|
221781
|
8.8 |
HIGH
Network
|
linuxfoundation
pivotal
|
harbor
vmware_harbor_registry
|
Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows CSRF in the VMware Harbor Container Registry for the Pivotal Platform.
|
CWE-352
Origin Validation Error
|
CVE-2019-19025
|
2024-11-21 13:34 |
2020-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221782
|
8.8 |
HIGH
Network
|
linuxfoundation
pivotal
|
harbor
vmware_harbor_registry
|
Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 has a Privilege Escalation Vulnerability in the VMware Harbor Container Registry for the Pivotal Platform.
|
NVD-CWE-noinfo
|
CVE-2019-19023
|
2024-11-21 13:34 |
2020-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221783
|
6.1 |
MEDIUM
Network
|
ovirt
redhat
|
ovirt-engine
virtualization
|
A cross-site scripting vulnerability was reported in the oVirt-engine's OAuth authorization endpoint before version 4.3.8. URL parameters were included in the HTML response without escaping. This fla…
|
CWE-79
Cross-site Scripting
|
CVE-2019-19336
|
2024-11-21 13:34 |
2020-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221784
|
7.0 |
HIGH
Local
|
redhat
|
openshift
|
An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ocp-release-operator-sdk. An attacker with access to the container could use this flaw to modify /etc/passwd …
|
-
|
CVE-2019-19355
|
2024-11-21 13:34 |
2020-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221785
|
7.0 |
HIGH
Local
|
redhat
|
openshift
|
An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/jenkins. An attacker with access to the container could use this flaw to modify /etc/passwd and esc…
|
-
|
CVE-2019-19351
|
2024-11-21 13:34 |
2020-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221786
|
4.4 |
MEDIUM
Local
|
redhat
|
openshift
|
During installation of an OpenShift 4 cluster, the `openshift-install` command line tool creates an `auth` directory, with `kubeconfig` and `kubeadmin-password` files. Both files contain credentials …
|
-
|
CVE-2019-19335
|
2024-11-21 13:34 |
2020-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221787
|
7.2 |
HIGH
Network
|
sangoma
|
freepbx
|
In Sangoma FreePBX 13 through 15 and sysadmin (aka System Admin) 13.0.92 through 15.0.13.6 modules have a Remote Command Execution vulnerability that results in Privilege Escalation.
|
NVD-CWE-noinfo
|
CVE-2019-19538
|
2024-11-21 13:34 |
2020-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221788
|
5.4 |
MEDIUM
Network
|
teampasswordmanager
|
team_password_manager
|
Post-authentication Stored XSS in Team Password Manager through 7.93.204 allows attackers to steal other users' credentials by creating a shared password with HTML code as the title.
|
CWE-79
Cross-site Scripting
|
CVE-2019-19461
|
2024-11-21 13:34 |
2020-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221789
|
9.8 |
CRITICAL
Network
|
dolibarr
|
dolibarr
|
Dolibarr ERP/CRM 3.0 through 10.0.3 allows XSS via the qty parameter to product/fournisseurs.php (product price screen).
|
CWE-79
Cross-site Scripting
|
CVE-2019-19212
|
2024-11-21 13:34 |
2020-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221790
|
7.4 |
HIGH
Network
|
opcfoundation
|
ua-.netstandard
netstandard.opc.ua
|
In OPC Foundation OPC UA .NET Standard codebase 1.4.357.28, servers do not create sufficiently random numbers in OPCFoundation.NetStandard.Opc.Ua before 1.4.359.31, which allows man in the middle att…
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2019-19135
|
2024-11-21 13:34 |
2020-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
