|
223291
|
9.1 |
CRITICAL
Network
|
freebsd
|
freebsd
|
In FreeBSD 11.3-PRERELEASE and 12.0-STABLE before r347591, 11.2-RELEASE before 11.2-RELEASE-p10, and 12.0-RELEASE before 12.0-RELEASE-p4, a bug in the pf IPv6 fragment reassembly logic incorrectly us…
|
CWE-20
Improper Input Validation
|
CVE-2019-5597
|
2024-11-21 13:45 |
2019-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223292
|
7.8 |
HIGH
Local
|
vmware
|
workstation
|
VMware Workstation (15.x before 15.1.0) contains a DLL hijacking issue because some DLL files are improperly loaded by the application. Successful exploitation of this issue may allow attackers with …
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2019-5526
|
2024-11-21 13:45 |
2019-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223293
|
5.5 |
MEDIUM
Local
|
nvidia
|
gpu_driver
|
NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DeviceIoControl where the software reads from a buff…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-5677
|
2024-11-21 13:45 |
2019-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223294
|
6.7 |
MEDIUM
Local
|
nvidia
|
gpu_display_driver
geforce_experience
|
NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in which it incorrectly loads Windows system DLLs without validating the path or signature (also known a…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2019-5676
|
2024-11-21 13:45 |
2019-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223295
|
7.8 |
HIGH
Local
|
nvidia
|
gpu_driver
|
NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the product does not properly sy…
|
CWE-662
Improper Synchronization
|
CVE-2019-5675
|
2024-11-21 13:45 |
2019-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223296
|
7.5 |
HIGH
Network
|
netapp
|
oncommand_insight
|
Oncommand Insight versions prior to 7.3.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2019-5496
|
2024-11-21 13:45 |
2019-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223297
|
7.5 |
HIGH
Network
|
netapp
|
oncommand_unified_manager
|
OnCommand Unified Manager for VMware vSphere, Linux and Windows prior to 9.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via…
|
CWE-254
7PK - Security Features
|
CVE-2019-5495
|
2024-11-21 13:45 |
2019-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223298
|
7.5 |
HIGH
Network
|
netapp
|
oncommand_unified_manager
|
OnCommand Unified Manager 7-Mode prior to version 5.2.4 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2019-5494
|
2024-11-21 13:45 |
2019-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223299
|
7.3 |
HIGH
Local
|
rapid7
|
metasploit
|
Rapid7 Metasploit Framework suffers from an instance of CWE-22, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in the Zip import function of Metasploit. Exploiting thi…
|
CWE-22
Path Traversal
|
CVE-2019-5624
|
2024-11-21 13:45 |
2019-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223300
|
7.5 |
HIGH
Network
|
netapp
|
hyper_converged_infrastructure_compute_node
element_plug-in_for_vcenter_server
|
Element Plug-in for vCenter Server versions prior to 4.2.3 may disclose sensitive account information to an unauthenticated attacker. NetApp HCI Compute Node versions prior to 1.4P2 bundle affected v…
|
NVD-CWE-noinfo
|
CVE-2019-5492
|
2024-11-21 13:45 |
2019-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
