Export limit exceeded: 26078 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (26078 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-11991 | 1 Hp | 2 3par Service Processor, 3par Service Processor Firmware | 2024-11-21 | N/A |
| HPE has identified a vulnerability in HPE 3PAR Service Processor (SP) version 4.1 through 4.4. HPE 3PAR Service Processor (SP) version 4.1 through 4.4 has a remote information disclosure vulnerability which can allow for the disruption of the confidentiality, integrity and availability of the Service Processor and any managed 3PAR arrays. | ||||
| CVE-2019-11980 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | N/A |
| A remote code exection vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | ||||
| CVE-2019-11968 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | N/A |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | ||||
| CVE-2019-11967 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | N/A |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | ||||
| CVE-2019-11884 | 6 Canonical, Debian, Fedoraproject and 3 more | 13 Ubuntu Linux, Debian Linux, Fedora and 10 more | 2024-11-21 | 3.3 Low |
| The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character. | ||||
| CVE-2019-11857 | 1 Sierrawireless | 13 Airlink Es440, Airlink Es450, Airlink Gx400 and 10 more | 2024-11-21 | 9.1 Critical |
| Lack of input sanitization in AceManager of ALEOS before 4.12.0, 4.9.5 and 4.4.9 allows disclosure of sensitive system information. | ||||
| CVE-2019-11833 | 5 Canonical, Debian, Fedoraproject and 2 more | 16 Ubuntu Linux, Debian Linux, Fedora and 13 more | 2024-11-21 | 5.5 Medium |
| fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem. | ||||
| CVE-2019-11832 | 1 Typo3 | 1 Typo3 | 2024-11-21 | N/A |
| TYPO3 8.x before 8.7.25 and 9.x before 9.5.6 allows remote code execution because it does not properly configure the applications used for image processing, as demonstrated by ImageMagick or GraphicsMagick. | ||||
| CVE-2019-11781 | 1 Odoo | 1 Odoo | 2024-11-21 | 8.8 High |
| Improper input validation in portal component in Odoo Community 12.0 and earlier and Odoo Enterprise 12.0 and earlier, allows remote attackers to trick victims into modifying their account via crafted links, leading to privilege escalation. | ||||
| CVE-2019-11749 | 2 Mozilla, Redhat | 3 Firefox, Firefox Esr, Enterprise Linux | 2024-11-21 | 4.3 Medium |
| A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without triggering a user prompt or notification. This allows for the potential fingerprinting of users. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1. | ||||
| CVE-2019-11728 | 2 Mozilla, Opensuse | 2 Firefox, Leap | 2024-11-21 | 4.7 Medium |
| The HTTP Alternative Services header, Alt-Svc, can be used by a malicious site to scan all TCP ports of any host that the accessible to a user when web content is loaded. This vulnerability affects Firefox < 68. | ||||
| CVE-2019-11716 | 1 Mozilla | 1 Firefox | 2024-11-21 | N/A |
| Until explicitly accessed by script, window.globalThis is not enumerable and, as a result, is not visible to code such as Object.getOwnPropertyNames(window). Sites that deploy a sandboxing that depends on enumerating and freezing access to the window object may miss this, allowing their sandboxes to be bypassed. This vulnerability affects Firefox < 68. | ||||
| CVE-2019-11714 | 1 Mozilla | 1 Firefox | 2024-11-21 | N/A |
| Necko can access a child on the wrong thread during UDP connections, resulting in a potentially exploitable crash in some instances. This vulnerability affects Firefox < 68. | ||||
| CVE-2019-11697 | 1 Mozilla | 1 Firefox | 2024-11-21 | N/A |
| If the ALT and "a" keys are pressed when users receive an extension installation prompt, the extension will be installed without the install prompt delay that keeps the prompt visible in order for users to accept or decline the installation. A malicious web page could use this with spoofing on the page to trick users into installing a malicious extension. This vulnerability affects Firefox < 67. | ||||
| CVE-2019-11696 | 1 Mozilla | 1 Firefox | 2024-11-21 | N/A |
| Files with the .JNLP extension used for "Java web start" applications are not treated as executable content for download prompts even though they can be executed if Java is installed on the local system. This could allow users to mistakenly launch an executable binary locally. This vulnerability affects Firefox < 67. | ||||
| CVE-2019-11662 | 1 Microfocus | 1 Service Manager | 2024-11-21 | 4.3 Medium |
| Class and method names in error message in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited in some special cases to allow information exposure through an error message. | ||||
| CVE-2019-11658 | 1 Microfocus | 1 Content Manager | 2024-11-21 | N/A |
| Information exposure in Micro Focus Content Manager, versions 9.1, 9.2 and 9.3. This vulnerability when configured to use an Oracle database, allows valid system users to gain access to a limited subset of records they would not normally be able to access when the system is in an undisclosed abnormal state. | ||||
| CVE-2019-11648 | 1 Netiq | 1 Self Service Password Reset | 2024-11-21 | N/A |
| An information leakage exists in Micro Focus NetIQ Self Service Password Reset Software all versions prior to version 4.4. The vulnerability could be exploited to expose sensitive information. | ||||
| CVE-2019-11633 | 1 Honeypress Project | 1 Honeypress | 2024-11-21 | N/A |
| HoneyPress through 2016-09-27 can be fingerprinted by attackers because of the ingrained unique www.atxsec.com and ayylmao.wpengine.com hostnames within the fake WordPress templates. This allows attackers to discover and avoid this honeypot system. | ||||
| CVE-2019-11605 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 7.5 High |
| An issue was discovered in GitLab Community and Enterprise Edition 11.8.x before 11.8.10, 11.9.x before 11.9.11, and 11.10.x before 11.10.3. It allows Information Disclosure. A small number of GitLab API endpoints would disclose project information when using a read_user scoped token. | ||||