6867 matches found
PHP 'Closure::bindTo' Memory Corruption Vulnerability
Description PHP is prone to a a memory-corruption vulnerability. Successful exploits may allow the attacker to cause denial-of-service condition. Versions prior to PHP 7.4.0 are vulnerable. Technologies Affected PHP PHP 7.3.0 PHP PHP 7.3.1 PHP PHP 7.3.10 PHP PHP 7.3.11 PHP PHP 7.3.2 PHP PHP 7.3.3...
IBM Maximo Asset Management CVE-2019-4512 Information Disclosure Vulnerability
Description IBM Maximo Asset Management is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected IBM Control Desk IBM Maximo Asset Management 7.6.1.1 IBM Maximo for Aviation IBM...
Juniper Junos CVE-2019-0075 Denial of Service Vulnerability
Description Juniper Junos is prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause denial-of-service conditions. Technologies Affected Juniper Junos 12.3X48 Juniper Junos 12.3X48-D10 Juniper Junos 12.3X48-D15 Juniper Junos 12.3X48-D20 Juniper Junos 12.3X48-D25...
Cobham EXPLORER 710 Multiple Security Vulnerabilities
Description Cobham EXPLORER 710 is prone to multiple security vulnerabilities: 1. Multiple security weaknesses 2. Multiple access-bypass vulnerabilities 3. An information-disclosure vulnerability 4. An arbitrary file upload vulnerability An attacker may exploit these issues to perform certain...
iTerm2 CVE-2019-9535 Remote Command Execution Vulnerability
Description iTerm2 is prone to a remote command-injection vulnerability Attackers can exploit this issue to execute arbitrary commands on the system. iTerm2 version 3.3.5 and prior versions are vulnerable. Technologies Affected iTerm2 iTerm2 3.0.4 iTerm2 iTerm2 3.1.0 iTerm2 iTerm2 3.1.5 iTerm2...
Juniper Junos CVE-2019-0062 Session Fixation Vulnerability
Description Juniper Junos is prone to a session-fixation vulnerability. An attacker can hijack an arbitrary session and gain unauthorized access to the affected application. The following versions of Juniper Junos are affected: Junper Junos 12.3 versions prior to 12.3R12-S15 for Juniper EX Series...
Juniper Junos CVE-2019-0058 Local Privilege Escalation Vulnerability
Description Juniper Junos is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Juniper Junos 12.3X48 versions prior to 12.3X48-D80 are vulnerable Technologies Affected Juniper Junos 12.3X48 Juniper Junos 12.3X48-D10 Juniper...
OpenSSH CVE-2019-16905 Integer Overflow Vulnerability
Description OpenSSH is prone to an integer overflow vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition. OpenSSH versions 7.7 through 7.9 and 8.x prior to...
NetApp SnapManager for Oracle CVE-2019-5507 Unspecified Local Information Disclosure Vulnerability
Description NetApp SnapManager for Oracle is prone to an unspecified local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information or perform unauthorized actions on data. Versions prior to NetApp SnapManager for Oracle 3.4.2P1 are vulnerable...
Juniper Junos CVE-2019-0071 Local Security Bypass Vulnerability
Description Juniper Junos is prone to a local security-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Junos OS versions 18.1R3-S4 and 18.3R1-S3 for EX2300, EX2300-C and EX3400 platforms are vulnerable. Technologies...
NixOS Nix CVE-2019-17365 Local Privilege Escalation Vulnerability
Description NixOS Nix is prone to a local privilege-escalation vulnerability. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Nix versions through 2.3 are vulnerable. Technologies Affected NixOS Nix 1.0 NixOS Nix 1.5 NixOS Nix 1.9...
Juniper Junos CVE-2019-0068 Denial of Service Vulnerability
Description Juniper Junos is prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause denial-of-service conditions. Technologies Affected Juniper Junos 12.3X48 Juniper Junos 12.3X48-D10 Juniper Junos 12.3X48-D15 Juniper Junos 12.3X48-D20 Juniper Junos 12.3X48-D25...
Juniper Junos CVE-2019-0064 Denial of Service Vulnerability
Description Juniper Junos is prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause denial-of-service conditions. The following versions of Juniper Junos are affected: Juniper Junos 18.2R3 for SRX 5000 Series platform. Juniper Junos 18.4R2 for SRX 5000 Series...
