Total
46 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-0816 | 2 Canonical, Microsoft | 2 Ubuntu Linux, Azure | 2023-12-10 | 1.9 LOW | 5.1 MEDIUM |
A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init, aka 'Azure SSH Keypairs Security Feature Bypass Vulnerability'. | |||||
CVE-2019-8395 | 1 Zohocorp | 1 Manageengine Servicedesk Plus | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An Insecure Direct Object Reference (IDOR) vulnerability exists in Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10007 via an attachment to a request. | |||||
CVE-2019-0571 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka "Windows Data Sharing Service Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers. This CVE ID is unique from CVE-2019-0572, CVE-2019-0573, CVE-2019-0574. | |||||
CVE-2018-6112 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2023-12-10 | 4.3 MEDIUM | 4.3 MEDIUM |
Making URLs clickable and allowing them to be styled in DevTools in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | |||||
CVE-2018-12020 | 4 Canonical, Debian, Gnupg and 1 more | 9 Ubuntu Linux, Debian Linux, Gnupg and 6 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represent an original filename that contains line feed characters in conjunction with GOODSIG or VALIDSIG status codes. | |||||
CVE-2018-0237 | 1 Cisco | 1 Advanced Malware Protection For Endpoints | 2023-12-10 | 5.0 MEDIUM | 5.8 MEDIUM |
A vulnerability in the file type detection mechanism of the Cisco Advanced Malware Protection (AMP) for Endpoints macOS Connector could allow an unauthenticated, remote attacker to bypass malware detection. The vulnerability occurs because the software relies on only the file extension for detecting DMG files. An attacker could exploit this vulnerability by sending a DMG file with a nonstandard extension to a device that is running an affected AMP for Endpoints macOS Connector. An exploit could allow the attacker to bypass configured malware detection. Cisco Bug IDs: CSCve34034. |