• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-20

CVE-2019-11014

February 26, 2023 by

The VStarCam vstc.vscam.client library and vstc.vscam shared object, as used in the Eye4 application (for Android, iOS, and Windows), do not prevent spoofing of the camera server. An attacker can create a fake camera server that listens for the client looking for a camera on the local network. When the camera responds to the client, it responds via the broadcast address, giving all information necessary to impersonate the camera. The attacker then floods the client with responses, causing the original camera to be denied service from the client, and thus causing the client to then communicate exclusively with the attacker’s fake camera server. When connecting to the fake camera server, the client sends all details necessary to login to the camera (username and password).

CVE-2019-10969

February 26, 2023 by

Moxa EDR 810, all versions 5.1 and prior, allows an authenticated attacker to abuse the ping feature to execute unauthorized commands on the router, which may allow an attacker to perform remote code execution.

CVE-2019-10973

February 26, 2023 by

Quest KACE, all versions prior to version 8.0.x, 8.1.x, and 9.0.x, allows unintentional access to the appliance leveraging functions of the troubleshooting tools located in the administrator user interface.

CVE-2019-10937

February 26, 2023 by

A vulnerability has been identified in SIMATIC TDC CP51M1 (All versions < V1.1.7). An attacker with network access to the device could cause a Denial-of-Service condition by sending a specially crafted UDP packet. The vulnerability affects the UDP communication of the device. The security vulnerability could be exploited without authentication. No user interaction is required to exploit this security vulnerability. Successful exploitation of the security vulnerability compromises availability of the targeted system. At the time of advisory publication no public exploitation of this security vulnerability was known.

CVE-2019-1079

February 26, 2023 by

An information disclosure vulnerability exists when Visual Studio improperly parses XML input in certain settings files, aka ‘Visual Studio Information Disclosure Vulnerability’.

CVE-2019-10672

February 26, 2023 by

treeRead in hdf/btree.c in libmysofa before 0.7 does not properly validate multiplications and additions.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 471
  • Go to page 472
  • Go to page 473
  • Go to page 474
  • Go to page 475
  • Interim pages omitted …
  • Go to page 681
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE