Microsoft Windows GDI Component CVE-2019-1466 Information Disclosure Vulnerability

Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...

Microsoft Windows Win32k Graphics CVE-2019-1468 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition. Technologies Affected Microsoft Windows ...

Microsoft Excel CVE-2019-1464 Information Disclosure Vulnerability

Description Microsoft Excel is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Excel 2010 SP2 32-bit editions Microsoft Excel 2010 SP2 64-bit editions Microsoft Exce...

Microsoft SQL Server Reporting Services CVE-2019-1332 Cross Site Scripting Vulnerability

Description Microsoft SQL Server Reporting Services SSRS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

Intel Rapid Storage Technology CVE-2019-14568 Local Privilege Escalation Vulnerability

Description Intel Rapid Storage Technology is prone to a local privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Versions prior to Intel Rapid Storage Technology 17.7.0.1006 are vulnerable. Technologies Affected Intel Rapid Storage Technology...

Adobe Photoshop CC APSB19-56 Multiple Unspecified Memory Corruption Vulnerabilities

Description Adobe Photoshop CC is prone to multiple unspecified memory-corruption vulnerabilities. An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions...

Microsoft Windows GDI Component CVE-2019-1467 Information Disclosure Vulnerability

Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...

McAfee TechCheck for Windows CVE-2019-3667 DLL Loading Arbitrary Code Execution Vulnerability

Description McAfee TechCheck is prone to an arbitrary code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in a denial of service condition. McAfee TechCheck versions 3.0.0.17 an...

Siemens XHQ Operations Intelligence SSA-525454 Multiple Input Validation Vulnerabilities

Description Siemens XHQ Operations Intelligence is prone to multiple input-validation vulnerabilities. An attacker can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, o...

Adobe Acrobat and Reader APSB19-55 Multiple Information Disclosure Vulnerabilities

Description Adobe Acrobat and Reader are prone to multiple information-disclosure vulnerabilities. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. Technologies Affected Adobe Acrobat DC 2015.006.30060 Adobe Acrobat DC 2015.006.30094 Adob...

Adobe Acrobat and Reader APSB19-55 Multiple Arbitrary Code Execution Vulnerabilities

Description Adobe Acrobat and Reader are prone to multiple arbitrary code-execution vulnerabilities. Successfully exploiting these issues allows attackers to execute arbitrary code in the context of current user running the affected application. Failed exploits will result in denial-of-service...

Microsoft Windows Win32k CVE-2019-1469 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...

Adobe Acrobat and Reader CVE-2019-16444 Local Privilege Escalation Vulnerability

Description Adobe Acrobat and Reader are prone to a local privilege-escalation vulnerability. Attackers can exploit this issue to gain elevated privileges and perform unauthorized actions. Technologies Affected Adobe Acrobat DC 2015.006.30060 Adobe Acrobat DC 2015.006.30094 Adobe Acrobat DC...

Apple watchOS/iOS/iPadOS/tvOS/Safari CVE-2019-8844 Multiple Memory Corruption Vulnerabilities

Description Apple watchOS, iOS, iPadOS, tvOS and Safari are prone to multiple memory corruption vulnerabilities. A remote attacker can leverage these issues to execute arbitrary code in the context of the user running the application. Technologies Affected Apple Ipad Mini- Apple Safari 1.1.0 Appl...

Siemens SiNVR 3 SSA-761617 Multiple Security Vulnerabilities

Description Siemens SiNVR 3 is prone to the following security vulnerabilities: 1. Multiple information-disclosure vulnerabilities 2. Multiple authentication-bypass vulnerabilities 3. A directory-traversal vulnerability 4. A privilege-escalation vulnerability An attacker can exploit this issue...

Microsoft Word CVE-2019-1461 Remote Denial of Service Vulnerability

Description Microsoft Word is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Technologies Affected Microsoft Office 2010 32-bit edition SP2 Microsoft Office 2010 64-bit edition SP2 Microsoft Office 2019 for 32-bit...

Apple iOS and iPadOS CVE-2019-8857 Security Bypass Vulnerability

Description Apple iOS and iPadOS are prone to a security bypass vulnerability. Attackers can exploit this issue to bypass security restrictions and perform unauthorized actions. This issue is fixed in Apple iPadOS 13.3 and iOS 13.3. Technologies Affected Apple Ipad Mini- Apple iOS 10 Apple iOS...

Microsoft Windows CVE-2019-1476 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft...

Microsoft Authentication Library CVE-2019-1487 Information Disclosure Vulnerability

Description Microsoft Authentication Library is prone to a information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Authentication Library 0.3.1-Alpha Recommendations Block external...

Multiple Siemens EN100 Ethernet Modules SSA-418979 Multiple Security Vulnerabilities

Description Multiple Siemens EN100 Ethernet Modules are prone to multiple security vulnerabilities. An attacker may leverage these issues to execute arbitrary code, using directory-traversal sequences '../' to retrieve sensitive information and execute arbitrary script code in the browser of an...

Multiple Intel Processors CVE-2019-11157 Multiple Security Vulnerabilities

Description Multiple Intel Processors are prone to multiple security vulnerabilities. A local attacker can leverage these issues to obtain sensitive information and gain elevated privileges. This may aid in further attacks. Technologies Affected Intel 6th generation Core processors Intel 7th...

Microsoft Internet Explorer VBScript Engine CVE-2019-1485 Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the current user. Failed exploit attempts may result in a denial of service condition. Internet explorer 9, 10 and 11 are...

Broadcom CA Automic Sysload CVE-2019-19518 Arbitrary Command Execution Vulnerability

Description Broadcom CA Automic Sysload is prone to an arbitrary command-execution vulnerability. An attacker can exploit this issue to execute arbitrary system command on the affected system. This may aid in further attacks. CA Automic Sysload versions 5.6.0, 5.8.0, 5.8.1, 6.0.0, 6.0.1, 6.1.2 ar...

Adobe Acrobat and Reader APSB19-55 Multiple Security Vulnerabilities

Description Adobe Acrobat and Reader are prone to multiple security vulnerabilities. Successfully exploiting these issues allow attackers to execute arbitrary code in the context of current user running the affected application and bypass security restrictions and perform unauthorized actions...

SAP Business Objects Business Intelligence Platform CVE-2019-0395 Cross Site Scripting Vulnerability

Description SAP BusinessObjects Business Intelligence Platform is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context...

Git CVE-2019-19604 Arbitrary Code Execution Vulnerability

Description Git is prone to an arbitrary code-execution vulnerability. A remote attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed attempts will likely cause a denial-of-service condition. Git versions prior to 2.20.2, 2.21.x through and...

Microsoft Git for Visual Studio CVE-2019-1352 Remote Code Execution Vulnerability

Description Microsoft Git for Visual Studio is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...

Microsoft Git for Visual Studio CVE-2019-1349 Remote Code Execution Vulnerability

Description Microsoft Git for Visual Studio is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...

Microsoft Windows OLE CVE-2019-1484 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...

SAP Portfolio and Project Management CVE-2019-0399 Information Disclosure Vulnerability

Description SAP Portfolio and Project Management is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected SAP Portfolio and Project Management SAP S4CORE 1.02 SAP S4CORE...

Intel Dynamic Platform and Thermal Framework CVE-2019-0134 Local Privilege Escalation Vulnerability

Description Intel Dynamic Platform and Thermal Framework is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Intel Dynamic Platform and Thermal Framework version 8.3.10208.5643 and prior are vulnerable. Technologies Affected...

Apple iOS/tvOS/iPadOS/watchOS/macOS Multiple Memory Corruption Vulnerabilities

Description Apple iOS/tvOS/iPadOS/watchOS/macOS are prone to multiple memory-corruption vulnerabilities. Successfully exploiting these issues allows attackers to execute arbitrary code in the context of current user running the affected application. Failed exploits will result in denial-of-servic...

Microsoft Windows Remote Desktop Protocol CVE-2019-1489 Information Disclosure Vulnerability

Description Microsoft Windows Remote Desktop Protocol is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows XP SP3 Recommendations Block external acce...

Intel Control Center-I CVE-2019-14599 Local Privilege Escalation Vulnerability

Description Intel Control Center-I is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Intel Control Center-I versions 2.1.0.0 and prior are vulnerable. Technologies Affected Intel Control Center-I 2.1.0.0 Recommendations...

Intel Quartus Prime Pro INTEL-SA-00311 Multiple Local Security Vulnerabilities

Description Intel Quartus Prime Pro is prone to multiple local security vulnerabilities. An attacker can exploit these issues to gain elevated privileges and cause denial-of-service conditions. Intel Quartus Prime Pro Edition versions prior to 19.3 are vulnerable. Technologies Affected Intel...

Apple iOS/iPadOS/watchOS/macOS CVE-2019-8856 Security Vulnerability

Description Apple iOS/iPadOS/watchOS/macOS are prone to a security vulnerability. Attackers can exploit this issue to bypass security restrictions and perform unauthorized actions. Technologies Affected Apple Ipad Mini- Apple Watch Apple iOS 10 Apple iOS 10.0.1 Apple iOS 10.1 Apple iOS 10.2 Apple...

Microsoft Access CVE-2019-1463 Information Disclosure Vulnerability

Description Microsoft Access is prone to an information-disclosure vulnerability. An attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2010 32-bit edition SP2 Microsoft Office 2010 64-bit edition SP2 Microsoft...

Microsoft Git for Visual Studio CVE-2019-1350 Remote Code Execution Vulnerability

Description Microsoft Git for Visual Studio is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...

Microsoft Windows Remote Desktop Protocol CVE-2019-1453 Denial of Service Vulnerability

Description Microsoft Windows Remote Desktop Protocol is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the target service to stop responding, denying service to legitimate users. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems...

Adobe Acrobat and Reader CVE-2019-16462 Arbitrary Code Execution Vulnerability

Description Adobe Acrobat and Reader are prone to an arbitrary code-execution vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions. Technologies Affected...

Microsoft Defender CVE-2019-1488 Security Bypass Vulnerability

Description Microsoft Defender is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit...

Multiple Intel NUC Firmware Multiple Security Vulnerabilities

Description Multiple Intel NUC Firmware are prone to multiple unspecified security vulnerabilities. Attackers can leverage these issues to gain elevated privileges. Technologies Affected Intel Compute Card CD1IV128MK BIOS Intel Compute Card CD1M3128MK BIOS Intel Compute Card CD1P64GK BIOS Intel...

Apple iOS and iPadOS CVE-2019-8841 Arbitrary Code Execution Vulnerability

Description Apple iOS and iPadOS are prone to an arbitrary code execution vulnerability. A remote attacker can leverage this issue to execute arbitrary code with kernel privileges on the affected system. Failed exploit attempts may result in a denial-of-service condition. Technologies Affected...

Microsoft Git for Visual Studio CVE-2019-1387 Remote Code Execution Vulnerability

Description Microsoft Git for Visual Studio is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...

Microsoft Skype for Business Server CVE-2019-1490 Spoofing Vulnerability

Description Microsoft Skype for Business Server are prone to a spoofing vulnerability. An attacker can exploit this issue to conduct spoofing attacks, execute arbitrary script code in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials an...

Atlassian FishEye and Crucible CVE-2019-15008 Cross Site Scripting Vulnerability

Description Atlassian FishEye and Crucible are prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based...

Siemens SCALANCE W700/W1700 CVE-2018-14526 Information Disclosure Vulnerability

Description Siemens SCALANCE W700 and W1700 is prone to an information disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information. Successful exploits may lead to other attacks. The following versions of SCALANCE W700 and W1700 are affected: Siemens SCALANCE W700...

Microsoft PowerPoint CVE-2019-1462 Remote Code Execution Vulnerability

Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...

Google Chrome Prior to 79.0.3945.79 Multiple Security Vulnerabilities

Description Google Chrome is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the browser, gain sensitive information and perform unauthorized actions or cause denial-of-service conditions. Versions prior to Chrome...

Apple iOS/tvOS/iPadOS/watchOS/macOS CVE-2019-8848 Privilege Escalation Vulnerability

Description Apple iOS/tvOS/iPadOS/watchOS/macOS are prone to a privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges on an affected system. Technologies Affected Apple Ipad Mini- Apple TV Apple Watch Apple iOS 10 Apple iOS 10.0.1 Apple iOS 10.1 Apple i...