Juniper Junos J-Web CVE-2019-0047 HTML Injection Vulnerability

Description Juniper Junos is prone to an HTML-injection vulnerability. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is...

Juniper Junos CVE-2019-0059 Memory Leak Denial of Service Vulnerability

Description Juniper Junos is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause a process crash, denying service to legitimate users. The following versions of Juniper Junos are affected: Juniper Junos 18.1 versions prior to 18.1R2-S4, 18.1R3-S1 are vulnerable...

Juniper Junos CVE-2019-0056 Denial of Service Vulnerability

Description Juniper Junos is prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause denial-of-service conditions. Technologies Affected Juniper Junos 18.1 Juniper Junos 18.1R1 Juniper Junos 18.1R2 Juniper Junos 18.1R2-S1 Juniper Junos 18.1R2-S2 Juniper Junos...

Juniper Junos CVE-2019-0050 Denial of Service Vulnerability

Description Juniper Junos is prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause denial-of-service conditions. Technologies Affected Juniper Junos 15.1X49 Juniper Junos 15.1X49-D10 Juniper Junos 15.1X49-D100 Juniper Junos 15.1X49-D101 Juniper Junos 15.1X49-D110...

Juniper Junos CVE-2019-0065 Denial of Service Vulnerability

Description Juniper Junos is prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause denial-of-service conditions. The following versions of Junos on Juniper MX-Series platform are vulnerable: Juniper Junos 16.1 versions prior to 16.1R7-S5 Juniper Junos 16.2 versio...

QEMU CVE-2019-12067 Null Pointer Dereference Denial of Service Vulnerability

Description QEMU is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected QEMU QEMU Recommendations Block external access at the network boundary, unless external parties require service. If global access isn't...

Juniper Junos CVE-2019-0057 Local Authorization Bypass Vulnerability

Description Juniper Junos is prone to a local authorization-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Versions prior to Junos OS 18.2R1, and 18.2X75-D5 are vulnerable. Technologies Affected Juniper Junos 18.2...

NetApp SnapManager for Oracle CVE-2019-5507 Unspecified Local Information Disclosure Vulnerability

Description NetApp SnapManager for Oracle is prone to an unspecified local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information or perform unauthorized actions on data. Versions prior to NetApp SnapManager for Oracle 3.4.2P1 are vulnerable...

OpenSSH CVE-2019-16905 Integer Overflow Vulnerability

Description OpenSSH is prone to an integer overflow vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition. OpenSSH versions 7.7 through 7.9 and 8.x prior to...

Juniper Junos CVE-2019-0063 Denial of Service Vulnerability

Description Juniper Junos is prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause denial-of-service conditions. Technologies Affected Juniper Junos 15.1 Juniper Junos 15.1A2 Juniper Junos 15.1F1 Juniper Junos 15.1F2 Juniper Junos 15.1F2-S14 Juniper Junos...

Juniper Junos CVE-2019-0068 Denial of Service Vulnerability

Description Juniper Junos is prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause denial-of-service conditions. Technologies Affected Juniper Junos 12.3X48 Juniper Junos 12.3X48-D10 Juniper Junos 12.3X48-D15 Juniper Junos 12.3X48-D20 Juniper Junos 12.3X48-D25...

Juniper Junos CVE-2019-0051 Denial of Service Vulnerability

Description Juniper Junos is prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause denial-of-service conditions. The following versions of Junos on Juniper SRX5000 Series devices are vulnerable: Juniper Junos 12.3X48 versions prior to 12.3X48-D85 Juniper Junos...

Juniper Junos CVE-2019-0061 Local Privilege Escalation Vulnerability

Description Juniper Junos is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. The following versions of Juniper Junos are affected: Junper Junos 15.1X49 versions prior to 15.1X49-D171 and 15.1X49-D180 Junper Junos 15.1X53...

PHP 'Closure::bindTo' Memory Corruption Vulnerability

Description PHP is prone to a a memory-corruption vulnerability. Successful exploits may allow the attacker to cause denial-of-service condition. Versions prior to PHP 7.4.0 are vulnerable. Technologies Affected PHP PHP 7.3.0 PHP PHP 7.3.1 PHP PHP 7.3.10 PHP PHP 7.3.11 PHP PHP 7.3.2 PHP PHP 7.3.3...

Cobham EXPLORER 710 Multiple Security Vulnerabilities

Description Cobham EXPLORER 710 is prone to multiple security vulnerabilities: 1. Multiple security weaknesses 2. Multiple access-bypass vulnerabilities 3. An information-disclosure vulnerability 4. An arbitrary file upload vulnerability An attacker may exploit these issues to perform certain...

Juniper Junos CVE-2019-0055 Denial of Service Vulnerability

Description Juniper Junos is prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause denial-of-service conditions. Technologies Affected Juniper Junos 12.3X48 Juniper Junos 12.3X48-D10 Juniper Junos 12.3X48-D15 Juniper Junos 12.3X48-D20 Juniper Junos 12.3X48-D25...

Juniper Junos CVE-2019-0060 Denial of Service Vulnerability

Description Juniper Junos is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause a process crash, denying service to legitimate users. The following versions of Juniper Junos are affected: Juniper Junos 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180 are...

Juniper Junos CVE-2019-0071 Local Security Bypass Vulnerability

Description Juniper Junos is prone to a local security-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Junos OS versions 18.1R3-S4 and 18.3R1-S3 for EX2300, EX2300-C and EX3400 platforms are vulnerable. Technologies...

Juniper Junos CVE-2019-0058 Local Privilege Escalation Vulnerability

Description Juniper Junos is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Juniper Junos 12.3X48 versions prior to 12.3X48-D80 are vulnerable Technologies Affected Juniper Junos 12.3X48 Juniper Junos 12.3X48-D10 Juniper...

Juniper Junos CVE-2019-0074 Local Directory Traversal Vulnerability

Description Juniper Junos is prone to a local directory-traversal vulnerability. An attacker can exploit this issue using directory-traversal characters '../' to read arbitrary files that contain sensitive information or to access files outside of the restricted directory to obtain sensitive...

Juniper Junos CVE-2019-0062 Session Fixation Vulnerability

Description Juniper Junos is prone to a session-fixation vulnerability. An attacker can hijack an arbitrary session and gain unauthorized access to the affected application. The following versions of Juniper Junos are affected: Junper Junos 12.3 versions prior to 12.3R12-S15 for Juniper EX Series...

iTerm2 CVE-2019-9535 Remote Command Execution Vulnerability

Description iTerm2 is prone to a remote command-injection vulnerability Attackers can exploit this issue to execute arbitrary commands on the system. iTerm2 version 3.3.5 and prior versions are vulnerable. Technologies Affected iTerm2 iTerm2 3.0.4 iTerm2 iTerm2 3.1.0 iTerm2 iTerm2 3.1.5 iTerm2...

Juniper SBR Carrier CVE-2019-0072 Information Disclosure Vulnerability

Description Juniper SBR Carrier is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. The following product versions are affected: Juniper SBR Carrier versions from 8.4.1 prior to 8.4.1R13...

Juniper Junos CVE-2019-0073 Local Insecure File Permissions Vulnerability

Description Juniper Junos is prone to a local insecure file-permission vulnerability. A local attacker can exploit this issue to access sensitive information stored in the file-system. The following versions of Junos are vulnerable. Juniper Junos 15.1X49 versions prior to 15.1X49-D180 Juniper Jun...

Multiple Intel NUC Products Multiple Unspecified Local Security Vulnerabilities

Description Multiple Intel NUC Products are prone to multiple unspecified local security vulnerabilities. Local attackers can leverage these issues to gain elevated privileges, cause denial-of-service conditions or obtain sensitive information. The following products of Intel are vulnerable: Inte...

Microsoft Windows Remote Desktop Client CVE-2019-1333 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Windows 10 Version 1607 f...

Microsoft Windows Error Reporting CVE-2019-1319 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Attackers can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows ...

WebKit Information Disclosure and Security Vulnerability

Description WebKit is prone to an information-disclosure and a security vulnerability. Successful exploits may allow the attacker to gain access to sensitive information. Information obtained may lead to further attacks. Technologies Affected Apple IMac Apple Mac Pro Apple MacBook Apple MacMini...

SAP NetWeaver Process Integration CVE-2019-0367 Remote Authorization Bypass Vulnerability

Description SAP NetWeaver Process Integration is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks. SAP NetWeaver Process Integration versions 1.0 and 2.0 are vulnerable...

Microsoft Windows Imaging API CVE-2019-1311 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...

Microsoft Internet Explorer CVE-2019-1371 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Internet...

Microsoft Dynamics 365 CVE-2019-1375 Cross Site Scripting Vulnerability

Description Microsoft Dynamics 365 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...

Microsoft Windows Win32k CVE-2019-1364 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Syste...

Microsoft Edge Chakra Scripting Engine CVE-2019-1308 Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...

Microsoft Windows CVE-2019-1320 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attackers can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft...

Microsoft Windows JET Database Engine CVE-2019-1358 Remote Code Execution Vulnerability

Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...

Microsoft Edge Chakra Scripting Engine CVE-2019-1335 Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...

Microsoft Internet Explorer and Edge CVE-2019-0608 Spoofing Vulnerability

Description Microsoft Internet Explorer and Edge are prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected...

Microsoft Edge Chakra Scripting Engine CVE-2019-1307 Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...

SAP BusinessObjects Business Intelligence Platform Multiple Cross Site Scripting Vulnerabilities

Description SAP BusinessObjects Business Intelligence Platform is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Remote attackers can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in...

Microsoft Windows Update Client CVE-2019-1337 Information Disclosure Vulnerability

Description Microsoft Windows Update Client is prone to an information-disclosure vulnerability. An attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10...

Siemens SIMATIC IT UADM CVE-2019-13929 Hardcoded Cryptographic Key Vulnerability

Description Siemens SIMATIC IT UADM is prone to a hard-coded cryptographic key vulnerability. An attacker can exploit this issue to gain unauthorized access to the vulnerable device and perform unauthorized actions. Versions prior to SIMATIC IT UADM 1.3 are vulnerable. Technologies Affected Sieme...

Microsoft SQL Server Management Studio CVE-2019-1376 Information Disclosure Vulnerability

Description Microsoft SQL Server Management Studio is prone to an information-disclosure vulnerability. An attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft SQL Server Management Studio 18.3.1 Recommendations Block...

Microsoft SharePoint CVE-2019-1330 Remote Privilege Escalation Vulnerability

Description Microsoft SharePoint is prone to a remote privilege-escalation vulnerability. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundati...

Microsoft Excel CVE-2019-1327 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...

Microsoft Windows CVE-2019-1336 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can leverage this issue to execute arbitrary code in the security context of the local system. Technologies Affected Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10...

Microsoft SharePoint Server CVE-2019-1329 Remote Privilege Escalation Vulnerability

Description Microsoft SharePoint Server is prone to a remote privilege-escalation vulnerability. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint...

Microsoft Windows CVE-2019-1346 Denial of Service Vulnerability

Description Microsoft Windows is prone to a denial of service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft...

Microsoft Windows CVE-2019-1342 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-bas...

Microsoft Edge and Internet Explorer CVE-2019-1357 Spoofing Vulnerability

Description Microsoft Edge and Internet Explorer are prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected...