|
223291
|
8.2 |
HIGH
Network
|
-
|
-
|
A vulnerability in WhatsApp Desktop versions prior to 0.3.9309 when paired with WhatsApp for iPhone versions prior to 2.20.10 allows cross-site scripting and local file reading. Exploiting the vulner…
|
CWE-79
Cross-site Scripting
|
CVE-2019-18426
|
2024-11-21 13:33 |
2020-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223292
|
7.0 |
HIGH
Local
|
squid_analysis_report_generator_project
opensuse
|
squid_analysis_report_generator
leap
backports_sle
|
log.c in Squid Analysis Report Generator (sarg) through 2.3.11 allows local privilege escalation. By default, it uses a fixed temporary directory /tmp/sarg. As the root user, sarg creates this direct…
|
CWE-362
CWE-59
Race Condition
Link Following
|
CVE-2019-18932
|
2024-11-21 13:33 |
2020-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223293
|
7.5 |
HIGH
Network
|
jetbrains
|
idetalk
|
JetBrains IDETalk plugin before version 193.4099.10 allows XXE
|
CWE-611
XXE
|
CVE-2019-18412
|
2024-11-21 13:33 |
2020-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223294
|
7.8 |
HIGH
Local
|
avast
|
premium_security
|
In Avast Premium Security 19.8.2393, attackers can send a specially crafted request to the local web server run by Avast Antivirus on port 27275 to support Bank Mode functionality. A flaw in the proc…
|
CWE-78
OS Command
|
CVE-2019-18894
|
2024-11-21 13:33 |
2020-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223295
|
5.4 |
MEDIUM
Network
|
dell
|
emc_unisphere_for_powermax
emc_powermax
|
Dell EMC Unisphere for PowerMax versions prior to 9.1.0.9, Dell EMC Unisphere for PowerMax versions prior to 9.0.2.16, and Dell EMC PowerMax OS 5978.221.221 and 5978.479.479 contain a Cross-Site Scri…
|
CWE-79
Cross-site Scripting
|
CVE-2019-18588
|
2024-11-21 13:33 |
2020-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223296
|
6.1 |
MEDIUM
Network
|
video_downloader_project
avg
avast
|
video_downloader
secure_browser
|
XSS in the Video Downloader component before 1.5 of Avast Secure Browser 77.1.1831.91 and AVG Secure Browser 77.0.1790.77 allows websites to execute their code in the context of this component. While…
|
CWE-79
Cross-site Scripting
|
CVE-2019-18893
|
2024-11-21 13:33 |
2020-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223297
|
6.1 |
MEDIUM
Network
|
digi
|
anywhereusb\/14_firmware
|
Digi AnywhereUSB 14 allows XSS via a link for the Digi Page.
|
CWE-79
Cross-site Scripting
|
CVE-2019-18859
|
2024-11-21 13:33 |
2020-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223298
|
6.1 |
MEDIUM
Network
|
watchguard
|
xmt515_firmware
|
A DOM based XSS vulnerability has been identified on the WatchGuard XMT515 through 12.1.3, allowing a remote attacker to execute JavaScript in the victim's browser by tricking the victim into clickin…
|
CWE-79
Cross-site Scripting
|
CVE-2019-18652
|
2024-11-21 13:33 |
2020-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223299
|
8.7 |
HIGH
Network
|
unisys
|
mcp_firmware
|
Systems management on Unisys ClearPath Forward Libra and ClearPath MCP Software Series can fault and have other unspecified impact when receiving specifically crafted message payloads over a systems …
|
NVD-CWE-noinfo
|
CVE-2019-18386
|
2024-11-21 13:33 |
2020-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223300
|
6.1 |
MEDIUM
Network
|
usriot
|
usr-wifi232-s_firmware
usr-wifi232-t_firmware
usr-wifi232-g2_firmware
usr-wifi232-h_firmware
|
A cross-site scripting (XSS) vulnerability in the configuration web interface of the Jinan USR IOT USR-WIFI232-S/T/G2/H Low Power WiFi Module with web version 1.2.2 allows attackers to leak credentia…
|
CWE-79
Cross-site Scripting
|
CVE-2019-18842
|
2024-11-21 13:33 |
2020-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
