Security News

CVE-2019-10894

National Vulnerability Database - Tue, 04/09/2019 - 00:29
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called.
Categories: Security News

Vuln: Apache HTTP Server CVE-2019-0211 Local Privilege Escalation Vulnerability

SecurityFocus Vulnerabilities - Tue, 04/09/2019 - 00:00
Apache HTTP Server CVE-2019-0211 Local Privilege Escalation Vulnerability
Categories: Security News

CVE-2019-0770

National Vulnerability Database - Mon, 04/08/2019 - 23:29
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783.
Categories: Security News

CVE-2019-0771

National Vulnerability Database - Mon, 04/08/2019 - 23:29
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0773, CVE-2019-0783.
Categories: Security News

CVE-2019-0772

National Vulnerability Database - Mon, 04/08/2019 - 23:29
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0665, CVE-2019-0666, CVE-2019-0667.
Categories: Security News

CVE-2019-0773

National Vulnerability Database - Mon, 04/08/2019 - 23:29
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0783.
Categories: Security News

CVE-2019-0774

National Vulnerability Database - Mon, 04/08/2019 - 23:29
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0614.
Categories: Security News

CVE-2019-0775

National Vulnerability Database - Mon, 04/08/2019 - 23:29
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0755, CVE-2019-0767, CVE-2019-0782.
Categories: Security News

CVE-2019-0776

National Vulnerability Database - Mon, 04/08/2019 - 23:29
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.
Categories: Security News

CVE-2019-0777

National Vulnerability Database - Mon, 04/08/2019 - 23:29
A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'.
Categories: Security News

CVE-2019-0778

National Vulnerability Database - Mon, 04/08/2019 - 23:29
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'.
Categories: Security News

CVE-2019-0779

National Vulnerability Database - Mon, 04/08/2019 - 23:29
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'.
Categories: Security News

CVE-2019-0780

National Vulnerability Database - Mon, 04/08/2019 - 23:29
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'.
Categories: Security News

CVE-2019-0782

National Vulnerability Database - Mon, 04/08/2019 - 23:29
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0755, CVE-2019-0767, CVE-2019-0775.
Categories: Security News

CVE-2019-0783

National Vulnerability Database - Mon, 04/08/2019 - 23:29
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773.
Categories: Security News

CVE-2019-0784

National Vulnerability Database - Mon, 04/08/2019 - 23:29
A remote code execution vulnerability exists in the way that the ActiveX Data objects (ADO) handles objects in memory, aka 'Windows ActiveX Remote Code Execution Vulnerability'.
Categories: Security News

CVE-2019-0797

National Vulnerability Database - Mon, 04/08/2019 - 23:29
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0808.
Categories: Security News

CVE-2019-0798

National Vulnerability Database - Mon, 04/08/2019 - 23:29
A spoofing vulnerability exists when a Lync Server or Skype for Business Server does not properly sanitize a specially crafted request, aka 'Skype for Business and Lync Spoofing Vulnerability'.
Categories: Security News

CVE-2019-0804

National Vulnerability Database - Mon, 04/08/2019 - 23:29
An information disclosure vulnerability exists in the way Azure WaLinuxAgent creates swap files on resource disks, aka 'Azure Linux Agent Information Disclosure Vulnerability'.
Categories: Security News

CVE-2019-0808

National Vulnerability Database - Mon, 04/08/2019 - 23:29
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0797.
Categories: Security News

Pages