|
220931
|
6.1 |
MEDIUM
Network
|
open-emr
|
openemr
|
In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS vulnerability in the document_id parameter. This could allow an attacker to execute arbitrary code in the context of a user's ses…
|
CWE-79
Cross-site Scripting
|
CVE-2019-3965
|
2024-11-21 13:42 |
2019-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220932
|
6.1 |
MEDIUM
Network
|
open-emr
|
openemr
|
In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS vulnerability in the doc_id parameter. This could allow an attacker to execute arbitrary code in the context of a user's session.
|
CWE-79
Cross-site Scripting
|
CVE-2019-3964
|
2024-11-21 13:42 |
2019-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220933
|
6.1 |
MEDIUM
Network
|
open-emr
|
openemr
|
In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS vulnerability in the patient_id parameter. This could allow an attacker to execute arbitrary code in the context of a user's sess…
|
CWE-79
Cross-site Scripting
|
CVE-2019-3963
|
2024-11-21 13:42 |
2019-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220934
|
8.1 |
HIGH
Network
|
tenable
|
nessus
|
Nessus 8.5.2 and earlier on Windows platforms were found to contain an issue where certain system files could be overwritten arbitrarily, potentially creating a denial of service condition.
|
NVD-CWE-noinfo
|
CVE-2019-3974
|
2024-11-21 13:42 |
2019-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220935
|
5.4 |
MEDIUM
Network
|
zte
|
zxhn_f670_firmware
|
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by cross-site scripting vulnerability (XSS). Due to incomplete input validation, an authorized user can exploit this vulnerabilit…
|
CWE-79
Cross-site Scripting
|
CVE-2019-3418
|
2024-11-21 13:42 |
2019-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220936
|
8.8 |
HIGH
Network
|
zte
|
zxhn_f670_firmware
|
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by command injection vulnerability. Due to insufficient parameter validation check, an authorized user can exploit this vulnerabi…
|
CWE-78
OS Command
|
CVE-2019-3417
|
2024-11-21 13:42 |
2019-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220937
|
7.1 |
HIGH
Network
|
mcafee
|
web_gateway
|
Clickjack vulnerability in Adminstrator web console in McAfee Web Gateway (MWG) 7.8.2.x prior to 7.8.2.12 allows remote attackers to conduct clickjacking attacks via a crafted web page that contains …
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2019-3639
|
2024-11-21 13:42 |
2019-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220938
|
6.7 |
MEDIUM
Local
|
mcafee
|
file_and_removable_media_protection
|
Privilege Escalation vulnerability in McAfee FRP 5.x prior to 5.1.0.209 allows local users to gain elevated privileges via running McAfee Tray with elevated privileges.
|
NVD-CWE-noinfo
|
CVE-2019-3637
|
2024-11-21 13:42 |
2019-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220939
|
6.5 |
MEDIUM
Network
|
mcafee
|
web_gateway
|
Exfiltration of Data in McAfee Web Gateway (MWG) 7.8.2.x prior to 7.8.2.12 allows attackers to obtain sensitive data via crafting a complex webpage that will trigger the Web Gateway to block the user…
|
NVD-CWE-noinfo
|
CVE-2019-3635
|
2024-11-21 13:42 |
2019-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220940
|
7.8 |
HIGH
Local
|
dell
|
digital_delivery
|
Dell/Alienware Digital Delivery versions prior to 4.0.41 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a Universal Windows Platform application by …
|
CWE-22
CWE-362
Path Traversal
Race Condition
|
CVE-2019-3744
|
2024-11-21 13:42 |
2019-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
