*** 출처: [US-CERT: Bulletin(SB19-105)] 2019년 4월 8일까지 발표된 보안 취약점
The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
-
High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0
-
Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9
-
Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9
Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.
The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
High Vulnerabilities
Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
advantech -- webaccess | Advantech WebAccess 8.3.4 is vulnerable to file upload attacks via unauthenticated RPC call. An unauthenticated, remote attacker can use this vulnerability to execute arbitrary code. | 2019-04-09 | 7.5 | CVE-2019-3940 BID MISC |
advantech -- webaccess | Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple stack-based buffer overflow vulnerabilities, caused by a lack of proper validation of the length of user-supplied data, may allow remote code execution. | 2019-04-05 | 7.5 | CVE-2019-6550 MISC |
advantech -- webaccess | Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple command injection vulnerabilities, caused by a lack of proper validation of user-supplied data, may allow remote code execution. | 2019-04-05 | 7.5 | CVE-2019-6552 MISC |
airsonic_project -- airsonic | In Airsonic 10.2.1, RecoverController.java generates passwords via org.apache.commons.lang.RandomStringUtils, which uses java.util.Random internally. This PRNG has a 48-bit seed that can easily be bruteforced, leading to trivial privilege escalation attacks. | 2019-04-07 | 7.5 | CVE-2019-10908 MISC |
apache -- http_server | In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected. | 2019-04-08 | 7.2 | CVE-2019-0211 SUSE MISC MISC MISC MISC MLIST BID REDHAT MISC MLIST MLIST MLIST MLIST FEDORA FEDORA BUGTRAQ BUGTRAQ CONFIRM UBUNTU DEBIAN EXPLOIT-DB |
capsuletech -- smartlinx_neuron_2_firmware | A restricted environment escape vulnerability exists in the "kiosk mode" function of Capsule Technologies SmartLinx Neuron 2 medical information collection devices running version 6.9.1. A specific series of keyboard inputs can escape the restricted environment, resulting in full administrator access to the underlying operating system. An attacker can connect to the device via USB port with a keyboard or other HID device to trigger this vulnerability. | 2019-04-11 | 7.2 | CVE-2019-5024 MISC |
f5 -- big-ip_access_policy_manager | On versions 14.0.0-14.0.0.4, 13.0.0-13.1.1.1, 12.1.0-12.1.4, 11.6.0-11.6.3.4, and 11.5.1-11.5.8, the BIG-IP system is vulnerable to a denial of service attack when performing URL classification using the APM module. | 2019-04-11 | 9.0 | CVE-2019-6610 CONFIRM |
forcepoint -- email_security | A configuration issue has been discovered in Forcepoint Email Security 8.4.x and 8.5.x: the product is left in a vulnerable state if the hybrid registration process is not completed. | 2019-04-09 | 7.5 | CVE-2019-6140 MISC |
fortinet -- fortios | A privilege escalation vulnerability in Fortinet FortiOS all versions below 6.2.0 allows admin users to elevate their profile to super_admin via restoring modified configurations. | 2019-04-09 | 9.0 | CVE-2017-17544 BID MISC |
gatship -- web_module | GAT-Ship Web Module before 1.40 suffers from a vulnerability allowing attackers to upload any file type, leading to privilege escalation. | 2019-04-09 | 7.5 | CVE-2019-11028 MISC |
glory-global -- rbw-100_firmware | An issue was discovered on Glory RBW-100 devices with firmware ISP-K05-02 7.0.0. An unrestricted file upload vulnerability in the Front Circle Controller glytoolcgi/settingfile_upload.cgi allows attackers to upload supplied data. This can be used to place attacker controlled code on the filesystem that can be executed and can lead to a reverse root shell. | 2019-04-05 | 9.0 | CVE-2019-10478 MISC |
glory-global -- rbw-100_firmware | An issue was discovered on Glory RBW-100 devices with firmware ISP-K05-02 7.0.0. A hard-coded username and password were identified that allow a remote attacker to gain admin access to the Front Circle Controller web interface. | 2019-04-05 | 10.0 | CVE-2019-10479 MISC |
gnu -- glibc | The getgrouplist function in the GNU C library (glibc) before version 2.3.5, when invoked with a zero argument, writes to the passed pointer even if the specified array size is zero, leading to a buffer overflow and potentially allowing attackers to corrupt memory. | 2019-04-10 | 7.5 | CVE-2005-3590 BID MISC |
graphicsmagick -- graphicsmagick | In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a stack-based buffer overflow in the function SVGStartElement of coders/svg.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a quoted font family value. | 2019-04-08 | 7.5 | CVE-2019-11005 MISC MISC |
ibm -- api_connect | IBM API Connect's Developer Portal 2018.1 and 2018.4.1.3 is impacted by a privilege escalation vulnerability when integrated with an OpenID Connect (OIDC) user registry. IBM X-Force ID: 158544. | 2019-04-08 | 7.5 | CVE-2019-4155 CONFIRM BID XF |
ibm -- bigfix_platform | IBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server with root privileges. This results in code execution on underlying system with root privileges. IBM X-Force ID: 155887. | 2019-04-10 | 9.0 | CVE-2019-4013 CONFIRM XF |
ibm -- infosphere_information_server_on_cloud | IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 154494. | 2019-04-10 | 7.5 | CVE-2018-1994 XF CONFIRM |
ibm -- sterling_connect:direct | IBM Sterling Connect:Direct for UNIX 4.2.0, 4.3.0, and 6.0.0 could allow a user with restricted sudo access on a system to manipulate CD UNIX to gain full sudo access. IBM X-Force ID: 152532. | 2019-04-10 | 7.2 | CVE-2018-1903 CONFIRM XF |
jfrog -- artifactory | An issue was discovered in JFrog Artifactory 6.7.3. By default, the access-admin account is used to reset the password of the admin account in case an administrator gets locked out from the Artifactory console. This is only allowable from a connection directly from localhost, but providing a X-Forwarded-For HTTP header to the request allows an unauthenticated user to login with the default credentials of the access-admin account while bypassing the whitelist of allowed IP addresses. The access-admin account can use Artifactory's API to request authentication tokens for all users including the admin account and, in turn, assume full control of all artifacts and repositories managed by Artifactory. | 2019-04-11 | 7.5 | CVE-2019-9733 MISC CONFIRM CONFIRM |
joomla -- joomla! | An issue was discovered in Joomla! before 3.9.5. The Media Manager component does not properly sanitize the folder parameter, allowing attackers to act outside the media manager root directory. | 2019-04-10 | 7.5 | CVE-2019-10945 MISC |
juniper -- junos | A certain sequence of valid BGP or IPv6 BFD packets may trigger a stack based buffer overflow in the Junos OS Packet Forwarding Engine manager (FXPC) process on QFX5000 series, EX4300, EX4600 devices. This issue can result in a crash of the fxpc daemon or may potentially lead to remote code execution. Affected releases are Juniper Networks Junos OS on QFX 5000 series, EX4300, EX4600 are: 14.1X53; 15.1X53 versions prior to 15.1X53-D235; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R3-S2, 17.3R4; 17.4 versions prior to 17.4R2-S1, 17.4R3; 18.1 versions prior to 18.1R3-S1, 18.1R4; 18.2 versions prior to 18.2R2; 18.2X75 versions prior to 18.2X75-D30; 18.3 versions prior to 18.3R2. | 2019-04-10 | 7.5 | CVE-2019-0008 CONFIRM |
lighttpd -- lighttpd | lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling of /%2F? in burl_normalize_2F_to_slash_fix in burl.c. | 2019-04-10 | 7.5 | CVE-2019-11072 MISC MISC |
magento -- magento | An unauthenticated user can execute arbitrary code through an SQL injection vulnerability, which causes sensitive data leakage. This issue is fixed in Magento Open Source 1.9.4.1, Magento Commerce 1.14.4.1, SUPEE-11086, Magento 2.2.8, Magento 2.3.1. | 2019-04-10 | 7.5 | CVE-2019-7139 MISC |
matrixssl -- matrixssl | pubRsaDecryptSignedElementExt in MatrixSSL, as used in Inside Secure TLS Toolkit, through 4.0.2 Open has a stack-based buffer overflow during X.509 certificate verification because of missing validation in psRsaDecryptPubExt in crypto/pubkey/rsa_pub.c. | 2019-04-08 | 7.5 | CVE-2019-10914 MISC MISC MISC |
microsoft -- chakracore | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0611. | 2019-04-08 | 7.6 | CVE-2019-0592 CONFIRM |
microsoft -- chakracore | A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783. | 2019-04-08 | 7.6 | CVE-2019-0609 CONFIRM |
microsoft -- chakracore | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0592. | 2019-04-08 | 7.6 | CVE-2019-0611 CONFIRM |
microsoft -- chakracore | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0752, CVE-2019-0753, CVE-2019-0862. | 2019-04-09 | 7.6 | CVE-2019-0739 BID MISC |
microsoft -- chakracore | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783. | 2019-04-08 | 7.6 | CVE-2019-0769 CONFIRM |
microsoft -- chakracore | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0773, CVE-2019-0783. | 2019-04-08 | 7.6 | CVE-2019-0771 CONFIRM |
microsoft -- chakracore | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0783. | 2019-04-08 | 7.6 | CVE-2019-0773 CONFIRM |
microsoft -- chakracore | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0810, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861. | 2019-04-09 | 7.6 | CVE-2019-0806 MISC |
microsoft -- chakracore | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861. | 2019-04-09 | 7.6 | CVE-2019-0810 MISC |
microsoft -- chakracore | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861. | 2019-04-09 | 7.6 | CVE-2019-0812 MISC |
microsoft -- chakracore | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0812, CVE-2019-0860, CVE-2019-0861. | 2019-04-09 | 7.6 | CVE-2019-0829 MISC |
microsoft -- chakracore | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0812, CVE-2019-0829, CVE-2019-0861. | 2019-04-09 | 7.6 | CVE-2019-0860 BID MISC |
microsoft -- chakracore | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860. | 2019-04-09 | 7.6 | CVE-2019-0861 BID MISC |
microsoft -- edge | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783. | 2019-04-08 | 7.6 | CVE-2019-0770 CONFIRM |
microsoft -- edge | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'. | 2019-04-08 | 7.6 | CVE-2019-0779 CONFIRM |
microsoft -- edge | A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'. | 2019-04-08 | 7.6 | CVE-2019-0780 CONFIRM |
microsoft -- excel | A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. | 2019-04-09 | 9.3 | CVE-2019-0828 MISC |
microsoft -- internet_explorer | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783. | 2019-04-08 | 7.6 | CVE-2019-0639 CONFIRM |
microsoft -- internet_explorer | A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0666, CVE-2019-0667, CVE-2019-0772. | 2019-04-08 | 7.6 | CVE-2019-0665 CONFIRM |
microsoft -- internet_explorer | A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0665, CVE-2019-0667, CVE-2019-0772. | 2019-04-08 | 7.6 | CVE-2019-0666 CONFIRM |
microsoft -- internet_explorer | A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0665, CVE-2019-0666, CVE-2019-0772. | 2019-04-08 | 7.6 | CVE-2019-0667 CONFIRM |
microsoft -- internet_explorer | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783. | 2019-04-08 | 7.6 | CVE-2019-0680 CONFIRM |
microsoft -- internet_explorer | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0739, CVE-2019-0753, CVE-2019-0862. | 2019-04-09 | 7.6 | CVE-2019-0752 MISC |
microsoft -- internet_explorer | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0739, CVE-2019-0752, CVE-2019-0862. | 2019-04-09 | 7.6 | CVE-2019-0753 MISC |
microsoft -- internet_explorer | A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'. | 2019-04-08 | 7.6 | CVE-2019-0763 CONFIRM |
microsoft -- internet_explorer | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773. | 2019-04-08 | 7.6 | CVE-2019-0783 CONFIRM |
microsoft -- internet_explorer | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0739, CVE-2019-0752, CVE-2019-0753. | 2019-04-09 | 7.6 | CVE-2019-0862 BID MISC |
microsoft -- office | A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. | 2019-04-08 | 9.3 | CVE-2019-0748 CONFIRM |
microsoft -- office | A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'. | 2019-04-09 | 9.3 | CVE-2019-0822 MISC |
microsoft -- windows_10 | A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with elevated permissions on a target system. To exploit the vulnerability, an attacker could create a specially crafted request, causing Windows to execute arbitrary code with elevated permissions. The security update addresses the vulnerability by correcting how Windows Deployment Services TFTP Server handles objects in memory, aka 'Windows Deployment Services TFTP Server Remote Code Execution Vulnerability'. | 2019-04-08 | 8.5 | CVE-2019-0603 CONFIRM |
microsoft -- windows_10 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. | 2019-04-08 | 9.3 | CVE-2019-0617 CONFIRM |
microsoft -- windows_10 | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0803, CVE-2019-0859. | 2019-04-09 | 7.2 | CVE-2019-0685 MISC |
microsoft -- windows_10 | An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. | 2019-04-08 | 7.2 | CVE-2019-0696 CONFIRM |
microsoft -- windows_10 | A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka 'Windows DHCP Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0698, CVE-2019-0726. | 2019-04-08 | 7.5 | CVE-2019-0697 CONFIRM |
microsoft -- windows_10 | A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka 'Windows DHCP Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0697, CVE-2019-0726. | 2019-04-08 | 7.5 | CVE-2019-0698 CONFIRM |
