|
220951
|
6.1 |
MEDIUM
Network
|
hp
|
arcsight_management_center
|
Mitigates a stored cross site scripting issue in ArcSight Security Management Center versions prior to 2.9.1
|
CWE-79
Cross-site Scripting
|
CVE-2019-3486
|
2024-11-21 13:42 |
2019-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220952
|
8.2 |
HIGH
Local
|
mcafee
|
data_loss_prevention_endpoint
|
Files or Directories Accessible to External Parties in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows authenticated user to redirect DLPe log files to arbitrary locations …
|
CWE-552
Files or Directories Accessible to External Parties
|
CVE-2019-3622
|
2024-11-21 13:42 |
2019-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220953
|
6.1 |
MEDIUM
Network
|
hp
|
arcsight_logger
|
Mitigates a stored cross site scripting issue in ArcSight Logger versions prior to 6.7.1
|
CWE-79
Cross-site Scripting
|
CVE-2019-3485
|
2024-11-21 13:42 |
2019-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220954
|
6.5 |
MEDIUM
Local
|
mcafee
|
data_loss_prevention_endpoint
|
Improper Neutralization of Special Elements used in a Command ('Command Injection') in ePO extension in McAfee Data Loss Prevention (DLP) 11.x prior to 11.3.0 allows Authenticated Adminstrator to exe…
|
CWE-78
OS Command
|
CVE-2019-3595
|
2024-11-21 13:42 |
2019-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220955
|
6.1 |
MEDIUM
Network
|
mcafee
|
data_loss_prevention_endpoint
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in ePO extension in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows unauthenticated rem…
|
CWE-79
Cross-site Scripting
|
CVE-2019-3591
|
2024-11-21 13:42 |
2019-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220956
|
4.8 |
MEDIUM
Adjacent
|
zte
|
otcp_firmware
|
All versions up to V1.19.20.02 of ZTE OTCP product are impacted by XSS vulnerability. Due to XSS, when an attacker invokes the security management to obtain the resources of the specified operation c…
|
CWE-79
Cross-site Scripting
|
CVE-2019-3414
|
2024-11-21 13:42 |
2019-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220957
|
6.7 |
MEDIUM
Local
|
mcafee
|
agent
|
Privilege escalation vulnerability in McAfee Agent (MA) before 5.6.1 HF3, allows local administrator users to potentially disable some McAfee processes by manipulating the MA directory control and pl…
|
NVD-CWE-noinfo
|
CVE-2019-3592
|
2024-11-21 13:42 |
2019-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220958
|
5.4 |
MEDIUM
Network
|
pivotal_software
|
cloud_foundry_uaa
|
Cloud Foundry UAA, versions prior to v73.4.0, does not set an X-FRAME-OPTIONS header on various endpoints. A remote user can perform clickjacking attacks on UAA's frontend sites.
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2019-3794
|
2024-11-21 13:42 |
2019-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220959
|
7.8 |
HIGH
Local
|
dell
|
emc_unity_operating_environment
emc_unityvsa_operating_environment
|
Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116 contain a plain-text password storage vulnerability. A Unisphere user’s (including the admin privilege user) password is stored in a plain …
|
CWE-693
Protection Mechanism Failure
|
CVE-2019-3741
|
2024-11-21 13:42 |
2019-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220960
|
4.3 |
MEDIUM
Network
|
dell
|
emc_unity_operating_environment
emc_unityvsa_operating_environment
|
Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116 contain an improper authorization vulnerability in NAS Server quotas configuration. A remote authenticated Unisphere Operator could potenti…
|
NVD-CWE-noinfo
|
CVE-2019-3734
|
2024-11-21 13:42 |
2019-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
