Total
34059 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-3566 | 1 Whatsapp | 2 Whatsapp, Whatsapp Business | 2024-11-21 | 5.9 Medium |
| A bug in WhatsApp for Android's messaging logic would potentially allow a malicious individual who has taken over over a WhatsApp user's account to recover previously sent messages. This behavior requires independent knowledge of metadata for previous messages, which are not available publicly. This issue affects WhatsApp for Android 2.19.52 and 2.19.54 - 2.19.103, as well as WhatsApp Business for Android starting in v2.19.22 until v2.19.38. | ||||
| CVE-2019-3493 | 1 Microfocus | 2 Network Automation, Network Operations Management | 2024-11-21 | N/A |
| A potential security vulnerability has been identified in Micro Focus Network Automation Software 9.20, 9.21, 10.00, 10.10, 10.20, 10.30, 10.40, 10.50, 2018.05, 2018.08, 2018.11, and Micro Focus Network Operations Management (NOM) all versions. The vulnerability could be remotely exploited to Remote Code Execution. | ||||
| CVE-2019-3484 | 1 Hp | 1 Arcsight Logger | 2024-11-21 | N/A |
| Mitigates a remote code execution issue in ArcSight Logger versions prior to 6.7. | ||||
| CVE-2019-3483 | 1 Hp | 1 Arcsight Logger | 2024-11-21 | N/A |
| Mitigates a potential information leakage issue in ArcSight Logger versions prior to 6.7. | ||||
| CVE-2019-3479 | 1 Hp | 1 Arcsight Logger | 2024-11-21 | N/A |
| Mitigates a potential remote code execution issue in ArcSight Logger versions prior to 6.7. | ||||
| CVE-2019-3476 | 1 Microfocus | 1 Data Protector | 2024-11-21 | N/A |
| Remote arbitrary code execution in Micro Focus Data Protector, version 10.03 this vulnerability could allow remote arbitrary code execution. | ||||
| CVE-2019-3462 | 3 Canonical, Debian, Netapp | 5 Ubuntu Linux, Advanced Package Tool, Debian Linux and 2 more | 2024-11-21 | 8.1 High |
| Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine. | ||||
| CVE-2019-3430 | 1 Zte | 1 Zxcloud Goldendata Vap | 2024-11-21 | 4.9 Medium |
| All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have an information disclosure vulnerability. Attackers could use this vulnerability to collect data information and damage the system. | ||||
| CVE-2019-3428 | 1 Zte | 2 Zxcdn Iamweb, Zxcdn Iamweb Firmware | 2024-11-21 | 6.5 Medium |
| The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a configuration error vulnerability. An attacker could directly access the management portal in HTTP, resulting in users’ information leakage. | ||||
| CVE-2019-3424 | 1 Ztehome | 2 C520v21, C520v21 Firmware | 2024-11-21 | 8.2 High |
| authentication issues vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can automatically obtain access to web services from the authorized browser of the same computer and perform operations. | ||||
| CVE-2019-3420 | 1 Zte | 2 Zxhn H108n, Zxhn H108n Firmware | 2024-11-21 | 6.5 Medium |
| All versions up to V2.5.0_EG1T5_TED of ZTE ZXHN H108N product are impacted by an information leak vulnerability. An attacker could exploit the vulnerability to obtain sensitive information and perform unauthorized operations. | ||||
| CVE-2019-3419 | 1 Zte | 2 Zxmp M721 Dx, Zxmp M721 Dx Firmware | 2024-11-21 | 5.7 Medium |
| A security vulnerability exists in a management port in the version of ZTE's ZXMP M721V3.10P01B10_M2NCP. An attacker could exploit this vulnerability to build a link to the device and send specific packets to cause a denial of service. | ||||
| CVE-2019-3405 | 1 360 | 2 360f5, 360f5 Firmware | 2024-11-21 | 5.3 Medium |
| In the 3.1.3.64296 and lower version of 360F5, the third party can trigger the device to send a deauth frame by constructing and sending a specific illegal 802.11 Null Data Frame, which will cause other wireless terminals connected to disconnect from the wireless, so as to attack the router wireless by DoS. At present, the vulnerability has been effectively handled, and users can fix the vulnerability after updating the firmware version. | ||||
| CVE-2019-3404 | 1 360 | 4 F5c Router, F5c Router Firmware, P0 Router and 1 more | 2024-11-21 | 7.5 High |
| By adding some special fields to the uri ofrouter app function, the user could abuse background app cgi functions withoutauthentication. This affects 360 router P0 and F5C. | ||||
| CVE-2019-3031 | 1 Oracle | 1 Vm Virtualbox | 2024-11-21 | 6.0 Medium |
| Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N). | ||||
| CVE-2019-3028 | 1 Oracle | 1 Vm Virtualbox | 2024-11-21 | 8.8 High |
| Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). | ||||
| CVE-2019-3027 | 1 Oracle | 1 Application Object Library | 2024-11-21 | 5.3 Medium |
| Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Login Help). Supported versions that are affected are 12.2.5-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Application Object Library. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). | ||||
| CVE-2019-3026 | 1 Oracle | 1 Vm Virtualbox | 2024-11-21 | 6.5 Medium |
| Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N). | ||||
| CVE-2019-3025 | 1 Oracle | 1 Hospitality Res 3700 | 2024-11-21 | 9.0 Critical |
| Vulnerability in the Oracle Hospitality RES 3700 component of Oracle Food and Beverage Applications. The supported version that is affected is 5.7. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality RES 3700. While the vulnerability is in Oracle Hospitality RES 3700, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Hospitality RES 3700. CVSS 3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H). | ||||
| CVE-2019-3024 | 1 Oracle | 1 Installed Base | 2024-11-21 | 4.7 Medium |
| Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: Engineering Change Order). Supported versions that are affected are 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Installed Base. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Installed Base, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Installed Base accessible data. CVSS 3.0 Base Score 4.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N). | ||||