|
219511
|
8.8 |
HIGH
Network
|
zte
|
zxupn-9000e_firmware
|
The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by the input validation vulnerability. An attacker could exploit this vulnerability for unauthorized opera…
|
CWE-20
Improper Input Validation
|
CVE-2019-3426
|
2024-11-21 13:42 |
2019-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219512
|
8.8 |
HIGH
Network
|
zte
|
zxupn-9000e_firmware
|
The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by vulnerability of permission and access control. An attacker could exploit this vulnerability to directl…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2019-3425
|
2024-11-21 13:42 |
2019-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219513
|
5.5 |
MEDIUM
Local
|
redhat
|
openstack-mistral
|
An information-exposure vulnerability was discovered where openstack-mistral's undercloud log files containing clear-text information were made world readable. A malicious system user could exploit t…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2019-3866
|
2024-11-21 13:42 |
2019-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219514
|
8.8 |
HIGH
Network
|
xmlseclibs_project
debian
simplesamlphp
|
xmlseclibs
debian_linux
simplesamlphp
|
Rob Richards XmlSecLibs, all versions prior to v3.0.3, as used for example by SimpleSAMLphp, performed incorrect validation of cryptographic signatures in XML messages, allowing an authenticated atta…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2019-3465
|
2024-11-21 13:42 |
2019-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219515
|
6.2 |
MEDIUM
Local
|
zte
|
mf910s_firmware
|
The Sec Consult Security Lab reported an information disclosure vulnerability in MF910S product to ZTE PSIRT in October 2019. Through the analysis of related product team, the information disclosure …
|
CWE-200
Information Exposure
|
CVE-2019-3422
|
2024-11-21 13:42 |
2019-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219516
|
4.3 |
MEDIUM
Network
|
dell
|
idrac8_firmware
idrac9_firmware
idrac7_firmware
|
Dell EMC iDRAC7 versions prior to 2.65.65.65, iDRAC8 versions prior to 2.70.70.70 and iDRAC9 versions prior to 3.36.36.36 contain an improper authorization vulnerability. A remote authenticated malic…
|
NVD-CWE-Other
|
CVE-2019-3764
|
2024-11-21 13:42 |
2019-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219517
|
7.7 |
HIGH
Network
|
opensuse
|
open_build_service
|
Open Build Service before version 0.165.4 diddn't validate TLS certificates for HTTPS connections with the osc client binary
|
CWE-295
Improper Certificate Validation
|
CVE-2019-3685
|
2024-11-21 13:42 |
2019-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219518
|
8.0 |
HIGH
Adjacent
|
ztw
|
zx297520v3_firmware
|
The 7520V3V1.0.0B09P27 version, and all earlier versions of ZTE product ZX297520V3 are impacted by a Command Injection vulnerability. Unauthorized users can exploit this vulnerability to control the …
|
CWE-77
Command Injection
|
CVE-2019-3421
|
2024-11-21 13:42 |
2019-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219519
|
5.7 |
MEDIUM
Adjacent
|
zte
|
zxmp_m721_dx_firmware
|
A security vulnerability exists in a management port in the version of ZTE's ZXMP M721V3.10P01B10_M2NCP. An attacker could exploit this vulnerability to build a link to the device and send specific p…
|
NVD-CWE-noinfo
|
CVE-2019-3419
|
2024-11-21 13:42 |
2019-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219520
|
7.5 |
HIGH
Network
|
mikrotik
|
routeros
|
RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below are vulnerable to a DNS unrelated data attack. The router adds all A records to its DNS cache even when the records are unrelated to the d…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2019-3979
|
2024-11-21 13:42 |
2019-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
