|
224861
|
7.8 |
HIGH
Local
|
vmware
|
workstation
|
VMware Workstation (15.x before 15.1.0) contains a DLL hijacking issue because some DLL files are improperly loaded by the application. Successful exploitation of this issue may allow attackers with …
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2019-5526
|
2024-11-21 13:45 |
2019-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224862
|
5.5 |
MEDIUM
Local
|
nvidia
|
gpu_driver
|
NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DeviceIoControl where the software reads from a buff…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-5677
|
2024-11-21 13:45 |
2019-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224863
|
6.7 |
MEDIUM
Local
|
nvidia
|
gpu_display_driver
geforce_experience
|
NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in which it incorrectly loads Windows system DLLs without validating the path or signature (also known a…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2019-5676
|
2024-11-21 13:45 |
2019-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224864
|
7.8 |
HIGH
Local
|
nvidia
|
gpu_driver
|
NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the product does not properly sy…
|
CWE-662
Improper Synchronization
|
CVE-2019-5675
|
2024-11-21 13:45 |
2019-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224865
|
7.5 |
HIGH
Network
|
netapp
|
oncommand_insight
|
Oncommand Insight versions prior to 7.3.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2019-5496
|
2024-11-21 13:45 |
2019-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224866
|
7.5 |
HIGH
Network
|
netapp
|
oncommand_unified_manager
|
OnCommand Unified Manager for VMware vSphere, Linux and Windows prior to 9.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via…
|
CWE-254
7PK - Security Features
|
CVE-2019-5495
|
2024-11-21 13:45 |
2019-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224867
|
7.5 |
HIGH
Network
|
netapp
|
oncommand_unified_manager
|
OnCommand Unified Manager 7-Mode prior to version 5.2.4 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2019-5494
|
2024-11-21 13:45 |
2019-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224868
|
7.3 |
HIGH
Local
|
rapid7
|
metasploit
|
Rapid7 Metasploit Framework suffers from an instance of CWE-22, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in the Zip import function of Metasploit. Exploiting thi…
|
CWE-22
Path Traversal
|
CVE-2019-5624
|
2024-11-21 13:45 |
2019-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224869
|
7.5 |
HIGH
Network
|
netapp
|
hyper_converged_infrastructure_compute_node
element_plug-in_for_vcenter_server
|
Element Plug-in for vCenter Server versions prior to 4.2.3 may disclose sensitive account information to an unauthenticated attacker. NetApp HCI Compute Node versions prior to 1.4P2 bundle affected v…
|
NVD-CWE-noinfo
|
CVE-2019-5492
|
2024-11-21 13:45 |
2019-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224870
|
5.9 |
MEDIUM
Network
|
vmware
|
fusion
workstation
esxi
|
VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6), Fusion (11.x before 11.0.3 and 10.x before 10.1.6) updates add…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-5520
|
2024-11-21 13:45 |
2019-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
