Search Results (83149 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2019-12577 2 Apple, Londontrustmedia 2 Macos, Private Internet Access Vpn Client 2024-11-21 N/A
A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for macOS could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The macOS binary openvpn_launcher.64 is setuid root. This binary creates /tmp/pia_upscript.sh when executed. Because the file creation mask (umask) is not reset, the umask value is inherited from the calling process. This value can be manipulated to cause the privileged binary to create files with world writable permissions. A local unprivileged user can modify /tmp/pia_upscript.sh during the connect process to execute arbitrary code as the root user.
CVE-2019-12568 1 Open Tftp Server Project 1 Open Tftp Server 2024-11-21 9.8 Critical
Stack-based overflow vulnerability in the logMess function in Open TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via a long TFTP error packet, a different vulnerability than CVE-2018-10387 and CVE-2019-12567.
CVE-2019-12567 1 Open Tftp Server Project 1 Open Tftp Server 2024-11-21 9.8 Critical
Stack-based overflow vulnerability in the logMess function in Open TFTP Server MT 1.65 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via a long TFTP error packet, a different vulnerability than CVE-2018-10387 and CVE-2019-12568.
CVE-2019-12566 1 Veronalabs 1 Wp Statistics 2024-11-21 N/A
The WP Statistics plugin through 12.6.5 for Wordpress has stored XSS in includes/class-wp-statistics-pages.php. This is related to an account with the Editor role creating a post with a title that contains JavaScript, to attack an admin user.
CVE-2019-12562 1 Dnnsoftware 1 Dotnetnuke 2024-11-21 6.1 Medium
Stored Cross-Site Scripting in DotNetNuke (DNN) Version before 9.4.0 allows remote attackers to store and embed the malicious script into the admin notification page. The exploit could be used to perfom any action with admin privileges such as managing content, adding users, uploading backdoors to the server, etc. Successful exploitation occurs when an admin user visits a notification page with stored cross-site scripting.
CVE-2019-12553 1 Sweetscape 1 010 Editor 2024-11-21 N/A
In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the StrCat function (provided by the scripting engine) allows an attacker to overwrite arbitrary memory, which could lead to code execution.
CVE-2019-12551 1 Sweetscape 1 010 Editor 2024-11-21 N/A
In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the Memcpy function (provided by the scripting engine) allows an attacker to overwrite arbitrary memory, which could lead to code execution.
CVE-2019-12550 1 Wago 6 852-1305, 852-1305 Firmware, 852-1505 and 3 more 2024-11-21 N/A
WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded users and passwords that can be used to login via SSH and TELNET.
CVE-2019-12549 1 Wago 6 852-1305, 852-1305 Firmware, 852-1505 and 3 more 2024-11-21 N/A
WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded private keys for the SSH daemon. The fingerprint of the SSH host key from the corresponding SSH daemon matches the embedded private key.
CVE-2019-12543 1 Zohocorp 1 Manageengine Servicedesk Plus 2024-11-21 N/A
An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the PurchaseRequest.do serviceRequestId parameter.
CVE-2019-12542 1 Zohocorp 1 Manageengine Servicedesk Plus 2024-11-21 N/A
An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SearchN.do userConfigID parameter.
CVE-2019-12541 1 Zohocorp 1 Manageengine Servicedesk Plus 2024-11-21 N/A
An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SolutionSearch.do searchText parameter.
CVE-2019-12540 1 Zohocorp 1 Manageengine Servicedesk Plus 2024-11-21 N/A
An issue was discovered in Zoho ManageEngine ServiceDesk Plus 10.5. There is XSS via the WorkOrder.do search field.
CVE-2019-12539 1 Zohocorp 1 Manageengine Servicedesk Plus 2024-11-21 6.1 Medium
An issue was discovered in the Purchase component of Zoho ManageEngine ServiceDesk Plus. There is XSS via the SearchN.do search field, a different vulnerability than CVE-2019-12189.
CVE-2019-12538 1 Zohocorp 1 Manageengine Servicedesk Plus 2024-11-21 N/A
An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SiteLookup.do search field.
CVE-2019-12537 1 Zohocorp 1 Manageengine Assetexplorer 2024-11-21 6.1 Medium
An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via the SearchN.do search field.
CVE-2019-12527 5 Canonical, Debian, Fedoraproject and 2 more 8 Ubuntu Linux, Debian Linux, Fedora and 5 more 2024-11-21 8.8 High
An issue was discovered in Squid 4.0.23 through 4.7. When checking Basic Authentication with HttpHeader::getAuth, Squid uses a global buffer to store the decoded data. Squid does not check that the decoded length isn't greater than the buffer, leading to a heap-based buffer overflow with user controlled data.
CVE-2019-12526 6 Canonical, Debian, Fedoraproject and 3 more 6 Ubuntu Linux, Debian Linux, Fedora and 3 more 2024-11-21 9.8 Critical
An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response can fit within the buffer. This leads to attacker controlled data overflowing in the heap.
CVE-2019-12525 6 Canonical, Debian, Fedoraproject and 3 more 6 Ubuntu Linux, Debian Linux, Fedora and 3 more 2024-11-21 9.8 Critical
An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token's value starts with a quote and ends with one. If so, it performs a memcpy of its length minus 2. Squid never checks whether the value is just a single quote (which would satisfy its requirements), leading to a memcpy of its length minus 1.
CVE-2019-12521 5 Canonical, Debian, Opensuse and 2 more 5 Ubuntu Linux, Debian Linux, Leap and 2 more 2024-11-21 5.9 Medium
An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for holding a stack of ESIElements. When a new ESIElement is parsed, it is added via addStackElement. addStackElement has a check for the number of elements in this buffer, but it's off by 1, leading to a Heap Overflow of 1 element. The overflow is within the same structure so it can't affect adjacent memory blocks, and thus just leads to a crash while processing.