Export limit exceeded: 365153 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 365153 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 365153 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (365153 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-7283 | 2 Debian, Netkit | 2 Debian Linux, Netkit | 2024-11-21 | 7.4 High |
| An issue was discovered in rcp in NetKit through 0.17. For an rcp operation, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned. A malicious rsh server (or Man-in-The-Middle attacker) can overwrite arbitrary files in a directory on the rcp client machine. This is similar to CVE-2019-6111. | ||||
| CVE-2019-7282 | 3 Debian, Fedoraproject, Netkit | 3 Debian Linux, Fedora, Netkit | 2024-11-21 | 5.9 Medium |
| In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. This is similar to CVE-2018-20685. | ||||
| CVE-2019-7281 | 1 Primasystems | 1 Flexair | 2024-11-21 | 8.8 High |
| Prima Systems FlexAir, Versions 2.3.38 and prior. An unauthenticated user can send unverified HTTP requests, which may allow the attacker to perform certain actions with administrative privileges if a logged-in user visits a malicious website. | ||||
| CVE-2019-7280 | 1 Primasystems | 1 Flexair | 2024-11-21 | 8.8 High |
| Prima Systems FlexAir, Versions 2.3.38 and prior. The session-ID is of an insufficient length and can be exploited by brute force, which may allow a remote attacker to obtain a valid session and bypass authentication. | ||||
| CVE-2019-7279 | 1 Optergy | 2 Enterprise, Proton | 2024-11-21 | N/A |
| Optergy Proton/Enterprise devices have Hard-coded Credentials. | ||||
| CVE-2019-7278 | 1 Optergy | 2 Enterprise, Proton | 2024-11-21 | N/A |
| Optergy Proton/Enterprise devices have an Unauthenticated SMS Sending Service. | ||||
| CVE-2019-7277 | 1 Optergy | 2 Enterprise, Proton | 2024-11-21 | N/A |
| Optergy Proton/Enterprise devices allow Unauthenticated Internal Network Information Disclosure. | ||||
| CVE-2019-7276 | 1 Optergy | 2 Enterprise, Proton | 2024-11-21 | N/A |
| Optergy Proton/Enterprise devices allow Remote Root Code Execution via a Backdoor Console. | ||||
| CVE-2019-7275 | 1 Optergy | 2 Enterprise, Proton | 2024-11-21 | 6.1 Medium |
| Optergy Proton/Enterprise devices allow Open Redirect. | ||||
| CVE-2019-7274 | 1 Optergy | 2 Enterprise, Proton | 2024-11-21 | 9.8 Critical |
| Optergy Proton/Enterprise devices allow Authenticated File Upload with Code Execution as root. | ||||
| CVE-2019-7273 | 1 Optergy | 2 Enterprise, Proton | 2024-11-21 | 8.8 High |
| Optergy Proton/Enterprise devices allow Cross-Site Request Forgery (CSRF). | ||||
| CVE-2019-7272 | 1 Optergy | 2 Enterprise, Proton | 2024-11-21 | 5.3 Medium |
| Optergy Proton/Enterprise devices allow Username Disclosure. | ||||
| CVE-2019-7271 | 1 Nortekcontrol | 4 Linear Emerge 5000p, Linear Emerge 5000p Firmware, Linear Emerge 50p and 1 more | 2024-11-21 | N/A |
| Nortek Linear eMerge 50P/5000P devices have Default Credentials. | ||||
| CVE-2019-7270 | 1 Nortekcontrol | 4 Linear Emerge 5000p, Linear Emerge 5000p Firmware, Linear Emerge 50p and 1 more | 2024-11-21 | 8.8 High |
| Linear eMerge 50P/5000P devices allow Cross-Site Request Forgery (CSRF). | ||||
| CVE-2019-7269 | 1 Nortekcontrol | 4 Linear Emerge 5000p, Linear Emerge 5000p Firmware, Linear Emerge 50p and 1 more | 2024-11-21 | 9.8 Critical |
| Linear eMerge 50P/5000P devices allow Authenticated Command Injection with root Code Execution. | ||||
| CVE-2019-7268 | 1 Nortekcontrol | 4 Linear Emerge 5000p, Linear Emerge 5000p Firmware, Linear Emerge 50p and 1 more | 2024-11-21 | 10.0 Critical |
| Linear eMerge 50P/5000P devices allow Unauthenticated File Upload. | ||||
| CVE-2019-7267 | 1 Nortekcontrol | 4 Linear Emerge 5000p, Linear Emerge 5000p Firmware, Linear Emerge 50p and 1 more | 2024-11-21 | 9.8 Critical |
| Linear eMerge 50P/5000P devices allow Cookie Path Traversal. | ||||
| CVE-2019-7266 | 1 Nortekcontrol | 4 Linear Emerge 5000p, Linear Emerge 5000p Firmware, Linear Emerge 50p and 1 more | 2024-11-21 | 9.8 Critical |
| Linear eMerge 50P/5000P devices allow Authentication Bypass. | ||||
| CVE-2019-7265 | 1 Nortekcontrol | 4 Linear Emerge Elite, Linear Emerge Elite Firmware, Linear Emerge Essential and 1 more | 2024-11-21 | 9.8 Critical |
| Linear eMerge E3-Series devices allow Remote Code Execution (root access over SSH). | ||||
| CVE-2019-7264 | 1 Nortekcontrol | 4 Linear Emerge Elite, Linear Emerge Elite Firmware, Linear Emerge Essential and 1 more | 2024-11-21 | N/A |
| Linear eMerge E3-Series devices allow a Stack-based Buffer Overflow on the ARM platform. | ||||