Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-6222 | 1 Apple | 1 Iphone Os | 2020-08-24 | 4.3 MEDIUM | 4.3 MEDIUM |
| A consistency issue was addressed with improved state handling. This issue is fixed in iOS 12.2. A website may be able to access the microphone without the microphone use indicator being shown. | |||||
| CVE-2019-6223 | 1 Apple | 2 Iphone Os, Mac Os X | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved state management. This issue is fixed in iOS 12.1.4, macOS Mojave 10.14.3 Supplemental Update. The initiator of a Group FaceTime call may be able to cause the recipient to answer. | |||||
| CVE-2019-6225 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2020-08-24 | 6.8 MEDIUM | 7.8 HIGH |
| A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to elevate privileges. | |||||
| CVE-2019-6226 | 2 Apple, Microsoft | 7 Icloud, Iphone Os, Itunes and 4 more | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2019-6227 | 2 Apple, Microsoft | 7 Icloud, Iphone Os, Itunes and 4 more | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2019-6230 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2020-08-24 | 6.8 MEDIUM | 8.6 HIGH |
| A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3,macOS Mojave 10.14.3,tvOS 12.1.2,watchOS 5.1.3. A malicious application may be able to break out of its sandbox. | |||||
| CVE-2019-6233 | 2 Apple, Microsoft | 6 Icloud, Iphone Os, Itunes and 3 more | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2019-6234 | 3 Apple, Microsoft, Webkitgtk | 7 Icloud, Iphone Os, Itunes and 4 more | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2019-6235 | 1 Apple | 5 Iphone Os, Itunes, Mac Os X and 2 more | 2020-08-24 | 7.5 HIGH | 10.0 CRITICAL |
| A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3, iTunes 12.9.3 for Windows. A sandboxed process may be able to circumvent sandbox restrictions. | |||||
| CVE-2019-6237 | 1 Apple | 6 Icloud, Iphone Os, Itunes and 3 more | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2019-6239 | 1 Apple | 1 Mac Os X | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| This issue was addressed with improved handling of file metadata. This issue is fixed in macOS Mojave 10.14.4. A malicious application may bypass Gatekeeper checks. | |||||
| CVE-2019-6241 | 1 Bevywise | 1 Mqttroute | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| In Bevywise MQTTRoute 1.1 build 1018-002, a connect packet combined with a malformed unsubscribe request packet can be used to cause a Denial of Service attack against the broker. | |||||
| CVE-2019-6242 | 1 Kentico | 1 Kentico | 2020-08-24 | 4.0 MEDIUM | 7.2 HIGH |
| ** DISPUTED ** Kentico v10.0.42 allows Global Administrators to read the cleartext SMTP Password by navigating to the SMTP configuration page. NOTE: the vendor considers this a best-practice violation but not a vulnerability. The vendor plans to fix it at a future time. | |||||
| CVE-2019-6247 | 2 Antigrain, Svgpp | 2 Agg, Svgpp | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SVG++ (aka svgpp) 1.2.3. A heap-based buffer overflow bug in svgpp_agg_render may lead to code execution. In the render_scanlines_aa_solid function, the blend_hline function is called repeatedly multiple times. blend_hline is equivalent to a loop containing write operations. Each call writes a piece of heap data, and multiple calls overwrite the data in the heap. | |||||
| CVE-2019-6251 | 6 Canonical, Fedoraproject, Gnome and 3 more | 6 Ubuntu Linux, Fedora, Epiphany and 3 more | 2020-08-24 | 5.8 MEDIUM | 8.1 HIGH |
| WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. | |||||
| CVE-2019-6256 | 2 Debian, Live555 | 2 Debian Linux, Live555 Media Server | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in Live555 Media Server 0.93. It can cause an RTSPServer crash in handleHTTPCmd_TunnelingPOST, when RTSP-over-HTTP tunneling is supported, via x-sessioncookie HTTP headers in a GET request and a POST request within the same TCP session. This occurs because of a call to an incorrect virtual function pointer in the readSocket function in GroupsockHelper.cpp. | |||||
| CVE-2019-6260 | 2 Aspeedtech, Netapp | 5 Ast2400, Ast2400 Firmware, Ast2500 and 2 more | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| The ASPEED ast2400 and ast2500 Baseband Management Controller (BMC) hardware and firmware implement Advanced High-performance Bus (AHB) bridges, which allow arbitrary read and write access to the BMC's physical address space from the host (or from the network in unusual cases where the BMC console uart is attached to a serial concentrator). This CVE applies to the specific cases of iLPC2AHB bridge Pt I, iLPC2AHB bridge Pt II, PCIe VGA P2A bridge, DMA from/to arbitrary BMC memory via X-DMA, UART-based SoC Debug interface, LPC2AHB bridge, PCIe BMC P2A bridge, and Watchdog setup. | |||||
| CVE-2019-6265 | 1 Cordaware | 1 Bestinformed | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| The Scripting and AutoUpdate functionality in Cordaware bestinformed Microsoft Windows client versions before 6.2.1.0 are affected by insecure implementations which allow remote attackers to execute arbitrary commands and escalate privileges. | |||||
