Security Vulnerabilities - CVEs Published In October 2019
Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a cross-site request forgery vulnerability. Successful exploitation could lead to sensitive information disclosure.
CVSS Score
6.5
EPSS Score
0.014
Published
2019-10-25
D-Link DIR-865L has SMB Symlink Traversal due to misconfiguration in the SMB service allowing symbolic links to be created to locations outside of the Samba share.
CVSS Score
8.8
EPSS Score
0.003
Published
2019-10-25
D-Link DIR-865L has Information Disclosure.
CVSS Score
6.5
EPSS Score
0.002
Published
2019-10-25
D-Link DIR-865L has PHP File Inclusion in the router xml file.
CVSS Score
9.8
EPSS Score
0.013
Published
2019-10-25
Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have an authentication bypass vulnerability. Successful exploitation could lead to sensitive information disclosure.
CVSS Score
7.5
EPSS Score
0.046
Published
2019-10-25
Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability. Successful exploitation could lead to sensitive information disclosure.
CVSS Score
7.5
EPSS Score
0.01
Published
2019-10-25
Adobe Experience Manager versions 6.5, 6.4 and 6.3 have a cross site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
CVSS Score
6.1
EPSS Score
0.016
Published
2019-10-25
Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a reflected cross site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
CVSS Score
6.1
EPSS Score
0.016
Published
2019-10-25
Zend Framework before 2.2.10 and 2.3.x before 2.3.5 has Potential SQL injection in PostgreSQL Zend\Db adapter.
CVSS Score
9.8
EPSS Score
0.004
Published
2019-10-25
Milesight IP security cameras through 2016-11-14 have a buffer overflow in a web application via a long username or password.
CVSS Score
9.8
EPSS Score
0.035
Published
2019-10-25