Last 20 Scored Vulnerability IDs & Summaries
CVSS Severity
-
CVE-2019-2041 —
In the configuration of NFC modules on certain devices, there is a possible failure to distinguish individual devices due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. U... read CVE-2019-2041
Published: April 19, 2019; 04:29:01 PM -04:00
-
CVE-2019-4055 —
IBM MQ 8.0.0.0 through 8.0.0.10, 9.0.0.0 through 9.0.0.5, and 9.1.0.0 through 9.1.1 is vulnerable to a denial of service attack within the TLS key renegotiation function. IBM X-Force ID: 156564.
Published: April 19, 2019; 01:29:01 PM -04:00
-
CVE-2018-1729 —
IBM QRadar SIEM 7.3 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 147708.
Published: April 19, 2019; 01:29:00 PM -04:00
-
CVE-2018-11684 —
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function includeFile in compileTranslationTable.c.
Published: June 04, 2018; 02:29:00 AM -04:00
-
CVE-2019-1834 —
A vulnerability in the internal packet processing of Cisco Aironet Series Access Points (APs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected AP if the switch interface where the AP is con... read CVE-2019-1834
Published: April 17, 2019; 10:29:05 PM -04:00
-
CVE-2019-1835 —
A vulnerability in the CLI of Cisco Aironet Access Points (APs) could allow an authenticated, local attacker to access sensitive information stored in an AP. The vulnerability is due to improper sanitization of user-supplied input in specific CLI com... read CVE-2019-1835
Published: April 17, 2019; 10:29:05 PM -04:00
-
CVE-2018-17289 —
An XML external entity (XXE) vulnerability in Kofax Front Office Server Administration Console version 4.1.1.11.0.5212 allows remote authenticated users to read arbitrary files via crafted XML inside an imported package configuration (.ZIP file) with... read CVE-2018-17289
Published: April 18, 2019; 02:29:00 PM -04:00
-
CVE-2019-1826 —
A vulnerability in the quality of service (QoS) feature of Cisco Aironet Series Access Points (APs) could allow an authenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improp... read CVE-2019-1826
Published: April 17, 2019; 10:29:05 PM -04:00
-
CVE-2018-17288 —
Kofax Front Office Server version 4.1.1.11.0.5212 (both Thin Client and Administration Console) suffers from multiple authenticated stored XSS vulnerabilities via the (1) "Filename" field in /Kofax/KFS/ThinClient/document/upload/ - (Thin Client) or (... read CVE-2018-17288
Published: April 18, 2019; 02:29:00 PM -04:00
-
CVE-2018-20200 —
CertificatePinner.java in OkHttp 3.x through 3.12.0 allows man-in-the-middle attackers to bypass certificate pinning by changing SSLContext and the boolean values while hooking the application.
Published: April 18, 2019; 03:29:01 PM -04:00
-
CVE-2019-11331 —
Network Time Protocol (NTP), as specified in RFC 5905, uses port 123 even for modes where a fixed port number is not required, which makes it easier for remote attackers to conduct off-path attacks.
Published: April 18, 2019; 06:29:00 PM -04:00
-
CVE-2018-11577 —
Liblouis 3.5.0 has a Segmentation fault in lou_logPrint in logging.c.
Published: May 30, 2018; 08:29:00 PM -04:00
-
CVE-2019-9161 —
WAC on the Sangfor Sundray WLAN Controller version 3.7.4.2 and earlier has a Remote Code Execution issue allowing remote attackers to achieve full access to the system, because shell metacharacters in the nginx_webconsole.php Cookie header can be use... read CVE-2019-9161
Published: April 18, 2019; 07:29:00 PM -04:00
-
CVE-2019-1830 —
A vulnerability in Locally Significant Certificate (LSC) management for the Cisco Wireless LAN Controller (WLC) could allow an authenticated, remote attacker to cause the device to unexpectedly restart, which causes a denial of service (DoS) conditio... read CVE-2019-1830
Published: April 17, 2019; 10:29:05 PM -04:00
-
CVE-2019-1840 —
A vulnerability in the DHCPv6 input packet processor of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to restart the server and cause a denial of service (DoS) condition on the affected system. The vulnerability is due... read CVE-2019-1840
Published: April 17, 2019; 10:29:06 PM -04:00
-
CVE-2019-10893 —
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.793 (Free/Open Source Version) and 0.9.8.753 (Pro) is vulnerable to Stored/Persistent XSS for Admin Email fields on the "CWP Settings > "Edit Settings" screen. By changing the email ID to any XS... read CVE-2019-10893
Published: April 18, 2019; 04:29:00 PM -04:00
-
CVE-2018-11685 —
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function compileHyphenation in compileTranslationTable.c.
Published: June 04, 2018; 02:29:00 AM -04:00
-
CVE-2019-1841 —
A vulnerability in the Software Image Management feature of Cisco DNA Center could allow an authenticated, remote attacker to access to internal services without additional authentication. The vulnerability is due to insufficient validation of user-s... read CVE-2019-1841
Published: April 17, 2019; 10:29:06 PM -04:00
-
CVE-2019-11017 —
On D-Link DI-524 V2.06RU devices, multiple Stored and Reflected XSS vulnerabilities were found in the Web Configuration: /spap.htm, /smap.htm, and /cgi-bin/smap, as demonstrated by the cgi-bin/smap RC parameter.
Published: April 18, 2019; 02:29:00 PM -04:00
-
CVE-2019-1831 —
A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured content filters on the device. The vulnerability is due to improper... read CVE-2019-1831
Published: April 17, 2019; 10:29:05 PM -04:00