CVE-2019-19487
Command Injection in minPlayCommand.php in Centreon (19.04.4 and below) allows an attacker to achieve command injection via a plugin test.
Source: CVE-2019-19487
[월:] 2020년 03월
CVE-2019-19023
CVE-2019-19023
Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 has a Privilege Escalation Vulnerability in the VMware Harbor Container Registry for the Pivotal Platform.
Source: CVE-2019-19023
CVE-2019-19026
CVE-2019-19026
Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via project quotas in the VMware Harbor Container Registry for the Pivotal Platform.
Source: CVE-2019-19026
CVE-2020-9345
CVE-2020-9345
An issue was discovered in signotec signoPAD-API/Web (formerly Websocket Pad Server) before 3.1.1 on Windows. It is possible to perform a Denial of Service attack because the application doesn’t limit the number of opened WebSocket sockets. If a victim visits an attacker-controlled website, this vulnerability can be exploited.
Source: CVE-2020-9345
CVE-2020-9344
CVE-2020-9344
Subversion ALM for the enterprise before 8.8.2 allows reflected XSS at multiple locations.
Source: CVE-2020-9344
CVE-2019-19029
CVE-2019-19029
Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via user-groups in the VMware Harbor Container Registry for the Pivotal Platform.
Source: CVE-2019-19029
CVE-2020-9343
CVE-2020-9343
An issue was discovered in signotec signoPAD-API/Web (formerly Websocket Pad Server) before 3.1.1 on Windows. It is possible to perform a Denial of Service attack because the implementation doesn’t limit the parsing of nested JSON structures. If a victim visits an attacker-controlled website, this vulnerability can be exploited via WebSocket data with a deeply nested JSON array.
Source: CVE-2020-9343
CVE-2019-19484
CVE-2019-19484
Open redirect via parameter ‘p’ in login.php in Centreon (19.04.4 and below) allows an attacker to craft a payload and execute unintended behavior.
Source: CVE-2019-19484
CVE-2019-18785
CVE-2019-18785
SuiteCRM 7.10.x prior to 7.10.21 and 7.11.x prior to 7.11.9 mishandles API access tokens and credentials.
Source: CVE-2019-18785
CVE-2019-18782
CVE-2019-18782
SuiteCRM 7.10.x prior to 7.10.21 and 7.11.x prior to 7.11.9 does not correctly implement the .htaccess protection mechanism.
Source: CVE-2019-18782