6867 matches found
Microsoft Visual Studio CVE-2019-1486 Spoofing Vulnerability
Description Microsoft Visual Studio is prone to an security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Visual...
Lenovo Power Management Driver CVE-2019-6192 Local Buffer Overflow Vulnerability
Description Lenovo Power Management Driver is prone to a local buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Attackers can exploit this issue to cause denial of service conditions. Due to the natur...
IBM Spectrum Scale CVE-2019-4665 Cross Site Scripting Vulnerability
Description IBM Spectrum Scale is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication...
Microsoft Defender CVE-2019-1488 Security Bypass Vulnerability
Description Microsoft Defender is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit...
Microsoft Windows Remote Desktop Protocol CVE-2019-1453 Denial of Service Vulnerability
Description Microsoft Windows Remote Desktop Protocol is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the target service to stop responding, denying service to legitimate users. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems...
Apple iOS and iPadOS CVE-2019-8857 Security Bypass Vulnerability
Description Apple iOS and iPadOS are prone to a security bypass vulnerability. Attackers can exploit this issue to bypass security restrictions and perform unauthorized actions. This issue is fixed in Apple iPadOS 13.3 and iOS 13.3. Technologies Affected Apple Ipad Mini- Apple iOS 10 Apple iOS...
WebKit CVE-2019-8846 Arbitrary Code Execution Vulnerability
Description WebKit is prone to an arbitrary-code execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition. Technologies Affected Apple Safari 1.0.0 Apple...
Microsoft Internet Explorer VBScript Engine CVE-2019-1485 Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the current user. Failed exploit attempts may result in a denial of service condition. Internet explorer 9, 10 and 11 are...
Adobe Acrobat and Reader CVE-2019-16444 Local Privilege Escalation Vulnerability
Description Adobe Acrobat and Reader are prone to a local privilege-escalation vulnerability. Attackers can exploit this issue to gain elevated privileges and perform unauthorized actions. Technologies Affected Adobe Acrobat DC 2015.006.30060 Adobe Acrobat DC 2015.006.30094 Adobe Acrobat DC...
Intel SCS Platform Discovery Utility CVE-2019-14605 Local Privilege Escalation Vulnerability
Description Intel SCS Platform Discovery Utility is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Technologies Affected Intel SCS Platform Discovery Utility Recommendations Permit local access for trusted individuals only...
Apple iOS and iPadOS CVE-2019-8841 Arbitrary Code Execution Vulnerability
Description Apple iOS and iPadOS are prone to an arbitrary code execution vulnerability. A remote attacker can leverage this issue to execute arbitrary code with kernel privileges on the affected system. Failed exploit attempts may result in a denial-of-service condition. Technologies Affected...
Broadcom CA Automic Sysload CVE-2019-19518 Arbitrary Command Execution Vulnerability
Description Broadcom CA Automic Sysload is prone to an arbitrary command-execution vulnerability. An attacker can exploit this issue to execute arbitrary system command on the affected system. This may aid in further attacks. CA Automic Sysload versions 5.6.0, 5.8.0, 5.8.1, 6.0.0, 6.0.1, 6.1.2 ar...
Microsoft Windows Media Player CVE-2019-1480 Information Disclosure Vulnerability
Description Microsoft Windows Media Player is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for...
Microsoft Windows COM Server CVE-2019-1478 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsof...
Adobe Acrobat and Reader CVE-2019-16462 Arbitrary Code Execution Vulnerability
Description Adobe Acrobat and Reader are prone to an arbitrary code-execution vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions. Technologies Affected...
Siemens SiNVR 3 SSA-761617 Multiple Security Vulnerabilities
Description Siemens SiNVR 3 is prone to the following security vulnerabilities: 1. Multiple information-disclosure vulnerabilities 2. Multiple authentication-bypass vulnerabilities 3. A directory-traversal vulnerability 4. A privilege-escalation vulnerability An attacker can exploit this issue...
Lenovo Energy Management Driver for Windows 10 CVE-2019-6183 Denial of Service Vulnerability
Description Lenovo Energy Management Driver is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause a denial of service condition. Versions prior to Lenovo Energy Management 15.11.29.7 are vulnerable. Technologies Affected Lenovo Energy Management Microsoft Window...
