6867 matches found
Xen CVE-2019-19580 Incomplete Fix Local Privilege Escalation Vulnerability
Description Xen is prone to a local privilege-escalation vulnerability. Local attacker can exploit this issue to gain elevated privileges on affected computers. Xen version 4.12.x and prior are vulnerable. Technologies Affected Citrix Hypervisor 8.0 Citrix XenServer 7.0 Citrix XenServer 7.1 LTSR...
Multiple Intel Processors CVE-2019-14607 Multiple Security Vulnerabilities
Description Multiple Intel Processors are prone to multiple security vulnerabilities. A local attacker can leverage these issues to obtain sensitive information, gain elevated privileges and cause denial of service conditions. This may aid in further attacks. Technologies Affected Intel 6th...
Microsoft Windows Hyper-V CVE-2019-1471 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Hyper-V Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10...
Atlassian Companion CVE-2019-15006 Security Bypass Vulnerability
Description Atlassian Companion is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions or conduct man-in-the-middle attack; this may aid in launching further attacks. Technologies Affected Atlassian...
CESNET libyang Multiple Stack Based Buffer Overflow Vulnerabilities
Description CESNET libyang is prone to multiple stack-based buffer-overflow vulnerabilities because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. An attacker can exploit these issues to execute arbitrary code in the context of a...
Multiple Kaspersky Products CVE-2019-15689 DLL Loading Arbitrary Code Execution Vulnerability
Description Multiple Kaspersky Products are prone to an arbitrary code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in a denial of service condition. The following products ar...
Ansible Tower CVE-2019-14890 Information Disclosure Vulnerability
Description Ansible Tower is prone to an information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information. That may aid in further attacks. Ansible Tower version 3.6.0 is vulnerable; other versions may also be affected. Technologies Affected Redhat Ansible...
TIBCO EBX Add-on CVE-2019-17331 Cross Site Scripting Vulnerability
Description TIBCO EBX Add-on is prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let t...
phpMyAdmin CVE-2019-18622 SQL Injection Vulnerability
Description phpMyAdmin is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the...
Cisco Aironet Access Points CVE-2019-15261 Denial of Service Vulnerability
Description Cisco Aironet Access Points is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. This issue is being tracked by Cisco Bug ID CSCvk79807. Technologies Affected Cisco Aironet 1810 Series Access Points Cisco Aironet 183...
VMware SD-WAN by VeloCloud CVE-2019-5533 Information Disclosure Vulnerability
...
Cisco TelePresence CE Software CVE-2019-15277 Local Privilege Escalation Vulnerability
Description Cisco TelePresence Collaboration Endpoint Software is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary commands with root level privileges. This issue is being tracked by Cisco Bug ID CSCvp93715. Versions prior to Cisco...
Cisco Aironet Access Points CVE-2019-15260 Unauthorized Access Vulnerability
Description Cisco Aironet Access Points is prone to an unauthorized access vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions, gain elevated privileges. This may aid in launching further attacks. This issue is tracked by Cisc...
Oracle Java SE CVE-2019-2999 Remote Security Vulnerability
Description Oracle Java SE is prone to a remote security vulnerability. The vulnerability can be exploited over Multiple protocols. This issue affects the 'Javadoc' component. This vulnerability affects the following supported versions: Java SE: 7u231, 8u221, 11.0.4, 13 Technologies Affected Orac...
Oracle E-Business Suite CVE-2019-2990 Remote Security Vulnerability
Description Oracle E-Business Suite is prone to a remote security vulnerability in Oracle iStore. The vulnerability can be exploited over the 'HTTP' protocol. The 'Order Tracker' component is affected. This vulnerability affects the following supported versions: 12.1.1 through 12.1.3 and 12.2.3...
Oracle PeopleSoft Enterprise HCM Human Resources CVE-2019-2951 Remote Security Vulnerability
Description Oracle PeopleSoft Enterprise HCM Human Resources is prone to a remote security vulnerability. These vulnerabilities can be exploited over the 'HTTP' protocol. These vulnerabilities affect the following supported versions: 9.2 Technologies Affected Oracle PeopleSoft Enterprise HCM Huma...
Oracle Java SE/Java SE Embedded CVE-2019-2894 Remote Security Vulnerability
Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over Multiple protocols. This issue affects the 'Security' component. This vulnerability affects the following supported versions: Java SE: 7u231, 8u221, 11.0.4, 13; Ja...
Oracle Database Server Multiple Local Security Vulnerabilities
Description Oracle Database Server is prone to multiple local security vulnerabilities. These vulnerabilities can be exploited over the multiple protocols. The 'Core RDBMS' component is affected. This vulnerability affects the following supported versions: 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19...
Oracle Data Integrator CVE-2019-2943 Remote Security Vulnerability
Description Oracle Data Integrator is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Studio' component is affected. This vulnerability affects the following supported versions: 12.2.1.3.0 Technologies Affected Oracle Data Integrator...
