CVEs from 2019
Total
3,157
critical
critical 227
high
high 474
medium
medium 476
low
low 94
% Critical
7.2%
% with KEV
3.7%
% with exploit
8.0%
Top vendors
- intel 246
- schneider-electric 117
- netapp 61
- siemens 58
- oracle 36
- hp 23
- denx 20
- phoenixcontact 9
Top products
- u-boot 20
- crimson 8
- active_iq_unified_manager 7
- weblogic_server 5
- jdk 5
- oncommand_workflow_automation 5
- codeready_linux_builder_eus 4
- oncommand_insight 4
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-17639 | high | — | 8.0 | 6y ago | RHSA-2020:3386: java-1.8.0-ibm security update (Important) | |||
| CVE-2019-19807 | high | — | 8.0 | 6y ago | In the Linux kernel before 5.3.11, sound/core/timer.c has a use-after-free caused by erroneous code refactoring, aka CID-e7af6307a8a5. This is related to snd_timer_open and snd_timer_close_locked. Th… | |||
| CVE-2019-3016 | high | — | 8.0 | 6y ago | In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linu… | |||
| CVE-2019-20382 | high | — | 8.0 | 6y ago | QEMU 4.1.0 has a memory leak in zrle_compress_data in ui/vnc-enc-zrle.c during a VNC disconnect operation because libz is misused, resulting in a situation where memory allocated in deflateInit2 is n… | |||
| CVE-2019-10086 | high | — | 8.0 | 6y ago | RHSA-2025:9318: javapackages-tools:201801 security update (Important) | |||
| CVE-2019-0199 | high | — | 8.0 | 6y ago | The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.14 and 8.5.0 to 8.5.37 accepted streams with excessive numbers of SETTINGS frames and also permitted clients to keep streams open without re… | |||
| CVE-2019-12525 | high | — | 8.0 | 6y ago | RHSA-2020:2041: squid:4 security update (Important) | |||
| CVE-2019-12519 | high | — | 8.0 | 6y ago | RHSA-2020:2041: squid:4 security update (Important) | |||
| CVE-2019-19532 | high | — | 8.0 | 6y ago | In the Linux kernel before 5.3.9, there are multiple out-of-bounds write bugs that can be caused by a malicious USB device in the Linux kernel HID drivers, aka CID-d9d4b1e46d95. This affects drivers/… | |||
| CVE-2019-19045 | high | — | 8.0 | 6y ago | A memory leak in the mlx5_fpga_conn_create_cq() function in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory… | |||
| CVE-2019-19534 | high | — | 8.0 | 6y ago | In the Linux kernel before 5.3.11, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver, aka CID-f7a1337f0d29. | |||
| CVE-2019-15221 | high | — | 8.0 | 6y ago | An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver. | |||
| CVE-2019-19055 | high | — | 8.0 | 6y ago | A memory leak in the nl80211_get_ftm_responder_stats() function in net/wireless/nl80211.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by trig… | |||
| CVE-2019-19077 | high | — | 8.0 | 6y ago | A memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by… | |||
| CVE-2019-5108 | high | — | 8.0 | 6y ago | An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for statio… | |||
| CVE-2019-10639 | high | — | 8.0 | 6y ago | The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it is possible to extract the K… | |||
| CVE-2019-17053 | high | — | 8.0 | 6y ago | ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw s… | |||
| CVE-2019-16746 | high | — | 8.0 | 6y ago | An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow. | |||
| CVE-2019-15099 | high | — | 8.0 | 6y ago | drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. | |||
| CVE-2019-12819 | high | — | 8.0 | 6y ago | An issue was discovered in the Linux kernel before 5.0. The function __mdiobus_register() in drivers/net/phy/mdio_bus.c calls put_device(), which will trigger a fixed_mdio_bus_init use-after-free. Th… | |||
| CVE-2019-19057 | high | — | 8.0 | 6y ago | Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory co… | |||
| CVE-2019-18805 | high | — | 8.0 | 6y ago | An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very l… | |||
| CVE-2019-15090 | high | — | 8.0 | 6y ago | An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read. | |||
| CVE-2019-8980 | high | — | 8.0 | 6y ago | A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures. | |||
| CVE-2019-19922 | high | — | 8.0 | 6y ago | kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by genera… | |||
| CVE-2019-19768 | high | — | 8.0 | 6y ago | In the Linux kernel 5.4.0-rc2, there is a use-after-free (read) in the __blk_add_trace function in kernel/trace/blktrace.c (which is used to fill out a blk_io_trace structure and place it in a per-cp… | |||
| CVE-2019-19065 | high | — | 8.0 | 6y ago | A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering rhasht… | |||
| CVE-2019-19073 | high | — | 8.0 | 6y ago | Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout… | |||
| CVE-2019-19067 | high | — | 8.0 | 6y ago | Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption) by trigge… | |||
