VIR Vulnerability Intelligence Relay

CVEs from 2019

3,419 normalized CVEs published or assigned in this year.

Total
3,419
critical
critical 232
high
high 336
medium
medium 309
low
low 71
% Critical
6.8%
% with KEV
3.5%
% with exploit
3.5%

Top vendors

Top products

  • u-boot 20
  • active_iq_unified_manager 7
  • jdk 5
  • weblogic_server 5
  • oncommand_workflow_automation 5
  • codeready_linux_builder_eus 4
  • oncommand_insight 4
  • libxslt 4

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2019-8331 medium 5.5 7y ago Bootstrap Vulnerable to Cross-Site Scripting rockylinuxdebianrubynuget+3
CVE-2019-6975 medium 5.5 7y ago Django 1.11.x before 1.11.19, 2.0.x before 2.0.11, and 2.1.x before 2.1.6 allows Uncontrolled Memory Consumption via a malicious attacker-supplied value to the django.utils.numberformat.format() func… archsusedebianpython
CVE-2019-3498 medium 5.5 8y ago In Django 1.11.x before 1.11.18, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, an Improper Neutralization of Special Elements in Output Used by a Downstream Component issue exists in django.views.defa… archsusedebianpython
CVE-2019-3881 medium 5.5 8y ago Moderate: ruby:2.6 security, bug fix, and enhancement update suserockylinuxruby
CVE-2019-13118 medium 5.3 5.3 4y ago In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, … susedebianfedoraubuntu+3
CVE-2019-13117 medium 5.3 5.3 7y ago In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte o… susedebianubuntufedora+2
CVE-2019-7317 medium 5.3 5.3 7y ago png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. archsusedebianubuntu+4
CVE-2019-16230 medium 4.7 4.7 7y ago drivers/gpu/drm/radeon/radeon_display.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. NOTE: A third-party software maintainer stat… susedebianlinux
CVE-2019-15213 medium 4.6 4.6 7y ago An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver. susedebianlinux
CVE-2019-8506 low 4.0 4y ago Low: GNOME security, bug fix, and enhancement update rockylinuxdebian
CVE-2019-16167 low 2.5 sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remap_struct() in sa_common.c. suserockylinuxdebian
CVE-2019-7653 low 2.5 The Debian python-rdflib-tools 4.2.2-1 package for RDFLib 4.2.2 has CLI tools that can load Python modules from the current working directory, allowing code injection, because "python -m" looks in th… archdebian
CVE-2019-7310 low 2.5 In Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::getEntry function in XRef.cc) allows remote attackers to cause a denial of service (application crash… archsusedebian
CVE-2019-5882 low 2.5 Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer. archdebian
CVE-2019-1543 low 2.5 ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value (IV) should be 96 bits (12 bytes). OpenSSL allows a vari… archsusedebian
CVE-2019-20838 low 2.5 5y ago Low: pcre security update suserockylinuxdebian
CVE-2019-17402 low 2.5 5y ago Low: exiv2 security, bug fix, and enhancement update susedebianrockylinux
CVE-2019-2708 low 2.5 5y ago Low: libdb security update suserockylinux
CVE-2019-14494 low 2.5 6y ago Low: poppler security update susedebian
CVE-2019-15165 low 2.5 6y ago Low: libpcap security, bug fix, and enhancement update susedebian
CVE-2019-1010305 low 2.5 6y ago Low: libmspack security and bug fix update susedebianrockylinux
CVE-2019-13045 low 2.5 6y ago Low: irssi security update archdebianrockylinux
CVE-2019-11498 low 2.5 6y ago Low: wavpack security update suserockylinuxdebian
CVE-2019-1010317 low 2.5 6y ago Low: wavpack security update rockylinuxdebian
CVE-2019-1010319 low 2.5 6y ago Low: wavpack security update suserockylinuxdebian
CVE-2019-1010315 low 2.5 6y ago Low: wavpack security update suserockylinuxdebian
CVE-2019-19118 low 2.5 7y ago Django 2.1 before 2.1.15 and 2.2 before 2.2.8 allows unintended model editing. A Django model admin displaying inline related models, where the user has view-only permissions to a parent model but ed… archdebianpython
CVE-2019-8610 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update rockylinuxdebianalmalinux
CVE-2019-6251 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update archrockylinuxdebian
CVE-2019-8666 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update suserockylinuxdebianalmalinux
CVE-2019-8735 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update suserockylinuxdebianalmalinux
CVE-2019-8608 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update rockylinuxdebianalmalinux
CVE-2019-8676 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update suserockylinuxdebianalmalinux
CVE-2019-8623 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update rockylinuxdebianalmalinux
CVE-2019-8686 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update suserockylinuxdebianalmalinux
CVE-2019-8611 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update rockylinuxdebianalmalinux
CVE-2019-8571 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update rockylinuxdebian
CVE-2019-8677 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update suserockylinuxdebianalmalinux
CVE-2019-8609 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update rockylinuxdebianalmalinux
CVE-2019-8551 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update suserockylinuxdebian
CVE-2019-8536 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update suserockylinuxdebian
CVE-2019-8584 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update rockylinuxdebianalmalinux
CVE-2019-3820 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update archsusedebianrockylinux
CVE-2019-8544 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update suserockylinuxdebian
CVE-2019-8595 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update rockylinuxdebianalmalinux
CVE-2019-8587 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update rockylinuxdebianalmalinux
CVE-2019-8594 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update rockylinuxdebianalmalinux
CVE-2019-8559 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update suserockylinuxdebian
CVE-2019-8523 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update suserockylinuxdebian
CVE-2019-6237 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update rockylinuxdebian
CVE-2019-8726 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update suserockylinuxdebianalmalinux
CVE-2019-8518 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update suserockylinuxdebian
CVE-2019-8672 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update suserockylinuxdebianalmalinux
CVE-2019-8583 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update rockylinuxdebianalmalinux
CVE-2019-8558 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update rockylinuxdebian
CVE-2019-8586 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update rockylinuxdebianalmalinux
CVE-2019-8690 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update suserockylinuxdebianalmalinux
CVE-2019-8768 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update suserockylinuxdebianalmalinux
CVE-2019-8596 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update rockylinuxdebianalmalinux
CVE-2019-8597 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update rockylinuxdebianalmalinux
CVE-2019-8601 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update rockylinuxdebianalmalinux
CVE-2019-8563 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update suserockylinuxdebian
CVE-2019-8535 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update suserockylinuxdebian
CVE-2019-8524 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update rockylinuxdebian
CVE-2019-8689 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update rockylinuxdebianalmalinux
CVE-2019-8687 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update rockylinuxdebianalmalinux
CVE-2019-11070 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update suserockylinuxdebian
CVE-2019-8679 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update suserockylinuxdebianalmalinux
CVE-2019-11459 low 2.5 7y ago The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to u… debiansuserockylinux
CVE-2019-8622 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update rockylinuxdebianalmalinux
CVE-2019-8619 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update rockylinuxdebianalmalinux
CVE-2019-8681 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update suserockylinuxdebianalmalinux
CVE-2019-8615 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update rockylinuxdebianalmalinux
CVE-2019-8671 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update suserockylinuxdebianalmalinux
CVE-2019-8607 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update suserockylinuxdebianalmalinux
CVE-2019-12795 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update archsusedebianrockylinux
CVE-2019-8673 low 2.5 7y ago Low: GNOME security, bug fix, and enhancement update suserockylinuxdebianalmalinux
CVE-2019-12155 low 2.5 7y ago Low: virt:rhel security, bug fix, and enhancement update suserockylinuxdebian
CVE-2019-9824 low 2.5 7y ago Low: virt:rhel security, bug fix, and enhancement update suserockylinuxdebian
CVE-2019-9755 low 2.5 7y ago Low: virt:rhel security, bug fix, and enhancement update suserockylinuxdebian