Skip to main content
CVE-2019-15349 HIGH This Week

The Tecno Camon Android device with a build fingerprint of TECNO/H612/TECNO-ID5a:8.1.0/O11019/F-180828V106:user/release-keys contains a pre-installed platform app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Tecno H612 Tecno Id5A
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-15348 HIGH This Week

The Tecno Camon Android device with a build fingerprint of TECNO/H612/TECNO-ID5a:8.1.0/O11019/F-180828V106:user/release-keys contains a pre-installed platform app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Command Injection Tecno H612 Tecno Id5A
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-15347 HIGH This Week

The Tecno Camon iClick 2 Android device with a build fingerprint of TECNO/H622/TECNO-ID6:8.1.0/O11019/F-180824V116:user/release-keys contains a pre-installed platform app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Command Injection Camon Iclick 2 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-15346 HIGH This Week

The Tecno Camon iClick 2 Android device with a build fingerprint of TECNO/H622/TECNO-ID6:8.1.0/O11019/F-180824V116:user/release-keys contains a pre-installed platform app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Camon Iclick 2 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-15345 HIGH This Week

The Tecno Camon iClick Android device with a build fingerprint of TECNO/H633/TECNO-IN6:8.1.0/O11019/A-180409V96:user/release-keys contains a pre-installed platform app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Camon Iclick Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-15343 HIGH This Week

The Tecno Camon iClick Android device with a build fingerprint of TECNO/H633/TECNO-IN6:8.1.0/O11019/A-180409V96:user/release-keys contains a pre-installed platform app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Command Injection Camon Iclick Firmware
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-15342 HIGH This Week

The Tecno Camon iAir 2 Plus Android device with a build fingerprint of TECNO/H622/TECNO-ID3k:8.1.0/O11019/E-180914V83:user/release-keys contains a pre-installed platform app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Command Injection Camon Iair 2 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-15341 HIGH This Week

The Tecno Camon iAir 2 Plus Android device with a build fingerprint of TECNO/H622/TECNO-ID3k:8.1.0/O11019/E-180914V83:user/release-keys contains a pre-installed platform app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Camon Iair 2 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-14602 HIGH This Week

Improper permissions in the installer for the Nuvoton* CIR Driver versions 1.02.1002 and before may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Nuvoton Consumer Infrared
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-14566 HIGH This Week

Insufficient input validation in Intel(R) SGX SDK multiple Linux and Windows versions may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Information Disclosure Privilege Escalation Microsoft Intel +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-14565 HIGH This Week

Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.100.51291 and earlier, and Linux versions 2.6.100.51363 and earlier, may allow an authenticated user to enable information. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Information Disclosure Privilege Escalation Microsoft Intel +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-11181 HIGH This Week

Out of bound read in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable escalation of privilege via network access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Intel Information Disclosure Baseboard Management Controller Firmware
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-11170 HIGH This Week

Authentication bypass in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, escalation of privilege and/or denial of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Information Disclosure Privilege Escalation Intel Authentication Bypass +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-11156 HIGH This Week

Logic errors in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may allow an authenticated user to potentially enable escalation of privilege, denial of service, and information. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Denial Of Service Intel Information Disclosure Proset Wireless Wifi
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-11153 HIGH This Week

Memory corruption issues in Intel(R) PROSet/Wireless WiFi Software extension DLL before version 21.40 may allow an authenticated user to potentially enable escalation of privilege, information. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Information Disclosure Privilege Escalation Buffer Overflow Intel +2
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-11151 HIGH This Week

Memory corruption issues in Intel(R) WIFI Drivers before version 21.40 may allow a privileged user to potentially enable escalation of privilege, denial of service, and information disclosure via. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Information Disclosure Privilege Escalation Buffer Overflow Intel +14
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-7962 HIGH This Week

Adobe Illustrator CC versions 23.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Adobe Illustrator Cc
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2019-7960 HIGH PATCH This Week

Adobe Animate CC versions 19.2.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Privilege Escalation Adobe Animate Cc
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2019-3663 HIGH This Week

Unprotected Storage of Credentials vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows local attacker to gain access to the root password via accessing sensitive files on the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Advanced Threat Defense
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2019-14818 HIGH PATCH This Week

A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhost_user. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Denial Of Service Data Plane Development Kit Enterprise Linux Fast Datapath Openstack Virtualization Eus +1
NVD
CVSS 3.1
7.5
EPSS
2.8%
CVE-2019-11182 HIGH This Week

Memory corruption in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Intel Memory Corruption Baseboard Management Controller Firmware
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2019-11180 HIGH This Week

Insufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Intel Baseboard Management Controller Firmware
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2019-11177 HIGH This Week

Unhandled exception in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Intel Baseboard Management Controller Firmware
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2019-11175 HIGH This Week

Insufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Intel Baseboard Management Controller Firmware
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2019-8240 HIGH PATCH This Week

Adobe Bridge CC versions 9.1 and earlier have a memory corruption vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Information Disclosure Adobe Memory Corruption Bridge Cc
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2019-8239 HIGH PATCH This Week

Adobe Bridge CC versions 9.1 and earlier have a memory corruption vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Information Disclosure Adobe Memory Corruption Bridge Cc
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2019-18949 HIGH This Week

SnowHaze before 2.6.6 is sometimes too late to honor a per-site JavaScript blocking setting, which leads to unintended JavaScript execution via a chain of webpage redirections targeted to the user's. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Snowhaze
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2019-18647 HIGH This Week

The Untangle NG firewall 14.2.0 is vulnerable to an authenticated command injection when logged in as an admin user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Ng Firewall
NVD GitHub
CVSS 3.1
7.2
EPSS
1.9%
CVE-2019-18646 HIGH This Week

The Untangle NG firewall 14.2.0 is vulnerable to authenticated inline-query SQL injection within the timeDataDynamicColumn parameter when logged in as an admin user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Ng Firewall
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2019-11173 HIGH This Week

Insufficient session validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via local. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Information Disclosure Baseboard Management Controller Firmware
NVD
CVSS 3.1
7.1
EPSS
0.3%
CVE-2019-11155 HIGH This Week

Improper directory permissions in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may allow an authenticated user to potentially enable denial of service and information disclosure via. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Information Disclosure Proset Wireless Wifi
NVD
CVSS 3.1
7.1
EPSS
0.3%
CVE-2019-11154 HIGH This Week

Improper directory permissions in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may allow an authenticated user to potentially enable denial of service and information disclosure via. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Information Disclosure Proset Wireless Wifi
NVD
CVSS 3.1
7.1
EPSS
0.3%
CVE-2019-0152 MEDIUM This Month

Insufficient memory protection in System Management Mode (SMM) and Intel(R) TXT for certain Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Intel Xeon Platinum 8253 Firmware Xeon Platinum 8256 Firmware +128
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2019-0151 MEDIUM This Month

Insufficient memory protection in Intel(R) TXT for certain Intel(R) Core Processors and Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Xeon D 2141I Firmware Xeon D 2177Nt Firmware Xeon D 2161I Firmware Xeon D 2143It Firmware Xeon D 2146Nt Firmware +442
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2019-0139 MEDIUM PATCH This Month

Insufficient access control in firmware for Intel(R) Ethernet 700 Series Controllers before version 7.0 may allow a privileged user to potentially enable an escalation of privilege, denial of. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Privilege Escalation Denial Of Service Intel Information Disclosure Ethernet Controller X710 Tm4 Firmware +6
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2019-11136 MEDIUM This Month

Insufficient access control in system firmware for Intel(R) Xeon(R) Scalable Processors, 2nd Generation Intel(R) Xeon(R) Scalable Processors and Intel(R) Xeon(R) Processors D Family may allow a. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Denial Of Service Intel Information Disclosure Xeon Platinum 8253 Firmware +283
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2019-11135 MEDIUM PATCH This Month

TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Information Disclosure Leap Fedora Slackware Apollo 4200 Firmware +156
NVD VulDB
CVSS 3.1
6.5
EPSS
0.3%
CVE-2019-0144 MEDIUM PATCH This Month

Unhandled exception in firmware for Intel(R) Ethernet 700 Series Controllers before version 7.0 may allow an authenticated user to potentially enable a denial of service via local access. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Intel Ethernet Controller X710 Tm4 Firmware Ethernet Controller X710 At2 Firmware Ethernet Controller Xxv710 Am2 Firmware +4
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2019-11179 MEDIUM This Month

Insufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an authenticated user to potentially enable information disclosure via network access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Intel Information Disclosure Baseboard Management Controller Firmware
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2019-3662 MEDIUM This Month

Path Traversal: '/absolute/pathname/here' vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attacker to gain unintended access to files on the system via. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Advanced Threat Defense
NVD
CVSS 3.1
6.5
EPSS
1.4%
CVE-2019-3640 MEDIUM This Month

Unprotected Transport of Credentials in ePO extension in McAfee Data Loss Prevention 11.x prior to 11.4.0 allows remote attackers with access to the network to collect login details to the LDAP. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Data Loss Prevention
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2019-11139 MEDIUM This Month

Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Debian Linux Leap Xeon 8153 Firmware +56
NVD
CVSS 3.1
6.0
EPSS
0.4%
CVE-2019-16863 MEDIUM This Month

STMicroelectronics ST33TPHF2ESPI TPM devices before 2019-09-12 allow attackers to extract the ECDSA private key via a side-channel timing attack because ECDSA scalar multiplication is mishandled, aka. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure St33Tphf2Espi Firmware St33Tphf2Ei2C Firmware St33Tphf20Spi Firmware St33Tphf20I2C Firmware
NVD
CVSS 3.1
5.9
EPSS
3.3%
CVE-2019-14591 MEDIUM This Month

Improper input validation in the API for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Graphics Driver Cloud Backup Data Availability Services +2
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-14590 MEDIUM This Month

Improper access control in the API for the Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Information Disclosure Graphics Driver Cloud Backup +3
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-14574 MEDIUM This Month

Out of bounds read in a subsystem for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Intel Information Disclosure Graphics Driver +4
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-11089 MEDIUM This Month

Insufficient input validation in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6519 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Graphics Driver Cloud Backup Data Availability Services +2
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-0184 MEDIUM This Month

Insufficient access control in protected memory subsystem for Intel(R) TXT for 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Xeon(R) Processor E3-1500 v5 and v6. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Intel Core I7 8700B Firmware Intel Core I7 8850H Firmware Core I9 9880H Firmware +125
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-0185 MEDIUM This Month

Insufficient access control in protected memory subsystem for SMM for 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor families; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 families;. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Core I7 6970Hq Firmware Core I7 6920Hq Firmware Core I7 6870Hq Firmware +138
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-0154 MEDIUM This Month

Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Ubuntu Linux Pentium J4205 Firmware Pentium N4200 Firmware +144
NVD
CVSS 3.1
5.5
EPSS
0.6%
Prev Page 3 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy