other
|
CVE-2019-3586
|
2024-11-21 13:42 |
2019-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220428
|
9.8 |
CRITICAL
Network
|
whatsapp
|
whatsapp
|
A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number. The issue affects WhatsApp for Android…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2019-3568
|
2024-11-21 13:42 |
2019-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220429
|
8.8 |
HIGH
Network
|
lifesize
|
icon_300_firmware
icon_500_firmware
icon_700_firmware
|
A Remote Code Execution issue in the DNS Query Web UI in Lifesize Icon LS_RM3_3.7.0 (2421) allows remote authenticated attackers to execute arbitrary commands via a crafted DNS Query address field in…
|
CWE-78
OS Command
|
CVE-2019-3702
|
2024-11-21 13:42 |
2019-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220430
|
5.9 |
MEDIUM
Network
|
suse
|
manager
|
SUSE Manager until version 4.0.7 and Uyuni until commit 1b426ad5ed0a7191a6fb46bb83e98ae4b99a5ade created world-readable swap files on systems that don't have a swap already configured and don't have …
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2019-3684
|
2024-11-21 13:42 |
2019-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
