Vulnerabilities (CVE)

CWE filter

CWE-20

Filter

414 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-1368 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2019-10-15 2.1
A security feature bypass exists when Windows Secure Boot improperly restricts access to debugging functionality, aka 'Windows Secure Boot Security Feature Bypass Vulnerability'.
CVE-2019-10917 1 Siemens 4 Simatic Pcs 7, Simatic Wincc, Simatic Wincc %28tia Portal%29 and 1 more 2019-10-10 2.1
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All...
CVE-2019-12676 1 Cisco 1 Firepower Threat Defense 2019-10-10 3.3
A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to cause a reload of an...
CVE-2019-8458 2019-10-09 3.5
Check Point Endpoint Security Client for Windows, with Anti-Malware blade installed, before version E81.00, tries to load a non-existent DLL during an update initiated by the UI. An attacker with administrator privileges can leverage this to gain...
CVE-2019-5478 1 Xilinx 2 Zynq Ultrascale%2b Mpsoc Firmware, Zynq Ultrascale%2b Rfsoc Firmware 2019-10-09 2.1
A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an adversary being able to modify the control fields of the boot image leading to an incorrect secure boot behavior.
CVE-2019-5452 1 Nextcloud 1 Nextcloud 2019-10-09 2.1
Bypass lock protection in the Nextcloud Android app prior to version 3.6.2 causes leaking of thumbnails when requesting the Android content provider although the lock protection was not solved.
CVE-2019-5451 2019-10-09 2.1
Bypass lock protection in the Nextcloud Android app prior to version 3.6.1 allows accessing the files when repeatedly opening and closing the app in a very short time.
CVE-2019-4285 1 Ibm 1 Websphere Application Server 2019-10-09 3.5
IBM WebSphere Application Server - Liberty Admin Center could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could send a specially-crafted HTTP request...
CVE-2019-4271 1 Ibm 1 Websphere Application Server 2019-10-09 3.5
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin console is vulnerable to a Client-side HTTP parameter pollution vulnerability. IBM X-Force ID: 160243.
CVE-2019-4049 1 Ibm 1 Mq 2019-10-09 2.1
IBM MQ 9.1.0.0, 9.1.0.1, 9.1.1, and 9.1.0.2 is vulnerable to a denial of service due to a local user being able to fill up the disk space of the underlying filesystem using the error logging service. IBM X-Force ID: 156398.
CVE-2019-2389 1 Mongodb 1 Mongodb 2019-10-09 3.3
Incorrect scoping of kill operations in MongoDB Server's packaged SysV init scripts allow users with write access to the PID file to insert arbitrary PIDs to be killed when the root user stops the MongoDB process via SysV init. This issue...
CVE-2019-1960 2019-10-09 2.1
Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to read arbitrary files on the underlying operating system (OS) of an affected device. For more information about these...
CVE-2019-1959 2019-10-09 2.1
Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to read arbitrary files on the underlying operating system (OS) of an affected device. For more information about these...
CVE-2019-1834 1 Cisco 1 Aironet Access Point Firmware 2019-10-09 3.3
A vulnerability in the internal packet processing of Cisco Aironet Series Access Points (APs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected AP if the switch interface where the AP is...
CVE-2019-1725 1 Cisco 1 Unified Computing System 2019-10-09 3.6
A vulnerability in the local management CLI implementation for specific commands on the Cisco UCS B-Series Blade Servers could allow an authenticated, local attacker to overwrite an arbitrary file on disk. It is also possible the attacker could...
CVE-2019-1588 1 Cisco 1 Nx-os 2019-10-09 2.1
A vulnerability in the Cisco Nexus 9000 Series Fabric Switches running in Application-Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to read arbitrary files on an affected device. The vulnerability is due to a lack...
CVE-2019-12626 1 Cisco 1 Unified Contact Center Express 2019-10-09 3.5
A vulnerability in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based...
CVE-2019-0042 2019-10-09 1.9
Juniper Identity Management Service (JIMS) for Windows versions prior to 1.1.4 may send an incorrect message to associated SRX services gateways. This may allow an attacker with physical access to an existing domain connected Windows system to...
CVE-2019-0011 1 Juniper 1 Junos 2019-10-09 3.3
The Junos OS kernel crashes after processing a specific incoming packet to the out of band management interface (such as fxp0, me0, em0, vme0) destined for another address. By continuously sending this type of packet, an attacker can repeatedly...
CVE-2019-0009 1 Juniper 1 Junos 2019-10-09 2.1
On EX2300 and EX3400 series, high disk I/O operations may disrupt the communication between the routing engine (RE) and the packet forwarding engine (PFE). In a virtual chassis (VC) deployment, this issue disrupts communication between the VC...