Total
6955 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-6260 | 1 Nvidia | 1 Gpu Driver | 2019-04-18 | 2.1 LOW | 5.5 MEDIUM |
| NVIDIA graphics driver contains a vulnerability that may allow access to application data processed on the GPU through a side channel exposed by the GPU performance counters. Local user access is required. This is not a network or remote attack vector. | |||||
| CVE-2019-9179 | 1 Gitlab | 1 Gitlab | 2019-04-17 | 4.3 MEDIUM | 3.7 LOW |
| An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Information Exposure (issue 5 of 5). | |||||
| CVE-2019-9175 | 1 Gitlab | 1 Gitlab | 2019-04-17 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Information Exposure (issue 3 of 5). | |||||
| CVE-2018-13378 | 1 Fortinet | 1 Fortisiem | 2019-04-17 | 4.0 MEDIUM | 7.2 HIGH |
| An information disclosure vulnerability in Fortinet FortiSIEM 5.2.0 and below versions exposes the LDAP server plaintext password via the HTML source code. | |||||
| CVE-2018-7737 | 1 Zblogcn | 1 Z-blogphp | 2019-04-16 | 5.0 MEDIUM | 5.3 MEDIUM |
| ** DISPUTED ** In Z-BlogPHP 1.5.1.1740, there is Web Site physical path leakage, as demonstrated by admin_footer.php or admin_footer.php. NOTE: the software maintainer disputes that this is a vulnerability. | |||||
| CVE-2018-1000191 | 1 Jenkins | 1 Synopsys Detect | 2019-04-16 | 4.0 MEDIUM | 6.5 MEDIUM |
| A exposure of sensitive information vulnerability exists in Jenkins Black Duck Detect Plugin 1.4.0 and older in DetectPostBuildStepDescriptor.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | |||||
| CVE-2018-20555 | 1 Designchemical | 1 Social Network Tabs | 2019-04-16 | 7.5 HIGH | 9.8 CRITICAL |
| The Design Chemical Social Network Tabs plugin 1.7.1 for WordPress allows remote attackers to discover Twitter access_token, access_token_secret, consumer_key, and consumer_secret values by reading the dcwp_twitter.php source code. This leads to Twitter account takeover. | |||||
| CVE-2018-18762 | 1 Saltos | 1 Saltos | 2019-04-15 | 4.3 MEDIUM | 6.5 MEDIUM |
| SaltOS 3.1 r8126 contains a database download vulnerability. | |||||
| CVE-2018-1323 | 1 Apache | 1 Tomcat Jk Connector | 2019-04-15 | 5.0 MEDIUM | 7.5 HIGH |
| The IIS/ISAPI specific code in the Apache Tomcat JK ISAPI Connector 1.2.0 to 1.2.42 that normalised the requested path before matching it to the URI-worker map did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via IIS, then it was possible for a specially constructed request to expose application functionality through the reverse proxy that was not intended for clients accessing Tomcat via the reverse proxy. | |||||
| CVE-2017-5647 | 1 Apache | 1 Tomcat | 2019-04-15 | 5.0 MEDIUM | 7.5 HIGH |
| A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0.M1 to 9.0.0.M18, 8.5.0 to 8.5.12, 8.0.0.RC1 to 8.0.42, 7.0.0 to 7.0.76, and 6.0.0 to 6.0.52, when send file was used, results in the pipelined request being lost when send file processing of the previous request completed. This could result in responses appearing to be sent for the wrong request. For example, a user agent that sent requests A, B and C could see the correct response for request A, the response for request C for request B and no response for request C. | |||||
| CVE-2017-12616 | 1 Apache | 1 Tomcat | 2019-04-15 | 5.0 MEDIUM | 7.5 HIGH |
| When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 it was possible to bypass security constraints and/or view the source code of JSPs for resources served by the VirtualDirContext using a specially crafted request. | |||||
| CVE-2016-0706 | 3 Apache, Canonical, Debian | 3 Tomcat, Ubuntu Linux, Debian Linux | 2019-04-15 | 4.0 MEDIUM | 4.3 MEDIUM |
| Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 does not place org.apache.catalina.manager.StatusManagerServlet on the org/apache/catalina/core/RestrictedServlets.properties list, which allows remote authenticated users to bypass intended SecurityManager restrictions and read arbitrary HTTP requests, and consequently discover session ID values, via a crafted web application. | |||||
