|
221921
|
8.8 |
HIGH
Network
|
nokia
|
i-240w-q_gpon_ont_firmware
|
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to authenticated command injection via crafted HTTP request sent by a remote, authenticated attacker to /GponF…
|
CWE-77
Command Injection
|
CVE-2019-3920
|
2024-11-21 13:42 |
2019-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221922
|
8.8 |
HIGH
Network
|
nokia
|
i-240w-q_gpon_ont_firmware
|
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to command injection via crafted HTTP request sent by a remote, authenticated attacker to /GponForm/usb_restor…
|
CWE-77
Command Injection
|
CVE-2019-3919
|
2024-11-21 13:42 |
2019-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221923
|
9.8 |
CRITICAL
Network
|
nokia
|
i-240w-q_gpon_ont_firmware
|
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 contains multiple hard coded credentials for the Telnet and SSH interfaces.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2019-3918
|
2024-11-21 13:42 |
2019-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221924
|
7.5 |
HIGH
Network
|
nokia
|
i-240w-q_gpon_ont_firmware
|
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 allows a remote, unauthenticated attacker to enable telnetd on the router via a crafted HTTP request.
|
CWE-425
Direct Request ('Forced Browsing')
|
CVE-2019-3917
|
2024-11-21 13:42 |
2019-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221925
|
7.5 |
HIGH
Network
|
mcafee
|
agent
|
Information Disclosure vulnerability in Remote logging (which is disabled by default) in McAfee Agent (MA) 5.x allows remote unauthenticated users to access sensitive information via remote logging w…
|
NVD-CWE-noinfo
|
CVE-2019-3599
|
2024-11-21 13:42 |
2019-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221926
|
5.3 |
MEDIUM
Network
|
mcafee
|
agent
|
Buffer Access with Incorrect Length Value in McAfee Agent (MA) 5.x allows remote unauthenticated users to potentially cause a denial of service via specifically crafted UDP packets.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2019-3598
|
2024-11-21 13:42 |
2019-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221927
|
7.8 |
HIGH
Local
|
mcafee
|
endpoint_security
|
Privilege Escalation vulnerability in Microsoft Windows client in McAfee Endpoint Security (ENS) 10.6.1 and earlier allows local users to gain elevated privileges via a specific set of circumstances.
|
NVD-CWE-noinfo
|
CVE-2019-3582
|
2024-11-21 13:42 |
2019-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221928
|
7.8 |
HIGH
Local
|
microfocus
|
filr
|
A local privilege escalation vulnerability in the famtd component of Micro Focus Filr 3.0 allows a local attacker authenticated as a low privilege user to escalate to root. This vulnerability affects…
|
CWE-269
Improper Privilege Management
|
CVE-2019-3475
|
2024-11-21 13:42 |
2019-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221929
|
6.5 |
MEDIUM
Network
|
microfocus
|
filr
|
A path traversal vulnerability in the web application component of Micro Focus Filr 3.x allows a remote attacker authenticated as a low privilege user to download arbitrary files from the Filr server…
|
CWE-22
Path Traversal
|
CVE-2019-3474
|
2024-11-21 13:42 |
2019-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221930
|
7.5 |
HIGH
Network
|
mikrotik
|
routeros
|
MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is vulnerable to an intermediary vulnerability. The software will execute user defined network requests to both WAN and LAN clients. …
|
CWE-441
Confused Deputy
|
CVE-2019-3924
|
2024-11-21 13:42 |
2019-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