Juniper Junos CVE-2019-0066 Denial of Service Vulnerability
Description Juniper Junos is prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause denial-of-service conditions. Technologies Affected Juniper Junos 15.1 Juniper Junos 15.1A2 Juniper Junos 15.1F1 Juniper Junos 15.1F2 Juniper Junos 15.1F2-S14 Juniper Junos...
Juniper Junos CVE-2019-0055 Denial of Service Vulnerability
Description Juniper Junos is prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause denial-of-service conditions. Technologies Affected Juniper Junos 12.3X48 Juniper Junos 12.3X48-D10 Juniper Junos 12.3X48-D15 Juniper Junos 12.3X48-D20 Juniper Junos 12.3X48-D25...
Juniper Junos CVE-2019-0067 Denial of Service Vulnerability
Description Juniper Junos is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to crash the affected device, denying service to legitimate users. Technologies Affected Juniper Junos 16.1 Juniper Junos 16.1R1 Juniper Junos 16.1R2 Juniper Junos 16.1R3 Juniper Junos...
Nitro Software NitroPDF Multiple Remote Code Execution and Memory Corruption Vulnerabilities
Description Nitro Software NitroPDF is prone to multiple remote code-execution vulnerabilities and a memory-corruption vulnerability. Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause...
Juniper Junos CVE-2019-0056 Denial of Service Vulnerability
Description Juniper Junos is prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause denial-of-service conditions. Technologies Affected Juniper Junos 18.1 Juniper Junos 18.1R1 Juniper Junos 18.1R2 Juniper Junos 18.1R2-S1 Juniper Junos 18.1R2-S2 Juniper Junos...
QEMU CVE-2019-12067 Null Pointer Dereference Denial of Service Vulnerability
Description QEMU is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected QEMU QEMU Recommendations Block external access at the network boundary, unless external parties require service. If global access isn't...
Juniper SBR Carrier CVE-2019-0072 Information Disclosure Vulnerability
Description Juniper SBR Carrier is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. The following product versions are affected: Juniper SBR Carrier versions from 8.4.1 prior to 8.4.1R13...
Juniper Junos CVE-2019-0057 Local Authorization Bypass Vulnerability
Description Juniper Junos is prone to a local authorization-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Versions prior to Junos OS 18.2R1, and 18.2X75-D5 are vulnerable. Technologies Affected Juniper Junos 18.2...
Juniper Junos CVE-2019-0063 Denial of Service Vulnerability
Description Juniper Junos is prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause denial-of-service conditions. Technologies Affected Juniper Junos 15.1 Juniper Junos 15.1A2 Juniper Junos 15.1F1 Juniper Junos 15.1F2 Juniper Junos 15.1F2-S14 Juniper Junos...
Juniper Junos CVE-2019-0051 Denial of Service Vulnerability
Description Juniper Junos is prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause denial-of-service conditions. The following versions of Junos on Juniper SRX5000 Series devices are vulnerable: Juniper Junos 12.3X48 versions prior to 12.3X48-D85 Juniper Junos...
Juniper Junos J-Web CVE-2019-0047 HTML Injection Vulnerability
Description Juniper Junos is prone to an HTML-injection vulnerability. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is...
Microsoft Open Enclave SDK CVE-2019-1369 Information Disclosure Vulnerability
Description Microsoft Open Enclave SDK is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Open Enclave SDK Recommendations Run all software as a nonprivileged user...
Microsoft Windows Hyper-V CVE-2019-1230 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Hyper-V Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft...
Citrix Application Delivery Management Unauthorized Access Vulnerability
Description Citrix Application Delivery Management is prone to an unauthorized-access vulnerability. Attackers can exploit this issue to gain unauthorized access to the affected application and gain elevated privileges. The following products of Citrix are affected: Citrix Application Delivery...
Microsoft Edge Chakra Scripting Engine CVE-2019-1335 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Sophos Cyberoam Firewall CVE-2019-17059 Remote Code Execution Vulnerability
Description Sophos Cyberoam Firewall is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Sophos CyberoamOS 10.6.6 MR-5 and prior are vulnerable. Technologies Affected Sophos CyberoamOS 10.6.6...
Intel Smart Connect Technology CVE-2019-11167 Local Privilege Escalation Vulnerability
Description Intel Smart Connect Technology is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Intel Smart Connect Technology for Intel NUC products is vulnerable. Technologies Affected Intel Smart Connect Technology...
Microsoft Edge Chakra Scripting Engine CVE-2019-1308 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Internet Explorer and Edge CVE-2019-0608 Spoofing Vulnerability
Description Microsoft Internet Explorer and Edge are prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected...
SMA Solar Technology AG Sunny WebBox CVE-2019-13529 Cross Site Request Forgery Vulnerability
Description SMA Solar Technology AG Sunny WebBox is prone to a cross-site request-forgery vulnerability. An attacker can exploit this issue to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible. Sunny WebBox versions 1.6 and prior are...
Microsoft SharePoint CVE-2019-1330 Remote Privilege Escalation Vulnerability
Description Microsoft SharePoint is prone to a remote privilege-escalation vulnerability. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundati...
Microsoft Office SharePoint CVE-2019-1070 Cross Site Scripting Vulnerability
Description Microsoft Office SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...
TIBCO MDM CVE-2019-11212 Multiple Unspecified Cross-Site Scripting Vulnerabilities
Description TIBCO MDM is prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site...
Microsoft Windows Remote Desktop Client CVE-2019-1333 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Windows 10 Version 1607 f...
Apple macOS/iCloud for Windows/iTunes CVE-2019-8745 Buffer Overflow Vulnerability
Description Apple macOS/iCloud for Windows/iTunes are prone to a buffer overflow vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in denial-of-service conditions. This issue has been fixed in:...
Multiple Intel NUC Products Multiple Unspecified Local Security Vulnerabilities
Description Multiple Intel NUC Products are prone to multiple unspecified local security vulnerabilities. Local attackers can leverage these issues to gain elevated privileges, cause denial-of-service conditions or obtain sensitive information. The following products of Intel are vulnerable: Inte...
Apple macOS/tvOS/iOS Multiple Memory Corruption Vulnerabilities
Description Apple macOS, TV OS, and iOS are prone to multiple memory-corruption vulnerabilities. Attackers can exploit these issues to execute arbitrary code. Failed exploit attempts may result in a denial-of-service condition. Technologies Affected Apple TV Apple iOS 10 Apple iOS 10.0.1 Apple iO...
Microsoft Windows Transport Layer Security CVE-2019-1318 Spoofing Vulnerability
Description Microsoft Windows is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Windows 10...
SAP BusinessObjects Business Intelligence Platform Multiple Cross Site Scripting Vulnerabilities
Description SAP BusinessObjects Business Intelligence Platform is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Remote attackers can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in...
Microsoft Windows JET Database Engine CVE-2019-1359 Remote Code Execution Vulnerability
Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Windows Error Reporting Manager CVE-2019-1315 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft...
Microsoft Windows CVE-2019-1347 Denial of Service Vulnerability
Description Microsoft Windows is prone to a denial of service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft...
WebKit Information Disclosure and Security Vulnerability
Description WebKit is prone to an information-disclosure and a security vulnerability. Successful exploits may allow the attacker to gain access to sensitive information. Information obtained may lead to further attacks. Technologies Affected Apple IMac Apple Mac Pro Apple MacBook Apple MacMini...
Microsoft Windows NTLM CVE-2019-1338 Security Bypass Vulnerability
Description Microsoft Windows is prone to a security bypass vulnerability. Successfully exploiting this issue may allow attackers to bypass certain security restrictions and perform unauthorized actions by conducting a man-in-the-middle attack. This may lead to other attacks. Technologies Affecte...
SAP NetWeaver Process Integration CVE-2019-0379 Authentication Bypass Vulnerability
Description SAP NetWeaver Process Integration is prone to an authentication-bypass vulnerability. Remote attackers can exploit this issue to bypass the authentication mechanism and gain unauthorized access. SAP NetWeaver Process Integration version 1.0 and 2.0 are vulnerable. Technologies Affecte...
Microsoft Windows Win32k CVE-2019-1364 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Syste...
Microsoft Windows CloudStore CVE-2019-1321 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft...