CVE List - 2019 / April
Showing 1301 - 1400 of 1531 CVEs for April 2019 (Page 14 of 16)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2018-20823 | 2019-04-25 | The gyroscope on Xiaomi Mi 5s devices allows attackers to... |
| CVE-2018-1720 | 2019-04-25 | IBM Sterling B2B Integrator Standard Edition 5.2.0.1, 5.2.6.3_6, 6.0.0.0, and... |
| CVE-2019-4033 | 2019-04-25 | IBM Content Navigator 2.0.3 and 3.0CD is vulnerable to cross-site... |
| CVE-2019-4073 | 2019-04-25 | IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is... |
| CVE-2019-4074 | 2019-04-25 | IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is... |
| CVE-2019-4075 | 2019-04-25 | IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is... |
| CVE-2019-4076 | 2019-04-25 | IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is... |
| CVE-2019-4077 | 2019-04-25 | IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is... |
| CVE-2019-4092 | 2019-04-25 | IBM Content Navigator 2.0.3 and 3.0CD could allow a remote... |
| CVE-2019-4146 | 2019-04-25 | IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 could... |
| CVE-2019-4148 | 2019-04-25 | IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is... |
| CVE-2019-4222 | 2019-04-25 | IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 could... |
| CVE-2019-4238 | 2019-04-25 | IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable... |
| CVE-2019-3900 | 2019-04-25 | An infinite loop issue was found in the vhost_net kernel... |
| CVE-2019-9900 | 2019-04-25 | When parsing HTTP/1.x header values, Envoy 1.9.0 and before does... |
| CVE-2019-9901 | 2019-04-25 | Envoy 1.9.0 and before does not normalize HTTP URL paths.... |
| CVE-2018-20052 | 2019-04-25 | An issue was discovered on Cerner Connectivity Engine (CCE) 4... |
| CVE-2018-20053 | 2019-04-25 | An issue was discovered on Cerner Connectivity Engine (CCE) 4... |
| CVE-2017-16558 | 2019-04-25 | Contao 3.0.0 to 3.5.30 and 4.0.0 to 4.4.7 contains an... |
| CVE-2019-9135 | 2019-04-25 | DaviewIndy 8.98.7 and earlier versions have a Heap-based overflow vulnerability,... |
| CVE-2018-18369 | 2019-04-25 | Norton Security (Windows client) prior to 22.16.3 and SEP SBE... |
| CVE-2019-9136 | 2019-04-25 | DaviewIndy 8.98.7 and earlier versions have a Heap-based overflow vulnerability,... |
| CVE-2018-19442 | 2019-04-25 | A Buffer Overflow in Network::AuthenticationClient::VerifySignature in /bin/astro in Neato Botvac... |
| CVE-2018-1360 | 2019-04-25 | A cleartext transmission of sensitive information vulnerability in Fortinet FortiManager... |
| CVE-2019-9137 | 2019-04-25 | DaviewIndy 8.98.7 and earlier versions have a Integer overflow vulnerability,... |
| CVE-2019-9138 | 2019-04-25 | DaviewIndy 8.98.7 and earlier versions have a Integer overflow vulnerability,... |
| CVE-2019-9139 | 2019-04-25 | DaviewIndy 8.98.7 and earlier versions have a Integer overflow vulnerability,... |
| CVE-2019-10955 | 2019-04-25 | In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versions... |
| CVE-2019-9669 | 2019-04-25 | The Wordfence plugin 7.2.3 for WordPress allows XSS via a... |
| CVE-2019-11537 | 2019-04-25 | In osTicket before 1.12, XSS exists via /upload/file.php, /upload/scp/users.php?do=import-users, and... |
| CVE-2018-12244 | 2019-04-25 | SEP (Mac client) prior to and including 12.1 RU6 MP9... |
| CVE-2018-18286 | 2019-04-25 | SQL injection vulnerabilities in CMG Suite 8.4 SP2 and earlier,... |
| CVE-2018-18285 | 2019-04-25 | SQL injection vulnerabilities in CMG Suite 8.4 SP2 and earlier,... |