microsoft -- windows_10 | A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka 'Windows DHCP Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0697, CVE-2019-0698. | 2019-04-08 | 7.5 | CVE-2019-0726 CONFIRM |
microsoft -- windows_10 | An elevation of privilege vulnerability exists when the Windows Client Server Run-Time Subsystem (CSRSS) fails to properly handle objects in memory, aka 'Windows CSRSS Elevation of Privilege Vulnerability'. | 2019-04-09 | 7.2 | CVE-2019-0735 MISC |
microsoft -- windows_10 | A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'. | 2019-04-08 | 9.3 | CVE-2019-0756 CONFIRM |
microsoft -- windows_10 | A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory, aka 'Comctl32 Remote Code Execution Vulnerability'. | 2019-04-08 | 9.3 | CVE-2019-0765 CONFIRM |
microsoft -- windows_10 | An elevation of privilege vulnerability exists in Windows AppX Deployment Server that allows file creation in arbitrary locations. To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. | 2019-04-08 | 7.2 | CVE-2019-0766 CONFIRM |
microsoft -- windows_10 | A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0665, CVE-2019-0666, CVE-2019-0667. | 2019-04-08 | 9.3 | CVE-2019-0772 CONFIRM |
microsoft -- windows_10 | A remote code execution vulnerability exists in the way that the ActiveX Data objects (ADO) handles objects in memory, aka 'Windows ActiveX Remote Code Execution Vulnerability'. | 2019-04-08 | 7.6 | CVE-2019-0784 CONFIRM |
microsoft -- windows_10 | An elevation of privilege vulnerability exists in the Microsoft Server Message Block (SMB) Server when an attacker with valid credentials attempts to open a specially crafted file over the SMB protocol on the same machine, aka 'SMB Server Elevation of Privilege Vulnerability'. | 2019-04-09 | 7.5 | CVE-2019-0786 MISC |
microsoft -- windows_10 | A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0791, CVE-2019-0792, CVE-2019-0793, CVE-2019-0795. | 2019-04-09 | 9.3 | CVE-2019-0790 BID MISC |
microsoft -- windows_10 | A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0790, CVE-2019-0792, CVE-2019-0793, CVE-2019-0795. | 2019-04-09 | 9.3 | CVE-2019-0791 BID MISC |
microsoft -- windows_10 | A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0790, CVE-2019-0791, CVE-2019-0793, CVE-2019-0795. | 2019-04-09 | 9.3 | CVE-2019-0792 BID MISC |
microsoft -- windows_10 | A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0790, CVE-2019-0791, CVE-2019-0792, CVE-2019-0795. | 2019-04-09 | 9.3 | CVE-2019-0793 BID MISC |
microsoft -- windows_10 | A remote code execution vulnerability exists when OLE automation improperly handles objects in memory, aka 'OLE Automation Remote Code Execution Vulnerability'. | 2019-04-09 | 9.3 | CVE-2019-0794 MISC |
microsoft -- windows_10 | A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0790, CVE-2019-0791, CVE-2019-0792, CVE-2019-0793. | 2019-04-09 | 9.3 | CVE-2019-0795 BID MISC |
microsoft -- windows_10 | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0808. | 2019-04-08 | 7.2 | CVE-2019-0797 CONFIRM |
microsoft -- windows_10 | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0859. | 2019-04-09 | 7.2 | CVE-2019-0803 MISC |
microsoft -- windows_10 | An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836. | 2019-04-09 | 7.2 | CVE-2019-0841 MISC MISC EXPLOIT-DB |
microsoft -- windows_10 | A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'. | 2019-04-09 | 9.3 | CVE-2019-0842 BID MISC |
microsoft -- windows_10 | A remote code execution vulnerability exists when the IOleCvt interface renders ASP webpage content, aka 'Windows IOleCvt Interface Remote Code Execution Vulnerability'. | 2019-04-09 | 9.3 | CVE-2019-0845 MISC |
microsoft -- windows_10 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0847, CVE-2019-0851, CVE-2019-0877, CVE-2019-0879. | 2019-04-09 | 9.3 | CVE-2019-0846 MISC |
microsoft -- windows_10 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0846, CVE-2019-0851, CVE-2019-0877, CVE-2019-0879. | 2019-04-09 | 9.3 | CVE-2019-0847 MISC |
microsoft -- windows_10 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0846, CVE-2019-0847, CVE-2019-0877, CVE-2019-0879. | 2019-04-09 | 9.3 | CVE-2019-0851 MISC |
microsoft -- windows_10 | A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. | 2019-04-09 | 9.3 | CVE-2019-0853 MISC |
microsoft -- windows_10 | A remote code execution vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Remote Code Execution Vulnerability'. | 2019-04-09 | 9.0 | CVE-2019-0856 MISC |
microsoft -- windows_10 | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0803. | 2019-04-09 | 7.2 | CVE-2019-0859 MISC |
microsoft -- windows_10 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0846, CVE-2019-0847, CVE-2019-0851, CVE-2019-0879. | 2019-04-09 | 7.2 | CVE-2019-0877 MISC |
microsoft -- windows_10 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0846, CVE-2019-0847, CVE-2019-0851, CVE-2019-0877. | 2019-04-09 | 7.2 | CVE-2019-0879 BID MISC |
microsoft -- windows_7 | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0797. | 2019-04-08 | 7.2 | CVE-2019-0808 CONFIRM |
mikrotik -- routeros | MikroTik RouterOS versions Stable 6.43.12 and below, Long-term 6.42.12 and below, and Testing 6.44beta75 and below are vulnerable to an authenticated, remote directory traversal via the HTTP or Winbox interfaces. An authenticated, remote attack can use this vulnerability to read and write files outside of the sandbox directory (/rw/disk). | 2019-04-10 | 7.5 | CVE-2019-3943 MISC |
ncp-e -- ncp_secure_entry_client | The Sophos UTM VPN endpoint interacts with client software provided by NPC Engineering (www.ncp-e.com). The affected client software, "Sophos IPSec Client" 11.04 is a rebranded version of NCP "Secure Entry Client" 10.11 r32792. A vulnerability in the software update feature of the VPN client allows a man-in-the-middle (MITM) or man-on-the-side (MOTS) attacker to execute arbitrary, malicious software on a target user's computer. This is related to SIC_V11.04-64.exe (Sophos), NCP_EntryCl_Windows_x86_1004_31799.exe (NCP), and ncpmon.exe (both Sophos and NCP). The vulnerability exists because: (1) the VPN client requests update metadata over an insecure HTTP connection; and (2) the client software does not check if the software update is signed before running it. | 2019-04-09 | 9.3 | CVE-2017-17023 MISC CONFIRM |
odoo -- odoo | Improper access control in the Helpdesk App of Odoo Enterprise 10.0 through 12.0 allows remote authenticated attackers to obtain elevated privileges via a crafted request. | 2019-04-09 | 9.0 | CVE-2018-15640 MISC |
paloaltonetworks -- globalprotect | GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS may allow an attacker to access authentication and/or session tokens and replay them to spoof the VPN session and gain access as the user. | 2019-04-09 | 7.5 | CVE-2019-1573 BID MISC CERT-VN |
rancher -- rancher | An issue was discovered in Rancher 2 through 2.1.5. Any project member with access to the default namespace can mount the netes-default service account in a pod, and then use that pod to execute administrative privileged commands against the k8s cluster. This could be mitigated by isolating the default namespace in a separate project, where only cluster admins can be given permissions to access. As of 2018-12-20, this bug affected ALL clusters created or imported by Rancher. | 2019-04-10 | 9.0 | CVE-2018-20321 CONFIRM CONFIRM |
reolink -- c1_pro_firmware | On Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W devices through 1.0.227, an authenticated admin can use the "TestEmail" functionality to inject and run OS commands as root, as demonstrated by shell metacharacters in the addr1 field. | 2019-04-08 | 9.0 | CVE-2019-11001 MISC MISC |
roxyfileman -- roxy_fileman | Roxy Fileman 1.4.5 allows attackers to execute renamefile.php (aka Rename File), createdir.php (aka Create Directory), fileslist.php (aka Echo File List), and movefile.php (aka Move File) operations. | 2019-04-09 | 7.5 | CVE-2019-7174 MISC |
silverstripe -- silverstripe | All versions of SilverStripe 3 prior to 3.6.7 and 3.7.3, and all versions of SilverStripe 4 prior to 4.0.7, 4.1.5, 4.2.4, and 4.3.1 allows Reflected SQL Injection through Form and DataObject. | 2019-04-11 | 7.5 | CVE-2019-5715 MISC MISC |
solideos -- architectural_information_system | Architectural Information System 1.0 and earlier versions have a Stack-based buffer overflow, allows remote attackers to execute arbitrary code. | 2019-04-09 | 7.5 | CVE-2019-9134 MISC |
teeworlds -- teeworlds | In Teeworlds 0.7.2, there is an integer overflow in CMap::Load() in engine/shared/map.cpp that can lead to a buffer overflow, because multiplication of width and height is mishandled. | 2019-04-05 | 7.5 | CVE-2019-10877 MISC |
teeworlds -- teeworlds | In Teeworlds 0.7.2, there is a failed bounds check in CDataFileReader::GetData() and CDataFileReader::ReplaceData() and related functions in engine/shared/datafile.cpp that can lead to an arbitrary free and out-of-bounds pointer write, possibly resulting in remote code execution. | 2019-04-05 | 7.5 | CVE-2019-10878 MISC |
teeworlds -- teeworlds | In Teeworlds 0.7.2, there is an integer overflow in CDataFileReader::Open() in engine/shared/datafile.cpp that can lead to a buffer overflow and possibly remote code execution, because size-related multiplications are mishandled. | 2019-04-05 | 7.5 | CVE-2019-10879 MISC |
ui -- edgeswitch_x | In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, a privileged user can execute arbitrary shell commands over the SSH CLI interface. This allows to execute shell commands under the root user. | 2019-04-10 | 9.0 | CVE-2019-5424 CONFIRM MISC |
ui -- edgeswitch_x | In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an authenticated user can execute arbitrary shell commands over the SSH interface bypassing the CLI interface, which allow them to escalate privileges to root. | 2019-04-10 | 9.0 | CVE-2019-5425 CONFIRM MISC |
ui -- edgeswitch_x | In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an unauthenticated user can use the "local port forwarding" and "dynamic port forwarding" (SOCKS proxy) functionalities. Remote attackers without credentials can exploit this bug to access local services or forward traffic through the device if SSH is enabled in the system settings. | 2019-04-10 | 9.3 | CVE-2019-5426 CONFIRM MISC |
verizon -- fios_quantum_gateway_g1100_firmware | Remote command injection vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows a remote, authenticated attacker to execute arbitrary commands on the target device by adding an access control rule for a network object with a crafted hostname. | 2019-04-11 | 9.0 | CVE-2019-3914 MISC |
vpcsbd -- integrated_university_management_system | An authentication bypass vulnerability in all versions of ValuePLUS Integrated University Management System (IUMS) allows unauthenticated, remote attackers to gain administrator privileges via the Teachers Web Panel (TWP) User ID or Password field. If exploited, the attackers could perform any actions with administrator privileges (e.g., enumerate/delete all the students' personal information or modify various settings). | 2019-04-11 | 10.0 | CVE-2019-11196 MISC |
vstarcam -- eye4 | The VStarCam vstc.vscam.client library and vstc.vscam shared object, as used in the Eye4 application (for Android, iOS, and Windows), do not prevent spoofing of the camera server. An attacker can create a fake camera server that listens for the client looking for a camera on the local network. When the camera responds to the client, it responds via the broadcast address, giving all information necessary to impersonate the camera. The attacker then floods the client with responses, causing the original camera to be denied service from the client, and thus causing the client to then communicate exclusively with the attacker's fake camera server. When connecting to the fake camera server, the client sends all details necessary to login to the camera (username and password). | 2019-04-08 | 10.0 | CVE-2019-11014 MISC MISC |
xmlsoft -- libxslt | libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded. | 2019-04-10 | 7.5 | CVE-2019-11068 MISC |
Medium Vulnerabilities
Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
advantech -- webaccess | Advantech WebAccess 8.3.4 allows unauthenticated, remote attackers to delete arbitrary files via IOCTL 10005 RPC. | 2019-04-09 | 6.4 | CVE-2019-3941 BID MISC |
advantech -- webaccess | Advantech WebAccess/SCADA, Versions 8.3.5 and prior. An improper access control vulnerability may allow an attacker to cause a denial-of-service condition. | 2019-04-05 | 5.0 | CVE-2019-6554 MISC |
airsonic_project -- airsonic | Airsonic 10.2.1 uses Spring's default remember-me mechanism based on MD5, with a fixed key of airsonic in GlobalSecurityConfig.java. An attacker able to capture cookies might be able to trivially bruteforce offline the passwords of associated users. | 2019-04-07 | 5.0 | CVE-2019-10907 MISC |
apache -- airflow | A number of HTTP endpoints in the Airflow webserver (both RBAC and classic) did not have adequate protection and were vulnerable to cross-site request forgery attacks. | 2019-04-10 | 6.8 | CVE-2019-0229 MLIST BID MISC |
apache -- http_server | In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in mod_ssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured access control restrictions. | 2019-04-08 | 6.0 | CVE-2019-0215 MLIST BID MISC MLIST FEDORA FEDORA CONFIRM |
apache -- http_server | In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions. | 2019-04-08 | 6.0 | CVE-2019-0217 SUSE MLIST BID MISC MISC MLIST MLIST FEDORA FEDORA BUGTRAQ UBUNTU UBUNTU DEBIAN |
