6867 matches found
Adobe Experience Manager CVE-2019-16468 Information Disclosure Vulnerability
Description Adobe Experience Manager is prone to an information-disclosure vulnerability. Remote attackers can exploit this issue to gain access to sensitive information that may aid in further attacks. Adobe Experience Manager versions 6.3, 6.4 and 6.5 are vulnerable. Technologies Affected Adobe...
Oracle Identity Manager CVE-2020-2729 Remote Security Vulnerability
Description Oracle Identity Manager is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Advanced Console' component is affected. This vulnerability affects the following supported versions: 11.1.2.3.0, 12.2.1.3.0 Technologies Affected...
Google Android Media Framework CVE-2020-0002 Multiple Remote Code Execution Vulnerabilities
Description Google Android is prone to multiple remote code-execution vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of a privileged process. Failed attacks may cause a denial-of-service condition. These issues are being tracked by Android Bug ID...
Cisco Data Center Network Manager CVE-2019-15999 Unauthorized Access Vulnerability
Description Cisco Data Center Network Manager is prone to an unauthorized-access vulnerability. Attackers can exploit this issue to gain unauthorized access and perform unauthorized actions. This may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCvs00139. Technologies...
Linux kernel CVE-2019-19927 Denial of Service Vulnerability
Description Linux kernel is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Linux kernel 5.0.0-rc7 is vulnerable; other versions may also be affected. Technologies Affected Linux kernel 5.0.0-rc7 Recommendations Permit local...
ZOHO ManageEngine EventLog Analyzer CVE-2019-19774 Security Bypass Vulnerability
Description ZOHO ManageEngine EventLog Analyzer is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in launching further attacks. ManageEngine EventLog Analyzer 10.0 SP1 is vulnerabl...
Envoy CVE-2019-18801 Heap Buffer Overflow Vulnerability
Description Envoy PHP is prone to a heap-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Successfully exploiting this issue allows attackers to execute arbitrary code in the contex...
Apple iOS/iPadOS/tvOS/watchOS/macOS CVE-2019-8830 Arbitrary Code Execution Vulnerability
Description Apple iOS, iPadOS, tvOS, watchOS and macOS are prone to an arbitrary code execution vulnerability. A remote attacker can leverage this issue to execute arbitrary code in the context of the user running the application. Failed exploit attempts may result in a denial-of-service conditio...
Microsoft Windows Hyper-V CVE-2019-1470 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Hyper-V Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft...
Microsoft Access CVE-2019-1463 Information Disclosure Vulnerability
Description Microsoft Access is prone to an information-disclosure vulnerability. An attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2010 32-bit edition SP2 Microsoft Office 2010 64-bit edition SP2 Microsoft...
Siemens SCALANCE W700/W1700 CVE-2018-14526 Information Disclosure Vulnerability
Description Siemens SCALANCE W700 and W1700 is prone to an information disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information. Successful exploits may lead to other attacks. The following versions of SCALANCE W700 and W1700 are affected: Siemens SCALANCE W700...
Adobe Stock CVE-2019-19595 Remote Code Execution Vulnerability
Description Adobe Stock is prone to remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected system. Technologies Affected Adobe Stock 4.8 PrestaShop PrestaShop 1.4 PrestaShop PrestaShop 1.6.0 Recommendations Deploy netwo...
Redhat KeyCloak CVE-2019-14910 Authentication Bypass Vulnerability
Description Redhat KeyCloak is prone to an authentication-bypass vulnerability. Remote attackers can exploit this issue to bypass the authentication mechanism and gain unauthorized access. Technologies Affected Redhat keycloak 7.0.0 Redhat keycloak 7.0.1.Final Recommendations Block external acces...
Linux kernel CVE-2019-19449 Denial of Service Vulnerability
Description Linux kernel is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Linux kernel 5.0.21 is vulnerable. Technologies Affected Linux kernel 5.0.21 Recommendations Permit local access for trusted individuals only. Where...
Istio CVE-2019-18817 Remote Denial of Service Vulnerability
Description Istio is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the application to crash, denying service to legitimate users. Istio versions prior to 1.3.5 are vulnerable. Technologies Affected Istio Istio 1.3.0 Istio Istio 1.3.1 Istio Istio...
SAP ERP Sales and S/4HANA Sales CVE-2019-0386 Remote Authorization Bypass Vulnerability
Description SAP ERP Sales and S/4HANA Sales are prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks. Technologies Affected SAP Erp 6.0 SAP Erp 6.02 SAP Erp 6.03 SAP Erp 6.04...
Microsoft SharePoint CVE-2019-1443 Information Disclosure Vulnerability
Description Microsoft SharePoint is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundation 2010 SP2...
Trusted Platform Module CVE-2019-16863 Unspecified Security Vulnerability
Description Trusted Platform Module is prone to an unspecified security vulnerability. Successfully exploiting this issue will allow attackers to perform unauthorized actions; this may aid in launching further attacks. Technologies Affected STMicroelectronics Trusted Platform Module Trusted...
Microsoft ActiveX Installer Service CVE-2019-1382 Local Privilege Escalation Vulnerability
Description Microsoft ActiveX Installer Service is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based...
Microsoft Windows JET Database Engine CVE-2019-1406 Remote Code Execution Vulnerability
Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Windows Hyper-V CVE-2019-0719 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Hyper-V Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10...
Microsoft Windows Win32k Graphics CVE-2019-1441 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition. Technologies Affected Microsoft Windows ...
