Microsoft Git for Visual Studio CVE-2019-1349 Remote Code Execution Vulnerability

Description Microsoft Git for Visual Studio is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...

Microsoft Git for Visual Studio CVE-2019-1387 Remote Code Execution Vulnerability

Description Microsoft Git for Visual Studio is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...

Microsoft Git for Visual Studio CVE-2019-1350 Remote Code Execution Vulnerability

Description Microsoft Git for Visual Studio is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...

Microsoft Git for Visual Studio CVE-2019-1352 Remote Code Execution Vulnerability

Description Microsoft Git for Visual Studio is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...

Siemens XHQ Operations Intelligence SSA-525454 Multiple Input Validation Vulnerabilities

Description Siemens XHQ Operations Intelligence is prone to multiple input-validation vulnerabilities. An attacker can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, o...

Microsoft Skype for Business Server CVE-2019-1490 Spoofing Vulnerability

Description Microsoft Skype for Business Server are prone to a spoofing vulnerability. An attacker can exploit this issue to conduct spoofing attacks, execute arbitrary script code in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials an...

Google Chrome Prior to 79.0.3945.79 Multiple Security Vulnerabilities

Description Google Chrome is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the browser, gain sensitive information and perform unauthorized actions or cause denial-of-service conditions. Versions prior to Chrome...

Intel Administrative Tools for Network Adapters Local Privilege Escalation Vulnerability

Description Intel Administrative Tools for Network Adapters is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Versions prior to Intel Administrative Tools for Network Adapters 24.3 are vulnerable. Technologies Affected Int...

Multiple Siemens EN100 Ethernet Modules SSA-418979 Multiple Security Vulnerabilities

Description Multiple Siemens EN100 Ethernet Modules are prone to multiple security vulnerabilities. An attacker may leverage these issues to execute arbitrary code, using directory-traversal sequences '../' to retrieve sensitive information and execute arbitrary script code in the browser of an...

Multiple Trend Micro Products CVE-2019-18190 Arbitrary Code Execution Vulnerability

Description Multiple Trend Micro Products are prone to an arbitrary code-execution vulnerability. An attacker can leverage this issue to crash the affected application or execute arbitrary code in the context of the affected application. Technologies Affected Trend Micro Antivirus+ Security 16.0...

Multiple QNAP Products NAS-201911-27 Multiple Security Vulnerabilities

Description Multiple QNAP products are prone to multiple security vulnerabilities because they fail to properly sanitize user-supplied input. An attacker may leverage these issues to gain unauthorized access to the affected device and execute arbitrary script code in the browser of an unsuspectin...

Broadcom CA Nolio CVE-2019-19230 Deserialization Remote Code Execution Vulnerability

Description Broadcom CA Nolio is prone to a remote-code execution vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions. Broadcom CA Nolio version 6.6 is...

OpenStack Keystone CVE-2019-19687 Information Disclosure Vulnerability

Description OpenStack Keystone is prone to an information-disclosure vulnerability. An attacker may leverage this issue to obtain potentially sensitive information that may aid in further attacks. Technologies Affected OpenStack Keystone 15.0.0 OpenStack Keystone 16.0.0 Recommendations Block...

IBM API Connect CVE-2019-4444 Local Information Disclosure Vulnerability

Description IBM API Connect is prone to a local information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information that may aid in further attacks. IBM API Connect 2018.4.1.0 through 2018.4.1.7 are vulnerable. Technologies Affected IBM API Connect 2018.4.1 IB...

Linux Kernel CVE-2019-19965 Null Pointer Dereference Denial of Service Vulnerability

Description Linux Kernel is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause denial-of-service conditions. Linux Kernel versions through 5.4.6 are vulnerable. Technologies Affected Linux kernel 3.0 Linux kernel 3.0-rc1 Linux kernel 3.0.1 Linux kernel 3.0.18...

Electronic Logbook Multiple Cross Site Scripting Vulnerabilities

Description Electronic Logbook is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. Th...

SQLite Multiple Security Vulnerabilities

Description SQLite is prone to the following security vulnerabilities. 1. A denial-of-service vulnerability 2. A security vulnerability An attacker can exploit these issues to cause the application to crash, denying service to legitimate users. Technologies Affected SQLite SQLite 1.2.2 SQLite...

Symantec Industrial Control System Protection CVE-2019-18380 Unauthorized Access Vulnerability

Description Symantec Industrial Control System Protection is prone to an unauthorized access vulnerability. An attacker can exploit this issue to gain unauthorized access and perform unintended actions. This may lead to further attacks. Symantec Industrial Control System Protection 6.x.x versions...

Linux Kernel CVE-2019-19947 Memory Leak Denial of Service Vulnerability

Description Linux Kernel is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Linux kernel versions through 5.4.6 are vulnerable. Technologies Affected Linux kernel 2.6.0 Linux kernel 2.6.1 Linux kernel 2.6.11 .11 Linux kernel...

