Lista CVE - 2019 / Maggio
Visualizzazione 501 - 600 di 1316 CVE per Maggio 2019 (Pagina 6 di 14)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2019-1822 | 2019-05-16 | Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerabilities |
| CVE-2019-1821 | 2019-05-16 | Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerabilities |
| CVE-2019-1820 | 2019-05-16 | Cisco Prime Infrastructure and Evolved Programmable Network Manager Path Traversal Vulnerability |
| CVE-2019-1819 | 2019-05-16 | Cisco Prime Infrastructure and Evolved Programmable Network Manager Path Traversal Vulnerability |
| CVE-2019-1818 | 2019-05-16 | Cisco Prime Infrastructure and Evolved Programmable Network Manager Path Traversal Vulnerability |
| CVE-2019-1832 | 2019-05-16 | Cisco Firepower Threat Defense Software Detection Engine Policy Bypass Vulnerability |
| CVE-2019-1860 | 2019-05-16 | Cisco Unified Intelligence Center Remote File Injection Vulnerability |
| CVE-2019-1858 | 2019-05-16 | Cisco FXOS and NX-OS Software Simple Network Management Protocol Denial of Service Vulnerability |
| CVE-2019-1853 | 2019-05-16 | Cisco AnyConnect Secure Mobility Client for Linux Out-of-Bounds Memory Read Vulnerability |
| CVE-2019-1851 | 2019-05-16 | Cisco Identity Services Engine Arbitrary Client Certificate Creation Vulnerability |
| CVE-2019-1849 | 2019-05-16 | Cisco IOS XR Software BGP MPLS-Based EVPN Denial of Service Vulnerability |
| CVE-2019-1846 | 2019-05-16 | Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers MPLS OAM Denial of Service Vulnerability |
| CVE-2019-1833 | 2019-05-16 | Cisco Firepower Threat Defense Software SSL/TLS Policy Bypass Vulnerability |
| CVE-2019-1768 | 2019-05-16 | Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerability |
| CVE-2019-12136 | 2019-05-16 | There is XSS in BoostIO Boostnote 0.11.15 via a label named mermaid, as demonstrated by a crafted SRC attribute of an IFRAME element. |
| CVE-2019-12137 | 2019-05-16 | Typora 0.9.9.24.6 on macOS allows directory traversal, for execution of arbitrary programs, via a file:/// or ../ substring in a shared note. |
| CVE-2019-12138 | 2019-05-16 | MacDown 0.7.1 allows directory traversal, for execution of arbitrary programs, via a file:/// or ../ substring in a shared note. |
| CVE-2019-12139 | 2019-05-16 | An XSS issue was discovered in the Admin UI in eZ Platform 2.x. This affects ezplatform-admin-ui 1.3.x before 1.3.5 and 1.4.x before 1.4.4, and ezplatform-page-builder 1.1.x before 1.1.5 and 1.2.x... |
| CVE-2018-17048 | 2019-05-16 | admin/Lib/Action/FpluginAction.class.php in FDCMS (aka Fangfa Content Manage System) 4.2 allows SQL Injection. |
| CVE-2019-10113 | 2019-05-16 | An issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. Making concurrent GET /api/v4/projects/<id>/languages requests may allow Uncontrolled Resource Consumption. |
| CVE-2019-10114 | 2019-05-16 | An Information Exposure issue (issue 2 of 2) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. During the OAuth authentication process,... |
| CVE-2019-10115 | 2019-05-16 | An Insecure Permissions issue (issue 2 of 3) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. The GitLab Releases feature could... |
| CVE-2018-1975 | 2019-05-16 | IBM Rational DOORS Web Access 9.5.1 through 9.5.2.9, and 9.6 through 9.6.1.9 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI... |
| CVE-2019-10116 | 2019-05-16 | An Insecure Permissions issue (issue 3 of 3) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. Guests of a project were... |
| CVE-2019-11033 | 2019-05-16 | Applaud HCM 4.0.42+ uses HTML tag fields for HTML inputs in a form. This leads to an XSS vulnerability with a payload starting with the <iframe./> substring. |
| CVE-2019-10117 | 2019-05-16 | An Open Redirect issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. A redirect is triggered after successful authentication within the... |
| CVE-2019-10112 | 2019-05-16 | An issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. The construction of the HMAC key was insecurely derived. |
| CVE-2019-8338 | 2019-05-16 | The signature verification routine in the Airmail GPG-PGP Plugin, versions 1.0 (9) and earlier, does not verify the status of the signature at all, which allows remote attackers to spoof... |
| CVE-2018-12556 | 2019-05-16 | The signature verification routine in install.sh in yarnpkg/website through 2018-06-05 only verifies that the yarn release is signed by any (arbitrary) key in the local keyring of the user, and... |
| CVE-2019-1780 | 2019-05-16 | Cisco FXOS and NX-OS Software Command Injection Vulnerability |
| CVE-2018-20007 | 2019-05-16 | Yeelight Smart AI Speaker 3.3.10_0074 devices have improper access control over the UART interface, allowing physical attackers to obtain a root shell. The attacker can then exfiltrate the audio data,... |
| CVE-2019-0707 | 2019-05-16 | An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it.To exploit... |
| CVE-2019-0725 | 2019-05-16 | A memory corruption vulnerability exists in the Windows Server DHCP service when processing specially crafted packets, aka 'Windows DHCP Server Remote Code Execution Vulnerability'. |
| CVE-2019-0727 | 2019-05-16 | An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would... |
| CVE-2019-0733 | 2019-05-16 | A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'. |
| CVE-2019-0734 | 2019-05-16 | An elevation of privilege vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully decode and replace authentication request using Kerberos, allowing an attacker to be validated... |
| CVE-2019-0758 | 2019-05-16 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0882,... |
| CVE-2019-0819 | 2019-05-16 | An information disclosure vulnerability exists in Microsoft SQL Server Analysis Services when it improperly enforces metadata permissions, aka 'Microsoft SQL Server Analysis Services Information Disclosure Vulnerability'. |
| CVE-2019-0820 | 2019-05-16 | A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is... |
| CVE-2019-0864 | 2019-05-16 | A denial of service vulnerability exists when .NET Framework improperly handles objects in heap memory, aka '.NET Framework Denial of Service Vulnerability'. |
| CVE-2019-0708 | 2019-05-16 | A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted... |
