| CVE |
Vendors |
Products |
Updated |
CVSS |
| CVE-2019-0332 |
1 Sap |
1 Businessobjects Business Intelligence |
2019-08-19 |
4.3 |
| SAP BusinessObjects Business Intelligence Platform (Info View), versions 4.1, 4.2, 4.3, allows an attacker to give some payload for keyword in the search and it will be executed while search performs its action, resulting in Cross-Site Scripting... |
| CVE-2019-1145 |
1 Microsoft |
8 Windows 10, Windows 7, Windows 8.1 and 5 more |
2019-08-19 |
9.3 |
| A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1149,... |
| CVE-2019-1155 |
1 Microsoft |
10 Office, Office 365 Proplus, Windows 10 and 7 more |
2019-08-19 |
9.3 |
| A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1146, CVE-2019-1147,... |
| CVE-2019-1156 |
1 Microsoft |
8 Windows 10, Windows 7, Windows 8.1 and 5 more |
2019-08-19 |
9.3 |
| A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1146, CVE-2019-1147,... |
| CVE-2019-1157 |
1 Microsoft |
8 Windows 10, Windows 7, Windows 8.1 and 5 more |
2019-08-19 |
9.3 |
| A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1146, CVE-2019-1147,... |
| CVE-2019-1141 |
1 Microsoft |
1 Edge |
2019-08-19 |
7.6 |
| A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1131,... |
| CVE-2019-1158 |
1 Microsoft |
8 Windows 10, Windows 7, Windows 8.1 and 5 more |
2019-08-19 |
2.1 |
| An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1143, CVE-2019-1154. |
| CVE-2019-1140 |
1 Microsoft |
1 Edge |
2019-08-19 |
7.6 |
| A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1131,... |
| CVE-2019-1159 |
1 Microsoft |
8 Windows 10, Windows 7, Windows 8.1 and 5 more |
2019-08-19 |
7.2 |
| An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1164. |
| CVE-2019-14432 |
1 Loom |
1 Loom |
2019-08-19 |
6.8 |
| Incorrect authentication of application WebSocket connections in Loom Desktop for Mac up to 0.16.0 allows remote code execution from either malicious JavaScript in a browser or hosts on the same network, during periods in which a user is... |
| CVE-2019-1139 |
1 Microsoft |
1 Edge |
2019-08-19 |
7.6 |
| A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1131,... |
| CVE-2019-1131 |
1 Microsoft |
1 Edge |
2019-08-19 |
7.6 |
| A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1139,... |
| CVE-2019-15149 |
|
|
2019-08-19 |
N/A |
| ** DISPUTED ** core.py in Mitogen before 0.2.8 has a typo that drops the unidirectional-routing protection mechanism in the case of a child that is initiated by another child. The Ansible extension is unaffected. NOTE: the vendor disputes this... |
| CVE-2019-14743 |
1 Valvesoftware |
1 Steam Client |
2019-08-19 |
7.2 |
| ** DISPUTED ** In Valve Steam Client for Windows through 2019-08-07, HKLM\SOFTWARE\Wow6432Node\Valve\Steam has explicit "Full control" for the Users group, which allows local users to gain NT AUTHORITY\SYSTEM access. NOTE: the vendor disputes the... |
| CVE-2019-11208 |
1 Tibco |
1 Api Exchange Gateway |
2019-08-19 |
6.5 |
| The authorization component of TIBCO Software Inc.'s TIBCO API Exchange Gateway, and TIBCO API Exchange Gateway Distribution for TIBCO Silver Fabric contains a vulnerability that theoretically processes OAuth authorization incorrectly, leading to... |
| CVE-2019-14433 |
1 Openstack |
1 Nova |
2019-08-19 |
4.0 |
| An issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2. If an API request from an authenticated user ends in a fault condition due to an external exception, details of the underlying environment may... |
| CVE-2015-9316 |
1 Wpfastestcache |
1 Wp Fastest Cache |
2019-08-19 |
7.5 |
| The wp-fastest-cache plugin before 0.8.4.9 for WordPress has SQL injection in wp-admin/admin-ajax.php?action=wpfc_wppolls_ajax_request via the poll_id parameter. |
| CVE-2019-13069 |
|
|
2019-08-19 |
N/A |
| extenua SilverSHielD 6.x fails to secure its ProgramData folder, leading to a Local Privilege Escalation to SYSTEM. The attacker must replace SilverShield.config.sqlite with a version containing an additional user account, and then use SSH and... |
| CVE-2019-14937 |
|
|
2019-08-19 |
N/A |
| REDCap before 9.3.0 allows time-based SQL injection in the edit calendar event via the cal_id parameter, such as cal_id=55 and sleep(3) to Calendar/calendar_popup_ajax.php. The attacker can obtain a user's login sessionid from the database, and... |
| CVE-2019-15132 |
|
|
2019-08-19 |
N/A |
| Zabbix through 4.4.0alpha1 allows User Enumeration. With login requests, it is possible to enumerate application usernames based on the variability of server responses (e.g., the "Login name or password is incorrect" and "No permissions for... |
