Security News

CVE-2019-11634

National Vulnerability Database - Wed, 05/22/2019 - 13:29
Citrix Workspace App before 1904 for Windows has Incorrect Access Control.
Categories: Security News

CVE-2019-11841

National Vulnerability Database - Wed, 05/22/2019 - 13:29
A message-forgery issue was discovered in crypto/openpgp/clearsign/clearsign.go in supplementary Go cryptography libraries 2019-03-25. According to the OpenPGP Message Format specification in RFC 4880 chapter 7, a cleartext signed message can contain one or more optional "Hash" Armor Headers. The "Hash" Armor Header specifies the message digest algorithm(s) used for the signature. However, the Go clearsign package ignores the value of this header, which allows an attacker to spoof it. Consequently, an attacker can lead a victim to believe the signature was generated using a different message digest algorithm than what was actually used. Moreover, since the library skips Armor Header parsing in general, an attacker can not only embed arbitrary Armor Headers, but also prepend arbitrary text to cleartext messages without invalidating the signatures.
Categories: Security News

CVE-2019-7805

National Vulnerability Database - Wed, 05/22/2019 - 12:29
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
Categories: Security News

CVE-2019-7806

National Vulnerability Database - Wed, 05/22/2019 - 12:29
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
Categories: Security News

CVE-2019-7807

National Vulnerability Database - Wed, 05/22/2019 - 12:29
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
Categories: Security News

CVE-2019-7808

National Vulnerability Database - Wed, 05/22/2019 - 12:29
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
Categories: Security News

CVE-2019-7809

National Vulnerability Database - Wed, 05/22/2019 - 12:29
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
Categories: Security News

CVE-2019-7810

National Vulnerability Database - Wed, 05/22/2019 - 12:29
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .
Categories: Security News

CVE-2019-7811

National Vulnerability Database - Wed, 05/22/2019 - 12:29
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Categories: Security News

CVE-2019-7812

National Vulnerability Database - Wed, 05/22/2019 - 12:29
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Categories: Security News

CVE-2019-7813

National Vulnerability Database - Wed, 05/22/2019 - 12:29
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Categories: Security News

CVE-2019-7814

National Vulnerability Database - Wed, 05/22/2019 - 12:29
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
Categories: Security News

CVE-2019-7817

National Vulnerability Database - Wed, 05/22/2019 - 12:29
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
Categories: Security News

CVE-2019-7820

National Vulnerability Database - Wed, 05/22/2019 - 12:29
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.
Categories: Security News

CVE-2019-11880

National Vulnerability Database - Wed, 05/22/2019 - 12:29
CommSy through 8.6.5 has SQL Injection via the cid parameter. This is fixed in 9.2.
Categories: Security News

CVE-2019-12044

National Vulnerability Database - Wed, 05/22/2019 - 12:29
A Buffer Overflow exists in Citrix NetScaler Gateway 10.5.x before 10.5.70.x, 11.1.x before 11.1.59.10, 12.0.x before 12.0.59.8, and 12.1.x before 12.1.49.23 and Citrix Application Delivery Controller 10.5.x before 10.5.70.x, 11.1.x before 11.1.59.10, 12.0.x before 12.0.59.8, and 12.1.x before 12.1.49.23.
Categories: Security News

CVE-2019-12046

National Vulnerability Database - Wed, 05/22/2019 - 12:29
LemonLDAP::NG -2.0.3 has Incorrect Access Control.
Categories: Security News

CVE-2019-12279

National Vulnerability Database - Wed, 05/22/2019 - 12:29
Nagios XI 5.6.1 allows SQL injection via the username parameter to login.php?forgotpass (aka the reset password form).
Categories: Security News

CVE-2019-7801

National Vulnerability Database - Wed, 05/22/2019 - 11:29
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Categories: Security News

CVE-2019-7802

National Vulnerability Database - Wed, 05/22/2019 - 11:29
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Categories: Security News

Pages