Microsoft SharePoint Business Data Connectivity Service Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability. The specific flaw exists within the Business Data Connectivity Service. A crafted request can trigger the deserializati...

CVE-2019-1963

A vulnerability in the Simple Network Management Protocol SNMP input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper...

CVE-2019-15528

An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 exploitable with Authentication via shell metacharacters in the Interface field to SetStaticRouteSettings...

CVE-2019-14527

An issue was discovered on NETGEAR Nighthawk M1 MR1100 devices before 12.06.03. System commands can be executed, via the web interface, after authentication...

CVE-2019-13126

An integer overflow in NATS Server before 2.0.2 allows a remote attacker to crash the server by sending a crafted request. If authentication is enabled, then the remote attacker must have first authenticated...

CVE-2019-13126

An integer overflow in NATS Server before 2.0.2 allows a remote attacker to crash the server by sending a crafted request. If authentication is enabled, then the remote attacker must have first authenticated...

CVE-2019-13481

An issue was discovered on D-Link DIR-818LW devices with firmware 2.06betab01. There is a command injection in HNAP1 exploitable with Authentication via shell metacharacters in the MTU field to SetWanSettings...

CVE-2019-13482

An issue was discovered on D-Link DIR-818LW devices with firmware 2.06betab01. There is a command injection in HNAP1 exploitable with Authentication via shell metacharacters in the Type field to SetWanSettings...

CVE-2019-1911

A vulnerability in the CLI of Cisco Unified Communications Domain Manager Cisco Unified CDM Software could allow an authenticated, local attacker to escape the restricted shell. The vulnerability is due to insufficient input validation of shell commands. An attacker could exploit this vulnerabili...

CVE-2019-13152

An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection in apply.cgi exploitable with authentication via the IP Address in Add Gaming Rule...

CVE-2019-13155

An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection in apply.cgi exploitable with authentication via the IP Address in Add Virtual Server...

CVE-2019-13148

An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection in apply.cgi exploitable with authentication via the UDP Ports To Open in Add Gaming Rule...

CVE-2019-13152

An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection in apply.cgi exploitable with authentication via the IP Address in Add Gaming Rule...

CVE-2019-13128

An issue was discovered on D-Link DIR-823G devices with firmware 1.02B03. There is a command injection in HNAP1 exploitable with Authentication via shell metacharacters in the IPAddress or Gateway field to SetStaticRouteSettings...

CVE-2019-13128

An issue was discovered on D-Link DIR-823G devices with firmware 1.02B03. There is a command injection in HNAP1 exploitable with Authentication via shell metacharacters in the IPAddress or Gateway field to SetStaticRouteSettings...

CVE-2019-6581

A vulnerability has been identified in Siveillance VMS 2017 R2 All versions V11.2a, Siveillance VMS 2018 R1 All versions V12.1a, Siveillance VMS 2018 R2 All versions V12.2a, Siveillance VMS 2018 R3 All versions V12.3a, Siveillance VMS 2019 R1 All versions V13.1a. An attacker with network access t...

Simple File List Plugin <= 3.2.4 - Authenticated Arbitrary File Delete

Arbitrary File Delete exist in Simple File List Plugin v 3.2.4 or below Authentication Required: Yes...

CVE-2019-1728

A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to run arbitrary commands at system boot time with the privileges of root. The vulnerability is due to a lack of proper validation of...

CVE-2019-1830

A vulnerability in Locally Significant Certificate LSC management for the Cisco Wireless LAN Controller WLC could allow an authenticated, remote attacker to cause the device to unexpectedly restart, which causes a denial of service DoS condition. The attacker would need to have valid administrato...

CVE-2019-1755

A vulnerability in the Web Services Management Agent WSMA function of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary Cisco IOS commands as a privilege level 15 user. The vulnerability occurs because the affected software improperly sanitizes user-supplied...