CVE List - 2019 / December
Showing 801 - 900 of 1578 CVEs for December 2019 (Page 9 of 16)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2019-5152 | 2019-12-18 | An exploitable information disclosure vulnerability exists in the network packet handling functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher, a specially crafted set of network packets can cause an... |
| CVE-2019-11399 | 2019-12-18 | An issue was discovered on TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices. OS command injection occurs through the get_set.ccp lanHostCfg_HostName_1.1.1.0.0 parameter. |
| CVE-2019-11400 | 2019-12-18 | An issue was discovered on TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices. A buffer overflow occurs through the get_set.ccp ccp_act parameter. |
| CVE-2019-19882 | 2019-12-18 | shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow... |
| CVE-2019-11992 | 2019-12-18 | A security vulnerability in HPE OneView for VMware vCenter 9.5 could be exploited remotely to allow Cross-Site Scripting. |
| CVE-2019-4609 | 2019-12-18 | IBM API Connect 2018.4.1.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 168510. |
| CVE-2019-4716 | 2019-12-18 | IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via... |
| CVE-2019-19833 | 2019-12-18 | In Tautulli 2.1.9, CSRF in the /shutdown URI allows an attacker to shut down the remote media server. (Also, anonymous access can be achieved in applications that do not have... |
| CVE-2019-19832 | 2019-12-18 | Xerox AltaLink C8035 printers allow CSRF. A request to add users is made in the Device User Database form field to the xerox.set URI. (The frmUserName value must have a... |
| CVE-2019-19829 | 2019-12-18 | A cross-site scripting (XSS) vulnerability exists in SolarWinds Serv-U FTP Server 15.1.7 in the email parameter, a different vulnerability than CVE-2018-19934 and CVE-2019-13182. |
| CVE-2019-6201 | 2019-12-18 | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing... |
| CVE-2019-6204 | 2019-12-18 | A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, Safari 12.1. Enabling the Safari Reader feature on a maliciously crafted webpage may lead to... |
| CVE-2019-6207 | 2019-12-18 | An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4,... |
| CVE-2019-6222 | 2019-12-18 | A consistency issue was addressed with improved state handling. This issue is fixed in iOS 12.2. A website may be able to access the microphone without the microphone use indicator... |
| CVE-2019-6232 | 2019-12-18 | A race condition existed during the installation of iTunes for Windows. This was addressed with improved state handling. This issue is fixed in iCloud for Windows 7.11. Running the iTunes... |
| CVE-2019-6236 | 2019-12-18 | A race condition existed during the installation of iCloud for Windows. This was addressed with improved state handling. This issue is fixed in iCloud for Windows 7.11. Running the iCloud... |
| CVE-2019-6237 | 2019-12-18 | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for... |
| CVE-2019-6239 | 2019-12-18 | This issue was addressed with improved handling of file metadata. This issue is fixed in macOS Mojave 10.14.4. A malicious application may bypass Gatekeeper checks. |
| CVE-2019-7284 | 2019-12-18 | This issue was addressed with improved checks. This issue is fixed in iOS 12.2. Processing a maliciously crafted mail message may lead to S/MIME signature spoofing. |
| CVE-2019-7285 | 2019-12-18 | A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11.... |
| CVE-2019-7289 | 2019-12-18 | A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in Shortcuts 2.1.3 for iOS. A local user may be able... |
| CVE-2019-7287 | 2019-12-18 | A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4. An application may be able to execute arbitrary code with kernel privileges. |
| CVE-2019-7290 | 2019-12-18 | An access issue was addressed with additional sandbox restrictions. This issue is fixed in Shortcuts 2.1.3 for iOS. A sandboxed process may be able to circumvent sandbox restrictions. |
| CVE-2019-7292 | 2019-12-18 | A validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing... |
| CVE-2019-7293 | 2019-12-18 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A local user may be able... |
| CVE-2019-8502 | 2019-12-18 | An API issue existed in the handling of dictation requests. This issue was addressed with improved validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS... |
| CVE-2019-8503 | 2019-12-18 | A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious website... |
| CVE-2019-8504 | 2019-12-18 | A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A local user may be able to read kernel memory. |
| CVE-2019-8505 | 2019-12-18 | A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, Safari 12.1. Enabling the Safari Reader feature on a maliciously crafted webpage may lead to... |
| CVE-2019-8507 | 2019-12-18 | Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.4. Processing malicious data may lead to unexpected application termination. |
| CVE-2019-8508 | 2019-12-18 | A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Mojave 10.14.4. Mounting a maliciously crafted NFS network share may lead to arbitrary code execution... |
| CVE-2019-8510 | 2019-12-18 | An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4,... |
| CVE-2019-8511 | 2019-12-18 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A malicious application may be able to elevate... |
| CVE-2019-8512 | 2019-12-18 | This issue was addressed with improved transparency. This issue is fixed in iOS 12.2. A user may authorize an enterprise administrator to remotely wipe their device without appropriate disclosure. |
| CVE-2019-8513 | 2019-12-18 | This issue was addressed with improved checks. This issue is fixed in macOS Mojave 10.14.4. A local user may be able to execute arbitrary shell commands. |
| CVE-2019-8514 | 2019-12-18 | A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. An application may be able to gain... |
| CVE-2019-8515 | 2019-12-18 | A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows,... |
| CVE-2019-8516 | 2019-12-18 | A validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted string may lead to... |
| CVE-2019-8517 | 2019-12-18 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted font may result... |
| CVE-2019-8518 | 2019-12-18 | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows... |
| CVE-2019-8519 | 2019-12-18 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Mojave 10.14.4. An application may be able to read restricted memory. |
| CVE-2019-8520 | 2019-12-18 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Mojave 10.14.4. A malicious application may be able to read restricted memory. |
| CVE-2019-8521 | 2019-12-18 | This issue was addressed with improved checks. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A malicious application may be able to overwrite arbitrary files. |
| CVE-2019-8522 | 2019-12-18 | A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4. An encrypted volume may be unmounted and remounted by a different user without... |
| CVE-2019-8523 | 2019-12-18 | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing... |
| CVE-2019-8524 | 2019-12-18 | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing... |
| CVE-2019-7286 | 2019-12-18 | A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4, macOS Mojave 10.14.3 Supplemental Update. An application may be able to gain elevated... |
| CVE-2019-8506 | 2019-12-18 | A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows... |
| CVE-2019-8526 | 2019-12-18 | A use after free issue was addressed with improved memory management. This issue is fixed in macOS Mojave 10.14.4. An application may be able to gain elevated privileges. |
| CVE-2019-8527 | 2019-12-18 | A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A remote attacker may be able to... |
| CVE-2019-8529 | 2019-12-18 | A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. An application may be able to execute arbitrary code with... |
| CVE-2019-8530 | 2019-12-18 | This issue was addressed with improved checks. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2. A malicious application may be able to overwrite arbitrary files. |
| CVE-2019-8533 | 2019-12-18 | A lock handling issue was addressed with improved lock handling. This issue is fixed in macOS Mojave 10.14.4. A Mac may not lock when disconnecting from an external monitor. |
| CVE-2019-8535 | 2019-12-18 | A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing... |
| CVE-2019-8536 | 2019-12-18 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows... |
| CVE-2019-8537 | 2019-12-18 | An access issue was addressed with improved memory management. This issue is fixed in macOS Mojave 10.14.4. A local user may be able to view a user’s locked notes. |
| CVE-2019-8540 | 2019-12-18 | A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able... |
| CVE-2019-8541 | 2019-12-18 | A privacy issue existed in motion sensor calibration. This issue was addressed with improved motion sensor processing. This issue is fixed in iOS 12.2, watchOS 5.2. A malicious app may... |
| CVE-2019-8542 | 2019-12-18 | A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2, iTunes 12.9.4 for Windows, iCloud for Windows... |
| CVE-2019-8544 | 2019-12-18 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows... |
| CVE-2019-8545 | 2019-12-18 | A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A local user may be able... |
| CVE-2019-8546 | 2019-12-18 | An access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A local user may be able to view sensitive... |
| CVE-2019-8548 | 2019-12-18 | An issue existed where partially entered passcodes may not clear when the device went to sleep. This issue was addressed by clearing the passcode when a locked device sleeps. This... |
