|
222001
|
7.8 |
HIGH
Local
|
datools
|
daviewindy
|
DaviewIndy 8.98.7 and earlier versions have a Heap-based overflow vulnerability, triggered when the user opens a malformed JPEG2000 format file that is mishandled by Daview.exe. Attackers could explo…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-9136
|
2024-11-21 13:51 |
2019-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222002
|
7.8 |
HIGH
Local
|
datools
|
daviewindy
|
DaviewIndy 8.98.7 and earlier versions have a Heap-based overflow vulnerability, triggered when the user opens a malformed DIB format file that is mishandled by Daview.exe. Attackers could exploit th…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-9135
|
2024-11-21 13:51 |
2019-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222003
|
9.8 |
CRITICAL
Network
|
xinruidz
|
sundray_wan_controller_firmware
|
WAC on the Sangfor Sundray WLAN Controller version 3.7.4.2 and earlier has a Remote Code Execution issue allowing remote attackers to achieve full access to the system, because shell metacharacters i…
|
CWE-78
OS Command
|
CVE-2019-9161
|
2024-11-21 13:51 |
2019-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222004
|
9.8 |
CRITICAL
Network
|
xinruidz
|
sundray_wan_controller_firmware
|
WAC on the Sangfor Sundray WLAN Controller version 3.7.4.2 and earlier has a backdoor account allowing a remote attacker to login to the system via SSH (on TCP port 22345) and escalate to root (becau…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2019-9160
|
2024-11-21 13:51 |
2019-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222005
|
5.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 5 of 5).
|
CWE-200
Information Exposure
|
CVE-2019-9225
|
2024-11-21 13:51 |
2019-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222006
|
5.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 4 of 5).
|
CWE-862
Missing Authorization
|
CVE-2019-9224
|
2024-11-21 13:51 |
2019-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222007
|
7.5 |
HIGH
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Information Exposure.
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2019-9223
|
2024-11-21 13:51 |
2019-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222008
|
8.1 |
HIGH
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Insecure Permissions.
|
CWE-22
CWE-732
Path Traversal
Incorrect Permission Assignment for Critical Resource
|
CVE-2019-9222
|
2024-11-21 13:51 |
2019-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222009
|
7.5 |
HIGH
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Uncontrolled Resource Consumption.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2019-9220
|
2024-11-21 13:51 |
2019-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222010
|
3.7 |
LOW
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 2 of 5).
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2019-9219
|
2024-11-21 13:51 |
2019-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
