|
223731
|
9.8 |
CRITICAL
Network
|
siemens
|
sppa-t3000_application_server
|
A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). The AdminService is available without authentication on the Application Server. An attacke…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2019-18284
|
2024-11-21 13:32 |
2019-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223732
|
9.8 |
CRITICAL
Network
|
siemens
|
sppa-t3000_application_server
|
A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). The AdminService is available without authentication on the Application Server. An attacke…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2019-18283
|
2024-11-21 13:32 |
2019-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223733
|
7.8 |
HIGH
Local
|
reliablecontrols
|
rc-licensemanager
|
Reliable Controls LicenseManager versions 3.4 and prior may allow an authenticated user to insert malicious code into the system root path, which may allow execution of code with elevated privileges …
|
CWE-428
Unquoted Search Path or Element
|
CVE-2019-18245
|
2024-11-21 13:32 |
2019-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223734
|
7.8 |
HIGH
Local
|
gemalto
|
sentinel_ldk_license_manager
|
SafeNet Sentinel LDK License Manager, all versions prior to 7.101(only Microsoft Windows versions are affected) is vulnerable when configured as a service. This vulnerability may allow an attacker wi…
|
CWE-59
Link Following
|
CVE-2019-18232
|
2024-11-21 13:32 |
2019-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223735
|
9.8 |
CRITICAL
Network
|
yachtcontrol
|
yachtcontrol
|
Yachtcontrol through 2019-10-06: It's possible to perform direct Operating System commands as an unauthenticated user via the "/pages/systemcall.php?command={COMMAND}" page and parameter, where {COMM…
|
CWE-78
OS Command
|
CVE-2019-17270
|
2024-11-21 13:32 |
2019-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223736
|
9.8 |
CRITICAL
Network
|
trendmicro
|
antivirus\+_security_2020
internet_security_2020
maximum_security_2020
premium_security_2020
|
Trend Micro Security (Consumer) 2020 (v16.x) is affected by a vulnerability in where null pointer dereference errors result in the crash of application, which could potentially lead to possible unsig…
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-18190
|
2024-11-21 13:32 |
2019-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223737
|
7.8 |
HIGH
Local
|
aviatrix
|
vpn_client
|
Weak file permissions applied to the Aviatrix VPN Client through 2.2.10 installation directory on Windows and Linux allow a local attacker to execute arbitrary code by gaining elevated privileges thr…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2019-17388
|
2024-11-21 13:32 |
2019-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223738
|
7.8 |
HIGH
Local
|
aviatrix
|
vpn_client
|
An authentication flaw in the AVPNC_RP service in Aviatrix VPN Client through 2.2.10 allows an attacker to gain elevated privileges through arbitrary code execution on Windows, Linux, and macOS.
|
NVD-CWE-noinfo
|
CVE-2019-17387
|
2024-11-21 13:32 |
2019-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223739
|
7.5 |
HIGH
Network
|
otrs
|
otrs
|
Improper Check for filenames with overly long extensions in PostMaster (sending in email) or uploading files (e.g. attaching files to mails) of ((OTRS)) Community Edition and OTRS allows an remote at…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2019-18180
|
2024-11-21 13:32 |
2019-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223740
|
7.8 |
HIGH
Local
|
paloaltonetworks
|
pan-os
|
An improper authentication check in Palo Alto Networks PAN-OS may allow an authenticated low privileged non-superuser custom role user to elevate privileges and become superuser. This issue affects P…
|
CWE-287
Improper Authentication
|
CVE-2019-17437
|
2024-11-21 13:32 |
2019-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
