Virus and Security Alerts

CVE-2019-8368 (openemr)

2019-09-16 18:15:12
OpenEMR v5.0.1-6 allows XSS.
National Vulnerability Database
CVE-2019-8371 (openemr)

2019-09-16 17:15:14
OpenEMR v5.0.1-6 allows code execution.
National Vulnerability Database
CVE-2016-10973 (brafton)

2019-09-16 17:15:12
The Brafton plugin before 3.4.8 for WordPress has XSS via the wp-admin/admin.php?page=BraftonArticleLoader tab parameter to BraftonAdminPage.php.
National Vulnerability Database
CVE-2016-10972 (newspaper)

2019-09-16 17:15:10
The newspaper theme before 6.7.2 for WordPress has a lack of options access control via td_ajax_update_panel.
National Vulnerability Database
CVE-2019-16351 (ffjpeg)

2019-09-16 13:15:12
ffjpeg before 2019-08-18 has a NULL pointer dereference in huffman_decode_step() at huffman.c.
National Vulnerability Database
CVE-2019-16352 (ffjpeg)

2019-09-16 13:15:12
ffjpeg before 2019-08-21 has a heap-based buffer overflow in jfif_load() at jfif.c.
National Vulnerability Database
CVE-2019-16350 (ffjpeg)

2019-09-16 13:15:12
ffjpeg before 2019-08-18 has a NULL pointer dereference in idct2d8x8() at dct.c.
National Vulnerability Database
CVE-2016-10969 (supportflow)

2019-09-16 13:15:11
The supportflow plugin before 0.7 for WordPress has XSS via a discussion ticket title.
National Vulnerability Database
CVE-2019-16348 (libwav)

2019-09-16 13:15:11
marc-q libwav through 2019-08-15 has a NULL pointer dereference in gain_file() at wav_gain.c.
National Vulnerability Database
CVE-2016-10970 (supportflow)

2019-09-16 13:15:11
The supportflow plugin before 0.7 for WordPress has XSS via a ticket excerpt.
National Vulnerability Database
CVE-2019-16346 (ngiflib)

2019-09-16 13:15:11
ngiflib 0.4 has a heap-based buffer overflow in WritePixel() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled.
National Vulnerability Database
CVE-2019-16347 (ngiflib)

2019-09-16 13:15:11
ngiflib 0.4 has a heap-based buffer overflow in WritePixels() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled.
National Vulnerability Database
CVE-2016-10959 (estatik)

2019-09-16 13:15:10
The estatik plugin before 2.3.1 for WordPress has authenticated arbitrary file upload (exploitable with CSRF) via es_media_images[] to wp-admin/admin-ajax.php.
National Vulnerability Database
CVE-2016-10962 (icegram)

2019-09-16 13:15:10
The icegram plugin before 1.9.19 for WordPress has CSRF via the wp-admin/edit.php option_name parameter.
National Vulnerability Database
CVE-2016-10961 (colorway)

2019-09-16 13:15:10
The colorway theme before 3.4.2 for WordPress has XSS via the contactName parameter.
National Vulnerability Database
CVE-2016-10963 (icegram)

2019-09-16 13:15:10
The icegram plugin before 1.9.19 for WordPress has XSS.
National Vulnerability Database
CVE-2016-10958 (estatik)

2019-09-16 13:15:10
The estatik plugin before 2.3.0 for WordPress has unauthenticated arbitrary file upload via es_media_images[] to wp-admin/admin-ajax.php.
National Vulnerability Database
CVE-2016-10956 (mail-masta)

2019-09-16 12:15:10
The mail-masta plugin 1.0 for WordPress has local file inclusion in count_of_send.php and csvexport.php.
National Vulnerability Database
CVE-2017-18634 (newspaper)

2019-09-16 12:15:10
The newspaper theme before 6.7.2 for WordPress has script injection via td_ads[header] to admin-ajax.php.
National Vulnerability Database
CVE-2019-16057 (dns-320_firmware)

2019-09-16 12:15:10
The login_mgr.cgi script in D-Link DNS-320 through 2.05.B10 is vulnerable to remote command injection.
National Vulnerability Database
Troj/TrikBot-EN

2019-09-16 00:00:00

Sophos latest virus and spyware detection
Troj/DNetInj-GZ

2019-09-16 00:00:00

Sophos latest virus and spyware detection
Troj/Bladab-AF

2019-09-16 00:00:00

Sophos latest virus and spyware detection
CVE-2019-16333 (getsimple_cms)

2019-09-15 22:15:10
GetSimple CMS v3.3.15 has Persistent Cross-Site Scripting (XSS) in admin/theme-edit.php.
National Vulnerability Database
CVE-2019-16332 (api_bearer_auth)

2019-09-15 22:15:10
In the api-bearer-auth plugin before 20190907 for WordPress, the server parameter is not correctly filtered in the swagger-config.yaml.php file, and it is possible to inject JavaScript code, aka XSS.
National Vulnerability Database
CVE-2019-16334 (bludit)

2019-09-15 22:15:10
In Bludit v3.9.2, there is a persistent XSS vulnerability in the Categories -> Add New Category -> Name field. NOTE: this may overlap CVE-2017-16636.
National Vulnerability Database
CVE-2019-16319 (wireshark)

2019-09-15 16:15:13
In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon dissector could go into an infinite loop. This was addressed in plugins/epan/gryphon/packet-gryphon.c by checking for a message length of zero.
National Vulnerability Database
Mal/EncPk-AOY

2019-09-15 00:00:00

Sophos latest virus and spyware detection
Troj/PDFDrp-Y

2019-09-15 00:00:00

Sophos latest virus and spyware detection
Troj/Trickbo-SQ

2019-09-15 00:00:00

Sophos latest virus and spyware detection
Troj/RTFDrp-IS

2019-09-15 00:00:00

Sophos latest virus and spyware detection
Troj/Nanoco-XY

2019-09-15 00:00:00

Sophos latest virus and spyware detection
Troj/MSIL-MUV

2019-09-15 00:00:00

Sophos latest virus and spyware detection
Troj/Formboo-RT

2019-09-15 00:00:00

Sophos latest virus and spyware detection
Troj/RTFDrp-IT

2019-09-15 00:00:00

Sophos latest virus and spyware detection
Troj/HawkEye-YA

2019-09-15 00:00:00

Sophos latest virus and spyware detection
Troj/DNetInj-GY

2019-09-15 00:00:00

Sophos latest virus and spyware detection
CVE-2019-16312 (s-cms)

2019-09-14 16:15:10
s-cms V3.0 has XSS in index.php?type=text via the S_id parameter.
National Vulnerability Database
CVE-2019-16294 (notepad++, scintilla)

2019-09-14 16:15:10
SciLexer.dll in Scintilla in Notepad++ (x64) before 7.7 allows remote code execution or denial of service via Unicode characters in a crafted .ml file.
National Vulnerability Database
CVE-2019-16311 (niushop)

2019-09-14 16:15:10
NIUSHOP V1.11 has CSRF via search_info to index.php.
National Vulnerability Database
CVE-2019-16313 (fr5-e_firmware, fr5_firmware, fr6-s_firmware, fr6_firmware, fr8_firmware)

2019-09-14 16:15:10
ifw8 Router ROM v4.31 allows credential disclosure by reading the action/usermanager.htm HTML source code.
National Vulnerability Database
CVE-2019-16310 (niushop)

2019-09-14 16:15:10
NIUSHOP V1.11 has XSS via the index.php?s=/admin URI.
National Vulnerability Database
CVE-2019-16309 (flamecms)

2019-09-14 16:15:10
FlameCMS 3.3.5 has SQL injection in account/login.php via accountName.
National Vulnerability Database
CVE-2019-16314 (indexhibit)

2019-09-14 16:15:10
Indexhibit 2.1.5 allows a product reinstallation, with resultant remote code execution, via /ndxzstudio/install.php?p=2.
National Vulnerability Database
CVE-2019-16305 (mobaxterm)

2019-09-14 15:15:10
In MobaXterm 11.1 and 12.1, the protocol handler is vulnerable to command injection. A crafted link can trigger a popup asking whether the user wants to run MobaXterm to handle the link. If accepted,
National Vulnerability Database
CVE-2019-16303 (jhipster, jhipster_kotlin)

2019-09-14 00:15:10
A class generated by the Generator in JHipster before 6.3.0 and JHipster Kotlin through 1.1.0 produces code that uses an insecure source of randomness (apache.commons.lang3 RandomStringUtils).
National Vulnerability Database
Troj/VB-KML

2019-09-14 00:00:00

Sophos latest virus and spyware detection
Troj/MSIL-MUU

2019-09-14 00:00:00

Sophos latest virus and spyware detection
CVE-2019-5485 (gitlabhook)

2019-09-13 18:15:11
NPM package gitlabhook version 0.0.17 is vulnerable to a Command Injection vulnerability. Arbitrary commands can be injected through the repository name.
National Vulnerability Database
CVE-2019-5484 (bower)

2019-09-13 18:15:11
Bower before 1.8.8 has a path traversal vulnerability permitting file write in arbitrary locations via install command, which allows attackers to write arbitrary files when a malicious package is extracted.
National Vulnerability Database
CVE-2019-11660 (data_protector)

2019-09-13 18:15:10
Privileges manipulation in Micro Focus Data Protector, versions 10.00, 10.01, 10.02, 10.03, 10.04, 10.10, 10.20, 10.30, 10.40. This vulnerability could be exploited by a low-privileged user to execute a custom binary with higher privileges.
National Vulnerability Database
CVE-2019-5314 (arubaos)

2019-09-13 17:15:12
Some web components in the ArubaOS software are vulnerable to HTTP Response splitting (CRLF injection) and Reflected XSS. An attacker would be able to accomplish this by sending certain URL parameters that would trigger this vulnerability.
National Vulnerability Database
CVE-2019-16293 (open-audit)

2019-09-13 17:15:12
The Create Discoveries feature of Open-AudIT before 3.2.0 allows an authenticated attacker to execute arbitrary OS commands via a crafted value for a URL field.
National Vulnerability Database
CVE-2019-5315 (arubaos)

2019-09-13 17:15:12
A command injection vulnerability is present in the web management interface of ArubaOS that permits an authenticated user to execute arbitrary commands on the underlying operating system.
National Vulnerability Database
CVE-2019-13548 (control_for_beaglebone, control_for_empc-a/imx6, control_for_iot2000, control_for_linux, control_for_pfc100, control_for_pfc200, control_for_raspberry_pi, control_rte, control_runtime_

2019-09-13 17:15:11
CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which could cause a stack overflow and create a denial-of-service condition or allow remote code execution.
National Vulnerability Database
CVE-2019-10937 (simatic_tdc_cp51m1_firmware)

2019-09-13 17:15:11
A vulnerability has been identified in SIMATIC TDC CP51M1 (All versions < V1.1.7). An attacker with network access to the device could cause a Denial-of-Service condition by sending a specially crafted UDP packet.
National Vulnerability Database
CVE-2019-13923 (ie/wsn-pa_link_wirelesshart_gateway_firmware)

2019-09-13 17:15:11
A vulnerability has been identified in IE/WSN-PA Link WirelessHART Gateway (All versions).
National Vulnerability Database
CVE-2019-13919 (sinema_remote_connect_server)

2019-09-13 17:15:11
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). Some pages that should only be accessible by a privileged user can also be accessed by a non-privileged user.
National Vulnerability Database
CVE-2019-13920 (sinema_remote_connect_server)

2019-09-13 17:15:11
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). Some parts of the web application are not protected against Cross Site Request Forgery (CSRF) attacks.
National Vulnerability Database
CVE-2019-13532 (control_for_beaglebone, control_for_empc-a/imx6, control_for_iot2000, control_for_linux, control_for_pfc100, control_for_pfc200, control_for_raspberry_pi, control_rte, control_runtime_

2019-09-13 17:15:11
CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which may allow access to files outside the restricted working directory of the controller.
National Vulnerability Database
CVE-2019-13918 (sinema_remote_connect_server)

2019-09-13 17:15:11
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). The web interface has no means to prevent password guessing attacks.
National Vulnerability Database
CVE-2019-13922 (sinema_remote_connect_server)

2019-09-13 17:15:11
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). An attacker with administrative privileges can obtain the hash of a connected device's password.
National Vulnerability Database
CVE-2018-7081 (arubaos)

2019-09-13 17:15:10
A remote code execution vulnerability is present in network-listening components in some versions of ArubaOS.
National Vulnerability Database
CVE-2010-5333 (integard_home, integard_pro)

2019-09-13 16:15:12
The web server in Integard Pro and Home before 2.0.0.9037 and 2.2.x before 2.2.0.9037 has a buffer overflow via a long password in an administration login POST request, leading to arbitrary code execution.
National Vulnerability Database
CVE-2019-16288 (n301_firmware)

2019-09-13 15:15:11
On Tenda N301 wireless routers, a long string in the wifiSSID parameter of a goform/setWifi POST request causes the device to crash.
National Vulnerability Database
CVE-2019-16289 (woody_ad_snippets)

2019-09-13 15:15:11
The insert-php (aka Woody ad snippets) plugin before 2.2.8 for WordPress allows authenticated XSS via the winp_item parameter.
National Vulnerability Database
CVE-2019-15031 (linux_kernel)

2019-09-13 13:15:11
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability,
National Vulnerability Database
CVE-2019-12922 (phpmyadmin)

2019-09-13 13:15:11
A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page.
National Vulnerability Database
CVE-2016-10955 (cysteme-finder)

2019-09-13 13:15:11
The cysteme-finder plugin before 1.4 for WordPress has unrestricted file upload because of incorrect session tracking.
National Vulnerability Database
CVE-2019-13363 (piwigo)

2019-09-13 13:15:11
admin.php?page=notification_by_mail in Piwigo 2.9.5 has XSS via the nbm_send_html_mail, nbm_send_mail_as, nbm_send_detailed_content,
National Vulnerability Database
CVE-2016-10954 (neosense)

2019-09-13 13:15:11
The Neosense theme before 1.8 for WordPress has qquploader unrestricted file upload.
National Vulnerability Database
CVE-2019-15030 (linux_kernel)

2019-09-13 13:15:11
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability,
National Vulnerability Database
CVE-2019-3646 (total_protection)

2019-09-13 13:15:11
DLL Search Order Hijacking vulnerability in Microsoft Windows client in McAfee Total Protection (MTP) Free Antivirus Trial 16.0.R18 and earlier allows local users to execute arbitrary code via execution from a compromised folder placed by a
National Vulnerability Database
CVE-2019-12516 (slickquiz)

2019-09-13 13:15:11
The slickquiz plugin through 1.3.7.1 for WordPress allows SQL Injection by Subscriber users,
National Vulnerability Database
CVE-2019-13364 (piwigo)

2019-09-13 13:15:11
admin.php?page=account_billing in Piwigo 2.9.5 has XSS via the vat_number, billing_name, company, or billing_address parameter. This is exploitable via CSRF.
National Vulnerability Database
CVE-2019-12517 (slickquiz)

2019-09-13 13:15:11
An XSS issue was discovered in the slickquiz plugin through 1.3.7.1 for WordPress. The save_quiz_score functionality available via the /wp-admin/admin-ajax.php endpoint allows unauthenticated users to submit quiz solutions/answers,
National Vulnerability Database
CVE-2016-10946 (wp-d3)

2019-09-13 13:15:10
The wp-d3 plugin before 2.4.1 for WordPress has CSRF.
National Vulnerability Database
CVE-2016-10953 (headway)

2019-09-13 13:15:10
The Headway theme before 3.8.9 for WordPress has XSS via the license key field.
National Vulnerability Database
CVE-2016-10952 (quotes_collection)

2019-09-13 13:15:10
The quotes-collection plugin before 2.0.6 for WordPress has XSS via the wp-admin/admin.php?page=quotes-collection page parameter.
National Vulnerability Database
CVE-2016-10949 (relevanssi)

2019-09-13 13:15:10
The Relevanssi Premium plugin before 1.14.6.1 for WordPress has SQL injection with resultant unsafe unserialization.
National Vulnerability Database
CVE-2016-10951 (fs-shopping-cart)

2019-09-13 13:15:10
The fs-shopping-cart plugin 2.07.02 for WordPress has SQL injection via the pid parameter.
National Vulnerability Database
CVE-2016-10948 (post_indexer)

2019-09-13 13:15:10
The Post Indexer plugin before 3.0.6.2 for WordPress has incorrect handling of data passed to the unserialize function.
National Vulnerability Database
CVE-2016-10947 (post_indexer)

2019-09-13 13:15:10
The Post Indexer plugin before 3.0.6.2 for WordPress has SQL injection via the period parameter by a super admin.
National Vulnerability Database
CVE-2016-10950 (sirv)

2019-09-13 13:15:10
The sirv plugin before 1.3.2 for WordPress has SQL injection via the id parameter.
National Vulnerability Database
CVE-2017-18614 (kama_click_counter)

2019-09-13 12:15:11
The kama-clic-counter plugin 3.4.9 for WordPress has SQL injection via the admin.php order parameter.
National Vulnerability Database
CVE-2016-10945 (pagelines)

2019-09-13 12:15:11
The PageLines theme 1.1.4 for WordPress has wp-admin/admin-post.php?page=pagelines CSRF.
National Vulnerability Database
CVE-2017-18615 (kama_click_counter)

2019-09-13 12:15:11
The kama-clic-counter plugin before 3.5.0 for WordPress has XSS.
National Vulnerability Database
CVE-2017-18613 (trust_form)

2019-09-13 12:15:11
The trust-form plugin 2.0 for WordPress has XSS via the wp-admin/admin.php?page=trust-form-edit page parameter.
National Vulnerability Database
CVE-2017-18612 (wp-whois-domain)

2019-09-13 12:15:11
The wp-whois-domain plugin 1.0.0 for WordPress has XSS via the pages/func-whois.php domain parameter.
National Vulnerability Database
CVE-2016-10944 (multisite_post_duplicator)

2019-09-13 12:15:11
The multisite-post-duplicator plugin before 1.1.3 for WordPress has wp-admin/tools.php?page=mpd CSRF.
National Vulnerability Database
CVE-2016-10943 (zx-csv-upload)

2019-09-13 12:15:11
The zx-csv-upload plugin 1 for WordPress has SQL injection via the id parameter.
National Vulnerability Database
CVE-2019-16277 (picoc)

2019-09-13 12:15:11
PicoC 2.1 has a heap-based buffer overflow in StringStrcpy in cstdlib/string.c when called from ExpressionParseFunctionCall in expression.c.
National Vulnerability Database
CVE-2016-10938 (copy-me)

2019-09-13 12:15:10
The copy-me plugin 1.0.0 for WordPress has CSRF for copying non-public posts to a public location.
National Vulnerability Database
CVE-2016-10941 (podlove_podcast_publisher)

2019-09-13 12:15:10
The podlove-podcasting-plugin-for-wordpress plugin before 2.3.16 for WordPress has XSS exploitable via CSRF.
National Vulnerability Database
CVE-2016-10940 (zm-gallery)

2019-09-13 12:15:10
The zm-gallery plugin 1.0 for WordPress has SQL injection via the order parameter.
National Vulnerability Database
CVE-2016-10939 (xtremelocator)

2019-09-13 12:15:10
The xtremelocator plugin 1.5 for WordPress has SQL injection via the id parameter.
National Vulnerability Database
CVE-2016-10942 (podlove_podcast_publisher)

2019-09-13 12:15:10
The podlove-podcasting-plugin-for-wordpress plugin before 2.3.16 for WordPress has SQL injection via the insert_id parameter exploitable via CSRF.
National Vulnerability Database
VBS/Drop-BKF

2019-09-13 00:00:00

Sophos latest virus and spyware detection
Troj/Ursnif-DF

2019-09-13 00:00:00

Sophos latest virus and spyware detection
VBS/Drop-BKH

2019-09-13 00:00:00

Sophos latest virus and spyware detection
Troj/RTFDl-AJS

2019-09-13 00:00:00

Sophos latest virus and spyware detection
Troj/Remcos-LS

2019-09-13 00:00:00

Sophos latest virus and spyware detection
VBS/Drop-BKG

2019-09-13 00:00:00

Sophos latest virus and spyware detection
Troj/Agent-BCPD

2019-09-13 00:00:00

Sophos latest virus and spyware detection
Troj/Ursnif-DE

2019-09-13 00:00:00

Sophos latest virus and spyware detection
Troj/DNetInj-GU

2019-09-13 00:00:00

Sophos latest virus and spyware detection
Troj/VBInj-VI

2019-09-13 00:00:00

Sophos latest virus and spyware detection
CVE-2019-16275 (hostapd, wpa_supplicant)

2019-09-12 20:15:11
hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled.
National Vulnerability Database
CVE-2019-13534 (intellivue_mp_monitors_mp2/x2_firmware, intellivue_mp_monitors_mp20-mp90_firmware, intellivue_mp_monitors_mp5/5sc_firmware, intellivue_mp_monitors_mx800/700/600_firmware)

2019-09-12 20:15:11
Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Firmware A.03.09, WLAN Version A, Firmware A.03.09, Part #: M8096-67501, WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C) and WLAN Version B,
National Vulnerability Database
CVE-2019-13530 (intellivue_mp_monitors_mp2/x2_firmware, intellivue_mp_monitors_mp20-mp90_firmware, intellivue_mp_monitors_mp5/5sc_firmware, intellivue_mp_monitors_mx800/700/600_firmware)

2019-09-12 20:15:11
Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Firmware A.03.09, WLAN Version A, Firmware A.03.09, Part #: M8096-67501, WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C) and WLAN Version B,
National Vulnerability Database
CVE-2019-8070 (flash_player, flash_player_desktop_runtime)

2019-09-12 19:15:11
Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Use after free vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.
National Vulnerability Database
CVE-2019-8069 (flash_player, flash_player_desktop_runtime)

2019-09-12 19:15:11
Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Same Origin Method Execution vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.
National Vulnerability Database
CVE-2019-8076 (application_manager)

2019-09-12 19:15:11
Adobe application manager installer version 10.0 have an Insecure Library Loading (DLL hijacking) vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.
National Vulnerability Database
CVE-2019-11898 (access)

2019-09-12 19:15:10
Unauthorized APE administration privileges can be achieved by reverse engineering one of the APE service tools. The service tool is discontinued with Bosch Access Professional Edition (APE) 3.8.
National Vulnerability Database
CVE-2019-11899 (access)

2019-09-12 19:15:10
An unauthenticated attacker can achieve unauthorized access to sensitive data by exploiting Windows SMB protocol on a client installation. With Bosch Access Professional Edition (APE) 3.8,
National Vulnerability Database
CVE-2019-14237 (kinetis_k8x_firmware, kinetis_kv1x_firmware, kinetis_kv3x_firmware)

2019-09-12 18:15:12
On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls (FAC) (a software IP protection method for execute-only access) can be defeated by observing CPU registers and the effect of code/instruction execution.
National Vulnerability Database
CVE-2019-14236 (stm32f4_firmware, stm32f7_firmware, stm32h7_firmware, stm32l0_firmware, stm32l1_firmware, stm32l4_firmware)

