|
222801
|
5.3 |
MEDIUM
Network
|
remise
|
payment_module
|
REMISE Payment Module (2.11, 2.12 and 2.13) version 3.0.12 and earlier allow remote attackers to [Disclosed_Information_type] via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2019-6017
|
2024-11-21 13:45 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222802
|
6.1 |
MEDIUM
Network
|
remise
|
payment_module
|
Cross-site scripting vulnerability in REMISE Payment Module (2.11, 2.12 and 2.13) version 3.0.12 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2019-6016
|
2024-11-21 13:45 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222803
|
8.8 |
HIGH
Adjacent
|
dlink
|
dba-1510p_firmware
|
DBA-1510P firmware 1.70b009 and earlier allows an attacker to execute arbitrary OS commands via Web User Interface.
|
CWE-78
OS Command
|
CVE-2019-6014
|
2024-11-21 13:45 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222804
|
6.6 |
MEDIUM
Physics
|
dlink
|
dba-1510p_firmware
|
DBA-1510P firmware 1.70b009 and earlier allows authenticated attackers to execute arbitrary OS commands via Command Line Interface (CLI).
|
CWE-78
OS Command
|
CVE-2019-6013
|
2024-11-21 13:45 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222805
|
7.2 |
HIGH
Network
|
tms-outsource
|
wpdatatables_lite
|
SQL injection vulnerability in the wpDataTables Lite Version 2.0.11 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2019-6012
|
2024-11-21 13:45 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222806
|
6.1 |
MEDIUM
Network
|
tms-outsource
|
wpdatatables_lite
|
Cross-site scripting vulnerability in wpDataTables Lite Version 2.0.11 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2019-6011
|
2024-11-21 13:45 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222807
|
7.8 |
HIGH
Local
|
yokogawa
|
exarqe
exasmoc
insightsuiteae
ga10
exaquantum\/batch
exaquantum
exaplog
exaopc
|
An unquoted search path vulnerability in Multiple Yokogawa products for Windows (Exaopc (R1.01.00 ? R3.77.00), Exaplog (R1.10.00 ? R3.40.00), Exaquantum (R1.10.00 ? R3.02.00 and R3.15.00), Exaquantum…
|
CWE-428
Unquoted Search Path or Element
|
CVE-2019-6008
|
2024-11-21 13:45 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222808
|
7.8 |
HIGH
Local
|
nvidia
|
geforce_experience
|
NVIDIA GeForce Experience, all versions prior to 3.20.2, contains a vulnerability when GameStream is enabled in which an attacker with local system access can corrupt a system file, which may lead to…
|
NVD-CWE-noinfo
|
CVE-2019-5702
|
2024-11-21 13:45 |
2019-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222809
|
7.8 |
HIGH
Local
|
vmware
|
horizon_view_agent
workstation
|
VMware Workstation (15.x prior to 15.5.1) and Horizon View Agent (7.10.x prior to 7.10.1 and 7.5.x prior to 7.5.4) contain a DLL hijacking vulnerability due to insecure loading of a DLL by Cortado Th…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2019-5539
|
2024-11-21 13:45 |
2019-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222810
|
5.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An improper access control vulnerability exists in Gitlab EE <v12.3.3, <v12.2.7, & <v12.1.13 that allowed the group search feature with Elasticsearch to return private code, merge requests and commit…
|
NVD-CWE-Other
|
CVE-2019-5487
|
2024-11-21 13:45 |
2019-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
