6867 matches found
GitLab CVE-2018-20492 Access Bypass Vulnerability
Description GitLab is prone to an access-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. GitLab versions prior to 11.4.13, 11.5.x prior to 11.5.6, and 11.6.x prior to 11.6...
GitLab CVE-2019-15584 Denial of Service Vulnerability
Description GitLab is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause denial-of-service conditions. GitLab versions prior to 12.3.2, 12.2.6, and 12.1.10 are vulnerable. Technologies Affected Gitlab GitLab Community Edition 10.2 Gitlab GitLab Community Edition...
Multiple Jenkins Plugins Multiple Security Vulnerabilities
Description Jenkins plugins are prone to the following vulnerabilities: 1. Multiple information-disclosure vulnerabilities. 2. Multiple cross-site request forgery vulnerabilities. 3. Multiple HTML-injection vulnerabilities. 4. An XML External Entity injection vulnerability An attacker may...
TYPO3 CVE-2019-19849 Multiple Remote Code Execution Vulnerabilities
Description TYPO3 is prone to multiple remote code-execution vulnerabilities. Successfully exploiting these issues allows attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions. Versions prior to TYPO3 8.7.30,...
Atlassian Crowd CVE-2017-18107 Cross Site Request Forgery Vulnerability
Description Atlassian Crowd is prone to a cross-site request-forgery vulnerability because it fails to properly validate HTTP requests. Exploiting this issue allows a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks are also...
Atlassian Application Links CVE-2019-15011 Information Disclosure Vulnerability
Description Atlassian Application Links is prone to an information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information. That may aid in further attacks. The following versions of Atlassian Application Links are affected: Versions prior to 5.0.12 Versions...
Xen CVE-2019-19583 Denial of Service Vulnerability
Description Xen is prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. Xen Xen version through 4.12.0 are vulnerable. Technologies Affected Citrix Hypervisor 8.0 Citrix XenServer 7.0 Citrix XenServer...
Multiple Intel Processors CVE-2019-11157 Multiple Security Vulnerabilities
Description Multiple Intel Processors are prone to multiple security vulnerabilities. A local attacker can leverage these issues to obtain sensitive information and gain elevated privileges. This may aid in further attacks. Technologies Affected Intel 6th generation Core processors Intel 7th...
Lenovo Power Management Driver CVE-2019-6192 Local Buffer Overflow Vulnerability
Description Lenovo Power Management Driver is prone to a local buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Attackers can exploit this issue to cause denial of service conditions. Due to the natur...
Microsoft Defender CVE-2019-1488 Security Bypass Vulnerability
Description Microsoft Defender is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit...
Microsoft Git for Visual Studio CVE-2019-1350 Remote Code Execution Vulnerability
Description Microsoft Git for Visual Studio is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...
VMware Harbor Container Registry for PCF Multiple Security Vulnerabilities
Description VMware Harbor Container Registry for PCF is prone to the following security vulnerabilities. 1. Multiple SQL-injection vulnerabilities 2. A cross-site request forgery vulnerability 3. A privilege-escalation vulnerability 4. A user-enumeration vulnerability Exploiting this issue...
F5 BIG-IP Traffic Management Microkernel CVE-2019-6667 Denial of Service Vulnerability
Description F5 BIG-IP is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the resource exhaustion resulting in a denial-of-service condition. Technologies Affected F5 BIG-IP AAM 11.5.1 F5 BIG-IP AAM 11.6.0 F5 BIG-IP AAM 11.6.5 F5 BIG-IP AAM 12.1.0 F5...
Moodle CVE-2019-14884 Cross Site Scripting Vulnerability
Description Moodle is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attack...
Linux Kernel CVE-2019-19079 Memory Leak Denial of Service Vulnerability
Description Linux Kernel is prone to a denial-of-service vulnerability. Successful exploitation of this issue will cause excessive memory consumption, resulting in a denial-of-service condition. Linux kernel versions prior to 5.3 are vulnerable. Technologies Affected Linux kernel 2.6.0 Linux kern...
