New vulnerabilities from the NVD: CVE-2019-10581 | | NULL is assigned to local instance of audio device pointer after free instead of global static pointer and can lead to use after free issue in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, MDM9206, MDM9207C, MDM9607, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8998, Nicobar, QCS605, Rennell, SA6155P, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130 Published at: January 21, 2020 at 09:15AM View on website January 21, 2020 at 01:48PM via National Vulnerability Database | New vulnerabilities from the NVD: CVE-2019-10579 | | Buffer over-read can occur while playing the video clip which is not standard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCS605, QM215, Rennell, SA6155P, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 Published at: January 21, 2020 at 09:15AM View on website January 21, 2020 at 01:48PM via National Vulnerability Database | New vulnerabilities from the NVD: CVE-2019-10578 | | Null pointer dereference can occur while parsing the clip which is nonstandard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCS605, QM215, Rennell, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 Published at: January 21, 2020 at 09:15AM View on website January 21, 2020 at 01:48PM via National Vulnerability Database | New vulnerabilities from the NVD: CVE-2019-10561 | | Improper initialization of local variables which are parameters to sfs api may cause invalid pointer dereference and leads to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9206, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, QM215, SDA660, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660 Published at: January 21, 2020 at 09:15AM View on website January 21, 2020 at 01:48PM via National Vulnerability Database | New vulnerabilities from the NVD: CVE-2019-10558 | | While transferring data from APPS to DSP, Out of bound in FastRPC HLOS Driver due to the data buffer which can be controlled by DSP in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS605, QM215, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM6150, SM8150, SM8250, SXR1130, SXR2130 Published at: January 21, 2020 at 09:15AM View on website January 21, 2020 at 01:48PM via National Vulnerability Database | New vulnerabilities from the NVD: CVE-2019-10548 | | While trying to obtain datad ipc handle during DPL initialization, Heap use-after-free issue can occur if modem SSR occurs at same time in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCS605, QM215, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SXR1130 Published at: January 21, 2020 at 09:15AM View on website January 21, 2020 at 01:48PM via National Vulnerability Database | New vulnerabilities from the NVD: CVE-2019-10532 | | Null-pointer dereference issue can occur while calculating string length when source string length is zero in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, Nicobar, QCS605, QM215, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM8150, SM8250, SXR1130, SXR2130 Published at: January 21, 2020 at 09:15AM View on website January 21, 2020 at 01:48PM via National Vulnerability Database | New vulnerabilities from the NVD: CVE-2012-5190 | | | New vulnerabilities from the NVD: CVE-2011-5282 | | mIRC prior to 7.22 has a message leak because chopping of outbound messages is mishandled. Published at: January 21, 2020 at 06:15PM View on website January 21, 2020 at 07:56PM via National Vulnerability Database | New vulnerabilities from the NVD: CVE-2011-4336 (tikiwiki_cms/groupware) | | | New vulnerabilities from the NVD: CVE-2011-4322 | | | New vulnerabilities from the NVD: CVE-2011-4095 | | | New vulnerabilities from the NVD: CVE-2011-4094 | | | New vulnerabilities from the NVD: CVE-2011-2669 | | Mozilla Firefox prior to 3.6 has a DoS vulnerability due to an issue in the validation of certificates. Published at: January 21, 2020 at 05:15PM View on website January 21, 2020 at 07:56PM via National Vulnerability Database | New vulnerabilities from the NVD: CVE-2011-2668 | | Mozilla Firefox through 1.5.0.3 has a vulnerability in processing the content-length header Published at: January 21, 2020 at 05:15PM View on website January 21, 2020 at 07:56PM via National Vulnerability Database | New vulnerabilities from the NVD: CVE-2005-4891 (simple_machine_forum) | | Simple Machine Forum (SMF) versions 1.0.4 and earlier have an SQL injection vulnerability that allows remote attackers to inject arbitrary SQL statements. Published at: January 15, 2020 at 07:15PM View on website January 21, 2020 at 09:53PM via National Vulnerability Database | New vulnerabilities from the NVD: CVE-2011-4943 | | | New vulnerabilities from the NVD: CVE-2011-3610 | | A Cross-site Scripting (XSS) vulnerability exists in the Serendipity freetag plugin before 3.30 in the tagcloud parameter to plugins/serendipity_event_freetag/tagcloud.swf. Published at: January 22, 2020 at 06:15PM View on website January 22, 2020 at 07:56PM via National Vulnerability Database | New vulnerabilities from the NVD: CVE-2011-3595 | | Multiple Cross-site Scripting (XSS) vulnerabilities exist in Joomla! through 1.7.0 in index.php in the search word, extension, asset, and author parameters. Published at: January 22, 2020 at 06:15PM View on website January 22, 2020 at 07:56PM via National Vulnerability Database | New vulnerabilities from the NVD: CVE-2011-3582 | | A Cross-site Request Forgery (CSRF) vulnerability exists in Advanced Electron Forums (AEF) through 1.0.9 due to inadequate confirmation for sensitive transactions in the administrator functions. Published at: January 22, 2020 at 05:15PM View on website January 22, 2020 at 07:56PM via National Vulnerability Database | New vulnerabilities from the NVD: CVE-2011-3621 | | A reverse proxy issue exists in FluxBB before 1.4.7 when FORUM_BEHIND_REVERSE_PROXY is enabled. Published at: January 22, 2020 at 08:15PM View on website January 22, 2020 at 09:53PM via National Vulnerability Database | New vulnerabilities from the NVD: CVE-2011-3614 | | An Access Control vulnerability exists in the Facebook, Twitter, and Embedded plugins in Vanilla Forums before 2.0.17.9. Published at: January 22, 2020 at 08:15PM View on website January 22, 2020 at 09:53PM via National Vulnerability Database | New vulnerabilities from the NVD: CVE-2011-3613 | | | New vulnerabilities from the NVD: CVE-2011-3612 | | Cross-Site Request Forgery (CSRF) vulnerability exists in panel.php in UseBB before 1.0.12. Published at: January 22, 2020 at 08:15PM View on website January 22, 2020 at 09:53PM via National Vulnerability Database | New vulnerabilities from the NVD: CVE-2011-3611 | | A File Inclusion vulnerability exists in act parameter to admin.php in UseBB before 1.0.12. Published at: January 22, 2020 at 07:15PM View on website January 22, 2020 at 09:53PM via National Vulnerability Database | New vulnerabilities from the NVD: CVE-2011-3622 | | A Cross-Site Scripting (XSS) vulnerability exists in the admin login screen in Phorum before 5.2.18. Published at: January 22, 2020 at 10:15PM View on website January 22, 2020 at 11:54PM via National Vulnerability Database | New vulnerabilities from the NVD: CVE-2010-3295 | | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. Published at: January 23, 2020 at 06:15PM View on website January 23, 2020 at 07:56PM via National Vulnerability Database | New vulnerabilities from the NVD: CVE-2008-7314 | | mIRC before 6.35 allows attackers to cause a denial of service (crash) via a long nickname. Published at: January 23, 2020 at 05:15PM View on website January 23, 2020 at 07:56PM via National Vulnerability Database | New vulnerabilities from the NVD: CVE-2007-6758 | | |
| | |