|
222151
|
9.8 |
CRITICAL
Network
|
nethack
|
nethack
|
NetHack 3.6.x before 3.6.4 is prone to a buffer overflow vulnerability when reading very long lines from configuration files. This affects systems that have NetHack installed suid/sgid, and shared sy…
|
CWE-120
Classic Buffer Overflow
|
CVE-2019-19905
|
2024-11-21 13:35 |
2019-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222152
|
4.8 |
MEDIUM
Network
|
backdropcms
|
backdrop_cms
|
An issue was discovered in Backdrop CMS 1.14.x before 1.14.2. It doesn't sufficiently filter output when displaying file type descriptions created by administrators. An attacker could potentially cra…
|
CWE-79
Cross-site Scripting
|
CVE-2019-19903
|
2024-11-21 13:35 |
2019-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222153
|
7.2 |
HIGH
Network
|
backdropcms
|
backdrop_cms
|
An issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14.x before 1.14.2. It allows the upload of entire-site configuration archives through the user interface or command line. It does n…
|
CWE-20
Improper Input Validation
|
CVE-2019-19902
|
2024-11-21 13:35 |
2019-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222154
|
4.8 |
MEDIUM
Network
|
backdropcms
|
backdrop_cms
|
An issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14.x before 1.14.2. It doesn't sufficiently filter output when displaying content type names in the content creation interface. An a…
|
CWE-79
Cross-site Scripting
|
CVE-2019-19900
|
2024-11-21 13:35 |
2019-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222155
|
4.8 |
MEDIUM
Network
|
backdropcms
|
backdrop_cms
|
An issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14.x before 1.14.2. It doesn't sufficiently filter output when displaying certain block descriptions created by administrators. An a…
|
CWE-79
Cross-site Scripting
|
CVE-2019-19901
|
2024-11-21 13:35 |
2019-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222156
|
9.8 |
CRITICAL
Network
|
pebbletemplates
|
pebble_templates
|
Pebble Templates 3.1.2 allows attackers to bypass a protection mechanism (intended to block access to instances of java.lang.Class) because getClass is accessible via the public static java.lang.Clas…
|
CWE-862
Missing Authorization
|
CVE-2019-19899
|
2024-11-21 13:35 |
2019-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222157
|
5.5 |
MEDIUM
Local
|
opera
|
opera
|
Opera for Android before 54.0.2669.49432 is vulnerable to a sandboxed cross-origin iframe bypass attack. By using a service working inside a sandboxed iframe it is possible to bypass the normal sandb…
|
NVD-CWE-Other
|
CVE-2019-19788
|
2024-11-21 13:35 |
2019-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222158
|
7.5 |
HIGH
Network
|
sylabs
|
singularity
|
Insecure permissions (777) are set on $HOME/.singularity when it is newly created by Singularity (version from 3.3.0 to 3.5.1), which could lead to an information leak, and malicious redirection of o…
|
CWE-276
Incorrect Default Permissions
|
CVE-2019-19724
|
2024-11-21 13:35 |
2019-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222159
|
9.8 |
CRITICAL
Network
|
trendmicro
|
mobile_security
|
Trend Micro Mobile Security for Android (Consumer) versions 10.3.1 and below on Android 8.0+ has an issue in which an attacker could bypass the product's App Password Protection feature.
|
CWE-521
Weak Password Requirements
|
CVE-2019-19690
|
2024-11-21 13:35 |
2019-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222160
|
7.8 |
HIGH
Local
|
trendmicro
|
housecall_for_home_networks
|
Trend Micro HouseCall for Home Networks (versions below 5.3.0.1063) could be exploited via a DLL Hijack related to a vulnerability on the packer that the program uses.
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2019-19689
|
2024-11-21 13:35 |
2019-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
