13 matches found
CVE-2019-18857
darylldoyle svg-sanitizer before 0.12.0 mishandles script and data values in attributes, as demonstrated by unexpected whitespace such as in the javascript :alert substring...
CVE-2019-18857
creationtimestamp| type| source ---|---|--- 2024-02-11 10:32:02+00:00| seen| https://t.me/ctinow/182741...
CVE-2017-18857
The CVE-2017-18857 issue affects the NETGEAR Insight mobile app for Android and iOS prior to version 2.42, caused by password mismanagement in the app. The vulnerability is documented with a high to critical impact (CVSS v3.1: 9.8, CRITICAL; CVSS v2: 7.5, HIGH). Affected product: NETGEAR Insight ...
CVE-2019-18857
darylldoyle svg-sanitizer before 0.12.0 mishandles script and data values in attributes, as demonstrated by unexpected whitespace such as in the javascript:alert substring...
CVE-2019-18857
darylldoyle svg-sanitizer before 0.12.0 mishandles script and data values in attributes, as demonstrated by unexpected whitespace such as in the javascript:alert substring...
CVE-2019-18857
darylldoyle svg-sanitizer before 0.12.0 mishandles script and data values in attributes, as demonstrated by unexpected whitespace such as in the javascript:alert substring...
CVE-2019-18857
The CVE refers to darylldoyle svg-sanitizer before 0.12.0, where the parser mishandles script and data values in attributes, evidenced by unusual whitespace such as javascript :alert. This vulnerability is documented across multiple feeds (NVD, Red Hat, GHSA, OSV, etc.) and is associated with cro...
CVE-2018-18857
Multiple local privilege escalation vulnerabilities have been identified in the LiquidVPN client through 1.37 for macOS. An attacker can communicate with an unprotected XPC service and directly execute arbitrary OS commands as root or load a potentially malicious kernel extension because...
CVE-2018-18857
The CVE-2018-18857 entry concerns the LiquidVPN for macOS client (through 1.37). Affected component: com.smr.liquidvpn.OVPNHelper, which uses the system function to execute the value of the shell command from the parameter command_line, enabling a local attacker to interact with an unprotected XP...
CVE-2018-18857
creationtimestamp| type| source ---|---|--- 2018-11-05 19:28:06+00:00| seen| MISP/5be09957-176c-49db-a5c9-07f70a021402...
LiquidVPN 1.36 1.37 - Privilege Escalation
LiquidVPN 1.36 1.37 - Privilege Escalation / ======================================================================= Title: Multiple Privilege Escalation Vulnerabilities Product: LiquidVPN for MacOS Vulnerable versions: 1.37, 1.36 and earlier CVE IDs: CVE-2018-18856, CVE-2018-18857, CVE-2018-1885...
LiquidVPN 1.36 / 1.37 - Privilege Escalation
/ ======================================================================= Title: Multiple Privilege Escalation Vulnerabilities Product: LiquidVPN for MacOS Vulnerable versions: 1.37, 1.36 and earlier CVE IDs: CVE-2018-18856, CVE-2018-18857, CVE-2018-18858, CVE-2018-18859 Impact: Critical Homepage...
LiquidVPN For macOS 1.3.7 Privilege Escalation
======================================================================= Title: Multiple Privilege Escalation Vulnerabilities Product: LiquidVPN for MacOS Vulnerable versions: 1.37, 1.36 and earlier CVE IDs: CVE-2018-18856, CVE-2018-18857, CVE-2018-18858, CVE-2018-18859 Impact: Critical Homepage:...