|
219381
|
7.8 |
HIGH
Local
|
microfocus
|
filr
|
A local privilege escalation vulnerability in the famtd component of Micro Focus Filr 3.0 allows a local attacker authenticated as a low privilege user to escalate to root. This vulnerability affects…
|
CWE-269
Improper Privilege Management
|
CVE-2019-3475
|
2024-11-21 13:42 |
2019-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219382
|
6.5 |
MEDIUM
Network
|
microfocus
|
filr
|
A path traversal vulnerability in the web application component of Micro Focus Filr 3.x allows a remote attacker authenticated as a low privilege user to download arbitrary files from the Filr server…
|
CWE-22
Path Traversal
|
CVE-2019-3474
|
2024-11-21 13:42 |
2019-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219383
|
7.5 |
HIGH
Network
|
mikrotik
|
routeros
|
MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is vulnerable to an intermediary vulnerability. The software will execute user defined network requests to both WAN and LAN clients. …
|
CWE-441
Confused Deputy
|
CVE-2019-3924
|
2024-11-21 13:42 |
2019-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219384
|
5.5 |
MEDIUM
Local
|
qemu
fedoraproject
canonical
opensuse
|
qemu
fedora
ubuntu_linux
leap
|
QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. A local attacker with permission to execute…
|
-
|
CVE-2019-3812
|
2024-11-21 13:42 |
2019-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219385
|
5.5 |
MEDIUM
Local
|
mcafee
|
true_key
|
Data Leakage Attacks vulnerability in Microsoft Windows client in McAfee True Key (TK) 3.1.9211.0 and earlier allows local users to expose confidential data via specially crafted malware.
|
CWE-200
Information Exposure
|
CVE-2019-3610
|
2024-11-21 13:42 |
2019-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219386
|
7.8 |
HIGH
Local
|
cloudfoundry
|
credhub_cli
|
Cloud Foundry CredHub CLI, versions prior to 2.2.1, inadvertently writes authentication credentials provided via environment variables to its persistent config file. A local authenticated malicious u…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2019-3782
|
2024-11-21 13:42 |
2019-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219387
|
5.4 |
MEDIUM
Network
|
tenable
|
nessus
|
Nessus versions 8.2.1 and earlier were found to contain a stored XSS vulnerability due to improper validation of user-supplied input. An authenticated, remote attacker could potentially exploit this …
|
CWE-79
Cross-site Scripting
|
CVE-2019-3923
|
2024-11-21 13:42 |
2019-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219388
|
7.8 |
HIGH
Local
|
dell
|
emc_vnx2_firmware
|
VNX Control Station in Dell EMC VNX2 OE for File versions prior to 8.1.9.236 contains OS command injection vulnerability. Due to inadequate restriction configured in sudores, a local authenticated ma…
|
CWE-78
OS Command
|
CVE-2019-3704
|
2024-11-21 13:42 |
2019-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219389
|
6.4 |
MEDIUM
Physics
|
gnome
canonical
redhat
|
gnome_display_manager
ubuntu_linux
enterprise_linux
|
A vulnerability was discovered in gdm before 3.31.4. When timed login is enabled in configuration, an attacker could bypass the lock screen by selecting the timed login user and waiting for the timer…
|
CWE-287
Improper Authentication
|
CVE-2019-3825
|
2024-11-21 13:42 |
2019-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219390
|
4.3 |
MEDIUM
Physics
|
gnome
opensuse
canonical
|
gnome-shell
leap
ubuntu_linux
|
It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certai…
|
CWE-287
Improper Authentication
|
CVE-2019-3820
|
2024-11-21 13:42 |
2019-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
