News aggregator

CVE-2018-3700

National Vulnerability Database - Mon, 02/18/2019 - 12:29
Code injection vulnerability in the installer for Intel(R) USB 3.0 eXtensible Host Controller Driver for Microsoft Windows 7 before version 5.0.4.43v2 may allow a user to potentially enable escalation of privilege via local access.
Categories: Security News

CVE-2019-0101

National Vulnerability Database - Mon, 02/18/2019 - 12:29
Authentication bypass in the Intel Unite(R) solution versions 3.2 through 3.3 may allow an unauthenticated user to potentially enable escalation of privilege to the Intel Unite(R) Solution administrative portal via network access.
Categories: Security News

CVE-2019-0102

National Vulnerability Database - Mon, 02/18/2019 - 12:29
Insufficient session authentication in web server for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
Categories: Security News

CVE-2019-0103

National Vulnerability Database - Mon, 02/18/2019 - 12:29
Insufficient file protection in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access.
Categories: Security News

CVE-2019-0104

National Vulnerability Database - Mon, 02/18/2019 - 12:29
Insufficient file protection in uninstall routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access.
Categories: Security News

CVE-2019-0105

National Vulnerability Database - Mon, 02/18/2019 - 12:29
Insufficient file permissions checking in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow authenticated user to potentially enable escalation of privilege via local access.
Categories: Security News

CVE-2019-0106

National Vulnerability Database - Mon, 02/18/2019 - 12:29
Insufficient run protection in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow a privileged user to potentially enable escalation of privilege via local access.
Categories: Security News

CVE-2019-0107

National Vulnerability Database - Mon, 02/18/2019 - 12:29
Insufficient user prompt in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow a privileged user to potentially enable escalation of privilege via local access.
Categories: Security News

CVE-2019-0108

National Vulnerability Database - Mon, 02/18/2019 - 12:29
Improper file permissions for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable disclosure of information via local access.
Categories: Security News

CVE-2019-0109

National Vulnerability Database - Mon, 02/18/2019 - 12:29
Improper folder permissions in Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
Categories: Security News

CVE-2019-0110

National Vulnerability Database - Mon, 02/18/2019 - 12:29
Insufficient key management for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access.
Categories: Security News

CVE-2019-0111

National Vulnerability Database - Mon, 02/18/2019 - 12:29
Improper file permissions for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access.
Categories: Security News

CVE-2019-0112

National Vulnerability Database - Mon, 02/18/2019 - 12:29
Improper flow control in crypto routines for Intel(R) Data Center Manager SDK before version 5.0.2 may allow a privileged user to potentially enable a denial of service via local access.
Categories: Security News

CVE-2019-0127

National Vulnerability Database - Mon, 02/18/2019 - 12:29
Logic error in the installer for Intel(R) OpenVINO(TM) 2018 R3 and before for Linux may allow a privileged user to potentially enable information disclosure via local access.
Categories: Security News

CVE-2019-8904

National Vulnerability Database - Mon, 02/18/2019 - 12:29
do_bid_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printf and file_vprintf.
Categories: Security News

CVE-2019-8905

National Vulnerability Database - Mon, 02/18/2019 - 12:29
do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360.
Categories: Security News

CVE-2019-8903

National Vulnerability Database - Mon, 02/18/2019 - 11:29
index.js in Total.js Platform before 3.2.3 allows path traversal.
Categories: Security News

CVE-2019-6453

National Vulnerability Database - Mon, 02/18/2019 - 10:29
mIRC before 7.55 allows remote command execution by using argument injection through custom URI protocol handlers. The attacker can specify an irc:// URI that loads an arbitrary .ini file from a UNC share pathname. Exploitation depends on browser-specific URI handling (Chrome is not exploitable).
Categories: Security News

CVE-2019-8372

National Vulnerability Database - Mon, 02/18/2019 - 10:29
The LHA.sys driver before 1.1.1811.2101 in LG Device Manager exposes functionality that allows low-privileged users to read and write arbitrary physical memory via specially crafted IOCTL requests and elevate system privileges. This occurs because the device object has an associated symbolic link and an open DACL.
Categories: Security News

CVE-2019-8902

National Vulnerability Database - Mon, 02/18/2019 - 09:29
An issue was discovered in idreamsoft iCMS through 7.0.14. A CSRF vulnerability can delete users' articles via the public/api.php?app=user URI.
Categories: Security News

Pages