|
219161
|
5.3 |
MEDIUM
Network
|
whatsapp
|
whatsapp
|
An input validation issue affected WhatsApp Desktop versions prior to 0.3.3793 which allows malicious clients to send files to users that would be displayed with a wrong extension.
|
CWE-20
Improper Input Validation
|
CVE-2019-3571
|
2024-11-21 13:42 |
2019-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219162
|
5.7 |
MEDIUM
Adjacent
|
zte
|
zxmw_nr8000_firmware
|
ZTE MW NR8000V2.4.4.03 and NR8000V2.4.4.04 are impacted by path traversal vulnerability. Due to path traversal,users can download any files.
|
CWE-22
Path Traversal
|
CVE-2019-3415
|
2024-11-21 13:42 |
2019-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219163
|
5.4 |
MEDIUM
Network
|
redhat
|
openshift_container_platform
|
A reflected XSS vulnerability exists in authorization flow of OpenShift Container Platform versions: openshift-online-3, openshift-enterprise-3.4 through 3.7 and openshift-enterprise-3.9 through 3.11…
|
-
|
CVE-2019-3889
|
2024-11-21 13:42 |
2019-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219164
|
9.8 |
CRITICAL
Network
|
arlo
|
vmb3010_firmware
vmb4000_firmware
vmb3500_firmware
vmb4500_firmware
vmb5000_firmware
|
Arlo Basestation firmware 1.12.0.1_27940 and prior contain a hardcoded username and password combination that allows root access to the device when an onboard serial interface is connected to.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2019-3950
|
2024-11-21 13:42 |
2019-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219165
|
9.8 |
CRITICAL
Network
|
arlo
|
vmb3010_firmware
vmb4000_firmware
vmb3500_firmware
vmb4500_firmware
vmb5000_firmware
|
Arlo Basestation firmware 1.12.0.1_27940 and prior firmware contain a networking misconfiguration that allows access to restricted network interfaces. This could allow an attacker to upload or downlo…
|
CWE-16
Configuration
|
CVE-2019-3949
|
2024-11-21 13:42 |
2019-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219166
|
4.9 |
MEDIUM
Network
|
mcafee
|
epolicy_orchestrator
|
Information Disclosure vulnerability in the Agent Handler in McAfee ePolicy Orchestrator (ePO) 5.9.x and 5.10.0 prior to 5.10.0 update 4 allows remote unauthenticated attacker to view sensitive infor…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2019-3619
|
2024-11-21 13:42 |
2019-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219167
|
3.3 |
LOW
Local
|
tenable
|
nessus
|
Content Injection vulnerability in Tenable Nessus prior to 8.5.0 may allow an authenticated, local attacker to exploit this vulnerability by convincing another targeted Nessus user to view a maliciou…
|
CWE-79
Cross-site Scripting
|
CVE-2019-3962
|
2024-11-21 13:42 |
2019-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219168
|
8.8 |
HIGH
Network
|
mcafee
|
enterprise_security_manager
|
Directory Traversal vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to gain elevated privileges via specially crafted input.
|
CWE-22
Path Traversal
|
CVE-2019-3632
|
2024-11-21 13:42 |
2019-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219169
|
7.2 |
HIGH
Network
|
mcafee
|
enterprise_security_manager
|
Command Injection vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to execute arbitrary code via specially crafted parameters.
|
CWE-78
OS Command
|
CVE-2019-3631
|
2024-11-21 13:42 |
2019-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219170
|
7.2 |
HIGH
Network
|
mcafee
|
enterprise_security_manager
|
Command Injection vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to execute arbitrary code via specially crafted parameters.
|
CWE-78
OS Command
|
CVE-2019-3630
|
2024-11-21 13:42 |
2019-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
