large-logo-mcafee-dark

Threat Landscape Dashboard

Assessing today's threats and the relationships between them

Top 10 Vulnerabilities

Vulnerability Description
CVE-2019-13720 A use-after-free vulnerability has been discovered in Google Chrome. The flaw lies in the audio component. An active exploit has been discovered in the wild.
CVE-2019-1429 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1427, CVE-2019-1428.
CVE-2019-1322 An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1320, CVE-2019-1340.
CVE-2019-1405 An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly allows COM object creation, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'.
CVE-2019-8196 Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2019-8195 Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2019-13721 A user-after-free vulnerability has been discovered in Google Chrome. The defect lies in the PDFium component and affects versions prior to 78.0.3904.87 for Windows, Mac, and Linux.
CVE-2019-8822 A memory corruption vulnerability has been discovered in iOS, iPadOS, tvOS, and iTunes. The flaw lies in the WebKit component. Successful exploitation could result in the execution of arbitrary code.
CVE-2019-8765 A memory corruption vulnerability has been discovered in Apple Safari. The flaw lies in the WebKit component. Successful exploitation could result in the execution of arbitrary code.
CVE-2019-8820 A memory corruption vulnerability has been discovered in iOS, iPadOS, and tvOS. The flaw lies in the WebKit component. Successful exploitation could result in the execution of arbitrary code.