2019-09-12 18:15:11
On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices,
National Vulnerability Database
CVE-2019-11773 (omr)

2019-09-12 18:15:11
Prior to 0.1, AIX builds of Eclipse OMR contain unused RPATHs which may facilitate code injection and privilege elevation by local users.
National Vulnerability Database
CVE-2019-5992 (wordpress_ultra_simple_paypal_shopping_cart)

2019-09-12 17:15:14
Cross-site request forgery (CSRF) vulnerability in WordPress Ultra Simple Paypal Shopping Cart v4.4 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
National Vulnerability Database
CVE-2019-5993 (category_specific_rss_feed_subscription)

2019-09-12 17:15:14
Cross-site request forgery (CSRF) vulnerability in Category Specific RSS feed Subscription version v2.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
National Vulnerability Database
CVE-2019-5986 (pr-400ki_firmware, pr-400mi_firmware, pr-400ne_firmware, pr-500ki_firmware, pr-500mi_firmware, pr-s300hi_firmware, pr-s300ne_firmware, pr-s300se_firmware, rs-500ki_firmware, rs-500mi_fi

2019-09-12 17:15:14
Cross-site request forgery (CSRF) vulnerability in Hikari Denwa router/Home GateWay (Hikari Denwa router/Home GateWay provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION PR-S300NE/RT-S300NE/RV-S340NE firmware version Ver.
National Vulnerability Database
CVE-2019-6009 (shirasagi)

2019-09-12 17:15:14
Open redirect vulnerability in SHIRASAGI v1.7.0 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
National Vulnerability Database
CVE-2019-6007 (apng-drawable)

2019-09-12 17:15:14
Integer overflow vulnerability in apng-drawable 1.0.0 to 1.6.0 allows an attacker to cause a denial of service (DoS) condition or execute arbitrary code via unspecified vectors.
National Vulnerability Database
CVE-2019-6003 (amazon_pay)

2019-09-12 17:15:14
Cross-site scripting vulnerability in EC-CUBE plugin 'Amazon Pay Plugin 2.12,2.13' version 2.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
National Vulnerability Database
CVE-2019-5996 (video_insight_vms)

2019-09-12 17:15:14
SQL injection vulnerability in the Video Insight VMS 7.3.2.5 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
National Vulnerability Database
CVE-2019-5991 (garoon)

2019-09-12 17:15:14
SQL injection vulnerability in the Cybozu Garoon 4.0.0 to 4.10.3 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
National Vulnerability Database
CVE-2019-6004 (apeosware_management_suite, apeosware_management_suite_2)

2019-09-12 17:15:14
Open redirect vulnerability in ApeosWare Management Suite Ver.1.4.0.18 and earlier,
National Vulnerability Database
CVE-2019-5976 (garoon)

2019-09-12 17:15:13
Cybozu Garoon 4.0.0 to 4.10.2 allows an attacker with administrative rights to cause a denial of service condition via unspecified vectors.
National Vulnerability Database
CVE-2019-5956 (wondercms)

2019-09-12 17:15:13
Directory traversal vulnerability in WonderCMS 2.6.0 and earlier allows remote attackers to delete arbitrary files via unspecified vectors.
National Vulnerability Database
CVE-2019-5985 (pr-400ki_firmware, pr-400mi_firmware, pr-400ne_firmware, pr-500ki_firmware, pr-500mi_firmware, pr-s300hi_firmware, pr-s300ne_firmware, pr-s300se_firmware, rs-500ki_firmware, rs-500mi_fi

2019-09-12 17:15:13
Cross-site scripting vulnerability in Hikari Denwa router/Home GateWay (Hikari Denwa router/Home GateWay provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION PR-S300NE/RT-S300NE/RV-S340NE firmware version Ver. 19.41 and earlier,
National Vulnerability Database
CVE-2019-5978 (garoon)

2019-09-12 17:15:13
Open redirect vulnerability in Cybozu Garoon 4.0.0 to 4.10.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the application 'Scheduler'.
National Vulnerability Database
CVE-2019-5975 (garoon)

2019-09-12 17:15:13
DOM-based cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.10.2 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
National Vulnerability Database
CVE-2019-5977 (garoon)

2019-09-12 17:15:13
Mail header injection vulnerability in Cybozu Garoon 4.0.0 to 4.10.2 may allow a remote authenticated attackers to alter mail header via the application 'E-Mail'.
National Vulnerability Database
CVE-2019-3638 (web_gateway)

2019-09-12 16:15:12
Reflected Cross Site Scripting vulnerability in Administrators web console in McAfee Web Gateway (MWG) 7.8.x prior to 7.8.2.13 allows remote attackers to collect sensitive information or execute commands with the MWG administrator's credent
National Vulnerability Database
CVE-2019-16238 (aurora)

2019-09-12 16:15:11
Afterlogic Aurora through 8.3.9-build-a3 has XSS that can be leveraged for session hijacking by retrieving the session cookie from the administrator login.
National Vulnerability Database
CVE-2019-16261 (pdumh15at_firmware)

2019-09-12 15:15:11
Tripp Lite PDUMH15AT 12.04.0053 devices allow unauthenticated POST requests to the /Forms/ directory, as demonstrated by changing the manager or admin password, or shutting off power to an outlet. NOTE:
National Vulnerability Database
CVE-2019-10398 (beaker_builder)

2019-09-12 14:15:11
Jenkins Beaker Builder Plugin 1.9 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system.
National Vulnerability Database
CVE-2019-10399 (script_security)

2019-09-12 14:15:11
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions in increment and decrement expressions allowed attackers to execute arbitrary code in sandbo
National Vulnerability Database
CVE-2019-10400 (script_security)

2019-09-12 14:15:11
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of subexpressions in increment and decrement expressions not involving actual assignment allowed attackers to execute arbitrary code i
National Vulnerability Database
CVE-2019-16257 (motorola_firmware)

2019-09-12 13:15:10
Some Motorola devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or execute certain commands,
National Vulnerability Database
CVE-2019-16256 (samsung_firmware)

2019-09-12 13:15:10
Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or execute certain commands,
National Vulnerability Database
Troj/Fareit-IWJ

2019-09-12 00:00:00

Sophos latest virus and spyware detection
Troj/Phish-FYX

2019-09-12 00:00:00

Sophos latest virus and spyware detection
Troj/MSIL-MUP

2019-09-12 00:00:00

Sophos latest virus and spyware detection
Troj/Formboo-RQ

2019-09-12 00:00:00

Sophos latest virus and spyware detection
Troj/LokiBot-DZ

2019-09-12 00:00:00

Sophos latest virus and spyware detection
Troj/Azorult-CE

2019-09-12 00:00:00

Sophos latest virus and spyware detection
Troj/Fareit-IWI

2019-09-12 00:00:00

Sophos latest virus and spyware detection
Troj/Dridex-ABZ

2019-09-12 00:00:00

Sophos latest virus and spyware detection
Troj/DocDl-VPV

2019-09-12 00:00:00

Sophos latest virus and spyware detection
Troj/Phish-FYY

2019-09-12 00:00:00

Sophos latest virus and spyware detection
CVE-2019-16250 (ocean_extra)

2019-09-11 23:15:14
includes/wizard/wizard.php in the Ocean Extra plugin through 1.5.8 for WordPress allows unauthenticated options changes and injection of a Cascading Style Sheets (CSS) token sequence.
National Vulnerability Database
CVE-2019-16249 (opencv)

2019-09-11 23:15:14
OpenCV 4.1.1 has an out-of-bounds read in hal_baseline::v_load in core/hal/intrin_sse.hpp when called from computeSSDMeanNorm in modules/video/src/dis_flow.cpp.
National Vulnerability Database
CVE-2019-16248 (telegram)

2019-09-11 23:15:14
The "delete for" feature in Telegram before 5.11 on Android does not delete shared media files from the Telegram Images directory. In other words,
National Vulnerability Database
CVE-2019-1301 (.net_core, powershell_core)

2019-09-11 22:15:19
A denial of service vulnerability exists when .NET Core improperly handles web requests, aka '.NET Core Denial of Service Vulnerability'.
National Vulnerability Database
CVE-2019-1305 (azure_devops_server, team_foundation_server)

2019-09-11 22:15:19
A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'.
National Vulnerability Database
CVE-2019-1302 (asp.net_core)

2019-09-11 22:15:19
An elevation of privilege vulnerability exists when a ASP.NET Core web application, created using vulnerable project templates, fails to properly sanitize web requests, aka 'ASP.NET Core Elevation Of Privilege Vulnerability'.
National Vulnerability Database
CVE-2019-5054 (wnr2000_firmware)

2019-09-11 22:15:19
An exploitable denial-of-service vulnerability exists in the session handling functionality of the NETGEAR N300 (WNR2000v5 with Firmware Version V1.0.0.70) HTTP server.
National Vulnerability Database
CVE-2019-5055 (wnr2000_firmware)

2019-09-11 22:15:19
An exploitable denial-of-service vulnerability exists in the Host Access Point Daemon (hostapd) on the NETGEAR N300 (WNR2000v5 with Firmware Version V1.0.0.70) wireless router.
National Vulnerability Database
CVE-2019-1303 (windows_10, windows_server_2016, windows_server_2019)

2019-09-11 22:15:19
An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system,
National Vulnerability Database
CVE-2019-1306 (azure_devops_server, team_foundation_server)

2019-09-11 22:15:19
A remote code execution vulnerability exists when Azure DevOps Server (ADO) and Team Foundation Server (TFS) fail to validate input properly, aka 'Azure DevOps and Team Foundation Server Remote Code Execution Vulnerability'.
National Vulnerability Database
CVE-2019-1299 (edge)

2019-09-11 22:15:18
An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory, aka 'Microsoft Edge based on Edge HTML Information Disclosure Vulnerability'.
National Vulnerability Database
CVE-2019-1284 (windows_7, windows_server_2008)

2019-09-11 22:15:18
An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'.
National Vulnerability Database
CVE-2019-1291 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:18
A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0787,
National Vulnerability Database
CVE-2019-1293 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:18
An information disclosure vulnerability exists in Windows when the Windows SMB Client kernel-mode driver fails to properly handle objects in memory, aka 'Windows SMB Client Driver Information Disclosure Vulnerability'.
National Vulnerability Database
CVE-2019-1298 (chakracore, edge)

2019-09-11 22:15:18
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1138,
National Vulnerability Database
CVE-2019-1286 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:18
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1252.
National Vulnerability Database
CVE-2019-1294 (windows_10, windows_server_2016, windows_server_2019)

2019-09-11 22:15:18
A security feature bypass exists when Windows Secure Boot improperly restricts access to debugging functionality, aka 'Windows Secure Boot Security Feature Bypass Vulnerability'.
National Vulnerability Database
CVE-2019-1297 (excel, office, office_365_proplus)

2019-09-11 22:15:18
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.
National Vulnerability Database
CVE-2019-1300 (chakracore, edge)

2019-09-11 22:15:18
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1138,
National Vulnerability Database
CVE-2019-1296 (sharepoint_enterprise_server, sharepoint_foundation, sharepoint_server)

2019-09-11 22:15:18
A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1257,
National Vulnerability Database
CVE-2019-1290 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:18
A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0787,
National Vulnerability Database
CVE-2019-1287 (windows_10, windows_8.1, windows_rt_8.1, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:18
An elevation of privilege vulnerability exists in the way that the Windows Network Connectivity Assistant handles objects in memory, aka 'Windows Network Connectivity Assistant Elevation of Privilege Vulnerability'.
National Vulnerability Database
CVE-2019-1292 (windows_10, windows_server_2016, windows_server_2019)

2019-09-11 22:15:18
A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'.
National Vulnerability Database
CVE-2019-1295 (sharepoint_enterprise_server, sharepoint_foundation, sharepoint_server)

2019-09-11 22:15:18
A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1257,
National Vulnerability Database
CVE-2019-1285 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:18
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1256.
National Vulnerability Database
CVE-2019-1289 (windows_10, windows_server_2016, windows_server_2019)

2019-09-11 22:15:18
An elevation of privilege vulnerability exists when the Windows Update Delivery Optimization does not properly enforce file share permissions, aka 'Windows Update Delivery Optimization Elevation of Privilege Vulnerability'.
National Vulnerability Database
CVE-2019-1283 (windows_7, windows_server_2008)

2019-09-11 22:15:17
An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Information Disclosure Vulnerability'.
National Vulnerability Database
CVE-2019-1274 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:17
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'.
National Vulnerability Database
CVE-2019-1278 (windows_10, windows_server_2016, windows_server_2019)

2019-09-11 22:15:17
An elevation of privilege vulnerability exists in the way that the unistore.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1215, CVE-2019-1253, CVE-2019-1303.
National Vulnerability Database
CVE-2019-1271 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:17
An elevation of privilege exists in hdAudio.sys which may lead to an out of band write, aka 'Windows Media Elevation of Privilege Vulnerability'.
National Vulnerability Database
CVE-2019-1277 (windows_10, windows_server_2016, windows_server_2019)

2019-09-11 22:15:17
An elevation of privilege vulnerability exists in Windows Audio Service when a malformed parameter is processed, aka 'Windows Audio Service Elevation of Privilege Vulnerability'.
National Vulnerability Database
CVE-2019-1267 (windows_10, windows_7, windows_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:17
An elevation of privilege vulnerability exists in Microsoft Compatibility Appraiser where a configuration file, with local privileges, is vulnerable to symbolic link and hard link attacks,
National Vulnerability Database
CVE-2019-1273 (windows_10, windows_server_2016, windows_server_2019)

2019-09-11 22:15:17
A cross-site-scripting (XSS) vulnerability exists when Active Directory Federation Services (ADFS) does not properly sanitize certain error messages, aka 'Active Directory Federation Services XSS Vulnerability'.
National Vulnerability Database
CVE-2019-1270 (windows_10, windows_server_2016, windows_server_2019)

2019-09-11 22:15:17
An elevation of privilege vulnerability exists in Windows store installer where WindowsApps directory is vulnerable to symbolic link attack, aka 'Microsoft Windows Store Installer Elevation of Privilege Vulnerability'.
National Vulnerability Database
CVE-2019-1272 (windows_10, windows_server_2016, windows_server_2019)

2019-09-11 22:15:17
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the l
National Vulnerability Database
CVE-2019-1282 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:17
An information disclosure exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle sandbox checks, aka 'Windows Common Log File System Driver Information Disclosure Vulnerability'.
National Vulnerability Database
CVE-2019-1266 (exchange_server)

2019-09-11 22:15:17
A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web App (OWA) fails to properly handle web requests, aka 'Microsoft Exchange Spoofing Vulnerability'.
National Vulnerability Database
CVE-2019-1269 (windows_10, windows_8.1, windows_rt_8.1, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:17
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the l
National Vulnerability Database
CVE-2019-1280 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:17
A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user
National Vulnerability Database
CVE-2019-1268 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:17
An elevation of privilege exists when Winlogon does not properly handle file path information, aka 'Winlogon Elevation of Privilege Vulnerability'.
National Vulnerability Database
CVE-2019-1265 (yammer)

2019-09-11 22:15:16
A security feature bypass vulnerability exists when Microsoft Yammer App for Android fails to apply the correct Intune MAM Policy.This could allow an attacker to perform functions that are restricted by Intune Policy.The security update add
National Vulnerability Database
CVE-2019-1261 (sharepoint_enterprise_server, sharepoint_foundation, sharepoint_server)

2019-09-11 22:15:16
A spoofing vulnerability exists in Microsoft SharePoint when it improperly handles requests to authorize applications, resulting in cross-site request forgery (CSRF).To exploit this vulnerability,
National Vulnerability Database
CVE-2019-1262 (sharepoint_foundation)

2019-09-11 22:15:16
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'.
National Vulnerability Database
CVE-2019-1253 (windows_10, windows_server_2016, windows_server_2019)

2019-09-11 22:15:16
An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system,
National Vulnerability Database
CVE-2019-1251 (windows_10, windows_server_2016, windows_server_2019)

2019-09-11 22:15:16
An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1244, CVE-2019-1245.
National Vulnerability Database
CVE-2019-1257 (sharepoint_enterprise_server, sharepoint_foundation, sharepoint_server)

2019-09-11 22:15:16
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'.
National Vulnerability Database
CVE-2019-1252 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:16
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1286.
National Vulnerability Database
CVE-2019-1249 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:16
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1240, CVE-2019-1241,
National Vulnerability Database
CVE-2019-1259 (sharepoint_foundation)

2019-09-11 22:15:16
A spoofing vulnerability exists in Microsoft SharePoint when it improperly handles requests to authorize applications, resulting in cross-site request forgery (CSRF).To exploit this vulnerability,
National Vulnerability Database
CVE-2019-1256 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:16
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1285.
National Vulnerability Database
CVE-2019-1260 (sharepoint_enterprise_server, sharepoint_foundation, sharepoint_server)

2019-09-11 22:15:16
An elevation of privilege vulnerability exists in Microsoft SharePoint, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'.
National Vulnerability Database
CVE-2019-1263 (excel, office, office_365_proplus)

2019-09-11 22:15:16
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.
National Vulnerability Database
CVE-2019-1264 (office, office_365_proplus, project)

2019-09-11 22:15:16
A security feature bypass vulnerability exists when Microsoft Office improperly handles input, aka 'Microsoft Office Security Feature Bypass Vulnerability'.
National Vulnerability Database
CVE-2019-1250 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:16
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1240, CVE-2019-1241,
National Vulnerability Database
CVE-2019-1254 (windows_10, windows_server_2016, windows_server_2019)

2019-09-11 22:15:16
An information disclosure vulnerability exists when Windows Hyper-V writes uninitialized memory to disk, aka 'Windows Hyper-V Information Disclosure Vulnerability'.
National Vulnerability Database
CVE-2019-1248 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:16
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1240, CVE-2019-1241,
National Vulnerability Database
CVE-2019-1247 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:15
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1240, CVE-2019-1241,
National Vulnerability Database
CVE-2019-1237 (chakracore, edge)

2019-09-11 22:15:15
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1138,
National Vulnerability Database
CVE-2019-1245 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:15
An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1244, CVE-2019-1251.
National Vulnerability Database
CVE-2019-1244 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:15
An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1245, CVE-2019-1251.
National Vulnerability Database
CVE-2019-1246 (office, office_365_proplus, windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:15
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1240, CVE-2019-1241,
National Vulnerability Database
CVE-2019-1231 (project_rome)

2019-09-11 22:15:15
An information disclosure vulnerability exists in the way Rome SDK handles server SSL/TLS certificate validation, aka 'Rome SDK Information Disclosure Vulnerability'.
National Vulnerability Database
CVE-2019-1241 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:15
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1240, CVE-2019-1242,
National Vulnerability Database
CVE-2019-1235 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:15
An elevation of privilege vulnerability exists in Windows Text Service Framework (TSF) when the TSF server process does not validate the source of input or commands it receives,
National Vulnerability Database
CVE-2019-1236 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:15
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1208.
National Vulnerability Database
CVE-2019-1233 (exchange_server)

2019-09-11 22:15:15
A denial of service vulnerability exists in Microsoft Exchange Server software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Denial of Service Vulnerability'.
National Vulnerability Database
CVE-2019-1243 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:15
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1240, CVE-2019-1241,
National Vulnerability Database
CVE-2019-1240 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:15
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1241, CVE-2019-1242,
National Vulnerability Database
CVE-2019-1242 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:15
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1240, CVE-2019-1241,
National Vulnerability Database
CVE-2019-1232 (visual_studio, visual_studio_2017, visual_studio_2019, windows_10, windows_server_2016, windows_server_2019)

2019-09-11 22:15:15
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly impersonates certain file operations, aka 'Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability'.
National Vulnerability Database
CVE-2019-1142 (.net_framework)

2019-09-11 22:15:14
An elevation of privilege vulnerability exists when the .NET Framework common language runtime (CLR) allows file creation in arbitrary locations, aka '.NET Framework Elevation of Privilege Vulnerability'.
National Vulnerability Database
CVE-2019-1208 (internet_explorer)

2019-09-11 22:15:14
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1236.
National Vulnerability Database
CVE-2019-1220 (edge, internet_explorer)

2019-09-11 22:15:14
A security feature bypass vulnerability exists when Microsoft Browsers fail to validate the correct Security Zone of requests for specific URLs, aka 'Microsoft Browser Security Feature Bypass Vulnerability'.
National Vulnerability Database
CVE-2019-16247 (dcisoft)

2019-09-11 22:15:14
Delta DCISoft 1.21 has a User Mode Write AV starting at CommLib!CCommLib::SetSerializeData+0x000000000000001b.
National Vulnerability Database
CVE-2019-1217 (chakracore, edge)

2019-09-11 22:15:14
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1138,
National Vulnerability Database
CVE-2019-1221 (internet_explorer)

2019-09-11 22:15:14
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'.
National Vulnerability Database
CVE-2019-1209 (lync)

2019-09-11 22:15:14
An information disclosure vulnerability exists in Lync 2013, aka 'Lync 2013 Information Disclosure Vulnerability'.
National Vulnerability Database
CVE-2019-1216 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016)

2019-09-11 22:15:14
An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Information Disclosure Vulnerability'.
National Vulnerability Database
CVE-2019-1215 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:14
An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1253, CVE-2019-1278, CVE-2019-1303.
National Vulnerability Database
CVE-2019-1214 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:14
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'.
National Vulnerability Database
CVE-2019-1138 (chakracore, edge)

2019-09-11 22:15:14
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1217,
National Vulnerability Database
CVE-2019-1219 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019)

2019-09-11 22:15:14
An information disclosure vulnerability exists when the Windows Transaction Manager improperly handles objects in memory, aka 'Windows Transaction Manager Information Disclosure Vulnerability'.
National Vulnerability Database
CVE-2019-0787 (windows_10, windows_7, windows_8.1, windows_rt_8.1)

2019-09-11 22:15:13
A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0788,
National Vulnerability Database
CVE-2019-0928 (windows_10, windows_server_2016)

2019-09-11 22:15:13
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'.
National Vulnerability Database
CVE-2019-0788 (windows_10, windows_8.1, windows_rt_8.1)

2019-09-11 22:15:13
A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0787,
National Vulnerability Database
CVE-2019-13544 (tpeditor)

2019-09-11 21:15:11
Delta Electronics TPEditor, Versions 1.94 and prior. Multiple out-of-bounds write vulnerabilities may be exploited by processing specially crafted project files, which may allow remote code execution.
National Vulnerability Database
CVE-2019-13536 (tpeditor)

2019-09-11 21:15:11
Delta Electronics TPEditor, Versions 1.94 and prior. Multiple heap-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to remotely execute arbitrary code.
National Vulnerability Database
CVE-2019-10074 (ofbiz)

