Vulnerabilities (CVE)

Filter

9755 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-11092 1 Intel 2 Open Cloud Integrity Tehnology, Openattestation 2019-06-14 3.6
Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2019-12749 1 Canonical 1 Ubuntu Linux 2019-06-14 3.6
dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the...
CVE-2019-10155 4 Libreswan, Openswan, Strongswan and 1 more 4 Libreswan, Openswan, Strongswan and 1 more 2019-06-14 3.5
The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity...
CVE-2019-3872 1 Redhat 2 Jboss Enterprise Application Platform, Single Sign-on 2019-06-14 3.5
It was found that a SAMLRequest containing a script could be processed by Picketlink versions shipped in Jboss Application Platform 7.2.x and 7.1.x. An attacker could use this to send a malicious script to achieve cross-site scripting and obtain...
CVE-2019-0183 1 Intel 2 Open Cloud Integrity Tehnology, Openattestation 2019-06-14 2.1
Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2019-0182 1 Intel 2 Open Cloud Integrity Tehnology, Openattestation 2019-06-14 2.1
Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2019-0180 1 Intel 2 Open Cloud Integrity Tehnology, Openattestation 2019-06-14 3.6
Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2019-0179 1 Intel 2 Open Cloud Integrity Tehnology, Openattestation 2019-06-14 3.6
Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2019-0178 1 Intel 2 Open Cloud Integrity Tehnology, Openattestation 2019-06-14 3.3
Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2019-0177 1 Intel 2 Open Cloud Integrity Tehnology, Openattestation 2019-06-14 3.6
Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2019-0175 1 Intel 2 Open Cloud Integrity Tehnology, Openattestation 2019-06-14 3.6
Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2019-0986 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2019-06-13 3.6
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'.
CVE-2019-10157 1 Redhat 1 Keycloak 2019-06-13 2.1
It was found that Keycloak's Node.js adapter before version 4.8.3 did not properly verify the web token received from the server in its backchannel logout . An attacker with local access could use this to construct a malicious web token setting...
CVE-2019-1039 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2019-06-13 2.1
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application, aka 'Windows Kernel Information...
CVE-2019-5522 1 Vmware 1 Tools 2019-06-13 3.6
VMware Tools for Windows update addresses an out of bounds read vulnerability in vm3dmp driver which is installed with vmtools in Windows guest machines. This issue is present in versions 10.2.x and 10.3.x prior to 10.3.10. A local attacker with...
CVE-2015-1988 1 Ibm 2 Tivoli Storage Flashcopy Manager, Tivoli Storage Manager For Virtual Environments 2019-06-13 3.5
Cross-site scripting (XSS) vulnerability in IBM Tivoli Storage Manger for Virtual Environments: Data Protection for VMware 6.3 before 6.3.2.5, 6.4 before 6.4.3.1, and 7.1 before 7.1.3 and Tivoli Storage FlashCopy Manager for VMware 3.1 before...
CVE-2019-1032 1 Microsoft 2 Sharepoint Enterprise Server, Sharepoint Server 2019-06-13 3.5
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is...
CVE-2019-1031 1 Microsoft 4 Project Server, Sharepoint Enterprise Server, Sharepoint Foundation and 1 more 2019-06-13 3.5
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is...
CVE-2019-1033 1 Microsoft 4 Project Server, Sharepoint Enterprise Server, Sharepoint Foundation and 1 more 2019-06-13 3.5
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is...
CVE-2019-10335 1 Jenkins 1 Electricflow 2019-06-13 3.5
A stored cross site scripting vulnerability in Jenkins ElectricFlow Plugin 1.1.5 and earlier allowed attackers able to configure jobs in Jenkins or control the output of the ElectricFlow API to inject arbitrary HTML and JavaScript in the...