|
225181
|
8.1 |
HIGH
Network
|
paloaltonetworks
|
pan-os
|
Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier with GlobalProtect Portal or GlobalProtect Gateway Interface enabled may allow an unauth…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2019-1579
|
2024-11-21 13:36 |
2019-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225182
|
4.1 |
MEDIUM
Local
|
microsoft
|
powershell_core
|
A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Secur…
|
NVD-CWE-noinfo
|
CVE-2019-1167
|
2024-11-21 13:36 |
2019-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225183
|
8.8 |
HIGH
Network
|
paloaltonetworks
|
pan-os
|
Command injection in PAN-0S 9.0.2 and earlier may allow an authenticated attacker to gain access to a remote shell in PAN-OS, and potentially run with the escalated user’s permissions.
|
CWE-78
OS Command
|
CVE-2019-1576
|
2024-11-21 13:36 |
2019-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225184
|
8.8 |
HIGH
Network
|
paloaltonetworks
|
pan-os
|
Information disclosure in PAN-OS 7.1.23 and earlier, PAN-OS 8.0.18 and earlier, PAN-OS 8.1.8-h4 and earlier, and PAN-OS 9.0.2 and earlier may allow for an authenticated user with read-only privileges…
|
CWE-200
Information Exposure
|
CVE-2019-1575
|
2024-11-21 13:36 |
2019-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225185
|
5.4 |
MEDIUM
Network
|
microsoft
|
exchange_server
|
A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server, aka 'Microsoft Exchange Ser…
|
CWE-79
Cross-site Scripting
|
CVE-2019-1137
|
2024-11-21 13:36 |
2019-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225186
|
8.1 |
HIGH
Network
|
microsoft
|
exchange_server
|
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'.
|
NVD-CWE-noinfo
|
CVE-2019-1136
|
2024-11-21 13:36 |
2019-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225187
|
7.8 |
HIGH
Local
|
microsoft
|
windows_server_2008
windows_7
|
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.
|
NVD-CWE-noinfo
|
CVE-2019-1132
|
2024-11-21 13:36 |
2019-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225188
|
7.8 |
HIGH
Local
|
microsoft
|
windows_server_2012
windows_10
windows_server_2016
windows_rt_8.1
windows_8.1
windows_server_2019
|
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique …
|
CWE-59
Link Following
|
CVE-2019-1130
|
2024-11-21 13:36 |
2019-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225189
|
7.8 |
HIGH
Local
|
microsoft
|
windows_10
windows_server_2016
windows_server_2019
|
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique …
|
CWE-59
Link Following
|
CVE-2019-1129
|
2024-11-21 13:36 |
2019-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225190
|
8.8 |
HIGH
Network
|
microsoft
|
windows_10
windows_server_2016
windows_server_2019
|
A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CV…
|
NVD-CWE-noinfo
|
CVE-2019-1128
|
2024-11-21 13:36 |
2019-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
