| 2019-09-30 | CVE-2019-16276 | HTTP Request Smuggling vulnerability in multiple products
Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. | 7.5 |
| 2019-09-27 | CVE-2019-16928 | Out-of-bounds Write vulnerability in multiple products
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. | 9.8 |
| 2019-09-27 | CVE-2019-9433 | Improper Input Validation vulnerability in multiple products
In libvpx, there is a possible information disclosure due to improper input validation. | 6.5 |
| 2019-09-27 | CVE-2019-9371 | Improper Input Validation vulnerability in multiple products
In libvpx, there is a possible resource exhaustion due to improper input validation. | 6.5 |
| 2019-09-27 | CVE-2019-9325 | Out-of-bounds Read vulnerability in multiple products
In libvpx, there is a possible out of bounds read due to a missing bounds check. | 6.5 |
| 2019-09-27 | CVE-2019-9278 | Integer Overflow or Wraparound vulnerability in multiple products
In libexif, there is a possible out of bounds write due to an integer overflow. | 8.8 |
| 2019-09-27 | CVE-2019-9232 | Out-of-bounds Read vulnerability in multiple products
In libvpx, there is a possible out of bounds read due to a missing bounds check. | 7.5 |
| 2019-09-27 | CVE-2019-8075 | Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. | 7.5 |
| 2019-09-26 | CVE-2019-10092 | Cross-site Scripting vulnerability in multiple products
In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. | 6.1 |
| 2019-09-26 | CVE-2019-16910 | Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might allow an attacker to recover a private key via side-channel attacks if a victim signs the same message many times. | 5.3 |