|
220911
|
3.5 |
LOW
Adjacent
|
gitlab
|
gitlab
|
An input validation problem was discovered in the GitHub service integration which could result in an attacker being able to make arbitrary POST requests in a GitLab instance's internal network. This…
|
CWE-20
Improper Input Validation
|
CVE-2019-5461
|
2024-11-21 13:44 |
2019-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220912
|
6.5 |
MEDIUM
Network
|
epignosishq
|
efront_lms
|
An exploitable SQL injection vulnerability exists in the unauthenticated portion of eFront LMS, versions v5.2.12 and earlier. Specially crafted web request to login page can cause SQL injections, res…
|
CWE-89
SQL Injection
|
CVE-2019-5070
|
2024-11-21 13:44 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220913
|
8.8 |
HIGH
Network
|
epignosishq
|
efront_lms
|
A code execution vulnerability exists in Epignosis eFront LMS v5.2.12. A specially crafted web request can cause unsafe deserialization potentially resulting in PHP code being executed. An attacker c…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2019-5069
|
2024-11-21 13:44 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220914
|
5.3 |
MEDIUM
Network
|
blynk
|
blynk-library
|
An exploitable information disclosure vulnerability exists in the packet-parsing functionality of Blynk-Library v0.6.1. A specially crafted packet can cause an unterminated strncpy, resulting in info…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-5065
|
2024-11-21 13:44 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220915
|
8.8 |
HIGH
Network
|
aspose
|
aspose.words
|
An exploitable Stack Based Buffer Overflow vulnerability exists in the EnumMetaInfo function of Aspose Aspose.Words library, version 18.11.0.0. A specially crafted doc file can cause a stack-based bu…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-5041
|
2024-11-21 13:44 |
2019-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220916
|
8.8 |
HIGH
Network
|
aspose
|
aspose.cells
|
An exploitable out-of-bounds read vulnerability exists in the Number record parser of Aspose Aspose.Cells 19.1.0 library. A specially crafted XLS file can cause an out-of-bounds read, resulting in re…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-5033
|
2024-11-21 13:44 |
2019-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220917
|
8.8 |
HIGH
Network
|
aspose
|
aspose.cells
|
An exploitable out-of-bounds read vulnerability exists in the LabelSst record parser of Aspose Aspose.Cells 19.1.0 library. A specially crafted XLS file can cause an out-of-bounds read, resulting in …
|
CWE-125
Out-of-bounds Read
|
CVE-2019-5032
|
2024-11-21 13:44 |
2019-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220918
|
7.5 |
HIGH
Network
|
google
|
nest_cam_iq_indoor_firmware
|
An exploitable denial-of-service vulnerability exists in the Weave error reporting functionality of the Nest Cam IQ Indoor, version 4620002. A specially crafted weave packets can cause an arbitrary W…
|
CWE-346
Origin Validation Error
|
CVE-2019-5036
|
2024-11-21 13:44 |
2019-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220919
|
9.0 |
CRITICAL
Network
|
google
|
nest_cam_iq_indoor_firmware
|
An exploitable information disclosure vulnerability exists in the Weave PASE pairing functionality of the Nest Cam IQ Indoor, version 4620002. A set of specially crafted weave packets can brute force…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2019-5035
|
2024-11-21 13:44 |
2019-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220920
|
5.3 |
MEDIUM
Network
|
google
|
nest_cam_iq_indoor_firmware
|
An exploitable information disclosure vulnerability exists in the Weave Legacy Pairing functionality of Nest Cam IQ Indoor version 4620002. A set of specially crafted weave packets can cause an out o…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-5034
|
2024-11-21 13:44 |
2019-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