2019-09-11 21:15:11
An RCE is possible by entering Freemarker markup in an Apache OFBiz Form Widget textarea field when encoding has been disabled on such a field. This was the case for the Customer Request "story"
National Vulnerability Database
CVE-2019-10073 (ofbiz)

2019-09-11 21:15:11
The "Blog", "Forum", "Contact Us" screens of the template "ecommerce" application bundled in Apache OFBiz are weak to Stored XSS attacks. Mitigation:
National Vulnerability Database
CVE-2019-13540 (tpeditor)

2019-09-11 21:15:11
Delta Electronics TPEditor, Versions 1.94 and prior. Multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to remotely execute arbitrary code.
National Vulnerability Database
CVE-2019-15302 (cryptpad)

2019-09-11 21:15:11
The pad management logic in XWiki labs CryptPad before 3.0.0 allows a remote attacker (who has access to a Rich Text pad with editing rights for the URL) to corrupt it (i.e., cause data loss) via a trivial URL modification.
National Vulnerability Database
CVE-2019-0189 (ofbiz)

2019-09-11 21:15:10
The java.io.ObjectInputStream is known to cause Java serialisation issues. This issue here is exposed by the "webtools/control/httpService" URL, and uses Java deserialization to perform code execution. In the HttpEngine,
National Vulnerability Database
CVE-2018-17200 (ofbiz)

2019-09-11 21:15:10
The Apache OFBiz HTTP engine (org.apache.ofbiz.service.engine.HttpEngine.java) handles requests for HTTP services via the /webtools/control/httpService endpoint.
National Vulnerability Database
CVE-2019-3760 (rsa_identity_governance_and_lifecycle, rsa_via_lifecycle_and_governance)

2019-09-11 20:15:11
The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain a SQL Injection vulnerability in Workflow Architect.
National Vulnerability Database
CVE-2019-3761 (rsa_identity_governance_and_lifecycle, rsa_via_lifecycle_and_governance)

2019-09-11 20:15:11
The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain a stored cross-site scripting vulnerability in the Access Request module.
National Vulnerability Database
CVE-2019-3759 (rsa_identity_governance_and_lifecycle, rsa_via_lifecycle_and_governance)

2019-09-11 20:15:11
The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain a code injection vulnerability.
National Vulnerability Database
CVE-2019-3763 (rsa_identity_governance_and_lifecycle, rsa_via_lifecycle_and_governance)

2019-09-11 20:15:11
The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain an information exposure vulnerability.
National Vulnerability Database
CVE-2019-11769 (teamviewer)

2019-09-11 20:15:10
An issue was discovered in TeamViewer 14.2.2558. Updating the product as a non-administrative user requires entering administrative credentials into the GUI. Subsequently, these credentials are processed in Teamviewer.exe,
National Vulnerability Database
CVE-2019-16237 (dino)

2019-09-11 19:15:11
Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep/0313_message_archive_management.vala.
National Vulnerability Database
CVE-2019-14936 (easy!appointments)

2019-09-11 19:15:11
Easy!Appointments 1.3.2 plugin for WordPress allows Sensitive Information Disclosure (Username and Password Hash).
National Vulnerability Database
CVE-2019-16236 (dino)

2019-09-11 19:15:11
Dino before 2019-09-10 does not check roster push authorization in module/roster/module.vala.
National Vulnerability Database
CVE-2019-16235 (dino)

2019-09-11 19:15:11
Dino before 2019-09-10 does not properly check the source of a carbons message in module/xep/0280_message_carbons.vala.
National Vulnerability Database
CVE-2019-13473 (bobs_rock_radio_firmware, dabman_d10_firmware, dabman_i30_stereo_firmware, imperial_i110_firmware, imperial_i150_firmware, imperial_i200-cd_firmware, imperial_i200_firmware, imperial_i

2019-09-11 19:15:11
TELESTAR Bobs Rock Radio, Dabman D10, Dabman i30 Stereo, Imperial i110, Imperial i150, Imperial i200, Imperial i200-cd, Imperial i400, Imperial i450, Imperial i500-bt,
National Vulnerability Database
CVE-2019-11777 (paho_java_client)

2019-09-11 18:15:10
In the Eclipse Paho Java client library version 1.2.0, when connecting to an MQTT server using TLS and setting a host name verifier, the result of that verification is not checked.
National Vulnerability Database
CVE-2019-9488 (deep_security_manager, vulnerability_protection)

2019-09-11 18:15:10
Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Protection (2.0) are vulnerable to a XML External Entity Attack. However, for the attack to be possible,
National Vulnerability Database
CVE-2019-16098 (afterburner)

2019-09-11 17:15:10
The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCore32.sys) allows any authenticated user to read and write to arbitrary memory, I/O ports, and MSRs. This can be exploited for privilege escalation,
National Vulnerability Database
CVE-2019-16231 (linux_kernel)

2019-09-11 16:15:11
drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
National Vulnerability Database
CVE-2019-16232 (linux_kernel)

2019-09-11 16:15:11
drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
National Vulnerability Database
CVE-2019-16233 (linux_kernel)

2019-09-11 16:15:11
drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
National Vulnerability Database
CVE-2019-16234 (linux_kernel)

2019-09-11 16:15:11
drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
National Vulnerability Database
CVE-2019-16230 (linux_kernel)

2019-09-11 16:15:11
drivers/gpu/drm/radeon/radeon_display.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
National Vulnerability Database
CVE-2019-16229 (linux_kernel)

2019-09-11 16:15:10
drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
National Vulnerability Database
CVE-2019-16227 (py-lmdb)

2019-09-11 15:15:11
An issue was discovered in py_lmdb 0.97. For certain values of mn_flags, mdb_cursor_set triggers a memcpy with an invalid write operation within mdb_xcursor_init1.
National Vulnerability Database
CVE-2019-16226 (py-lmdb)

2019-09-11 15:15:11
An issue was discovered in py-lmdb 0.97. mdb_node_del does not validate a memmove in the case of an unexpected node->mn_hi, leading to an invalid write operation.
National Vulnerability Database
CVE-2019-16228 (py-lmdb)

2019-09-11 15:15:11
An issue was discovered in py-lmdb 0.97. There is a divide-by-zero error in the function mdb_env_open2 if mdb_env_read_header obtains a zero value for a certain size field.
National Vulnerability Database
CVE-2019-16225 (py-lmdb)

2019-09-11 15:15:11
An issue was discovered in py-lmdb 0.97. For certain values of mp_flags, mdb_page_touch does not properly set up mc->mc_pg[mc->top], leading to an invalid write operation.
National Vulnerability Database
CVE-2019-16224 (py-lmdb)

2019-09-11 15:15:11
An issue was discovered in py-lmdb 0.97. For certain values of md_flags, mdb_node_add does not properly set up a memcpy destination, leading to an invalid write operation.
National Vulnerability Database
CVE-2019-3644 (active_response, advanced_threat_defense, enterprise_security_manager, web_gateway)

2019-09-11 15:15:11
McAfee Web Gateway (MWG) earlier than 7.8.2.13 is vulnerable to a remote attacker exploiting CVE-2019-9517, potentially leading to a denial of service. This affects the scanning proxies.
National Vulnerability Database
CVE-2019-3643 (active_response, advanced_threat_defense, enterprise_security_manager, web_gateway)

2019-09-11 15:15:11
McAfee Web Gateway (MWG) earlier than 7.8.2.13 is vulnerable to a remote attacker exploiting CVE-2019-9511, potentially leading to a denial of service. This affects the scanning proxies.
National Vulnerability Database
CVE-2019-16221 (wordpress)

2019-09-11 14:15:12
WordPress before 5.2.3 allows reflected XSS in the dashboard.
National Vulnerability Database
CVE-2019-16223 (wordpress)

2019-09-11 14:15:12
WordPress before 5.2.3 allows XSS in post previews by authenticated users.
National Vulnerability Database
CVE-2019-8451 (jira)

2019-09-11 14:15:12
The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.4.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF) vulnerability due to a logic bug in the Jira
National Vulnerability Database
CVE-2019-8450 (jira)

2019-09-11 14:15:12
Various templates of the Optimization plugin in Jira before version 7.13.6,
National Vulnerability Database
CVE-2019-8449 (jira)

2019-09-11 14:15:12
The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote attackers to enumerate usernames via an information disclosure vulnerability.
National Vulnerability Database
CVE-2019-16222 (wordpress)

2019-09-11 14:15:12
WordPress before 5.2.3 has an issue with URL sanitization in wp_kses_bad_protocol_once in wp-includes/kses.php that can lead to cross-site scripting (XSS) attacks.
National Vulnerability Database
CVE-2019-14996 (jira)

2019-09-11 14:15:11
The FilterPickerPopup.jspa resource in Jira before version 7.13.7,
National Vulnerability Database
CVE-2019-14998 (jira)

2019-09-11 14:15:11
The Webwork action Cross-Site Request Forgery (CSRF) protection implementation in Jira before version 8.4.0 allows remote attackers to bypass its protection via "cookie tossing" a CSRF cookie from a subdomain of a Jira instance.
National Vulnerability Database
CVE-2019-16217 (wordpress)

2019-09-11 14:15:11
WordPress before 5.2.3 allows XSS in media uploads because wp_ajax_upload_attachment is mishandled.
National Vulnerability Database
CVE-2019-14995 (jira)

2019-09-11 14:15:11
The /rest/api/1.0/render resource in Jira before version 8.4.0 allows remote anonymous attackers to determine if an attachment with a specific name exists and if an issue key is valid via a missing permissions check.
National Vulnerability Database
CVE-2019-16219 (wordpress)

2019-09-11 14:15:11
WordPress before 5.2.3 allows XSS in shortcode previews.
National Vulnerability Database
CVE-2019-14997 (jira)

2019-09-11 14:15:11
The AccessLogFilter class in Jira before version 8.4.0 allows remote anonymous attackers to learn details about other users, including their username,
National Vulnerability Database
CVE-2019-16220 (wordpress)

2019-09-11 14:15:11
In WordPress before 5.2.3, validation and sanitization of a URL in wp_validate_redirect in wp-includes/pluggable.php could lead to an open redirect.
National Vulnerability Database
CVE-2019-16218 (wordpress)

2019-09-11 14:15:11
WordPress before 5.2.3 allows XSS in stored comments.
National Vulnerability Database
CVE-2019-14724 (centos_web_panel)

2019-09-11 12:15:12
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to edit an e-mail forwarding destination of a victim's account via an attacker account.
National Vulnerability Database
CVE-2019-14725 (centos_web_panel)

2019-09-11 12:15:12
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to change the e-mail usage value of a victim account via an attacker account.
National Vulnerability Database
CVE-2019-16193 (arcgis_enterprise)

2019-09-11 12:15:12
In ArcGIS Enterprise 10.6.1, a crafted IFRAME element can be used to trigger a Cross Frame Scripting (XFS) attack through the EDIT MY PROFILE feature.
National Vulnerability Database
CVE-2019-16214 (libra_core)

2019-09-11 04:15:11
Libra Core before 2019-09-03 has an erroneous regular expression for inline comments, which makes it easier for attackers to interfere with code auditing by using a nonstandard line-break character for a comment. For example,
National Vulnerability Database
Troj/Ransom-FQD

