Total
13459 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-8562 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-11-21 | 6.8 MEDIUM | 9.6 CRITICAL |
|
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows. A sandboxed process may be able to circumvent sandbox restrictions.
|
|||||
| CVE-2019-8559 | 1 Apple | 6 Icloud, Iphone Os, Itunes and 3 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
|
|||||
| CVE-2019-8558 | 1 Apple | 6 Icloud, Iphone Os, Itunes and 3 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
|
|||||
| CVE-2019-8553 | 1 Apple | 3 Iphone Os, Tvos, Watchos | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2. Clicking a malicious SMS link may lead to arbitrary code execution.
|
|||||
| CVE-2019-8545 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-11-21 | 6.6 MEDIUM | 7.1 HIGH |
|
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A local user may be able to cause unexpected system termination or read kernel memory.
|
|||||
| CVE-2019-8544 | 2 Apple, Redhat | 9 Icloud, Iphone Os, Itunes and 6 more | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
|
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
|
|||||
| CVE-2019-8536 | 2 Apple, Redhat | 9 Icloud, Iphone Os, Itunes and 6 more | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
|
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
|
|||||
| CVE-2019-8535 | 2 Apple, Redhat | 8 Icloud, Iphone Os, Itunes and 5 more | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
|
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
|
|||||
| CVE-2019-8534 | 1 Apple | 1 Mac Os X | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
|
A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. A malicious application may be able to execute arbitrary code with kernel privileges.
|
|||||
| CVE-2019-8529 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. An application may be able to execute arbitrary code with kernel privileges.
|
|||||
| CVE-2019-8525 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
|
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An application may be able to execute arbitrary code with kernel privileges.
|
|||||
| CVE-2019-8524 | 1 Apple | 5 Icloud, Iphone Os, Itunes and 2 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
|
|||||
| CVE-2019-8523 | 1 Apple | 5 Icloud, Iphone Os, Itunes and 2 more | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
|
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
|
|||||
| CVE-2019-8518 | 1 Apple | 6 Icloud, Iphone Os, Itunes and 3 more | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
|
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
|
|||||
| CVE-2019-8359 | 2 Contiki-ng, Contiki-os | 2 Contiki-ng, Contiki | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered in Contiki-NG through 4.3 and Contiki through 3.0. An out of bounds write is present in the data section during 6LoWPAN fragment re-assembly in the face of forged fragment offsets in os/net/ipv6/sicslowpan.c.
|
|||||
| CVE-2019-8356 | 1 Sound Exchange Project | 1 Sound Exchange | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 in fft4g.c is not guarded, such that it can lead to write access outside of the statically declared array, aka a stack-based buffer overflow.
|
|||||
| CVE-2019-8355 | 1 Sound Exchange Project | 1 Sound Exchange | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integer overflow on the result of multiplication fed into the lsx_valloc macro that wraps malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow in channels_start in remix.c.
|
|||||
| CVE-2019-8354 | 3 Canonical, Debian, Sound Exchange Project | 3 Ubuntu Linux, Debian Linux, Sound Exchange | 2024-11-21 | 4.3 MEDIUM | 5.0 MEDIUM |
|
An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c has an integer overflow on the result of multiplication fed into malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow.
|
|||||
| CVE-2019-8285 | 1 Kaspersky | 1 Antivirus Engine | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
|
Kaspersky Lab Antivirus Engine version before 04.apr.2019 has a heap-based buffer overflow vulnerability that potentially allow arbitrary code execution
|
|||||
| CVE-2019-8280 | 1 Uvnc | 1 Ultravnc | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside RAW decoder, which can potentially result code execution. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204.
|
|||||
| CVE-2019-8276 | 2 Siemens, Uvnc | 4 Sinumerik Access Mymachine\/p2p, Sinumerik Pcu Base Win10 Software\/ipc, Sinumerik Pcu Base Win7 Software\/ipc and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
UltraVNC revision 1211 has a stack buffer overflow vulnerability in VNC server code inside file transfer request handler, which can result in Denial of Service (DoS). This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212.
|
|||||
| CVE-2019-8274 | 2 Siemens, Uvnc | 4 Sinumerik Access Mymachine\/p2p, Sinumerik Pcu Base Win10 Software\/ipc, Sinumerik Pcu Base Win7 Software\/ipc and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer offer handler, which can potentially in result code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212.
