CVEs from 2019
Total
3,165
critical
critical 231
high
high 484
medium
medium 483
low
low 94
% Critical
7.3%
% with KEV
3.7%
% with exploit
8.0%
Top vendors
- intel 246
- schneider-electric 117
- netapp 61
- siemens 58
- oracle 36
- hp 23
- denx 20
- phoenixcontact 9
Top products
- u-boot 20
- crimson 8
- active_iq_unified_manager 7
- weblogic_server 5
- jdk 5
- oncommand_workflow_automation 5
- codeready_linux_builder_eus 4
- oncommand_insight 4
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-15903 | critical | — | 9.5 | 7y ago | In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumn… | |||
| CVE-2019-11727 | critical | — | 9.5 | 7y ago | A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in Certificat… | |||
| CVE-2019-11729 | critical | — | 9.5 | 7y ago | Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into memory and used. This vulnerability affects Firefox ESR < 60.8… | |||
| CVE-2019-11719 | critical | — | 9.5 | 7y ago | When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services (NSS) library. This could lead to inf… | |||
| CVE-2019-11715 | critical | — | 9.5 | 7y ago | Due to an error while parsing page content, it is possible for properly sanitized user input to be misinterpreted and lead to XSS hazards on web sites in certain circumstances. This vulnerability aff… | |||
| CVE-2019-11717 | critical | — | 9.5 | 7y ago | A vulnerability exists where the caret ("^") character is improperly escaped constructing some URIs due to it being used as a separator, allowing for possible spoofing of origin attributes. This vuln… | |||
| CVE-2019-11711 | critical | — | 9.5 | 7y ago | When an inner window is reused, it does not consider the use of document.domain for cross-origin protections. If pages on different subdomains ever cooperatively use document.domain, then either page… | |||
| CVE-2019-11712 | critical | — | 9.5 | 7y ago | POST requests made by NPAPI plugins, such as Flash, that receive a status 308 redirect response can bypass CORS requirements. This can allow an attacker to perform Cross-Site Request Forgery (CSRF) a… | |||
| CVE-2019-11713 | critical | — | 9.5 | 7y ago | A use-after-free vulnerability can occur in HTTP/2 when a cached HTTP/2 stream is closed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 60.… | |||
| CVE-2019-11730 | critical | — | 9.5 | 7y ago | A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. … | |||
| CVE-2019-9811 | critical | — | 9.5 | 7y ago | As part of a winning Pwn2Own entry, a researcher demonstrated a sandbox escape by installing a malicious language pack and then opening a browser feature that used the compromised translation. This v… | |||
| CVE-2019-11709 | critical | — | 9.5 | 7y ago | Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7. Some of these bugs showed evidence of memory corruption and we presume that with enoug… | |||
| CVE-2019-11698 | critical | — | 9.5 | 7y ago | If a crafted hyperlink is dragged and dropped to the bookmark bar or sidebar and the resulting bookmark is subsequently dragged and dropped into the web content area, an arbitrary query of a user's b… | |||
| CVE-2019-9817 | critical | — | 9.5 | 7y ago | Images from a different domain can be read using a canvas object in some circumstances. This could be used to steal image data from a different site in violation of same-origin policy. This vulnerabi… | |||
| CVE-2019-11692 | critical | — | 9.5 | 7y ago | A use-after-free vulnerability can occur when listeners are removed from the event listener manager while still in use, resulting in a potentially exploitable crash. This vulnerability affects Thunde… | |||
| CVE-2019-9819 | critical | — | 9.5 | 7y ago | A vulnerability where a JavaScript compartment mismatch can occur while working with the fetch API, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7, Firefo… | |||
| CVE-2019-11693 | critical | — | 9.5 | 7y ago | The bufferdata function in WebGL is vulnerable to a buffer overflow with specific graphics drivers on Linux. This could result in malicious content freezing a tab or triggering a potentially exploita… | |||
| CVE-2019-11691 | critical | — | 9.5 | 7y ago | A use-after-free vulnerability can occur when working with XMLHttpRequest (XHR) in an event loop, causing the XHR main thread to be called after it has been freed. This results in a potentially explo… | |||
| CVE-2019-9797 | critical | — | 9.5 | 7y ago | Cross-origin images can be read in violation of the same-origin policy by exporting an image after using createImageBitmap to read the image and then rendering the resulting bitmap image within a can… | |||
| CVE-2019-9800 | critical | — | 9.5 | 7y ago | Mozilla developers and community members reported memory safety bugs present in Firefox 66, Firefox ESR 60.6, and Thunderbird 60.6. Some of these bugs showed evidence of memory corruption and we pres… | |||
| CVE-2019-9820 | critical | — | 9.5 | 7y ago | A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.… | |||
| CVE-2019-5798 | critical | — | 9.5 | 7y ago | Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | |||
| CVE-2019-2422 | critical | — | 9.5 | 7y ago | RHSA-2019:1238: java-1.8.0-ibm security update (Critical) | |||
| CVE-2019-10245 | critical | — | 9.5 | 7y ago | RHSA-2019:1238: java-1.8.0-ibm security update (Critical) | |||
| CVE-2019-2449 | critical | — | 9.5 | 7y ago | RHSA-2019:1238: java-1.8.0-ibm security update (Critical) | |||
| CVE-2019-9788 | critical | — | 9.5 | 7y ago | Mozilla developers and community members reported memory safety bugs present in Firefox 65, Firefox ESR 60.5, and Thunderbird 60.5. Some of these bugs showed evidence of memory corruption and we pres… | |||
| CVE-2019-9793 | critical | — | 9.5 | 7y ago | A mechanism was discovered that removes some bounds checking for string, array, or typed array accesses if Spectre mitigations have been disabled. This vulnerability could allow an attacker to create… | |||
| CVE-2019-9796 | critical | — | 9.5 | 7y ago | A use-after-free vulnerability can occur when the SMIL animation controller incorrectly registers with the refresh driver twice when only a single registration is expected. When a registration is lat… | |||
| CVE-2019-9795 | critical | — | 9.5 | 7y ago | A vulnerability where type-confusion in the IonMonkey just-in-time (JIT) compiler could potentially be used by malicious JavaScript to trigger a potentially exploitable crash. This vulnerability affe… | |||
| CVE-2019-9790 | critical | — | 9.5 | 7y ago | A use-after-free vulnerability can occur when a raw pointer to a DOM element on a page is obtained using JavaScript and the element is then removed while still in use. This results in a potentially e… | |||
| CVE-2019-14197 | critical | 9.1 | 9.1 | 7y ago | An issue was discovered in Das U-Boot through 2019.07. There is a read of out-of-bounds data at nfs_read_reply. | |||
| CVE-2019-8720 | medium | — | 7.0 | 4y ago | WebKitGTK contains a memory corruption vulnerability which can allow an attacker to perform remote code execution. | |||
| CVE-2019-6109 | medium | 6.8 | 6.8 | 7y ago | An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the… | |||
| CVE-2019-8341 | medium | — | 6.5 | — | An issue was discovered in Jinja2 2.10. The from_string function is prone to Server Side Template Injection (SSTI) where it takes the "source" parameter as a template object, renders it, and then ret… | |||
| CVE-2019-25740 | medium | 6.5 | 6.5 | 20h ago | Joomla com_jsjobs 1.2.6 contains an arbitrary file deletion vulnerability that allows authenticated attackers to delete files by manipulating custom userfield parameters. Attackers can send POST requ… | |||
| CVE-2019-25720 | medium | 6.5 | 6.5 | 2d ago | Dräger SC Monitoring devices (SC 6002XL, SC 6802XL, SC 7000, SC 8000, SC 9000 XL) contain a denial-of-service vulnerability in all software versions that allows unauthenticated attackers to reboot th… | |||
| CVE-2019-25724 | medium | 6.5 | 6.5 | 3d ago | Dräger Infinity M300 patient worn monitors with software version VG2.x and earlier contain a network-based denial of service vulnerability that allows attackers with access to the hospital or Infinit… | |||
| CVE-2019-25721 | medium | 6.5 | 6.5 | 3d ago | Dräger Infinity M300 patient worn monitors with software version VG2.3.1 and earlier contain a network-based denial of service vulnerability that allows network-adjacent attackers to repeatedly trigg… | |||
| CVE-2019-25716 | medium | 6.5 | 6.5 | 4d ago | Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain a denial-of-service vulnerability that allows remote attackers to cause the monitor to reboot by sending a malformed network packet… | |||
| CVE-2019-15794 | medium | — | 6.5 | 5y ago | Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the or… | |||
| CVE-2019-16168 | medium | 6.5 | 6.5 | 5y ago | RHSA-2021:1968: mingw packages security and bug fix update (Moderate) | |||
| CVE-2019-3842 | medium | — | 6.5 | 5y ago | In systemd before v242-rc4, it was discovered that pam_systemd does not properly sanitize the environment before using the XDG_SEAT variable. It is possible for an attacker, in some particular config… | |||
| CVE-2019-10098 | medium | — | 6.5 | 6y ago | In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL wi… | |||
| CVE-2019-10092 | medium | — | 6.5 | 6y ago | In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instea… | |||
| CVE-2019-6977 | medium | — | 6.5 | 6y ago | RHSA-2020:4659: gd security update (Moderate) | |||
| CVE-2019-8820 | medium | — | 6.5 | 6y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCl… | |||
| CVE-2019-9851 | medium | — | 6.5 | 6y ago | LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection … | |||
