|
218701
|
7.8 |
HIGH
Local
|
nvidia
|
gpu_driver
|
NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the product does not properly sy…
|
CWE-662
Improper Synchronization
|
CVE-2019-5675
|
2024-11-21 13:45 |
2019-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218702
|
7.5 |
HIGH
Network
|
netapp
|
oncommand_insight
|
Oncommand Insight versions prior to 7.3.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2019-5496
|
2024-11-21 13:45 |
2019-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218703
|
7.5 |
HIGH
Network
|
netapp
|
oncommand_unified_manager
|
OnCommand Unified Manager for VMware vSphere, Linux and Windows prior to 9.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via…
|
CWE-254
7PK - Security Features
|
CVE-2019-5495
|
2024-11-21 13:45 |
2019-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218704
|
7.5 |
HIGH
Network
|
netapp
|
oncommand_unified_manager
|
OnCommand Unified Manager 7-Mode prior to version 5.2.4 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2019-5494
|
2024-11-21 13:45 |
2019-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218705
|
7.3 |
HIGH
Local
|
rapid7
|
metasploit
|
Rapid7 Metasploit Framework suffers from an instance of CWE-22, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in the Zip import function of Metasploit. Exploiting thi…
|
CWE-22
Path Traversal
|
CVE-2019-5624
|
2024-11-21 13:45 |
2019-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218706
|
7.5 |
HIGH
Network
|
netapp
|
hyper_converged_infrastructure_compute_node
element_plug-in_for_vcenter_server
|
Element Plug-in for vCenter Server versions prior to 4.2.3 may disclose sensitive account information to an unauthenticated attacker. NetApp HCI Compute Node versions prior to 1.4P2 bundle affected v…
|
NVD-CWE-noinfo
|
CVE-2019-5492
|
2024-11-21 13:45 |
2019-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218707
|
5.9 |
MEDIUM
Network
|
vmware
|
fusion
workstation
esxi
|
VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6), Fusion (11.x before 11.0.3 and 10.x before 10.1.6) updates add…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-5520
|
2024-11-21 13:45 |
2019-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218708
|
6.8 |
MEDIUM
Network
|
vmware
|
fusion
workstation
esxi
|
VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6), Fusion (11.x before 11.0.3 and 10.x before 10.1.6) contain mul…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-5517
|
2024-11-21 13:45 |
2019-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218709
|
6.8 |
MEDIUM
Network
|
vmware
|
fusion
workstation
esxi
|
VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6), Fusion (11.x before 11.0.3 and 10.x before 10.1.6) updates add…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-5516
|
2024-11-21 13:45 |
2019-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218710
|
9.8 |
CRITICAL
Network
|
silverstripe
|
silverstripe
|
All versions of SilverStripe 3 prior to 3.6.7 and 3.7.3, and all versions of SilverStripe 4 prior to 4.0.7, 4.1.5, 4.2.4, and 4.3.1 allows Reflected SQL Injection through Form and DataObject.
|
CWE-89
SQL Injection
|
CVE-2019-5715
|
2024-11-21 13:45 |
2019-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
