National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

There are 118,245 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2019-9836

Secure Encrypted Virtualization (SEV) on Advanced Micro Devices (AMD) Platform Security Processor (PSP; aka AMD Secure Processor or AMD-SP) 0.17 build 11 and earlier has an insecure cryptographic implementation.

Published: June 25, 2019; 05:15:09 PM -04:00
(not available)
CVE-2019-3961

Nessus versions 8.4.0 and earlier were found to contain a reflected XSS vulnerability due to improper validation of user-supplied input. An unauthenticated, remote attacker could potentially exploit this vulnerability via a specially crafted request to execute arbitrary script code in a users browser session.

Published: June 25, 2019; 05:15:09 PM -04:00
(not available)
CVE-2019-12280

PC-Doctor Toolbox before 7.3 has an Uncontrolled Search Path Element.

Published: June 25, 2019; 05:15:09 PM -04:00
(not available)
CVE-2019-6329

HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege and allows unauthorized modification of directories or files. Note: A different vulnerability than CVE-2019-6328.

Published: June 25, 2019; 01:15:09 PM -04:00
(not available)
CVE-2019-6328

HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege and allows unauthorized modification of directories or files. Note: A different vulnerability than CVE-2019-6329.

Published: June 25, 2019; 01:15:09 PM -04:00
(not available)
CVE-2019-4382

IBM API Connect 5.0.0.0 through 5.0.8.6 could allow an unauthorized user to obtain sensitive information about the system users using specially crafted HTTP requests. IBM X-Force ID: 162162.

Published: June 25, 2019; 12:15:10 PM -04:00
V3: 5.3 MEDIUM
V2: 5.0 MEDIUM
CVE-2019-4377

IBM Sterling B2B Integrator 6.0.0.0 and 6.0.0.1 reveals sensitive information from a stack trace that could be used in further attacks against the system. IBM X-Force ID: 162803.

Published: June 25, 2019; 12:15:10 PM -04:00
V3: 4.3 MEDIUM
V2: 4.0 MEDIUM
CVE-2019-4158

IBM Security Access Manager 9.0.1 through 9.0.6 does not prove that a user's identity is correct which can lead to the exposure of resources or functionality to unintended actors. IBM X-Force ID: 158574.

Published: June 25, 2019; 12:15:10 PM -04:00
(not available)
CVE-2019-4157

IBM Security Access Manager 9.0.1 through 9.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 158573.

Published: June 25, 2019; 12:15:10 PM -04:00
(not available)
CVE-2019-4156

IBM Security Access Manager 9.0.1 through 9.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158572.

Published: June 25, 2019; 12:15:10 PM -04:00
(not available)
CVE-2019-4153

IBM Security Access Manager 9.0.1 through 9.0.6 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 158517.

Published: June 25, 2019; 12:15:10 PM -04:00
(not available)
CVE-2019-4152

IBM Security Access Manager 9.0.1 through 9.0.6 does not invalidate session tokens in a timely manner. The lack of proper session expiration may allow attackers with local access to login into a closed browser session. IBM X-Force ID: 158515.

Published: June 25, 2019; 12:15:10 PM -04:00
(not available)
CVE-2019-4151

IBM Security Access Manager 9.0.1 through 9.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158512.

Published: June 25, 2019; 12:15:10 PM -04:00
(not available)
CVE-2019-4150

IBM Security Access Manager 9.0.1 through 9.0.6 does not validate, or incorrectly validates, a certificate which could allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack. IBM X-Force ID: 158510.

Published: June 25, 2019; 12:15:10 PM -04:00
(not available)
CVE-2019-4145

IBM Security Access Manager 9.0.1 through 9.0.6 could reveal highly sensitive in specialized conditions to a local user which could be used in further attacks against the system. IBM X-Force ID: 158400.

Published: June 25, 2019; 12:15:10 PM -04:00
(not available)
CVE-2019-4135

IBM Security Access Manager 9.0.1 through 9.0.6 is affected by a security vulnerability that could allow authenticated users to impersonate other users. IBM X-Force ID: 158331.

Published: June 25, 2019; 12:15:10 PM -04:00
(not available)
CVE-2018-2013

IBM API Connect 2018.1 through 2018.4.1.5 could disclose sensitive information to an unauthorized user that could aid in further attacks against the system. IBM X-Force ID: 155193.

Published: June 25, 2019; 12:15:10 PM -04:00
V3: 5.3 MEDIUM
V2: 5.0 MEDIUM
CVE-2018-2011

IBM API Connect 2018.1 through 2018.4.1.5 could allow an attacker to obtain sensitive information from a specially crafted HTTP request that could aid an attacker in further attacks against the system. IBM X-Force ID: 155150.

Published: June 25, 2019; 12:15:10 PM -04:00
(not available)
CVE-2018-1858

IBM API Connect 5.0.0.0 through 5.0.8.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 151256.

Published: June 25, 2019; 12:15:10 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2019-12964

LiveZilla Server before 8.0.1.1 is vulnerable to XSS in the ticket.php Subject.

Published: June 25, 2019; 09:15:09 AM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM