Description of the security update for SharePoint Foundation 2013: July 9, 2019
Description of the security update for SharePoint Foundation 2013: July 9, 2019 Summary This security update resolves an Authentication Bypass vulnerability that allows SAML tokens to be signed by using arbitrary symmetric keys in Windows Communication Foundation (WCF) and Windows Identity...
8.3AI Score
0.002EPSS
Magento 2.1.x < 2.1.18, 2.2.x < 2.2.9, 2.3.x < 2.3.2 Multiple Vulnerabilities (Jun 2019)
Magento is prone to multiple vulnerabilities, including remote code execution (RCE), cross-site scripting (XSS) and others. See the referenced advisories for further details on each specific...
9.8CVSS
7.1AI Score
0.099EPSS
espace-client.covage.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-880262 Security Researcher Implosion Helped patch 1643 vulnerabilities Received 7 Coordinated Disclosure badges Received 29 recommendations , a holder of 7 badges for responsible and coordinated disclosure, found a security vulnerability affecting espace-client.covage.com...
-0.1AI Score
7.5CVSS
7.2AI Score
0.001EPSS
Description of the security update for SharePoint Foundation 2013: June 11, 2019
Description of the security update for SharePoint Foundation 2013: June 11, 2019 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...
7.3AI Score
0.014EPSS
Security Advisory - Remote Code Execution Vulnerability in Some Microsoft Windows Systems
Microsoft released a security advisory to disclose a remote code execution vulnerability in Remote Desktop Services. An unauthenticated attacker connects to the target system using RDP and sends specially crafted requests to exploit the vulnerability. Successful exploit may cause arbitrary code...
9.8CVSS
2AI Score
0.975EPSS
0.2AI Score
0.001EPSS
Huawei eSpace 1.1.11.103 - ContactsCtrl.dll eSpaceStatusCtrl.dll ActiveX Heap Overflow
Huawei eSpace 1.1.11.103 - ContactsCtrl.dll eSpaceStatusCtrl.dll ActiveX Heap...
0.5AI Score
0.001EPSS
Huawei eSpace 1.1.11.103 - Image File Format Handling Buffer Overflow
Huawei eSpace 1.1.11.103 - Image File Format Handling Buffer...
0.7AI Score
0.001EPSS
6.7AI Score
EPSS
6.7AI Score
EPSS
Huawei eSpace Meeting 1.1.11.103 - cenwpoll.dll SEH Buffer Overflow (Unicode)
Huawei eSpace Meeting 1.1.11.103 - cenwpoll.dll SEH Buffer Overflow...
0.5AI Score
0.0004EPSS
6.7AI Score
EPSS
Huawei eSpace Meeting 1.1.11.103 - 'cenwpoll.dll' SEH Buffer Overflow (Unicode)
...
6.7AI Score
EPSS
Huawei eSpace 1.1.11.103 - DLL Hijacking Exploit
Exploit for windows platform in category local...
0.5AI Score
0.001EPSS
6.6AI Score
0.001EPSS
Huawei eSpace 1.1.11.103 - (ContactsCtrl.dll) / (eSpaceStatusCtrl.dll) ActiveX Heap Overflow Exploit
...
6.6AI Score
0.001EPSS
6.6AI Score
0.0004EPSS
0.7AI Score
0.001EPSS
1AI Score
0.0004EPSS
0.2AI Score
0.001EPSS
Description of the security update for SharePoint Foundation 2013: May 14, 2019
Description of the security update for SharePoint Foundation 2013: May 14, 2019 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...
7AI Score
0.015EPSS
EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1536)
According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : The offset2lib patch as used in the Linux Kernel contains a vulnerability that allows a PIE binary to be ...
0.4AI Score
0.009EPSS
EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1474)
According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel before 4.5.5 does not...
0.9AI Score
0.036EPSS
EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1496)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to...
0.6AI Score
0.736EPSS
Advanced Woo Search <= 1.68 - CSRF & XSS
CSRF leading to XSS Sanitisation against XSS added in 1.70, however no CSRF checks are...
1.6AI Score
Description of the security update for SharePoint Foundation 2013: April 9, 2019
Description of the security update for SharePoint Foundation 2013: April 9, 2019 Summary This security update resolves a cross-site–scripting (XSS) vulnerability that exists when Microsoft SharePoint Server does not correctly sanitize a specially crafted web request that's made to an affected...
5.6AI Score
0.001EPSS
F5 Networks BIG-IP : BIG-IP HSB vulnerability (K26455071)
Under certain conditions, hardware systems with a High-Speed Bridge (HSB) using non-default Layer 2 forwarding configurations may experience a lockup of the HSB. (CVE-2019-6604) This vulnerability occurs when all of the following conditions are met : A VLAN group is configured. The...
