Vulnerabilities (CVE)

CWE filter

CWE-749

Filter

8 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-10931 1 Redhat 1 Satellite 2019-09-11 7.5
It was found that cobbler 2.6.x exposed all functions from its CobblerXMLRPCInterface class over XMLRPC. A remote, unauthenticated attacker could use this flaw to gain high privileges within cobbler, upload files to arbitrary location in the...
CVE-2019-12948 2019-08-06 6.5
A vulnerability in the web-based management interface of VVX, Trio, SoundStructure, SoundPoint, and SoundStation phones running Polycom UC Software, if exploited, could allow an authenticated, remote attacker with admin privileges to cause a...
CVE-2019-5528 1 Vmware 1 Esxi 2019-07-18 5.0
VMware ESXi 6.5 suffers from partial denial of service vulnerability in hostd process. Patch ESXi650-201907201-UG for this issue is available.
CVE-2019-4386 2019-07-04 4.0
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1 could allow an authenticated user to execute a function that would cause the server to crash. IBM X-Force ID: 162714.
CVE-2018-19322 1 Gigabyte 4 Aorus Graphics Engine, App Center, Oc Guru Ii and 1 more 2019-03-21 4.6
The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read/write data from/to IO ports. This could be...
CVE-2018-8949 2018-04-19 5.5
An issue was discovered in app/Model/Attribute.php in MISP before 2.4.89. There is a critical API integrity bug, potentially allowing users to delete attributes of other events. A crafted edit for an event (without attribute UUIDs but attribute...
CVE-2017-2735 2017-12-11 5.8
TIT-AL00 smartphones with software versions earlier before TIT-AL00C583B214 have a exposed system interface vulnerability. The software provides a system interface for interaction with external applications, but calling the interface is not...
CVE-2016-7462 1 Vmware 1 Vrealize Operations 2017-07-28 7.5
The Suite REST API in VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to write arbitrary content to files or rename files via a crafted DiskFileItem in a relay-request payload that is mishandled during...