national critical information infrastructure protection centre … · 2019-04-29 · 16 jan - 31...

CV Scoring Scale (CVSS)

0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10

Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; Mem. Corr. - Memory Corruption; N/A- Not Applicable.

1

National Critical Information Infrastructure Protection Centre

Common Vulnerabilities and Exposures(CVE) Report

16 Jan - 31 Jan 2019 Vol. 06 No. 02

Vulnerability

Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID

Application

Adobe

Acrobat

N/A 2019-01-18 5

Adobe Acrobat and Reader

versions 2018.011.20063 and

earlier, 2017.011.30102 and

earlier, and 2015.006.30452 and

earlier have an out-of-bounds

read vulnerability. Successful

exploitation could lead to

information disclosure.

CVE ID : CVE-2018-19722

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

30.html

A-ADO-

ACRO-

070219/1

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and

earlier version, 2017.011.30105

and earlier version,

2015.006.30457 and earlier, and

2015.006.30456 and earlier have

an out-of-bounds read

vulnerability. Successful



CVE ID : CVE-2018-19719

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/2

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and


https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

A-ADO-

ACRO-

070219/3


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


2

Vulnerability









CVE ID : CVE-2018-19717

41.html

Exec Code

Overflow 2019-01-18 7.5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and





a heap overflow vulnerability.

Successful exploitation could lead

to arbitrary code execution.

CVE ID : CVE-2018-19716

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/4

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and





a use after free vulnerability.



CVE ID : CVE-2018-19715

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/5

N/A 2019-01-18 4.3 Adobe Acrobat and Reader


earlier, 2019.008.20080 and

https://he

lpx.adobe.

com/secur

A-ADO-

ACRO-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


3

Vulnerability


earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19714

ity/produc

ts/acrobat

/apsb18-

41.html

070219/6

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-19713

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/7

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/8


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


4

Vulnerability


CVE ID : CVE-2018-19712

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19711

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/9

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19710

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/10

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and




https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/11


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


5

Vulnerability







CVE ID : CVE-2018-19709

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-19708

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/12

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-19707

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/13

N/A 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

A-ADO-

ACRO-

070219/14


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


6

Vulnerability










CVE ID : CVE-2018-19706

/apsb18-

41.html

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19705

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/15

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19704

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/16


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


7

Vulnerability


N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19703

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/17

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and





an out-of-bounds write



arbitrary code execution.

CVE ID : CVE-2018-19702

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/18

N/A 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and





https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/19


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


8

Vulnerability






CVE ID : CVE-2018-19701

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-19700

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/20

N/A 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19699

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/21

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

A-ADO-

ACRO-

070219/22


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


9

Vulnerability









CVE ID : CVE-2018-19698

/apsb18-

41.html

N/A 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16047

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/23

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16046

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/24

Bypass 2019-01-18 9.3 Adobe Acrobat and Reader


https://he

lpx.adobe.

A-ADO-

ACRO-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


10

Vulnerability


earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and





a security bypass vulnerability.


to privilege escalation.

CVE ID : CVE-2018-16045

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

070219/25

Bypass 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16044

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/26

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/27


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


11

Vulnerability


CVE ID : CVE-2018-16043

Bypass

+Info 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and







to information disclosure.

CVE ID : CVE-2018-16042

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/28

N/A 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16041

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/29

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and





https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/30


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


12

Vulnerability





CVE ID : CVE-2018-16040

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16039

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/31

N/A 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and





a out-of-bounds read




CVE ID : CVE-2018-16038

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/32

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and


https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

A-ADO-

ACRO-

070219/33


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


13

Vulnerability








CVE ID : CVE-2018-16037

41.html

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16036

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/34

N/A 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16035

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/35



earlier, 2019.008.20080 and

https://he

lpx.adobe.

com/secur

A-ADO-

ACRO-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


14

Vulnerability


earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16034

ity/produc

ts/acrobat

/apsb18-

41.html

070219/36

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16033

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/37

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/38


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


15

Vulnerability



CVE ID : CVE-2018-16032

N/A 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16031

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/39

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16030

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/40

Exec Code 2019-01-18 6.8



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and



https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

A-ADO-

ACRO-

070219/41


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


16

Vulnerability







CVE ID : CVE-2018-16029

41.html

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16028

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/42

Exec Code 2019-01-18 6.8



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16027

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/43

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

https://he

lpx.adobe.

com/secur

ity/produc

A-ADO-

ACRO-

070219/44


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


17

Vulnerability


earlier, 2017.011.30106 and








CVE ID : CVE-2018-16026

ts/acrobat

/apsb18-

41.html

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16025

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/45

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16024

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/46


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


18

Vulnerability


N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16023

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/47

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16022

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/48

Exec Code

Overflow 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and





https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/49


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


19

Vulnerability





CVE ID : CVE-2018-16021

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16020

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/50

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16019

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/51

Bypass 2019-01-18 9.3



earlier, 2019.010.20064 and

earlier, 2017.011.30110 and

earlier version, and

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

A-ADO-

ACRO-

070219/52


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


20

Vulnerability






CVE ID : CVE-2018-16018

/apsb19-

02.html

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16017

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/53

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16016

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/54

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

https://he

lpx.adobe.

com/secur

ity/produc

A-ADO-

ACRO-

070219/55


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


21

Vulnerability


earlier, 2017.011.30106 and









CVE ID : CVE-2018-16015

ts/acrobat

/apsb18-

41.html

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16014

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/56

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16013

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/57


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


22

Vulnerability


N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16012

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/58

Exec Code 2019-01-18 9.3



earlier, 2019.010.20064 and

earlier, 2017.011.30110 and



an use after free vulnerability.



CVE ID : CVE-2018-16011

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb19-

02.html

A-ADO-

ACRO-

070219/59

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/60


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


23

Vulnerability


CVE ID : CVE-2018-16010

Overflow 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and





an integer overflow vulnerability.



CVE ID : CVE-2018-16009

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/61

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16008

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/62

Overflow 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and






https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/63


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


24

Vulnerability




CVE ID : CVE-2018-16007

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16006

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/64

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16005

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/65

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and


https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

A-ADO-

ACRO-

070219/66


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


25

Vulnerability





an untrusted pointer dereference




CVE ID : CVE-2018-16004

41.html

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16003

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/67

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16002

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/68



https://he

lpx.adobe.

A-ADO-

ACRO-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


26

Vulnerability


earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16001

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

070219/69

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16000

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/70

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and







https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/71


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


27

Vulnerability




CVE ID : CVE-2018-15999

Exec Code

Overflow 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and





a buffer errors vulnerability.



CVE ID : CVE-2018-15998

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/72

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-15997

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/73

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and



https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

A-ADO-

ACRO-

070219/74


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


28

Vulnerability








CVE ID : CVE-2018-15996

41.html

Overflow 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-15995

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/75

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-15994

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/76

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

https://he

lpx.adobe.

com/secur

ity/produc

A-ADO-

ACRO-

070219/77


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


29

Vulnerability


earlier, 2017.011.30106 and








CVE ID : CVE-2018-15993

ts/acrobat

/apsb18-

41.html

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-15992

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/78

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-15991

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/79

Exec Code 2019-01-18 9.3 Adobe Acrobat and Reader


https://he

lpx.adobe.

A-ADO-

ACRO-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


30

Vulnerability


earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-15990

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

070219/80

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-15989

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/81

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/82


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


31

Vulnerability



CVE ID : CVE-2018-15988

Exec Code

Overflow 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-15987

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/83

Overflow 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-15986

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/84

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and





https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/85


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


32

Vulnerability






CVE ID : CVE-2018-15985

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-15984

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/86

Exec Code

Overflow 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-12830

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/87

Acrobat Dc

N/A 2019-01-18 5 Adobe Acrobat and Reader


earlier, 2017.011.30102 and

https://he

lpx.adobe.

com/secur

A-ADO-

ACRO-

070219/88


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


33

Vulnerability







CVE ID : CVE-2018-19722

ity/produc

ts/acrobat

/apsb18-

30.html

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19719

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/89

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19717

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/90

Exec Code

Overflow 2019-01-18 7.5



earlier, 2019.008.20080 and

https://he

lpx.adobe.

com/secur

A-ADO-

ACRO-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


34

Vulnerability


earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-19716

ity/produc

ts/acrobat

/apsb18-

41.html

070219/91

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-19715

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/92

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19714

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/93


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


35

Vulnerability


Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-19713

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/94

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19712

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/95

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and






https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/96


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


36

Vulnerability





CVE ID : CVE-2018-19711

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19710

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/97

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19709

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/98

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

A-ADO-

ACRO-

070219/99


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


37

Vulnerability









CVE ID : CVE-2018-19708

/apsb18-

41.html

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-19707

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/100

N/A 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19706

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/101



https://he

lpx.adobe.

A-ADO-

ACRO-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


38

Vulnerability


earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19705

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

070219/102

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19704

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/103

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and







https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/104


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


39

Vulnerability




CVE ID : CVE-2018-19703

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19702

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/105

N/A 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19701

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/106

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and


https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

A-ADO-

ACRO-

070219/107


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


40

Vulnerability








CVE ID : CVE-2018-19700

41.html

N/A 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19699

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/108

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-19698

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/109



earlier, 2019.008.20080 and

https://he

lpx.adobe.

com/secur

A-ADO-

ACRO-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


41

Vulnerability


earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16047

ity/produc

ts/acrobat

/apsb18-

41.html

070219/110

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16046

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/111

Bypass 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16045

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/112


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


42

Vulnerability


Bypass 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16044

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/113

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16043

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/114

Bypass

+Info 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and






https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/115


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


43

Vulnerability




CVE ID : CVE-2018-16042

N/A 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16041

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/116

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16040

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/117

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and



https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

A-ADO-

ACRO-

070219/118


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


44

Vulnerability







CVE ID : CVE-2018-16039

41.html

N/A 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16038

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/119

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16037

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/120

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

https://he

lpx.adobe.

com/secur

ity/produc

A-ADO-

ACRO-

070219/121


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


45

Vulnerability


earlier, 2017.011.30106 and








CVE ID : CVE-2018-16036

ts/acrobat

/apsb18-

41.html

N/A 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16035

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/122

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16034

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/123


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


46

Vulnerability


N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16033

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/124

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16032

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/125

N/A 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and





https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/126


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


47

Vulnerability






CVE ID : CVE-2018-16031

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16030

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/127

Exec Code 2019-01-18 6.8



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16029

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/128

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

A-ADO-

ACRO-

070219/129


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


48

Vulnerability










CVE ID : CVE-2018-16028

/apsb18-

41.html

Exec Code 2019-01-18 6.8



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16027

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/130

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16026

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/131



https://he

lpx.adobe.

A-ADO-

ACRO-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


49

Vulnerability


earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16025

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

070219/132

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16024

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/133

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/134


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


50

Vulnerability



CVE ID : CVE-2018-16023

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16022

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/135

Exec Code

Overflow 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16021

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/136

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and




https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/137


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


51

Vulnerability







CVE ID : CVE-2018-16020

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16019

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/138

Bypass 2019-01-18 9.3



earlier, 2019.010.20064 and

earlier, 2017.011.30110 and






CVE ID : CVE-2018-16018

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb19-

02.html

A-ADO-

ACRO-

070219/139

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and



https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

A-ADO-

ACRO-

070219/140


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


52

Vulnerability








CVE ID : CVE-2018-16017

41.html

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16016

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/141

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16015

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/142



https://he

lpx.adobe.

A-ADO-

ACRO-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


53

Vulnerability


earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16014

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

070219/143

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16013

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/144

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/145


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


54

Vulnerability



CVE ID : CVE-2018-16012

Exec Code 2019-01-18 9.3



earlier, 2019.010.20064 and

earlier, 2017.011.30110 and






CVE ID : CVE-2018-16011

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb19-

02.html

A-ADO-

ACRO-

070219/146

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16010

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/147

Overflow 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and







https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/148


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


55

Vulnerability



CVE ID : CVE-2018-16009

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16008

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/149

Overflow 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16007

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/150

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and





https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/151


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


56

Vulnerability






CVE ID : CVE-2018-16006

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16005

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/152

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16004

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/153

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

https://he

lpx.adobe.

com/secur

ity/produc

A-ADO-

ACRO-

070219/154


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


57

Vulnerability


earlier, 2017.011.30106 and








CVE ID : CVE-2018-16003

ts/acrobat

/apsb18-

41.html

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16002

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/155

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16001

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/156


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


58

Vulnerability


Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16000

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/157

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-15999

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/158

Exec Code

Overflow 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and





https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/159


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


59

Vulnerability





CVE ID : CVE-2018-15998

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-15997

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/160

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-15996

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/161

Overflow 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

A-ADO-

ACRO-

070219/162


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


60

Vulnerability









CVE ID : CVE-2018-15995

/apsb18-

41.html

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-15994

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/163

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-15993

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/164



earlier, 2019.008.20080 and

https://he

lpx.adobe.

com/secur

A-ADO-

ACRO-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


61

Vulnerability


earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-15992

ity/produc

ts/acrobat

/apsb18-

41.html

070219/165

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-15991

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/166

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-15990

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/167


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


62

Vulnerability


N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-15989

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/168

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-15988

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/169

Exec Code

Overflow 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and





https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/170


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


63

Vulnerability





CVE ID : CVE-2018-15987

Overflow 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-15986

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/171

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-15985

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/172

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and


https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

A-ADO-

ACRO-

070219/173


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


64

Vulnerability









CVE ID : CVE-2018-15984

41.html

Exec Code

Overflow 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-12830

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/174

Acrobat Reader

N/A 2019-01-18 5



earlier, 2017.011.30102 and






CVE ID : CVE-2018-19722

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

30.html

A-ADO-

ACRO-

070219/175

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

A-ADO-

ACRO-

070219/176


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


65

Vulnerability










CVE ID : CVE-2018-19719

/apsb18-

41.html

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19717

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/177

Exec Code

Overflow 2019-01-18 7.5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-19716

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/178


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


66

Vulnerability


Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-19715

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/179

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19714

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/180

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and






https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/181


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


67

Vulnerability




CVE ID : CVE-2018-19713

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19712

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/182

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19711

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/183

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and


https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

A-ADO-

ACRO-

070219/184


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


68

Vulnerability









CVE ID : CVE-2018-19710

41.html

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19709

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/185

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-19708

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/186

Exec Code 2019-01-18 10 Adobe Acrobat and Reader


https://he

lpx.adobe.

A-ADO-

ACRO-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


69

Vulnerability


earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-19707

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

070219/187

N/A 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19706

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/188

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/189


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


70

Vulnerability



CVE ID : CVE-2018-19705

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19704

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/190

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19703

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/191

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and



https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

A-ADO-

ACRO-

070219/192


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


71

Vulnerability








CVE ID : CVE-2018-19702

41.html

N/A 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19701

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/193

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-19700

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/194



earlier, 2019.008.20080 and

https://he

lpx.adobe.

com/secur

A-ADO-

ACRO-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


72

Vulnerability


earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19699

ity/produc

ts/acrobat

/apsb18-

41.html

070219/195

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-19698

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/196

N/A 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/197


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


73

Vulnerability


CVE ID : CVE-2018-16047

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16046

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/198

Bypass 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16045

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/199

Bypass 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and






https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/200


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


74

Vulnerability




CVE ID : CVE-2018-16044

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16043

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/201

Bypass

+Info 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16042

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/202

N/A 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and



https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

A-ADO-

ACRO-

070219/203


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


75

Vulnerability








CVE ID : CVE-2018-16041

41.html

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16040

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/204

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16039

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/205

N/A 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

https://he

lpx.adobe.

com/secur

ity/produc

A-ADO-

ACRO-

070219/206


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


76

Vulnerability


earlier, 2017.011.30106 and









CVE ID : CVE-2018-16038

ts/acrobat

/apsb18-

41.html

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16037

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/207

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16036

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/208


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


77

Vulnerability


N/A 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16035

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/209

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16034

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/210

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and





https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/211


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


78

Vulnerability






CVE ID : CVE-2018-16033

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16032

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/212

N/A 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16031

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/213

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

https://he

lpx.adobe.

com/secur

ity/produc

A-ADO-

ACRO-

070219/214


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


79

Vulnerability


earlier, 2017.011.30106 and









CVE ID : CVE-2018-16030

ts/acrobat

/apsb18-

41.html

Exec Code 2019-01-18 6.8



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16029

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/215

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16028

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/216


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


80

Vulnerability


Exec Code 2019-01-18 6.8



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16027

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/217

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16026

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/218

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and







https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/219


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


81

Vulnerability



CVE ID : CVE-2018-16025

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16024

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/220

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16023

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/221

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and



https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

A-ADO-

ACRO-

070219/222


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


82

Vulnerability








CVE ID : CVE-2018-16022

41.html

Exec Code

Overflow 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16021

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/223

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16020

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/224



earlier, 2019.008.20080 and

https://he

lpx.adobe.

com/secur

A-ADO-

ACRO-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


83

Vulnerability


earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16019

ity/produc

ts/acrobat

/apsb18-

41.html

070219/225

Bypass 2019-01-18 9.3



earlier, 2019.010.20064 and

earlier, 2017.011.30110 and






CVE ID : CVE-2018-16018

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb19-

02.html

A-ADO-

ACRO-

070219/226

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16017

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/227



https://he

lpx.adobe.

A-ADO-

ACRO-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


84

Vulnerability


earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16016

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

070219/228

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16015

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/229

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and







https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/230


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


85

Vulnerability



CVE ID : CVE-2018-16014

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16013

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/231

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16012

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/232

Exec Code 2019-01-18 9.3



earlier, 2019.010.20064 and

earlier, 2017.011.30110 and




https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb19-

A-ADO-

ACRO-

070219/233


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


86

Vulnerability




CVE ID : CVE-2018-16011

02.html

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16010

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/234

Overflow 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16009

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/235

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and



https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

A-ADO-

ACRO-

070219/236


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


87

Vulnerability







CVE ID : CVE-2018-16008

41.html

Overflow 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16007

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/237

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16006

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/238

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

https://he

lpx.adobe.

com/secur

ity/produc

A-ADO-

ACRO-

070219/239


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


88

Vulnerability


earlier, 2017.011.30106 and









CVE ID : CVE-2018-16005

ts/acrobat

/apsb18-

41.html

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16004

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/240

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16003

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/241


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


89

Vulnerability


N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16002

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/242

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16001

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/243

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and





https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/244


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


90

Vulnerability






CVE ID : CVE-2018-16000

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-15999

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/245

Exec Code

Overflow 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-15998

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/246

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

A-ADO-

ACRO-

070219/247


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


91

Vulnerability










CVE ID : CVE-2018-15997

/apsb18-

41.html

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-15996

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/248

Overflow 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-15995

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/249


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


92

Vulnerability


Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-15994

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/250

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-15993

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/251

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and







https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/252


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


93

Vulnerability



CVE ID : CVE-2018-15992

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-15991

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/253

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-15990

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/254

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and





https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/255


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


94

Vulnerability






CVE ID : CVE-2018-15989

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-15988

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/256

Exec Code

Overflow 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-15987

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/257

Overflow 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

A-ADO-

ACRO-

070219/258


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


95

Vulnerability









CVE ID : CVE-2018-15986

/apsb18-

41.html

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-15985

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/259

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-15984

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/260


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


96

Vulnerability


Exec Code

Overflow 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-12830

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/261

Acrobat Reader Dc

N/A 2019-01-18 5



earlier, 2017.011.30102 and






CVE ID : CVE-2018-19722

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

30.html

A-ADO-

ACRO-

070219/262

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/263


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


97

Vulnerability


CVE ID : CVE-2018-19719

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19717

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/264

Exec Code

Overflow 2019-01-18 7.5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-19716

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/265

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and





https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/266


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


98

Vulnerability





CVE ID : CVE-2018-19715

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19714

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/267

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-19713

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/268

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and


https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

A-ADO-

ACRO-

070219/269


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


99

Vulnerability









CVE ID : CVE-2018-19712

41.html

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19711

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/270

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19710

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/271


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


100

Vulnerability


N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19709

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/272

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-19708

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/273

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and






https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/274


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


101

Vulnerability




CVE ID : CVE-2018-19707

N/A 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19706

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/275

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19705

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/276

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and


https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

A-ADO-

ACRO-

070219/277


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


102

Vulnerability









CVE ID : CVE-2018-19704

41.html

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19703

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/278

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19702

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/279


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


103

Vulnerability


N/A 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-19701

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/280

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-19700

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/281

N/A 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and






https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/282


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


104

Vulnerability





CVE ID : CVE-2018-19699

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-19698

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/283

N/A 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16047

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/284

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and


https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

A-ADO-

ACRO-

070219/285


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


105

Vulnerability








CVE ID : CVE-2018-16046

41.html

Bypass 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16045

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/286

Bypass 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16044

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/287

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

https://he

lpx.adobe.

com/secur

ity/produc

A-ADO-

ACRO-

070219/288


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


106

Vulnerability


earlier, 2017.011.30106 and









CVE ID : CVE-2018-16043

ts/acrobat

/apsb18-

41.html

Bypass

+Info 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16042

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/289

N/A 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16041

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/290


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


107

Vulnerability


Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16040

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/291

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16039

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/292

N/A 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and







https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/293


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


108

Vulnerability




CVE ID : CVE-2018-16038

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16037

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/294

Exec Code 2019-01-18 10



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16036

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/295

N/A 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and




https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/296


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


109

Vulnerability







CVE ID : CVE-2018-16035

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16034

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/297

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16033

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/298



earlier, 2019.008.20080 and

https://he

lpx.adobe.

com/secur

A-ADO-

ACRO-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


110

Vulnerability


earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16032

ity/produc

ts/acrobat

/apsb18-

41.html

070219/299

N/A 2019-01-18 5



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16031

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/300

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/301


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


111

Vulnerability



CVE ID : CVE-2018-16030

Exec Code 2019-01-18 6.8



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16029

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/302

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16028

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/303

Exec Code 2019-01-18 6.8



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and




https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/304


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


112

Vulnerability






CVE ID : CVE-2018-16027

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16026

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/305

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16025

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/306

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and


https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

A-ADO-

ACRO-

070219/307


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


113

Vulnerability









CVE ID : CVE-2018-16024

41.html

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16023

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/308

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16022

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/309


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


114

Vulnerability


Exec Code

Overflow 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16021

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/310

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16020

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/311

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and






https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/312


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


115

Vulnerability





CVE ID : CVE-2018-16019

Bypass 2019-01-18 9.3



earlier, 2019.010.20064 and

earlier, 2017.011.30110 and






CVE ID : CVE-2018-16018

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb19-

02.html

A-ADO-

ACRO-

070219/313

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16017

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/314

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and





https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/315


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


116

Vulnerability






CVE ID : CVE-2018-16016

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16015

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/316

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16014

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/317

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

A-ADO-

ACRO-

070219/318


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


117

Vulnerability










CVE ID : CVE-2018-16013

/apsb18-

41.html

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16012

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/319

Exec Code 2019-01-18 9.3



earlier, 2019.010.20064 and

earlier, 2017.011.30110 and






CVE ID : CVE-2018-16011

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb19-

02.html

A-ADO-

ACRO-

070219/320

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

https://he

lpx.adobe.

com/secur

ity/produc

A-ADO-

ACRO-

070219/321


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


118

Vulnerability


earlier, 2017.011.30106 and









CVE ID : CVE-2018-16010

ts/acrobat

/apsb18-

41.html

Overflow 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16009

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/322

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16008

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/323


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


119

Vulnerability


Overflow 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16007

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/324

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16006

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/325

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and






https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/326


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


120

Vulnerability





CVE ID : CVE-2018-16005

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16004

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/327

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-16003

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/328

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and


https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

A-ADO-

ACRO-

070219/329


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


121

Vulnerability









CVE ID : CVE-2018-16002

41.html

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16001

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/330

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-16000

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/331


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


122

Vulnerability


Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-15999

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/332

Exec Code

Overflow 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-15998

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/333

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and






https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/334


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


123

Vulnerability





CVE ID : CVE-2018-15997

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-15996

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/335

Overflow 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-15995

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/336

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and


https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

A-ADO-

ACRO-

070219/337


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


124

Vulnerability








CVE ID : CVE-2018-15994

41.html

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-15993

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/338

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-15992

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/339

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

https://he

lpx.adobe.

com/secur

ity/produc

A-ADO-

ACRO-

070219/340


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


125

Vulnerability


earlier, 2017.011.30106 and








CVE ID : CVE-2018-15991

ts/acrobat

/apsb18-

41.html

Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-15990

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/341

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-15989

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/342


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


126

Vulnerability


Exec Code 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-15988

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/343

Exec Code

Overflow 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and








CVE ID : CVE-2018-15987

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/344

Overflow 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and






https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/345


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


127

Vulnerability




CVE ID : CVE-2018-15986

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-15985

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/346

N/A 2019-01-18 4.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and









CVE ID : CVE-2018-15984

https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

41.html

A-ADO-

ACRO-

070219/347

Exec Code

Overflow 2019-01-18 9.3



earlier, 2019.008.20080 and

earlier, 2019.008.20081 and

earlier, 2017.011.30106 and


https://he

lpx.adobe.

com/secur

ity/produc

ts/acrobat

/apsb18-

A-ADO-

ACRO-

070219/348


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


128

Vulnerability








CVE ID : CVE-2018-12830

41.html

Connect

+Info 2019-01-18 5

Adobe Connect versions 9.8.1 and

earlier have a session token

exposure vulnerability.


to exposure of the privileges

granted to a session.

CVE ID : CVE-2018-19718

https://he

lpx.adobe.

com/secur

ity/produc

ts/connect

/apsb19-

05.html

A-ADO-

CONN-

070219/349

Digital Editions

N/A 2019-01-18 5

Adobe Digital Editions versions

4.5.9 and below have an out of

bounds read vulnerability.



CVE ID : CVE-2018-12817

https://he

lpx.adobe.

com/secur

ity/produc

ts/Digital-

Editions/a

psb19-

04.html

A-ADO-

DIGI-

070219/350

Apache

Airflow

XSS 2019-01-23 5

In Apache Airflow 1.8.2 and

earlier, an experimental Airflow

feature displayed authenticated

cookies, as well as passwords to

databases used by Airflow. An

attacker who has limited access

to airflow, weather it be via XSS

or by leaving a machine unlocked

can exfil all credentials from the

N/A

A-APA-

AIRF-

070219/351


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


129

Vulnerability


system.

CVE ID : CVE-2017-17836

Cacti

Cacti

XSS 2019-01-16 3.5

A cross-site scripting (XSS)

vulnerability exists in host.php

(via tree.php) in Cacti before

1.2.0 due to lack of escaping of

unintended characters in the

Website Hostname field for

Devices.

CVE ID : CVE-2018-20726

N/A

A-CAC-

CACT-

070219/352

XSS 2019-01-16 3.5


vulnerability exists in

graph_templates.php in Cacti

before 1.2.0 due to lack of

escaping of unintended

characters in the Graph Vertical

Label.

CVE ID : CVE-2018-20725

N/A

A-CAC-

CACT-

070219/353

XSS 2019-01-16 3.5


vulnerability exists in pollers.php

in Cacti before 1.2.0 due to lack of


characters in the Website

Hostname for Data Collectors.

CVE ID : CVE-2018-20724

N/A

A-CAC-

CACT-

070219/354

XSS 2019-01-16 3.5


vulnerability exists in

color_templates.php in Cacti

before 1.2.0 due to lack of


characters in the Name field for a

Color.

CVE ID : CVE-2018-20723

N/A

A-CAC-

CACT-

070219/355


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


130

Vulnerability


Cairographics

Cairo

N/A 2019-01-16 4.3

An issue was discovered in cairo

1.16.0. There is an infinite loop in

the function

_arc_error_normalized in the file

cairo-arc.c, related to

_arc_max_angle_for_tolerance_nor

malized.

CVE ID : CVE-2019-6462

N/A A-CAI-CAIR-

070219/356

N/A 2019-01-16 4.3

An issue was discovered in cairo

1.16.0. There is an assertion

problem in the function

_cairo_arc_in_direction in the file

cairo-arc.c.

CVE ID : CVE-2019-6461

N/A A-CAI-CAIR-

070219/357

Cisco

Firepower Management Center

Exec Code

XSS 2019-01-23 4.3

A vulnerability in the web-based

management interface of Cisco

Firepower Management Center

(FMC) software could allow an

unauthenticated, remote attacker

to conduct a cross-site scripting

(XSS) attack against a user of the

web-based management interface

of the affected software. The

vulnerability is due to insufficient

validation of user-supplied input

by the web-based management

interface of the affected software.

An attacker could exploit this

vulnerability by persuading a

user of the interface to click a

crafted link. A successful exploit

could allow the attacker to

N/A A-CIS-FIRE-

070219/358


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


131

Vulnerability


execute arbitrary script code in

the context of the affected

interface or access sensitive,

browser-based information.

CVE ID : CVE-2019-1642

Prime Infrastructure

Exec Code

XSS 2019-01-23 4.3

A vulnerability in the web-based

management interface of Cisco

Prime Infrastructure could allow

an unauthenticated, remote

attacker to conduct a cross-site

scripting (XSS) attack against a

user of the web-based

management interface of the

affected software. The

vulnerability is due to insufficient

validation of user-supplied input

by the web-based management

interface of the affected software.

An attacker could exploit this

vulnerability by persuading a

user of the interface to click a

maliciously crafted link. A

successful exploit could allow the

attacker to execute arbitrary

script code in the context of the

affected interface or access

sensitive, browser-based

information.

CVE ID : CVE-2019-1643

N/A A-CIS-PRIM-

070219/359

Creditease-sec

Insight

CSRF 2019-01-22 6.8

An issue was discovered in

creditease-sec insight through

2018-09-11. user_delete in

srcpm/app/admin/views.py

N/A A-CRE-INSI-

070219/360


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


132

Vulnerability


allows CSRF.

CVE ID : CVE-2019-6510

CSRF 2019-01-22 6.8



2018-09-11. depart_delete in


allows CSRF.

CVE ID : CVE-2019-6509

N/A A-CRE-INSI-

070219/361

CSRF 2019-01-22 6.8



2018-09-11. role_perm_delete in


allows CSRF.

CVE ID : CVE-2019-6508

N/A A-CRE-INSI-

070219/362

CSRF 2019-01-22 6.8



2018-09-11. login_user_delete in


allows CSRF.

CVE ID : CVE-2019-6507

N/A A-CRE-INSI-

070219/363

Foxitsoftware

Phantompdf

Exec Code 2019-01-23 6.8

This vulnerability allows remote

attackers to execute arbitrary

code on vulnerable installations

of Foxit PhantomPDF 9.2.0.9297.

User interaction is required to

exploit this vulnerability in that

the target must visit a malicious

page or open a malicious file. The

specific flaw exists within the

handling of the exportValues

property of a radio button. The

issue results from the lack of

validating the existence of an

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/364


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


133

Vulnerability


object prior to performing

operations on the object. An

attacker can leverage this

vulnerability to execute code in

the context of the current

process. Was ZDI-CAN-7068.

CVE ID : CVE-2018-17687

Exec Code

+Info 2019-01-23 4.3


attackers to disclose sensitive

information on vulnerable

installations of Foxit Reader

9.2.0.9297. User interaction is

required to exploit this

vulnerability in that the target

must visit a malicious page or

open a malicious file. The specific

flaw exists within the processing

of BMP images. The issue results

from the lack of proper validation

of user-supplied data, which can

result in a read past the end of an

allocated buffer. An attacker can

leverage this vulnerability to

execute code in the context of the

current process. Was ZDI-CAN-

6844.

CVE ID : CVE-2018-17686

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/365

Exec Code 2019-01-23 6.8




of Foxit Reader 9.2.0.9297. User

interaction is required to exploit

this vulnerability in that the

target must visit a malicious page

or open a malicious file. The


handling of PDF files. The issue

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/366


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


134

Vulnerability


results from the lack of proper

validation of user-supplied data,

which can result in a type

confusion condition. An attacker

can leverage this vulnerability to



6819.

CVE ID : CVE-2018-17685

Exec Code 2019-01-23 6.8










handling of the

isPropertySpecified method. The









CVE ID : CVE-2018-17684

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/367

Exec Code 2019-01-23 6.8









https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/368


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


135

Vulnerability



handling of the createIcon

method of an app object. The









CVE ID : CVE-2018-17683

Exec Code 2019-01-23 6.8










handling of the delay property of

Annotation objects. The issue

results from the lack of validating

the existence of an object prior to

performing operations on the

object. An attacker can leverage

this vulnerability to execute code

in the context of the current


CVE ID : CVE-2018-17682

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/369

Exec Code 2019-01-23 6.8







https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

A-FOX-

PHAN-

070219/370


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


136

Vulnerability





handling of the getPageBox

method of a Form. The issue








CVE ID : CVE-2018-17681

hp

Exec Code 2019-01-23 6.8










handling of the style property of a

Field object. The issue results

from the lack of validating the

existence of an object prior to






CVE ID : CVE-2018-17680

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/371

Exec Code 2019-01-23 6.8






https://w

ww.foxitso

ftware.co

m/support

/security-

A-FOX-

PHAN-

070219/372


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


137

Vulnerability






parsing of PDF documents. By

manipulating a document's

elements, an attacker can cause a

pointer to be reused after it has

been freed. An attacker can




6890.

CVE ID : CVE-2018-17679

bulletins.p

hp

Exec Code 2019-01-23 6.8










handling of the gotoNamedDest

method of a app object. The issue








CVE ID : CVE-2018-17678

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/373

Exec Code 2019-01-23 6.8





https://w

ww.foxitso

ftware.co

m/support

A-FOX-

PHAN-

070219/374


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


138

Vulnerability







handling of the mailDoc method

of a app object. The issue results








CVE ID : CVE-2018-17677

/security-

bulletins.p

hp

Exec Code 2019-01-23 6.8










handling of the removeField

property of a app object. The









CVE ID : CVE-2018-17676

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/375

Exec Code 2019-01-23 6.8 This vulnerability allows remote


https://w

ww.foxitso

A-FOX-

PHAN-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


139

Vulnerability









handling of the

removeDataObject method of a

document. The issue results from

the lack of validating the







CVE ID : CVE-2018-17675

ftware.co

m/support

/security-

bulletins.p

hp

070219/376

Exec Code 2019-01-23 6.8










handling of the name property of









CVE ID : CVE-2018-17674

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/377


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


140

Vulnerability


Exec Code 2019-01-23 6.8










handling of the subtype property

of a Annotation object. The issue








CVE ID : CVE-2018-17673

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/378

Exec Code 2019-01-23 6.8










handling of array indices. The









https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/379


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


141

Vulnerability


CVE ID : CVE-2018-17672

Exec Code 2019-01-23 6.8










flaw exists within the handling of

the Lower method of a XFA

object. The issue results from the

lack of proper validation of user-

supplied data, which can result in

a read past the end of an





6617.

CVE ID : CVE-2018-17671

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/380

Exec Code 2019-01-23 6.8










handling of the content property

of a XFA object. The issue results






https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/381


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


142

Vulnerability




CVE ID : CVE-2018-17670

Exec Code 2019-01-23 6.8











a XFA object. The issue results








CVE ID : CVE-2018-17669

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/382

Exec Code 2019-01-23 6.8










handling of the removeAttribute

method of a XFA object. The issue





https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/383


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


143

Vulnerability





CVE ID : CVE-2018-17668

Exec Code 2019-01-23 6.8










handling of the getDisplayItem

method of a TimeField. The issue








CVE ID : CVE-2018-17656

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/384

Exec Code 2019-01-23 6.8










handling of the moveInstance

method of a Form object. The




https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/385


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


144

Vulnerability







CVE ID : CVE-2018-17655

Exec Code 2019-01-23 6.8










handling of the insertInstance










CVE ID : CVE-2018-17654

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/386

Exec Code 2019-01-23 6.8










handling of the resolveNode


https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/387


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


145

Vulnerability









CVE ID : CVE-2018-17653

Exec Code 2019-01-23 6.8










handling of the mandatory

property of a TimeField. The









CVE ID : CVE-2018-17652

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/388

Exec Code 2019-01-23 6.8










https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/389


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


146

Vulnerability


handling of the getItemState









CVE ID : CVE-2018-17651

Exec Code 2019-01-23 6.8










handling of the rotate property of

a TimeField. The issue results








CVE ID : CVE-2018-17648

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/390

Exec Code 2019-01-23 6.8









https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/391


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


147

Vulnerability



handling of the boundItem









CVE ID : CVE-2018-17647

Exec Code 2019-01-23 6.8










handling of the fillColor property

of a TimeField. The issue results








CVE ID : CVE-2018-17646

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/392

Exec Code 2019-01-23 6.8








https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/393


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


148

Vulnerability




handling of the vAlign property of









CVE ID : CVE-2018-17645

Exec Code 2019-01-23 6.8










handling of the addItem method









CVE ID : CVE-2018-17644

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/394

Exec Code 2019-01-23 6.8







https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

A-FOX-

PHAN-

070219/395


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


149

Vulnerability





handling of the editValue










CVE ID : CVE-2018-17643

hp

Exec Code 2019-01-23 6.8










handling of the colSpan property









CVE ID : CVE-2018-17642

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/396

Exec Code 2019-01-23 6.8





https://w

ww.foxitso

ftware.co

m/support

A-FOX-

PHAN-

070219/397


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


150

Vulnerability







handling of the deleteItem









CVE ID : CVE-2018-17641

/security-

bulletins.p

hp

Exec Code 2019-01-23 6.8










handling of the Form count

property. The issue results from








CVE ID : CVE-2018-17640

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/398




https://w

ww.foxitso

ftware.co

A-FOX-

PHAN-

070219/399


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


151

Vulnerability








handling of the setElement

method. The issue results from








CVE ID : CVE-2018-17639

m/support

/security-

bulletins.p

hp

Exec Code 2019-01-23 6.8










handling of the getAttribute









CVE ID : CVE-2018-17638

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/400



https://w

ww.foxitso

A-FOX-

PHAN-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


152

Vulnerability









handling of the loadXML method.

The issue results from the lack of








CVE ID : CVE-2018-17637

ftware.co

m/support

/security-

bulletins.p

hp

070219/401

Exec Code 2019-01-23 6.8










handling of the id property of a

aliasNode. The issue results from








CVE ID : CVE-2018-17636

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/402

Exec Code 2019-01-23 6.8 This vulnerability allows remote https://w A-FOX-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


153

Vulnerability










handling of the desc property.









CVE ID : CVE-2018-17635

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

PHAN-

070219/403

Exec Code 2019-01-23 6.8










handling of the attachIcon

property of Annotation objects.









https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/404


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


154

Vulnerability


CVE ID : CVE-2018-17634

Exec Code 2019-01-23 6.8










handling of the subject property

of Annotation objects. The issue








CVE ID : CVE-2018-17633

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/405

Exec Code 2019-01-23 6.8











event. The issue results from the

lack of validation of the existence

of an object prior to performing





https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/406


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


155

Vulnerability



CVE ID : CVE-2018-17632

Exec Code 2019-01-23 6.8










handling of the removeInstance









CVE ID : CVE-2018-17631

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/407

Exec Code 2019-01-23 6.8










handling of the openPlayer







https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/408


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


156

Vulnerability




CVE ID : CVE-2018-17630

Exec Code 2019-01-23 6.8










handling of template objects. The









CVE ID : CVE-2018-17629

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/409

Exec Code 2019-01-23 6.8










XFA setInterval method. The






https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

PHAN-

070219/410


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


157

Vulnerability





CVE ID : CVE-2018-17628

Reader

Exec Code 2019-01-23 6.8




of Foxit PhantomPDF 9.2.0.9297.

User interaction is required to

exploit this vulnerability in that

the target must visit a malicious

page or open a malicious file. The


handling of the exportValues

property of a radio button. The









CVE ID : CVE-2018-17687

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/411

Exec Code

+Info 2019-01-23 4.3










flaw exists within the processing

of BMP images. The issue results

from the lack of proper validation

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/412


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


158

Vulnerability


of user-supplied data, which can

result in a read past the end of an





6844.

CVE ID : CVE-2018-17686

Exec Code 2019-01-23 6.8










handling of PDF files. The issue

results from the lack of proper

validation of user-supplied data,

which can result in a type

confusion condition. An attacker

can leverage this vulnerability to



6819.

CVE ID : CVE-2018-17685

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/413

Exec Code 2019-01-23 6.8










handling of the

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/414


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


159

Vulnerability


isPropertySpecified method. The









CVE ID : CVE-2018-17684

Exec Code 2019-01-23 6.8










handling of the createIcon

method of an app object. The









CVE ID : CVE-2018-17683

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/415

Exec Code 2019-01-23 6.8








https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/416


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


160

Vulnerability




handling of the delay property of









CVE ID : CVE-2018-17682

Exec Code 2019-01-23 6.8










handling of the getPageBox

method of a Form. The issue








CVE ID : CVE-2018-17681

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/417

Exec Code 2019-01-23 6.8







https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

A-FOX-

READ-

070219/418


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


161

Vulnerability





handling of the style property of a

Field object. The issue results








CVE ID : CVE-2018-17680

hp

Exec Code 2019-01-23 6.8










parsing of PDF documents. By

manipulating a document's

elements, an attacker can cause a

pointer to be reused after it has

been freed. An attacker can




6890.

