Microsoft Windows Multiple Vulnerabilities (KB4493470)

This host is missing a critical security update according to Microsoft KB4493470 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

CVE-2019-0838

An information disclosure vulnerability exists when Windows Task Scheduler improperly discloses credentials to Windows Credential Manager, aka 'Windows Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0839...

CVE-2019-0838

An information disclosure vulnerability exists when Windows Task Scheduler improperly discloses credentials to Windows Credential Manager, aka 'Windows Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0839...

Information disclosure

An information disclosure vulnerability exists when Windows Task Scheduler improperly discloses credentials to Windows Credential Manager, aka 'Windows Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0839...

CVE-2019-0838

An information disclosure vulnerability exists when Windows Task Scheduler improperly discloses credentials to Windows Credential Manager, aka 'Windows Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0839...

CVE-2019-0838

Technical details for CVE-2019-0838 are not publicly provided in the supplied documents; monitor for updates from official advisories.

Windows Information Disclosure Vulnerability

An information disclosure vulnerability exists when Windows Task Scheduler improperly discloses credentials to Windows Credential Manager. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. An attacker could then install...

Microsoft Windows Task Scheduler CVE-2019-0838 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Versi...

CVE-2019-7425

XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the task parameter...

Cross site scripting

XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the task parameter...

CVE-2018-17496

eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error while in kiosk mode. By visiting the kiosk and typing ctrl+shift+esc, an attacker could exploit this vulnerability to open the task manager to kill the process or launch new processes on the...

CVE-2018-17490

EasyLobby Solo is vulnerable to a denial of service. By visiting the kiosk and accessing the task manager, a local attacker could exploit this vulnerability to kill the process or launch new processes at will...

Design/Logic Flaw

eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error while in kiosk mode. By visiting the kiosk and typing ctrl+shift+esc, an attacker could exploit this vulnerability to open the task manager to kill the process or launch new processes on the...

Denial of service

EasyLobby Solo is vulnerable to a denial of service. By visiting the kiosk and accessing the task manager, a local attacker could exploit this vulnerability to kill the process or launch new processes at will...

HID Global EasyLobby Solo Access Control Error Vulnerability (CNVD-2019-12473)

HID Global EasyLobby Solo is a suite of Secure Visitor Management SVM software from HID Global, USA. A security vulnerability exists in HID Global EasyLobby Solo version 11.0.4563. A local attacker can exploit the vulnerability by accessing the self-service server and task manager to terminate...

eVisitorPass Elevation of Privilege Vulnerability

Threshold eVisitorPass is a visitor management system from Threshold Canada. A privilege-lifting vulnerability exists in Threshold eVisitorPass version 1.5.5.2. A local attacker could use this vulnerability to open the task manager, terminate processes, or start other processes...

CVE-2018-17496

eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error while in kiosk mode. By visiting the kiosk and typing ctrl+shift+esc, an attacker could exploit this vulnerability to open the task manager to kill the process or launch new processes on the...

CVE-2018-17496

CVE-2018-17496 affects the eVisitorPass kiosk application. The vulnerability stems from an error in kiosk mode that, when a user visits the kiosk and presses ctrl+shift+esc, allows opening the Task Manager to kill or launch processes, enabling local privilege escalation. The NVD description notes...

CapMon Access Manager Access Control Error Vulnerability (CNVD-2019-07542)

CapMon Access Manager is a set of access management software from CapMon Denmark. The software supports application whitelisting/blacklisting, audit logging, and more. An access control error vulnerability exists in the AccessManagerCoreService.exe and TaskTrayApplication.exe files in CapMon Acce...

Low: Red Hat Security Advisory: ansible security and bug fix update

An update for ansible is now available for Red Hat OpenStack Platform 14.0 Rocky. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...