Lista CVE - 2019 / Gennaio
Visualizzazione 701 - 800 di 1212 CVE per Gennaio 2019 (Pagina 8 di 13)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2019-2493 | 2019-01-16 | Vulnerability in the PeopleSoft Enterprise CS Campus Community component of Oracle PeopleSoft Products (subcomponent: Frameworks). Supported versions that are affected are 9.0 and 9.2. Difficult to exploit vulnerability allows unauthenticated... |
| CVE-2019-2494 | 2019-01-16 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2019-2495 | 2019-01-16 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2019-2496 | 2019-01-16 | Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcomponent: Messages). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable... |
| CVE-2019-2497 | 2019-01-16 | Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcomponent: Messages). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable... |
| CVE-2019-2498 | 2019-01-16 | Vulnerability in the Oracle Partner Management component of Oracle E-Business Suite (subcomponent: Partner Dash board). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and... |
| CVE-2019-2499 | 2019-01-16 | Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: PIA Search Functionality). Supported versions that are affected are 8.55, 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated... |
| CVE-2019-2500 | 2019-01-16 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low... |
| CVE-2019-2501 | 2019-01-16 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low... |
| CVE-2019-2502 | 2019-01-16 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access... |
| CVE-2019-2503 | 2019-01-16 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection Handling). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Difficult... |
| CVE-2019-2504 | 2019-01-16 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low... |
| CVE-2019-2505 | 2019-01-16 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low... |
| CVE-2019-2506 | 2019-01-16 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low... |
| CVE-2019-2507 | 2019-01-16 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable... |
| CVE-2019-2508 | 2019-01-16 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low... |
| CVE-2019-2509 | 2019-01-16 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low... |
| CVE-2019-2510 | 2019-01-16 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged... |
| CVE-2019-2511 | 2019-01-16 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows unauthenticated... |
| CVE-2019-2512 | 2019-01-16 | Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (subcomponent: Web Access). Supported versions that are affected are 8.4, 15.1, 15.2, 16.1, 16.2,... |
| CVE-2019-2513 | 2019-01-16 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Shell). Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows low privileged attacker with logon... |
| CVE-2019-2519 | 2019-01-16 | Vulnerability in the PeopleSoft Enterprise SCM eProcurement component of Oracle PeopleSoft Products (subcomponent: Manage Requisition Status). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker... |
| CVE-2019-2520 | 2019-01-16 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Difficult to exploit vulnerability allows... |
| CVE-2019-2521 | 2019-01-16 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Difficult to exploit vulnerability allows... |
| CVE-2019-2522 | 2019-01-16 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Difficult to exploit vulnerability allows... |
| CVE-2019-2523 | 2019-01-16 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Difficult to exploit vulnerability allows... |
| CVE-2019-2524 | 2019-01-16 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low... |
| CVE-2019-2525 | 2019-01-16 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Difficult to exploit vulnerability allows... |
| CVE-2019-2526 | 2019-01-16 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Difficult to exploit vulnerability allows... |
| CVE-2019-2527 | 2019-01-16 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.26 and prior to 6.0.4. Easily exploitable vulnerability allows low... |
| CVE-2019-2528 | 2019-01-16 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Partition). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high... |
| CVE-2019-2529 | 2019-01-16 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable... |
| CVE-2019-2530 | 2019-01-16 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2019-2531 | 2019-01-16 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable... |
| CVE-2019-2532 | 2019-01-16 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows... |
| CVE-2019-2533 | 2019-01-16 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows low privileged... |
| CVE-2019-2534 | 2019-01-16 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable... |
| CVE-2019-2535 | 2019-01-16 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows high privileged attacker with... |
| CVE-2019-2536 | 2019-01-16 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows high privileged attacker with... |
| CVE-2019-2537 | 2019-01-16 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable... |
| CVE-2019-2538 | 2019-01-16 | Vulnerability in the Oracle Managed File Transfer component of Oracle Fusion Middleware (subcomponent: MFT Runtime Server). Supported versions that are affected are 19.1.0.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low... |
| CVE-2019-2539 | 2019-01-16 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2019-2540 | 2019-01-16 | Vulnerability in the Java Advanced Management Console component of Oracle Java SE (subcomponent: Server). The supported version that is affected is Java Advanced Management Console: 2.12. Easily exploitable vulnerability allows... |
| CVE-2019-2541 | 2019-01-16 | Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite (subcomponent: DHCP Client). The supported version that is affected is 10. Difficult to exploit vulnerability allows unauthenticated attacker... |
| CVE-2019-2543 | 2019-01-16 | Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with... |
| CVE-2019-2544 | 2019-01-16 | Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with... |
| CVE-2019-2545 | 2019-01-16 | Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite (subcomponent: LDoms IO). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker... |
| CVE-2019-2546 | 2019-01-16 | Vulnerability in the Oracle Applications Manager component of Oracle E-Business Suite (subcomponent: SQL Extensions). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8.... |
| CVE-2019-2547 | 2019-01-16 | Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows low privileged attacker having Create... |
| CVE-2019-2548 | 2019-01-16 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low... |
| CVE-2019-2549 | 2019-01-16 | Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applications (subcomponent: Logoff Page). The supported version that is affected is 12.0.2. Easily exploitable vulnerability allows unauthenticated attacker... |
| CVE-2019-2550 | 2019-01-16 | Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applications (subcomponent: Logoff Page). The supported version that is affected is 12.0.2. Easily exploitable vulnerability allows unauthenticated attacker... |
| CVE-2019-2552 | 2019-01-16 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low... |
| CVE-2019-2553 | 2019-01-16 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low... |
| CVE-2019-2554 | 2019-01-16 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low... |
| CVE-2019-2555 | 2019-01-16 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low... |
| CVE-2019-2556 | 2019-01-16 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low... |
| CVE-2018-5736 | 2019-01-16 | An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave... |
| CVE-2018-5733 | 2019-01-16 | A malicious client can overflow a reference counter in ISC dhcpd |
| CVE-2016-9778 | 2019-01-16 | An error handling certain queries using the nxdomain-redirect feature could cause a REQUIRE assertion failure in db.c |
| CVE-2017-3135 | 2019-01-16 | Combination of DNS64 and RPZ Can Lead to Crash |
| CVE-2017-3136 | 2019-01-16 | An error handling synthesized records could cause an assertion failure when using DNS64 with "break-dnssec yes;" |
| CVE-2017-3137 | 2019-01-16 | A response packet can cause a resolver to terminate when processing an answer containing a CNAME or DNAME |
| CVE-2017-3138 | 2019-01-16 | named exits with a REQUIRE assertion failure if it receives a null command string on its control channel |
| CVE-2017-3140 | 2019-01-16 | An error processing RPZ rules can cause named to loop endlessly after handling a query |
| CVE-2017-3141 | 2019-01-16 | Windows service and uninstall paths are not quoted when BIND is installed |
| CVE-2017-3142 | 2019-01-16 | An error in TSIG authentication can permit unauthorized zone transfers |
| CVE-2017-3143 | 2019-01-16 | An error in TSIG authentication can permit unauthorized dynamic updates |
| CVE-2017-3144 | 2019-01-16 | Failure to properly clean up closed OMAPI connections can exhaust available sockets |
| CVE-2017-3145 | 2019-01-16 | Improper fetch cleanup sequencing in the resolver can cause named to crash |
| CVE-2018-15782 | 2019-01-16 | DSA-2018-226: RSA® Authentication Manager Relative Path Traversal Vulnerability |
| CVE-2018-5734 | 2019-01-16 | A malformed request can trigger an assertion failure in badcache.c |
| CVE-2018-5737 | 2019-01-16 | BIND 9.12's serve-stale implementation can cause an assertion failure in rbtdb.c or other undesirable behavior, even if serve-stale is not enabled. |
| CVE-2018-5738 | 2019-01-16 | Some versions of BIND can improperly permit recursive query service to unauthorized clients |
| CVE-2018-5739 | 2019-01-16 | Failure to release memory may exhaust system resources |
| CVE-2018-5740 | 2019-01-16 | A flaw in the "deny-answer-aliases" feature can cause an assertion failure in named |
| CVE-2018-5741 | 2019-01-16 | Update policies krb5-subdomain and ms-subdomain do not enforce controls promised in their documentation |
| CVE-2018-18812 | 2019-01-16 | TIBCO Spotfire Fails To Prevent Write Access to Spotfire Library |
| CVE-2018-18813 | 2019-01-16 | TIBCO Spotfire Reflected and Persistent Cross-Site Scripting Vulnerabilities |
| CVE-2018-18814 | 2019-01-16 | TIBCO Spotfire Authentication Vulnerability |
| CVE-2015-9281 | 2019-01-17 | Logon Manager in SAS Web Infrastructure Platform before 9.4M3 allows reflected XSS on the Timeout page. |
| CVE-2018-20732 | 2019-01-17 | SAS Web Infrastructure Platform before 9.4M6 allows remote attackers to execute arbitrary code via a Java deserialization variant. |
| CVE-2018-20733 | 2019-01-17 | BI Web Services in SAS Web Infrastructure Platform before 9.4M6 allows XXE. |
| CVE-2018-20727 | 2019-01-17 | Multiple command injection vulnerabilities in NeDi before 1.7Cp3 allow authenticated users to execute code on the server side via the flt parameter to Nodes-Traffic.php, the dv parameter to Devices-Graph.php, or... |
| CVE-2018-20728 | 2019-01-17 | A cross site request forgery (CSRF) vulnerability in NeDi before 1.7Cp3 allows remote attackers to escalate privileges via User-Management.php. |
| CVE-2018-20729 | 2019-01-17 | A reflected cross site scripting (XSS) vulnerability in NeDi before 1.7Cp3 allows remote attackers to inject arbitrary web script or HTML via the reg parameter in mh.php. |
| CVE-2018-20730 | 2019-01-17 | A SQL injection vulnerability in NeDi before 1.7Cp3 allows any user to execute arbitrary SQL read commands via the query.php component. |
| CVE-2018-20731 | 2019-01-17 | A stored cross site scripting (XSS) vulnerability in NeDi before 1.7Cp3 allows remote attackers to inject arbitrary web script or HTML via User-Chat.php. |
| CVE-2019-0624 | 2019-01-17 | A spoofing vulnerability exists when a Skype for Business 2015 server does not properly sanitize a specially crafted request, aka "Skype for Business 2015 Spoofing Vulnerability." This affects Skype. |
| CVE-2019-0646 | 2019-01-17 | A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka "Team Foundation Server Cross-site Scripting Vulnerability." This affects Team. |
| CVE-2019-0647 | 2019-01-17 | An information disclosure vulnerability exists when Team Foundation Server does not properly handle variables marked as secret, aka "Team Foundation Server Information Disclosure Vulnerability." This affects Team. |
| CVE-2018-20735 | 2019-01-17 | An issue was discovered in BMC PATROL Agent through 11.3.01. It was found that the PatrolCli application can allow for lateral movement and escalation of privilege inside a Windows Active... |
| CVE-2019-6487 | 2019-01-18 | TP-Link WDR Series devices through firmware v3 (such as TL-WDR5620 V3.0) are affected by command injection (after login) leading to remote code execution, because shell metacharacters can be included in... |
| CVE-2018-12817 | 2019-01-18 | Adobe Digital Editions versions 4.5.9 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure. |
| CVE-2018-12830 | 2019-01-18 | Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have... |
| CVE-2018-15983 | 2019-01-18 | Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation. |
| CVE-2018-15984 | 2019-01-18 | Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have... |
| CVE-2018-15985 | 2019-01-18 | Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have... |
| CVE-2018-15986 | 2019-01-18 | Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have... |
| CVE-2018-15987 | 2019-01-18 | Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have... |