Export limit exceeded: 74969 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (74969 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-19895 | 1 Ixpdata | 1 Easyinstall | 2024-11-21 | 7.8 High |
| In IXP EasyInstall 6.2.13723, there is Lateral Movement (using the Agent Service) against other users on a client system. An authenticated attacker can, by modifying %SYSTEMDRIVE%\IXP\SW\[PACKAGE_CODE]\EveryLogon.bat, achieve this movement and execute code in the context of other users. | ||||
| CVE-2019-19893 | 1 Ixpdata | 1 Easyinstall | 2024-11-21 | 7.5 High |
| In IXP EasyInstall 6.2.13723, there is Directory Traversal on TCP port 8000 via the Engine Service by an unauthenticated attacker, who can access the server's filesystem with the access rights of NT AUTHORITY\SYSTEM. | ||||
| CVE-2019-19890 | 1 Humaxdigital | 2 Hgb10r-02, Hgb10r-02 Firmware | 2024-11-21 | 7.5 High |
| An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160817_1855 devices. Admin credentials are sent over cleartext HTTP. | ||||
| CVE-2019-19889 | 1 Humaxdigital | 2 Hgb10r-02, Hgb10r-02 Firmware | 2024-11-21 | 7.5 High |
| An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160817_1855 devices. The attacker can discover admin credentials in the backup file, aka backupsettings.conf. | ||||
| CVE-2019-19882 | 1 Shadow Project | 1 Shadow | 2024-11-21 | 7.8 High |
| shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8). | ||||
| CVE-2019-19880 | 8 Debian, Netapp, Opensuse and 5 more | 13 Debian Linux, Cloud Backup, Backports Sle and 10 more | 2024-11-21 | 7.5 High |
| exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled. | ||||
| CVE-2019-19879 | 1 Hashicorp | 1 Sentinel | 2024-11-21 | 7.5 High |
| HashiCorp Sentinel up to 0.10.1 incorrectly parsed negation in certain policy expressions. Fixed in 0.10.2. | ||||
| CVE-2019-19878 | 1 Br-automation | 1 Industrial Automation Aprol | 2024-11-21 | 7.5 High |
| An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. An attacker can get access to historical data from AprolSqlServer by bypassing authentication, a different vulnerability than CVE-2019-16358. | ||||
| CVE-2019-19873 | 1 Br-automation | 1 Industrial Automation Aprol | 2024-11-21 | 7.5 High |
| An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. An attacker can get information from the AprolSqlServer DBMS by bypassing authentication, a different vulnerability than CVE-2019-16356 and CVE-2019-9983. | ||||
| CVE-2019-19869 | 1 Br-automation | 1 Industrial Automation Aprol | 2024-11-21 | 7.5 High |
| An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. PVs could be changed (unencrypted) by using the IosHttp service and the JSON interface. | ||||
| CVE-2019-19866 | 1 Atos | 1 Unify Openscape Uc Web Client | 2024-11-21 | 7.5 High |
| Atos Unify OpenScape UC Web Client V9 before version V9 R4.31.0 and V10 before version V10 R0.6.0 allows remote attackers to obtain sensitive information. By iterating the value of conferenceId to getMailFunction in the JSON API, one can enumerate all conferences scheduled on the platform, with their numbers and access PINs. | ||||
| CVE-2019-19854 | 1 Serpico Project | 1 Serpico | 2024-11-21 | 8.8 High |
| An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. It does not use CSRF Tokens to mitigate against CSRF; it uses the Origin header (which must match the request origin). This is problematic in conjunction with XSS: one can escalate privileges from User level to Administrator. | ||||
| CVE-2019-19850 | 1 Typo3 | 1 Typo3 | 2024-11-21 | 7.2 High |
| An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. Because escaping of user-submitted content is mishandled, the class QueryGenerator is vulnerable to SQL injection. Exploitation requires having the system extension ext:lowlevel installed, and a valid backend user who has administrator privileges. | ||||
| CVE-2019-19849 | 1 Typo3 | 1 Typo3 | 2024-11-21 | 8.8 High |
| An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. It has been discovered that the classes QueryGenerator and QueryView are vulnerable to insecure deserialization. One exploitable scenario requires having the system extension ext:lowlevel (Backend Module: DB Check) installed, with a valid backend user who has administrator privileges. The other exploitable scenario requires having the system extension ext:sys_action installed, with a valid backend user who has limited privileges. | ||||
| CVE-2019-19848 | 1 Typo3 | 1 Typo3 | 2024-11-21 | 7.2 High |
| An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. It has been discovered that the extraction of manually uploaded ZIP archives in Extension Manager is vulnerable to directory traversal. Admin privileges are required in order to exploit this vulnerability. (In v9 LTS and later, System Maintainer privileges are also required.) | ||||
| CVE-2019-19847 | 1 Libspiro Project | 1 Libspiro | 2024-11-21 | 8.1 High |
| Libspiro through 20190731 has a stack-based buffer overflow in the spiro_to_bpath0() function in spiro.c. | ||||
| CVE-2019-19835 | 1 Ruckuswireless | 17 C110, E510, H320 and 14 more | 2024-11-21 | 7.5 High |
| SSRF in AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote denial of service via the server attribute to the tools/_rcmdstat.jsp URI. | ||||
| CVE-2019-19834 | 1 Ruckuswireless | 17 C110, E510, H320 and 14 more | 2024-11-21 | 7.2 High |
| Directory Traversal in ruckus_cli2 in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote attacker to jailbreak the CLI via enable->debug->script->exec with ../../../bin/sh as the parameter. | ||||
| CVE-2019-19832 | 1 Xerox | 2 Altalink C8035, Altalink C8035 Firmware | 2024-11-21 | 8.8 High |
| Xerox AltaLink C8035 printers allow CSRF. A request to add users is made in the Device User Database form field to the xerox.set URI. (The frmUserName value must have a unique name.) | ||||
| CVE-2019-19824 | 1 Totolink | 17 A3002ru, A3002ru Firmware, A702r and 14 more | 2024-11-21 | 8.8 High |
| On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI (syscmd.htm) is not available. This allows for full control over the device's internals. This affects A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, N100RE through 3.4.0, and N302RE 2.0.2. | ||||