|
221541
|
7.8 |
HIGH
Local
|
bundler
|
bundler
|
Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user's home directory are not available. If Bundler i…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2019-3881
|
2024-11-21 13:42 |
2020-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221542
|
9.8 |
CRITICAL
Network
|
opensuse
|
osc
|
A External Control of File Name or Path vulnerability in osc of SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE Linux Enterprise Sof…
|
-
|
CVE-2019-3681
|
2024-11-21 13:42 |
2020-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221543
|
6.1 |
MEDIUM
Network
|
redhat
|
quay
|
A vulnerability was found in quay-2, where a stored XSS vulnerability has been found in the super user function of quay. Attackers are able to use the name field of service key to inject scripts and …
|
CWE-79
Cross-site Scripting
|
CVE-2019-3865
|
2024-11-21 13:42 |
2020-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221544
|
6.8 |
MEDIUM
Physics
|
mcafee
|
virusscan_enterprise
|
Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan…
|
CWE-269
Improper Privilege Management
|
CVE-2019-3588
|
2024-11-21 13:42 |
2020-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221545
|
7.8 |
HIGH
Local
|
mcafee
|
virusscan_enterprise
|
Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow local users to interact with the On-Access Scan Messag…
|
CWE-269
Improper Privilege Management
|
CVE-2019-3585
|
2024-11-21 13:42 |
2020-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221546
|
7.3 |
HIGH
Local
|
mcafee
|
agent
|
DLL Search Order Hijacking vulnerability in McAfee Agent (MA) prior to 5.6.4 allows attackers with local access to execute arbitrary code via execution from a compromised folder.
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2019-3613
|
2024-11-21 13:42 |
2020-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221547
|
8.2 |
HIGH
Local
|
mcafee
|
total_protection
|
Privilege escalation vulnerability in McAfee Total Protection (ToPS) for Mac OS prior to 4.6 allows local users to gain root privileges via incorrect protection of temporary files.
|
CWE-269
Improper Privilege Management
|
CVE-2019-3617
|
2024-11-21 13:42 |
2020-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221548
|
7.5 |
HIGH
Network
|
parrot
|
anafi_firmware
|
Web server running on Parrot ANAFI can be crashed due to the SDK command "Common_CurrentDateTime" being sent to control service with larger than expected date length.
|
NVD-CWE-Other
|
CVE-2019-3945
|
2024-11-21 13:42 |
2020-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221549
|
7.5 |
HIGH
Network
|
parrot
|
anafi_firmware
|
Parrot ANAFI is vulnerable to Wi-Fi deauthentication attack, allowing remote and unauthenticated attackers to disconnect drone from controller during mid-flight.
|
CWE-276
Incorrect Default Permissions
|
CVE-2019-3944
|
2024-11-21 13:42 |
2020-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221550
|
7.5 |
HIGH
Network
|
advantech
|
webaccess
|
Advantech WebAccess 8.3.4 does not properly restrict an RPC call that allows unauthenticated, remote users to read files. An attacker can use this vulnerability to recover the administrator password.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2019-3942
|
2024-11-21 13:42 |
2020-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
