Security News

CVE-2019-9555

National Vulnerability Database - Tue, 03/05/2019 - 18:29
Sagemcom F@st 5260 routers using firmware version 0.4.39, in WPA mode, default to using a PSK that is generated from a 2-part wordlist of known values and a nonce with insufficient entropy. The number of possible PSKs is about 1.78 billion, which is too small.
Categories: Security News

CVE-2019-9578

National Vulnerability Database - Tue, 03/05/2019 - 18:29
In devs.c in Yubico libu2f-host before 1.1.8, the response to init is misparsed, leaking uninitialized stack memory back to the device.
Categories: Security News

CVE-2019-0618 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

National Vulnerability Database - Tue, 03/05/2019 - 18:29
A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0662.
Categories: Security News

CVE-2019-0619 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

National Vulnerability Database - Tue, 03/05/2019 - 18:29
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0602, CVE-2019-0615, CVE-2019-0616, CVE-2019-0660, CVE-2019-0664.
Categories: Security News

CVE-2019-0621

National Vulnerability Database - Tue, 03/05/2019 - 18:29
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0661, CVE-2019-0663.
Categories: Security News

CVE-2019-0623 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016)

National Vulnerability Database - Tue, 03/05/2019 - 18:29
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.
Categories: Security News

CVE-2019-0625

National Vulnerability Database - Tue, 03/05/2019 - 18:29
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0595, CVE-2019-0596, CVE-2019-0597, CVE-2019-0598, CVE-2019-0599.
Categories: Security News

CVE-2019-0626 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

National Vulnerability Database - Tue, 03/05/2019 - 18:29
A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server, aka 'Windows DHCP Server Remote Code Execution Vulnerability'.
Categories: Security News

CVE-2019-0627

National Vulnerability Database - Tue, 03/05/2019 - 18:29
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0631, CVE-2019-0632.
Categories: Security News

CVE-2019-0628

National Vulnerability Database - Tue, 03/05/2019 - 18:29
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.
Categories: Security News

CVE-2019-0630

National Vulnerability Database - Tue, 03/05/2019 - 18:29
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0633.
Categories: Security News

CVE-2019-0631

National Vulnerability Database - Tue, 03/05/2019 - 18:29
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0627, CVE-2019-0632.
Categories: Security News

CVE-2019-0632

National Vulnerability Database - Tue, 03/05/2019 - 18:29
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0627, CVE-2019-0631.
Categories: Security News

CVE-2019-0633

National Vulnerability Database - Tue, 03/05/2019 - 18:29
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0630.
Categories: Security News

CVE-2019-0634

National Vulnerability Database - Tue, 03/05/2019 - 18:29
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0645, CVE-2019-0650.
Categories: Security News

CVE-2019-0635

National Vulnerability Database - Tue, 03/05/2019 - 18:29
An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Information Disclosure Vulnerability'.
Categories: Security News

CVE-2019-0636

National Vulnerability Database - Tue, 03/05/2019 - 18:29
An information vulnerability exists when Windows improperly discloses file information, aka 'Windows Information Disclosure Vulnerability'.
Categories: Security News

CVE-2019-0637

National Vulnerability Database - Tue, 03/05/2019 - 18:29
A security feature bypass vulnerability exists when Windows Defender Firewall incorrectly applies firewall profiles to cellular network connections, aka 'Windows Defender Firewall Security Feature Bypass Vulnerability'.
Categories: Security News

CVE-2019-0640

National Vulnerability Database - Tue, 03/05/2019 - 18:29
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.
Categories: Security News

CVE-2019-0641

National Vulnerability Database - Tue, 03/05/2019 - 18:29
A security feature bypass vulnerability exists in Microsoft Edge handles whitelisting, aka 'Microsoft Edge Security Feature Bypass Vulnerability'.
Categories: Security News

Pages