CVEs from 2019
Total
3,419
critical
critical 232
high
high 336
medium
medium 309
low
low 71
% Critical
6.8%
% with KEV
3.5%
% with exploit
3.5%
Top products
- u-boot 20
- active_iq_unified_manager 7
- jdk 5
- weblogic_server 5
- oncommand_workflow_automation 5
- codeready_linux_builder_eus 4
- oncommand_insight 4
- libxslt 4
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2019-3862 | critical | — | 9.5 | — | An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a… | |
| CVE-2019-5757 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2019-11716 | critical | — | 9.5 | — | Until explicitly accessed by script, window.globalThis is not enumerable and, as a result, is not visible to code such as Object.getOwnPropertyNames(window). Sites that deploy a sandboxing that depen… | |
| CVE-2019-5768 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2019-5771 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2019-11696 | critical | — | 9.5 | — | Files with the .JNLP extension used for "Java web start" applications are not treated as executable content for download prompts even though they can be executed if Java is installed on the local sys… | |
| CVE-2019-9805 | critical | — | 9.5 | — | A latent vulnerability exists in the Prio library where data may be read from uninitialized memory for some functions, leading to potential memory corruption. This vulnerability affects Firefox < 66. | |
| CVE-2019-5777 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2019-13747 | critical | — | 9.5 | — | Uninitialized data in rendering in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2019-5775 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2019-5763 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2019-5832 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2019-5828 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2019-5764 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2019-18511 | critical | — | 9.5 | — | multiple issues in thunderbird | |
| CVE-2019-11724 | critical | — | 9.5 | — | Application permissions give additional remote troubleshooting permission to the site input.mozilla.org, which has been retired and now redirects to another site. This additional permission is unnece… | |
| CVE-2019-5837 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2019-9816 | critical | — | 9.5 | — | A possible vulnerability exists where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the bypassing of security checks within these groups. *Note: this vu… | |
| CVE-2019-5765 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2019-11715 | critical | — | 9.5 | — | Due to an error while parsing page content, it is possible for properly sanitized user input to be misinterpreted and lead to XSS hazards on web sites in certain circumstances. This vulnerability aff… | |
| CVE-2019-5783 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2019-17010 | critical | — | 9.5 | — | Under certain conditions, when checking the Resist Fingerprinting preference during device orientation checks, a race condition could have caused a use-after-free and a potentially exploitable crash.… | |
| CVE-2019-11692 | critical | — | 9.5 | — | A use-after-free vulnerability can occur when listeners are removed from the event listener manager while still in use, resulting in a potentially exploitable crash. This vulnerability affects Thunde… | |
| CVE-2019-9800 | critical | — | 9.5 | — | Mozilla developers and community members reported memory safety bugs present in Firefox 66, Firefox ESR 60.6, and Thunderbird 60.6. Some of these bugs showed evidence of memory corruption and we pres… | |
| CVE-2019-5439 | critical | — | 9.5 | — | arbitrary code execution in vlc | |
| CVE-2019-13763 | critical | — | 9.5 | — | Insufficient policy enforcement in payments in Google Chrome prior to 79.0.3945.79 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. | |
| CVE-2019-5838 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2019-17020 | critical | — | 9.5 | — | If an XML file is served with a Content Security Policy and the XML file includes an XSL stylesheet, the Content Security Policy will not be applied to the contents of the XSL stylesheet. If the XSL … | |
| CVE-2019-8912 | critical | — | 9.5 | — | In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr. | |
| CVE-2019-11765 | critical | — | 9.5 | — | A compromised content process could send a message to the parent process that would cause the 'Click to Play' permission prompt to be shown. However, due to lack of validation from the parent process… | |
| CVE-2019-5815 | critical | — | 9.5 | 4y ago | multiple issues in chromium | |
| CVE-2019-11708 | high | — | 9.5 | 4y ago | Mozilla Firefox and Thunderbird contain a sandbox escape vulnerability that could result in remote code execution. | |
| CVE-2019-5786 | high | — | 9.5 | 6y ago | arbitrary code execution in chromium | |
| CVE-2019-14197 | critical | 9.1 | 9.1 | 7y ago | An issue was discovered in Das U-Boot through 2019.07. There is a read of out-of-bounds data at nfs_read_reply. | |
| CVE-2019-13721 | high | 8.8 | 8.8 | 7y ago | Use after free in PDFium in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2019-25650 | high | 8.4 | 8.4 | 2mo ago | River Past CamDo 3.7.6 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the Lame_en… | |
| CVE-2019-25651 | high | 8.3 | 8.3 | 2mo ago | Ubiquiti UniFi Network Controller prior to 5.10.12 (excluding 5.6.42), UAP FW prior to 4.0.6, UAP-AC, UAP-AC v2, and UAP-AC Outdoor FW prior to 3.8.17, USW FW prior to 4.0.6, USG FW prior to 4.4.34 u… | |
| CVE-2019-25642 | high | 8.2 | 8.2 | 2mo ago | Bootstrapy CMS contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through POST parameters. Attackers can… | |
| CVE-2019-25640 | high | 8.2 | 8.2 | 2mo ago | Inout Article Base CMS contains SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through the 'p' and 'u' parameters. Attackers can inject SQL code usi… | |
| CVE-2019-6820 | high | 8.2 | 8.2 | 7y ago | A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a modification of device IP configuration (IP address, network mask and gateway IP address) when a speci… | |
| CVE-2019-13713 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-5867 | high | — | 8.0 | — | arbitrary code execution in chromium | |
| CVE-2019-11752 | high | — | 8.0 | — | It is possible to delete an IndexedDB key value and subsequently try to extract it during conversion. This results in a use-after-free and a potentially exploitable crash. This vulnerability affects … | |
| CVE-2019-9278 | high | — | 8.0 | — | In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider with no additional execution privileges… | |
| CVE-2019-19977 | high | — | 8.0 | — | libESMTP through 1.0.6 mishandles domain copying into a fixed-size buffer in ntlm_build_type_2 in ntlm/ntlmstruct.c, as demonstrated by a stack-based buffer over-read. | |
| CVE-2019-5842 | high | — | 8.0 | — | arbitrary code execution in chromium | |
| CVE-2019-1348 | high | — | 8.0 | — | An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also vi… | |
| CVE-2019-15903 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-1000019 | high | — | 8.0 | — | libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onwards (release v3.0.2 onwards) contains a CWE-125: Out-of-bounds Read vulnerability in 7zip decompression, archive_read_support_fo… | |
| CVE-2019-5436 | high | — | 8.0 | — | A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1. | |
| CVE-2019-11461 | high | — | 8.0 | — | An issue was discovered in GNOME Nautilus 3.30 prior to 3.30.6 and 3.32 prior to 3.32.1. A compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI … | |
| CVE-2019-5789 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-5848 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-5799 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-13707 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-6116 | high | — | 8.0 | — | In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution. | |
| CVE-2019-13719 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-20503 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-3823 | high | — | 8.0 | — | libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL termi… | |
| CVE-2019-11743 | high | — | 8.0 | — | Navigation events were not fully adhering to the W3C's "Navigation-Timing Level 2" draft specification in some instances for the unload event, which restricts access to detailed timing attributes to … | |
| CVE-2019-5855 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-5802 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-1353 | high | — | 8.0 | — | An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known… | |
| CVE-2019-5793 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-11139 | high | — | 8.0 | — | Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access. | |
| CVE-2019-1350 | high | — | 8.0 | — | A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-201… | |
| CVE-2019-5800 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-11478 | high | — | 8.0 | — | Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences… | |
| CVE-2019-8381 | high | — | 8.0 | — | An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs in do_checksum in checksum.c. It can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an… | |
| CVE-2019-13693 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-5847 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-11738 | high | — | 8.0 | — | If a Content Security Policy (CSP) directive is defined that uses a hash-based source that takes the empty string as input, execution of any javascript: URIs will be allowed. This could allow for mal… | |
| CVE-2019-5850 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-10181 | high | — | 8.0 | — | It was found that in icedtea-web up to and including 1.7.2 and 1.8.2 executable code could be injected in a JAR file without compromising the signature verification. An attacker could use this flaw t… | |
| CVE-2019-9893 | high | — | 8.0 | — | libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators (LT, GT, LE, GE), which might able to lead to bypassing seccomp filters and poten… | |
| CVE-2019-5798 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-13695 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-5860 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-13716 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-5795 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-13717 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-11477 | high | — | 8.0 | — | Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker c… | |
| CVE-2019-13708 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-11479 | high | — | 8.0 | — | Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. … | |
| CVE-2019-13699 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-5852 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-6474 | high | — | 8.0 | — | A missing check on incoming client requests can be exploited to cause a situation where the Kea server's lease storage contains leases which are rejected as invalid when the server tries to load leas… | |
| CVE-2019-5854 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-5785 | high | — | 8.0 | — | Incorrect convexity calculations in Skia in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. | |
| CVE-2019-10063 | high | — | 8.0 | — | Flatpak before 1.0.8, 1.1.x and 1.2.x before 1.2.4, and 1.3.x before 1.3.1 allows a sandbox bypass. Flatpak versions since 0.8.1 address CVE-2017-5226 by using a seccomp filter to prevent sandboxed a… | |
| CVE-2019-6465 | high | — | 8.0 | — | Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.… | |
| CVE-2019-5859 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-5849 | high | — | 8.0 | — | Out of bounds read in Skia in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | |
| CVE-2019-3871 | high | — | 8.0 | — | A vulnerability was found in PowerDNS Authoritative Server before 4.0.7 and before 4.1.7. An insufficient validation of data coming from the user when building a HTTP request from a DNS query in the … | |
| CVE-2019-8377 | high | — | 8.0 | — | An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_ipv6_l4proto() located at get.c. This can be triggered by sending a crafted pcap file to the tcprep… | |
| CVE-2019-13709 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-11741 | high | — | 8.0 | — | A compromised sandboxed content process can perform a Universal Cross-site Scripting (UXSS) attack on content from any site it can cause to be loaded in the same process. Because addons.mozilla.org a… | |
| CVE-2019-6956 | high | — | 8.0 | — | An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. It is a buffer over-read in ps_mix_phase in libfaad/ps_dec.c. | |
| CVE-2019-13705 | high | — | 8.0 | — | multiple issues in chromium | |
| CVE-2019-11744 | high | — | 8.0 | — | Some HTML elements, such as <title> and <textarea>, can contain literal angle brackets without treating them as markup. It is possible to pass a literal closing tag to .innerHTML on these… |