| CVE-2019-6273 | 1 Gl-inet | 2 Gl-ar300m-lite, Gl-ar300m-lite Firmware | 2020-08-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| download_file in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to download arbitrary files. | |||||
| CVE-2019-6279 | 1 Chinamobileltd | 2 Gpn2.4p21-c-cn, Gpn2.4p21-c-cn Firmware | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| ChinaMobile PLC Wireless Router GPN2.4P21-C-CN devices with firmware W2001EN-00 have an Incorrect Access Control vulnerability via the cgi-bin/webproc?getpage=html/index.html subpage=wlsecurity URI, allowing an Attacker to change the Wireless Security Password. | |||||
| CVE-2019-6283 | 1 Sass-lang | 1 Libsass | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::parenthese_scope in prelexer.hpp. | |||||
| CVE-2019-6284 | 1 Sass-lang | 1 Libsass | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::alternatives in prelexer.hpp. | |||||
| CVE-2019-6285 | 1 Yaml-cpp Project | 1 Yaml-cpp | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file. | |||||
| CVE-2019-6287 | 1 Rancher | 1 Rancher | 2020-08-24 | 6.5 MEDIUM | 8.1 HIGH |
| In Rancher 2.0.0 through 2.1.5, project members have continued access to create, update, read, and delete namespaces in a project after they have been removed from it. | |||||
| CVE-2019-6290 | 1 Nasm | 1 Netwide Assembler | 2020-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| An infinite recursion issue was discovered in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem resulting from infinite recursion in the functions expr, rexp, bexpr and cexpr in certain scenarios involving lots of '{' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file. | |||||
| CVE-2019-6291 | 1 Nasm | 1 Netwide Assembler | 2020-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in the function expr6 in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem caused by the expr6 function making recursive calls to itself in certain scenarios involving lots of '!' or '+' or '-' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file. | |||||
| CVE-2019-6292 | 1 Yaml-cpp Project | 1 Yaml-cpp | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in singledocparser.cpp in yaml-cpp (aka LibYaml-C++) 0.6.2. Stack Exhaustion occurs in YAML::SingleDocParser, and there is a stack consumption problem caused by recursive stack frames: HandleCompactMap, HandleMap, HandleFlowSequence, HandleSequence, HandleNode. Remote attackers could leverage this vulnerability to cause a denial-of-service via a cpp file. | |||||
| CVE-2019-6293 | 1 Flex Project | 1 Flex | 2020-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in the function mark_beginning_as_normal in nfa.c in flex 2.6.4. There is a stack exhaustion problem caused by the mark_beginning_as_normal function making recursive calls to itself in certain scenarios involving lots of '*' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service. | |||||
| CVE-2019-6318 | 1 Hp | 286 Color Laserjet Cm4540 Mfp, Color Laserjet Cm4540 Mfp Firmware, Color Laserjet Enterprise Cp5525 and 283 more | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP LaserJet Managed printers, HP Officejet Enterprise printers have an insufficient solution bundle signature validation that potentially allows execution of arbitrary code. | |||||
| CVE-2019-6321 | 1 Hp | 8 Z4 G4 Core-x Workstation, Z4 G4 Core-x Workstation Firmware, Z4 G4 Workstation and 5 more | 2020-08-24 | 9.0 HIGH | 7.2 HIGH |
| HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is disabled by default. | |||||
| CVE-2019-6322 | 1 Hp | 8 Z4 G4 Core-x Workstation, Z4 G4 Core-x Workstation Firmware, Z4 G4 Workstation and 5 more | 2020-08-24 | 9.0 HIGH | 6.8 MEDIUM |
| HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is enabled by default. | |||||
| CVE-2019-6328 | 1 Hp | 1 Support Assistant | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege and allows unauthorized modification of directories or files. Note: A different vulnerability than CVE-2019-6329. | |||||
| CVE-2019-6329 | 1 Hp | 1 Support Assistant | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege and allows unauthorized modification of directories or files. Note: A different vulnerability than CVE-2019-6328. | |||||
| CVE-2019-6330 | 1 Hp | 1 Access Control | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| A potential security vulnerability has been identified in the software solution HP Access Control versions prior to 16.7. This vulnerability could potentially grant elevation of privilege. | |||||
| CVE-2019-6333 | 1 Hp | 1 Touchpoint Analytics | 2020-08-24 | 7.2 HIGH | 6.7 MEDIUM |
| A potential security vulnerability has been identified with certain versions of HP Touchpoint Analytics prior to version 4.1.4.2827. This vulnerability may allow a local attacker with administrative privileges to execute arbitrary code via an HP Touchpoint Analytics system service. | |||||
| CVE-2019-6334 | 1 Hp | 730 Digital Sender Flow 8500 Fn2 Document Capture Workstation L2762a, Futuresmart 3, Futuresmart 4 and 727 more | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| HP LaserJet, PageWide, OfficeJet Enterprise, and LaserJet Managed Printers have a solution to check application signature that may allow potential execution of arbitrary code. | |||||
| CVE-2019-6335 | 1 Hp | 8 Samsung C480, Samsung C480 Firmware, Samsung Clp680 and 5 more | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| A potential security vulnerability has been identified with Samsung Laser Printers. This vulnerability could potentially be exploited to create a denial of service. | |||||
| CVE-2019-6337 | 1 Hp | 82 2dr21d, 2dr21d Firmware, D3q15a and 79 more | 2020-08-24 | 3.3 LOW | 5.2 MEDIUM |
| For the printers listed a maliciously crafted print file might cause certain HP Inkjet printers to assert. Under certain circumstances, the printer produces a core dump to a local device. | |||||
| CVE-2019-6340 | 1 Drupal | 1 Drupal | 2020-08-24 | 6.8 MEDIUM | 8.1 HIGH |
| Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core RESTful Web Services (rest) module enabled and allows PATCH or POST requests, or the site has another web services module enabled, like JSON:API in Drupal 8, or Services or RESTful Web Services in Drupal 7. (Note: The Drupal 7 Services module itself does not require an update at this time, but you should apply other contributed updates associated with this advisory if Services is in use.) | |||||
| CVE-2019-6438 | 2 Opensuse, Schedmd | 2 Leap, Slurm | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| SchedMD Slurm before 17.11.13 and 18.x before 18.08.5 mishandles 32-bit systems. | |||||
| CVE-2019-6439 | 1 Wolfssl | 1 Wolfssl | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| examples/benchmark/tls_bench.c in a benchmark tool in wolfSSL through 3.15.7 has a heap-based buffer overflow. | |||||
| CVE-2019-6441 | 1 Coship | 8 Rt3050, Rt3050 Firmware, Rt3052 and 5 more | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Shenzhen Coship RT3050 4.0.0.40, RT3052 4.0.0.48, RT7620 10.0.0.49, WM3300 5.0.0.54, and WM3300 5.0.0.55 devices. The password reset functionality of the router doesn't have backend validation for the current password and doesn't require any type of authentication. By making a POST request to the apply.cgi file of the router, the attacker can change the admin username and password of the router. | |||||
| CVE-2019-6451 | 1 Soyal | 4 Ar-727h, Ar-727h Firmware, Ar-829ev5 and 1 more | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| On SOYAL AR-727H and AR-829Ev5 devices, all CGI programs allow unauthenticated POST access. | |||||
| CVE-2019-6453 | 1 Mirc | 1 Mirc | 2020-08-24 | 6.8 MEDIUM | 8.1 HIGH |
| mIRC before 7.55 allows remote command execution by using argument injection through custom URI protocol handlers. The attacker can specify an irc:// URI that loads an arbitrary .ini file from a UNC share pathname. Exploitation depends on browser-specific URI handling (Chrome is not exploitable). | |||||
| CVE-2019-6457 | 1 Gnu | 1 Recutils | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_aggregate_reg_new in rec-aggregate.c in librec.a. | |||||
| CVE-2019-6458 | 1 Gnu | 1 Recutils | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_buf_new in rec-buf.c when called from rec_parse_rset in rec-parser.c in librec.a. | |||||
| CVE-2019-6459 | 1 Gnu | 1 Recutils | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_extract_type in rec-utils.c in librec.a. | |||||
| CVE-2019-6469 | 1 Isc | 1 Bind | 2020-08-24 | 4.3 MEDIUM | 7.5 HIGH |
| An error in the EDNS Client Subnet (ECS) feature for recursive resolvers can cause BIND to exit with an assertion failure when processing a response that has malformed RRSIGs. Versions affected: BIND 9.10.5-S1 -> 9.11.6-S1 of BIND 9 Supported Preview Edition. | |||||
| CVE-2019-6474 | 1 Isc | 1 Kea | 2020-08-24 | 6.1 MEDIUM | 6.5 MEDIUM |
| A missing check on incoming client requests can be exploited to cause a situation where the Kea server's lease storage contains leases which are rejected as invalid when the server tries to load leases from storage on restart. If the number of such leases exceeds a hard-coded limit in the Kea code, a server trying to restart will conclude that there is a problem with its lease store and give up. Versions affected: 1.4.0 to 1.5.0, 1.6.0-beta1, and 1.6.0-beta2 | |||||
| CVE-2019-6475 | 1 Isc | 1 Bind | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Mirror zones are a BIND feature allowing recursive servers to pre-cache zone data provided by other servers. A mirror zone is similar to a zone of type secondary, except that its data is subject to DNSSEC validation before being used in answers, as if it had been looked up via traditional recursion, and when mirror zone data cannot be validated, BIND falls back to using traditional recursion instead of the mirror zone. However, an error in the validity checks for the incoming zone data can allow an on-path attacker to replace zone data that was validated with a configured trust anchor with forged data of the attacker's choosing. The mirror zone feature is most often used to serve a local copy of the root zone. If an attacker was able to insert themselves into the network path between a recursive server using a mirror zone and a root name server, this vulnerability could then be used to cause the recursive server to accept a copy of falsified root zone data. This affects BIND versions 9.14.0 up to 9.14.6, and 9.15.0 up to 9.15.4. | |||||