Skip to main content
CVE-2019-4141 MEDIUM PATCH This Month

IBM MQ 7.1.0.0 - 7.1.0.9, 7.5.0.0 - 7.5.0.9, 8.0.0.0 - 8.0.0.11, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.1 - 9.1.2 is vulnerable to a denial of service attack caused by a memory leak in the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service IBM Websphere Mq Websphere Mq Appliance
NVD
CVSS 3.1
6.5
EPSS
1.3%
CVE-2019-9375 MEDIUM This Month

In hostapd, there is a possible out of bounds write due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2019-2189 MEDIUM This Month

In the Easel driver, there is possible memory corruption due to race conditions. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2019-2188 MEDIUM This Month

In the Easel driver, there is possible memory corruption due to race conditions. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2019-11744 MEDIUM This Month

Some HTML elements, such as <title> and <textarea>, can contain literal angle brackets without treating them as markup. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Mozilla Firefox Thunderbird
NVD
CVSS 3.1
6.1
EPSS
1.5%
CVE-2019-11741 MEDIUM This Month

A compromised sandboxed content process can perform a Universal Cross-site Scripting (UXSS) attack on content from any site it can cause to be loaded in the same process. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Mozilla Firefox
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2019-9414 MEDIUM This Month

In wpa_supplicant, there is a possible man in the middle vulnerability due to improper input validation of the basicConstraints field of intermediary certificates. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.9
EPSS
0.6%
CVE-2019-9399 MEDIUM This Month

The Print Service is susceptible to man in the middle attacks due to improperly used crypto. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.9
EPSS
0.4%
CVE-2019-9435 MEDIUM This Month

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2019-9427 MEDIUM This Month

In Bluetooth, there is a possible information disclosure due to a use after free. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Information Disclosure Memory Corruption Google Use After Free +1
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2019-9417 MEDIUM This Month

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2019-9376 MEDIUM This Month

In Account of Account.java, there is a possible boot loop due to improper input validation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Denial Of Service Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2019-9373 MEDIUM This Month

In JobStore, there is a mismatched serialization/deserialization for the "battery-not-low" job attribute. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Denial Of Service Deserialization Android
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2019-9369 MEDIUM This Month

In Bluetooth, there is a use of uninitialized variable. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2019-9368 MEDIUM This Month

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2019-9347 MEDIUM This Month

In the m4v_h263 codec, there is a possible out of bounds read due to a use after free. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Denial Of Service Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2019-9312 MEDIUM This Month

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2019-9289 MEDIUM This Month

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2019-9287 MEDIUM This Month

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2019-9272 MEDIUM This Month

In WiFi, there is a possible leak of WiFi state due to a permissions bypass. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Google Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2019-9268 MEDIUM This Month

In libstagefright, there is a possible use-after-free due to improper locking. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Use After Free Privilege Escalation Memory Corruption Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2019-9249 MEDIUM This Month

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2019-9243 MEDIUM This Month

In wpa_supplicant_8, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2019-9323 MEDIUM This Month

In the Wallpaper Manager service, there is a possible information disclosure due to a missing permission check. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Google Android
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2019-11737 MEDIUM This Month

If a wildcard ('*') is specified for the host in Content Security Policy (CSP) directives, any port or path restriction of the directive will be ignored, leading to CSP directives not being properly. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Mozilla Information Disclosure Firefox
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2019-16922 MEDIUM This Month

SuiteCRM 7.10.x before 7.10.20 and 7.11.x before 7.11.8 allows unintended public exposure of files. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Suitecrm
NVD
CVSS 3.1
5.3
EPSS
1.1%
CVE-2019-9421 MEDIUM This Month

In libandroidfw, there is a possible OOB read due to an integer overflow. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.0
EPSS
0.1%
CVE-2019-9383 MEDIUM This Month

In NFC server, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.0
EPSS
0.1%
CVE-2019-9356 MEDIUM This Month

In NFC server, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.0
EPSS
0.2%
CVE-2019-9344 MEDIUM This Month

In NFC server, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.0
EPSS
0.2%
CVE-2019-9296 MEDIUM This Month

In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.0
EPSS
0.2%
CVE-2019-9251 MEDIUM This Month

In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.0
EPSS
0.2%
CVE-2019-9246 MEDIUM This Month

In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.0
EPSS
0.2%
CVE-2019-9244 MEDIUM This Month

In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.0
EPSS
0.2%
CVE-2019-9242 MEDIUM This Month

In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.0
EPSS
0.2%
CVE-2019-9240 MEDIUM This Month

In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.0
EPSS
0.2%
CVE-2019-9239 MEDIUM This Month

In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.0
EPSS
0.2%
CVE-2019-9236 MEDIUM This Month

In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.0
EPSS
0.2%
CVE-2019-9235 MEDIUM This Month

In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.0
EPSS
0.2%
CVE-2019-9434 MEDIUM This Month

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
4.9
EPSS
0.7%
CVE-2019-9431 MEDIUM This Month

In Bluetooth, there is a possible out of bounds read due to a use after free. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google Buffer Overflow Denial Of Service Information Disclosure Android
NVD
CVSS 3.1
4.9
EPSS
0.7%
CVE-2019-3747 MEDIUM This Month

Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a stored cross-site scripting vulnerability. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Dell Emc Integrated Data Protection Appliance Firmware
NVD
CVSS 3.1
4.8
EPSS
0.8%
CVE-2019-9360 MEDIUM This Month

In the TEE, there's a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2019-9253 MEDIUM This Month

In KeyStore, there is a possible storage of symmetric keys in the TEE instead of the strongbox due to a missing strongbox flag. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2019-2191 MEDIUM This Month

In LG's LAF component, there is a possible leak of information in a protected disk partition due to a missing bounds check. Rated medium severity (CVSS 4.3), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2019-2190 MEDIUM This Month

In LG's LAF component, there is a possible leak of information in a protected disk partition due to a missing bounds check. Rated medium severity (CVSS 4.3), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2019-11754 MEDIUM This Month

When the pointer lock is enabled by a website though requestPointerLock(), no user notification is given. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Mozilla Information Disclosure Firefox
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2019-11749 MEDIUM This Month

A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Mozilla Information Disclosure Firefox Firefox Esr
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2019-9440 LOW Monitor

In AOSP Email, there is a possible information disclosure due to a confused deputy. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2019-9438 LOW Monitor

In the Package Manager service, there is a possible information disclosure due to a confused deputy. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
Prev Page 6 of 7 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy