6867 matches found
Microsoft ISA Server 2000 H.323 Filter Remote Buffer Overflow Vulnerability
Description It has been reported that the H.323 filter used by Microsoft ISA Server 2000 is prone to a remote buffer overflow vulnerability. The condition presents itself due to insufficient boundary checks performed by the Microsoft Firewall Service on specially crafted H.323 traffic. Successful...
Yahoo! Messenger YAuto.DLL Open Buffer Overflow Vulnerability
Description A problem has been identified in the handling of some types of requests by ActiveX controls installed with Yahoo! Messenger, exposing a remotely exploitable buffer overrun. Because of this, it may be possible for an attacker to execute arbitrary code on a vulnerable host. Technologies...
Oracle Application Testing Suite CVE-2020-2673 Remote Security Vulnerability
Description Oracle Application Testing Suite is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Oracle Flow Builder' component is affected. This vulnerability affects the following supported versions: 12.5.0.3, 13.1.0.1, 13.2.0.1, 13.3.0...
Oracle VM Server for SPARC CVE-2020-2571 Local Security Vulnerability
Description Oracle VM Server for SPARC is prone to a local security vulnerability. The 'Templates' component is affected. This vulnerability affects the following supported versions: Oracle VM Server for SPARC 3.6 Technologies Affected Oracle VM Server for SPARC 3.6 Recommendations Permit local...
Oracle Identity Manager CVE-2020-2728 Remote Security Vulnerability
Description Oracle Identity Manager is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'OIM - LDAP user and role Synch' component is affected. This vulnerability affects the following supported versions: 12.2.1.3.0 Technologies Affected...
Cisco Webex Centers CVE-2020-3116 Denial of Service Vulnerability
Description Cisco Webex Centers is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. This issue is being tracked by Cisco Bug IDs CSCvr16379, CSCvr16383 and CSCvr16386. Technologies Affected Cisco WebEx Event Center Cisco WebEx...
MyBB CVE-2019-20225 Open Redirection Vulnerability
Description MyBB is prone to an open-redirection vulnerability. An attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site; this may aid in phishing attacks...
Atlassian Application Links CVE-2019-15011 Information Disclosure Vulnerability
Description Atlassian Application Links is prone to an information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information. That may aid in further attacks. The following versions of Atlassian Application Links are affected: Versions prior to 5.0.12 Versions...
Advantech DiagAnywhere CVE-2019-18257 Multiple Stack Buffer Overflow Vulnerabilities
...
Xen CVE-2019-19583 Denial of Service Vulnerability
Description Xen is prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. Xen Xen version through 4.12.0 are vulnerable. Technologies Affected Citrix Hypervisor 8.0 Citrix XenServer 7.0 Citrix XenServer...
McAfee TechCheck for Windows CVE-2019-3667 DLL Loading Arbitrary Code Execution Vulnerability
Description McAfee TechCheck is prone to an arbitrary code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in a denial of service condition. McAfee TechCheck versions 3.0.0.17 an...
Intel SCS Platform Discovery Utility CVE-2019-14605 Local Privilege Escalation Vulnerability
Description Intel SCS Platform Discovery Utility is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Technologies Affected Intel SCS Platform Discovery Utility Recommendations Permit local access for trusted individuals only...
Microsoft Windows GDI Component CVE-2019-1467 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...
Microsoft Defender CVE-2019-1488 Security Bypass Vulnerability
Description Microsoft Defender is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit...
Lenovo Power Management Driver CVE-2019-6192 Local Buffer Overflow Vulnerability
Description Lenovo Power Management Driver is prone to a local buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Attackers can exploit this issue to cause denial of service conditions. Due to the natur...
IBM API Connect CVE-2019-4444 Local Information Disclosure Vulnerability
Description IBM API Connect is prone to a local information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information that may aid in further attacks. IBM API Connect 2018.4.1.0 through 2018.4.1.7 are vulnerable. Technologies Affected IBM API Connect 2018.4.1 IB...
Multiple Trend Micro Products CVE-2019-18190 Arbitrary Code Execution Vulnerability
Description Multiple Trend Micro Products are prone to an arbitrary code-execution vulnerability. An attacker can leverage this issue to crash the affected application or execute arbitrary code in the context of the affected application. Technologies Affected Trend Micro Antivirus+ Security 16.0...
