Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-16246PUBLISHED: 2019-12-12Intesync Solismed 3.3sp1 allows Local File Inclusion (LFI), a different vulnerability than CVE-2019-15931. This leads to unauthenticated code execution.
CVE-2019-17358PUBLISHED: 2019-12-12
Cacti through 1.2.7 is affected by multiple instances of lib/functions.php unsafe deserialization of user-controlled data to populate arrays. An authenticated attacker could use this to influence object data values and control actions taken by Cacti or potentially cause memory corruption in the PHP ...
CVE-2019-17428PUBLISHED: 2019-12-12An issue was discovered in Intesync Solismed 3.3sp1. An flaw in the encryption implementation exists, allowing for all encrypted data stored within the database to be decrypted.
CVE-2019-18345PUBLISHED: 2019-12-12
A reflected XSS issue was discovered in DAViCal through 1.1.8. It echoes the action parameter without encoding. If a user visits an attacker-supplied link, the attacker can view all data the attacked user can view, as well as perform all actions in the name of the user. If the user is an administrat...
CVE-2019-19198PUBLISHED: 2019-12-12The Scoutnet Kalender plugin 1.1.0 for WordPress allows XSS.
User Rank: Author
11/4/2019 | 5:55:33 AM
SMBs that build effective IT security frameworks are able to move more quickly and surely than their competitors. Environments without effective IT security solutions will have difficulty innovating and are likely to fall behind more nimble competitors.