6867 matches found
Symantec Endpoint Protection Manager CVE-2018-18368 Local Privilege Escalation Vulnerability
Description Symantec Endpoint Protection Manager is prone to a local privilege-escalation vulnerability. A local attacker can leverage this issue to gain elevated privileges. Symantec Endpoint Protection Manager versions prior to 14.2 RU1 are vulnerable. Technologies Affected Symantec Endpoint...
Multiple Symantec Products CVE-2019-12759 Local Privilege Escalation Vulnerability
Description Multiple Symantec Products are prone to an local privilege escalation vulnerability. A local attacker can leverage this issue to gain elevated privileges. The following products and versions are affected: Symantec Endpoint Protection Manager SEPM prior to versions 14.2 RU2 Symantec Ma...
Multiple ABB Products CVE-2019-18250 Authentication Bypass Vulnerability
Description Multiple ABB products are prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Technologies Affected ABB Plant Connect ABB Power Generati...
Fortinet FortiOS CVE-2019-5593 Information Disclosure Vulnerability
Description Fortinet FortiOS is prone to an local information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Fortinet FortiOS 6.2.0, 6.0.0 through 6.0.6, 5.6.10 and prior are vulnerable. Technologies Affected Fortinet...
WordPress Email Subscribers & Newsletters Plugin CVE-2019-19980 Security Bypass Vulnerability
Description The Email Subscribers Newsletters Plugin for WordPress is prone to a security-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Versions prior to Email Subscribers Newslette...
Symfony Multiple Security Vulnerabilities
Description Symfony is prone to multiple security vulnerabilities: An attacker may leverage these issues to bypass certain security restrictions and perform unauthorized actions, execute arbitrary code, obtain sensitive information or cause denial-of-service conditions. Symfony versions 2.8.0...
WordPress Email Subscribers & Newsletters Plugin Cross Site Request Forgery Vulnerability
Description The Email Subscribers Newsletters Plugin for WordPress is prone to a cross-site request-forgery vulnerability. An attacker can exploit this issue to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible. Versions prior to Ema...
WordPress Email Subscribers & Newsletters Plugin Multiple Security Bypass Vulnerabilities
Description The Email Subscribers Newsletters Plugin for WordPress is prone to multiple security-bypass vulnerabilities. Attackers can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Versions prior to Email Subscriber...
Symfony CVE-2019-18889 Multiple Remote Code Execution Vulnerabilities
Description Symfony is prone to multiple remote code-execution vulnerabilities. Successfully exploiting these issues may result in the execution of arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Symfony versio...
Istio CVE-2019-18817 Remote Denial of Service Vulnerability
Description Istio is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the application to crash, denying service to legitimate users. Istio versions prior to 1.3.5 are vulnerable. Technologies Affected Istio Istio 1.3.0 Istio Istio 1.3.1 Istio Istio...
Microsoft Exchange Server CVE-2019-1373 Remote Code Execution Vulnerability
Description Microsoft Exchange Server is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...
SAP Treasury and Risk Management CVE-2019-0384 Remote Authorization Bypass Vulnerability
Description SAP Treasury and Risk Management is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks. Technologies Affected SAP EA-FINSERV 6.0 SAP EA-FINSERV 6.03 SAP EA-FINSE...
Microsoft Excel CVE-2019-1448 Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
McAfee Data Loss Prevention CVE-2019-3640 Information Disclosure Vulnerability
Description McAfee Data Loss Prevention is prone to an information-disclosure vulnerability. Attackers can exploit this issue to gain access to sensitive information by sniffing the traffic through a man-in-the-middle attack. Successful exploits will lead to other attacks. McAfee Data Loss...
Microsoft Windows 'ATMFD.dll' CVE-2019-1412 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Syste...
Microsoft Windows CVE-2019-1420 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges and execute arbitrary code. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-bas...
Microsoft Open Enclave SDK CVE-2019-1370 Information Disclosure Vulnerability
Description Microsoft Open Enclave SDK is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Open Enclave SDK Recommendations Permit local access for trusted individual...
Microsoft Internet Explorer Scripting Engine CVE-2019-1429 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Internet Explorer 9, 10, and 11 are...
SAP NetWeaver AS Java CVE-2019-0391 Information Disclosure Vulnerability
Description SAP NetWeaver AS Java is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. SAP NetWeaver AS Java versions 7.10, 7.20, 7.30, 7.31, 7.4 and 7.5 are vulnerable. Technologies Affect...
Microsoft Office CVE-2019-1402 Local Information Disclosure Vulnerability
Description Microsoft Office is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2010 32-bit edition SP2 Microsoft Office 2010 64-bit edition SP2...
Microsoft Windows GDI CVE-2019-1439 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...
Adobe Illustrator APSB19-36 Multiple Memory Corruption Vulnerabilities
Description Adobe Illustrator is prone to multiple memory-corruption vulnerabilities. An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Adobe...
TIBCO EBX Add-on CVE-2019-17331 Cross Site Scripting Vulnerability
Description TIBCO EBX Add-on is prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let t...
SAP Netweaver Application Server Java CVE-2019-0389 Remote Privilege Escalation Vulnerability
Description SAP Netweaver Application Server Java is prone to a remote privilege-escalation vulnerability. Remote attackers can exploit this issue to gain elevated privileges. Technologies Affected SAP Netweaver Application Server Java 7.1 SAP Netweaver Application Server Java 7.2 SAP Netweaver...
Microsoft Windows Hyper-V CVE-2019-1398 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Hyper-V Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10...
Microsoft Edge Chakra Scripting Engine CVE-2019-1426 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Windows Hyper-V CVE-2019-1399 Denial of Service Vulnerability
Description Microsoft Windows is prone to a denial of service vulnerability. An attacker can exploit this issue to crash the host machine, resulting in a denial of service condition. Technologies Affected Microsoft Hyper-V Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows ...
Microsoft Windows 'DirectWrite' API CVE-2019-1411 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...
Microsoft Excel CVE-2019-1446 Information Disclosure Vulnerability
Description Microsoft Excel is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Excel 2010 Service Pack 2 32-bit editions Microsoft Excel 2010 Service Pack 2 64-bit...
Trusted Platform Module CVE-2019-16863 Unspecified Security Vulnerability
Description Trusted Platform Module is prone to an unspecified security vulnerability. Successfully exploiting this issue will allow attackers to perform unauthorized actions; this may aid in launching further attacks. Technologies Affected STMicroelectronics Trusted Platform Module Trusted...
Microsoft Windows Data Sharing Service CVE-2019-1379 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft...
Microsoft ActiveX Installer Service CVE-2019-1382 Local Privilege Escalation Vulnerability
Description Microsoft ActiveX Installer Service is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based...
VMware Workstation and Fusion VMSA-2019-0021 Multiple Security Vulnerabilities
Description VMware Workstation and Fusion are prone to multiple security vulnerabilities. An attacker can leverage these issues to execute arbitrary code in the context of the affected system, gain sensitive information and cause a denial of service condition. The following VMware products are...
Microsoft Windows splwow64 CVE-2019-1380 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges on the system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems...
TIBCO EBX Add-on CVE-2019-17332 Cross Site Scripting Vulnerability
Description TIBCO EBX Add-on is prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let t...
Microsoft Windows CVE-2019-1384 Security Bypass Vulnerability
Description Microsoft Windows is prone to a security bypass vulnerability. Successfully exploiting this issue may allow attackers to bypass certain security restrictions and perform unauthorized actions. This may lead to other attacks. Technologies Affected Microsoft Windows 10 Version 1607 for...
SAP ERP Sales and S/4HANA Sales CVE-2019-0386 Remote Authorization Bypass Vulnerability
Description SAP ERP Sales and S/4HANA Sales are prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks. Technologies Affected SAP Erp 6.0 SAP Erp 6.02 SAP Erp 6.03 SAP Erp 6.04...
Microsoft Windows Hyper-V CVE-2019-1389 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Hyper-V Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10...
Microsoft Windows Win32k CVE-2019-1393 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
Microsoft Windows Data Sharing Service CVE-2019-1417 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windo...
Microsoft Windows Hyper-V CVE-2019-0721 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Hyper-V Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10...
Microsoft Windows Graphics Component CVE-2019-1407 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
Microsoft Windows Hyper-V CVE-2019-1310 Denial of Service Vulnerability
Description Microsoft Windows is prone to a denial of service vulnerability. An attacker can exploit this issue to crash the host machine, resulting in a denial of service condition. Technologies Affected Microsoft Hyper-V Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows ...
SAP Treasury and Risk Management CVE-2019-0383 Remote Authorization Bypass Vulnerability
Description SAP Treasury and Risk Management is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks. Technologies Affected SAP EA-FINSERV 6.0 SAP EA-FINSERV 6.03 SAP EA-FINSE...
Lenovo ThinkPad CVE-2019-6172 Remote Code Execution Vulnerability
Description Lenovo is prone to a remote code-execution vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Technologies Affected Lenovo Thinkpad Recommendations Block external access at the network boundary, unle...
Microsoft Windows OpenType Fonts CVE-2019-1419 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft Window...
Microsoft Windows Win32k CVE-2019-1396 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
Microsoft Windows 'Win32k' CVE-2019-1408 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
Microsoft Windows Win32k Graphics CVE-2019-1441 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition. Technologies Affected Microsoft Windows ...
Microsoft Azure Stack CVE-2019-1234 Spoofing Vulnerability
Description Microsoft Azure Stack is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Azure Stac...