|
223021
|
6.1 |
MEDIUM
Network
|
maxum
|
rumpus
|
A Reflected Cross Site Scripting was discovered in the Login page of Rumpus FTP Web File Manager 8.2.9.1. An attacker can exploit it by sending a crafted link to end users and can execute arbitrary J…
|
CWE-79
Cross-site Scripting
|
CVE-2019-19368
|
2024-11-21 13:34 |
2019-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223022
|
7.5 |
HIGH
Network
|
nic
debian
|
knot_resolver
debian_linux
|
knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2019-19331
|
2024-11-21 13:34 |
2019-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223023
|
7.5 |
HIGH
Network
|
huawei
|
s12700_firmware
s1700_firmware
s2700_firmware
s5700_firmware
s6700_firmware
s7700_firmware
s9700_firmware
|
There is a weak algorithm vulnerability in some Huawei products. The affected products use weak algorithms by default. Attackers may exploit the vulnerability to cause information leaks.
|
NVD-CWE-noinfo
|
CVE-2019-19397
|
2024-11-21 13:34 |
2019-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223024
|
7.8 |
HIGH
Local
|
idrix
|
veracrypt
|
VeraCrypt 1.24 allows Local Privilege Escalation during execution of VeraCryptExpander.exe.
|
NVD-CWE-noinfo
|
CVE-2019-19501
|
2024-11-21 13:34 |
2019-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223025
|
7.8 |
HIGH
Local
|
ea
|
origin
|
Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 2 of 2).
|
NVD-CWE-noinfo
|
CVE-2019-19248
|
2024-11-21 13:34 |
2019-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223026
|
7.8 |
HIGH
Local
|
ea
|
origin
|
Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 1 of 2).
|
NVD-CWE-noinfo
|
CVE-2019-19247
|
2024-11-21 13:34 |
2019-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223027
|
5.4 |
MEDIUM
Network
|
scoutnet
|
kalender
|
The Scoutnet Kalender plugin 1.1.0 for WordPress allows XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2019-19198
|
2024-11-21 13:34 |
2019-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223028
|
9.1 |
CRITICAL
Network
|
squiz
|
matrix
|
An issue was discovered in core/assets/form/form_question_types/form_question_type_file_upload/form_question_type_file_upload.inc in Squiz Matrix CMS 5.5.0 prior to 5.5.0.3, 5.5.1 prior to 5.5.1.8, 5…
|
CWE-22
Path Traversal
|
CVE-2019-19374
|
2024-11-21 13:34 |
2019-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223029
|
7.5 |
HIGH
Network
|
squiz
|
matrix
|
An issue was discovered in Squiz Matrix CMS 5.5.0 prior to 5.5.0.3, 5.5.1 prior to 5.5.1.8, 5.5.2 prior to 5.5.2.4, and 5.5.3 prior to 5.5.3.3 where a user can trigger arbitrary unserialization of a …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2019-19373
|
2024-11-21 13:34 |
2019-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223030
|
7.5 |
HIGH
Network
|
xen
fedoraproject
opensuse
debian
|
xen
fedora
leap
debian_linux
|
An issue was discovered in Xen through 4.12.x allowing x86 HVM/PVH guest OS users to cause a denial of service (guest OS crash) because VMX VMEntry checks mishandle a certain case. Please see XSA-260…
|
NVD-CWE-noinfo
|
CVE-2019-19583
|
2024-11-21 13:34 |
2019-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
