Microsoft Office CVE-2019-1457 Security Bypass Vulnerability

Description Microsoft Office is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Technologies Affected Microsoft Office 2016 for Mac Microsoft...

Adobe Media Encoder CVE-2019-8246 Out of Bounds Arbitrary Code Execution Vulnerability

Description Adobe Media Encoder is prone to an unspecified remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe...

Microsoft ActiveX Installer Service CVE-2019-1382 Local Privilege Escalation Vulnerability

Description Microsoft ActiveX Installer Service is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based...

Adobe Animate CVE-2019-7960 DLL Loading Local Privilege Escalation Vulnerability

Description Adobe Animate is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Animate 19.2.1 and prior are vulnerable. Technologies Affected Adobe Animate 14.2.0.20 Adobe Animate 15.0.0.173 Adobe Animate 15.0.1.179 Adobe...

Microsoft Windows Graphics Component CVE-2019-1438 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Window...

Microsoft Windows Hyper-V CVE-2019-0721 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Hyper-V Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10...

Microsoft Office CVE-2019-1442 Security Bypass Vulnerability

Description Microsoft Office is prone to a security bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions; this may aid in launching further attacks. Technologies Affected Microsoft SharePoint Server 2019 Recommendations Run all software as a...

Microsoft Windows CVE-2019-1423 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges and execute arbitrary code. Technologies Affected Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for...

Microsoft Office CVE-2019-1402 Local Information Disclosure Vulnerability

Description Microsoft Office is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2010 32-bit edition SP2 Microsoft Office 2010 64-bit edition SP2...

Microsoft Windows Hyper-V CVE-2019-1399 Denial of Service Vulnerability

Description Microsoft Windows is prone to a denial of service vulnerability. An attacker can exploit this issue to crash the host machine, resulting in a denial of service condition. Technologies Affected Microsoft Hyper-V Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows ...

Microsoft Windows CVE-2019-1422 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges and execute arbitrary code. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-bas...

McAfee Total Protection CVE-2019-3648 Local Privilege Escalation Vulnerability

Description Multiple McAfee products are prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. McAfee Total Protection MTP version 16.0.R22 and prior are vulnerable. Technologies Affected McAfee Total Protection 16.0.R17 McAfee Total...

McAfee Threat Intelligence Exchange Server CVE-2019-3641 Unauthorized Access Vulnerability

Description McAfee Threat Intelligence Exchange Server is prone to an unauthorized-access vulnerability. Attackers can exploit this issue to gain unauthorized access and perform unauthorized actions. This may aid in further attacks. McAfee Threat Intelligence Exchange Server 3.0.0 is vulnerable...

Siemens Desigo PX CVE-2019-13927 Denial of Service Vulnerability

Description Siemens Desigo PX is prone to denial of service vulnerability Remote attackers may exploit this issue to cause denial-of-service conditions. Technologies Affected Siemens Desigo PX PXA40-W0 Siemens Desigo PX PXA40-W1 Siemens Desigo PX PXA40-W2 Siemens Desigo PX PXC00-E.D Siemens Desig...

McAfee Data Loss Prevention CVE-2019-3640 Information Disclosure Vulnerability

Description McAfee Data Loss Prevention is prone to an information-disclosure vulnerability. Attackers can exploit this issue to gain access to sensitive information by sniffing the traffic through a man-in-the-middle attack. Successful exploits will lead to other attacks. McAfee Data Loss...

McAfee Advanced Threat Defense SB10304 Multiple Security Vulnerabilities

Description McAfee Advanced Threat Defense is prone to the following security vulnerabilities: 1. Multiple information disclosure vulnerabilities. 2. A remote command execution vulnerability 3. Directory-traversal vulnerability. 4. An SQL-injection vulnerability. 5. A security vulnerability...

Intel PROSet/Wireless WiFi Software Multiple Security Vulnerabilities

Description Intel PROSet/Wireless WiFi Software is prone to multiple security vulnerabilities. A local attacker can leverage these issues to gain elevated privileges, obtain sensitive information or cause denial-of-service conditions. Versions prior to Intel PROSet/Wireless WiFi Software 21.40 ar...

Lenovo ThinkPad CVE-2019-6172 Remote Code Execution Vulnerability

Description Lenovo is prone to a remote code-execution vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Technologies Affected Lenovo Thinkpad Recommendations Block external access at the network boundary, unle...

SAP Enable Now CVE-2019-0385 Unspecified Cross Site Scripting Vulnerability

Description SAP Enable Now is prone to an unspecified cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site...

SAP Treasury and Risk Management CVE-2019-0384 Remote Authorization Bypass Vulnerability

Description SAP Treasury and Risk Management is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks. Technologies Affected SAP EA-FINSERV 6.0 SAP EA-FINSERV 6.03 SAP EA-FINSE...

Microsoft Excel CVE-2019-1448 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...