Xen CVE-2019-19579 Incomplete Fix Local Privilege Escalation Vulnerability
Description Xen is prone to a local privilege-escalation vulnerability. Local attacker can exploit this issue to gain elevated privileges on affected computers. Technologies Affected Xen Xen 3.0.2 Xen Xen 3.0.3 Xen Xen 3.0.4 Xen Xen 3.1 Xen Xen 3.1.3 Xen Xen 3.1.4 Xen Xen 3.2.0 Xen Xen 3.2.1 Xen...
Multiple Cloud Foundry Products CVE-2019-11290 Information Disclosure Vulnerability
Description Multiple Cloud Foundry Products are prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. The following products are affected: Cloud Foundry UAA versions prior to 74.8.0 Cloud Found...
Cisco Unity Express CVE-2019-15986 Local Command Injection Vulnerability
Description Cisco Unity Express is prone to a local command-injection vulnerability. A local attacker can exploit this issue to execute arbitrary commands on the underlying OS with root privileges. This issue is being tracked by Cisco Bug ID CSCvq54120. Versions prior to Cisco Unity Express 10.1...
WordPress WP Maintenance Plugin CVE-2019-19979 Cross Site Request Forgery Vulnerability
Description The WP Maintenance Plugin for WordPress is prone to a cross-site request-forgery vulnerability. An attacker can exploit this issue to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible. WP Maintenance versions prior to 5.0...
Linux Kernel CVE-2019-19079 Memory Leak Denial of Service Vulnerability
Description Linux Kernel is prone to a denial-of-service vulnerability. Successful exploitation of this issue will cause excessive memory consumption, resulting in a denial-of-service condition. Linux kernel versions prior to 5.3 are vulnerable. Technologies Affected Linux kernel 2.6.0 Linux kern...
Microsoft Windows CVE-2019-1384 Security Bypass Vulnerability
Description Microsoft Windows is prone to a security bypass vulnerability. Successfully exploiting this issue may allow attackers to bypass certain security restrictions and perform unauthorized actions. This may lead to other attacks. Technologies Affected Microsoft Windows 10 Version 1607 for...
SAP Treasury and Risk Management CVE-2019-0383 Remote Authorization Bypass Vulnerability
Description SAP Treasury and Risk Management is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks. Technologies Affected SAP EA-FINSERV 6.0 SAP EA-FINSERV 6.03 SAP EA-FINSE...
Microsoft Office Online CVE-2019-1447 Spoofing Vulnerability
Description Microsoft Office Online is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Office...
Microsoft Windows 'Win32k' CVE-2019-1408 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
Microsoft Windows Installer CVE-2019-1415 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
Microsoft Windows Data Sharing Service CVE-2019-1383 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windo...
Microsoft Windows Remote Procedure Call CVE-2019-1409 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Versi...
Microsoft Windows Graphics Component CVE-2019-1438 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Window...
Philips Tasy EMR CVE-2019-13557 Information Disclosure Vulnerability
Description Philips Tasy EMR is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain unauthorized access to sensitive information. This may lead to further attacks. Philips Tasy EMR version 3.02.1744 and prior are affected. Philips Tasy WebPortal version...
Fuji Electric V-Server CVE-2019-18240 Multiple Heap Based Buffer Overflow Vulnerabilities
Description Fuji Electric V-Server is prone to multiple unspecified heap-based buffer overflow vulnerabilities. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions...
Multiple Cisco Products CVE-2019-15289 Denial of Service Vulnerability
Description Multiple Cisco Products are prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. This issue is being tracked by Cisco Bug IDs CSCvq12177, CSCvq29889 and CSCvq65302. Technologies Affected Cisco RoomOS Software Cisco...
Linux Kernel Multiple Security Vulnerabilities
Description Linux Kernel is prone to the following security vulnerabilities: 1. A security-bypass vulnerability 2. A local privilege-escalation vulnerability An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions or gain elevated privileges...
Apache Impala CVE-2019-10084 Authorization Bypass Vulnerability
Description Apache Impla is prone to a authorization-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions or gain elevated privileges; this may aid in launching further attacks. Apache Impala versions 2.7.0 through 3.2.0...
