Search
Total
6056 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-0098 | 1 Intel | 2 Converged Security Management Engine Firmware, Trusted Execution Engine Firmware | 2020-08-24 | 7.2 HIGH | 6.8 MEDIUM |
| Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE before 3.1.65, 4.0.15 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | |||||
| CVE-2019-0099 | 1 Intel | 1 Server Platform Services Firmware | 2020-08-24 | 4.6 MEDIUM | 6.8 MEDIUM |
| Insufficient access control vulnerability in subsystem in Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | |||||
| CVE-2019-0103 | 1 Intel | 1 Data Center Manager | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| Insufficient file protection in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2019-0104 | 1 Intel | 1 Data Center Manager | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| Insufficient file protection in uninstall routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2019-0107 | 1 Intel | 1 Data Center Manager | 2020-08-24 | 4.6 MEDIUM | 6.7 MEDIUM |
| Insufficient user prompt in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2019-0110 | 1 Intel | 1 Data Center Manager | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| Insufficient key management for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2019-0117 | 1 Intel | 326 Core I5-7200u, Core I5-7200u Firmware, Core I5-7260u and 323 more | 2020-08-24 | 2.1 LOW | 4.4 MEDIUM |
| Insufficient access control in protected memory subsystem for Intel(R) SGX for 6th, 7th, 8th, 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Xeon(R) Processor E3-1500 v5, v6 Families; Intel(R) Xeon(R) E-2100 & E-2200 Processor Families with Intel(R) Processor Graphics may allow a privileged user to potentially enable information disclosure via local access. | |||||
| CVE-2019-0154 | 2 Canonical, Intel | 295 Ubuntu Linux, Atom X5-a3930, Atom X5-a3930 Firmware and 292 more | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 and E-2100 Processor Families may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2019-0177 | 1 Intel | 2 Open Cloud Integrity Tehnology, Openattestation | 2020-08-24 | 3.6 LOW | 4.4 MEDIUM |
| Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2019-0181 | 1 Intel | 2 Open Cloud Integrity Tehnology, Openattestation | 2020-08-24 | 4.6 MEDIUM | 6.7 MEDIUM |
| Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2019-0184 | 1 Intel | 256 Core I5-6360u, Core I5-6360u Firmware, Core I5-6440eq and 253 more | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| Insufficient access control in protected memory subsystem for Intel(R) TXT for 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 Families; Intel(R) Xeon(R) E-2100 and E-2200 Processor Families with Intel(R) Processor Graphics and Intel(R) TXT may allow a privileged user to potentially enable information disclosure via local access. | |||||
| CVE-2019-0185 | 1 Intel | 284 Core I5-7200u, Core I5-7200u Firmware, Core I5-7260u and 281 more | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| Insufficient access control in protected memory subsystem for SMM for 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor families; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 families; Intel(R) Xeon(R) E-2100 and E-2200 Processor families with Intel(R) Processor Graphics may allow a privileged user to potentially enable information disclosure via local access. | |||||
| CVE-2019-0256 | 1 Sap | 1 Business One | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| Under certain conditions SAP Business One Mobile Android App, version 1.2.12, allows an attacker to access information which would otherwise be restricted. | |||||
| CVE-2019-0278 | 1 Sap | 1 Netweaver Process Integration | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| Under certain conditions the Monitoring Servlet of the SAP NetWeaver Process Integration (Messaging System), fixed in versions 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker to see the names of database tables used by the application, leading to information disclosure. | |||||
| CVE-2019-0291 | 1 Sap | 1 Solution Manager | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| Under certain conditions Solution Manager, version 7.2, allows an attacker to access information which would otherwise be restricted. | |||||
