|
224041
|
7.0 |
HIGH
Local
|
teamviewer
|
teamviewer
|
TeamViewer Desktop through 14.7.1965 allows a bypass of remote-login access control because the same key is used for different customers' installations. It used a shared AES key for all installations…
|
CWE-521
Weak Password Requirements
|
CVE-2019-18988
|
2024-11-21 13:33 |
2020-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224042
|
6.3 |
MEDIUM
Local
|
hp
|
bromium
|
Bromium client version 4.0.3.2060 and prior to 4.1.7 Update 1 has an out of bound read results in race condition causing Kernel memory leaks or denial of service.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-18567
|
2024-11-21 13:33 |
2020-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224043
|
6.8 |
MEDIUM
Physics
|
hp
|
elitedesk_800_g5_dm_firmware
elitedesk_800_g5_sff_firmware
elitedesk_800_g5_twr_firmware
eliteone_800_g5_aio_firmware
prodesk_400_g5_dm_firmware
prodesk_400_g6_mt_firmware
prodesk_4…
|
A potential security vulnerability with pre-boot DMA may allow unauthorized UEFI code execution using open-case attacks. This industry-wide issue requires physically accessing internal expansion slot…
|
NVD-CWE-noinfo
|
CVE-2019-18913
|
2024-11-21 13:33 |
2020-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224044
|
7.8 |
HIGH
Local
|
sudo_project
debian
|
sudo
debian_linux
|
In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and ele…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-18634
|
2024-11-21 13:33 |
2020-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224045
|
3.3 |
LOW
Local
|
opensuse
|
libzypp
|
: Incorrect Default Permissions vulnerability in libzypp of SUSE CaaS Platform 3.0, SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allowed local attackers to read a cookie store use…
|
CWE-276
Incorrect Default Permissions
|
CVE-2019-18900
|
2024-11-21 13:33 |
2020-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224046
|
5.5 |
MEDIUM
Local
|
apt-cacher-ng_project
opensuse
|
apt-cacher-ng
backports
|
The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt-cacher-ng with root privileges. This can allow local attackers to influence the outcome of these opera…
|
-
|
CVE-2019-18899
|
2024-11-21 13:33 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224047
|
7.8 |
HIGH
Local
|
suse
opensuse
|
trousers
leap
|
UNIX Symbolic Link (Symlink) Following vulnerability in the trousers package of SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allowed local attackers escalate privileges from user tss to root…
|
-
|
CVE-2019-18898
|
2024-11-21 13:33 |
2020-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224048
|
8.2 |
HIGH
Network
|
-
|
-
|
A vulnerability in WhatsApp Desktop versions prior to 0.3.9309 when paired with WhatsApp for iPhone versions prior to 2.20.10 allows cross-site scripting and local file reading. Exploiting the vulner…
|
CWE-79
Cross-site Scripting
|
CVE-2019-18426
|
2024-11-21 13:33 |
2020-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224049
|
7.0 |
HIGH
Local
|
squid_analysis_report_generator_project
opensuse
|
squid_analysis_report_generator
leap
backports_sle
|
log.c in Squid Analysis Report Generator (sarg) through 2.3.11 allows local privilege escalation. By default, it uses a fixed temporary directory /tmp/sarg. As the root user, sarg creates this direct…
|
CWE-362
CWE-59
Race Condition
Link Following
|
CVE-2019-18932
|
2024-11-21 13:33 |
2020-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224050
|
7.5 |
HIGH
Network
|
jetbrains
|
idetalk
|
JetBrains IDETalk plugin before version 193.4099.10 allows XXE
|
CWE-611
XXE
|
CVE-2019-18412
|
2024-11-21 13:33 |
2020-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
