|
218721
|
8.8 |
HIGH
Network
|
sonatype
|
nexus_repository_manager
|
The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability.
|
CWE-78
OS Command
|
CVE-2019-5475
|
2024-11-21 13:45 |
2019-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218722
|
7.5 |
HIGH
Network
|
onkyo
|
tx-nr686_firmware
|
Directory traversal vulnerability on ONKYO TX-NR686 1030-5000-1040-0010 A/V Receiver devices allows remote attackers to read arbitrary files via a .. (dot dot) and %2f to the default URI.
|
CWE-22
Path Traversal
|
CVE-2019-6113
|
2024-11-21 13:45 |
2019-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218723
|
7.5 |
HIGH
Network
|
freebsd
netapp
|
freebsd
clustered_data_ontap
|
In FreeBSD 12.0-STABLE before r351264, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r351265, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, the kernel driv…
|
CWE-362
Race Condition
|
CVE-2019-5612
|
2024-11-21 13:45 |
2019-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218724
|
7.5 |
HIGH
Network
|
freebsd
netapp
|
freebsd
clustered_data_ontap
|
In FreeBSD 12.0-STABLE before r350828, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r350829, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, a missing check…
|
CWE-20
Improper Input Validation
|
CVE-2019-5611
|
2024-11-21 13:45 |
2019-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218725
|
7.5 |
HIGH
Network
|
freebsd
netapp
|
freebsd
clustered_data_ontap
|
In FreeBSD 12.0-STABLE before r350637, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350638, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the bsnmp librar…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-5610
|
2024-11-21 13:45 |
2019-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218726
|
7.5 |
HIGH
Network
|
freebsd
|
freebsd
|
In FreeBSD 12.0-STABLE before r350619, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350619, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the bhyve e1000 …
|
CWE-787
Out-of-bounds Write
|
CVE-2019-5609
|
2024-11-21 13:45 |
2019-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218727
|
9.8 |
CRITICAL
Network
|
freebsd
netapp
|
freebsd
clustered_data_ontap
|
In FreeBSD 12.0-STABLE before r350648, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350650, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the ICMPv6 input…
|
CWE-125
CWE-787
Out-of-bounds Read
Out-of-bounds Write
|
CVE-2019-5608
|
2024-11-21 13:45 |
2019-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218728
|
7.8 |
HIGH
Local
|
bitrock
|
installbuilder
|
Windows binaries generated with InstallBuilder versions earlier than 19.7.0 are vulnerable to tampering even if they contain a valid Authenticode signature.
|
NVD-CWE-noinfo
|
CVE-2019-5530
|
2024-11-21 13:45 |
2019-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218729
|
6.1 |
MEDIUM
Network
|
fortinet
|
fortiweb
|
The URL part of the report message is not encoded in Fortinet FortiWeb 6.0.2 and below which may allow an attacker to execute unauthorized code or commands (Cross Site Scripting) via attack reports g…
|
CWE-79
Cross-site Scripting
|
CVE-2019-5590
|
2024-11-21 13:45 |
2019-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218730
|
6.1 |
MEDIUM
Network
|
fortinet
|
fortinac
|
An Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") in Fortinet FortiNAC 8.3.0 to 8.3.6 and 8.5.0 admin webUI may allow an unauthenticated attacker to perform a re…
|
CWE-79
Cross-site Scripting
|
CVE-2019-5594
|
2024-11-21 13:45 |
2019-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
