CVEs from 2019
Total
3,161
critical
critical 238
high
high 484
medium
medium 485
low
low 95
% Critical
7.5%
% with KEV
3.7%
% with exploit
8.0%
Top vendors
- intel 246
- schneider-electric 117
- netapp 61
- siemens 58
- oracle 36
- hp 23
- denx 20
- phoenixcontact 9
Top products
- u-boot 20
- crimson 8
- active_iq_unified_manager 7
- weblogic_server 5
- jdk 5
- oncommand_workflow_automation 5
- codeready_linux_builder_eus 4
- oncommand_insight 4
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-13075 | unknown | — | — | — | Tor Browser through 8.5.3 has an information exposure vulnerability. It allows remote attackers to detect the browser's language via vectors involving an IFRAME element, because text in that language… | |||
| CVE-2019-9453 | unknown | — | — | — | In the Android kernel in F2FS touch driver there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with system execution privileges ne… | |||
| CVE-2019-9456 | unknown | — | — | — | In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges need… | |||
| CVE-2019-11751 | unknown | — | — | — | Logging-related command line parameters are not properly sanitized when Firefox is launched by another program, such as when a user clicks on malicious links in a chat application. This can be used t… | |||
| CVE-2019-14284 | unknown | — | — | — | In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the d… | |||
| CVE-2019-14382 | unknown | — | — | — | DSM in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs. | |||
| CVE-2019-17019 | unknown | — | — | — | When Python was installed on Windows, a python file being served with the MIME type of text/plain could be executed by Python instead of being opened as a text file when the Open option was selected … | |||
| CVE-2019-17056 | unknown | — | — | — | llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka C… | |||
| CVE-2019-17069 | unknown | — | — | — | PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1_MSG_DISCONNECT message. | |||
| CVE-2019-17113 | unknown | — | — | — | In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_InstrumentName and ModPlug_SampleName in libopenmpt_modplug.c do not restrict the lengths of libmodplug output-buffer strings in the C API,… | |||
| CVE-2019-11736 | unknown | — | — | — | The Mozilla Maintenance Service does not guard against files being hardlinked to another file in the updates directory, allowing for the replacement of local files, including the Maintenance Service … | |||
| CVE-2019-12865 | unknown | — | — | — | In radare2 through 3.5.1, cmd_mount in libr/core/cmd_mount.c has a double free for the ms command. | |||
| CVE-2019-12790 | unknown | — | — | — | In radare2 through 3.5.1, there is a heap-based buffer over-read in the r_egg_lang_parsechar function of egg_lang.c. This allows remote attackers to cause a denial of service (application crash) or p… | |||
| CVE-2019-19590 | unknown | — | — | — | In radare2 through 4.0, there is an integer overflow for the variable new_token_size in the function r_asm_massemble at libr/asm/asm.c. This integer overflow will result in a Use-After-Free for the b… | |||
| CVE-2019-18680 | unknown | — | — | — | An issue was discovered in the Linux kernel 4.4.x before 4.4.195. There is a NULL pointer dereference in rds_tcp_kill_sock() in net/rds/tcp.c that will cause denial of service, aka CID-91573ae4aed0. | |||
| CVE-2019-18807 | unknown | — | — | — | Two memory leaks in the sja1105_static_config_upload() function in drivers/net/dsa/sja1105/sja1105_spi.c in the Linux kernel before 5.3.5 allow attackers to cause a denial of service (memory consumpt… | |||
| CVE-2019-11702 | unknown | — | — | — | A hyperlink using protocols associated with Internet Explorer, such as IE.HTTP:, can be used to open local files at a known location with Internet Explorer if a user approves execution when prompted.… | |||
| CVE-2019-0147 | unknown | — | — | — | Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local acces… | |||
| CVE-2019-18814 | unknown | — | — | — | An issue was discovered in the Linux kernel through 5.3.9. There is a use-after-free when aa_label_parse() fails in aa_audit_rule_init() in security/apparmor/audit.c. | |||
| CVE-2019-11700 | unknown | — | — | — | A hyperlink using the res: protocol can be used to open local files at a known location in Internet Explorer if a user approves execution when prompted. *Note: this issue only occurs on Windows. Othe… | |||
| CVE-2019-19647 | unknown | — | — | — | radare2 through 4.0.0 lacks validation of the content variable in the function r_asm_pseudo_incbin at libr/asm/asm.c, ultimately leading to an arbitrary write. This allows remote attackers to cause a… | |||
| CVE-2019-19037 | unknown | — | — | — | ext4_empty_dir in fs/ext4/namei.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because ext4_read_dirblock(inode,0,DIRENT_HTREE) can be zero. | |||
| CVE-2019-19043 | unknown | — | — | — | A memory leak in the i40e_setup_macvlans() function in drivers/net/ethernet/intel/i40e/i40e_main.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption… | |||
| CVE-2019-0146 | unknown | — | — | — | Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 2.8.43 may allow an authenticated user to potentially enable a denial of service via local access. | |||
| CVE-2019-19048 | unknown | — | — | — | A memory leak in the crypto_reportstat() function in drivers/virt/vboxguest/vboxguest_utils.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by tr… | |||
| CVE-2019-19053 | unknown | — | — | — | A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggeri… | |||
| CVE-2019-0145 | unknown | — | — | — | Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable an escalation of privilege via local access. | |||
| CVE-2019-13133 | unknown | — | — | — | ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c. | |||
| CVE-2019-19082 | unknown | — | — | — | Memory leaks in *create_resource_pool() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption). This affec… | |||
| CVE-2019-19252 | unknown | — | — | — | vcs_write in drivers/tty/vt/vc_screen.c in the Linux kernel through 5.3.13 does not prevent write access to vcsu devices, aka CID-0c9acb1af77a. | |||
| CVE-2019-19448 | unknown | — | — | — | In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space… | |||
| CVE-2019-19462 | unknown | — | — | — | relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result. | |||
| CVE-2019-19769 | unknown | — | — | — | In the Linux kernel 5.3.10, there is a use-after-free (read) in the perf_trace_lock_acquire function (related to include/trace/events/lock.h). | |||
| CVE-2019-19813 | unknown | — | — | — | In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/… | |||
| CVE-2019-10163 | unknown | — | — | — | A Vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.9, 4.0.8 allowing a remote, authorized master server to cause a high CPU load or even prevent any further updates t… | |||
| CVE-2019-19927 | unknown | — | — | — | In the Linux kernel 5.0.0-rc7 (as distributed in ubuntu/linux.git on kernel.ubuntu.com), mounting a crafted f2fs filesystem image and performing some operations can lead to slab-out-of-bounds read ac… | |||
| CVE-2019-19965 | unknown | — | — | — | In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race … | |||
| CVE-2019-10162 | unknown | — | — | — | A vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.10, 4.0.8 allowing an authorized user to cause the server to exit by inserting a crafted record in a MASTER type zo… | |||
| CVE-2019-10203 | unknown | — | — | — | PowerDNS Authoritative daemon , pdns versions 4.0.x before 4.0.9, 4.1.x before 4.1.11, exiting when encountering a serial between 2^31 and 2^32-1 while trying to notify a slave leads to DoS. | |||
| CVE-2019-3815 | unknown | — | — | — | A memory leak was discovered in the backport of fixes for CVE-2018-16864 in Red Hat Enterprise Linux. Function dispatch_message_real() in journald-server.c does not free the memory allocated by set_i… | |||
| CVE-2019-11694 | unknown | — | — | — | A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked to a renderer from a broker when making a call to access an otherwise unavailable file. This results… | |||
| CVE-2019-5068 | unknown | — | — | — | An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to… | |||
| CVE-2019-5876 | unknown | — | — | — | Use after free in media in Google Chrome on Android prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2019-15133 | unknown | — | — | — | In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c if the height field of the ImageSize data structure is equal to z… | |||
| CVE-2019-17547 | unknown | — | — | — | In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a use-after-free. | |||
| CVE-2019-13454 | unknown | — | — | — | ImageMagick 7.0.1-0 to 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c. | |||
| CVE-2019-13310 | unknown | — | — | — | ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c. | |||
| CVE-2019-13307 | unknown | — | — | — | ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows. | |||
| CVE-2019-13299 | unknown | — | — | — | ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/pixel-accessor.h in GetPixelChannel. | |||
| CVE-2019-9545 | unknown | — | — | — | An issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readTextRegion() located in JBIG2Stream.cc, can be triggered by sending a crafted pdf file to (for example) the p… | |||
| CVE-2019-13298 | unknown | — | — | — | ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/pixel-accessor.h in SetPixelViaPixelInfo because of a MagickCore/enhance.c error. | |||
| CVE-2019-9543 | unknown | — | — | — | An issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readGenericBitmap() located in JBIG2Stream.cc, can be triggered by sending a crafted pdf file to (for example) th… | |||
| CVE-2019-13295 | unknown | — | — | — | ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled. | |||
| CVE-2019-13137 | unknown | — | — | — | ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c. | |||
| CVE-2019-10873 | unknown | — | — | — | An issue was discovered in Poppler 0.74.0. There is a NULL pointer dereference in the function SplashClip::clipAALine at splash/SplashClip.cc. | |||
| CVE-2019-12360 | unknown | — | — | — | A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the … | |||
| CVE-2019-13135 | unknown | — | — | — | ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c. | |||
| CVE-2019-13134 | unknown | — | — | — | ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c. | |||
| CVE-2019-5877 | unknown | — | — | — | Out of bounds memory access in JavaScript in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2019-5892 | unknown | — | — | — | bgpd in FRRouting FRR (aka Free Range Routing) 2.x and 3.x before 3.0.4, 4.x before 4.0.1, 5.x before 5.0.2, and 6.x before 6.0.2 (not affecting Cumulus Linux or VyOS), when ENABLE_BGP_VNC is used fo… | |||
| CVE-2019-5871 | unknown | — | — | — | Heap buffer overflow in Skia in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2019-12979 | unknown | — | — | — | ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c. | |||
| CVE-2019-6201 | unknown | — | — | — | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing… | |||
| CVE-2019-12975 | unknown | — | — | — | ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c. | |||
| CVE-2019-19952 | unknown | — | — | — | In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to ReadOneMNGImage. | |||
| CVE-2019-13300 | unknown | — | — | — | ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns. | |||
| CVE-2019-6778 | unknown | — | — | — | In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow. | |||
| CVE-2019-5870 | unknown | — | — | — | Use after free in media in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | |||
| CVE-2019-7397 | unknown | — | — | — | In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c. | |||
| CVE-2019-7398 | unknown | — | — | — | In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c. | |||
| CVE-2019-25154 | unknown | — | — | — | Inappropriate implementation in iframe in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: M… | |||
| CVE-2019-9804 | unknown | — | — | — | In Firefox Developer Tools it is possible that pasting the result of the 'Copy as cURL' command into a command shell on macOS will cause the execution of unintended additional bash script commands if… | |||
| CVE-2019-13691 | unknown | — | — | — | Insufficient validation of untrusted input in navigation in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | |||
| CVE-2019-13679 | unknown | — | — | — | Insufficient policy enforcement in PDFium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to show print dialogs via a crafted PDF file. | |||
| CVE-2019-13678 | unknown | — | — | — | Incorrect data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. | |||
| CVE-2019-13677 | unknown | — | — | — | Insufficient policy enforcement in site isolation in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass site isolation via a crafted HTML page. | |||
