CVE-2019-14527

An issue was discovered on NETGEAR Nighthawk M1 MR1100 devices before 12.06.03. System commands can be executed, via the web interface, after authentication...

CVE-2019-13126

An integer overflow in NATS Server before 2.0.2 allows a remote attacker to crash the server by sending a crafted request. If authentication is enabled, then the remote attacker must have first authenticated...

CVE-2019-13126

An integer overflow in NATS Server before 2.0.2 allows a remote attacker to crash the server by sending a crafted request. If authentication is enabled, then the remote attacker must have first authenticated...

CVE-2019-13481

An issue was discovered on D-Link DIR-818LW devices with firmware 2.06betab01. There is a command injection in HNAP1 exploitable with Authentication via shell metacharacters in the MTU field to SetWanSettings...

CVE-2019-13482

An issue was discovered on D-Link DIR-818LW devices with firmware 2.06betab01. There is a command injection in HNAP1 exploitable with Authentication via shell metacharacters in the Type field to SetWanSettings...

CVE-2019-1911

A vulnerability in the CLI of Cisco Unified Communications Domain Manager Cisco Unified CDM Software could allow an authenticated, local attacker to escape the restricted shell. The vulnerability is due to insufficient input validation of shell commands. An attacker could exploit this vulnerabili...

CVE-2019-13152

An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection in apply.cgi exploitable with authentication via the IP Address in Add Gaming Rule...

CVE-2019-13155

An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection in apply.cgi exploitable with authentication via the IP Address in Add Virtual Server...

CVE-2019-13148

An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection in apply.cgi exploitable with authentication via the UDP Ports To Open in Add Gaming Rule...

CVE-2019-13152

An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection in apply.cgi exploitable with authentication via the IP Address in Add Gaming Rule...

CVE-2019-13128

An issue was discovered on D-Link DIR-823G devices with firmware 1.02B03. There is a command injection in HNAP1 exploitable with Authentication via shell metacharacters in the IPAddress or Gateway field to SetStaticRouteSettings...

CVE-2019-13128

An issue was discovered on D-Link DIR-823G devices with firmware 1.02B03. There is a command injection in HNAP1 exploitable with Authentication via shell metacharacters in the IPAddress or Gateway field to SetStaticRouteSettings...

CVE-2019-6581

A vulnerability has been identified in Siveillance VMS 2017 R2 All versions V11.2a, Siveillance VMS 2018 R1 All versions V12.1a, Siveillance VMS 2018 R2 All versions V12.2a, Siveillance VMS 2018 R3 All versions V12.3a, Siveillance VMS 2019 R1 All versions V13.1a. An attacker with network access t...

Simple File List Plugin <= 3.2.4 - Authenticated Arbitrary File Delete

Arbitrary File Delete exist in Simple File List Plugin v 3.2.4 or below Authentication Required: Yes...

CVE-2019-1728

A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to run arbitrary commands at system boot time with the privileges of root. The vulnerability is due to a lack of proper validation of...

CVE-2019-1830

A vulnerability in Locally Significant Certificate LSC management for the Cisco Wireless LAN Controller WLC could allow an authenticated, remote attacker to cause the device to unexpectedly restart, which causes a denial of service DoS condition. The attacker would need to have valid administrato...

CVE-2019-1755

A vulnerability in the Web Services Management Agent WSMA function of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary Cisco IOS commands as a privilege level 15 user. The vulnerability occurs because the affected software improperly sanitizes user-supplied...

CVE-2019-1743

A vulnerability in the web UI framework of Cisco IOS XE Software could allow an authenticated, remote attacker to make unauthorized changes to the filesystem of the affected device. The vulnerability is due to improper input validation. An attacker could exploit this vulnerability by crafting a...

Microsoft Windows SMB Server Information Disclosure Vulnerability (CNVD-2020-31124)

Microsoft Windows is a family of operating systems released by Microsoft Corporation in the United States. Server Message Block SMB is a network file-sharing protocol that allows applications and end users to access file resources from a remote file server. An information disclosure vulnerability...

CVE-2019-1593

A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level by executing commands authorized to other user roles. The attacker must authenticate with valid user credentials. The vulnerability is due to th...