|
225231
|
7.5 |
HIGH
Network
|
broadcom
|
fabric_operating_system
|
Brocade Fabric OS Versions before v7.4.2f, v8.2.2a, v8.1.2j and v8.2.1d could expose external passwords, common secrets or authentication keys used between the switch and an external server.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2019-16204
|
2024-11-21 13:30 |
2020-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225232
|
7.5 |
HIGH
Network
|
broadcom
|
fabric_operating_system
|
Brocade Fabric OS Versions before v8.2.2a and v8.2.1d could expose the credentials of the remote ESRS server when these credentials are given as a command line option when configuring the ESRS client.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2019-16203
|
2024-11-21 13:30 |
2020-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225233
|
9.8 |
CRITICAL
Network
|
connectwise
|
control
|
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is a CORS misconfiguration, which reflected the Origin provided by incoming requests. This allo…
|
CWE-346
Origin Validation Error
|
CVE-2019-16517
|
2024-11-21 13:30 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225234
|
5.3 |
MEDIUM
Network
|
connectwise
|
control
|
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is a user enumeration vulnerability, allowing an unauthenticated attacker to determine with cer…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2019-16516
|
2024-11-21 13:30 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225235
|
6.5 |
MEDIUM
Network
|
connectwise
|
control
|
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. Certain HTTP security headers are not used.
|
NVD-CWE-Other
|
CVE-2019-16515
|
2024-11-21 13:30 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225236
|
7.2 |
HIGH
Network
|
connectwise
|
control
|
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. The server allows remote code execution. Administrative users could upload an unsigned extension ZIP …
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2019-16514
|
2024-11-21 13:30 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225237
|
8.8 |
HIGH
Network
|
connectwise
|
control
|
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. CSRF can be used to send API requests.
|
CWE-352
Origin Validation Error
|
CVE-2019-16513
|
2024-11-21 13:30 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225238
|
4.8 |
MEDIUM
Network
|
connectwise
|
control
|
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is stored XSS in the Appearance modifier.
|
CWE-79
Cross-site Scripting
|
CVE-2019-16512
|
2024-11-21 13:30 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225239
|
9.8 |
CRITICAL
Network
|
fortinet
|
fortisiem
|
A hard-coded password vulnerability in the Fortinet FortiSIEM database component version 5.2.5 and below may allow attackers to access the device database via the use of static credentials.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2019-16153
|
2024-11-21 13:30 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225240
|
7.5 |
HIGH
Network
|
adobe
|
experience_manager
|
Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have an expression language injection vulnerability. Successful exploitation could lead to sensitive information disclosure.
|
CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
|
CVE-2019-16469
|
2024-11-21 13:30 |
2020-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