|
|||||
| CVE-2019-8273 | 2 Siemens, Uvnc | 4 Sinumerik Access Mymachine\/p2p, Sinumerik Pcu Base Win10 Software\/ipc, Sinumerik Pcu Base Win7 Software\/ipc and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer request handler, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212.
|
|||||
| CVE-2019-8271 | 2 Siemens, Uvnc | 4 Sinumerik Access Mymachine\/p2p, Sinumerik Pcu Base Win10 Software\/ipc, Sinumerik Pcu Base Win7 Software\/ipc and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer handler, which can potentially result code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212.
|
|||||
| CVE-2019-8269 | 2 Siemens, Uvnc | 4 Sinumerik Access Mymachine\/p2p, Sinumerik Pcu Base Win10 Software\/ipc, Sinumerik Pcu Base Win7 Software\/ipc and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
UltraVNC revision 1206 has stack-based Buffer overflow vulnerability in VNC client code inside FileTransfer module, which leads to a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1207.
|
|||||
| CVE-2019-8266 | 1 Uvnc | 1 Ultravnc | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of ClientConnection::Copybuffer function in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. User interaction is required to trigger these vulnerabilities. These vulnerabilities have been fixed in revision 1208.
|
|||||
| CVE-2019-8265 | 1 Uvnc | 1 Ultravnc | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of SETPIXELS macro in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1208.
|
|||||
| CVE-2019-8264 | 1 Uvnc | 1 Ultravnc | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204.
|
|||||
| CVE-2019-8263 | 2 Siemens, Uvnc | 4 Sinumerik Access Mymachine\/p2p, Sinumerik Pcu Base Win10 Software\/ipc, Sinumerik Pcu Base Win7 Software\/ipc and 1 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
UltraVNC revision 1205 has stack-based buffer overflow vulnerability in VNC client code inside ShowConnInfo routine, which leads to a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. User interaction is required to trigger this vulnerability. This vulnerability has been fixed in revision 1206.
|
|||||
| CVE-2019-8262 | 2 Siemens, Uvnc | 4 Sinumerik Access Mymachine\/p2p, Sinumerik Pcu Base Win10 Software\/ipc, Sinumerik Pcu Base Win7 Software\/ipc and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
UltraVNC revision 1203 has multiple heap buffer overflow vulnerabilities in VNC client code inside Ultra decoder, which results in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1204.
|
|||||
| CVE-2019-8258 | 2 Siemens, Uvnc | 4 Sinumerik Access Mymachine\/p2p, Sinumerik Pcu Base Win10 Software\/ipc, Sinumerik Pcu Base Win7 Software\/ipc and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
UltraVNC revision 1198 has a heap buffer overflow vulnerability in VNC client code which results code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1199.
|
|||||
| CVE-2019-8254 | 3 Adobe, Apple, Microsoft | 3 Photoshop Cc, Macos, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
Adobe Photoshop CC versions before 20.0.8 and 21.0.x before 21.0.2 have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
|
|||||
| CVE-2019-8253 | 3 Adobe, Apple, Microsoft | 3 Photoshop Cc, Macos, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
Adobe Photoshop CC versions before 20.0.8 and 21.0.x before 21.0.2 have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
|
|||||
| CVE-2019-8248 | 3 Adobe, Apple, Microsoft | 3 Illustrator Cc, Macos, Windows | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Adobe Illustrator CC versions 23.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution .
|
|||||
| CVE-2019-8247 | 3 Adobe, Apple, Microsoft | 3 Illustrator Cc, Macos, Windows | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Adobe Illustrator CC versions 23.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution .
|
|||||
| CVE-2019-8240 | 3 Adobe, Apple, Microsoft | 3 Bridge Cc, Macos, Windows | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Adobe Bridge CC versions 9.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to information disclosure.
|
|||||
| CVE-2019-8239 | 3 Adobe, Apple, Microsoft | 3 Bridge Cc, Macos, Windows | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Adobe Bridge CC versions 9.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to information disclosure.
|
|||||
| CVE-2019-8206 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .
|
|||||
| CVE-2019-8199 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .
|
|||||
| CVE-2019-8197 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .
|
|||||