CVEs from 2019
Total
3,311
critical
critical 232
high
high 336
medium
medium 309
low
low 71
% Critical
7.0%
% with KEV
3.6%
% with exploit
4.3%
Top products
- u-boot 20
- active_iq_unified_manager 7
- jdk 5
- weblogic_server 5
- oncommand_workflow_automation 5
- codeready_linux_builder_eus 4
- oncommand_insight 4
- libxslt 4
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-8381 | high | — | 8.0 | — | An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs in do_checksum in checksum.c. It can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an… | |||
| CVE-2019-6465 | high | — | 8.0 | — | Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.… | |||
| CVE-2019-10181 | high | — | 8.0 | — | It was found that in icedtea-web up to and including 1.7.2 and 1.8.2 executable code could be injected in a JAR file without compromising the signature verification. An attacker could use this flaw t… | |||
| CVE-2019-1350 | high | — | 8.0 | — | A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-201… | |||
| CVE-2019-13711 | high | — | 8.0 | — | multiple issues in chromium | |||
| CVE-2019-11738 | high | — | 8.0 | — | If a Content Security Policy (CSP) directive is defined that uses a hash-based source that takes the empty string as input, execution of any javascript: URIs will be allowed. This could allow for mal… | |||
| CVE-2019-5436 | high | — | 8.0 | — | A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1. | |||
| CVE-2019-19450 | high | — | 8.0 | 3y ago | Important: python-reportlab security update | |||
| CVE-2019-18466 | high | — | 8.0 | 4y ago | Important: container-tools:rhel8 security and bug fix update | |||
| CVE-2019-9514 | high | — | 8.0 | 4y ago | Important: nodejs:10 security update | |||
| CVE-2019-9512 | high | — | 8.0 | 4y ago | Important: container-tools:rhel8 security and bug fix update | |||
| CVE-2019-10353 | high | — | 8.0 | 4y ago | Cross-Site Request Forgery in Jenkins | |||
| CVE-2019-10354 | high | — | 8.0 | 4y ago | Missing Authorization in Jenkins | |||
| CVE-2019-10352 | high | — | 8.0 | 4y ago | Improper Limitation of a Pathname to a Restricted Directory in Jenkins | |||
| CVE-2019-16276 | high | — | 8.0 | 4y ago | Request smuggling due to accepting invalid headers in net/http via net/textproto | |||
| CVE-2019-2435 | high | — | 8.0 | 4y ago | Improper Access Control in MySQL Connector Python | |||
| CVE-2019-5885 | high | — | 8.0 | 4y ago | Matrix Synapse before 0.34.0.1, when the macaroon_secret_key authentication parameter is not set, uses a predictable value to derive a secret key and other secrets which could allow remote attackers … | |||
| CVE-2019-16884 | high | — | 8.0 | 4y ago | Important: container-tools:rhel8 security and bug fix update | |||
| CVE-2019-10214 | high | — | 8.0 | 4y ago | Important: container-tools:rhel8 security, bug fix, and enhancement update | |||
| CVE-2019-18811 | high | — | 8.0 | 5y ago | A memory leak in the sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering s… | |||
| CVE-2019-19528 | high | — | 8.0 | 5y ago | In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d. | |||
| CVE-2019-19523 | high | — | 8.0 | 5y ago | In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79. | |||
| CVE-2019-2974 | high | — | 8.0 | 6y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2938 | high | — | 8.0 | 6y ago | Important: mysql:8.0 security update | |||
| CVE-2019-15890 | high | — | 8.0 | 6y ago | Important: container-tools:rhel8 security, bug fix, and enhancement update | |||
| CVE-2019-3009 | high | — | 8.0 | 6y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2968 | high | — | 8.0 | 6y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2991 | high | — | 8.0 | 6y ago | Important: mysql:8.0 security update | |||
| CVE-2019-3018 | high | — | 8.0 | 6y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2957 | high | — | 8.0 | 6y ago | Important: mysql:8.0 security update | |||
| CVE-2019-3011 | high | — | 8.0 | 6y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2967 | high | — | 8.0 | 6y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2982 | high | — | 8.0 | 6y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2911 | high | — | 8.0 | 6y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2998 | high | — | 8.0 | 6y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2966 | high | — | 8.0 | 6y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2946 | high | — | 8.0 | 6y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2993 | high | — | 8.0 | 6y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2914 | high | — | 8.0 | 6y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2963 | high | — | 8.0 | 6y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2997 | high | — | 8.0 | 6y ago | Important: mysql:8.0 security update | |||
