|
225801
|
6.5 |
MEDIUM
Network
|
microsoft
|
windows_server_2008
windows_server_2012
windows_10
windows_8.1
windows_server_2016
windows_server_2019
windows_7
windows_rt_8.1
|
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is u…
|
CWE-200
Information Exposure
|
CVE-2019-1010
|
2024-11-21 13:35 |
2019-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225802
|
7.5 |
HIGH
Network
|
microsoft
|
internet_explorer
|
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is un…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-1005
|
2024-11-21 13:35 |
2019-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225803
|
7.5 |
HIGH
Network
|
microsoft
|
chakracore
edge
|
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. Th…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-1003
|
2024-11-21 13:35 |
2019-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225804
|
7.5 |
HIGH
Network
|
microsoft
|
edge
|
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. Th…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-1002
|
2024-11-21 13:35 |
2019-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225805
|
5.9 |
MEDIUM
Network
|
microsoft
|
dynamics_365
dynamics_crm_2015
|
A security feature bypass vulnerability exists in Dynamics On Premise, aka 'Microsoft Dynamics On-Premise Security Feature Bypass'.
|
NVD-CWE-noinfo
|
CVE-2019-1008
|
2024-11-21 13:35 |
2019-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225806
|
5.3 |
MEDIUM
Network
|
microsoft
|
azure_active_directory_connect
|
An elevation of privilege vulnerability exists in Microsoft Azure Active Directory Connect build 1.3.20.0, which allows an attacker to execute two PowerShell cmdlets in context of a privileged accoun…
|
CWE-269
Improper Privilege Management
|
CVE-2019-1000
|
2024-11-21 13:35 |
2019-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225807
|
9.8 |
CRITICAL
Network
|
reportlab
debian
|
reportlab
debian_linux
|
paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with '<unichar …
|
CWE-91
Blind XPath Injection
|
CVE-2019-19450
|
2024-11-21 13:34 |
2023-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225808
|
5.3 |
MEDIUM
Network
|
linuxfoundation
|
harbor
|
Cloud Native Computing Foundation Harbor before 1.10.3 and 2.x before 2.0.1 allows resource enumeration because unauthenticated API calls reveal (via the HTTP status code) whether a resource exists.
|
NVD-CWE-noinfo
|
CVE-2019-19030
|
2024-11-21 13:34 |
2022-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225809
|
7.5 |
HIGH
Network
|
ivanti
|
workspace_control
|
Ivanti Workspace Control before 10.4.50.0 allows attackers to degrade integrity.
|
NVD-CWE-noinfo
|
CVE-2019-19138
|
2024-11-21 13:34 |
2021-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225810
|
5.3 |
MEDIUM
Network
|
siemens
|
simatic_hmi_ktp_mobile_panels_firmware
simatic_hmi_comfort_panels_firmware
|
A vulnerability has been identified in SIMATIC HMI Comfort Panels 1st Generation (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels (All versions < V16 Update 4). Sp…
|
-
|
CVE-2019-19276
|
2024-11-21 13:34 |
2021-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
