|
218291
|
7.5 |
HIGH
Network
|
codesys
|
control_for_beaglebone_sl
control_for_empc-a\/imx6_sl
control_for_iot2000_sl
control_for_linux_sl
control_for_pfc100_sl
control_for_pfc200_sl
control_for_raspberry_pi_sl
control_…
|
An issue was discovered in 3S-Smart CODESYS V3 products. A crafted communication request may cause uncontrolled memory allocations in the affected CODESYS products and may result in a denial-of-servi…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2019-9012
|
2024-11-21 13:50 |
2019-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218292
|
9.8 |
CRITICAL
Network
|
codesys
|
control_for_beaglebone_sl
control_for_empc-a\/imx6_sl
control_for_iot2000_sl
control_for_linux_sl
control_for_pfc100_sl
control_for_pfc200_sl
control_for_raspberry_pi_sl
control_…
|
An issue was discovered in 3S-Smart CODESYS V3 products. The CODESYS Gateway does not correctly verify the ownership of a communication channel. All variants of the following CODESYS V3 products in a…
|
NVD-CWE-noinfo
|
CVE-2019-9010
|
2024-11-21 13:50 |
2019-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218293
|
8.8 |
HIGH
Adjacent
|
codesys
|
control_for_beaglebone_sl
control_for_empc-a\/imx6_sl
control_for_iot2000_sl
control_for_linux_sl
control_for_pfc100_sl
control_for_pfc200_sl
raspberry_pi
control_rte_sl
contr…
|
An issue was discovered in 3S-Smart CODESYS V3 products. The application may utilize non-TLS based encryption, which results in user credentials being insufficiently protected during transport. All v…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2019-9013
|
2024-11-21 13:50 |
2019-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218294
|
7.5 |
HIGH
Network
|
rdbrck
|
shift
|
Redbrick Shift through 3.4.3 allows an attacker to extract authentication tokens of services (such as Gmail, Outlook, etc.) used in the application.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2019-8932
|
2024-11-21 13:50 |
2019-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218295
|
7.5 |
HIGH
Network
|
rdbrck
|
shift
|
Redbrick Shift through 3.4.3 allows an attacker to extract emails of services (such as Gmail, Outlook, etc.) used in the application.
|
NVD-CWE-noinfo
|
CVE-2019-8931
|
2024-11-21 13:50 |
2019-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218296
|
7.8 |
HIGH
Local
|
blackberry
|
qnx_software_development_platform
|
An information disclosure vulnerability leading to a potential local escalation of privilege in the procfs service (the /proc filesystem) of BlackBerry QNX Software Development Platform version(s) 6.…
|
NVD-CWE-noinfo
|
CVE-2019-8998
|
2024-11-21 13:50 |
2019-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218297
|
6.1 |
MEDIUM
Network
|
apachefriends
|
xampp
|
iart.php in XAMPP 1.7.0 has XSS, a related issue to CVE-2008-3569.
|
CWE-79
Cross-site Scripting
|
CVE-2019-8920
|
2024-11-21 13:50 |
2019-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218298
|
9.8 |
CRITICAL
Network
|
couchbase
|
sync_gateway
|
In Couchbase Sync Gateway 2.1.2, an attacker with access to the Sync Gateway’s public REST API was able to issue additional N1QL statements and extract sensitive data or call arbitrary N1QL functions…
|
CWE-89
SQL Injection
|
CVE-2019-9039
|
2024-11-21 13:50 |
2019-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218299
|
6.5 |
MEDIUM
Network
|
digitaldruid
|
hoteldruid
|
Hoteldruid before v2.3.1 allows remote authenticated users to cause a denial of service (invoice-creation outage) via the n_file parameter to visualizza_contratto.php with invalid arguments (any non-…
|
CWE-20
Improper Input Validation
|
CVE-2019-9085
|
2024-11-21 13:50 |
2019-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218300
|
9.8 |
CRITICAL
Network
|
digitaldruid
|
hoteldruid
|
HotelDruid before v2.3.1 has SQL Injection via the /tab_tariffe.php numtariffa1 parameter.
|
CWE-89
SQL Injection
|
CVE-2019-9087
|
2024-11-21 13:50 |
2019-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
