Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-06-17 | CVE-2019-6327 | Classic Buffer Overflow vulnerability in HP products HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v. | 7.5 |
2019-06-17 | CVE-2019-12181 | OS Command Injection vulnerability in Solarwinds Serv-U FTP Server and Serv-U MFT Server A privilege escalation vulnerability exists in SolarWinds Serv-U before 15.1.7 for Linux. | 8.8 |
2019-06-17 | CVE-2019-4103 | Unspecified vulnerability in IBM Tivoli Netcool/Impact 7.1.0 IBM Tivoli Netcool/Impact 7.1.0 allows for remote execution of command by low privileged User. low complexity ibm | 8.0 |
2019-06-17 | CVE-2018-1845 | XXE vulnerability in IBM products IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. | 7.1 |
2019-06-17 | CVE-2018-10239 | Permissions, Privileges, and Access Controls vulnerability in Infoblox Nios A privilege escalation vulnerability in the "support access" feature on Infoblox NIOS 6.8 through 8.4.1 could allow a locally authenticated administrator to temporarily gain additional privileges on an affected device and perform actions within the super user scope. | 7.2 |
2019-06-17 | CVE-2018-20470 | Path Traversal vulnerability in Sahipro Sahi PRO An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. | 7.5 |
2019-06-16 | CVE-2019-12855 | Improper Certificate Validation vulnerability in Twistedmatrix Twisted In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS, allowing an attacker to MITM connections. | 7.4 |
2019-06-15 | CVE-2019-12835 | Out-of-bounds Write vulnerability in Leanify Project Leanify 0.4.3 formats/xml.cpp in Leanify 0.4.3 allows for a controlled out-of-bounds write in xml_memory_writer::write via characters that require escaping. | 7.5 |
2019-06-15 | CVE-2019-12816 | Improper Input Validation vulnerability in ZNC Modules.cpp in ZNC before 1.7.4-rc1 allows remote authenticated non-admin users to escalate privileges and execute arbitrary code by loading a module with a crafted name. | 8.8 |
2019-06-14 | CVE-2019-2257 | Incorrect Permission Assignment for Critical Resource vulnerability in Qualcomm products Wrong permissions in configuration file can lead to unauthorized permission in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, SD 210/SD 212/SD 205, SD 615/16/SD 415, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 855, SDA660, SDM660, SDX20, SDX24 | 7.2 |