|
219491
|
5.5 |
MEDIUM
Local
|
dell
|
command_update
|
Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. A local authenticated malicious user with low privileges potentially could exploit this vulnerability to de…
|
CWE-59
Link Following
|
CVE-2019-3749
|
2024-11-21 13:42 |
2019-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219492
|
6.5 |
MEDIUM
Network
|
mcafee
|
webadvisor
|
API Abuse/Misuse vulnerability in the web interface in McAfee Web Advisor (WA) prior to 4.1.1.48 allows remote unauthenticated attacker to allow the browser to navigate to restricted websites via a c…
|
NVD-CWE-Other
|
CVE-2019-3666
|
2024-11-21 13:42 |
2019-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219493
|
6.5 |
MEDIUM
Network
|
mcafee
|
webadvisor
|
Code Injection vulnerability in the web interface in McAfee Web Advisor (WA) prior to 4.1.1.48 allows remote unauthenticated attacker to allow the browser to render a website which Web Advisor would …
|
CWE-94
Code Injection
|
CVE-2019-3665
|
2024-11-21 13:42 |
2019-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219494
|
8.6 |
HIGH
Local
|
mcafee
|
client_proxy
|
Authentication Bypass vulnerability in the Microsoft Windows client in McAfee Client Proxy (MCP) prior to 3.0.0 allows local user to bypass scanning of web traffic and gain access to blocked sites fo…
|
CWE-287
Improper Authentication
|
CVE-2019-3654
|
2024-11-21 13:42 |
2019-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219495
|
6.5 |
MEDIUM
Network
|
zte
|
zxcdn_iamweb_firmware
|
The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a configuration error vulnerability. An attacker could directly access the management portal in HTTP, resulting in users’ informatio…
|
NVD-CWE-noinfo
|
CVE-2019-3428
|
2024-11-21 13:42 |
2019-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219496
|
7.2 |
HIGH
Network
|
zte
|
zxcdn_iamweb_firmware
|
The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a code injection vulnerability. An attacker could exploit the vulnerability to inject malicious code into the management page, resul…
|
CWE-94
Code Injection
|
CVE-2019-3427
|
2024-11-21 13:42 |
2019-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219497
|
7.8 |
HIGH
Local
|
postgresql
canonical
debian
|
postgresql-common
ubuntu_linux
debian_linux
|
The pg_ctlcluster script in postgresql-common in versions prior to 210 didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation.
|
CWE-269
Improper Privilege Management
|
CVE-2019-3466
|
2024-11-21 13:42 |
2019-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219498
|
8.2 |
HIGH
Network
|
ztehome
|
c520v21_firmware
|
authentication issues vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can automatically obtain access to web services from the authorized browse…
|
NVD-CWE-noinfo
|
CVE-2019-3424
|
2024-11-21 13:42 |
2019-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219499
|
5.3 |
MEDIUM
Network
|
ztehome
|
c520v21_firmware
|
permission and access control vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can construct a URL for directory traversal and access to other un…
|
CWE-22
Path Traversal
|
CVE-2019-3423
|
2024-11-21 13:42 |
2019-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219500
|
7.8 |
HIGH
Local
|
mcafee
|
advanced_threat_defense
|
Unprotected Storage of Credentials vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows local attacker to gain access to the root password via accessing sensitive files on the sy…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2019-3663
|
2024-11-21 13:42 |
2019-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
