CVEs from 2019
Total
3,413
critical
critical 232
high
high 332
medium
medium 301
low
low 72
% Critical
6.8%
% with KEV
3.5%
% with exploit
3.5%
Top products
- u-boot 20
- nsauditor 1
- crypto 1
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2019-9809 | critical | — | 9.5 | — | If the source for resources on a page is through an FTP connection, it is possible to trigger a series of modal alert messages for these resources through invalid credentials or locations. These mess… | |
| CVE-2019-9807 | critical | — | 9.5 | — | When arbitrary text is sent over an FTP connection and a page reload is initiated, it is possible to create a modal alert message with this text as the content. This could potentially be used for soc… | |
| CVE-2019-9803 | critical | — | 9.5 | — | The Upgrade-Insecure-Requests (UIR) specification states that if UIR is enabled through Content Security Policy (CSP), navigation to a same-origin URL must be upgraded to HTTPS. Firefox will incorrec… | |
| CVE-2019-9802 | critical | — | 9.5 | — | If a Sandbox content process is compromised, it can initiate an FTP download which will then use a child process to render the downloaded data. The downloaded data can then be passed to the Chrome pr… | |
| CVE-2019-17025 | critical | — | 9.5 | — | Mozilla developers reported memory safety bugs present in Firefox 71. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been expl… | |
| CVE-2019-17020 | critical | — | 9.5 | — | If an XML file is served with a Content Security Policy and the XML file includes an XSL stylesheet, the Content Security Policy will not be applied to the contents of the XSL stylesheet. If the XSL … | |
| CVE-2019-17014 | critical | — | 9.5 | — | If an image had not loaded correctly (such as when it is not actually an image), it could be dragged and dropped cross-domain, resulting in a cross-origin information leak. This vulnerability affects… | |
| CVE-2019-5781 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2019-5762 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2019-13749 | critical | — | 9.5 | — | Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | |
| CVE-2019-11759 | critical | — | 9.5 | — | An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a c… | |
| CVE-2019-13738 | critical | — | 9.5 | — | Insufficient policy enforcement in navigation in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass site isolation via a crafted HTML page. | |
| CVE-2019-9797 | critical | — | 9.5 | — | Cross-origin images can be read in violation of the same-origin policy by exporting an image after using createImageBitmap to read the image and then rendering the resulting bitmap image within a can… | |
| CVE-2019-17010 | critical | — | 9.5 | — | Under certain conditions, when checking the Resist Fingerprinting preference during device orientation checks, a race condition could have caused a use-after-free and a potentially exploitable crash.… | |
| CVE-2019-3829 | critical | — | 9.5 | — | A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption (double free) vulnerability in the certificate verification API. Any client or server application that verifi… | |
| CVE-2019-8942 | critical | — | 9.5 | — | WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php su… | |
| CVE-2019-13740 | critical | — | 9.5 | — | Incorrect security UI in sharing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page. | |
| CVE-2019-13736 | critical | — | 9.5 | — | Integer overflow in PDFium in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | |
| CVE-2019-5756 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2019-0220 | critical | — | 9.5 | — | multiple issues in apache | |
| CVE-2019-12874 | critical | — | 9.5 | — | arbitrary code execution in vlc | |
| CVE-2019-13745 | critical | — | 9.5 | — | Insufficient policy enforcement in audio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |
| CVE-2019-0215 | critical | — | 9.5 | — | multiple issues in apache | |
| CVE-2019-18511 | critical | — | 9.5 | — | multiple issues in thunderbird | |
| CVE-2019-7221 | critical | — | 9.5 | — | The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free. | |
| CVE-2019-11728 | critical | — | 9.5 | — | The HTTP Alternative Services header, Alt-Svc, can be used by a malicious site to scan all TCP ports of any host that the accessible to a user when web content is loaded. This vulnerability affects F… | |
| CVE-2019-11762 | critical | — | 9.5 | — | If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This vulner… | |
| CVE-2019-17666 | critical | — | 9.5 | — | rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow. | |
| CVE-2019-11760 | critical | — | 9.5 | — | A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances. This vulnerability affects Firefox < 70, Thunderb… | |
| CVE-2019-5815 | critical | — | 9.5 | 4y ago | multiple issues in chromium | |
| CVE-2019-18197 | critical | — | 9.5 | 4y ago | multiple issues in chromium | |
| CVE-2019-11708 | high | — | 9.5 | 4y ago | Mozilla Firefox and Thunderbird contain a sandbox escape vulnerability that could result in remote code execution. | |
| CVE-2019-5786 | high | — | 9.5 | 6y ago | arbitrary code execution in chromium | |
| CVE-2019-14197 | critical | 9.1 | 9.1 | 7y ago | An issue was discovered in Das U-Boot through 2019.07. There is a read of out-of-bounds data at nfs_read_reply. | |
| CVE-2019-25650 | high | 8.4 | 8.4 | 2mo ago | River Past CamDo 3.7.6 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the Lame_en… | |
| CVE-2019-25651 | high | 8.3 | 8.3 | 2mo ago | Ubiquiti UniFi Network Controller prior to 5.10.12 (excluding 5.6.42), UAP FW prior to 4.0.6, UAP-AC, UAP-AC v2, and UAP-AC Outdoor FW prior to 3.8.17, USW FW prior to 4.0.6, USG FW prior to 4.4.34 u… | |
| CVE-2019-25642 | high | 8.2 | 8.2 | 2mo ago | Bootstrapy CMS contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through POST parameters. Attackers can… | |
| CVE-2019-25640 | high | 8.2 | 8.2 | 2mo ago | Inout Article Base CMS contains SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through the 'p' and 'u' parameters. Attackers can inject SQL code usi… | |
| CVE-2019-5791 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-5867 | high | — | 8.0 | — | arbitrary code execution in chromium | |
| CVE-2019-13708 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-13700 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-13702 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-13696 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-8337 | high | — | 8.0 | — | In msmtp 1.8.2 and mpop 1.4.3, when tls_trust_file has its default configuration, certificate-verification results are not properly checked. | |
| CVE-2019-6454 | high | — | 8.0 | — | An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming … | |
| CVE-2019-9686 | high | — | 8.0 | — | arbitrary code execution in pacman | |
| CVE-2019-11477 | high | — | 8.0 | — | Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker c… | |
| CVE-2019-11478 | high | — | 8.0 | — | Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences… | |
| CVE-2019-11479 | high | — | 8.0 | — | Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. … | |
| CVE-2019-5853 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-6465 | high | — | 8.0 | — | Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.… | |
| CVE-2019-11735 | high | — | 8.0 | — | Mozilla developers and community members reported memory safety bugs present in Firefox 68 and Firefox ESR 68. Some of these bugs showed evidence of memory corruption and we presume that with enough … | |
| CVE-2019-11748 | high | — | 8.0 | — | WebRTC in Firefox will honor persisted permissions given to sites for access to microphone and camera resources even when in a third-party context. In light of recent high profile vulnerabilities in … | |
| CVE-2019-5785 | high | — | 8.0 | — | Incorrect convexity calculations in Skia in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. | |
| CVE-2019-5436 | high | — | 8.0 | — | A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1. | |
| CVE-2019-11738 | high | — | 8.0 | — | If a Content Security Policy (CSP) directive is defined that uses a hash-based source that takes the empty string as input, execution of any javascript: URIs will be allowed. This could allow for mal… | |
| CVE-2019-1348 | high | — | 8.0 | — | An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also vi… | |
| CVE-2019-13709 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-13711 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-5788 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-13718 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-14868 | high | — | 8.0 | — | In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell comman… | |
| CVE-2019-11749 | high | — | 8.0 | — | A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without triggeri… | |
| CVE-2019-8343 | high | — | 8.0 | — | In Netwide Assembler (NASM) 2.14.02, there is a use-after-free in paste_tokens in asm/preproc.c. | |
| CVE-2019-11747 | high | — | 8.0 | — | The "Forget about this site" feature in the History pane is intended to remove all saved user data that indicates a user has visited a site. This includes removing any HTTP Strict Transport Security … | |
| CVE-2019-11683 | high | — | 8.0 | — | udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x before 5.0.13 allows remote attackers to cause a denial of service (slab-out-of-bounds memory corruption) or possibly have un… | |