2019-09-11 00:00:00

Sophos latest virus and spyware detection
Troj/RTFDl-AJJ

2019-09-11 00:00:00

Sophos latest virus and spyware detection
VBS/DwnLdr-YTS

2019-09-11 00:00:00

Sophos latest virus and spyware detection
Troj/Stealer-ZQ

2019-09-11 00:00:00

Sophos latest virus and spyware detection
Troj/Ransom-FQC

2019-09-11 00:00:00

Sophos latest virus and spyware detection
Troj/Squib-A

2019-09-11 00:00:00

Sophos latest virus and spyware detection
Troj/RTF-CT

2019-09-11 00:00:00

Sophos latest virus and spyware detection
Troj/VBSDown-H

2019-09-11 00:00:00

Sophos latest virus and spyware detection
Troj/Remcos-LP

2019-09-11 00:00:00

Sophos latest virus and spyware detection
VBS/DwnLdr-YTR

2019-09-11 00:00:00

Sophos latest virus and spyware detection
CVE-2019-12942 (ttlock)

2019-09-10 21:15:12
TTLock devices do not properly block guest access in certain situations where the network connection to the cloud is unavailable.
National Vulnerability Database
CVE-2019-12943 (ttlock)

2019-09-10 21:15:12
TTLock devices do not properly restrict password-reset attempts, leading to incorrect access control and disclosure of sensitive information about valid account names.
National Vulnerability Database
CVE-2019-11669 (service_manager)

2019-09-10 21:15:11
Modifiable read only check box In Micro Focus Service Manager, versions 9.60p1, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized modification of data.
National Vulnerability Database
CVE-2019-11668 (service_manager, service_manager_chat_server, service_manager_chat_service)

2019-09-10 21:15:11
HTTP cookie in Micro Focus Service manager, Versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Server, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62.
National Vulnerability Database
CVE-2019-10256 (ipcam_firmware)

2019-09-10 19:15:10
An authentication bypass vulnerability in VIVOTEK IPCam versions prior to 0x13a was found.
National Vulnerability Database
CVE-2019-12996 (mendix)

2019-09-10 19:15:10
In Mendix 7.23.5 and earlier, the Excel importer module is vulnerable to SSRF, which allows attackers to craft requests from Mendix servers to any destination on the internet or a Mendix internal network, perform port scanning,
National Vulnerability Database
CVE-2019-11467 (couchbase_server)

2019-09-10 18:15:12
An issue was discovered in Couchbase Server 4.6.3 and 5.5.0. A JSON document to be stored with more than 3000 '\t' characters can crash the indexing system.
National Vulnerability Database
CVE-2019-11466 (server)

2019-09-10 18:15:12
An issue was discovered in Couchbase Server 5.5.0 and 6.0.0. The Eventing debug endpoint mishandles authentication and audit.
National Vulnerability Database
CVE-2019-11495 (couchbase_server)

2019-09-10 18:15:12
Couchbase Server 5.1.1 generates insufficiently random numbers. The product hosts many network services by default. One of those services is an epmd service, which allows for node integration between Erlang instances.
National Vulnerability Database
CVE-2019-11497 (couchbase_server)

2019-09-10 18:15:12
An issue was discovered in Couchbase Server 5.0.0. When creating a new remote cluster reference in Couchbase for XDCR, an invalid certificate is accepted. (The correct behavior is to validate the certificate against the remote cluster.)
National Vulnerability Database
CVE-2019-14457 (ipcam_firmware)

2019-09-10 18:15:12
VIVOTEK IP Camera devices with firmware before 0x20x have a stack-based buffer overflow via a crafted HTTP header.
National Vulnerability Database
CVE-2019-11496 (couchbase_server)

2019-09-10 18:15:12
An issue was discovered in Couchbase Server 5.0.0. Editing bucket settings resets credentials, and leads to authorization without credentials.
National Vulnerability Database
CVE-2019-0363 (hana_extended_application_services)

2019-09-10 17:15:11
Attackers may misuse an HTTP/REST endpoint of SAP HANA Extended Application Services (Advanced model), before version 1.0.118, to overload the server or retrieve information about internal network ports.
National Vulnerability Database
CVE-2019-0365 (sap_kernel, sap_kernel_krnl32nuc, sap_kernel_krnl32uc, sap_kernel_krnl64nuc, sap_kernel_krnl64uc)

2019-09-10 17:15:11
SAP Kernel (RFC), KRNL32NUC, KRNL32UC and KRNL64NUC before versions 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64UC, before versions 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73 and KERNEL before versions 7.21, 7.49, 7.53, 7.73,
National Vulnerability Database
CVE-2019-0357 (hana)

2019-09-10 17:15:11
The administrator of SAP HANA database, before versions 1.0 and 2.0, can misuse HANA to execute commands with operating system "root" privileges.
National Vulnerability Database
CVE-2019-0356 (netweaver_process_integration)

2019-09-10 17:15:11
Under certain conditions SAP NetWeaver Process Integration Runtime Workbench ? MESSAGING and SAP_XIAF (before versions 7.31, 7.40, 7.50) allows an attacker to access information which would otherwise be restricted.
National Vulnerability Database
CVE-2019-11465 (couchbase_server)

2019-09-10 17:15:11
An issue was discovered in Couchbase Server 5.5.x through 5.5.3 and 6.0.0. The Memcached "connections" stat block command emits a non-redacted username.
National Vulnerability Database
CVE-2019-11464 (server)

2019-09-10 17:15:11
An issue was discovered in Couchbase Server 5.1.2 and 5.5.0. The http server on port 8092 lacks an X-XSS protection header.
National Vulnerability Database
CVE-2019-1563 (openssl)

2019-09-10 17:15:11
In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted,
National Vulnerability Database
CVE-2019-1549 (openssl)

2019-09-10 17:15:11
OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG state.
National Vulnerability Database
CVE-2019-1547 (openssl)

2019-09-10 17:15:11
Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve).
National Vulnerability Database
CVE-2019-0364 (hana_extended_application_services)

2019-09-10 17:15:11
Attackers may misuse an HTTP/REST endpoint of SAP HANA Extended Application Services (Advanced model), before version 1.0.118, to enumerate open ports.
National Vulnerability Database
CVE-2019-12105 (supervisor)

2019-09-10 17:15:11
In supervisord in Supervisor through 4.0.2, an unauthenticated user can read log files or restart a service. WARNING: This issue will not be fixed by the maintainer.
National Vulnerability Database
CVE-2019-0361 (supplier_relationship_management)

2019-09-10 17:15:11
SAP Supplier Relationship Management (Master Data Management Catalog - SRM_MDM_CAT, before versions 3.73, 7.31, 7.32) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
National Vulnerability Database
CVE-2019-0355 (netweaver_application_server_java)

2019-09-10 17:15:10
SAP NetWeaver Application Server Java Web Container, ENGINEAPI (before versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50) and SAP-JEECOR (before versions 6.40, 7.0, 7.01),
National Vulnerability Database
CVE-2019-0353 (business_one_client)

2019-09-10 17:15:10
Under certain conditions SAP Business One client (B1_ON_HANA, SAP-M-BO), before versions 9.2 and 9.3, allows an attacker to access information which would otherwise be restricted.
National Vulnerability Database
CVE-2019-0352 (businessobjects_business_intelligence_platform)

2019-09-10 17:15:10
In SAP Business Objects Business Intelligence Platform, before versions 4.1, 4.2 and 4.3, some dynamic pages (like jsp) are cached,
National Vulnerability Database
CVE-2019-14723 (centos_web_panel)

2019-09-10 16:15:12
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a victim's e-mail account via an attacker account.
National Vulnerability Database
CVE-2019-14728 (centos_web_panel)

2019-09-10 16:15:12
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to add an e-mail forwarding destination to a victim's account via an attacker account.
National Vulnerability Database
CVE-2019-5503 (oncommand_workflow_automation)

2019-09-10 16:15:12
OnCommand Workflow Automation versions prior to 5.0 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors.
National Vulnerability Database
CVE-2019-3975 (webaccess)

2019-09-10 16:15:12
Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.1 allows a remote, unauthenticated attacker to execute arbitrary code via a crafted IOCTL 70603 RPC message.
National Vulnerability Database
CVE-2019-16106 (humatrix)

2019-09-10 16:15:12
The Recruitment module in Humanica Humatrix 7 1.0.0.203 and 1.0.0.681 allows an unauthenticated attacker to change the password of any user via the recruitment_online/personalData/act_acounttab.cfm txtNewUserName and hdNP fields.
National Vulnerability Database
CVE-2019-15896 (lifterlms)

2019-09-10 16:15:12
An issue was discovered in the LifterLMS plugin through 3.34.5 for WordPress.
National Vulnerability Database
CVE-2019-14727 (centos_web_panel)

2019-09-10 16:15:12
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to change the e-mail password of a victim account via an attacker account.
National Vulnerability Database
CVE-2019-14729 (centos_web_panel)

2019-09-10 16:15:12
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a sub-domain from a victim's account via an attacker account.
National Vulnerability Database
CVE-2019-14726 (centos_web_panel)

2019-09-10 16:15:12
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to access and delete DNS records of a victim's account via an attacker account.
National Vulnerability Database
CVE-2019-14730 (centos_web_panel)

2019-09-10 16:15:12
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a domain from a victim's account via an attacker account.
National Vulnerability Database
CVE-2019-14721 (centos_web_panel)

2019-09-10 16:15:11
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to remove a target user from phpMyAdmin via an attacker account.
National Vulnerability Database
CVE-2019-14722 (centos_web_panel)

2019-09-10 16:15:11
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete an e-mail forwarding destination from a victim's account via an attacker account.
National Vulnerability Database
CVE-2019-12401 (solr)

2019-09-10 15:15:11
Solr versions 1.3.0 to 1.4.1, 3.1.0 to 3.6.2 and 4.0.0 to 4.10.4 are vulnerable to an XML resource consumption attack (a.k.a. Lol Bomb) via it?s update handler.?By leveraging XML DOCTYPE and ENTITY type elements,
National Vulnerability Database
CVE-2019-16202 (misp)

2019-09-10 14:15:10
MISP before 2.4.115 allows privilege escalation in certain situations. After updating to 2.4.115,
National Vulnerability Database
CVE-2017-18611 (magic_fields)

2019-09-10 12:15:11
The magic-fields plugin before 1.7.2 for WordPress has XSS via the RCCWP_CreateCustomFieldPage.php custom-field-css parameter.
National Vulnerability Database
CVE-2017-18608 (spot.im_comments)

2019-09-10 12:15:11
The spotim-comments plugin before 4.0.4 for WordPress has multiple XSS issues.
National Vulnerability Database
CVE-2017-18609 (magic_fields)

2019-09-10 12:15:11
The magic-fields plugin before 1.7.2 for WordPress has XSS via the custom-write-panel-id parameter.
National Vulnerability Database
CVE-2017-18606 (avada)

2019-09-10 12:15:11
The avada theme before 5.1.5 for WordPress has stored XSS.
National Vulnerability Database
CVE-2017-18607 (avada)

2019-09-10 12:15:11
The avada theme before 5.1.5 for WordPress has CSRF.
National Vulnerability Database
CVE-2017-18605 (gravitate_qa_tracker)

2019-09-10 12:15:11
The gravitate-qa-tracker plugin through 1.2.1 for WordPress has PHP Object Injection.
National Vulnerability Database
CVE-2017-18610 (magic_fields)

2019-09-10 12:15:11
The magic-fields plugin before 1.7.2 for WordPress has XSS via the RCCWP_CreateCustomFieldPage.php custom-group-id parameter.
National Vulnerability Database
CVE-2017-18604 (sitebuilder_dynamic_components)

2019-09-10 12:15:10
The sitebuilder-dynamic-components plugin through 1.0 for WordPress has PHP object injection via an AJAX request.
National Vulnerability Database
CVE-2017-18602 (ibps_online_exam)

2019-09-10 12:15:10
The examapp plugin 1.0 for WordPress has SQL injection via the wp-admin/admin.php?page=examapp_UserResult id parameter.
National Vulnerability Database
CVE-2017-18603 (postman-smtp)

