6867 matches found
Cisco Identity Services Engine CVE-2019-15281 HTML Injection Vulnerability
Description Cisco Identity Services Engine is prone to an HTML-injection vulnerability because it fails to properly validate user-supplied input. Successful exploits will result in the execution of arbitrary attacker-supplied HTML and script code in the context of the affected application,...
Cisco SPA100 Series Analog Telephone Adapters CVE-2019-12702 Cross Site Scripting Vulnerability
Description Cisco SPA100 Series Analog Telephone Adapters are prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...
Multiple Cisco Products CVE-2019-12636 Cross Site Request Forgery Vulnerability
Description Multiple Cisco Products are prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible. This issue is being tracked by Cisco...
Cisco Firepower Management Center CVE-2019-15270 HTML Injection Vulnerability
Description Cisco Firepower Management Center is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attack...
Cisco Aironet Access Points CVE-2019-15261 Denial of Service Vulnerability
Description Cisco Aironet Access Points is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. This issue is being tracked by Cisco Bug ID CSCvk79807. Technologies Affected Cisco Aironet 1810 Series Access Points Cisco Aironet 183...
Cisco SPA100 Series Analog Telephone Adapters CVE-2019-12704 Information Disclosure Vulnerability
Description Cisco SPA100 Series Analog Telephone Adapters are prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCvq50503. Technologies Affected...
Cisco Identity Services Engine CVE-2019-12638 HTML Injection Vulnerability
Description Cisco Identity Services Engine is prone to an HTML-injection vulnerability because it fails to properly validate user-supplied input. Successful exploits will result in the execution of arbitrary attacker-supplied HTML and script code in the context of the affected application,...
Drupal Booking and Availability Management Tools Module Access Bypass Vulnerability
Description The Booking and Availability Management Tools BAT module for Drupal is prone to an access-bypass vulnerability. Attackers can leverage this issue to bypass security restrictions and perform unauthorized actions; this may aid in launching further attacks. Booking and Availability...
ISC BIND CVE-2019-6475 Authentication Bypass Vulnerability
Description ISC BIND is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to perform unauthorized actions. This may aid in further attacks. ISC BIND versions 9.14.0 through 9.14.6, and 9.15.0 through 9.15.4 are vulnerable. Technologies Affected ISC Bind 9.14.0 IS...
Cisco Firepower Management Center Multiple Cross Site Scripting Vulnerabilities
Description Cisco Firepower Management Center is prone to multiple cross-site scripting vulnerabilities because they fail to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the...
Cisco TelePresence CE Software CVE-2019-15275 Local Privilege Escalation Vulnerability
Description Cisco TelePresence Collaboration Endpoint Software is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary commands with root level privileges. This issue is being tracked by Cisco Bug IDs CSCvq29890 and CSCvq29895. Versions...
Cisco Small Business Smart and Managed Switches CVE-2019-12718 Cross Site Scripting Vulnerability
Description Cisco Small Business Smart and Managed Switches are prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of th...
Jenkins Plugins Multiple Security Vulnerabilities
...
Cisco TelePresence CE Software CVE-2019-15277 Local Privilege Escalation Vulnerability
Description Cisco TelePresence Collaboration Endpoint Software is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary commands with root level privileges. This issue is being tracked by Cisco Bug ID CSCvp93715. Versions prior to Cisco...
Cisco SPA100 Series Analog Telephone Adapters CVE-2019-15258 Denial of Service Vulnerability
Description Cisco SPA100 Series Analog Telephone Adapters are prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. This issue is being tracked by Cisco Bug ID CSCvq50529. Technologies Affected Cisco Small Business Voice...
Cisco SPA100 Series Analog Telephone Adapter Multiple Arbitrary Code Execution Vulnerabilities
Description Cisco SPA100 Series Analog Telephone Adapter is prone to multiple arbitrary code-execution vulnerabilities. Successfully exploiting these issues will allow attackers to execute arbitrary code with elevated privileges. These issues are being tracked by Cisco Bug ID CSCvq50494...
SQLite CVE-2019-8457 Out of Bounds Read Heap Buffer Overflow Vulnerability
Description SQLite is prone to a remote heap-based buffer-overflow vulnerability. Attackers can exploit this issue to crash the application, resulting in a denial-of-service condition. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed...
Cisco Aironet Access Points CVE-2019-15260 Unauthorized Access Vulnerability
Description Cisco Aironet Access Points is prone to an unauthorized access vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions, gain elevated privileges. This may aid in launching further attacks. This issue is tracked by Cisc...