| CVE-2019-0306 | 1 Sap | 1 Hana Extended Application Services | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| SAP HANA Extended Application Services (advanced model), version 1, allows authenticated low privileged XS Advanced Platform users such as SpaceAuditors to execute requests to obtain a complete list of SAP HANA user IDs and names. | |||||
| CVE-2019-0314 | 1 Sap | 2 Inventory Manager, Work Manager | 2020-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| SAP Work Manager, versions: 6.3, 6.4, 6.5 and SAP Inventory Manager, version 4.3, allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. | |||||
| CVE-2019-0331 | 1 Sap | 1 Businessobjects Business Intelligence | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| Under certain conditions, SAP BusinessObjects Business Intelligence Platform (BI Workspace), versions 4.1, 4.2, 4.3, allows an attacker to access sensitive data such as directory structure, leading to Information Disclosure. | |||||
| CVE-2019-0333 | 1 Sap | 1 Businessobjects Business Intelligence | 2020-08-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| In some situations, when a client cancels a query in SAP BusinessObjects Business Intelligence Platform (Web Intelligence), versions 4.2, 4.3, the attacker can then query and receive the whole data set instead of just what is part of their authorized security profile, resulting in Information Disclosure. | |||||
| CVE-2019-0560 | 1 Microsoft | 3 Office, Office 365 Proplus, Outlook | 2020-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office. | |||||
| CVE-2019-0356 | 1 Sap | 1 Netweaver Process Integration | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| Under certain conditions SAP NetWeaver Process Integration Runtime Workbench – MESSAGING and SAP_XIAF (before versions 7.31, 7.40, 7.50) allows an attacker to access information which would otherwise be restricted. | |||||
| CVE-2019-0357 | 1 Sap | 1 Hana | 2020-08-24 | 7.2 HIGH | 6.7 MEDIUM |
| The administrator of SAP HANA database, before versions 1.0 and 2.0, can misuse HANA to execute commands with operating system "root" privileges. | |||||
| CVE-2019-0364 | 1 Sap | 1 Hana Extended Application Services | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| Attackers may misuse an HTTP/REST endpoint of SAP HANA Extended Application Services (Advanced model), before version 1.0.118, to enumerate open ports. | |||||
| CVE-2019-0391 | 1 Sap | 1 Netweaver Application Server Java | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| Under certain conditions SAP NetWeaver AS Java (corrected in 7.10, 7.20, 7.30, 7.31, 7.40, 7.50) allows an attacker to access information which would otherwise be restricted. | |||||
| CVE-2019-0399 | 1 Sap | 1 Portfolio And Project Management | 2020-08-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| SAP Portfolio and Project Management, before versions S4CORE 102, 103, EPPM 100 and CPRXRPM 500_702, 600_740, 610_740; unintentionally allows a user to discover accounting information of the Projects in Project dashboard, leading to Information Disclosure. | |||||
| CVE-2019-0402 | 1 Sap | 1 Adaptive Server Enterprise | 2020-08-24 | 2.1 LOW | 4.4 MEDIUM |
| SAP Adaptive Server Enterprise, before versions 15.7 and 16.0, under certain conditions exposes some sensitive information to the admin, leading to Information Disclosure. | |||||
| CVE-2019-0559 | 1 Microsoft | 3 Office, Office 365 Proplus, Outlook | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| An information disclosure vulnerability exists when Microsoft Outlook improperly handles certain types of messages, aka "Microsoft Outlook Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. | |||||
| CVE-2019-0536 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0549, CVE-2019-0554, CVE-2019-0569. | |||||
| CVE-2019-0537 | 1 Microsoft | 1 Visual Studio | 2020-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| An information disclosure vulnerability exists when Visual Studio improperly discloses arbitrary file contents if the victim opens a malicious .vscontent file, aka "Microsoft Visual Studio Information Disclosure Vulnerability." This affects Microsoft Visual Studio. | |||||
| CVE-2019-0549 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0536, CVE-2019-0554, CVE-2019-0569. | |||||
