|
223331
|
7.5 |
HIGH
Network
|
envoyproxy
|
envoy
|
An issue was discovered in Envoy 1.12.0. Upon receipt of a malformed HTTP request without a Host header, it sends an internally generated "Invalid request" response. This internally generated respons…
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-18838
|
2024-11-21 13:33 |
2019-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223332
|
9.8 |
CRITICAL
Network
|
envoyproxy
|
envoy
|
An issue was discovered in Envoy 1.12.0. An untrusted remote client may send an HTTP header (such as Host) with whitespace after the header content. Envoy will treat "header-value " as a different st…
|
NVD-CWE-noinfo
|
CVE-2019-18802
|
2024-11-21 13:33 |
2019-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223333
|
9.8 |
CRITICAL
Network
|
envoyproxy
|
envoy
|
An issue was discovered in Envoy 1.12.0. An untrusted remote client may send HTTP/2 requests that write to the heap outside of the request buffers when the upstream is HTTP/1. This may be used to cor…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-18801
|
2024-11-21 13:33 |
2019-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223334
|
9.9 |
CRITICAL
Network
|
siemens
|
control_center_server
|
A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The SFTP service (default port 22/tcp) of the Control Center Server
(CCS) does not properly limit its capab…
|
NVD-CWE-Other
|
CVE-2019-18342
|
2024-11-21 13:33 |
2019-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223335
|
5.3 |
MEDIUM
Network
|
siemens
|
sinvr_3_video_server
sinvr_3_central_control_server
|
A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The SFTP service (default port 22/tcp) of the Control Center Server
(CCS) contains an authentication bypass…
|
-
|
CVE-2019-18341
|
2024-11-21 13:33 |
2019-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223336
|
5.5 |
MEDIUM
Local
|
siemens
|
sinvr_3_video_server
sinvr_3_central_control_server
|
A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0), Control Center Server (CCS) (All versions >= V1.5.0), SiNVR/SiVMS Video Server (All versions < V5.0.0), SiN…
|
-
|
CVE-2019-18340
|
2024-11-21 13:33 |
2019-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223337
|
9.8 |
CRITICAL
Network
|
siemens
|
sinvr_3_video_server
sinvr_3_central_control_server
|
A vulnerability has been identified in SiNVR/SiVMS Video Server (All versions < V5.0.0). The HTTP service (default port 5401/tcp) of the SiVMS/SiNVR Video Server
contains an authentication bypass vul…
|
-
|
CVE-2019-18339
|
2024-11-21 13:33 |
2019-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223338
|
7.7 |
HIGH
Network
|
siemens
|
sinvr_3_video_server
sinvr_3_central_control_server
|
A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center Server (CCS) contains a directory traversal
vulnerability in its XML-based communication…
|
-
|
CVE-2019-18338
|
2024-11-21 13:33 |
2019-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223339
|
7.5 |
HIGH
Network
|
siemens
|
sppa-t3000_application_server
|
A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could be able to upload arbitrar…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2019-18320
|
2024-11-21 13:33 |
2019-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223340
|
5.3 |
MEDIUM
Network
|
siemens
|
sppa-t3000_ms3000_migration_server
|
A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could be able to enumerate running RPC services. Please …
|
CWE-287
Improper Authentication
|
CVE-2019-18312
|
2024-11-21 13:33 |
2019-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
