Total
12110 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-15244 | 1 Cisco | 4 Spa112, Spa112 Firmware, Spa122 and 1 more | 2024-02-04 | 5.2 MEDIUM | 8.0 HIGH |
| Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit these vulnerabilities by authenticating to the web-based management interface and sending crafted requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code with elevated privileges. Note: The web-based management interface is enabled by default. | |||||
| CVE-2019-0123 | 1 Intel | 294 Core I7-10510u, Core I7-10510u Firmware, Core I7-10510y and 291 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| Insufficient memory protection in Intel(R) 6th Generation Core Processors and greater, supporting SGX, may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-3710 | 2 Adobe, Microsoft | 2 Illustrator Cc, Windows | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| Adobe Illustrator CC versions 24.0 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-8701 | 1 Apple | 1 Mac Os X | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15. An application may be able to execute arbitrary code with system privileges. | |||||
| CVE-2020-3754 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2020-3711 | 2 Adobe, Microsoft | 2 Illustrator Cc, Windows | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| Adobe Illustrator CC versions 24.0 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-15246 | 1 Cisco | 4 Spa112, Spa112 Firmware, Spa122 and 1 more | 2024-02-04 | 5.2 MEDIUM | 8.0 HIGH |
| Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit these vulnerabilities by authenticating to the web-based management interface and sending crafted requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code with elevated privileges. Note: The web-based management interface is enabled by default. | |||||
| CVE-2019-15284 | 2 Cisco, Microsoft | 4 Webex Business Suite, Webex Meetings Online, Webex Meetings Server and 1 more | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist due to insufficient validation of certain elements with a Webex recording stored in either the Advanced Recording Format (ARF) or the Webex Recording Format (WRF). An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. | |||||
| CVE-2019-8798 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with system privileges. | |||||
| CVE-2020-0651 | 1 Microsoft | 2 Excel, Office 365 Proplus | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0650, CVE-2020-0653. | |||||
| CVE-2019-8555 | 1 Apple | 1 Mac Os X | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| A buffer overflow was addressed with improved size validation. This issue is fixed in macOS Mojave 10.14.4. A malicious application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2019-11400 | 1 Trendnet | 6 Tew-651br, Tew-651br Firmware, Tew-652brp and 3 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices. A buffer overflow occurs through the get_set.ccp ccp_act parameter. | |||||
| CVE-2019-19581 | 2 Fedoraproject, Xen | 2 Fedora, Xen | 2024-02-04 | 2.1 LOW | 6.5 MEDIUM |
| An issue was discovered in Xen through 4.12.x allowing 32-bit Arm guest OS users to cause a denial of service (out-of-bounds access) because certain bit iteration is mishandled. In a number of places bitmaps are being used by the hypervisor to track certain state. Iteration over all bits involves functions which may misbehave in certain corner cases: On 32-bit Arm accesses to bitmaps with bit a count which is a multiple of 32, an out of bounds access may occur. A malicious guest may cause a hypervisor crash or hang, resulting in a Denial of Service (DoS). All versions of Xen are vulnerable. 32-bit Arm systems are vulnerable. 64-bit Arm systems are not vulnerable. | |||||
| CVE-2019-15249 | 1 Cisco | 4 Spa112, Spa112 Firmware, Spa122 and 1 more | 2024-02-04 | 5.2 MEDIUM | 8.0 HIGH |
| Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit these vulnerabilities by authenticating to the web-based management interface and sending crafted requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code with elevated privileges. Note: The web-based management interface is enabled by default. | |||||
| CVE-2019-20053 | 2 Opensuse, Upx Project | 3 Backports, Leap, Upx | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| An invalid memory address dereference was discovered in the canUnpack function in p_mach.cpp in UPX 3.95 via a crafted Mach-O file. | |||||
| CVE-2015-5290 | 1 Ratbox | 1 Ircd-ratbox | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| A Denial of Service vulnerability exists in ircd-ratbox 3.0.9 in the MONITOR Command Handler. | |||||
| CVE-2019-8797 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with system privileges. | |||||
| CVE-2019-18236 | 1 We-con | 1 Plc Editor | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| Multiple buffer overflow vulnerabilities exist when the PLC Editor Version 1.3.5_20190129 processes project files. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application. | |||||
| CVE-2019-8785 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with system privileges. | |||||
| CVE-2019-10627 | 2 Hp, Qualcomm | 83 2dr21d, 2dr21d Firmware, D3q15a and 80 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Integer overflow to buffer overflow vulnerability in PostScript image handling code used by the PostScript- and PDF-compatible interpreters due to incorrect buffer size calculation. in PostScript and PDF printers that use IPS versions prior to 2019.2 in PostScript and PDF printers that use IPS versions prior to 2019.2 | |||||