|
220251
|
8.6 |
HIGH
Local
|
mcafee
|
client_proxy
|
Authentication Bypass vulnerability in the Microsoft Windows client in McAfee Client Proxy (MCP) prior to 3.0.0 allows local user to bypass scanning of web traffic and gain access to blocked sites fo…
|
CWE-287
Improper Authentication
|
CVE-2019-3654
|
2024-11-21 13:42 |
2019-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220252
|
6.5 |
MEDIUM
Network
|
zte
|
zxcdn_iamweb_firmware
|
The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a configuration error vulnerability. An attacker could directly access the management portal in HTTP, resulting in users’ informatio…
|
NVD-CWE-noinfo
|
CVE-2019-3428
|
2024-11-21 13:42 |
2019-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220253
|
7.2 |
HIGH
Network
|
zte
|
zxcdn_iamweb_firmware
|
The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a code injection vulnerability. An attacker could exploit the vulnerability to inject malicious code into the management page, resul…
|
CWE-94
Code Injection
|
CVE-2019-3427
|
2024-11-21 13:42 |
2019-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220254
|
7.8 |
HIGH
Local
|
postgresql
canonical
debian
|
postgresql-common
ubuntu_linux
debian_linux
|
The pg_ctlcluster script in postgresql-common in versions prior to 210 didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation.
|
CWE-269
Improper Privilege Management
|
CVE-2019-3466
|
2024-11-21 13:42 |
2019-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220255
|
8.2 |
HIGH
Network
|
ztehome
|
c520v21_firmware
|
authentication issues vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can automatically obtain access to web services from the authorized browse…
|
NVD-CWE-noinfo
|
CVE-2019-3424
|
2024-11-21 13:42 |
2019-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220256
|
5.3 |
MEDIUM
Network
|
ztehome
|
c520v21_firmware
|
permission and access control vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can construct a URL for directory traversal and access to other un…
|
CWE-22
Path Traversal
|
CVE-2019-3423
|
2024-11-21 13:42 |
2019-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220257
|
7.8 |
HIGH
Local
|
mcafee
|
advanced_threat_defense
|
Unprotected Storage of Credentials vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows local attacker to gain access to the root password via accessing sensitive files on the sy…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2019-3663
|
2024-11-21 13:42 |
2019-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220258
|
6.5 |
MEDIUM
Network
|
mcafee
|
advanced_threat_defense
|
Path Traversal: '/absolute/pathname/here' vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attacker to gain unintended access to files on the system via …
|
CWE-22
Path Traversal
|
CVE-2019-3662
|
2024-11-21 13:42 |
2019-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220259
|
8.8 |
HIGH
Network
|
mcafee
|
advanced_threat_defense
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attacker to execute database comm…
|
CWE-89
SQL Injection
|
CVE-2019-3661
|
2024-11-21 13:42 |
2019-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220260
|
6.5 |
MEDIUM
Network
|
mcafee
|
data_loss_prevention
|
Unprotected Transport of Credentials in ePO extension in McAfee Data Loss Prevention 11.x prior to 11.4.0 allows remote attackers with access to the network to collect login details to the LDAP serve…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2019-3640
|
2024-11-21 13:42 |
2019-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