OpenSLP CVE-2019-5544 Heap Memory Corruption Vulnerability

Description OpenSLP is prone to a heap-memory-corruption vulnerability. An attacker can exploit this issue to crash the affected application or execute arbitrary code within the context of the affected application. OpenSLP 1.2.1 and 2.0.0 are vulnerable; other versions may also be affected...

Openssl CVE-2019-1551 Integer Overflow Vulnerability

Description Openssl is prone to an integer-overflow vulnerability. An attacker can exploit this issue to perform unauthorized actions; this may aid in launching further attacks. OpenSSL versions 1.1.1 and 1.0.2 are vulnerable. Technologies Affected OpenSSL Project OpenSSL 1.0.2 OpenSSL Project...

IBM Planning Analytics Local Multiple Security Vulnerabilities

Description IBM Planning Analytics Local is prone to the following security vulnerabilities: 1. An arbitrary file-upload vulnerability 2. A cross-site scripting vulnerability An attacker may leverage these issues to upload arbitrary files or execute arbitrary script code in the browser of an...

Symantec Messaging Gateway Multiple Issues

SUMMARY Symantec has released an update to address issues that were discovered in the Symantec Messaging Gateway SMG product. AFFECTED PRODUCTS Symantec Messaging Gateway SMG --- CVE | Affected Versions | Remediation CVE-2019-18377 CVE-2019-18378 CVE-2019-18379 | Prior to 10.7.3 | Upgrade to 10.7...

Linux Kernel Multiple Denial of Service Vulnerabilities

Description Linux Kernel is prone to multiple denial-of-service vulnerabilities. Local attackers can exploit these issues to cause denial-of-service conditions. Linux Kernel versions prior to 5.2.9 are vulnerable. Technologies Affected Linux kernel 2.0.0 Linux kernel 2.0.1 Linux kernel 2.0.10 Lin...

Dell Command Configure CVE-2019-18575 Arbitrary File Overwrite Vulnerability

Description Dell Command Configure is prone to an arbitrary file-overwrite vulnerability. Successful exploits may allow an attacker to write arbitrary files in the context of the user running the affected application. Dell Command Configure prior to 4.2.1 are vulnerable. Technologies Affected Del...

Adobe Stock CVE-2019-19595 Remote Code Execution Vulnerability

Description Adobe Stock is prone to remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected system. Technologies Affected Adobe Stock 4.8 PrestaShop PrestaShop 1.4 PrestaShop PrestaShop 1.6.0 Recommendations Deploy netwo...

Symantec Norton Password Manager CVE-2019-19545 Cross-Origin Security Bypass Vulnerability

Description Symantec Norton Password Manager is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Versions prior to Symantec Norton Password Manager...

Symantec Norton Password Manager CVE-2019-19546 Information Disclosure Vulnerability

Description Symantec Norton Password Manager is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Symantec Norton Password Manager versions prior to 6.6.2.5 are vulnerable. Technologies...

ABB PB610 Multiple Security Vulnerabilities

Description ABB PB610 Panel Builder 600 is prone to the following vulnerabilities: 1. Multiple denial-of-service vulnerabilities 2. An arbitrary code-execution vulnerability 3. An unauthorized file-access vulnerability Attackers can exploit these issues to execute arbitrary code, access or read...

Atlassian Companion CVE-2019-15006 Security Bypass Vulnerability

Description Atlassian Companion is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions or conduct man-in-the-middle attack; this may aid in launching further attacks. Technologies Affected Atlassian...

Symantec Norton Password Manager CVE-2019-18381 Cross-Origin Security Bypass Vulnerability

Description Symantec Norton Password Manager is prone to a security bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Versions prior to Symantec Norton Password Manager...

AMD 'ATIDXX64.DLL' Driver CVE-2019-5098 Denial of Service Vulnerability

Description An AMD ATI driver is prone to denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Due to the nature of this issue, code execution may be possible but this has not been confirmed. Technologies Affected AMD ATI Radeon AMD ATI Radeo...

Symantec ICSP Unauthorized Access

SUMMARY Symantec has released an update to address an issue that was discovered in the Industrial Control System Protection ICSP product. AFFECTED PRODUCTS Industrial Control System Protection ICSP --- CVE | Affected Versions | Remediation CVE-2019-18380 | ICSP 6.x.x | Upgrade to ICSP 6.1.1.123...

CESNET libyang Multiple Stack Based Buffer Overflow Vulnerabilities

Description CESNET libyang is prone to multiple stack-based buffer-overflow vulnerabilities because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. An attacker can exploit these issues to execute arbitrary code in the context of a...

Facebook Mcrouter Multiple Denial of Service Vulnerabilities

Description Facebook Mcrouter is prone to multiple denial of service vulnerabilities. An attacker can exploit these issues to cause a denial of service condition. Technologies Affected Facebook Mcrouter 0.1.0 Facebook Mcrouter 0.10.0 Facebook Mcrouter 0.20.0 Facebook Mcrouter 0.30.0 Facebook...

IBM Cloud Pak System Multiple Security Vulnerabilities

Description IBM Cloud Pak System is prone to the following security vulnerabilities: 1. An arbitrary command-execution vulnerability 2. A cross-site request-forgery vulnerability An attacker can exploit these issues to execute arbitrary commands or perform unauthorized actions in the context of...

