Total
7856 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-6215 | 3 Apple, Canonical, Microsoft | 8 Icloud, Iphone Os, Itunes and 5 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2019-6212 | 3 Apple, Canonical, Microsoft | 7 Icloud, Iphone Os, Itunes and 4 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2019-5913 | 2 Micco, Microsoft | 2 Lhmelting, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in the installer of LHMelting (LHMelting for Win32 Ver 1.65.3.6 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2019-5912 | 2 Micco, Microsoft | 2 Unarj32.dll, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in the installer of UNARJ32.DLL (UNARJ32.DLL for Win32 Ver 1.10.1.25 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2019-5911 | 2 Micco, Microsoft | 2 Unlha32.dll, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in the installer of UNLHA32.DLL (UNLHA32.DLL for Win32 Ver 2.67.1.2 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2019-5874 | 2 Google, Microsoft | 2 Chrome, Windows | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Insufficient filtering in URI schemes in Google Chrome on Windows prior to 77.0.3865.75 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | |||||
| CVE-2019-5859 | 2 Google, Microsoft | 2 Chrome, Windows | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Insufficient filtering in URI schemes in Google Chrome on Windows prior to 76.0.3809.87 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | |||||
| CVE-2019-5817 | 5 Debian, Fedoraproject, Google and 2 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2019-5806 | 5 Debian, Fedoraproject, Google and 2 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Integer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2019-5804 | 3 Google, Microsoft, Opensuse | 4 Chrome, Windows, Backports and 1 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Incorrect command line processing in Chrome in Google Chrome prior to 73.0.3683.75 allowed a local attacker to perform domain spoofing via a crafted domain name. | |||||
| CVE-2019-5702 | 2 Microsoft, Nvidia | 2 Windows, Geforce Experience | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
| NVIDIA GeForce Experience, all versions prior to 3.20.2, contains a vulnerability when GameStream is enabled in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges. | |||||
| CVE-2019-5695 | 2 Microsoft, Nvidia | 3 Windows, Geforce Experience, Gpu Driver | 2024-11-21 | 6.9 MEDIUM | 6.5 MEDIUM |
| NVIDIA GeForce Experience (prior to 3.20.1) and Windows GPU Display Driver (all versions) contains a vulnerability in the local service provider component in which an attacker with local system and privileged access can incorrectly load Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution. | |||||
| CVE-2019-5694 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-11-21 | 4.4 MEDIUM | 6.5 MEDIUM |
| NVIDIA Windows GPU Display Driver, R390 driver version, contains a vulnerability in NVIDIA Control Panel in which it incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution. The attacker requires local system access. | |||||
| CVE-2019-5693 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) in which the program accesses or uses a pointer that has not been initialized, which may lead to denial of service. | |||||
| CVE-2019-5692 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the product uses untrusted input when calculating or using an array index, which may lead to escalation of privileges or denial of service. | |||||
| CVE-2019-5691 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which a NULL pointer is dereferenced, which may lead to denial of service or escalation of privileges. | |||||
| CVE-2019-5690 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the size of an input buffer is not validated, which may lead to denial of service or escalation of privileges. | |||||
| CVE-2019-5688 | 2 Microsoft, Nvidia | 4 Windows, Gpumodeswitch, Nvflash and 1 more | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
| NVIDIA NVFlash, NVUFlash Tool prior to v5.588.0 and GPUModeSwitch Tool prior to 2019-11, NVIDIA kernel mode driver (nvflash.sys, nvflsh32.sys, and nvflsh64.sys) contains a vulnerability in which authenticated users with administrative privileges can gain access to device memory and registers of other devices not managed by NVIDIA, which may lead to escalation of privileges, information disclosure, or denial of service. | |||||
| CVE-2019-5687 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
| NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which an incorrect use of default permissions for an object exposes it to an unintended actor | |||||
| CVE-2019-5686 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software uses an API function or data structure in a way that relies on properties that are not always guaranteed to be valid, which may lead to denial of service. | |||||