apache -- tomcat | The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.14 and 8.5.0 to 8.5.37 accepted streams with excessive numbers of SETTINGS frames and also permitted clients to keep streams open without reading/writing request/response data. By keeping streams open for requests that utilised the Servlet API's blocking I/O, clients were able to cause server-side threads to block eventually leading to thread exhaustion and a DoS. | 2019-04-10 | 5.0 | CVE-2019-0199 MISC |
autodesk -- advance_steel | An exploitable heap overflow vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file may cause a heap overflow, resulting in code execution. | 2019-04-09 | 6.8 | CVE-2019-7358 MISC |
autodesk -- advance_steel | An exploitable heap overflow vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file may cause a heap overflow, resulting in code execution. | 2019-04-09 | 6.8 | CVE-2019-7359 MISC |
autodesk -- advance_steel | An exploitable heap overflow vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file with too many cell margins populating an AcCellMargin object may cause a heap overflow, resulting in code execution. | 2019-04-09 | 6.8 | CVE-2019-7360 MISC |
autodesk -- advance_steel | An attacker may convince a victim to open a malicious action micro (.actm) file that has serialized data, which may trigger a code execution in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. | 2019-04-09 | 6.8 | CVE-2019-7361 MISC |
aveva -- wonderware_system_platform | AVEVA Wonderware System Platform 2017 Update 2 and prior uses an ArchestrA network user account for authentication of system processes and inter-node communications. A user with low privileges could make use of an API to obtain the credentials for this account. | 2019-04-11 | 4.0 | CVE-2019-6525 MISC CONFIRM |
bolt -- bolt | Cross Site Request Forgery (CSRF) in the bolt/upload File Upload feature in Bolt CMS 3.6.6 allows remote attackers to execute arbitrary code by uploading a JavaScript file to include executable extensions in the file/edit/config/config.yml configuration file. | 2019-04-05 | 6.8 | CVE-2019-10874 MISC MISC MISC EXPLOIT-DB |
cantemo -- portal | Cantemo Portal before 3.2.13, 3.3.x before 3.3.8, and 3.4.x before 3.4.9 has XSS. Leveraging this vulnerability would enable performing actions as users, including administrative users. This could enable account creation and deletion as well as deletion of information contained within the app. | 2019-04-10 | 6.0 | CVE-2019-7551 CONFIRM CONFIRM MISC MISC |
checkpoint -- ipsec_vpn | Check Point IKEv2 IPsec VPN up to R80.30, in some less common conditions, may allow an attacker with knowledge of the internal configuration and setup to successfully connect to a site-to-site VPN server. | 2019-04-09 | 4.3 | CVE-2019-8456 MISC |
clamav -- clamav | A vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper error-handling mechanisms when processing nested RAR files sent to an affected device. An attacker could exploit this vulnerability by sending a crafted RAR file to an affected device. An exploit could allow the attacker to view or create arbitrary files on the targeted system. | 2019-04-08 | 6.8 | CVE-2019-1785 MISC GENTOO |
clamav -- clamav | A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an affected device. A successful exploit could allow the attacker to cause an out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device. | 2019-04-08 | 4.3 | CVE-2019-1786 MISC MISC GENTOO |
clamav -- clamav | A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an affected device. A successful exploit could allow the attacker to cause a heap buffer out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device. | 2019-04-08 | 4.3 | CVE-2019-1787 MISC GENTOO |
clamav -- clamav | A vulnerability in the Object Linking & Embedding (OLE2) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms for OLE2 files sent an affected device. An attacker could exploit this vulnerability by sending malformed OLE2 files to the device running an affected version ClamAV Software. An exploit could allow the attacker to cause an out-of-bounds write condition, resulting in a crash that could result in a denial of service condition on an affected device. | 2019-04-08 | 4.3 | CVE-2019-1788 MISC GENTOO |
clamav -- clamav | A vulnerability in the Portable Executable (PE) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms for PE files sent an affected device. An attacker could exploit this vulnerability by sending malformed PE files to the device running an affected version ClamAV Software. An exploit could allow the attacker to cause an out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device. | 2019-04-08 | 4.3 | CVE-2019-1798 MISC GENTOO |
claws-mail -- mail | In Claws Mail 3.14.1, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker. | 2019-04-07 | 4.3 | CVE-2019-10735 MISC |
cmsmadesimple -- cms_made_simple | An issue was discovered in CMS Made Simple 2.2.8. In the module FrontEndUsers (in the file class.FrontEndUsersManipulate.php or class.FrontEndUsersManipulator.php), it is possible to reach an unserialize call with an untrusted __FEU__ cookie, and achieve authenticated object injection. | 2019-04-11 | 6.5 | CVE-2019-9056 CONFIRM CONFIRM |
ctolog -- thinkadmin | application\admin\controller\User.php in ThinkAdmin V4.0 does not prevent continued use of an administrator's cookie-based credentials after a password change. | 2019-04-08 | 5.0 | CVE-2019-11018 MISC |
cyberark -- endpoint_privilege_manager | CyberArk Endpoint Privilege Manager 10.2.1.603 and earlier allows an attacker (who is able to edit permissions of a file) to bypass intended access restrictions and execute blocked applications. | 2019-04-09 | 4.6 | CVE-2018-14894 MISC MISC EXPLOIT-DB MISC |
dasannetworks -- h660rm_firmware | diag_tool.cgi on DASAN H660RM GPON routers with firmware 1.03-0022 lacks any authorization check, which allows remote attackers to run a ping command via a GET request to enumerate LAN devices or crash the router with a DoS attack. | 2019-04-11 | 6.4 | CVE-2019-9974 MISC MISC BUGTRAQ |
dasannetworks -- h660rm_firmware | DASAN H660RM devices with firmware 1.03-0022 use a hard-coded key for logs encryption. Data stored using this key can be decrypted by anyone able to access this key. | 2019-04-11 | 5.0 | CVE-2019-9975 MISC MISC BUGTRAQ |
dasannetworks -- h660rm_firmware | The Boa server configuration on DASAN H660RM devices with firmware 1.03-0022 logs POST data to the /tmp/boa-temp file, which allows logged-in users to read the credentials of administration web interface users. | 2019-04-11 | 4.0 | CVE-2019-9976 MISC |
eclipse -- kura | In Eclipse Kura versions up to 4.0.0, the SkinServlet did not checked the path passed during servlet call, potentially allowing path traversal in get requests for a limited number of file types. | 2019-04-09 | 5.0 | CVE-2019-10242 BID CONFIRM |
eclipse -- kura | In Eclipse Kura versions up to 4.0.0, Kura exposes the underlying Ui Web server version in its replies. This can be used as a hint by an attacker to specifically craft attacks to the web server run by Kura. | 2019-04-09 | 5.0 | CVE-2019-10243 BID CONFIRM |
eclipse -- kura | In Eclipse Kura versions up to 4.0.0, the Web UI package and component services, the Artemis simple Mqtt component and the emulator position service (not part of the device distribution) could potentially be target of XXE attack due to an improper factory and parser initialisation. | 2019-04-09 | 5.0 | CVE-2019-10244 BID CONFIRM |
elgg -- elgg | Elgg before 1.12.18 and 2.3.x before 2.3.11 has an open redirect. | 2019-04-08 | 5.8 | CVE-2019-11016 MISC MISC MISC |
fastadmin -- fastadmin | FastAdmin V1.0.0.20190111_beta has a CSRF vulnerability to add a new admin user via the admin/auth/admin/add?dialog=1 URI. | 2019-04-10 | 6.0 | CVE-2019-11077 MISC |
fedoraproject -- fedora | simple-markdown.js in Khan Academy simple-markdown before 0.4.4 allows XSS via a data: or vbscript: URI. | 2019-04-08 | 4.3 | CVE-2019-9844 MISC FEDORA MISC |
fortinet -- fortios | An information disclosure vulnerability in Fortinet FortiOS 6.0.1, 5.6.7 and below allows attacker to reveals serial number of FortiGate via hostname field defined in connection control setup packets of PPTP protocol. | 2019-04-09 | 5.0 | CVE-2018-13366 CONFIRM |
freedesktop -- poppler | An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc. | 2019-04-05 | 4.3 | CVE-2019-10871 BID MISC |
freedesktop -- poppler | An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function Splash::blitTransparent at splash/Splash.cc. | 2019-04-05 | 6.8 | CVE-2019-10872 BID MISC |
freedesktop -- poppler | An issue was discovered in Poppler 0.74.0. There is a NULL pointer dereference in the function SplashClip::clipAALine at splash/SplashClip.cc. | 2019-04-05 | 4.3 | CVE-2019-10873 BID MISC |
freedesktop -- poppler | FontInfoScanner::scanFonts in FontInfo.cc in Poppler 0.75.0 has infinite recursion, leading to a call to the error function in Error.cc. | 2019-04-08 | 4.3 | CVE-2019-11026 MISC MISC |
gemalto -- sentinel_ultrapro_client_library | The uncontrolled search path element vulnerability in Gemalto Sentinel UltraPro Client Library ux32w.dll Versions 1.3.0, 1.3.1, and 1.3.2 enables an attacker to load and execute a malicious file. | 2019-04-11 | 6.8 | CVE-2019-6534 MISC MISC MISC CONFIRM |
gitlab -- gitlab | An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It allows XSS (issue 2 of 2). | 2019-04-11 | 4.3 | CVE-2019-6796 MISC MISC MISC MISC |
graphicsmagick -- graphicsmagick | In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadMIFFImage of coders/miff.c, which allows attackers to cause a denial of service or information disclosure via an RLE packet. | 2019-04-08 | 6.4 | CVE-2019-11006 MISC MISC |
graphicsmagick -- graphicsmagick | In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attackers to cause a denial of service or information disclosure via an image colormap. | 2019-04-08 | 5.8 | CVE-2019-11007 MISC MISC MISC |
graphicsmagick -- graphicsmagick | In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file. | 2019-04-08 | 6.8 | CVE-2019-11008 MISC MISC |
graphicsmagick -- graphicsmagick | In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadXWDImage of coders/xwd.c, which allows attackers to cause a denial of service or information disclosure via a crafted image file. | 2019-04-08 | 5.8 | CVE-2019-11009 MISC MISC |
graphicsmagick -- graphicsmagick | In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a memory leak in the function ReadMPCImage of coders/mpc.c, which allows attackers to cause a denial of service via a crafted image file. | 2019-04-08 | 4.3 | CVE-2019-11010 MISC MISC |
graphviz -- graphviz | The agroot() function in cgraph\obj.c in libcgraph.a in Graphviz 2.39.20160612.1140 has a NULL pointer dereference, as demonstrated by graphml2gv. | 2019-04-08 | 6.8 | CVE-2019-11023 MISC MISC |
ibm -- api_connect | Some URIs in IBM API Connect 2018.1 and 2018.4.1.3 disclose system specification information like the machine id, system uuid, filesystem paths, network interface names along with their mac addresses. An attacker can use this information in targeted attacks. IBM X-Force ID: 156542. | 2019-04-08 | 5.0 | CVE-2019-4051 BID XF CONFIRM |
ibm -- business_automation_workflow | IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, and 18.0.0.2 could allow an unauthenticated attacker to obtain sensitve information using a specially cracted HTTP request. IBM X-Force ID: 152020. | 2019-04-08 | 5.0 | CVE-2018-1885 BID XF CONFIRM |
ibm -- business_automation_workflow | IBM Business Automation Workflow and Business Process Manager 18.0.0.0, 18.0.0.1, and 18.0.0.2 are vulnerable to a denial of service attack. An authenticated attacker might send a specially crafted request that exhausts server-side memory. IBM X-Force ID: 154774. | 2019-04-08 | 4.0 | CVE-2018-1997 XF CONFIRM |
ibm -- business_automation_workflow | IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, and 18.0.0.2 could reveal sensitive version information about the server from error pages that could aid an attacker in further attacks against the system. IBM X-Force ID: 154889. | 2019-04-08 | 4.0 | CVE-2018-1999 XF CONFIRM |
ibm -- business_automation_workflow | IBM Business Automation Workflow 18.0.0.0 and 18.0.0.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 154890. | 2019-04-08 | 6.8 | CVE-2018-2000 BID XF CONFIRM |
ibm -- business_automation_workflow | IBM Business Automation Workflow and IBM Business Process Manager 18.0.0.0, 18.0.0.1, and 18.0.0.2 provide embedded document management features. Because of a missing restriction in an API, a client might spoof the last modified by value of a document. IBM X-Force ID: 156241. | 2019-04-08 | 4.0 | CVE-2019-4045 XF CONFIRM |
ibm -- qradar_security_information_and_event_manager | IBM QRadar SIEM 7.3.2 could allow a user to bypass authentication exposing certain functionality which could lead to information disclosure or modification of application configuration. IBM X-Force ID: 158986. | 2019-04-08 | 5.5 | CVE-2019-4210 BID XF CONFIRM |
isc -- bind | A denial of service flaw was found in the way BIND handled DNSSEC validation. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. | 2019-04-09 | 5.0 | CVE-2017-3139 CONFIRM CONFIRM |
ivanti -- workspace_control | An issue was discovered in Ivanti Workspace Control before 10.3.90.0. Local authenticated users with low privileges in a Workspace Control managed session can bypass Workspace Control security features configured for this session by resetting the session context. | 2019-04-05 | 4.6 | CVE-2019-10885 MISC |
jenkins -- jenkins | Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based CLI authentication caches. | 2019-04-10 | 6.8 | CVE-2019-1003049 MISC |
joomla -- joomla! | An issue was discovered in Joomla! before 3.9.5. The "refresh list of helpsites" endpoint of com_users lacks access checks, allowing calls from unauthenticated users. | 2019-04-10 | 5.0 | CVE-2019-10946 MISC |
juniper -- junos | Specific IPv6 DHCP packets received by the jdhcpd daemon will cause a memory resource consumption issue to occur on a Junos OS device using the jdhcpd daemon configured to respond to IPv6 requests. Once started, memory consumption will eventually impact any IPv4 or IPv6 request serviced by the jdhcpd daemon, thus creating a Denial of Service (DoS) condition to clients requesting and not receiving IP addresses. Additionally, some clients which were previously holding IPv6 addresses will not have their IPv6 Identity Association (IA) address and network tables agreed upon by the jdhcpd daemon after the failover event occurs, which leads to more than one interface, and multiple IP addresses, being denied on the client. Affected releases are Juniper Networks Junos OS: 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R2. | 2019-04-10 | 5.0 | CVE-2019-0031 BID CONFIRM |
juniper -- junos | A firewall bypass vulnerability in the proxy ARP service of Juniper Networks Junos OS allows an attacker to cause a high CPU condition leading to a Denial of Service (DoS). This issue affects only IPv4. Affected releases are Juniper Networks Junos OS: 12.1X46 versions above and including 12.1X46-D25 prior to 12.1X46-D71, 12.1X46-D73 on SRX Series; 12.3X48 versions prior to 12.3X48-D50 on SRX Series; 15.1X49 versions prior to 15.1X49-D75 on SRX Series. | 2019-04-10 | 5.0 | CVE-2019-0033 BID CONFIRM |
juniper -- junos | Starting with Junos OS Release 16.1R3, the Junos Telemetry Interface supports Google gRPC remote procedure calls to provision sensors and to subscribe to and receive telemetry data. Configuration files used by gRPC were found to contain hardcoded credentials that could be used by the Junos Network Agent to perform unauthorized read of certain non-critical information (e.g. sensor data). Additionally, APIs exposed via the Juniper Extension Toolkit (JET) may be able to perform non-critical 'set' operations on the device. These APIs need the client to be authenticated for which the username/password can be used. Successful exploitation of this vulnerability can only occur if the Junos Network Agent package (Junos Telemetry Interface) is installed on the device. If the Junos Network Agent is not installed, then the gRPC interface required to leverage these credentials is unavailable and the system is not vulnerable to this issue. Affected releases are Juniper Networks Junos OS: 16.1 versions prior to 16.1R3-S10, 16.1R7-S4; 17.1 versions prior to 17.1R2-S10, 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R3-S1; 17.3 versions prior to 17.3R3-S3; 17.4 versions prior to 17.4R1-S6, 17.4R2-S3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S3; 18.2 versions prior to 18.2R1-S5, 18.2R2-S1; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S2, 18.3R1-S3. This issue does not affect Junos OS releases prior to 16.1. | 2019-04-10 | 5.8 | CVE-2019-0034 BID CONFIRM MISC MISC MISC |
juniper -- junos | If REST API is enabled, the Junos OS login credentials are vulnerable to brute force attacks. The high default connection limit of the REST API may allow an attacker to brute-force passwords using advanced scripting techniques. Additionally, administrators who do not enforce a strong password policy can increase the likelihood of success from brute force attacks. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D49; 15.1 versions prior to 15.1F6-S12, 15.1R7-S3; 15.1X49 versions prior to 15.1X49-D160; 15.1X53 versions prior to 15.1X53-D236, 15.1X53-D495, 15.1X53-D591, 15.1X53-D69; 16.1 versions prior to 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S3; 16.1X65 versions prior to 16.1X65-D49; 16.2 versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S10, 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R3-S1; 17.3 versions prior to 17.3R3-S2; 17.4 versions prior to 17.4R1-S6, 17.4R2-S2; 18.1 versions prior to 18.1R2-S4, 18.1R3-S1; 18.2 versions prior to 18.2R1-S5; 18.2X75 versions prior to 18.2X75-D30; 18.3 versions prior to 18.3R1-S1. | 2019-04-10 | 4.3 | CVE-2019-0039 CONFIRM |
juniper -- junos | On EX4300-MP Series devices with any lo0 filters applied, transit network traffic may reach the control plane via loopback interface (lo0). The device may fail to forward such traffic. This issue affects Juniper Networks Junos OS 18.2 versions prior to 18.2R1-S2, 18.2R2 on EX4300-MP Series. This issue does not affect any other EX series devices. | 2019-04-10 | 5.0 | CVE-2019-0041 CONFIRM |
juniper -- junos | Receipt of a specific packet on the out-of-band management interface fxp0 may cause the system to crash and restart (vmcore). By continuously sending a specially crafted packet to the fxp0 interface, an attacker can repetitively crash the rpd process causing prolonged Denial of Service (DoS). Affected releases are Juniper Networks SRX5000 Series: 12.1X46 versions prior to 12.1X46-D82; 12.3X48 versions prior to 12.3X48-D80; 15.1X49 versions prior to 15.1X49-D160. | 2019-04-10 | 5.0 | CVE-2019-0044 BID CONFIRM |
k-9_mail_project -- k-9_mail | K-9 Mail v5.600 can include the original quoted HTML code of a specially crafted, benign looking, email within (digitally signed) reply messages. The quoted part can contain conditional statements that show completely different text if opened in a different email client. This can be abused by an attacker to obtain valid S/MIME or PGP signatures for arbitrary content to be displayed to a third party. NOTE: the vendor states "We don't plan to take any action because of this." | 2019-04-07 | 4.3 | CVE-2019-10741 MISC |
kde -- kmail | In KDE KMail 5.2.3, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker. | 2019-04-07 | 4.3 | CVE-2019-10732 MISC |
kmplayer -- kmplayer | When processing subtitles format media file, KMPlayer version 2018.12.24.14 or lower doesn't check object size correctly, which leads to integer underflow then to memory out-of-bound read/write. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious file. | 2019-04-09 | 4.3 | CVE-2019-9133 MISC |
libsixel_project -- libsixel | The load_pnm function in frompnm.c in libsixel.a in libsixel 1.8.2 has infinite recursion. | 2019-04-08 | 4.3 | CVE-2019-11024 MISC MISC |
linux -- linux_kernel | The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat. | 2019-04-11 | 4.7 | CVE-2019-11190 BID MISC MISC MISC MISC |
linux -- linux_kernel | The Linux kernel through 5.0.7, when CONFIG_IA32_AOUT is enabled and ia32_aout is loaded, allows local users to bypass ASLR on setuid a.out programs (if any exist) because install_exec_creds() is called too late in load_aout_binary() in fs/binfmt_aout.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat. | 2019-04-11 | 4.7 | CVE-2019-11191 BID MISC MISC |
linux -- linux_kernel | It was found that the net_dma code in tcp_recvmsg() in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. So an unprivileged multi-threaded userspace application calling recvmsg() for the same network socket in parallel executed on ioatdma-enabled hardware with net_dma enabled can leak the memory, crash the host leading to a denial-of-service or cause a random memory corruption. | 2019-04-11 | 4.9 | CVE-2019-3837 CONFIRM |
linux -- linux_kernel | A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled. A guest could use this flaw to potentially crash the host kernel resulting in DoS issue. Kernel versions from 4.16 and newer are vulnerable to this issue. | 2019-04-09 | 4.7 | CVE-2019-3887 BID CONFIRM |
materializecss -- materialize | In Materialize through 1.0.0, XSS is possible via the Tooltip feature. | 2019-04-08 | 4.3 | CVE-2019-11002 MISC |
materializecss -- materialize | In Materialize through 1.0.0, XSS is possible via the Autocomplete feature. | 2019-04-08 | 4.3 | CVE-2019-11003 MISC |
materializecss -- materialize | In Materialize through 1.0.0, XSS is possible via the Toast feature. | 2019-04-08 | 4.3 | CVE-2019-11004 MISC |
mi -- mi_browser | A URL spoofing vulnerability was found in all international versions of Xiaomi Mi browser 10.5.6-g (aka the MIUI native browser) and Mint Browser 1.5.3 due to the way they handle the "q" query parameter. The portion of an https URL before the ?q= substring is not shown to the user. | 2019-04-05 | 4.3 | CVE-2019-10875 MISC MISC MISC |
microsoft -- .net_core_sdk | A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'. | 2019-04-08 | 4.0 | CVE-2019-0757 CONFIRM |
microsoft -- asp.net_core | A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'. | 2019-04-09 | 5.0 | CVE-2019-0815 BID MISC |
microsoft -- azure_devops_server_2019 | A spoofing vulnerability that could allow a security feature bypass exists in when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Spoofing Vulnerability'. | 2019-04-09 | 4.3 | CVE-2019-0857 BID MISC |
microsoft -- azure_devops_server_2019 | A spoofing vulnerability exists in Microsoft Azure DevOps Server when it fails to properly handle web requests, aka 'Azure DevOps Server HTML Injection Vulnerability'. | 2019-04-09 | 4.3 | CVE-2019-0869 BID MISC |
microsoft -- azure_devops_server_2019 | A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'. | 2019-04-09 | 4.3 | CVE-2019-0874 BID MISC |
microsoft -- azure_devops_server_2019 | An elevation of privilege vulnerability exists when Azure DevOps Server 2019 does not properly enforce project permissions, aka 'Azure DevOps Server Elevation of Privilege Vulnerability'. | 2019-04-09 | 5.0 | CVE-2019-0875 MISC |
microsoft -- chakracore | An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'. | 2019-04-08 | 4.3 | CVE-2019-0746 CONFIRM |
microsoft -- edge | An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability, aka 'Microsoft Edge Elevation of Privilege Vulnerability'. | 2019-04-08 | 4.0 | CVE-2019-0678 CONFIRM |
microsoft -- edge | A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of different origins, aka 'Microsoft Browsers Security Feature Bypass Vulnerability'. | 2019-04-08 | 4.3 | CVE-2019-0762 CONFIRM |
microsoft -- edge | A tampering vulnerability exists when Microsoft browsers do not properly validate input under specific conditions, aka 'Microsoft Browsers Tampering Vulnerability'. | 2019-04-09 | 4.3 | CVE-2019-0764 BID MISC |
microsoft -- edge | An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka 'Microsoft Edge Information Disclosure Vulnerability'. | 2019-04-09 | 4.3 | CVE-2019-0833 BID MISC |
microsoft -- exchange_server | A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests, aka 'Microsoft Exchange Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-0858. | 2019-04-09 | 5.8 | CVE-2019-0817 MISC |
microsoft -- exchange_server | A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests, aka 'Microsoft Exchange Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-0817. | 2019-04-09 | 4.3 | CVE-2019-0858 MISC |
microsoft -- internet_explorer | A security feature bypass vulnerability exists when Internet Explorer fails to validate the correct Security Zone of requests for specific URLs, aka 'Internet Explorer Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0768. | 2019-04-08 | 4.3 | CVE-2019-0761 CONFIRM |
microsoft -- internet_explorer | A security feature bypass vulnerability exists when Internet Explorer VBScript execution policy does not properly restrict VBScript under specific conditions, and to allow requests that should otherwise be ignored, aka 'Internet Explorer Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0761. | 2019-04-08 | 4.3 | CVE-2019-0768 CONFIRM |
microsoft -- internet_explorer | An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory, aka 'Microsoft Scripting Engine Information Disclosure Vulnerability'. | 2019-04-09 | 4.3 | CVE-2019-0835 MISC |
microsoft -- lync_server | A spoofing vulnerability exists when a Lync Server or Skype for Business Server does not properly sanitize a specially crafted request, aka 'Skype for Business and Lync Spoofing Vulnerability'. | 2019-04-08 | 4.3 | CVE-2019-0798 CONFIRM |
microsoft -- office | A remote code execution vulnerability exists when Microsoft Office fails to properly handle certain files.To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted URL file that points to an Excel or PowerPoint file that was also downloaded.The update addresses the vulnerability by correcting how Office handles these files., aka 'Office Remote Code Execution Vulnerability'. | 2019-04-09 | 6.8 | CVE-2019-0801 MISC |
microsoft -- office | A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0824, CVE-2019-0825, CVE-2019-0826, CVE-2019-0827. | 2019-04-09 | 6.8 | CVE-2019-0823 MISC |
microsoft -- office | A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0823, CVE-2019-0825, CVE-2019-0826, CVE-2019-0827. | 2019-04-09 | 6.8 | CVE-2019-0824 MISC |
microsoft -- office | A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0823, CVE-2019-0824, CVE-2019-0826, CVE-2019-0827. | 2019-04-09 | 6.8 | CVE-2019-0825 MISC |
microsoft -- office | A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0823, CVE-2019-0824, CVE-2019-0825, CVE-2019-0827. | 2019-04-09 | 6.8 | CVE-2019-0826 MISC |
microsoft -- office | A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0823, CVE-2019-0824, CVE-2019-0825, CVE-2019-0826. | 2019-04-09 | 6.8 | CVE-2019-0827 MISC |
microsoft -- team_foundation_server | A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0867, CVE-2019-0868, CVE-2019-0870, CVE-2019-0871. | 2019-04-09 | 4.3 | CVE-2019-0866 BID MISC |
microsoft -- team_foundation_server | A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0866, CVE-2019-0868, CVE-2019-0870, CVE-2019-0871. | 2019-04-09 | 4.3 | CVE-2019-0867 BID MISC |
microsoft -- team_foundation_server | A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0866, CVE-2019-0867, CVE-2019-0870, CVE-2019-0871. | 2019-04-09 | 4.3 | CVE-2019-0868 BID MISC |
microsoft -- team_foundation_server | A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0866, CVE-2019-0867, CVE-2019-0868, CVE-2019-0871. | 2019-04-09 | 4.3 | CVE-2019-0870 BID MISC |
microsoft -- team_foundation_server | A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0866, CVE-2019-0867, CVE-2019-0868, CVE-2019-0870. | 2019-04-09 | 4.3 | CVE-2019-0871 BID MISC |
microsoft -- visual_studio_2017 | A remote code execution vulnerability exists when the Visual Studio C++ Redistributable Installer improperly validates input before loading dynamic link library (DLL) files, aka 'Visual Studio Remote Code Execution Vulnerability'. | 2019-04-08 | 6.8 | CVE-2019-0809 CONFIRM |
microsoft -- windows_10 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0774. | 2019-04-08 | 4.3 | CVE-2019-0614 CONFIRM |
microsoft -- windows_10 | An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0689, CVE-2019-0692, CVE-2019-0693, CVE-2019-0694. | 2019-04-08 | 4.6 | CVE-2019-0682 CONFIRM |
microsoft -- windows_10 | An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles fragmented IP packets, aka 'Windows TCP/IP Information Disclosure Vulnerability'. | 2019-04-09 | 5.0 | CVE-2019-0688 MISC |
microsoft -- windows_10 | An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0682, CVE-2019-0692, CVE-2019-0693, CVE-2019-0694. | 2019-04-08 | 4.6 | CVE-2019-0689 CONFIRM |
microsoft -- windows_10 | A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0695, CVE-2019-0701. | 2019-04-08 | 5.5 | CVE-2019-0690 CONFIRM |
microsoft -- windows_10 | An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0682, CVE-2019-0689, CVE-2019-0693, CVE-2019-0694. | 2019-04-08 | 4.6 | CVE-2019-0692 CONFIRM |
microsoft -- windows_10 | An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0682, CVE-2019-0689, CVE-2019-0692, CVE-2019-0694. | 2019-04-08 | 4.6 | CVE-2019-0693 CONFIRM |
microsoft -- windows_10 | An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0682, CVE-2019-0689, CVE-2019-0692, CVE-2019-0693. | 2019-04-08 | 4.6 | CVE-2019-0694 CONFIRM |
microsoft -- windows_10 | A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0690, CVE-2019-0701. | 2019-04-08 | 5.5 | CVE-2019-0695 CONFIRM |
microsoft -- windows_10 | A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0690, CVE-2019-0695. | 2019-04-08 | 5.5 | CVE-2019-0701 CONFIRM |
microsoft -- windows_10 | An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, aka 'Windows SMB Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0704, CVE-2019-0821. | 2019-04-08 | 4.0 | CVE-2019-0703 CONFIRM |
microsoft -- windows_10 | An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, aka 'Windows SMB Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0703, CVE-2019-0821. | 2019-04-08 | 4.0 | CVE-2019-0704 CONFIRM |
microsoft -- windows_10 | An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836, CVE-2019-0841. | 2019-04-09 | 4.6 | CVE-2019-0730 MISC |
microsoft -- windows_10 | An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836, CVE-2019-0841. | 2019-04-09 | 4.6 | CVE-2019-0731 MISC |
microsoft -- windows_10 | A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Security Feature Bypass Vulnerability'. | 2019-04-09 | 4.6 | CVE-2019-0732 MISC |
microsoft -- windows_10 | A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. | 2019-04-08 | 4.9 | CVE-2019-0754 CONFIRM |
microsoft -- windows_10 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0614. | 2019-04-08 | 4.3 | CVE-2019-0774 CONFIRM |
microsoft -- windows_10 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0849. | 2019-04-09 | 4.3 | CVE-2019-0802 MISC |
microsoft -- windows_10 | An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0836, CVE-2019-0841. | 2019-04-09 | 4.6 | CVE-2019-0805 MISC |
microsoft -- windows_10 | An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, aka 'Windows SMB Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0703, CVE-2019-0704. | 2019-04-08 | 4.0 | CVE-2019-0821 CONFIRM |
microsoft -- windows_10 | An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0841. | 2019-04-09 | 4.6 | CVE-2019-0836 BID MISC |
microsoft -- windows_10 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0802. | 2019-04-09 | 4.3 | CVE-2019-0849 MISC |
microsoft -- windows_7 | An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a default setting that lets an attacker in the trusting forest request delegation of a TGT for an identity from the trusted forest, aka 'Active Directory Elevation of Privilege Vulnerability'. | 2019-04-08 | 4.3 | CVE-2019-0683 CONFIRM |
mkcms_project -- mkcms | MKCMS V5.0 has a CSRF vulnerability to add a new admin user via the ucenter/userinfo.php URI. | 2019-04-10 | 6.8 | CVE-2019-11078 MISC |
mybb -- mybb | A reflected XSS vulnerability in index.php in MyBB 1.8.x through 1.8.19 allows remote attackers to inject JavaScript via the 'upsetting[bburl]' parameter. | 2019-04-11 | 4.3 | CVE-2018-19202 CONFIRM CONFIRM |
nvidia -- jetson_tx1 | NVIDIA Jetson TX1 and TX2 contain a vulnerability in the Linux for Tegra (L4T) operating system where the Secure Shell (SSH) keys provided in the sample rootfs are not replaced by unique host keys after sample rootsfs generation and flashing, which may lead to information disclosure. The updates apply to all versions prior to and including R28.3. | 2019-04-11 | 6.4 | CVE-2019-5672 CONFIRM |
odoo -- odoo | Improper access control in the Discuss App of Odoo Community 12.0 and earlier, and Odoo Enterprise 12.0 and earlier allows remote authenticated attackers to e-mail themselves arbitrary files from the database, via a crafted RPC request. | 2019-04-09 | 4.0 | CVE-2018-15631 MISC |
odoo -- odoo | Cross-site scripting vulnerability in the Discuss App of Odoo Community 12.0 and earlier, and Odoo Enterprise 12.0 and earlier allows remote attackers to inject arbitrary web script in the browser of an internal user of the system by tricking them into inviting a follower on a document with a crafted name. | 2019-04-09 | 4.3 | CVE-2018-15635 MISC |
omron -- common_components | When processing project files, the application (Omron CX-Programmer v9.70 and prior and Common Components January 2019 and prior) fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application. | 2019-04-10 | 6.8 | CVE-2019-6556 MISC |
openstack -- neutron | An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By creating two security groups with separate/overlapping port ranges, an authenticated user may prevent Neutron from being able to configure networks on any compute nodes where those security groups are present, because of an Open vSwitch (OVS) firewall KeyError. All Neutron deployments utilizing neutron-openvswitch-agent are affected. | 2019-04-05 | 4.0 | CVE-2019-10876 MLIST MISC MISC CONFIRM |
paessler -- prtg | PRTG before 19.1.49.1966 has Cross Site Scripting (XSS) in the WEBGUI. | 2019-04-10 | 4.3 | CVE-2018-14683 CONFIRM |
pivotal_software -- spring_security | Spring Security versions 4.2.x prior to 4.2.12, 5.0.x prior to 5.0.12, and 5.1.x prior to 5.1.5 contain an insecure randomness vulnerability when using SecureRandomFactoryBean#setSeed to configure a SecureRandom instance. In order to be impacted, an honest application must provide a seed and make the resulting random material available to an attacker for inspection. | 2019-04-09 | 5.0 | CVE-2019-3795 BID CONFIRM |
rancher -- rancher | In Rancher 2.0.0 through 2.1.5, project members have continued access to create, update, read, and delete namespaces in a project after they have been removed from it. | 2019-04-10 | 6.5 | CVE-2019-6287 CONFIRM CONFIRM |
redhat -- gluster_storage | A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. Versions before 4.8.11, 4.9.6 and 4.10.2 are vulnerable. | 2019-04-09 | 5.5 | CVE-2019-3880 SUSE MISC CONFIRM MLIST CONFIRM MISC |
redhat -- satellite | A lack of access control was found in the message queues maintained by Satellite's QPID broker and used by katello-agent in versions before Satellite 6.2, Satellite 6.1 optional and Satellite Capsule 6.1. A malicious user authenticated to a host registered to Satellite (or Capsule) can use this flaw to access QMF methods to any host also registered to Satellite (or Capsule) and execute privileged commands. | 2019-04-11 | 5.2 | CVE-2019-3845 CONFIRM |
redhat -- satellite | In Foreman it was discovered that the delete compute resource operation, when executed from the Foreman API, leads to the disclosure of the plaintext password or token for the affected compute resource. A malicious user with the "delete_compute_resource" permission can use this flaw to take control over compute resources managed by foreman. Versions before 1.20.3, 1.21.1, 1.22.0 are vulnerable. | 2019-04-09 | 4.0 | CVE-2019-3893 BID CONFIRM MISC MISC |
roundcube -- webmail | In Roundcube Webmail 1.3.4, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker. | 2019-04-07 | 4.3 | CVE-2019-10740 MISC |
roundup-tracker -- roundup | Roundup 1.6 allows XSS via the URI because frontends/roundup.cgi and roundup/cgi/wsgi_handler.py mishandle 404 errors. | 2019-04-06 | 4.3 | CVE-2019-10904 MLIST MISC MISC MLIST MISC |
salicru -- slc-20-cube3(5) | A reflected HTML injection vulnerability on Salicru SLC-20-cube3(5) devices running firmware version cs121-SNMP v4.54.82.130611 allows remote attackers to inject arbitrary HTML elements via a /DataLog.csv?log= or /AlarmLog.csv?log= or /waitlog.cgi?name= or /chart.shtml?data= or /createlog.cgi?name= request. | 2019-04-05 | 4.3 | CVE-2019-10887 MISC MISC EXPLOIT-DB |
sap -- business_application_software_integrated_solution | ABAP BASIS function modules INST_CREATE_R3_RFC_DEST, INST_CREATE_TCPIP_RFCDEST, and INST_CREATE_TCPIP_RFC_DEST in SAP BASIS (fixed in versions 7.0 to 7.02, 7.10 to 7.30, 7.31, 7.40, 7.50 to 7.53) do not perform necessary authorization checks in all circumstances for an authenticated user, resulting in escalation of privileges. | 2019-04-10 | 6.5 | CVE-2019-0279 CONFIRM CONFIRM |
sap -- crystal_reports | The .NET SDK WebForm Viewer in SAP Crystal Reports for Visual Studio (fixed in version 2010) discloses sensitive database information including credentials which can be misused by the attacker. | 2019-04-10 | 5.0 | CVE-2019-0285 CONFIRM CONFIRM |
sap -- netweaver_process_integration | Under certain conditions the Monitoring Servlet of the SAP NetWeaver Process Integration (Messaging System), fixed in versions 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker to see the names of database tables used by the application, leading to information disclosure. | 2019-04-10 | 4.0 | CVE-2019-0278 CONFIRM CONFIRM |
sap -- netweaver_process_integration | Several web pages in SAP NetWeaver Process Integration (Runtime Workbench), fixed in versions 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50; can be accessed without user authentication, which might expose internal data like release information, Java package and Java object names which can be misused by the attacker. | 2019-04-10 | 5.0 | CVE-2019-0282 CONFIRM CONFIRM |
sap -- netweaver_process_integration | SAP NetWeaver Process Integration (Adapter Engine), fixed in versions 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50; is vulnerable to Digital Signature Spoofing. It is possible to spoof XML signatures and send arbitrary requests to the server via PI Axis adapter. These requests will be accepted by the PI Axis adapter even if the payload has been altered, especially when the signed element is the body of the xml document. | 2019-04-10 | 5.5 | CVE-2019-0283 CONFIRM CONFIRM |
search-guard -- search_guard | The floragunn Search Guard plugin before 6.x-16 for Kibana allows URL injection for login redirects on the login page when basePath is set. | 2019-04-09 | 4.3 | CVE-2018-20698 CONFIRM CONFIRM |
spip -- spip | SPIP 3.1 before 3.1.10 and 3.2 before 3.2.4 allows authenticated visitors to execute arbitrary code on the host server because var_memotri is mishandled. | 2019-04-10 | 6.5 | CVE-2019-11071 MISC MISC MISC MISC |
symantec -- endpoint_encryption | Symantec Endpoint Encryption prior to SEE 11.2.1 MP1 may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | 2019-04-10 | 4.6 | CVE-2019-9694 CONFIRM |
symantec -- vip_enterprise_gateway | Symantec VIP Enterprise Gateway (all versions) may be susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to potentially bypass access controls such as the same-origin policy. | 2019-04-09 | 4.3 | CVE-2019-9696 BID CONFIRM |
systemd_project -- systemd | In systemd before v242-rc4, it was discovered that pam_systemd does not properly sanitize the environment before using the XDG_SEAT variable. It is possible for an attacker, in some particular configurations, to set a XDG_SEAT environment variable which allows for commands to be checked against polkit policies using the "allow_active" element rather than "allow_any". | 2019-04-09 | 4.4 | CVE-2019-3842 CONFIRM FEDORA |
tibco -- activematrix_businessworks | The HTTP Connector component of TIBCO Software Inc.'s TIBCO ActiveMatrix BusinessWorks contains a vulnerability that theoretically allows unauthenticated HTTP requests to be processed by the BusinessWorks engine even when authentication is required. This possibility is restricted to circumstances where HTTP "Basic Authentication" policy is used in conjunction with an XML Authentication resource. The BusinessWorks engine might instead use credentials from a prior HTTP request for authorization purposes. Affected releases are TIBCO Software Inc. TIBCO ActiveMatrix BusinessWorks: versions up to and including 6.4.2. | 2019-04-09 | 6.8 | CVE-2019-8990 BID MISC MISC |
trendmicro -- apex_one | A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (versions XG and 11.0), and Worry-Free Business Security (versions 10.0, 9.5 and 9.0) could allow an attacker to modify arbitrary files on the affected product's management console. | 2019-04-05 | 5.0 | CVE-2019-9489 CONFIRM CONFIRM |
