» 2019 » 6월

CVE-2019-12888

Posted on 2019년 6월 26일2019년 6월 26일 by admin

CVE-2019-12888

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-12887. Reason: This candidate is a reservation duplicate of CVE-2019-12887. Notes: All CVE users should reference CVE-2019-12887 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

Source: CVE-2019-12888

CVE-2019-3961

Posted on 2019년 6월 26일2019년 6월 26일 by admin

CVE-2019-3961

Nessus versions 8.4.0 and earlier were found to contain a reflected XSS vulnerability due to improper validation of user-supplied input. An unauthenticated, remote attacker could potentially exploit this vulnerability via a specially crafted request to execute arbitrary script code in a users browser session.

Source: CVE-2019-3961

CVE-2019-12280

Posted on 2019년 6월 26일2019년 6월 26일 by admin

CVE-2019-12280

PC-Doctor Toolbox before 7.3 has an Uncontrolled Search Path Element.

Source: CVE-2019-12280

CVE-2019-9836

Posted on 2019년 6월 26일2019년 6월 26일 by admin

CVE-2019-9836

Secure Encrypted Virtualization (SEV) on Advanced Micro Devices (AMD) Platform Security Processor (PSP; aka AMD Secure Processor or AMD-SP) 0.17 build 11 and earlier has an insecure cryptographic implementation.

Source: CVE-2019-9836

CVE-2019-6329

Posted on 2019년 6월 26일2019년 6월 26일 by admin

CVE-2019-6329

HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege and allows unauthorized modification of directories or files. Note: A different vulnerability than CVE-2019-6328.

Source: CVE-2019-6329

CVE-2019-6328

Posted on 2019년 6월 26일2019년 6월 26일 by admin

CVE-2019-6328

HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege and allows unauthorized modification of directories or files. Note: A different vulnerability than CVE-2019-6329.

Source: CVE-2019-6328

CVE-2018-2013

Posted on 2019년 6월 26일2019년 6월 26일 by admin

CVE-2018-2013

IBM API Connect 2018.1 through 2018.4.1.5 could disclose sensitive information to an unauthorized user that could aid in further attacks against the system. IBM X-Force ID: 155193.

Source: CVE-2018-2013

CVE-2018-2011

Posted on 2019년 6월 26일2019년 6월 26일 by admin

CVE-2018-2011

IBM API Connect 2018.1 through 2018.4.1.5 could allow an attacker to obtain sensitive information from a specially crafted HTTP request that could aid an attacker in further attacks against the system. IBM X-Force ID: 155150.

Source: CVE-2018-2011

CVE-2019-4135

Posted on 2019년 6월 26일2019년 6월 26일 by admin

CVE-2019-4135

IBM Security Access Manager 9.0.1 through 9.0.6 is affected by a security vulnerability that could allow authenticated users to impersonate other users. IBM X-Force ID: 158331.

Source: CVE-2019-4135

CVE-2018-1858

Posted on 2019년 6월 26일2019년 6월 26일 by admin

CVE-2018-1858

IBM API Connect 5.0.0.0 through 5.0.8.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 151256.

Source: CVE-2018-1858