CVEs from 2019
Total
3,162
critical
critical 238
high
high 485
medium
medium 485
low
low 94
% Critical
7.5%
% with KEV
3.7%
% with exploit
8.0%
Top vendors
- intel 246
- schneider-electric 117
- netapp 61
- siemens 58
- oracle 36
- hp 23
- denx 20
- phoenixcontact 9
Top products
- u-boot 20
- crimson 8
- active_iq_unified_manager 7
- weblogic_server 5
- jdk 5
- oncommand_workflow_automation 5
- codeready_linux_builder_eus 4
- oncommand_insight 4
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-16910 | medium | 5.3 | 5.3 | 7y ago | Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might allow an attacker to recover a private… | |||
| CVE-2019-7317 | medium | 5.3 | 5.3 | 7y ago | png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. | |||
| CVE-2019-8506 | low | — | 5.0 | 4y ago | A type confusion issue affecting multiple Apple products allows processing of maliciously crafted web content, leading to arbitrary code execution. | |||
| CVE-2019-16230 | medium | 4.7 | 4.7 | 7y ago | drivers/gpu/drm/radeon/radeon_display.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. NOTE: A third-party software maintainer stat… | |||
| CVE-2019-14360 | medium | 4.6 | 4.6 | 7y ago | On Hyundai Pay Kasse HK-1000 devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allow… | |||
| CVE-2019-15213 | medium | 4.6 | 4.6 | 7y ago | An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver. | |||
| CVE-2019-25717 | medium | 4.3 | 4.3 | 4d ago | Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain an information disclosure vulnerability that allows unauthenticated network attackers to access log files over a network connection… | |||
| CVE-2019-25734 | medium | 4.0 | 4.0 | 2d ago | Contact Form by WD 1.13.1 contains a cross-site request forgery vulnerability combined with local file inclusion that allows unauthenticated attackers to include arbitrary files by exploiting unsanit… | |||
| CVE-2019-25723 | medium | 4.0 | 4.0 | 4d ago | Dräger Perseus A500 software versions 2.00 through 2.02 contains an improper input handling vulnerability that allows external attackers to cause a denial of service by sending specifically crafted n… | |||
| CVE-2019-8671 | low | — | 3.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for … | |||
| CVE-2019-8622 | low | — | 3.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9… | |||
| CVE-2019-8518 | low | — | 3.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.1… | |||
| CVE-2019-8672 | low | — | 3.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6… | |||
| CVE-2019-8611 | low | — | 3.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for … | |||
| CVE-2019-8623 | low | — | 3.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9… | |||
| CVE-2019-8690 | low | — | 3.5 | 7y ago | A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTun… | |||
| CVE-2019-8558 | low | — | 3.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.1… | |||
| CVE-2019-8689 | low | — | 3.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6… | |||
| CVE-2019-11358 | low | — | 3.5 | 7y ago | RHSA-2021:4142: pcs security, bug fix, and enhancement update (Low) | |||
| CVE-2019-5882 | low | — | 2.5 | — | Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer. | |||
| CVE-2019-7653 | low | — | 2.5 | — | The Debian python-rdflib-tools 4.2.2-1 package for RDFLib 4.2.2 has CLI tools that can load Python modules from the current working directory, allowing code injection, because "python -m" looks in th… | |||
| CVE-2019-20838 | low | — | 2.5 | 5y ago | RHSA-2021:4373: pcre security update (Low) | |||
| CVE-2019-17402 | low | — | 2.5 | 5y ago | RHSA-2021:1758: exiv2 security, bug fix, and enhancement update (Low) | |||
| CVE-2019-2708 | low | — | 2.5 | 5y ago | RHSA-2021:1675: libdb security update (Low) | |||
| CVE-2019-18276 | low | — | 2.5 | 5y ago | RHSA-2021:1679: bash security and bug fix update (Low) | |||
| CVE-2019-1551 | low | — | 2.5 | 6y ago | RHSA-2020:4514: openssl security, bug fix, and enhancement update (Low) | |||
| CVE-2019-17450 | low | — | 2.5 | 6y ago | RHSA-2020:4465: binutils security update (Low) | |||
| CVE-2019-20386 | low | — | 2.5 | 6y ago | An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur. | |||
| CVE-2019-16167 | low | — | 2.5 | 6y ago | RHSA-2020:4638: sysstat security update (Low) | |||
| CVE-2019-14494 | low | — | 2.5 | 6y ago | An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc. | |||
| CVE-2019-15165 | low | — | 2.5 | 6y ago | RHSA-2020:4547: libpcap security, bug fix, and enhancement update (Low) | |||
| CVE-2019-1010305 | low | — | 2.5 | 6y ago | RHSA-2020:1686: libmspack security and bug fix update (Low) | |||
| CVE-2019-13045 | low | — | 2.5 | 6y ago | RHSA-2020:1616: irssi security update (Low) | |||
| CVE-2019-1010319 | low | — | 2.5 | 6y ago | RHSA-2020:1581: wavpack security update (Low) | |||
| CVE-2019-1010315 | low | — | 2.5 | 6y ago | RHSA-2020:1581: wavpack security update (Low) | |||
| CVE-2019-1010317 | low | — | 2.5 | 6y ago | RHSA-2020:1581: wavpack security update (Low) | |||
| CVE-2019-11498 | low | — | 2.5 | 6y ago | RHSA-2020:1581: wavpack security update (Low) | |||
| CVE-2019-13232 | low | — | 2.5 | 6y ago | RHSA-2020:1787: unzip security update (Low) | |||
| CVE-2019-8675 | low | — | 2.5 | 6y ago | RHSA-2020:1765: cups security and bug fix update (Low) | |||
| CVE-2019-8696 | low | — | 2.5 | 6y ago | RHSA-2020:1765: cups security and bug fix update (Low) | |||
| CVE-2019-17451 | low | — | 2.5 | 6y ago | RHSA-2020:1797: binutils security and bug fix update (Low) | |||
| CVE-2019-14834 | low | — | 2.5 | 6y ago | RHSA-2020:1715: dnsmasq security, bug fix, and enhancement update (Low) | |||
| CVE-2019-19126 | low | — | 2.5 | 6y ago | RHSA-2020:1828: glibc security, bug fix, and enhancement update (Low) | |||
| CVE-2019-1010204 | low | — | 2.5 | 6y ago | RHSA-2020:1797: binutils security and bug fix update (Low) | |||
| CVE-2019-3695 | low | — | 2.5 | 6y ago | RHBA-2020:1628: pcp bug fix and enhancement update (Low) | |||
| CVE-2019-3696 | low | — | 2.5 | 6y ago | RHBA-2020:1628: pcp bug fix and enhancement update (Low) | |||
| CVE-2019-19118 | low | — | 2.5 | 7y ago | Django 2.1 before 2.1.15 and 2.2 before 2.2.8 allows unintended model editing. A Django model admin displaying inline related models, where the user has view-only permissions to a parent model but ed… | |||
| CVE-2019-8536 | low | — | 2.5 | 7y ago | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Proces… | |||
| CVE-2019-8584 | low | — | 2.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for … | |||
| CVE-2019-8583 | low | — | 2.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9… | |||
| CVE-2019-8586 | low | — | 2.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for … | |||
| CVE-2019-8571 | low | — | 2.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for … | |||
| CVE-2019-8563 | low | — | 2.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.1… | |||
| CVE-2019-8559 | low | — | 2.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.1… | |||
| CVE-2019-8587 | low | — | 2.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for … | |||
| CVE-2019-3820 | low | — | 2.5 | 7y ago | It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certai… | |||
| CVE-2019-8594 | low | — | 2.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for … | |||
| CVE-2019-8544 | low | — | 2.5 | 7y ago | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Proces… | |||
| CVE-2019-8535 | low | — | 2.5 | 7y ago | A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing malicio… | |||
| CVE-2019-8595 | low | — | 2.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for … | |||
| CVE-2019-8524 | low | — | 2.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing… | |||
| CVE-2019-8523 | low | — | 2.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing… | |||
| CVE-2019-8597 | low | — | 2.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for … | |||