2019-09-10 12:15:10
The postman-smtp plugin through 2017-10-04 for WordPress has XSS via the wp-admin/tools.php?page=postman_email_log page parameter.
National Vulnerability Database
CVE-2017-18601 (ibps_online_exam)

2019-09-10 12:15:10
The examapp plugin 1.0 for WordPress has XSS via exam input text fields.
National Vulnerability Database
CVE-2017-18600 (formcraft)

2019-09-10 12:15:10
The formcraft3 plugin before 3.4 for WordPress has stored XSS via the "New Form > Heading > Heading Text" field.
National Vulnerability Database
CVE-2017-18599 (pinfinity)

2019-09-10 11:15:11
The Pinfinity theme before 2.0 for WordPress has XSS via the s parameter.
National Vulnerability Database
CVE-2017-18598 (qards)

2019-09-10 11:15:10
The Qards plugin through 2017-10-11 for WordPress has XSS via a remote document specified in the url parameter to html2canvasproxy.php.
National Vulnerability Database
CVE-2017-18596 (elementor)

2019-09-10 11:15:10
The elementor plugin before 1.8.0 for WordPress has incorrect access control for internal functions.
National Vulnerability Database
CVE-2017-18597 (jtrt_responsive_tables)

2019-09-10 11:15:10
The jtrt-responsive-tables plugin before 4.1.2 for WordPress has SQL Injection via the admin/class-jtrt-responsive-tables-admin.php tableId parameter.
National Vulnerability Database
Troj/DocDl-VOT

