CVEs from 2019
Total
3,162
critical
critical 238
high
high 485
medium
medium 485
low
low 94
% Critical
7.5%
% with KEV
3.7%
% with exploit
8.0%
Top vendors
- intel 246
- schneider-electric 117
- netapp 61
- siemens 58
- oracle 36
- hp 23
- denx 20
- phoenixcontact 9
Top products
- u-boot 20
- crimson 8
- active_iq_unified_manager 7
- weblogic_server 5
- jdk 5
- oncommand_workflow_automation 5
- codeready_linux_builder_eus 4
- oncommand_insight 4
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-10377 | unknown | — | — | 4y ago | Missing permission check in Jenkins Avatar Plugin | |||
| CVE-2019-10371 | unknown | — | — | 4y ago | Jenkins Gitlab Authentication Plugin vulnerable to Session Fixation | |||
| CVE-2019-10376 | unknown | — | — | 4y ago | Jenkins Wall Display Plugin Cross-site Scripting vulnerability | |||
| CVE-2019-10370 | unknown | — | — | 4y ago | Insertion of Sensitive Information into Log File in Jenkins Mask Passwords Plugin | |||
| CVE-2019-10381 | unknown | — | — | 4y ago | Jenkins Codefresh Integration Plugin Improper Certificate Validation vulnerability | |||
| CVE-2019-10375 | unknown | — | — | 4y ago | Arbitrary file read vulnerability in Jenkins File System SCM Plugin | |||
| CVE-2019-10374 | unknown | — | — | 4y ago | Jenkins PegDown Formatter Plugin has Cross-site Scripting vulnerability | |||
| CVE-2019-10369 | unknown | — | — | 4y ago | Jenkins JClouds Plugin missing permission check | |||
| CVE-2019-10367 | unknown | — | — | 4y ago | Insertion of Sensitive Information into Log File in Jenkins Configuration as Code Plugin | |||
| CVE-2019-12950 | unknown | — | — | 4y ago | TeamPass Cross-site Scripting (XSS) | |||
| CVE-2019-7950 | unknown | — | — | 4y ago | Magento 2 Community Edition Access Control Bypass | |||
| CVE-2019-7951 | unknown | — | — | 4y ago | Magento 2 Community Edition Information Leak | |||
| CVE-2019-7947 | unknown | — | — | 4y ago | Magento 2 Community Edition CSRF vulnerability | |||
| CVE-2019-7937 | unknown | — | — | 4y ago | Magento 2 Community Edition XSS Vulnerability | |||
| CVE-2019-7934 | unknown | — | — | 4y ago | Magento 2 Community Edition XSS Vulnerability | |||
| CVE-2019-7945 | unknown | — | — | 4y ago | Magento 2 Community Edition XSS Vulnerability | |||
| CVE-2019-7944 | unknown | — | — | 4y ago | Magento 2 Community Edition XSS Vulnerability | |||
| CVE-2019-7930 | unknown | — | — | 4y ago | Magento 2 Community Unrestricted File Upload | |||
| CVE-2019-7935 | unknown | — | — | 4y ago | Magento 2 Community Edition XSS Vulnerability | |||
| CVE-2019-7936 | unknown | — | — | 4y ago | Magento 2 Community Edition XSS Vulnerability | |||
| CVE-2019-7932 | unknown | — | — | 4y ago | Magento 2 Community Edition RCE Vulnerability | |||
| CVE-2019-7939 | unknown | — | — | 4y ago | Magento Reflected cross-site scripting on customer cart page | |||
| CVE-2019-7938 | unknown | — | — | 4y ago | Magento 2 Community Edition XSS Vulnerability | |||
| CVE-2019-7942 | unknown | — | — | 4y ago | Magento 2 Community Edition RCE | |||
| CVE-2019-7912 | unknown | — | — | 4y ago | Magento Filter extension bypass via crafted store configuration keys | |||
| CVE-2019-7913 | unknown | — | — | 4y ago | Magento 2 Community Edition SSRF vulnerability | |||
| CVE-2019-7928 | unknown | — | — | 4y ago | Magento 2 Community Edition DoS vulnerability | |||
| CVE-2019-7923 | unknown | — | — | 4y ago | Magento 2 Community Edition SSRF vulnerability | |||
| CVE-2019-7925 | unknown | — | — | 4y ago | Magento Insecure Direct Object Reference (IDOR) vulnerability | |||
| CVE-2019-7915 | unknown | — | — | 4y ago | Magento 2 Community Edition DoS vulnerability | |||
