Search Results (83259 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2019-19918 3 Fedoraproject, Lout Project, Opensuse 4 Fedora, Lout, Backports Sle and 1 more 2024-11-21 7.8 High
Lout 3.40 has a heap-based buffer overflow in the srcnext() function in z02.c.
CVE-2019-19916 2 Microsoft, Midori-browser 2 Windows 10, Midori 2024-11-21 6.1 Medium
In Midori Browser 0.5.11 (on Windows 10), Content Security Policy (CSP) is not applied correctly to all parts of multipart content sent with the multipart/x-mixed-replace MIME type. This could result in script running where CSP should have blocked it, allowing for cross-site scripting (XSS) and other attacks when the product renders the content as HTML. Remediating this would also need to consider the polyglot case, e.g., a file that is a valid GIF image and also valid JavaScript.
CVE-2019-19915 1 Webfactoryltd 1 301 Redirects 2024-11-21 9.0 Critical
The "301 Redirects - Easy Redirect Manager" plugin before 2.45 for WordPress allows users (with subscriber or greater access) to modify, delete, or inject redirect rules, and exploit XSS, with the /admin-ajax.php?action=eps_redirect_save and /admin-ajax.php?action=eps_redirect_delete actions. This could result in a loss of site availability, malicious redirects, and user infections. This could also be exploited via CSRF.
CVE-2019-19913 1 Intland 1 Codebeamer 2024-11-21 4.8 Medium
In Intland codeBeamer ALM 9.5 and earlier, there is stored XSS via the Trackers Title parameter.
CVE-2019-19912 1 Intland 1 Codebeamer 2024-11-21 4.8 Medium
In Intland codeBeamer ALM 9.5 and earlier, a cross-site scripting (XSS) vulnerability in the Upload Flash File feature allows authenticated remote attackers to inject arbitrary scripts via an active script embedded in an SWF file.
CVE-2019-19910 1 Mediawiki 1 Mediawiki 2024-11-21 6.1 Medium
The MinervaNeue Skin in MediaWiki from 2019-11-05 to 2019-12-13 (1.35 and/or 1.34) mishandles certain HTML attributes, as demonstrated by IMG onmouseover= (impact is XSS) and IMG src=http (impact is disclosing the client's IP address). This can occur within a talk page topical header that is viewed within a mobile (MobileFrontend) context.
CVE-2019-19908 1 Ciprianmp 1 Phpmychat-plus 2024-11-21 6.1 Medium
phpMyChat-Plus 1.98 is vulnerable to reflected XSS via JavaScript injection into the password reset URL. In the URL, the pmc_username parameter to pass_reset.php is vulnerable.
CVE-2019-19906 8 Apache, Apple, Canonical and 5 more 20 Bookkeeper, Ipados, Iphone Os and 17 more 2024-11-21 7.5 High
cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.
CVE-2019-19903 1 Backdropcms 1 Backdrop Cms 2024-11-21 4.8 Medium
An issue was discovered in Backdrop CMS 1.14.x before 1.14.2. It doesn't sufficiently filter output when displaying file type descriptions created by administrators. An attacker could potentially craft a specialized description, then have an administrator execute scripting when viewing the list of file types, aka XSS. This vulnerability is mitigated by the fact that an attacker must have a role with the "Administer file types" permission.
CVE-2019-19901 1 Backdropcms 1 Backdrop Cms 2024-11-21 4.8 Medium
An issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14.x before 1.14.2. It doesn't sufficiently filter output when displaying certain block descriptions created by administrators. An attacker could potentially craft a specialized description, then have an administrator execute scripting when configuring a layout, aka XSS. This issue is mitigated by the fact that the attacker would be required to have the permission to create custom blocks, which is typically an administrative task.
CVE-2019-19900 1 Backdropcms 1 Backdrop Cms 2024-11-21 4.8 Medium
An issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14.x before 1.14.2. It doesn't sufficiently filter output when displaying content type names in the content creation interface. An attacker could potentially craft a specialized content type name, then have an editor execute scripting when creating content, aka XSS. This vulnerability is mitigated by the fact that an attacker must have a role with the "Administer content types" permission.
CVE-2019-19897 1 Ixpdata 1 Easyinstall 2024-11-21 9.8 Critical
In IXP EasyInstall 6.2.13723, there is Remote Code Execution via the Agent Service. An unauthenticated attacker can communicate with the Agent Service over TCP port 20051, and execute code in the NT AUTHORITY\SYSTEM context of the target system by using the Execute Command Line function.
CVE-2019-19895 1 Ixpdata 1 Easyinstall 2024-11-21 7.8 High
In IXP EasyInstall 6.2.13723, there is Lateral Movement (using the Agent Service) against other users on a client system. An authenticated attacker can, by modifying %SYSTEMDRIVE%\IXP\SW\[PACKAGE_CODE]\EveryLogon.bat, achieve this movement and execute code in the context of other users.
CVE-2019-19894 1 Ixpdata 1 Easyinstall 2024-11-21 5.5 Medium
In IXP EasyInstall 6.2.13723, it is possible to temporarily disable UAC by using the Agent Service on a client system. An authenticated attacker (non-admin) can disable UAC for other users by renaming and replacing %SYSTEMDRIVE%\IXP\DATA\IXPAS.IXP.
CVE-2019-19882 1 Shadow Project 1 Shadow 2024-11-21 7.8 High
shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).
CVE-2019-19875 1 Br-automation 1 Industrial Automation Aprol 2024-11-21 9.8 Critical
An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. Arbitrary commands could be injected (using Python scripts) via the AprolCluster script that is invoked via sudo and thus executes with root privileges, a different vulnerability than CVE-2019-16364.
CVE-2019-19874 1 Br-automation 1 Industrial Automation Aprol 2024-11-21 9.8 Critical
An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. Some web scripts in the web interface allowed injection and execution of arbitrary unintended commands on the web server, a different vulnerability than CVE-2019-16364.
CVE-2019-19872 1 Br-automation 1 Industrial Automation Aprol 2024-11-21 9.8 Critical
An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. The AprolLoader could be used to inject and execute arbitrary unintended commands via an unspecified attack scenario, a different vulnerability than CVE-2019-16364.
CVE-2019-19865 1 Atos 1 Unify Openscape Uc Web Client 2024-11-21 6.1 Medium
Atos Unify OpenScape UC Application V9 before version V9 R4.31.0 and V10 before version V10 R0.6.0 allows XSS. An attacker could exploit this by convincing an authenticated user to inject arbitrary JavaScript code in the Profile Name field. A browser would execute this stored XSS payload.
CVE-2019-19858 1 Serpico Project 1 Serpico 2024-11-21 4.8 Medium
An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. admin/add_user/UID allows stored XSS via the author parameter.