CVE-2019-11584

The MigratePriorityScheme resource in Jira before version 8.3.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the priority icon url of an issue priority...

CVE-2019-15505

drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic which may be remote via usbip or usbredir...

CVE-2019-9513

Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU...

CVE-2019-9513

Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU...

ALPINE-CVE-2019-9513

Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU...

DEBIAN-CVE-2019-9513

Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU...

ALPINE-CVE-2019-9511

Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority ...

Design/Logic Flaw

Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU...

Excessive CPU usage in HTTP/2 with priority changes

Excessive CPU usage in HTTP/2 with priority changes Severity: low CVE-2019-9513 Not vulnerable: 1.17.3+, 1.16.1+ Vulnerable: 1.9.5-1.17.2...

CVE-2019-9513

Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU...

CVE-2019-9513

Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU...

UBUNTU-CVE-2019-9511

Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority ...

CVE-2019-9511

Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority ...

UBUNTU-CVE-2019-9513

Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU...

PT-2019-3018

Name of the Vulnerable Software and Affected Versions HTTP/2 implementations affected versions not specified Description The issue is related to a denial of service vulnerability in some HTTP/2 implementations. An attacker can create multiple request streams and continually shuffle the priority o...

XSS in the MigratePriorityScheme resource - CVE-2019-11584

The MigratePriorityScheme resource in Jira before version 8.3.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the priority icon url of an issue priority...

XSS in the MigratePriorityScheme resource - CVE-2019-11584

The MigratePriorityScheme resource in Jira before version 8.3.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the priority icon url of an issue priority...

EulerOS 2.0 SP8 : haproxy (EulerOS-SA-2019-1650)

According to the versions of the haproxy package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests...

Investigating identity threats in hybrid cloud environments

As the modern workplace transforms, the identity attack surface area is growing exponentially, across on-premises and cloud, spanning a multitude of endpoints and applications. Security Operations SecOps teams are challenged to monitor user activities, suspicious or otherwise, across all dimensio...

Microsoft Windows - AppX Deployment Service Local Privilege Escalation (3)

Microsoft Windows - AppX Deployment Service Local Privilege Escalation 3 CVE-2019-0841 BYPASS 2 There is a second bypass for CVE-2019-0841. This can be triggered as following: Delete all files and subfolders within "c:\users%username%\appdata\local\packages\Microsoft.MicrosoftEdge8wekyb3d8bbwe"...