Vulnerabilities (CVE)

CWE filter

CWE-284

Filter

3320 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-12173 2019-04-18 7.2
Insufficient access protection in firmware in Intel Server Board, Intel Server System and Intel Compute Module before firmware version 00.01.0014 may allow an unauthenticated attacker to potentially execute arbitrary code resulting in information...
CVE-2019-1686 1 Cisco 1 Ios Xr 2019-04-18 5.0
A vulnerability in the TCP flags inspection feature for access control lists (ACLs) on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an...
CVE-2019-1654 2019-04-18 7.2
A vulnerability in the development shell (devshell) authentication for Cisco Aironet Series Access Points (APs) running the Cisco AP-COS operating system could allow an authenticated, local attacker to access the development shell without proper...
CVE-2017-3300 1 Oracle 1 Peoplesoft Enterprise Peopletools 2019-04-18 5.8
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Multichannel Framework). Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated...
CVE-2017-3546 1 Oracle 1 Peoplesoft Enterprise Peopletools 2019-04-18 6.4
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: MultiChannel Framework). Supported versions that are affected are 8.54 and 8.55. Easily "exploitable" vulnerability allows...
CVE-2017-3547 1 Oracle 1 Peoplesoft Enterprise Peopletools 2019-04-18 7.1
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: MultiChannel Framework). Supported versions that are affected are 8.54 and 8.55. Easily "exploitable" vulnerability allows...
CVE-2017-3548 1 Oracle 1 Peoplesoft Enterprise Peopletools 2019-04-18 6.4
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Supported versions that are affected are 8.54 and 8.55. Easily "exploitable" vulnerability allows unauthenticated...
CVE-2017-3549 1 Oracle 1 Scripting 2019-04-18 7.5
Vulnerability in the Oracle Scripting component of Oracle E-Business Suite (subcomponent: Scripting Administration). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily "exploitable"...
CVE-2018-2879 1 Oracle 1 Access Manager 2019-04-18 6.8
Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Authentication Engine). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Difficult to exploit vulnerability allows unauthenticated...
CVE-2019-2422 6 Oracle, Netapp, Canonical and 3 more 15 Jdk, Jre, Oncommand Unified Manager and 12 more 2019-04-18 4.3
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated...
CVE-2019-6110 3 Openbsd, Winscp, Netapp 5 Openssh, Winscp, Element Software and 2 more 2019-04-18 4.0
In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.
CVE-2018-20028 2019-04-18 4.0
Contao 3.x before 3.5.37, 4.4.x before 4.4.31 and 4.6.x before 4.6.11 has Incorrect Access Control.
CVE-2019-9756 1 Gitlab 1 Gitlab 2019-04-17 7.5
An issue was discovered in GitLab Community and Enterprise Edition 10.x (starting from 10.8) and 11.x before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control, a different vulnerability than CVE-2019-9732.
CVE-2019-9225 1 Gitlab 1 Gitlab 2019-04-17 5.0
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 5 of 5).
CVE-2019-9224 1 Gitlab 1 Gitlab 2019-04-17 5.0
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 4 of 5).
CVE-2019-9219 1 Gitlab 1 Gitlab 2019-04-17 4.3
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 2 of 5).
CVE-2019-9170 1 Gitlab 1 Gitlab 2019-04-17 5.0
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control.
CVE-2019-7155 1 Gitlab 1 Gitlab 2019-04-17 4.0
An issue was discovered in GitLab Community and Enterprise Edition 9.x, 10.x, and 11.x before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Incorrect Access Control.
CVE-2019-3835 4 Artifex, Redhat, Fedoraproject and 1 more 10 Ghostscript, Ansible Tower, Fedora and 7 more 2019-04-17 4.3
It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the...
CVE-2019-3838 5 Artifex, Redhat, Fedoraproject and 2 more 11 Ghostscript, Ansible Tower, Fedora and 8 more 2019-04-17 4.3
It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the...