Total
9773 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-9449 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In the Android kernel in FingerTipS touchscreen driver there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2019-9445 | 3 Canonical, Debian, Google | 3 Ubuntu Linux, Debian Linux, Android | 2024-11-21 | 4.4 Medium |
| In the Android kernel in F2FS driver there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2019-9444 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In the Android kernel in sync debug fs driver there is a kernel pointer leak due to the usage of printf with %p. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2019-9433 | 6 Canonical, Debian, Fedoraproject and 3 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2024-11-21 | 6.5 Medium |
| In libvpx, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-80479354 | ||||
| CVE-2019-9424 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| In the Screen Lock, there is a possible information disclosure due to an unusual root cause. In certain circumstances, the setting to hide the unlock pattern can be ignored. Product: AndroidVersions: Android-10Android ID: A-110941092 | ||||
| CVE-2019-9338 | 1 Google | 1 Android | 2024-11-21 | 6.5 Medium |
| In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111762686 | ||||
| CVE-2019-9337 | 1 Google | 1 Android | 2024-11-21 | 6.5 Medium |
| In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112204376 | ||||
| CVE-2019-9336 | 1 Google | 1 Android | 2024-11-21 | 6.5 Medium |
| In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112326322 | ||||
| CVE-2019-9335 | 1 Google | 1 Android | 2024-11-21 | 6.5 Medium |
| In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112328051 | ||||
| CVE-2019-9245 | 1 Google | 1 Android | 2024-11-21 | 4.4 Medium |
| In the Android kernel in the f2fs driver there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2019-9225 | 1 Gitlab | 1 Gitlab | 2024-11-21 | N/A |
| An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 5 of 5). | ||||
| CVE-2019-9179 | 1 Gitlab | 1 Gitlab | 2024-11-21 | N/A |
| An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Information Exposure (issue 5 of 5). | ||||
| CVE-2019-9175 | 1 Gitlab | 1 Gitlab | 2024-11-21 | N/A |
| An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Information Exposure (issue 3 of 5). | ||||
| CVE-2019-9126 | 1 Dlink | 2 Dir-825 Rev.b, Dir-825 Rev.b Firmware | 2024-11-21 | 7.5 High |
| An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is an information disclosure vulnerability via requests for the router_info.xml document. This will reveal the PIN code, MAC address, routing table, firmware version, update time, QOS information, LAN information, and WLAN information of the device. | ||||
| CVE-2019-9103 | 1 Moxa | 12 Mb3170, Mb3170 Firmware, Mb3180 and 9 more | 2024-11-21 | 5.3 Medium |
| An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. An attacker can access sensitive information (e.g., conduct username disclosure attacks) on the built-in WEB-service without authorization. | ||||
| CVE-2019-8934 | 2 Opensuse, Qemu | 2 Leap, Qemu | 2024-11-21 | 3.3 Low |
| hw/ppc/spapr.c in QEMU through 3.1.0 allows Information Exposure because the hypervisor shares the /proc/device-tree/system-id and /proc/device-tree/model system attributes with a guest. | ||||
| CVE-2019-8921 | 3 Bluez, Debian, Linux | 3 Bluez, Debian Linux, Linux Kernel | 2024-11-21 | 6.5 Medium |
| An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVC_ATTR_REQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to trick the server into returning more bytes than the buffer actually holds, resulting in leaking arbitrary heap data. The root cause can be found in the function service_attr_req of sdpd-request.c. The server does not check whether the CSTATE data is the same in consecutive requests, and instead simply trusts that it is the same. | ||||
| CVE-2019-8730 | 1 Apple | 1 Mac Os X | 2024-11-21 | 3.3 Low |
| The contents of locked notes sometimes appeared in search results. This issue was addressed with improved data cleanup. This issue is fixed in macOS Catalina 10.15. A local user may be able to view a user’s locked notes. | ||||
| CVE-2019-8620 | 1 Apple | 3 Iphone Os, Tvos, Watchos | 2024-11-21 | 7.5 High |
| A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. A device may be passively tracked by its WiFi MAC address. | ||||
| CVE-2019-8567 | 1 Apple | 1 Iphone Os | 2024-11-21 | 7.5 High |
| A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in iOS 12.2. A device may be passively tracked by its WiFi MAC address. | ||||