Search Results (83143 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2019-12325 1 Htek 2 Uc902, Uc902 Firmware 2024-11-21 8.8 High
The Htek UC902 VoIP phone web management interface contains several buffer overflow vulnerabilities in the firmware version 2.0.4.4.46, which allow an attacker to crash the device (DoS) without authentication or execute code (authenticated as a user) to spawn a remote shell as a root user.
CVE-2019-12324 1 Akuvox 2 Sp-r50p, Sp-r50p Firmware 2024-11-21 N/A
A command injection (missing input validation) issue in the IP address field for the logging server in the configuration web interface on the Akuvox R50P VoIP phone with firmware 50.0.6.156 allows an authenticated remote attacker in the same network to trigger OS commands via shell metacharacters in a POST request.
CVE-2019-12323 1 Hostingcontroller 1 Hc10 2024-11-21 N/A
The HC.Server service in Hosting Controller HC10 10.14 allows an Invalid Pointer Write DoS.
CVE-2019-12315 1 Samsung 2 Scx-824, Scx-824 Firmware 2024-11-21 N/A
Samsung SCX-824 printers allow a reflected Cross-Site-Scripting (XSS) vulnerability that can be triggered by using the "print from file" feature, as demonstrated by the sws/swsAlert.sws?popupid=successMsg msg parameter.
CVE-2019-12313 1 Dollarshaveclub 1 Shave 2024-11-21 N/A
XSS exists in Shave before 2.5.3 because output encoding is mishandled during the overwrite of an HTML element.
CVE-2019-12311 1 Sandline 1 Centraleyezer 2024-11-21 6.1 Medium
Sandline Centraleyezer (On Premises) allows Unrestricted File Upload leading to Stored XSS. An HTML page running a script could be uploaded to the server. When a victim tries to download a CISO Report template, the script is loaded.
CVE-2019-12308 1 Djangoproject 1 Django 2024-11-21 N/A
An issue was discovered in Django 1.11 before 1.11.21, 2.1 before 2.1.9, and 2.2 before 2.2.2. The clickable Current URL value displayed by the AdminURLFieldWidget displays the provided value without validating it as a safe URL. Thus, an unvalidated value stored in the database, or a value provided as a URL query parameter payload, could result in an clickable JavaScript link.
CVE-2019-12303 1 Suse 1 Rancher 2024-11-21 N/A
In Rancher 2 through 2.2.3, Project owners can inject additional fluentd configuration to read files or execute arbitrary commands inside the fluentd container.
CVE-2019-12299 1 Sandline 1 Centraleyezer 2024-11-21 6.1 Medium
Sandline Centraleyezer (On Premises) allows Stored XSS using HTML entities in the name field of the Category section.
CVE-2019-12298 1 Leanify Project 1 Leanify 2024-11-21 N/A
Leanify 0.4.3 allows remote attackers to trigger an out-of-bounds write (1024 bytes) via a modified input file.
CVE-2019-12272 1 Openwrt 1 Luci 2024-11-21 N/A
In OpenWrt LuCI through 0.10, the endpoints admin/status/realtime/bandwidth_status and admin/status/realtime/wireless_status of the web application are affected by a command injection vulnerability.
CVE-2019-12270 2 Microsoft, Opentext 2 Windows, Brava\! 2024-11-21 N/A
OpenText Brava! Enterprise and Brava! Server 7.5 through 16.4 configure excessive permissions by default on Windows. During installation, a displaylistcache file share is created on the Windows server with full read and write permissions for the Everyone group at both the NTFS and Share levels. The share is used to retrieve documents for processing, and to store processed documents for display in the browser. The only required share level access is read/write by the JobProcessor service account. At the local filesystem level, the only additional required permissions would be read/write from the servlet engine, such as Tomcat. (The affected server components are not installed with Content Server by default, and must be installed separately.) NOTE: the vendor's position is that customers are not supposed to use this default setting without consulting the documentation.
CVE-2019-12266 1 Wyze 6 Cam Pan V2, Cam Pan V2 Firmware, Cam V2 and 3 more 2024-11-21 7.6 High
Stack-based Buffer Overflow vulnerability in Wyze Cam Pan v2, Cam v2, Cam v3 allows an attacker to run arbitrary code on the affected device. This issue affects: Wyze Cam Pan v2 versions prior to 4.49.1.47. Wyze Cam v2 versions prior to 4.9.8.1002. Wyze Cam v3 versions prior to 4.36.8.32.
CVE-2019-12263 5 Belden, Netapp, Siemens and 2 more 50 Garrettcom Magnum Dx940e, Garrettcom Magnum Dx940e Firmware, Hirschmann Dragon Mach4000 and 47 more 2024-11-21 8.1 High
Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition.
CVE-2019-12250 1 Identityserver 1 Identityserver4 2024-11-21 N/A
IdentityServer IdentityServer4 through 2.4 has stored XSS via the httpContext to the host/Extensions/RequestLoggerMiddleware.cs LogForErrorContext method, which can be triggered by viewing a log. NOTE: the software maintainer disputes that this is a vulnerability because the request logger is not part of IdentityServer but only our development test host
CVE-2019-12245 1 Silverstripe 1 Silverstripe 2024-11-21 5.3 Medium
SilverStripe through 4.3.3 has incorrect access control for protected files uploaded via Upload::loadIntoFile(). An attacker may be able to guess a filename in silverstripe/assets via the AssetControlExtension.
CVE-2019-12221 5 Canonical, Debian, Fedoraproject and 2 more 7 Ubuntu Linux, Debian Linux, Fedora and 4 more 2024-11-21 6.5 Medium
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a SEGV in the SDL function SDL_free_REAL at stdlib/SDL_malloc.c.
CVE-2019-12216 4 Canonical, Debian, Fedoraproject and 1 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2024-11-21 6.5 Medium
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a heap-based buffer overflow in the SDL2_image function IMG_LoadPCX_RW at IMG_pcx.c.
CVE-2019-12211 2 Canonical, Freeimage Project 2 Ubuntu Linux, Freeimage 2024-11-21 7.5 High
When FreeImage 3.18.0 reads a tiff file, it will be handed to the Load function of the PluginTIFF.cpp file, but a memcpy occurs in which the destination address and the size of the copied data are not considered, resulting in a heap overflow.
CVE-2019-12208 1 F5 1 Njs 2024-11-21 N/A
njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in njs_function_native_call in njs/njs_function.c.