Mcafee McAfee VirusScan Enterprise Permission License and Access Control Issues Vulnerability

Mcafee VirusScan Enterprise VSE is a suite of antivirus software from the American company Mcafee. The software provides a full range of security protection, scans memory for malicious code and optimizes updates for remote systems. A security vulnerability exists in McAfee VirusScan Enterprise 8....

CVE-2020-10608

In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in unauthorized...

Information disclosure

In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in unauthorized...

CVE-2020-10608

In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in unauthorized...

CVE-2020-10608

CVE-2020-10608 affects the OSIsoft PI System. A local attacker can plant a binary and bypass a code integrity check when loading PI System libraries, allowing privilege escalation and leading to unauthorized disclosure, deletion, or modification of local data. Red Hat and NVD entries corroborate ...

PT-2020-4638

Name of the Vulnerable Software and Affected Versions jQuery versions 1.2 through 3.5.0 Description The issue is related to the execution of untrusted code when passing HTML from untrusted sources to jQuery's DOM manipulation methods, such as .html, .append, and others, even after sanitizing the...

Security Bulletin: A Security Vulnerability Has Been Identified In IBM Security Secret Server (CVE-2019-4640)

Summary A security vulnerability identified on IBM Security Secret Server has been addressed in the release 10.7.000059. Vulnerability Details CVEID: CVE-2019-4640 DESCRIPTION: IBM Security Secret Server processes patches, image backups and other updates without sufficiently verifying the origin...

Improve cyber supply chain risk management with Microsoft Azure

For years, Microsoft has tracked threat actors exploiting federal cyber supply chain vulnerabilities. Supply chain attacks target software developers, systems integrators, and technology companies. Tactics often include obtaining source code, build processes, or update mechanisms to compromise...

CVE-2019-1344

An information disclosure vulnerability exists in the way that the Windows Code Integrity Module handles objects in memory, aka 'Windows Code Integrity Module Information Disclosure Vulnerability'...

CVE-2019-1344

An information disclosure vulnerability exists in the way that the Windows Code Integrity Module handles objects in memory, aka 'Windows Code Integrity Module Information Disclosure Vulnerability'...

Information disclosure

An information disclosure vulnerability exists in the way that the Windows Code Integrity Module handles objects in memory, aka 'Windows Code Integrity Module Information Disclosure Vulnerability'...

CVE-2019-1344

An information disclosure vulnerability exists in the way that the Windows Code Integrity Module handles objects in memory, aka 'Windows Code Integrity Module Information Disclosure Vulnerability'...

CVE-2019-1344

Technical details about CVE-2019-1344 are not publicly provided in the supplied documents. The Connected documents do not include affected products, root cause, impact, or fixes. Monitor for updates from official sources.

Windows Code Integrity Module Information Disclosure Vulnerability

An information disclosure vulnerability exists in the way that the Windows Code Integrity Module handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, an attacker would...

PT-2019-5507 · Red Hat · Openshift

Name of the Vulnerable Software and Affected Versions: OpenShift versions 4.1 up to 4.3 OpenShift builds affected versions not specified, but includes versions that extract source from a container image Description: The issue is related to a lack of code integrity verification, allowing for...

CVE-2019-10943

CVE-2019-10943 affects Siemens SIMATIC devices including Drive Controller family, ET 200SP Open Controller CPUs 1515SP PC/PC2, S7-1200 CPUs, S7-1500 CPUs and related software/S7-PLCSIM Advanced. Root cause: missing integrity check allows an attacker with network access to port 102/tcp to modify t...

Authorization Bypass

powershell is vulnerable to authorization bypass. The vulnerability exists in Windows which will allow the attacker to bypass device guard where an attacker could circumvent a user mode code integrity policy on the machine...

Windows Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard when Windows improperly handles calls to the LUAFV driver luafv.sys. An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity UMCI policy on...

August 30, 2018—KB4343893 (OS Build 16299.637)

August 30, 2018—KB4343893 OS Build 16299.637 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses an issue in Microsoft Foundation Class MFC applications that may cause applications t...

Windows Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity UMCI policy on the machine. To exploit the vulnerability, an attacker would first...