Total
32127 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-5781 | 4 Debian, Fedoraproject, Google and 1 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. | |||||
| CVE-2019-5777 | 4 Debian, Fedoraproject, Google and 1 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. | |||||
| CVE-2019-5776 | 4 Debian, Fedoraproject, Google and 1 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. | |||||
| CVE-2019-5775 | 4 Debian, Fedoraproject, Google and 1 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. | |||||
| CVE-2019-5771 | 3 Fedoraproject, Google, Redhat | 5 Fedora, Chrome, Enterprise Linux Desktop and 2 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An incorrect JIT of GLSL shaders in SwiftShader in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code via a crafted HTML page. | |||||
| CVE-2019-5766 | 4 Debian, Fedoraproject, Google and 1 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Incorrect handling of origin taint checking in Canvas in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2019-5702 | 2 Microsoft, Nvidia | 2 Windows, Geforce Experience | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
| NVIDIA GeForce Experience, all versions prior to 3.20.2, contains a vulnerability when GameStream is enabled in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges. | |||||
| CVE-2019-5697 | 1 Nvidia | 1 Virtual Gpu Manager | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
| NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in which it may grant a guest access to memory that it does not own, which may lead to information disclosure or denial of service. | |||||
| CVE-2019-5689 | 1 Nvidia | 1 Geforce Experience | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA GeForce Experience, all versions prior to 3.20.1, contains a vulnerability in the Downloader component in which a user with local system access can craft input that may allow malicious files to be downloaded and saved. This behavior may lead to code execution, denial of service, or information disclosure. | |||||
| CVE-2019-5688 | 2 Microsoft, Nvidia | 4 Windows, Gpumodeswitch, Nvflash and 1 more | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
| NVIDIA NVFlash, NVUFlash Tool prior to v5.588.0 and GPUModeSwitch Tool prior to 2019-11, NVIDIA kernel mode driver (nvflash.sys, nvflsh32.sys, and nvflsh64.sys) contains a vulnerability in which authenticated users with administrative privileges can gain access to device memory and registers of other devices not managed by NVIDIA, which may lead to escalation of privileges, information disclosure, or denial of service. | |||||
| CVE-2019-5686 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software uses an API function or data structure in a way that relies on properties that are not always guaranteed to be valid, which may lead to denial of service. | |||||
| CVE-2019-5682 | 2 Google, Nvidia | 2 Android, Shield Experience | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| NVIDIA Shield TV Experience prior to v8.0, contains a vulnerability in the NVIDIA Games App where it improperly exports an Activity but does not properly restrict which applications can launch the Activity, which may lead to code execution or denial of service. | |||||
| CVE-2019-5681 | 2 Google, Nvidia | 2 Android, Shield Experience | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| NVIDIA Shield TV Experience prior to v8.0, contains a vulnerability in the custom NVIDIA API used in the mount system service where user data could be overridden, which may lead to code execution, denial of service, or information disclosure. | |||||
| CVE-2019-5616 | 1 Broadcastboxes | 2 Scion-8, Scion-8 Firmware | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| CircuitWerkes Sicon-8, a hardware device used for managing electrical devices, ships with a web-based front-end controller and implements an authentication mechanism in JavaScript that is run in the context of a user's web browser. | |||||
| CVE-2019-5596 | 1 Freebsd | 1 Freebsd | 2024-11-21 | 7.2 HIGH | 8.8 HIGH |
| In FreeBSD 11.2-STABLE after r338618 and before r343786, 12.0-STABLE before r343781, and 12.0-RELEASE before 12.0-RELEASE-p3, a bug in the reference count implementation for UNIX domain sockets can cause a file structure to be incorrectly released potentially allowing a malicious local user to gain root privileges or escape from a jail. | |||||
| CVE-2019-5585 | 1 Forticlient | 1 Forticlient | 2024-11-21 | 3.6 LOW | 6.1 MEDIUM |
| An improper access control vulnerability in FortiClientMac before 6.0.5 may allow an attacker to affect the application's performance via modifying the contents of a file used by several FortiClientMac processes. | |||||
| CVE-2019-5542 | 1 Vmware | 2 Fusion, Workstation | 2024-11-21 | 4.0 MEDIUM | 7.7 HIGH |
| VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain a denial-of-service vulnerability in the RPC handler. Successful exploitation of this issue may allow attackers with normal user privileges to create a denial-of-service condition on their own VM. | |||||
| CVE-2019-5536 | 1 Vmware | 3 Esxi, Fusion, Workstation | 2024-11-21 | 3.5 LOW | 6.5 MEDIUM |
| VMware ESXi (6.7 before ESXi670-201908101-SG and 6.5 before ESXi650-201910401-SG), Workstation (15.x before 15.5.0) and Fusion (11.x before 11.5.0) contain a denial-of-service vulnerability in the shader functionality. Successful exploitation of this issue may allow attackers with normal user privileges to create a denial-of-service condition on their own VM. Exploitation of this issue require an attacker to have access to a virtual machine with 3D graphics enabled. It is not enabled by default on ESXi and is enabled by default on Workstation and Fusion. | |||||
| CVE-2019-5535 | 1 Vmware | 2 Fusion, Workstation | 2024-11-21 | 2.9 LOW | 4.7 MEDIUM |
| VMware Workstation and Fusion contain a network denial-of-service vulnerability due to improper handling of certain IPv6 packets. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.7. | |||||
| CVE-2019-5530 | 1 Bitrock | 1 Installbuilder | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Windows binaries generated with InstallBuilder versions earlier than 19.7.0 are vulnerable to tampering even if they contain a valid Authenticode signature. | |||||