|
211711
|
6.5 |
MEDIUM
Adjacent
|
bluez
debian
|
bluez
debian_linux
|
An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVC_ATTR_REQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to tric…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2019-8921
|
2024-11-21 13:50 |
2021-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211712
|
7.5 |
HIGH
Network
|
cmsmadesimple
|
cms_made_simple
|
An issue was discovered in CMS Made Simple 2.2.8. It is possible to achieve unauthenticated path traversal in the CGExtensions module (in the file action.setdefaulttemplate.php) with the m1_filename …
|
CWE-22
Path Traversal
|
CVE-2019-9060
|
2024-11-21 13:50 |
2021-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211713
|
6.5 |
MEDIUM
Network
|
apple
|
ipados
iphone_os
|
This issue was addressed by verifying host keys when connecting to a previously-known SSH server. This issue is fixed in iOS 13.1 and iPadOS 13.1. An attacker in a privileged network position may be …
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2019-8901
|
2024-11-21 13:50 |
2020-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211714
|
4.3 |
MEDIUM
Network
|
apple
|
tvos
iphone_os
itunes
safari
ipados
|
An information disclosure issue existed in the handling of the Storage Access API. This issue was addressed with improved logic. This issue is fixed in iOS 13.3 and iPadOS 13.3, tvOS 13.3, Safari 13.…
|
NVD-CWE-noinfo
|
CVE-2019-8898
|
2024-11-21 13:50 |
2020-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211715
|
5.3 |
MEDIUM
Network
|
apple
|
mac_os_x
|
A logic issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. A user who shares their screen may n…
|
NVD-CWE-noinfo
|
CVE-2019-8858
|
2024-11-21 13:50 |
2020-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211716
|
3.3 |
LOW
Local
|
apple
|
iphone_os
ipados
|
The issue was addressed with improved validation when an iCloud Link is created. This issue is fixed in iOS 13.3 and iPadOS 13.3. Live Photo audio and video data may be shared via iCloud links even i…
|
CWE-20
Improper Input Validation
|
CVE-2019-8857
|
2024-11-21 13:50 |
2020-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211717
|
3.3 |
LOW
Local
|
apple
|
mac_os_x
watchos
iphone_os
ipados
|
An API issue existed in the handling of outgoing phone calls initiated with Siri. This issue was addressed with improved state handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1…
|
NVD-CWE-noinfo
|
CVE-2019-8856
|
2024-11-21 13:50 |
2020-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211718
|
6.3 |
MEDIUM
Local
|
apple
|
mac_os_x
|
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Catalina 10.15. A malicious application may be able to access restricted files.
|
NVD-CWE-noinfo
|
CVE-2019-8855
|
2024-11-21 13:50 |
2020-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211719
|
7.5 |
HIGH
Network
|
apple
|
iphone_os
tvos
mac_os_x
watchos
|
A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in macOS Catalina 10.15, watchOS 6, iOS 13, tvOS 13. A device may be passively tracked by its Wi-Fi MAC a…
|
NVD-CWE-noinfo
|
CVE-2019-8854
|
2024-11-21 13:50 |
2020-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211720
|
5.5 |
MEDIUM
Local
|
apple
|
mac_os_x
|
A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra, macOS Catalina…
|
CWE-20
Improper Input Validation
|
CVE-2019-8853
|
2024-11-21 13:50 |
2020-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