| CVE-2019-8549 | 2019-12-18 | Multiple input validation issues existed in MIG generated code. These issues were addressed with improved validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2.... |
| CVE-2019-8550 | 2019-12-18 | An issue existed in the pausing of FaceTime video. The issue was resolved with improved logic. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A user’s... |
| CVE-2019-8551 | 2019-12-18 | A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted... |
| CVE-2019-8552 | 2019-12-18 | A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able... |
| CVE-2019-8553 | 2019-12-18 | A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2. Clicking a malicious SMS link may lead to arbitrary code... |
| CVE-2019-8554 | 2019-12-18 | A permissions issue existed in the handling of motion and orientation data. This issue was addressed with improved restrictions. This issue is fixed in iOS 12.2. A website may be... |
| CVE-2019-8555 | 2019-12-18 | A buffer overflow was addressed with improved size validation. This issue is fixed in macOS Mojave 10.14.4. A malicious application may be able to execute arbitrary code with kernel privileges. |
| CVE-2019-8556 | 2019-12-18 | A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11.... |
| CVE-2019-8558 | 2019-12-18 | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows... |
| CVE-2019-8559 | 2019-12-18 | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows... |
| CVE-2019-8590 | 2019-12-18 | A logic issue was addressed with improved restrictions. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with kernel privileges. |
| CVE-2019-8599 | 2019-12-18 | A logic issue was addressed with improved restrictions. This issue is fixed in iOS 12.3. A person with physical access to an iOS device may be able to see the... |
| CVE-2019-8560 | 2019-12-18 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A malicious application may be able to... |
| CVE-2019-8561 | 2019-12-18 | A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.4. A malicious application may be able to elevate privileges. |
| CVE-2019-8565 | 2019-12-18 | A race condition was addressed with additional validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A malicious application may be able to gain root privileges. |
| CVE-2019-8566 | 2019-12-18 | An API issue existed in the handling of microphone data. This issue was addressed with improved validation. This issue is fixed in iOS 12.2. A malicious application may be able... |
| CVE-2019-8567 | 2019-12-18 | A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in iOS 12.2. A device may be passively tracked by its WiFi MAC address. |
| CVE-2019-8589 | 2019-12-18 | This issue was addressed with improved checks. This issue is fixed in macOS Mojave 10.14.5. A malicious application may bypass Gatekeeper checks. |
| CVE-2019-8591 | 2019-12-18 | A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. An application may be able to... |
| CVE-2019-8593 | 2019-12-18 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. An application may be able to execute arbitrary code... |
| CVE-2019-8595 | 2019-12-18 | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for... |
| CVE-2019-8596 | 2019-12-18 | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for... |
| CVE-2019-8597 | 2019-12-18 | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for... |
| CVE-2019-8598 | 2019-12-18 | An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for... |
| CVE-2019-8600 | 2019-12-18 | A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for... |
| CVE-2019-8601 | 2019-12-18 | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5,... |
| CVE-2019-8602 | 2019-12-18 | A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud... |
| CVE-2019-8603 | 2019-12-18 | A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.5. An application may be able to read restricted memory. |
| CVE-2019-8604 | 2019-12-18 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with system privileges. |
| CVE-2019-8606 | 2019-12-18 | A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Mojave 10.14.5. A local user may... |
| CVE-2019-8607 | 2019-12-18 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud... |
| CVE-2019-8608 | 2019-12-18 | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for... |
| CVE-2019-8609 | 2019-12-18 | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for... |
| CVE-2019-8610 | 2019-12-18 | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for... |
| CVE-2019-8613 | 2019-12-18 | A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. A remote attacker may be able to cause... |
| CVE-2019-8617 | 2019-12-18 | An access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 12.3. A sandboxed process may be able to circumvent sandbox restrictions. |
| CVE-2019-8620 | 2019-12-18 | A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. A device may be passively tracked by... |