Export limit exceeded: 75248 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 75248 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (75248 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-6329 | 1 Hp | 1 Support Assistant | 2024-11-21 | 7.8 High |
| HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege and allows unauthorized modification of directories or files. Note: A different vulnerability than CVE-2019-6328. | ||||
| CVE-2019-6320 | 1 Hp | 16 Deskjet 3630 F5s43a, Deskjet 3630 F5s43a Firmware, Deskjet 3630 F5s57a and 13 more | 2024-11-21 | 8.1 High |
| Certain HP DeskJet 3630 All-in-One Printers models F5S43A - F5S57A, K4T93A - K4T99C, K4U00B - K4U03B, and V3F21A - V3F22A (firmware version SWP1FN1912BR or higher) have a Cross-Site Request Forgery (CSRF) vulnerability that could lead to a denial of service (DOS) or device misconfiguration. | ||||
| CVE-2019-6319 | 1 Hp | 16 Deskjet 3630 F5s43a, Deskjet 3630 F5s43a Firmware, Deskjet 3630 F5s57a and 13 more | 2024-11-21 | 8.1 High |
| HP DeskJet 3630 All-in-One Printers models F5S43A - F5S57A, K4T93A - K4T99C, K4U00B - K4U03B, and V3F21A - V3F22A (firmware version SWP1FN1912BR or higher) have a Cross-Site Request Forgery (CSRF) vulnerability that could lead to a denial of service (DOS) or device misconfiguration. | ||||
| CVE-2019-6268 | 2 Denx, Rad | 2 U-boot, Secflow-2v Firmware | 2024-11-21 | 7.5 High |
| RAD SecFlow-2 devices with Hardware 0202, Firmware 4.1.01.63, and U-Boot 2010.12 allow URIs beginning with /.. for Directory Traversal, as demonstrated by reading /etc/shadow. | ||||
| CVE-2019-6257 | 1 Std42 | 1 Elfinder | 2024-11-21 | 7.7 High |
| A Server Side Request Forgery (SSRF) vulnerability in elFinder before 2.1.46 could allow a malicious user to access the content of internal network resources. This occurs in get_remote_contents() in php/elFinder.class.php. | ||||
| CVE-2019-6245 | 3 Antigrain, Debian, Svgpp | 3 Agg, Debian Linux, Svgpp | 2024-11-21 | 8.8 High |
| An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SVG++ (aka svgpp) 1.2.3. In the function agg::cell_aa::not_equal, dx is assigned to (x2 - x1). If dx >= dx_limit, which is (16384 << poly_subpixel_shift), this function will call itself recursively. There can be a situation where (x2 - x1) is always bigger than dx_limit during the recursion, leading to continual stack consumption. | ||||
| CVE-2019-6239 | 1 Apple | 1 Mac Os X | 2024-11-21 | 7.8 High |
| This issue was addressed with improved handling of file metadata. This issue is fixed in macOS Mojave 10.14.4. A malicious application may bypass Gatekeeper checks. | ||||
| CVE-2019-6238 | 1 Apple | 1 Mac Os X | 2024-11-21 | 7.8 High |
| A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. Processing a maliciously crafted package may lead to arbitrary code execution. | ||||
| CVE-2019-6237 | 2 Apple, Redhat | 7 Icloud, Iphone Os, Itunes and 4 more | 2024-11-21 | 8.8 High |
| Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2019-6236 | 1 Apple | 1 Icloud | 2024-11-21 | 7.5 High |
| A race condition existed during the installation of iCloud for Windows. This was addressed with improved state handling. This issue is fixed in iCloud for Windows 7.11. Running the iCloud installer in an untrusted directory may result in arbitrary code execution. | ||||
| CVE-2019-6232 | 1 Apple | 1 Icloud | 2024-11-21 | 7.5 High |
| A race condition existed during the installation of iTunes for Windows. This was addressed with improved state handling. This issue is fixed in iCloud for Windows 7.11. Running the iTunes installer in an untrusted directory may result in arbitrary code execution. | ||||
| CVE-2019-6201 | 1 Apple | 5 Icloud, Iphone Os, Itunes and 2 more | 2024-11-21 | 8.8 High |
| Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2019-6193 | 1 Lenovo | 1 Xclarity Administrator | 2024-11-21 | 7.5 High |
| An information disclosure vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions prior to 2.6.6 that could allow unauthenticated access to some configuration files which may contain usernames, license keys, IP addresses, and encrypted password hashes. | ||||
| CVE-2019-6191 | 1 Lenovo | 1 Paper | 2024-11-21 | 7.8 High |
| A potential vulnerability in the discontinued LenovoPaper software version 1.0.0.22 may allow local privilege escalation. | ||||
| CVE-2019-6189 | 1 Lenovo | 1 System Interface Foundation | 2024-11-21 | 7.8 High |
| A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an administrative user to load an unsigned DLL. | ||||
| CVE-2019-6186 | 1 Lenovo | 1 System Interface Foundation | 2024-11-21 | 8.8 High |
| A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an authenticated user to execute code as another user. | ||||
| CVE-2019-6184 | 1 Lenovo | 1 Customer Engagement Service | 2024-11-21 | 7.8 High |
| A potential vulnerability in the discontinued Customer Engagement Service (CCSDK) software version 2.0.21.1 may allow local privilege escalation. | ||||
| CVE-2019-6183 | 1 Lenovo | 1 Energy Management | 2024-11-21 | 7.5 High |
| A denial of service vulnerability has been reported in Lenovo Energy Management Driver for Windows 10 versions prior to 15.11.29.7 that could cause systems to experience a blue screen error. Lenovo Energy Management is a client utility. Lenovo XClarity Energy Manager is not affected. | ||||
| CVE-2019-6179 | 1 Lenovo | 2 Xclarity Administrator, Xclarity Integrator | 2024-11-21 | 7.5 High |
| An XML External Entity (XXE) processing vulnerability was reported in Lenovo XClarity Administrator (LXCA) prior to version 2.5.0 , Lenovo XClarity Integrator (LXCI) for Microsoft System Center prior to version 7.7.0, and Lenovo XClarity Integrator (LXCI) for VMWare vCenter prior to version 6.1.0 that could allow information disclosure. | ||||
| CVE-2019-6176 | 1 Lenovo | 2 Thinkpad Usb-c Dock, Thinkpad Usb-c Dock Firmware | 2024-11-21 | 7.5 High |
| A potential vulnerability reported in ThinkPad USB-C Dock Firmware version 3.7.2 may allow a denial of service. | ||||