An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via ResourcesAttachments.jsp with the parameter pageName. Date published : 2019-07-11 http://www.securityfocus.com/bid/109364 https://github.com/tarantula-team/Multiple-Cross-Site-Scripting-vulnerabilities-in-Zoho-ManageEngine
An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via SoftwareListView.do with the parameter swType or swComplianceType. Date published : 2019-07-11 http://www.securityfocus.com/bid/109364 https://github.com/tarantula-team/Multiple-Cross-Site-Scripting-vulnerabilities-in-Zoho-ManageEngine
An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via the RCSettings.do rdsName parameter. Date published : 2019-07-11 http://www.securityfocus.com/bid/109364 https://github.com/tarantula-team/Multiple-Cross-Site-Scripting-vulnerabilities-in-Zoho-ManageEngine
A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux and macOS could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The PIA Linux/macOS...
A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The openvpn_launcher.64 binary is setuid...
A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for macOS could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The macOS binary openvpn_launcher.64 is...
A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for macOS could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The openvpn_launcher binary is setuid...
A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The root_runner.64 binary is setuid...
A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v1.0 for Windows could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The PIA client is vulnerable...
A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux and macOS could allow an authenticated, local attacker to overwrite arbitrary files. The openvpn_launcher binary is setuid root....
A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v0.9.8 beta (build 02099) for macOS could allow an authenticated, local attacker to overwrite arbitrary files. When the client initiates a...
An issue was discovered in Zoho ManageEngine ServiceDesk Plus 10.5. There is XSS via the WorkOrder.do search field. Date published : 2019-07-11 https://github.com/tarantula-team/Multiple-Cross-Site-Scripting-vulnerabilities-in-Zoho-ManageEngine https://www.manageengine.com/products/service-desk/readme.html
An issue was discovered in the Purchase component of Zoho ManageEngine ServiceDesk Plus. There is XSS via the SearchN.do search field, a different vulnerability than CVE-2019-12189. Date published : 2019-07-11 https://github.com/tarantula-team/Multiple-Cross-Site-Scripting-vulnerabilities-in-Zoho-ManageEngine https://www.manageengine.com/products/service-desk/readme.html
An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via the SearchN.do search field. Date published : 2019-07-11 http://www.securityfocus.com/bid/109364 https://github.com/tarantula-team/Multiple-Cross-Site-Scripting-vulnerabilities-in-Zoho-ManageEngine