trendmicro -- interscan_web_security_virtual_appliance | A vulnerability in Trend Micro InterScan Web Security Virtual Appliance version 6.5 SP2 could allow an non-authorized user to disclose administrative credentials. An attacker must be an authenticated user in order to exploit the vulnerability. | 2019-04-05 | 4.0 | CVE-2019-9490 BID CONFIRM |
trojita_project -- trojita | In KDE Trojita 0.7, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker. | 2019-04-07 | 4.3 | CVE-2019-10734 MISC |
uipath -- orchestrator | UiPath Orchestrator through 2018.2.4 allows any authenticated user to change the information of arbitrary users (even administrators) leading to privilege escalation and remote code execution. | 2019-04-11 | 6.5 | CVE-2018-17305 CONFIRM |
ukcms -- ukcms | A CSRF Issue that can add an admin user was discovered in UKcms v1.1.10 via admin.php/admin/role/add.html. | 2019-04-05 | 6.8 | CVE-2019-10888 MISC |
uniqkey -- password_manager | An issue was discovered in Uniqkey Password Manager 1.14. Upon entering new credentials to a site that is not registered within this product, a pop-up window will appear prompting the user if they want to save this new password. This pop-up window will persist on any page the user enters within the browser until a decision is made. The code of the pop-up window can be read by remote servers and contains the login credentials and URL in cleartext. A malicious server could easily grab this information from the pop-up. This is related to id="uniqkey-password-popup" and password-popup/popup.html. | 2019-04-08 | 4.3 | CVE-2019-10676 MISC MISC MISC MISC |
uniqkey -- password_manager | An issue was discovered in Uniqkey Password Manager 1.14. When entering new credentials to a site that isn't registered within this product, a pop-up window will appear asking the user if they want to save these new credentials. The code of the pop-up window can be read and, to some extent, manipulated by remote servers. This pop-up window will stay on any page the user visits within the browser until a decision is made. A malicious web server can forcefully manipulate the pop-up and cause it not to appear, stopping users from securing their credentials. This vulnerability is related to id="uniqkey-password-popup" and password-popup/popup.html, but is a different vulnerability than CVE-2019-10676. | 2019-04-08 | 4.3 | CVE-2019-10845 MISC FULLDISC MISC |
uniqkey -- password_manager | Uniqkey Password Manager 1.14 contains a vulnerability because it fails to recognize the difference between domains and sub-domains. The vulnerability means that passwords saved for example.com will be recommended for usersite.example.com. This could lead to successful phishing campaigns and create a sense of false security. | 2019-04-05 | 4.3 | CVE-2019-10884 MISC |
verizon -- fios_quantum_gateway_g1100_firmware | Authentication Bypass by Capture-replay vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an unauthenticated attacker with adjacent network access to intercept and replay login requests to gain access to the administrative web interface. | 2019-04-11 | 5.4 | CVE-2019-3915 BID MISC |
verizon -- fios_quantum_gateway_g1100_firmware | Information disclosure vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an remote, unauthenticated attacker to retrieve the value of the password salt by simply requesting an API URL in a web browser (e.g. /api). | 2019-04-11 | 5.0 | CVE-2019-3916 MISC |
webkitgtk -- webkitgtk | WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization. This issue was corrected by changing the way livestreams are downloaded. | 2019-04-10 | 5.0 | CVE-2019-11070 MISC MLIST MISC BUGTRAQ MISC |
winmagic -- securedoc_disk_encryption | WINMAGIC SecureDoc Disk Encryption before 8.3 has an Unquoted Search Path or Element. | 2019-04-08 | 4.6 | CVE-2018-20341 CONFIRM |
wireshark -- wireshark | In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called. | 2019-04-09 | 5.0 | CVE-2019-10894 BID MISC MISC MISC |
wireshark -- wireshark | In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler file parser could crash. This was addressed in wiretap/netscaler.c by improving data validation. | 2019-04-09 | 5.0 | CVE-2019-10895 BID MISC MISC MISC MISC MISC |
wireshark -- wireshark | In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF dissector could crash. This was addressed in epan/dissectors/packet-dof.c by properly handling generated IID and OID bytes. | 2019-04-09 | 5.0 | CVE-2019-10896 BID MISC MISC MISC |
wireshark -- wireshark | In Wireshark 3.0.0, the IEEE 802.11 dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-ieee80211.c by detecting cases in which the bit offset does not advance. | 2019-04-09 | 5.0 | CVE-2019-10897 BID MISC MISC MISC |
wireshark -- wireshark | In Wireshark 3.0.0, the GSUP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gsm_gsup.c by rejecting an invalid Information Element length. | 2019-04-09 | 5.0 | CVE-2019-10898 BID MISC MISC MISC |
wireshark -- wireshark | In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read. | 2019-04-09 | 5.0 | CVE-2019-10899 BID MISC MISC MISC |
wireshark -- wireshark | In Wireshark 3.0.0, the Rbm dissector could go into an infinite loop. This was addressed in epan/dissectors/file-rbm.c by handling unknown object types safely. | 2019-04-09 | 5.0 | CVE-2019-10900 BID MISC MISC MISC |
wireshark -- wireshark | In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by handling file digests properly. | 2019-04-09 | 5.0 | CVE-2019-10901 BID MISC MISC MISC |
wireshark -- wireshark | In Wireshark 3.0.0, the TSDNS dissector could crash. This was addressed in epan/dissectors/packet-tsdns.c by splitting strings safely. | 2019-04-09 | 5.0 | CVE-2019-10902 BID MISC MISC MISC |
wireshark -- wireshark | In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check. | 2019-04-09 | 5.0 | CVE-2019-10903 BID MISC MISC MISC |
wpape -- ape_gallery | The wpape APE GALLERY plugin 1.6.14 for WordPress has stored XSS via the classGallery.php getCategories function. | 2019-04-09 | 4.3 | CVE-2019-6117 MISC |
xmltooling_project -- xmltooling | The XMLTooling library all versions prior to V3.0.4, provided with the OpenSAML and Shibboleth Service Provider software, contains an XML parsing class. Invalid data in the XML declaration causes an exception of a type that was not handled properly in the parser class and propagates an unexpected exception type. | 2019-04-11 | 5.0 | CVE-2019-9628 MISC MISC UBUNTU MISC |
zarafa -- webaccess | Unauthenticated reflected cross-site scripting (XSS) exists in Zarafa WebAccess 7.2.0-48204. NOTE: this is a discontinued product. The issue was fixed in later Zarafa WebAccess versions; however, some former Zarafa WebAccess customers use the related Kopano product instead. | 2019-04-11 | 4.3 | CVE-2019-7219 MISC MISC |
zyxel -- nas326_firmware | A plaintext password vulnerability in the Zyxel NAS 326 through 5.21 allows an elevated privileged user to get the admin password of the device. | 2019-04-09 | 4.0 | CVE-2019-10630 MISC |
zyxel -- nas326_firmware | Shell Metacharacter Injection in the package installer on Zyxel NAS 326 version 5.21 and below allows an authenticated attacker to execute arbitrary code via multiple different requests. | 2019-04-09 | 6.5 | CVE-2019-10631 MISC |
zyxel -- nas326_firmware | A directory traversal vulnerability in the file browser component on the Zyxel NAS 326 version 5.21 and below allows a lower privileged user to change the location of any other user's files. | 2019-04-09 | 4.0 | CVE-2019-10632 MISC |
zyxel -- nas326_firmware | An eval injection vulnerability in the Python web server routing on the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to execute arbitrary code via the tjp6jp6y4, simZysh, and ck6fup6 APIs. | 2019-04-09 | 6.5 | CVE-2019-10633 MISC |
Low Vulnerabilities
Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
apache -- airflow | A malicious admin user could edit the state of objects in the Airflow metadata database to execute arbitrary javascript on certain page views. | 2019-04-10 | 3.5 | CVE-2019-0216 MLIST BID MISC |
cacti -- cacti | In clearFilter() in utilities.php in Cacti before 1.2.3, no escaping occurs before printing out the value of the SNMP community string (SNMP Options) in the View poller cache, leading to XSS. | 2019-04-08 | 3.5 | CVE-2019-11025 MISC MISC |
canonical -- ubuntu_linux | A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init, aka 'Azure SSH Keypairs Security Feature Bypass Vulnerability'. | 2019-04-08 | 1.9 | CVE-2019-0816 CONFIRM |
canonical -- ubuntu_linux | A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1. | 2019-04-11 | 3.3 | CVE-2019-3460 CONFIRM CONFIRM MLIST MLIST CONFIRM |
forticlient -- forticlient | An improper access control vulnerability in FortiClientMac before 6.0.5 may allow an attacker to affect the application's performance via modifying the contents of a file used by several FortiClientMac processes. | 2019-04-09 | 3.6 | CVE-2019-5585 BID CONFIRM |
gnu -- glibc | The nscd daemon in the GNU C Library (glibc) before version 2.5 does not close incoming client sockets if they cannot be handled by the daemon, allowing local users to carry out a denial of service attack on the daemon. | 2019-04-10 | 2.1 | CVE-2006-7254 MISC |
ibm -- cloud_private | IBM Cloud Private 3.1.0 and 3.1.1 is vulnerable to HTTP HOST header injection, caused by improper validation of input. By persuading a victim to visit a specially-crafted Web page, a remote attacker could exploit this vulnerability to inject arbitrary HTTP headers, which will allow the attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 153385. | 2019-04-08 | 3.5 | CVE-2018-1943 BID XF CONFIRM |
ibm -- cloud_private | The IBM Cloud Private Key Management Service (IBM Cloud Private 3.1.1 and 3.1.2) could allow a local user to obtain sensitive from the KMS plugin container log. IBM X-Force ID: 158348. | 2019-04-08 | 2.1 | CVE-2019-4143 BID XF CONFIRM |
ibm -- spectrum_protect_for_virtual_environments | IBM Spectrum Protect 7.1 and 8.1 is affected by a password exposure vulnerability caused by insecure file permissions. IBM X-Force ID: 148872. | 2019-04-08 | 2.1 | CVE-2018-1787 CONFIRM XF |
ibm -- spectrum_protect_for_virtual_environments | In a certain atypical IBM Spectrum Protect 7.1 and 8.1 configurations, the node password could be displayed in plain text in the IBM Spectrum Protect client trace file. IBM X-Force ID: 151968. | 2019-04-08 | 1.9 | CVE-2018-1882 CONFIRM CONFIRM BID XF |
iobit -- smart_defrag | SmartDefragDriver.sys (2.0) in IObit Smart Defrag 6 never frees an executable kernel pool that is allocated with user defined bytes and size when IOCTL 0x9C401CC0 is called. This kernel pointer can be leaked if the kernel pool becomes a "big" pool. | 2019-04-11 | 2.1 | CVE-2019-6493 MISC MISC |
jenkins -- jenkins | The f:validateButton form control for the Jenkins UI did not properly escape job URLs in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, resulting in a cross-site scripting (XSS) vulnerability exploitable by users with the ability to control job names. | 2019-04-10 | 3.5 | CVE-2019-1003050 BID MISC |
lenovo -- 510-15ikl_firmware | In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additional layer of protection is provided by SPI Protected Range Registers (PRx). Lenovo was notified that after resuming from S3 sleep mode in various versions of BIOS for Lenovo systems, the PRx is not set. This does not impact the SMM BIOS Write Protection, which keeps systems protected. | 2019-04-10 | 2.1 | CVE-2019-6156 MISC |
microsoft -- edge | A security feature bypass vulnerability exists when Click2Play protection in Microsoft Edge improperly handles flash objects. By itself, this bypass vulnerability does not allow arbitrary code execution, aka 'Microsoft Edge Security Feature Bypass Vulnerability'. | 2019-04-08 | 2.6 | CVE-2019-0612 CONFIRM |
microsoft -- sharepoint_enterprise_server | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. | 2019-04-08 | 3.5 | CVE-2019-0778 CONFIRM |
microsoft -- sharepoint_enterprise_server | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2019-0831. | 2019-04-09 | 3.5 | CVE-2019-0830 MISC |
microsoft -- sharepoint_enterprise_server | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2019-0830. | 2019-04-09 | 3.5 | CVE-2019-0831 MISC |
microsoft -- team_foundation_server | A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'. | 2019-04-08 | 3.5 | CVE-2019-0777 CONFIRM |
microsoft -- windows_10 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0755, CVE-2019-0767, CVE-2019-0775, CVE-2019-0782. | 2019-04-08 | 2.1 | CVE-2019-0702 CONFIRM |
microsoft -- windows_10 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0767, CVE-2019-0775, CVE-2019-0782. | 2019-04-08 | 2.1 | CVE-2019-0755 CONFIRM |
microsoft -- windows_10 | An information disclosure vulnerability exists when the Windows Print Spooler does not properly handle objects in memory, aka 'Windows Print Spooler Information Disclosure Vulnerability'. | 2019-04-08 | 2.1 | CVE-2019-0759 CONFIRM |
microsoft -- windows_10 | An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0755, CVE-2019-0775, CVE-2019-0782. | 2019-04-08 | 2.1 | CVE-2019-0767 CONFIRM |
microsoft -- windows_10 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0755, CVE-2019-0767, CVE-2019-0782. | 2019-04-08 | 1.9 | CVE-2019-0775 CONFIRM |
microsoft -- windows_10 | An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. | 2019-04-08 | 2.1 | CVE-2019-0776 CONFIRM |
microsoft -- windows_10 | An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0755, CVE-2019-0767, CVE-2019-0775. | 2019-04-08 | 2.1 | CVE-2019-0782 CONFIRM |
