Vulnerabilities (CVE)

Filter

9806 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-10828 1 Alps 1 Pointing-device Driver 2019-06-25 2.1
An issue was discovered in Alps Pointing-device Driver 10.1.101.207. ApMsgFwd.exe allows the current user to map and write to the "ApMsgFwd File Mapping Object" section. ApMsgFwd.exe uses the data written to this section as arguments to...
CVE-2018-14662 3 Redhat, Debian, Opensuse 4 Ceph, Debian Linux, Ceph Storage and 1 more 2019-06-25 2.7
It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption.
CVE-2019-0755 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2019-06-25 2.1
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0767, CVE-2019-0775, CVE-2019-0782.
CVE-2019-12745 1 Seeddms 1 Seeddms 2019-06-24 3.5
out/out.UsrMgr.php in SeedDMS before 5.1.11 allows Stored Cross-Site Scripting (XSS) via the name field.
CVE-2014-3637 3 D-bus Project, Novell, Opensuse 3 D-bus, Opensuse, Opensuse 2019-06-24 2.1
D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 does not properly close connections for processes that have terminated, which allows local users to cause a denial of service via a D-bus message containing a D-Bus connection file descriptor.
CVE-2018-16595 2019-06-24 3.3
The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices has a Buffer Overflow.
CVE-2019-1628 1 Cisco 2 Integrated Management Controller, Unified Computing System 2019-06-24 2.1
A vulnerability in the web server of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to cause a buffer overflow, resulting in a denial of service (DoS) condition on an affected device. The vulnerability...
CVE-2019-0183 1 Intel 2 Open Cloud Integrity Tehnology, Openattestation 2019-06-24 2.1
Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2019-0182 1 Intel 2 Open Cloud Integrity Tehnology, Openattestation 2019-06-24 2.1
Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2019-0180 1 Intel 2 Open Cloud Integrity Tehnology, Openattestation 2019-06-24 3.6
Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2019-0179 1 Intel 2 Open Cloud Integrity Tehnology, Openattestation 2019-06-24 3.6
Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2019-0178 1 Intel 2 Open Cloud Integrity Tehnology, Openattestation 2019-06-24 3.3
Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2019-0177 1 Intel 2 Open Cloud Integrity Tehnology, Openattestation 2019-06-24 3.6
Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2019-0175 1 Intel 2 Open Cloud Integrity Tehnology, Openattestation 2019-06-24 3.6
Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2019-0157 2019-06-24 2.1
Insufficient input validation in the Intel(R) SGX driver for Linux may allow an authenticated user to potentially enable a denial of service via local access.
CVE-2019-0136 2019-06-24 3.3
Insufficient access control in the Intel(R) PROSet/Wireless WiFi Software driver before version 21.10 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2019-1630 1 Cisco 2 Integrated Management Controller, Unified Computing System 2019-06-24 2.1
A vulnerability in the firmware signature checking program of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to cause a buffer overflow, resulting in a denial of service (DoS) condition. The...
CVE-2019-11649 1 Microfocus 1 Fortify Software Security Center 2019-06-24 3.5
Cross-Site Scripting vulnerability in Micro Focus Fortify Software Security Center Server, versions 17.2, 18.1, 18.2, has been identified in Micro Focus Software Security Center. The vulnerability could be exploited to execute JavaScript code in...
CVE-2018-17146 1 Nagios 1 Nagios Xi 2019-06-23 3.5
A cross-site scripting vulnerability exists in Nagios XI before 5.5.4 via the 'name' parameter within the Account Information page. Exploitation of this vulnerability allows an attacker to execute arbitrary JavaScript code within the auto login...
CVE-2016-3954 1 Web2py 1 Web2py 2019-06-21 2.1
web2py before 2.14.2 allows remote attackers to obtain the session_cookie_key value via a direct request to examples/simple_examples/status. NOTE: this issue can be leveraged by remote attackers to execute arbitrary code using CVE-2016-3957.