CVE-2019-12629

A vulnerability in the WebUI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. The vulnerability is due to insufficient input validation of data parameters for certain fields in the affected solution. An attacker could exploit this vulnerability by configuring a malicious username on the login page of the affected solution. A successful exploit could allow the attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system.

Publication date: Sun, 26 Jan 2020 11:15:00 +0000

Cyber News related to CVE-2019-12629

CVE-2019-12629 - A vulnerability in the WebUI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. The vulnerability is due to insufficient input ...
4 years ago

CVE-2017-12629 - Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is ...
2 years ago

CVE-2020-12629 - include/class.sla.php in osTicket before 1.14.2 allows XSS via the SLA Name. ...
4 years ago

CVE-2021-25757 - In JetBrains Hub before 2020.1.12629, an open redirect was possible. ...
4 years ago

CVE-2021-25759 - In JetBrains Hub before 2020.1.12629, an authenticated user can delete 2FA settings of any other user. ...
2 years ago

CVE-2024-12629 - In Progress® Telerik® KendoReact versions v3.5.0 through v9.4.0, an attacker can introduce or modify properties within the global prototype chain which can result in denial of service or command injection. ...
1 day ago Tenable.com

CVE-2019-1015 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-1016 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-0977 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-1009, ...
5 years ago

CVE-2019-1013 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-1046 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-1050 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-1049 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-1048 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-1047 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-1010 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-1011 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-1012 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-1009 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-0968 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0977, CVE-2019-1009, ...
4 years ago

CVE-2019-18299 - A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This ...
2 years ago

CVE-2019-18298 - A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This ...
2 years ago

CVE-2019-18291 - A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This ...
2 years ago

CVE-2019-18292 - A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This ...
2 years ago

CVE-2019-18294 - A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This ...
2 years ago

Latest Cyber News

Roundtable: Is DOGE Flouting Cybersecurity for US Data? - 1 hour ago
How Public & Private Sectors Can Better Align Cyber Defense - 1 hour ago
Chinese APT 'Emperor Dragonfly' Moonlights With Ransomware - 1 hour ago
New Windows UI 0-Day Vulnerability Actively Exploited in the Wild - 3 hours ago
Dutch police say they took down 127 servers used by sanctioned hosting service | The Record from Recorded Future News - 4 hours ago
Burp AI - Burp Suite Now Integrate AI Powered Extension for Web Pentesting - 4 hours ago
Dutch Police seizes 127 XHost servers, dismantles bulletproof hoster - 5 hours ago
Threat Actors In Russia, China, and Iran Targeting Local Communities In The U.S - New Report - 5 hours ago
Hacker leaks account data of 12 million Zacks Investment users - 5 hours ago
APT43 Hackers Attacking Academic Institutions With Exposed Credentials - 6 hours ago
An Italian journalist speaks about being targeted with Paragon spyware | The Record from Recorded Future News - 7 hours ago
CVE-2025-25901 - 7 hours ago
CVE-2025-24904 - 7 hours ago
CVE-2025-25355 - 7 hours ago
CVE-2024-12011 - 7 hours ago
ANYRUN Safebrowsing Extension - Analyse Any Malicious URL for Free - 7 hours ago
CVE-2025-0426 - 8 hours ago
Munich Cyber Security and Security Conferences 2025 [Live Updates] | The Record from Recorded Future News - 8 hours ago
Chinese espionage tools deployed in RA World ransomware attack - 8 hours ago
CVE-2025-26580 - 9 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

Roundtable: Is DOGE Flouting Cybersecurity for US Data? - 1 hour ago
Chinese APT 'Emperor Dragonfly' Moonlights With Ransomware - 1 hour ago
New Windows UI 0-Day Vulnerability Actively Exploited in the Wild - 3 hours ago
Dutch police say they took down 127 servers used by sanctioned hosting service | The Record from Recorded Future News - 4 hours ago
Burp AI - Burp Suite Now Integrate AI Powered Extension for Web Pentesting - 4 hours ago
Dutch Police seizes 127 XHost servers, dismantles bulletproof hoster - 5 hours ago
Threat Actors In Russia, China, and Iran Targeting Local Communities In The U.S - New Report - 5 hours ago
Hacker leaks account data of 12 million Zacks Investment users - 5 hours ago
CVE-2025-0995 - 1 day ago
CVE-2025-0996 - 1 day ago
CVE-2025-0997 - 1 day ago
CVE-2025-0998 - 1 day ago
CVE-2025-24528 - 1 day ago
CVE-2024-11343 - 1 day ago
CVE-2024-12629 - 1 day ago
CVE-2024-9870 - 1 day ago
CVE-2025-0332 - 1 day ago
CVE-2025-0516 - 1 day ago
CVE-2025-1208 - 1 day ago
CVE-2025-25349 - 1 day ago