Skip to main content
CVE-2019-18840 HIGH POC This Week

In wolfSSL 4.1.0 through 4.2.0c, there are missing sanity checks of memory accesses in parsing ASN.1 certificate data while handshaking. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Wolfssl
NVD GitHub
CVSS 3.1
7.5
EPSS
2.0%
CVE-2019-5694 MEDIUM POC PATCH This Month

NVIDIA Windows GPU Display Driver, R390 driver version, contains a vulnerability in NVIDIA Control Panel in which it incorrectly loads Windows system DLLs without validating the path or signature. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Information Disclosure Nvidia Microsoft RCE +1
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2019-5701 HIGH PATCH This Week

NVIDIA GeForce Experience, all versions prior to 3.20.0.118, contains a vulnerability when GameStream is enabled in which an attacker with local system access can load the Intel graphics driver DLLs. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Information Disclosure Nvidia Intel RCE +1
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2019-5692 HIGH PATCH This Week

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the product uses untrusted input when calculating. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Nvidia Denial Of Service Microsoft Gpu Driver
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-5691 HIGH PATCH This Week

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which a NULL pointer is dereferenced, which may lead to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Nvidia Denial Of Service Microsoft Gpu Driver
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-5690 HIGH PATCH This Week

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the size of an input buffer is not validated,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Denial Of Service Nvidia Buffer Overflow Microsoft Memory Corruption +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-5689 HIGH PATCH This Week

NVIDIA GeForce Experience, all versions prior to 3.20.1, contains a vulnerability in the Downloader component in which a user with local system access can craft input that may allow malicious files. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Nvidia Denial Of Service Information Disclosure RCE Geforce Experience
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-18845 HIGH This Week

The MsIo64.sys and MsIo32.sys drivers in Patriot Viper RGB before 1.1 allow local users (including low integrity processes) to read and write to arbitrary memory locations, and consequently gain NT. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Viper Rgb Firmware
NVD GitHub
CVSS 3.1
7.1
EPSS
0.4%
CVE-2019-5697 HIGH PATCH This Week

NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in which it may grant a guest access to memory that it does not own, which may lead to information disclosure or denial of service. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Nvidia Denial Of Service Information Disclosure Virtual Gpu Manager
NVD
CVSS 3.1
7.1
EPSS
0.3%
CVE-2019-4556 MEDIUM PATCH This Month

IBM QRadar Advisor 1.0.0 through 2.4.0 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass IBM Qradar Advisor With Watson
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2019-4645 MEDIUM PATCH This Month

IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Cognos Analytics
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2019-4581 MEDIUM PATCH This Month

IBM QRadar 7.3.0 to 7.3.2 Patch 4 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Qradar Security Information And Event Manager
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2019-4450 MEDIUM PATCH This Month

IBM i 7.2, 7.3, and 7.4 for i is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2019-5696 MEDIUM PATCH This Month

NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in which the provision of an incorrectly sized buffer by a guest VM leads to GPU out-of-bound access, which may lead to a denial of. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Nvidia Denial Of Service Virtual Gpu Manager
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-5693 MEDIUM PATCH This Month

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) in which the program accesses or uses a pointer that has not been initialized, which. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Nvidia Denial Of Service Microsoft Memory Corruption Gpu Driver
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-4470 MEDIUM PATCH This Month

IBM QRadar 7.3.0 to 7.3.2 Patch 4 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Qradar Security Information And Event Manager
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2019-4454 MEDIUM PATCH This Month

IBM QRadar 7.3.0 to 7.3.2 Patch 4 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Qradar Security Information And Event Manager
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2019-4412 MEDIUM PATCH This Month

IBM Cognos Controller stores sensitive information in URL parameters. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Cognos Controller
NVD
CVSS 3.1
5.3
EPSS
1.0%
CVE-2019-5698 MEDIUM PATCH This Month

NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in the vGPU plugin, in which an input index value is incorrectly validated, which may lead to denial of service. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Nvidia Denial Of Service Virtual Gpu Manager
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2019-4509 MEDIUM PATCH This Month

IBM QRadar 7.3.0 to 7.3.2 Patch 4 is vulnerable to incorrect authorization in some components which could allow an authenticated user to obtain sensitive information. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass IBM Qradar Security Information And Event Manager
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2019-4411 MEDIUM PATCH This Month

IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 could allow an authenticated user to obtain sensitive information due to easy to guess session identifier names. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

IBM Information Disclosure Cognos Controller
NVD
CVSS 3.1
4.3
EPSS
0.8%
CVE-2019-4334 MEDIUM PATCH This Month

IBM Cognos Analytics 11.0 and 11.1 could reveal sensitive information to an authenticated user that could be used in future attacks against the system. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

IBM Information Disclosure Cognos Analytics
NVD
CVSS 3.1
4.3
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy