Vulmon Recent Vulnerabilities Trends Blog About Contact

cve-2019-19877 vulnerabilities and exploits

(subscribe to this query)

NA
CVE-2019-1950
A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, local attacker to gain unauthorized access to an affected device. The vulnerability is due to the existence of default credentials within the default configuration of an affected device. An attacker...
Cisco Ios Xe
NA
CVE-2019-19877
An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. An attacker can get access to sensitive information outside the working directory via Directory Traversal attacks against AprolSqlServer, a different vulnerability than CVE-2019-16357....
Br-automation Industrial Automation Aprol
445
VMScore
CVE-2014-10069
Hitron CVE-30360 devices use a 578A958E3DD933FC DES key that is shared across different customers' installations, which makes it easier for attackers to obtain sensitive information by decrypting a backup configuration file, as demonstrated by a password hash in the...
Hitrontech Cve-30360 Firmware 3.1.1.21
NA
CVE-2020-19877
DBHcms v1.2.0 has a directory traversal vulnerability as there is no directory control function in directory /dbhcms/. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information....
Dbhcms Project Dbhcms 1.2.0
383
VMScore
CVE-2018-19877
login.php in Adiscon LogAnalyzer before 4.1.7 has XSS via the Login Button Referer field....
Adiscon Loganalyzer
572
VMScore
CVE-2019-3859
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory....
Libssh2 Libssh2Fedoraproject Fedora 28Fedoraproject Fedora 29Debian Debian Linux 8.0Debian Debian Linux 9.0Netapp Ontap Select Deploy Administration Utility -Opensuse Leap 15.0Opensuse Leap 42.3
572
VMScore
CVE-2019-3858
An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory....
Libssh2 Libssh2Fedoraproject Fedora 29Debian Debian Linux 8.0Netapp Ontap Select Deploy Administration Utility -Opensuse Leap 15.0Opensuse Leap 42.3
572
VMScore
CVE-2019-3862
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client...
Libssh2 Libssh2Fedoraproject Fedora 29Debian Debian Linux 8.0Netapp Ontap Select Deploy Administration Utility -Opensuse Leap 42.3
831
VMScore
CVE-2019-3855
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the...
Libssh2 Libssh2Fedoraproject Fedora 28Fedoraproject Fedora 29Fedoraproject Fedora 30Debian Debian Linux 8.0Debian Debian Linux 9.0Netapp Ontap Select Deploy Administration Utility -Redhat Enterprise Linux 8.0Redhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux Server 7.0Redhat Enterprise Linux Server Aus 7.6Redhat Enterprise Linux Server Eus 7.6Redhat Enterprise Linux Server Tus 7.6Redhat Enterprise Linux Workstation 7.0Opensuse Leap 42.3Apple XcodeOracle Peoplesoft Enterprise Peopletools 8.56Oracle Peoplesoft Enterprise Peopletools 8.57
668
VMScore
CVE-2019-9020
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the function xmlrpc_decode() can lead to an invalid memory access (heap out of bounds read or read after free). This is related to xml_elem_parse_buf in...
Php PhpDebian Debian Linux 9.0Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 16.04Netapp Storage Automation Store -Opensuse Leap 42.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-6207CVE-2020-11143CVE-2021-3129CVE-2020-11138CVE-2020-11225man-in-the-middledeserializationfile uploadCVE-2020-26285