National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

There are 125,877 matching records.
Displaying matches 61 through 80.
Vuln ID Summary CVSS Severity
CVE-2010-4653

An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts.

Published: November 13, 2019; 03:15:10 PM -05:00
(not available)
CVE-2019-16951

A remote file include (RFI) issue was discovered in Enghouse Web Chat 6.2.284.34. One can replace the localhost attribute with one's own domain name. When the product calls this domain after the POST request is sent, it retrieves an attacker's data and displays it. Also worth mentioning is the amount of information sent in the request from this product to the attacker: it reveals information the public should not have. This includes pathnames and internal ip addresses.

Published: November 13, 2019; 02:15:12 PM -05:00
(not available)
CVE-2019-16950

An XSS issue was discovered in Enghouse Web Chat 6.1.300.31 and 6.2.284.34. The QueueName parameter of a GET request allows for insertion of user-supplied JavaScript.

Published: November 13, 2019; 02:15:12 PM -05:00
(not available)
CVE-2013-3517

Cross-site scripting (XSS) vulnerability in NETGEAR WNR3500U and WNR3500L.

Published: November 13, 2019; 02:15:11 PM -05:00
(not available)
CVE-2010-4533

offlineimap before 6.3.4 added support for SSL server certificate validation but it is still possible to use SSL v2 protocol, which is a flawed protocol with multiple security deficiencies.

Published: November 13, 2019; 02:15:10 PM -05:00
(not available)
CVE-2019-2233

In getUserCount and getCount of UserSwitcherController.java, there is possible new user creation due to a logic error. This could lead to local escalation of privilege for an attacker who has physical access to the device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-140486529

Published: November 13, 2019; 01:15:12 PM -05:00
(not available)
CVE-2019-2214

In binder_transaction of binder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-136210786References: Upstream kernel

Published: November 13, 2019; 01:15:12 PM -05:00
(not available)
CVE-2019-2213

In binder_free_transaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-133758011References: Upstream kernel

Published: November 13, 2019; 01:15:12 PM -05:00
(not available)
CVE-2019-2212

In poisson_distribution of random, there is an out of bounds read. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-139690488

Published: November 13, 2019; 01:15:12 PM -05:00
(not available)
CVE-2019-2211

In createProjectionMapForQuery of TvProvider.java, there is possible SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-135269669

Published: November 13, 2019; 01:15:12 PM -05:00
(not available)
CVE-2019-2209

In BTA_DmPinReply of bta_dm_api.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-139287605

Published: November 13, 2019; 01:15:12 PM -05:00
(not available)
CVE-2019-2208

There is a possible out of bounds read in v8 JIT code due to a bug in code generation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9Android ID: A-138441919

Published: November 13, 2019; 01:15:11 PM -05:00
(not available)
CVE-2019-2207

In nfa_hci_handle_admin_gate_rsp of nfa_hci_act.cc, there is a possible out of bound write due to missing bounds checks. This could lead to local escalation of privilege with system execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-124524315

Published: November 13, 2019; 01:15:11 PM -05:00
(not available)
CVE-2019-2206

In rw_i93_sm_set_read_only of rw_i93.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-139188579

Published: November 13, 2019; 01:15:11 PM -05:00
(not available)
CVE-2019-2205

In ProxyResolverV8::SetPacScript of proxy_resolver_v8.cc, there is a possible memory corruption due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-139806216

Published: November 13, 2019; 01:15:11 PM -05:00
(not available)
CVE-2019-2204

In FindSharedFunctionInfo of objects.cc, there is a possible out of bounds read due to a mistake in AST traversal. This could lead to remote code execution in the pacprocessor with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9Android ID: A-138442295

Published: November 13, 2019; 01:15:11 PM -05:00
(not available)
CVE-2019-2203

In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-137370777

Published: November 13, 2019; 01:15:11 PM -05:00
(not available)
CVE-2019-2202

In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-137283376

Published: November 13, 2019; 01:15:11 PM -05:00
(not available)
CVE-2019-2201

In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-120551338

Published: November 13, 2019; 01:15:11 PM -05:00
(not available)
CVE-2019-2199

In createSessionInternal of PackageInstallerService.java, there is a possible permissions bypass. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-138650665

Published: November 13, 2019; 01:15:11 PM -05:00
(not available)