| CVE |
Vendors |
Products |
Updated |
CVSS |
| CVE-2018-12173 |
|
|
2019-04-18 |
7.2 |
| Insufficient access protection in firmware in Intel Server Board, Intel Server System and Intel Compute Module before firmware version 00.01.0014 may allow an unauthenticated attacker to potentially execute arbitrary code resulting in information... |
| CVE-2019-1686 |
1 Cisco |
1 Ios Xr |
2019-04-18 |
5.0 |
| A vulnerability in the TCP flags inspection feature for access control lists (ACLs) on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an... |
| CVE-2019-1654 |
|
|
2019-04-18 |
7.2 |
| A vulnerability in the development shell (devshell) authentication for Cisco Aironet Series Access Points (APs) running the Cisco AP-COS operating system could allow an authenticated, local attacker to access the development shell without proper... |
| CVE-2017-3300 |
1 Oracle |
1 Peoplesoft Enterprise Peopletools |
2019-04-18 |
5.8 |
| Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Multichannel Framework). Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated... |
| CVE-2017-3546 |
1 Oracle |
1 Peoplesoft Enterprise Peopletools |
2019-04-18 |
6.4 |
| Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: MultiChannel Framework). Supported versions that are affected are 8.54 and 8.55. Easily "exploitable" vulnerability allows... |
| CVE-2017-3547 |
1 Oracle |
1 Peoplesoft Enterprise Peopletools |
2019-04-18 |
7.1 |
| Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: MultiChannel Framework). Supported versions that are affected are 8.54 and 8.55. Easily "exploitable" vulnerability allows... |
| CVE-2017-3548 |
1 Oracle |
1 Peoplesoft Enterprise Peopletools |
2019-04-18 |
6.4 |
| Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Supported versions that are affected are 8.54 and 8.55. Easily "exploitable" vulnerability allows unauthenticated... |
| CVE-2017-3549 |
1 Oracle |
1 Scripting |
2019-04-18 |
7.5 |
| Vulnerability in the Oracle Scripting component of Oracle E-Business Suite (subcomponent: Scripting Administration). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily "exploitable"... |
| CVE-2018-2879 |
1 Oracle |
1 Access Manager |
2019-04-18 |
6.8 |
| Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Authentication Engine). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Difficult to exploit vulnerability allows unauthenticated... |
| CVE-2019-2422 |
6 Oracle, Netapp, Canonical and 3 more |
15 Jdk, Jre, Oncommand Unified Manager and 12 more |
2019-04-18 |
4.3 |
| Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated... |
| CVE-2019-6110 |
3 Openbsd, Winscp, Netapp |
5 Openssh, Winscp, Element Software and 2 more |
2019-04-18 |
4.0 |
| In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred. |
| CVE-2018-20028 |
|
|
2019-04-18 |
4.0 |
| Contao 3.x before 3.5.37, 4.4.x before 4.4.31 and 4.6.x before 4.6.11 has Incorrect Access Control. |
| CVE-2019-9756 |
1 Gitlab |
1 Gitlab |
2019-04-17 |
7.5 |
| An issue was discovered in GitLab Community and Enterprise Edition 10.x (starting from 10.8) and 11.x before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control, a different vulnerability than CVE-2019-9732. |
| CVE-2019-9225 |
1 Gitlab |
1 Gitlab |
2019-04-17 |
5.0 |
| An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 5 of 5). |
| CVE-2019-9224 |
1 Gitlab |
1 Gitlab |
2019-04-17 |
5.0 |
| An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 4 of 5). |
| CVE-2019-9219 |
1 Gitlab |
1 Gitlab |
2019-04-17 |
4.3 |
| An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 2 of 5). |
| CVE-2019-9170 |
1 Gitlab |
1 Gitlab |
2019-04-17 |
5.0 |
| An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control. |
| CVE-2019-7155 |
1 Gitlab |
1 Gitlab |
2019-04-17 |
4.0 |
| An issue was discovered in GitLab Community and Enterprise Edition 9.x, 10.x, and 11.x before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Incorrect Access Control. |
| CVE-2019-3835 |
4 Artifex, Redhat, Fedoraproject and 1 more |
10 Ghostscript, Ansible Tower, Fedora and 7 more |
2019-04-17 |
4.3 |
| It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the... |
| CVE-2019-3838 |
5 Artifex, Redhat, Fedoraproject and 2 more |
11 Ghostscript, Ansible Tower, Fedora and 8 more |
2019-04-17 |
4.3 |
| It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the... |
