CVEs from 2019
Total
3,162
critical
critical 238
high
high 485
medium
medium 485
low
low 94
% Critical
7.5%
% with KEV
3.7%
% with exploit
8.0%
Top vendors
- intel 246
- schneider-electric 117
- netapp 61
- siemens 58
- oracle 36
- hp 23
- denx 20
- phoenixcontact 9
Top products
- u-boot 20
- crimson 8
- active_iq_unified_manager 7
- weblogic_server 5
- jdk 5
- oncommand_workflow_automation 5
- codeready_linux_builder_eus 4
- oncommand_insight 4
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-2834 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2969 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-3003 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2434 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2455 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2481 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2482 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2486 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2494 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2507 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2495 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2502 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2503 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2528 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2529 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2531 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2584 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2620 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2532 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2533 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2534 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2535 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2536 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2539 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2580 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2606 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2581 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2585 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2587 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2623 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2589 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2592 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2593 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2596 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2689 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2694 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2755 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2948 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2819 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2826 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2815 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2950 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2420 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2436 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2687 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2625 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2626 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2631 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2634 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2644 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2683 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2691 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2811 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-2814 | high | — | 8.0 | 7y ago | RHSA-2019:2511: mysql:8.0 security update (Important) | |||
| CVE-2019-10216 | high | — | 8.0 | 7y ago | RHSA-2019:2465: ghostscript security update (Important) | |||
| CVE-2019-10192 | high | — | 8.0 | 7y ago | RHSA-2019:2002: redis:5 security update (Important) | |||
| CVE-2019-10193 | high | — | 8.0 | 7y ago | RHSA-2019:2002: redis:5 security update (Important) | |||
| CVE-2019-10182 | high | — | 8.0 | 7y ago | RHSA-2019:2004: icedtea-web security update (Important) | |||
| CVE-2019-10185 | high | — | 8.0 | 7y ago | RHSA-2019:2004: icedtea-web security update (Important) | |||
| CVE-2019-10181 | high | — | 8.0 | 7y ago | RHSA-2019:2004: icedtea-web security update (Important) | |||
| CVE-2019-11810 | high | — | 8.0 | 7y ago | An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_bas… | |||
| CVE-2019-11085 | high | — | 8.0 | 7y ago | Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable escalation of privilege via local acce… | |||
| CVE-2019-11811 | high | — | 8.0 | 7y ago | An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_… | |||
| CVE-2019-2769 | high | — | 8.0 | 7y ago | RHSA-2019:2590: java-1.8.0-ibm security update (Important) | |||
| CVE-2019-2762 | high | — | 8.0 | 7y ago | RHSA-2019:2590: java-1.8.0-ibm security update (Important) | |||
| CVE-2019-2786 | high | — | 8.0 | 7y ago | RHSA-2019:2590: java-1.8.0-ibm security update (Important) | |||
| CVE-2019-2816 | high | — | 8.0 | 7y ago | RHSA-2019:2590: java-1.8.0-ibm security update (Important) | |||
| CVE-2019-11356 | high | — | 8.0 | 7y ago | RHSA-2019:1771: cyrus-imapd security update (Important) | |||
| CVE-2019-6471 | high | — | 8.0 | 7y ago | RHSA-2019:1714: bind security update (Important) | |||
| CVE-2019-12384 | high | — | 8.0 | 7y ago | RHSA-2019:2720: pki-deps:10.6 security update (Important) | |||
| CVE-2019-12781 | high | — | 8.0 | 7y ago | An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1.10, and 2.2 before 2.2.3. An HTTP request is not redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT set… | |||
| CVE-2019-10167 | high | — | 8.0 | 7y ago | RHSA-2019:1580: virt:rhel security update (Important) | |||
| CVE-2019-10166 | high | — | 8.0 | 7y ago | RHSA-2019:1580: virt:rhel security update (Important) | |||
| CVE-2019-10161 | high | — | 8.0 | 7y ago | RHSA-2019:1580: virt:rhel security update (Important) | |||
| CVE-2019-10168 | high | — | 8.0 | 7y ago | RHSA-2019:1580: virt:rhel security update (Important) | |||
| CVE-2019-11479 | high | — | 8.0 | 7y ago | Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. … | |||
| CVE-2019-11477 | high | — | 8.0 | 7y ago | Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker c… | |||
| CVE-2019-11478 | high | — | 8.0 | 7y ago | Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences… | |||
| CVE-2019-3885 | high | — | 8.0 | 7y ago | RHSA-2019:1279: pacemaker security and bug fix update (Important) | |||
| CVE-2019-10132 | high | — | 8.0 | 7y ago | RHSA-2019:1268: virt:rhel security update (Important) | |||
| CVE-2019-0757 | high | — | 8.0 | 7y ago | RHSA-2019:1259: dotnet security, bug fix, and enhancement update (Important) | |||
| CVE-2019-9003 | high | — | 8.0 | 7y ago | In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by … | |||
| CVE-2019-3856 | high | — | 8.0 | 7y ago | RHSA-2019:1175: virt:rhel security update (Important) | |||
| CVE-2019-3855 | high | — | 8.0 | 7y ago | RHSA-2019:1175: virt:rhel security update (Important) | |||
| CVE-2019-3857 | high | — | 8.0 | 7y ago | RHSA-2019:1175: virt:rhel security update (Important) | |||
| CVE-2019-3863 | high | — | 8.0 | 7y ago | RHSA-2019:1175: virt:rhel security update (Important) | |||
| CVE-2019-10063 | high | — | 8.0 | 7y ago | RHSA-2019:1143: flatpak security update (Important) | |||
| CVE-2019-11234 | high | — | 8.0 | 7y ago | RHSA-2019:1142: freeradius:3.0 security update (Important) | |||
| CVE-2019-11235 | high | — | 8.0 | 7y ago | RHSA-2019:1142: freeradius:3.0 security update (Important) | |||
| CVE-2019-5785 | high | — | 8.0 | 7y ago | Incorrect convexity calculations in Skia in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. | |||
| CVE-2019-9636 | high | — | 8.0 | 7y ago | RHSA-2019:0997: python3 security update (Important) | |||
| CVE-2019-3878 | high | — | 8.0 | 7y ago | RHSA-2019:0985: mod_auth_mellon security update (Important) | |||
| CVE-2019-5953 | high | — | 8.0 | 7y ago | RHSA-2019:0983: wget security update (Important) | |||
| CVE-2019-3835 | high | — | 8.0 | 7y ago | RHSA-2019:0971: ghostscript security update (Important) | |||
| CVE-2019-3838 | high | — | 8.0 | 7y ago | RHSA-2019:0971: ghostscript security update (Important) | |||
| CVE-2019-3839 | high | — | 8.0 | 7y ago | RHSA-2019:0971: ghostscript security update (Important) | |||
| CVE-2019-3816 | high | — | 8.0 | 7y ago | RHSA-2019:0972: openwsman security update (Important) | |||
| CVE-2019-0215 | high | — | 8.0 | 7y ago | In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in mod_ssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured access control restri… | |||
| CVE-2019-10906 | high | — | 8.0 | 7y ago | RHSA-2019:1152: python-jinja2 security update (Important) | |||
| CVE-2019-8324 | high | — | 8.0 | 7y ago | RHSA-2019:1972: ruby:2.5 security update (Important) |