|
220201
|
6.1 |
MEDIUM
Network
|
ibm
|
i
|
IBM I 7.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading …
|
CWE-79
Cross-site Scripting
|
CVE-2019-4040
|
2024-11-21 13:43 |
2019-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220202
|
8.1 |
HIGH
Network
|
facebook
|
hhvm
|
HHVM supports the use of an "admin" server which accepts administrative requests over HTTP. One of those request handlers, dump-pcre-cache, can be used to output cached regular expressions from the c…
|
CWE-22
Path Traversal
|
CVE-2019-3556
|
2024-11-21 13:42 |
2021-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220203
|
8.2 |
HIGH
Network
|
dell
|
emc_integrated_data_protection_appliance
emc_avamar_server
|
Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1, 2.2, 2.3 and 2.4. contain an XML External Entity(XXE) In…
|
CWE-611
XXE
|
CVE-2019-3752
|
2024-11-21 13:42 |
2021-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220204
|
4.1 |
MEDIUM
Physics
|
redhat
|
quay
|
A vulnerability was found in the Quay web application. Sessions in the Quay web application never expire. An attacker, able to gain access to a session, could use it to control or delete a user's con…
|
-
|
CVE-2019-3867
|
2024-11-21 13:42 |
2021-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220205
|
5.3 |
MEDIUM
Network
|
redhat
|
certification
|
It has been discovered in redhat-certification that any unauthorized user may download any file under /var/www/rhcert, provided they know its name. Red Hat Certification 6 and 7 is vulnerable to this…
|
-
|
CVE-2019-3897
|
2024-11-21 13:42 |
2021-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220206
|
5.3 |
MEDIUM
Network
|
360
|
360f5_firmware
|
In the 3.1.3.64296 and lower version of 360F5, the third party can trigger the device to send a deauth frame by constructing and sending a specific illegal 802.11 Null Data Frame, which will cause ot…
|
NVD-CWE-noinfo
|
CVE-2019-3405
|
2024-11-21 13:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220207
|
7.8 |
HIGH
Local
|
bundler
|
bundler
|
Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user's home directory are not available. If Bundler i…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2019-3881
|
2024-11-21 13:42 |
2020-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220208
|
9.8 |
CRITICAL
Network
|
opensuse
|
osc
|
A External Control of File Name or Path vulnerability in osc of SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE Linux Enterprise Sof…
|
-
|
CVE-2019-3681
|
2024-11-21 13:42 |
2020-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220209
|
6.1 |
MEDIUM
Network
|
redhat
|
quay
|
A vulnerability was found in quay-2, where a stored XSS vulnerability has been found in the super user function of quay. Attackers are able to use the name field of service key to inject scripts and …
|
CWE-79
Cross-site Scripting
|
CVE-2019-3865
|
2024-11-21 13:42 |
2020-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220210
|
6.8 |
MEDIUM
Physics
|
mcafee
|
virusscan_enterprise
|
Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan…
|
CWE-269
Improper Privilege Management
|
CVE-2019-3588
|
2024-11-21 13:42 |
2020-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
