|
224051
|
7.8 |
HIGH
Local
|
avast
|
premium_security
|
In Avast Premium Security 19.8.2393, attackers can send a specially crafted request to the local web server run by Avast Antivirus on port 27275 to support Bank Mode functionality. A flaw in the proc…
|
CWE-78
OS Command
|
CVE-2019-18894
|
2024-11-21 13:33 |
2020-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224052
|
5.4 |
MEDIUM
Network
|
dell
|
emc_unisphere_for_powermax
emc_powermax
|
Dell EMC Unisphere for PowerMax versions prior to 9.1.0.9, Dell EMC Unisphere for PowerMax versions prior to 9.0.2.16, and Dell EMC PowerMax OS 5978.221.221 and 5978.479.479 contain a Cross-Site Scri…
|
CWE-79
Cross-site Scripting
|
CVE-2019-18588
|
2024-11-21 13:33 |
2020-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224053
|
6.1 |
MEDIUM
Network
|
video_downloader_project
avg
avast
|
video_downloader
secure_browser
|
XSS in the Video Downloader component before 1.5 of Avast Secure Browser 77.1.1831.91 and AVG Secure Browser 77.0.1790.77 allows websites to execute their code in the context of this component. While…
|
CWE-79
Cross-site Scripting
|
CVE-2019-18893
|
2024-11-21 13:33 |
2020-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224054
|
6.1 |
MEDIUM
Network
|
digi
|
anywhereusb\/14_firmware
|
Digi AnywhereUSB 14 allows XSS via a link for the Digi Page.
|
CWE-79
Cross-site Scripting
|
CVE-2019-18859
|
2024-11-21 13:33 |
2020-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224055
|
6.1 |
MEDIUM
Network
|
watchguard
|
xmt515_firmware
|
A DOM based XSS vulnerability has been identified on the WatchGuard XMT515 through 12.1.3, allowing a remote attacker to execute JavaScript in the victim's browser by tricking the victim into clickin…
|
CWE-79
Cross-site Scripting
|
CVE-2019-18652
|
2024-11-21 13:33 |
2020-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224056
|
8.7 |
HIGH
Network
|
unisys
|
mcp_firmware
|
Systems management on Unisys ClearPath Forward Libra and ClearPath MCP Software Series can fault and have other unspecified impact when receiving specifically crafted message payloads over a systems …
|
NVD-CWE-noinfo
|
CVE-2019-18386
|
2024-11-21 13:33 |
2020-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224057
|
6.1 |
MEDIUM
Network
|
usriot
|
usr-wifi232-s_firmware
usr-wifi232-t_firmware
usr-wifi232-g2_firmware
usr-wifi232-h_firmware
|
A cross-site scripting (XSS) vulnerability in the configuration web interface of the Jinan USR IOT USR-WIFI232-S/T/G2/H Low Power WiFi Module with web version 1.2.2 allows attackers to leak credentia…
|
CWE-79
Cross-site Scripting
|
CVE-2019-18842
|
2024-11-21 13:33 |
2020-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224058
|
7.5 |
HIGH
Network
|
oisf
debian
|
suricata
debian_linux
|
An issue was discovered in Suricata 5.0.0. It was possible to bypass/evade any tcp based signature by faking a closed TCP session using an evil server. After the TCP SYN packet, it is possible to inj…
|
NVD-CWE-noinfo
|
CVE-2019-18625
|
2024-11-21 13:33 |
2020-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224059
|
9.1 |
CRITICAL
Network
|
oisf
debian
|
suricata
debian_linux
|
An issue was discovered in Suricata 5.0.0. It is possible to bypass/evade any tcp based signature by overlapping a TCP segment with a fake FIN packet. The fake FIN packet is injected just before the …
|
CWE-436
Interpretation Conflict
|
CVE-2019-18792
|
2024-11-21 13:33 |
2020-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224060
|
8.8 |
HIGH
Local
|
avira
|
free_antivirus
|
Avira Free Antivirus 15.0.1907.1514 is prone to a local privilege escalation through the execution of kernel code from a restricted user.
|
NVD-CWE-noinfo
|
CVE-2019-18568
|
2024-11-21 13:33 |
2020-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
