Search
Total
46623 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-14953 | 2 Jetbrains, Mozilla | 2 Youtrack, Firefox | 2019-10-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| JetBrains YouTrack versions before 2019.2.53938 had a possible XSS through issue attachments when using the Firefox browser. | |||||
| CVE-2019-9414 | 1 Google | 1 Android | 2019-10-02 | 4.3 MEDIUM | 5.9 MEDIUM |
| In wpa_supplicant, there is a possible man in the middle vulnerability due to improper input validation of the basicConstraints field of intermediary certificates. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111893041 | |||||
| CVE-2019-11737 | 1 Mozilla | 1 Firefox | 2019-10-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| If a wildcard ('*') is specified for the host in Content Security Policy (CSP) directives, any port or path restriction of the directive will be ignored, leading to CSP directives not being properly applied to content. This vulnerability affects Firefox < 69. | |||||
| CVE-2019-9333 | 1 Google | 1 Android | 2019-10-02 | 5.0 MEDIUM | 6.5 MEDIUM |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-109753657 | |||||
| CVE-2019-9261 | 1 Google | 1 Android | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxaac there is a possible out of bounds read due to missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116774214 | |||||
| CVE-2019-9247 | 1 Google | 1 Android | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| In AAC Codec, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120426166 | |||||
| CVE-2019-14961 | 1 Jetbrains | 1 Upsource | 2019-10-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| JetBrains Upsource before 2019.1.1412 was not properly escaping HTML tags in a code block comments, leading to XSS. | |||||
| CVE-2019-9240 | 1 Google | 1 Android | 2019-10-02 | 1.9 LOW | 5.0 MEDIUM |
| In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-121150966 | |||||
| CVE-2019-9237 | 1 Google | 1 Android | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-121325979 | |||||
| CVE-2015-9411 | 1 Gopostmatic | 1 Replyable | 2019-10-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Postmatic plugin before 1.4.6 for WordPress has XSS. | |||||
| CVE-2019-12562 | 1 Dnnsoftware | 1 Dotnetnuke | 2019-10-01 | 4.3 MEDIUM | 6.1 MEDIUM |
| Stored Cross-Site Scripting in DotNetNuke (DNN) Version before 9.4.0 allows remote attackers to store and embed the malicious script into the admin notification page. The exploit could be used to perfom any action with admin privileges such as managing content, adding users, uploading backdoors to the server, etc. Successful exploitation occurs when an admin user visits a notification page with stored cross-site scripting. | |||||
| CVE-2019-15891 | 1 Cksource | 1 Ckfinder | 2019-10-01 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in CKFinder through 2.6.2.1 and 3.x through 3.5.0. The documentation has misleading information that could lead to a conclusion that the application has a built-in bulletproof content sniffing protection. | |||||
| CVE-2019-9354 | 1 Google | 1 Android | 2019-10-01 | 4.3 MEDIUM | 6.5 MEDIUM |
| In NFC server, there's a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118148142 | |||||
| CVE-2019-9349 | 1 Google | 1 Android | 2019-10-01 | 7.1 HIGH | 6.5 MEDIUM |
| In libstagefright, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-124330204 | |||||
| CVE-2019-2143 | 1 Google | 1 Android | 2019-10-01 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-114746174 | |||||
| CVE-2019-2142 | 1 Google | 1 Android | 2019-10-01 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112768568 | |||||
| CVE-2019-9427 | 1 Google | 1 Android | 2019-10-01 | 2.1 LOW | 5.5 MEDIUM |
| In Bluetooth, there is a possible information disclosure due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-110166350 | |||||
| CVE-2019-16685 | 1 Dolibarr | 1 Dolibarr | 2019-10-01 | 3.5 LOW | 5.4 MEDIUM |
| Dolibarr 9.0.5 has stored XSS vulnerability via a User Group Description section to card.php. A user with the "Create/modify other users, groups and permissions" privilege can inject script and can also achieve privilege escalation. | |||||
| CVE-2019-16927 | 1 Glyphandcog | 1 Xpdf | 2019-10-01 | 4.3 MEDIUM | 5.5 MEDIUM |
| Xpdf 4.01.01 has an out-of-bounds write in the vertProfile part of the TextPage::findGaps function in TextOutputDev.cc, a different vulnerability than CVE-2019-9877. | |||||
| CVE-2019-9323 | 1 Google | 1 Android | 2019-10-01 | 5.0 MEDIUM | 5.3 MEDIUM |
| In the Wallpaper Manager service, there is a possible information disclosure due to a missing permission check. Any application can access wallpaper image with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-30770233 | |||||
| CVE-2019-9316 | 1 Google | 1 Android | 2019-10-01 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libstagefright, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112052432 | |||||
