Search Results (Refine Search)
- Category (CWE): CWE-20 Improper Input Validation
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2019-11102 |
Insufficient input validation in Intel(R) DAL software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access. Published: December 18, 2019; 5:15:12 PM -0500 |
V4.0:(not available) V3.1: 4.4 MEDIUM V2.0: 2.1 LOW |
CVE-2019-11101 |
Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access. Published: December 18, 2019; 5:15:12 PM -0500 |
V4.0:(not available) V3.1: 4.4 MEDIUM V2.0: 2.1 LOW |
CVE-2019-11100 |
Insufficient input validation in the subsystem for Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable information disclosure via physical access. Published: December 18, 2019; 5:15:12 PM -0500 |
V4.0:(not available) V3.1: 4.6 MEDIUM V2.0: 2.1 LOW |
CVE-2019-11088 |
Insufficient input validation in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. Published: December 18, 2019; 5:15:12 PM -0500 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0: 5.8 MEDIUM |
CVE-2019-11087 |
Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege, information disclosure or denial of service via local access. Published: December 18, 2019; 5:15:12 PM -0500 |
V4.0:(not available) V3.1: 6.7 MEDIUM V2.0: 4.6 MEDIUM |
CVE-2019-11086 |
Insufficient input validation in subsystem for Intel(R) AMT before version 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. Published: December 18, 2019; 5:15:12 PM -0500 |
V4.0:(not available) V3.1: 6.8 MEDIUM V2.0: 4.6 MEDIUM |
CVE-2019-0168 |
Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45 and 13.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access. Published: December 18, 2019; 5:15:11 PM -0500 |
V4.0:(not available) V3.1: 4.4 MEDIUM V2.0: 2.1 LOW |
CVE-2019-0166 |
Insufficient input validation in the subsystem for Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable information disclosure via network access. Published: December 18, 2019; 5:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2019-0165 |
Insufficient Input validation in the subsystem for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow a privileged user to potentially enable denial of service via local access. Published: December 18, 2019; 5:15:11 PM -0500 |
V4.0:(not available) V3.1: 4.4 MEDIUM V2.0: 2.1 LOW |
CVE-2019-0131 |
Insufficient input validation in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access. Published: December 18, 2019; 5:15:11 PM -0500 |
V4.0:(not available) V3.1: 8.1 HIGH V2.0: 4.8 MEDIUM |
CVE-2019-18995 |
The HMISimulator component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier fails to validate the content-length field for HTTP requests, exposing HMISimulator to denial of service via crafted HTTP requests manipulating the content-length setting. Published: December 18, 2019; 4:15:13 PM -0500 |
V4.0:(not available) V3.1: 5.3 MEDIUM V2.0: 5.0 MEDIUM |
CVE-2019-18994 |
Due to a lack of file length check, the HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier crashes when trying to load an empty *.JPR application file. An attacker with access to the file system might be able to cause application malfunction such as denial of service. Published: December 18, 2019; 4:15:13 PM -0500 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0: 3.5 LOW |
CVE-2019-8817 |
A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Catalina 10.15.1. An application may be able to read restricted memory. Published: December 18, 2019; 1:15:44 PM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-8802 |
A validation issue was addressed with improved logic. This issue is fixed in macOS Catalina 10.15.1. A malicious application may be able to gain root privileges. Published: December 18, 2019; 1:15:42 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 9.3 HIGH |
CVE-2019-8794 |
A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to read restricted memory. Published: December 18, 2019; 1:15:42 PM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-8788 |
An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1. Improper URL processing may lead to data exfiltration. Published: December 18, 2019; 1:15:41 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2019-8724 |
Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege. Published: December 18, 2019; 1:15:37 PM -0500 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0: 9.3 HIGH |
CVE-2019-8723 |
Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege. Published: December 18, 2019; 1:15:36 PM -0500 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0: 9.3 HIGH |
CVE-2019-8722 |
Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege. Published: December 18, 2019; 1:15:36 PM -0500 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0: 9.3 HIGH |
CVE-2019-8721 |
Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege. Published: December 18, 2019; 1:15:36 PM -0500 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0: 9.3 HIGH |