6867 matches found
Microsoft Windows Win32k CVE-2019-1440 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10...
Atlassian Jira Service Desk Server and Data Center Multiple Security Vulnerabilities
Description Atlassian Jira Service Desk Server and Jira Service Desk Data Center are prone to multiple security vulnerabilities. An attacker can exploit these issues using directory-traversal characters ‘../’ to access or read arbitrary files outside of the restricted directory, or bypass certain...
Redhat Quay CVE-2019-3864 Security Bypass Vulnerability
Description Redhat Quay is prone to a security-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Technologies Affected Redhat Quay 3 Recommendations Block external access at the network...
Apple watchOS CVE-2019-8747 Memory Corruption Vulnerability
Description Apple watchOS is prone to memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code and perform unauthorized actions. Failed exploit attempts may result in a denial-of-service condition. Technologies Affected Apple Watch Apple watchOS 1.0 Apple watchO...
Samba CVE-2019-14847 Remote Denial of Service Vulnerability
Description Samba is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the application to crash, denying service to legitimate users. Samba version 4.0.0 through 4.10.9 are vulnerable. Technologies Affected Samba Samba 4.0.0 Samba Samba 4.0.1 Samba Sam...
Multiple IBM Products CVE-2019-4395 Local Information Disclosure Vulnerability
Description Multiple IBM products are prone to a local information-disclosure vulnerability. Exploiting this issue may allow a local attacker to obtain sensitive information that may aid in further attacks. Technologies Affected IBM Cloud Orchestrator 2.4 IBM Cloud Orchestrator 2.4.0.1 IBM Cloud...
IBM Cloud Orchestrator CVE-2019-4399 Information Disclosure Vulnerability
Description IBM Cloud Orchestrator is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. The following versions are vulnerable: IBM Cloud Orchestrator 2.5, 2.5.0.1, 2.5.0.2, 2.5.0.3,...
Schneider Electric ProClima ICSA-19-295-01 Multiple Remote Code Execution Vulnerabilities
Description Schneider Electric ProClima is prone to multiple remote code-execution vulnerabilities. Attackers can exploit these issues to execute arbitrary code on the system. Schneider Electric ProClima versions prior to 8.0.0 are vulnerable. Technologies Affected Schneider-Electric Proclima 6.0...
OpenAFS CVE-2019-18601 Denial of Service Vulnerability
Description OpenAFS is prone to a denial-of-service vulnerability. A remote attacker may exploit this issue to cause a denial-of-service condition; denying service to legitimate users. OpenAFS 1.0 through 1.6.23 and 1.8.0 through 1.8.4 are vulnerable. Technologies Affected OpenAFS Openafs 1.0.0...
IBM Security Guardium Big Data Intelligence CVE-2019-4330 Information Disclosure Vulnerability
Description IBM Security Guardium Big Data Intelligence is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Security Guardium Big Data Intelligence 4.0 is vulnerable; other versions may also be...
IBM API Connect CVE-2019-4600 Information Disclosure Vulnerability
Description IBM API Connect is prone to an information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information that may aid in further attacks. IBM API Connect 5.0.0.0 through 5.0.8.7 are vulnerable. Technologies Affected IBM API Connect 5.0.0.0 IBM API Connec...
Foxit Studio Photo CVE-2019-17138 Out-Of-Bounds Read Information Disclosure Vulnerability
Description Foxit Studio Photo is prone to a information disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information. Foxit Studio Photo 3.6.6.915 and prior are vulnerable. Technologies Affected Foxit Studio Photo 3.6.6.915 Recommendations Block external access at...
Cisco Identity Services Engine CVE-2019-15282 Information Disclosure Vulnerability
Description Cisco Identity Services Engine is prone to an information disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information that may aid in further attacks. This issue is being tracked by Cisco bug ID CSCvq52402. Technologies Affected Cisco Identity Services...