| CVE-2019-3844 | medium | — | 6.5 | 6y ago | It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transi… | |||
| CVE-2019-3843 | medium | — | 6.5 | 6y ago | It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminate… | |||
| CVE-2019-11135 | medium | 6.5 | 6.5 | 6y ago | TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. | |||
| CVE-2019-8765 | medium | — | 6.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution. | |||
| CVE-2019-8649 | medium | — | 6.5 | 7y ago | A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1… | |||
| CVE-2019-6706 | medium | — | 6.5 | 7y ago | RHSA-2019:3706: lua security and bug fix update (Moderate) | |||
| CVE-2019-6111 | medium | — | 6.5 | 7y ago | An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only perf… | |||
| CVE-2019-10990 | medium | 6.5 | 6.5 | 7y ago | Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, uses a hard-coded password to encrypt protected files in transit and at rest, which may allow an attacker to… | |||
| CVE-2019-6576 | medium | 6.5 | 6.5 | 7y ago | A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KT… | |||
| CVE-2019-6129 | medium | 6.5 | 6.5 | 8y ago | png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as demonstrated by pngcp. NOTE: a third party has stated "I don't think it is libpng's job to free this buffer. | |||
| CVE-2019-25744 | medium | 6.4 | 6.4 | 20h ago | WordPress Popup Builder 3.49 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by breaking out of option tags in the post_title … | |||
| CVE-2019-25743 | medium | 6.4 | 6.4 | 20h ago | WordPress Soliloquy Lite 2.5.6 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by inserting script tags in the post title fiel… | |||
| CVE-2019-25742 | medium | 6.4 | 6.4 | 20h ago | WordPress Theme Zoner Real Estate 4.1.1 contains a persistent cross-site scripting vulnerability that allows authenticated agents to inject malicious scripts through the Address input field when crea… | |||
| CVE-2019-25739 | medium | 6.4 | 6.4 | 20h ago | GigToDo 1.3 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious JavaScript and HTML code through the proposal description field. Attackers… | |||
| CVE-2019-25648 | medium | 6.2 | 6.2 | 2mo ago | MyVideoConverter Pro 3.14 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying an excessively long string to the registration code input field. A… | |||
| CVE-2019-10955 | medium | 6.1 | 6.1 | 7y ago | In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versions Series B, v15.002 and earlier, MicroLogix 1100 Controllers v14.00 and earlier, CompactLogix 5370 L1 controllers v30.014 and e… | |||
| CVE-2019-11840 | medium | 5.9 | 5.9 | 7y ago | An issue was discovered in the supplementary Go cryptography library, golang.org/x/crypto, before v0.0.0-20190320223903-b7391e95e576. A flaw was found in the amd64 implementation of the golang.org/x/… | |||
| CVE-2019-11091 | medium | 5.6 | 5.6 | 7y ago | Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable informati… | |||
| CVE-2019-11494 | medium | — | 5.5 | — | In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-login service crashes when the client disconnects prematurely during the AUTH command. | |||
| CVE-2019-6476 | medium | — | 5.5 | — | A defect in code added to support QNAME minimization can cause named to exit with an assertion failure if a forwarder returns a referral rather than resolving the query. This affects BIND versions 9.… | |||
| CVE-2019-5719 | medium | — | 5.5 | — | In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. This was addressed in epan/dissectors/packet-isakmp.c by properly handling the case of a missing decryption data blo… | |||
| CVE-2019-5717 | medium | — | 5.5 | — | In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL dissector could crash. This was addressed in epan/dissectors/packet-p_mul.c by rejecting the invalid sequence number of zero. | |||
| CVE-2019-14847 | medium | — | 5.5 | — | A flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x before 4.10.10. An attacker can crash AD DC LDAP server via dirsync resulting in denial of service. Privilege escalation is not po… | |||
| CVE-2019-14833 | medium | — | 5.5 | — | A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Sam… | |||
| CVE-2019-19480 | medium | — | 5.5 | — | An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/pkcs15-prkey.c has an incorrect free operation in sc_pkcs15_decode_prkdf_entry. | |||
| CVE-2019-9687 | medium | — | 5.5 | — | PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF16toUTF8 in base/PdfString.cpp. | |||
| CVE-2019-8398 | medium | — | 5.5 | — | An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5T_get_size in H5T.c. | |||
| CVE-2019-8397 | medium | — | 5.5 | — | An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5T_close_real in H5T.c. | |||
| CVE-2019-6502 | medium | — | 5.5 | — | sc_context_create in ctx.c in libopensc in OpenSC 0.19.0 has a memory leak, as demonstrated by a call from eidenv. | |||
| CVE-2019-16378 | medium | — | 5.5 | — | OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 is prone to a signature-bypass vulnerability with multiple From: addresses, which might affect applications that consider a domain name to be rel… | |||
| CVE-2019-10691 | medium | — | 5.5 | — | The JSON encoder in Dovecot before 2.3.5.2 allows attackers to repeatedly crash the authentication service by attempting to authenticate with an invalid UTF-8 sequence as the username. | |||
| CVE-2019-6988 | medium | — | 5.5 | — | An issue was discovered in OpenJPEG 2.3.0. It allows remote attackers to cause a denial of service (attempted excessive memory allocation) in opj_calloc in openjp2/opj_malloc.c, when called from opj_… | |||
| CVE-2019-7148 | medium | — | 5.5 | — | An attempted excessive memory allocation was discovered in the function read_long_names in elf_begin.c in libelf in elfutils 0.174. Remote attackers could leverage this vulnerability to cause a denia… | |||
| CVE-2019-6291 | medium | — | 5.5 | — | An issue was discovered in the function expr6 in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem caused by the expr6 function making recursive calls to itself … | |||
| CVE-2019-10723 | medium | — | 5.5 | — | An issue was discovered in PoDoFo 0.9.6. The PdfPagesTreeCache class in doc/PdfPagesTreeCache.cpp has an attempted excessive memory allocation because nInitialSize is not validated. | |||
| CVE-2019-6128 | medium | — | 5.5 | — | The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb. | |||
| CVE-2019-3806 | medium | — | 5.5 | — | An issue has been found in PowerDNS Recursor versions after 4.1.3 before 4.1.9 where Lua hooks are not properly applied to queries received over TCP in some specific combination of settings, possibly… | |||
| CVE-2019-12210 | medium | — | 5.5 | — | In Yubico pam-u2f 1.0.7, when configured with debug and a custom debug log file is set using debug_file, that file descriptor is not closed when a new process is spawned. This leads to the file descr… | |||
| CVE-2019-11499 | medium | — | 5.5 | — | In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-login component crashes if AUTH PLAIN is attempted over a TLS secured channel with an unacceptable authentication message. | |||
| CVE-2019-19721 | medium | — | 5.5 | — | An off-by-one error in the DecodeBlock function in codec/sdl_image.c in VideoLAN VLC media player before 3.0.9 allows remote attackers to cause a denial of service (memory corruption) via a crafted i… | |||
| CVE-2019-8396 | medium | — | 5.5 | — | A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 through 1.10.4 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while rep… | |||
| CVE-2019-6475 | medium | — | 5.5 | — | Mirror zones are a BIND feature allowing recursive servers to pre-cache zone data provided by other servers. A mirror zone is similar to a zone of type secondary, except that its data is subject to D… | |||
| CVE-2019-19918 | medium | — | 5.5 | — | arbitrary code execution in lout | |||
| CVE-2019-6290 | medium | — | 5.5 | — | An infinite recursion issue was discovered in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem resulting from infinite recursion in the functions expr, rexp, be… | |||
| CVE-2019-9199 | medium | — | 5.5 | — | PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can (for example) be triggered by sending a crafted PDF file to the podofoimpose bi… | |||
| CVE-2019-13615 | medium | — | 5.5 | — | libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries before 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement. | |||
| CVE-2019-3832 | medium | — | 5.5 | — | It was discovered the fix for CVE-2018-19758 (libsndfile) was not complete and still allows a read beyond the limits of a buffer in wav_write_header() function in wav.c. A local attacker may use this… | |||
| CVE-2019-10209 | medium | — | 5.5 | — | multiple issues in postgresql-libs, postgresql | |||
| CVE-2019-7663 | medium | — | 5.5 | — | An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. Remote… | |||
| CVE-2019-19917 | medium | — | 5.5 | — | arbitrary code execution in lout | |||
| CVE-2019-12209 | medium | — | 5.5 | — | Yubico pam-u2f 1.0.7 attempts parsing of the configured authfile (default $HOME/.config/Yubico/u2f_keys) as root (unless openasuser was enabled), and does not properly verify that the path lacks syml… | |||
| CVE-2019-16927 | medium | — | 5.5 | — | Xpdf 4.01.01 has an out-of-bounds write in the vertProfile part of the TextPage::findGaps function in TextOutputDev.cc, a different vulnerability than CVE-2019-9877. | |||
| CVE-2019-5718 | medium | — | 5.5 | — | In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissector and other ASN.1 dissectors could crash. This was addressed in epan/charsets.c by adding a get_t61_string length check. |