News aggregator

CVE-2019-0783

National Vulnerability Database - Mon, 04/08/2019 - 23:29
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773.
Categories: Security News

CVE-2019-0784

National Vulnerability Database - Mon, 04/08/2019 - 23:29
A remote code execution vulnerability exists in the way that the ActiveX Data objects (ADO) handles objects in memory, aka 'Windows ActiveX Remote Code Execution Vulnerability'.
Categories: Security News

CVE-2019-0797

National Vulnerability Database - Mon, 04/08/2019 - 23:29
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0808.
Categories: Security News

CVE-2019-0798

National Vulnerability Database - Mon, 04/08/2019 - 23:29
A spoofing vulnerability exists when a Lync Server or Skype for Business Server does not properly sanitize a specially crafted request, aka 'Skype for Business and Lync Spoofing Vulnerability'.
Categories: Security News

CVE-2019-0804

National Vulnerability Database - Mon, 04/08/2019 - 23:29
An information disclosure vulnerability exists in the way Azure WaLinuxAgent creates swap files on resource disks, aka 'Azure Linux Agent Information Disclosure Vulnerability'.
Categories: Security News

CVE-2019-0808

National Vulnerability Database - Mon, 04/08/2019 - 23:29
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0797.
Categories: Security News

CVE-2019-0809

National Vulnerability Database - Mon, 04/08/2019 - 23:29
A remote code execution vulnerability exists when the Visual Studio C++ Redistributable Installer improperly validates input before loading dynamic link library (DLL) files, aka 'Visual Studio Remote Code Execution Vulnerability'.
Categories: Security News

CVE-2019-0816

National Vulnerability Database - Mon, 04/08/2019 - 23:29
A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init, aka 'Azure SSH Keypairs Security Feature Bypass Vulnerability'.
Categories: Security News

CVE-2019-0821

National Vulnerability Database - Mon, 04/08/2019 - 23:29
An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, aka 'Windows SMB Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0703, CVE-2019-0704.
Categories: Security News

CVE-2019-9844

National Vulnerability Database - Mon, 04/08/2019 - 22:29
simple-markdown.js in Khan Academy simple-markdown before 0.4.4 allows XSS via a data: or vbscript: URI.
Categories: Security News

CVE-2019-0756

National Vulnerability Database - Mon, 04/08/2019 - 22:29
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'.
Categories: Security News

CVE-2019-0757

National Vulnerability Database - Mon, 04/08/2019 - 22:29
A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'.
Categories: Security News

CVE-2019-0759

National Vulnerability Database - Mon, 04/08/2019 - 22:29
An information disclosure vulnerability exists when the Windows Print Spooler does not properly handle objects in memory, aka 'Windows Print Spooler Information Disclosure Vulnerability'.
Categories: Security News

CVE-2019-0761

National Vulnerability Database - Mon, 04/08/2019 - 22:29
A security feature bypass vulnerability exists when Internet Explorer fails to validate the correct Security Zone of requests for specific URLs, aka 'Internet Explorer Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0768.
Categories: Security News

CVE-2019-0762

National Vulnerability Database - Mon, 04/08/2019 - 22:29
A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of different origins, aka 'Microsoft Browsers Security Feature Bypass Vulnerability'.
Categories: Security News

CVE-2019-0763

National Vulnerability Database - Mon, 04/08/2019 - 22:29
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'.
Categories: Security News

CVE-2019-0765

National Vulnerability Database - Mon, 04/08/2019 - 22:29
A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory, aka 'Comctl32 Remote Code Execution Vulnerability'.
Categories: Security News

CVE-2019-0766

National Vulnerability Database - Mon, 04/08/2019 - 22:29
An elevation of privilege vulnerability exists in Windows AppX Deployment Server that allows file creation in arbitrary locations. To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'.
Categories: Security News

CVE-2019-0767

National Vulnerability Database - Mon, 04/08/2019 - 22:29
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0755, CVE-2019-0775, CVE-2019-0782.
Categories: Security News

CVE-2019-0768

National Vulnerability Database - Mon, 04/08/2019 - 22:29
A security feature bypass vulnerability exists when Internet Explorer VBScript execution policy does not properly restrict VBScript under specific conditions, and to allow requests that should otherwise be ignored, aka 'Internet Explorer Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0761.
Categories: Security News

Pages