Phoenix Contact Automation Worx CVE-2019-16675 Remote Code Execution Vulnerability
Description Phoenix Contact Automation Worx is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause a denial-of-service condition. The...
Juniper Junos CVE-2019-0069 Local Information Disclosure Vulnerability
Description Juniper Junos is prone to a local information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. The following versions of Juniper Junos are affected: Juniper Junos 15.1X49 versions prior to...
Juniper Junos CVE-2019-0062 Session Fixation Vulnerability
Description Juniper Junos is prone to a session-fixation vulnerability. An attacker can hijack an arbitrary session and gain unauthorized access to the affected application. The following versions of Juniper Junos are affected: Junper Junos 12.3 versions prior to 12.3R12-S15 for Juniper EX Series...
NetApp SnapManager for Oracle CVE-2019-5507 Unspecified Local Information Disclosure Vulnerability
Description NetApp SnapManager for Oracle is prone to an unspecified local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information or perform unauthorized actions on data. Versions prior to NetApp SnapManager for Oracle 3.4.2P1 are vulnerable...
Juniper Junos CVE-2019-0067 Denial of Service Vulnerability
Description Juniper Junos is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to crash the affected device, denying service to legitimate users. Technologies Affected Juniper Junos 16.1 Juniper Junos 16.1R1 Juniper Junos 16.1R2 Juniper Junos 16.1R3 Juniper Junos...
Juniper SBR Carrier CVE-2019-0072 Information Disclosure Vulnerability
Description Juniper SBR Carrier is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. The following product versions are affected: Juniper SBR Carrier versions from 8.4.1 prior to 8.4.1R13...
Nitro Software NitroPDF Multiple Remote Code Execution and Memory Corruption Vulnerabilities
Description Nitro Software NitroPDF is prone to multiple remote code-execution vulnerabilities and a memory-corruption vulnerability. Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause...
Microsoft Windows Kernel CVE-2019-1334 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
Microsoft Internet Explorer CVE-2019-1371 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Internet...
vBulletin CVE-2019-17271 Multiple SQL Injection Vulnerabilities
Description vbulletin is prone to multiple SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in an SQL query. An attacker can leverage these issues to compromise the application, access or modify data, or exploit latent vulnerabilities in the...
IBM Maximo Anywhere CVE-2019-4265 Information Disclosure Vulnerability
Description IBM Maximo Anywhere is prone to an information-disclosure vulnerability. Attackers can exploit this issue to view sensitive information. Information obtained may lead to further attacks. IBM Maximo Anywhere versions 7.6.0, 7.6.1, 7.6.2, and 7.6.3 are vulnerable. Technologies Affected...
Multiple Dell EMC Products CVE-2019-3765 Remote Security Bypass Vulnerability
Description Multiple Dell EMC products are prone to a remote security-bypass vulnerability. An attacker can exploit this issue to obtain sensitive information, bypass security restrictions and perform unauthorized actions. This may aid in further attacks. The following products are vulnerable: De...
Siemens SINEMA Remote Connect Server ICSA-19-260-02 Multiple Security Vulnerabilities
Description Siemens SINEMA Remote Connect Server is prone to following security vulnerabilities: 1. Multiple security vulnerabilities 2. An information-disclosure vulnerability 3. A cross-site-request forgery vulnerability An attacker may leverage these issues to obtain potentially sensitive...
Microsoft Windows Update Delivery Optimization CVE-2019-1289 Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based System...
Microsoft Windows Hyper-V CVE-2019-0928 Denial of Service Vulnerability
Description Microsoft Windows is prone to a denial of service vulnerability. An attacker can exploit this issue to crash the host machine, resulting in a denial of service condition. Technologies Affected Microsoft Hyper-V Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows ...
Microsoft Windows Audio Service CVE-2019-1277 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the system. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit...
Microsoft Windows Graphics Component CVE-2019-1283 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Syste...
lodash CVE-2019-1010266 Denial of Service Vulnerability
Description lodash is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause a denial-of-service condition. lodash versions prior to 4.17.11 are vulnerable. Technologies Affected Cisco Application Policy Infrastructure Controller APIC IBM Cloud Private 3.2.0 CD IBM...
GitLab Omnibus CVE-2019-15741 Privilege Escalation Vulnerability
Description GitLab Omnibus is prone to a remote privilege-escalation vulnerability. A remote attacker can exploit this issue to gain elevated privileges. Versions prior to GitLab 12.2.3, 12.1.8, and 12.0.8 are vulnerable. Technologies Affected Gitlab GitLab 7.4 Gitlab GitLab 7.4.2 Gitlab GitLab...
Redhat 3scale API Management CVE-2019-14849 Information Disclosure Vulnerability
Description Redhat 3scale API Management is prone to an information-disclosure vulnerability Remote attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Redhat 3scale API Management versions 2.6 and prior are vulnerable. Technologies Affected Redhat...
Microsoft Outlook CVE-2019-1200 Remote Code Execution Vulnerability
Description Microsoft Outlook is prone to a remote code-execution vulnerability. Successful exploits may allow an attacker to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Office 2019...
Microsoft Edge Scripting Engine CVE-2019-1030 Information Disclosure Vulnerability
Description Microsoft Edge is prone to an information disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Edge Recommendations Run all software as a nonprivileged user with minimal acce...
Microsoft Windows Kernel CVE-2019-1227 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version...
Foxit PhantomPDF CVE-2019-17139 Out of Bounds Write Remote Code Execution Vulnerability
Description Foxit PhantomPDF is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of the affected application or gain sensitive information. Failed exploit attempts will likely cause a denial-of-service condition...
Microsoft Windows Kernel CVE-2019-1071 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
Microsoft Windows GDI Component CVE-2019-1094 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...
Symantec Messaging Gateway Privilege Escalation
SUMMARY Symantec has released an update to address an issue that was discovered in the Symantec Messaging Gateway SMG product. AFFECTED PRODUCTS Symantec Messaging Gateway SMG --- CVE | Affected Versions | Remediation CVE-2019-12751 | Prior to 10.7.1 | Upgrade to 10.7.1 ISSUES CVE-2019-12751 ---...
Atlassian JIRA CVE-2019-3401 Information Disclosure Vulnerability
Description Atlassian JIRA is prone to an information-disclosure vulnerability. Successful exploits of this issue lead to the disclosure of sensitive information which may aid in launching further attacks. Jira versions prior to 7.13.3 and 8.0.0 through and prior to 8.1.1 are vulnerable...
Microsoft Azure DevOps Server CVE-2019-0857 Spoofing Vulnerability
Description Microsoft Azure DevOps Server is prone to a spoofing vulnerability. An attacker can exploit this issue to conduct spoofing attacks and to bypass certain security restrictions and perform unauthorized actions. This may lead to other attacks. Technologies Affected Microsoft Azure DevOps...
Microsoft Edge Chakra Scripting Engine CVE-2019-0812 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Edge Chakra Scripting Engine CVE-2019-0611 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Xen CVE-2019-17347 Denial of Service Vulnerability
Description Xen is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition or gain elevated privileges. Xen Xen version 4.1 and later are vulnerable. Technologies Affected Xen Xen 4.1 Xen Xen 4.1.0 Xen Xen 4.1.1 Xen Xen 4.1.2 Xen Xen...
Microsoft Visual Studio CVE-2019-0728 Remote Code Execution Vulnerability
Description Microsoft Visual Studio is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the current-user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft Visu...
Microsoft Windows Subsystem for Linux CVE-2019-0553 Local Information Disclosure Vulnerability
Description Microsoft Windows Subsystem for Linux is prone to a local information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft...
Microsoft Chakra Scripting Engine CVE-2019-0539 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Edge CVE-2018-8366 Information Disclosure Vulnerability
Description Microsoft Edge is prone to an information disclosure vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks...
Microsoft Windows Subsystem for Linux CVE-2018-8441 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based...