VIR Vulnerability Intelligence Relay

CVEs from 2019

3,413 normalized CVEs published or assigned in this year.

Total
3,413
critical
critical 232
high
high 332
medium
medium 301
low
low 72
% Critical
6.8%
% with KEV
3.5%
% with exploit
3.5%

Top vendors

Top products

  • u-boot 20
  • nsauditor 1
  • crypto 1

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2019-5436 high 8.0 A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1. archsusedebian
CVE-2019-11738 high 8.0 If a Content Security Policy (CSP) directive is defined that uses a hash-based source that takes the empty string as input, execution of any javascript: URIs will be allowed. This could allow for mal… archsusedebian
CVE-2019-9812 high 8.0 Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a maliciou… archsusedebian
CVE-2019-1000019 high 8.0 libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onwards (release v3.0.2 onwards) contains a CWE-125: Out-of-bounds Read vulnerability in 7zip decompression, archive_read_support_fo… archsusedebian
CVE-2019-11705 high 8.0 A flaw in Thunderbird's implementation of iCal causes a stack buffer overflow in icalrecur_add_bydayrules when processing certain email messages, resulting in a potentially exploitable crash. This vu… archsusedebian
CVE-2019-19450 high 8.0 3y ago Important: python-reportlab security update susedebianpython
CVE-2019-18466 high 8.0 4y ago Important: container-tools:rhel8 security and bug fix update susedebianrockylinuxgolang
CVE-2019-9512 high 8.0 4y ago Important: container-tools:rhel8 security and bug fix update archsusedebianrockylinux+1
CVE-2019-9514 high 8.0 4y ago Important: nodejs:10 security update archsusedebianrockylinux+1
CVE-2019-10352 high 8.0 4y ago Improper Limitation of a Pathname to a Restricted Directory in Jenkins archjava
CVE-2019-10354 high 8.0 4y ago Missing Authorization in Jenkins archjava
CVE-2019-10353 high 8.0 4y ago Cross-Site Request Forgery in Jenkins archjava
CVE-2019-16276 high 8.0 4y ago Request smuggling due to accepting invalid headers in net/http via net/textproto archsusegolang
CVE-2019-2435 high 8.0 4y ago Improper Access Control in MySQL Connector Python archsusedebianpython
CVE-2019-5885 high 8.0 4y ago Matrix Synapse before 0.34.0.1, when the macaroon_secret_key authentication parameter is not set, uses a predictable value to derive a secret key and other secrets which could allow remote attackers … archdebianpython
CVE-2019-16884 high 8.0 4y ago Important: container-tools:rhel8 security and bug fix update susedebianrockylinuxgolang
CVE-2019-10214 high 8.0 4y ago Important: container-tools:rhel8 security, bug fix, and enhancement update susedebianrockylinuxgolang
CVE-2019-18811 high 8.0 5y ago A memory leak in the sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering s… susedebian
CVE-2019-19528 high 8.0 5y ago In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d. susedebian
CVE-2019-19523 high 8.0 5y ago In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79. susedebian
CVE-2019-2974 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2938 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-15890 high 8.0 6y ago Important: container-tools:rhel8 security, bug fix, and enhancement update suserockylinuxdebian
CVE-2019-2914 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2968 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2997 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2966 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2993 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2998 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2963 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-3009 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2967 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-3018 high 8.0 6y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2960 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2911 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2982 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2957 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-3011 high 8.0 6y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2991 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-3004 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2946 high 8.0 6y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-20382 high 8.0 6y ago Important: virt:rhel security update suserockylinuxdebian
CVE-2019-10086 high 8.0 6y ago Insecure Deserialization in Apache Commons Beanutils debiansusejava
CVE-2019-0199 high 8.0 6y ago Apache Tomcat Denial of Service vulnerability susedebianjava
CVE-2019-12525 high 8.0 6y ago Important: squid:4 security update suserockylinuxdebian
CVE-2019-12519 high 8.0 6y ago Important: squid:4 security update archsuserockylinuxdebian
CVE-2019-20044 high 8.0 6y ago Important: zsh security update suserockylinuxdebian
CVE-2019-15604 high 8.0 6y ago Important: nodejs:10 security update rockylinuxdebian
CVE-2019-15606 high 8.0 6y ago Important: nodejs:12 security update suserockylinuxdebian
CVE-2019-15605 high 8.0 6y ago Important: nodejs:12 security update susedebianrockylinux
CVE-2019-19844 high 8.0 6y ago Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of… archsusedebianpython
CVE-2019-16777 high 8.0 7y ago Important: nodejs:10 security update archsuserockylinuxdebian+1
CVE-2019-16776 high 8.0 7y ago Important: nodejs:10 security update archsuserockylinuxdebian+1
CVE-2019-16775 high 8.0 7y ago Important: nodejs:10 security update archsuserockylinuxdebian+1
CVE-2019-9946 high 8.0 7y ago Important: container-tools:rhel8 security, bug fix, and enhancement update susedebianrockylinux
CVE-2019-14378 high 8.0 7y ago Important: container-tools:1.0 security and bug fix update suserockylinuxdebian
CVE-2019-2510 high 8.0 7y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-9518 high 8.0 7y ago Important: nodejs:10 security update suserockylinuxdebian
CVE-2019-9515 high 8.0 7y ago Important: nodejs:10 security update susedebianrockylinux
CVE-2019-5737 high 8.0 7y ago Important: nodejs:10 security update suserockylinuxdebian
CVE-2019-9517 high 8.0 7y ago Important: nodejs:10 security update debiansuserockylinux
CVE-2019-9511 high 8.0 7y ago Important: nodejs:10 security update archsuserockylinuxdebian
CVE-2019-9513 high 8.0 7y ago Important: nodejs:10 security update archsuserockylinuxdebian
CVE-2019-9516 high 8.0 7y ago Important: nodejs:10 security update archsuserockylinuxdebian
CVE-2019-12527 high 8.0 7y ago Important: squid:4 security update archsuserockylinuxdebian
CVE-2019-0203 high 8.0 7y ago Important: subversion:1.10 security update archsuserockylinuxdebian
CVE-2019-2830 high 8.0 7y ago Important: mysql:8.0 security update rockylinuxalmalinux
CVE-2019-2631 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2486 high 8.0 7y ago Important: mysql:8.0 security update rockylinux
CVE-2019-2689 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2694 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2969 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2502 high 8.0 7y ago Important: mysql:8.0 security update rockylinux
CVE-2019-2606 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-3003 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2691 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2634 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2585 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2580 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2624 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2455 high 8.0 7y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2607 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2617 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2812 high 8.0 7y ago Important: mysql:8.0 security update rockylinuxalmalinux
CVE-2019-2593 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2529 high 8.0 7y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2685 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2681 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2494 high 8.0 7y ago Important: mysql:8.0 security update rockylinux
CVE-2019-2589 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2695 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2581 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2802 high 8.0 7y ago Important: mysql:8.0 security update rockylinuxalmalinux
CVE-2019-2948 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux
CVE-2019-2532 high 8.0 7y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2528 high 8.0 7y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2801 high 8.0 7y ago Important: mysql:8.0 security update rockylinuxalmalinux
CVE-2019-2530 high 8.0 7y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2503 high 8.0 7y ago Important: mysql:8.0 security update suserockylinux
CVE-2019-2592 high 8.0 7y ago Important: mysql:8.0 security update suserockylinuxalmalinux