Oracle E-Business Suite CVE-2019-2930 Remote Security Vulnerability
Description Oracle E-Business Suite is prone to a remote security vulnerability in Oracle Field Service. The vulnerability can be exploited over the 'HTTP' protocol. The 'Wireless' component is affected. This vulnerability affects the following supported versions: 12.1.1 through 12.1.3 and 12.2.3...
Juniper Junos CVE-2019-0073 Local Insecure File Permissions Vulnerability
Description Juniper Junos is prone to a local insecure file-permission vulnerability. A local attacker can exploit this issue to access sensitive information stored in the file-system. The following versions of Junos are vulnerable. Juniper Junos 15.1X49 versions prior to 15.1X49-D180 Juniper Jun...
Juniper Junos CVE-2019-0074 Local Directory Traversal Vulnerability
Description Juniper Junos is prone to a local directory-traversal vulnerability. An attacker can exploit this issue using directory-traversal characters '../' to read arbitrary files that contain sensitive information or to access files outside of the restricted directory to obtain sensitive...
Microsoft SharePoint Server CVE-2019-1329 Remote Privilege Escalation Vulnerability
Description Microsoft SharePoint Server is prone to a remote privilege-escalation vulnerability. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint...
Microsoft Windows Update Client CVE-2019-1323 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft...
Intel Smart Connect Technology CVE-2019-11167 Local Privilege Escalation Vulnerability
Description Intel Smart Connect Technology is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Intel Smart Connect Technology for Intel NUC products is vulnerable. Technologies Affected Intel Smart Connect Technology...
Bootstrap 3 Typeahead CVE-2019-10215 Cross Site Scripting Vulnerabilitiy
Description Bootstrap 3 Typeahead is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the...
Cisco Firepower Management Center CVE-2019-12689 Remote Code Execution Vulnerability
Description Cisco Firepower Management Center is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code on the affected system with root privileges. This may aid in further attacks. This issue being tracked by Cisco Bug ID CSCvh03951...
Multiple Cisco Products CVE-2019-12673 Denial of Service Vulnerability
Description Multiple Cisco Products are prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. This issue is being tracked by Cisco bug ID CSCvo83169. Technologies Affected Cisco Adaptive Security Appliance ASA Software 9.10 Cisco...
Microsoft Windows Remote Desktop Client CVE-2019-0787 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Windows 10 Version 1607 f...
Microsoft Edge Chakra Scripting Engine CVE-2019-1141 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Zoho Applications Manager Plugin CVE-2019-15104 SQL Injection Vulnerability
Description Zoho Applications Manager Plugin is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker may leverage this issue to compromise the application, access or modify data, or exploit latent...
Microsoft Windows Graphics Component CVE-2019-1150 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits may allow an attacker to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Windows 10...
Apache Tika CVE-2019-10088 Denial of Service Vulnerability
Description Apache Tika is prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause denial-of-service conditions. Apache Tika versions 1.7 through 1.21 are vulnerable. Technologies Affected Apache Tika 1.10 Apache Tika 1.11 Apache Tika 1.12 Apache Tika 1.13 Apache...
Microsoft Windows Active Directory Federation Services CVE-2019-1126 Security Bypass Vulnerability
Description Microsoft Windows is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and perform unauthorized actions. Technologies Affected Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 2012 ...
Microsoft Edge Chakra Scripting Engine CVE-2019-1103 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Edge Chakra Scripting Engine CVE-2019-0810 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Windows CVE-2019-0839 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Versi...
Microsoft Edge Chakra Scripting Engine CVE-2019-0861 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Windows Win32k CVE-2019-0685 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft Windows 10 Version 1607...
Microsoft Internet Explorer VBScript Engine CVE-2019-0862 Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions...
IBM Spectrum Protect CVE-2018-1853 Clickjacking Vulnerability
Description IBM Spectrum Protect is prone to an clickjacking vulnerability. Successful exploits will allow an authenticated attacker to compromise the affected application or obtain sensitive information. Other attacks are also possible. Technologies Affected IBM Spectrum Protect Backup-Archive...
Microsoft Office SharePoint CVE-2019-0556 Cross Site Scripting Vulnerability
Description Microsoft Office SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...
Microsoft Windows Text-To-Speech CVE-2018-8634 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successfully exploiting this issue may result in the execution of arbitrary code in the context of the affected system. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affecte...
Microsoft Internet Explorer Scripting Engine CVE-2018-8643 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the current user. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft Internet...
Microsoft Excel CVE-2018-8597 Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
GitLab CVE-2018-19495 Server Side Request Forgery Security Bypass Vulnerability
Description GitLab is prone to a security bypass vulnerability. An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. GitLab versions prior to 11.3.11, 11.4.x prior to 11.4.8 and 11.5.x prior to 11.5.1 are vulnerable...
Microsoft Windows CVE-2018-8468 Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10...
Microsoft Excel CVE-2018-8331 Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
Microsoft Windows DirectX Graphics Kernel CVE-2018-8400 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to run processes with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Syste...
Microsoft ChakraCore Scripting Engine CVE-2018-8359 Information Disclosure Vulnerability
Description Microsoft ChakraCore Scripting Engine is prone to an information disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft ChakraCore Recommendations Run all software as a...