| CVE |
Vendors |
Products |
Updated |
CVSS |
| CVE-2018-17148 |
1 Nagios |
1 Nagios Xi |
2019-06-21 |
5.0 |
| An Insufficient Access Control vulnerability (leading to credential disclosure) in coreconfigsnapshot.php (aka configuration snapshot page) in Nagios XI before 5.5.4 allows remote attackers to gain access to configuration files containing... |
| CVE-2019-2729 |
1 Oracle |
1 Weblogic Server |
2019-06-21 |
7.5 |
| Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows... |
| CVE-2018-16553 |
1 Jspxcms |
1 Jspxcms |
2019-06-21 |
6.5 |
| In Jspxcms 9.0.0, a vulnerable URL routing implementation allows remote code execution after logging in as web admin. |
| CVE-2019-12894 |
1 Alternate-tools |
1 Alternate Pic View |
2019-06-21 |
5.0 |
| Alternate Pic View 2.600 has a Read Access Violation at the Instruction Pointer after a call from PicViewer!PerfgrapFinalize+0x00000000000a9a1b. |
| CVE-2019-12897 |
1 Edrawsoft |
1 Edraw Max |
2019-06-21 |
5.0 |
| Edraw Max 7.9.3 has a Read Access Violation at the Instruction Pointer after a call from ObjectModule!Paint::Clear+0x0000000000000074. |
| CVE-2019-0090 |
1 Intel |
1 Server Platform Services |
2019-06-21 |
4.6 |
| Insufficient access control vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow unauthenticated user to potentially enable escalation of privilege via physical access. |
| CVE-2017-10721 |
1 Ishekar |
1 Endoscope Camera Firmware |
2019-06-20 |
4.0 |
| Recently it was discovered as a part of the research on IoT devices in the most recent firmware for Shekar Endoscope that the device has Telnet functionality enabled by default. This device acts as an Endoscope camera that allows its users to use... |
| CVE-2019-10962 |
1 Bd |
1 Alaris Gateway Workstation Firmware |
2019-06-19 |
5.0 |
| BD Alaris Gateway versions, 1.0.13,1.1.3 Build 10,1.1.3 MR Build 11,1.1.5, and 1.1.6, The web browser user interface on the Alaris Gateway Workstation does not prevent an attacker with knowledge of the IP address of the Alaris Gateway Workstation... |
| CVE-2018-18958 |
|
|
2019-06-19 |
4.0 |
| OPNsense 18.7.x before 18.7.7 has Incorrect Access Control. |
| CVE-2019-6571 |
1 Siemens |
8 6ed1052-1cc01-0ba8 Firmware, 6ed1052-1fb00-0ba8 Firmware, 6ed1052-1hb00-0ba8 Firmware and 5 more |
2019-06-19 |
7.8 |
| A vulnerability has been identified in SIEMENS LOGO!8 (6ED1052-xyyxx-0BA8 FS:01 to FS:06 / Firmware version V1.80.xx and V1.81.xx), SIEMENS LOGO!8 (6ED1052-xyy08-0BA0 FS:01 / Firmware version < V1.82.02). An attacker with network access to port... |
| CVE-2019-6584 |
1 Siemens |
8 6ed1052-1cc01-0ba8 Firmware, 6ed1052-1fb00-0ba8 Firmware, 6ed1052-1hb00-0ba8 Firmware and 5 more |
2019-06-19 |
6.8 |
| A vulnerability has been identified in SIEMENS LOGO!8 (6ED1052-xyyxx-0BA8 FS:01 to FS:06 / Firmware version V1.80.xx and V1.81.xx), SIEMENS LOGO!8 (6ED1052-xyy08-0BA0 FS:01 / Firmware version < V1.82.02). The integrated webserver does not... |
| CVE-2018-3258 |
1 Oracle |
1 Connector%2fj |
2019-06-19 |
6.5 |
| Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via... |
| CVE-2019-12395 |
2 Dynmap Project, Getbukkit |
2 Dynmap, Spigot |
2019-06-18 |
5.0 |
| In Webbukkit Dynmap 3.0-beta-3 or below, due to a missing login check in servlet/MapStorageHandler.java, an attacker can see a map image without login even if victim enables login-required in setting. |
| CVE-2019-4176 |
1 Ibm |
1 Cognos Controller |
2019-06-18 |
5.0 |
| IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 could allow a remote attacker to bypass security restrictions, caused by an error related to insecure HTTP Methods. An attacker could exploit this vulnerability to gain access to... |
| CVE-2019-7158 |
1 Open-xchange |
1 Open-xchange Appsuite |
2019-06-18 |
7.5 |
| OX App Suite 7.10.0 and earlier has Incorrect Access Control. |
| CVE-2018-13901 |
1 Qualcomm |
30 Mdm9206 Firmware, Mdm9607 Firmware, Mdm9650 Firmware and 27 more |
2019-06-17 |
2.1 |
| Due to missing permissions in Android Manifest file, Sensitive information disclosure issue can happen in PCI RCS app in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon... |
| CVE-2019-11068 |
3 Xmlsoft, Canonical, Debian |
3 Libxslt, Ubuntu Linux, Debian Linux |
2019-06-14 |
7.5 |
| libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and... |
| CVE-2019-0314 |
1 Sap |
2 Inventory Manager, Work Manager |
2019-06-13 |
4.3 |
| SAP Work Manager, versions: 6.3, 6.4, 6.5 and SAP Inventory Manager, version 4.3, allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. |
| CVE-2019-12764 |
1 Joomla |
1 Joomla%21 |
2019-06-12 |
4.0 |
| An issue was discovered in Joomla! before 3.9.7. The update server URL of com_joomlaupdate can be manipulated by non Super-Admin users. |
| CVE-2019-2556 |
1 Oracle |
1 Vm Virtualbox |
2019-06-11 |
2.1 |
| Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with... |