Siemens SIMATIC S7-1200 CVE-2019-13945 Local Unauthorized Access Vulnerability
...
TIBCO EBX Add-on CVE-2019-17332 Cross Site Scripting Vulnerability
Description TIBCO EBX Add-on is prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let t...
McAfee Data Loss Prevention CVE-2019-3640 Information Disclosure Vulnerability
Description McAfee Data Loss Prevention is prone to an information-disclosure vulnerability. Attackers can exploit this issue to gain access to sensitive information by sniffing the traffic through a man-in-the-middle attack. Successful exploits will lead to other attacks. McAfee Data Loss...
Microsoft Windows Data Sharing Service CVE-2019-1383 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windo...
Microsoft Windows CVE-2019-1384 Security Bypass Vulnerability
Description Microsoft Windows is prone to a security bypass vulnerability. Successfully exploiting this issue may allow attackers to bypass certain security restrictions and perform unauthorized actions. This may lead to other attacks. Technologies Affected Microsoft Windows 10 Version 1607 for...
Microsoft Windows Remote Procedure Call CVE-2019-1409 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Versi...
Microsoft Windows Installer CVE-2019-1415 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
Envoy CVE-2019-18836 Remote Denial of Service Vulnerability
Description Envoy is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause denial of service conditions. Technologies Affected Envoy Envoy 1.12.0 Istio Istio 1.3.0 Istio Istio 1.3.1 Istio Istio 1.3.2 Istio Istio 1.3.3 Recommendations Block external access ...
Cisco Web Security Appliance CVE-2019-15956 Unauthorized Access Vulnerability
Description Cisco Web Security Appliance is prone to an unauthorized-access vulnerability. Attackers can exploit this issue to gain unauthorized access and perform unauthorized actions. This may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCvp51493. Technologies Affected...
Multiple Cisco Products CVE-2019-15289 Denial of Service Vulnerability
Description Multiple Cisco Products are prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. This issue is being tracked by Cisco Bug IDs CSCvq12177, CSCvq29889 and CSCvq65302. Technologies Affected Cisco RoomOS Software Cisco...
Linux Kernel Multiple Security Vulnerabilities
Description Linux Kernel is prone to the following security vulnerabilities: 1. A security-bypass vulnerability 2. A local privilege-escalation vulnerability An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions or gain elevated privileges...
Red Hat '389-ds-base' CVE-2019-14824 Security Bypass Vulnerability
Description Red Hat '389-ds-base' is prone to a security-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions, obtain sensitive information and perform unauthorized actions. This may aid in further attacks. Technologies Affected Redhat 389-ds-base Redhat...
Multiple F5 BIG-IP Products CVE-2019-6657 Cross Site Scripting Vulnerability
Description Multiple F5 BIG-IP Products are prone to a cross-site scripting vulnerability because they fail to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site...
Apple macOS/watchOS/iCloud for Windows CVE-2019-8750 Memory Corruption Vulnerability
Description Apple macOS, watchOS and iCloud for Windows are prone to a memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code and perform unauthorized actions. Failed exploit attempts may result in a denial-of-service condition. Technologies Affected Apple Wat...
Apple tvOS/iOS/iPadOS CVE-2019-8795 Memory Corruption Vulnerability
Description Apple iOS, iPad and tvOS are prone to a memory-corruption vulnerability. A remote attacker can leverage this issue to execute arbitrary code with system privileges. Failed exploit attempts may result in a denial-of-service condition. Technologies Affected Apple Ipad Mini- Apple TV App...
Multiple IBM Products CVE-2019-4459 Cross Site Scripting Vulnerability
Description Multiple IBM Products are prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...
Oracle Solaris Cpuoct2019 Multiple Local Security Vulnerabilities
Description Oracle Solaris is prone to multiple local security vulnerabilities. These vulnerabilities affect the following supported versions: 11 Technologies Affected Oracle Solaris 11 Recommendations Permit local access for trusted individuals only. Where possible, use restricted environments a...
Microsoft Windows CVE-2019-1343 Denial of Service Vulnerability
Description Microsoft Windows is prone to a denial of service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft...
