|
226561
|
6.5 |
MEDIUM
Network
|
dell
|
emc_powerconnect_8024_firmware
emc_powerconnect_7000_firmware
emc_powerconnect_m6348_firmware
emc_powerconnect_m6220_firmware
emc_powerconnect_m8024_firmware
emc_powerconnect_m8024-k_f…
|
Dell EMC PowerConnect 8024, 7000, M6348, M6220, M8024 and M8024-K running firmware versions prior to 5.1.15.2 contain a plain-text password storage vulnerability. TACACS\Radius credentials are stored…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2019-3753
|
2024-11-21 13:42 |
2019-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226562
|
6.5 |
MEDIUM
Network
|
open-emr
|
openemr
|
In OpenEMR 5.0.1 and earlier, the patient file download interface contains a directory traversal flaw that allows authenticated attackers to download arbitrary files from the host system.
|
CWE-22
Path Traversal
|
CVE-2019-3967
|
2024-11-21 13:42 |
2019-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226563
|
6.1 |
MEDIUM
Network
|
open-emr
|
openemr
|
In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS vulnerability in the foreign_id parameter. This could allow an attacker to execute arbitrary code in the context of a user's sess…
|
CWE-79
Cross-site Scripting
|
CVE-2019-3966
|
2024-11-21 13:42 |
2019-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226564
|
6.1 |
MEDIUM
Network
|
open-emr
|
openemr
|
In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS vulnerability in the document_id parameter. This could allow an attacker to execute arbitrary code in the context of a user's ses…
|
CWE-79
Cross-site Scripting
|
CVE-2019-3965
|
2024-11-21 13:42 |
2019-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226565
|
6.1 |
MEDIUM
Network
|
open-emr
|
openemr
|
In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS vulnerability in the doc_id parameter. This could allow an attacker to execute arbitrary code in the context of a user's session.
|
CWE-79
Cross-site Scripting
|
CVE-2019-3964
|
2024-11-21 13:42 |
2019-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226566
|
6.1 |
MEDIUM
Network
|
open-emr
|
openemr
|
In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS vulnerability in the patient_id parameter. This could allow an attacker to execute arbitrary code in the context of a user's sess…
|
CWE-79
Cross-site Scripting
|
CVE-2019-3963
|
2024-11-21 13:42 |
2019-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226567
|
8.1 |
HIGH
Network
|
tenable
|
nessus
|
Nessus 8.5.2 and earlier on Windows platforms were found to contain an issue where certain system files could be overwritten arbitrarily, potentially creating a denial of service condition.
|
NVD-CWE-noinfo
|
CVE-2019-3974
|
2024-11-21 13:42 |
2019-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226568
|
5.4 |
MEDIUM
Network
|
zte
|
zxhn_f670_firmware
|
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by cross-site scripting vulnerability (XSS). Due to incomplete input validation, an authorized user can exploit this vulnerabilit…
|
CWE-79
Cross-site Scripting
|
CVE-2019-3418
|
2024-11-21 13:42 |
2019-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226569
|
8.8 |
HIGH
Network
|
zte
|
zxhn_f670_firmware
|
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by command injection vulnerability. Due to insufficient parameter validation check, an authorized user can exploit this vulnerabi…
|
CWE-78
OS Command
|
CVE-2019-3417
|
2024-11-21 13:42 |
2019-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226570
|
7.1 |
HIGH
Network
|
mcafee
|
web_gateway
|
Clickjack vulnerability in Adminstrator web console in McAfee Web Gateway (MWG) 7.8.2.x prior to 7.8.2.12 allows remote attackers to conduct clickjacking attacks via a crafted web page that contains …
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2019-3639
|
2024-11-21 13:42 |
2019-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
