Security Vulnerabilities - CVEs Published In 2019
The Lava Flair Z1 Android device with a build fingerprint of LAVA/Z1/Z1:8.1.0/O11019/1536680131:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app (versionCode=400, versionName=v4.0.27) that allows any app co-located on the device to programmatically disable and enable Wi-Fi without the corresponding access permission through an exported interface.
CVSS Score
3.3
EPSS Score
0.001
Published
2019-11-14
The Lava Iris 88 Go Android device with a build fingerprint of LAVA/iris88_go/iris88_go:8.1.0/O11019/1538188945:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app (versionCode=400, versionName=v4.0.27) that allows any app co-located on the device to programmatically disable and enable Wi-Fi without the corresponding access permission through an exported interface.
CVSS Score
3.3
EPSS Score
0.001
Published
2019-11-14
Moodle before 2.2.2 has an external enrolment plugin context check issue where capability checks are not thorough
CVSS Score
7.5
EPSS Score
0.005
Published
2019-11-14
Insufficient access control in system firmware for Intel(R) Xeon(R) Scalable Processors, 2nd Generation Intel(R) Xeon(R) Scalable Processors and Intel(R) Xeon(R) Processors D Family may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
CVSS Score
6.7
EPSS Score
0.001
Published
2019-11-14
Insufficient input validation in system firmware for Intel(R) Xeon(R) Scalable Processors, Intel(R) Xeon(R) Processors D Family, Intel(R) Xeon(R) Processors E5 v4 Family, Intel(R) Xeon(R) Processors E7 v4 Family and Intel(R) Atom(R) processor C Series may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
CVSS Score
8.2
EPSS Score
0.001
Published
2019-11-14
Memory corruption issues in Intel(R) WIFI Drivers before version 21.40 may allow a privileged user to potentially enable escalation of privilege, denial of service, and information disclosure via local access.
CVSS Score
7.8
EPSS Score
0.002
Published
2019-11-14
Memory corruption issues in Intel(R) WIFI Drivers before version 21.40 may allow a privileged user to potentially enable escalation of privilege, denial of service, and information disclosure via adjacent access.
CVSS Score
8.8
EPSS Score
0.002
Published
2019-11-14
Memory corruption issues in Intel(R) PROSet/Wireless WiFi Software extension DLL before version 21.40 may allow an authenticated user to potentially enable escalation of privilege, information disclosure and a denial of service via local access.
CVSS Score
7.8
EPSS Score
0.002
Published
2019-11-14
Improper directory permissions in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may allow an authenticated user to potentially enable denial of service and information disclosure via local access.
CVSS Score
7.1
EPSS Score
0.001
Published
2019-11-14
Improper directory permissions in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may allow an authenticated user to potentially enable denial of service and information disclosure via local access.
CVSS Score
7.1
EPSS Score
0.001
Published
2019-11-14