CVEs from 2019
Total
3,163
critical
critical 238
high
high 485
medium
medium 485
low
low 94
% Critical
7.5%
% with KEV
3.7%
% with exploit
8.0%
Top vendors
- intel 246
- schneider-electric 117
- netapp 61
- siemens 58
- oracle 36
- hp 23
- denx 20
- phoenixcontact 9
Top products
- u-boot 20
- crimson 8
- active_iq_unified_manager 7
- weblogic_server 5
- jdk 5
- oncommand_workflow_automation 5
- codeready_linux_builder_eus 4
- oncommand_insight 4
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-7628 | unknown | — | — | — | Pagure 5.2 leaks API keys by e-mailing them to users. Few e-mail servers validate TLS certificates, so it is easy for man-in-the-middle attackers to read these e-mails and gain access to Pagure on be… | |||
| CVE-2019-5844 | unknown | — | — | — | Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2019-14241 | unknown | — | — | — | HAProxy through 2.0.2 allows attackers to cause a denial of service (ha_panic) via vectors related to htx_manage_client_side_cookies in proto_htx.c. | |||
| CVE-2019-18936 | unknown | — | — | — | UniValue::read() in UniValue before 1.0.5 allow attackers to cause a denial of service (the class internal data reaches an inconsistent state) via input data that triggers an error. | |||
| CVE-2019-11556 | unknown | — | — | — | Pagure before 5.6 allows XSS via the templates/blame.html blame view. | |||
| CVE-2019-16088 | unknown | — | — | — | Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc. | |||
| CVE-2019-11486 | unknown | — | — | — | The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions. | |||
| CVE-2019-6438 | unknown | — | — | — | ||||
| CVE-2019-13309 | unknown | — | — | — | ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c. | |||
| CVE-2019-9753 | unknown | — | — | — | An issue was discovered in Open Ticket Request System (OTRS) 7.x before 7.0.5. An attacker who is logged into OTRS as an agent or a customer user can use the search result screens to disclose informa… | |||
| CVE-2019-19578 | unknown | — | — | — | An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via degenerate chains of linear pagetables, because of an incorrect fix for CVE-2017-15595. "… | |||
| CVE-2019-12220 | unknown | — | — | — | An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is an out-of-bounds read in the SDL function SDL_… | |||
| CVE-2019-20165 | unknown | — | — | — | An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a NULL pointer dereference in the function ilst_item_Read() in isomedia/box_code_apple.c. | |||
| CVE-2019-9028 | unknown | — | — | — | An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read in the function InflateDimensions() in inflate.c when called from ReadNextCel… | |||
| CVE-2019-11481 | unknown | — | — | — | ||||
| CVE-2019-9038 | unknown | — | — | — | An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is an out-of-bounds read problem with a SEGV in the function ReadNextCell() in mat5.c. | |||
| CVE-2019-14587 | unknown | — | — | — | Logic issue EDK II may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||
| CVE-2019-11782 | unknown | — | — | — | Improper access control in Odoo Community 14.0 and earlier and Odoo Enterprise 14.0 and earlier, allows remote authenticated users with access to contact management to modify user accounts, leading t… | |||
| CVE-2019-14372 | unknown | — | — | — | ||||
| CVE-2019-11781 | unknown | — | — | — | Improper input validation in portal component in Odoo Community 12.0 and earlier and Odoo Enterprise 12.0 and earlier, allows remote attackers to trick victims into modifying their account via crafte… | |||
| CVE-2019-14444 | unknown | — | — | — | apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF… | |||
| CVE-2019-14655 | unknown | — | — | — | ||||
| CVE-2019-14465 | unknown | — | — | — | fmt_mtm_load_song in fmt/mtm.c in Schism Tracker 20190722 has a heap-based buffer overflow. | |||
| CVE-2019-14523 | unknown | — | — | — | An issue was discovered in Schism Tracker through 20190722. There is an integer underflow via a large plen in fmt_okt_load_song in the Amiga Oktalyzer parser in fmt/okt.c. | |||
| CVE-2019-14524 | unknown | — | — | — | An issue was discovered in Schism Tracker through 20190722. There is a heap-based buffer overflow via a large number of song patterns in fmt_mtm_load_song in fmt/mtm.c, a different vulnerability than… | |||
