| CVE |
Vendors |
Products |
Updated |
CVSS |
| CVE-2019-9923 |
1 Gnu |
1 Tar |
2019-04-18 |
5.0 |
| pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers. |
| CVE-2019-9628 |
2 Xmltooling Project, Canonical |
2 Xmltooling, Ubuntu Linux |
2019-04-18 |
5.0 |
| The XMLTooling library all versions prior to V3.0.4, provided with the OpenSAML and Shibboleth Service Provider software, contains an XML parsing class. Invalid data in the XML declaration causes an exception of a type that was not handled... |
| CVE-2019-5674 |
|
|
2019-04-18 |
6.9 |
| NVIDIA GeForce Experience before 3.18 contains a vulnerability when ShadowPlay or GameStream is enabled. When an attacker has access to the system and creates a hard link, the software does not check for hard link attacks. This behavior may lead... |
| CVE-2019-5671 |
1 Nvidia |
1 Gpu Driver |
2019-04-18 |
4.9 |
| NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software does not release a resource after its effective lifetime has ended, which may lead to denial of service. |
| CVE-2019-5670 |
1 Nvidia |
1 Gpu Driver |
2019-04-18 |
7.2 |
| NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape in which the software uses a sequential operation to read from or write to a buffer, but it uses an incorrect length value that causes... |
| CVE-2019-5669 |
1 Nvidia |
1 Gpu Driver |
2019-04-18 |
7.2 |
| NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape in which the software uses a sequential operation to read from or write to a buffer, but it uses an incorrect length value that causes... |
| CVE-2019-5668 |
1 Nvidia |
1 Gpu Driver |
2019-04-18 |
7.2 |
| NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiSubmitCommandVirtual in which the application dereferences a pointer that it expects to be valid, but is NULL, which may lead to... |
| CVE-2019-5667 |
1 Nvidia |
1 Gpu Driver |
2019-04-18 |
7.2 |
| NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiSetRootPageTable in which the application dereferences a pointer that it expects to be valid, but is NULL, which may lead to... |
| CVE-2019-5666 |
1 Nvidia |
1 Gpu Driver |
2019-04-18 |
7.2 |
| NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) create context command DDI DxgkDdiCreateContext in which the product uses untrusted input when calculating or using an array index, but the product... |
| CVE-2019-5665 |
1 Nvidia |
1 Gpu Driver |
2019-04-18 |
7.2 |
| NVIDIA Windows GPU Display driver contains a vulnerability in the 3D vision component in which the stereo service software, when opening a file, does not check for hard links. This behavior may lead to code execution, denial of service or... |
| CVE-2019-5490 |
1 Netapp |
1 Service Processor |
2019-04-18 |
10.0 |
| Certain versions between 2.x to 5.x (refer to advisory) of the NetApp Service Processor firmware were shipped with a default account enabled that could allow unauthorized arbitrary command execution. Any platform listed in the advisory Impact... |
| CVE-2019-11084 |
|
|
2019-04-18 |
N/A |
| GAuth 0.9.9 beta has stored XSS that shows a popup repeatedly and discloses cookies. |
| CVE-2019-11035 |
|
|
2019-04-18 |
N/A |
| When processing certain files, PHP EXIF extension in versions 7.1.x below 7.2.8, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. This may lead to information disclosure or crash. |
| CVE-2019-0121 |
1 Intel |
1 Matrix Storage Manager |
2019-04-18 |
4.6 |
| Improper permissions in Intel(R) Matrix Storage Manager 8.9.0.1023 and before may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2018-6260 |
1 Nvidia |
1 Gpu Driver |
2019-04-18 |
2.1 |
| NVIDIA graphics driver contains a vulnerability that may allow access to application data processed on the GPU through a side channel exposed by the GPU performance counters. Local user access is required. This is not a network or remote attack vector. |
| CVE-2018-20482 |
2 Gnu, Debian |
2 Tar, Debian Linux |
2019-04-18 |
1.9 |
| GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be... |
| CVE-2018-20200 |
|
|
2019-04-18 |
N/A |
| CertificatePinner.java in OkHttp 3.x through 3.12.0 allows man-in-the-middle attackers to bypass certificate pinning by changing SSLContext and the boolean values while hooking the application. |
| CVE-2018-18435 |
1 Kioware |
1 Kioware Server |
2019-04-18 |
7.2 |
| KioWare Server version 4.9.6 and older installs by default to "C:\kioware_com" with weak folder permissions granting any user full permission "Everyone: (F)" to the contents of the directory and it's sub-folders. In addition, the program installs... |
| CVE-2018-12173 |
|
|
2019-04-18 |
7.2 |
| Insufficient access protection in firmware in Intel Server Board, Intel Server System and Intel Compute Module before firmware version 00.01.0014 may allow an unauthenticated attacker to potentially execute arbitrary code resulting in information... |
| CVE-2018-12155 |
1 Intel |
1 Integrated Performance Primitives |
2019-04-18 |
2.1 |
| Data leakage in cryptographic libraries for Intel IPP before 2019 update1 release may allow an authenticated user to potentially enable information disclosure via local access. |
