Total
227 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-0633 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-10 | 9.0 HIGH | 8.8 HIGH |
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0630. | |||||
CVE-2019-0980 | 1 Microsoft | 10 .net Core, .net Framework, Windows 10 and 7 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0981. | |||||
CVE-2019-11070 | 2 Webkitgtk, Wpewebkit | 2 Webkitgtk, Wpe Webkit | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization. This issue was corrected by changing the way livestreams are downloaded. | |||||
CVE-2018-4329 | 1 Apple | 2 Iphone Os, Safari | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
Clearing a history item may not clear visits with redirect chains. The issue was addressed with improved data deletion. This issue affected versions prior to iOS 12, Safari 12. | |||||
CVE-2019-0982 | 1 Microsoft | 1 Asp.net Core | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'. | |||||
CVE-2019-0630 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-10 | 9.0 HIGH | 8.8 HIGH |
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0633. | |||||
CVE-2019-0815 | 1 Microsoft | 1 Asp.net Core | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'. | |||||
CVE-2019-0801 | 1 Microsoft | 2 Office, Office 365 Proplus | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
A remote code execution vulnerability exists when Microsoft Office fails to properly handle certain files.To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted URL file that points to an Excel or PowerPoint file that was also downloaded.The update addresses the vulnerability by correcting how Office handles these files., aka 'Office Remote Code Execution Vulnerability'. | |||||
CVE-2006-7254 | 1 Gnu | 1 Glibc | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
The nscd daemon in the GNU C Library (glibc) before version 2.5 does not close incoming client sockets if they cannot be handled by the daemon, allowing local users to carry out a denial of service attack on the daemon. | |||||
CVE-2019-0946 | 1 Microsoft | 2 Office, Office 365 Proplus | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0945, CVE-2019-0947. | |||||
CVE-2018-6332 | 1 Facebook | 1 Hhvm | 2023-12-10 | 4.3 MEDIUM | 5.9 MEDIUM |
A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 settings which can cause the server to spend disproportionate resources. This affects all supported versions of HHVM (3.24.3 and 3.21.7 and below) when using the proxygen server to handle HTTP2 requests. | |||||
CVE-2017-6920 | 1 Drupal | 1 Drupal | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Drupal core 8 before versions 8.3.4 allows remote attackers to execute arbitrary code due to the PECL YAML parser not handling PHP objects safely during certain operations. | |||||
CVE-2018-6097 | 4 Apple, Debian, Google and 1 more | 6 Macos, Debian Linux, Chrome and 3 more | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
Incorrect handling of asynchronous methods in Fullscreen in Google Chrome on macOS prior to 66.0.3359.117 allowed a remote attacker to enter full screen without showing a warning via a crafted HTML page. | |||||
CVE-2019-3554 | 1 Facebook | 1 Wangle | 2023-12-10 | 4.3 MEDIUM | 5.9 MEDIUM |
Wangle's AcceptRoutingHandler incorrectly casts a socket when accepting a TLS 1.3 connection, leading to a potential denial of service attack against systems accepting such connections. This affects versions of Wangle prior to v2019.01.14.00 | |||||
CVE-2018-6106 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
An asynchronous generator may return an incorrect state in V8 in Google Chrome prior to 66.0.3359.117 allowing a remote attacker to potentially exploit object corruption via a crafted HTML page. | |||||
CVE-2018-6100 | 4 Apple, Debian, Google and 1 more | 6 Mac Os X, Debian Linux, Chrome and 3 more | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
Incorrect handling of confusable characters in URL Formatter in Google Chrome on macOS prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. | |||||
CVE-2019-0548 | 1 Microsoft | 1 Asp.net Core | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka "ASP.NET Core Denial of Service Vulnerability." This affects ASP.NET Core 2.2, ASP.NET Core 2.1. This CVE ID is unique from CVE-2019-0564. | |||||
CVE-2018-6133 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. | |||||
CVE-2009-5155 | 2 Gnu, Netapp | 4 Glibc, Cloud Backup, Ontap Select Deploy Administration Utility and 1 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match. | |||||
CVE-2019-0564 | 1 Microsoft | 1 Asp.net Core | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka "ASP.NET Core Denial of Service Vulnerability." This affects ASP.NET Core 2.1. This CVE ID is unique from CVE-2019-0548. |