|
224521
|
7.5 |
HIGH
Network
|
tp-link
|
tp-sg105e_firmware
|
The Web Management of TP-Link TP-SG105E V4 1.0.0 Build 20181120 devices allows an unauthenticated attacker to reboot the device via a reboot.cgi request.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2019-16893
|
2024-11-21 13:31 |
2020-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224522
|
7.8 |
HIGH
Local
|
bitdefender
|
endpoint_security_tools
|
An Untrusted Search Path vulnerability in EPSecurityService.exe as used in Bitdefender Endpoint Security Tools versions prior to 6.6.11.163 allows an attacker to load an arbitrary DLL file from the s…
|
CWE-426
Untrusted Search Path
|
CVE-2019-17099
|
2024-11-21 13:31 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224523
|
9.8 |
CRITICAL
Network
|
bitdefender
|
box_2_firmware
|
A command injection vulnerability has been discovered in the bootstrap stage of Bitdefender BOX 2, versions 2.1.47.42 and 2.1.53.45. The API method `/api/download_image` unsafely handles the producti…
|
CWE-78
OS Command
|
CVE-2019-17095
|
2024-11-21 13:31 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224524
|
7.8 |
HIGH
Local
|
belkin
|
wemo_insight_switch_firmware
|
A Stack-based Buffer Overflow vulnerability in libbelkin_api.so component of Belkin WeMo Insight Switch firmware allows a local attacker to obtain code execution on the device. This issue affects: Be…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-17094
|
2024-11-21 13:31 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224525
|
9.8 |
CRITICAL
Network
|
bitdefender
|
box_2_firmware
central
|
A OS Command Injection vulnerability in the bootstrap stage of Bitdefender BOX 2 allows the manipulation of the `get_image_url()` function in special circumstances to inject a system command.
|
CWE-78
OS Command
|
CVE-2019-17096
|
2024-11-21 13:31 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224526
|
7.8 |
HIGH
Local
|
avast
|
secure_browser
|
A Local Privilege Escalation issue was discovered in Avast Secure Browser 76.0.1659.101. The vulnerability is due to an insecure ACL set by the AvastBrowserUpdate.exe (which is running as NT AUTHORIT…
|
CWE-863
Incorrect Authorization
|
CVE-2019-17190
|
2024-11-21 13:31 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224527
|
5.5 |
MEDIUM
Local
|
bitdefender
|
antivirus
|
An Incorrect Default Permissions vulnerability in the BDLDaemon component of Bitdefender AV for Mac allows an attacker to elevate permissions to read protected directories. This issue affects: Bitdef…
|
CWE-276
Incorrect Default Permissions
|
CVE-2019-17103
|
2024-11-21 13:31 |
2020-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224528
|
8.1 |
HIGH
Network
|
bitdefender
|
box_2_firmware
|
An exploitable command execution vulnerability exists in the recovery partition of Bitdefender BOX 2, version 2.0.1.91. The API method `/api/update_setup` does not perform firmware signature checks a…
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2019-17102
|
2024-11-21 13:31 |
2020-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224529
|
6.5 |
MEDIUM
Local
|
bitdefender
|
total_security_2020
|
An Untrusted Search Path vulnerability in bdserviceshost.exe as used in Bitdefender Total Security 2020 allows an attacker to execute arbitrary code. This issue does not affect: Bitdefender Total Sec…
|
CWE-426
Untrusted Search Path
|
CVE-2019-17100
|
2024-11-21 13:31 |
2020-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224530
|
7.8 |
HIGH
Local
|
fasttracksoftware
|
admin_by_request
|
FastTrack Admin By Request 6.1.0.0 supports group policies that are supposed to allow only a select range of users to elevate to Administrator privilege at will. If a user does not have direct access…
|
CWE-269
Improper Privilege Management
|
CVE-2019-17202
|
2024-11-21 13:31 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
