Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-3629 | 4.3 |
Application protection bypass vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows unauthenticated user to impersonate system users via specially crafted parameters.
|
04-03-2023 - 01:46 | 27-06-2019 - 21:15 | |
CVE-2019-3628 | 6.5 |
Privilege escalation in McAfee Enterprise Security Manager (ESM) 11.x prior to 11.2.0 allows authenticated user to gain access to a core system component via incorrect access control.
|
03-03-2023 - 19:33 | 27-06-2019 - 17:15 | |
CVE-2019-3632 | 6.5 |
Directory Traversal vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to gain elevated privileges via specially crafted input.
|
13-12-2022 - 02:31 | 27-06-2019 - 21:15 | |
CVE-2019-3631 | 6.5 |
Command Injection vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to execute arbitrary code via specially crafted parameters.
|
13-12-2022 - 02:29 | 27-06-2019 - 21:15 | |
CVE-2019-3630 | 6.5 |
Command Injection vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to execute arbitrary code via specially crafted parameters.
|
13-12-2022 - 02:28 | 27-06-2019 - 21:15 | |
CVE-2015-7704 | 5.0 |
The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.
|
17-11-2021 - 22:15 | 07-08-2017 - 20:29 | |
CVE-2016-10708 | 5.0 |
sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.
|
14-09-2021 - 13:15 | 21-01-2018 - 22:29 | |
CVE-2018-11784 | 4.3 |
When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause
|
13-07-2021 - 17:15 | 04-10-2018 - 13:29 | |
CVE-2017-18258 | 4.3 |
The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legi
|
10-09-2020 - 01:15 | 08-04-2018 - 17:29 | |
CVE-2018-18258 | 7.5 |
An issue was discovered in BageCMS 3.1.3. The attacker can execute arbitrary PHP code on the web server and can read any file on the web server via an index.php?r=admini/template/updateTpl&filename= URI.
|
26-06-2019 - 08:15 | 11-10-2018 - 21:01 | |
CVE-2018-10858 | 6.5 |
A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and
|
26-06-2019 - 08:15 | 22-08-2018 - 17:29 |