|
221131
|
7.1 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netlabel: fix out-of-bounds memory accesses
There are two array out-of-bounds memory accesses, one in
cipso_v4_map_lvl_valid(), t…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-25160
|
2024-11-21 13:40 |
2024-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221132
|
9.8 |
CRITICAL
Network
|
mpedraza2020
|
intranet_del_monterroso
|
A vulnerability was found in mpedraza2020 Intranet del Monterroso up to 4.50.0. It has been classified as critical. This affects an unknown part of the file config/cargos.php. The manipulation of the…
|
-
|
CVE-2019-25159
|
2024-11-21 13:40 |
2024-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221133
|
9.8 |
CRITICAL
Network
|
pedroetb
|
tts-api
|
A vulnerability has been found in pedroetb tts-api up to 2.1.4 and classified as critical. This vulnerability affects the function onSpeechDone of the file app.js. The manipulation leads to os comman…
|
-
|
CVE-2019-25158
|
2024-11-21 13:40 |
2023-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221134
|
6.5 |
MEDIUM
Network
|
mongodb
|
mongodb
|
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use $lookup and collations. This issue affects MongoDB Server v4.2 versions pri…
|
CWE-416
Use After Free
|
CVE-2019-2393
|
2024-11-21 13:40 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221135
|
6.5 |
MEDIUM
Network
|
mongodb
|
mongodb
|
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use the $mod operator to overflow negative values. This issue affects: MongoDB …
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2019-2392
|
2024-11-21 13:40 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221136
|
7.8 |
HIGH
Local
|
google
|
android
|
In SurfaceFlinger::createLayer of SurfaceFlinger.cpp, there is a possible arbitrary code execution due to improper casting. This could lead to local escalation of privilege with no additional executi…
|
CWE-704
Incorrect Type Conversion or Cast
|
CVE-2019-2194
|
2024-11-21 13:40 |
2020-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221137
|
5.3 |
MEDIUM
Network
|
mongodb
|
ops_manager
|
In affected Ops Manager versions there is an exposed http route was that may allow attackers to view a specific access log of a publicly exposed Ops Manager instance. This issue affects: MongoDB Inc.…
|
CWE-425
Direct Request ('Forced Browsing')
|
CVE-2019-2388
|
2024-11-21 13:40 |
2020-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221138
|
5.5 |
MEDIUM
Local
|
google
|
android
|
There is a possible disclosure of RAM using a shared crypto key due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User int…
|
NVD-CWE-noinfo
|
CVE-2019-2056
|
2024-11-21 13:40 |
2020-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221139
|
5.4 |
MEDIUM
Network
|
mongodb
|
js-bson
|
Incorrect parsing of certain JSON input may result in js-bson not correctly serializing BSON. This may cause unexpected application behaviour including data disclosure. This issue affects: MongoDB In…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2019-2391
|
2024-11-21 13:40 |
2020-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221140
|
7.3 |
HIGH
Local
|
google
|
android
|
In overlay notifications, there is a possible hidden notification due to improper input validation. This could lead to a local escalation of privilege because the user is not notified of an overlayin…
|
CWE-20
Improper Input Validation
|
CVE-2019-2216
|
2024-11-21 13:40 |
2020-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