Microsoft Excel CVE-2019-1446 Information Disclosure Vulnerability

Description Microsoft Excel is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Excel 2010 Service Pack 2 32-bit editions Microsoft Excel 2010 Service Pack 2 64-bit...

Microsoft Exchange Server CVE-2019-1373 Remote Code Execution Vulnerability

Description Microsoft Exchange Server is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...

Microsoft Edge Chakra Scripting Engine CVE-2019-1428 Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...

SAP Diagnostics Agent CVE-2019-0390 Information Disclosure Vulnerability

Description SAP Diagnostics Agent is prone to an unspecified information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. SAP Diagnostic Agent LM-Service version 7.20 is vulnerable; other versions may also be...

Microsoft Windows CVE-2019-1391 Denial of Service Vulnerability

Description Microsoft Windows is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft...

Microsoft Windows Data Sharing Service CVE-2019-1417 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windo...

Microsoft Office Online CVE-2019-1447 Spoofing Vulnerability

Description Microsoft Office Online is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Office...

Intel Software Guard Extensions CVE-2019-0117 Local Information Disclosure Vulnerability

Description Intel Software Guard Extensions SGX is prone to a local information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. The following Intel products are affected: 6th Generation Intel Core processors 7th Generatio...

Adobe Bridge CC APSB19-53 Multiple Unspecified Memory Corruption Vulnerabilities

Description Adobe Bridge CC is prone to multiple unspecified memory-corruption vulnerabilities. Attackers can exploit these issues to obtain sensitive information that may aid in further attacks. Adobe Bridge CC 9.1 is vulnerable. Technologies Affected Adobe Bridge CC 9.1 Recommendations Deploy...

TIBCO EBX Add-on CVE-2019-17331 Cross Site Scripting Vulnerability

Description TIBCO EBX Add-on is prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let t...

Microsoft Windows Hyper-V CVE-2019-1398 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Hyper-V Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10...

Intel Ethernet 700 Series Controllers CVE-2019-0140 Buffer Overflow Vulnerability

Description Intel Ethernet 700 Series Controllers are prone to a buffer-overflow vulnerability. An attacker can exploit this issue to obtain elevated privileges that may aid in further attacks. Intel Ethernet 700 Series Controllers versions prior to 7.0 are vulnerable. Technologies Affected Citri...

Microsoft Windows Remote Procedure Call CVE-2019-1409 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Versi...

Microsoft Windows UPnP Service CVE-2019-1405 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Window...

Microsoft Windows GDI CVE-2019-1439 Information Disclosure Vulnerability

Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...

Microsoft Windows Hyper-V CVE-2019-1389 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Hyper-V Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10...

TIBCO EBX Add-on CVE-2019-17332 Cross Site Scripting Vulnerability

Description TIBCO EBX Add-on is prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let t...

Microsoft Windows Certificate Dialog CVE-2019-1388 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Window...

Microsoft Windows Hyper-V CVE-2019-1309 Denial of Service Vulnerability

Description Microsoft Windows is prone to a denial of service vulnerability. An attacker can exploit this issue to crash the host machine, resulting in a denial of service condition. Technologies Affected Microsoft Hyper-V Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows ...

Microsoft Windows DirectWrite CVE-2019-1432 Information Disclosure Vulnerability

Description Microsoft Windows is prone to an information-disclosure vulnerability. An attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1...

Microsoft Windows CVE-2019-1420 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges and execute arbitrary code. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-bas...

SAP Business Objects Business Intelligence Platform CVE-2019-0382 Cross Site Scripting Vulnerability

Description SAP Business Objects Business Intelligence Platform is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the contex...

Microsoft Internet Explorer VBScript Engine CVE-2019-1390 Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the current user. Failed exploit attempts may result in a denial of service condition. Internet explorer 9, 10, and 11 are...

VMware Workstation and Fusion VMSA-2019-0021 Multiple Security Vulnerabilities

Description VMware Workstation and Fusion are prone to multiple security vulnerabilities. An attacker can leverage these issues to execute arbitrary code in the context of the affected system, gain sensitive information and cause a denial of service condition. The following VMware products are...

Microsoft Windows Graphics Component CVE-2019-1435 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft...

Microsoft Windows Data Sharing Service CVE-2019-1379 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft...

Intel Xeon Scalable Processors CVE-2019-11139 Denial of Service Vulnerability

Description Intel Xeon Scalable Processors are prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Intel Xeon Scalable Processors Redhat Enterprise Linux 5 Redhat Enterprise Linux 6 Redhat Enterprise Linux 7...

Microsoft Office CVE-2019-1449 Security Bypass Vulnerability

Description Microsoft Office is prone to a security bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions; this may aid in launching further attacks. Technologies Affected Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editio...

SAP NetWeaver AS Java CVE-2019-0391 Information Disclosure Vulnerability

Description SAP NetWeaver AS Java is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. SAP NetWeaver AS Java versions 7.10, 7.20, 7.30, 7.31, 7.4 and 7.5 are vulnerable. Technologies Affect...