|
225031
|
5.4 |
MEDIUM
Network
|
dlink
|
dsl-2680_firmware
|
A Stored XSS issue in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an authenticated attacker to inject arbitrary JavaScript code into the info.html administration page b…
|
CWE-79
Cross-site Scripting
|
CVE-2019-19222
|
2024-11-21 13:34 |
2020-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225032
|
6.1 |
MEDIUM
Network
|
mitel
|
micollab_audio\
_web_\&_video_conferencing
|
A cross-site scripting (XSS) vulnerability in the web conferencing component of Mitel MiCollab AWV before 8.1.2.2 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (…
|
CWE-79
Cross-site Scripting
|
CVE-2019-19371
|
2024-11-21 13:34 |
2020-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225033
|
6.1 |
MEDIUM
Network
|
mitel
|
micollab
|
A cross-site scripting (XSS) vulnerability in the web conferencing component of the Mitel MiCollab application before 9.0.15 for Android could allow an unauthenticated attacker to conduct a reflected…
|
CWE-79
Cross-site Scripting
|
CVE-2019-19370
|
2024-11-21 13:34 |
2020-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225034
|
6.1 |
MEDIUM
Network
|
heroplugins
|
hero_maps_premium
|
The Hero Maps Premium plugin 2.2.1 and prior for WordPress is prone to unauthenticated XSS via the views/dashboard/index.php p parameter because it fails to sufficiently sanitize user-supplied input.…
|
CWE-79
Cross-site Scripting
|
CVE-2019-19134
|
2024-11-21 13:34 |
2020-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225035
|
7.8 |
HIGH
Local
|
patriotmemory
|
viper_rgb_driver
|
A buffer overflow was found in Patriot Viper RGB through 1.1 when processing IoControlCode 0x80102040. Local attackers (including low integrity processes) can exploit this to gain NT AUTHORITY\SYSTEM…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-19452
|
2024-11-21 13:34 |
2020-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225036
|
6.1 |
MEDIUM
Network
|
silverstripe
|
silverstripe
|
SilverStripe through 4.4.x before 4.4.5 and 4.5.x before 4.5.2 allows Reflected XSS on the login form and custom forms. Silverstripe Forms allow malicious HTML or JavaScript to be inserted through no…
|
CWE-79
Cross-site Scripting
|
CVE-2019-19325
|
2024-11-21 13:34 |
2020-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225037
|
6.5 |
MEDIUM
Adjacent
|
st
|
wb55
bluenrg-2
|
The Bluetooth Low Energy implementation on STMicroelectronics BLE Stack through 1.3.1 for STM32WB5x devices does not properly handle consecutive Attribute Protocol (ATT) requests on reception, allowi…
|
CWE-20
Improper Input Validation
|
CVE-2019-19192
|
2024-11-21 13:34 |
2020-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225038
|
6.5 |
MEDIUM
Adjacent
|
telink-semi
|
tlsr8258_ble_sdk
tlsr8269_ble_sdk
tlsr8253_ble_sdk
tlsr8251_ble_sdk
tlsr8232_ble_sdk
|
The Bluetooth Low Energy Secure Manager Protocol (SMP) implementation on Telink Semiconductor BLE SDK versions before November 2019 for TLSR8x5x through 3.4.0, TLSR823x through 1.3.0, and TLSR826x th…
|
CWE-120
Classic Buffer Overflow
|
CVE-2019-19196
|
2024-11-21 13:34 |
2020-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225039
|
8.8 |
HIGH
Adjacent
|
telink-semi
|
tlsr8258_ble_sdk
tlsr8269_ble_sdk
tlsr8253_ble_sdk
tlsr8251_ble_sdk
tlsr8232_ble_sdk
|
The Bluetooth Low Energy Secure Manager Protocol (SMP) implementation on Telink Semiconductor BLE SDK versions before November 2019 for TLSR8x5x through 3.4.0, TLSR823x through 1.3.0, and TLSR826x th…
|
NVD-CWE-noinfo
|
CVE-2019-19194
|
2024-11-21 13:34 |
2020-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225040
|
6.5 |
MEDIUM
Adjacent
|
microchip
|
atmsamb11_blusdk_smart
|
The Bluetooth Low Energy implementation on Microchip Technology BluSDK Smart through 6.2 for ATSAMB11 devices does not properly restrict link-layer data length on reception, allowing attackers in rad…
|
NVD-CWE-noinfo
|
CVE-2019-19195
|
2024-11-21 13:34 |
2020-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