ISC BIND CVE-2019-6476 Remote Denial of Service Vulnerability
Description ISC BIND is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. ISC BIND 9.14.0 through 9.14.6, and 9.15.0 through 9.15.4 are vulnerable. Technologies Affected ISC Bind 9.14.0 ISC Bind 9.14.1 ISC Bind 9.14.2 ISC...
Ansible CVE-2019-14864 Multiple Information Disclosure Vulnerabilities
Description Ansible is prone to multiple information-disclosure vulnerabilities. Successfully exploiting these issues may allow an attacker to obtain sensitive information that may aid in further attacks. Technologies Affected AnsibleWorks ansible Redhat Ansible Engine 2 Recommendations Block...
VMware SD-WAN by VeloCloud CVE-2019-5533 Information Disclosure Vulnerability
...
Cisco Expressway Series and Telepresence VCS CVE-2019-12705 Cross Site Scripting Vulnerability
Description Cisco Expressway Series and Telepresence Video Communication Server VCS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting us...
Linux Kernel CVE-2019-17666 Buffer Overflow Vulnerability
Description Linux Kernel is prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. An attacker can exploit this issue to cause a denial-of-service condition. Due to the nature of this issue, code...
Oracle Solaris CVE-2019-2765 Local Security Vulnerability
Description Oracle Solaris is prone to a local security vulnerability. This issue affects the 'Filesystem' component. This vulnerability affects the following supported version: 11, 10 Technologies Affected Oracle Solaris 10 Oracle Solaris 11 Recommendations Permit local access for trusted...
Oracle Hospitality RES 3700 CVE-2019-3025 Remote Security Vulnerability
Description Oracle Hospitality RES 3700 is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Interface' package is affected. This vulnerability affects the following supported versions: 5.7 Technologies Affected Oracle Hospitality RES 3700...
Oracle Java SE/Java SE Embedded CVE-2019-2949 Remote Security Vulnerability
Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over 'Kerberos' protocol. This issue affects the 'Kerberos' component. This vulnerability affects the following supported versions: Java SE: 7u231, 8u221, 11.0.4, 13;...
Oracle Java SE/Java SE Embedded CVE-2019-2964 Remote Security Vulnerability
Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over Multiple protocols. This issue affects the 'Concurrency' component. This vulnerability affects the following supported versions: Java SE: 7u231, 8u221, 11.0.4, 13;...
Oracle VM VirtualBox Multiple Local Security Vulnerabilities
Description Oracle VM VirtualBox is prone to multiple local security vulnerabilities in the 'Core' component. These vulnerabilities affect the following supported versions: Prior to 5.2.32, prior to 6.0.14 Technologies Affected Oracle VM VirtualBox 1.6 Oracle VM VirtualBox 1.6.0 Oracle VM...
Oracle Hyperion Data Relationship Management CVE-2019-2927 Remote Security Vulnerability
Description Oracle Hyperion Data Relationship Management is prone to a remote security vulnerability. The vulnerability can be exploited over HTTP protocol. This issue affects the 'Access and Security' component. This vulnerability affects the following supported versions: 11.1.2.4 Technologies...
Oracle Java SE/Java SE Embedded CVE-2019-2933 Remote Security Vulnerability
Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over Multiple protocols. This issue affects the 'Libraries' component. This vulnerability affects the following supported versions: Java SE: 7u231, 8u221, 11.0.4, 13;...
Oracle Java SE/Java SE Embedded CVE-2019-2996 Remote Security Vulnerability
Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over Multiple protocols. This issue affects the 'Deployment' component. This vulnerability affects the following supported versions: Java SE: 8u221; Java SE Embedded:...
Oracle Retail Customer Management and Segmentation Foundation Remote Security Vulnerability
Description Oracle Retail Customer Management and Segmentation Foundation is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Segment' component is affected. This vulnerability affects the following supported versions: 17.0 Technologies...
Sonatype Nexus Repository Manager CVE-2019-15588 OS Command Injection Vulnerability
Description Sonatype Nexus Repository Manager is prone to an OS command-injection vulnerability. An attacker may exploit this issue to inject and execute arbitrary commands within the context of the affected application; this may aid in further attacks. Versions prior to Nexus Repository Manager...
Oracle Java SE/Java SE Embedded CVE-2019-2973 Remote Security Vulnerability
Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over Multiple protocols. This issue affects the 'JAXP' component. This vulnerability affects the following supported versions: Java SE: 7u231, 8u221, 11.0.4, 13; Java S...
Adobe Acrobat and Reader CVE-2019-8160 Cross Site Scripting Vulnerability
Description Adobe Acrobat and Reader are prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication...
