CVEs from 2019
Total
3,413
critical
critical 232
high
high 332
medium
medium 301
low
low 72
% Critical
6.8%
% with KEV
3.5%
% with exploit
3.5%
Top products
- u-boot 20
- nsauditor 1
- crypto 1
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2019-2126 | medium | — | 5.5 | 6y ago | Moderate: libvpx security update | |
| CVE-2019-9433 | medium | — | 5.5 | 6y ago | Moderate: libvpx security update | |
| CVE-2019-9232 | medium | — | 5.5 | 6y ago | Moderate: libvpx security update | |
| CVE-2019-20454 | medium | — | 5.5 | 6y ago | Moderate: php:7.3 security, bug fix, and enhancement update | |
| CVE-2019-19906 | medium | — | 5.5 | 6y ago | Moderate: cyrus-sasl security, bug fix, and enhancement update | |
| CVE-2019-13050 | medium | — | 5.5 | 6y ago | Moderate: gnupg2 security, bug fix, and enhancement update | |
| CVE-2019-8782 | medium | — | 5.5 | 6y ago | Moderate: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8835 | medium | — | 5.5 | 6y ago | Moderate: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8771 | medium | — | 5.5 | 6y ago | Moderate: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8844 | medium | — | 5.5 | 6y ago | Moderate: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8743 | medium | — | 5.5 | 6y ago | Moderate: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8816 | medium | — | 5.5 | 6y ago | Moderate: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8820 | medium | — | 5.5 | 6y ago | Moderate: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8814 | medium | — | 5.5 | 6y ago | Moderate: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8625 | medium | — | 5.5 | 6y ago | Moderate: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8710 | medium | — | 5.5 | 6y ago | Moderate: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8812 | medium | — | 5.5 | 6y ago | Moderate: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8815 | medium | — | 5.5 | 6y ago | Moderate: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8783 | medium | — | 5.5 | 6y ago | Moderate: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8819 | medium | — | 5.5 | 6y ago | Moderate: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8764 | medium | — | 5.5 | 6y ago | Moderate: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8808 | medium | — | 5.5 | 6y ago | Moderate: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8769 | medium | — | 5.5 | 6y ago | Moderate: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8823 | medium | — | 5.5 | 6y ago | Moderate: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8846 | medium | — | 5.5 | 6y ago | Moderate: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8766 | medium | — | 5.5 | 6y ago | Moderate: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8813 | medium | — | 5.5 | 6y ago | Moderate: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8811 | medium | — | 5.5 | 6y ago | Moderate: GNOME security, bug fix, and enhancement update | |
| CVE-2019-18609 | medium | — | 5.5 | 6y ago | Moderate: librabbitmq security update | |
| CVE-2019-19221 | medium | — | 5.5 | 6y ago | Moderate: libarchive security update | |
| CVE-2019-19056 | medium | — | 5.5 | 6y ago | A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory c… | |
| CVE-2019-19046 | medium | — | 5.5 | 6y ago | A memory leak in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by tri… | |
| CVE-2019-19062 | medium | — | 5.5 | 6y ago | A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_r… | |
| CVE-2019-15925 | medium | — | 5.5 | 6y ago | An issue was discovered in the Linux kernel before 5.2.3. An out of bounds access exists in the function hclge_tm_schd_mode_vnet_base_cfg in the file drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_… | |
| CVE-2019-20636 | medium | — | 5.5 | 6y ago | In the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bounds writes via a crafted keycode table, as demonstrated by input_set_keycode, aka CID-cb222aed03d7. | |
