VIR Vulnerability Intelligence Relay

CVEs from 2019

3,413 normalized CVEs published or assigned in this year.

Total
3,413
critical
critical 232
high
high 332
medium
medium 301
low
low 72
% Critical
6.8%
% with KEV
3.5%
% with exploit
3.5%

Top vendors

Top products

  • u-boot 20
  • nsauditor 1
  • crypto 1

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2019-11748 high 8.0 WebRTC in Firefox will honor persisted permissions given to sites for access to microphone and camera resources even when in a third-party context. In light of recent high profile vulnerabilities in … archsusedebian
CVE-2019-6133 high 8.0 In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to la… archsusedebian
CVE-2019-5489 high 8.0 The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allow… archsusedebian
CVE-2019-11744 high 8.0 Some HTML elements, such as <title> and <textarea>, can contain literal angle brackets without treating them as markup. It is possible to pass a literal closing tag to .innerHTML on these… archsusedebian
CVE-2019-13710 high 8.0 multiple issues in chromium archdebian
CVE-2019-19450 high 8.0 3y ago Important: python-reportlab security update susedebianpython
CVE-2019-18466 high 8.0 4y ago Important: container-tools:rhel8 security and bug fix update susedebianrockylinuxgolang
CVE-2019-9514 high 8.0 4y ago Important: nodejs:10 security update archsusedebianrockylinux+1
CVE-2019-9512 high 8.0 4y ago Important: container-tools:rhel8 security and bug fix update archsusedebianrockylinux+1
CVE-2019-10353 high 8.0 4y ago Cross-Site Request Forgery in Jenkins archjava
CVE-2019-10354 high 8.0 4y ago Missing Authorization in Jenkins archjava
CVE-2019-10352 high 8.0 4y ago Improper Limitation of a Pathname to a Restricted Directory in Jenkins archjava
CVE-2019-16276 high 8.0 4y ago Request smuggling due to accepting invalid headers in net/http via net/textproto archsusegolang
CVE-2019-2435 high 8.0 4y ago Improper Access Control in MySQL Connector Python archsusedebianpython
CVE-2019-5885 high 8.0 4y ago Matrix Synapse before 0.34.0.1, when the macaroon_secret_key authentication parameter is not set, uses a predictable value to derive a secret key and other secrets which could allow remote attackers … archdebianpython
CVE-2019-16884 high 8.0 4y ago Important: container-tools:rhel8 security and bug fix update susedebianrockylinuxgolang
CVE-2019-10214 high 8.0 4y ago Important: container-tools:rhel8 security, bug fix, and enhancement update susedebianrockylinuxgolang
CVE-2019-19528 high 8.0 5y ago In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d. susedebian
CVE-2019-19523 high 8.0 5y ago In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79. susedebian
CVE-2019-18811 high 8.0 5y ago A memory leak in the sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering s… susedebian
CVE-2019-2938 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2974 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-15890 high 8.0 6y ago Important: container-tools:rhel8 security, bug fix, and enhancement update suserockylinuxdebian
CVE-2019-2967 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-3004 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2911 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-3011 high 8.0 6y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-3009 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2968 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2966 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2997 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2963 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2946 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2993 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2960 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2957 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2998 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-3018 high 8.0 6y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2982 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2914 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2991 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-20382 high 8.0 6y ago Important: virt:rhel security update suserockylinuxdebian
CVE-2019-10086 high 8.0 6y ago Insecure Deserialization in Apache Commons Beanutils debiansusejava
CVE-2019-0199 high 8.0 6y ago Apache Tomcat Denial of Service vulnerability susedebianjava
CVE-2019-12519 high 8.0 6y ago Important: squid:4 security update archsuserockylinuxdebian
CVE-2019-12525 high 8.0 6y ago Important: squid:4 security update suserockylinuxdebian
CVE-2019-20044 high 8.0 6y ago Important: zsh security update suserockylinuxdebian
CVE-2019-15604 high 8.0 6y ago Important: nodejs:10 security update rockylinuxdebian
CVE-2019-15605 high 8.0 6y ago Important: nodejs:12 security update susedebianrockylinux
CVE-2019-15606 high 8.0 6y ago Important: nodejs:12 security update suserockylinuxdebian
CVE-2019-19844 high 8.0 6y ago Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of… archsusedebianpython
CVE-2019-16777 high 8.0 7y ago Important: nodejs:10 security update archsuserockylinuxdebian+1
CVE-2019-16776 high 8.0 7y ago Important: nodejs:10 security update archsuserockylinuxdebian+1
CVE-2019-16775 high 8.0 7y ago Important: nodejs:10 security update archsuserockylinuxdebian+1
CVE-2019-14378 high 8.0 7y ago Important: container-tools:1.0 security and bug fix update suserockylinuxdebian
CVE-2019-9946 high 8.0 7y ago Important: container-tools:rhel8 security, bug fix, and enhancement update susedebianrockylinux
CVE-2019-2510 high 8.0 7y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-5737 high 8.0 7y ago Important: nodejs:10 security update suserockylinuxdebian
CVE-2019-9515 high 8.0 7y ago Important: nodejs:10 security update susedebianrockylinux
CVE-2019-9518 high 8.0 7y ago Important: nodejs:10 security update suserockylinuxdebian
CVE-2019-9517 high 8.0 7y ago Important: nodejs:10 security update debiansuserockylinux
CVE-2019-9511 high 8.0 7y ago Important: nodejs:10 security update archsuserockylinuxdebian
CVE-2019-9516 high 8.0 7y ago Important: nodejs:10 security update archsuserockylinuxdebian
CVE-2019-9513 high 8.0 7y ago Important: nodejs:10 security update archsuserockylinuxdebian
CVE-2019-12527 high 8.0 7y ago Important: squid:4 security update archsuserockylinuxdebian
CVE-2019-0203 high 8.0 7y ago Important: subversion:1.10 security update archsuserockylinuxdebian
CVE-2019-2644 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2623 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2686 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2688 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2693 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2625 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2626 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2529 high 8.0 7y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2778 high 8.0 7y ago Important: mysql:8.0 security update rockylinuxalmalinux
CVE-2019-2606 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2819 high 8.0 7y ago Important: mysql:8.0 security update rockylinuxalmalinux
CVE-2019-3003 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2815 high 8.0 7y ago Important: mysql:8.0 security update rockylinuxalmalinux
CVE-2019-2507 high 8.0 7y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2785 high 8.0 7y ago Important: mysql:8.0 security update rockylinuxalmalinux
CVE-2019-2774 high 8.0 7y ago Important: mysql:8.0 security update rockylinuxalmalinux
CVE-2019-2534 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2617 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2535 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2589 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2607 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2502 high 8.0 7y ago Important: mysql:8.0 security update rockylinux
CVE-2019-2948 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2486 high 8.0 7y ago Important: mysql:8.0 security update rockylinux
CVE-2019-2495 high 8.0 7y ago Important: mysql:8.0 security update rockylinux
CVE-2019-2434 high 8.0 7y ago Important: mysql:8.0 security update rockylinux
CVE-2019-2691 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2494 high 8.0 7y ago Important: mysql:8.0 security update rockylinux
CVE-2019-2950 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2834 high 8.0 7y ago Important: mysql:8.0 security update rockylinuxalmalinux
CVE-2019-2694 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2631 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2810 high 8.0 7y ago Important: mysql:8.0 security update rockylinuxalmalinux
CVE-2019-2879 high 8.0 7y ago Important: mysql:8.0 security update rockylinuxalmalinux