Siemens SIMATIC WinAC RTX (F) 2010 CVE-2019-13921 Denial of Service Vulnerability
Description Siemens SIMATIC WinAC RTX F 2010 is prone to denial of service vulnerability Remote attackers may exploit this issue to cause denial-of-service conditions. Technologies Affected Siemens SIMATIC WinAC RTX F 2010 Recommendations Run all software as a nonprivileged user with minimal acce...
Microsoft Edge Chakra Scripting Engine CVE-2019-1366 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Windows Update Assistant CVE-2019-1378 Local Privilege Escalation Vulnerability
Description Microsoft Windows Update Assistant is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges on the system. Technologies Affected Microsoft Windows Update Assistant Recommendations Permit local access for trusted individuals...
Microsoft SQL Server Management Studio CVE-2019-1376 Information Disclosure Vulnerability
Description Microsoft SQL Server Management Studio is prone to an information-disclosure vulnerability. An attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft SQL Server Management Studio 18.3.1 Recommendations Block...
Multiple Cisco Products CVE-2019-12695 Cross Site Scripting Vulnerability
Description Multiple Cisco Products are prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected device. This...
Cisco Unified CM CVE-2019-12711 XML Entity Expansion Multiple Security Vulnerabilities
Description Cisco Unified Communications Manager is prone to multiple security vulnerabilities. An attacker can exploit these issues to gain access to sensitive information or cause denial-of-service conditions. These issues are being tracked by Cisco Bug ID CSCvp46079. Technologies Affected Cisc...
WhatsApp CVE-2019-11927 Integer Overflow Vulnerability
Description WhatsApp is prone to an integer overflow vulnerability. Attackers can exploit this issue to cause denial-of-service conditions. Due to the nature of this issue, arbitrary code-execution may be possible; however this has not been confirmed. Technologies Affected WhatsApp Inc. WhatsApp...
Apple iOS and iPadOS CVE-2019-8775 Local Security Bypass Vulnerability
Description Apple iOS and iPadOS are prone to a local security bypass vulnerability. Attackers can exploit this issue to bypass security restrictions and perform unauthorized actions. This issue is fixed in Apple iPadOS 13.1 and iOS 13.1. Technologies Affected Apple Watch Apple Watch OS 1.0 Apple...
Multiple SAP Products CVE-2019-0365 Unspecified Denial of Service Vulnerability
Description Multiple SAP Products are prone to an unspecified denial-of-service vulnerability. Successful exploits may allow an attacker to cause denial-of-service conditions. SAP Kernel KRNL32NUC, KRNL32UC and KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49,...
Microsoft Exchange CVE-2019-1233 Remote Denial of Service Vulnerability
Description Microsoft Exchange is prone to a remote denial of service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Microsoft Exchange Server 2016 Cumulative Update 12 Microsoft Exchange Server 2016 Cumulative Update 13 Microsoft...
Microsoft Windows Hyper-V CVE-2019-1254 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10...
Microsoft Windows JET Database Engine CVE-2019-1249 Remote Code Execution Vulnerability
Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Windows GDI CVE-2019-1252 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...
Microsoft .NET Core CVE-2019-1301 Denial of Service Vulnerability
Description Microsoft .NET Core is prone to a remote denial of service vulnerability. An attacker can exploit this issue to cause a denial of service condition. Technologies Affected Microsoft .NET Core 2.1 Microsoft .NET Core 2.2 Recommendations Block external access at the network boundary,...
Google Chrome CVE-2019-13692 Security Bypass Vulnerability
Description Google Chrome is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions; this may aid in launching further attacks. Versions prior to Chrome 77.0.3865.75 are vulnerable. Technologies Affected Google...
Dell EMC Enterprise Copy Data Management Certificate Validation Security Bypass Vulnerability
Description Dell EMC Enterprise Copy Data Management is prone to a security-bypass vulnerability because the application fails to properly validate certificates. Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, which will aid...
Microsoft Windows Graphics Component CVE-2019-1152 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits may allow an attacker to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Windows 10...