Skip to main content
CVE-2019-12734 HIGH POC This Week

SiteVision 4 has Incorrect Access Control. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Sitevision
NVD
CVSS 3.1
8.8
EPSS
2.1%
CVE-2019-12733 HIGH POC This Week

SiteVision 4 allows Remote Code Execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Sitevision
NVD
CVSS 3.1
8.8
EPSS
6.0%
CVE-2019-2225 HIGH PATCH This Week

When pairing with a Bluetooth device, it may be possible to pair a malicious device without any confirmation from the user, and that device may be able to interact with the phone. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Google Android
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2019-2223 HIGH This Week

In ihevcd_ref_list of ihevcd_ref_list.c, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow RCE Memory Corruption Android
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2019-2222 HIGH This Week

n ihevcd_parse_slice_data of ihevcd_parse_slice.c, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow RCE Memory Corruption Android
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2019-2221 HIGH PATCH This Week

In hasActivityInVisibleTask of WindowProcessController.java there’s a possible bypass of user interaction requirements due to incorrect handling of top activities in INITIALIZING state. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Google Java Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-2218 HIGH This Week

In createSessionInternal of PackageInstallerService.java, there is a possible improper permission grant due to a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Privilege Escalation Google Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-2217 HIGH This Week

In setCpuVulkanInUse of GpuStats.cpp, there is possible memory corruption due to a use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation Buffer Overflow Memory Corruption Google +2
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-2232 HIGH PATCH This Week

In handleRun of TextLine.java, there is a possible application crash due to improper input validation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Denial Of Service Android
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2019-2230 HIGH PATCH This Week

In nfcManager_routeAid and nfcManager_unrouteAid of NativeNfcManager.cpp, there is possible memory reuse due to a use after free. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Information Disclosure Memory Corruption Google Use After Free +1
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2019-18672 HIGH PATCH This Week

Insufficient checks in the finite state machine of the ShapeShift KeepKey hardware wallet before firmware 6.2.2 allow a partial reset of cryptographic secrets to known values via crafted messages. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Keepkey Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2019-18575 HIGH This Week

Dell Command Configure versions prior to 4.2.1 contain an uncontrolled search path vulnerability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Dell Information Disclosure Command Configure
NVD
CVSS 3.1
7.1
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy