CVEs from 2019
Total
3,164
critical
critical 238
high
high 485
medium
medium 485
low
low 94
% Critical
7.5%
% with KEV
3.7%
% with exploit
8.0%
Top vendors
- intel 246
- schneider-electric 117
- netapp 61
- siemens 58
- oracle 36
- hp 23
- denx 20
- phoenixcontact 9
Top products
- u-boot 20
- crimson 8
- active_iq_unified_manager 7
- weblogic_server 5
- jdk 5
- oncommand_workflow_automation 5
- codeready_linux_builder_eus 4
- oncommand_insight 4
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-19072 | medium | — | 5.5 | 6y ago | A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-96… | |||
| CVE-2019-16233 | medium | — | 5.5 | 6y ago | drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | |||
| CVE-2019-15925 | medium | — | 5.5 | 6y ago | An issue was discovered in the Linux kernel before 5.2.3. An out of bounds access exists in the function hclge_tm_schd_mode_vnet_base_cfg in the file drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_… | |||
| CVE-2019-19246 | medium | — | 5.5 | 6y ago | RHSA-2020:3662: php:7.3 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-11041 | medium | — | 5.5 | 6y ago | RHSA-2020:3662: php:7.3 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-11042 | medium | — | 5.5 | 6y ago | RHSA-2020:3662: php:7.3 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-11045 | medium | — | 5.5 | 6y ago | RHSA-2020:3662: php:7.3 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-11040 | medium | — | 5.5 | 6y ago | RHSA-2020:3662: php:7.3 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-11047 | medium | — | 5.5 | 6y ago | RHSA-2020:3662: php:7.3 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-11048 | medium | — | 5.5 | 6y ago | RHSA-2020:3662: php:7.3 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-11050 | medium | — | 5.5 | 6y ago | RHSA-2020:3662: php:7.3 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-11039 | medium | — | 5.5 | 6y ago | RHSA-2020:3662: php:7.3 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-17006 | medium | — | 5.5 | 6y ago | In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the in… | |||
| CVE-2019-20908 | medium | — | 5.5 | 6y ago | An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or s… | |||
| CVE-2019-20479 | medium | — | 5.5 | 6y ago | RHSA-2020:3032: mod_auth_openidc:2.3 security and bug fix update (Moderate) | |||
| CVE-2019-14857 | medium | — | 5.5 | 6y ago | RHSA-2020:3032: mod_auth_openidc:2.3 security and bug fix update (Moderate) | |||
| CVE-2019-18281 | medium | — | 5.5 | 6y ago | RHSA-2020:1665: qt5 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-14822 | medium | — | 5.5 | 6y ago | RHSA-2020:1880: ibus and glib2 security and bug fix update (Moderate) | |||
| CVE-2019-13636 | medium | — | 5.5 | 6y ago | RHSA-2020:1852: patch security and bug fix update (Moderate) | |||
| CVE-2019-12449 | medium | — | 5.5 | 6y ago | An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles a file's user and group ownership during move (and copy with G_FILE_COPY_ALL_METADATA) operations fro… | |||
| CVE-2019-12447 | medium | — | 5.5 | 6y ago | An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid is not used. | |||
| CVE-2019-12448 | medium | — | 5.5 | 6y ago | An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c has race conditions because the admin backend doesn't implement query_info_on_read/write. | |||
| CVE-2019-3825 | medium | — | 5.5 | 6y ago | RHSA-2020:1766: GNOME security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-9638 | medium | — | 5.5 | 6y ago | RHSA-2020:1624: php:7.2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-9639 | medium | — | 5.5 | 6y ago | RHSA-2020:1624: php:7.2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-9022 | medium | — | 5.5 | 6y ago | RHSA-2020:1624: php:7.2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-9640 | medium | — | 5.5 | 6y ago | RHSA-2020:1624: php:7.2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-9024 | medium | — | 5.5 | 6y ago | RHSA-2020:1624: php:7.2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-9637 | medium | — | 5.5 | 6y ago | RHSA-2020:1624: php:7.2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-9023 | medium | — | 5.5 | 6y ago | RHSA-2020:1624: php:7.2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-9020 | medium | — | 5.5 | 6y ago | RHSA-2020:1624: php:7.2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-9021 | medium | — | 5.5 | 6y ago | RHSA-2020:1624: php:7.2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-11034 | medium | — | 5.5 | 6y ago | RHSA-2020:1624: php:7.2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-11035 | medium | — | 5.5 | 6y ago | RHSA-2020:1624: php:7.2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-11036 | medium | — | 5.5 | 6y ago | RHSA-2020:1624: php:7.2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-16935 | medium | — | 5.5 | 6y ago | RHSA-2020:4433: python3 security and bug fix update (Moderate) | |||
| CVE-2019-16056 | medium | — | 5.5 | 6y ago | RHSA-2020:1764: python3 security and bug fix update (Moderate) | |||
| CVE-2019-20421 | medium | — | 5.5 | 6y ago | RHSA-2020:1577: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-9143 | medium | — | 5.5 | 6y ago | RHSA-2020:1577: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-13113 | medium | — | 5.5 | 6y ago | RHSA-2020:1577: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-13112 | medium | — | 5.5 | 6y ago | RHSA-2020:1577: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-13111 | medium | — | 5.5 | 6y ago | RHSA-2020:1577: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-13109 | medium | — | 5.5 | 6y ago | RHSA-2020:1577: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-11596 | medium | — | 5.5 | 6y ago | RHSA-2020:1576: memcached security update (Moderate) | |||
| CVE-2019-17042 | medium | — | 5.5 | 6y ago | RHSA-2020:1702: rsyslog security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-17041 | medium | — | 5.5 | 6y ago | RHSA-2020:1702: rsyslog security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-14973 | medium | — | 5.5 | 6y ago | RHSA-2020:1688: libtiff security update (Moderate) | |||
| CVE-2019-18277 | medium | — | 5.5 | 6y ago | RHSA-2020:1725: haproxy security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-13456 | medium | — | 5.5 | 6y ago | RHSA-2020:1672: freeradius:3.0 security update (Moderate) | |||
| CVE-2019-5188 | medium | — | 5.5 | 6y ago | RHSA-2020:1913: e2fsprogs security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-1010180 | medium | — | 5.5 | 6y ago | RHSA-2020:1635: gdb security and bug fix update (Moderate) | |||
| CVE-2019-5094 | medium | — | 5.5 | 6y ago | RHSA-2020:1913: e2fsprogs security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-10218 | medium | — | 5.5 | 6y ago | RHSA-2020:1878: samba security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-1563 | medium | — | 5.5 | 6y ago | RHSA-2020:1840: openssl security and bug fix update (Moderate) | |||
| CVE-2019-19924 | medium | — | 5.5 | 6y ago | RHSA-2020:1810: sqlite security and bug fix update (Moderate) | |||
| CVE-2019-14563 | medium | — | 5.5 | 6y ago | RHSA-2020:1712: edk2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-15847 | medium | — | 5.5 | 6y ago | RHSA-2020:1864: gcc security and bug fix update (Moderate) | |||
| CVE-2019-10197 | medium | — | 5.5 | 6y ago | RHSA-2020:1878: samba security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-18934 | medium | — | 5.5 | 6y ago | RHSA-2020:1716: unbound security update (Moderate) | |||
| CVE-2019-19923 | medium | — | 5.5 | 6y ago | flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or inc… | |||
| CVE-2019-19330 | medium | — | 5.5 | 6y ago | RHSA-2020:1725: haproxy security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-14818 | medium | — | 5.5 | 6y ago | RHSA-2020:1735: dpdk security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-15043 | medium | — | 5.5 | 6y ago | denial of service in grafana | |||
| CVE-2019-19234 | medium | — | 5.5 | 6y ago | In Sudo through 1.8.29, the fact that a user has been blocked (e.g., by using the ! character in the shadow file instead of a password hash) is not considered, allowing an attacker (who has access to… | |||