| CVE-2019-0863 | 2019-05-16 | An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. |
| CVE-2019-0872 | 2019-05-16 | A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site... |
| CVE-2019-0881 | 2019-05-16 | An elevation of privilege vulnerability exists when the Windows Kernel improperly handles key enumeration, aka 'Windows Kernel Elevation of Privilege Vulnerability'. |
| CVE-2019-0882 | 2019-05-16 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0758,... |
| CVE-2019-0884 | 2019-05-16 | A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique... |
| CVE-2019-0885 | 2019-05-16 | A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input, aka 'Windows OLE Remote Code Execution Vulnerability'. |
| CVE-2019-0886 | 2019-05-16 | An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V... |
| CVE-2019-0889 | 2019-05-16 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique... |
| CVE-2019-0890 | 2019-05-16 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique... |
| CVE-2019-0891 | 2019-05-16 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique... |
| CVE-2019-0892 | 2019-05-16 | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. |
| CVE-2019-0893 | 2019-05-16 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique... |
| CVE-2019-0894 | 2019-05-16 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique... |
| CVE-2019-0895 | 2019-05-16 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique... |
| CVE-2019-0896 | 2019-05-16 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique... |
| CVE-2019-0897 | 2019-05-16 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique... |
| CVE-2019-0898 | 2019-05-16 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique... |
| CVE-2019-0899 | 2019-05-16 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique... |
| CVE-2019-0900 | 2019-05-16 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique... |
| CVE-2019-0901 | 2019-05-16 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique... |
| CVE-2019-0902 | 2019-05-16 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique... |
| CVE-2019-0911 | 2019-05-16 | A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique... |
| CVE-2019-0912 | 2019-05-16 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE... |
| CVE-2019-0913 | 2019-05-16 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE... |
| CVE-2019-0914 | 2019-05-16 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE... |
| CVE-2019-0915 | 2019-05-16 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE... |
| CVE-2019-0916 | 2019-05-16 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE... |
| CVE-2019-0917 | 2019-05-16 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE... |
| CVE-2019-0918 | 2019-05-16 | A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique... |
| CVE-2019-0921 | 2019-05-16 | An spoofing vulnerability exists when Internet Explorer improperly handles URLs, aka 'Internet Explorer Spoofing Vulnerability'. |
| CVE-2019-0922 | 2019-05-16 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE... |
| CVE-2019-0923 | 2019-05-16 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE... |
| CVE-2019-0924 | 2019-05-16 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE... |
| CVE-2019-0925 | 2019-05-16 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE... |
| CVE-2019-0926 | 2019-05-16 | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'. |
| CVE-2019-0927 | 2019-05-16 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE... |
| CVE-2019-0929 | 2019-05-16 | A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'. |
| CVE-2019-0930 | 2019-05-16 | An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory, aka 'Internet Explorer Information Disclosure Vulnerability'. |
| CVE-2019-0931 | 2019-05-16 | An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations, aka 'Windows Storage Service Elevation of Privilege Vulnerability'. |
| CVE-2019-0932 | 2019-05-16 | An information disclosure vulnerability exists in Skype for Android, aka 'Skype for Android Information Disclosure Vulnerability'. |
| CVE-2019-0903 | 2019-05-16 | A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. |
| CVE-2019-0933 | 2019-05-16 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE... |
| CVE-2019-0936 | 2019-05-16 | An elevation of privilege vulnerability exists in Microsoft Windows when Windows fails to properly handle certain symbolic links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from... |
| CVE-2019-0937 | 2019-05-16 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE... |
| CVE-2019-0938 | 2019-05-16 | An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka 'Microsoft Edge Elevation of Privilege Vulnerability'. |
| CVE-2019-0940 | 2019-05-16 | A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'. |
| CVE-2019-0942 | 2019-05-16 | An elevation of privilege vulnerability exists in the Unified Write Filter (UWF) feature for Windows 10 when it improperly restricts access to the registry, aka 'Unified Write Filter Elevation of... |
| CVE-2019-0945 | 2019-05-16 | A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE... |
| CVE-2019-0946 | 2019-05-16 | A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE... |
| CVE-2019-0947 | 2019-05-16 | A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE... |
| CVE-2019-0949 | 2019-05-16 | A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID... |
| CVE-2019-0950 | 2019-05-16 | A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID... |
| CVE-2019-0951 | 2019-05-16 | A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID... |
| CVE-2019-0952 | 2019-05-16 | A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls, aka 'Microsoft SharePoint Server Remote Code Execution Vulnerability'. |
| CVE-2019-0953 | 2019-05-16 | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. |
| CVE-2019-0956 | 2019-05-16 | An information disclosure vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Server Information Disclosure Vulnerability'. |
| CVE-2019-0957 | 2019-05-16 | An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Elevation of Privilege... |
| CVE-2019-0958 | 2019-05-16 | An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Elevation of Privilege... |
| CVE-2019-0961 | 2019-05-16 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0758,... |