Количество 18 769
Количество 18 769
CVE-2019-1277
Windows Audio Service Elevation of Privilege Vulnerability
CVE-2019-1274
Windows Kernel Information Disclosure Vulnerability
CVE-2019-12749
dbus before 1.10.28 1.12.x before 1.12.16 and 1.13.x before 1.13.12 as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some less common uses of dbus-daemon) allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. (This only affects the DBUS_COOKIE_SHA1 authentication mechanism.) A malicious client with write access to its own home directory could manipulate a ~/.dbus-keyrings symlink to cause a DBusServer with a different uid to read and write in unintended locations. In the worst case this could result in the DBusServer reusing a cookie that is known to the malicious client and treating that cookie as evidence that a subsequent client connection came from an attacker-chosen uid allowing authentication bypass.
CVE-2019-1273
Active Directory Federation Services XSS Vulnerability
CVE-2019-12735
CVE-2019-1272
Windows Data Sharing Service Elevation of Privilege Vulnerability
CVE-2019-1271
Windows Media Elevation of Privilege Vulnerability
CVE-2019-1270
Microsoft Windows Store Installer Elevation of Privilege Vulnerability
CVE-2019-1269
Windows ALPC Elevation of Privilege Vulnerability
CVE-2019-1268
Winlogon Elevation of Privilege Vulnerability
CVE-2019-1267
Microsoft Compatibility Appraiser Elevation of Privilege Vulnerability
CVE-2019-1266
Microsoft Exchange Spoofing Vulnerability
CVE-2019-1265
Microsoft Yammer Security Feature Bypass Vulnerability
CVE-2019-1264
Microsoft Office Security Feature Bypass Vulnerability
CVE-2019-1263
Microsoft Excel Information Disclosure Vulnerability
CVE-2019-1262
Microsoft Office SharePoint XSS Vulnerability
CVE-2019-12625
CVE-2019-1261
Microsoft SharePoint Spoofing Vulnerability
CVE-2019-1260
Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2019-1259
Microsoft SharePoint Spoofing Vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-1277 Windows Audio Service Elevation of Privilege Vulnerability | CVSS3: 7.8 | 0% Низкий | больше 6 лет назад |
| CVE-2019-1274 Windows Kernel Information Disclosure Vulnerability | CVSS3: 6.3 | 1% Низкий | больше 6 лет назад |
| CVE-2019-12749 dbus before 1.10.28 1.12.x before 1.12.16 and 1.13.x before 1.13.12 as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some less common uses of dbus-daemon) allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. (This only affects the DBUS_COOKIE_SHA1 authentication mechanism.) A malicious client with write access to its own home directory could manipulate a ~/.dbus-keyrings symlink to cause a DBusServer with a different uid to read and write in unintended locations. In the worst case this could result in the DBusServer reusing a cookie that is known to the malicious client and treating that cookie as evidence that a subsequent client connection came from an attacker-chosen uid allowing authentication bypass. | CVSS3: 7.1 | 0% Низкий | больше 5 лет назад |
| CVE-2019-1273 Active Directory Federation Services XSS Vulnerability | CVSS3: 8.2 | 1% Низкий | больше 6 лет назад |
| CVSS3: 8.6 | 67% Средний | больше 5 лет назад | |
| CVE-2019-1272 Windows Data Sharing Service Elevation of Privilege Vulnerability | CVSS3: 6.3 | 0% Низкий | больше 6 лет назад |
| CVE-2019-1271 Windows Media Elevation of Privilege Vulnerability | CVSS3: 7 | 0% Низкий | больше 6 лет назад |
| CVE-2019-1270 Microsoft Windows Store Installer Elevation of Privilege Vulnerability | CVSS3: 6.3 | 0% Низкий | больше 6 лет назад |
| CVE-2019-1269 Windows ALPC Elevation of Privilege Vulnerability | CVSS3: 6.3 | 0% Низкий | больше 6 лет назад |
| CVE-2019-1268 Winlogon Elevation of Privilege Vulnerability | CVSS3: 6.5 | 0% Низкий | больше 6 лет назад |
| CVE-2019-1267 Microsoft Compatibility Appraiser Elevation of Privilege Vulnerability | CVSS3: 7.3 | 0% Низкий | больше 6 лет назад |
| CVE-2019-1266 Microsoft Exchange Spoofing Vulnerability | 0% Низкий | больше 6 лет назад | |
| CVE-2019-1265 Microsoft Yammer Security Feature Bypass Vulnerability | 5% Низкий | больше 6 лет назад | |
| CVE-2019-1264 Microsoft Office Security Feature Bypass Vulnerability | 8% Низкий | больше 6 лет назад | |
| CVE-2019-1263 Microsoft Excel Information Disclosure Vulnerability | 16% Средний | больше 6 лет назад | |
| CVE-2019-1262 Microsoft Office SharePoint XSS Vulnerability | 0% Низкий | больше 6 лет назад | |
| CVSS3: 7.5 | 2% Низкий | больше 5 лет назад | |
| CVE-2019-1261 Microsoft SharePoint Spoofing Vulnerability | 5% Низкий | больше 6 лет назад | |
| CVE-2019-1260 Microsoft SharePoint Elevation of Privilege Vulnerability | 11% Средний | больше 6 лет назад | |
| CVE-2019-1259 Microsoft SharePoint Spoofing Vulnerability | 5% Низкий | больше 6 лет назад |
Уязвимостей на страницу