Bugs

Google - Information Disclosure Information disclosure vulnerability in Google Ads application

Instagram - Remote DoS Remote application-level DoS vulnerability to crash instagram application of Android users

CVE-2019-16469 Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have an expression language injection vulnerability. Successful exploitation could lead to sensitive information disclosure.

CVE-2019-6588 In Liferay Portal before 7.1 CE GA4, an XSS vulnerability exists in the SimpleCaptcha API when custom code passes unsanitized input into the "url" parameter of a JSP taglib call. Liferay Portal out-of-the-box behavior with no customizations is not vulnerable.

SVE-2018-13300 A vulnerability allows attackers to change USB configuration without authentication.

CVE-2018-18467 An issue was discovered in Daniel Gultsch Conversations 2.3.4. It is possible to spoof a custom message to an existing opened conversation by sending an intent.

CVE-2018-13042 The 1Password application 6.8 for Android is affected by a Denial Of Service vulnerability. By starting the activity com.agilebits.onepassword.filling.openyolo.OpenYoloDeleteActivity or com.agilebits.onepassword.filling.openyolo.OpenYoloRetrieveActivity from an external application (since they are exported), it is possible to crash the 1Password instance.