| CVE-2019-10900 | unknown | — | — | — | In Wireshark 3.0.0, the Rbm dissector could go into an infinite loop. This was addressed in epan/dissectors/file-rbm.c by handling unknown object types safely. | |||
| CVE-2019-13508 | unknown | — | — | — | FreeTDS through 1.1.11 has a Buffer Overflow. | |||
| CVE-2019-13451 | unknown | — | — | — | In Xymon through 4.3.28, a buffer overflow vulnerability exists in history.c. | |||
| CVE-2019-14535 | unknown | — | — | — | A divide-by-zero error exists in the SeekIndex function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted WMV file. | |||
| CVE-2019-14855 | unknown | — | — | — | A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This iss… | |||
| CVE-2019-17040 | unknown | — | — | — | contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bounds access because the level length is mishandled. | |||
| CVE-2019-13486 | unknown | — | — | — | In Xymon through 4.3.28, a stack-based buffer overflow exists in the status-log viewer component because of expansion in svcstatus.c. | |||
| CVE-2019-1010048 | unknown | — | — | — | ||||
| CVE-2019-10136 | unknown | — | — | — | ||||
| CVE-2019-2679 | unknown | — | — | — | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vuln… | |||
| CVE-2019-9917 | unknown | — | — | — | ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial of Service (crash) via invalid encoding. | |||
| CVE-2019-9070 | unknown | — | — | — | An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls. | |||
| CVE-2019-13115 | unknown | — | — | — | In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the se… | |||
| CVE-2019-5060 | unknown | — | — | — | An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2_image 2.0.4. A specially crafted XPM image can cause an integer overflow in the colorhash function, allo… | |||
| CVE-2019-14663 | unknown | — | — | — | Brandy 1.20.1 has a stack-based buffer overflow in fileio_openin in fileio.c via crafted BASIC source code. | |||
| CVE-2019-11248 | unknown | — | — | — | The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially… | |||
| CVE-2019-12482 | unknown | — | — | — | An issue was discovered in GPAC 0.7.1. There is a NULL pointer dereference in the function gf_isom_get_original_format_type at isomedia/drm_sample.c in libgpac.a, as demonstrated by MP4Box. | |||
| CVE-2019-20022 | unknown | — | — | — | An invalid memory address dereference was discovered in load_pnm in frompnm.c in libsixel before 1.8.3. | |||
| CVE-2019-20198 | unknown | — | — | — | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_ent_ok() mishandles recursion, leading to stack consumption for a crafted XML file. | |||
| CVE-2019-20205 | unknown | — | — | — | libsixel 1.8.4 has an integer overflow in sixel_frame_resize in frame.c. | |||
| CVE-2019-20024 | unknown | — | — | — | A heap-based buffer overflow was discovered in image_buffer_resize in fromsixel.c in libsixel before 1.8.4. | |||
| CVE-2019-20094 | unknown | — | — | — | An issue was discovered in libsixel 1.8.4. There is a heap-based buffer overflow in the function gif_init_frame at fromgif.c. | |||
| CVE-2019-18348 | unknown | — | — | — | An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the fir… | |||
| CVE-2019-20840 | unknown | — | — | — | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode. | |||
| CVE-2019-10672 | unknown | — | — | — | treeRead in hdf/btree.c in libmysofa before 0.7 does not properly validate multiplications and additions. | |||
| CVE-2019-9787 | unknown | — | — | — | WordPress before 5.1.1 does not properly filter comment content, leading to Remote Code Execution by unauthenticated users in a default configuration. This occurs because CSRF protection is mishandle… | |||
| CVE-2019-20043 | unknown | — | — | — | In in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in WordPress 3.7 to 5.3.0, authenticated users who do not have the rights to publish a post are able to mark posts as sticky or… | |||
| CVE-2019-11460 | unknown | — | — | — | An issue was discovered in GNOME gnome-desktop 3.26, 3.28, and 3.30 prior to 3.30.2.2, and 3.32 prior to 3.32.1.1. A compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnai… | |||
| CVE-2019-17266 | unknown | — | — | — | libsoup from versions 2.65.1 until 2.68.1 have a heap-based buffer over-read because soup_ntlm_parse_challenge() in soup-auth-ntlm.c does not properly check an NTLM message's length before proceeding… | |||
| CVE-2019-11187 | unknown | — | — | — | Incorrect Access Control in the LDAP class of GONICUS GOsa through 2019-04-11 allows an attacker to log into any account with a username containing the case-insensitive substring "success" when an ar… | |||
| CVE-2019-20042 | unknown | — | — | — | In wp-includes/formatting.php in WordPress 3.7 to 5.3.0, the function wp_targeted_link_rel() can be used in a particular way to result in a stored cross-site scripting (XSS) vulnerability. This has b… | |||
| CVE-2019-14562 | unknown | — | — | — | Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local access. | |||
| CVE-2019-17455 | unknown | — | — | — | Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read… | |||
| CVE-2019-14975 | unknown | — | — | — | Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_chartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string. | |||
| CVE-2019-7321 | unknown | — | — | — | Usage of an uninitialized variable in the function fz_load_jpeg in Artifex MuPDF 1.14 can result in a heap overflow vulnerability that allows an attacker to execute arbitrary code. | |||
| CVE-2019-13217 | unknown | — | — | — | A heap buffer overflow in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file. | |||
| CVE-2019-9144 | unknown | — | — | — | An issue was discovered in Exiv2 0.27. There is infinite recursion at BigTiffImage::printIFD in the file bigtiffimage.cpp. This can be triggered by a crafted file. It allows an attacker to cause Deni… | |||
| CVE-2019-20200 | unknown | — | — | — | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing crafted a XML file, performs incorrect memory handling, leading to a heap-based buffer over-read in the … | |||
| CVE-2019-9798 | unknown | — | — | — | On Android systems, Firefox can load a library from APITRACE_LIB, which is writable by all users and applications. This could allow malicious third party applications to execute a man-in-the-middle a… | |||
| CVE-2019-1010127 | unknown | — | — | — | VCFTools vcftools prior to version 0.1.15 is affected by: Use-after-free. The impact is: Denial of Service or possibly other impact (eg. code execution or information disclosure). The component is: T… | |||
| CVE-2019-1020014 | unknown | — | — | — | docker-credential-helpers before 0.6.3 has a double free in the List functions. | |||
| CVE-2019-13351 | unknown | — | — | — | posix/JackSocket.cpp in libjack in JACK2 1.9.1 through 1.9.12 (as distributed with alsa-plugins 1.1.7 and later) has a "double file descriptor close" issue during a failed connection attempt when jac… | |||
| CVE-2019-14826 | unknown | — | — | — | A flaw was found in FreeIPA versions 4.5.0 and later. Session cookies were retained in the cache after logout. An attacker could abuse this flaw if they obtain previously valid session cookies and ca… | |||
| CVE-2019-4473 | unknown | — | — | — | ||||
| CVE-2019-11463 | unknown | — | — | — | A memory leak in archive_read_format_zip_cleanup in archive_read_support_format_zip.c in libarchive 3.3.4-dev allows remote attackers to cause a denial of service via a crafted ZIP file because of a … | |||
| CVE-2019-14317 | unknown | — | — | — | wolfSSL and wolfCrypt 4.1.0 and earlier (formerly known as CyaSSL) generate biased DSA nonces. This allows a remote attacker to compute the long term private key from several hundred DSA signatures v… | |||
| CVE-2019-19950 | unknown | — | — | — | In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c. | |||
| CVE-2019-19951 | unknown | — | — | — | In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c. | |||
| CVE-2019-20352 | unknown | — | — | — | In Netwide Assembler (NASM) 2.15rc0, a heap-based buffer over-read occurs (via a crafted .asm file) in set_text_free when called from expand_one_smacro in asm/preproc.c. | |||
| CVE-2019-12095 | unknown | — | — | — | Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 and other products, allows CSRF, as demonstrated by the treanBookmarkTags parameter to the trean/ URI on a webmail server. NOTE:… | |||
| CVE-2019-12412 | unknown | — | — | — | A flaw in the libapreq2 v2.07 to v2.13 multipart parser can deference a null pointer leading to a process crash. A remote attacker could send a request causing a process crash which could lead to a d… | |||
| CVE-2019-9151 | unknown | — | — | — | An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5VM_memcpyvv in H5VM.c when called from H5D__compact_readvv in H5Dcompact.c. | |||
| CVE-2019-9152 | unknown | — | — | — | An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5MM_xstrdup in H5MM.c when called from H5O_dtype_decode_helper in H5Odtype.c. | |||
| CVE-2019-7616 | unknown | — | — | — | ||||
| CVE-2019-16217 | unknown | — | — | — | WordPress before 5.2.3 allows XSS in media uploads because wp_ajax_upload_attachment is mishandled. | |||
| CVE-2019-17675 | unknown | — | — | — | WordPress before 5.2.4 does not properly consider type confusion during validation of the referer in the admin pages, possibly leading to CSRF. | |||
| CVE-2019-11474 | unknown | — | — | — | coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (floating-point exception and application crash) by crafting an XWD image file, a different vulnerability than CVE-… | |||
| CVE-2019-3866 | unknown | — | — | — | An information-exposure vulnerability was discovered where openstack-mistral's undercloud log files containing clear-text information were made world readable. A malicious system user could exploit t… | |||
| CVE-2019-11785 | unknown | — | — | — | Improper access control in mail module (followers) in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier, allows remote authenticated users to obtain access to messages posted on bu… | |||
| CVE-2019-13618 | unknown | — | — | — | In GPAC before 0.8.0, isomedia/isom_read.c in libgpac.a has a heap-based buffer over-read, as demonstrated by a crash in gf_m2ts_sync in media_tools/mpegts.c. | |||
| CVE-2019-10153 | unknown | — | — | — | A flaw was discovered in fence-agents, prior to version 4.3.4, where using non-ASCII characters in a guest VM's comment or other fields would cause fence_rhevm to exit with an exception. In cluster e… | |||
| CVE-2019-18902 | unknown | — | — | — | ||||
| CVE-2019-19638 | unknown | — | — | — | An issue was discovered in libsixel 1.8.2. There is a heap-based buffer overflow in the function load_pnm at frompnm.c, due to an integer overflow. | |||
| CVE-2019-25067 | unknown | — | — | — | A vulnerability, which was classified as critical, was found in Podman and Varlink 1.5.1. This affects an unknown part of the component API. The manipulation leads to Remote Privilege Escalation. It … | |||
| CVE-2019-12589 | unknown | — | — | — | In Firejail before 0.9.60, seccomp filters are writable inside the jail, leading to a lack of intended seccomp restrictions for a process that is joined to the jail after a filter has been modified b… | |||
| CVE-2019-7344 | unknown | — | — | — | Reflected XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in the view 'filter' as it insecurely prints the 'filter[Name]' (aka Filter name) value on t… | |||
| CVE-2019-10902 | unknown | — | — | — | In Wireshark 3.0.0, the TSDNS dissector could crash. This was addressed in epan/dissectors/packet-tsdns.c by splitting strings safely. | |||
| CVE-2019-10898 | unknown | — | — | — | In Wireshark 3.0.0, the GSUP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gsm_gsup.c by rejecting an invalid Information Element length. | |||
| CVE-2019-19847 | unknown | — | — | — | Libspiro through 20190731 has a stack-based buffer overflow in the spiro_to_bpath0() function in spiro.c. | |||
| CVE-2019-7659 | unknown | — | — | — | Genivia gSOAP 2.7.x and 2.8.x before 2.8.75 allows attackers to cause a denial of service (application abort) or possibly have unspecified other impact if a server application is built with the -DWIT… | |||
| CVE-2019-16396 | unknown | — | — | — | GnuCOBOL 2.2 has a use-after-free in the end_scope_of_program_name() function in cobc/parser.y via crafted COBOL source code. | |||
| CVE-2019-11338 | unknown | — | — | — | libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL pointer dereference and out-of-array acce… | |||
| CVE-2019-15942 | unknown | — | — | — | FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645_parse because alloc_rbsp_buffer in libavcodec/h2645_parse.c mishandles rbsp_buffer. | |||
| CVE-2019-20162 | unknown | — | — | — | An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is heap-based buffer overflow in the function gf_isom_box_parse_ex() in isomedia/box_funcs.c. | |||
| CVE-2019-9210 | unknown | — | — | — | In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. (T… |