Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

cve-2019-2725 vulnerabilities and exploits

(subscribe to this query)

9.3
CVSSv2
CVE-2019-1035
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1034....
Microsoft Office 2016Microsoft Office 2019Microsoft Office 365 Proplus -Microsoft Office Online Server -Microsoft Sharepoint Server 2019
5
CVSSv2
CVE-2019-2602
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with...
Oracle Jdk 1.7.0Oracle Jdk 1.8.0Oracle Jdk 11.0.2Oracle Jdk 12Oracle Jre 1.7.0Oracle Jre 1.8.0Oracle Jre 11.0.2Oracle Jre 12Redhat Openshift Container Platform 3.11Opensuse Leap 15.0
4.3
CVSSv2
CVE-2019-3877
A vulnerability was found in mod_auth_mellon before v0.14.2. An open redirect in the logout URL allows requests with backslashes to pass through by assuming that it is a relative URL, while the browsers silently convert backslash characters into forward slashes treating them as...
Mod Auth Mellon Project Mod Auth MellonFedoraproject Fedora 29Redhat Enterprise Linux 7.0Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 18.10
4.6
CVSSv2
CVE-2019-6778
In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow....
Qemu Qemu 3.0.0Opensuse Leap 15.0Opensuse Leap 42.3Fedoraproject Fedora 29Fedoraproject Fedora 30Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 18.10
9
CVSSv2
CVE-2019-5515
VMware Workstation (15.x before 15.0.3, 14.x before 14.1.6) and Fusion (11.x before 11.0.3, 10.x before 10.1.6) updates address an out-of-bounds write vulnerability in the e1000 and e1000e virtual network adapters. Exploitation of this issue may lead to code execution on the...
Vmware FusionVmware Workstation
4.3
CVSSv2
CVE-2019-0039
If REST API is enabled, the Junos OS login credentials are vulnerable to brute force attacks. The high default connection limit of the REST API may allow an attacker to brute-force passwords using advanced scripting techniques. Additionally, administrators who do not enforce a...
Juniper JunosJuniper Junos 15.1r7-s3Juniper Junos 15.1x53-d69Juniper Junos 15.1x53-d495Juniper Junos 15.1x53-d591Juniper Junos 16.1r4-s12Juniper Junos 16.1r6-s6Juniper Junos 16.1r7-s3Juniper Junos 17.1r3Juniper Junos 17.2r3-s1Juniper Junos 17.4r2-s2Juniper Junos 18.1r3-s1
6.1
CVSSv2
CVE-2019-0038
Crafted packets destined to the management interface (fxp0) of an SRX340 or SRX345 services gateway may create a denial of service (DoS) condition due to buffer space exhaustion. This issue only affects the SRX340 and SRX345 services gateways. No other products or platforms are...
Juniper Junos 15.1x49Juniper Junos 17.3Juniper Junos 17.4Juniper Junos 18Juniper Junos 18.1Juniper Junos 18.2Juniper Junos 18.3
5.5
CVSSv2
CVE-2019-0690
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from...
Microsoft Windows 10 -Microsoft Windows 10 1607Microsoft Windows 10 1703Microsoft Windows 10 1709Microsoft Windows 10 1803Microsoft Windows 10 1809Microsoft Windows 7 -Microsoft Windows 8.1 -Microsoft Windows Server 2008 -Microsoft Windows Server 2012 -Microsoft Windows Server 2012 R2Microsoft Windows Server 2016 -Microsoft Windows Server 2016 1709Microsoft Windows Server 2016 1803Microsoft Windows Server 2019 -
7.5
CVSSv2
CVE-2019-0697
A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka 'Windows DHCP Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0698, CVE-2019-0726....
Microsoft Windows 10 1803Microsoft Windows 10 1809Microsoft Windows Server 2016 1803Microsoft Windows Server 2019
7.5
CVSSv2
CVE-2019-9790
A use-after-free vulnerability can occur when a raw pointer to a DOM element on a page is obtained using JavaScript and the element is then removed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.6, Firefox ESR...
Mozilla FirefoxMozilla Firefox EsrMozilla Thunderbird
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
unspecifiedbuffer overflowCVE-2021-0404microsoftrace conditionCVE-2021-23965CVE-2021-21298CVE-2021-24093CVE-2021-21724CVE-2021-25281.net