Skip to main content
CVE-2019-11354 HIGH POC THREAT This Week

The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft RCE Origin
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
23.1%
CVE-2019-11351 HIGH This Week

TeamSpeak 3 Client before 3.2.5 allows remote code execution in the Qt framework. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Teamspeak
NVD GitHub
CVSS 3.0
8.8
EPSS
3.9%
CVE-2019-2029 HIGH PATCH This Week

In btm_proc_smp_cback of tm_ble.cc, there is a possible memory corruption due to a use after free. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Buffer Overflow RCE Memory Corruption Google +2
NVD
CVSS 3.0
8.8
EPSS
0.7%
CVE-2019-2028 HIGH PATCH This Week

In numerous hand-crafted functions in libmpeg2, NEON registers are not preserved. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google RCE Android
NVD
CVSS 3.0
8.8
EPSS
1.2%
CVE-2019-2027 HIGH PATCH This Week

In floor0_inverse1 of floor0.c, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Google Buffer Overflow RCE Memory Corruption Android
NVD
CVSS 3.0
8.8
EPSS
1.2%
CVE-2019-11339 HIGH PATCH This Week

The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 before 4.0.4 and 4.1 before 4.1.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Denial Of Service Buffer Overflow Information Disclosure Ffmpeg
NVD GitHub
CVSS 3.0
8.8
EPSS
2.8%
CVE-2019-11338 HIGH PATCH This Week

libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL pointer dereference and out-of-array. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Ffmpeg Debian Linux Suse Package Hub For Suse Linux Enterprise +1
NVD GitHub
CVSS 3.1
8.8
EPSS
2.4%
CVE-2019-2035 HIGH PATCH This Week

In rw_i93_sm_update_ndef of rw_i93.cc, there is a possible out-of-bound write due to a missing bounds check. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Google Buffer Overflow Privilege Escalation Memory Corruption Android
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2019-2034 HIGH PATCH This Week

In rw_i93_sm_read_ndef of rw_i93.cc, there is a possible out-of-bounds write due to an integer overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Google Integer Overflow Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2019-2033 HIGH PATCH This Week

In create_hdr of dnssd_clientstub.c, there is a possible use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Privilege Escalation Memory Corruption Google Use After Free +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2019-2032 HIGH PATCH This Week

In SetScanResponseData of ble_advertiser_hci_interface.cc, there is a possible out-of-bound write due to a missing bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Google Buffer Overflow Privilege Escalation Memory Corruption Android
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2019-2031 HIGH PATCH This Week

In rw_t3t_act_handle_check_ndef_rsp of rw_t3t.cc, there is a possible out-of-bound write due to a missing bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Google Buffer Overflow Privilege Escalation Memory Corruption Android
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2019-2026 HIGH PATCH This Week

In updateAssistMenuItems of Editor.java, there is a possible escape from the Setup Wizard due to a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Privilege Escalation Google Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2019-2037 HIGH PATCH This Week

In l2cu_send_peer_config_rej of l2c_utils.cc, there is a possible out-of-bound read due to an incorrect bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.0
7.5
EPSS
0.8%
CVE-2019-5008 HIGH PATCH This Week

hw/sparc64/sun4u.c in QEMU 3.1.50 is vulnerable to a NULL pointer dereference, which allows the attacker to cause a denial of service via a device driver. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Qemu
NVD
CVSS 3.0
7.5
EPSS
2.8%
CVE-2019-4055 HIGH PATCH This Week

IBM MQ 8.0.0.0 through 8.0.0.10, 9.0.0.0 through 9.0.0.5, and 9.1.0.0 through 9.1.1 is vulnerable to a denial of service attack within the TLS key renegotiation function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service IBM Mq Mq Appliance
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2019-10245 HIGH PATCH This Week

In Eclipse OpenJ9 prior to the 0.14.0 release, the Java bytecode verifier incorrectly allows a method to execute past the end of bytecode array causing crashes. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Denial Of Service Openj9 Satellite Enterprise Linux +3
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2019-2041 HIGH PATCH This Week

In the configuration of NFC modules on certain devices, there is a possible failure to distinguish individual devices due to an insecure default value. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Google Privilege Escalation Android
NVD
CVSS 3.0
7.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy