| CVE |
Vendors |
Products |
Updated |
CVSS |
| CVE-2018-20341 |
1 Winmagic |
1 Securedoc Disk Encryption |
2019-04-18 |
4.6 |
| WINMAGIC SecureDoc Disk Encryption software before 8.3 has an Unquoted Service Path vulnerability, which could allow an attacker to execute arbitrary code on a target system. If the executable is enclosed in quote tags "" then the system will... |
| CVE-2019-1794 |
1 Cisco |
1 Meeting Server |
2019-04-18 |
3.6 |
| A vulnerability in the search path processing of Cisco Directory Connector could allow an authenticated, local attacker to load a binary of their choosing. The vulnerability is due to uncontrolled search path elements. An attacker could exploit... |
| CVE-2019-1719 |
1 Cisco |
1 Identity Services Engine |
2019-04-18 |
3.5 |
| A vulnerability in the web-based guest portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The... |
| CVE-2019-6486 |
3 Golang, Debian, Opensuse |
3 Go, Debian Linux, Leap |
2019-04-18 |
6.4 |
| Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 elliptic curves, which allows attackers to cause a denial of service (CPU consumption) or possibly conduct ECDH private key recovery attacks. |
| CVE-2019-10643 |
1 Contao |
1 Contao Cms |
2019-04-18 |
7.5 |
| Contao 4.7 allows Use of a Key Past its Expiration Date. |
| CVE-2019-9923 |
1 Gnu |
1 Tar |
2019-04-18 |
5.0 |
| pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers. |
| CVE-2019-9628 |
2 Xmltooling Project, Canonical |
2 Xmltooling, Ubuntu Linux |
2019-04-18 |
5.0 |
| The XMLTooling library all versions prior to V3.0.4, provided with the OpenSAML and Shibboleth Service Provider software, contains an XML parsing class. Invalid data in the XML declaration causes an exception of a type that was not handled... |
| CVE-2019-5674 |
|
|
2019-04-18 |
6.9 |
| NVIDIA GeForce Experience before 3.18 contains a vulnerability when ShadowPlay or GameStream is enabled. When an attacker has access to the system and creates a hard link, the software does not check for hard link attacks. This behavior may lead... |
| CVE-2019-5671 |
1 Nvidia |
1 Gpu Driver |
2019-04-18 |
4.9 |
| NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software does not release a resource after its effective lifetime has ended, which may lead to denial of service. |
| CVE-2019-5670 |
1 Nvidia |
1 Gpu Driver |
2019-04-18 |
7.2 |
| NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape in which the software uses a sequential operation to read from or write to a buffer, but it uses an incorrect length value that causes... |
| CVE-2019-5669 |
1 Nvidia |
1 Gpu Driver |
2019-04-18 |
7.2 |
| NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape in which the software uses a sequential operation to read from or write to a buffer, but it uses an incorrect length value that causes... |
| CVE-2019-5668 |
1 Nvidia |
1 Gpu Driver |
2019-04-18 |
7.2 |
| NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiSubmitCommandVirtual in which the application dereferences a pointer that it expects to be valid, but is NULL, which may lead to... |
| CVE-2019-5667 |
1 Nvidia |
1 Gpu Driver |
2019-04-18 |
7.2 |
| NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiSetRootPageTable in which the application dereferences a pointer that it expects to be valid, but is NULL, which may lead to... |
| CVE-2019-5666 |
1 Nvidia |
1 Gpu Driver |
2019-04-18 |
7.2 |
| NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) create context command DDI DxgkDdiCreateContext in which the product uses untrusted input when calculating or using an array index, but the product... |
| CVE-2019-5665 |
1 Nvidia |
1 Gpu Driver |
2019-04-18 |
7.2 |
| NVIDIA Windows GPU Display driver contains a vulnerability in the 3D vision component in which the stereo service software, when opening a file, does not check for hard links. This behavior may lead to code execution, denial of service or... |
| CVE-2019-5490 |
1 Netapp |
1 Service Processor |
2019-04-18 |
10.0 |
| Certain versions between 2.x to 5.x (refer to advisory) of the NetApp Service Processor firmware were shipped with a default account enabled that could allow unauthorized arbitrary command execution. Any platform listed in the advisory Impact... |
| CVE-2019-11084 |
|
|
2019-04-18 |
N/A |
| GAuth 0.9.9 beta has stored XSS that shows a popup repeatedly and discloses cookies. |
| CVE-2019-11035 |
|
|
2019-04-18 |
N/A |
| When processing certain files, PHP EXIF extension in versions 7.1.x below 7.2.8, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. This may lead to information disclosure or crash. |
| CVE-2019-0121 |
1 Intel |
1 Matrix Storage Manager |
2019-04-18 |
4.6 |
| Improper permissions in Intel(R) Matrix Storage Manager 8.9.0.1023 and before may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2018-6260 |
1 Nvidia |
1 Gpu Driver |
2019-04-18 |
2.1 |
| NVIDIA graphics driver contains a vulnerability that may allow access to application data processed on the GPU through a side channel exposed by the GPU performance counters. Local user access is required. This is not a network or remote attack vector. |