| CVE-2019-19232 | medium | — | 5.5 | 6y ago | In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The so… | |||
| CVE-2019-9853 | medium | — | 5.5 | 6y ago | LibreOffice documents can contain macros. The execution of those macros is controlled by the document security settings, typically execution of macros are blocked by default. A URL decoding flaw exis… | |||
| CVE-2019-1547 | medium | — | 5.5 | 6y ago | RHSA-2020:1840: openssl security and bug fix update (Moderate) | |||
| CVE-2019-9854 | medium | — | 5.5 | 6y ago | LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to … | |||
| CVE-2019-13752 | medium | — | 5.5 | 6y ago | Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | |||
| CVE-2019-19925 | medium | — | 5.5 | 6y ago | zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive. | |||
| CVE-2019-9852 | medium | — | 5.5 | 6y ago | LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to … | |||
| CVE-2019-9850 | medium | — | 5.5 | 6y ago | LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice… | |||
| CVE-2019-9849 | medium | — | 5.5 | 6y ago | LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who w… | |||
| CVE-2019-13753 | medium | — | 5.5 | 6y ago | Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | |||
| CVE-2019-6477 | medium | — | 5.5 | 6y ago | RHSA-2020:1845: bind security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-1549 | medium | — | 5.5 | 6y ago | RHSA-2020:1840: openssl security and bug fix update (Moderate) | |||
| CVE-2019-8457 | medium | — | 5.5 | 6y ago | RHSA-2020:1810: sqlite security and bug fix update (Moderate) | |||
| CVE-2019-13038 | medium | — | 5.5 | 6y ago | RHSA-2020:1660: mod_auth_mellon security and bug fix update (Moderate) | |||
| CVE-2019-5436 | medium | — | 5.5 | 6y ago | A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1. | |||
| CVE-2019-14907 | medium | — | 5.5 | 6y ago | RHSA-2020:1878: samba security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-19959 | medium | — | 5.5 | 6y ago | RHSA-2020:1810: sqlite security and bug fix update (Moderate) | |||
| CVE-2019-5481 | medium | — | 5.5 | 6y ago | Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3. | |||
| CVE-2019-5482 | medium | — | 5.5 | 6y ago | Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. | |||
| CVE-2019-15691 | medium | — | 5.5 | 6y ago | RHSA-2020:1497: tigervnc security update (Moderate) | |||
| CVE-2019-15692 | medium | — | 5.5 | 6y ago | RHSA-2020:1497: tigervnc security update (Moderate) | |||
| CVE-2019-15693 | medium | — | 5.5 | 6y ago | RHSA-2020:1497: tigervnc security update (Moderate) | |||
| CVE-2019-15694 | medium | — | 5.5 | 6y ago | RHSA-2020:1497: tigervnc security update (Moderate) | |||
| CVE-2019-15695 | medium | — | 5.5 | 6y ago | RHSA-2020:1497: tigervnc security update (Moderate) | |||
| CVE-2019-19527 | medium | — | 5.5 | 6y ago | In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver, aka CID-9c09b214f30e. | |||
| CVE-2019-15030 | medium | — | 5.5 | 6y ago | In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local… | |||
| CVE-2019-18660 | medium | — | 5.5 | 6y ago | The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/… | |||
| CVE-2019-20892 | medium | — | 5.5 | 6y ago | RHBA-2020:1376: net-snmp bug fix and enhancement update (Moderate) | |||
| CVE-2019-15031 | medium | — | 5.5 | 6y ago | In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a trans… | |||
| CVE-2019-18874 | medium | — | 5.5 | 6y ago | RHSA-2021:4324: python-psutil security update (Moderate) | |||
| CVE-2019-20330 | medium | — | 5.5 | 6y ago | RHSA-2020:1644: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2019-14865 | medium | — | 5.5 | 6y ago | RHSA-2020:0335: grub2 security update (Moderate) | |||
| CVE-2019-10164 | medium | — | 5.5 | 6y ago | RHSA-2020:3669: postgresql:10 security and bug fix update (Moderate) | |||
| CVE-2019-17631 | medium | — | 5.5 | 7y ago | RHSA-2020:0046: java-1.8.0-ibm security update (Moderate) | |||
| CVE-2019-2996 | medium | — | 5.5 | 7y ago | RHSA-2020:0046: java-1.8.0-ibm security update (Moderate) | |||
| CVE-2019-8822 | medium | — | 5.5 | 7y ago | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windo… |