CVE-2019-12761
A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDG_CONFIG_DIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in xdg/Menu.py before an eval call.
Source: CVE-2019-12761
CVE-2018-9839
An issue was discovered in MantisBT through 1.3.14, and 2.0.0. Using a crafted request on bug_report_page.php (modifying the ‘m_id’ parameter), any user with REPORTER access or above is able to view any private issue’s details (summary, description, steps to reproduce, additional information) when cloning it. By checking the ‘Copy issue notes’ and ‘Copy attachments’ checkboxes and completing the clone operation, this data also becomes public (except private notes).
Source: CVE-2018-9839
CVE-2019-6989
TP-Link TL-WR940N is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the ipAddrDispose function. By sending specially crafted ICMP echo request packets, a remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with elevated privileges.
Source: CVE-2019-6989
CVE-2019-9929
Northern.tech CFEngine Enterprise 3.12.1 has Insecure Permissions.
Source: CVE-2019-9929
CVE-2019-7215
Progress Sitefinity 10.1.6536 does not invalidate session cookies upon logouts. It instead tries to overwrite the cookie in the browser, but it remains valid on the server side. This means the cookie can be reused to maintain access to the account, even if the account credentials and permissions are changed.
Source: CVE-2019-7215
CVE-2019-12135
An unspecified vulnerability in the application server in PaperCut MF and NG versions 18.3.8 and earlier and versions 19.0.3 and earlier allows remote attackers to execute arbitrary code via an unspecified vector.
Source: CVE-2019-12135
CVE-2019-12291
HashiCorp Consul 1.4.0 through 1.5.0 has Incorrect Access Control. Keys not matching a specific ACL rule used for prefix matching in a policy can be deleted by a token using that policy even with default deny settings configured.
Source: CVE-2019-12291
CVE-2019-7554
An issue was discovered in PHP Scripts Mall API Based Travel Booking 3.4.7. There is Reflected XSS via the flight-results.php d2 parameter.
Source: CVE-2019-7554
CVE-2019-7311
An issue was discovered on Linksys WRT1900ACS 1.0.3.187766 devices. A lack of encryption in how the user login cookie (admin-auth) is stored on a victim’s computer results in the admin password being discoverable by a local attacker, and usable to gain administrative access to the victim’s router. The admin password is stored in base64 cleartext in an "admin-auth" cookie. An attacker sniffing the network at the time of login could acquire the router’s admin password. Alternatively, gaining physical access to the victim’s computer soon after an administrative login could result in compromise.
Source: CVE-2019-7311
CVE-2019-12303
In Rancher 2 through 2.2.3, Project owners can inject additional fluentd configuration to read files or execute arbitrary commands inside the fluentd container.
Source: CVE-2019-12303