Total
10067 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-7959 | 3 Adobe, Apple, Microsoft | 3 Creative Cloud, Mac Os X, Windows | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
| Creative Cloud Desktop Application versions 4.6.1 and earlier have a using components with known vulnerabilities vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-1844 | 1 Cisco | 1 Email Security Appliance | 2024-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability in certain attachment detection mechanisms of the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the filtering functionality of an affected device. The vulnerability is due to improper detection of certain content sent to an affected device. An attacker could exploit this vulnerability by sending certain file types without Content-Disposition information to an affected device. A successful exploit could allow an attacker to send messages that contain malicious content to users. | |||||
| CVE-2018-20882 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 6.6 MEDIUM | 6.8 MEDIUM |
| cPanel before 74.0.8 allows arbitrary file-write operations in the context of the root account during WHM Force Password Change (SEC-447). | |||||
| CVE-2019-15640 | 1 Limesurvey | 1 Limesurvey | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| Limesurvey before 3.17.10 does not validate both the MIME type and file extension of an image. | |||||
| CVE-2018-12215 | 1 Intel | 1 Graphics Driver | 2024-02-04 | 2.1 LOW | 6.0 MEDIUM |
| Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables a privileged user to cause a denial of service via local access. | |||||
| CVE-2018-4304 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-02-04 | 4.3 MEDIUM | 5.0 MEDIUM |
| A denial of service issue was addressed with improved validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. | |||||
| CVE-2016-10771 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 5.5 MEDIUM | 8.1 HIGH |
| cPanel before 60.0.25 allows file-create and file-chmod operations during ModSecurity Audit logfile processing (SEC-165). | |||||
| CVE-2019-9601 | 1 Apowersoft | 1 Apowermanager | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| The ApowerManager application through 3.1.7 for Android allows remote attackers to cause a denial of service via many simultaneous /?Key=PhoneRequestAuthorization requests. | |||||
| CVE-2019-9785 | 1 Gitnoteapp | 1 Gitnote | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| gitnote 3.1.0 allows remote attackers to execute arbitrary code via a crafted Markdown file, as demonstrated by a javascript:window.parent.top.require('child_process').execFile substring in the onerror attribute of an IMG element. | |||||
| CVE-2018-4398 | 2 Apple, Microsoft | 7 Icloud, Iphone Os, Itunes and 4 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| An issue existed in the method for determining prime numbers. This issue was addressed by using pseudorandom bases for testing of primes. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1, iCloud for Windows 7.8. | |||||
| CVE-2019-13449 | 1 Zoom | 1 Zoom | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| In the Zoom Client before 4.4.2 on macOS, remote attackers can cause a denial of service (continual focus grabs) via a sequence of invalid launch?action=join&confno= requests to localhost port 19421. | |||||
| CVE-2016-10804 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 8.7 HIGH | 8.1 HIGH |
| The SQLite journal feature in cPanel before 57.9999.54 allows arbitrary file-overwrite operations during Horde Restore (SEC-58). | |||||
| CVE-2009-5158 | 1 Sumo | 1 Google Analyticator | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| The google-analyticator plugin before 5.2.1 for WordPress has insufficient HTML sanitization for Google Analytics API text. | |||||
| CVE-2018-20864 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 6.4 MEDIUM | 6.5 MEDIUM |
| cPanel before 76.0.8 allows a persistent Virtual FTP accounts after removal of its associated domain (SEC-454). | |||||
| CVE-2019-3571 | 1 Whatsapp | 1 Whatsapp | 2024-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| An input validation issue affected WhatsApp Desktop versions prior to 0.3.3793 which allows malicious clients to send files to users that would be displayed with a wrong extension. | |||||
| CVE-2018-12211 | 1 Intel | 1 Graphics Driver | 2024-02-04 | 2.1 LOW | 6.5 MEDIUM |
| Insufficient input validation in User Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to cause a denial of service via local access. | |||||
| CVE-2018-4313 | 1 Apple | 3 Iphone Os, Tvos, Watchos | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
| A consistency issue existed in the handling of application snapshots. The issue was addressed with improved handling of message deletions. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5. | |||||
| CVE-2018-4439 | 2 Apple, Microsoft | 5 Icloud, Iphone Os, Itunes and 2 more | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| A logic issue was addressed with improved validation. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. | |||||
| CVE-2018-4305 | 1 Apple | 3 Iphone Os, Tvos, Watchos | 2024-02-04 | 3.3 LOW | 6.5 MEDIUM |
| An input validation issue was addressed with improved input validation. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5. | |||||
| CVE-2019-11123 | 1 Intel | 13 Compute Card Cd1c64gk, Compute Card Cd1iv128mk, Compute Card Cd1m3128mk and 10 more | 2024-02-04 | 4.6 MEDIUM | 6.7 MEDIUM |
| Insufficient session validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access. | |||||