Microsoft Access CVE-2019-1400 Information Disclosure Vulnerability
Description Microsoft Access is prone to an information-disclosure vulnerability. An attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2010 32-bit edition SP2 Microsoft Office 2010 64-bit edition SP2 Microsoft...
Apple iOS/iPadOS/watchOS/macOS CVE-2019-8856 Security Vulnerability
Description Apple iOS/iPadOS/watchOS/macOS are prone to a security vulnerability. Attackers can exploit this issue to bypass security restrictions and perform unauthorized actions. Technologies Affected Apple Ipad Mini- Apple Watch Apple iOS 10 Apple iOS 10.0.1 Apple iOS 10.1 Apple iOS 10.2 Apple...
Microsoft Windows GDI Component CVE-2019-1466 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...
Adobe ColdFusion CVE-2019-8256 Remote Privilege Escalation Vulnerability
Description Adobe ColdFusion is prone to a remote privilege-escalation vulnerability. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Adobe ColdFusion 10 Adobe ColdFusion 10 Update 1 Adobe ColdFusion 10 Update 1...
Microsoft Windows Win32k CVE-2019-1469 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
Apple watchOS/iOS/iPadOS/tvOS/Safari CVE-2019-8844 Multiple Memory Corruption Vulnerabilities
Description Apple watchOS, iOS, iPadOS, tvOS and Safari are prone to multiple memory corruption vulnerabilities. A remote attacker can leverage these issues to execute arbitrary code in the context of the user running the application. Technologies Affected Apple Ipad Mini- Apple Safari 1.1.0 Appl...
Microsoft Access CVE-2019-1463 Information Disclosure Vulnerability
Description Microsoft Access is prone to an information-disclosure vulnerability. An attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2010 32-bit edition SP2 Microsoft Office 2010 64-bit edition SP2 Microsoft...
SAP Adaptive Server Enterprise CVE-2019-0402 Information Disclosure Vulnerability
Description SAP Adaptive Server Enterprise is prone to an unspecified information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. SAP Adaptive Server Enterprise versions 15.7 and 16.0 are vulnerable. Technologies Affecte...
SAP BusinessObjects Business Intelligence CVE-2019-0398 Cross Site Request Forgery Vulnerability
Description SAP BusinessObjects Business Intelligence Platform is prone to an unspecified cross-site request-forgery vulnerability because the application fails to properly validate HTTP requests. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain...
Siemens XHQ Operations Intelligence SSA-525454 Multiple Input Validation Vulnerabilities
Description Siemens XHQ Operations Intelligence is prone to multiple input-validation vulnerabilities. An attacker can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, o...
Google Chrome Prior to 79.0.3945.79 Multiple Security Vulnerabilities
Description Google Chrome is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the browser, gain sensitive information and perform unauthorized actions or cause denial-of-service conditions. Versions prior to Chrome...
Intel Control Center-I CVE-2019-14599 Local Privilege Escalation Vulnerability
Description Intel Control Center-I is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Intel Control Center-I versions 2.1.0.0 and prior are vulnerable. Technologies Affected Intel Control Center-I 2.1.0.0 Recommendations...
Microsoft Windows GDI Component CVE-2019-1467 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...
Microsoft SQL Server Reporting Services CVE-2019-1332 Cross Site Scripting Vulnerability
Description Microsoft SQL Server Reporting Services SSRS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...
Intel Administrative Tools for Network Adapters Local Privilege Escalation Vulnerability
Description Intel Administrative Tools for Network Adapters is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Versions prior to Intel Administrative Tools for Network Adapters 24.3 are vulnerable. Technologies Affected Int...
Adobe Acrobat and Reader APSB19-55 Multiple Information Disclosure Vulnerabilities
Description Adobe Acrobat and Reader are prone to multiple information-disclosure vulnerabilities. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. Technologies Affected Adobe Acrobat DC 2015.006.30060 Adobe Acrobat DC 2015.006.30094 Adob...
SAP Enable Now Multiple Unspecified Security Vulnerabilities
Description SAP Enable Now is prone to multiple unspecified security vulnerabilities. Limited information is currently available regarding these issues. We will update this BID as more information emerges. SAP Enable Now version 1911 is vulnerable. Technologies Affected SAP Enable Now 1911...
