|
223271
|
9.8 |
CRITICAL
Network
|
ruckuswireless
|
unleashed
zonedirector_1200_firmware
|
AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote code execution via a POST request that uses tools/_rcmdstat.jsp to write to a specified filename.
|
CWE-20
Improper Input Validation
|
CVE-2019-19836
|
2024-11-21 13:35 |
2020-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223272
|
7.2 |
HIGH
Network
|
ruckuswireless
|
unleashed
zonedirector_1200_firmware
|
Directory Traversal in ruckus_cli2 in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote attacker to jailbreak the CLI via enable->debug->script->exec with ../../../bin/sh as the param…
|
CWE-22
Path Traversal
|
CVE-2019-19834
|
2024-11-21 13:35 |
2020-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223273
|
7.5 |
HIGH
Network
|
trustwave
fedoraproject
|
modsecurity
fedora
|
Trustwave ModSecurity 3.0.0 through 3.0.3 allows an attacker to send crafted requests that may, when sent quickly in large volumes, lead to the server becoming slow or unresponsive (Denial of Service…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2019-19886
|
2024-11-21 13:35 |
2020-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223274
|
6.1 |
MEDIUM
Network
|
jamasoftware
|
connect
|
Jama Connect 8.44.0 is vulnerable to stored Cross-Site Scripting
|
CWE-79
Cross-site Scripting
|
CVE-2019-19592
|
2024-11-21 13:35 |
2020-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223275
|
6.7 |
MEDIUM
Local
|
trendmicro
|
antivirus_\+_security_2019
internet_security_2019
maximum_security_2019
premium_security_2019
|
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected…
|
NVD-CWE-noinfo
|
CVE-2019-19697
|
2024-11-21 13:35 |
2020-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223276
|
5.5 |
MEDIUM
Local
|
trendmicro
|
password_manager
|
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2019-19696
|
2024-11-21 13:35 |
2020-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223277
|
6.5 |
MEDIUM
Network
|
gallagher
|
command_centre
|
In Gallagher Command Centre Server v8.10 prior to v8.10.1134(MR4), v8.00 prior to v8.00.1161(MR5), v7.90 prior to v7.90.991(MR5), v7.80 prior to v7.80.960(MR2) and v7.70 or earlier, an authenticated …
|
CWE-862
Missing Authorization
|
CVE-2019-19802
|
2024-11-21 13:35 |
2020-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223278
|
5.5 |
MEDIUM
Local
|
gallagher
|
command_centre
|
In Gallagher Command Centre Server versions of v8.10 prior to v8.10.1134(MR4), v8.00 prior to v8.00.1161(MR5), v7.90 prior to v7.90.991(MR5), v7.80 prior to v7.80.960(MR2) and v7.70 or earlier, an un…
|
NVD-CWE-noinfo
|
CVE-2019-19801
|
2024-11-21 13:35 |
2020-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223279
|
5.3 |
MEDIUM
Network
|
serpico_project
|
serpico
|
An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. The Add Collaborator allows unlimited data via the author parameter, even if the data does not match anyth…
|
NVD-CWE-noinfo
|
CVE-2019-19859
|
2024-11-21 13:35 |
2020-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223280
|
4.8 |
MEDIUM
Network
|
serpico_project
|
serpico
|
An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. admin/add_user/UID allows stored XSS via the author parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2019-19858
|
2024-11-21 13:35 |
2020-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