| CVE-2019-19063 | medium | — | 5.5 | 6y ago | Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), ak… | |
| CVE-2019-19072 | medium | — | 5.5 | 6y ago | A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-96… | |
| CVE-2019-19068 | medium | — | 5.5 | 6y ago | A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memo… | |
| CVE-2019-16231 | medium | — | 5.5 | 6y ago | drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | |
| CVE-2019-15917 | medium | — | 5.5 | 6y ago | An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c. | |
| CVE-2019-16233 | medium | — | 5.5 | 6y ago | drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | |
| CVE-2019-19524 | medium | — | 5.5 | 6y ago | In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9. | |
| CVE-2019-9455 | medium | — | 5.5 | 6y ago | In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON statement. This could lead to local information disclosure with System execution privileges needed. User inte… | |
| CVE-2019-9458 | medium | — | 5.5 | 6y ago | In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User inte… | |
| CVE-2019-19447 | medium | — | 5.5 | 6y ago | In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orp… | |
| CVE-2019-19332 | medium | — | 5.5 | 6y ago | An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get … | |
| CVE-2019-19319 | medium | — | 5.5 | 6y ago | In the Linux kernel before 5.2, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/x… | |
| CVE-2019-20054 | medium | — | 5.5 | 6y ago | In the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka CID-23da9588037e. | |
| CVE-2019-12614 | medium | — | 5.5 | 6y ago | An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup of prop->name, which might allow an attac… | |
| CVE-2019-18809 | medium | — | 5.5 | 6y ago | A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka C… | |
| CVE-2019-19533 | medium | — | 5.5 | 6y ago | In the Linux kernel before 5.3.4, there is an info-leak bug that can be caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c driver, aka CID-a10feaf8c464. | |
| CVE-2019-19602 | medium | — | 5.5 | 6y ago | fpregs_state_valid in arch/x86/include/asm/fpu/internal.h in the Linux kernel before 5.4.2, when GCC 9 is used, allows context-dependent attackers to cause a denial of service (memory corruption) or … | |
| CVE-2019-19770 | medium | — | 5.5 | 6y ago | In the Linux kernel 4.19.83, there is a use-after-free (read) in the debugfs_remove function in fs/debugfs/inode.c (which is used to remove a file or directory in debugfs that was previously created … | |
| CVE-2019-19537 | medium | — | 5.5 | 6y ago | In the Linux kernel before 5.2.10, there is a race condition bug that can be caused by a malicious USB device in the USB character device driver layer, aka CID-303911cfc5b9. This affects drivers/usb/… | |
| CVE-2019-18808 | medium | — | 5.5 | 6y ago | A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429… | |
| CVE-2019-19543 | medium | — | 5.5 | 6y ago | In the Linux kernel before 5.1.6, there is a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c. | |
| CVE-2019-19767 | medium | — | 5.5 | 6y ago | The Linux kernel before 5.4.2 mishandles ext4_expand_extra_isize, as demonstrated by use-after-free errors in __ext4_expand_extra_isize and ext4_xattr_set_entry, related to fs/ext4/inode.c and fs/ext… | |
| CVE-2019-11042 | medium | — | 5.5 | 6y ago | Moderate: php:7.2 security, bug fix, and enhancement update | |
| CVE-2019-11050 | medium | — | 5.5 | 6y ago | Moderate: php:7.3 security, bug fix, and enhancement update | |
| CVE-2019-11048 | medium | — | 5.5 | 6y ago | Moderate: php:7.3 security, bug fix, and enhancement update | |
| CVE-2019-19246 | medium | — | 5.5 | 6y ago | Moderate: php:7.3 security, bug fix, and enhancement update | |
| CVE-2019-11039 | medium | — | 5.5 | 6y ago | Moderate: php:7.2 security, bug fix, and enhancement update | |
| CVE-2019-11041 | medium | — | 5.5 | 6y ago | Moderate: php:7.2 security, bug fix, and enhancement update | |