| CVE-2019-3004 | high | — | 8.0 | 6y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2960 | high | — | 8.0 | 6y ago | Important: mysql:8.0 security update | |||
| CVE-2019-20382 | high | — | 8.0 | 6y ago | Important: virt:rhel security update | |||
| CVE-2019-10086 | high | — | 8.0 | 6y ago | Insecure Deserialization in Apache Commons Beanutils | |||
| CVE-2019-0199 | high | — | 8.0 | 6y ago | Apache Tomcat Denial of Service vulnerability | |||
| CVE-2019-12519 | high | — | 8.0 | 6y ago | Important: squid:4 security update | |||
| CVE-2019-12525 | high | — | 8.0 | 6y ago | Important: squid:4 security update | |||
| CVE-2019-20044 | high | — | 8.0 | 6y ago | Important: zsh security update | |||
| CVE-2019-15604 | high | — | 8.0 | 6y ago | Important: nodejs:10 security update | |||
| CVE-2019-15606 | high | — | 8.0 | 6y ago | Important: nodejs:12 security update | |||
| CVE-2019-15605 | high | — | 8.0 | 6y ago | Important: nodejs:12 security update | |||
| CVE-2019-19844 | high | — | 8.0 | 6y ago | Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of… | |||
| CVE-2019-16777 | high | — | 8.0 | 7y ago | Important: nodejs:10 security update | |||
| CVE-2019-16776 | high | — | 8.0 | 7y ago | Important: nodejs:10 security update | |||
| CVE-2019-16775 | high | — | 8.0 | 7y ago | Important: nodejs:10 security update | |||
| CVE-2019-9946 | high | — | 8.0 | 7y ago | Important: container-tools:rhel8 security, bug fix, and enhancement update | |||
| CVE-2019-14378 | high | — | 8.0 | 7y ago | Important: container-tools:1.0 security and bug fix update | |||
| CVE-2019-2510 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-9518 | high | — | 8.0 | 7y ago | Important: nodejs:10 security update | |||
| CVE-2019-5737 | high | — | 8.0 | 7y ago | Important: nodejs:10 security update | |||
| CVE-2019-9517 | high | — | 8.0 | 7y ago | Important: nodejs:10 security update | |||
| CVE-2019-9515 | high | — | 8.0 | 7y ago | Important: nodejs:10 security update | |||
| CVE-2019-9513 | high | — | 8.0 | 7y ago | Important: nodejs:10 security update | |||
| CVE-2019-9516 | high | — | 8.0 | 7y ago | Important: nodejs:10 security update | |||
| CVE-2019-9511 | high | — | 8.0 | 7y ago | Important: nodejs:10 security update | |||
| CVE-2019-12527 | high | — | 8.0 | 7y ago | Important: squid:4 security update | |||
| CVE-2019-0203 | high | — | 8.0 | 7y ago | Important: subversion:1.10 security update | |||
| CVE-2019-2503 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2683 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2533 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2691 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2948 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2455 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-3003 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2606 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2969 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2585 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2587 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2581 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2738 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2532 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2584 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2420 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2778 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2507 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2752 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2596 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2529 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2623 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2644 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2635 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2789 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2634 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2434 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2495 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2685 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2486 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2502 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update | |||
| CVE-2019-2536 | high | — | 8.0 | 7y ago | Important: mysql:8.0 security update |