|
215421
|
9.8 |
CRITICAL
Network
|
libreoffice
canonical
fedoraproject
debian
opensuse
|
libreoffice
ubuntu_linux
fedora
debian_linux
leap
|
LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. LibreOffice is typically also bundled with LibreLo…
|
CWE-94
Code Injection
|
CVE-2019-9848
|
2024-11-21 13:52 |
2019-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215422
|
3.9 |
LOW
Physics
|
norton
|
password_manager
|
Norton Password Manager, prior to 6.3.0.2082, may be susceptible to an address spoofing issue. This type of issue may allow an attacker to disguise their origin IP address in order to obfuscate the s…
|
NVD-CWE-noinfo
|
CVE-2019-9700
|
2024-11-21 13:52 |
2019-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215423
|
7.5 |
HIGH
Network
|
eclass
|
eclass_ip
|
Any URLs with download_attachment.php under templates or home folders can allow arbitrary files downloaded without login in BroadLearning eClass before version ip.2.5.10.2.1.
|
CWE-22
Path Traversal
|
CVE-2019-9886
|
2024-11-21 13:52 |
2019-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215424
|
7.8 |
HIGH
Local
|
alarm
|
adc-v522ir_firmware
|
Alarm.com ADC-V522IR 0100b9 devices have Incorrect Access Control, a different issue than CVE-2018-19588. This occurs because of incorrect protection of VPN certificates (used for initiating a VPN se…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2019-9657
|
2024-11-21 13:52 |
2019-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215425
|
7.5 |
HIGH
Network
|
sonatype
|
nexus_repository_manager
|
Sonatype Nexus Repository Manager before 3.17.0 has a weak default of giving any unauthenticated user read permissions on the repository files and images.
|
CWE-276
Incorrect Default Permissions
|
CVE-2019-9630
|
2024-11-21 13:52 |
2019-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215426
|
9.8 |
CRITICAL
Network
|
sonatype
|
nexus_repository_manager
|
Sonatype Nexus Repository Manager before 3.17.0 establishes a default administrator user with weak defaults (fixed credentials).
|
CWE-287
Improper Authentication
|
CVE-2019-9629
|
2024-11-21 13:52 |
2019-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215427
|
9.8 |
CRITICAL
Network
|
hawt
|
hawtio
|
Hawt Hawtio through 2.5.0 is vulnerable to SSRF, allowing a remote attacker to trigger an HTTP request from an affected server to an arbitrary host via the initial /proxy/ substring of a URI.
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2019-9827
|
2024-11-21 13:52 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215428
|
9.8 |
CRITICAL
Network
|
jetbrains
|
intellij_idea
|
In several versions of JetBrains IntelliJ IDEA Ultimate, creating Task Servers configurations leads to saving a cleartext unencrypted record of the server credentials in the IDE configuration files. …
|
CWE-312
CWE-522
Cleartext Storage of Sensitive Information
Insufficiently Protected Credentials
|
CVE-2019-9873
|
2024-11-21 13:52 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215429
|
9.8 |
CRITICAL
Network
|
jetbrains
|
intellij_idea
|
In several JetBrains IntelliJ IDEA versions, creating remote run configurations of JavaEE application servers leads to saving a cleartext record of the server credentials in the IDE configuration fil…
|
CWE-312
CWE-522
Cleartext Storage of Sensitive Information
Insufficiently Protected Credentials
|
CVE-2019-9823
|
2024-11-21 13:52 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215430
|
8.1 |
HIGH
Network
|
jetbrains
|
intellij_idea
|
In several versions of JetBrains IntelliJ IDEA Ultimate, creating run configurations for cloud application servers leads to saving a cleartext unencrypted record of the server credentials in the IDE …
|
CWE-312
CWE-522
Cleartext Storage of Sensitive Information
Insufficiently Protected Credentials
|
CVE-2019-9872
|
2024-11-21 13:52 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
