|
224251
|
9.9 |
CRITICAL
Network
|
portainer
|
portainer
|
Portainer before 1.22.1 has Incorrect Access Control (issue 1 of 4).
|
NVD-CWE-noinfo
|
CVE-2019-16872
|
2024-11-21 13:31 |
2019-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224252
|
6.5 |
MEDIUM
Network
|
portainer
|
portainer
|
Portainer before 1.22.1 has Incorrect Access Control (issue 2 of 4).
|
NVD-CWE-noinfo
|
CVE-2019-16874
|
2024-11-21 13:31 |
2019-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224253
|
5.4 |
MEDIUM
Network
|
portainer
|
portainer
|
Portainer before 1.22.1 has XSS (issue 1 of 2).
|
CWE-79
Cross-site Scripting
|
CVE-2019-16873
|
2024-11-21 13:31 |
2019-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224254
|
8.8 |
HIGH
Network
|
oxid-esales
|
eshop
|
An issue was discovered in OXID eShop 6.x before 6.0.6 and 6.1.x before 6.1.5, OXID eShop Enterprise Edition Version 5.2.x-5.3.x, OXID eShop Professional Edition Version 4.9.x-4.10.x and OXID eShop C…
|
CWE-384
Session Fixation
|
CVE-2019-17062
|
2024-11-21 13:31 |
2019-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224255
|
9.8 |
CRITICAL
Network
|
mbed
|
mbed
|
An integer overflow was discovered in the CoAP library in Arm Mbed OS 5.14.0. The function sn_coap_builder_calc_needed_packet_data_size_2() is used to calculate the required memory for the CoAP messa…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2019-17211
|
2024-11-21 13:31 |
2019-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224256
|
9.8 |
CRITICAL
Network
|
mbed
|
mbed
|
Buffer overflows were discovered in the CoAP library in Arm Mbed OS 5.14.0. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse() parses CoAP i…
|
CWE-787
CWE-129
Out-of-bounds Write
Improper Validation of Array Index
|
CVE-2019-17212
|
2024-11-21 13:31 |
2019-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224257
|
7.5 |
HIGH
Network
|
phantomjs
|
phantomjs
|
PhantomJS through 2.1.1 has an arbitrary file read vulnerability, as demonstrated by an XMLHttpRequest for a file:// URI. The vulnerability exists in the page.open() function of the webpage module, w…
|
CWE-552
Files or Directories Accessible to External Parties
|
CVE-2019-17221
|
2024-11-21 13:31 |
2019-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224258
|
7.5 |
HIGH
Network
|
arm
|
mbed-mqtt
mbed-os
|
A denial-of-service issue was discovered in the MQTT library in Arm Mbed OS 2017-11-02. The function readMQTTLenString() is called by the function MQTTDeserialize_publish() to get the length and cont…
|
CWE-20
Improper Input Validation
|
CVE-2019-17210
|
2024-11-21 13:31 |
2019-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224259
|
4.3 |
MEDIUM
Network
|
infosysta
|
in-app_\&_desktop_notifications
|
An issue was discovered in the Infosysta "In-App & Desktop Notifications" app before 1.6.14_J8 for Jira. It is possible to obtain a list of all Jira projects (with authentication as a Jira user, but …
|
CWE-862
Missing Authorization
|
CVE-2019-16909
|
2024-11-21 13:31 |
2019-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224260
|
5.3 |
MEDIUM
Network
|
infosysta
|
in-app_\&_desktop_notifications
|
An issue was discovered in the Infosysta "In-App & Desktop Notifications" app before 1.6.14_J8 for Jira. It is possible to obtain a list of all Jira projects without authentication/authorization via …
|
CWE-200
Information Exposure
|
CVE-2019-16908
|
2024-11-21 13:31 |
2019-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
