|
246791
|
7.1 |
HIGH
Local
|
asus
|
zenfone_3_max_firmware
|
The ASUS ZenFone 3 Max Android device with a build fingerprint of asus/US_Phone/ASUS_X008_1:7.0/NRD90M/US_Phone-14.14.1711.92-20171208:user/release-keys contains the android framework (i.e., system_s…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-14980
|
2024-11-21 12:50 |
2019-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246792
|
7.8 |
HIGH
Local
|
cyberark
|
endpoint_privilege_manager
|
CyberArk Endpoint Privilege Manager 10.2.1.603 and earlier allows an attacker (who is able to edit permissions of a file) to bypass intended access restrictions and execute blocked applications.
|
CWE-269
Improper Privilege Management
|
CVE-2018-14894
|
2024-11-21 12:50 |
2019-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246793
|
6.1 |
MEDIUM
Network
|
qasymphony
|
qtest_manager
|
qTest Portal in QASymphony qTest Manager 9.0.0 has an Open Redirect via the /portal/loginform redirect parameter.
|
CWE-601
Open Redirect
|
CVE-2018-15180
|
2024-11-21 12:50 |
2019-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246794
|
7.5 |
HIGH
Network
|
five9
|
agent_desktop_plus
|
Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control allowing a remote attackers to cause a denial of service via opening a connection on port 8083 to a device running the Five9 SoftPhone(is…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-15508
|
2024-11-21 12:50 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246795
|
8.1 |
HIGH
Network
|
ysoft
|
safeq_server_client
|
YSoft SafeQ Server 6 allows a replay attack.
|
CWE-294
Authentication Bypass by Capture-replay
|
CVE-2018-15498
|
2024-11-21 12:50 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246796
|
9.8 |
CRITICAL
Network
|
five9
|
agent_desktop_plus
|
Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 of 2).
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-15509
|
2024-11-21 12:50 |
2019-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246797
|
9.8 |
CRITICAL
Network
|
uvnc
|
ultravnc
|
UltraVNC revision 1198 has a buffer underflow vulnerability in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vu…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-15361
|
2024-11-21 12:50 |
2019-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246798
|
8.8 |
HIGH
Adjacent
|
cisco
|
hyperflex_hx_data_platform
|
A vulnerability in the cluster service manager of Cisco HyperFlex Software could allow an unauthenticated, adjacent attacker to execute commands as the root user. The vulnerability is due to insuffic…
|
CWE-78
OS Command
|
CVE-2018-15380
|
2024-11-21 12:50 |
2019-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246799
|
8.6 |
HIGH
Network
|
dlink
|
central_wifimanager
|
The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, le…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2018-15517
|
2024-11-21 12:50 |
2019-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246800
|
5.8 |
MEDIUM
Network
|
dlink
|
central_wifimanager
|
The FTP service on D-Link Central WiFiManager CWM-100 1.03 r0098 devices allows remote attackers to conduct a PORT command bounce scan via port 8000, resulting in SSRF.
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2018-15516
|
2024-11-21 12:50 |
2019-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