6.8CVSS
6.7AI Score
0.001EPSS
K26455071 : BIG-IP HSB vulnerability CVE-2019-6604
Security Advisory Description Under certain conditions, hardware systems with a High-Speed Bridge (HSB) using non-default Layer 2 forwarding configurations may experience a lockup of the HSB. (CVE-2019-6604) This vulnerability occurs when all of the following conditions are met: A VLAN group is...
6.8CVSS
6.5AI Score
0.001EPSS
Description of the security update for SharePoint Foundation 2013: March 12, 2019
Description of the security update for SharePoint Foundation 2013: March 12, 2019 Summary This security update resolves a cross-site-scripting (XSS) vulnerability if Microsoft SharePoint Server does not correctly sanitize a specially crafted web request to an affected SharePoint server. To learn...
5.7AI Score
0.001EPSS
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes:...
7.4AI Score
0.002EPSS
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes:...
6.6AI Score
0.002EPSS
0.002EPSS
The backdoor account dnsekakf2$$ in /bin/login on DASAN H665 devices with firmware 1.46p1-0028 allows an attacker to login to the admin account via...
9.8CVSS
9.3AI Score
0.003EPSS
The backdoor account dnsekakf2$$ in /bin/login on DASAN H665 devices with firmware 1.46p1-0028 allows an attacker to login to the admin account via...
9.8CVSS
9.4AI Score
0.003EPSS
Description of the security update for SharePoint Foundation 2013: February 12, 2019
Description of the security update for SharePoint Foundation 2013: February 12, 2019 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see...
9AI Score
0.974EPSS
Summary IBM Dynamic System Analysis (DSA) Preboot has addressed the following vulnerabilities in X.Org libXrender. Vulnerability Details Summary IBM Dynamic System Analysis (DSA) Preboot has addressed the following vulnerabilities in X.Org libXrender. Vulnerability Details CVEID: CVE-2016-7949...
9.8CVSS
0.6AI Score
0.014EPSS
Linux kernel is vulnerable to privilege escalation. A flaw was found in the Linux kernel's implementation of seq_file where a local attacker could manipulate memory in the put() function pointer. This could lead to memory corruption and possible privilege...
7.8CVSS
7.2AI Score
0.001EPSS
Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2016-104)
According to the versions of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : Stack overflow via ecryptfs and /proc/$pid/environ. It was found that stacking a file system over...
7.8CVSS
8.1AI Score
0.001EPSS
Description of the security update for SharePoint Foundation 2013: January 8, 2019
Description of the security update for SharePoint Foundation 2013: January 8, 2019 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see...
6.4AI Score
0.001EPSS
Microsoft ChakraCore is vulnerable to remote code execution. This is due to how the scripting engine handles objects in memory, allowing a remote attacker to execute arbitrary code in the context of the authenticated user. This CVE ID is different from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229,.....
7.5CVSS
7.6AI Score
0.203EPSS
ATool 1.0.0.22 Stack Buffer Overflow Vulnerability
Exploit for windows platform in category local...
AI Score
0.0004EPSS
Node.js is vulnerable to HTTP request smuggling. Improper parsing of the path option of an HTTP request allows for a remote attacker to smuggle an HTTP request using Unicode data within the HTTP request, potentially bypassing existing access...
7.5CVSS
7AI Score
0.001EPSS
There is a short key vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept and decrypt the call information when the user enables SRTP to make a call. Successful exploitation may cause sensitive information...
5.9CVSS
6.1AI Score
0.002EPSS
There is an anonymous TLS cipher suites supported vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to hijack the connection from a client when the user signs up to log in by TLS. Due to insufficient authentication, which may be exploited....
7.4CVSS
7.3AI Score
0.002EPSS
There is an anonymous TLS cipher suites supported vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to hijack the connection from a client when the user signs up to log in by TLS. Due to insufficient authentication, which may be exploited....
7.4CVSS
7.3AI Score
0.002EPSS
There is a SRTP icon display vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept the packets in non-secure transmission mode. Successful exploitation may intercept and tamper with the call information, eventually cause...
7.4CVSS
7.2AI Score
0.002EPSS
There is a SRTP icon display vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept the packets in non-secure transmission mode. Successful exploitation may intercept and tamper with the call information, eventually cause...
7.4CVSS
7.2AI Score
0.002EPSS
There is an anonymous TLS cipher suites supported vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to hijack the connection from a client when the user signs up to log in by TLS. Due to insufficient authentication, which may be exploited....
7.4CVSS
7.3AI Score
0.002EPSS
There is a SRTP icon display vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept the packets in non-secure transmission mode. Successful exploitation may intercept and tamper with the call information, eventually cause...
7.4CVSS
7.3AI Score
0.002EPSS