CVE ID : CVE-2018-17679

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/419

Exec Code 2019-01-23 6.8






https://w

ww.foxitso

ftware.co

m/support

/security-

A-FOX-

READ-

070219/420


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


162

Vulnerability






handling of the gotoNamedDest

method of a app object. The issue








CVE ID : CVE-2018-17678

bulletins.p

hp

Exec Code 2019-01-23 6.8










handling of the mailDoc method

of a app object. The issue results








CVE ID : CVE-2018-17677

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/421

Exec Code 2019-01-23 6.8





https://w

ww.foxitso

ftware.co

m/support

A-FOX-

READ-

070219/422


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


163

Vulnerability







handling of the removeField

property of a app object. The









CVE ID : CVE-2018-17676

/security-

bulletins.p

hp

Exec Code 2019-01-23 6.8










handling of the

removeDataObject method of a

document. The issue results from








CVE ID : CVE-2018-17675

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/423



0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


164

Vulnerability



















CVE ID : CVE-2018-17674

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

READ-

070219/424

Exec Code 2019-01-23 6.8










handling of the subtype property

of a Annotation object. The issue








CVE ID : CVE-2018-17673

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/425


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


165

Vulnerability


Exec Code 2019-01-23 6.8










handling of array indices. The









CVE ID : CVE-2018-17672

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/426

Exec Code 2019-01-23 6.8










flaw exists within the handling of

the Lower method of a XFA

object. The issue results from the

lack of proper validation of user-

supplied data, which can result in

a read past the end of an





https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/427


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


166

Vulnerability


6617.

CVE ID : CVE-2018-17671

Exec Code 2019-01-23 6.8










handling of the content property

of a XFA object. The issue results








CVE ID : CVE-2018-17670

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/428

Exec Code 2019-01-23 6.8











a XFA object. The issue results






https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/429


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


167

Vulnerability




CVE ID : CVE-2018-17669

Exec Code 2019-01-23 6.8










handling of the removeAttribute

method of a XFA object. The issue








CVE ID : CVE-2018-17668

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/430

Exec Code 2019-01-23 6.8










handling of the getDisplayItem






https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/431


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


168

Vulnerability





CVE ID : CVE-2018-17656

Exec Code 2019-01-23 6.8










handling of the moveInstance










CVE ID : CVE-2018-17655

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/432

Exec Code 2019-01-23 6.8










handling of the insertInstance




https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/433


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


169

Vulnerability








CVE ID : CVE-2018-17654

Exec Code 2019-01-23 6.8



















CVE ID : CVE-2018-17653

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/434

Exec Code 2019-01-23 6.8










handling of the mandatory


https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/435


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


170

Vulnerability










CVE ID : CVE-2018-17652

Exec Code 2019-01-23 6.8










handling of the getItemState









CVE ID : CVE-2018-17651

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/436

Exec Code 2019-01-23 6.8










https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/437


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


171

Vulnerability


handling of the rotate property of









CVE ID : CVE-2018-17648

Exec Code 2019-01-23 6.8










handling of the boundItem









CVE ID : CVE-2018-17647

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/438

Exec Code 2019-01-23 6.8









https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/439


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


172

Vulnerability



handling of the fillColor property









CVE ID : CVE-2018-17646

Exec Code 2019-01-23 6.8










handling of the vAlign property of









CVE ID : CVE-2018-17645

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/440

Exec Code 2019-01-23 6.8








https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/441


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


173

Vulnerability




handling of the addItem method









CVE ID : CVE-2018-17644

Exec Code 2019-01-23 6.8










handling of the editValue










CVE ID : CVE-2018-17643

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/442

Exec Code 2019-01-23 6.8






https://w

ww.foxitso

ftware.co

m/support

/security-

A-FOX-

READ-

070219/443


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


174

Vulnerability






handling of the colSpan property









CVE ID : CVE-2018-17642

bulletins.p

hp

Exec Code 2019-01-23 6.8










handling of the deleteItem









CVE ID : CVE-2018-17641

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/444

Exec Code 2019-01-23 6.8





https://w

ww.foxitso

ftware.co

m/support

A-FOX-

READ-

070219/445


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


175

Vulnerability







handling of the Form count

property. The issue results from








CVE ID : CVE-2018-17640

/security-

bulletins.p

hp

Exec Code 2019-01-23 6.8










handling of the setElement









CVE ID : CVE-2018-17639

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/446




https://w

ww.foxitso

ftware.co

A-FOX-

READ-

070219/447


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


176

Vulnerability








handling of the getAttribute









CVE ID : CVE-2018-17638

m/support

/security-

bulletins.p

hp

Exec Code 2019-01-23 6.8










handling of the loadXML method.









CVE ID : CVE-2018-17637

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/448



https://w

ww.foxitso

A-FOX-

READ-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


177

Vulnerability









handling of the id property of a

aliasNode. The issue results from








CVE ID : CVE-2018-17636

ftware.co

m/support

/security-

bulletins.p

hp

070219/449

Exec Code 2019-01-23 6.8










handling of the desc property.









CVE ID : CVE-2018-17635

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/450



0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


178

Vulnerability










handling of the attachIcon

property of Annotation objects.









CVE ID : CVE-2018-17634

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

READ-

070219/451

Exec Code 2019-01-23 6.8










handling of the subject property

of Annotation objects. The issue








https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/452


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


179

Vulnerability


CVE ID : CVE-2018-17633

Exec Code 2019-01-23 6.8



















CVE ID : CVE-2018-17632

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/453

Exec Code 2019-01-23 6.8










handling of the removeInstance








https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/454


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


180

Vulnerability



CVE ID : CVE-2018-17631

Exec Code 2019-01-23 6.8










handling of the openPlayer









CVE ID : CVE-2018-17630

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/455

Exec Code 2019-01-23 6.8










handling of template objects. The







https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/456


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


181

Vulnerability




CVE ID : CVE-2018-17629

Exec Code 2019-01-23 6.8










XFA setInterval method. The









CVE ID : CVE-2018-17628

https://w

ww.foxitso

ftware.co

m/support

/security-

bulletins.p

hp

A-FOX-

READ-

070219/457

GNU

Recutils

N/A 2019-01-16 4.3

An issue was discovered in GNU

Recutils 1.8. There is a NULL

pointer dereference in the

function rec_field_set_name() in

the file rec-field.c in librec.a.

CVE ID : CVE-2019-6460

N/A

A-GNU-

RECU-

070219/458

N/A 2019-01-16 4.3


Recutils 1.8. There is a memory

leak in rec_extract_type in rec-

utils.c in librec.a.

CVE ID : CVE-2019-6459

N/A

A-GNU-

RECU-

070219/459


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


182

Vulnerability


N/A 2019-01-16 4.3



leak in rec_buf_new in rec-buf.c

when called from rec_parse_rset

in rec-parser.c in librec.a.

CVE ID : CVE-2019-6458

N/A

A-GNU-

RECU-

070219/460

N/A 2019-01-16 4.3



leak in rec_aggregate_reg_new in

rec-aggregate.c in librec.a.

CVE ID : CVE-2019-6457

N/A

A-GNU-

RECU-

070219/461

N/A 2019-01-16 4.3


Recutils 1.8. There is a NULL

pointer dereference in the

function rec_fex_size() in the file

rec-fex.c of librec.a.

CVE ID : CVE-2019-6456

N/A

A-GNU-

RECU-

070219/462

N/A 2019-01-16 4.3


Recutils 1.8. There is a double-

free problem in the function

rec_mset_elem_destroy() in the

file rec-mset.c.

CVE ID : CVE-2019-6455

N/A

A-GNU-

RECU-

070219/463

Hotels Server Project

Hotels Server

Sql 2019-01-20 7.5

Hotels_Server through 2018-11-

05 has SQL Injection via the

controller/fetchpwd.php

username parameter.

CVE ID : CVE-2019-6497

N/A

A-HOT-

HOTE-

070219/464

IBM

Financial Transaction Manager

+Info 2019-01-23 4 IBM Financial Transaction

Manager 3.2.1 for Digital

http://ww

w.ibm.com

A-IBM-

FINA-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


183

Vulnerability


Payments could allow an

authenticated user to obtain a

directory listing of internal

product files. IBM X-Force ID:

155552.

CVE ID : CVE-2018-2026

/support/

docview.w

ss?uid=ib

m1079554

4,

http://ww

w.ibm.com

/support/

docview.w

ss?uid=ib

m1079553

6

070219/465

Security Identity Manager

N/A 2019-01-18 5.5

IBM Security Identity Manager

6.0.0 Virtual Appliance is

vulnerable to a XML External

Entity Injection (XXE) attack

when processing XML data. A

remote attacker could exploit this

vulnerability to expose sensitive

information or consume memory

resources. IBM X-Force ID:

155265.

CVE ID : CVE-2018-2019

https://w

ww.ibm.co

m/support

/docview.

wss?uid=i

bm107946

15

A-IBM-

SECU-

070219/466

Security Key Lifecycle Manager

N/A 2019-01-23 5

IBM Security Key Lifecycle

Manager 3.0 through 3.0.0.2 uses

weaker than expected

cryptographic algorithms that

could allow an attacker to

decrypt highly sensitive

information. IBM X-Force ID:

148512.

CVE ID : CVE-2018-1751

http://ww

w.ibm.com

/support/

docview.w

ss?uid=ib

m1079182

9

A-IBM-

SECU-

070219/467

Identicard

Premisys Id


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


184

Vulnerability


N/A 2019-01-18 10

Premisys Identicard version

3.1.190 database uses default

credentials. Users are unable to

change the credentials without

vendor intervention.

CVE ID : CVE-2019-3909

N/A

A-IDE-

PREM-

070219/468

N/A 2019-01-18 5


3.1.190 stores backup files as

encrypted zip files. The password

to the zip is hard-coded and

unchangeable. An attacker with

access to these backups can

decrypt them and obtain

sensitive data.

CVE ID : CVE-2019-3908

N/A

A-IDE-

PREM-

070219/469

N/A 2019-01-18 5


3.1.190 stores user credentials

and other sensitive information

with a known weak encryption

method (MD5 hash of a salt and

password).

CVE ID : CVE-2019-3907

N/A

A-IDE-

PREM-

070219/470

Joomla

Joomla!

XSS 2019-01-16 4.3


Joomla! before 3.9.2. Inadequate

escaping in mod_banners leads to

a stored XSS vulnerability.

CVE ID : CVE-2019-6264

https://de

veloper.jo

omla.org/s

ecurity-

centre/76

0-

20190101

-core-

stored-

xss-in-

mod-

banners

A-JOO-

JOOM-

070219/471


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


185

Vulnerability


XSS 2019-01-16 3.5



checks of the Global

Configuration Text Filter settings

allowed stored XSS.

CVE ID : CVE-2019-6263

https://de

veloper.jo

omla.org/s

ecurity-

centre/76

2-

20190103

-core-

stored-

xss-issue-

in-the-

global-

configurati

on-

textfilter-

settings

A-JOO-

JOOM-

070219/472

XSS 2019-01-16 3.5



checks of the Global

Configuration helpurl settings

allowed stored XSS.

CVE ID : CVE-2019-6262

https://de

veloper.jo

omla.org/s

ecurity-

centre/76

3-

20190104

-core-

stored-

xss-issue-

in-the-

global-

configurati

on-help-

url

A-JOO-

JOOM-

070219/473

XSS 2019-01-16 4.3



escaping in com_contact leads to

a stored XSS vulnerability.

CVE ID : CVE-2019-6261

https://de

veloper.jo

omla.org/s

ecurity-

centre/76

1-

20190102

A-JOO-

JOOM-

070219/474


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


186

Vulnerability


-core-

stored-

xss-in-

com-

contact

Labapart

Gattlib

Overflow 2019-01-21 5.8

GattLib 0.2 has a stack-based

buffer over-read in

gattlib_connect in dbus/gattlib.c

because strncpy is misused.

CVE ID : CVE-2019-6498

N/A

A-LAB-

GATT-

070219/475

Mailenable

Mailenable

N/A 2019-01-16 5

MailEnable before 8.60 allows

XXE via an XML document in the

request.aspx Options parameter.

CVE ID : CVE-2015-9280

N/A

A-MAI-

MAIL-

070219/476

XSS 2019-01-16 4.3


Stored XSS via malformed use of

"<img/src" with no ">" character

in the body of an e-mail message.

CVE ID : CVE-2015-9279

N/A

A-MAI-

MAIL-

070219/477

Dir. Trav. 2019-01-16 7.5


Directory Traversal for reading

the messages of other users,

uploading files, and deleting files

because "/../" and "/.. /" are

mishandled.

CVE ID : CVE-2015-9277

N/A

A-MAI-

MAIL-

070219/478

Microsoft

Skype For Business

N/A 2019-01-17 3.5 A spoofing vulnerability exists

when a Skype for Business 2015

https://po

rtal.msrc.

A-MIC-

SKYP-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


187

Vulnerability


server does not properly sanitize

a specially crafted request, aka

"Skype for Business 2015

Spoofing Vulnerability." This

affects Skype.

CVE ID : CVE-2019-0624

microsoft.

com/en-

US/securit

y-

guidance/

advisory/

CVE-2019-

0624

070219/479

Team Foundation Server

+Info 2019-01-17 4

An information disclosure

vulnerability exists when Team

Foundation Server does not

properly handle variables

marked as secret, aka "Team

Foundation Server Information

Disclosure Vulnerability." This

affects Team.

CVE ID : CVE-2019-0647

https://po

rtal.msrc.

microsoft.

com/en-

US/securit

y-

guidance/

advisory/

CVE-2019-

0647

A-MIC-

TEAM-

070219/480

XSS 2019-01-17 3.5

A Cross-site Scripting (XSS)

vulnerability exists when Team

Foundation Server does not

properly sanitize user provided

input, aka "Team Foundation

Server Cross-site Scripting

Vulnerability." This affects Team.

CVE ID : CVE-2019-0646

https://po

rtal.msrc.

microsoft.

com/en-

US/securit

y-

guidance/

advisory/

CVE-2019-

0646

A-MIC-

TEAM-

070219/481

Nedi

Nedi

XSS 2019-01-16 4.3

A stored cross site scripting (XSS)

vulnerability in NeDi before

1.7Cp3 allows remote attackers

to inject arbitrary web script or

HTML via User-Chat.php.

N/A

A-NED-

NEDI-

070219/482


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


188

Vulnerability


CVE ID : CVE-2018-20731

Exec Code

Sql 2019-01-16 5

A SQL injection vulnerability in

NeDi before 1.7Cp3 allows any

user to execute arbitrary SQL

read commands via the

query.php component.

CVE ID : CVE-2018-20730

N/A

A-NED-

NEDI-

070219/483

XSS 2019-01-16 4.3

A reflected cross site scripting

(XSS) vulnerability in NeDi before

1.7Cp3 allows remote attackers

to inject arbitrary web script or

HTML via the reg parameter in

mh.php.

CVE ID : CVE-2018-20729

N/A

A-NED-

NEDI-

070219/484

CSRF 2019-01-16 6.8

A cross site request forgery

(CSRF) vulnerability in NeDi

before 1.7Cp3 allows remote

attackers to escalate privileges

via User-Management.php.

CVE ID : CVE-2018-20728

N/A

A-NED-

NEDI-

070219/485

Numpy

Numpy

Exec Code 2019-01-16 7.5


NumPy 1.16.0 and earlier. It uses

the pickle Python module

unsafely, which allows remote


code via a crafted serialized

object, as demonstrated by a

numpy.load call.

CVE ID : CVE-2019-6446

N/A

A-NUM-

NUMP-

070219/486

Opensc Project

Opensc

N/A 2019-01-22 7.5 sc_context_create in ctx.c in N/A A-OPE-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


189

Vulnerability


libopensc in OpenSC 0.19.0 has a

memory leak, as demonstrated by

a call from eidenv.

CVE ID : CVE-2019-6502

OPEN-

070219/487

Oracle

Application Testing Suite

DoS 2019-01-16 6.5

Vulnerability in the Oracle


component of Oracle Enterprise

Manager Products Suite

(subcomponent: Load Testing for

Web Apps). Supported versions

that are affected are 12.5.0.3,

13.1.0.1, 13.2.0.1 and 13.3.0.1.

Easily exploitable vulnerability

allows low privileged attacker

with network access via HTTP to

compromise Oracle Application

Testing Suite. Successful attacks

of this vulnerability can result in

unauthorized update, insert or

delete access to some of Oracle


accessible data as well as

unauthorized read access to a

subset of Oracle Application

Testing Suite accessible data and

unauthorized ability to cause a

partial denial of service (partial

DOS) of Oracle Application

Testing Suite. CVSS 3.0 Base

Score 6.3 (Confidentiality,

Integrity and Availability

impacts). CVSS Vector:

(CVSS:3.0/AV:N/AC:L/PR:L/UI:N

/S:U/C:L/I:L/A:L).

CVE ID : CVE-2018-3305

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

APPL-

070219/488


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


190

Vulnerability


DoS 2019-01-16 6.4





(subcomponent: Load Testing for

Web Apps). Supported versions


13.1.0.1, 13.2.0.1 and 13.3.0.1.


allows unauthenticated attacker


compromise Oracle Application

Testing Suite. Successful attacks





accessible data and unauthorized

ability to cause a partial denial of

service (partial DOS) of Oracle

Application Testing Suite. CVSS

3.0 Base Score 6.5 (Integrity and

Availability impacts). CVSS

Vector:

(CVSS:3.0/AV:N/AC:L/PR:N/UI:N

/S:U/C:N/I:L/A:L).

CVE ID : CVE-2018-3304

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

APPL-

070219/489

Argus Safety

N/A 2019-01-16 4.9

Vulnerability in the Oracle Argus

Safety component of Oracle

Health Sciences Applications

(subcomponent: Login).

Supported versions that are

affected are 8.1 and 8.2. Difficult

to exploit vulnerability allows

low privileged attacker with

network access via HTTP to

compromise Oracle Argus Safety.

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

A-ORA-

ARGU-

070219/490


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


191

Vulnerability


While the vulnerability is in

Oracle Argus Safety, attacks may

significantly impact additional

products. Successful attacks of

this vulnerability can result in



Argus Safety accessible data as

well as unauthorized read access

to a subset of Oracle Argus Safety

accessible data. CVSS 3.0 Base

Score 4.9 (Confidentiality and

Integrity impacts). CVSS Vector:

(CVSS:3.0/AV:N/AC:H/PR:L/UI:N

/S:C/C:L/I:L/A:N).

CVE ID : CVE-2019-2432

tml

N/A 2019-01-16 4.3




(subcomponent: Console).




unauthenticated attacker with



Successful attacks require human

interaction from a person other

than the attacker and while the

vulnerability is in Oracle Argus

Safety, attacks may significantly

impact additional products.

Successful attacks of this

vulnerability can result in

unauthorized creation, deletion

or modification access to critical

data or all Oracle Argus Safety


http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

ARGU-

070219/491


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


192

Vulnerability


Score 6.1 (Integrity impacts).

CVSS Vector:

(CVSS:3.0/AV:N/AC:H/PR:N/UI:R

/S:C/C:N/I:H/A:N).

CVE ID : CVE-2019-2431

+Info 2019-01-16 4




(subcomponent: Console).


affected are 8.1 and 8.2. Easily

exploitable vulnerability allows






unauthorized access to critical

data or complete access to all

Oracle Argus Safety accessible

data. CVSS 3.0 Base Score 6.5

(Confidentiality impacts). CVSS

Vector:


/S:U/C:H/I:N/A:N).

CVE ID : CVE-2019-2430

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

ARGU-

070219/492

Content Manager

N/A 2019-01-16 5.8


Content Manager component of

Oracle E-Business Suite

(subcomponent: Cover Letter).


affected are 12.1.1, 12.1.2, 12.1.3,

12.2.3, 12.2.4, 12.2.5, 12.2.6,

12.2.7 and 12.2.8. Easily



http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

CONT-

070219/493


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


193

Vulnerability



compromise Oracle Content

Manager. Successful attacks

require human interaction from a

person other than the attacker

and while the vulnerability is in

Oracle Content Manager, attacks

may significantly impact

additional products. Successful

attacks of this vulnerability can

result in unauthorized access to

critical data or complete access to

all Oracle Content Manager




Content Manager accessible data.

CVSS 3.0 Base Score 8.2

(Confidentiality and Integrity


(CVSS:3.0/AV:N/AC:L/PR:N/UI:R

/S:C/C:H/I:L/A:N).

CVE ID : CVE-2019-2445

Database

N/A 2019-01-16 4.4

Vulnerability in the Core RDBMS

component of Oracle Database

Server. Supported versions that

are affected are 12.2.0.1 and 18c.



having Local Logon privilege with

logon to the infrastructure where

Core RDBMS executes to

compromise Core RDBMS.




vulnerability is in Core RDBMS,

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

DATA-

070219/494


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


194

Vulnerability


attacks may significantly impact



result in takeover of Core RDBMS.


(Confidentiality, Integrity and


Vector:

(CVSS:3.0/AV:L/AC:L/PR:L/UI:R/

S:C/C:H/I:H/A:H).

CVE ID : CVE-2019-2444

N/A 2019-01-16 6.5

Vulnerability in the Core RDBMS



are affected are 12.1.0.2, 12.2.0.1

and 18c. Easily exploitable

vulnerability allows high

privileged attacker having Create

Session, Execute Catalog Role

privilege with network access via

Oracle Net to compromise Core

RDBMS. Successful attacks of this


takeover of Core RDBMS. CVSS

3.0 Base Score 7.2



Vector:

(CVSS:3.0/AV:N/AC:L/PR:H/UI:N

/S:U/C:H/I:H/A:H).

CVE ID : CVE-2019-2406

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

DATA-

070219/495

Database Server

DoS 2019-01-16 3.5

Vulnerability in the Java VM



are affected are 11.2.0.4, 12.1.0.2,

12.2.0.1 and 18c. Easily

http://ww

w.oracle.c

om/techne

twork/sec

urity-

A-ORA-

DATA-

070219/496


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


195

Vulnerability



low privileged attacker having

Create Session, Create Procedure

privilege with network access via

multiple protocols to

compromise Java VM. Successful

attacks require human


than the attacker. Successful


result in unauthorized ability to

cause a partial denial of service

(partial DOS) of Java VM. CVSS 3.0

Base Score 3.5 (Availability


(CVSS:3.0/AV:N/AC:L/PR:L/UI:R

/S:U/C:N/I:N/A:L).

CVE ID : CVE-2019-2547

advisory/c

pujan2019

-

5072801.h

tml

E-business Suite

N/A 2019-01-16 4.3


Applications Manager component

of Oracle E-Business Suite

(subcomponent: SQL Extensions).


affected are 12.1.1, 12.1.2, 12.1.3,

12.2.3, 12.2.4, 12.2.5, 12.2.6,

12.2.7 and 12.2.8. Easily




compromise Oracle Applications

Manager. Successful attacks


person other than the attacker.





http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-E-

BU-

070219/497


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


196

Vulnerability


Applications Manager accessible


(Integrity impacts). CVSS Vector:


/S:U/C:N/I:L/A:N).

CVE ID : CVE-2019-2546

N/A 2019-01-16 5.8


Partner Management component


(subcomponent: Partner Dash

board). Supported versions that

are affected are 12.1.1, 12.1.2,

12.1.3, 12.2.3, 12.2.4, 12.2.5,

12.2.6, 12.2.7 and 12.2.8. Easily




compromise Oracle Partner

Management. Successful attacks




Oracle Partner Management,






all Oracle Partner Management




Partner Management accessible





/S:C/C:H/I:L/A:N).

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-E-

BU-

070219/498


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


197

Vulnerability


CVE ID : CVE-2019-2498

N/A 2019-01-16 5.8

Vulnerability in the Oracle CRM

Technical Foundation component


(subcomponent: Messages).


affected are 12.1.3, 12.2.3, 12.2.4,

12.2.5, 12.2.6, 12.2.7 and 12.2.8.




compromise Oracle CRM

Technical Foundation. Successful




vulnerability is in Oracle CRM

Technical Foundation, attacks






all Oracle CRM Technical

Foundation accessible data as

well as unauthorized update,

insert or delete access to some of

Oracle CRM Technical Foundation





/S:C/C:H/I:L/A:N).

CVE ID : CVE-2019-2497

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-E-

BU-

070219/499

N/A 2019-01-16 4.3





http://ww

w.oracle.c

om/techne

twork/sec

A-ORA-E-

BU-

070219/500


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


198

Vulnerability



affected are 12.1.3, 12.2.3, 12.2.4,

12.2.5, 12.2.6, 12.2.7 and 12.2.8.














result in unauthorized update,





CVSS Vector:


/S:C/C:N/I:L/A:N).

CVE ID : CVE-2019-2496

urity-

advisory/c

pujan2019

-

5072801.h

tml

N/A 2019-01-16 4.3

Vulnerability in the Oracle Email

Center component of Oracle E-

Business Suite (subcomponent:

Message Display). Supported

versions that are affected are

12.1.1, 12.1.2, 12.1.3, 12.2.3,

12.2.4, 12.2.5, 12.2.6, 12.2.7 and

12.2.8. Easily exploitable

vulnerability allows



compromise Oracle Email Center.


http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-E-

BU-

070219/501


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


199

Vulnerability




vulnerability is in Oracle Email

Center, attacks may significantly






Email Center accessible data.

CVSS 3.0 Base Score 4.7 (Integrity



/S:C/C:N/I:L/A:N).

CVE ID : CVE-2019-2492

N/A 2019-01-16 4.3

Vulnerability in the Oracle Email

Center component of Oracle E-

Business Suite (subcomponent:

Message Display). Supported


12.1.1, 12.1.2, 12.1.3, 12.2.3,

12.2.4, 12.2.5, 12.2.6, 12.2.7 and





compromise Oracle Email Center.




vulnerability is in Oracle Email

Center, attacks may significantly






Email Center accessible data.

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-E-

BU-

070219/502


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


200

Vulnerability





/S:C/C:N/I:L/A:N).

CVE ID : CVE-2019-2491

N/A 2019-01-16 6.4

Vulnerability in the Oracle One-

to-One Fulfillment component of


(subcomponent: OCM Query).


affected are 12.1.3, 12.2.3, 12.2.4,

12.2.5, 12.2.6, 12.2.7 and 12.2.8.




compromise Oracle One-to-One

Fulfillment. Successful attacks of




data or all Oracle One-to-One

Fulfillment accessible data as

well as unauthorized access to


all Oracle One-to-One Fulfillment





/S:U/C:H/I:H/A:N).

CVE ID : CVE-2019-2489

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-E-

BU-

070219/503

N/A 2019-01-16 5




(subcomponent: Session

Management). Supported


http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

A-ORA-E-

BU-

070219/504


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


201

Vulnerability


12.1.3, 12.2.3, 12.2.4, 12.2.5,

12.2.6, 12.2.7 and 12.2.8. Easily







result in unauthorized read

access to a subset of Oracle CRM

Technical Foundation accessible



Vector:


/S:U/C:L/I:N/A:N).

CVE ID : CVE-2019-2488

pujan2019

-

5072801.h

tml

N/A 2019-01-16 4.3

Vulnerability in the Oracle Mobile

Field Service component of


(subcomponent: Administration).


affected are 12.1.1, 12.1.2, 12.1.3,

12.2.3, 12.2.4, 12.2.5, 12.2.6,

12.2.7 and 12.2.8. Easily




compromise Oracle Mobile Field

Service. Successful attacks




Oracle Mobile Field Service,





http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-E-

BU-

070219/505


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


202

Vulnerability



Oracle Mobile Field Service



CVSS Vector:


/S:C/C:N/I:L/A:N).

CVE ID : CVE-2019-2485

N/A 2019-01-16 5.8




(subcomponent: Partner Detail).


affected are 12.1.1, 12.1.2, 12.1.3,

12.2.3, 12.2.4, 12.2.5, 12.2.6,

12.2.7 and 12.2.8. Easily























http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-E-

BU-

070219/506


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


203

Vulnerability



/S:C/C:H/I:L/A:N).

CVE ID : CVE-2019-2470

N/A 2019-01-16 6.4


Performance Management

component of Oracle E-Business

Suite (subcomponent:

Performance Management Plan).


affected are 12.1.1, 12.1.2 and





compromise Oracle Performance





data or all Oracle Performance

Management accessible data as

well as unauthorized access to


all Oracle Performance

Management accessible data.





/S:U/C:H/I:H/A:N).

CVE ID : CVE-2019-2453

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-E-

BU-

070219/507

N/A 2019-01-16 5.8


Marketing component of Oracle

E-Business Suite (subcomponent:

User Interface). Supported


12.1.1, 12.1.2, 12.1.3, 12.2.3,

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

A-ORA-E-

BU-

070219/508


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


204

Vulnerability


12.2.4, 12.2.5, 12.2.6, 12.2.7 and





compromise Oracle Marketing.




vulnerability is in Oracle

Marketing, attacks may






Oracle Marketing accessible data

as well as unauthorized update,


Oracle Marketing accessible data.





/S:C/C:H/I:L/A:N).

CVE ID : CVE-2019-2440

pujan2019

-

5072801.h

tml

N/A 2019-01-16 5.8

Vulnerability in the Oracle iStore

component of Oracle E-Business

Suite (subcomponent: User

Registration). Supported versions

that are affected are 12.1.1,

12.1.2, 12.1.3, 12.2.3, 12.2.4,

12.2.5, 12.2.6, 12.2.7 and 12.2.8.




compromise Oracle iStore.


http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-E-

BU-

070219/509


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


205

Vulnerability




vulnerability is in Oracle iStore,






all Oracle iStore accessible data



Oracle iStore accessible data.





/S:C/C:H/I:L/A:N).

CVE ID : CVE-2019-2400

N/A 2019-01-16 4.3






affected are 12.1.3, 12.2.3, 12.2.4,

12.2.5, 12.2.6, 12.2.7 and 12.2.8.














http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-E-

BU-

070219/510


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


206

Vulnerability







CVSS Vector:


/S:C/C:N/I:L/A:N).

CVE ID : CVE-2019-2396

Enterprise Manager Base Platform

N/A 2019-01-16 6.4

Vulnerability in the Enterprise

Manager Base Platform



(subcomponent: EM Console).


affected are 13.2 and 13.3. Easily




compromise Enterprise Manager

Base Platform. Successful attacks



delete access to some of

Enterprise Manager Base

Platform accessible data as well

as unauthorized read access to a

subset of Enterprise Manager

Base Platform accessible data.





/S:U/C:L/I:L/A:N).

CVE ID : CVE-2018-3303

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

ENTE-

070219/511

Flexcube Direct Banking


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


207

Vulnerability


N/A 2019-01-16 4.3


FLEXCUBE Direct Banking

component of Oracle Financial

Services Applications

(subcomponent: Logoff Page).

The supported version that is

affected is 12.0.2. Easily




compromise Oracle FLEXCUBE

Direct Banking. Successful attacks










CVSS Vector:


/S:U/C:N/I:L/A:N).

CVE ID : CVE-2019-2550

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

FLEX-

070219/512

N/A 2019-01-16 5.8



component of Oracle Financial

Services Applications

(subcomponent: Logoff Page).






compromise Oracle FLEXCUBE

Direct Banking. Successful attacks


http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

FLEX-

070219/513


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


208

Vulnerability




Oracle FLEXCUBE Direct Banking,






Oracle FLEXCUBE Direct Banking



subset of Oracle FLEXCUBE

Direct Banking accessible data.





/S:C/C:L/I:L/A:N).

CVE ID : CVE-2019-2549

Hospitality Cruise Shipboard Property Management System

N/A 2019-01-16 4.9


Hospitality Cruise Shipboard

Property Management System

component of Oracle Hospitality

Applications (subcomponent:

SPMS Suite). The supported

version that is affected is 8.0.8.



with network access via TCP to

compromise Oracle Hospitality

Cruise Shipboard Property

Management System. Successful




vulnerability is in Oracle


http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

HOSP-

070219/514


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


209

Vulnerability


Property Management System,





cause a hang or frequently

repeatable crash (complete DOS)

of Oracle Hospitality Cruise

Shipboard Property Management

System as well as unauthorized

update, insert or delete access to

some of Oracle Hospitality Cruise


System accessible data. CVSS 3.0

Base Score 7.6 (Integrity and


Vector:


/S:C/C:N/I:L/A:H).

CVE ID : CVE-2019-2411

N/A 2019-01-16 3.6






DGS RES Online, FMS Sender, FMS

Receiver, OHC WPF Security). The

supported version that is affected

is 8.0.8. Easily exploitable




Oracle Hospitality Cruise


System executes to compromise



System. Successful attacks of this

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

HOSP-

070219/515


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


210

Vulnerability









subset of Oracle Hospitality


Management System accessible




(CVSS:3.0/AV:L/AC:L/PR:N/UI:N

/S:U/C:L/I:L/A:N).

CVE ID : CVE-2019-2410

N/A 2019-01-16 3.3






SPMS Suite). The supported




with logon to the infrastructure

where Oracle Hospitality Cruise


System executes to compromise



System. Successful attacks






System, attacks may significantly

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

HOSP-

070219/516


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


211

Vulnerability






hang or frequently repeatable

crash (complete DOS) of Oracle


Property Management System as





System accessible data and




Management System accessible




Vector:

(CVSS:3.0/AV:L/AC:L/PR:L/UI:R/

S:C/C:L/I:L/A:H).

CVE ID : CVE-2019-2409

Hospitality Reporting And Analytics

N/A 2019-01-16 6.4


Hospitality Reporting and

Analytics component of Oracle

Food and Beverage Applications.







Reporting and Analytics.



http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

HOSP-

070219/517


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


212

Vulnerability





Analytics accessible data as well



Reporting and Analytics





/S:U/C:L/I:L/A:N).

CVE ID : CVE-2019-2425

N/A 2019-01-16 3.6









Report privilege with logon to the

infrastructure where Oracle


Analytics executes to







Oracle Hospitality Reporting and


as unauthorized update, insert or



Analytics accessible data. CVSS

3.0 Base Score 6.1

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

HOSP-

070219/518


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


213

Vulnerability




(CVSS:3.0/AV:L/AC:L/PR:L/UI:N

/S:U/C:H/I:L/A:N).

CVE ID : CVE-2019-2407

N/A 2019-01-16 5.5









Admin privilege with network

access via HTTP to compromise


Analytics. Successful attacks of




data or all Oracle Hospitality






Analytics accessible data. CVSS

3.0 Base Score 8.1




/S:U/C:H/I:H/A:N).

CVE ID : CVE-2019-2401

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

HOSP-

070219/519

N/A 2019-01-16 3.6





http://ww

w.oracle.c

om/techne

twork/sec

A-ORA-

HOSP-

070219/520


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


214

Vulnerability






Report privilege with logon to the

infrastructure where Oracle


Analytics executes to
















/S:U/C:L/I:L/A:N).

CVE ID : CVE-2019-2397

urity-

advisory/c

pujan2019

-

5072801.h

tml

Hospitality Simphony

N/A 2019-01-16 6.4


Hospitality Simphony component

of Oracle Food and Beverage

Applications. The supported

version that is affected is 2.10.





Simphony. Successful attacks of



http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

HOSP-

070219/521


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


215

Vulnerability



Hospitality Simphony accessible

data as well as unauthorized read

access to a subset of Oracle

Hospitality Simphony accessible





/S:U/C:L/I:L/A:N).

CVE ID : CVE-2019-2403

DoS 2019-01-16 6.8


Hospitality Simphony component

of Oracle Food and Beverage

Applications. The supported


Difficult to exploit vulnerability




Simphony. Successful attacks of




data or all Oracle Hospitality

Simphony accessible data as well

as unauthorized access to critical


Oracle Hospitality Simphony




Hospitality Simphony. CVSS 3.0

Base Score 7.7 (Confidentiality,



(CVSS:3.0/AV:N/AC:H/PR:N/UI:N

/S:U/C:H/I:H/A:L).

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

HOSP-

070219/522


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


216

Vulnerability


CVE ID : CVE-2019-2402

Http Server

N/A 2019-01-16 4.6

Vulnerability in the Oracle HTTP

Server component of Oracle

Fusion Middleware

(subcomponent: Web Listener).


affected is 12.2.1.3. Easily




Oracle HTTP Server executes to

compromise Oracle HTTP Server.



takeover of Oracle HTTP Server.




Vector:


/S:U/C:H/I:H/A:H).

CVE ID : CVE-2019-2414

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

HTTP-

070219/523

Hyperion Bi+

DoS 2019-01-16 6

Vulnerability in the Hyperion BI+

component of Oracle Hyperion

(subcomponent: Foundation UI &

Servlets). The supported version

that is affected is 11.1.2.4. Easily


high privileged attacker with


compromise Hyperion BI+.





http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

HYPE-

070219/524


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


217

Vulnerability




Hyperion BI+ accessible data as


to a subset of Hyperion BI+



service (partial DOS) of Hyperion

BI+. CVSS 3.0 Base Score 4.3



Vector:

(CVSS:3.0/AV:N/AC:L/PR:H/UI:R

/S:U/C:L/I:L/A:L).

CVE ID : CVE-2019-2415

Java Advanced Management Console

N/A 2019-01-16 5.8

Vulnerability in the Java

Advanced Management Console

component of Oracle Java SE

(subcomponent: Server). The


is Java Advanced Management

Console: 2.12. Easily exploitable



network access via multiple

protocols to compromise Java

Advanced Management Console.




vulnerability is in Java Advanced

Management Console, attacks






https://se

curity.neta

pp.com/ad

visory/nta

p-

20190118

-0001/,

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

JAVA-

070219/525


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


218

Vulnerability


Java Advanced Management

Console accessible data as well as


subset of Java Advanced

Management Console accessible





/S:C/C:L/I:L/A:N).

CVE ID : CVE-2019-2540

JDK

DoS 2019-01-16 2.6

Vulnerability in the Java SE


(subcomponent: Deployment).


affected is Java SE: 8u192.



with network access via multiple

protocols to compromise Java SE.







(partial DOS) of Java SE. Note:

This vulnerability applies to Java

deployments, typically in clients

running sandboxed Java Web

Start applications or sandboxed

Java applets (in Java SE 8), that

load and run untrusted code (e.g.,

code that comes from the

internet) and rely on the Java

sandbox for security. This

vulnerability does not apply to

https://se

curity.neta

pp.com/ad

visory/nta

p-

20190118

-0001/,

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-JDK-

070219/526


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


219

Vulnerability


Java deployments, typically in

servers, that load and run only

trusted code (e.g., code installed

by an administrator). CVSS 3.0

Base Score 3.1 (Availability



/S:U/C:N/I:N/A:L).

CVE ID : CVE-2019-2449

N/A 2019-01-16 4.3



(subcomponent: Networking).


affected are Java SE: 7u201,

8u192 and 11.0.1; Java SE

Embedded: 8u191. Difficult to

exploit vulnerability allows







subset of Java SE accessible data.

Note: This vulnerability applies to


clients running sandboxed Java

Web Start applications or

sandboxed Java applets (in Java

SE 8), that load and run untrusted

code (e.g., code that comes from

the internet) and rely on the Java


vulnerability can also be

exploited by using APIs in the

specified Component, e.g.,

through a web service which

supplies data to the APIs. CVSS

https://se

curity.neta

pp.com/ad

visory/nta

p-

20190118

-0001/,

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-JDK-

070219/527


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


220

Vulnerability


3.0 Base Score 3.7


Vector:


/S:U/C:L/I:N/A:N).

CVE ID : CVE-2019-2426

N/A 2019-01-16 4.3



(subcomponent: Libraries).














access to a subset of Java SE

accessible data. Note: This

vulnerability applies to Java














https://se

curity.neta

pp.com/ad

visory/nta

p-

20190118

-0001/,

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-JDK-

070219/528


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


221

Vulnerability


Base Score 3.1 (Confidentiality



/S:U/C:L/I:N/A:N).

CVE ID : CVE-2019-2422

JRE

N/A 2019-01-16 4.3



(subcomponent: Networking).












subset of Java SE accessible data.

Note: This vulnerability applies to


clients running sandboxed Java

Web Start applications or

sandboxed Java applets (in Java

SE 8), that load and run untrusted

code (e.g., code that comes from

the internet) and rely on the Java


vulnerability can also be

exploited by using APIs in the

specified Component, e.g.,

through a web service which

supplies data to the APIs. CVSS

3.0 Base Score 3.7


Vector:

https://se

curity.neta

pp.com/ad

visory/nta

p-

20190118

-0001/,

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-JRE-

070219/529


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


222

Vulnerability



/S:U/C:L/I:N/A:N).

CVE ID : CVE-2019-2426

N/A 2019-01-16 4.3



(subcomponent: Libraries).














access to a subset of Java SE


vulnerability applies to Java

















https://se

curity.neta

pp.com/ad

visory/nta

p-

20190118

-0001/,

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-JRE-

070219/530


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


223

Vulnerability


/S:U/C:L/I:N/A:N).

CVE ID : CVE-2019-2422

Managed File Transfer

N/A 2019-01-16 5.5


Managed File Transfer

component of Oracle Fusion

Middleware (subcomponent:

MFT Runtime Server). Supported


19.1.0.0.0 and 12.2.1.3.0. Easily




compromise Oracle Managed File

Transfer. Successful attacks of




data or all Oracle Managed File

Transfer accessible data as well


subset of Oracle Managed File

Transfer accessible data. CVSS 3.0


and Integrity impacts). CVSS

Vector:


/S:U/C:L/I:H/A:N).

