Search Results (83231 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2019-17213 1 Webarxsecurity 1 Webarx 2024-11-21 6.1 Medium
The WebARX plugin 1.3.0 for WordPress has unauthenticated stored XSS via the URI or the X-Forwarded-For HTTP header.
CVE-2019-17212 1 Mbed 1 Mbed 2024-11-21 9.8 Critical
Buffer overflows were discovered in the CoAP library in Arm Mbed OS 5.14.0. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse() parses CoAP input linearly using a while loop. Once an option is parsed in a loop, the current point (*packet_data_pptr) is increased correspondingly. The pointer is restricted by the size of the received buffer, as well as by the 0xFF delimiter byte. Inside each while loop, the check of the value of *packet_data_pptr is not strictly enforced. More specifically, inside a loop, *packet_data_pptr could be increased and then dereferenced without checking. Moreover, there are many other functions in the format of sn_coap_parser_****() that do not check whether the pointer is within the bounds of the allocated buffer. All of these lead to heap-based or stack-based buffer overflows, depending on how the CoAP packet buffer is allocated.
CVE-2019-17207 1 Managewp 1 Broken Link Checker 2024-11-21 5.4 Medium
A reflected XSS vulnerability was found in includes/admin/table-printer.php in the broken-link-checker (aka Broken Link Checker) plugin 1.11.8 for WordPress. This allows unauthorized users to inject client-side JavaScript into an admin-only WordPress page via the wp-admin/tools.php?page=view-broken-links s_filter parameter in a search action.
CVE-2019-17205 1 Teampass 1 Teampass 2024-11-21 6.1 Medium
TeamPass 2.1.27.36 allows Stored XSS by placing a payload in the username field during a login attempt. When an administrator looks at the log of failed logins, the XSS payload will be executed.
CVE-2019-17204 1 Teampass 1 Teampass 2024-11-21 5.4 Medium
TeamPass 2.1.27.36 allows Stored XSS by setting a crafted Knowledge Base label and adding any available item.
CVE-2019-17203 1 Teampass 1 Teampass 2024-11-21 5.4 Medium
TeamPass 2.1.27.36 allows Stored XSS at the Search page by setting a crafted password for an item in any folder.
CVE-2019-17195 4 Apache, Connect2id, Oracle and 1 more 17 Hadoop, Nimbus Jose\+jwt, Communications Cloud Native Core Security Edge Protection Proxy and 14 more 2024-11-21 9.8 Critical
Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authentication bypass.
CVE-2019-17189 1 Totemo 1 Totemodata 2024-11-21 5.4 Medium
totemodata 3.0.0_b936 has XSS via a folder name.
CVE-2019-17183 2 Foxitsoftware, Microsoft 2 Reader, Windows 2024-11-21 7.5 High
Foxit Reader before 9.7 allows an Access Violation and crash if insufficient memory exists.
CVE-2019-17179 1 Open-emr 1 Openemr 2024-11-21 6.1 Medium
4.1.0, 4.1.1, 4.1.2, 4.1.2.3, 4.1.2.6, 4.1.2.7, 4.2.0, 4.2.1, 4.2.2, 5.0.0, 5.0.0.5, 5.0.0.6, 5.0.1, 5.0.1.1, 5.0.1.2, 5.0.1.3, 5.0.1.4, 5.0.1.5, 5.0.1.6, 5.0.1.7, 5.0.2, fixed in version 5.0.2.1
CVE-2019-17177 2 Freerdp, Opensuse 2 Freerdp, Leap 2024-11-21 7.5 High
libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0.0-rc4 has memory leaks because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value.
CVE-2019-17176 1 Genesys 1 Eservices Chat 2024-11-21 6.1 Medium
Genesys PureEngage Digital (eServices) 8.1.x allows XSS via HtmlChatPanel.jsp or HtmlChatFrameSet.jsp (ActionColor, ClientNickNameColor, Email, email, or email_address parameter).
CVE-2019-17148 1 Parallels 1 Parallels Desktop 2024-11-21 7.8 High
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop version 14.1.3 (45485). An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Parallels Service. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of root. Was ZDI-CAN-8685.
CVE-2019-17145 1 Foxitsoftware 1 Phantompdf 2024-11-21 8.8 High
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion of DXF files to PDF. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9276.
CVE-2019-17144 1 Foxitsoftware 1 Phantompdf 2024-11-21 8.8 High
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion of DWG files to PDF. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9274.
CVE-2019-17139 2 Foxitsoftware, Microsoft 3 Foxit Reader, Phantompdf, Windows 2024-11-21 8.8 High
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of Javascript in the HTML2PDF plugin. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8692.
CVE-2019-17135 1 Foxitsoftware 1 Phantompdf 2024-11-21 7.8 High
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8775.
CVE-2019-17127 1 Solarwinds 1 Orion Platform 2024-11-21 6.1 Medium
A Stored Client Side Template Injection (CSTI) with Angular was discovered in the SolarWinds Orion Platform 2019.2 HF1 in many application forms. An attacker can inject an Angular expression and escape the Angular sandbox to achieve stored XSS. This can lead to privilege escalation.
CVE-2019-17125 1 Solarwinds 1 Orion Platform 2024-11-21 6.1 Medium
A Reflected Client Side Template Injection (CSTI) with Angular was discovered in the SolarWinds Orion Platform 2019.2 HF1 in many forms. An attacker can inject an Angular expression and escape the Angular sandbox to achieve stored XSS.
CVE-2019-17123 1 Egain 1 Mail 2024-11-21 7.5 High
The eGain Web Email API 11+ allows spoofed messages because the fromName and message fields (to /system/ws/v11/ss/email) are mishandled, as demonstrated by fromName header injection with a %0a or %0d character. (Also, the message parameter can have initial HTML comment characters.)