2019-09-10 00:00:00

Sophos latest virus and spyware detection
Troj/Qbot-FB

2019-09-10 00:00:00

Sophos latest virus and spyware detection
Troj/DNetInj-FP

2019-09-10 00:00:00

Sophos latest virus and spyware detection
Troj/MSIL-MTW

2019-09-10 00:00:00

Sophos latest virus and spyware detection
Troj/Inject-EOU

2019-09-10 00:00:00

Sophos latest virus and spyware detection
Troj/JSDl-BZ

2019-09-10 00:00:00

Sophos latest virus and spyware detection
Troj/Veil-Z

2019-09-10 00:00:00

Sophos latest virus and spyware detection
Troj/DocDl-VOR

2019-09-10 00:00:00

Sophos latest virus and spyware detection
Troj/DocDl-VOS

2019-09-10 00:00:00

Sophos latest virus and spyware detection
Troj/RTFDl-AJC

2019-09-10 00:00:00

Sophos latest virus and spyware detection
Troj/TeslaAg-J

2019-09-09 00:00:00

Sophos latest virus and spyware detection
Troj/Fareit-IUQ

2019-09-09 00:00:00

Sophos latest virus and spyware detection
W32/Socks-M

2019-09-09 00:00:00

Sophos latest virus and spyware detection
Troj/VB-KME

2019-09-09 00:00:00

Sophos latest virus and spyware detection
W32/Socks-O

2019-09-09 00:00:00

Sophos latest virus and spyware detection
W32/Socks-P

2019-09-09 00:00:00

Sophos latest virus and spyware detection
Troj/Phobo-G

2019-09-09 00:00:00

Sophos latest virus and spyware detection
W32/Socks-N

2019-09-09 00:00:00

Sophos latest virus and spyware detection
Troj/Agent-BCOL

2019-09-09 00:00:00

Sophos latest virus and spyware detection
VBS/Agent-BCOC

2019-09-09 00:00:00

Sophos latest virus and spyware detection
Troj/Fareit-IUS

2019-09-09 00:00:00

Sophos latest virus and spyware detection
Troj/Inject-EOO

2019-09-09 00:00:00

Sophos latest virus and spyware detection
Andr/FnkBot-A

2019-09-09 00:00:00

Sophos latest virus and spyware detection
Troj/Fareit-IUR

2019-09-09 00:00:00

Sophos latest virus and spyware detection
VBS/DwnLdr-YTC

2019-09-09 00:00:00

Sophos latest virus and spyware detection
Troj/VB-KMD

2019-09-09 00:00:00

Sophos latest virus and spyware detection
W32/Socks-Q

2019-09-09 00:00:00

Sophos latest virus and spyware detection
VBS/DwnLdr-YTD

2019-09-09 00:00:00

Sophos latest virus and spyware detection
Troj/NanoCo-XJ

2019-09-08 00:00:00

Sophos latest virus and spyware detection
Troj/Fareit-IUO

2019-09-08 00:00:00

Sophos latest virus and spyware detection
Troj/Fareit-IUP

2019-09-08 00:00:00

Sophos latest virus and spyware detection
Troj/MSIL-MTL

2019-09-08 00:00:00

Sophos latest virus and spyware detection
Troj/Dldr-SD

2019-09-07 00:00:00

Sophos latest virus and spyware detection
Troj/Bladab-P

2019-09-07 00:00:00

Sophos latest virus and spyware detection
W32/VirRnsm-M

2019-09-07 00:00:00

Sophos latest virus and spyware detection
Troj/Inject-EON

2019-09-07 00:00:00

Sophos latest virus and spyware detection
Troj/VBInjec-QX

2019-09-07 00:00:00

Sophos latest virus and spyware detection
Troj/Agent-BCOA

2019-09-07 00:00:00

Sophos latest virus and spyware detection
Troj/MSIL-MTJ

2019-09-07 00:00:00

Sophos latest virus and spyware detection
Troj/DocDl-VOA

2019-09-07 00:00:00

Sophos latest virus and spyware detection
Troj/DocDl-VNY

2019-09-06 00:00:00

Sophos latest virus and spyware detection
Troj/MSILIn-CH

2019-09-06 00:00:00

Sophos latest virus and spyware detection
Troj/Agent-BCNX

2019-09-06 00:00:00

Sophos latest virus and spyware detection
Troj/DocDl-VNV

2019-09-06 00:00:00

Sophos latest virus and spyware detection
Troj/Bladabi-ZX

2019-09-06 00:00:00

Sophos latest virus and spyware detection
VBS/Drop-BJX

2019-09-06 00:00:00

Sophos latest virus and spyware detection
Troj/Gozi-SR

2019-09-06 00:00:00

Sophos latest virus and spyware detection
Troj/MSILIn-CG

2019-09-06 00:00:00

Sophos latest virus and spyware detection
Troj/RTFDL-AIO

2019-09-06 00:00:00

Sophos latest virus and spyware detection
Troj/Gozi-SQ

2019-09-06 00:00:00

Sophos latest virus and spyware detection
Troj/VB-KLZ

2019-09-04 00:00:00

Sophos latest virus and spyware detection
Troj/Stealer-ZC

2019-09-04 00:00:00

Sophos latest virus and spyware detection
Troj/Zbot-NOK

2019-09-04 00:00:00

Sophos latest virus and spyware detection
Troj/RTFDl-AIH

2019-09-04 00:00:00

Sophos latest virus and spyware detection
Troj/Zbot-NOJ

2019-09-04 00:00:00

Sophos latest virus and spyware detection
Troj/VB-KLY

2019-09-04 00:00:00

Sophos latest virus and spyware detection
Troj/VB-KMA

2019-09-04 00:00:00

Sophos latest virus and spyware detection
Troj/Zbot-NOI

2019-09-04 00:00:00

Sophos latest virus and spyware detection
Troj/VB-KLX

2019-09-04 00:00:00

Sophos latest virus and spyware detection
Troj/RTFDl-AIG

2019-09-04 00:00:00

Sophos latest virus and spyware detection
Troj/Zbot-NOD

2019-09-02 00:00:00

Sophos latest virus and spyware detection
Troj/XMLDwn-AN

2019-09-02 00:00:00

Sophos latest virus and spyware detection
Troj/Zbot-NOE

2019-09-02 00:00:00

Sophos latest virus and spyware detection
Troj/VB-KLW

2019-09-02 00:00:00

Sophos latest virus and spyware detection
VBS/DwnLdr-YSM

2019-09-02 00:00:00

Sophos latest virus and spyware detection
Troj/Stealer-YZ

2019-09-02 00:00:00

Sophos latest virus and spyware detection
Troj/XMLDwn-AM

2019-09-02 00:00:00

Sophos latest virus and spyware detection
Troj/Zbot-NOF

2019-09-02 00:00:00

Sophos latest virus and spyware detection
Troj/Zbot-NOC

2019-09-02 00:00:00

Sophos latest virus and spyware detection
Troj/ZipMal-IL

2019-09-02 00:00:00

Sophos latest virus and spyware detection
Troj/PDFUri-HRE

2019-09-01 00:00:00

Sophos latest virus and spyware detection
Troj/TrikBot-EK

2019-09-01 00:00:00

Sophos latest virus and spyware detection
Troj/RTFDl-AHC

2019-09-01 00:00:00

Sophos latest virus and spyware detection
Troj/Remcos-LI

2019-09-01 00:00:00

Sophos latest virus and spyware detection
Troj/Phish-FXG

2019-09-01 00:00:00

Sophos latest virus and spyware detection
Troj/Miner-US

2019-09-01 00:00:00

Sophos latest virus and spyware detection
Troj/Bladabi-YV

2019-09-01 00:00:00

Sophos latest virus and spyware detection
Troj/Fareit-IST

2019-09-01 00:00:00

Sophos latest virus and spyware detection
Troj/Fareit-ISR

2019-08-31 00:00:00

Sophos latest virus and spyware detection
Troj/Stealer-YW

2019-08-31 00:00:00

Sophos latest virus and spyware detection
Troj/MSIL-MSC

2019-08-31 00:00:00

Sophos latest virus and spyware detection
Troj/DocDl-VLZ

2019-08-31 00:00:00

Sophos latest virus and spyware detection
Troj/RTFDL-AHB

2019-08-31 00:00:00

Sophos latest virus and spyware detection
Troj/DocPh-IA

2019-08-31 00:00:00

Sophos latest virus and spyware detection
Troj/VBZbot-GN

2019-08-31 00:00:00

Sophos latest virus and spyware detection
VBS/DownLdr-AIN

2019-08-31 00:00:00

Sophos latest virus and spyware detection
Troj/RTFDrp-IM

2019-08-31 00:00:00

Sophos latest virus and spyware detection
Troj/Phish-FXF

2019-08-31 00:00:00

Sophos latest virus and spyware detection
Troj/DNetInj-EL

2019-08-31 00:00:00

Sophos latest virus and spyware detection
Troj/MSILIn-CB

2019-08-30 00:00:00

Sophos latest virus and spyware detection
Troj/Phish-FXC

2019-08-30 00:00:00

Sophos latest virus and spyware detection
Troj/Remco-B

2019-08-30 00:00:00

Sophos latest virus and spyware detection
Troj/RTFDl-AGZ

2019-08-30 00:00:00

Sophos latest virus and spyware detection
Troj/Miner-UQ

2019-08-30 00:00:00

Sophos latest virus and spyware detection
Troj/Phish-FXD

2019-08-30 00:00:00

Sophos latest virus and spyware detection
Troj/MSIL-MRV

2019-08-30 00:00:00

Sophos latest virus and spyware detection
Troj/MSIL-MRW

2019-08-30 00:00:00

Sophos latest virus and spyware detection
VBS/Drop-BJG

2019-08-30 00:00:00

Sophos latest virus and spyware detection
Troj/Miner-UP

2019-08-30 00:00:00

Sophos latest virus and spyware detection
Troj/DocDrp-MF

2019-08-28 00:00:00

Sophos latest virus and spyware detection
Troj/GandCra-CS

2019-08-28 00:00:00

Sophos latest virus and spyware detection
Troj/DwnLdr-YRO

2019-08-28 00:00:00

Sophos latest virus and spyware detection
Troj/Phish-FWY

2019-08-28 00:00:00

Sophos latest virus and spyware detection
Troj/PDFUri-HRC

2019-08-28 00:00:00

Sophos latest virus and spyware detection
Troj/Phish-FWQ

2019-08-28 00:00:00

Sophos latest virus and spyware detection
Troj/DocPh-HZ

2019-08-28 00:00:00

Sophos latest virus and spyware detection
Troj/Fareit-ISC

2019-08-28 00:00:00

Sophos latest virus and spyware detection
Troj/DocDrp-MD

2019-08-28 00:00:00

Sophos latest virus and spyware detection
Troj/DocDrp-ME

2019-08-28 00:00:00

Sophos latest virus and spyware detection
Troj/Xtbl-DY

2019-08-26 00:00:00

Sophos latest virus and spyware detection
Troj/Zbot-NNG

2019-08-26 00:00:00

Sophos latest virus and spyware detection
Troj/DocDl-VJU

2019-08-26 00:00:00

Sophos latest virus and spyware detection
Troj/Agent-BCKJ

2019-08-26 00:00:00

Sophos latest virus and spyware detection
JS/DwnLdr-YQP

2019-08-26 00:00:00

Sophos latest virus and spyware detection
Troj/Agent-BCKI

2019-08-26 00:00:00

Sophos latest virus and spyware detection
Troj/FormBoo-QZ

2019-08-26 00:00:00

Sophos latest virus and spyware detection
Troj/Fareit-IQZ

2019-08-26 00:00:00

Sophos latest virus and spyware detection
Troj/DocDl-VJV

2019-08-26 00:00:00

Sophos latest virus and spyware detection
Troj/NanoCo-WJ

2019-08-26 00:00:00

Sophos latest virus and spyware detection
Troj/VB-KLQ

2019-08-25 00:00:00

Sophos latest virus and spyware detection
VBS/DwnLdr-YQF

2019-08-25 00:00:00

Sophos latest virus and spyware detection
Troj/Ransom-FPJ

2019-08-25 00:00:00

Sophos latest virus and spyware detection
Troj/Fareit-IQP

2019-08-25 00:00:00

Sophos latest virus and spyware detection
Troj/DocDl-VJJ

2019-08-25 00:00:00

Sophos latest virus and spyware detection
Troj/RTFDrp-IL

2019-08-25 00:00:00

Sophos latest virus and spyware detection
Troj/RTFDl-AGD

2019-08-25 00:00:00

Sophos latest virus and spyware detection
Troj/RTFDl-AGE

2019-08-25 00:00:00

Sophos latest virus and spyware detection
Troj/DocDl-VJI

2019-08-25 00:00:00

Sophos latest virus and spyware detection
Troj/RTFDl-AGF

2019-08-25 00:00:00

Sophos latest virus and spyware detection
JS/DwnLdr-YQG

2019-08-25 00:00:00

Sophos latest virus and spyware detection
Troj/Bladabi-XW

2019-08-25 00:00:00

Sophos latest virus and spyware detection
Troj/Phish-FVT

2019-08-25 00:00:00

Sophos latest virus and spyware detection
Troj/RTFDl-AGG

2019-08-25 00:00:00

Sophos latest virus and spyware detection
Troj/TrickBo-SO

2019-08-25 00:00:00

Sophos latest virus and spyware detection
Troj/Fareit-IQQ

2019-08-25 00:00:00

Sophos latest virus and spyware detection
Troj/RTFDl-AGH

2019-08-25 00:00:00

Sophos latest virus and spyware detection
Troj/DocDl-VJH

2019-08-25 00:00:00

Sophos latest virus and spyware detection
Troj/MSIL-MQZ

2019-08-24 00:00:00

Sophos latest virus and spyware detection
Troj/DocDl-VJG

2019-08-24 00:00:00

Sophos latest virus and spyware detection
Troj/DocDrp-LT

2019-08-24 00:00:00

Sophos latest virus and spyware detection
Troj/DocDrp-LU

2019-08-24 00:00:00

Sophos latest virus and spyware detection
Troj/Formboo-QY

2019-08-24 00:00:00

Sophos latest virus and spyware detection
Troj/BatDrp-W

2019-08-24 00:00:00

Sophos latest virus and spyware detection
Troj/DocDl-VJF

2019-08-24 00:00:00

Sophos latest virus and spyware detection
Troj/HawkEye-XA

2019-08-24 00:00:00

Sophos latest virus and spyware detection
Troj/DNetInj-DL

2019-08-24 00:00:00

Sophos latest virus and spyware detection
Troj/Fareit-IQO

2019-08-24 00:00:00

Sophos latest virus and spyware detection
Troj/DocDl-VJC

2019-08-23 00:00:00

Sophos latest virus and spyware detection
Troj/NanoCo-WG

2019-08-23 00:00:00

Sophos latest virus and spyware detection
Troj/Mdrop-IVW

2019-08-23 00:00:00

Sophos latest virus and spyware detection
Java/Adwind-FIH

2019-08-23 00:00:00

Sophos latest virus and spyware detection
Troj/MSILIn-BV

2019-08-23 00:00:00

Sophos latest virus and spyware detection
Troj/MSIL-MQX

2019-08-23 00:00:00

Sophos latest virus and spyware detection
Java/Adwind-FIG

2019-08-23 00:00:00

Sophos latest virus and spyware detection
Troj/DocDl-VJD

2019-08-23 00:00:00

Sophos latest virus and spyware detection
Troj/Stealer-YN

2019-08-23 00:00:00

Sophos latest virus and spyware detection
Troj/DocDrp-LS

2019-08-23 00:00:00

Sophos latest virus and spyware detection
Troj/Spy-AXY

2019-08-22 00:00:00

Sophos latest virus and spyware detection
Troj/Fareit-IPY

2019-08-22 00:00:00

Sophos latest virus and spyware detection
Troj/HawkEye-WZ

2019-08-22 00:00:00

Sophos latest virus and spyware detection
Troj/Mdrop-IVT

2019-08-22 00:00:00

Sophos latest virus and spyware detection
Troj/Fareit-IPX

2019-08-22 00:00:00

Sophos latest virus and spyware detection
Troj/Phish-FVC

2019-08-22 00:00:00

Sophos latest virus and spyware detection
Troj/Agent-BCJY

2019-08-22 00:00:00

Sophos latest virus and spyware detection
Troj/Delf-HEY

2019-08-22 00:00:00

Sophos latest virus and spyware detection
Troj/Inject-EMM

2019-08-22 00:00:00

Sophos latest virus and spyware detection
Troj/MSIL-MQR

2019-08-22 00:00:00

Sophos latest virus and spyware detection
PHP/Agent-BCJZ

2019-08-22 00:00:00

Sophos latest virus and spyware detection
Troj/PDFUri-HQN

2019-08-22 00:00:00

Sophos latest virus and spyware detection
Troj/Phish-FVD

2019-08-22 00:00:00

Sophos latest virus and spyware detection
Troj/Mdrop-IVS

2019-08-22 00:00:00

Sophos latest virus and spyware detection
Troj/PDFDwn-UG

2019-08-22 00:00:00

Sophos latest virus and spyware detection
Troj/Miner-UL

2019-08-22 00:00:00

Sophos latest virus and spyware detection
Troj/Inject-EMN

2019-08-22 00:00:00

Sophos latest virus and spyware detection
Troj/Phish-FVE

2019-08-22 00:00:00

Sophos latest virus and spyware detection
Troj/DocDl-VIY

2019-08-22 00:00:00

Sophos latest virus and spyware detection
Troj/NanoCo-WC

2019-08-22 00:00:00

Sophos latest virus and spyware detection
Troj/Xtbl-DR

2019-08-20 00:00:00

Sophos latest virus and spyware detection
Troj/VB-KLL

2019-08-20 00:00:00

Sophos latest virus and spyware detection
Troj/MSIL-MQJ

2019-08-20 00:00:00

Sophos latest virus and spyware detection
W32/Phorpiex-AI

2019-08-20 00:00:00

Sophos latest virus and spyware detection
Troj/Netwire-NT

2019-08-20 00:00:00

Sophos latest virus and spyware detection
Troj/Nanoco-VR

2019-08-20 00:00:00

Sophos latest virus and spyware detection
VBS/DwnLdr-YOG

2019-08-20 00:00:00

Sophos latest virus and spyware detection
Troj/Remcos-LA

2019-08-20 00:00:00

Sophos latest virus and spyware detection
Troj/Phish-FUV

2019-08-20 00:00:00

Sophos latest virus and spyware detection
Troj/Phish-FUP

2019-08-20 00:00:00

Sophos latest virus and spyware detection
Troj/RyukM-D

2019-08-20 00:00:00

Sophos latest virus and spyware detection
Troj/Phish-FUQ

2019-08-20 00:00:00

Sophos latest virus and spyware detection
VBS/DwnLdr-YOH

2019-08-20 00:00:00

Sophos latest virus and spyware detection
VBS/DwnLdr-YOI

2019-08-20 00:00:00

Sophos latest virus and spyware detection
Troj/NanoCo-VT

2019-08-20 00:00:00

Sophos latest virus and spyware detection
Troj/TrickBo-SL

2019-08-20 00:00:00

Sophos latest virus and spyware detection
Troj/Zbot-NMY

2019-08-20 00:00:00

Sophos latest virus and spyware detection
Troj/PS-X

2019-08-20 00:00:00

Sophos latest virus and spyware detection
Troj/NanoCo-VS

2019-08-20 00:00:00

Sophos latest virus and spyware detection
Troj/Phish-FUU

2019-08-20 00:00:00

Sophos latest virus and spyware detection
Troj/Agent-BCIZ

2019-08-19 00:00:00

Sophos latest virus and spyware detection
Troj/Agent-BCIY

2019-08-19 00:00:00

Sophos latest virus and spyware detection
Troj/MSIL-MQA

2019-08-19 00:00:00

Sophos latest virus and spyware detection
Troj/Phish-FUL

2019-08-19 00:00:00

Sophos latest virus and spyware detection
Troj/Phish-FUM

2019-08-19 00:00:00

Sophos latest virus and spyware detection
Troj/Agent-BCJC

2019-08-19 00:00:00

Sophos latest virus and spyware detection
Troj/Mdrop-IVN

2019-08-19 00:00:00

Sophos latest virus and spyware detection
Troj/Agent-BCJB

2019-08-19 00:00:00

Sophos latest virus and spyware detection
Troj/Agent-BCIW

2019-08-19 00:00:00

Sophos latest virus and spyware detection
Troj/Bladabi-WV

2019-08-19 00:00:00

Sophos latest virus and spyware detection
Troj/DwnLdr-YOD

2019-08-18 00:00:00

Sophos latest virus and spyware detection
Troj/DocDl-VGZ

2019-08-18 00:00:00

Sophos latest virus and spyware detection
Troj/RtfDl-AFO

2019-08-18 00:00:00

Sophos latest virus and spyware detection
Troj/Inject-EMC

2019-08-18 00:00:00

Sophos latest virus and spyware detection
Troj/TeslaAg-E

2019-08-18 00:00:00

Sophos latest virus and spyware detection
Troj/TrikBot-EH

2019-08-18 00:00:00

Sophos latest virus and spyware detection
Troj/Ryuk-S

2019-08-18 00:00:00

Sophos latest virus and spyware detection
Troj/MSIL-MPZ

2019-08-18 00:00:00

Sophos latest virus and spyware detection