Search
Search Results (355187 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-17308 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 8.8 High |
| SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Emails module by a Regular user. | ||||
| CVE-2019-17307 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 7.2 High |
| SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Tracker module by an Admin user. | ||||
| CVE-2019-17306 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 7.2 High |
| SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Configurator module by an Admin user. | ||||
| CVE-2019-17305 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 8.8 High |
| SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Regular user. | ||||
| CVE-2019-17304 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 7.2 High |
| SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by an Admin user. | ||||
| CVE-2019-17303 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 8.8 High |
| SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Developer user. | ||||
| CVE-2019-17302 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 8.8 High |
| SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the ModuleBuilder module by a Developer user. | ||||
| CVE-2019-17301 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 7.2 High |
| SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the ModuleBuilder module by an Admin user. | ||||
| CVE-2019-17300 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 8.8 High |
| SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Administration module by a Developer user. | ||||
| CVE-2019-17299 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 7.2 High |
| SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Administration module by an Admin user. | ||||
| CVE-2019-17298 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 8.8 High |
| SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Administration module by a Developer user. | ||||
| CVE-2019-17297 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 8.8 High |
| SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Quotes module by a Regular user. | ||||
| CVE-2019-17296 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 8.8 High |
| SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Contacts module by a Regular user. | ||||
| CVE-2019-17295 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 8.8 High |
| SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the history function by a Regular user. | ||||
| CVE-2019-17294 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 8.8 High |
| SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the export function by a Regular user. | ||||
| CVE-2019-17293 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 8.8 High |
| SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Project module by a Regular user. | ||||
| CVE-2019-17292 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 7.2 High |
| SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Inbox module by an Admin user. | ||||
| CVE-2019-17276 | 1 Netapp | 1 Oncommand System Manager | 2024-11-21 | 5.4 Medium |
| OnCommand System Manager versions 9.3 prior to 9.3P18 and 9.4 prior to 9.4P2 are susceptible to a cross site scripting vulnerability that could allow an authenticated attacker to inject arbitrary scripts into the SNMP Community Names label field. | ||||
| CVE-2019-17275 | 1 Netapp | 1 Oncommand Cloud Manager | 2024-11-21 | 9.8 Critical |
| OnCommand Cloud Manager versions prior to 3.8.0 are susceptible to arbitrary code execution by remote attackers. | ||||
| CVE-2019-17274 | 1 Netapp | 6 All Flash Fabric-attached Storage A400, All Flash Fabric-attached Storage A400 Firmware, Fabric-attached Storage 8300 and 3 more | 2024-11-21 | 7.8 High |
| NetApp FAS 8300/8700 and AFF A400 Baseboard Management Controller (BMC) firmware versions 13.x prior to 13.1P1 were shipped with a default account enabled that could allow unauthorized arbitrary command execution via local access. | ||||