CVE ID : CVE-2019-2538

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

MANA-

070219/531

Mysql

N/A 2019-01-16 4

Vulnerability in the MySQL


MySQL (subcomponent: Server:

Connection). Supported versions

that are affected are 8.0.13 and

prior. Easily exploitable


https://se

curity.neta

pp.com/ad

visory/nta

p-

20190118

-0002/,

A-ORA-

MYSQ-

070219/532


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


224

Vulnerability


privileged attacker with network

access via multiple protocols to

compromise MySQL Server.





crash (complete DOS) of MySQL

Server. CVSS 3.0 Base Score 4.9

(Availability impacts). CVSS

Vector:


/S:U/C:N/I:N/A:H).

CVE ID : CVE-2019-2539

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

N/A 2019-01-16 4




DDL). Supported versions that

are affected are 5.6.42 and prior,

5.7.24 and prior and 8.0.13 and













Vector:


/S:U/C:N/I:N/A:H).

CVE ID : CVE-2019-2537

https://se

curity.neta

pp.com/ad

visory/nta

p-

20190118

-0002/,

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

MYSQ-

070219/533

N/A 2019-01-16 1.2 Vulnerability in the MySQL https://se A-ORA-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


225

Vulnerability




Packaging). Supported versions


prior. Difficult to exploit


privileged attacker with logon to

the infrastructure where MySQL

Server executes to compromise

MySQL Server. Successful attacks




MySQL Server, attacks may









Vector:

(CVSS:3.0/AV:L/AC:H/PR:H/UI:R

/S:C/C:N/I:N/A:H).

CVE ID : CVE-2019-2536

curity.neta

pp.com/ad

visory/nta

p-

20190118

-0002/,

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

MYSQ-

070219/534

N/A 2019-01-16 1.9




Options). Supported versions that

are affected are 8.0.13 and prior.


allows high privileged attacker


where MySQL Server executes to




https://se

curity.neta

pp.com/ad

visory/nta

p-

20190118

-0002/,

http://ww

w.oracle.c

om/techne

twork/sec

urity-

A-ORA-

MYSQ-

070219/535


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


226

Vulnerability







Vector:

(CVSS:3.0/AV:L/AC:H/PR:H/UI:N

/S:U/C:N/I:N/A:H).

CVE ID : CVE-2019-2535

advisory/c

pujan2019

-

5072801.h

tml

N/A 2019-01-16 5.5




Replication). Supported versions


prior, 5.7.24 and prior and 8.0.13

and prior. Easily exploitable

vulnerability allows low








MySQL Server accessible data as



MySQL Server accessible data.





/S:U/C:H/I:L/A:N).

CVE ID : CVE-2019-2534

https://se

curity.neta

pp.com/ad

visory/nta

p-

20190118

-0002/,

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

MYSQ-

070219/536

N/A 2019-01-16 4 Vulnerability in the MySQL


MySQL (subcomponent: Server :

http://ww

w.oracle.c

om/techne

A-ORA-

MYSQ-

070219/537


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


227

Vulnerability


Security : Privileges). Supported


8.0.13 and prior. Easily




protocols to compromise MySQL

Server. Successful attacks of this




data or all MySQL Server



CVSS Vector:


/S:U/C:N/I:H/A:N).

CVE ID : CVE-2019-2533

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml,

https://se

curity.neta

pp.com/ad

visory/nta

p-

20190118

-0002/

N/A 2019-01-16 4




Security: Privileges). Supported















Vector:


https://se

curity.neta

pp.com/ad

visory/nta

p-

20190118

-0002/,

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

MYSQ-

070219/538


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


228

Vulnerability


/S:U/C:N/I:N/A:H).

CVE ID : CVE-2019-2532

N/A 2019-01-16 4



















Vector:


/S:U/C:N/I:N/A:H).

CVE ID : CVE-2019-2531

https://se

curity.neta

pp.com/ad

visory/nta

p-

20190118

-0002/,

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

MYSQ-

070219/539

N/A 2019-01-16 4




Optimizer). Supported versions










https://se

curity.neta

pp.com/ad

visory/nta

p-

20190118

-0002/,

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

A-ORA-

MYSQ-

070219/540


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


229

Vulnerability






Vector:


/S:U/C:N/I:N/A:H).

CVE ID : CVE-2019-2530

pujan2019

-

5072801.h

tml

N/A 2019-01-16 4



















Vector:


/S:U/C:N/I:N/A:H).

CVE ID : CVE-2019-2529

https://se

curity.neta

pp.com/ad

visory/nta

p-

20190118

-0002/,

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

MYSQ-

070219/541

N/A 2019-01-16 4




Partition). Supported versions


prior and 8.0.13 and prior. Easily


https://se

curity.neta

pp.com/ad

visory/nta

p-

20190118

-0002/,

A-ORA-

MYSQ-

070219/542


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


230

Vulnerability












Vector:


/S:U/C:N/I:N/A:H).

CVE ID : CVE-2019-2528

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

N/A 2019-01-16 1.2



MySQL (subcomponent: Shell).


affected are 8.0.13 and prior.




where MySQL Server executes to





vulnerability is in MySQL Server,





access to a subset of MySQL

Server accessible data. CVSS 3.0



(CVSS:3.0/AV:L/AC:H/PR:L/UI:R

/S:C/C:L/I:N/A:N).

https://se

curity.neta

pp.com/ad

visory/nta

p-

20190118

-0002/,

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

MYSQ-

070219/543


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


231

Vulnerability


CVE ID : CVE-2019-2513

N/A 2019-01-16 4



MySQL (subcomponent: InnoDB).


affected are 5.7.24 and prior and

8.0.13 and prior. Easily












Vector:


/S:U/C:N/I:N/A:H).

CVE ID : CVE-2019-2510

https://se

curity.neta

pp.com/ad

visory/nta

p-

20190118

-0002/,

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

MYSQ-

070219/544

N/A 2019-01-16 4

















https://se

curity.neta

pp.com/ad

visory/nta

p-

20190118

-0002/,

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

A-ORA-

MYSQ-

070219/545


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


232

Vulnerability




Vector:


/S:U/C:N/I:N/A:H).

CVE ID : CVE-2019-2507

tml

N/A 2019-01-16 3.8




Connection Handling). Supported


5.6.42 and prior, 5.7.24 and prior

and 8.0.13 and prior. Difficult to

exploit vulnerability allows low

privileged attacker with access to

the physical communication

segment attached to the

hardware where the MySQL

Server executes to compromise

MySQL Server. Successful attacks




MySQL Server accessible data and





(Confidentiality and Availability


(CVSS:3.0/AV:A/AC:H/PR:L/UI:N

/S:U/C:H/I:N/A:H).

CVE ID : CVE-2019-2503

https://se

curity.neta

pp.com/ad

visory/nta

p-

20190118

-0002/,

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

MYSQ-

070219/546

N/A 2019-01-16 4



MySQL (subcomponent: InnoDB).


https://se

curity.neta

pp.com/ad

visory/nta

A-ORA-

MYSQ-

070219/547


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


233

Vulnerability


affected are 8.0.13 and prior.












Vector:


/S:U/C:N/I:N/A:H).

CVE ID : CVE-2019-2502

p-

20190118

-0002/,

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

N/A 2019-01-16 4

















Vector:


/S:U/C:N/I:N/A:H).

CVE ID : CVE-2019-2495

https://se

curity.neta

pp.com/ad

visory/nta

p-

20190118

-0002/,

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

MYSQ-

070219/548

N/A 2019-01-16 4 Vulnerability in the MySQL https://se A-ORA-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


234

Vulnerability

















Vector:


/S:U/C:N/I:N/A:H).

CVE ID : CVE-2019-2494

curity.neta

pp.com/ad

visory/nta

p-

20190118

-0002/,

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

MYSQ-

070219/549

N/A 2019-01-16 4




Security: Privileges). Supported















Vector:

https://se

curity.neta

pp.com/ad

visory/nta

p-

20190118

-0002/,

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

MYSQ-

070219/550


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


235

Vulnerability



/S:U/C:N/I:N/A:H).

CVE ID : CVE-2019-2486

N/A 2019-01-16 4




PS). Supported versions that are

affected are 5.6.42 and prior,














Vector:


/S:U/C:N/I:N/A:H).

CVE ID : CVE-2019-2482

https://se

curity.neta

pp.com/ad

visory/nta

p-

20190118

-0002/,

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

MYSQ-

070219/551

N/A 2019-01-16 4













https://se

curity.neta

pp.com/ad

visory/nta

p-

20190118

-0002/,

http://ww

w.oracle.c

om/techne

twork/sec

urity-

A-ORA-

MYSQ-

070219/552


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


236

Vulnerability








Vector:


/S:U/C:N/I:N/A:H).

CVE ID : CVE-2019-2481

advisory/c

pujan2019

-

5072801.h

tml

N/A 2019-01-16 4




Parser). Supported versions that

are affected are 5.6.42 and prior,














Vector:


/S:U/C:N/I:N/A:H).

CVE ID : CVE-2019-2455

https://se

curity.neta

pp.com/ad

visory/nta

p-

20190118

-0002/,

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

MYSQ-

070219/553

N/A 2019-01-16 5.5






https://se

curity.neta

pp.com/ad

visory/nta

p-

A-ORA-

MYSQ-

070219/554


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


237

Vulnerability












Server as well as unauthorized

update, insert or delete access to

some of MySQL Server accessible


(Integrity and Availability



/S:U/C:N/I:L/A:H).

CVE ID : CVE-2019-2436

20190118

-0002/,

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

N/A 2019-01-16 4




Parser). Supported versions that

are affected are 5.7.24 and prior

and 8.0.13 and prior. Easily












Vector:


https://se

curity.neta

pp.com/ad

visory/nta

p-

20190118

-0002/,

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

MYSQ-

070219/555


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


238

Vulnerability


/S:U/C:N/I:N/A:H).

CVE ID : CVE-2019-2434

N/A 2019-01-16 4






prior and 8.0.13 and prior. Easily












Vector:


/S:U/C:N/I:N/A:H).

CVE ID : CVE-2019-2420

https://se

curity.neta

pp.com/ad

visory/nta

p-

20190118

-0002/,

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

MYSQ-

070219/556

Outside In Technology

DoS 2019-01-16 5





Outside In Filters). Supported


8.5.3 and 8.5.4. Easily exploitable




compromise Oracle Outside In

Technology. Successful attacks of


http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

OUTS-

070219/557


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


239

Vulnerability




DOS) of Oracle Outside In

Technology. Note: Outside In

Technology is a suite of software

development kits (SDKs). The

protocol and CVSS score depend

on the software that uses the

Outside In Technology code. The

CVSS score assumes that the

software passes data received

over a network directly to

Outside In Technology code, but

if data is not received over a

network the CVSS score may be

lower. CVSS 3.0 Base Score 5.3


Vector:


/S:U/C:N/I:N/A:L).

CVE ID : CVE-2019-2480

N/A 2019-01-16 5

















Outside In Technology. Note:

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

OUTS-

070219/558


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


240

Vulnerability


Outside In Technology is a suite

of software development kits

(SDKs). The protocol and CVSS

score depend on the software

that uses the Outside In

Technology code. The CVSS score

assumes that the software passes

data received over a network

directly to Outside In Technology

code, but if data is not received

over a network the CVSS score

may be lower. CVSS 3.0 Base

Score 7.5 (Availability impacts).

CVSS Vector:


/S:U/C:N/I:N/A:H).

CVE ID : CVE-2019-2479

DoS 2019-01-16 5






















http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

OUTS-

070219/559


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


241

Vulnerability











Vector:


/S:U/C:N/I:N/A:L).

CVE ID : CVE-2019-2478

N/A 2019-01-16 5


























http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

OUTS-

070219/560


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


242

Vulnerability







CVSS Vector:


/S:U/C:N/I:N/A:H).

CVE ID : CVE-2019-2477

N/A 2019-01-16 5






























http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

OUTS-

070219/561


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


243

Vulnerability



CVSS Vector:


/S:U/C:N/I:N/A:H).

CVE ID : CVE-2019-2476

N/A 2019-01-16 5































CVSS Vector:


/S:U/C:N/I:N/A:H).

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

OUTS-

070219/562


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


244

Vulnerability


CVE ID : CVE-2019-2475

N/A 2019-01-16 5































CVSS Vector:


/S:U/C:N/I:N/A:H).

CVE ID : CVE-2019-2474

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

OUTS-

070219/563

N/A 2019-01-16 5 Vulnerability in the Oracle



http://ww

w.oracle.c

om/techne

A-ORA-

OUTS-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


245

Vulnerability





























CVSS Vector:


/S:U/C:N/I:N/A:H).

CVE ID : CVE-2019-2473

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

070219/564

DoS 2019-01-16 5








http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

A-ORA-

OUTS-

070219/565


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


246

Vulnerability

























Vector:


/S:U/C:N/I:N/A:L).

CVE ID : CVE-2019-2472

-

5072801.h

tml

N/A 2019-01-16 5.8







8.5.3 and 8.5.4. Difficult to exploit





http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

OUTS-

070219/566


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


247

Vulnerability







Outside In Technology and


subset of Oracle Outside In

Technology accessible data. Note:















Vector:


/S:U/C:L/I:N/A:H).

CVE ID : CVE-2019-2469

N/A 2019-01-16 5












http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

OUTS-

070219/567


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


248

Vulnerability





















CVSS Vector:


/S:U/C:N/I:N/A:H).

CVE ID : CVE-2019-2468

N/A 2019-01-16 5
















http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

OUTS-

070219/568


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


249

Vulnerability

















CVSS Vector:


/S:U/C:N/I:N/A:H).

CVE ID : CVE-2019-2467

N/A 2019-01-16 5




















http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

OUTS-

070219/569


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


250

Vulnerability











Score 5.3 (Confidentiality



/S:U/C:L/I:N/A:N).

CVE ID : CVE-2019-2466

N/A 2019-01-16 5

























http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

OUTS-

070219/570


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


251

Vulnerability









/S:U/C:L/I:N/A:N).

CVE ID : CVE-2019-2465

N/A 2019-01-16 5






























http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

OUTS-

070219/571


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


252

Vulnerability




/S:U/C:L/I:N/A:N).

CVE ID : CVE-2019-2464

DoS 2019-01-16 6.4
















Outside In Technology accessible

data and unauthorized ability to


(partial DOS) of Oracle Outside In














(Integrity and Availability


http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

OUTS-

070219/572


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


253

Vulnerability



/S:U/C:N/I:L/A:L).

CVE ID : CVE-2019-2463

DoS +Info 2019-01-16 6.4












Technology. While the

vulnerability is in Oracle Outside

In Technology, attacks may






Technology accessible data and
















http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

OUTS-

070219/573


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


254

Vulnerability






/S:C/C:L/I:N/A:L).

CVE ID : CVE-2019-2462

DoS 2019-01-16 5































Vector:


http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

OUTS-

070219/574


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


255

Vulnerability


/S:U/C:N/I:N/A:L).

CVE ID : CVE-2019-2461

DoS 2019-01-16 5





Outside In Filters). The supported

























Vector:


/S:U/C:N/I:N/A:L).

CVE ID : CVE-2019-2460

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

OUTS-

070219/575

DoS 2019-01-16 5 Vulnerability in the Oracle


http://ww

w.oracle.c

A-ORA-

OUTS-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


256

Vulnerability






























Vector:


/S:U/C:N/I:N/A:L).

CVE ID : CVE-2019-2459

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

070219/576

DoS 2019-01-16 5







http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

A-ORA-

OUTS-

070219/577


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


257

Vulnerability


























Vector:


/S:U/C:N/I:N/A:L).

CVE ID : CVE-2019-2458

pujan2019

-

5072801.h

tml

DoS 2019-01-16 5











http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

OUTS-

070219/578


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


258

Vulnerability






















Vector:


/S:U/C:N/I:N/A:L).

CVE ID : CVE-2019-2457

DoS 2019-01-16 6.4















http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

OUTS-

070219/579


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


259

Vulnerability



Technology accessible data and




















/S:U/C:L/I:N/A:L).

CVE ID : CVE-2019-2456

N/A 2019-01-16 5.8












Technology. Successful attacks




http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

OUTS-

070219/580


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


260

Vulnerability






Outside In Technology and


















Vector:


/S:U/C:L/I:N/A:H).

CVE ID : CVE-2019-2429

Partner Management

N/A 2019-01-16 5.8




(subcomponent: Partner Detail).


affected are 12.1.1, 12.1.2, 12.1.3,

12.2.3, 12.2.4, 12.2.5, 12.2.6,

12.2.7 and 12.2.8. Easily




http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

PART-

070219/581


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


261

Vulnerability






















/S:C/C:H/I:L/A:N).

CVE ID : CVE-2019-2447

Peoplesoft Enterprise

N/A 2019-01-16 5.8

Vulnerability in the PeopleSoft

Enterprise SCM eProcurement

component of Oracle PeopleSoft

Products (subcomponent:

Manage Requisition Status). The


is 9.2. Easily exploitable




compromise PeopleSoft

Enterprise SCM eProcurement.




http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

PEOP-

070219/582


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


262

Vulnerability


vulnerability is in PeopleSoft

Enterprise SCM eProcurement,






PeopleSoft Enterprise SCM

eProcurement accessible data as


to a subset of PeopleSoft

Enterprise SCM eProcurement





/S:C/C:L/I:L/A:N).

CVE ID : CVE-2019-2519

Peoplesoft Enterprise Campus Software Campus Community

N/A 2019-01-16 2.6


Enterprise CS Campus

Community component of Oracle

PeopleSoft Products

(subcomponent: Frameworks).







Enterprise CS Campus

Community. Successful attacks







http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

PEOP-

070219/583


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


263

Vulnerability


PeopleSoft Enterprise CS Campus

Community accessible data. CVSS

3.0 Base Score 3.1 (Integrity



/S:U/C:N/I:L/A:N).

CVE ID : CVE-2019-2493

Peoplesoft Enterprise Cost Center Common Application Objects

N/A 2019-01-16 4.9


Enterprise CC Common

Application Objects component of

Oracle PeopleSoft Products

(subcomponent: Form and

Approval Builder). The supported







Application Objects. Successful






Application Objects, attacks may






PeopleSoft Enterprise CC

Common Application Objects



subset of PeopleSoft Enterprise

CC Common Application Objects

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

PEOP-

070219/584


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


264

Vulnerability



Enterprise Common Component

is used by all PeopleSoft

Application products. Please refer

to the <a target="_blank"

href="https://support.oracle.com

/rs?type=doc&id=2487756.1">M

OS Note Doc ID 2493366.1 for

patch information. CVSS 3.0 Base




/S:C/C:L/I:L/A:N).

CVE ID : CVE-2019-2419

Peoplesoft Enterprise Peopletools

N/A 2019-01-16 5.8


Enterprise PeopleTools


Products (subcomponent: PIA

Search Functionality). Supported


8.55, 8.56 and 8.57. Easily





Enterprise PeopleTools.





Enterprise PeopleTools, attacks






PeopleSoft Enterprise

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

PEOP-

070219/585


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


265

Vulnerability


PeopleTools accessible data as








/S:C/C:L/I:L/A:N).

CVE ID : CVE-2019-2499

N/A 2019-01-16 4.3




Products (subcomponent: Panel

Processor). Supported versions

that are affected are 8.55, 8.56

and 8.57. Easily exploitable

















PeopleTools accessible data. CVSS

3.0 Base Score 4.7 (Integrity



/S:C/C:N/I:L/A:N).

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

PEOP-

070219/586


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


266

Vulnerability


CVE ID : CVE-2019-2490

N/A 2019-01-16 5.8




Products (subcomponent: Portal).


affected are 8.55, 8.56 and 8.57.

























/S:C/C:L/I:L/A:N).

CVE ID : CVE-2019-2471

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

PEOP-

070219/587

N/A 2019-01-16 6.5




Products (subcomponent: XML

Publisher). Supported versions

http://ww

w.oracle.c

om/techne

twork/sec

urity-

A-ORA-

PEOP-

070219/588


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


267

Vulnerability








PeopleTools. Successful attacks of


takeover of PeopleSoft Enterprise

PeopleTools. CVSS 3.0 Base Score

7.2 (Confidentiality, Integrity and


Vector:


/S:U/C:H/I:H/A:H).

CVE ID : CVE-2019-2443

advisory/c

pujan2019

-

5072801.h

tml

N/A 2019-01-16 5.8




Products (subcomponent: Fluid

Core). Supported versions that

are affected are 8.55, 8.56 and

8.57. Easily exploitable
















http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

PEOP-

070219/589


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


268

Vulnerability











/S:C/C:L/I:L/A:N).

CVE ID : CVE-2019-2442

N/A 2019-01-16 5.8




























http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

PEOP-

070219/590


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


269

Vulnerability





/S:C/C:L/I:L/A:N).

CVE ID : CVE-2019-2439

N/A 2019-01-16 6.5




Products (subcomponent: XML

Publisher). Supported versions













Vector:


/S:U/C:H/I:H/A:H).

CVE ID : CVE-2019-2433

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

PEOP-

070219/591

N/A 2019-01-16 5.8




Products (subcomponent: PIA

Search). Supported versions that

are affected are 8.55, 8.56 and

8.57. Easily exploitable





http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

PEOP-

070219/592


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


270

Vulnerability






















/S:C/C:L/I:L/A:N).

