|
220821
|
8.8 |
HIGH
Network
|
formalms
|
formalms
|
Exploitable SQL injection vulnerabilities exist in the authenticated portion of Forma LMS 2.2.1. Specially crafted web requests can cause SQL injections. An attacker can send a web request with param…
|
CWE-89
SQL Injection
|
CVE-2019-5110
|
2024-11-21 13:44 |
2019-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220822
|
8.8 |
HIGH
Network
|
formalms
|
formalms
|
Exploitable SQL injection vulnerabilities exists in the authenticated portion of Forma LMS 2.2.1. Specially crafted web requests can cause SQL injections. An attacker can send a web request with para…
|
CWE-89
SQL Injection
|
CVE-2019-5109
|
2024-11-21 13:44 |
2019-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220823
|
7.5 |
HIGH
Network
|
embedthis
|
goahead
|
A denial-of-service vulnerability exists in the processing of multi-part/form-data requests in the base GoAhead web server application in versions v5.0.1, v.4.1.1 and v3.6.5. A specially crafted HTTP…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2019-5097
|
2024-11-21 13:44 |
2019-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220824
|
8.8 |
HIGH
Network
|
accusoft
|
imagegear
|
An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll TIFdecodethunderscan function of Accusoft ImageGear 19.3.0 library. A specially crafted TIFF file can cause an out of boun…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-5083
|
2024-11-21 13:44 |
2019-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220825
|
8.8 |
HIGH
Network
|
accusoft
|
imagegear
|
An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll PNG header-parser of the Accusoft ImageGear 19.3.0 library. A specially crafted PNG file can cause an out-of-bounds write,…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-5076
|
2024-11-21 13:44 |
2019-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220826
|
9.8 |
CRITICAL
Network
|
embedthis
|
goahead
|
An exploitable code execution vulnerability exists in the processing of multi-part/form-data requests within the base GoAhead web server application in versions v5.0.1, v.4.1.1 and v3.6.5. A speciall…
|
CWE-416
Use After Free
|
CVE-2019-5096
|
2024-11-21 13:44 |
2019-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220827
|
4.6 |
MEDIUM
Physics
|
huawei
|
honor_play_firmware
|
Honor play smartphones with versions earlier than 9.1.0.333(C00E333R1P1T8) have an information disclosure vulnerability in certain Huawei . An attacker could view certain information after a series o…
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2019-5309
|
2024-11-21 13:44 |
2019-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220828
|
2.4 |
LOW
Physics
|
huawei
|
mate_20_rs_firmware
|
Mate 20 RS smartphones with versions earlier than 9.1.0.135(C786E133R3P1) have an improper authorization vulnerability. The software does not properly restrict certain operation in ADB mode, successf…
|
NVD-CWE-noinfo
|
CVE-2019-5308
|
2024-11-21 13:44 |
2019-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220829
|
5.4 |
MEDIUM
Adjacent
|
huawei
|
myna_firmware
|
There is an information leak vulnerability in Huawei smart speaker Myna. When the smart speaker is paired with the cloud through Wi-Fi, the speaker incorrectly processes some data. Attackers can expl…
|
NVD-CWE-noinfo
|
CVE-2019-5271
|
2024-11-21 13:44 |
2019-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220830
|
5.5 |
MEDIUM
Local
|
huawei
|
atlas_300_firmware
atlas_500_firmware
|
Huawei Atlas 300, Atlas 500 have a buffer overflow vulnerability. A local, authenticated attacker may craft specific parameter and send to the process to exploit this vulnerability. Successfully expl…
|
CWE-120
Classic Buffer Overflow
|
CVE-2019-5247
|
2024-11-21 13:44 |
2019-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