microsoft -- windows_10 | An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0805, CVE-2019-0836, CVE-2019-0841. | 2019-04-09 | 2.1 | CVE-2019-0796 MISC |
microsoft -- windows_10 | An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0848. | 2019-04-09 | 2.1 | CVE-2019-0814 MISC |
microsoft -- windows_10 | An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Information Disclosure Vulnerability'. | 2019-04-09 | 2.1 | CVE-2019-0837 MISC |
microsoft -- windows_10 | An information disclosure vulnerability exists when Windows Task Scheduler improperly discloses credentials to Windows Credential Manager, aka 'Windows Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0839. | 2019-04-09 | 2.1 | CVE-2019-0838 MISC |
microsoft -- windows_10 | An information disclosure vulnerability exists when the Terminal Services component improperly discloses the contents of its memory, aka 'Windows Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0838. | 2019-04-09 | 2.1 | CVE-2019-0839 MISC |
microsoft -- windows_10 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0844. | 2019-04-09 | 2.1 | CVE-2019-0840 MISC |
microsoft -- windows_10 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0840. | 2019-04-09 | 2.1 | CVE-2019-0844 MISC |
microsoft -- windows_10 | An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0814. | 2019-04-09 | 2.1 | CVE-2019-0848 MISC |
nvidia -- jetson_tx2 | NVIDIA Jetson TX2 contains a vulnerability in the kernel driver where the ARM System Memory Management Unit (SMMU) improperly checks for a fault condition, causing transactions to be discarded, which may lead to denial of service. The updates apply to all versions prior to and including R28.3. | 2019-04-11 | 3.6 | CVE-2019-5673 CONFIRM |
osisoft -- pi_vision | OSIsoft PI Vision, versions PI Vision 2017, and PI Vision 2017 R2, The application contains a cross-site scripting vulnerability where displays that reference AF elements and attributes containing JavaScript are affected. This vulnerability requires the ability of authorized AF users to store JavaScript in AF elements and attributes. | 2019-04-08 | 3.5 | CVE-2018-19006 MISC |
paloaltonetworks -- expedition_migration_tool | The Expedition Migration tool 1.1.6 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings. | 2019-04-09 | 3.5 | CVE-2019-1567 MISC |
paloaltonetworks -- expedition_migration_tool | Cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition Migration tool 1.1.12 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the Devices View. | 2019-04-12 | 3.5 | CVE-2019-1574 CONFIRM |
rapid7 -- insightvm | Users with Site-level permissions can access files containing the username-encrypted passwords of Security Console Global Administrators and clear-text passwords for restoring backups, as well as the salt for those passwords. Valid credentials are required to access these files and malicious users would still need to perform additional work to decrypt the credentials and escalate privileges. This issue affects: Rapid7 InsightVM versions 6.5.11 through 6.5.49. | 2019-04-09 | 3.5 | CVE-2019-5615 CONFIRM |
redhat -- enterprise_mrg | A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1. | 2019-04-11 | 3.3 | CVE-2019-3459 MISC CONFIRM CONFIRM CONFIRM MLIST MLIST CONFIRM |
samba -- samba | A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner (root) only access. However in some upgraded installations it will have other permissions, such as 0755, because this was the default before Samba 4.8. Within this directory, files are created with mode 0666, which is world-writable, including a sample krb5.conf, and the list of DNS names and servicePrincipalName values to update. | 2019-04-09 | 3.6 | CVE-2019-3870 CONFIRM MISC MISC |
sap -- hana | SLD Registration in SAP HANA (fixed in versions 1.0, 2.0) does not sufficiently validate an XML document accepted from an untrusted source. The attacker can call SLDREG with an XML file containing a reference to an XML External Entity (XXE). This can cause SLDREG to, for example, continuously loop, read arbitrary files and even send local files. | 2019-04-10 | 3.6 | CVE-2019-0284 CONFIRM CONFIRM |
zyxel -- nas326_firmware | An XSS vulnerability in the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to inject arbitrary JavaScript or HTML via the user, group, and file-share description fields. | 2019-04-09 | 3.5 | CVE-2019-10634 MISC |
Severity Not Yet Assigned
Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
auth0 -- auth0-wcf-service-jwt | Auth0 Auth0-WCF-Service-JWT before 1.0.4 leaks the expected JWT signature in an error message when it cannot successfully validate the JWT signature. If this error message is presented to an attacker, they can forge an arbitrary JWT token that will be accepted by the vulnerable application. | 2019-04-11 | not yet calculated | CVE-2019-7644 MISC |
d-link -- multiple_devices | On D-Link DAP-1530 (A1) before firmware version 1.06b01, DAP-1610 (A1) before firmware version 1.06b01, DWR-111 (A1) before firmware version 1.02v02, DWR-116 (A1) before firmware version 1.06b03, DWR-512 (B1) before firmware version 2.02b01, DWR-711 (A1) through firmware version 1.11, DWR-712 (B1) before firmware version 2.04b01, DWR-921 (A1) before firmware version 1.02b01, and DWR-921 (B1) before firmware version 2.03b01, there exists an EXCU_SHELL file in the web directory. By sending a GET request with specially crafted headers to the /EXCU_SHELL URI, an attacker could execute arbitrary shell commands in the root context on the affected device. Other devices might be affected as well. | 2019-04-11 | not yet calculated | CVE-2018-19300 MISC CONFIRM MISC MISC |
forecpoint -- email_security | A stack-based buffer overflow in Forcepoint Email Security version 8.5 allows an attacker to craft malicious input and potentially crash a process creating a denial-of-service. While no known Remote Code Execution (RCE) vulnerabilities exist, as with all buffer overflows, the possibility of RCE cannot be completely ruled out. Data Execution Protection (DEP) is already enabled on the Email appliance as a risk mitigation. | 2019-04-09 | not yet calculated | CVE-2018-16530 MISC |
fortinet -- fortisandbox | A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiSandbox before 3.0 may allow an attacker to execute unauthorized code or commands via the back_url parameter in the file scan component. | 2019-04-09 | not yet calculated | CVE-2018-1356 BID CONFIRM |
gradle -- gradle | Gradle versions from 1.4 to 5.3.1 use an insecure HTTP URL to download dependencies when the built-in JavaScript or CoffeeScript Gradle plugins are used. Dependency artifacts could have been maliciously compromised by a MITM attack against the ajax.googleapis.com web site. | 2019-04-09 | not yet calculated | CVE-2019-11065 MISC |
hanwha_techwin -- srn-4000 | Hanwha Techwin SRN-4000, SRN-4000 firmware versions prior to SRN4000_v2.16_170401, A specially crafted http request and response could allow an attacker to gain access to the device management page with admin privileges without proper authentication. | 2019-04-08 | not yet calculated | CVE-2017-7912 MISC |
honeywell -- experion_pks | A directory traversal vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, which could lead to possible information disclosure. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version. | 2019-04-08 | not yet calculated | CVE-2014-5436 MISC |
honeywell -- experion_pks | An arbitrary memory write vulnerability exists in the dual_onsrv.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, that could lead to possible remote code execution or denial of service. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version. | 2019-04-08 | not yet calculated | CVE-2014-5435 MISC |
honeywell -- experion_pks | A file inclusion vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, which could lead to accepting an arbitrary file into the function, and potential information disclosure or remote code execution. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version. | 2019-04-08 | not yet calculated | CVE-2014-9186 MISC |
hp_development_company -- multiple_printers | HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP LaserJet Managed printers, HP Officejet Enterprise printers have an insufficient solution bundle signature validation that potentially allows execution of arbitrary code. | 2019-04-11 | not yet calculated | CVE-2019-6318 CONFIRM |
hpe -- gen10_proliant_servers | A remote Cross-Site Scripting in HPE iLO 5 Web User Interface vulnerability was identified in HPE Integrated Lights-Out 5 (iLO 5) for Gen10 ProLiant Servers earlier than version v1.40. | 2019-04-09 | not yet calculated | CVE-2018-7117 MISC |
hpe -- service_pack_for_proliant | A local access restriction bypass vulnerability was identified in HPE Service Pack for ProLiant (SPP) Bundled Software earlier than version 2018.09.0. | 2019-04-09 | not yet calculated | CVE-2018-7118 MISC |
ibm -- spectrum_protect | IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 151014. | 2019-04-08 | not yet calculated | CVE-2018-1853 CONFIRM XF |
inteno -- iopsys |
An issue was discovered in the firewall3 component in Inteno IOPSYS 1.0 through 3.16. The attacker must make a JSON-RPC method call to add a firewall rule as an "include" and point the "path" argument to a malicious script or binary. This gets executed as root when the firewall changes are committed. | 2019-04-11 | not yet calculated | CVE-2018-20487 CONFIRM MISC |
juniper -- identity_management_service | Juniper Identity Management Service (JIMS) for Windows versions prior to 1.1.4 may send an incorrect message to associated SRX services gateways. This may allow an attacker with physical access to an existing domain connected Windows system to bypass SRX firewall policies, or trigger a Denial of Service (DoS) condition for the network. | 2019-04-10 | not yet calculated | CVE-2019-0042 CONFIRM |
juniper -- junos_os | Crafted packets destined to the management interface (fxp0) of an SRX340 or SRX345 services gateway may create a denial of service (DoS) condition due to buffer space exhaustion. This issue only affects the SRX340 and SRX345 services gateways. No other products or platforms are affected by this vulnerability. Affected releases are Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D160 on SRX340/SRX345; 17.3 on SRX340/SRX345; 17.4 versions prior to 17.4R2-S3, 17.4R3 on SRX340/SRX345; 18.1 versions prior to 18.1R3-S1 on SRX340/SRX345; 18.2 versions prior to 18.2R2 on SRX340/SRX345; 18.3 versions prior to 18.3R1-S2, 18.3R2 on SRX340/SRX345. This issue does not affect Junos OS releases prior to 15.1X49 on any platform. | 2019-04-10 | not yet calculated | CVE-2019-0038 BID CONFIRM |
juniper -- junos_os | When "set system ports console insecure" is enabled, root login is disallowed for Junos OS as expected. However, the root password can be changed using "set system root-authentication plain-text-password" on systems booted from an OAM (Operations, Administration, and Maintenance) volume, leading to a possible administrative bypass with physical access to the console. OAM volumes (e.g. flash drives) are typically instantiated as /dev/gpt/oam, or /oam for short. Password recovery, changing the root password from a console, should not have been allowed from an insecure console. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F6-S12, 15.1R7-S3; 15.1X49 versions prior to 15.1X49-D160; 15.1X53 versions prior to 15.1X53-D236, 15.1X53-D496, 15.1X53-D68; 16.1 versions prior to 16.1R3-S10, 16.1R6-S6, 16.1R7-S3; 16.1X65 versions prior to 16.1X65-D49; 16.2 versions prior to 16.2R2-S8; 17.1 versions prior to 17.1R2-S10, 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R3-S1; 17.3 versions prior to 17.3R3-S3; 17.4 versions prior to 17.4R1-S6, 17.4R2-S2; 18.1 versions prior to 18.1R2-S4, 18.1R3-S3; 18.2 versions prior to 18.2R2; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S2. This issue does not affect Junos OS releases prior to 15.1. | 2019-04-10 | not yet calculated | CVE-2019-0035 CONFIRM |
juniper -- junos_os | In MPLS environments, receipt of a specific SNMP packet may cause the routing protocol daemon (RPD) process to crash and restart. By continuously sending a specially crafted SNMP packet, an attacker can repetitively crash the RPD process causing prolonged denial of service. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS : 12.1X46 versions prior to 12.1X46-D77 on SRX Series; 12.3 versions prior to 12.3R12-S10; 12.3X48 versions prior to 12.3X48-D75 on SRX Series; 14.1X53 versions prior to 14.1X53-D48 on EX/QFX series; 15.1 versions prior to 15.1R4-S9, 15.1R7-S2; 15.1F6 versions prior to 15.1F6-S11; 15.1X49 versions prior to 15.1X49-D141, 15.1X49-D144, 15.1X49-D150 on SRX Series; 15.1X53 versions prior to 15.1X53-D234 on QFX5200/QFX5110 Series; 15.1X53 versions prior to 15.1X53-D68 on QFX10K Series; 15.1X53 versions prior to 15.1X53-D471, 15.1X53-D490 on NFX Series; 15.1X53 versions prior to 15.1X53-D590 on EX2300/EX3400 Series; 15.1X54 on ACX Series; 16.1 versions prior to 16.1R3-S10, 16.1R4-S11, 16.1R6-S5, 16.1R7; 16.1X65 versions prior to 16.1X65-D48; 16.2 versions prior to 16.2R2-S6; 17.1 versions prior to 17.1R2-S8, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R3; 17.2X75 versions prior to 17.2X75-D92, 17.2X75-D102, 17.2X75-D110; 17.3 versions prior to 17.3R3; 17.4 versions prior to 17.4R1-S4, 17.4R2; 18.1 versions prior to 18.1R1-S1, 18.1R2-S1, 18.1R3; 18.2X75 versions prior to 18.2X75-D10. | 2019-04-10 | not yet calculated | CVE-2019-0043 CONFIRM |
