|
222181
|
5.5 |
MEDIUM
Local
|
virglrenderer_project
opensuse
debian
|
virglrenderer
leap
debian_linux
|
A NULL pointer dereference in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via malformed commands.
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-18388
|
2024-11-21 13:33 |
2019-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222182
|
6.1 |
MEDIUM
Network
|
lansweeper
|
lansweeper
|
The web console in Lansweeper 7.2.105.2 has XSS via the URL path. Product vulnerability has been fixed and disclosed within changelog as of 02 Dec 2019.
|
CWE-79
Cross-site Scripting
|
CVE-2019-18955
|
2024-11-21 13:33 |
2019-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222183
|
4.9 |
MEDIUM
Network
|
arista
|
cloudvision_portal
|
In CloudVision Portal (CVP) for all releases in the 2018.2 Train, under certain conditions, the application logs user passwords in plain text for certain API calls, potentially leading to user passwo…
|
CWE-312
CWE-522
Cleartext Storage of Sensitive Information
Insufficiently Protected Credentials
|
CVE-2019-18615
|
2024-11-21 13:33 |
2019-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222184
|
6.1 |
MEDIUM
Network
|
zohocorp
|
manageengine_adselfservice_plus
|
An open redirect vulnerability was discovered in Zoho ManageEngine ADSelfService Plus 5.x before 5809 that allows attackers to force users who click on a crafted link to be sent to a specified extern…
|
CWE-601
Open Redirect
|
CVE-2019-18781
|
2024-11-21 13:33 |
2019-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222185
|
7.5 |
HIGH
Network
|
abb
|
pb610_panel_builder_600
|
The HMISimulator component of ABB PB610 Panel Builder 600 uses the readFile/writeFile interface to manipulate the work file. Path configuration in PB610 HMISimulator versions 2.8.0.424 and earlier po…
|
NVD-CWE-noinfo
|
CVE-2019-18997
|
2024-11-21 13:33 |
2019-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222186
|
7.8 |
HIGH
Local
|
abb
|
pb610_panel_builder_600
|
Path settings in HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier accept DLLs outside of the program directory, potentially allowing an attacker with access to the lo…
|
CWE-426
Untrusted Search Path
|
CVE-2019-18996
|
2024-11-21 13:33 |
2019-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222187
|
5.3 |
MEDIUM
Network
|
abb
|
pb610_panel_builder_600
|
The HMISimulator component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier fails to validate the content-length field for HTTP requests, exposing HMISimulator to denial of service via c…
|
CWE-20
Improper Input Validation
|
CVE-2019-18995
|
2024-11-21 13:33 |
2019-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222188
|
6.5 |
MEDIUM
Network
|
abb
|
pb610_panel_builder_600
|
Due to a lack of file length check, the HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier crashes when trying to load an empty *.JPR application file. An attacker with…
|
CWE-20
Improper Input Validation
|
CVE-2019-18994
|
2024-11-21 13:33 |
2019-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222189
|
8.8 |
HIGH
Network
|
dell
|
rsa_identity_governance_and_lifecycle
|
The RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance products prior to 7.1.1 P03 contain a Session Fixation vulnerability. An authenticated malicious local user could potent…
|
CWE-384
Session Fixation
|
CVE-2019-18573
|
2024-11-21 13:33 |
2019-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222190
|
9.8 |
CRITICAL
Network
|
dell
|
rsa_identity_governance_and_lifecycle
|
The RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance products prior to 7.1.1 P03 contain an Improper Authentication vulnerability. A Java JMX agent running on the remote hos…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2019-18572
|
2024-11-21 13:33 |
2019-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
