Vulnerabilities (CVE)

Vendor filter

Google Subscribe

Filter

4642 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-5040 2 Openweave, Google 2 Openweave-core, Nest Cam Iq Indoor Firmware 2019-10-09 5.0
An exploitable information disclosure vulnerability exists in the Weave MessageLayer parsing of Openweave-core version 4.0.2 and Nest Cam IQ Indoor version 4620002. A specially crafted weave packet can cause an integer overflow to occur,...
CVE-2019-10379 1 Google 1 Cloud Messaging Notification 2019-10-09 4.0
Jenkins Google Cloud Messaging Notification Plugin 1.0 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.
CVE-2019-10365 1 Google 1 Kubernetes Engine 2019-10-09 4.0
Jenkins Google Kubernetes Engine Plugin 0.6.2 and earlier created a temporary file containing a temporary access token in the project workspace, where it could be accessed by users with Job/Read permission.
CVE-2019-1010200 1 Google 1 Voice Builder 2019-10-09 10.0
Voice Builder Prior to commit c145d4604df67e6fc625992412eef0bf9a85e26b and f6660e6d8f0d1d931359d591dbdec580fef36d36 is affected by: CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'). The impact is:...
CVE-2015-4000 12 Google, Openssl, Apple and 9 more 25 Safari, Network Security Services, Ie and 22 more 2019-10-09 4.3
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a...
CVE-2019-16508 1 Google 1 Chrome Os 2019-10-08 9.3
The Imagination Technologies driver for Chrome OS before R74-11895.B, R75 before R75-12105.B, and R76 before R76-12208.0.0 allows attackers to trigger an Integer Overflow and gain privileges via a malicious application. This occurs because of...
CVE-2019-9377 1 Google 1 Android 2019-10-07 2.1
In FingerprintService, there is a possible bypass for operating system protections that isolate user profiles from each other due to a missing permission check. This could lead to a local information disclosure of metadata about the biometrics of...
CVE-2019-9312 1 Google 1 Android 2019-10-07 2.1
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product:...
CVE-2019-9280 1 Google 1 Android 2019-10-07 2.1
In keyguard, there is a possible escalation of privilege due to improper permission checks. This could lead to a local bypass of the keyguard under limited circumstances, with User execution privileges needed. User interaction is not needed for...
CVE-2019-9263 1 Google 1 Android 2019-10-07 4.6
In telephony, there is a possible bypass of user interaction requirements due to missing permission checks. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2019-9356 1 Google 1 Android 2019-10-07 1.9
In NFC server, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product:...
CVE-2019-9246 1 Google 1 Android 2019-10-07 1.9
In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions:...
CVE-2019-9268 1 Google 1 Android 2019-10-04 2.1
In libstagefright, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the media server with no additional execution privileges needed. User interaction is not needed for exploitation....
CVE-2019-9350 1 Google 1 Android 2019-10-04 4.6
In Keymaster, there is a possible EoP due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions:...
CVE-2019-9306 1 Google 1 Android 2019-10-04 6.8
In libMpegTPDec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions:...
CVE-2019-9232 1 Google 1 Android 2019-10-04 5.0
In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product:...
CVE-2019-9376 1 Google 1 Android 2019-10-04 4.9
In the Accounts package, there is a possible crash due to improper input validation. This could lead to permanent local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product:...
CVE-2019-9313 1 Google 1 Android 2019-10-04 4.3
In libstagefright, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions:...
CVE-2019-9233 1 Google 1 Android 2019-10-04 5.0
In wpa_supplicant_8, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation....
CVE-2019-9374 1 Google 1 Android 2019-10-04 4.6
In CompanionDeviceManager, there is a possible bypass of user interaction requirements due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...