CWE:
 

Sorry. No results for Bugtraq WLB2


CVEMAP Search Results

CVE
Details
Description
2019-07-29
Medium
CVE-2019-12948

Updating...
 

 
A vulnerability in the web-based management interface of VVX, Trio, SoundStructure, SoundPoint, and SoundStation phones running Polycom UC Software, if exploited, could allow an authenticated, remote attacker with admin privileges to cause a denial of service (DoS) condition or execute arbitrary code.

 
2019-07-18
Medium
CVE-2019-1010262

Vendor: Scapy
Software: Scapy
 

 
scapy 2.4.0 and earlier is affected by: Denial of Services. The impact is: busy loop forever. The component is: _RADIUSAttrPacketListField class. The attack vector is: a packet sent over the network or in a pcap. The fixed version is: after commit 0d7ae2b039f650a40e511d09eb961c782da025d9.

 
2019-07-11
Medium
CVE-2019-5528

Vendor: Vmware
Software: ESXI
 

 
VMware ESXi 6.5 suffers from partial denial of service vulnerability in hostd process. Patch ESXi650-201907201-UG for this issue is available.

 
2019-07-01
Low
CVE-2019-4386

Updating...
 

 
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1 could allow an authenticated user to execute a function that would cause the server to crash. IBM X-Force ID: 162714.

 
2018-12-21
Medium
CVE-2018-19322

Vendor: Gigabyte
Software: Aorus graphi...
 

 
The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.

 
2018-08-09
Medium
CVE-2018-10931

Vendor: Redhat
Software: Satellite
 

 
It was found that cobbler 2.6.x exposed all functions from its CobblerXMLRPCInterface class over XMLRPC. A remote, unauthenticated attacker could use this flaw to gain high privileges within cobbler, upload files to arbitrary location in the context of the daemon.

 
2018-03-23
Medium
CVE-2018-8949

Updating...
 

 
An issue was discovered in app/Model/Attribute.php in MISP before 2.4.89. There is a critical API integrity bug, potentially allowing users to delete attributes of other events. A crafted edit for an event (without attribute UUIDs but attribute IDs set) could overwrite an existing attribute.

 
2017-11-22
Medium
CVE-2017-2735

Updating...
 

 
TIT-AL00 smartphones with software versions earlier before TIT-AL00C583B214 have a exposed system interface vulnerability. The software provides a system interface for interaction with external applications, but calling the interface is not properly restricted. An attacker could trick the user into installing a malicious application to call the interface and modify the system properties.

 

 


Copyright 2019, cxsecurity.com

 

Back to Top