Total
32127 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-6171 | 1 Lenovo | 296 20a7, 20a7 Firmware, 20a8 and 293 more | 2024-11-21 | 7.2 HIGH | 6.8 MEDIUM |
| A vulnerability was reported in various BIOS versions of older ThinkPad systems that could allow a user with administrative privileges or physical access the ability to update the Embedded Controller with unsigned firmware. | |||||
| CVE-2019-6170 | 1 Lenovo | 784 130-14ikb, 130-14ikb Firmware, 130-15ikb and 781 more | 2024-11-21 | 4.4 MEDIUM | 6.4 MEDIUM |
| A potential vulnerability in the SMI callback function used in the Legacy USB driver using boot services structure in runtime phase in some Lenovo ThinkPad models may allow arbitrary code execution. | |||||
| CVE-2019-6168 | 1 Lenovo | 8 Ideacentre, Ideapad, Service Bridge and 5 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability reported in Lenovo Service Bridge before version 4.1.0.1 could allow remote code execution. | |||||
| CVE-2019-6167 | 1 Lenovo | 8 Ideacentre, Ideapad, Service Bridge and 5 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability reported in Lenovo Service Bridge before version 4.1.0.1 could allow remote code execution. | |||||
| CVE-2019-6160 | 1 Lenovo | 13 Home Media Network Hard Drive, Home Media Network Hard Drive Firmware, Ix12-300r and 10 more | 2024-11-21 | 5.0 MEDIUM | 8.8 HIGH |
| A vulnerability in various versions of Iomega and LenovoEMC NAS products could allow an unauthenticated user to access files on NAS shares via the API. | |||||
| CVE-2019-6155 | 1 Ibm | 8 Bladecenter Hs23, Bladecenter Hs23 Firmware, System X3530 M4 and 5 more | 2024-11-21 | 7.8 HIGH | 4.1 MEDIUM |
| A potential vulnerability was found in an SMI handler in various BIOS versions of certain legacy IBM System x and IBM BladeCenter systems that could lead to denial of service. | |||||
| CVE-2019-6140 | 1 Forcepoint | 1 Email Security | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A configuration issue has been discovered in Forcepoint Email Security 8.4.x and 8.5.x: the product is left in a vulnerable state if the hybrid registration process is not completed. | |||||
| CVE-2019-6136 | 1 Mz-automation | 1 Libiec61850 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue has been found in libIEC61850 v1.3.1. Ethernet_setProtocolFilter in hal/ethernet/linux/ethernet_linux.c has a SEGV, as demonstrated by sv_subscriber_example.c and sv_subscriber.c. | |||||
| CVE-2019-6116 | 6 Artifex, Canonical, Debian and 3 more | 11 Ghostscript, Ubuntu Linux, Debian Linux and 8 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution. | |||||
| CVE-2019-6026 | 1 Motex | 4 Lanscope An, Lanscope Cat Client Program, Lanscope Cat Detection Agent and 1 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Privilege escalation vulnerability in Multiple MOTEX products (LanScope Cat client program (MR) and LanScope Cat client program (MR)LanScope Cat detection agent (DA) prior to Ver.9.2.1.0, LanScope Cat server monitoring agent (SA, SAE) prior to Ver.9.2.2.0, LanScope An prior to Ver 2.7.7.0 (LanScope An 2 series), and LanScope An prior to Ver 3.0.8.1 (LanScope An 3 series)) allow authenticated attackers to obtain unauthorized privileges and execute arbitrary code. | |||||
| CVE-2019-6023 | 1 Cybozu | 1 Office | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Cybozu Office 10.0.0 to 10.8.3 allows remote authenticated attackers to bypass access restriction which may result in obtaining data without access privileges via the application 'Address'. | |||||
| CVE-2019-6017 | 1 Remise | 1 Payment Module | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| REMISE Payment Module (2.11, 2.12 and 2.13) version 3.0.12 and earlier allow remote attackers to [Disclosed_Information_type] via unspecified vectors. | |||||
| CVE-2019-6005 | 1 Kddi | 2 Smart Tv Box, Smart Tv Box Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Smart TV Box firmware version prior to 1300 allows remote attackers to bypass access restriction to conduct arbitrary operations on the device without user's intent, such as installing arbitrary software or changing the device settings via Android Debug Bridge port 5555/TCP. | |||||
| CVE-2019-5981 | 1 Sony | 1 Vaio Update | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Improper authorization vulnerability in VAIO Update 7.3.0.03150 and earlier allows an attackers to execute arbitrary executable file with administrative privilege via unspecified vectors. | |||||
| CVE-2019-5955 | 1 Create-sd | 1 Create Sd | 2024-11-21 | 5.8 MEDIUM | 5.4 MEDIUM |
| CREATE SD official App for Android version 1.0.2 and earlier allows remote attackers to bypass access restriction to lead a user to access an arbitrary website via vulnerable application and conduct phishing attacks. | |||||
| CVE-2019-5954 | 1 Jreast | 1 Jr East Japan | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| JR East Japan train operation information push notification App for Android version 1.2.4 and earlier allows remote attackers to bypass access restriction to obtain or alter the user's registered information via unspecified vectors. | |||||
| CVE-2019-5945 | 1 Cybozu | 1 Garoon | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| Cybozu Garoon 4.2.4 to 4.10.1 allow remote attackers to obtain the users' credential information via the authentication of Cybozu Garoon. | |||||
| CVE-2019-5944 | 1 Cybozu | 1 Garoon | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to bypass access restriction alter the contents of application 'Address' without modify privileges via the application 'Address'. | |||||
| CVE-2019-5943 | 1 Cybozu | 1 Garoon | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to bypass access restriction to view the information without view privileges via the application 'Bulletin' and the application 'Cabinet'. | |||||
| CVE-2019-5942 | 1 Cybozu | 1 Garoon | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to bypass access restriction to obtain files without access privileges via the Multiple Files Download function of application 'Cabinet'. | |||||