CVE ID : CVE-2019-2423

N/A 2019-01-16 6.4





Performance Monitor).












http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

PEOP-

070219/593


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


271

Vulnerability











/S:U/C:L/I:L/A:N).

CVE ID : CVE-2019-2417

N/A 2019-01-16 6.5





Application Server). Supported


8.55, 8.56 and 8.57. Easily












Vector:


/S:U/C:H/I:H/A:H).

CVE ID : CVE-2019-2416

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

PEOP-

070219/594

N/A 2019-01-16 4.3




Products (subcomponent: Feeds).

http://ww

w.oracle.c

om/techne

twork/sec

A-ORA-

PEOP-

070219/595


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


272

Vulnerability














access to a subset of PeopleSoft






/S:U/C:L/I:N/A:N).

CVE ID : CVE-2019-2408

urity-

advisory/c

pujan2019

-

5072801.h

tml

N/A 2019-01-16 6





Security). Supported versions


and 8.57. Difficult to exploit











Vector:

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

PEOP-

070219/596


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


273

Vulnerability


(CVSS:3.0/AV:N/AC:H/PR:L/UI:N

/S:U/C:H/I:H/A:H).

CVE ID : CVE-2019-2405

+Info 2019-01-16 5















subset of PeopleSoft Enterprise

PeopleTools accessible data. CVSS

3.0 Base Score 5.3


Vector:


/S:U/C:L/I:N/A:N).

CVE ID : CVE-2019-2404

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

PEOP-

070219/597

Primavera P6 Enterprise Project Portfolio Management

N/A 2019-01-16 4

Vulnerability in the Primavera P6

Enterprise Project Portfolio

Management component of

Oracle Construction and

Engineering Suite

(subcomponent: Web Access).


affected are 8.4, 15.1, 15.2, 16.1,

16.2, 17.7-17.12 and 18.8.



http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

PRIM-

070219/598


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


274

Vulnerability



compromise Primavera P6

Enterprise Project Portfolio





Primavera P6 Enterprise Project

Portfolio Management, attacks






Primavera P6 Enterprise Project

Portfolio Management accessible

data as well as unauthorized read

access to a subset of Primavera

P6 Enterprise Project Portfolio






/S:C/C:L/I:L/A:N).

CVE ID : CVE-2019-2512

Reports Developer

N/A 2019-01-16 5.8


Reports Developer component of

Oracle Fusion Middleware

(subcomponent: Valid Session).


affected is 12.2.1.3. Easily




compromise Oracle Reports

Developer. Successful attacks

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

REPO-

070219/599


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


275

Vulnerability





Oracle Reports Developer, attacks






Oracle Reports Developer



subset of Oracle Reports

Developer accessible data. CVSS

3.0 Base Score 6.1




/S:C/C:L/I:L/A:N).

CVE ID : CVE-2019-2413

Retail Merchandising System

N/A 2019-01-16 6.4

Vulnerability in the Oracle Retail

Merchandising System

component of Oracle Retail


Security (SQL Logger)). The






compromise Oracle Retail

Merchandising System.





Retail Merchandising System

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

RETA-

070219/600


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


276

Vulnerability




subset of Oracle Retail

Merchandising System accessible





/S:U/C:L/I:L/A:N).

CVE ID : CVE-2018-3125

Retail Xstore Payment

DoS 2019-01-16 7.5

Vulnerability in the Oracle Retail

Xstore Payment component of

Oracle Retail Applications

(subcomponent: Security). The






compromise Oracle Retail Xstore

Payment. Successful attacks of




Oracle Retail Xstore Payment




Retail Xstore Payment accessible

data and unauthorized ability to


(partial DOS) of Oracle Retail

Xstore Payment. CVSS 3.0 Base





http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

RETA-

070219/601


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


277

Vulnerability


/S:U/C:H/I:L/A:L).

CVE ID : CVE-2018-3311

Sun Zfs Storage Appliance Kit

N/A 2019-01-16 4.4

Vulnerability in the Sun ZFS

Storage Appliance Kit (AK)

component of Oracle Sun Systems

Products Suite (subcomponent:

Object Store). The supported

version that is affected is prior to

8.8.2. Difficult to exploit



the infrastructure where Sun ZFS

Storage Appliance Kit (AK)

executes to compromise Sun ZFS

Storage Appliance Kit (AK).



takeover of Sun ZFS Storage

Appliance Kit (AK). CVSS 3.0 Base




(CVSS:3.0/AV:L/AC:H/PR:H/UI:N

/S:U/C:H/I:H/A:H).

CVE ID : CVE-2019-2412

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-SUN

-

070219/602

Transportation Management

N/A 2019-01-16 4


Transportation Management

component of Oracle Supply

Chain Products Suite

(subcomponent: UI

Infrastructure). Supported


6.3.7, 6.4.1, 6.4.2 and 6.4.3. Easily



http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

A-ORA-

TRAN-

070219/603


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


278

Vulnerability



compromise Oracle

Transportation Management.





data or all Oracle Transportation





/S:U/C:N/I:H/A:N).

CVE ID : CVE-2019-2487

tml

Vm Virtualbox

N/A 2019-01-16 2.1

Vulnerability in the Oracle VM

VirtualBox component of Oracle

Virtualization (subcomponent:


are affected are prior to 5.2.24

and prior to 6.0.2. Easily




Oracle VM VirtualBox executes to

compromise Oracle VM

VirtualBox. While the

vulnerability is in Oracle VM

VirtualBox, attacks may






Oracle VM VirtualBox accessible



Vector:

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-VM

V-

070219/604


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


279

Vulnerability



/S:C/C:H/I:N/A:N).

CVE ID : CVE-2019-2556

N/A 2019-01-16 2.1























Vector:


/S:C/C:H/I:N/A:N).

CVE ID : CVE-2019-2555

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-VM

V-

070219/605

N/A 2019-01-16 2.1









http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

A-ORA-VM

V-

070219/606


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


280

Vulnerability
















Vector:


/S:C/C:H/I:N/A:N).

CVE ID : CVE-2019-2554

5072801.h

tml

N/A 2019-01-16 2.1



















subset of Oracle VM VirtualBox


http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-VM

V-

070219/607


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


281

Vulnerability





/S:C/C:L/I:N/A:N).

CVE ID : CVE-2019-2553

N/A 2019-01-16 4.6


















takeover of Oracle VM VirtualBox.




Vector:


/S:C/C:H/I:H/A:H).

CVE ID : CVE-2019-2552

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-VM

V-

070219/608

N/A 2019-01-16 4.6








http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

A-ORA-VM

V-

070219/609


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


282

Vulnerability






VirtualBox. Successful attacks of






Vector:


/S:U/C:H/I:H/A:H).

CVE ID : CVE-2019-2548

-

5072801.h

tml

N/A 2019-01-16 2.1





















VM VirtualBox. CVSS 3.0 Base


CVSS Vector:


http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-VM

V-

070219/610


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


283

Vulnerability


/S:C/C:N/I:N/A:H).

CVE ID : CVE-2019-2527

N/A 2019-01-16 4.4






and prior to 6.0.2. Difficult to



the infrastructure where Oracle

VM VirtualBox executes to












Vector:

(CVSS:3.0/AV:L/AC:H/PR:L/UI:N

/S:C/C:H/I:H/A:H).

CVE ID : CVE-2019-2526

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-VM

V-

070219/611

N/A 2019-01-16 1.9











http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-VM

V-

070219/612


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


284

Vulnerability














Vector:


/S:C/C:H/I:N/A:N).

CVE ID : CVE-2019-2525

N/A 2019-01-16 4.6






















Vector:

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-VM

V-

070219/613


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


285

Vulnerability



/S:C/C:H/I:H/A:H).

CVE ID : CVE-2019-2524

N/A 2019-01-16 4.4






















Vector:


/S:C/C:H/I:H/A:H).

CVE ID : CVE-2019-2523

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-VM

V-

070219/614

N/A 2019-01-16 4.4










http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

A-ORA-VM

V-

070219/615


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


286

Vulnerability














Vector:


/S:C/C:H/I:H/A:H).

CVE ID : CVE-2019-2522

tml

N/A 2019-01-16 4.4






















Vector:

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-VM

V-

070219/616


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


287

Vulnerability



/S:C/C:H/I:H/A:H).

CVE ID : CVE-2019-2521

N/A 2019-01-16 4.4






















Vector:


/S:C/C:H/I:H/A:H).

CVE ID : CVE-2019-2520

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-VM

V-

070219/617

N/A 2019-01-16 7.8









network access via SOAP to

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

A-ORA-VM

V-

070219/618


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


288

Vulnerability










CVSS Vector:


/S:U/C:N/I:N/A:H).

CVE ID : CVE-2019-2511

tml

N/A 2019-01-16 4.9























CVSS Vector:


/S:C/C:N/I:N/A:H).

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-VM

V-

070219/619


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


289

Vulnerability


CVE ID : CVE-2019-2509

N/A 2019-01-16 4.9























CVSS Vector:


/S:C/C:N/I:N/A:H).

CVE ID : CVE-2019-2508

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-VM

V-

070219/620

N/A 2019-01-16 2.1












http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-VM

V-

070219/621


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


290

Vulnerability














/S:C/C:L/I:N/A:N).

CVE ID : CVE-2019-2506

N/A 2019-01-16 2.1
























/S:C/C:L/I:N/A:N).

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-VM

V-

070219/622


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


291

Vulnerability


CVE ID : CVE-2019-2505

N/A 2019-01-16 2.1
























/S:C/C:L/I:N/A:N).

CVE ID : CVE-2019-2504

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-VM

V-

070219/623

N/A 2019-01-16 2.1













http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-VM

V-

070219/624


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


292

Vulnerability













/S:C/C:L/I:N/A:N).

CVE ID : CVE-2019-2501

N/A 2019-01-16 4.6






















Vector:


/S:C/C:H/I:H/A:H).

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-VM

V-

070219/625


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


293

Vulnerability


CVE ID : CVE-2019-2500

N/A 2019-01-16 2.1























Vector:


/S:C/C:H/I:N/A:N).

CVE ID : CVE-2019-2451

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-VM

V-

070219/626

N/A 2019-01-16 2.1












http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-VM

V-

070219/627


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


294

Vulnerability













Vector:


/S:C/C:H/I:N/A:N).

CVE ID : CVE-2019-2450

N/A 2019-01-16 2.1



















Vector:


/S:U/C:H/I:N/A:N).

CVE ID : CVE-2019-2448

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-VM

V-

070219/628


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


295

Vulnerability


N/A 2019-01-16 2.1



















Vector:


/S:U/C:H/I:N/A:N).

CVE ID : CVE-2019-2446

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-VM

V-

070219/629

N/A 2019-01-16 4.6




Core). The supported version that

is affected is prior to 5.2.22.




where Oracle VM VirtualBox

executes to compromise Oracle

VM VirtualBox. While the






http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-VM

V-

070219/630


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


296

Vulnerability






Vector:

(CVSS:3.0/AV:L/AC:L/PR:H/UI:N

/S:C/C:H/I:H/A:H).

CVE ID : CVE-2018-3309

Web Cache

N/A 2019-01-16 4

Vulnerability in the Oracle Web

Cache component of Oracle

Fusion Middleware

(subcomponent: ESI/Partial Page

Caching). The supported version

that is affected is 11.1.1.9.0.




compromise Oracle Web Cache.




vulnerability is in Oracle Web

Cache, attacks may significantly






Oracle Web Cache accessible data



Oracle Web Cache accessible





http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-WEB

-

070219/631


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


297

Vulnerability


/S:C/C:H/I:L/A:N).

CVE ID : CVE-2019-2438

Webcenter Portal

N/A 2019-01-16 5


WebCenter Portal component of


(subcomponent: WebCenter

Spaces Application). Supported


11.1.1.9.0 and 12.2.1.3.0. Easily




compromise Oracle WebCenter

Portal. Successful attacks of this




WebCenter Portal accessible data.




/S:U/C:N/I:L/A:N).

CVE ID : CVE-2019-2427

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

WEBC-

070219/632

Weblogic Server

N/A 2019-01-16 6.5


WebLogic Server component of


(subcomponent: WLS Core

Components). Supported


10.3.6.0, 12.1.3.0 and 12.2.1.3.




compromise Oracle WebLogic


http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

WEBL-

070219/633


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


298

Vulnerability





data or all Oracle WebLogic

Server accessible data as well as


subset of Oracle WebLogic Server


ability to cause a hang or

frequently repeatable crash

(complete DOS) of Oracle

WebLogic Server. CVSS 3.0 Base





/S:U/C:L/I:H/A:H).

CVE ID : CVE-2019-2452

N/A 2019-01-16 5




(subcomponent: Application

Container - JavaEE). The


is 12.2.1.3. Easily exploitable













/S:U/C:L/I:N/A:N).

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

WEBL-

070219/634


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


299

Vulnerability


CVE ID : CVE-2019-2441

DoS 2019-01-16 6.8




(subcomponent: WLS Core

Components). Supported


10.3.6.0, 12.1.3.0 and 12.2.1.3.



with network access via T3 to


Server. While the vulnerability is

in Oracle WebLogic Server,






Oracle WebLogic Server












/S:C/C:L/I:L/A:L).

CVE ID : CVE-2019-2418

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

WEBL-

070219/635

N/A 2019-01-16 4




(subcomponent: WLS -

Deployment). Supported versions

http://ww

w.oracle.c

om/techne

twork/sec

urity-

A-ORA-

WEBL-

070219/636


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


300

Vulnerability



12.1.3.0 and 12.2.1.3. Easily









WebLogic Server accessible data.




/S:U/C:N/I:L/A:N).

CVE ID : CVE-2019-2398

advisory/c

pujan2019

-

5072801.h

tml

DoS 2019-01-16 5.5




(subcomponent: WLS - Web

Services). The supported version

that is affected is 10.3.6.0. Easily















Vector:


http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

A-ORA-

WEBL-

070219/637


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


301

Vulnerability


/S:U/C:L/I:N/A:L).

CVE ID : CVE-2019-2395

Phpshe

Phpshe

Sql 2019-01-23 6.5

PHPSHE 1.7 has SQL injection via

the admin.php?mod=order state

parameter.

CVE ID : CVE-2019-6708

N/A

A-PHP-

PHPS-

070219/638

Sql 2019-01-23 6.5

PHPSHE 1.7 has SQL injection via

the

admin.php?mod=product&act=st

ate product_id[] parameter.

CVE ID : CVE-2019-6707

N/A

A-PHP-

PHPS-

070219/639

SAS

Web Infrastructure Platform

XSS 2019-01-16 4.3

Logon Manager in SAS Web

Infrastructure Platform before

9.4M3 allows reflected XSS on the

Timeout page.

CVE ID : CVE-2015-9281

N/A

A-SAS-WEB

-

070219/640

Smartertools

Smartermail

XSS Bypass 2019-01-16 4.3

SmarterTools SmarterMail before

13.3.5535 was vulnerable to

stored XSS by bypassing the anti-

XSS mechanisms. It was possible

to run JavaScript code when a

victim user opens or replies to

the attacker's email, which

contained a malicious payload.

Therefore, users' passwords

could be reset by using an XSS

attack, as the password reset

page did not need the current

N/A

A-SMA-

SMAR-

070219/641


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


302

Vulnerability


password.

CVE ID : CVE-2015-9276

Zoneminder

Zoneminder

XSS 2019-01-24 4.3


ZoneMinder v1.32.3. Reflected

XSS exists in

web/skins/classic/views/plugin.

php via the

zm/index.php?view=plugin pl

parameter.

CVE ID : CVE-2019-6777

N/A

A-ZON-

ZONE-

070219/642

OS

Oracle

Solaris

+Info 2019-01-16 2.1

Vulnerability in the Oracle Solaris



Kernel). Supported versions that

are affected are 10 and 11. Easily




Oracle Solaris executes to

compromise Oracle Solaris.




subset of Oracle Solaris accessible



Vector:

(CVSS:3.0/AV:L/AC:L/PR:N/UI:N

/S:U/C:L/I:N/A:N).

CVE ID : CVE-2019-2544

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

O-ORA-

SOLA-

070219/643


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


303

Vulnerability


+Info 2019-01-16 5




Kernel). Supported versions that

are affected are 10 and 11. Easily



network access via KSSL to





subset of Oracle Solaris accessible



Vector:


/S:U/C:L/I:N/A:N).

CVE ID : CVE-2019-2543

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

O-ORA-

SOLA-

070219/644

N/A 2019-01-16 5.4




DHCP Client). The supported

version that is affected is 10.



with access to the physical

communication segment attached

to the hardware where the Oracle

Solaris executes to compromise

Oracle Solaris. Successful attacks


takeover of Oracle Solaris. CVSS

3.0 Base Score 7.5



Vector:

(CVSS:3.0/AV:A/AC:H/PR:N/UI:N

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

O-ORA-

SOLA-

070219/645


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


304

Vulnerability


/S:U/C:H/I:H/A:H).

CVE ID : CVE-2019-2541

N/A 2019-01-16 7.8




Kernel). The supported version

that is affected is 11. Easily



network access via TCP to







Solaris. CVSS 3.0 Base Score 7.5


Vector:


/S:U/C:N/I:N/A:H).

CVE ID : CVE-2019-2437

http://ww

w.oracle.c

om/techne

twork/sec

urity-

advisory/c

pujan2019

-

5072801.h

tml

O-ORA-

SOLA-

070219/646

Qualcomm

Mdm9206 Firmware

DoS 2019-01-18 4.9

Improper input validation in

trustzone can lead to denial of

service in snapdragon

automobile, snapdragon mobile

and snapdragon wear in versions

MDM9206, MDM9607,

MDM9635M, MDM9650,

MDM9655, MSM8996AU, SD

210/SD 212/SD 205, SD 410/12,

SD 636, SD 820, SD 820A, SD 835,

SD 845 / SD 850, SDA660,

SDM630, SDM660, SDX24

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MDM9-

070219/647


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


305

Vulnerability


CVE ID : CVE-2018-11999

N/A 2019-01-18 7.9

While processing a packet decode

request in MQTT, Race condition

can occur leading to an out-of-

bounds access in snapdragon

mobile and snapdragon wear in

versions MDM9206, MDM9607,

SD 210/SD 212/SD 205, SD 427,

SD 435, SD 450, SD 625, SD 636,

SD 835, SDA660, SDM630,

SDM660,

Snapdragon_High_Med_2016

CVE ID : CVE-2018-11998

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MDM9-

070219/648

Overflow 2019-01-18 8.3

Improper check while accessing

the local memory stack on MQTT

connection request can lead to

buffer overflow in snapdragon

wear in versions MDM9206,

MDM9607

CVE ID : CVE-2018-11993

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MDM9-

070219/649

Overflow 2019-01-18 8.3

Improper validation of buffer

length checks in the lwm2m

device management protocol can

leads to a buffer overflow in

snapdragon mobile and

snapdragon wear in versions

MDM9206, MDM9607, SD

210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5881

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MDM9-

070219/650

Overflow 2019-01-18 7.2

Improper data length check while

processing an event report

indication can lead to a buffer

overflow in snapdragon mobile

https://w

ww.qualco

mm.com/c

ompany/p

O-QUA-

MDM9-

070219/651


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


306

Vulnerability




210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5880

roduct-

security/b

ulletins

Overflow 2019-01-18 8.3

Improper length check while

processing an MQTT message can

lead to heap overflow in




210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5879

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MDM9-

070219/652

N/A 2019-01-18 7.2

Improper input validation in the

QTEE keymaster app can lead to

invalid memory access in



MDM9206, MDM9607,

MSM8909W, SD 210/SD 212/SD

205, SD 410/12, SD 615/16/SD

415, SD 800, SD 810

CVE ID : CVE-2018-5869

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MDM9-

070219/653

Overflow 2019-01-18 7.2

Lack of checking input size can

lead to buffer overflow In

WideVine in snapdragon



MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MDM9-

070219/654


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


307

Vulnerability


SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,

Snapdragon_High_Med_2016,

SXR1130

CVE ID : CVE-2018-5867

Bypass 2019-01-18 2.1

Anti-rollback can be bypassed in

replay scenario during app

loading due to improper error

handling of RPMB writes in

snapdragon automobile,



MDM9206, MDM9607,


210/SD 212/SD 205, SD 425, SD

430, SD 450, SD 625, SD 650/52,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-3595

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MDM9-

070219/655

N/A 2019-01-18 4.6

Improper authorization involving

a fuse in TrustZone in




MDM9206, MDM9607,

MSM8996AU, SD 210/SD 212/SD

205, SD 410/12, SD 425, SD 427,

SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MDM9-

070219/656


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


308

Vulnerability


SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,

Snapdragon_High_Med_2016.

CVE ID : CVE-2017-8276

Mdm9607 Firmware

DoS 2019-01-18 4.9






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 636, SD 820, SD 820A, SD 835,

SD 845 / SD 850, SDA660,


CVE ID : CVE-2018-11999

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MDM9-

070219/657

N/A 2019-01-18 7.9







SD 210/SD 212/SD 205, SD 427,

SD 435, SD 450, SD 625, SD 636,

SD 835, SDA660, SDM630,

SDM660,


CVE ID : CVE-2018-11998

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MDM9-

070219/658

Overflow 2019-01-18 8.3

Improper check while accessing

the local memory stack on MQTT

connection request can lead to

buffer overflow in snapdragon

wear in versions MDM9206,

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

O-QUA-

MDM9-

070219/659


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


309

Vulnerability


MDM9607

CVE ID : CVE-2018-11993

security/b

ulletins

N/A 2019-01-18 10

Exception in Modem IP stack

while processing IPv6 packet in




MDM9607, MDM9640,

MDM9650, MSM8909W,


205, SD 425, SD 430, SD 712 / SD

710 / SD 670, SD 820, SD 820A,

SD 835, SD 845 / SD 850,

SDA660, SDX20, SXR1130

CVE ID : CVE-2018-5915

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MDM9-

070219/660

Overflow 2019-01-18 8.3








210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5881

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MDM9-

070219/661

Overflow 2019-01-18 7.2







210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MDM9-

070219/662


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


310

Vulnerability


SDM630, SDM660

CVE ID : CVE-2018-5880

Overflow 2019-01-18 8.3







210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5879

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MDM9-

070219/663

N/A 2019-01-18 7.2






MDM9206, MDM9607,

MSM8909W, SD 210/SD 212/SD

205, SD 410/12, SD 615/16/SD

415, SD 800, SD 810

CVE ID : CVE-2018-5869

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MDM9-

070219/664

Overflow 2019-01-18 7.2






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MDM9-

070219/665


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


311

Vulnerability


850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

Bypass 2019-01-18 2.1








MDM9206, MDM9607,


210/SD 212/SD 205, SD 425, SD

430, SD 450, SD 625, SD 650/52,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-3595

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MDM9-

070219/666

N/A 2019-01-18 4.6






MDM9206, MDM9607,


205, SD 410/12, SD 425, SD 427,

SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MDM9-

070219/667


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


312

Vulnerability


Mdm9635m Firmware

DoS 2019-01-18 4.9






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 636, SD 820, SD 820A, SD 835,

SD 845 / SD 850, SDA660,


CVE ID : CVE-2018-11999

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MDM9-

070219/668

Overflow 2019-01-18 7.2






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MDM9-

070219/669

Mdm9640 Firmware

N/A 2019-01-18 10 Exception in Modem IP stack



https://w

ww.qualco

mm.com/c

O-QUA-

MDM9-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


313

Vulnerability




MDM9607, MDM9640,

MDM9650, MSM8909W,


205, SD 425, SD 430, SD 712 / SD

710 / SD 670, SD 820, SD 820A,

SD 835, SD 845 / SD 850,


CVE ID : CVE-2018-5915

ompany/p

roduct-

security/b

ulletins

070219/670

Mdm9650 Firmware

DoS 2019-01-18 4.9






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 636, SD 820, SD 820A, SD 835,

SD 845 / SD 850, SDA660,


CVE ID : CVE-2018-11999

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MDM9-

070219/671

N/A 2019-01-18 10






MDM9607, MDM9640,

MDM9650, MSM8909W,


205, SD 425, SD 430, SD 712 / SD

710 / SD 670, SD 820, SD 820A,

SD 835, SD 845 / SD 850,


https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MDM9-

070219/672


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


314

Vulnerability


CVE ID : CVE-2018-5915

Overflow 2019-01-18 7.2






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MDM9-

070219/673

Bypass 2019-01-18 2.1








MDM9206, MDM9607,


210/SD 212/SD 205, SD 425, SD

430, SD 450, SD 625, SD 650/52,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-3595

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MDM9-

070219/674

Mdm9655 Firmware


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


315

Vulnerability


DoS 2019-01-18 4.9






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 636, SD 820, SD 820A, SD 835,

SD 845 / SD 850, SDA660,


CVE ID : CVE-2018-11999

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MDM9-

070219/675

Overflow 2019-01-18 7.2






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MDM9-

070219/676

Msm8909w Firmware

N/A 2019-01-18 10





https://w

ww.qualco

mm.com/c

ompany/p

O-QUA-

MSM8-

070219/677


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


316

Vulnerability



MDM9607, MDM9640,

MDM9650, MSM8909W,


205, SD 425, SD 430, SD 712 / SD

710 / SD 670, SD 820, SD 820A,

SD 835, SD 845 / SD 850,


CVE ID : CVE-2018-5915

roduct-

security/b

ulletins

N/A 2019-01-18 7.2






MDM9206, MDM9607,

MSM8909W, SD 210/SD 212/SD

205, SD 410/12, SD 615/16/SD

415, SD 800, SD 810

CVE ID : CVE-2018-5869

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MSM8-

070219/678

Msm8996au Firmware

DoS 2019-01-18 4.9






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 636, SD 820, SD 820A, SD 835,

SD 845 / SD 850, SDA660,


CVE ID : CVE-2018-11999

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MSM8-

070219/679




https://w

ww.qualco

mm.com/c

O-QUA-

MSM8-

070219/680


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


317

Vulnerability




MDM9607, MDM9640,

MDM9650, MSM8909W,


205, SD 425, SD 430, SD 712 / SD

710 / SD 670, SD 820, SD 820A,

SD 835, SD 845 / SD 850,


CVE ID : CVE-2018-5915

ompany/p

roduct-

security/b

ulletins

Overflow 2019-01-18 7.2




automobile and snapdragon

mobile in versions MSM8996AU,

SD 425, SD 430, SD 450, SD 625,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-5868

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MSM8-

070219/681

Overflow 2019-01-18 7.2






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MSM8-

070219/682


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


318

Vulnerability



SXR1130

CVE ID : CVE-2018-5867

Bypass 2019-01-18 2.1








MDM9206, MDM9607,


210/SD 212/SD 205, SD 425, SD

430, SD 450, SD 625, SD 650/52,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-3595

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MSM8-

070219/683

N/A 2019-01-18 4.6






MDM9206, MDM9607,


205, SD 410/12, SD 425, SD 427,

SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

MSM8-

070219/684

Sd 205 Firmware


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


319

Vulnerability


DoS 2019-01-18 4.9






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 636, SD 820, SD 820A, SD 835,

SD 845 / SD 850, SDA660,


CVE ID : CVE-2018-11999

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

2-

070219/685

N/A 2019-01-18 7.9







SD 210/SD 212/SD 205, SD 427,

SD 435, SD 450, SD 625, SD 636,

SD 835, SDA660, SDM630,

SDM660,


CVE ID : CVE-2018-11998

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

2-

070219/686

N/A 2019-01-18 10






MDM9607, MDM9640,

MDM9650, MSM8909W,


205, SD 425, SD 430, SD 712 / SD

710 / SD 670, SD 820, SD 820A,

SD 835, SD 845 / SD 850,


https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

2-

070219/687


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


320

Vulnerability


CVE ID : CVE-2018-5915

Overflow 2019-01-18 8.3








210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5881

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

2-

070219/688

Overflow 2019-01-18 7.2







210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5880

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

2-

070219/689

Overflow 2019-01-18 8.3







210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5879

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

2-

070219/690

N/A 2019-01-18 7.2 Improper input validation in the https://w O-QUA-SD


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


321

Vulnerability






MDM9206, MDM9607,

MSM8909W, SD 210/SD 212/SD

205, SD 410/12, SD 615/16/SD

415, SD 800, SD 810

CVE ID : CVE-2018-5869

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

2-

070219/691

Overflow 2019-01-18 7.2






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

2-

070219/692

Bypass 2019-01-18 2.1








MDM9206, MDM9607,


https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

2-

070219/693


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


322

Vulnerability


210/SD 212/SD 205, SD 425, SD

430, SD 450, SD 625, SD 650/52,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-3595

N/A 2019-01-18 4.6






MDM9206, MDM9607,


205, SD 410/12, SD 425, SD 427,

SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

2-

070219/694

Sd 210 Firmware

DoS 2019-01-18 4.9






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 636, SD 820, SD 820A, SD 835,

SD 845 / SD 850, SDA660,


https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

2-

070219/695


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


323

Vulnerability


CVE ID : CVE-2018-11999

N/A 2019-01-18 7.9







SD 210/SD 212/SD 205, SD 427,

SD 435, SD 450, SD 625, SD 636,

SD 835, SDA660, SDM630,

SDM660,


CVE ID : CVE-2018-11998

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

2-

070219/696

N/A 2019-01-18 10






MDM9607, MDM9640,

MDM9650, MSM8909W,


205, SD 425, SD 430, SD 712 / SD

710 / SD 670, SD 820, SD 820A,

SD 835, SD 845 / SD 850,


CVE ID : CVE-2018-5915

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

2-

070219/697

Overflow 2019-01-18 8.3








210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

2-

070219/698


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


324

Vulnerability


CVE ID : CVE-2018-5881

Overflow 2019-01-18 7.2







210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5880

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

2-

070219/699

Overflow 2019-01-18 8.3







210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5879

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

2-

070219/700

N/A 2019-01-18 7.2






MDM9206, MDM9607,

MSM8909W, SD 210/SD 212/SD

205, SD 410/12, SD 615/16/SD

415, SD 800, SD 810

CVE ID : CVE-2018-5869

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

2-

070219/701

Overflow 2019-01-18 7.2 Lack of checking input size can



https://w

ww.qualco

mm.com/c

O-QUA-SD

2-

070219/702


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


325

Vulnerability




MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

ompany/p

roduct-

security/b

ulletins

Bypass 2019-01-18 2.1








MDM9206, MDM9607,


210/SD 212/SD 205, SD 425, SD

430, SD 450, SD 625, SD 650/52,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-3595

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

2-

070219/703

N/A 2019-01-18 4.6






https://w

ww.qualco

mm.com/c

ompany/p

roduct-

O-QUA-SD

2-

070219/704


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


326

Vulnerability


MDM9206, MDM9607,


205, SD 410/12, SD 425, SD 427,

SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

security/b

ulletins

Sd 212 Firmware

DoS 2019-01-18 4.9






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 636, SD 820, SD 820A, SD 835,

SD 845 / SD 850, SDA660,


CVE ID : CVE-2018-11999

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

2-

070219/705

N/A 2019-01-18 7.9







SD 210/SD 212/SD 205, SD 427,

SD 435, SD 450, SD 625, SD 636,

SD 835, SDA660, SDM630,

SDM660,


https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

2-

070219/706


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


327

Vulnerability


CVE ID : CVE-2018-11998

N/A 2019-01-18 10






MDM9607, MDM9640,

MDM9650, MSM8909W,


205, SD 425, SD 430, SD 712 / SD

710 / SD 670, SD 820, SD 820A,

SD 835, SD 845 / SD 850,


CVE ID : CVE-2018-5915

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

2-

070219/707

Overflow 2019-01-18 8.3








210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5881

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

2-

070219/708

Overflow 2019-01-18 7.2







210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

2-

070219/709


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


328

Vulnerability


CVE ID : CVE-2018-5880

Overflow 2019-01-18 8.3







210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5879

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

2-

070219/710

N/A 2019-01-18 7.2






MDM9206, MDM9607,

MSM8909W, SD 210/SD 212/SD

205, SD 410/12, SD 615/16/SD

415, SD 800, SD 810

CVE ID : CVE-2018-5869

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

2-

070219/711

Overflow 2019-01-18 7.2






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

2-

070219/712


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


329

Vulnerability


SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

Bypass 2019-01-18 2.1








MDM9206, MDM9607,


210/SD 212/SD 205, SD 425, SD

430, SD 450, SD 625, SD 650/52,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-3595

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

2-

070219/713

N/A 2019-01-18 4.6






MDM9206, MDM9607,


205, SD 410/12, SD 425, SD 427,

SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

2-

070219/714


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


330

Vulnerability


Sd 410 Firmware

DoS 2019-01-18 4.9






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 636, SD 820, SD 820A, SD 835,

SD 845 / SD 850, SDA660,


CVE ID : CVE-2018-11999

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/715

N/A 2019-01-18 7.2






MDM9206, MDM9607,

MSM8909W, SD 210/SD 212/SD

205, SD 410/12, SD 615/16/SD

415, SD 800, SD 810

CVE ID : CVE-2018-5869

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/716

Overflow 2019-01-18 7.2






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/717


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


331

Vulnerability


SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

N/A 2019-01-18 4.6






MDM9206, MDM9607,


205, SD 410/12, SD 425, SD 427,

SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/718

Sd 412 Firmware

DoS 2019-01-18 4.9






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 636, SD 820, SD 820A, SD 835,

SD 845 / SD 850, SDA660,


CVE ID : CVE-2018-11999

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/719


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


332

Vulnerability


N/A 2019-01-18 7.2






MDM9206, MDM9607,

MSM8909W, SD 210/SD 212/SD

205, SD 410/12, SD 615/16/SD

415, SD 800, SD 810

CVE ID : CVE-2018-5869

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/720

Overflow 2019-01-18 7.2






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/721

N/A 2019-01-18 4.6






MDM9206, MDM9607,


205, SD 410/12, SD 425, SD 427,

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/722


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


333

Vulnerability


SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

Sd 415 Firmware

N/A 2019-01-18 7.2






MDM9206, MDM9607,

MSM8909W, SD 210/SD 212/SD

205, SD 410/12, SD 615/16/SD

415, SD 800, SD 810

CVE ID : CVE-2018-5869

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/723

N/A 2019-01-18 4.6






MDM9206, MDM9607,


205, SD 410/12, SD 425, SD 427,

SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/724

Sd 425 Firmware


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


334

Vulnerability


N/A 2019-01-18 10






MDM9607, MDM9640,

MDM9650, MSM8909W,


205, SD 425, SD 430, SD 712 / SD

710 / SD 670, SD 820, SD 820A,

SD 835, SD 845 / SD 850,


CVE ID : CVE-2018-5915

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/725

Overflow 2019-01-18 8.3








210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5881

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/726

Overflow 2019-01-18 7.2







210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5880

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/727


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


335

Vulnerability


Overflow 2019-01-18 8.3







210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5879

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/728

Overflow 2019-01-18 7.2






SD 425, SD 430, SD 450, SD 625,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-5868

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/729

Overflow 2019-01-18 7.2






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/730


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


336

Vulnerability


SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

Bypass 2019-01-18 2.1








MDM9206, MDM9607,


210/SD 212/SD 205, SD 425, SD

430, SD 450, SD 625, SD 650/52,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-3595

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/731

N/A 2019-01-18 4.6






MDM9206, MDM9607,


205, SD 410/12, SD 425, SD 427,

SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/732


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


337

Vulnerability


Sd 427 Firmware

N/A 2019-01-18 7.9







SD 210/SD 212/SD 205, SD 427,

SD 435, SD 450, SD 625, SD 636,

SD 835, SDA660, SDM630,

SDM660,


CVE ID : CVE-2018-11998

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/733

Overflow 2019-01-18 8.3








210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5881

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/734

Overflow 2019-01-18 7.2







210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5880

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/735


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


338

Vulnerability


Overflow 2019-01-18 8.3







210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5879

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/736

Overflow 2019-01-18 7.2






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/737

N/A 2019-01-18 4.6






MDM9206, MDM9607,


https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/738


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


339

Vulnerability


205, SD 410/12, SD 425, SD 427,

SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

Sd 429 Firmware

Overflow 2019-01-18 7.2






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/739

N/A 2019-01-18 4.6






MDM9206, MDM9607,


205, SD 410/12, SD 425, SD 427,

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/740


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


340

Vulnerability


SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

Sd 430 Firmware

N/A 2019-01-18 10






MDM9607, MDM9640,

MDM9650, MSM8909W,


205, SD 425, SD 430, SD 712 / SD

710 / SD 670, SD 820, SD 820A,

SD 835, SD 845 / SD 850,


CVE ID : CVE-2018-5915

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/741

Overflow 2019-01-18 8.3








210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5881

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/742

Overflow 2019-01-18 7.2 Improper data length check while


https://w

ww.qualco

O-QUA-SD

4-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


341

Vulnerability






210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5880

mm.com/c

ompany/p

roduct-

security/b

ulletins

070219/743

Overflow 2019-01-18 8.3







210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5879

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/744

Overflow 2019-01-18 7.2






SD 425, SD 430, SD 450, SD 625,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-5868

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/745

Overflow 2019-01-18 7.2






MDM9206, MDM9607,

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

O-QUA-SD

4-

070219/746


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


342

Vulnerability


MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

ulletins

Bypass 2019-01-18 2.1








MDM9206, MDM9607,


210/SD 212/SD 205, SD 425, SD

430, SD 450, SD 625, SD 650/52,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-3595

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/747

N/A 2019-01-18 4.6






MDM9206, MDM9607,


205, SD 410/12, SD 425, SD 427,

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/748


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


343

Vulnerability


SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

Sd 435 Firmware

N/A 2019-01-18 7.9







SD 210/SD 212/SD 205, SD 427,

SD 435, SD 450, SD 625, SD 636,

SD 835, SDA660, SDM630,

SDM660,


CVE ID : CVE-2018-11998

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/749

Overflow 2019-01-18 8.3








210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5881

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/750




https://w

ww.qualco

mm.com/c

O-QUA-SD

4-

070219/751


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


344

Vulnerability





210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5880

ompany/p

roduct-

security/b

ulletins

Overflow 2019-01-18 8.3







210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5879

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/752

Overflow 2019-01-18 7.2






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/753


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


345

Vulnerability


CVE ID : CVE-2018-5867

N/A 2019-01-18 4.6






MDM9206, MDM9607,


205, SD 410/12, SD 425, SD 427,

SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/754

Sd 439 Firmware

Overflow 2019-01-18 7.2






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/755


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


346

Vulnerability


N/A 2019-01-18 4.6






MDM9206, MDM9607,


205, SD 410/12, SD 425, SD 427,

SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/756

Sd 450 Firmware

N/A 2019-01-18 7.9







SD 210/SD 212/SD 205, SD 427,

SD 435, SD 450, SD 625, SD 636,

SD 835, SDA660, SDM630,

SDM660,


CVE ID : CVE-2018-11998

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/757

Overflow 2019-01-18 8.3








210/SD 212/SD 205, SD 425, SD

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/758


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


347

Vulnerability


427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5881

Overflow 2019-01-18 7.2







210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5880

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/759

Overflow 2019-01-18 8.3







210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5879

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/760

Overflow 2019-01-18 7.2






SD 425, SD 430, SD 450, SD 625,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/761


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


348

Vulnerability


CVE ID : CVE-2018-5868

Overflow 2019-01-18 7.2






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/762

Bypass 2019-01-18 2.1








MDM9206, MDM9607,


210/SD 212/SD 205, SD 425, SD

430, SD 450, SD 625, SD 650/52,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-3595

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

4-

070219/763

N/A 2019-01-18 4.6 Improper authorization involving https://w O-QUA-SD


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


349

Vulnerability






MDM9206, MDM9607,


205, SD 410/12, SD 425, SD 427,

SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

4-

070219/764

Sd 615 Firmware

N/A 2019-01-18 7.2






MDM9206, MDM9607,

MSM8909W, SD 210/SD 212/SD

205, SD 410/12, SD 615/16/SD

415, SD 800, SD 810

CVE ID : CVE-2018-5869

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

6-

070219/765

N/A 2019-01-18 4.6






MDM9206, MDM9607,


205, SD 410/12, SD 425, SD 427,

SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

6-

070219/766


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


350

Vulnerability


SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

Sd 616 Firmware

N/A 2019-01-18 7.2






MDM9206, MDM9607,

MSM8909W, SD 210/SD 212/SD

205, SD 410/12, SD 615/16/SD

415, SD 800, SD 810

CVE ID : CVE-2018-5869

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

6-

070219/767

N/A 2019-01-18 4.6






MDM9206, MDM9607,


205, SD 410/12, SD 425, SD 427,

SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

6-

070219/768

Sd 625 Firmware

N/A 2019-01-18 7.9 While processing a packet decode



https://w

ww.qualco

mm.com/c

O-QUA-SD

6-

070219/769


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


351

Vulnerability





SD 210/SD 212/SD 205, SD 427,

SD 435, SD 450, SD 625, SD 636,

SD 835, SDA660, SDM630,

SDM660,


CVE ID : CVE-2018-11998

ompany/p

roduct-

security/b

ulletins

Overflow 2019-01-18 8.3








210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5881

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

6-

070219/770

Overflow 2019-01-18 7.2







210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5880

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

6-

070219/771

Overflow 2019-01-18 8.3






https://w

ww.qualco

mm.com/c

ompany/p

roduct-

O-QUA-SD

6-

070219/772


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


352

Vulnerability



210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5879

security/b

ulletins

Overflow 2019-01-18 7.2






SD 425, SD 430, SD 450, SD 625,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-5868

