CVE-2026-20419

In wlan AP/STA firmware, there is a possible system becoming irresponsive due to an uncaught exception. This could lead to remote proximal/adjacent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00461663 /...

CVE-2022-20419

In setOptions of ActivityRecord.java, there is a possible load any arbitrary Java code into launcher process due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

Cisco Smart Software Manager On-Prem 8-202206 - Account Takeover

Exploit Title: Cisco Smart Software Manager On-Prem 8-202206 - Account Takeover Google Dork: N/A Date: 21/07/2024 Exploit Author: Mohammed Adel Vendor Homepage: https://www.cisco.com Software Link:...

📄 Cisco Smart Software Manager On-Prem 8-202206 Account Takeover

Cisco Smart Software Manager On-Prem versions 8-202206 and below account takeover proof of concept exploit. Exploit Title: Cisco SSM On-Prem; Account Takeover CVE-2024-20419 Google Dork: N/A Date: 21/07/2024 Exploit Author: Mohammed Adel Vendor Homepage: https://www.cisco.com Software Link:...

Cisco Smart Software Manager (SSM) On-Prem Account Takeover (CVE-2024-20419)

This module exploits an improper access control vulnerability in Cisco Smart Software Manager SSM On-Prem use auxiliary/admin/http/ciscossmonpremaccount msf auxiliaryciscossmonpremaccount show actions ...actions... msf auxiliaryciscossmonpremaccount set ACTION msf auxiliaryciscossmonpremaccount...

Cisco Smart Software Manager On-Prem Password Change Vulnerability (CVE-2024-20419) (Direct Check)

Binary data ciscossmCVE-2024-20419.nbin...

Cisco Warns of Critical Flaw Affecting On-Prem Smart Software Manager

Cisco has released patches to address a maximum-severity security flaw impacting Smart Software Manager On-Prem Cisco SSM On-Prem that could enable a remote, unauthenticated attacker to change the password of any users, including those belonging to administrative users. The vulnerability, tracked...

CVE-2024-20419

creationtimestamp| type| source ---|---|--- 2024-07-17 19:53:44+00:00| seen| https://t.me/cvedetector/1103 2024-07-18 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1335 2024-07-18 08:53:32+00:00| seen| https://t.me/KomunitiSiber/2265 2024-07-18 10:13:21+00:00|...

CVE-2022-20419

In setOptions of ActivityRecord.java, there is a possible load any arbitrary Java code into launcher process due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2022-20419

In setOptions of ActivityRecord.java, there is a possible load any arbitrary Java code into launcher process due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2022-20419

In setOptions of ActivityRecord.java, there is a possible load any arbitrary Java code into launcher process due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2022-20419

CVE-2022-20419 (Android 12L–13) arises from a logic error in ActivityRecord.java setOptions that can load arbitrary Java code into the launcher process, enabling local escalation of privilege without extra execution privileges. Affected Products/Versions: Android-12L and Android-13 per the publis...

CVE-2021-20419

IBM Security Guardium 11.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 196280...

CVE-2021-20419

CVE-2021-20419 affects IBM Security Guardium 11.2. The described issue is weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information (CVE-2021-20419; IBM X-Force ID 196280). Affected products/versions include Guardium 11.2; IBM lists multipl...

CVE-2019-20419

creationtimestamp| type| source ---|---|--- 2020-07-03 07:55:05+00:00| seen| https://t.me/cibsecurity/13234...

CVE-2019-20419

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to execute arbitrary code via a DLL hijacking vulnerability in Tomcat. The affected versions are before version 8.5.5, and from version 8.6.0 before 8.7.2...

CVE-2019-20419

CVE-2019-20419 affects Atlassian Jira Server and Data Center, where a DLL hijacking flaw in Tomcat allows remote attackers to execute arbitrary code. Affected versions are Jira Server/Data Center before 8.5.5 and from 8.6.0 before 8.7.2. Fixed versions are 8.5.5, 8.7.2, and 8.8.0. This entry is s...

DLL hijacking in Jira Server & JSD via Tomcat - CVE-2019-20419

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to execute arbitrary code via a DLL hijacking vulnerability in Tomcat. Affected versions: version 8.5.5 8.6.0 ≤ version 8.7.2 Fixed versions: 8.5.5 8.7.2 8.8.0...

CVE-2018-20419

DouCo DouPHP 1.5 has upload/admin/manager.php?rec=insert CSRF to add an administrator account...

CVE-2018-20419

CVE-2018-20419 affects DouCo DouPHP 1.5. The flaw arises from a CSRF in the upload/admin/manager.php?rec=insert endpoint, which can be used to incrementally add an administrator account. According to the NVD entry, the vulnerability has a CMS-level impact across confidentiality, integrity, and av...