6867 matches found
Microsoft .NET CVE-2019-0864 Denial of Service Vulnerability
Description Microsoft .NET is prone to a remote denial of service vulnerability. An attacker can exploit this issue to cause a denial of service condition. Technologies Affected Microsoft .NET Framework 2.0 Microsoft .NET Framework 3.0 Microsoft .NET Framework 3.5 Microsoft .NET Framework 3.5.1...
Microsoft Windows JET Database Engine CVE-2019-0895 Remote Code Execution Vulnerability
Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Windows JET Database Engine CVE-2019-0891 Remote Code Execution Vulnerability
Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Edge Chakra Scripting Engine CVE-2019-0912 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft SharePoint Server CVE-2019-0958 Remote Privilege Escalation Vulnerability
Description Microsoft SharePoint Server is prone to a remote privilege-escalation vulnerability. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsoft SharePoint Foundation 2013 SP1 Microsoft SharePoint Serv...
Microsoft Edge Chakra Scripting Engine CVE-2019-0917 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Windows CVE-2019-0936 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the system. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft Windows 10 Version 1607 for...
Microsoft SharePoint Server CVE-2019-0957 Remote Privilege Escalation Vulnerability
Description Microsoft SharePoint Server is prone to a remote privilege-escalation vulnerability. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint...
Microsoft Edge Chakra Scripting Engine CVE-2019-0933 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Windows Error Reporting CVE-2019-0863 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Attackers can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows ...
Microsoft Windows Unified Write Filter CVE-2019-0942 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the system. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft Windows 10 Version 1607 for...
Microsoft Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability
Description Microsoft Azure DevOps Server and Team Foundation Server are prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Azure DevOps Server 2019 Microsoft...
Microsoft .NET CVE-2019-0820 Denial of Service Vulnerability
Description Microsoft .NET is prone to a remote denial of service vulnerability. An attacker can exploit this issue to cause a denial of service condition. Technologies Affected Microsoft .NET Core 1.0 Microsoft .NET Core 1.1 Microsoft .NET Core 2.1 Microsoft .NET Core 2.2 Microsoft .NET Framewor...
Microsoft Windows Win32k CVE-2019-0892 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10...
Microsoft Windows JET Database Engine CVE-2019-0898 Remote Code Execution Vulnerability
Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Apple macOS Multiple Security Vulnerabilities
Description Apple macOS is prone to multiple security vulnerabilities. An attacker can leverage these issues to bypass security restrictions and perform unauthorized actions, obtain sensitive information, execute arbitrary code within the context of the application or gain elevated privileges...
GraphicsMagick CVE-2019-19951 Heap Buffer Overflow Vulnerability
Description GraphicsMagick is prone to a heap-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it into an insufficiently sized buffer. Successful exploits may allow the attacker to crash the affected application. Due to the nature o...
Symantec Messaging Gateway Information Disclosure
SUMMARY Symantec has released an update to address an issue that was discovered in the Symantec Messaging Gateway SMG product. AFFECTED PRODUCTS Symantec Messaging Gateway SMG --- CVE | Affected Versions | Remediation CVE-2019-9699 | Prior to 10.7.0 | Upgrade to 10.7.0 ISSUES CVE-2019-9699 ---...
Symantec AV Engine Arbitrary File Deletion
SUMMARY Symantec has released an update to address an issue that was discovered in the Symantec AV Engine. AFFECTED PRODUCTS Symantec AV Engine For Mac Endpoints Only --- CVE | Affected Versions | Remediation CVE-2019-9698 | Prior to 13.0.9r17 | Upgrade to 13.0.9r17 via LiveUpdateTM ISSUES...
Philips Tasy EMR CVE-2019-6562 Cross Site Scripting Vulnerability
Description Philips Tasy EMR is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow...
Atlassian JIRA CVE-2019-3403 Information Disclosure Vulnerability
Description Atlassian JIRA is prone to an information-disclosure vulnerability. Successful exploits of this issue lead to the disclosure of sensitive information which may aid in launching further attacks. Jira versions prior to 7.13.3, 8.0.0 through and prior to 8.0.4 and 8.1.0 through and prior...
ImageMagick Multiple Heap Buffer Overflow Vulnerabilities
Description ImageMagick is prone to multiple heap-based buffer-overflow vulnerabilities. An attacker can exploit these issues to cause denial-of-service condition. Due to the nature of these issues, code execution may be possible but this has not been confirmed. ImageMagick version 7.0.8-43 Q16 i...
Atlassian JIRA CVE-2019-3402 Cross Site Scripting Vulnerability
Description Atlassian JIRA is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary HTML and script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication...
Atlassian JIRA CVE-2019-3401 Information Disclosure Vulnerability
Description Atlassian JIRA is prone to an information-disclosure vulnerability. Successful exploits of this issue lead to the disclosure of sensitive information which may aid in launching further attacks. Jira versions prior to 7.13.3 and 8.0.0 through and prior to 8.1.1 are vulnerable...
Pulse Connect Secure and Policy Secure CVE-2019-11509 Access Bypass Vulnerability
Description Pulse Connect Secure and Policy Secure are prone to an access-bypass vulnerability. An attacker can exploit this execute arbitrary code and perform unauthorized actions; this may aid in launching further attacks. The following products are vulnerable: Pulse Connect Secure 9.0RX, 8.3RX...
Oracle WebLogic Server Deserialization Remote Command Execution Vulnerability
Description Oracle WebLogic Server is prone to a remote command-execution vulnerability. Attackers can exploit this issue to execute an arbitrary command within the context of a user running the affected application. Failed exploit attempts may result in a denial-of-service condition. Oracle...
Pulse Connect Secure and Pulse Policy Secure Multiple Security Vulnerabilities
Description Pulse Connect Secure and Pulse Policy Secure are prone to the following vulnerabilities: 1. An arbitrary file read vulnerability 2. An arbitrary file-write vulnerability 3. A session-hijacking vulnerability 4. Multiple cross-site scripting vulnerabilities 5. Multiple information...
Kubernetes CVE-2019-11244 Local Unauthorized Access Vulnerability
Description Kubernetes is prone to a local unauthorized-access vulnerability. A local attacker can exploit this issue to gain unauthorized access to the affected application. This may aid in further attacks. Kubernetes version 1.8.x through 1.14.x are vulnerable. Technologies Affected IBM Cloud...
Linux Kernel CVE-2019-18805 Integer Overflow Vulnerability
Description Linux Kernel is prone to an integer overflow vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Given the nature of this issue, attackers may also be able to execute arbitrary code, but this has not been confirmed. Versions prior to Linux kernel...
JQuery CVE-2019-11358 Cross Site Scripting Vulnerability
Description JQuery is prone to a cross-site-scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the...
Apache Tomcat CVE-2019-0232 Remote Code Execution Vulnerability
Description Apache Tomcat is prone to a remote code-execution vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Apache Tomcat version 9.0.0.M1 through 9.0.17, 8.5.0 through 8.5.39 and 7.0.0 through 7.0.93 are...
Juniper Junos CVE-2019-0043 Denial of Service Vulnerability
Description Juniper Junos is prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause denial-of-service conditions. Technologies Affected Juniper ACX Series Juniper EX Series Juniper EX2300 Series Juniper EX3400 Series Juniper JUNOS 12.1X46-D25 Juniper JUNOS 12.3...
libxslt CVE-2019-11068 Security Bypass Vulnerability
Description libxslt is prone to a security-bypass vulnerability. Attackers can leverage this issue to bypass security restrictions and perform unauthorized actions; this may aid in launching further attacks. Technologies Affected Oracle JDKLinux Production Release 1.8.0 Update 221 Oracle JDKSolar...
Microsoft Windows LUAFV Driver CVE-2019-0731 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges on the system. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft Windows 1...
Microsoft Windows CVE-2019-0840 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10...
Microsoft Windows JET Database Engine CVE-2019-0879 Remote Code Execution Vulnerability
Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Azure DevOps Server CVE-2019-0869 HTML Injection Vulnerability
Description Microsoft Azure DevOps Server is prone to an HTML-injection vulnerability. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, to conduct spoofing attacks or redirect the user to a malicious website. Other attacks are al...
Microsoft Windows IOleCvt Interface CVE-2019-0845 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the affected system. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft Windows...
Microsoft Exchange Server CVE-2019-0817 Spoofing Vulnerability
Description Microsoft Exchange Server is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Exchan...
Microsoft Edge Chakra Scripting Engine CVE-2019-0806 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Windows Admin Center CVE-2019-0813 Privilege Escalation Vulnerability
Description Microsoft Windows Admin Center is prone to a privilege-escalation vulnerability. Attackers can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows Admin Center Recommendations Block external access at the network boundary, unless external parties...
Microsoft Internet Explorer VBScript Engine CVE-2019-0862 Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions...
Microsoft Excel CVE-2019-0828 Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
Microsoft Windows CVE-2019-0839 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Versi...
Microsoft Office Access Connectivity Engine CVE-2019-0827 Remote Code Execution Vulnerability
Description Microsoft Office Access Connectivity Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Office 2010 Service Pack 2 32-bit editions Microsoft Office...
Microsoft Windows CVE-2019-0844 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
Microsoft Edge CVE-2019-0833 Information Disclosure Vulnerability
Description Microsoft Edge is prone to an information disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Edge Recommendations Run all software as a nonprivileged user with minimal acce...
Microsoft Windows GDI+ Component CVE-2019-0853 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Technologies Affected...
Microsoft Windows CSRSS CVE-2019-0735 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges on the affected system. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft...
Microsoft Office SharePoint CVE-2019-0831 Cross Site Scripting Vulnerability
Description Microsoft Office SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...