Redhat KeyCloak CVE-2019-14910 Authentication Bypass Vulnerability

Description Redhat KeyCloak is prone to an authentication-bypass vulnerability. Remote attackers can exploit this issue to bypass the authentication mechanism and gain unauthorized access. Technologies Affected Redhat keycloak 7.0.0 Redhat keycloak 7.0.1.Final Recommendations Block external acces...

Redhat KeyCloak CVE-2019-14909 Authentication Bypass Vulnerability

Description Redhat KeyCloak is prone to an authentication-bypass vulnerability. Remote attackers can exploit this issue to bypass the authentication mechanism and gain unauthorized access. Technologies Affected Redhat keycloak 7.0.0 Redhat keycloak 7.0.1.Final Recommendations Block external acces...

Dell Command Update DSA-2019-162 Multiple Arbitrary File Deletion Vulnerabilities

Description Dell Command Update is prone to multiple arbitrary-file-deletion vulnerabilities. Successfully exploiting these issues will allow attackers to delete arbitrary files in the context of the application. Dell Command Update version prior to 3.1 are vulnerable. Technologies Affected Dell...

Reliable Controls LicenseManager CVE-2019-18245 Local Code Execution Vulnerability

Description Reliable Controls LicenseManager is prone to a local code execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the application. Failed exploit attempts will likely cause a denial-of-service condition. Reliable Controls...

Linux Kernel Multiple Use After Free Local Denial of Service Vulnerabilities

Description Linux Kernel is prone to multiple local denial-of-service vulnerabilities. Local attackers can exploit these issues to cause denial-of-service conditions. Linux Kernel versions prior to 5.3.7 are vulnerable. Technologies Affected Linux kernel 2.0.0 Linux kernel 2.0.1 Linux kernel 2.0....

Multiple Cloud Foundry Products CVE-2019-11293 Information Disclosure Vulnerability

Description Multiple Cloud Foundry Products are prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. The following products are affected: Cloud Foundry UAA versions prior to 74.10.0 Cloud...

Linux Kernel CVE-2019-19524 Local Denial of Service Vulnerability

Description Linux Kernel is prone to a local denial-of-service vulnerability. Local attackers can exploit this issue to cause denial-of-service conditions. Linux Kernel versions prior to 5.3.12 are vulnerable. Technologies Affected Linux kernel 2.0.0 Linux kernel 2.0.1 Linux kernel 2.0.10 Linux...

Kubernetes API Server CVE-2018-1002102 Open Redirection Vulnerability

Description Kubernetes API Server is prone to an open-redirection vulnerability. An attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site; this may aid in...

Redhat KeyCloak CVE-2019-14837 Information Disclosure Vulnerability

Description Redhat KeyCloak is prone to an information-disclosure vulnerability. Successful exploits may allow the attacker to obtain sensitive information or to perform unauthorized actions. This may lead to other attacks. Technologies Affected Redhat Single Sign-On 7.3 for RHEL 6 Redhat Single...

Django CVE-2019-19118 Privilege Escalation Vulnerability

Description Django is prone to a privilege-escalation vulnerability. A remote attacker can exploit this issue to gain elevated privileges and perform unauthorized actions on an affected system. Django versions prior to 2.2.8 and 2.1.15 are vulnerable. Technologies Affected Djangoproject Django 2....

IBM Cloud Pak System CVE-2019-4098 Cross Site Scripting Vulnerability

Description IBM Cloud Pak System is prone to an cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication...

Google Android Framework Component Multiple Security Vulnerabilities

Description Google Android is prone to the following security vulnerabilities: 1. A denial-of-service vulnerability 2. Multiple privilege-escalation vulnerabilities 3. An information-disclosure vulnerability An attacker can exploit these issues to gain elevated privileges, obtain sensitive...

Google Android Media Framework Multiple Remote Code Execution Vulnerabilities

Description Google Android is prone to multiple remote code-execution vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of a privileged process. Failed attacks may cause a denial-of-service condition. These issues are being tracked by Android Bug IDs...

Google Android Framework Component CVE-2019-2219 Information Disclosure Vulnerability

Description Google Android is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. This issue is being tracked by Android Bug ID A-119041698. Technologies Affected Google Android 10.0 Google...

Embedthis GoAhead Web Server CVE-2019-5097 Denial of Service Vulnerability

Description Embedthis GoAhead is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause a denial-of-service condition, denying service to legitimate users. GoAhead versions 5.0.1 and prior are vulnerable. Technologies Affected Embedthis Software GoAhead Web Server...

Google Android System Component Multiple Security Vulnerabilities

Description Google Android is prone to multiple security vulnerabilities. An attacker can leverage these issues to obtain sensitive information or gain elevated privileges. Failed attacks may cause a denial-of-service condition. These issues are being tracked by Android IDs A-133258003 and...

McAfee WebAdvisor TS102991 Multiple Security Vulnerabilities

Description McAfee WebAdvisor is prone to the following security vulnerabilities: 1. A remote code injection vulnerability 2. A security vulnerability. Successfully exploiting these issues may allow attacker to inject and execute arbitrary code. This may lead to other attacks. McAfee WebAdvisor...

BMC Remedy Smart Reporting CVE-2019-11216 XML External Entity Injection Vulnerability

Description BMC Remedy Smart Reporting is prone to an XML External Entity injection vulnerability. Attackers can exploit this issue to obtain potentially sensitive information or cause a denial-of-service condition. This may lead to further attacks. BMC Remedy Smart Reporting versions 9.1.03.001,...

Moxa AWK-3121 Series ICSA-19-337-02 Multiple Security Vulnerabilities

Description Moxa AWK-3121 Series is prone to the following security vulnerabilities: 1. Multiple information-disclosure vulnerabilities 2. A security-bypass vulnerability 3. Multiple buffer-overflow vulnerabilities 4. A cross-site request-forgery vulnerability 5. Multiple command-injection...

Multiple Kaspersky Products CVE-2019-15689 DLL Loading Arbitrary Code Execution Vulnerability

Description Multiple Kaspersky Products are prone to an arbitrary code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in a denial of service condition. The following products ar...

Google Android System Component Multiple Security Vulnerabilities

Description Google Android is prone to multiple security vulnerabilities. An attacker can leverage these issues to gain sensitive information, elevate privileges or execute arbitrary code in the context of a privileged process. Failed attacks may cause a denial-of-service condition. These issues...

Google Android System Component CVE-2019-2231 Local Information Disclosure Vulnerability

Description Google Android is prone to a local information-disclosure vulnerability. An attacker can exploit this issue to obtain potentially sensitive information. This issue is being tracked by Android Bug ID A-141955555. Technologies Affected Google Android 10.0 Google Android 9.0...

Embedthis GoAhead Web Server CVE-2019-5096 Remote Code Execution Vulnerability

Description Embedthis GoAhead Web Server is prone to a remote code execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the application. Failed exploit attempts will likely cause a denial-of-service condition. Embedthis GoAhead Web Server...

Microsoft Excel 2016 XML External Entity Information Disclosure Vulnerability

Description Microsoft Excel 2016 is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Excel 2016 1901 Recommendations Deploy network intrusion detection systems to...

Qualcomm Closed Source Components Multiple Remote Unspecified Vulnerabilities

Description Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-123998200, A-134437248, A-134437319,...

Microsoft Windows Kernel 'BasicRender.sys' Driver Local Denial of Service Vulnerability

Description Microsoft Windows is prone to a denial-of-service vulnerability. An attacker can exploit this issue to crash the system, denying service to the legitimate users. Technologies Affected Microsoft Windows 10 Recommendations Permit local access for trusted individuals only. Where possible...

Linux kernel CVE-2019-19449 Denial of Service Vulnerability

Description Linux kernel is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Linux kernel 5.0.21 is vulnerable. Technologies Affected Linux kernel 5.0.21 Recommendations Permit local access for trusted individuals only. Where...

Linux kernel CVE-2019-19447 Denial of Service Vulnerability

Description Linux kernel is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Linux kernel 5.0.21 is vulnerable. Technologies Affected Linux kernel 5.0.21 Recommendations Permit local access for trusted individuals only. Where...

Linux kernel CVE-2019-19448 Use After Free Denial of Service Vulnerability

Description Linux kernel is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Linux kernel versions 5.0.21 and 5.3.11 are vulnerable. Technologies Affected Linux kernel 5.0.21 Linux kernel 5.3.11 Recommendations Permit local acce...

Google Chrome Prior to 79.0.3945.117 Use After Free Vulnerability

Description Google Chrome is prone to a use-after-free vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the browser, or cause denial-of-service conditions. Versions prior to Chrome 79.0.3945.117 are vulnerable. Technologies Affected Google Chrome 0.1.38....

Linux kernel CVE-2019-19378 Denial of Service Vulnerability

Description Linux kernel is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Linux kernel 5.0.21 is vulnerable. Technologies Affected Linux kernel 5.0.21 Recommendations Permit local access for trusted individuals only. Where...

Linux kernel CVE-2019-19377 Use After Free Denial of Service Vulnerability

Description Linux kernel is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Linux kernel version 5.0.21 is vulnerable. Technologies Affected Linux kernel 5.0.21 Recommendations Permit local access for trusted individuals only...

Multiple F5 Products CVE-2019-6665 Man in the Middle Security Bypass Vulnerability

Description Multiple F5 Products are prone to a security-bypass vulnerability. Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, which will aid in further attacks. The following products are vulnerable: BIG-IP ASM 15.0.0 throu...

Linux kernel CVE-2019-19318 Use After Free Local Denial of Service Vulnerability

Description Linux kernel is prone to a local denial-of-service vulnerability. An attacker can exploit this issue to crash the system, denying service to legitimate users. Linux kernel version 5.3.11 is vulnerable. Technologies Affected Linux kernel 5.3.11 Recommendations Permit local access for...

F5 SSL Orchestrator CVE-2019-6674 Denial of Service Vulnerability

Description F5 SSL Orchestrator is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial of service conditions. Technologies Affected F5 SSL Orchestrator 14.1.0 F5 SSL Orchestrator 14.1.2 F5 SSL Orchestrator 15.0.0 F5 SSL Orchestrator 15.0.1 Recommendation...

F5 BIG-IP Traffic Management Microkernel CVE-2019-6669 Denial of Service Vulnerability

Description F5 BIG-IP is prone to a remote denial-of-service vulnerability. A successful exploit may allow an attacker to cause the Traffic Management Microkernel TMM to reload, denying service to legitimate users. Technologies Affected F5 BIG-IP AAM 11.6.1 F5 BIG-IP AAM 12.1.1 F5 BIG-IP AFM 11.6...

HAProxy CVE-2019-19330 CRLF Injection Vulnerability

Description HAProxy is prone to a CRLF-injection vulnerability. An attacker can exploit this issue to add arbitrary headers to a webpage. This may aid in further attacks. HAProxy versions prior to 2.0.10 are vulnerable. Technologies Affected haproxy haproxy 1.4 haproxy haproxy 1.4.0 haproxy hapro...

F5 BIG-IP Traffic Management Microkernel CVE-2019-6667 Denial of Service Vulnerability

Description F5 BIG-IP is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the resource exhaustion resulting in a denial-of-service condition. Technologies Affected F5 BIG-IP AAM 11.5.1 F5 BIG-IP AAM 11.6.0 F5 BIG-IP AAM 11.6.5 F5 BIG-IP AAM 12.1.0 F5...

Multiple F5 BIG-IP Products CVE-2019-6673 Denial of Service Vulnerability

Description Multiple F5 BIG-IP Products are prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause a denial of service condition. Technologies Affected F5 BIG-IP AAM 14.1.0 F5 BIG-IP AAM 14.1.0.1 F5 BIG-IP AAM 14.1.0.2 F5 BIG-IP AAM 14.1.0.5 F5 BIG-IP AAM 14.1.0.6 F...

Linux Kernel CVE-2019-10220 Directory Traversal Vulnerability

Description Linux Kernel is prone to a directory-traversal vulnerability. An attacker can exploit this issue using directory-traversal characters '../' to access, write or execute arbitrary files. Linux kernel version 4.9.0 is vulnerable. Technologies Affected Linux kernel 4.9.0 Recommendations...

F5 BIG-IP AFM CVE-2019-6672 Denial of Service Vulnerability

Description F5 BIG-IP AFM is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause a denial-of-service condition, denying service to legitimate users. BIG-IP AFM 15.0.0 through 15.0.1, 14.1.0 through 14.1.2, and 13.1.0 through 13.1.3 are vulnerable. Technologies...

Ansible CVE-2019-14905 OS Command Injection Vulnerability

Description Ansible is prone to an OS command-injection vulnerability. An attacker may exploit this issue to inject and execute arbitrary commands within the context of the affected application; this may aid in further attacks. Versions prior to Ansible 2.9.2, 2.8.8 and 2.7.16 are vulnerable...

Multiple F5 BIG-IP Products CVE-2019-6666 Denial of Service Vulnerability

Description Multiple F5 BIG-IP Products are prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause a denial of service condition. Technologies Affected F5 BIG-IP AAM 13.0.0 F5 BIG-IP AAM 13.1.1 F5 BIG-IP AAM 14.0.0 F5 BIG-IP AAM 14.1.0 F5 BIG-IP AAM 15.0.0 F5 BIG-IP...

Node.js 'lodahs' Package CVE-2019-19771 Unspecified Security Vulnerability

Description The 'lodahs' Package for Node.js is prone to an unspecified security vulnerability. Successfully exploiting this issue will allow attackers to perform unauthorized actions; this may aid in launching further attacks. Node.js lodahs version 1.0.0 is vulnerable Technologies Affected Node...

Apache cordova-plugin-inappbrowser CVE-2019-0219 Privilege Escalation Vulnerability

Description Apache cordova-plugin-inappbrowser is prone to a privilege-escalation vulnerability. Remote attackers can exploit this issue to gain elevated privileges or execute arbitrary code in the context of the affected application. Versions prior to Apache cordova-plugin-inappbrowser 3.1.0 are...

Linux Kernel CVE-2019-18660 Side Channel Attack Information Disclosure Vulnerability

Description Linux kernel is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Linux kernel versions through 5.3.13 are vulnerable. Technologies Affected Linux kernel 2.0.0 Linux kernel 2.0....

Multiple F5 BIG-IP Products CVE-2019-6670 Information Disclosure Vulnerability

Description Multiple F5 BIG-IP Products are prone to an information-disclosure vulnerability. Successfully exploiting this issue may allow attackers to obtain sensitive information. This may lead to other attacks. Technologies Affected F5 BIG-IP AAM 11.6.1 F5 BIG-IP AFM 11.6.1 F5 BIG-IP APM 11.6....

Multiple F5 BIG-IP Products CVE-2019-6671 Memory Leak Denial of Service Vulnerability

Description Multiple F5 BIG-IP Products are prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause a denial of service condition. Technologies Affected F5 BIG-IP AAM 13.1.0 F5 BIG-IP AAM 13.1.3 F5 BIG-IP AAM 14.0.0 F5 BIG-IP AAM 14.0.1 F5 BIG-IP AAM 14.1.0 F5 BIG-IP...

Linux kernel CVE-2019-19319 Denial of Service Vulnerability

Description Linux kernel is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Linux kernel 5.0.21 is vulnerable. Technologies Affected Linux kernel 5.0.21 Recommendations Permit local access for trusted individuals only. Where...

ABB Relion 650 and 670 Series CVE-2019-18247 Denial Of Service Vulnerability

Description ABB Relion 650 and 670 Series are prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause a device to reboot, denying service to legitimate users. The following versions of ABB Relion series are vulnerable: ABB Relion 650 series versions 1.3.0.5 and prior...