Export limit exceeded: 365158 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 365158 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (365158 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-8516 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-11-21 | 7.5 High |
| A validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted string may lead to a denial of service. | ||||
| CVE-2019-8515 | 2 Apple, Redhat | 6 Icloud, Iphone Os, Itunes and 3 more | 2024-11-21 | 6.5 Medium |
| A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information. | ||||
| CVE-2019-8514 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-11-21 | 7.8 High |
| A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. An application may be able to gain elevated privileges. | ||||
| CVE-2019-8513 | 1 Apple | 1 Mac Os X | 2024-11-21 | 7.8 High |
| This issue was addressed with improved checks. This issue is fixed in macOS Mojave 10.14.4. A local user may be able to execute arbitrary shell commands. | ||||
| CVE-2019-8512 | 1 Apple | 1 Iphone Os | 2024-11-21 | 5.7 Medium |
| This issue was addressed with improved transparency. This issue is fixed in iOS 12.2. A user may authorize an enterprise administrator to remotely wipe their device without appropriate disclosure. | ||||
| CVE-2019-8511 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2024-11-21 | 7.8 High |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A malicious application may be able to elevate privileges. | ||||
| CVE-2019-8510 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-11-21 | 5.5 Medium |
| An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout. | ||||
| CVE-2019-8509 | 1 Apple | 1 Mac Os X | 2024-11-21 | 7.8 High |
| This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. A malicious application may be able to elevate privileges. | ||||
| CVE-2019-8508 | 1 Apple | 1 Mac Os X | 2024-11-21 | 7.8 High |
| A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Mojave 10.14.4. Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges. | ||||
| CVE-2019-8507 | 1 Apple | 1 Mac Os X | 2024-11-21 | 5.5 Medium |
| Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.4. Processing malicious data may lead to unexpected application termination. | ||||
| CVE-2019-8505 | 1 Apple | 2 Iphone Os, Safari | 2024-11-21 | 6.1 Medium |
| A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, Safari 12.1. Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting. | ||||
| CVE-2019-8504 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-11-21 | 5.5 Medium |
| A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A local user may be able to read kernel memory. | ||||
| CVE-2019-8503 | 2 Apple, Redhat | 6 Icloud, Iphone Os, Itunes and 3 more | 2024-11-21 | 8.8 High |
| A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious website may be able to execute scripts in the context of another website. | ||||
| CVE-2019-8502 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-11-21 | 3.3 Low |
| An API issue existed in the handling of dictation requests. This issue was addressed with improved validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to initiate a Dictation request without user authorization. | ||||
| CVE-2019-8463 | 1 Checkpoint | 1 Endpoint Security Clients | 2024-11-21 | 7.5 High |
| A denial of service vulnerability was reported in Check Point Endpoint Security Client for Windows before E82.10, that could allow service log file to be written to non-standard locations. | ||||
| CVE-2019-8462 | 1 Checkpoint | 2 Gaia, Security Gateway | 2024-11-21 | 7.5 High |
| In a rare scenario, Check Point R80.30 Security Gateway before JHF Take 50 managed by Check Point R80.30 Management crashes with a unique configuration of enhanced logging. | ||||
| CVE-2019-8461 | 1 Checkpoint | 3 Capsule Docs Standalone Client, Endpoint Security, Remote Access Clients | 2024-11-21 | N/A |
| Check Point Endpoint Security Initial Client for Windows before version E81.30 tries to load a DLL placed in any PATH location on a clean image without Endpoint Client installed. An attacker can leverage this to gain LPE using a specially crafted DLL placed in any PATH location accessible with write permissions to the user. | ||||
| CVE-2019-8460 | 1 Openbsd | 1 Openbsd | 2024-11-21 | 7.5 High |
| OpenBSD kernel version <= 6.5 can be forced to create long chains of TCP SACK holes that causes very expensive calls to tcp_sack_option() for every incoming SACK packet which can lead to a denial of service. | ||||
| CVE-2019-8459 | 1 Checkpoint | 6 Capsule Docs Standalone Client, Endpoint Security Clients, Endpoint Security Server Package and 3 more | 2024-11-21 | N/A |
| Check Point Endpoint Security Client for Windows, with the VPN blade, before version E80.83, starts a process without using quotes in the path. This can cause loading of a previously placed executable with a name similar to the parts of the path, instead of the intended one. | ||||
| CVE-2019-8458 | 1 Checkpoint | 3 Capsule Docs, Endpoint Security Clients, Remote Access Clients | 2024-11-21 | 4.4 Medium |
| Check Point Endpoint Security Client for Windows, with Anti-Malware blade installed, before version E81.00, tries to load a non-existent DLL during an update initiated by the UI. An attacker with administrator privileges can leverage this to gain code execution within a Check Point Software Technologies signed binary, where under certain circumstances may cause the client to terminate. | ||||