| CVE-2019-19058 | high | — | 8.0 | 6y ago | A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by t… | |||
| CVE-2019-19074 | high | — | 8.0 | 6y ago | A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-72… | |||
| CVE-2019-18282 | high | — | 8.0 | 6y ago | The flow_dissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs because the auto flowlabel of a UDP IPv6 packet rel… | |||
| CVE-2019-17055 | high | — | 8.0 | 6y ago | base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw sock… | |||
| CVE-2019-15223 | high | — | 8.0 | 6y ago | An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/driver.c driver. | |||
| CVE-2019-16234 | high | — | 8.0 | 6y ago | drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | |||
| CVE-2019-19047 | high | — | 8.0 | 6y ago | A memory leak in the mlx5_fw_fatal_reporter_dump() function in drivers/net/ethernet/mellanox/mlx5/core/health.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory… | |||
| CVE-2019-19059 | high | — | 8.0 | 6y ago | Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c in the Linux kernel through 5.3.11 allow attackers to cause a denial o… | |||
| CVE-2019-20788 | high | — | 8.0 | 6y ago | libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow via a large height or width value. NOTE: this may overlap CVE-2019-15690. | |||
| CVE-2019-15690 | high | — | 8.0 | 6y ago | LibVNCServer 0.9.12 release and earlier contains heap buffer overflow vulnerability within the HandleCursorShape() function in libvncclient/cursor.c. An attacker sends cursor shapes with specially cr… | |||
| CVE-2019-20044 | high | — | 8.0 | 6y ago | RHSA-2020:0903: zsh security update (Important) | |||
| CVE-2019-15604 | high | — | 8.0 | 6y ago | RHSA-2020:0598: nodejs:12 security update (Important) | |||
| CVE-2019-15606 | high | — | 8.0 | 6y ago | RHSA-2020:0598: nodejs:12 security update (Important) | |||
| CVE-2019-15605 | high | — | 8.0 | 6y ago | RHSA-2020:0708: http-parser security update (Important) | |||
| CVE-2019-14868 | high | — | 8.0 | 6y ago | RHSA-2020:0559: ksh security update (Important) | |||
| CVE-2019-19338 | high | — | 8.0 | 6y ago | A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (… | |||
| CVE-2019-14901 | high | — | 8.0 | 6y ago | A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, result… | |||
| CVE-2019-14898 | high | — | 8.0 | 6y ago | The fix for CVE-2019-11599, affecting the Linux kernel before 5.0.10 was not complete. A local user could use this flaw to obtain sensitive information, cause a denial of service, or possibly have ot… | |||
| CVE-2019-14814 | high | — | 8.0 | 6y ago | There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system cr… | |||
| CVE-2019-14815 | high | — | 8.0 | 6y ago | A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver. | |||
| CVE-2019-14895 | high | — | 8.0 | 6y ago | A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection n… | |||
| CVE-2019-14816 | high | — | 8.0 | 6y ago | There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) o… | |||
| CVE-2019-13734 | high | — | 8.0 | 6y ago | Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2019-18408 | high | — | 8.0 | 6y ago | RHSA-2020:0271: libarchive security update (Important) | |||
| CVE-2019-18397 | high | — | 8.0 | 7y ago | RHSA-2019:4361: fribidi security update (Important) | |||
| CVE-2019-19333 | high | — | 8.0 | 7y ago | RHSA-2019:4360: libyang security update (Important) | |||
| CVE-2019-19334 | high | — | 8.0 | 7y ago | RHSA-2019:4360: libyang security update (Important) | |||
| CVE-2019-1387 | high | — | 8.0 | 7y ago | RHSA-2019:4356: git security update (Important) | |||
| CVE-2019-1348 | high | — | 8.0 | 7y ago | RHSA-2019:4356: git security update (Important) | |||
| CVE-2019-1349 | high | — | 8.0 | 7y ago | RHSA-2019:4356: git security update (Important) | |||
| CVE-2019-1352 | high | — | 8.0 | 7y ago | RHSA-2019:4356: git security update (Important) | |||
| CVE-2019-19339 | high | — | 8.0 | 7y ago | RHSA-2019:4245: kpatch-patch security update (Important) | |||
| CVE-2019-16777 | high | — | 8.0 | 7y ago | Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For e… | |||
| CVE-2019-16776 | high | — | 8.0 | 7y ago | Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It fails to prevent access to folders outside of the intended node_modules folder through the bin field. A properly … | |||
| CVE-2019-16775 | high | — | 8.0 | 7y ago | Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It is possible for packages to create symlinks to files outside of thenode_modules folder through the bin field upon… | |||
| CVE-2019-13616 | high | — | 8.0 | 7y ago | RHSA-2019:3951: SDL security update (Important) | |||
| CVE-2019-14869 | high | — | 8.0 | 7y ago | RHSA-2019:3890: ghostscript security update (Important) | |||
