Total
34053 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-20860 | 1 Mattermost | 1 Mattermost Server | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Mattermost Server before 5.14.0, 5.13.3, 5.12.6, and 5.9.4. It allows remote attackers to cause a denial of service (application hang) via a crafted SVG document. | |||||
| CVE-2019-20859 | 1 Mattermost | 1 Mattermost Server | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Mattermost Server before 5.15.0. Login access control can be bypassed via crafted input. | |||||
| CVE-2019-20857 | 1 Mattermost | 1 Mattermost Server | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Mattermost Server before 5.16.0. It allows attackers to cause a denial of service (markdown renderer hang) via many backtick characters. | |||||
| CVE-2019-20855 | 1 Mattermost | 1 Mattermost Server | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Mattermost Server before 5.16.1, 5.15.2, 5.14.5, and 5.9.6. It allows attackers to obtain sensitive information (local files) during legacy attachment migration. | |||||
| CVE-2019-20854 | 1 Mattermost | 1 Mattermost Server | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Mattermost Server before 5.17.0. It allows remote attackers to cause a denial of service (client-side application crash) via a LaTeX message. | |||||
| CVE-2019-20847 | 1 Mattermost | 1 Mattermost Server | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in Mattermost Server before 5.18.0. An attacker can send a user_typing WebSocket event to any channel. | |||||
| CVE-2019-20835 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It has homograph mishandling. | |||||
| CVE-2019-20832 | 1 Foxitsoftware | 1 Phantompdf | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| An issue was discovered in Foxit PhantomPDF before 8.3.10. It has homograph mishandling. | |||||
| CVE-2019-20809 | 1 Compound | 1 Price Oracle | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The price oracle in PriceOracle.sol in Compound Finance Compound Price Oracle 1.0 through 2.0 allows a price poster to set an invalid asset price via the setPrice function, and consequently violate the intended limits on price swings. | |||||
| CVE-2019-20784 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 (MTK chipsets) software. Interaction of GPS with 911 emergency calls is mishandled. The LG ID is LVE-SMP-180012 (January 2019). | |||||
| CVE-2019-20783 | 1 Google | 1 Android | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 (North America CDMA) software. The LTE protocol implementation allows a bypass of AKA (Authentication and Key Agreement). The LG ID is LVE-SMP-180014 (February 2019). | |||||
| CVE-2019-20779 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. A TrustZone trusted application can crash via crafted input. The LG ID is LVE-SMP-190003 (May 2019). | |||||
| CVE-2019-20777 | 2 Google, Lg | 3 Android, G7, V40 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. WapService mishandles OTA Provisioning on V40 and G7 devices. The LG ID is LVE-SMP-190006 (July 2019). | |||||
| CVE-2019-20776 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. A TZ trusted application can crash via crafted input. The LG ID is LVE-SMP-190005 (July 2019). | |||||
| CVE-2019-20774 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. A system service allows local retrieval of the user's password. The LG ID is LVE-SMP-190009 (August 2019). | |||||
| CVE-2019-20773 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. Unprivileged applications can execute shell commands via the connectivity service. The LG ID is LVE-SMP-190008 (August 2019). | |||||
| CVE-2019-20772 | 1 Google | 1 Android | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. The Account subsystem allows authorization bypass. The LG ID is LVE-SMP-190007 (August 2019). | |||||
| CVE-2019-20771 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. WapService allows unconfirmed configuration changes via a modified OMACP message. The LG ID is LVE-SMP-190006 (August 2019). | |||||
| CVE-2019-20760 | 1 Netgear | 2 R9000, R9000 Firmware | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
| NETGEAR R9000 devices before 1.0.4.26 are affected by authentication bypass. | |||||
| CVE-2019-20744 | 1 Netgear | 2 Wac510, Wac510 Firmware | 2024-11-21 | 2.7 LOW | 4.5 MEDIUM |
| NETGEAR WAC510 devices before 5.0.10.2 are affected by disclosure of sensitive information. | |||||