UBUNTU-CVE-2019-9187

ikiwiki before 3.20170111.1 and 3.2018x and 3.2019x before 3.20190228 allows SSRF via the aggregate plugin. The impact also includes reading local files via file: URIs...

CVE-2019-9187

ikiwiki before 3.20170111.1 and 3.2018x and 3.2019x before 3.20190228 allows SSRF via the aggregate plugin. The impact also includes reading local files via file: URIs...

KB4467708: Windows 10 Version 1809 and Windows Server 2019 November 2018 Security Update

The remote Windows host is missing security update 4467708. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass vulnerability exists in Microsoft JScript that could allow an attacker to bypass Device Guard. CVE-2018-8417 - A remote code execution vulnerability...

KB4467702: Windows 10 Version 1803 and Windows Server Version 1803 November 2018 Security Update

The remote Windows host is missing security update 4467702. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass vulnerability exists in Microsoft JScript that could allow an attacker to bypass Device Guard. CVE-2018-8417 - An elevation of privilege vulnerability...

CVE-2019-6457

An issue was discovered in GNU Recutils 1.8. There is a memory leak in recaggregateregnew in rec-aggregate.c in librec.a...

PT-2019-18100 · Gnu +3 · Gnu Recutils +3

Name of the Vulnerable Software and Affected Versions: GNU Recutils version 1.8 Description: A memory leak was found in the rec aggregate reg new function in rec-aggregate.c within librec.a. Recommendations: For GNU Recutils version 1.8, consider updating to a newer version that addresses the...

VulnCheck KEV: CVE-2017-0213

Microsoft Windows COM Aggregate Marshaler allows for privilege escalation when an attacker runs a specially crafted application...

Microsoft Windows COM Aggregate Marshaler Elevation of Privilege Vulnerability

Microsoft Windows Server 2019 and others are operating systems released by Microsoft Corporation USA.Windows COM Aggregate Marshaler is one of the components. An elevation of privilege vulnerability exists in Microsoft Windows COM Aggregate Marshaler. An attacker can exploit this vulnerability an...

CVE-2018-8550

An elevation of privilege exists in Windows COM Aggregate Marshaler, aka "Windows COM Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows...

CVE-2018-8550

An elevation of privilege exists in Windows COM Aggregate Marshaler, aka "Windows COM Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows...

CVE-2018-8550

CVE-2018-8550 is a local elevation-of-privilege flaw in Windows COM Aggregate Marshaler. The vulnerability allows an attacker with local access to run code with elevated privileges on affected Windows versions (Windows 7, Windows 8.1/10 family, and corresponding Server SKUs). Public references (e...

Microsoft Windows Multiple Vulnerabilities (KB4467697)

This host is missing a critical security update according to Microsoft KB4467697. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Windows COM Elevation of Privilege Vulnerability

An elevation of privilege exists in Windows COM Aggregate Marshaler. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability...

KB4467106: Windows 7 and Windows Server 2008 R2 November 2018 Security Update

The remote Windows host is missing security update 4467106 or cumulative update 4467107. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability...

CVE-2018-18530

ThinkPHP 5.1.25 has SQL Injection via the count parameter because the library/think/db/Query.php aggregate function mishandles the aggregate variable. NOTE: a backquote character is required in the attack URI...

Sql injection

ThinkPHP 5.1.25 has SQL Injection via the count parameter because the library/think/db/Query.php aggregate function mishandles the aggregate variable. NOTE: a backquote character is required in the attack URI...

Information Disclosure Vulnerability in Taiwan Tibbo Group AggreGate SCADA-HMI Industrial Software

AggreGate SCADA/HMI is a system for visualizing and operating processes, production flows, machines and equipment. It is a multi-user distributed solution that provides monitoring and surveillance for many industries. An information disclosure vulnerability exists in Taiwan Tibbo Group's AggreGat...

Cacti cross-site scripting vulnerability (CNVD-2017-26582)

Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool through snmpget to get the data , using RRDtool drawing graphs to analyze , and provide data and user management features . A cross-site scripting vulnerability exists in the...

DEBIAN-CVE-2017-12066

Cross-site scripting XSS vulnerability in aggregategraphs.php in Cacti before 1.1.16 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers, related to the $cancelurl variable. NOTE: this vulnerability exists because of an incomplete fi...

UBUNTU-CVE-2017-12066

Cross-site scripting XSS vulnerability in aggregategraphs.php in Cacti before 1.1.16 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers, related to the $cancelurl variable. NOTE: this vulnerability exists because of an incomplete fi...