Multiple F5 BIG-IP Products CVE-2019-6657 Cross Site Scripting Vulnerability
Description Multiple F5 BIG-IP Products are prone to a cross-site scripting vulnerability because they fail to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site...
Apple macOS/watchOS/iCloud for Windows CVE-2019-8750 Memory Corruption Vulnerability
Description Apple macOS, watchOS and iCloud for Windows are prone to a memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code and perform unauthorized actions. Failed exploit attempts may result in a denial-of-service condition. Technologies Affected Apple Wat...
Apple tvOS/iOS/iPadOS CVE-2019-8795 Memory Corruption Vulnerability
Description Apple iOS, iPad and tvOS are prone to a memory-corruption vulnerability. A remote attacker can leverage this issue to execute arbitrary code with system privileges. Failed exploit attempts may result in a denial-of-service condition. Technologies Affected Apple Ipad Mini- Apple TV App...
Multiple VMware Products CVE-2019-5536 Denial of Service Vulnerability
Description Multiple VMware products are prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected VMWare Esxi 6.5 VMWare Esxi 6.7 VMWare Fusion 11.0 VMWare Fusion 11.0.1 VMWare Fusion 11.0.2 VMWare Fusion 11.0.3...
Multiple IBM Products CVE-2019-4459 Cross Site Scripting Vulnerability
Description Multiple IBM Products are prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...
Cisco SPA100 Series Analog Telephone Adapters CVE-2019-12704 Information Disclosure Vulnerability
Description Cisco SPA100 Series Analog Telephone Adapters are prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCvq50503. Technologies Affected...
Juniper Junos CVE-2019-0075 Denial of Service Vulnerability
Description Juniper Junos is prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause denial-of-service conditions. Technologies Affected Juniper Junos 12.3X48 Juniper Junos 12.3X48-D10 Juniper Junos 12.3X48-D15 Juniper Junos 12.3X48-D20 Juniper Junos 12.3X48-D25...
Juniper Junos CVE-2019-0059 Memory Leak Denial of Service Vulnerability
Description Juniper Junos is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause a process crash, denying service to legitimate users. The following versions of Juniper Junos are affected: Juniper Junos 18.1 versions prior to 18.1R2-S4, 18.1R3-S1 are vulnerable...
Siemens SIMATIC WinAC RTX (F) 2010 CVE-2019-13921 Denial of Service Vulnerability
Description Siemens SIMATIC WinAC RTX F 2010 is prone to denial of service vulnerability Remote attackers may exploit this issue to cause denial-of-service conditions. Technologies Affected Siemens SIMATIC WinAC RTX F 2010 Recommendations Run all software as a nonprivileged user with minimal acce...
Microsoft Windows CVE-2019-1343 Denial of Service Vulnerability
Description Microsoft Windows is prone to a denial of service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft...
SAP Financial Consolidation Multiple Unspecified Security Vulnerabilities
Description SAP Financial Consolidation is prone to multiple unspecified security vulnerabilities. Limited information is currently available regarding these issues. We will update this BID as more information emerges. SAP Financial Consolidation versions 10.0 and 10.1 are vulnerable. Technologie...
Cisco Identity Services Engine CVE-2019-12631 Cross Site Scripting Vulnerability
Description Cisco Identity Services Engine is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site...
Cisco Unified CM CVE-2019-12711 XML Entity Expansion Multiple Security Vulnerabilities
Description Cisco Unified Communications Manager is prone to multiple security vulnerabilities. An attacker can exploit these issues to gain access to sensitive information or cause denial-of-service conditions. These issues are being tracked by Cisco Bug ID CSCvp46079. Technologies Affected Cisc...
PuTTY CVE-2019-17069 Denial of Service Vulnerability
Description PuTTY is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Versions prior to PuTTY 0.73 are vulnerable. Technologies Affected Simon Tatham PuTTY 0.45 Simon Tatham PuTTY 0.46 Simon Tatham PuTTY 0.47 Simon Tatham PuTTY...
Microsoft Windows Win32k CVE-2019-1285 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...