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

6-

070219/773

Overflow 2019-01-18 7.2






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

6-

070219/774


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


353

Vulnerability


Bypass 2019-01-18 2.1








MDM9206, MDM9607,


210/SD 212/SD 205, SD 425, SD

430, SD 450, SD 625, SD 650/52,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-3595

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

6-

070219/775

N/A 2019-01-18 4.6






MDM9206, MDM9607,


205, SD 410/12, SD 425, SD 427,

SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

6-

070219/776

Sd 632 Firmware

Overflow 2019-01-18 7.2





https://w

ww.qualco

mm.com/c

ompany/p

O-QUA-SD

6-

070219/777


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


354

Vulnerability



MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

roduct-

security/b

ulletins

N/A 2019-01-18 4.6






MDM9206, MDM9607,


205, SD 410/12, SD 425, SD 427,

SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

6-

070219/778

Sd 636 Firmware

DoS 2019-01-18 4.9






https://w

ww.qualco

mm.com/c

ompany/p

roduct-

O-QUA-SD

6-

070219/779


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


355

Vulnerability


MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 636, SD 820, SD 820A, SD 835,

SD 845 / SD 850, SDA660,


CVE ID : CVE-2018-11999

security/b

ulletins

N/A 2019-01-18 7.9







SD 210/SD 212/SD 205, SD 427,

SD 435, SD 450, SD 625, SD 636,

SD 835, SDA660, SDM630,

SDM660,


CVE ID : CVE-2018-11998

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

6-

070219/780

Overflow 2019-01-18 8.3








210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5881

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

6-

070219/781

Overflow 2019-01-18 7.2






https://w

ww.qualco

mm.com/c

ompany/p

roduct-

O-QUA-SD

6-

070219/782


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


356

Vulnerability



210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5880

security/b

ulletins

Overflow 2019-01-18 8.3







210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5879

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

6-

070219/783

Overflow 2019-01-18 7.2






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

6-

070219/784


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


357

Vulnerability


N/A 2019-01-18 4.6






MDM9206, MDM9607,


205, SD 410/12, SD 425, SD 427,

SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

6-

070219/785

Sd 650 Firmware

Overflow 2019-01-18 7.2






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

6-

070219/786

Bypass 2019-01-18 2.1 Anti-rollback can be bypassed in https://w O-QUA-SD


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


358

Vulnerability








MDM9206, MDM9607,


210/SD 212/SD 205, SD 425, SD

430, SD 450, SD 625, SD 650/52,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-3595

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

6-

070219/787

N/A 2019-01-18 4.6






MDM9206, MDM9607,


205, SD 410/12, SD 425, SD 427,

SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

6-

070219/788

Sd 652 Firmware

Overflow 2019-01-18 7.2






https://w

ww.qualco

mm.com/c

ompany/p

roduct-

O-QUA-SD

6-

070219/789


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


359

Vulnerability


MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

security/b

ulletins

Bypass 2019-01-18 2.1








MDM9206, MDM9607,


210/SD 212/SD 205, SD 425, SD

430, SD 450, SD 625, SD 650/52,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-3595

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

6-

070219/790

N/A 2019-01-18 4.6






MDM9206, MDM9607,


https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

6-

070219/791


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


360

Vulnerability


205, SD 410/12, SD 425, SD 427,

SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

Sd 670 Firmware

N/A 2019-01-18 10






MDM9607, MDM9640,

MDM9650, MSM8909W,


205, SD 425, SD 430, SD 712 / SD

710 / SD 670, SD 820, SD 820A,

SD 835, SD 845 / SD 850,


CVE ID : CVE-2018-5915

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

6-

070219/792

Overflow 2019-01-18 7.2






SD 425, SD 430, SD 450, SD 625,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-5868

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

6-

070219/793



https://w

ww.qualco

O-QUA-SD

6-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


361

Vulnerability





MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

mm.com/c

ompany/p

roduct-

security/b

ulletins

070219/794

Bypass 2019-01-18 2.1








MDM9206, MDM9607,


210/SD 212/SD 205, SD 425, SD

430, SD 450, SD 625, SD 650/52,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-3595

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

6-

070219/795

Sd 710 Firmware




https://w

ww.qualco

mm.com/c

O-QUA-SD

7-

070219/796


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


362

Vulnerability




MDM9607, MDM9640,

MDM9650, MSM8909W,


205, SD 425, SD 430, SD 712 / SD

710 / SD 670, SD 820, SD 820A,

SD 835, SD 845 / SD 850,


CVE ID : CVE-2018-5915

ompany/p

roduct-

security/b

ulletins

Overflow 2019-01-18 7.2






SD 425, SD 430, SD 450, SD 625,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-5868

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

7-

070219/797

Overflow 2019-01-18 7.2






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

7-

070219/798


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


363

Vulnerability



SXR1130

CVE ID : CVE-2018-5867

Bypass 2019-01-18 2.1








MDM9206, MDM9607,


210/SD 212/SD 205, SD 425, SD

430, SD 450, SD 625, SD 650/52,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-3595

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

7-

070219/799

Sd 712 Firmware

N/A 2019-01-18 10






MDM9607, MDM9640,

MDM9650, MSM8909W,


205, SD 425, SD 430, SD 712 / SD

710 / SD 670, SD 820, SD 820A,

SD 835, SD 845 / SD 850,


CVE ID : CVE-2018-5915

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

7-

070219/800




https://w

ww.qualco

mm.com/c

O-QUA-SD

7-

070219/801


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


364

Vulnerability




SD 425, SD 430, SD 450, SD 625,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-5868

ompany/p

roduct-

security/b

ulletins

Overflow 2019-01-18 7.2






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

7-

070219/802

Bypass 2019-01-18 2.1








MDM9206, MDM9607,


210/SD 212/SD 205, SD 425, SD

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

7-

070219/803


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


365

Vulnerability


430, SD 450, SD 625, SD 650/52,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-3595

Sd 800 Firmware

N/A 2019-01-18 7.2






MDM9206, MDM9607,

MSM8909W, SD 210/SD 212/SD

205, SD 410/12, SD 615/16/SD

415, SD 800, SD 810

CVE ID : CVE-2018-5869

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/804

Sd 810 Firmware

N/A 2019-01-18 7.2






MDM9206, MDM9607,

MSM8909W, SD 210/SD 212/SD

205, SD 410/12, SD 615/16/SD

415, SD 800, SD 810

CVE ID : CVE-2018-5869

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/805

N/A 2019-01-18 4.6






MDM9206, MDM9607,


205, SD 410/12, SD 425, SD 427,

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/806


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


366

Vulnerability


SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

Sd 820 Firmware

DoS 2019-01-18 4.9






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 636, SD 820, SD 820A, SD 835,

SD 845 / SD 850, SDA660,


CVE ID : CVE-2018-11999

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/807

N/A 2019-01-18 10






MDM9607, MDM9640,

MDM9650, MSM8909W,


205, SD 425, SD 430, SD 712 / SD

710 / SD 670, SD 820, SD 820A,

SD 835, SD 845 / SD 850,


CVE ID : CVE-2018-5915

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/808

Overflow 2019-01-18 7.2 Lack of checking input size can https://w O-QUA-SD


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


367

Vulnerability






SD 425, SD 430, SD 450, SD 625,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-5868

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

8-

070219/809

Overflow 2019-01-18 7.2






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/810

Bypass 2019-01-18 2.1








MDM9206, MDM9607,

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/811


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


368

Vulnerability



210/SD 212/SD 205, SD 425, SD

430, SD 450, SD 625, SD 650/52,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-3595

N/A 2019-01-18 4.6






MDM9206, MDM9607,


205, SD 410/12, SD 425, SD 427,

SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/812

Sd 820a Firmware

DoS 2019-01-18 4.9






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 636, SD 820, SD 820A, SD 835,

SD 845 / SD 850, SDA660,


https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/813


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


369

Vulnerability


CVE ID : CVE-2018-11999

N/A 2019-01-18 10






MDM9607, MDM9640,

MDM9650, MSM8909W,


205, SD 425, SD 430, SD 712 / SD

710 / SD 670, SD 820, SD 820A,

SD 835, SD 845 / SD 850,


CVE ID : CVE-2018-5915

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/814

Overflow 2019-01-18 7.2






SD 425, SD 430, SD 450, SD 625,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-5868

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/815

Overflow 2019-01-18 7.2






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/816


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


370

Vulnerability


712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

Bypass 2019-01-18 2.1








MDM9206, MDM9607,


210/SD 212/SD 205, SD 425, SD

430, SD 450, SD 625, SD 650/52,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-3595

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/817

N/A 2019-01-18 4.6






MDM9206, MDM9607,


205, SD 410/12, SD 425, SD 427,

SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/818


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


371

Vulnerability



CVE ID : CVE-2017-8276

Sd 835 Firmware

DoS 2019-01-18 4.9






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 636, SD 820, SD 820A, SD 835,

SD 845 / SD 850, SDA660,


CVE ID : CVE-2018-11999

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/819

N/A 2019-01-18 7.9







SD 210/SD 212/SD 205, SD 427,

SD 435, SD 450, SD 625, SD 636,

SD 835, SDA660, SDM630,

SDM660,


CVE ID : CVE-2018-11998

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/820

N/A 2019-01-18 10






MDM9607, MDM9640,

MDM9650, MSM8909W,


https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/821


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


372

Vulnerability


205, SD 425, SD 430, SD 712 / SD

710 / SD 670, SD 820, SD 820A,

SD 835, SD 845 / SD 850,


CVE ID : CVE-2018-5915

Overflow 2019-01-18 8.3








210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5881

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/822

Overflow 2019-01-18 7.2







210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5880

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/823

Overflow 2019-01-18 8.3







210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/824


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


373

Vulnerability


SDM630, SDM660

CVE ID : CVE-2018-5879

Overflow 2019-01-18 7.2






SD 425, SD 430, SD 450, SD 625,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-5868

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/825

Overflow 2019-01-18 7.2






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/826

Bypass 2019-01-18 2.1






https://w

ww.qualco

mm.com/c

ompany/p

roduct-

O-QUA-SD

8-

070219/827


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


374

Vulnerability




MDM9206, MDM9607,


210/SD 212/SD 205, SD 425, SD

430, SD 450, SD 625, SD 650/52,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-3595

security/b

ulletins

N/A 2019-01-18 4.6






MDM9206, MDM9607,


205, SD 410/12, SD 425, SD 427,

SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/828

Sd 845 Firmware

DoS 2019-01-18 4.9






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/829


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


375

Vulnerability


SD 636, SD 820, SD 820A, SD 835,

SD 845 / SD 850, SDA660,


CVE ID : CVE-2018-11999

N/A 2019-01-18 10






MDM9607, MDM9640,

MDM9650, MSM8909W,


205, SD 425, SD 430, SD 712 / SD

710 / SD 670, SD 820, SD 820A,

SD 835, SD 845 / SD 850,


CVE ID : CVE-2018-5915

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/830

Overflow 2019-01-18 7.2






SD 425, SD 430, SD 450, SD 625,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-5868

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/831

Overflow 2019-01-18 7.2






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/832


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


376

Vulnerability


SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

Bypass 2019-01-18 2.1








MDM9206, MDM9607,


210/SD 212/SD 205, SD 425, SD

430, SD 450, SD 625, SD 650/52,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-3595

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/833

Sd 850 Firmware

DoS 2019-01-18 4.9






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 636, SD 820, SD 820A, SD 835,

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/834


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


377

Vulnerability


SD 845 / SD 850, SDA660,


CVE ID : CVE-2018-11999

N/A 2019-01-18 10






MDM9607, MDM9640,

MDM9650, MSM8909W,


205, SD 425, SD 430, SD 712 / SD

710 / SD 670, SD 820, SD 820A,

SD 835, SD 845 / SD 850,


CVE ID : CVE-2018-5915

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/835

Overflow 2019-01-18 7.2






SD 425, SD 430, SD 450, SD 625,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-5868

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/836

Overflow 2019-01-18 7.2






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/837


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


378

Vulnerability


SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

Bypass 2019-01-18 2.1








MDM9206, MDM9607,


210/SD 212/SD 205, SD 425, SD

430, SD 450, SD 625, SD 650/52,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-3595

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-SD

8-

070219/838

Sda660 Firmware

DoS 2019-01-18 4.9






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 636, SD 820, SD 820A, SD 835,

SD 845 / SD 850, SDA660,

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

SDA6-

070219/839


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


379

Vulnerability



CVE ID : CVE-2018-11999

N/A 2019-01-18 7.9







SD 210/SD 212/SD 205, SD 427,

SD 435, SD 450, SD 625, SD 636,

SD 835, SDA660, SDM630,

SDM660,


CVE ID : CVE-2018-11998

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

SDA6-

070219/840

N/A 2019-01-18 10






MDM9607, MDM9640,

MDM9650, MSM8909W,


205, SD 425, SD 430, SD 712 / SD

710 / SD 670, SD 820, SD 820A,

SD 835, SD 845 / SD 850,


CVE ID : CVE-2018-5915

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

SDA6-

070219/841

Overflow 2019-01-18 8.3








210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

SDA6-

070219/842


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


380

Vulnerability


SDM630, SDM660

CVE ID : CVE-2018-5881

Overflow 2019-01-18 7.2







210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5880

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

SDA6-

070219/843

Overflow 2019-01-18 8.3







210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5879

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

SDA6-

070219/844

Overflow 2019-01-18 7.2






SD 425, SD 430, SD 450, SD 625,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-5868

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

SDA6-

070219/845

Overflow 2019-01-18 7.2 Lack of checking input size can https://w O-QUA-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


381

Vulnerability






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

SDA6-

070219/846

Bypass 2019-01-18 2.1








MDM9206, MDM9607,


210/SD 212/SD 205, SD 425, SD

430, SD 450, SD 625, SD 650/52,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-3595

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

SDA6-

070219/847

N/A 2019-01-18 4.6 Improper authorization involving



https://w

ww.qualco

mm.com/c

O-QUA-

SDA6-

070219/848


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


382

Vulnerability




MDM9206, MDM9607,


205, SD 410/12, SD 425, SD 427,

SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

ompany/p

roduct-

security/b

ulletins

Sdm439 Firmware

Overflow 2019-01-18 7.2






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

SDM4-

070219/849

N/A 2019-01-18 4.6





https://w

ww.qualco

mm.com/c

ompany/p

O-QUA-

SDM4-

070219/850


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


383

Vulnerability



MDM9206, MDM9607,


205, SD 410/12, SD 425, SD 427,

SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

roduct-

security/b

ulletins

Sdm630 Firmware

DoS 2019-01-18 4.9






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 636, SD 820, SD 820A, SD 835,

SD 845 / SD 850, SDA660,


CVE ID : CVE-2018-11999

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

SDM6-

070219/851

N/A 2019-01-18 7.9







SD 210/SD 212/SD 205, SD 427,

SD 435, SD 450, SD 625, SD 636,

SD 835, SDA660, SDM630,

SDM660,


https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

SDM6-

070219/852


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


384

Vulnerability


CVE ID : CVE-2018-11998

Overflow 2019-01-18 8.3








210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5881

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

SDM6-

070219/853

Overflow 2019-01-18 7.2







210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5880

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

SDM6-

070219/854

Overflow 2019-01-18 8.3







210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5879

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

SDM6-

070219/855



0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


385

Vulnerability






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

SDM6-

070219/856

N/A 2019-01-18 4.6






MDM9206, MDM9607,


205, SD 410/12, SD 425, SD 427,

SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

SDM6-

070219/857

Sdm660 Firmware

DoS 2019-01-18 4.9 Improper input validation in


https://w

ww.qualco

O-QUA-

SDM6-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


386

Vulnerability





MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 636, SD 820, SD 820A, SD 835,

SD 845 / SD 850, SDA660,


CVE ID : CVE-2018-11999

mm.com/c

ompany/p

roduct-

security/b

ulletins

070219/858

N/A 2019-01-18 7.9







SD 210/SD 212/SD 205, SD 427,

SD 435, SD 450, SD 625, SD 636,

SD 835, SDA660, SDM630,

SDM660,


CVE ID : CVE-2018-11998

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

SDM6-

070219/859

Overflow 2019-01-18 8.3








210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5881

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

SDM6-

070219/860



https://w

ww.qualco

O-QUA-

SDM6-


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


387

Vulnerability






210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5880

mm.com/c

ompany/p

roduct-

security/b

ulletins

070219/861

Overflow 2019-01-18 8.3







210/SD 212/SD 205, SD 425, SD

427, SD 430, SD 435, SD 450, SD

625, SD 636, SD 835, SDA660,

SDM630, SDM660

CVE ID : CVE-2018-5879

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

SDM6-

070219/862

Overflow 2019-01-18 7.2






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

SDM6-

070219/863


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


388

Vulnerability


SXR1130

CVE ID : CVE-2018-5867

N/A 2019-01-18 4.6






MDM9206, MDM9607,


205, SD 410/12, SD 425, SD 427,

SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

SDM6-

070219/864

Sdx20 Firmware

N/A 2019-01-18 10






MDM9607, MDM9640,

MDM9650, MSM8909W,


205, SD 425, SD 430, SD 712 / SD

710 / SD 670, SD 820, SD 820A,

SD 835, SD 845 / SD 850,


CVE ID : CVE-2018-5915

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

SDX2-

070219/865

Sdx24 Firmware

DoS 2019-01-18 4.9 Improper input validation in



https://w

ww.qualco

mm.com/c

O-QUA-

SDX2-

070219/866


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


389

Vulnerability




MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 636, SD 820, SD 820A, SD 835,

SD 845 / SD 850, SDA660,


CVE ID : CVE-2018-11999

ompany/p

roduct-

security/b

ulletins

Overflow 2019-01-18 7.2






SD 425, SD 430, SD 450, SD 625,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-5868

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

SDX2-

070219/867

Overflow 2019-01-18 7.2






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

SDX2-

070219/868


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


390

Vulnerability



SXR1130

CVE ID : CVE-2018-5867

Bypass 2019-01-18 2.1








MDM9206, MDM9607,


210/SD 212/SD 205, SD 425, SD

430, SD 450, SD 625, SD 650/52,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-3595

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

SDX2-

070219/869

N/A 2019-01-18 4.6






MDM9206, MDM9607,


205, SD 410/12, SD 425, SD 427,

SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

SDX2-

070219/870

Snapdragon High Med 2016 Firmware


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


391

Vulnerability


N/A 2019-01-18 7.9







SD 210/SD 212/SD 205, SD 427,

SD 435, SD 450, SD 625, SD 636,

SD 835, SDA660, SDM630,

SDM660,


CVE ID : CVE-2018-11998

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

SNAP-

070219/871

Overflow 2019-01-18 7.2






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

SNAP-

070219/872

N/A 2019-01-18 4.6






MDM9206, MDM9607,

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

O-QUA-

SNAP-

070219/873


0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


392

Vulnerability



205, SD 410/12, SD 425, SD 427,

SD 430, SD 435, SD 439 / SD 429,

SD 450, SD 615/16/SD 415, SD

625, SD 632, SD 636, SD 650/52,

SD 810, SD 820, SD 820A, SD 835,

SDA660, SDM439, SDM630,

SDM660, SDX24,


CVE ID : CVE-2017-8276

ulletins

Sxr1130 Firmware

N/A 2019-01-18 10






MDM9607, MDM9640,

MDM9650, MSM8909W,


205, SD 425, SD 430, SD 712 / SD

710 / SD 670, SD 820, SD 820A,

SD 835, SD 845 / SD 850,


CVE ID : CVE-2018-5915

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

SXR1-

070219/874

Overflow 2019-01-18 7.2






SD 425, SD 430, SD 450, SD 625,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-5868

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

SXR1-

070219/875



0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10


393

Vulnerability






MDM9206, MDM9607,

MDM9635M, MDM9650,


210/SD 212/SD 205, SD 410/12,

SD 425, SD 427, SD 430, SD 435,

SD 439 / SD 429, SD 450, SD 625,

SD 632, SD 636, SD 650/52, SD

712 / SD 710 / SD 670, SD 820,

SD 820A, SD 835, SD 845 / SD

850, SDA660, SDM439, SDM630,

SDM660, SDX24,


SXR1130

CVE ID : CVE-2018-5867

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

SXR1-

070219/876

Bypass 2019-01-18 2.1








MDM9206, MDM9607,


210/SD 212/SD 205, SD 425, SD

430, SD 450, SD 625, SD 650/52,

SD 712 / SD 710 / SD 670, SD

820, SD 820A, SD 835, SD 845 /

SD 850, SDA660, SDX24,

SXR1130

CVE ID : CVE-2018-3595

https://w

ww.qualco

mm.com/c

ompany/p

roduct-

security/b

ulletins

O-QUA-

SXR1-

070219/877

national critical information infrastructure protection centre … · 2019-04-29 · 16 jan - 31...

Documents