From DHS/US-CERT’s National Vulnerability Database CVE-2019-7753
PUBLISHED: 2019-02-12
Verydows 2.0 has XSS via the index.php?m=api&c=stats&a=count referrer parameter.
CVE-2019-5595
PUBLISHED: 2019-02-12
In FreeBSD before 11.2-STABLE(r343782), 11.2-RELEASE-p9, 12.0-STABLE(r343781), and 12.0-RELEASE-p3, kernel callee-save registers are not properly sanitized before return from system calls, potentially allowing some kernel data used in the system call to be exposed.
CVE-2019-5596
PUBLISHED: 2019-02-12
In FreeBSD 11.2-STABLE after r338618 and before r343786, 12.0-STABLE before r343781, and 12.0-RELEASE before 12.0-RELEASE-p3, a bug in the reference count implementation for UNIX domain sockets can cause a file structure to be incorrectly released potentially allowing a malicious local user to gain …
CVE-2019-3923
PUBLISHED: 2019-02-12
Nessus versions 8.2.1 and earlier were found to contain a stored XSS vulnerability due to improper validation of user-supplied input. An authenticated, remote attacker could potentially exploit this vulnerability via a specially crafted request to execute arbitrary script code in a user’s browser se…
CVE-2018-9582
PUBLISHED: 2019-02-11
In package installer in Android-8.0, Android-8.1 and Android-9, there is a possible bypass of the unknown source warning due to a confused deputy scenario. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation…