Skip to main content
CVE-2019-8705 MEDIUM This Month

A memory corruption issue was addressed with improved validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Memory Corruption Mac Os X Tvos
NVD
CVSS 3.1
5.5
EPSS
0.9%
CVE-2019-8704 MEDIUM This Month

An authentication issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Iphone Os Tvos
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-8693 MEDIUM This Month

A validation issue was addressed with improved input sanitization. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Mac Os X
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2019-8692 MEDIUM This Month

A validation issue was addressed with improved input sanitization. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Mac Os X
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-8691 MEDIUM This Month

A validation issue was addressed with improved input sanitization. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Mac Os X
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-8598 MEDIUM This Month

An input validation issue was addressed with improved input validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Apple Icloud Itunes +4
NVD
CVSS 3.1
5.5
EPSS
10.3%
CVE-2019-8589 MEDIUM This Month

This issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Mac Os X
NVD
CVSS 3.1
5.5
EPSS
0.7%
CVE-2019-8568 MEDIUM This Month

A validation issue existed in the handling of symlinks. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Iphone Os Mac Os X Tvos +1
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2019-8560 MEDIUM This Month

An out-of-bounds read was addressed with improved bounds checking. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Iphone Os Mac Os X +2
NVD
CVSS 3.1
5.5
EPSS
0.9%
CVE-2019-8546 MEDIUM This Month

An access issue was addressed with additional sandbox restrictions. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Iphone Os Mac Os X Watchos
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-8540 MEDIUM This Month

A memory initialization issue was addressed with improved memory handling. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Iphone Os Mac Os X Tvos +1
NVD
CVSS 3.1
5.5
EPSS
1.6%
CVE-2019-8537 MEDIUM This Month

An access issue was addressed with improved memory management. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-8530 MEDIUM This Month

This issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Iphone Os Mac Os X Tvos
NVD
CVSS 3.1
5.5
EPSS
0.9%
CVE-2019-8522 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Apple Mac Os X
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-8521 MEDIUM This Month

This issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Iphone Os Mac Os X
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2019-8520 MEDIUM This Month

An out-of-bounds read was addressed with improved bounds checking. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Mac Os X
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-8519 MEDIUM This Month

An out-of-bounds read was addressed with improved bounds checking. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Mac Os X
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-8510 MEDIUM This Month

An out-of-bounds read issue existed that led to the disclosure of kernel memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Iphone Os Mac Os X +2
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-8507 MEDIUM This Month

Multiple memory corruption issues were addressed with improved input validation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apple Mac Os X
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-8504 MEDIUM This Month

A memory initialization issue was addressed with improved memory handling. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Iphone Os Mac Os X
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-7293 MEDIUM This Month

A memory corruption issue was addressed with improved memory handling. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apple Memory Corruption Iphone Os Mac Os X +2
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-7289 MEDIUM This Month

A parsing issue in the handling of directory paths was addressed with improved path validation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Shortcuts
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-6207 MEDIUM This Month

An out-of-bounds read issue existed that led to the disclosure of kernel memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Iphone Os Mac Os X +2
NVD
CVSS 3.1
5.5
EPSS
0.7%
CVE-2019-10513 MEDIUM This Month

Possibility of Null pointer access if the SPDM commands are executed in the non-standard way in Trustzone in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Qualcomm Apq8009 Firmware Apq8017 Firmware +47
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2019-18571 MEDIUM This Month

The RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance products prior to 7.1.1 P03 contain a reflected cross-site scripting vulnerability in the My Access Live module [MAL]. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Rsa Identity Governance And Lifecycle
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2019-7621 MEDIUM This Month

Kibana versions before 6.8.6 and 7.5.1 contain a cross site scripting (XSS) flaw in the coordinate and region map visualizations. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Elastic Kibana
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2019-18267 MEDIUM This Month

An issue was found in GE S2020/S2020G Fast Switch 61850, S2020/S2020G Fast Switch 61850 Versions 07A03 and prior. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Information Disclosure RCE CSRF S2020 Firmware +1
NVD
CVSS 3.1
5.4
EPSS
1.6%
CVE-2019-18995 MEDIUM This Month

The HMISimulator component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier fails to validate the content-length field for HTTP requests, exposing HMISimulator to denial of service via. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Abb Pb610 Panel Builder 600
NVD
CVSS 3.1
5.3
EPSS
2.1%
CVE-2019-8768 MEDIUM This Month

"Clear History and Website Data" did not clear the history. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
CVSS 3.1
5.3
EPSS
1.6%
CVE-2019-8725 MEDIUM This Month

The issue was addressed with improved handling of service worker lifetime. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Safari
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2019-8711 MEDIUM This Month

A logic issue existed with the display of notification previews. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Iphone Os
NVD
CVSS 3.1
5.3
EPSS
1.1%
CVE-2019-8667 MEDIUM This Month

An inconsistent user interface issue was addressed with improved state management. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2019-8663 MEDIUM POC This Month

This issue was addressed with improved checks. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Iphone Os Mac Os X
NVD Exploit-DB
CVSS 3.1
5.3
EPSS
6.7%
CVE-2019-19845 MEDIUM This Month

In Joomla!. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Joomla
NVD
CVSS 3.1
5.3
EPSS
1.1%
CVE-2019-4388 MEDIUM This Month

HCL AppScan Source 9.0.3.13 and earlier is susceptible to cross-site scripting (XSS) attacks by allowing users to embed arbitrary JavaScript code in the Web UI. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Appscan Source
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2019-11100 MEDIUM This Month

Insufficient input validation in the subsystem for Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable information disclosure. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Active Management Technology Firmware
NVD
CVSS 3.1
4.6
EPSS
0.4%
CVE-2019-11109 MEDIUM This Month

Logic issue in the subsystem for Intel(R) SPS before versions SPS_E5_04.01.04.275.0, SPS_SoC-X_04.00.04.100.0 and SPS_SoC-A_04.00.04.191.0 may allow a privileged user to potentially enable denial of. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Server Platform Services Firmware Big Ip B2250 Firmware Big Ip B4300 Firmware +31
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2019-11102 MEDIUM This Month

Insufficient input validation in Intel(R) DAL software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Dynamic Application Loader Trusted Execution Engine Firmware
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2019-11101 MEDIUM This Month

Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Converged Security Management Engine Firmware Trusted Execution Engine Firmware
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2019-0168 MEDIUM This Month

Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45 and 13.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Converged Security Management Engine Firmware Trusted Execution Engine Firmware
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2019-0165 MEDIUM This Month

Insufficient Input validation in the subsystem for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow a privileged user to potentially enable denial of service via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Converged Security Management Engine Firmware
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2019-8769 MEDIUM This Month

An issue existed in the drawing of web page elements. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os Mac Os X
NVD
CVSS 3.1
4.3
EPSS
1.2%
CVE-2019-8727 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Iphone Os
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2019-8670 MEDIUM This Month

An inconsistent user interface issue was addressed with improved state management. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Safari Mac Os X
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2019-8550 MEDIUM This Month

An issue existed in the pausing of FaceTime video. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Iphone Os Mac Os X Watchos
NVD
CVSS 3.1
4.3
EPSS
1.0%
CVE-2019-7284 MEDIUM This Month

This issue was addressed with improved checks. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Iphone Os
NVD
CVSS 3.1
4.3
EPSS
0.8%
CVE-2019-6222 MEDIUM This Month

A consistency issue was addressed with improved state handling. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Iphone Os
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2019-15013 MEDIUM This Month

The WorkflowResource class removeStatus method in Jira before version 7.13.12, from version 8.0.0 before version 8.4.3, and from version 8.5.0 before version 8.5.2 allows authenticated remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Atlassian Jira Jira Server
NVD
CVSS 3.1
4.3
EPSS
1.2%
CVE-2019-8730 LOW Monitor

The contents of locked notes sometimes appeared in search results. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
CVSS 3.1
3.3
EPSS
0.3%
CVE-2019-8698 LOW Monitor

A validation issue existed in the entitlement verification. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Iphone Os Tvos
NVD
CVSS 3.1
3.3
EPSS
0.7%
Prev Page 7 of 8 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy