CVEs from 2019
Total
3,163
critical
critical 238
high
high 485
medium
medium 485
low
low 94
% Critical
7.5%
% with KEV
3.7%
% with exploit
8.0%
Top vendors
- intel 246
- schneider-electric 117
- netapp 61
- siemens 58
- oracle 36
- hp 23
- denx 20
- phoenixcontact 9
Top products
- u-boot 20
- crimson 8
- active_iq_unified_manager 7
- weblogic_server 5
- jdk 5
- oncommand_workflow_automation 5
- codeready_linux_builder_eus 4
- oncommand_insight 4
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-13962 | unknown | — | — | — | lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height. | |||
| CVE-2019-14778 | unknown | — | — | — | The mkv::virtual_segment_c::seek method of demux/mkv/virtual_segment.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free. | |||
| CVE-2019-14534 | unknown | — | — | — | In VideoLAN VLC media player 3.0.7.1, there is a NULL pointer dereference at the function SeekPercent of demux/asf/asf.c that will lead to a denial of service attack. | |||
| CVE-2019-14777 | unknown | — | — | — | The Control function of demux/mkv/mkv.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free. | |||
| CVE-2019-14437 | unknown | — | — | — | The xiph_SplitHeaders function in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 does not check array bounds properly. As a result, a heap-based buffer over-read can be triggered via a cra… | |||
| CVE-2019-14438 | unknown | — | — | — | A heap-based buffer over-read in xiph_PackHeaders() in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer over-read via a crafted .ogg fi… | |||
| CVE-2019-14533 | unknown | — | — | — | The Control function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 has a use-after-free. | |||
| CVE-2019-14498 | unknown | — | — | — | A divide-by-zero error exists in the Control function of demux/caf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted CAF file. | |||
| CVE-2019-14776 | unknown | — | — | — | A heap-based buffer over-read exists in DemuxInit() in demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 via a crafted .mkv file. | |||
| CVE-2019-5459 | unknown | — | — | — | An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read. | |||
| CVE-2019-14970 | unknown | — | — | — | A vulnerability in mkv::event_thread_t in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer overflow via a crafted .mkv file. | |||
| CVE-2019-5460 | unknown | — | — | — | Double Free in VLC versions <= 3.0.6 leads to a crash. | |||
| CVE-2019-11577 | unknown | — | — | — | dhcpcd before 7.2.1 contains a buffer overflow in dhcp6_findna in dhcp6.c when reading NA/TA addresses. | |||
| CVE-2019-12827 | unknown | — | — | — | Buffer overflow in res_pjsip_messaging in Digium Asterisk versions 13.21-cert3, 13.27.0, 15.7.2, 16.4.0 and earlier allows remote authenticated users to crash Asterisk by sending a specially crafted … | |||
| CVE-2019-9847 | unknown | — | — | — | A vulnerability in LibreOffice hyperlink processing allows an attacker to construct documents containing hyperlinks pointing to the location of an executable on the target users file system. If the h… | |||
| CVE-2019-3466 | unknown | — | — | — | The pg_ctlcluster script in postgresql-common in versions prior to 210 didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation. | |||
| CVE-2019-11482 | unknown | — | — | — | ||||
| CVE-2019-12838 | unknown | — | — | — | ||||
| CVE-2019-20797 | unknown | — | — | — | An issue was discovered in e6y prboom-plus 2.5.1.5. There is a buffer overflow in client and server code responsible for handling received UDP packets, as demonstrated by I_SendPacket or I_SendPacket… | |||
| CVE-2019-14665 | unknown | — | — | — | Brandy 1.20.1 has a heap-based buffer overflow in define_array in variables.c via crafted BASIC source code. | |||
| CVE-2019-14662 | unknown | — | — | — | Brandy 1.20.1 has a stack-based buffer overflow in fileio_openout in fileio.c via crafted BASIC source code. | |||
| CVE-2019-13568 | unknown | — | — | — | CImg through 2.6.7 has a heap-based buffer overflow in _load_bmp in CImg.h because of erroneous memory allocation for a malformed BMP image. | |||
| CVE-2019-1010174 | unknown | — | — | — | CImg The CImg Library v.2.3.3 and earlier is affected by: command injection. The impact is: RCE. The component is: load_network() function. The attack vector is: Loading an image from a user-controll… | |||
| CVE-2019-16165 | unknown | — | — | — | GNU cflow through 1.6 has a use-after-free in the reference function in parser.c. | |||
| CVE-2019-9929 | unknown | — | — | — | Northern.tech CFEngine Enterprise 3.12.1 has Insecure Permissions. | |||
| CVE-2019-15161 | unknown | — | — | — | rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request. | |||
| CVE-2019-16166 | unknown | — | — | — | GNU cflow through 1.6 has a heap-based buffer over-read in the nexttoken function in parser.c. | |||
| CVE-2019-3700 | unknown | — | — | — | ||||
| CVE-2019-12107 | unknown | — | — | — | The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd through 2.1 allows a remote attacker to leak information from the heap due to improper validation of an snprintf return value. | |||
| CVE-2019-12108 | unknown | — | — | — | A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for int_port. | |||
| CVE-2019-12111 | unknown | — | — | — | A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in copyIPv6IfDifferent in pcpserver.c. | |||
| CVE-2019-12109 | unknown | — | — | — | A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for rem_port. | |||
| CVE-2019-12110 | unknown | — | — | — | An AddPortMapping Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in upnpredirect.c. | |||
| CVE-2019-11779 | unknown | — | — | — | In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE packet containing a topic that consists of approximately 65400 or more '/' characters, i.e. the topic hiera… | |||
| CVE-2019-11778 | unknown | — | — | — | If an MQTT v5 client connects to Eclipse Mosquitto versions 1.6.0 to 1.6.4 inclusive, sets a last will and testament, sets a will delay interval, sets a session expiry interval, and the will delay in… | |||
| CVE-2019-18905 | unknown | — | — | — | ||||
| CVE-2019-20164 | unknown | — | — | — | An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a NULL pointer dereference in the function gf_isom_box_del() in isomedia/box_funcs.c. | |||
| CVE-2019-20168 | unknown | — | — | — | An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a use-after-free in the function gf_isom_box_dump_ex() in isomedia/box_funcs.c. | |||
| CVE-2019-6245 | unknown | — | — | — | An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SVG++ (aka svgpp) 1.2.3. In the function agg::cell_aa::not_equal, dx is assigned to (x2 - x1). If dx >= dx_limit, which is (16384 <… | |||
| CVE-2019-12953 | unknown | — | — | — | Dropbear 2011.54 through 2018.76 has an inconsistent failure delay that may lead to revealing valid usernames, a different issue than CVE-2018-15599. | |||
| CVE-2019-20171 | unknown | — | — | — | An issue was discovered in GPAC version 0.5.2 and 0.9.0-development-20191109. There are memory leaks in metx_New in isomedia/box_code_base.c and abst_Read in isomedia/box_code_adobe.c. | |||
| CVE-2019-20628 | unknown | — | — | — | An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains a Use-After-Free vulnerability in gf_m2ts_process_pmt in media_tools/mpegts.c that can cause a denial… | |||
| CVE-2019-20630 | unknown | — | — | — | An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer over-read in BS_ReadByte (called from gf_bs_read_bit) in utils/bitstream.c that c… | |||
| CVE-2019-20631 | unknown | — | — | — | An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an invalid pointer dereference in gf_list_count in utils/list.c that can cause a denial of service vi… | |||
| CVE-2019-20918 | unknown | — | — | — | An issue was discovered in InspIRCd 3 before 3.1.0. The silence module contains a use after free vulnerability. This vulnerability can be used for remote crashing of an InspIRCd server by any user ab… | |||
| CVE-2019-6131 | unknown | — | — | — | svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in svg_run_use_symbol, svg_run_element, and svg_run_use, as demonstrated by mutool. | |||
| CVE-2019-6130 | unknown | — | — | — | Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fitz/document.c file, as demonstrated by mutool. This is related to page-number mishandling in cbz/mucbz.c, cbz/muimg.c, and svg/sv… | |||
| CVE-2019-6439 | unknown | — | — | — | examples/benchmark/tls_bench.c in a benchmark tool in wolfSSL through 3.15.7 has a heap-based buffer overflow. | |||
| CVE-2019-9210 | unknown | — | — | — | In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. (T… | |||
| CVE-2019-19847 | unknown | — | — | — | Libspiro through 20190731 has a stack-based buffer overflow in the spiro_to_bpath0() function in spiro.c. | |||
| CVE-2019-10190 | unknown | — | — | — | A vulnerability was discovered in DNS resolver component of knot resolver through version 3.2.0 before 4.1.0 which allows remote attackers to bypass DNSSEC validation for non-existence answer. NXDOMA… | |||
| CVE-2019-7344 | unknown | — | — | — | Reflected XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in the view 'filter' as it insecurely prints the 'filter[Name]' (aka Filter name) value on t… | |||
| CVE-2019-14466 | unknown | — | — | — | The GOsa_Filter_Settings cookie in GONICUS GOsa 2.7.5.2 is vulnerable to PHP objection injection, which allows a remote authenticated attacker to perform file deletions (in the context of the user ac… | |||
| CVE-2019-20161 | unknown | — | — | — | An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is heap-based buffer overflow in the function ReadGF_IPMPX_WatermarkingInit() in odf/ipmpx_code.c. | |||
| CVE-2019-11221 | unknown | — | — | — | GPAC 0.7.1 has a buffer overflow issue in gf_import_message() in media_import.c. | |||
| CVE-2019-16217 | unknown | — | — | — | WordPress before 5.2.3 allows XSS in media uploads because wp_ajax_upload_attachment is mishandled. | |||
| CVE-2019-20200 | unknown | — | — | — | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing crafted a XML file, performs incorrect memory handling, leading to a heap-based buffer over-read in the … | |||
| CVE-2019-17669 | unknown | — | — | — | WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because URL validation does not consider the interpretation of a name as a series of hex characters. | |||
| CVE-2019-20042 | unknown | — | — | — | In wp-includes/formatting.php in WordPress 3.7 to 5.3.0, the function wp_targeted_link_rel() can be used in a particular way to result in a stored cross-site scripting (XSS) vulnerability. This has b… | |||
| CVE-2019-20043 | unknown | — | — | — | In in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in WordPress 3.7 to 5.3.0, authenticated users who do not have the rights to publish a post are able to mark posts as sticky or… | |||
| CVE-2019-9787 | unknown | — | — | — | WordPress before 5.1.1 does not properly filter comment content, leading to Remote Code Execution by unauthenticated users in a default configuration. This occurs because CSRF protection is mishandle… | |||
| CVE-2019-10784 | unknown | — | — | — | phppgadmin through 7.12.1 allows sensitive actions to be performed without validating that the request originated from the application. One such area, "database.php" does not verify the source of an … | |||
| CVE-2019-13108 | unknown | — | — | — | An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffse… | |||
| CVE-2019-12217 | unknown | — | — | — | An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL stdio_re… | |||
| CVE-2019-13455 | unknown | — | — | — | In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the alert acknowledgment CGI tool because of expansion in acknowledge.c. | |||
| CVE-2019-13452 | unknown | — | — | — | In Xymon through 4.3.28, a buffer overflow vulnerability exists in reportlog.c. | |||
| CVE-2019-19720 | unknown | — | — | — | Yabasic 2.86.1 has a heap-based buffer overflow in the yylex() function in flex.c via a crafted BASIC source file. | |||
| CVE-2019-19796 | unknown | — | — | — | Yabasic 2.86.2 has a heap-based buffer overflow in myformat in function.c via a crafted BASIC source file. | |||
| CVE-2019-5163 | unknown | — | — | — | An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a local_address, arbitrary UDP packets can cause a F… | |||
| CVE-2019-13453 | unknown | — | — | — | Zipios before 0.1.7 does not properly handle certain malformed zip archives and can go into an infinite loop, causing a denial of service. This is related to zipheadio.h:readUint32() and zipfile.cpp:… | |||
| CVE-2019-12816 | unknown | — | — | — | Modules.cpp in ZNC before 1.7.4-rc1 allows remote authenticated non-admin users to escalate privileges and execute arbitrary code by loading a module with a crafted name. | |||
| CVE-2019-2699 | unknown | — | — | — | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Windows DLL). The supported version that is affected is Java SE: 8u202. Difficult to exploit vulnerability allows unauthenticat… | |||
| CVE-2019-18932 | unknown | — | — | — | log.c in Squid Analysis Report Generator (sarg) through 2.3.11 allows local privilege escalation. By default, it uses a fixed temporary directory /tmp/sarg. As the root user, sarg creates this direct… | |||
| CVE-2019-1010251 | unknown | — | — | — | Open Information Security Foundation Suricata prior to version 4.1.2 is affected by: Denial of Service - DNS detection bypass. The impact is: An attacker can evade a signature detection with a specia… | |||
| CVE-2019-10055 | unknown | — | — | — | An issue was discovered in Suricata 4.1.3. The function ftp_pasv_response lacks a check for the length of part1 and part2, leading to a crash within the ftp/mod.rs file. | |||
| CVE-2019-10050 | unknown | — | — | — | A buffer over-read issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the decode-mpls.c function DecodeMPLS is composed only of a packet of source address and destination address pl… | |||
| CVE-2019-10053 | unknown | — | — | — | An issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the function SSHParseBanner is composed only of a \n character, then the program runs into a heap-based buffer over-read. This … | |||
| CVE-2019-18792 | unknown | — | — | — | An issue was discovered in Suricata 5.0.0. It is possible to bypass/evade any tcp based signature by overlapping a TCP segment with a fake FIN packet. The fake FIN packet is injected just before the … | |||
| CVE-2019-8379 | unknown | — | — | — | An issue was discovered in AdvanceCOMP through 2.1. A NULL pointer dereference exists in the function be_uint32_read() located in endianrw.h. It can be triggered by sending a crafted file to a binary… | |||
| CVE-2019-11556 | unknown | — | — | — | Pagure before 5.6 allows XSS via the templates/blame.html blame view. | |||
| CVE-2019-14241 | unknown | — | — | — | HAProxy through 2.0.2 allows attackers to cause a denial of service (ha_panic) via vectors related to htx_manage_client_side_cookies in proto_htx.c. | |||
| CVE-2019-7628 | unknown | — | — | — | Pagure 5.2 leaks API keys by e-mailing them to users. Few e-mail servers validate TLS certificates, so it is easy for man-in-the-middle attackers to read these e-mails and gain access to Pagure on be… | |||
| CVE-2019-12211 | unknown | — | — | — | When FreeImage 3.18.0 reads a tiff file, it will be handed to the Load function of the PluginTIFF.cpp file, but a memcpy occurs in which the destination address and the size of the copied data are no… | |||
| CVE-2019-12213 | unknown | — | — | — | When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp always returns 1, leading to stack exhaustion. | |||
| CVE-2019-6462 | unknown | — | — | — | An issue was discovered in cairo 1.16.0. There is an infinite loop in the function _arc_error_normalized in the file cairo-arc.c, related to _arc_max_angle_for_tolerance_normalized. | |||
| CVE-2019-11471 | unknown | — | — | — | libheif 1.4.0 has a use-after-free in heif::HeifContext::Image::set_alpha_channel in heif_context.h because heif_context.cc mishandles references to non-existing alpha images. | |||
| CVE-2019-15784 | unknown | — | — | — | Secure Reliable Transport (SRT) through 1.3.4 has a CSndUList array overflow if there are many SRT connections. | |||
| CVE-2019-11009 | unknown | — | — | — | In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadXWDImage of coders/xwd.c, which allows attackers to cause a denial of service or information dis… | |||
| CVE-2019-9084 | unknown | — | — | — | In Hoteldruid before 2.3.1, a division by zero was discovered in $num_tabelle in tab_tariffe.php (aka the numtariffa1 parameter) due to the mishandling of non-numeric values, as demonstrated by the /… | |||
| CVE-2019-9086 | unknown | — | — | — | HotelDruid before v2.3.1 has SQL Injection via the /visualizza_tabelle.php anno parameter. | |||
| CVE-2019-19630 | unknown | — | — | — | HTMLDOC 1.9.7 allows a stack-based buffer overflow in the hd_strlcpy() function in string.c (when called from render_contents in ps-pdf.cxx) via a crafted HTML document. | |||
| CVE-2019-11037 | unknown | — | — | — | In PHP imagick extension in versions between 3.3.0 and 3.4.4, writing to an array of values in ImagickKernel::fromMatrix() function did not check that the address will be within the allocated array. … | |||
| CVE-2019-19920 | unknown | — | — | — | sa-exim 4.2.1 allows attackers to execute arbitrary code if they can write a .cf file or a rule. This occurs because Greylisting.pm relies on eval (rather than direct parsing and/or use of the taint … | |||
| CVE-2019-13105 | unknown | — | — | — | Das U-Boot versions 2019.07-rc1 through 2019.07-rc4 can double-free a cached block of data when listing files in a crafted ext4 filesystem. | |||
| CVE-2019-19953 | unknown | — | — | — | In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c. | |||
| CVE-2019-1000009 | unknown | — | — | — | ||||
| CVE-2019-13107 | unknown | — | — | — | Multiple integer overflows exist in MATIO before 1.5.16, related to mat.c, mat4.c, mat5.c, mat73.c, and matvar_struct.c | |||
| CVE-2019-17533 | unknown | — | — | — | Mat_VarReadNextInfo4 in mat4.c in MATIO 1.5.17 omits a certain '\0' character, leading to a heap-based buffer over-read in strdup_vprintf when uninitialized memory is accessed. | |||
| CVE-2019-15144 | unknown | — | — | — | In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate<TYPE>::sort) allows attackers to cause a denial-of-service (application crash due to an Uncontrolled Recursion) by crafting a PBM im… | |||
| CVE-2019-15681 | unknown | — | — | — | LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allow an attacker to read stack memory and can be abused for information discl… |