Microsoft Authentication Library CVE-2019-1487 Information Disclosure Vulnerability

Description Microsoft Authentication Library is prone to a information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Authentication Library 0.3.1-Alpha Recommendations Block external...

SAP Adaptive Server Enterprise CVE-2019-0402 Information Disclosure Vulnerability

Description SAP Adaptive Server Enterprise is prone to an unspecified information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. SAP Adaptive Server Enterprise versions 15.7 and 16.0 are vulnerable. Technologies Affecte...

Microsoft Windows Hyper-V CVE-2019-1471 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Hyper-V Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10...

Apple iOS/tvOS/iPadOS/watchOS/macOS Multiple Memory Corruption Vulnerabilities

Description Apple iOS/tvOS/iPadOS/watchOS/macOS are prone to multiple memory-corruption vulnerabilities. Successfully exploiting these issues allows attackers to execute arbitrary code in the context of current user running the affected application. Failed exploits will result in denial-of-servic...

SAP Portfolio and Project Management CVE-2019-0399 Information Disclosure Vulnerability

Description SAP Portfolio and Project Management is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected SAP Portfolio and Project Management SAP S4CORE 1.02 SAP S4CORE...

Apple macOS Multiple Security Vulnerabilities

Description Apple macOS is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code, obtain sensitive information, perform unauthorized actions or cause denial-of-service conditions. Technologies Affected Apple macOS 10.12 Apple macOS 10.12.1 Apple...

Apple Xcode CVE-2019-8840 Arbitrary Code Execution Vulnerability

Description Apple Xcode is prone to an arbitrary code-execution vulnerability. Attackers can leverage this issue to execute arbitrary code in the context of the user running the application. Failed exploit attempts may result in a denial-of-service condition. Versions prior to Xcode 11.3 are...

Apple iOS and iPadOS CVE-2019-8841 Arbitrary Code Execution Vulnerability

Description Apple iOS and iPadOS are prone to an arbitrary code execution vulnerability. A remote attacker can leverage this issue to execute arbitrary code with kernel privileges on the affected system. Failed exploit attempts may result in a denial-of-service condition. Technologies Affected...

Firecracker CVE-2019-18960 Buffer Overflow Vulnerability

Description Firecracker is prone to a buffer-overflow vulnerability. An attacker can exploit this issue to cause the application to crash, denying service to legitimate users. Technologies Affected Firecracker Firecracker 0.18.0 Firecracker Firecracker 0.19.0 Recommendations Block external access...

Apple iOS/tvOS/iPadOS/watchOS/macOS CVE-2019-8848 Privilege Escalation Vulnerability

Description Apple iOS/tvOS/iPadOS/watchOS/macOS are prone to a privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges on an affected system. Technologies Affected Apple Ipad Mini- Apple TV Apple Watch Apple iOS 10 Apple iOS 10.0.1 Apple iOS 10.1 Apple i...

Multiple Siemens EN100 Ethernet Modules SSA-418979 Multiple Security Vulnerabilities

Description Multiple Siemens EN100 Ethernet Modules are prone to multiple security vulnerabilities. An attacker may leverage these issues to execute arbitrary code, using directory-traversal sequences '../' to retrieve sensitive information and execute arbitrary script code in the browser of an...

IBM Spectrum Scale CVE-2019-4665 Cross Site Scripting Vulnerability

Description IBM Spectrum Scale is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication...

Atlassian FishEye and Crucible CVE-2019-15008 Cross Site Scripting Vulnerability

Description Atlassian FishEye and Crucible are prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based...

Broadcom CA Automic Sysload CVE-2019-19518 Arbitrary Command Execution Vulnerability

Description Broadcom CA Automic Sysload is prone to an arbitrary command-execution vulnerability. An attacker can exploit this issue to execute arbitrary system command on the affected system. This may aid in further attacks. CA Automic Sysload versions 5.6.0, 5.8.0, 5.8.1, 6.0.0, 6.0.1, 6.1.2 ar...

Lenovo Power Management Driver CVE-2019-6192 Local Buffer Overflow Vulnerability

Description Lenovo Power Management Driver is prone to a local buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Attackers can exploit this issue to cause denial of service conditions. Due to the natur...

Lenovo Energy Management Driver for Windows 10 CVE-2019-6183 Denial of Service Vulnerability

Description Lenovo Energy Management Driver is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause a denial of service condition. Versions prior to Lenovo Energy Management 15.11.29.7 are vulnerable. Technologies Affected Lenovo Energy Management Microsoft Window...

Apple iOS/iPadOS/watchOS/macOS CVE-2019-8856 Security Vulnerability

Description Apple iOS/iPadOS/watchOS/macOS are prone to a security vulnerability. Attackers can exploit this issue to bypass security restrictions and perform unauthorized actions. Technologies Affected Apple Ipad Mini- Apple Watch Apple iOS 10 Apple iOS 10.0.1 Apple iOS 10.1 Apple iOS 10.2 Apple...

Microsoft Access CVE-2019-1400 Information Disclosure Vulnerability

Description Microsoft Access is prone to an information-disclosure vulnerability. An attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2010 32-bit edition SP2 Microsoft Office 2010 64-bit edition SP2 Microsoft...

Multiple Intel Processors CVE-2019-11157 Multiple Security Vulnerabilities

Description Multiple Intel Processors are prone to multiple security vulnerabilities. A local attacker can leverage these issues to obtain sensitive information and gain elevated privileges. This may aid in further attacks. Technologies Affected Intel 6th generation Core processors Intel 7th...

Intel SCS Platform Discovery Utility CVE-2019-14605 Local Privilege Escalation Vulnerability

Description Intel SCS Platform Discovery Utility is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Technologies Affected Intel SCS Platform Discovery Utility Recommendations Permit local access for trusted individuals only...

Microsoft Excel CVE-2019-1464 Information Disclosure Vulnerability

Description Microsoft Excel is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Excel 2010 SP2 32-bit editions Microsoft Excel 2010 SP2 64-bit editions Microsoft Exce...

Microsoft Windows Win32k CVE-2019-1458 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...

Intel Dynamic Platform and Thermal Framework CVE-2019-0134 Local Privilege Escalation Vulnerability

Description Intel Dynamic Platform and Thermal Framework is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Intel Dynamic Platform and Thermal Framework version 8.3.10208.5643 and prior are vulnerable. Technologies Affected...

SAP BusinessObjects Business Intelligence CVE-2019-0398 Cross Site Request Forgery Vulnerability

Description SAP BusinessObjects Business Intelligence Platform is prone to an unspecified cross-site request-forgery vulnerability because the application fails to properly validate HTTP requests. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain...

Multiple Intel Processors CVE-2019-14607 Multiple Security Vulnerabilities

Description Multiple Intel Processors are prone to multiple security vulnerabilities. A local attacker can leverage these issues to obtain sensitive information, gain elevated privileges and cause denial of service conditions. This may aid in further attacks. Technologies Affected Intel 6th...

Microsoft Access CVE-2019-1463 Information Disclosure Vulnerability

Description Microsoft Access is prone to an information-disclosure vulnerability. An attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2010 32-bit edition SP2 Microsoft Office 2010 64-bit edition SP2 Microsoft...

Microsoft Word CVE-2019-1461 Remote Denial of Service Vulnerability

Description Microsoft Word is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Technologies Affected Microsoft Office 2010 32-bit edition SP2 Microsoft Office 2010 64-bit edition SP2 Microsoft Office 2019 for 32-bit...

Microsoft PowerPoint CVE-2019-1462 Remote Code Execution Vulnerability

Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...

Samba CVE-2019-14870 Remote Security Bypass Vulnerability

Description Samba is prone to a security-bypass vulnerability. Successful exploit may allow attackers to bypass certain security restrictions and gain unauthorized access to resources. Samba 4.x versions prior to 4.11.3, 4.10.11 and 4.9.17 are vulnerable. Technologies Affected Samba Samba 4.0.0...

Microsoft Internet Explorer VBScript Engine CVE-2019-1485 Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the current user. Failed exploit attempts may result in a denial of service condition. Internet explorer 9, 10 and 11 are...

WebKit CVE-2019-8846 Arbitrary Code Execution Vulnerability

Description WebKit is prone to an arbitrary-code execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition. Technologies Affected Apple Safari 1.0.0 Apple...

Adobe Acrobat and Reader CVE-2019-16462 Arbitrary Code Execution Vulnerability

Description Adobe Acrobat and Reader are prone to an arbitrary code-execution vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions. Technologies Affected...

Siemens SIMATIC Products CVE-2019-10929 Man in the Middle Security Bypass Vulnerability

Description Multiple Siemens SIMATIC Products are is prone to a security-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions to perform unauthorized actions. This may aid in further attacks. The following Siemens products are affected: Siemens SIMATIC CP...

Adobe Acrobat and Reader APSB19-55 Multiple Arbitrary Code Execution Vulnerabilities

Description Adobe Acrobat and Reader are prone to multiple arbitrary code-execution vulnerabilities. Successfully exploiting these issues allows attackers to execute arbitrary code in the context of current user running the affected application. Failed exploits will result in denial-of-service...

Adobe Brackets CVE-2019-8255 Unspecified Command Injection Vulnerability

Description Adobe Brackets is prone to an unspecified command-injection vulnerability. Successfully exploiting this issue may allow an attacker to execute arbitrary code in the context of the affected application. Failed exploit attempts may cause a denial-of-service condition. Brackets 1.14 and...

Adobe Acrobat and Reader APSB19-55 Multiple Information Disclosure Vulnerabilities

Description Adobe Acrobat and Reader are prone to multiple information-disclosure vulnerabilities. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. Technologies Affected Adobe Acrobat DC 2015.006.30060 Adobe Acrobat DC 2015.006.30094 Adob...

Microsoft Windows Remote Desktop Protocol CVE-2019-1489 Information Disclosure Vulnerability

Description Microsoft Windows Remote Desktop Protocol is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows XP SP3 Recommendations Block external acce...

Siemens SiNVR 3 SSA-761617 Multiple Security Vulnerabilities

Description Siemens SiNVR 3 is prone to the following security vulnerabilities: 1. Multiple information-disclosure vulnerabilities 2. Multiple authentication-bypass vulnerabilities 3. A directory-traversal vulnerability 4. A privilege-escalation vulnerability An attacker can exploit this issue...

Adobe Acrobat and Reader CVE-2019-16444 Local Privilege Escalation Vulnerability

Description Adobe Acrobat and Reader are prone to a local privilege-escalation vulnerability. Attackers can exploit this issue to gain elevated privileges and perform unauthorized actions. Technologies Affected Adobe Acrobat DC 2015.006.30060 Adobe Acrobat DC 2015.006.30094 Adobe Acrobat DC...

Siemens SCALANCE W700/W1700 CVE-2018-14526 Information Disclosure Vulnerability

Description Siemens SCALANCE W700 and W1700 is prone to an information disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information. Successful exploits may lead to other attacks. The following versions of SCALANCE W700 and W1700 are affected: Siemens SCALANCE W700...

McAfee TechCheck for Windows CVE-2019-3667 DLL Loading Arbitrary Code Execution Vulnerability

Description McAfee TechCheck is prone to an arbitrary code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in a denial of service condition. McAfee TechCheck versions 3.0.0.17 an...

Samba CVE-2019-14861 Remote Denial of Service Vulnerability

Description Samba is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the application to crash, denying service to legitimate users. Samba version 4.x versions prior to 4.11.3, 4.10.11 and 4.9.17 are vulnerable. Technologies Affected Samba Samba 4.0.0...

Intel Rapid Storage Technology CVE-2019-14568 Local Privilege Escalation Vulnerability

Description Intel Rapid Storage Technology is prone to a local privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Versions prior to Intel Rapid Storage Technology 17.7.0.1006 are vulnerable. Technologies Affected Intel Rapid Storage Technology...

Microsoft Git for Visual Studio CVE-2019-1351 Tampering Security Bypass Vulnerability

Description Microsoft Git for Visual Studio is prone to a security bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Technologies Affected Microsoft Visual Studio 2017 15.0 Microsoft Visual Studio 2017 15.1 Microsoft...

Google Chrome Prior to 79.0.3945.79 Multiple Security Vulnerabilities

Description Google Chrome is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the browser, gain sensitive information and perform unauthorized actions or cause denial-of-service conditions. Versions prior to Chrome...

Siemens XHQ Operations Intelligence SSA-525454 Multiple Input Validation Vulnerabilities

Description Siemens XHQ Operations Intelligence is prone to multiple input-validation vulnerabilities. An attacker can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, o...

Apple iOS and iPadOS CVE-2019-8857 Security Bypass Vulnerability

Description Apple iOS and iPadOS are prone to a security bypass vulnerability. Attackers can exploit this issue to bypass security restrictions and perform unauthorized actions. This issue is fixed in Apple iPadOS 13.3 and iOS 13.3. Technologies Affected Apple Ipad Mini- Apple iOS 10 Apple iOS...

Git CVE-2019-19604 Arbitrary Code Execution Vulnerability

Description Git is prone to an arbitrary code-execution vulnerability. A remote attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed attempts will likely cause a denial-of-service condition. Git versions prior to 2.20.2, 2.21.x through and...

Apple iOS/iPadOS/tvOS/watchOS CVE-2019-8836 Memory Corruption Vulnerability

Description Apple iOS, iPadOS, tvOS and watchOS are prone to a memory corruption vulnerability. An attacker can leverage this issue to execute arbitrary code with kernel privileges. Failed exploit attempts will likely result in denial-of-service conditions. This issue is fixed in: Apple iOS 13.3...

Apple watchOS/iOS/iPadOS/tvOS/Safari CVE-2019-8844 Multiple Memory Corruption Vulnerabilities

Description Apple watchOS, iOS, iPadOS, tvOS and Safari are prone to multiple memory corruption vulnerabilities. A remote attacker can leverage these issues to execute arbitrary code in the context of the user running the application. Technologies Affected Apple Ipad Mini- Apple Safari 1.1.0 Appl...