| CVE-2016-8747 | 1 Apache | 1 Tomcat | 2019-04-15 | 5.0 MEDIUM | 7.5 HIGH |
| An information disclosure issue was discovered in Apache Tomcat 8.5.7 to 8.5.9 and 9.0.0.M11 to 9.0.0.M15 in reverse-proxy configurations. Http11InputBuffer.java allows remote attackers to read data that was intended to be associated with a different request. | |||||
| CVE-2014-8111 | 1 Apache | 1 Tomcat Connectors | 2019-04-15 | 5.0 MEDIUM | N/A |
| Apache Tomcat Connectors (mod_jk) before 1.2.41 ignores JkUnmount rules for subtrees of previous JkMount rules, which allows remote attackers to access otherwise restricted artifacts via unspecified vectors. | |||||
| CVE-2013-4590 | 3 Apache, Debian, Oracle | 3 Tomcat, Debian Linux, Solaris | 2019-04-15 | 4.3 MEDIUM | N/A |
| Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain "Tomcat internals" information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | |||||
| CVE-2019-4051 | 1 Ibm | 1 Api Connect | 2019-04-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| Some URIs in IBM API Connect 2018.1 and 2018.4.1.3 disclose system specification information like the machine id, system uuid, filesystem paths, network interface names along with their mac addresses. An attacker can use this information in targeted attacks. IBM X-Force ID: 156542. | |||||
| CVE-2018-13366 | 1 Fortinet | 1 Fortios | 2019-04-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| An information disclosure vulnerability in Fortinet FortiOS 6.0.1, 5.6.7 and below allows attacker to reveals serial number of FortiGate via hostname field defined in connection control setup packets of PPTP protocol. | |||||
| CVE-2017-1000410 | 3 Debian, Linux, Redhat | 9 Debian Linux, Linux Kernel, Enterprise Linux Desktop and 6 more | 2019-04-08 | 5.0 MEDIUM | 7.5 HIGH |
| The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. By manipulating the code flows that precede the handling of these configuration messages, an attacker can also gain some control over which data will be held in the uninitialized stack variables. This can allow him to bypass KASLR, and stack canaries protection - as both pointers and stack canaries may be leaked in this manner. Combining this vulnerability (for example) with the previously disclosed RCE vulnerability in L2CAP configuration parsing (CVE-2017-1000251) may allow an attacker to exploit the RCE against kernels which were built with the above mitigations. These are the specifics of this vulnerability: In the function l2cap_parse_conf_rsp and in the function l2cap_parse_conf_req the following variable is declared without initialization: struct l2cap_conf_efs efs; In addition, when parsing input configuration parameters in both of these functions, the switch case for handling EFS elements may skip the memcpy call that will write to the efs variable: ... case L2CAP_CONF_EFS: if (olen == sizeof(efs)) memcpy(&efs, (void *)val, olen); ... The olen in the above if is attacker controlled, and regardless of that if, in both of these functions the efs variable would eventually be added to the outgoing configuration request that is being built: l2cap_add_conf_opt(&ptr, L2CAP_CONF_EFS, sizeof(efs), (unsigned long) &efs); So by sending a configuration request, or response, that contains an L2CAP_CONF_EFS element, but with an element length that is not sizeof(efs) - the memcpy to the uninitialized efs variable can be avoided, and the uninitialized variable would be returned to the attacker (16 bytes). | |||||
| CVE-2018-4311 | 2 Apple, Microsoft | 6 Icloud, Iphone Os, Itunes and 3 more | 2019-04-08 | 5.8 MEDIUM | 8.1 HIGH |
| The issue was addressed by removing origin information. This issue affected versions prior to iOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | |||||
| CVE-2018-4380 | 1 Apple | 1 Iphone Os | 2019-04-08 | 2.1 LOW | 5.5 MEDIUM |
| A lock screen issue allowed access to photos and contacts on a locked device. This issue was addressed by restricting options offered on a locked device. This issue affected versions prior to iOS 12.0.1. | |||||