| CVE-2019-7921 | unknown | — | — | 4y ago | Magento 2 Community Edition Cross-site Scripting Vulnerability | |||
| CVE-2019-7929 | unknown | — | — | 4y ago | Magento 2 Community Edition Information Disclosure | |||
| CVE-2019-7911 | unknown | — | — | 4y ago | Magento 2 Community Edition Server-Side Request Forgery vulnerability | |||
| CVE-2019-7926 | unknown | — | — | 4y ago | Magento 2 Community Edition XSS Vulnerability | |||
| CVE-2019-7927 | unknown | — | — | 4y ago | Magento 2 Community Edition XSS Vulnerability | |||
| CVE-2019-7897 | unknown | — | — | 4y ago | Magento 2 Community Edition XSS Vulnerability | |||
| CVE-2019-7904 | unknown | — | — | 4y ago | Magento 2 Community Edition Insufficient Access Controls | |||
| CVE-2019-7903 | unknown | — | — | 4y ago | Magento 2 Community Edition RCE Vulnerability | |||
| CVE-2019-7890 | unknown | — | — | 4y ago | Magento 2 Community Edition IDOR Vulnerability | |||
| CVE-2019-7898 | unknown | — | — | 4y ago | Magento 2 Community Edition Information Disclosure | |||
| CVE-2019-7896 | unknown | — | — | 4y ago | Magento 2 Community Edition RCE Vulnerability | |||
| CVE-2019-7909 | unknown | — | — | 4y ago | Magento 2 Community Edition Cross-site Scripting Vulnerability | |||
| CVE-2019-7899 | unknown | — | — | 4y ago | Magento 2 Community Edition Information Disclosure | |||
| CVE-2019-7908 | unknown | — | — | 4y ago | Magento Cross-site Scripting in the admin panel | |||
| CVE-2019-7895 | unknown | — | — | 4y ago | Magento 2 Community Edition RCE Vulnerability | |||
| CVE-2019-7889 | unknown | — | — | 4y ago | Magento 2 Community Edition Injection Vulnerability | |||
| CVE-2019-7892 | unknown | — | — | 4y ago | Magento 2 Community Edition RCE Vulnerability via SSRF | |||
| CVE-2019-7885 | unknown | — | — | 4y ago | Magento 2 Community Edition RCE Vulnerability | |||
| CVE-2019-7886 | unknown | — | — | 4y ago | Magento 2 Community Edition Cryptographic Flaw | |||
| CVE-2019-7880 | unknown | — | — | 4y ago | Magento 2 Community Edition XSS Vulnerability | |||
| CVE-2019-7887 | unknown | — | — | 4y ago | Magento 2 Community Edition Cross-site Scripting Vulnerability | |||
| CVE-2019-7882 | unknown | — | — | 4y ago | Magento 2 Community Edition XSS Vulnerability | |||
| CVE-2019-7888 | unknown | — | — | 4y ago | Magento 2 Community Edition Information Disclosure | |||
| CVE-2019-7872 | unknown | — | — | 4y ago | Magento Insufficient authorization check when adding users to company accounts | |||
| CVE-2019-7869 | unknown | — | — | 4y ago | Magento Stored Cross-site Scripting vulnerability in the admin panel | |||
| CVE-2019-7868 | unknown | — | — | 4y ago | Magento Cross-site Scripting in the admin panel | |||
| CVE-2019-7871 | unknown | — | — | 4y ago | Magento 2 Community Edition Unsafe File Upload | |||
| CVE-2019-7877 | unknown | — | — | 4y ago | Magento 2 Community Edition XSS Vulnerability | |||
| CVE-2019-7875 | unknown | — | — | 4y ago | Magento 2 Community Edition Cross-site Scripting Vulnerability | |||
| CVE-2019-7863 | unknown | — | — | 4y ago | Magento Stored cross-site scripting in admin panel | |||
| CVE-2019-7876 | unknown | — | — | 4y ago | Magento 2 Community Edition RCE Vulnerability | |||
| CVE-2019-7881 | unknown | — | — | 4y ago | Magento 2 Community Edition XSS Vulnerability | |||
| CVE-2019-7873 | unknown | — | — | 4y ago | Magento 2 Community Edition Cross-site Scripting Vulnerability | |||
| CVE-2019-7874 | unknown | — | — | 4y ago | Magento 2 Community Edition XSS Vulnerability | |||
| CVE-2019-7865 | unknown | — | — | 4y ago | Magento 2 Community Edition CSRF Vulnerability | |||
| CVE-2019-7854 | unknown | — | — | 4y ago | Magento 2 Community Edition IDOR Vulnerability | |||
| CVE-2019-7860 | unknown | — | — | 4y ago | Magento 2 Community Edition Weak PRNG | |||
| CVE-2019-7862 | unknown | — | — | 4y ago | Magento 2 Community Edition XSS Vulnerability | |||
| CVE-2019-7864 | unknown | — | — | 4y ago | Magento 2 Community Edition IDOR Vulnerability | |||
| CVE-2019-7859 | unknown | — | — | 4y ago | Magento 2 Community Edition Path Traversal Vulnerability | |||
| CVE-2019-7858 | unknown | — | — | 4y ago | Magento 2 Community Edition Cryptographic Flaw | |||
| CVE-2019-7867 | unknown | — | — | 4y ago | Magento 2 Community Edition XSS Vulnerability | |||
| CVE-2019-7866 | unknown | — | — | 4y ago | Magento 2 Community Edition XSS Vulnerability | |||
| CVE-2019-7857 | unknown | — | — | 4y ago | Magento Cross-Site Request Forgery (CSRF) | |||
| CVE-2019-7861 | unknown | — | — | 4y ago | Magento 2 Community Edition Unsafe File Upload | |||
| CVE-2019-7851 | unknown | — | — | 4y ago | Magento 2 Community Edition CSRF vulnerability | |||
| CVE-2019-7849 | unknown | — | — | 4y ago | Magento 2 Community Edition Session Fixation Check | |||
| CVE-2019-7855 | unknown | — | — | 4y ago | Magento 2 Community Cryptographic Flaw | |||
| CVE-2019-7852 | unknown | — | — | 4y ago | Magento 2 Community Edition Path Disclosure | |||
| CVE-2019-7853 | unknown | — | — | 4y ago | Magento 2 Community Edition XSS Vulnerability | |||
| CVE-2019-10189 | unknown | — | — | 4y ago | moodle Improper Access Control | |||
| CVE-2019-10188 | unknown | — | — | 4y ago | moodle Improper Access Control | |||
| CVE-2019-10186 | unknown | — | — | 4y ago | Moodle CSRF Vulnerability | |||
| CVE-2019-10187 | unknown | — | — | 4y ago | Moodle Ability to delete glossary entries that belong to another glossary | |||
| CVE-2019-10366 | unknown | — | — | 4y ago | Skytap Cloud CI Plugin stored credentials in plain text | |||
| CVE-2019-10362 | unknown | — | — | 4y ago | Improper Encoding or Escaping of Output in Jenkins Configuration as Code Plugin | |||
| CVE-2019-10361 | unknown | — | — | 4y ago | Jenkins Maven Release Plug-in Plugin stored credentials in plain text | |||
| CVE-2019-10360 | unknown | — | — | 4y ago | Jenkins Maven Release Plugin vulnerable to Cross-site Scripting | |||
| CVE-2019-10363 | unknown | — | — | 4y ago | Cleartext Transmission of Sensitive Information in Jenkins Configuration as Code Plugin | |||
| CVE-2019-10365 | unknown | — | — | 4y ago | Jenkins Google Kubernetes Engine Plugin vulnerable to Exposure of Resource to Wrong Sphere | |||
| CVE-2019-10364 | unknown | — | — | 4y ago | Jenkins Amazon EC2 Plugin leaked beginning of private key in system log | |||
| CVE-2019-10344 | unknown | — | — | 4y ago | Missing Authorization in Jenkins Configuration as Code Plugin | |||
| CVE-2019-10356 | unknown | — | — | 4y ago | Return of Pointer Value Outside of Expected Rang in Jenkins Script Security Plugin | |||
| CVE-2019-10358 | unknown | — | — | 4y ago | Maven Integration Plugin did not mask sensitive values in module build logs | |||
| CVE-2019-10357 | unknown | — | — | 4y ago | Missing Authorization in Jenkins Pipeline: Shared Groovy Libraries Plugin | |||
| CVE-2019-10343 | unknown | — | — | 4y ago | Insertion of Sensitive Information into Log File in Jenkins Configuration as Code Plugin | |||
| CVE-2019-10345 | unknown | — | — | 4y ago | Plaintext Storage of a Password in Jenkins Configuration as Code Plugin | |||
| CVE-2019-10359 | unknown | — | — | 4y ago | Jenkins Maven Release Plugin contains Cross-Site Request Forgery vulnerability | |||
| CVE-2019-10355 | unknown | — | — | 4y ago | Incorrect Privilege Assignment in Jenkins Script Security Plugin | |||
| CVE-2019-7614 | unknown | — | — | 4y ago | Concurrent Execution using Shared Resource with Improper Synchronization in Elasticsearch |