|
220221
|
7.5 |
HIGH
Network
|
360
|
p0_router_firmware
f5c_router_firmware
|
By adding some special fields to the uri ofrouter app function, the user could abuse background app cgi functions withoutauthentication. This affects 360 router P0 and F5C.
|
NVD-CWE-noinfo
|
CVE-2019-3404
|
2024-11-21 13:42 |
2020-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220222
|
7.3 |
HIGH
Local
|
opensuse
|
pcp
|
A Improper Limitation of a Pathname to a Restricted Directory vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performanc…
|
CWE-22
Path Traversal
|
CVE-2019-3696
|
2024-11-21 13:42 |
2020-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220223
|
7.8 |
HIGH
Local
|
opensuse
|
pcp
|
A Improper Control of Generation of Code vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, …
|
CWE-94
Code Injection
|
CVE-2019-3695
|
2024-11-21 13:42 |
2020-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220224
|
7.0 |
HIGH
Local
|
nagios
opensuse
|
nagios
leap
backports_sle
|
UNIX Symbolic Link (Symlink) Following vulnerability in the cronjob shipped with nagios of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 11; openSUSE Factory allows local attackers to…
|
-
|
CVE-2019-3698
|
2024-11-21 13:42 |
2020-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220225
|
6.1 |
MEDIUM
Network
|
mcafee
|
web_advisor
|
Remote Code Execution vulnerability in the web interface in McAfee Web Advisor (WA) 8.0.34745 and earlier allows remote unauthenticated attacker to execute arbitrary code via a cross site scripting a…
|
CWE-79
Cross-site Scripting
|
CVE-2019-3670
|
2024-11-21 13:42 |
2020-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220226
|
3.3 |
LOW
Local
|
suse
|
yast2-security
|
yast2-security didn't use secure defaults to protect passwords. This became a problem on 2019-10-07 when configuration files that set secure settings were moved to a different location. As of the 201…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2019-3700
|
2024-11-21 13:42 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220227
|
7.8 |
HIGH
Local
|
privoxy
|
privoxy
|
UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of privoxy on openSUSE Leap 15.1, Factory allows local attackers to escalate from user privoxy to root. This issue affects: openS…
|
-
|
CVE-2019-3699
|
2024-11-21 13:42 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220228
|
7.8 |
HIGH
Local
|
opensuse
gnu
|
leap
gnump3d
|
UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of gnump3d in openSUSE Leap 15.1 allows local attackers to escalate from user gnump3d to root. This issue affects: openSUSE Leap …
|
-
|
CVE-2019-3697
|
2024-11-21 13:42 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220229
|
7.8 |
HIGH
Local
|
opensuse
suse
|
munin
|
A Symbolic Link (Symlink) Following vulnerability in the packaging of munin in openSUSE Factory, Leap 15.1 allows local attackers to escalate from user munin to root. This issue affects: openSUSE Fac…
|
-
|
CVE-2019-3694
|
2024-11-21 13:42 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220230
|
7.8 |
HIGH
Local
|
suse
opensuse
|
mailman
backports_sle
|
A symlink following vulnerability in the packaging of mailman in SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Server 12; openSUSE Leap 15.1 allowed local attackers to escalate their privile…
|
-
|
CVE-2019-3693
|
2024-11-21 13:42 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