| CVE-2019-8596 | low | — | 2.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for … | |||
| CVE-2019-8666 | low | — | 2.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for … | |||
| CVE-2019-8673 | low | — | 2.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for … | |||
| CVE-2019-8676 | low | — | 2.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6… | |||
| CVE-2019-12795 | low | — | 2.5 | 7y ago | daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. A local atta… | |||
| CVE-2019-8679 | low | — | 2.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for … | |||
| CVE-2019-8681 | low | — | 2.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for … | |||
| CVE-2019-8687 | low | — | 2.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for … | |||
| CVE-2019-8609 | low | — | 2.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for … | |||
| CVE-2019-8608 | low | — | 2.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for … | |||
| CVE-2019-8726 | low | — | 2.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processin… | |||
| CVE-2019-8677 | low | — | 2.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for … | |||
| CVE-2019-8601 | low | — | 2.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9… | |||
| CVE-2019-8735 | low | — | 2.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processin… | |||
| CVE-2019-6251 | low | — | 2.5 | 7y ago | WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a… | |||
| CVE-2019-8768 | low | — | 2.5 | 7y ago | "Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing h… | |||
| CVE-2019-6237 | low | — | 2.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for … | |||
| CVE-2019-8551 | low | — | 2.5 | 7y ago | A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web c… | |||
| CVE-2019-11070 | low | — | 2.5 | 7y ago | WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in dean… | |||
| CVE-2019-8607 | low | — | 2.5 | 7y ago | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud f… | |||
| CVE-2019-8619 | low | — | 2.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for … | |||
| CVE-2019-8615 | low | — | 2.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for … | |||
| CVE-2019-8686 | low | — | 2.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for … | |||
| CVE-2019-11459 | low | — | 2.5 | 7y ago | RHSA-2019:3553: GNOME security, bug fix, and enhancement update (Low) | |||
| CVE-2019-8610 | low | — | 2.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for … | |||
| CVE-2019-9755 | low | — | 2.5 | 7y ago | RHSA-2019:3345: virt:rhel security, bug fix, and enhancement update (Low) | |||
| CVE-2019-9824 | low | — | 2.5 | 7y ago | tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c) in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure. | |||
| CVE-2019-12155 | low | — | 2.5 | 7y ago | interface_release_resource in hw/display/qxl.c in QEMU 3.1.x through 4.0.0 has a NULL pointer dereference. | |||
| CVE-2019-7146 | low | — | 2.5 | 7y ago | RHSA-2019:3575: elfutils security, bug fix, and enhancement update (Low) | |||
| CVE-2019-7665 | low | — | 2.5 | 7y ago | RHSA-2019:3575: elfutils security, bug fix, and enhancement update (Low) | |||
| CVE-2019-12312 | low | — | 2.5 | 7y ago | RHSA-2019:3391: libreswan security and bug fix update (Low) | |||
| CVE-2019-7664 | low | — | 2.5 | 7y ago | RHSA-2019:3575: elfutils security, bug fix, and enhancement update (Low) | |||
| CVE-2019-7150 | low | — | 2.5 | 7y ago | RHSA-2019:3575: elfutils security, bug fix, and enhancement update (Low) | |||
| CVE-2019-1543 | low | — | 2.5 | 7y ago | RHSA-2019:3700: openssl security, bug fix, and enhancement update (Low) | |||
| CVE-2019-7149 | low | — | 2.5 | 7y ago | RHSA-2019:3575: elfutils security, bug fix, and enhancement update (Low) | |||
| CVE-2019-10155 | low | — | 2.5 | 7y ago | RHSA-2019:3391: libreswan security and bug fix update (Low) | |||
| CVE-2019-6465 | low | — | 2.5 | 7y ago | RHSA-2019:3552: bind security and bug fix update (Low) |