Total
8775 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-10183 | 1 Redhat | 2 Enterprise Linux, Virt-manager | 2024-08-04 | N/A |
| Virt-install(1) utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interaction. This option accepts guest VM password as command line arguments, thus leaking them to others users on the system via process listing. It was introduced recently in the virt-manager v2.2.0 release. | ||||
| CVE-2019-10156 | 2 Debian, Redhat | 4 Debian Linux, Ansible, Ansible Engine and 1 more | 2024-08-04 | 5.4 Medium |
| A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variable may be disclosed. | ||||
| CVE-2019-10109 | 1 Gitlab | 1 Gitlab | 2024-08-04 | N/A |
| An Information Exposure issue (issue 1 of 2) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. EXIF geolocation data were not removed from images when uploaded to GitLab. As a result, anyone with access to the uploaded image could obtain its geolocation, device, and software version data (if present). | ||||
| CVE-2019-10083 | 1 Apache | 1 Nifi | 2024-08-04 | 5.3 Medium |
| When updating a Process Group via the API in NiFi versions 1.3.0 to 1.9.2, the response to the request includes all of its contents (at the top most level, not recursively). The response included details about processors and controller services which the user may not have had read access to. | ||||
| CVE-2019-9866 | 1 Gitlab | 1 Gitlab | 2024-08-04 | N/A |
| An issue was discovered in GitLab Community and Enterprise Edition 11.x before 11.7.7 and 11.8.x before 11.8.3. It allows Information Disclosure. | ||||
| CVE-2019-9824 | 2 Qemu, Redhat | 4 Qemu, Enterprise Linux, Openstack and 1 more | 2024-08-04 | N/A |
| tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c) in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure. | ||||
| CVE-2019-9753 | 1 Otrs | 1 Otrs | 2024-08-04 | N/A |
| An issue was discovered in Open Ticket Request System (OTRS) 7.x before 7.0.5. An attacker who is logged into OTRS as an agent or a customer user can use the search result screens to disclose information from invalid system entities. Following is the list of affected entities: Custom Pages, FAQ Articles, Service Catalogue Items, ITSM Configuration Items. | ||||
| CVE-2019-9541 | 1 Telos | 1 Automated Message Handling System | 2024-08-04 | 6.1 Medium |
| : Information Exposure vulnerability in itemlookup.asp of Telos Automated Message Handling System allows a remote attacker to inject arbitrary script into an AMHS session. This issue affects: Telos Automated Message Handling System versions prior to 4.1.5.5. | ||||
| CVE-2019-9337 | 1 Google | 1 Android | 2024-08-04 | 6.5 Medium |
| In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112204376 | ||||
| CVE-2019-9453 | 2 Canonical, Google | 2 Ubuntu Linux, Android | 2024-08-04 | 4.4 Medium |
| In the Android kernel in F2FS touch driver there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2019-9424 | 1 Google | 1 Android | 2024-08-04 | 7.5 High |
| In the Screen Lock, there is a possible information disclosure due to an unusual root cause. In certain circumstances, the setting to hide the unlock pattern can be ignored. Product: AndroidVersions: Android-10Android ID: A-110941092 | ||||
| CVE-2019-9444 | 1 Google | 1 Android | 2024-08-04 | N/A |
| In the Android kernel in sync debug fs driver there is a kernel pointer leak due to the usage of printf with %p. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2019-9461 | 1 Google | 1 Android | 2024-08-04 | 6.5 Medium |
| In the Android kernel in VPN routing there is a possible information disclosure. This could lead to remote information disclosure by an adjacent network attacker with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2019-9449 | 1 Google | 1 Android | 2024-08-04 | N/A |
| In the Android kernel in FingerTipS touchscreen driver there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2019-9455 | 3 Google, Opensuse, Redhat | 3 Android, Leap, Enterprise Linux | 2024-08-04 | 2.3 Low |
| In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON statement. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2019-9452 | 1 Google | 1 Android | 2024-08-04 | 4.4 Medium |
| In the Android kernel in SEC_TS touch driver there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2019-9433 | 6 Canonical, Debian, Fedoraproject and 3 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2024-08-04 | 6.5 Medium |
| In libvpx, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-80479354 | ||||
| CVE-2019-9445 | 3 Canonical, Debian, Google | 3 Ubuntu Linux, Debian Linux, Android | 2024-08-04 | 4.4 Medium |
| In the Android kernel in F2FS driver there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2019-9336 | 1 Google | 1 Android | 2024-08-04 | 6.5 Medium |
| In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112326322 | ||||
| CVE-2019-9338 | 1 Google | 1 Android | 2024-08-04 | 6.5 Medium |
| In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111762686 | ||||