| CVE-2019-11040 | medium | — | 5.5 | 6y ago | Moderate: php:7.2 security, bug fix, and enhancement update | |
| CVE-2019-11047 | medium | — | 5.5 | 6y ago | Moderate: php:7.3 security, bug fix, and enhancement update | |
| CVE-2019-11045 | medium | — | 5.5 | 6y ago | Moderate: php:7.3 security, bug fix, and enhancement update | |
| CVE-2019-20479 | medium | — | 5.5 | 6y ago | Moderate: mod_auth_openidc:2.3 security and bug fix update | |
| CVE-2019-14857 | medium | — | 5.5 | 6y ago | Moderate: mod_auth_openidc:2.3 security and bug fix update | |
| CVE-2019-14822 | medium | — | 5.5 | 6y ago | Moderate: ibus and glib2 security and bug fix update | |
| CVE-2019-13636 | medium | — | 5.5 | 6y ago | Moderate: patch security and bug fix update | |
| CVE-2019-3825 | medium | — | 5.5 | 6y ago | Moderate: GNOME security, bug fix, and enhancement update | |
| CVE-2019-12448 | medium | — | 5.5 | 6y ago | Moderate: GNOME security, bug fix, and enhancement update | |
| CVE-2019-12449 | medium | — | 5.5 | 6y ago | Moderate: GNOME security, bug fix, and enhancement update | |
| CVE-2019-12447 | medium | — | 5.5 | 6y ago | Moderate: GNOME security, bug fix, and enhancement update | |
| CVE-2019-9023 | medium | — | 5.5 | 6y ago | Moderate: php:7.2 security, bug fix, and enhancement update | |
| CVE-2019-9024 | medium | — | 5.5 | 6y ago | Moderate: php:7.2 security, bug fix, and enhancement update | |
| CVE-2019-9637 | medium | — | 5.5 | 6y ago | Moderate: php:7.2 security, bug fix, and enhancement update | |
| CVE-2019-11035 | medium | — | 5.5 | 6y ago | Moderate: php:7.2 security, bug fix, and enhancement update | |
| CVE-2019-9021 | medium | — | 5.5 | 6y ago | Moderate: php:7.2 security, bug fix, and enhancement update | |
| CVE-2019-11036 | medium | — | 5.5 | 6y ago | Moderate: php:7.2 security, bug fix, and enhancement update | |
| CVE-2019-9640 | medium | — | 5.5 | 6y ago | Moderate: php:7.2 security, bug fix, and enhancement update | |
| CVE-2019-9022 | medium | — | 5.5 | 6y ago | Moderate: php:7.2 security, bug fix, and enhancement update | |
| CVE-2019-11034 | medium | — | 5.5 | 6y ago | Moderate: php:7.2 security, bug fix, and enhancement update | |
| CVE-2019-9638 | medium | — | 5.5 | 6y ago | Moderate: php:7.2 security, bug fix, and enhancement update | |
| CVE-2019-9639 | medium | — | 5.5 | 6y ago | Moderate: php:7.2 security, bug fix, and enhancement update | |
| CVE-2019-9020 | medium | — | 5.5 | 6y ago | Moderate: php:7.2 security, bug fix, and enhancement update | |
| CVE-2019-16935 | medium | — | 5.5 | 6y ago | Moderate: python27:2.7 security, bug fix, and enhancement update | |
| CVE-2019-16056 | medium | — | 5.5 | 6y ago | Moderate: python27:2.7 security, bug fix, and enhancement update | |
| CVE-2019-13109 | medium | — | 5.5 | 6y ago | Moderate: exiv2 security, bug fix, and enhancement update | |
| CVE-2019-13111 | medium | — | 5.5 | 6y ago | Moderate: exiv2 security, bug fix, and enhancement update | |
| CVE-2019-13112 | medium | — | 5.5 | 6y ago | Moderate: exiv2 security, bug fix, and enhancement update | |
| CVE-2019-13113 | medium | — | 5.5 | 6y ago | Moderate: exiv2 security, bug fix, and enhancement update | |
| CVE-2019-20421 | medium | — | 5.5 | 6y ago | Moderate: exiv2 security, bug fix, and enhancement update | |
| CVE-2019-9143 | medium | — | 5.5 | 6y ago | Moderate: exiv2 security, bug fix, and enhancement update | |
| CVE-2019-18874 | medium | — | 5.5 | 6y ago | Moderate: python-psutil security update | |
| CVE-2019-20330 | medium | — | 5.5 | 6y ago | Deserialization of Untrusted Data in jackson-databind | |
| CVE-2019-11135 | medium | — | 5.5 | 6y ago | TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. | |
| CVE-2019-17531 | medium | — | 5.5 | 7y ago | jackson-databind polymorphic typing issue | |
| CVE-2019-16943 | medium | — | 5.5 | 7y ago | jackson-databind polymorphic typing issue | |
| CVE-2019-6706 | medium | — | 5.5 | 7y ago | Moderate: lua security and bug fix update |