|
222441
|
6.7 |
MEDIUM
Local
|
cisco
|
meeting_server
|
A vulnerability in the CLI configuration shell of Cisco Meeting Server could allow an authenticated, local attacker to inject arbitrary commands as the root user. The vulnerability is due to insuffic…
|
CWE-78
OS Command
|
CVE-2019-1623
|
2024-11-21 13:36 |
2019-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222442
|
6.1 |
MEDIUM
Network
|
paloaltonetworks
|
demisto
|
Cross-site scripting (XSS) vulnerability in Palo Alto Networks Demisto 4.5 build 40249 may allow an unauthenticated attacker to run arbitrary JavaScript or HTML.
|
CWE-79
Cross-site Scripting
|
CVE-2019-1568
|
2024-11-21 13:36 |
2019-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222443
|
7.5 |
HIGH
Network
|
cisco
|
ip_conference_phone_7832_firmware
ip_conference_phone_8832_firmware
ip_phone_7811_firmware
ip_phone_7821_firmware
ip_phone_7841_firmware
ip_phone_7861_firmware
ip_phone_8811_firmwar…
|
A vulnerability in the call-handling functionality of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to caus…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2019-1635
|
2024-11-21 13:36 |
2019-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222444
|
7.8 |
HIGH
Local
|
cisco
|
nx-os
|
A vulnerability in the background operations functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker to gai…
|
CWE-20
Improper Input Validation
|
CVE-2019-1592
|
2024-11-21 13:36 |
2019-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222445
|
8.1 |
HIGH
Network
|
cisco
|
nx-os
|
A vulnerability in the Transport Layer Security (TLS) certificate validation functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unau…
|
CWE-295
Improper Certificate Validation
|
CVE-2019-1590
|
2024-11-21 13:36 |
2019-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222446
|
4.6 |
MEDIUM
Physics
|
cisco
|
nx-os
|
A vulnerability in the Trusted Platform Module (TPM) functionality of software for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthentica…
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2019-1589
|
2024-11-21 13:36 |
2019-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222447
|
4.3 |
MEDIUM
Network
|
cisco
|
nx-os
|
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, remote attacker to access sensitive information. The vulnerab…
|
CWE-20
Improper Input Validation
|
CVE-2019-1587
|
2024-11-21 13:36 |
2019-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222448
|
4.6 |
MEDIUM
Physics
|
cisco
|
application_policy_infrastructure_controller
|
A vulnerability in Cisco Application Policy Infrastructure Controller (APIC) Software could allow an unauthenticated, local attacker with physical access to obtain sensitive information from an affec…
|
CWE-459
Incomplete Cleanup
|
CVE-2019-1586
|
2024-11-21 13:36 |
2019-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222449
|
5.4 |
MEDIUM
Network
|
paloaltonetworks
|
expedition_migration_tool
|
Cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition Migration tool 1.1.12 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the Devices View.
|
CWE-79
Cross-site Scripting
|
CVE-2019-1574
|
2024-11-21 13:36 |
2019-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222450
|
2.5 |
LOW
Local
|
paloaltonetworks
|
globalprotect
|
GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS may allow a local authenticated attacker who has compromised the end-user account and gained the ability to …
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2019-1573
|
2024-11-21 13:36 |
2019-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
