CVE-2019-12172

Typora 0.9.9.21.1 (1913) allows arbitrary code execution via a modified file: URL syntax in the HREF attribute of an AREA element, as demonstrated by file:\ on macOS or Linux, or file://C| on Windows. This is different from CVE-2019-12137.

Source: CVE-2019-12172

CVE-2019-12170

ATutor through 2.2.4 is vulnerable to arbitrary file uploads via the mods/_core/backups/upload.php (aka backup) component. This may result in remote command execution. An attacker can use the instructor account to fully compromise the system using a crafted backup ZIP archive. This will allow for PHP files to be written to the web root, and for code to execute on the remote server.

Source: CVE-2019-12170

CVE-2019-12168

Four-Faith Wireless Mobile Router F3x24 v1.0 devices allow remote code execution via the Command Shell (aka Administration > Commands) screen.

Source: CVE-2019-12168

CVE-2019-11644

In the F-Secure installer in F-Secure SAFE for Windows before 17.6, F-Secure Internet Security before 17.6, F-Secure Anti-Virus before 17.6, F-Secure Client Security Standard and Premium before 14.10, F-Secure PSB Workstation Security before 12.01, and F-Secure Computer Protection Standard and Premium before 19.3, a local user can escalate their privileges through a DLL hijacking attack against the installer. The installer writes the file rm.exe to C:WindowsTemp and then executes it. The rm.exe process then attempts to load several DLLs from its current directory. Non-admin users are able to write to this folder, so an attacker can create a malicious C:WindowsTempOLEACC.dll file. When an admin runs the installer, rm.exe will execute the attacker’s DLL in an elevated security context.

Source: CVE-2019-11644

CVE-2019-12163

GAT-Ship Web Module through 1.30 allows remote attackers to obtain potentially sensitive information via {} in a ws/gatshipWs.asmx/SqlVersion request.

Source: CVE-2019-12163

CVE-2019-8339

An issue was discovered in Sysdig through 0.24.2, as used in Falco through 0.14.0 and other products. A bypass allows local users to run malicious code without being detected because record_event_consumer in driver/main.c in sysdig-probe.ko (and falco-probe.ko) mishandles a free space calculation.

Source: CVE-2019-8339

CVE-2019-12161

WPO WebPageTest 19.04 allows SSRF because ValidateURL in www/runtest.php does not consider octal encoding of IP addresses (such as 0300.0250 as a replacement for 192.168).

Source: CVE-2019-12161

CVE-2019-12160

GoHTTP through 2017-07-25 has a sendHeader use-after-free.

Source: CVE-2019-12160

CVE-2019-12158

GoHTTP through 2017-07-25 has a GetExtension heap-based buffer overflow via a long extension.

Source: CVE-2019-12158

CVE-2019-12159

GoHTTP through 2017-07-25 has a stack-based buffer over-read in the scan function (when called from getRequestType) via a long URL.

Source: CVE-2019-12159