|
223041
|
4.8 |
MEDIUM
Network
|
sangoma
|
freepbx
|
In userman 13.0.76.43 through 15.0.20 in Sangoma FreePBX, XSS exists in the user management screen of the Administrator web site, i.e., the/admin/config.php?display=userman URI. An attacker with suff…
|
CWE-79
Cross-site Scripting
|
CVE-2019-19552
|
2024-11-21 13:34 |
2019-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223042
|
9.8 |
CRITICAL
Network
|
cesnet
redhat
fedoraproject
|
libyang
enterprise_linux
fedora
|
In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref". An application that uses libyang to pars…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-19334
|
2024-11-21 13:34 |
2019-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223043
|
4.8 |
MEDIUM
Network
|
sangoma
|
freepbx
|
In userman 13.0.76.43 through 15.0.20 in Sangoma FreePBX, XSS exists in the User Management screen of the Administrator web site. An attacker with access to the User Control Panel application can sub…
|
CWE-79
Cross-site Scripting
|
CVE-2019-19551
|
2024-11-21 13:34 |
2019-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223044
|
9.8 |
CRITICAL
Network
|
cesnet
redhat
|
libyang
enterprise_linux
|
In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits". An application that uses libyang to parse untru…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-19333
|
2024-11-21 13:34 |
2019-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223045
|
6.5 |
MEDIUM
Network
|
norton
|
password_manager
|
Norton Password Manager, prior to 6.6.2.5, may be susceptible to an information disclosure issue, which is a type of vulnerability whereby there is an unintentional disclosure of information to an ac…
|
NVD-CWE-noinfo
|
CVE-2019-19546
|
2024-11-21 13:34 |
2019-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223046
|
6.3 |
MEDIUM
Network
|
norton
|
password_manager
|
Norton Password Manager, prior to 6.6.2.5, may be susceptible to a cross origin resource sharing (CORS) vulnerability, which is a type of issue that allows restricted resources on a web page to be re…
|
CWE-346
Origin Validation Error
|
CVE-2019-19545
|
2024-11-21 13:34 |
2019-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223047
|
6.1 |
MEDIUM
Network
|
sceditor
|
sceditor
|
SCEditor 2.1.3 allows XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2019-19466
|
2024-11-21 13:34 |
2019-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223048
|
9.8 |
CRITICAL
Network
|
sqlite
netapp
oracle
siemens
|
sqlite
cloud_backup
ontap_select_deploy_administration_utility
mysql_workbench
sinec_infrastructure_network_services
|
lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other …
|
CWE-681
Incorrect Conversion between Numeric Types
|
CVE-2019-19317
|
2024-11-21 13:34 |
2019-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223049
|
7.5 |
HIGH
Network
|
wireshark
opensuse
oracle
debian
|
wireshark
leap
solaris
zfs_storage_appliance
debian_linux
|
In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. This was addressed in epan/dissectors/asn1/cms/packet-cms-template.c by ensuring that an object identifier is set to NU…
|
CWE-909
Missing Initialization of Resource
|
CVE-2019-19553
|
2024-11-21 13:34 |
2019-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223050
|
7.8 |
HIGH
Local
|
openbsd
|
openbsd
|
OpenBSD 6.6, in a non-default configuration where S/Key or YubiKey authentication is enabled, allows local users to become root by leveraging membership in the auth group. This occurs because root's …
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2019-19522
|
2024-11-21 13:34 |
2019-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
