CVEs from 2019
Total
3,158
critical
critical 227
high
high 474
medium
medium 476
low
low 94
% Critical
7.2%
% with KEV
3.7%
% with exploit
8.0%
Top vendors
- intel 246
- schneider-electric 117
- netapp 61
- siemens 58
- oracle 36
- hp 23
- denx 20
- phoenixcontact 9
Top products
- u-boot 20
- crimson 8
- active_iq_unified_manager 7
- weblogic_server 5
- jdk 5
- oncommand_workflow_automation 5
- codeready_linux_builder_eus 4
- oncommand_insight 4
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-8341 | medium | — | 6.5 | — | An issue was discovered in Jinja2 2.10. The from_string function is prone to Server Side Template Injection (SSTI) where it takes the "source" parameter as a template object, renders it, and then ret… | |||
| CVE-2019-15794 | medium | — | 6.5 | 5y ago | Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the or… | |||
| CVE-2019-3842 | medium | — | 6.5 | 5y ago | RHSA-2021:1611: systemd security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-10092 | medium | — | 6.5 | 6y ago | In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instea… | |||
| CVE-2019-10098 | medium | — | 6.5 | 6y ago | In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL wi… | |||
| CVE-2019-6977 | medium | — | 6.5 | 6y ago | RHSA-2020:4659: gd security update (Moderate) | |||
| CVE-2019-8820 | medium | — | 6.5 | 6y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCl… | |||
| CVE-2019-9851 | medium | — | 6.5 | 6y ago | LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection … | |||
| CVE-2019-3844 | medium | — | 6.5 | 6y ago | RHSA-2020:1794: systemd security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-3843 | medium | — | 6.5 | 6y ago | RHSA-2020:1794: systemd security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-8765 | medium | — | 6.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution. | |||
| CVE-2019-8649 | medium | — | 6.5 | 7y ago | A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1… | |||
| CVE-2019-6706 | medium | — | 6.5 | 7y ago | RHSA-2019:3706: lua security and bug fix update (Moderate) | |||
| CVE-2019-6111 | medium | — | 6.5 | 7y ago | An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only perf… | |||
| CVE-2019-8506 | low | — | 5.0 | 4y ago | A type confusion issue affecting multiple Apple products allows processing of maliciously crafted web content, leading to arbitrary code execution. | |||
| CVE-2019-8558 | low | — | 3.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.1… | |||
| CVE-2019-8518 | low | — | 3.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.1… | |||
| CVE-2019-8611 | low | — | 3.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for … | |||
| CVE-2019-8622 | low | — | 3.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9… | |||
| CVE-2019-8623 | low | — | 3.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9… | |||
| CVE-2019-8671 | low | — | 3.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for … | |||
| CVE-2019-8672 | low | — | 3.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6… | |||
| CVE-2019-8689 | low | — | 3.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6… | |||
| CVE-2019-8690 | low | — | 3.5 | 7y ago | A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTun… | |||
| CVE-2019-11358 | low | — | 3.5 | 7y ago | RHSA-2021:4142: pcs security, bug fix, and enhancement update (Low) |