| CVE-2019-10192 | high | — | 8.0 | — | A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By carefully corrupting a hyperloglog using … | |
| CVE-2019-11752 | high | — | 8.0 | — | It is possible to delete an IndexedDB key value and subsequently try to extract it during conversion. This results in a use-after-free and a potentially exploitable crash. This vulnerability affects … | |
| CVE-2019-18634 | high | — | 8.0 | — | In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and ele… | |
| CVE-2019-19882 | high | — | 8.0 | — | shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affe… | |
| CVE-2019-15717 | high | — | 8.0 | — | Irssi 1.2.x before 1.2.2 has a use-after-free if the IRC server sends a double CAP. | |
| CVE-2019-10193 | high | — | 8.0 | — | A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRA… | |
| CVE-2019-5489 | high | — | 8.0 | — | The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allow… | |
| CVE-2019-6133 | high | — | 8.0 | — | In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to la… | |
| CVE-2019-11742 | high | — | 8.0 | — | A same-origin policy violation occurs allowing the theft of cross-origin images through a combination of SVG filters and a <canvas> element due to an error in how same-origin policy is applied … | |
| CVE-2019-18222 | high | — | 8.0 | — | The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to reco… | |
| CVE-2019-11746 | high | — | 8.0 | — | A use-after-free vulnerability can occur while manipulating video elements if the body is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox… | |
| CVE-2019-0053 | high | — | 8.0 | — | Insufficient validation of environment variables in the telnet client supplied in Junos OS can lead to stack-based buffer overflows, which can be exploited to bypass veriexec restrictions on Junos OS… | |
| CVE-2019-11703 | high | — | 8.0 | — | A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parser_get_next_char when processing certain email messages, resulting in a potentially exploitable crash. This vulnera… | |
| CVE-2019-25016 | high | — | 8.0 | — | In OpenDoas from 6.6 to 6.8 the users PATH variable was incorrectly inherited by authenticated executions if the authenticating rule allowed the user to execute any command. Rules that only allowed t… | |
| CVE-2019-1350 | high | — | 8.0 | — | A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-201… | |
| CVE-2019-11744 | high | — | 8.0 | — | Some HTML elements, such as <title> and <textarea>, can contain literal angle brackets without treating them as markup. It is possible to pass a literal closing tag to .innerHTML on these… | |
| CVE-2019-3814 | high | — | 8.0 | — | It was discovered that Dovecot before versions 2.2.36.1 and 2.3.4.1 incorrectly handled client certificates. A remote attacker in possession of a valid certificate with an empty username field could … | |
| CVE-2019-12749 | high | — | 8.0 | — | dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofi… | |
| CVE-2019-3835 | high | — | 8.0 | — | It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have ac… | |
| CVE-2019-5864 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-10181 | high | — | 8.0 | — | It was found that in icedtea-web up to and including 1.7.2 and 1.8.2 executable code could be injected in a JAR file without compromising the signature verification. An attacker could use this flaw t… | |
| CVE-2019-11750 | high | — | 8.0 | — | A type confusion vulnerability exists in Spidermonkey, which results in a non-exploitable crash. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1. | |
| CVE-2019-7524 | high | — | 8.0 | — | In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to root. This occurs because of missing c… | |
| CVE-2019-14812 | high | — | 8.0 | — | A flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions… | |
| CVE-2019-14287 | high | — | 8.0 | — | In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a cra… | |
| CVE-2019-6111 | high | — | 8.0 | — | An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only perf… | |
| CVE-2019-5803 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-1354 | high | — | 8.0 | — | A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-201… | |
| CVE-2019-11704 | high | — | 8.0 | — | A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in icalmemory_strdup_and_dequote when processing certain email messages, resulting in a potentially exploitable crash. Thi… | |
| CVE-2019-3838 | high | — | 8.0 | — | It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example,… | |
| CVE-2019-5848 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-5842 | high | — | 8.0 | — | arbitrary code execution in chromium | |
| CVE-2019-5865 | high | — | 8.0 | — | multiple issues in chromium |