How severe is CVE-2019-14822?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.1 out of 10.

What type of vulnerability is CVE-2019-14822?

This is classified as CWE-862, which is a common weakness in software security.

CVE-2019-14822 - HIGH Severity | CVSS 7.1

Vulnerability Description

A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrokes of a victim user who is using the graphical interface, change the input method engine, or modify other input related configurations of the victim user.

Related Vulnerabilities

CVE-2018-14985

HIGH

CVSS:7.1(High)

The Leagoo Z5C Android device with a build fingerprint of sp7731c_1h10_32v4_bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed platform app with a package name of com.a...

CWE-8622018

CVE-2018-15005

HIGH

CVSS:7.1(High)

The ZTE ZMAX Champ Android device with a build fingerprint of ZTE/Z917VL/fortune:6.0.1/MMB29M/20170327.120922:user/release-keys contains a pre-installed platform app with a package name of com.zte.zdm...

CWE-8622018

CVE-2018-17490

HIGH

CVSS:7.1(High)

EasyLobby Solo is vulnerable to a denial of service. By visiting the kiosk and accessing the task manager, a local attacker could exploit this vulnerability to kill the process or launch new processes...

CWE-8622018

CVE-2020-13425

HIGH

CVSS:7.1(High)

TrackR devices through 2020-05-06 allow attackers to trigger the Beep (aka alarm) feature, which will eventually cause a denial of service when battery capacity is exhausted.

CWE-8622020

CVE-2020-36720

HIGH

CVSS:7.1(High)

The Kali Forms plugin for WordPress is vulnerable to Authenticated Options Change in versions up to, and including, 2.1.1. This is due to the update_option lacking proper authentication checks. This m...

CWE-8622020

CVE-2021-41803

HIGH

CVSS:7.1(High)

HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 do not properly validate the node or segment names prior to interpolation and usage in JWT claim assertions with the auto config RPC. Fixed in 1...

CWE-8622021