| CVE-2019-9318 | 1 Google | 1 Android | 2019-10-01 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libhevc, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111764725 | |||||
| CVE-2019-9321 | 1 Google | 1 Android | 2019-10-01 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libavc, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111208713 | |||||
| CVE-2019-9264 | 1 Google | 1 Android | 2019-10-01 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxaac there is a possible out of bounds read due to missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116774502 | |||||
| CVE-2019-16524 | 1 Status301 | 1 Easy Fancybox | 2019-10-01 | 3.5 LOW | 4.8 MEDIUM |
| The easy-fancybox plugin before 1.8.18 for WordPress (aka Easy FancyBox) is susceptible to Stored XSS in the Settings Menu inc/class-easyfancybox.php due to improper encoding of arbitrarily submitted settings parameters. This occurs because there is no inline styles output filter. | |||||
| CVE-2019-9289 | 1 Google | 1 Android | 2019-10-01 | 2.1 LOW | 5.5 MEDIUM |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-79883824 | |||||
| CVE-2019-9293 | 1 Google | 1 Android | 2019-10-01 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libstagefright, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117661116 | |||||
| CVE-2019-9294 | 1 Google | 1 Android | 2019-10-01 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libstagefright, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111764444 | |||||
| CVE-2019-9370 | 1 Google | 1 Android | 2019-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| In sonivox, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-133880046 | |||||
| CVE-2019-9362 | 1 Google | 1 Android | 2019-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libSACdec, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120426980 | |||||
| CVE-2019-2139 | 1 Google | 1 Android | 2019-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117610049 | |||||
| CVE-2019-2138 | 1 Google | 1 Android | 2019-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118494320 | |||||
| CVE-2019-2144 | 1 Google | 1 Android | 2019-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112856493 | |||||
| CVE-2019-2160 | 1 Google | 1 Android | 2019-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxaac there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112715795 | |||||
| CVE-2019-9319 | 1 Google | 1 Android | 2019-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libavc, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111762100 | |||||
| CVE-2019-2161 | 1 Google | 1 Android | 2019-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxaac there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112553431 | |||||
| CVE-2019-9317 | 1 Google | 1 Android | 2019-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libstagefright, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112052258 | |||||
| CVE-2019-2162 | 1 Google | 1 Android | 2019-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxaac there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112713720 | |||||
| CVE-2019-2079 | 1 Google | 1 Android | 2019-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115509210 | |||||
| CVE-2019-2163 | 1 Google | 1 Android | 2019-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxaac there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118138797 | |||||
| CVE-2019-2164 | 1 Google | 1 Android | 2019-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxaac there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113263695 | |||||
| CVE-2019-2165 | 1 Google | 1 Android | 2019-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxaac there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112712154 | |||||
| CVE-2019-2060 | 1 Google | 1 Android | 2019-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112709994 | |||||
| CVE-2018-17789 | 1 Prospecta | 1 Master Data Online | 2019-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| Prospecta Master Data Online (MDO) allows CSRF. | |||||
| CVE-2019-9366 | 1 Google | 1 Android | 2019-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libSBRdec there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112052062 | |||||
| CVE-2019-2145 | 1 Google | 1 Android | 2019-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112858430 | |||||
| CVE-2019-2146 | 1 Google | 1 Android | 2019-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112859714 | |||||
| CVE-2019-2147 | 1 Google | 1 Android | 2019-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116474108 | |||||
| CVE-2019-2148 | 1 Google | 1 Android | 2019-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113508105 | |||||
| CVE-2019-2149 | 1 Google | 1 Android | 2019-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113262406 | |||||