|
218761
|
7.2 |
HIGH
Network
|
kentico
|
kentico
|
Kentico v10.0.42 allows Global Administrators to read the cleartext SMTP Password by navigating to the SMTP configuration page. NOTE: the vendor considers this a best-practice violation but not a vul…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2019-6242
|
2024-11-21 13:46 |
2019-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218762
|
9.8 |
CRITICAL
Network
|
forcepoint
|
user_id
|
Forcepoint User ID (FUID) server versions up to 1.2 have a remote arbitrary file upload vulnerability on TCP port 5001. Successful exploitation of this vulnerability may lead to remote code execution…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2019-6139
|
2024-11-21 13:46 |
2019-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218763
|
6.8 |
MEDIUM
Physics
|
bd
|
facslyric_ivd
facslyric
|
BD FACSLyric Research Use Only, Windows 10 Professional Operating System, U.S. and Malaysian Releases, between November 2017 and November 2018 and BD FACSLyric IVD Windows 10 Professional Operating S…
|
NVD-CWE-Other
|
CVE-2019-6517
|
2024-11-21 13:46 |
2019-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218764
|
6.1 |
MEDIUM
Network
|
broadcom
|
automic_workload_automation
|
Insufficient output sanitization in the Automic Web Interface (AWI), in CA Automic Workload Automation 12.0 to 12.2, allow attackers to potentially conduct persistent cross site scripting (XSS) attac…
|
CWE-79
Cross-site Scripting
|
CVE-2019-6504
|
2024-11-21 13:46 |
2019-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218765
|
9.8 |
CRITICAL
Network
|
advantech
|
webaccess\/scada
|
WebAccess/SCADA, Version 8.3. The software does not properly sanitize its inputs for SQL commands.
|
CWE-89
SQL Injection
|
CVE-2019-6523
|
2024-11-21 13:46 |
2019-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218766
|
8.6 |
HIGH
Network
|
advantech
|
webaccess\/scada
|
WebAccess/SCADA, Version 8.3. Specially crafted requests could allow a possible authentication bypass that could allow an attacker to obtain and manipulate sensitive information.
|
CWE-287
Improper Authentication
|
CVE-2019-6521
|
2024-11-21 13:46 |
2019-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218767
|
9.8 |
CRITICAL
Network
|
advantech
|
webaccess\/scada
|
WebAccess/SCADA, Version 8.3. An improper authentication vulnerability exists that could allow a possible authentication bypass allowing an attacker to upload malicious data.
|
CWE-287
Improper Authentication
|
CVE-2019-6519
|
2024-11-21 13:46 |
2019-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218768
|
5.9 |
MEDIUM
Network
|
f5
|
big-ip_local_traffic_manager
|
On BIG-IP LTM 13.0.0 to 13.0.1 and 12.1.0 to 12.1.3.6, under certain conditions, the TMM may consume excessive resources when processing SSL Session ID Persistence traffic.
|
NVD-CWE-noinfo
|
CVE-2019-6590
|
2024-11-21 13:46 |
2019-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218769
|
7.5 |
HIGH
Network
|
mitsubishielectric
|
q03udvcpu_firmware
q04udvcpu_firmware
q06udvcpu_firmware
q13udvcpu_firmware
q26udvcpu_firmware
q04udpvcpu_firmware
q06udpvcpu_firmware
q13udpvcpu_firmware
q26udpvcpu_firmware<…
|
Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and prior, Q04/06/13/26UDPVCPU: serial number 20081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 20101 and …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2019-6535
|
2024-11-21 13:46 |
2019-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218770
|
5.4 |
MEDIUM
Network
|
f5
|
big-ip_access_policy_manager
|
On BIG-IP APM 14.0.0 to 14.0.0.4, 13.0.0 to 13.1.1.3 and 12.1.0 to 12.1.3.7, a reflected cross-site scripting (XSS) vulnerability exists in the resource information page for authenticated users when …
|
CWE-79
Cross-site Scripting
|
CVE-2019-6591
|
2024-11-21 13:46 |
2019-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