Oracle MySQL Server Cpuoct2019 Multiple Security Vulnerabilities
Description Oracle MySQL Server is prone to multiple security vulnerabilities. These vulnerabilities can be exploited over 'MySQL Protocol' protocol. The 'Server: Optimizer' and 'Information Schema' components are affected. These vulnerabilities affect the following supported versions: 5.6.45 and...
Oracle Primavera P6 Enterprise Project Portfolio Management Remote Security Vulnerability
Description Oracle Primavera P6 Enterprise Project Portfolio Management is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Web Access' component is affected. This vulnerability affects the following supported versions: 17.1.0 through...
Oracle Primavera P6 Enterprise Project Portfolio Management Remote Security Vulnerability
Description Oracle Primavera P6 Enterprise Project Portfolio Management is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Web Access' component is affected. This vulnerability affects the following supported versions: 15.1.0 through...
Oracle Retail Customer Management and Segmentation Foundation Remote Security Vulnerability
Description Oracle Retail Customer Management and Segmentation Foundation is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Segment' component is affected. This vulnerability affects the following supported versions: 17.0 Technologies...
Oracle E-Business Suite CVE-2019-2990 Remote Security Vulnerability
Description Oracle E-Business Suite is prone to a remote security vulnerability in Oracle iStore. The vulnerability can be exploited over the 'HTTP' protocol. The 'Order Tracker' component is affected. This vulnerability affects the following supported versions: 12.1.1 through 12.1.3 and 12.2.3...
Oracle JDeveloper and ADF CVE-2019-2904 Remote Security Vulnerability
Description Oracle JDeveloper and ADF are prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'ADF Faces' package is affected. This vulnerability affects the following supported versions: 11.1.1.9.0, 12.1.3.0.0, 12.2.1.3.0 Technologies Affect...
Oracle Siebel UI Framework CVE-2019-2935 Remote Security Vulnerability
Description Oracle Siebel UI Framework is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'EAI' component is affected. This vulnerability affects the following supported versions: 19.8 and prior Technologies Affected Oracle Siebel...
Oracle Java SE/Java SE Embedded CVE-2019-2989 Remote Security Vulnerability
Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over Multiple protocols. This issue affects the 'Networking' component. This vulnerability affects the following supported versions: Java SE: 7u231, 8u221, 11.0.4, 13;...
Oracle Enterprise Manager CVE-2019-2895 Remote Security Vulnerability
Description Oracle Enterprise Manager is prone to a remote security vulnerability in Enterprise Manager for Exadata. The vulnerability can be exploited over the 'HTTP' protocol. The 'Exadata Plug-In Deploy and Ins' component is affected. This vulnerability affects the following supported versions...
Oracle MySQL Connectors CVE-2019-2920 Remote Security Vulnerability
Description Oracle MySQL Connectors is prone to a remote security vulnerability. The vulnerability can be exploited over the 'MySQL Protocol' Protocol. The 'Connector/ODBC' component is affected. This vulnerability affects the following supported versions: 5.3.13 and prior, 8.0.17 and prior...
Oracle Java SE/Java SE Embedded CVE-2019-2958 Remote Security Vulnerability
Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over Multiple protocols. This issue affects the 'Libraries' component. This vulnerability affects the following supported versions: Java SE: 7u231, 8u221, 11.0.4, 13;...
Oracle PeopleSoft Enterprise HCM Human Resources CVE-2019-2951 Remote Security Vulnerability
Description Oracle PeopleSoft Enterprise HCM Human Resources is prone to a remote security vulnerability. These vulnerabilities can be exploited over the 'HTTP' protocol. These vulnerabilities affect the following supported versions: 9.2 Technologies Affected Oracle PeopleSoft Enterprise HCM Huma...
Adobe Experience Manager APSB19-48 Multiple Security Vulnerabilities
Description Adobe Experience Manager is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary script code in the context of the affected website. This may allow the attacker to steal cookie-based authentication credentials, to gain access to sensitive...
Oracle Hyperion Enterprise Performance Management Architect Remote Security Vulnerability
Description Oracle Hyperion Enterprise Performance Management Architect is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Workspace' sub component is affected. This vulnerability affects the following supported versions: 11.1.2.4...
Adobe Acrobat and Reader APSB19-49 Multiple Arbitrary Code Execution Vulnerabilities
Description Adobe Acrobat and Reader are prone to multiple arbitrary code-execution vulnerabilities. Successfully exploiting these issues allows attackers to execute arbitrary code in the context of current user running the affected application. Failed exploits will result in denial-of-service...