| CVE-2019-13672 | unknown | — | — | — | Incorrect security UI in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page on iOS. | |||
| CVE-2019-16708 | unknown | — | — | — | ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage. | |||
| CVE-2019-6216 | unknown | — | — | — | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Win… | |||
| CVE-2019-12929 | unknown | — | — | — | The QMP guest_exec command in QEMU 4.0.0 and earlier is prone to OS command injection, which allows the attacker to achieve code execution, denial of service, or information disclosure by sending a c… | |||
| CVE-2019-13722 | unknown | — | — | — | Inappropriate implementation in WebRTC in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2019-14870 | unknown | — | — | — | All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U (MS-SFU) Kerberos delegation model includes a feature allowing for a subset of clie… | |||
| CVE-2019-9818 | unknown | — | — | — | A race condition is present in the crash generation server used to generate data for the crash reporter. This issue can lead to a use-after-free in the main process, resulting in a potentially exploi… | |||
| CVE-2019-19344 | unknown | — | — | — | There is a use-after-free issue in all samba 4.9.x versions before 4.9.18, all samba 4.10.x versions before 4.10.12 and all samba 4.11.x versions before 4.11.5, essentially due to a call to realloc()… | |||
| CVE-2019-25059 | unknown | — | — | — | Artifex Ghostscript through 9.26 mishandles .completefont. NOTE: this issue exists because of an incomplete fix for CVE-2019-3839. | |||
| CVE-2019-6212 | unknown | — | — | — | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Proc… | |||
| CVE-2019-6234 | unknown | — | — | — | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing ma… | |||
| CVE-2019-14861 | unknown | — | — | — | All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the (poorly named) dnsserver RPC pipe provides administrative facilities to modify DNS reco… | |||
| CVE-2019-7285 | unknown | — | — | — | A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing malicious… | |||
| CVE-2019-12412 | unknown | — | — | — | A flaw in the libapreq2 v2.07 to v2.13 multipart parser can deference a null pointer leading to a process crash. A remote attacker could send a request causing a process crash which could lead to a d… | |||
| CVE-2019-18837 | unknown | — | — | — | An issue was discovered in crun before 0.10.5. With a crafted image, it doesn't correctly check whether a target is a symlink, resulting in access to files outside of the container. This occurs in li… | |||
| CVE-2019-5874 | unknown | — | — | — | Insufficient filtering in URI schemes in Google Chrome on Windows prior to 77.0.3865.75 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | |||
| CVE-2019-16707 | unknown | — | — | — | Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx. | |||
| CVE-2019-3840 | unknown | — | — | — | A NULL pointer dereference flaw was discovered in libvirt before version 5.0.0 in the way it gets interface information through the QEMU agent. An attacker in a guest VM can use this flaw to crash li… | |||
| CVE-2019-3886 | unknown | — | — | — | An incorrect permissions check was discovered in libvirt 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on the guest agent, which could lead to potentially disclosing u… | |||
| CVE-2019-11071 | unknown | — | — | — | SPIP 3.1 before 3.1.10 and 3.2 before 3.2.4 allows authenticated visitors to execute arbitrary code on the host server because var_memotri is mishandled. | |||
| CVE-2019-16393 | unknown | — | — | — | SPIP before 3.1.11 and 3.2 before 3.2.5 mishandles redirect URLs in ecrire/inc/headers.php with a %0D, %0A, or %20 character. | |||
| CVE-2019-16394 | unknown | — | — | — | SPIP before 3.1.11 and 3.2 before 3.2.5 provides different error messages from the password-reminder page depending on whether an e-mail address exists, which might help attackers to enumerate subscr… | |||
| CVE-2019-16391 | unknown | — | — | — | SPIP before 3.1.11 and 3.2 before 3.2.5 allows authenticated visitors to modify any published content and execute other modifications in the database. This is related to ecrire/inc/meta.php and ecrir… | |||
| CVE-2019-16392 | unknown | — | — | — | SPIP before 3.1.11 and 3.2 before 3.2.5 allows prive/formulaires/login.php XSS via error messages. |