|
223751
|
9.8 |
CRITICAL
Network
|
abb
|
plant_connect
power_generation_information_manager
|
In all versions of ABB Power Generation Information Manager (PGIM) and Plant Connect, the affected product is vulnerable to authentication bypass, which may allow an attacker to remotely bypass authe…
|
CWE-287
Improper Authentication
|
CVE-2019-18250
|
2024-11-21 13:32 |
2019-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223752
|
6.5 |
MEDIUM
Adjacent
|
philips
|
intellibridge_ec40_firmware
intellibridge_ec80_firmware
|
In Philips IntelliBridge EC40 and EC80, IntelliBridge EC40 Hub all versions, and IntelliBridge EC80 Hub all versions, the SSH server running on the affected products is configured to allow weak ciphe…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2019-18241
|
2024-11-21 13:32 |
2019-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223753
|
6.1 |
MEDIUM
Network
|
eclipse
|
jetty
|
In Eclipse Jetty versions 9.4.21.v20190926, 9.4.22.v20191022, and 9.4.23.v20191118, the generation of default unhandled Error response content (in text/html and text/json Content-Type) does not escap…
|
CWE-79
Cross-site Scripting
|
CVE-2019-17632
|
2024-11-21 13:32 |
2019-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223754
|
5.3 |
MEDIUM
Network
|
nokia
|
impact
|
Nokia IMPACT < 18A has path traversal that may lead to RCE if chained with CVE-2019-1743
|
CWE-22
Path Traversal
|
CVE-2019-17406
|
2024-11-21 13:32 |
2019-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223755
|
6.1 |
MEDIUM
Network
|
nokia
|
impact
|
Nokia IMPACT < 18A: has Reflected self XSS
|
CWE-79
Cross-site Scripting
|
CVE-2019-17405
|
2024-11-21 13:32 |
2019-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223756
|
4.3 |
MEDIUM
Network
|
nokia
|
impact
|
Nokia IMPACT < 18A: allows full path disclosure
|
CWE-22
Path Traversal
|
CVE-2019-17404
|
2024-11-21 13:32 |
2019-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223757
|
8.8 |
HIGH
Network
|
nokia
|
impact
|
Nokia IMPACT < 18A: An unrestricted File Upload vulnerability was found that may lead to Remote Code Execution.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2019-17403
|
2024-11-21 13:32 |
2019-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223758
|
7.8 |
HIGH
Local
|
eracent
|
epa_agent
|
An issue was discovered in Eracent EPA Agent through 10.2.26. The agent executable, when installed for non-root operations (scanning), can be used to start external programs with elevated permissions…
|
CWE-426
Untrusted Search Path
|
CVE-2019-17446
|
2024-11-21 13:32 |
2019-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223759
|
5.5 |
MEDIUM
Local
|
eracent
|
eda_agent
epa_agent
epm_agent
eua_agent
flw_agent
sum_agent
|
An issue was discovered in Eracent EDA, EPA, EPM, EUA, FLW, and SUM Agent through 10.2.26. The agent executable, when installed for non-root operations (scanning), can be forced to copy files from th…
|
CWE-59
Link Following
|
CVE-2019-17445
|
2024-11-21 13:32 |
2019-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223760
|
7.8 |
HIGH
Local
|
fortinet
|
forticlient
|
An Improper Neutralization of Special Elements used in a Command vulnerability in one of FortiClient for Mac OS root processes, may allow a local user of the system on which FortiClient is running to…
|
CWE-78
OS Command
|
CVE-2019-17650
|
2024-11-21 13:32 |
2019-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