Fortinet FortiClient for macOS CVE-2019-17650 Local Command Injection Vulnerability
Description Fortinet FortiClient for macOS is prone to a local command-injection vulnerability. An attacker may exploit this issue to inject and execute arbitrary commands with root privileges. Versions prior to FortiClient for macOS 6.2.2 are vulnerable. Technologies Affected Fortinet FortiClien...
Adobe Acrobat and Reader CVE-2019-8238 Information Disclosure Vulnerability
Description Adobe Acrobat and Reader are prone to information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. Technologies Affected Adobe Acrobat 2017.008.30051 Adobe Acrobat 2017.011.30059 Adobe Acrobat...
Oracle Java SE CVE-2019-2977 Remote Security Vulnerability
Description Oracle Java SE is prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'Hotspot' component. This vulnerability affects the following supported versions: Java SE: 11.0.4, 13 Technologies Affected Oracle Java SE...
Oracle GraalVM Enterprise Edition CVE-2019-2986 Remote Security Vulnerability
Description Oracle GraalVM Enterprise Edition is prone to a remote security vulnerability. This vulnerability can be exploited over the 'Multiple' protocol. The 'LLVM Interpreter' component is affected. This vulnerability affects the following supported versions: 19.2.0 Technologies Affected Orac...
Apple Swift CVE-2019-8790 Information Disclosure Vulnerability
Description Apple Swift is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Apple Swift 3.0 Apple Swift 3.0.1 Apple Swift 3.0.2 Apple Swift 3.1 Apple Swift 3.1.1 Apple Swift 4....
Cisco Prime Infrastructure CVE-2019-12713 Cross Site Scripting Vulnerability
Description Cisco Prime Infrastructure is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...
IBM Workload Scheduler CVE-2019-4031 Local Privilege Escalation Vulnerability
Description IBM Workload Scheduler is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. The following products are affected: IBM Tivoli Workload Scheduler Distributed 9.2.0 FP03 and prior IBM Workload Scheduler Distributed 9.3.0...
Microsoft Windows CVE-2019-1303 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the system. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit...
Xpdf CVE-2019-16115 Buffer Underflow Vulnerability
Description Xpdf is prone to a buffer-underflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to cause denial-of-service conditions. Due to the nature of this issue, arbitrary code execution may be possible but this ha...
Docker CVE-2019-14271 Arbitrary Code Execution Vulnerability
Description Docker is prone to an arbitrary code-execution vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Technologies Affected Docker Docker 19.03.0 Docker Docker EE 17.06.2-ee-10 Docker Docker EE...
Microsoft Windows Graphics Component CVE-2019-1148 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Office 2019 for Mac Microsoft Windows 10 Version 1607 for 32-bit Systems...
Microsoft Windows VBScript Engine CVE-2019-1183 Remote Code Execution Vulnerability
Description Microsoft Windows VBScript Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the current user. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft...
Microsoft Windows 'DirectWrite' API CVE-2019-1118 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsof...
Microsoft Windows Kernel CVE-2019-1073 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
Microsoft Office Access Connectivity Engine CVE-2019-0823 Remote Code Execution Vulnerability
Description Microsoft Office Access Connectivity Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Office 2010 Service Pack 2 32-bit editions Microsoft Office...
Microsoft Windows GDI Component CVE-2019-0614 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...
Microsoft Edge CVE-2019-0612 Security Bypass Vulnerability
Description Microsoft Edge is prone to a security-bypass vulnerability. Successfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. This may lead to other attacks. Technologies Affected Microsoft Edge Recommendations Run all...
Microsoft Windows JET Database Engine CVE-2019-0599 Remote Code Execution Vulnerability
Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Edge CVE-2019-0648 Information Disclosure Vulnerability
Description Microsoft Edge is prone to an information disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Edge Recommendations Run all software as a nonprivileged user with minimal acce...
Microsoft Windows CVE-2019-0555 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft...
Microsoft Word CVE-2019-0561 Information Disclosure Vulnerability
Description Microsoft Word is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2010 32-bit edition SP2 Microsoft Office 2010 64-bit edition SP2 Microsoft Offic...
Inventory Plugin for Symantec Management Agent Privilege Escalation
SUMMARY Symantec has released an update to address an issue that was discovered in the Inventory Plugin for Symantec Management Agent Altiris product. AFFECTED PRODUCTS Inventory Plugin for Symantec Management Agent Altiris --- CVE | Affected Versions | Remediation CVE-2018-5240 | Prior to 7.6 PO...
Microsoft Windows Kernel CVE-2018-8313 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based...
Microsoft Windows Kernel 'Win32k.sys' CVE-2018-8282 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. This can result in the attacker gaining complete control of the affected system. Technologies Affected Microsoft Windows 10...
Microsoft Office CVE-2018-8247 Privilege Escalation Vulnerability
Description Microsoft Office is prone to a privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Office Online Server 2016 Microsoft Office Web Apps Server 2013 SP1 Recommendations Run all software as a nonprivileged...
Microsoft Windows NTFS CVE-2018-1036 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...
Microsoft Outlook CVE-2018-8244 Remote Privilege Escalation Vulnerability
Description Microsoft Outlook is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Office 2016 Click-to-Run C2R for 32-bit edition Microsoft Office 2016 Click-to-Run C2R for 64-bit edition Microsof...
Microsoft Edge CVE-2018-8123 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Edge Recommendations...