| CVE-2018-18366 | 2019-04-25 | Symantec Norton Security prior to 22.16.3, SEP (Windows client) prior... |
| CVE-2018-18367 | 2019-04-25 | Symantec Endpoint Protection Manager (SEPM) prior to and including 12.1... |
| CVE-2018-14980 | 2019-04-25 | The ASUS ZenFone 3 Max Android device with a build... |
| CVE-2018-14983 | 2019-04-25 | The Sony Xperia L1 Android device with a build fingerprint... |
| CVE-2018-14989 | 2019-04-25 | The Plum Compass Android device with a build fingerprint of... |
| CVE-2018-14990 | 2019-04-25 | The Coolpad Defiant device with a build fingerprint of Coolpad/cp3632a/cp3632a:7.1.1/NMF26F/099480857:user/release-keys,... |
| CVE-2018-14991 | 2019-04-25 | The Coolpad Defiant device with a build fingerprint of Coolpad/cp3632a/cp3632a:7.1.1/NMF26F/099480857:user/release-keys,... |
| CVE-2018-14993 | 2019-04-25 | The ASUS Zenfone V Live Android device with a build... |
| CVE-2018-14994 | 2019-04-25 | The Essential Phone Android device with a build fingerprint of... |
| CVE-2018-14996 | 2019-04-25 | The Oppo F5 Android device with a build fingerprint of... |
| CVE-2018-14997 | 2019-04-25 | The Leagoo P1 Android device with a build fingerprint of... |
| CVE-2018-14999 | 2019-04-25 | The Leagoo P1 device with a build fingerprint of sp7731c_1h10_32v4_bird:6.0/MRA58K/android.20170629.214736:user/release-keys... |
| CVE-2018-15000 | 2019-04-25 | The Vivo V7 Android device with a build fingerprint of... |
| CVE-2018-15003 | 2019-04-25 | The Coolpad Defiant (Coolpad/cp3632a/cp3632a:7.1.1/NMF26F/099480857:user/release-keys) and the T-Mobile Revvl Plus (Coolpad/alchemy/alchemy:7.1.1/143.14.171129.3701A-TMO/buildf_nj_02-206:user/release-keys)... |
| CVE-2018-16660 | 2019-04-25 | A command injection vulnerability in PWS in Imperva SecureSphere 13.0.0.10... |
| CVE-2018-14557 | 2019-04-25 | An issue was discovered on Tenda AC7 devices with firmware... |
| CVE-2018-14559 | 2019-04-25 | An issue was discovered on Tenda AC7 devices with firmware... |
| CVE-2018-18823 | 2019-04-25 | WolfCMS 0.8.3.1 allows XSS via an SVG file to /?/admin/plugin/file_manager/browse/. |
| CVE-2018-18824 | 2019-04-25 | WolfCMS v0.8.3.1 allows XSS via an SVG file to /?/admin/plugin/file_manager/browse/. |
| CVE-2018-16216 | 2019-04-25 | A command injection (missing input validation, escaping) in the monitoring... |
| CVE-2018-16219 | 2019-04-25 | A missing password verification in the web interface in AudioCodes... |
| CVE-2018-16220 | 2019-04-25 | Cross Site Scripting in different input fields (domain field and... |
| CVE-2019-11489 | 2019-04-25 | Incorrect Access Control in the Administrative Management Interface in SimplyBook.me... |
| CVE-2019-11488 | 2019-04-25 | Incorrect Access Control in the Account Access / Password Reset... |
| CVE-2018-18643 | 2019-04-25 | GitLab CE & EE 11.2 and later and before 11.5.0-rc12,... |
| CVE-2019-3720 | 2019-04-25 | Directory Traversal Vulnerability |
| CVE-2019-3721 | 2019-04-25 | Improper Range Header Processing Vulnerability |
| CVE-2019-3788 | 2019-04-25 | UAA redirect-uri allows wildcard in the subdomain |
| CVE-2019-3801 | 2019-04-25 | Java Projects using HTTP to fetch dependencies |
| CVE-2018-19359 | 2019-04-25 | GitLab Community and Enterprise Edition 8.9 and later and before... |
| CVE-2019-11538 | 2019-04-26 | In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4,... |
| CVE-2019-11539 | 2019-04-26 | In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4,... |