| CVE-2019-0553 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| An information disclosure vulnerability exists when Windows Subsystem for Linux improperly handles objects in memory, aka "Windows Subsystem for Linux Information Disclosure Vulnerability." This affects Windows 10 Servers, Windows 10, Windows Server 2019. | |||||
| CVE-2019-0554 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0536, CVE-2019-0549, CVE-2019-0569. | |||||
| CVE-2019-0561 | 1 Microsoft | 6 Office, Office 365 Proplus, Office Web Apps Server and 3 more | 2020-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| An information disclosure vulnerability exists when Microsoft Word macro buttons are used improperly, aka "Microsoft Word Information Disclosure Vulnerability." This affects Microsoft Word, Office 365 ProPlus, Microsoft Office, Word. | |||||
| CVE-2019-0562 | 1 Microsoft | 2 Sharepoint Enterprise Server, Sharepoint Server | 2020-08-24 | 3.5 LOW | 5.4 MEDIUM |
| An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint. | |||||
| CVE-2019-0569 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0536, CVE-2019-0549, CVE-2019-0554. | |||||
| CVE-2019-0600 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 1.9 LOW | 4.7 MEDIUM |
| An information disclosure vulnerability exists when the Human Interface Devices (HID) component improperly handles objects in memory, aka 'HID Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0601. | |||||
| CVE-2019-0601 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 1.9 LOW | 4.7 MEDIUM |
| An information disclosure vulnerability exists when the Human Interface Devices (HID) component improperly handles objects in memory, aka 'HID Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0600. | |||||
| CVE-2019-0612 | 1 Microsoft | 3 Edge, Windows 10, Windows Server 2019 | 2020-08-24 | 2.6 LOW | 5.3 MEDIUM |
| A security feature bypass vulnerability exists when Click2Play protection in Microsoft Edge improperly handles flash objects. By itself, this bypass vulnerability does not allow arbitrary code execution, aka 'Microsoft Edge Security Feature Bypass Vulnerability'. | |||||
| CVE-2019-0614 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0774. | |||||
| CVE-2019-0615 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0602, CVE-2019-0616, CVE-2019-0619, CVE-2019-0660, CVE-2019-0664. | |||||
| CVE-2019-0616 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0602, CVE-2019-0615, CVE-2019-0619, CVE-2019-0660, CVE-2019-0664. | |||||
| CVE-2019-0619 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0602, CVE-2019-0615, CVE-2019-0616, CVE-2019-0660, CVE-2019-0664. | |||||
| CVE-2019-0621 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0661, CVE-2019-0663. | |||||
| CVE-2019-0628 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. | |||||
| CVE-2019-0636 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| An information vulnerability exists when Windows improperly discloses file information, aka 'Windows Information Disclosure Vulnerability'. | |||||
| CVE-2019-0641 | 1 Microsoft | 3 Edge, Windows 10, Windows Server 2019 | 2020-08-24 | 4.3 MEDIUM | 5.9 MEDIUM |
| A security feature bypass vulnerability exists in Microsoft Edge handles whitelisting, aka 'Microsoft Edge Security Feature Bypass Vulnerability'. | |||||
| CVE-2019-0643 | 1 Microsoft | 3 Edge, Windows 10, Windows Server 2019 | 2020-08-24 | 4.3 MEDIUM | 4.3 MEDIUM |
| An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests, aka 'Microsoft Edge Information Disclosure Vulnerability'. | |||||
| CVE-2019-0660 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0602, CVE-2019-0615, CVE-2019-0616, CVE-2019-0619, CVE-2019-0664. | |||||
| CVE-2019-0661 | 1 Microsoft | 3 Windows 7, Windows Server 2008, Windows Server 2012 | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0621, CVE-2019-0663. | |||||
| CVE-2019-0648 | 1 Microsoft | 3 Edge, Windows 10, Windows Server 2019 | 2020-08-24 | 4.3 MEDIUM | 4.3 MEDIUM |
| An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user's computer or data.To exploit the vulnerability, an attacker must know the memory address of where the object was created.The update addresses the vulnerability by changing the way certain functions handle objects in memory, aka Scripting Engine Information Disclosure Vulnerability. This CVE ID is unique from CVE-2019-0658. | |||||