Palo Alto Networks PAN-OS CVE-2019-17437 Privilege Escalation Vulnerability

Description Palo Alto Networks PAN-OS is prone to a privilege-escalation vulnerability. An attacker can exploit this issue to obtain elevated privileges. PAN-OS 7.1 versions prior to 7.1.25, 8.0 versions prior to 8.0.20, 8.1 versions prior to 8.1.11, 9.0 versions prior to 9.0.5 are vulnerable...

Wireshark CVE-2019-19553 Denial of Service Vulnerability

Description Wireshark is prone to a remote denial-of-service vulnerability because it fails to properly handle certain type of packets. An attacker can leverage this issue to crash the affected application, denying service to legitimate users. Wireshark versions 3.0.0 through 3.0.6 and 2.6.0...

VMware Harbor Container Registry for PCF Multiple Security Vulnerabilities

Description VMware Harbor Container Registry for PCF is prone to the following security vulnerabilities. 1. Multiple SQL-injection vulnerabilities 2. A cross-site request forgery vulnerability 3. A privilege-escalation vulnerability 4. A user-enumeration vulnerability Exploiting this issue...

CZ.NIC Knot Resolver CVE-2019-19331 Denial of Service Vulnerability

Description CZ.NIC Knot Resolver is prone to a denial-of-service vulnerability. Remote attackers can exploit this issue to cause denial-of-service condition. Knot Resolver versions prior to 4.3.0 are vulnerable. Technologies Affected CZ.NIC labs Knot Resolver 2.0.0 CZ.NIC labs Knot Resolver 2.1.0...

Apache Olingo Multiple Security Vulnerabilities

Description Apache Olingo is prone to the following security vulnerabilities: 1. An XML External Entity injection vulnerability 2. A denial-of-service vulnerability 3. A remote-code execution vulnerability Attackers can exploit these issues to gain access to sensitive information, cause...

OpenBSD Multiple Privilege Escalation and Authentication Bypass Vulnerabilities

Description OpenBSD is prone to multiple privilege-escalation and authentication-bypass vulnerabilities. An attacker may leverage these issues to bypass the authentication mechanism and gain elevated privileges. This may aid in further attacks. OpenBSD 6.6 version is vulnerable; other versions ma...

Multiple Linux Distributions CVE-2019-14899 Security Bypass Vulnerability

Description Multiple Linux Distributions are prone to a security-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Technologies Affected Apple iOS Apple macOS Archlinux Linux 2019.05...

Mozilla Firefox and Firefox ESR Multiple Security Vulnerabilities

Description Mozilla Firefox and Firefox ESR are prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions and bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks...

Mozilla Firefox Multiple Security Vulnerabilities

Description Mozilla Firefox is prone to the following security vulnerabilities: 1. An unspecified memory-corruption vulnerability 2. An information-disclosure vulnerability 3. A denial-of-service vulnerability Attackers can exploit these issues to execute arbitrary code, obtain sensitive...

Linux Kernel Multiple Denial of Service Vulnerabilities

Description Linux Kernel is prone to multiple denial-of-service vulnerabilities. Local attackers can exploit these issues to cause denial-of-service conditions. Linux Kernel versions prior to 5.3.11 are vulnerable. Technologies Affected Linux kernel 2.0.0 Linux kernel 2.0.1 Linux kernel 2.0.10...

Linux Kernel Multiple Denial of Service Vulnerabilities

Description Linux Kernel is prone to multiple denial-of-service vulnerabilities. Local attackers can exploit these issues to cause denial-of-service conditions. Linux Kernel versions prior to 5.2.10 are vulnerable. Technologies Affected Linux kernel 2.0.0 Linux kernel 2.0.1 Linux kernel 2.0.10...

Linux Kernel CVE-2019-19533 Local Denial of Service Vulnerability

Description Linux Kernel is prone to a local denial-of-service vulnerability. Local attackers can exploit this issue to cause denial-of-service conditions. Linux Kernel versions prior to 5.3.4 are vulnerable. Technologies Affected Linux kernel 2.0.0 Linux kernel 2.0.1 Linux kernel 2.0.10 Linux...

Linux Kernel Multiple Local Denial of Service Vulnerabilities

Description Linux Kernel is prone to multiple local denial-of-service vulnerabilities. Local attackers can exploit these issues to cause denial-of-service conditions. Linux Kernel versions prior to 5.3.9 are vulnerable. Technologies Affected Linux kernel 2.0.0 Linux kernel 2.0.1 Linux kernel 2.0....

Linux Kernel CVE-2019-19525 Local Denial of Service Vulnerability

Description Linux Kernel is prone to a local denial-of-service vulnerability. Local attackers can exploit this issue to cause denial-of-service conditions. Linux Kernel versions prior to 5.3.6 are vulnerable. Technologies Affected Linux kernel 2.0.0 Linux kernel 2.0.1 Linux kernel 2.0.10 Linux...