Total
8775 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-20616 | 1 Google | 1 Android | 2024-08-05 | 5.3 Medium |
| An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. Gallery leaks a thumbnail of Private Mode content. The Samsung ID is SVE-2018-13563 (March 2019). | ||||
| CVE-2019-19983 | 1 Fastvelocity | 1 Minify | 2024-08-05 | 4.3 Medium |
| In the WordPress plugin, Fast Velocity Minify before 2.7.7, the full web root path to the running WordPress application can be discovered. In order to exploit this vulnerability, FVM Debug Mode needs to be enabled and an admin-ajax request needs to call the fastvelocity_min_files action. | ||||
| CVE-2019-19947 | 4 Canonical, Debian, Linux and 1 more | 13 Ubuntu Linux, Debian Linux, Linux Kernel and 10 more | 2024-08-05 | 4.6 Medium |
| In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c. | ||||
| CVE-2019-19677 | 1 Arxes-tolina | 1 Arxes-tolina | 2024-08-05 | 4.3 Medium |
| arxes-tolina 3.0.0 allows User Enumeration. | ||||
| CVE-2019-19631 | 1 Bigswitch | 3 Big Cloud Fabric, Big Monitoring Fabric, Multi-cloud Director | 2024-08-05 | 8.8 High |
| An issue was discovered in Big Switch Big Monitoring Fabric 6.2 through 6.2.4, 6.3 through 6.3.9, 7.0 through 7.0.3, and 7.1 through 7.1.3; Big Cloud Fabric 4.5 through 4.5.5, 4.7 through 4.7.7, 5.0 through 5.0.1, and 5.1 through 5.1.4; and Multi-Cloud Director through 1.1.0. A read-only user can access sensitive information via an API endpoint that reveals session cookies of authenticated administrators, leading to privilege escalation. | ||||
| CVE-2019-19625 | 1 Ros | 1 Sros2 | 2024-08-05 | 5.3 Medium |
| SROS 2 0.8.1 (which provides the tools that generate and distribute keys for Robot Operating System 2 and uses the underlying security plugins of DDS from ROS 2) leaks node information due to a leaky default configuration as indicated in the policy/defaults/dds/governance.xml document. | ||||
| CVE-2019-19627 | 1 Ros | 1 Sros2 | 2024-08-05 | 5.3 Medium |
| SROS 2 0.8.1 (after CVE-2019-19625 is mitigated) leaks ROS 2 node-related information regardless of the rtps_protection_kind configuration. (SROS2 provides the tools to generate and distribute keys for Robot Operating System 2 and uses the underlying security plugins of DDS from ROS 2.) | ||||
| CVE-2019-19534 | 4 Canonical, Debian, Linux and 1 more | 5 Ubuntu Linux, Debian Linux, Linux Kernel and 2 more | 2024-08-05 | 2.4 Low |
| In the Linux kernel before 5.3.11, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver, aka CID-f7a1337f0d29. | ||||
| CVE-2019-19536 | 3 Debian, Linux, Opensuse | 3 Debian Linux, Linux Kernel, Leap | 2024-08-05 | 4.6 Medium |
| In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_pro.c driver, aka CID-ead16e53c2f0. | ||||
| CVE-2019-19550 | 1 Senior | 1 Rubiweb | 2024-08-05 | 7.5 High |
| Remote Authentication Bypass in Senior Rubiweb 6.2.34.28 and 6.2.34.37 allows admin access to sensitive information of affected users using vulnerable versions. The attacker only needs to provide the correct URL. | ||||
| CVE-2019-19535 | 4 Debian, Linux, Opensuse and 1 more | 4 Debian Linux, Linux Kernel, Leap and 1 more | 2024-08-05 | 4.6 Medium |
| In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_fd.c driver, aka CID-30a8beeb3042. | ||||
| CVE-2019-19533 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-08-05 | 2.4 Low |
| In the Linux kernel before 5.3.4, there is an info-leak bug that can be caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c driver, aka CID-a10feaf8c464. | ||||
| CVE-2019-19499 | 2 Grafana, Redhat | 2 Grafana, Enterprise Linux | 2024-08-05 | 6.5 Medium |
| Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations. | ||||
| CVE-2019-19039 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-08-05 | 5.5 Medium |
| __btrfs_free_extent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfs_print_leaf in a certain ENOENT case, which allows local users to obtain potentially sensitive information about register values via the dmesg program. NOTE: The BTRFS development team disputes this issues as not being a vulnerability because “1) The kernel provide facilities to restrict access to dmesg - dmesg_restrict=1 sysctl option. So it's really up to the system administrator to judge whether dmesg access shall be disallowed or not. 2) WARN/WARN_ON are widely used macros in the linux kernel. If this CVE is considered valid this would mean there are literally thousands CVE lurking in the kernel - something which clearly is not the case. | ||||
| CVE-2019-19256 | 1 Gitlab | 1 Gitlab | 2024-08-05 | 5.3 Medium |
| GitLab Enterprise Edition (EE) 12.2 and later through 12.5 has Incorrect Access Control. | ||||
| CVE-2019-19254 | 1 Gitlab | 1 Gitlab | 2024-08-05 | 5.3 Medium |
| GitLab Community Edition (CE) and Enterprise Edition (EE). 9.6 and later through 12.5 has Incorrect Access Control. | ||||
| CVE-2019-19283 | 1 Siemens | 1 Xhq | 2024-08-05 | 5.3 Medium |
| A vulnerability has been identified in XHQ (All Versions < 6.1). The application's web server could expose non-sensitive information about the server's architecture. This could allow an attacker to adapt further attacks to the version in place. | ||||
| CVE-2019-19091 | 1 Hitachienergy | 1 Esoms | 2024-08-05 | 4.3 Medium |
| For ABB eSOMS versions 4.0 to 6.0.3, HTTPS responses contain comments with sensitive information about the application. An attacker might use this detail information to specifically craft the attack. | ||||
| CVE-2019-18987 | 1 Mediawiki | 1 Abusefilter | 2024-08-05 | 5.3 Medium |
| An issue was discovered in the AbuseFilter extension through 1.34 for MediaWiki. Once a specific abuse filter has (accidentally or otherwise) been made public, its previous versions can be exposed, thus potentially disclosing private or sensitive information within the filter's definition. | ||||
| CVE-2019-19007 | 1 Intelbras | 2 Iwr 3000n, Iwr 3000n Firmware | 2024-08-05 | 7.2 High |
| Intelbras IWR 3000N 1.8.7 devices allow disclosure of the administrator login name and password because v1/system/user is mishandled, a related issue to CVE-2019-17600. | ||||