juniper -- junos_os | On Junos OS, rpcbind should only be listening to port 111 on the internal routing instance (IRI). External packets destined to port 111 should be dropped. Due to an information leak vulnerability, responses were being generated from the source address of the management interface (e.g. fxp0) thus disclosing internal addressing and existence of the management interface itself. A high rate of crafted packets destined to port 111 may also lead to a partial Denial of Service (DoS). Note: Systems with fxp0 disabled or unconfigured are not vulnerable to this issue. This issue only affects Junos OS releases based on FreeBSD 10 or higher (typically Junos OS 15.1+). Administrators can confirm whether systems are running a version of Junos OS based on FreeBSD 10 or higher by typing: user@junos> show version | match kernel JUNOS OS Kernel 64-bit [20181214.223829_fbsd-builder_stable_10] Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F6-S12, 15.1R7-S4; 15.1X53 versions prior to 15.1X53-D236; 16.1 versions prior to 16.1R7-S1; 16.2 versions prior to 16.2R2-S9; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R1-S8; 17.3 versions prior to 17.3R2; 17.4 versions prior to 17.4R1-S1, 17.4R1-S7, 17.4R2. This issue does not affect Junos OS releases prior to 15.1. | 2019-04-10 | not yet calculated | CVE-2019-0040 CONFIRM |
juniper -- junos_os | In a Dynamic Host Configuration Protocol version 6 (DHCPv6) environment, the jdhcpd daemon may crash and restart upon receipt of certain DHCPv6 solicit messages received from a DHCPv6 client. By continuously sending the same crafted packet, an attacker can repeatedly crash the jdhcpd process causing a sustained Denial of Service (DoS) to both IPv4 and IPv6 clients. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F6-S12, 15.1R7-S3; 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180; 15.1X53 versions prior to 15.1X53-D236, 15.1X53-D496; 16.1 versions prior to 16.1R3-S10, 16.1R7-S4; 16.2 versions prior to 16.2R2-S8; 17.1 versions prior to 17.1R2-S10, 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R3-S1; 17.3 versions prior to 17.3R3-S3; 17.4 versions prior to 17.4R1-S6, 17.4R2-S3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S2; 18.2 versions prior to 18.2R2; 18.2X75 versions prior to 18.2X75-D30; 18.3 versions prior to 18.3R1-S2. This issue does not affect Junos OS releases prior to 15.1. | 2019-04-10 | not yet calculated | CVE-2019-0037 CONFIRM |
juniper -- junos_os | When BGP tracing is enabled an incoming BGP message may cause the Junos OS routing protocol daemon (rpd) process to crash and restart. While rpd restarts after a crash, repeated crashes can result in an extended DoS condition. Affected releases are Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S4, 16.1R7-S5; 16.2 versions prior to 16.2R2-S9, 16.2R3; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R3-S1; 17.3 versions prior to 17.3R3-S3, 17.3R3-S4, 17.3R4; 17.4 versions prior to 17.4R1-S7, 17.4R2-S3, 17.4R2-S4, 17.4R3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S4, 18.1R4; 18.2 versions prior to 18.2R2-S2, 18.2R2-S3, 18.2R3; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S3, 18.3R2; 18.4 versions prior to 18.4R1-S2, 18.4R2. This issue does not affect Junos releases prior to 16.1R1. | 2019-04-10 | not yet calculated | CVE-2019-0019 CONFIRM |
juniper -- junos_os | On Junos devices with the BGP graceful restart helper mode enabled or the BGP graceful restart mechanism enabled, a BGP session restart on a remote peer that has the graceful restart mechanism enabled may cause the local routing protocol daemon (RPD) process to crash and restart. By simulating a specific BGP session restart, an attacker can repeatedly crash the RPD process causing prolonged denial of service (DoS). Graceful restart helper mode for BGP is enabled by default. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS: 16.1 versions prior to 16.1R7; 16.1X65 versions prior to 16.1X65-D48; 16.2 versions prior to 16.2R2-S8; 17.1 versions prior to 17.1R2-S7, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R3; 17.2X75 versions prior to 17.2X75-D92, 17.2X75-D102, 17.2X75-D110; 17.3 versions prior to 17.3R2-S2, 17.3R3; 17.4 versions prior to 17.4R1-S4, 17.4R2; 18.1 versions prior to 18.1R2. Junos OS releases prior to 16.1R1 are not affected. | 2019-04-10 | not yet calculated | CVE-2019-0028 CONFIRM |
juniper -- junos_os | When configuring a stateless firewall filter in Junos OS, terms named using the format "internal-n" (e.g. "internal-1", "internal-2", etc.) are silently ignored. No warning is issued during configuration, and the config is committed without error, but the filter criteria will match all packets leading to unexpected results. Affected releases are Juniper Networks Junos OS: All versions prior to and including 12.3; 14.1X53 versions prior to 14.1X53-D130, 14.1X53-D49; 15.1 versions prior to 15.1F6-S12, 15.1R7-S4; 15.1X49 versions prior to 15.1X49-D161, 15.1X49-D170; 15.1X53 versions prior to 15.1X53-D236, 15.1X53-D496, 15.1X53-D69; 16.1 versions prior to 16.1R7-S4, 16.1R7-S5; 16.2 versions prior to 16.2R2-S9; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R3-S1; 17.3 versions prior to 17.3R3-S4; 17.4 versions prior to 17.4R1-S7, 17.4R2-S3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S4; 18.2 versions prior to 18.2R1-S5, 18.2R2-S1; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S3; 18.4 versions prior to 18.4R1-S1, 18.4R1-S2. | 2019-04-10 | not yet calculated | CVE-2019-0036 CONFIRM |
juniper -- service_insight_and_service_now | A password management issue exists where the Organization authentication username and password were stored in plaintext in log files. A locally authenticated attacker who is able to access these stored plaintext credentials can use them to login to the Organization. Affected products are: Juniper Networks Service Insight versions from 15.1R1, prior to 18.1R1. Service Now versions from 15.1R1, prior to 18.1R1. | 2019-04-10 | not yet calculated | CVE-2019-0032 BID CONFIRM MISC |
kentico -- kentico_cms | Kentico CMS before 11.0.45 allows unrestricted upload of a file with a dangerous type. | 2019-04-10 | not yet calculated | CVE-2018-19453 MISC |
lenovo -- bootable_generator | A DLL search path vulnerability was reported in Lenovo Bootable Generator, prior to version Mar-2019, that could allow a malicious user with local access to execute code on the system. | 2019-04-10 | not yet calculated | CVE-2019-6154 MISC |
mcafee -- dxl_platform_and_tie_server | Information Disclosure vulnerability in McAfee DXL Platform and TIE Server in DXL prior to 5.0.1 HF2 and TIE prior to 2.3.1 HF1 allows Authenticated users to view sensitive information in plain text via the GUI or command line. | 2019-04-10 | not yet calculated | CVE-2019-3612 CONFIRM |
microsoft -- azure_linux_agent | An information disclosure vulnerability exists in the way Azure WaLinuxAgent creates swap files on resource disks, aka 'Azure Linux Agent Information Disclosure Vulnerability'. | 2019-04-08 | not yet calculated | CVE-2019-0804 CONFIRM |
microsoft -- open_enclave_sdk | An information disclosure vulnerability exists when affected Open Enclave SDK versions improperly handle objects in memory, aka 'Open Enclave SDK Information Disclosure Vulnerability'. | 2019-04-09 | not yet calculated | CVE-2019-0876 BID MISC |
microsoft -- windows_admin_center | An elevation of privilege vulnerability exists when Windows Admin Center improperly impersonates operations in certain situations, aka 'Windows Admin Center Elevation of Privilege Vulnerability'. | 2019-04-09 | not yet calculated | CVE-2019-0813 MISC |
norton -- password_manager | Norton Password Manager may be susceptible to an address spoofing issue. This type of issue may allow an attacker to disguise their origin IP address in order to obfuscate the source of network traffic. | 2019-04-09 | not yet calculated | CVE-2018-18365 MISC |
nvidia -- jetson_tx2 | NVIDIA Jetson TX2 contains a vulnerability in the kernel driver where input/output control (IOCTL) handling for user mode requests could create a non-trusted pointer dereference, which may lead to information disclosure, denial of service, escalation of privileges, or code execution. The updates apply to all versions prior to and including R28.3. | 2019-04-12 | not yet calculated | CVE-2018-6269 CONFIRM |
nvidia -- jetson_tx2 | NVIDIA Jetson TX2 contains a vulnerability by means of speculative execution where local and unprivileged code may access the contents of cached information in an unauthorized manner, which may lead to information disclosure. The updates apply to all versions prior to and including R28.3. | 2019-04-12 | not yet calculated | CVE-2018-6239 CONFIRM |
pallets -- jinja | In Pallets Jinja before 2.8.1, str.format allows a sandbox escape. | 2019-04-08 | not yet calculated | CVE-2016-10745 MISC MISC |
pallets -- jinja | In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape. | 2019-04-06 | not yet calculated | CVE-2019-10906 MLIST MLIST MLIST MLIST MLIST MLIST MLIST MLIST MISC |
parsedown -- parsedown | Parsedown before 1.7.2, when safe mode is used and HTML markup is disabled, might allow attackers to execute arbitrary JavaScript code if a script (already running on the affected page) executes the contents of any element with a specific class. This occurs because spaces are permitted in code block infostrings, which interferes with the intended behavior of a single class name beginning with the language- substring. | 2019-04-06 | not yet calculated | CVE-2019-10905 MISC MISC |
pulse_secure -- pulse_desktop_client_and_pulse_connect_secure |
In Pulse Secure Pulse Desktop Client and Network Connect, an attacker could access session tokens to replay and spoof sessions, and as a result, gain unauthorized access as an end user, a related issue to CVE-2019-1573. (The endpoint would need to be already compromised for exploitation to succeed.) This affects Pulse Desktop Client 5.x before Secure Desktop 5.3R7 and Pulse Desktop Client 9.x before Secure Desktop 9.0R3. It also affects (for Network Connect customers) Pulse Connect Secure 8.1 before 8.1R14, 8.3 before 8.3R7, and 9.0 before 9.0R3. | 2019-04-12 | not yet calculated | CVE-2019-11213 MISC |
salesagility -- suitecrm | An XSS combined with CSRF vulnerability discovered in SalesAgility SuiteCRM 7.x before 7.8.24 and 7.10.x before 7.10.11 leads to cookie stealing, aka session hijacking. This issue affects the "add dashboard pages" feature where users can receive a malicious attack through a phished URL, with script executed. | 2019-04-05 | not yet calculated | CVE-2018-20816 MISC MISC MISC |
sequelize -- sequelize | Sequelize before 5.3.0 does not properly ensure that standard conforming strings are used. | 2019-04-10 | not yet calculated | CVE-2019-11069 MISC MISC |
silverpeas -- silverpeas | Silverpeas 5.15 through 6.0.2 is affected by an authenticated Directory Traversal vulnerability that can be triggered during file uploads because core/webapi/upload/FileUploadData.java mishandles a StringUtil.java call. This vulnerability enables regular users to write arbitrary files on the underlying system with privileges of the user running the application. Especially, an attacker may leverage the vulnerability to write an executable JSP file in an exposed web directory to execute commands on the underlying system. | 2019-04-09 | not yet calculated | CVE-2018-19586 MISC MISC |
utimaco -- cryptoserver_hsm | Incorrect Access Controls of Security Officer (SO) in PKCS11 R2 provider that ships with the Utimaco CryptoServer HSM product package allows an SO authenticated to a slot to retrieve attributes of keys marked as private keys in external key storage, and also delete keys marked as private keys in external key storage. This compromises the availability of all keys configured with external key storage and may result in an economic attack in which the attacker denies legitimate users access to keys while maintaining possession of an encrypted copy (blob) of the external key store for ransom. This attack has been dubbed reverse ransomware attack and may be executed via a physical connection to the CryptoServer or remote connection if SSH or remote access to LAN CryptoServer has been compromised. The Confidentiality and Integrity of the affected keys, however, remain untarnished. | 2019-04-09 | not yet calculated | CVE-2018-19589 CONFIRM MISC |
vmware -- horizon_connection_server | VMware Horizon Connection Server (7.x before 7.8, 7.5.x before 7.5.2, 6.x before 6.2.8) contains an information disclosure vulnerability. Successful exploitation of this issue may allow disclosure of internal domain names, the Connection Server?s internal name, or the gateway?s internal IP address. | 2019-04-09 | not yet calculated | CVE-2019-5513 MISC |
vmware -- workstation | VMware Workstation (15.x before 15.0.3, 14.x before 14.1.6) running on Windows does not handle paths appropriately. Successful exploitation of this issue may allow the path to the VMX executable, on a Windows host, to be hijacked by a non-administrator leading to elevation of privilege. | 2019-04-09 | not yet calculated | CVE-2019-5511 MISC |
vmware -- workstation | VMware Workstation (15.x before 15.0.3, 14.x before 14.1.6) running on Windows does not handle COM classes appropriately. Successful exploitation of this issue may allow hijacking of COM classes used by the VMX process, on a Windows host, leading to elevation of privilege. | 2019-04-09 | not yet calculated | CVE-2019-5512 MISC |
zephyr_project -- zephyr | A buffer overflow has been found in the Zephyr Project's getaddrinfo() implementation in 1.9.0 and 1.10.0. | 2019-04-12 | not yet calculated | CVE-2017-14199 CONFIRM CONFIRM |
'IT 와 Social 이야기' 카테고리의 다른 글
[NIA] 스탠포드 ‘인공지능 지수(A.I Index)’ 변화 방향 및 지표 분석 < 2017, 2018 A.I Index 지표 비교 > (0) | 2019.04.26 |
---|---|
[iitp] 5G 기술을 활용한 융합 산업 전망 (0) | 2019.04.24 |
[iitp] 광고 기반 무료 영화 보기 서비스 비즈니스 소개 (0) | 2019.04.11 |
[US-CERT: Bulletin(SB19-098)] 2019년 4월 1일까지 발표된 보안 취약점 (0) | 2019.04.09 |
[ETRI] 경량 딥러닝 Lightweight Deep Learning 기술 동향 (0) | 2019.04.08 |