| CVE-2019-11540 | 2019-04-26 | In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4... |
| CVE-2019-11541 | 2019-04-26 | In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4,... |
| CVE-2019-11542 | 2019-04-26 | In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4,... |
| CVE-2019-11543 | 2019-04-26 | XSS exists in the admin web console in Pulse Secure... |
| CVE-2019-11493 | 2019-04-26 | VeryPDF 4.1 has a Memory Overflow leading to Code Execution... |
| CVE-2018-5179 | 2019-04-26 | A service worker can send the activate event on itself... |
| CVE-2015-9284 | 2019-04-26 | The request phase of the OmniAuth Ruby gem (1.9.1 and... |
| CVE-2019-0186 | 2019-04-26 | The input fields of the Apache Pluto "Chat Room" demo... |
| CVE-2018-5124 | 2019-04-26 | Unsanitized output in the browser UI leaves HTML tags in... |
| CVE-2019-9813 | 2019-04-26 | Incorrect handling of __proto__ mutations may lead to type confusion... |
| CVE-2019-9810 | 2019-04-26 | Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method... |
| CVE-2019-9809 | 2019-04-26 | If the source for resources on a page is through... |
| CVE-2019-9808 | 2019-04-26 | If WebRTC permission is requested from documents with data: or... |
| CVE-2019-9807 | 2019-04-26 | When arbitrary text is sent over an FTP connection and... |
| CVE-2018-18509 | 2019-04-26 | A flaw during verification of certain S/MIME signatures causes emails... |
| CVE-2018-18510 | 2019-04-26 | The about:crashcontent and about:crashparent pages can be triggered by web... |
| CVE-2018-18511 | 2019-04-26 | Cross-origin images can be read from a canvas element in... |
| CVE-2018-18512 | 2019-04-26 | A use-after-free vulnerability can occur while playing a sound notification... |
| CVE-2018-18513 | 2019-04-26 | A crash can occur when processing a crafted S/MIME message... |
| CVE-2019-9788 | 2019-04-26 | Mozilla developers and community members reported memory safety bugs present... |
| CVE-2019-9789 | 2019-04-26 | Mozilla developers and community members reported memory safety bugs present... |
| CVE-2019-9790 | 2019-04-26 | A use-after-free vulnerability can occur when a raw pointer to... |
| CVE-2019-9791 | 2019-04-26 | The type inference system allows the compilation of functions that... |
| CVE-2019-9792 | 2019-04-26 | The IonMonkey just-in-time (JIT) compiler can leak an internal JS_OPTIMIZED_OUT... |
| CVE-2019-9793 | 2019-04-26 | A mechanism was discovered that removes some bounds checking for... |
| CVE-2019-9794 | 2019-04-26 | A vulnerability was discovered where specific command line arguments are... |
| CVE-2019-9795 | 2019-04-26 | A vulnerability where type-confusion in the IonMonkey just-in-time (JIT) compiler... |
| CVE-2019-9796 | 2019-04-26 | A use-after-free vulnerability can occur when the SMIL animation controller... |
| CVE-2019-9797 | 2019-04-26 | Cross-origin images can be read in violation of the same-origin... |
| CVE-2019-9798 | 2019-04-26 | On Android systems, Firefox can load a library from APITRACE_LIB,... |
| CVE-2019-9799 | 2019-04-26 | Insufficient bounds checking of data during inter-process communication might allow... |
| CVE-2019-9801 | 2019-04-26 | Firefox will accept any registered Program ID as an external... |
| CVE-2019-9802 | 2019-04-26 | If a Sandbox content process is compromised, it can initiate... |
| CVE-2019-9803 | 2019-04-26 | The Upgrade-Insecure-Requests (UIR) specification states that if UIR is enabled... |
| CVE-2019-9804 | 2019-04-26 | In Firefox Developer Tools it is possible that pasting the... |