How severe is CVE-2019-13322?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2019-13322?

This is classified as CWE-356, which is a common weakness in software security.

CVE-2019-13322

HIGH Year: 2019

CVSS v3 Score

7.5

High

CVSS v2 Score

6.8

Medium

Weakness Type

CWE-356

View all →

Vulnerability Description

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Browser Prior to 10.4.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the miui.share application. The issue results from the lack of proper validation of user-supplied data, which can result in an arbitrary application download. An attacker can leverage this vulnerability to execute code in the context of the user. Was ZDI-CAN-7483.

CVE-2022-35873

HIGH

CVSS:7.8(High)

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114). User interaction is required to exploit this vulne...

CWE-3562022

CVE-2022-36970

HIGH

CVSS:7.8(High)

This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 20.0 Build: 4201.2111.1802.0000 Service Pack 2. User interaction is required to exploit thi...

CWE-3562022

CVE-2025-2450

HIGH

CVSS:7.8(High)

NI Vision Builder AI VBAI File Processing Missing Warning Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI Visi...

CWE-3562025

CVE-2025-31334

MEDIUM

CVSS:6.8(Medium)

Issue that bypasses the "Mark of the Web" security warning function for files when opening a symbolic link that points to an executable file exists in WinRAR versions prior to 7.11. If a symbolic link...

CWE-3562025

CVE-2024-3044

MEDIUM

CVSS:6.5(Medium)

Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker to create a document which without prompt will execute scripts built-into LibreOffice on clic...

CWE-3562024

CVE-2018-10595

MEDIUM

CVSS:6.3(Medium)

A vulnerability in ReadA version 1.1.0.2 and previous allows an authorized user with access to a privileged account on a BD Kiestra system (Kiestra TLA, Kiestra WCA, and InoqulA+ specimen processor) t...

CWE-3562018

CVE-2019-13322

Vulnerability Description

Related Vulnerabilities

CVE-2022-35873

CVE-2022-36970

CVE-2025-2450

CVE-2025-31334

CVE-2024-3044

CVE-2018-10595