|
222011
|
8.8 |
HIGH
Network
|
google
|
android
|
In ih264d_fmt_conv_420sp_to_420p of ih264d_format_conv.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution …
|
CWE-787
Out-of-bounds Write
|
CVE-2019-1989
|
2024-11-21 13:37 |
2019-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222012
|
7.8 |
HIGH
Local
|
google
|
android
|
In findAvailSpellCheckerLocked of TextServicesManagerService.java, there is a possible way to bypass the warning dialog when selecting an untrusted spell checker due to a permissions bypass. This cou…
|
NVD-CWE-noinfo
|
CVE-2019-1985
|
2024-11-21 13:37 |
2019-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222013
|
5.4 |
MEDIUM
Network
|
cisco
|
industrial_network_director
|
A vulnerability in Cisco Industrial Network Director could allow an authenticated, remote attacker to conduct stored cross-site scripting (XSS) attacks. The vulnerability is due to improper validatio…
|
CWE-79
Cross-site Scripting
|
CVE-2019-1882
|
2024-11-21 13:37 |
2019-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222014
|
7.5 |
HIGH
Network
|
cisco
|
webex_meetings_server
|
A vulnerability in the web-based management interface of Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to access sensitive system information. The vulnerability is due t…
|
NVD-CWE-Other
|
CVE-2019-1868
|
2024-11-21 13:37 |
2019-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222015
|
8.8 |
HIGH
Network
|
cisco
|
industrial_network_director
|
A vulnerability in the web-based management interface of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack …
|
CWE-352
Origin Validation Error
|
CVE-2019-1881
|
2024-11-21 13:37 |
2019-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222016
|
4.4 |
MEDIUM
Local
|
cisco
|
unified_computing_system_server_firmware
|
A vulnerability in the BIOS upgrade utility of Cisco Unified Computing System (UCS) C-Series Rack Servers could allow an authenticated, local attacker to install compromised BIOS firmware on an affec…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2019-1880
|
2024-11-21 13:37 |
2019-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222017
|
5.3 |
MEDIUM
Network
|
cisco
|
telepresence_video_communication_server
|
A vulnerability in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway Series software could allow an unauthenticated, remote attacker to cause an affected system to send arbitra…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2019-1872
|
2024-11-21 13:37 |
2019-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222018
|
6.1 |
MEDIUM
Network
|
cisco
|
enterprise_chat_and_email
|
A vulnerability in the web-based management interface of Cisco Enterprise Chat and Email (ECE) Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack ag…
|
CWE-79
Cross-site Scripting
|
CVE-2019-1870
|
2024-11-21 13:37 |
2019-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222019
|
7.2 |
HIGH
Network
|
cisco
|
industrial_network_director
|
A vulnerability in the software update feature of Cisco Industrial Network Director could allow an authenticated, remote attacker to execute arbitrary code. The vulnerability is due to improper valid…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2019-1861
|
2024-11-21 13:37 |
2019-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222020
|
8.6 |
HIGH
Network
|
cisco
|
unified_communications_manager_im_and_presence_service
telepresence_video_communication_server
|
A vulnerability in the authentication service of the Cisco Unified Communications Manager IM and Presence (Unified CM IM&P) Service, Cisco TelePresence Video Communication Server (VCS), and Cisco…
|
CWE-20
Improper Input Validation
|
CVE-2019-1845
|
2024-11-21 13:37 |
2019-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
