Search
Total
3972 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-11593 | 1 Espruino | 1 Espruino | 2019-10-03 | 5.8 MEDIUM | 7.1 HIGH |
| Espruino before 1.99 allows attackers to cause a denial of service (application crash) and potential Information Disclosure with a user crafted input file via a Buffer Overflow during syntax parsing because strncpy is misused in jslex.c. | |||||
| CVE-2017-16557 | 1 K7computing | 5 Antivirus, Endpoint, Internet Security and 2 more | 2019-10-03 | 4.4 MEDIUM | 7.0 HIGH |
| K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way. | |||||
| CVE-2017-17806 | 5 Debian, Linux, Opensuse and 2 more | 7 Debian Linux, Linux Kernel, Leap and 4 more | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overflow by executing a crafted sequence of system calls that encounter a missing SHA-3 initialization. | |||||
| CVE-2018-1000001 | 3 Canonical, Gnu, Redhat | 9 Ubuntu Linux, Glibc, Enterprise Linux Desktop and 6 more | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution. | |||||
| CVE-2017-9949 | 1 Radare | 1 Radare2 | 2019-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (stack-based buffer underflow and application crash) or possibly have unspecified other impact via a crafted binary file, possibly related to a buffer underflow in fs/ext2.c in GNU GRUB 2.02. | |||||
| CVE-2019-9386 | 1 Google | 1 Android | 2019-10-02 | 6.9 MEDIUM | 7.3 HIGH |
| In NFC server, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-122361874 | |||||
| CVE-2019-9358 | 1 Google | 1 Android | 2019-10-02 | 4.4 MEDIUM | 7.3 HIGH |
| In NFC, there is a possible out of bounds write due to a missing bounds check. This could lead to a to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120156401 | |||||
| CVE-2019-9309 | 1 Google | 1 Android | 2019-10-02 | 4.4 MEDIUM | 7.3 HIGH |
| In NFC, there is a possible out of bounds write due to a missing bounds check. This could lead to a to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117985575 | |||||
| CVE-2019-9405 | 1 Google | 1 Android | 2019-10-02 | 6.8 MEDIUM | 8.8 HIGH |
| In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112890225 | |||||
| CVE-2019-9258 | 1 Google | 1 Android | 2019-10-02 | 4.6 MEDIUM | 7.8 HIGH |
| In wifilogd, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113655028 | |||||
| CVE-2019-2141 | 1 Google | 1 Android | 2019-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112705155 | |||||
| CVE-2019-13106 | 1 Denx | 1 U-boot | 2019-10-01 | 8.3 HIGH | 7.8 HIGH |
| Das U-Boot versions 2016.09 through 2019.07-rc4 can memset() too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution. | |||||
| CVE-2019-2087 | 1 Google | 1 Android | 2019-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118149009 | |||||
| CVE-2019-2086 | 1 Google | 1 Android | 2019-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-114735603 | |||||
| CVE-2019-2085 | 1 Google | 1 Android | 2019-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117496180 | |||||
| CVE-2019-2084 | 1 Google | 1 Android | 2019-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117494734 | |||||
| CVE-2019-2083 | 1 Google | 1 Android | 2019-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117495362 | |||||
| CVE-2019-2080 | 1 Google | 1 Android | 2019-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118619159 | |||||
| CVE-2019-2078 | 1 Google | 1 Android | 2019-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-114749542 | |||||
| CVE-2019-2077 | 1 Google | 1 Android | 2019-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-114745929 | |||||
| CVE-2019-2076 | 1 Google | 1 Android | 2019-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115907334 | |||||
| CVE-2019-2075 | 1 Google | 1 Android | 2019-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115908308 | |||||
| CVE-2019-2074 | 1 Google | 1 Android | 2019-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116617847 | |||||
| CVE-2019-2073 | 1 Google | 1 Android | 2019-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| In libxaac there is a possible out of bounds write to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117100484 | |||||
| CVE-2019-2072 | 1 Google | 1 Android | 2019-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116117112 | |||||
| CVE-2019-2071 | 1 Google | 1 Android | 2019-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117216549 | |||||
| CVE-2019-2070 | 1 Google | 1 Android | 2019-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117883804 | |||||
| CVE-2019-2069 | 1 Google | 1 Android | 2019-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117832864 | |||||
| CVE-2019-2068 | 1 Google | 1 Android | 2019-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117099943 | |||||
| CVE-2019-2067 | 1 Google | 1 Android | 2019-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116114402 | |||||
| CVE-2019-2066 | 1 Google | 1 Android | 2019-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117100617 | |||||
| CVE-2019-2065 | 1 Google | 1 Android | 2019-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118143575 | |||||
| CVE-2019-2064 | 1 Google | 1 Android | 2019-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116469592 | |||||
| CVE-2019-2062 | 1 Google | 1 Android | 2019-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117660045 | |||||
| CVE-2019-2063 | 1 Google | 1 Android | 2019-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in the media server with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116019594 | |||||
| CVE-2019-2061 | 1 Google | 1 Android | 2019-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112610994 | |||||
| CVE-2019-2059 | 1 Google | 1 Android | 2019-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118386824 | |||||
| CVE-2019-2055 | 1 Google | 1 Android | 2019-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113164693 | |||||
| CVE-2019-9382 | 1 Google | 1 Android | 2019-09-30 | 6.8 MEDIUM | 8.8 HIGH |
| In libeffects, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120874654 | |||||
| CVE-2019-9363 | 1 Google | 1 Android | 2019-09-30 | 6.8 MEDIUM | 8.8 HIGH |
| In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-123584306 | |||||
| CVE-2019-2159 | 1 Google | 1 Android | 2019-09-30 | 6.8 MEDIUM | 8.8 HIGH |
| In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112707186 | |||||
| CVE-2019-9346 | 1 Google | 1 Android | 2019-09-30 | 6.8 MEDIUM | 8.8 HIGH |
| In libstagefright, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-128433933 | |||||
| CVE-2018-18444 | 1 Ilm | 1 Openexr | 2019-09-23 | 6.8 MEDIUM | 8.8 HIGH |
| makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of-bounds write, leading to an assertion failure or possibly unspecified other impact. | |||||
| CVE-2019-9270 | 1 Google | 1 Android | 2019-09-09 | 4.6 MEDIUM | 7.8 HIGH |
| In the Android kernel in unifi and r8180 WiFi drivers there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2019-2108 | 1 Google | 1 Android | 2019-09-06 | 9.3 HIGH | 7.8 HIGH |
| In ihevcd_ref_list of ihevcd_ref_list.c in Android 10, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. | |||||
| CVE-2019-2176 | 1 Google | 1 Android | 2019-09-06 | 9.3 HIGH | 7.8 HIGH |
| In ihevcd_parse_buffering_period_sei of ihevcd_parse_headers.c in Android 8.0, 8.1 and 9, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. | |||||
| CVE-2019-2178 | 1 Google | 1 Android | 2019-09-06 | 7.2 HIGH | 7.8 HIGH |
| In rw_t4t_sm_read_ndef of rw_t4t in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the NFC service with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2019-2133 | 1 Google | 1 Android | 2019-08-26 | 9.3 HIGH | 7.8 HIGH |
| In Mfc_Transceive of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-132082342. | |||||
| CVE-2018-15999 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2018-15988 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||