Total
188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-14845 | 1 Redhat | 1 Openshift | 2024-11-21 | 2.9 LOW | 5.3 MEDIUM |
| A vulnerability was found in OpenShift builds, versions 4.1 up to 4.3. Builds that extract source from a container image, bypass the TLS hostname verification. An attacker can take advantage of this flaw by launching a man-in-the-middle attack and injecting malicious content. | |||||
| CVE-2019-13534 | 1 Philips | 19 865240, 865241, 865242 and 16 more | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Firmware A.03.09, WLAN Version A, Firmware A.03.09, Part #: M8096-67501, WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C) and WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C). The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code. | |||||
| CVE-2019-12728 | 1 Grails | 1 Grails | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| Grails before 3.3.10 used cleartext HTTP to resolve the SDKMan notification service. NOTE: users' apps were not resolving dependencies over cleartext HTTP. | |||||
| CVE-2019-12162 | 1 Upwork | 1 Time Tracker | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Upwork Time Tracker 5.2.2.716 doesn't verify the SHA256 hash of the downloaded program update before running it, which could lead to code execution or local privilege escalation by replacing the original update.exe. | |||||
| CVE-2018-4009 | 1 Shimovpn | 1 Shimo Vpn | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| An exploitable privilege escalation vulnerability exists in the Shimo VPN helper service due to improper validation of code signing. A user with local access can use this vulnerability to raise their privileges to root. An attacker would need local access to the machine to successfully exploit this bug. | |||||
| CVE-2018-19234 | 1 Comparex | 1 Miss Marple | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| The Miss Marple Updater Service in COMPAREX Miss Marple Enterprise Edition before 2.0 allows remote attackers to execute arbitrary code with SYSTEM privileges via vectors related to missing update validation. | |||||
| CVE-2018-13012 | 1 Safensoft | 3 Softcontrol Enterprise Suite, Softcontrol Syswatch, Softcontrol Tpsecure | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| Download of code with improper integrity check in snsupd.exe and upd.exe in SAFE'N'SEC SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, and SoftControl/SafenSoft Enterprise Suite before 4.4.12 allows the remote attacker to execute unauthorized code by substituting a forged update server. | |||||
| CVE-2010-3440 | 2 Babiloo Project, Debian | 2 Babiloo, Debian Linux | 2024-11-21 | 3.3 LOW | 5.5 MEDIUM |
| babiloo 2.0.9 before 2.0.11 creates temporary files with predictable names when downloading and unpacking dictionary files, allowing a local attacker to overwrite arbitrary files. | |||||