| CVE-2019-0155 | high | — | 8.0 | 7y ago | Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Go… | |||
| CVE-2019-11139 | high | — | 8.0 | 7y ago | RHEA-2019:3845: microcode_ctl bug fix and enhancement update (Important) | |||
| CVE-2019-0117 | high | — | 8.0 | 7y ago | RHEA-2019:3845: microcode_ctl bug fix and enhancement update (Important) | |||
| CVE-2019-0154 | high | — | 8.0 | 7y ago | Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold… | |||
| CVE-2019-9946 | high | — | 8.0 | 7y ago | RHSA-2019:3403: container-tools:rhel8 security, bug fix, and enhancement update (Important) | |||
| CVE-2019-15920 | high | — | 8.0 | 7y ago | An issue was discovered in the Linux kernel before 5.0.10. SMB2_read in fs/cifs/smb2pdu.c has a use-after-free. NOTE: this was not fixed correctly in 5.0.10; see the 5.0.11 ChangeLog, which documents… | |||
| CVE-2019-11833 | high | — | 8.0 | 7y ago | fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading unini… | |||
| CVE-2019-9506 | high | — | 8.0 | 7y ago | The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This al… | |||
| CVE-2019-15924 | high | — | 8.0 | 7y ago | An issue was discovered in the Linux kernel before 5.0.11. fm10k_init_module in drivers/net/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer dereference because there is no -ENOMEM upon an alloc_… | |||
| CVE-2019-15916 | high | — | 8.0 | 7y ago | An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service. | |||
| CVE-2019-15921 | high | — | 8.0 | 7y ago | An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c. | |||
| CVE-2019-15666 | high | — | 8.0 | 7y ago | An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in __xfrm_policy_unlink, which will cause denial of service, because verify_newpolicy_info in net/xfr… | |||
| CVE-2019-10638 | high | — | 8.0 | 7y ago | In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to mu… | |||
| CVE-2019-10126 | high | — | 8.0 | 7y ago | A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly oth… | |||
| CVE-2019-10207 | high | — | 8.0 | 7y ago | A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth… | |||
| CVE-2019-20811 | high | — | 8.0 | 7y ago | An issue was discovered in the Linux kernel before 5.0.6. In rx_queue_add_kobject() and netdev_queue_add_kobject() in net/core/net-sysfs.c, a reference count is mishandled, aka CID-a3e23f719f5c. | |||
| CVE-2019-7222 | high | — | 8.0 | 7y ago | The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak. | |||
| CVE-2019-15214 | high | — | 8.0 | 7y ago | An issue was discovered in the Linux kernel before 5.0.10. There is a use-after-free in the sound subsystem because card disconnection causes certain data structures to be deleted too early. This is … | |||
| CVE-2019-15919 | high | — | 8.0 | 7y ago | An issue was discovered in the Linux kernel before 5.0.10. SMB2_write in fs/cifs/smb2pdu.c has a use-after-free. | |||
| CVE-2019-14824 | high | — | 8.0 | 7y ago | RHSA-2019:3401: 389-ds:1.4 security, bug fix, and enhancement update (Important) | |||
| CVE-2019-3883 | high | — | 8.0 | 7y ago | RHSA-2019:3401: 389-ds:1.4 security, bug fix, and enhancement update (Important) | |||
| CVE-2019-15927 | high | — | 8.0 | 7y ago | An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c. | |||
| CVE-2019-14821 | high | — | 8.0 | 7y ago | An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO r… | |||
| CVE-2019-16994 | high | — | 8.0 | 7y ago | In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when register_netdev() fails to register sitn->fb_tunnel_dev, which may cause denial of service, aka CID-07f12… | |||
| CVE-2019-10224 | high | — | 8.0 | 7y ago | RHSA-2019:3401: 389-ds:1.4 security, bug fix, and enhancement update (Important) | |||
| CVE-2019-25160 | high | — | 8.0 | 7y ago | In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory accesses There are two array out-of-bounds memory accesses, one in cipso_v4_map_lvl_valid(), t… | |||
| CVE-2019-3874 | high | — | 8.0 | 7y ago | The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches … | |||
| CVE-2019-13233 | high | — | 8.0 | 7y ago | In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX boun… | |||
| CVE-2019-3900 | high | — | 8.0 | 7y ago | An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets f… | |||
| CVE-2019-5489 | high | — | 8.0 | 7y ago | The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allow… | |||
| CVE-2019-3882 | high | — | 8.0 | 7y ago | A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local a… | |||
| CVE-2019-3459 | high | — | 8.0 | 7y ago | A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1. | |||
| CVE-2019-13648 | high | — | 8.0 | 7y ago | In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a s… | |||
| CVE-2019-12382 | high | — | 8.0 | 7y ago | An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause … |