|
219721
|
7.1 |
HIGH
Network
|
cloudfoundry
|
bosh_backup_and_restore
|
Cloud Foundry BOSH Backup and Restore CLI, all versions prior to 1.5.0, does not check the authenticity of backup scripts in BOSH. A remote authenticated malicious user can modify the metadata file o…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2019-3786
|
2024-11-21 13:42 |
2019-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219722
|
5.9 |
MEDIUM
Network
|
mercurial
redhat
debian
|
mercurial
enterprise_linux
debian_linux
|
A flaw was found in Mercurial before 4.9. It was possible to use symlinks and subrepositories to defeat Mercurial's path-checking logic and write files outside a repository.
|
CWE-59
Link Following
|
CVE-2019-3902
|
2024-11-21 13:42 |
2019-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219723
|
9.8 |
CRITICAL
Network
|
redhat
heketi_project
|
openshift_container_platform
heketi
|
It was found that default configuration of Heketi does not require any authentication potentially exposing the management interface to misuse. This isue only affects heketi as shipped with Openshift …
|
-
|
CVE-2019-3899
|
2024-11-21 13:42 |
2019-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219724
|
4.7 |
MEDIUM
Local
|
linux
debian
netapp
|
linux_kernel
debian_linux
vasa_provider_for_clustered_data_ontap
solidfire
hci_management_node
snapprotect
active_iq_unified_manager_for_vmware_vsphere
virtual_storage_console_fo…
|
A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. As no relevant locks (in particular the cred_guard_mutex) are held during the ptrace_may_acce…
|
-
|
CVE-2019-3901
|
2024-11-21 13:42 |
2019-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219725
|
8.0 |
HIGH
Adjacent
|
dell
|
supportassist
|
Dell SupportAssist Client versions prior to 3.2.0.90 contain a remote code execution vulnerability. An unauthenticated attacker, sharing the network access layer with the vulnerable system, can compr…
|
NVD-CWE-noinfo
|
CVE-2019-3719
|
2024-11-21 13:42 |
2019-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219726
|
8.8 |
HIGH
Network
|
dell
|
supportassist
|
Dell SupportAssist Client versions prior to 3.2.0.90 contain an improper origin validation vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability to attempt CS…
|
CWE-352
Origin Validation Error
|
CVE-2019-3718
|
2024-11-21 13:42 |
2019-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219727
|
7.5 |
HIGH
Network
|
clusterlabs
canonical
fedoraproject
|
pacemaker
ubuntu_linux
fedora
|
A use-after-free flaw was found in pacemaker up to and including version 2.0.1 which could result in certain sensitive information to be leaked via the system logs.
|
CWE-416
Use After Free
|
CVE-2019-3885
|
2024-11-21 13:42 |
2019-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219728
|
8.8 |
HIGH
Network
|
atlassian
|
confluence
confluence_server
|
Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. A remote attacker who has permission to add attachments to pages and / or blogs or to crea…
|
CWE-22
Path Traversal
|
CVE-2019-3398
|
2024-11-21 13:42 |
2019-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219729
|
7.5 |
HIGH
Network
|
cloudfoundry
|
capi-release
|
Cloud Foundry Cloud Controller API Release, versions prior to 1.79.0, contains improper authentication when validating user permissions. A remote authenticated malicious user with the ability to crea…
|
CWE-287
Improper Authentication
|
CVE-2019-3798
|
2024-11-21 13:42 |
2019-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219730
|
9.6 |
CRITICAL
Network
|
dell
|
emc_isilonsd_management_server
|
IsilonSD Management Server 1.1.0 contains a cross-site scripting vulnerability while registering vCenter servers. A remote attacker can trick an admin user to potentially exploit this vulnerability t…
|
CWE-79
Cross-site Scripting
|
CVE-2019-3709
|
2024-11-21 13:42 |
2019-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
