Vulnerabilities (CVE)

CWE filter

CWE-254

Filter

887 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-9946 2 Kubernetes, Netapp 2 Kubernetes, Cloud Insights 2019-06-15 5.0
Cloud Native Computing Foundation (CNCF) CNI (Container Networking Interface) 0.7.4 has a network firewall misconfiguration which affects Kubernetes. The CNI 'portmap' plugin, used to setup HostPorts for CNI, inserts rules at the front of the...
CVE-2019-11092 1 Intel 2 Open Cloud Integrity Tehnology, Openattestation 2019-06-14 3.6
Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2019-1019 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2019-06-14 6.5
A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages.To exploit this vulnerability, an attacker could send a specially crafted authentication request, aka 'Microsoft Windows...
CVE-2019-0180 1 Intel 2 Open Cloud Integrity Tehnology, Openattestation 2019-06-14 3.6
Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2019-0179 1 Intel 2 Open Cloud Integrity Tehnology, Openattestation 2019-06-14 3.6
Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2019-1044 1 Microsoft 2 Windows 10, Windows Server 2019 2019-06-13 7.2
A security feature bypass vulnerability exists when Windows Secure Kernel Mode fails to properly handle objects in memory.To exploit the vulnerability, a locally-authenticated attacker could attempt to run a specially crafted application on a...
CVE-2019-1040 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2019-06-13 4.3
A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection, aka 'Windows NTLM Tampering Vulnerability'.
CVE-2019-0972 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2019-06-13 6.8
This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request, aka 'Local Security Authority Subsystem Service...
CVE-2019-1054 1 Microsoft 1 Edge 2019-06-13 5.1
A security feature bypass vulnerability exists in Edge that allows for bypassing Mark of the Web Tagging (MOTW), aka 'Microsoft Edge Security Feature Bypass Vulnerability'.
CVE-2019-9658 3 Checkstyle, Debian, Fedoraproject 3 Checkstyle, Debian Linux, Fedora 2019-06-12 5.0
Checkstyle before 8.18 loads external DTDs by default.
CVE-2017-13718 1 Starry 1 S00111 Firmware 2019-06-11 6.0
The HTTP API supported by Starry Station (aka Starry Router) allows brute forcing the PIN setup by the user on the device, and this allows an attacker to change the Wi-Fi settings and PIN, as well as port forward and expose any internal device's...
CVE-2019-1003041 1 Jenkins 1 Pipeline%3a Groovy 2019-06-10 7.5
A sandbox bypass vulnerability in Jenkins Pipeline: Groovy Plugin 2.64 and earlier allows attackers to invoke arbitrary constructors in sandboxed scripts.
CVE-2019-1003040 1 Jenkins 1 Script Security 2019-06-10 7.5
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.55 and earlier allows attackers to invoke arbitrary constructors in sandboxed scripts.
CVE-2019-0952 1 Microsoft 2 Sharepoint Enterprise Server, Sharepoint Foundation 2019-06-10 6.5
A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls, aka 'Microsoft SharePoint Server Remote Code Execution Vulnerability'.
CVE-2019-11987 2019-06-05 4.6
A security vulnerability in HPE Smart Update Manager (SUM) prior to v8.4 could allow local unauthorized elevation of privilege.
CVE-2019-10636 1 Marvell 19 88ss1074 Firmware, 88ss1079 Firmware, 88ss1080 Firmware and 16 more 2019-06-05 4.9
Marvell SSD Controller (88SS1074, 88SS1079, 88SS1080, 88SS1093, 88SS1092, 88SS1095, 88SS9174, 88SS9175, 88SS9187, 88SS9188, 88SS9189, 88SS9190, 88SS1085, 88SS1087, 88SS1090, 88SS1100, 88SS1084, 88SS1088, & 88SS1098) devices allow reprogramming...
CVE-2019-10637 1 Marvell 19 88ss1074 Firmware, 88ss1079 Firmware, 88ss1080 Firmware and 16 more 2019-06-05 2.1
Marvell SSD Controller (88SS1074, 88SS1079, 88SS1080, 88SS1093, 88SS1092, 88SS1095, 88SS9174, 88SS9175, 88SS9187, 88SS9188, 88SS9189, 88SS9190, 88SS1085, 88SS1087, 88SS1090, 88SS1100, 88SS1084, 88SS1088, & 88SS1098) devices are vulnerable in...
CVE-2019-6322 2019-05-31 9.0
HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is enabled by default.
CVE-2019-6321 2019-05-31 9.0
HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is disabled by default.
CVE-2019-7041 1 Adobe 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more 2019-05-29 6.8
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a security bypass vulnerability. Successful exploitation could lead to privilege escalation.