Symantec Endpoint Detection and Response CVE-2019-19547 Cross Site Scripting Vulnerability

Description Symantec Endpoint Detection and Response is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affect...

oVirt Engine CVE-2019-19336 Cross Site Scripting Vulnerability

Description oVirt Engine is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the...

Cisco Emergency Responder CVE-2019-16025 HTML Injection Vulnerability

Description Cisco Emergency Responder is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to...

Multiple Dell EMC Products CVE-2019-18588 Cross Site Scripting Vulnerability

Description Multiple Dell EMC products are prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...

TYPO3 Form Framework TYPO3-CORE-SA-2019-021 Cross Site Scripting Vulnerability

Description TYPO3 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker...

Symantec Messaging Gateway CVE-2019-18378 Cross Site Scripting Vulnerability

Description Symantec Messaging Gateway is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...

Microsoft Visual Studio CVE-2019-1486 Spoofing Vulnerability

Description Microsoft Visual Studio is prone to an security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Visual...

Microsoft SQL Server Reporting Services CVE-2019-1332 Cross Site Scripting Vulnerability

Description Microsoft SQL Server Reporting Services SSRS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

Multiple Siemens EN100 Ethernet Modules SSA-418979 Multiple Security Vulnerabilities

Description Multiple Siemens EN100 Ethernet Modules are prone to multiple security vulnerabilities. An attacker may leverage these issues to execute arbitrary code, using directory-traversal sequences '../' to retrieve sensitive information and execute arbitrary script code in the browser of an...

Microsoft Skype for Business Server CVE-2019-1490 Spoofing Vulnerability

Description Microsoft Skype for Business Server are prone to a spoofing vulnerability. An attacker can exploit this issue to conduct spoofing attacks, execute arbitrary script code in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials an...

McAfee WebAdvisor TS102991 Multiple Security Vulnerabilities

Description McAfee WebAdvisor is prone to the following security vulnerabilities: 1. A remote code injection vulnerability 2. A security vulnerability. Successfully exploiting these issues may allow attacker to inject and execute arbitrary code. This may lead to other attacks. McAfee WebAdvisor...

Moxa AWK-3121 Series ICSA-19-337-02 Multiple Security Vulnerabilities

Description Moxa AWK-3121 Series is prone to the following security vulnerabilities: 1. Multiple information-disclosure vulnerabilities 2. A security-bypass vulnerability 3. Multiple buffer-overflow vulnerabilities 4. A cross-site request-forgery vulnerability 5. Multiple command-injection...

Fortinet FortiGate CVE-2019-6697 HTML Injection Vulnerability

Description Fortinet FortiGate is prone to an HTML injection vulnerability because it fails to sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based...

Cisco Unified Communications Domain Manager CVE-2019-15968 HTML Injection Vulnerability

Description Cisco Unified Communications Domain Manager is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing...

Microsoft Outlook for Android CVE-2019-1460 Spoofing Vulnerability

Description Microsoft Outlook for Android is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft...

Moodle CVE-2019-14883 Remote Security Vulnerability

Description Moodle is prone to a remote security vulnerability. An attacker can leverage this issue to perform unauthorized actions. This may aid in further attacks. Moodle 3.7 through 3.7.2 and 3.6 through 3.6.6 versions are vulnerable. Technologies Affected Moodle Moodle 3.6 Moodle Moodle 3.6.1...

Moodle CVE-2019-14881 Cross Site Scripting Vulnerability

Description Moodle is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attack...

McAfee Advanced Threat Defense SB10304 Multiple Security Vulnerabilities

Description McAfee Advanced Threat Defense is prone to the following security vulnerabilities: 1. Multiple information disclosure vulnerabilities. 2. A remote command execution vulnerability 3. Directory-traversal vulnerability. 4. An SQL-injection vulnerability. 5. A security vulnerability...

Oracle Java SE/Java SE Embedded CVE-2019-2988 Remote Security Vulnerability

Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over Multiple protocols. This issue affects the '2D' component. This vulnerability affects the following supported versions: Java SE: 7u231, 8u221, 11.0.4, 13; Java SE...

Oracle Java SE/Java SE Embedded CVE-2019-2973 Remote Security Vulnerability

Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over Multiple protocols. This issue affects the 'JAXP' component. This vulnerability affects the following supported versions: Java SE: 7u231, 8u221, 11.0.4, 13; Java S...