|
218441
|
9.8 |
CRITICAL
Network
|
drupal
|
drupal
|
An access bypass vulnerability exists when the experimental Workspaces module in Drupal 8 core is enabled. This can be mitigated by disabling the Workspaces module. It does not affect any release oth…
|
NVD-CWE-noinfo
|
CVE-2019-6342
|
2024-11-21 13:46 |
2020-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218442
|
9.8 |
CRITICAL
Network
|
apple
|
mac_os_x
iphone_os
tvos
|
A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2. An attacker in a privileged network position may be able to intercept net…
|
NVD-CWE-noinfo
|
CVE-2019-6203
|
2024-11-21 13:46 |
2020-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218443
|
7.5 |
HIGH
Network
|
auto-maskin
|
rp_210e_firmware
dcu_210e_firmware
marine_pro_observer
|
In Auto-Maskin RP210E Versions 3.7 and prior, DCU210E Versions 3.7 and prior and Marine Observer Pro (Android App), the software contains a mechanism for users to recover or change their passwords wi…
|
CWE-521
Weak Password Requirements
|
CVE-2019-6558
|
2024-11-21 13:46 |
2020-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218444
|
9.1 |
CRITICAL
Network
|
auto-maskin
|
rp210e_firmware
dcu_210_firmware
marine_pro_observer
|
In Auto-Maskin RP210E Versions 3.7 and prior, DCU210E Versions 3.7 and prior and Marine Observer Pro (Android App), the software contains a mechanism for users to recover or change their passwords wi…
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2019-6560
|
2024-11-21 13:46 |
2020-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218445
|
6.1 |
MEDIUM
Network
|
fortinet
|
fortios
|
An improper input validation vulnerability in FortiOS 6.2.1, 6.2.0, 6.0.8 and below until 5.4.0 under admin webUI may allow an attacker to perform an URL redirect attack via a specifically crafted re…
|
CWE-20
CWE-601
Improper Input Validation
Open Redirect
|
CVE-2019-6696
|
2024-11-21 13:46 |
2020-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218446
|
5.4 |
MEDIUM
Network
|
fortinet
|
fortiadc
|
An improper neutralization of input vulnerability in Fortinet FortiADC 5.3.3 and earlier may allow an attacker to execute a stored Cross Site Scripting (XSS) via a field in the traffic group interfac…
|
CWE-79
Cross-site Scripting
|
CVE-2019-6699
|
2024-11-21 13:46 |
2020-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218447
|
6.1 |
MEDIUM
Network
|
siemens
|
scalance_s602_firmware
scalance_s612_firmware
scalance_s623_firmware
scalance_s627-2m_firmware
|
A vulnerability has been identified in SCALANCE S602 (All versions >= V3.0 and < V4.1), SCALANCE S612 (All versions >= V3.0 and < V4.1), SCALANCE S623 (All versions >= V3.0 and < V4.1), SCALANCE S627…
|
-
|
CVE-2019-6585
|
2024-11-21 13:46 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218448
|
5.5 |
MEDIUM
Local
|
lenovo
|
xclarity_administrator
|
An XML External Entity (XXE) processing vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions prior to 2.6.6 that could allow information disclosure.
|
CWE-611
XXE
|
CVE-2019-6194
|
2024-11-21 13:46 |
2020-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218449
|
7.5 |
HIGH
Network
|
lenovo
|
xclarity_administrator
|
An information disclosure vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions prior to 2.6.6 that could allow unauthenticated access to some configuration files which may cont…
|
CWE-200
Information Exposure
|
CVE-2019-6193
|
2024-11-21 13:46 |
2020-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218450
|
4.8 |
MEDIUM
Network
|
lenovo
|
xclarity_controller
|
An authorization bypass exists in Lenovo XClarity Controller (XCC) versions prior to 3.08 CDI340V, 3.01 TEI392O, 1.71 PSI328N where a valid authenticated user with lesser privileges may be granted re…
|
CWE-269
Improper Privilege Management
|
CVE-2019-6195
|
2024-11-21 13:46 |
2020-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
