|
224811
|
9.4 |
CRITICAL
Network
|
netgear
|
ac1200_r6220_firmware
|
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR AC1200 R6220 Firmware version 1.1.0.86 Smart WiFi Router. Authentication is not requ…
|
NVD-CWE-Other
|
CVE-2019-17137
|
2024-11-21 13:31 |
2020-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224812
|
6.5 |
MEDIUM
Adjacent
|
cypress
|
psoc_4_ble
|
The Bluetooth Low Energy (BLE) stack implementation on Cypress PSoC 4 through 3.62 devices does not properly restrict the BLE Link Layer header and executes certain memory contents upon receiving a p…
|
CWE-120
Classic Buffer Overflow
|
CVE-2019-17061
|
2024-11-21 13:31 |
2020-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224813
|
6.5 |
MEDIUM
Adjacent
|
nxp
|
mcuxpresso_software_development_kit
|
The Bluetooth Low Energy (BLE) stack implementation on the NXP KW41Z (based on the MCUXpresso SDK with Bluetooth Low Energy Driver 2.2.1 and earlier) does not properly restrict the BLE Link Layer hea…
|
CWE-120
Classic Buffer Overflow
|
CVE-2019-17060
|
2024-11-21 13:31 |
2020-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224814
|
7.8 |
HIGH
Local
|
foxitsoftware
|
phantompdf
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the …
|
CWE-125
Out-of-bounds Read
|
CVE-2019-17136
|
2024-11-21 13:31 |
2020-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224815
|
7.8 |
HIGH
Local
|
foxitsoftware
|
phantompdf
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the …
|
CWE-787
Out-of-bounds Write
|
CVE-2019-17135
|
2024-11-21 13:31 |
2020-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224816
|
9.8 |
CRITICAL
Network
|
omniauth-weibo-oauth2_project
|
omniauth-weibo-oauth2
|
The omniauth-weibo-oauth2 gem 0.4.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Versions through 0.4.5, and 0.5.1 and later, are unaffected.
|
CWE-94
Code Injection
|
CVE-2019-17268
|
2024-11-21 13:31 |
2020-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224817
|
7.5 |
HIGH
Network
|
tp-link
|
tp-sg105e_firmware
|
The Web Management of TP-Link TP-SG105E V4 1.0.0 Build 20181120 devices allows an unauthenticated attacker to reboot the device via a reboot.cgi request.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2019-16893
|
2024-11-21 13:31 |
2020-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224818
|
7.8 |
HIGH
Local
|
bitdefender
|
endpoint_security_tools
|
An Untrusted Search Path vulnerability in EPSecurityService.exe as used in Bitdefender Endpoint Security Tools versions prior to 6.6.11.163 allows an attacker to load an arbitrary DLL file from the s…
|
CWE-426
Untrusted Search Path
|
CVE-2019-17099
|
2024-11-21 13:31 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224819
|
9.8 |
CRITICAL
Network
|
bitdefender
|
box_2_firmware
|
A command injection vulnerability has been discovered in the bootstrap stage of Bitdefender BOX 2, versions 2.1.47.42 and 2.1.53.45. The API method `/api/download_image` unsafely handles the producti…
|
CWE-78
OS Command
|
CVE-2019-17095
|
2024-11-21 13:31 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224820
|
7.8 |
HIGH
Local
|
belkin
|
wemo_insight_switch_firmware
|
A Stack-based Buffer Overflow vulnerability in libbelkin_api.so component of Belkin WeMo Insight Switch firmware allows a local attacker to obtain code execution on the device. This issue affects: Be…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-17094
|
2024-11-21 13:31 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
