CVE-2019-5365
published 2019-06-05CVE-2019-5365: A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
PriorityP261high8.8CVSS 3.0
AVNACLPRLUINSUCHIHAH
EPSS
3.64%
88.2th percentile
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hp | intelligent_management_center | < 7.3 | 7.3 |
| hp | intelligent_management_center | — | — |
CVSS provenance
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-f52w-m32f-hjhj: A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7
ghsa_unreviewed·2022-05-24
CVE-2019-5365 [HIGH] GHSA-f52w-m32f-hjhj: A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
GHSA
Missing Initialization of Resource in Apache Arrow
ghsa·2022-05-24
CVE-2019-12410 [HIGH] CWE-909 Missing Initialization of Resource in Apache Arrow
Missing Initialization of Resource in Apache Arrow
While investigating UBSAN errors in https://github.com/apache/arrow/pull/5365 it was discovered Apache Arrow versions 0.12.0 to 0.14.1, left memory Array data uninitialized when reading RLE null data from parquet. This affected the C++, Python, Ruby and R implementations. The uninitialized memory could potentially be shared if are transmitted over the wire (for instance with Flight) or persisted in the streaming IPC and file formats.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2019-06-05
Published