Multiple Siemens EN100 Ethernet Modules SSA-418979 Multiple Security Vulnerabilities
Description Multiple Siemens EN100 Ethernet Modules are prone to multiple security vulnerabilities. An attacker may leverage these issues to execute arbitrary code, using directory-traversal sequences '../' to retrieve sensitive information and execute arbitrary script code in the browser of an...
Microsoft Windows Remote Desktop Protocol CVE-2019-1489 Information Disclosure Vulnerability
Description Microsoft Windows Remote Desktop Protocol is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows XP SP3 Recommendations Block external acce...
Microsoft Windows Win32k CVE-2019-1458 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
Microsoft Excel CVE-2019-1464 Information Disclosure Vulnerability
Description Microsoft Excel is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Excel 2010 SP2 32-bit editions Microsoft Excel 2010 SP2 64-bit editions Microsoft Exce...
Intel Dynamic Platform and Thermal Framework CVE-2019-0134 Local Privilege Escalation Vulnerability
Description Intel Dynamic Platform and Thermal Framework is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Intel Dynamic Platform and Thermal Framework version 8.3.10208.5643 and prior are vulnerable. Technologies Affected...
Microsoft Git for Visual Studio CVE-2019-1351 Tampering Security Bypass Vulnerability
Description Microsoft Git for Visual Studio is prone to a security bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Technologies Affected Microsoft Visual Studio 2017 15.0 Microsoft Visual Studio 2017 15.1 Microsoft...
Microsoft Git for Visual Studio CVE-2019-1349 Remote Code Execution Vulnerability
Description Microsoft Git for Visual Studio is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...
Microsoft Git for Visual Studio CVE-2019-1354 Remote Code Execution Vulnerability
Description Microsoft Git for Visual Studio is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...
Microsoft Git for Visual Studio CVE-2019-1387 Remote Code Execution Vulnerability
Description Microsoft Git for Visual Studio is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...
Microsoft Git for Visual Studio CVE-2019-1350 Remote Code Execution Vulnerability
Description Microsoft Git for Visual Studio is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...
Apple iOS/tvOS/iPadOS/watchOS/macOS Multiple Memory Corruption Vulnerabilities
Description Apple iOS/tvOS/iPadOS/watchOS/macOS are prone to multiple memory-corruption vulnerabilities. Successfully exploiting these issues allows attackers to execute arbitrary code in the context of current user running the affected application. Failed exploits will result in denial-of-servic...
Adobe Acrobat and Reader APSB19-55 Multiple Arbitrary Code Execution Vulnerabilities
Description Adobe Acrobat and Reader are prone to multiple arbitrary code-execution vulnerabilities. Successfully exploiting these issues allows attackers to execute arbitrary code in the context of current user running the affected application. Failed exploits will result in denial-of-service...
Git CVE-2019-19604 Arbitrary Code Execution Vulnerability
Description Git is prone to an arbitrary code-execution vulnerability. A remote attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed attempts will likely cause a denial-of-service condition. Git versions prior to 2.20.2, 2.21.x through and...
Multiple Intel Processors CVE-2019-14607 Multiple Security Vulnerabilities
Description Multiple Intel Processors are prone to multiple security vulnerabilities. A local attacker can leverage these issues to obtain sensitive information, gain elevated privileges and cause denial of service conditions. This may aid in further attacks. Technologies Affected Intel 6th...
Multiple Intel Processors CVE-2019-11157 Multiple Security Vulnerabilities
Description Multiple Intel Processors are prone to multiple security vulnerabilities. A local attacker can leverage these issues to obtain sensitive information and gain elevated privileges. This may aid in further attacks. Technologies Affected Intel 6th generation Core processors Intel 7th...
Apple Xcode CVE-2019-8840 Arbitrary Code Execution Vulnerability
Description Apple Xcode is prone to an arbitrary code-execution vulnerability. Attackers can leverage this issue to execute arbitrary code in the context of the user running the application. Failed exploit attempts may result in a denial-of-service condition. Versions prior to Xcode 11.3 are...