Search Results (Refine Search)
- Results Type: Overview
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2019-10962 |
BD Alaris Gateway versions, 1.0.13,1.1.3 Build 10,1.1.3 MR Build 11,1.1.5, and 1.1.6, The web browser user interface on the Alaris Gateway Workstation does not prevent an attacker with knowledge of the IP address of the Alaris Gateway Workstation terminal to gain access to the status and configuration information of the device. Published: June 13, 2019; 5:29:15 PM -0400 |
V4.0:(not available) V3.1: 5.3 MEDIUM V2.0: 5.0 MEDIUM |
CVE-2019-10959 |
BD Alaris Gateway Workstation Versions, 1.1.3 Build 10, 1.1.3 MR Build 11, 1.2 Build 15, 1.3.0 Build 14, 1.3.1 Build 13, This does not impact the latest firmware Versions 1.3.2 and 1.6.1, Additionally, the following products using software Version 2.3.6 and below, Alaris GS, Alaris GH, Alaris CC, Alaris TIVA, The application does not restrict the upload of malicious files during a firmware update. Published: June 13, 2019; 5:29:15 PM -0400 |
V4.0:(not available) V3.0: 10.0 CRITICAL V2.0: 7.5 HIGH |
CVE-2019-12799 |
In createInstanceFromNamedArguments in Shopware through 5.6.x, a crafted web request can trigger a PHP object instantiation vulnerability, which can result in an arbitrary deserialization if the right class is instantiated. An attacker can leverage this deserialization to achieve remote code execution. NOTE: this issue is a bypass for a CVE-2017-18357 whitelist patch. Published: June 13, 2019; 4:29:00 PM -0400 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0: 6.5 MEDIUM |
CVE-2018-10947 |
An issue was discovered in versions earlier than 1.3.2 for Polycom RealPresence Debut where the admin cookie is reset only after a Debut is rebooted. Published: June 13, 2019; 3:29:00 PM -0400 |
V4.0:(not available) V3.0: 3.1 LOW V2.0: 2.9 LOW |
CVE-2018-10946 |
An issue was discovered in versions earlier than 1.3.0-66872 for Polycom RealPresence Debut that allows attackers to arbitrarily read the admin user's password via the admin web UI. Published: June 13, 2019; 3:29:00 PM -0400 |
V4.0:(not available) V3.0: 6.8 MEDIUM V2.0: 2.7 LOW |
CVE-2019-7321 |
Usage of an uninitialized variable in the function fz_load_jpeg in Artifex MuPDF 1.14 can result in a heap overflow vulnerability that allows an attacker to execute arbitrary code. Published: June 13, 2019; 2:29:00 PM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2019-12798 |
An issue was discovered in Artifex MuJS 1.0.5. regcompx in regexp.c does not restrict regular expression program size, leading to an overflow of the parsed syntax list size. Published: June 13, 2019; 1:29:00 PM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2019-5439 |
A Buffer Overflow in VLC Media Player < 3.0.7 causes a crash which can possibly be further developed into a remote code execution exploit. Published: June 13, 2019; 12:29:01 PM -0400 |
V4.0:(not available) V3.0: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-5286 |
There is a reflection XSS vulnerability in the HedEx products. Remote attackers send malicious links to users and trick users to click. Successfully exploit cloud allow the attacker to initiate XSS attacks. Affects HedEx Lite versions earlier than V200R006C00SPC007. Published: June 13, 2019; 12:29:01 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-5245 |
HiSuite 9.1.0.300 versions and earlier contains a DLL hijacking vulnerability. This vulnerability exists due to some DLL file is loaded by HiSuite improperly. And it allows an attacker to load this DLL file of the attacker's choosing that could execute arbitrary code. Published: June 13, 2019; 12:29:01 PM -0400 |
V4.0:(not available) V3.0: 5.3 MEDIUM V2.0: 4.6 MEDIUM |
CVE-2019-11129 |
Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access. Published: June 13, 2019; 12:29:01 PM -0400 |
V4.0:(not available) V3.0: 6.7 MEDIUM V2.0: 4.6 MEDIUM |
CVE-2019-11128 |
Insufficient input validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access. Published: June 13, 2019; 12:29:01 PM -0400 |
V4.0:(not available) V3.0: 6.7 MEDIUM V2.0: 4.6 MEDIUM |
CVE-2019-11127 |
Buffer overflow in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access. Published: June 13, 2019; 12:29:01 PM -0400 |
V4.0:(not available) V3.0: 6.7 MEDIUM V2.0: 4.6 MEDIUM |
CVE-2019-11126 |
Pointer corruption in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access. Published: June 13, 2019; 12:29:01 PM -0400 |
V4.0:(not available) V3.0: 6.7 MEDIUM V2.0: 4.6 MEDIUM |
CVE-2019-11125 |
Insufficient input validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access. Published: June 13, 2019; 12:29:01 PM -0400 |
V4.0:(not available) V3.0: 6.7 MEDIUM V2.0: 4.6 MEDIUM |
CVE-2019-11124 |
Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access. Published: June 13, 2019; 12:29:01 PM -0400 |
V4.0:(not available) V3.0: 6.7 MEDIUM V2.0: 4.6 MEDIUM |
CVE-2019-11123 |
Insufficient session validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access. Published: June 13, 2019; 12:29:01 PM -0400 |
V4.0:(not available) V3.0: 6.7 MEDIUM V2.0: 4.6 MEDIUM |
CVE-2019-11119 |
Insufficient session validation in the service API for Intel(R) RWC3 version 4.186 and before may allow an unauthenticated user to potentially enable escalation of privilege via network access. Published: June 13, 2019; 12:29:01 PM -0400 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2019-11117 |
Improper permissions in the installer for Intel(R) Omni-Path Fabric Manager GUI before version 10.9.2.1.1 may allow an authenticated user to potentially enable escalation of privilege via local attack. Published: June 13, 2019; 12:29:01 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2019-11092 |
Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access. Published: June 13, 2019; 12:29:01 PM -0400 |
V4.0:(not available) V3.1: 4.4 MEDIUM V2.0: 3.6 LOW |