Skip to main content
CVE-2019-2138 MEDIUM This Month

In libxaac, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2019-2079 MEDIUM This Month

In libxaac, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2019-2060 MEDIUM This Month

In libxaac, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2019-11750 MEDIUM This Month

A type confusion vulnerability exists in Spidermonkey, which results in a non-exploitable crash. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Mozilla Memory Corruption Firefox Firefox Esr
NVD
CVSS 3.1
6.5
EPSS
1.3%
CVE-2019-11748 MEDIUM This Month

WebRTC in Firefox will honor persisted permissions given to sites for access to microphone and camera resources even when in a third-party context. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Mozilla Information Disclosure Firefox Firefox Esr
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2019-11747 MEDIUM This Month

The "Forget about this site" feature in the History pane is intended to remove all saved user data that indicates a user has visited a site. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Mozilla Information Disclosure Firefox Firefox Esr
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2019-11742 MEDIUM This Month

A same-origin policy violation occurs allowing the theft of cross-origin images through a combination of SVG filters and a <canvas> element due to an error in how same-origin policy is applied. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Mozilla Information Disclosure Firefox Firefox Esr Thunderbird
NVD
CVSS 3.1
6.5
EPSS
1.7%
CVE-2019-11739 MEDIUM This Month

Encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when included in a a HTML reply/forward. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Mozilla Information Disclosure Thunderbird
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2019-4141 MEDIUM PATCH This Month

IBM MQ 7.1.0.0 - 7.1.0.9, 7.5.0.0 - 7.5.0.9, 8.0.0.0 - 8.0.0.11, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.1 - 9.1.2 is vulnerable to a denial of service attack caused by a memory leak in the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service IBM Websphere Mq Websphere Mq Appliance
NVD
CVSS 3.1
6.5
EPSS
1.3%
CVE-2019-9375 MEDIUM This Month

In hostapd, there is a possible out of bounds write due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2019-2189 MEDIUM This Month

In the Easel driver, there is possible memory corruption due to race conditions. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2019-2188 MEDIUM This Month

In the Easel driver, there is possible memory corruption due to race conditions. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2019-11744 MEDIUM This Month

Some HTML elements, such as <title> and <textarea>, can contain literal angle brackets without treating them as markup. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Mozilla Firefox Thunderbird
NVD
CVSS 3.1
6.1
EPSS
1.5%
CVE-2019-11741 MEDIUM This Month

A compromised sandboxed content process can perform a Universal Cross-site Scripting (UXSS) attack on content from any site it can cause to be loaded in the same process. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Mozilla Firefox
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2019-9414 MEDIUM This Month

In wpa_supplicant, there is a possible man in the middle vulnerability due to improper input validation of the basicConstraints field of intermediary certificates. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.9
EPSS
0.6%
CVE-2019-9399 MEDIUM This Month

The Print Service is susceptible to man in the middle attacks due to improperly used crypto. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.9
EPSS
0.4%
CVE-2019-9435 MEDIUM This Month

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2019-9427 MEDIUM This Month

In Bluetooth, there is a possible information disclosure due to a use after free. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Information Disclosure Memory Corruption Google Use After Free +1
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2019-9417 MEDIUM This Month

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2019-9376 MEDIUM This Month

In Account of Account.java, there is a possible boot loop due to improper input validation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Denial Of Service Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2019-9373 MEDIUM This Month

In JobStore, there is a mismatched serialization/deserialization for the "battery-not-low" job attribute. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Denial Of Service Deserialization Android
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2019-9369 MEDIUM This Month

In Bluetooth, there is a use of uninitialized variable. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2019-9368 MEDIUM This Month

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2019-9347 MEDIUM This Month

In the m4v_h263 codec, there is a possible out of bounds read due to a use after free. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Denial Of Service Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2019-9312 MEDIUM This Month

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2019-9289 MEDIUM This Month

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2019-9287 MEDIUM This Month

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2019-9272 MEDIUM This Month

In WiFi, there is a possible leak of WiFi state due to a permissions bypass. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Google Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2019-9268 MEDIUM This Month

In libstagefright, there is a possible use-after-free due to improper locking. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Use After Free Privilege Escalation Memory Corruption Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2019-9249 MEDIUM This Month

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2019-9243 MEDIUM This Month

In wpa_supplicant_8, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2019-9323 MEDIUM This Month

In the Wallpaper Manager service, there is a possible information disclosure due to a missing permission check. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Google Android
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2019-11737 MEDIUM This Month

If a wildcard ('*') is specified for the host in Content Security Policy (CSP) directives, any port or path restriction of the directive will be ignored, leading to CSP directives not being properly. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Mozilla Information Disclosure Firefox
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2019-16922 MEDIUM This Month

SuiteCRM 7.10.x before 7.10.20 and 7.11.x before 7.11.8 allows unintended public exposure of files. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Suitecrm
NVD
CVSS 3.1
5.3
EPSS
1.1%
CVE-2019-9421 MEDIUM This Month

In libandroidfw, there is a possible OOB read due to an integer overflow. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.0
EPSS
0.1%
CVE-2019-9383 MEDIUM This Month

In NFC server, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.0
EPSS
0.1%
CVE-2019-9356 MEDIUM This Month

In NFC server, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.0
EPSS
0.2%
CVE-2019-9344 MEDIUM This Month

In NFC server, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.0
EPSS
0.2%
CVE-2019-9296 MEDIUM This Month

In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.0
EPSS
0.2%
CVE-2019-9251 MEDIUM This Month

In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.0
EPSS
0.2%
CVE-2019-9246 MEDIUM This Month

In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.0
EPSS
0.2%
CVE-2019-9244 MEDIUM This Month

In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.0
EPSS
0.2%
CVE-2019-9242 MEDIUM This Month

In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.0
EPSS
0.2%
CVE-2019-9240 MEDIUM This Month

In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.0
EPSS
0.2%
CVE-2019-9239 MEDIUM This Month

In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.0
EPSS
0.2%
CVE-2019-9236 MEDIUM This Month

In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.0
EPSS
0.2%
CVE-2019-9235 MEDIUM This Month

In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.0
EPSS
0.2%
CVE-2019-9434 MEDIUM This Month

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
4.9
EPSS
0.7%
CVE-2019-9431 MEDIUM This Month

In Bluetooth, there is a possible out of bounds read due to a use after free. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google Buffer Overflow Denial Of Service Information Disclosure Android
NVD
CVSS 3.1
4.9
EPSS
0.7%
CVE-2019-3747 MEDIUM This Month

Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a stored cross-site scripting vulnerability. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Dell Emc Integrated Data Protection Appliance Firmware
NVD
CVSS 3.1
4.8
EPSS
0.8%
Prev Page 3 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy